system/freebsd-src
system/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src synced 2024-07-21 10:19:04 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge OpenSSL 1.0.2i.

Browse source
This commit is contained in:
Jung-uk Kim 2016-09-22 13:27:44 +00:00
parent d29c555195 e1b483878d
commit aeb5019c48
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=306193
596 changed files with 5806 additions and 2871 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

160
crypto/openssl/CHANGES
View file

@ -2,6 +2,166 @@
OpenSSL CHANGES
_______________
Changes between 1.0.2h and 1.0.2i [22 Sep 2016]
*) OCSP Status Request extension unbounded memory growth
A malicious client can send an excessively large OCSP Status Request
extension. If that client continually requests renegotiation, sending a
large OCSP Status Request extension each time, then there will be unbounded
memory growth on the server. This will eventually lead to a Denial Of
Service attack through memory exhaustion. Servers with a default
configuration are vulnerable even if they do not support OCSP. Builds using
the "no-ocsp" build time option are not affected.
This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
(CVE-2016-6304)
[Matt Caswell]
*) In order to mitigate the SWEET32 attack, the DES ciphers were moved from
HIGH to MEDIUM.
This issue was reported to OpenSSL Karthikeyan Bhargavan and Gaetan
Leurent (INRIA)
(CVE-2016-2183)
[Rich Salz]
*) OOB write in MDC2_Update()
An overflow can occur in MDC2_Update() either if called directly or
through the EVP_DigestUpdate() function using MDC2. If an attacker
is able to supply very large amounts of input data after a previous
call to EVP_EncryptUpdate() with a partial block then a length check
can overflow resulting in a heap corruption.
The amount of data needed is comparable to SIZE_MAX which is impractical
on most platforms.
This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
(CVE-2016-6303)
[Stephen Henson]
*) Malformed SHA512 ticket DoS
If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a
DoS attack where a malformed ticket will result in an OOB read which will
ultimately crash.
The use of SHA512 in TLS session tickets is comparatively rare as it requires
a custom server callback and ticket lookup mechanism.
This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
(CVE-2016-6302)
[Stephen Henson]
*) OOB write in BN_bn2dec()
The function BN_bn2dec() does not check the return value of BN_div_word().
This can cause an OOB write if an application uses this function with an
overly large BIGNUM. This could be a problem if an overly large certificate
or CRL is printed out from an untrusted source. TLS is not affected because
record limits will reject an oversized certificate before it is parsed.
This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
(CVE-2016-2182)
[Stephen Henson]
*) OOB read in TS_OBJ_print_bio()
The function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is
the total length the OID text representation would use and not the amount
of data written. This will result in OOB reads when large OIDs are
presented.
This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
(CVE-2016-2180)
[Stephen Henson]
*) Pointer arithmetic undefined behaviour
Avoid some undefined pointer arithmetic
A common idiom in the codebase is to check limits in the following manner:
"p + len > limit"
Where "p" points to some malloc'd data of SIZE bytes and
limit == p + SIZE
"len" here could be from some externally supplied data (e.g. from a TLS
message).
The rules of C pointer arithmetic are such that "p + len" is only well
defined where len <= SIZE. Therefore the above idiom is actually
undefined behaviour.
For example this could cause problems if some malloc implementation
provides an address for "p" such that "p + len" actually overflows for
values of len that are too big and therefore p + len < limit.
This issue was reported to OpenSSL by Guido Vranken
(CVE-2016-2177)
[Matt Caswell]
*) Constant time flag not preserved in DSA signing
Operations in the DSA signing algorithm should run in constant time in
order to avoid side channel attacks. A flaw in the OpenSSL DSA
implementation means that a non-constant time codepath is followed for
certain operations. This has been demonstrated through a cache-timing
attack to be sufficient for an attacker to recover the private DSA key.
This issue was reported by César Pereida (Aalto University), Billy Brumley
(Tampere University of Technology), and Yuval Yarom (The University of
Adelaide and NICTA).
(CVE-2016-2178)
[César Pereida]
*) DTLS buffered message DoS
In a DTLS connection where handshake messages are delivered out-of-order
those messages that OpenSSL is not yet ready to process will be buffered
for later use. Under certain circumstances, a flaw in the logic means that
those messages do not get removed from the buffer even though the handshake
has been completed. An attacker could force up to approx. 15 messages to
remain in the buffer when they are no longer required. These messages will
be cleared when the DTLS connection is closed. The default maximum size for
a message is 100k. Therefore the attacker could force an additional 1500k
to be consumed per connection. By opening many simulataneous connections an
attacker could cause a DoS attack through memory exhaustion.
This issue was reported to OpenSSL by Quan Luo.
(CVE-2016-2179)
[Matt Caswell]
*) DTLS replay protection DoS
A flaw in the DTLS replay attack protection mechanism means that records
that arrive for future epochs update the replay protection "window" before
the MAC for the record has been validated. This could be exploited by an
attacker by sending a record for the next epoch (which does not have to
decrypt or have a valid MAC), with a very large sequence number. This means
that all subsequent legitimate packets are dropped causing a denial of
service for a specific DTLS connection.
This issue was reported to OpenSSL by the OCAP audit team.
(CVE-2016-2181)
[Matt Caswell]
*) Certificate message OOB reads
In OpenSSL 1.0.2 and earlier some missing message length checks can result
in OOB reads of up to 2 bytes beyond an allocated buffer. There is a
theoretical DoS risk but this has not been observed in practice on common
platforms.
The messages affected are client certificate, client certificate request
and server certificate. As a result the attack can only be performed
against a client or a server which enables client authentication.
This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
(CVE-2016-6306)
[Stephen Henson]
Changes between 1.0.2g and 1.0.2h [3 May 2016]
*) Prevent padding oracle in AES-NI CBC MAC check

93
crypto/openssl/CONTRIBUTING
View file

@ -1,38 +1,75 @@
HOW TO CONTRIBUTE TO OpenSSL
----------------------------
HOW TO CONTRIBUTE TO PATCHES OpenSSL
------------------------------------
Development is coordinated on the openssl-dev mailing list (see
http://www.openssl.org for information on subscribing). If you
would like to submit a patch, send it to rt@openssl.org with
the string "[PATCH]" in the subject. Please be sure to include a
textual explanation of what your patch does.
You can also make GitHub pull requests. If you do this, please also send
mail to rt@openssl.org with a brief description and a link to the PR so
that we can more easily keep track of it.
(Please visit https://www.openssl.org/community/getting-started.html for
other ideas about how to contribute.)
Development is coordinated on the openssl-dev mailing list (see the
above link or https://mta.openssl.org for information on subscribing).
If you are unsure as to whether a feature will be useful for the general
OpenSSL community please discuss it on the openssl-dev mailing list first.
Someone may be already working on the same thing or there may be a good
reason as to why that feature isn't implemented.
OpenSSL community you might want to discuss it on the openssl-dev mailing
list first. Someone may be already working on the same thing or there
may be a good reason as to why that feature isn't implemented.
Patches should be as up to date as possible, preferably relative to the
current Git or the last snapshot. They should follow our coding style
(see https://www.openssl.org/policies/codingstyle.html) and compile without
warnings using the --strict-warnings flag. OpenSSL compiles on many varied
platforms: try to ensure you only use portable features.
The best way to submit a patch is to make a pull request on GitHub.
(It is not necessary to send mail to rt@openssl.org to open a ticket!)
If you think the patch could use feedback from the community, please
start a thread on openssl-dev.
Our preferred format for patch files is "git format-patch" output. For example
to provide a patch file containing the last commit in your local git repository
use the following command:
You can also submit patches by sending it as mail to rt@openssl.org.
Please include the word "PATCH" and an explanation of what the patch
does in the subject line. If you do this, our preferred format is "git
format-patch" output. For example to provide a patch file containing the
last commit in your local git repository use the following command:
# git format-patch --stdout HEAD^ >mydiffs.patch
% git format-patch --stdout HEAD^ >mydiffs.patch
Another method of creating an acceptable patch file without using git is as
follows:
# cd openssl-work
# [your changes]
# ./Configure dist; make clean
# cd ..
# diff -ur openssl-orig openssl-work > mydiffs.patch
% cd openssl-work
...make your changes...
% ./Configure dist; make clean
% cd ..
% diff -ur openssl-orig openssl-work >mydiffs.patch
Note that pull requests are generally easier for the team, and community, to
work with. Pull requests benefit from all of the standard GitHub features,
including code review tools, simpler integration, and CI build support.
No matter how a patch is submitted, the following items will help make
the acceptance and review process faster:
1. Anything other than trivial contributions will require a contributor
licensing agreement, giving us permission to use your code. See
https://www.openssl.org/policies/cla.html for details.
2. All source files should start with the following text (with
appropriate comment characters at the start of each line and the
year(s) updated):
Copyright 20xx-20yy The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
https://www.openssl.org/source/license.html
3. Patches should be as current as possible. When using GitHub, please
expect to have to rebase and update often. Note that we do not accept merge
commits. You will be asked to remove them before a patch is considered
acceptable.
4. Patches should follow our coding style (see
https://www.openssl.org/policies/codingstyle.html) and compile without
warnings. Where gcc or clang is availble you should use the
--strict-warnings Configure option. OpenSSL compiles on many varied
platforms: try to ensure you only use portable features.
5. When at all possible, patches should include tests. These can either be
added to an existing test, or completely new. Please see test/README
for information on the test framework.
6. New features or changed functionality must include documentation. Please
look at the "pod" files in doc/apps, doc/crypto and doc/ssl for examples of
our style.

19
crypto/openssl/Configure
View file

@ -799,7 +799,7 @@ my @experimental = ();
# This is what $depflags will look like with the above defaults
# (we need this to see if we should advise the user to run "make depend"):
my $default_depflags = " -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_LIBUNBOUND -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL_TRACE -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST";
my $default_depflags = " -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_LIBUNBOUND -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL_TRACE -DOPENSSL_NO_SSL2 -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST -DOPENSSL_NO_WEAK_SSL_CIPHERS";
# Explicit "no-..." options will be collected in %disabled along with the defaults.
# To remove something from %disabled, use "enable-foo" (unless it's experimental).
@ -1082,11 +1082,6 @@ if (defined($disabled{"md5"}) || defined($disabled{"sha"})
$disabled{"tls1"} = "forced";
}
if (defined($disabled{"tls1"}))
{
$disabled{"tlsext"} = "forced";
}
if (defined($disabled{"ec"}) || defined($disabled{"dsa"})
|| defined($disabled{"dh"}))
{
@ -1254,6 +1249,7 @@ my $shared_extension = $fields[$idx_shared_extension];
my $ranlib = $ENV{'RANLIB'} || $fields[$idx_ranlib];
my $ar = $ENV{'AR'} || "ar";
my $arflags = $fields[$idx_arflags];
my $windres = $ENV{'RC'} || $ENV{'WINDRES'} || "windres";
my $multilib = $fields[$idx_multilib];
# if $prefix/lib$multilib is not an existing directory, then
@ -1562,8 +1558,15 @@ $cpuid_obj="mem_clr.o" unless ($cpuid_obj =~ /\.o$/);
$des_obj=$des_enc unless ($des_obj =~ /\.o$/);
$bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/);
$cast_obj=$cast_enc unless ($cast_obj =~ /\.o$/);
$rc4_obj=$rc4_enc unless ($rc4_obj =~ /\.o$/);
$rc5_obj=$rc5_enc unless ($rc5_obj =~ /\.o$/);
if ($rc4_obj =~ /\.o$/)
{
$cflags.=" -DRC4_ASM";
}
else
{
$rc4_obj=$rc4_enc;
}
if ($sha1_obj =~ /\.o$/)
{
# $sha1_obj=$sha1_enc;
@ -1717,12 +1720,14 @@ while (<IN>)
s/^AR=\s*/AR= \$\(CROSS_COMPILE\)/;
s/^NM=\s*/NM= \$\(CROSS_COMPILE\)/;
s/^RANLIB=\s*/RANLIB= \$\(CROSS_COMPILE\)/;
s/^RC=\s*/RC= \$\(CROSS_COMPILE\)/;
s/^MAKEDEPPROG=.*$/MAKEDEPPROG= \$\(CROSS_COMPILE\)$cc/ if $cc eq "gcc";
}
else {
s/^CC=.*$/CC= $cc/;
s/^AR=\s*ar/AR= $ar/;
s/^RANLIB=.*/RANLIB= $ranlib/;
s/^RC=.*/RC= $windres/;
s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc";
s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $ecc eq "gcc" || $ecc eq "clang";
}

5
crypto/openssl/Makefile
View file

@ -4,7 +4,7 @@
## Makefile for OpenSSL
##
VERSION=1.0.2h
VERSION=1.0.2i
MAJOR=1
MINOR=0.2
SHLIB_VERSION_NUMBER=1.0.0
@ -68,6 +68,7 @@ EXE_EXT=
ARFLAGS=
AR= ar $(ARFLAGS) r
RANLIB= /usr/bin/ranlib
RC= windres
NM= nm
PERL= /usr/bin/perl
TAR= tar
@ -210,6 +211,7 @@ BUILDENV= LC_ALL=C PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)'\
CC='$(CC)' CFLAG='$(CFLAG)' \
AS='$(CC)' ASFLAG='$(CFLAG) -c' \
AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)' \
RC='$(RC)' \
CROSS_COMPILE='$(CROSS_COMPILE)' \
PERL='$(PERL)' ENGDIRS='$(ENGDIRS)' \
SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)' \
@ -368,6 +370,7 @@ libcrypto.pc: Makefile
echo 'exec_prefix=$${prefix}'; \
echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
echo 'includedir=$${prefix}/include'; \
echo 'enginesdir=$${libdir}/engines'; \
echo ''; \
echo 'Name: OpenSSL-libcrypto'; \
echo 'Description: OpenSSL cryptography library'; \

3
crypto/openssl/Makefile.org
View file

@ -66,6 +66,7 @@ EXE_EXT=
ARFLAGS?= r
AR=ar $(ARFLAGS)
RANLIB= ranlib
RC= windres
NM= nm
PERL= perl
TAR= tar
@ -208,6 +209,7 @@ BUILDENV= LC_ALL=C PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)'\
CC='$(CC)' CFLAG='$(CFLAG)' \
AS='$(CC)' ASFLAG='$(CFLAG) -c' \
AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)' \
RC='$(RC)' \
CROSS_COMPILE='$(CROSS_COMPILE)' \
PERL='$(PERL)' ENGDIRS='$(ENGDIRS)' \
SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)' \
@ -366,6 +368,7 @@ libcrypto.pc: Makefile
echo 'exec_prefix=$${prefix}'; \
echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
echo 'includedir=$${prefix}/include'; \
echo 'enginesdir=$${libdir}/engines'; \
echo ''; \
echo 'Name: OpenSSL-libcrypto'; \
echo 'Description: OpenSSL cryptography library'; \

2
crypto/openssl/Makefile.shared
View file

@ -293,7 +293,7 @@ link_a.cygwin:
fi; \
dll_name=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX; \
$(PERL) util/mkrc.pl $$dll_name | \
$(CROSS_COMPILE)windres -o rc.o; \
$(RC) -o rc.o; \
extras="$$extras rc.o"; \
ALLSYMSFLAGS='-Wl,--whole-archive'; \
NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \

14
crypto/openssl/NEWS
View file

@ -5,6 +5,20 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
Major changes between OpenSSL 1.0.2h and OpenSSL 1.0.2i [22 Sep 2016]
o OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
o SWEET32 Mitigation (CVE-2016-2183)
o OOB write in MDC2_Update() (CVE-2016-6303)
o Malformed SHA512 ticket DoS (CVE-2016-6302)
o OOB write in BN_bn2dec() (CVE-2016-2182)
o OOB read in TS_OBJ_print_bio() (CVE-2016-2180)
o Pointer arithmetic undefined behaviour (CVE-2016-2177)
o Constant time flag not preserved in DSA signing (CVE-2016-2178)
o DTLS buffered message DoS (CVE-2016-2179)
o DTLS replay protection DoS (CVE-2016-2181)
o Certificate message OOB reads (CVE-2016-6306)
Major changes between OpenSSL 1.0.2g and OpenSSL 1.0.2h [3 May 2016]
o Prevent padding oracle in AES-NI CBC MAC check (CVE-2016-2107)

2
crypto/openssl/README
View file

@ -1,5 +1,5 @@
OpenSSL 1.0.2h 3 May 2016
OpenSSL 1.0.2i 22 Sep 2016
Copyright (c) 1998-2015 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson

3
crypto/openssl/apps/CA.pl
View file

@ -64,7 +64,7 @@ $RET = 0;
foreach (@ARGV) {
if ( /^(-\?|-h|-help)$/ ) {
print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-signcert|-verify\n";
exit 0;
} elsif (/^-newcert$/) {
# create a certificate
@ -186,4 +186,3 @@ while (<IN>) {
}
}
}

3
crypto/openssl/apps/CA.pl.in
View file

@ -64,7 +64,7 @@ $RET = 0;
foreach (@ARGV) {
if ( /^(-\?|-h|-help)$/ ) {
print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-signcert|-verify\n";
exit 0;
} elsif (/^-newcert$/) {
# create a certificate
@ -186,4 +186,3 @@ while (<IN>) {
}
}
}

46
crypto/openssl/apps/apps.c
View file

@ -215,7 +215,8 @@ int args_from_file(char *file, int *argc, char **argv[])
if (arg != NULL)
OPENSSL_free(arg);
arg = (char **)OPENSSL_malloc(sizeof(char *) * (i * 2));
if (arg == NULL)
return 0;
*argv = arg;
num = 0;
p = buf;
@ -2374,6 +2375,8 @@ int args_verify(char ***pargs, int *pargc,
flags |= X509_V_FLAG_PARTIAL_CHAIN;
else if (!strcmp(arg, "-no_alt_chains"))
flags |= X509_V_FLAG_NO_ALT_CHAINS;
else if (!strcmp(arg, "-allow_proxy_certs"))
flags |= X509_V_FLAG_ALLOW_PROXY_CERTS;
else
return 0;
@ -3195,6 +3198,36 @@ int app_isdir(const char *name)
#endif
/* raw_read|write section */
#if defined(__VMS)
# include "vms_term_sock.h"
static int stdin_sock = -1;
static void close_stdin_sock(void)
{
TerminalSocket (TERM_SOCK_DELETE, &stdin_sock);
}
int fileno_stdin(void)
{
if (stdin_sock == -1) {
TerminalSocket(TERM_SOCK_CREATE, &stdin_sock);
atexit(close_stdin_sock);
}
return stdin_sock;
}
#else
int fileno_stdin(void)
{
return fileno(stdin);
}
#endif
int fileno_stdout(void)
{
return fileno(stdout);
}
#if defined(_WIN32) && defined(STD_INPUT_HANDLE)
int raw_read_stdin(void *buf, int siz)
{
@ -3204,10 +3237,17 @@ int raw_read_stdin(void *buf, int siz)
else
return (-1);
}
#elif defined(__VMS)
#include <sys/socket.h>
int raw_read_stdin(void *buf, int siz)
{
return recv(fileno_stdin(), buf, siz, 0);
}
#else
int raw_read_stdin(void *buf, int siz)
{
return read(fileno(stdin), buf, siz);
return read(fileno_stdin(), buf, siz);
}
#endif
@ -3223,6 +3263,6 @@ int raw_write_stdout(const void *buf, int siz)
#else
int raw_write_stdout(const void *buf, int siz)
{
return write(fileno(stdout), buf, siz);
return write(fileno_stdout(), buf, siz);
}
#endif

2
crypto/openssl/apps/apps.h
View file

@ -375,6 +375,8 @@ void store_setup_crl_download(X509_STORE *st);
# define SERIAL_RAND_BITS 64
int app_isdir(const char *);
int fileno_stdin(void);
int fileno_stdout(void);
int raw_read_stdin(void *, int);
int raw_write_stdout(const void *, int);

23
crypto/openssl/apps/ca.c
View file

@ -2103,25 +2103,23 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
goto err;
/* We now just add it to the database */
row[DB_type] = (char *)OPENSSL_malloc(2);
tm = X509_get_notAfter(ret);
row[DB_exp_date] = (char *)OPENSSL_malloc(tm->length + 1);
memcpy(row[DB_exp_date], tm->data, tm->length);
row[DB_exp_date][tm->length] = '\0';
row[DB_rev_date] = NULL;
/* row[DB_serial] done already */
row[DB_file] = (char *)OPENSSL_malloc(8);
row[DB_type] = OPENSSL_malloc(2);
row[DB_exp_date] = OPENSSL_malloc(tm->length + 1);
row[DB_rev_date] = OPENSSL_malloc(1);
row[DB_file] = OPENSSL_malloc(8);
row[DB_name] = X509_NAME_oneline(X509_get_subject_name(ret), NULL, 0);
if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) ||
(row[DB_rev_date] == NULL) ||
(row[DB_file] == NULL) || (row[DB_name] == NULL)) {
BIO_printf(bio_err, "Memory allocation failure\n");
goto err;
}
BUF_strlcpy(row[DB_file], "unknown", 8);
memcpy(row[DB_exp_date], tm->data, tm->length);
row[DB_exp_date][tm->length] = '\0';
row[DB_rev_date][0] = '\0';
strcpy(row[DB_file], "unknown");
row[DB_type][0] = 'V';
row[DB_type][1] = '\0';
@ -2307,6 +2305,7 @@ static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey,
j = NETSCAPE_SPKI_verify(spki, pktmp);
if (j <= 0) {
EVP_PKEY_free(pktmp);
BIO_printf(bio_err,
"signature verification failed on SPKAC public key\n");
goto err;

5
crypto/openssl/apps/dgst.c
View file

@ -243,6 +243,11 @@ int MAIN(int argc, char **argv)
argv++;
}
if (keyfile != NULL && argc > 1) {
BIO_printf(bio_err, "Can only sign or verify one file\n");
goto end;
}
if (do_verify && !sigfile) {
BIO_printf(bio_err,
"No signature to verify: use the -signature option\n");

2
crypto/openssl/apps/enc.c
View file

@ -509,7 +509,7 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "invalid hex salt value\n");
goto end;
}
} else if (RAND_pseudo_bytes(salt, sizeof salt) < 0)
} else if (RAND_bytes(salt, sizeof salt) <= 0)
goto end;
/*
* If -P option then don't bother writing

4
crypto/openssl/apps/passwd.c
View file

@ -416,7 +416,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
if (*salt_malloc_p == NULL)
goto err;
}
if (RAND_pseudo_bytes((unsigned char *)*salt_p, 2) < 0)
if (RAND_bytes((unsigned char *)*salt_p, 2) <= 0)
goto err;
(*salt_p)[0] = cov_2char[(*salt_p)[0] & 0x3f]; /* 6 bits */
(*salt_p)[1] = cov_2char[(*salt_p)[1] & 0x3f]; /* 6 bits */
@ -437,7 +437,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
if (*salt_malloc_p == NULL)
goto err;
}
if (RAND_pseudo_bytes((unsigned char *)*salt_p, 8) < 0)
if (RAND_bytes((unsigned char *)*salt_p, 8) <= 0)
goto err;
for (i = 0; i < 8; i++)

83
crypto/openssl/apps/pkcs12.c
View file

@ -832,6 +832,7 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass,
EVP_PKEY *pkey;
PKCS8_PRIV_KEY_INFO *p8;
X509 *x509;
int ret = 0;
switch (M_PKCS12_bag_type(bag)) {
case NID_keyBag:
@ -844,7 +845,7 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass,
if (!(pkey = EVP_PKCS82PKEY(p8)))
return 0;
print_attribs(out, p8->attributes, "Key Attributes");
PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass);
ret = PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass);
EVP_PKEY_free(pkey);
break;
@ -864,7 +865,7 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass,
}
print_attribs(out, p8->attributes, "Key Attributes");
PKCS8_PRIV_KEY_INFO_free(p8);
PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass);
ret = PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass);
EVP_PKEY_free(pkey);
break;
@ -884,7 +885,7 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass,
if (!(x509 = PKCS12_certbag2x509(bag)))
return 0;
dump_cert_text(out, x509);
PEM_write_bio_X509(out, x509);
ret = PEM_write_bio_X509(out, x509);
X509_free(x509);
break;
@ -902,7 +903,7 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass,
return 1;
break;
}
return 1;
return ret;
}
/* Given a single certificate return a verified chain or NULL if error */
@ -931,16 +932,70 @@ static int get_cert_chain(X509 *cert, X509_STORE *store,
int alg_print(BIO *x, X509_ALGOR *alg)
{
PBEPARAM *pbe;
const unsigned char *p;
p = alg->parameter->value.sequence->data;
pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length);
if (!pbe)
return 1;
BIO_printf(bio_err, "%s, Iteration %ld\n",
OBJ_nid2ln(OBJ_obj2nid(alg->algorithm)),
ASN1_INTEGER_get(pbe->iter));
PBEPARAM_free(pbe);
int pbenid, aparamtype;
ASN1_OBJECT *aoid;
void *aparam;
PBEPARAM *pbe = NULL;
X509_ALGOR_get0(&aoid, &aparamtype, &aparam, alg);
pbenid = OBJ_obj2nid(aoid);
BIO_printf(x, "%s", OBJ_nid2ln(pbenid));
/*
* If PBE algorithm is PBES2 decode algorithm parameters
* for additional details.
*/
if (pbenid == NID_pbes2) {
PBE2PARAM *pbe2 = NULL;
int encnid;
if (aparamtype == V_ASN1_SEQUENCE)
pbe2 = ASN1_item_unpack(aparam, ASN1_ITEM_rptr(PBE2PARAM));
if (pbe2 == NULL) {
BIO_puts(x, "<unsupported parameters>");
goto done;
}
X509_ALGOR_get0(&aoid, &aparamtype, &aparam, pbe2->keyfunc);
pbenid = OBJ_obj2nid(aoid);
X509_ALGOR_get0(&aoid, NULL, NULL, pbe2->encryption);
encnid = OBJ_obj2nid(aoid);
BIO_printf(x, ", %s, %s", OBJ_nid2ln(pbenid),
OBJ_nid2sn(encnid));
/* If KDF is PBKDF2 decode parameters */
if (pbenid == NID_id_pbkdf2) {
PBKDF2PARAM *kdf = NULL;
int prfnid;
if (aparamtype == V_ASN1_SEQUENCE)
kdf = ASN1_item_unpack(aparam, ASN1_ITEM_rptr(PBKDF2PARAM));
if (kdf == NULL) {
BIO_puts(x, "<unsupported parameters>");
goto done;
}
if (kdf->prf == NULL) {
prfnid = NID_hmacWithSHA1;
} else {
X509_ALGOR_get0(&aoid, NULL, NULL, kdf->prf);
prfnid = OBJ_obj2nid(aoid);
}
BIO_printf(x, ", Iteration %ld, PRF %s",
ASN1_INTEGER_get(kdf->iter), OBJ_nid2sn(prfnid));
PBKDF2PARAM_free(kdf);
}
PBE2PARAM_free(pbe2);
} else {
if (aparamtype == V_ASN1_SEQUENCE)
pbe = ASN1_item_unpack(aparam, ASN1_ITEM_rptr(PBEPARAM));
if (pbe == NULL) {
BIO_puts(x, "<unsupported parameters>");
goto done;
}
BIO_printf(x, ", Iteration %ld", ASN1_INTEGER_get(pbe->iter));
PBEPARAM_free(pbe);
}
done:
BIO_puts(x, "\n");
return 1;
}

14
crypto/openssl/apps/req.c
View file

@ -332,9 +332,10 @@ int MAIN(int argc, char **argv)
subject = 1;
else if (strcmp(*argv, "-text") == 0)
text = 1;
else if (strcmp(*argv, "-x509") == 0)
else if (strcmp(*argv, "-x509") == 0) {
newreq = 1;
x509 = 1;
else if (strcmp(*argv, "-asn1-kludge") == 0)
} else if (strcmp(*argv, "-asn1-kludge") == 0)
kludge = 1;
else if (strcmp(*argv, "-no-asn1-kludge") == 0)
kludge = 0;
@ -756,7 +757,7 @@ int MAIN(int argc, char **argv)
}
}
if (newreq || x509) {
if (newreq) {
if (pkey == NULL) {
BIO_printf(bio_err, "you need to specify a private key\n");
goto end;
@ -1331,12 +1332,11 @@ static int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *dn_sk,
break;
}
#ifndef CHARSET_EBCDIC
if (*p == '+')
if (*type == '+') {
#else
if (*p == os_toascii['+'])
if (*type == os_toascii['+']) {
#endif
{
p++;
type++;
mval = -1;
} else
mval = 0;

3
crypto/openssl/apps/s_apps.h
View file

@ -199,7 +199,8 @@ int load_excert(SSL_EXCERT **pexc, BIO *err);
void print_ssl_summary(BIO *bio, SSL *s);
#ifdef HEADER_SSL_H
int args_ssl(char ***pargs, int *pargc, SSL_CONF_CTX *cctx,
int *badarg, BIO *err, STACK_OF(OPENSSL_STRING) **pstr);
int *badarg, BIO *err, STACK_OF(OPENSSL_STRING) **pstr,
int *no_prot_opt);
int args_ssl_call(SSL_CTX *ctx, BIO *err, SSL_CONF_CTX *cctx,
STACK_OF(OPENSSL_STRING) *str, int no_ecdhe, int no_jpake);
int ssl_ctx_add_crls(SSL_CTX *ctx, STACK_OF(X509_CRL) *crls,

9
crypto/openssl/apps/s_cb.c
View file

@ -1507,11 +1507,18 @@ void print_ssl_summary(BIO *bio, SSL *s)
}
int args_ssl(char ***pargs, int *pargc, SSL_CONF_CTX *cctx,
int *badarg, BIO *err, STACK_OF(OPENSSL_STRING) **pstr)
int *badarg, BIO *err, STACK_OF(OPENSSL_STRING) **pstr,
int *no_prot_opt)
{
char *arg = **pargs, *argn = (*pargs)[1];
int rv;
if (strcmp(arg, "-no_ssl2") == 0 || strcmp(arg, "-no_ssl3") == 0
|| strcmp(arg, "-no_tls1") == 0 || strcmp(arg, "-no_tls1_1") == 0
|| strcmp(arg, "-no_tls1_2") == 0) {
*no_prot_opt = 1;
}
/* Attempt to run SSL configuration command */
rv = SSL_CONF_cmd_argv(cctx, pargc, pargs);
/* If parameter not recognised just return */

92
crypto/openssl/apps/s_client.c
View file

@ -242,9 +242,9 @@ static unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity,
unsigned char *psk,
unsigned int max_psk_len)
{
unsigned int psk_len = 0;
int ret;
BIGNUM *bn = NULL;
long key_len;
unsigned char *key;
if (c_debug)
BIO_printf(bio_c_out, "psk_client_cb\n");
@ -265,32 +265,29 @@ static unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity,
if (c_debug)
BIO_printf(bio_c_out, "created identity '%s' len=%d\n", identity,
ret);
ret = BN_hex2bn(&bn, psk_key);
if (!ret) {
BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
/* convert the PSK key to binary */
key = string_to_hex(psk_key, &key_len);
if (key == NULL) {
BIO_printf(bio_err, "Could not convert PSK key '%s' to buffer\n",
psk_key);
if (bn)
BN_free(bn);
return 0;
}
if ((unsigned int)BN_num_bytes(bn) > max_psk_len) {
if ((unsigned long)key_len > (unsigned long)max_psk_len) {
BIO_printf(bio_err,
"psk buffer of callback is too small (%d) for key (%d)\n",
max_psk_len, BN_num_bytes(bn));
BN_free(bn);
"psk buffer of callback is too small (%d) for key (%ld)\n",
max_psk_len, key_len);
OPENSSL_free(key);
return 0;
}
psk_len = BN_bn2bin(bn, psk);
BN_free(bn);
if (psk_len == 0)
goto out_err;
memcpy(psk, key, key_len);
OPENSSL_free(key);
if (c_debug)
BIO_printf(bio_c_out, "created PSK len=%d\n", psk_len);
BIO_printf(bio_c_out, "created PSK len=%ld\n", key_len);
return psk_len;
return key_len;
out_err:
if (c_debug)
BIO_printf(bio_err, "Error in PSK client callback\n");
@ -747,6 +744,7 @@ int MAIN(int argc, char **argv)
int crl_format = FORMAT_PEM;
int crl_download = 0;
STACK_OF(X509_CRL) *crls = NULL;
int prot_opt = 0, no_prot_opt = 0;
meth = SSLv23_client_method();
@ -850,7 +848,8 @@ int MAIN(int argc, char **argv)
if (badarg)
goto bad;
continue;
} else if (args_ssl(&argv, &argc, cctx, &badarg, bio_err, &ssl_args)) {
} else if (args_ssl(&argv, &argc, cctx, &badarg, bio_err, &ssl_args,
&no_prot_opt)) {
if (badarg)
goto bad;
continue;
@ -942,31 +941,42 @@ int MAIN(int argc, char **argv)
}
#endif
#ifndef OPENSSL_NO_SSL2
else if (strcmp(*argv, "-ssl2") == 0)
else if (strcmp(*argv, "-ssl2") == 0) {
meth = SSLv2_client_method();
prot_opt++;
}
#endif
#ifndef OPENSSL_NO_SSL3_METHOD
else if (strcmp(*argv, "-ssl3") == 0)
else if (strcmp(*argv, "-ssl3") == 0) {
meth = SSLv3_client_method();
prot_opt++;
}
#endif
#ifndef OPENSSL_NO_TLS1
else if (strcmp(*argv, "-tls1_2") == 0)
else if (strcmp(*argv, "-tls1_2") == 0) {
meth = TLSv1_2_client_method();
else if (strcmp(*argv, "-tls1_1") == 0)
prot_opt++;
} else if (strcmp(*argv, "-tls1_1") == 0) {
meth = TLSv1_1_client_method();
else if (strcmp(*argv, "-tls1") == 0)
prot_opt++;
} else if (strcmp(*argv, "-tls1") == 0) {
meth = TLSv1_client_method();
prot_opt++;
}
#endif
#ifndef OPENSSL_NO_DTLS1
else if (strcmp(*argv, "-dtls") == 0) {
meth = DTLS_client_method();
socket_type = SOCK_DGRAM;
prot_opt++;
} else if (strcmp(*argv, "-dtls1") == 0) {
meth = DTLSv1_client_method();
socket_type = SOCK_DGRAM;
prot_opt++;
} else if (strcmp(*argv, "-dtls1_2") == 0) {
meth = DTLSv1_2_client_method();
socket_type = SOCK_DGRAM;
prot_opt++;
} else if (strcmp(*argv, "-timeout") == 0)
enable_timeouts = 1;
else if (strcmp(*argv, "-mtu") == 0) {
@ -1149,6 +1159,17 @@ int MAIN(int argc, char **argv)
}
#endif
if (prot_opt > 1) {
BIO_printf(bio_err, "Cannot supply multiple protocol flags\n");
goto end;
}
if (prot_opt == 1 && no_prot_opt) {
BIO_printf(bio_err, "Cannot supply both a protocol flag and "
"\"-no_<prot>\"\n");
goto end;
}
OpenSSL_add_ssl_algorithms();
SSL_load_error_strings();
@ -1540,7 +1561,10 @@ int MAIN(int argc, char **argv)
SSL_set_connect_state(con);
/* ok, lets connect */
width = SSL_get_fd(con) + 1;
if (fileno_stdin() > SSL_get_fd(con))
width = fileno_stdin() + 1;
else
width = SSL_get_fd(con) + 1;
read_tty = 1;
write_tty = 0;
@ -1723,9 +1747,11 @@ int MAIN(int argc, char **argv)
#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined (OPENSSL_SYS_BEOS_R5)
if (tty_on) {
if (read_tty)
openssl_fdset(fileno(stdin), &readfds);
openssl_fdset(fileno_stdin(), &readfds);
#if !defined(OPENSSL_SYS_VMS)
if (write_tty)
openssl_fdset(fileno(stdout), &writefds);
openssl_fdset(fileno_stdout(), &writefds);
#endif
}
if (read_ssl)
openssl_fdset(SSL_get_fd(con), &readfds);
@ -1795,14 +1821,14 @@ int MAIN(int argc, char **argv)
/* Under BeOS-R5 the situation is similar to DOS */
i = 0;
stdin_set = 0;
(void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK);
(void)fcntl(fileno_stdin(), F_SETFL, O_NONBLOCK);
if (!write_tty) {
if (read_tty) {
tv.tv_sec = 1;
tv.tv_usec = 0;
i = select(width, (void *)&readfds, (void *)&writefds,
NULL, &tv);
if (read(fileno(stdin), sbuf, 0) >= 0)
if (read(fileno_stdin(), sbuf, 0) >= 0)
stdin_set = 1;
if (!i && (stdin_set != 1 || !read_tty))
continue;
@ -1810,7 +1836,7 @@ int MAIN(int argc, char **argv)
i = select(width, (void *)&readfds, (void *)&writefds,
NULL, timeoutp);
}
(void)fcntl(fileno(stdin), F_SETFL, 0);
(void)fcntl(fileno_stdin(), F_SETFL, 0);
#else
i = select(width, (void *)&readfds, (void *)&writefds,
NULL, timeoutp);
@ -1886,11 +1912,11 @@ int MAIN(int argc, char **argv)
goto shut;
}
}
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5) || defined(OPENSSL_SYS_VMS)
/* Assume Windows/DOS/BeOS can always write */
else if (!ssl_pending && write_tty)
#else
else if (!ssl_pending && FD_ISSET(fileno(stdout), &writefds))
else if (!ssl_pending && FD_ISSET(fileno_stdout(), &writefds))
#endif
{
#ifdef CHARSET_EBCDIC
@ -1988,7 +2014,7 @@ int MAIN(int argc, char **argv)
#elif defined(OPENSSL_SYS_BEOS_R5)
else if (stdin_set)
#else
else if (FD_ISSET(fileno(stdin), &readfds))
else if (FD_ISSET(fileno_stdin(), &readfds))
#endif
{
if (crlf) {

76
crypto/openssl/apps/s_server.c
View file

@ -353,9 +353,8 @@ static unsigned int psk_server_cb(SSL *ssl, const char *identity,
unsigned char *psk,
unsigned int max_psk_len)
{
unsigned int psk_len = 0;
int ret;
BIGNUM *bn = NULL;
long key_len = 0;
unsigned char *key;
if (s_debug)
BIO_printf(bio_s_out, "psk_server_cb\n");
@ -377,32 +376,26 @@ static unsigned int psk_server_cb(SSL *ssl, const char *identity,
BIO_printf(bio_s_out, "PSK client identity found\n");
/* convert the PSK key to binary */
ret = BN_hex2bn(&bn, psk_key);
if (!ret) {
BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
key = string_to_hex(psk_key, &key_len);
if (key == NULL) {
BIO_printf(bio_err, "Could not convert PSK key '%s' to buffer\n",
psk_key);
if (bn)
BN_free(bn);
return 0;
}
if (BN_num_bytes(bn) > (int)max_psk_len) {
if (key_len > (int)max_psk_len) {
BIO_printf(bio_err,
"psk buffer of callback is too small (%d) for key (%d)\n",
max_psk_len, BN_num_bytes(bn));
BN_free(bn);
"psk buffer of callback is too small (%d) for key (%ld)\n",
max_psk_len, key_len);
OPENSSL_free(key);
return 0;
}
ret = BN_bn2bin(bn, psk);
BN_free(bn);
if (ret < 0)
goto out_err;
psk_len = (unsigned int)ret;
memcpy(psk, key, key_len);
OPENSSL_free(key);
if (s_debug)
BIO_printf(bio_s_out, "fetched PSK len=%d\n", psk_len);
return psk_len;
BIO_printf(bio_s_out, "fetched PSK len=%ld\n", key_len);
return key_len;
out_err:
if (s_debug)
BIO_printf(bio_err, "Error in PSK server callback\n");
@ -1144,6 +1137,7 @@ int MAIN(int argc, char *argv[])
int crl_format = FORMAT_PEM;
int crl_download = 0;
STACK_OF(X509_CRL) *crls = NULL;
int prot_opt = 0, no_prot_opt = 0;
meth = SSLv23_server_method();
@ -1307,7 +1301,8 @@ int MAIN(int argc, char *argv[])
if (badarg)
goto bad;
continue;
} else if (args_ssl(&argv, &argc, cctx, &badarg, bio_err, &ssl_args)) {
} else if (args_ssl(&argv, &argc, cctx, &badarg, bio_err, &ssl_args,
&no_prot_opt)) {
if (badarg)
goto bad;
continue;
@ -1451,32 +1446,40 @@ int MAIN(int argc, char *argv[])
else if (strcmp(*argv, "-ssl2") == 0) {
no_ecdhe = 1;
meth = SSLv2_server_method();
prot_opt++;
}
#endif
#ifndef OPENSSL_NO_SSL3_METHOD
else if (strcmp(*argv, "-ssl3") == 0) {
meth = SSLv3_server_method();
prot_opt++;
}
#endif
#ifndef OPENSSL_NO_TLS1
else if (strcmp(*argv, "-tls1") == 0) {
meth = TLSv1_server_method();
prot_opt++;
} else if (strcmp(*argv, "-tls1_1") == 0) {
meth = TLSv1_1_server_method();
prot_opt++;
} else if (strcmp(*argv, "-tls1_2") == 0) {
meth = TLSv1_2_server_method();
prot_opt++;
}
#endif
#ifndef OPENSSL_NO_DTLS1
else if (strcmp(*argv, "-dtls") == 0) {
meth = DTLS_server_method();
socket_type = SOCK_DGRAM;
prot_opt++;
} else if (strcmp(*argv, "-dtls1") == 0) {
meth = DTLSv1_server_method();
socket_type = SOCK_DGRAM;
prot_opt++;
} else if (strcmp(*argv, "-dtls1_2") == 0) {
meth = DTLSv1_2_server_method();
socket_type = SOCK_DGRAM;
prot_opt++;
} else if (strcmp(*argv, "-timeout") == 0)
enable_timeouts = 1;
else if (strcmp(*argv, "-mtu") == 0) {
@ -1586,6 +1589,17 @@ int MAIN(int argc, char *argv[])
}
#endif
if (prot_opt > 1) {
BIO_printf(bio_err, "Cannot supply multiple protocol flags\n");
goto end;
}
if (prot_opt == 1 && no_prot_opt) {
BIO_printf(bio_err, "Cannot supply both a protocol flag and "
"\"-no_<prot>\"\n");
goto end;
}
SSL_load_error_strings();
OpenSSL_add_ssl_algorithms();
@ -2293,7 +2307,10 @@ static int sv_body(char *hostname, int s, int stype, unsigned char *context)
}
#endif
width = s + 1;
if (fileno_stdin() > s)
width = fileno_stdin() + 1;
else
width = s + 1;
for (;;) {
int read_from_terminal;
int read_from_sslcon;
@ -2304,7 +2321,7 @@ static int sv_body(char *hostname, int s, int stype, unsigned char *context)
if (!read_from_sslcon) {
FD_ZERO(&readfds);
#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined(OPENSSL_SYS_BEOS_R5)
openssl_fdset(fileno(stdin), &readfds);
openssl_fdset(fileno_stdin(), &readfds);
#endif
openssl_fdset(s, &readfds);
/*
@ -2332,13 +2349,13 @@ static int sv_body(char *hostname, int s, int stype, unsigned char *context)
/* Under BeOS-R5 the situation is similar to DOS */
tv.tv_sec = 1;
tv.tv_usec = 0;
(void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK);
(void)fcntl(fileno_stdin(), F_SETFL, O_NONBLOCK);
i = select(width, (void *)&readfds, NULL, NULL, &tv);
if ((i < 0) || (!i && read(fileno(stdin), buf, 0) < 0))
if ((i < 0) || (!i && read(fileno_stdin(), buf, 0) < 0))
continue;
if (read(fileno(stdin), buf, 0) >= 0)
if (read(fileno_stdin(), buf, 0) >= 0)
read_from_terminal = 1;
(void)fcntl(fileno(stdin), F_SETFL, 0);
(void)fcntl(fileno_stdin(), F_SETFL, 0);
#else
if ((SSL_version(con) == DTLS1_VERSION) &&
DTLSv1_get_timeout(con, &timeout))
@ -2355,7 +2372,7 @@ static int sv_body(char *hostname, int s, int stype, unsigned char *context)
if (i <= 0)
continue;
if (FD_ISSET(fileno(stdin), &readfds))
if (FD_ISSET(fileno_stdin(), &readfds))
read_from_terminal = 1;
#endif
if (FD_ISSET(s, &readfds))
@ -2382,6 +2399,7 @@ static int sv_body(char *hostname, int s, int stype, unsigned char *context)
assert(lf_num == 0);
} else
i = raw_read_stdin(buf, bufsize);
if (!s_quiet && !s_brief) {
if ((i <= 0) || (buf[0] == 'Q')) {
BIO_printf(bio_s_out, "DONE\n");
@ -3371,7 +3389,7 @@ static int generate_session_id(const SSL *ssl, unsigned char *id,
{
unsigned int count = 0;
do {
if (RAND_pseudo_bytes(id, *id_len) < 0)
if (RAND_bytes(id, *id_len) <= 0)
return 0;
/*
* Prefix the session_id with the required prefix. NB: If our prefix

4
crypto/openssl/apps/speed.c
View file

@ -2614,6 +2614,10 @@ static int do_multi(int multi)
static char sep[] = ":";
fds = malloc(multi * sizeof *fds);
if (fds == NULL) {
fprintf(stderr, "Out of memory in speed (do_multi)\n");
exit(1);
}
for (n = 0; n < multi; ++n) {
if (pipe(fd) == -1) {
fprintf(stderr, "pipe failure\n");

2
crypto/openssl/apps/srp.c
View file

@ -765,4 +765,6 @@ int MAIN(int argc, char **argv)
OPENSSL_EXIT(ret);
}
#else
static void *dummy = &dummy;
#endif

21
crypto/openssl/apps/verify.c
View file

@ -115,43 +115,43 @@ int MAIN(int argc, char **argv)
if (argc >= 1) {
if (strcmp(*argv, "-CApath") == 0) {
if (argc-- < 1)
goto end;
goto usage;
CApath = *(++argv);
} else if (strcmp(*argv, "-CAfile") == 0) {
if (argc-- < 1)
goto end;
goto usage;
CAfile = *(++argv);
} else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) {
if (badarg)
goto end;
goto usage;
continue;
} else if (strcmp(*argv, "-untrusted") == 0) {
if (argc-- < 1)
goto end;
goto usage;
untfile = *(++argv);
} else if (strcmp(*argv, "-trusted") == 0) {
if (argc-- < 1)
goto end;
goto usage;
trustfile = *(++argv);
} else if (strcmp(*argv, "-CRLfile") == 0) {
if (argc-- < 1)
goto end;
goto usage;
crlfile = *(++argv);
} else if (strcmp(*argv, "-crl_download") == 0)
crl_download = 1;
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv, "-engine") == 0) {
if (--argc < 1)
goto end;
goto usage;
engine = *(++argv);
}
#endif
else if (strcmp(*argv, "-help") == 0)
goto end;
goto usage;
else if (strcmp(*argv, "-verbose") == 0)
v_verbose = 1;
else if (argv[0][0] == '-')
goto end;
goto usage;
else
break;
argc--;
@ -228,7 +228,7 @@ int MAIN(int argc, char **argv)
ret = -1;
}
end:
usage:
if (ret == 1) {
BIO_printf(bio_err,
"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check]");
@ -247,6 +247,7 @@ int MAIN(int argc, char **argv)
X509_PURPOSE_get0_name(ptmp));
}
}
end:
if (vpm)
X509_VERIFY_PARAM_free(vpm);
if (cert_ctx != NULL)

6
crypto/openssl/apps/x509.c
View file

@ -1105,6 +1105,10 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
EVP_PKEY *upkey;
upkey = X509_get_pubkey(xca);
if (upkey == NULL) {
BIO_printf(bio_err, "Error obtaining CA X509 public key\n");
goto end;
}
EVP_PKEY_copy_parameters(upkey, pkey);
EVP_PKEY_free(upkey);
@ -1217,6 +1221,8 @@ static int sign(X509 *x, EVP_PKEY *pkey, int days, int clrext,
EVP_PKEY *pktmp;
pktmp = X509_get_pubkey(x);
if (pktmp == NULL)
goto err;
EVP_PKEY_copy_parameters(pktmp, pkey);
EVP_PKEY_save_parameters(pktmp, 1);
EVP_PKEY_free(pktmp);

4
crypto/openssl/crypto/LPdir_unix.c
View file

@ -1,7 +1,3 @@
/*
* $LP: LPlib/source/LPdir_unix.c,v 1.11 2004/09/23 22:07:22 _cvs_levitte Exp
* $
*/
/*
* Copyright (c) 2004, Richard Levitte <richard@levitte.org>
* All rights reserved.

24
crypto/openssl/crypto/aes/asm/bsaes-armv7.pl
View file

@ -1797,8 +1797,6 @@ $code.=<<___;
b .Lxts_enc_done
.align 4
.Lxts_enc_6:
vst1.64 {@XMM[14]}, [r0,:128] @ next round tweak
veor @XMM[4], @XMM[4], @XMM[12]
#ifndef BSAES_ASM_EXTENDED_KEY
add r4, sp, #0x90 @ pass key schedule
@ -1834,8 +1832,6 @@ $code.=<<___;
.align 5
.Lxts_enc_5:
vst1.64 {@XMM[13]}, [r0,:128] @ next round tweak
veor @XMM[3], @XMM[3], @XMM[11]
#ifndef BSAES_ASM_EXTENDED_KEY
add r4, sp, #0x90 @ pass key schedule
@ -1864,8 +1860,6 @@ $code.=<<___;
b .Lxts_enc_done
.align 4
.Lxts_enc_4:
vst1.64 {@XMM[12]}, [r0,:128] @ next round tweak
veor @XMM[2], @XMM[2], @XMM[10]
#ifndef BSAES_ASM_EXTENDED_KEY
add r4, sp, #0x90 @ pass key schedule
@ -1891,8 +1885,6 @@ $code.=<<___;
b .Lxts_enc_done
.align 4
.Lxts_enc_3:
vst1.64 {@XMM[11]}, [r0,:128] @ next round tweak
veor @XMM[1], @XMM[1], @XMM[9]
#ifndef BSAES_ASM_EXTENDED_KEY
add r4, sp, #0x90 @ pass key schedule
@ -1917,8 +1909,6 @@ $code.=<<___;
b .Lxts_enc_done
.align 4
.Lxts_enc_2:
vst1.64 {@XMM[10]}, [r0,:128] @ next round tweak
veor @XMM[0], @XMM[0], @XMM[8]
#ifndef BSAES_ASM_EXTENDED_KEY
add r4, sp, #0x90 @ pass key schedule
@ -1941,7 +1931,7 @@ $code.=<<___;
.align 4
.Lxts_enc_1:
mov r0, sp
veor @XMM[0], @XMM[8]
veor @XMM[0], @XMM[0], @XMM[8]
mov r1, sp
vst1.8 {@XMM[0]}, [sp,:128]
mov r2, $key
@ -2251,8 +2241,6 @@ $code.=<<___;
b .Lxts_dec_done
.align 4
.Lxts_dec_5:
vst1.64 {@XMM[13]}, [r0,:128] @ next round tweak
veor @XMM[3], @XMM[3], @XMM[11]
#ifndef BSAES_ASM_EXTENDED_KEY
add r4, sp, #0x90 @ pass key schedule
@ -2281,8 +2269,6 @@ $code.=<<___;
b .Lxts_dec_done
.align 4
.Lxts_dec_4:
vst1.64 {@XMM[12]}, [r0,:128] @ next round tweak
veor @XMM[2], @XMM[2], @XMM[10]
#ifndef BSAES_ASM_EXTENDED_KEY
add r4, sp, #0x90 @ pass key schedule
@ -2308,8 +2294,6 @@ $code.=<<___;
b .Lxts_dec_done
.align 4
.Lxts_dec_3:
vst1.64 {@XMM[11]}, [r0,:128] @ next round tweak
veor @XMM[1], @XMM[1], @XMM[9]
#ifndef BSAES_ASM_EXTENDED_KEY
add r4, sp, #0x90 @ pass key schedule
@ -2334,8 +2318,6 @@ $code.=<<___;
b .Lxts_dec_done
.align 4
.Lxts_dec_2:
vst1.64 {@XMM[10]}, [r0,:128] @ next round tweak
veor @XMM[0], @XMM[0], @XMM[8]
#ifndef BSAES_ASM_EXTENDED_KEY
add r4, sp, #0x90 @ pass key schedule
@ -2358,12 +2340,12 @@ $code.=<<___;
.align 4
.Lxts_dec_1:
mov r0, sp
veor @XMM[0], @XMM[8]
veor @XMM[0], @XMM[0], @XMM[8]
mov r1, sp
vst1.8 {@XMM[0]}, [sp,:128]
mov r5, $magic @ preserve magic
mov r2, $key
mov r4, $fp @ preserve fp
mov r5, $magic @ preserve magic
bl AES_decrypt

58
crypto/openssl/crypto/asn1/a_bytes.c
View file

@ -60,7 +60,12 @@
#include "cryptlib.h"
#include <openssl/asn1.h>
static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c);
static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c,
int depth);
static ASN1_STRING *int_d2i_ASN1_bytes(ASN1_STRING **a,
const unsigned char **pp, long length,
int Ptag, int Pclass, int depth,
int *perr);
/*
* type is a 'bitmap' of acceptable string types.
*/
@ -99,7 +104,7 @@ ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp,
ret = (*a);
if (len != 0) {
s = (unsigned char *)OPENSSL_malloc((int)len + 1);
s = OPENSSL_malloc((int)len + 1);
if (s == NULL) {
i = ERR_R_MALLOC_FAILURE;
goto err;
@ -154,15 +159,38 @@ int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass)
return (r);
}
/*
* Maximum recursion depth of d2i_ASN1_bytes(): much more than should be
* encountered in pratice.
*/
#define ASN1_BYTES_MAXDEPTH 20
ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
long length, int Ptag, int Pclass)
{
int err = 0;
ASN1_STRING *s = int_d2i_ASN1_bytes(a, pp, length, Ptag, Pclass, 0, &err);
if (err != 0)
ASN1err(ASN1_F_D2I_ASN1_BYTES, err);
return s;
}
static ASN1_STRING *int_d2i_ASN1_bytes(ASN1_STRING **a,
const unsigned char **pp, long length,
int Ptag, int Pclass,
int depth, int *perr)
{
ASN1_STRING *ret = NULL;
const unsigned char *p;
unsigned char *s;
long len;
int inf, tag, xclass;
int i = 0;
if (depth > ASN1_BYTES_MAXDEPTH) {
*perr = ASN1_R_NESTED_ASN1_STRING;
return NULL;
}
if ((a == NULL) || ((*a) == NULL)) {
if ((ret = ASN1_STRING_new()) == NULL)
@ -173,18 +201,19 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
p = *pp;
inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
if (inf & 0x80) {
i = ASN1_R_BAD_OBJECT_HEADER;
*perr = ASN1_R_BAD_OBJECT_HEADER;
goto err;
}
if (tag != Ptag) {
i = ASN1_R_WRONG_TAG;
*perr = ASN1_R_WRONG_TAG;
goto err;
}
if (inf & V_ASN1_CONSTRUCTED) {
ASN1_const_CTX c;
c.error = 0;
c.pp = pp;
c.p = p;
c.inf = inf;
@ -192,17 +221,18 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
c.tag = Ptag;
c.xclass = Pclass;
c.max = (length == 0) ? 0 : (p + length);
if (!asn1_collate_primitive(ret, &c))
if (!asn1_collate_primitive(ret, &c, depth)) {
*perr = c.error;
goto err;
else {
} else {
p = c.p;
}
} else {
if (len != 0) {
if ((ret->length < len) || (ret->data == NULL)) {
s = (unsigned char *)OPENSSL_malloc((int)len + 1);
s = OPENSSL_malloc((int)len + 1);
if (s == NULL) {
i = ERR_R_MALLOC_FAILURE;
*perr = ERR_R_MALLOC_FAILURE;
goto err;
}
if (ret->data != NULL)
@ -230,7 +260,6 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
err:
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
ASN1_STRING_free(ret);
ASN1err(ASN1_F_D2I_ASN1_BYTES, i);
return (NULL);
}
@ -242,7 +271,8 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
* There have been a few bug fixes for this function from Paul Keogh
* <paul.keogh@sse.ie>, many thanks to him
*/
static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c)
static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c,
int depth)
{
ASN1_STRING *os = NULL;
BUF_MEM b;
@ -270,9 +300,8 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c)
}
c->q = c->p;
if (d2i_ASN1_bytes(&os, &c->p, c->max - c->p, c->tag, c->xclass)
== NULL) {
c->error = ERR_R_ASN1_LIB;
if (int_d2i_ASN1_bytes(&os, &c->p, c->max - c->p, c->tag, c->xclass,
depth + 1, &c->error) == NULL) {
goto err;
}
@ -297,7 +326,6 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c)
ASN1_STRING_free(os);
return (1);
err:
ASN1err(ASN1_F_ASN1_COLLATE_PRIMITIVE, c->error);
if (os != NULL)
ASN1_STRING_free(os);
if (b.data != NULL)

10
crypto/openssl/crypto/asn1/a_object.c
View file

@ -73,7 +73,7 @@ int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
return (0);
objsize = ASN1_object_size(0, a->length, V_ASN1_OBJECT);
if (pp == NULL)
if (pp == NULL || objsize == -1)
return objsize;
p = *pp;
@ -174,8 +174,12 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
if (!tmp)
goto err;
}
while (blsize--)
tmp[i++] = (unsigned char)BN_div_word(bl, 0x80L);
while (blsize--) {
BN_ULONG t = BN_div_word(bl, 0x80L);
if (t == (BN_ULONG)-1)
goto err;
tmp[i++] = (unsigned char)t;
}
} else {
for (;;) {

9
crypto/openssl/crypto/asn1/a_set.c
View file

@ -57,6 +57,7 @@
*/
#include <stdio.h>
#include <limits.h>
#include "cryptlib.h"
#include <openssl/asn1_mac.h>
@ -98,10 +99,14 @@ int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp,
if (a == NULL)
return (0);
for (i = sk_OPENSSL_BLOCK_num(a) - 1; i >= 0; i--)
for (i = sk_OPENSSL_BLOCK_num(a) - 1; i >= 0; i--) {
int tmplen = i2d(sk_OPENSSL_BLOCK_value(a, i), NULL);
if (tmplen > INT_MAX - ret)
return -1;
ret += i2d(sk_OPENSSL_BLOCK_value(a, i), NULL);
}
r = ASN1_object_size(1, ret, ex_tag);
if (pp == NULL)
if (pp == NULL || r == -1)
return (r);
p = *pp;

2
crypto/openssl/crypto/asn1/a_strex.c
View file

@ -337,7 +337,7 @@ static const signed char tag2nbyte[] = {
-1, -1, -1, -1, -1, /* 5-9 */
-1, -1, 0, -1, /* 10-13 */
-1, -1, -1, -1, /* 15-17 */
-1, 1, 1, /* 18-20 */
1, 1, 1, /* 18-20 */
-1, 1, 1, 1, /* 21-24 */
-1, 1, -1, /* 25-27 */
4, -1, 2 /* 28-30 */

1
crypto/openssl/crypto/asn1/a_strnid.c
View file

@ -250,6 +250,7 @@ int ASN1_STRING_TABLE_add(int nid,
}
tmp->flags = flags | STABLE_FLAGS_MALLOC;
tmp->nid = nid;
tmp->minsize = tmp->maxsize = -1;
new_nid = 1;
} else
tmp->flags = (tmp->flags & STABLE_FLAGS_MALLOC) | flags;

2
crypto/openssl/crypto/asn1/ameth_lib.c
View file

@ -93,7 +93,9 @@ static const EVP_PKEY_ASN1_METHOD *standard_methods[] = {
&eckey_asn1_meth,
#endif
&hmac_asn1_meth,
#ifndef OPENSSL_NO_CMAC
&cmac_asn1_meth,
#endif
#ifndef OPENSSL_NO_DH
&dhx_asn1_meth
#endif

32
crypto/openssl/crypto/asn1/asn1_lib.c
View file

@ -256,26 +256,30 @@ static void asn1_put_length(unsigned char **pp, int length)
int ASN1_object_size(int constructed, int length, int tag)
{
int ret;
ret = length;
ret++;
int ret = 1;
if (length < 0)
return -1;
if (tag >= 31) {
while (tag > 0) {
tag >>= 7;
ret++;
}
}
if (constructed == 2)
return ret + 3;
ret++;
if (length > 127) {
while (length > 0) {
length >>= 8;
ret++;
if (constructed == 2) {
ret += 3;
} else {
ret++;
if (length > 127) {
int tmplen = length;
while (tmplen > 0) {
tmplen >>= 8;
ret++;
}
}
}
return (ret);
if (ret >= INT_MAX - length)
return -1;
return ret + length;
}
static int _asn1_Finish(ASN1_const_CTX *c)
@ -324,7 +328,7 @@ int asn1_GetSequence(ASN1_const_CTX *c, long *length)
return (0);
}
if (c->inf == (1 | V_ASN1_CONSTRUCTED))
c->slen = *length + *(c->pp) - c->p;
c->slen = *length;
c->eos = 0;
return (1);
}
@ -366,7 +370,7 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
else
len = strlen(data);
}
if ((str->length < len) || (str->data == NULL)) {
if ((str->length <= len) || (str->data == NULL)) {
c = str->data;
if (c == NULL)
str->data = OPENSSL_malloc(len + 1);

4
crypto/openssl/crypto/asn1/asn_mime.c
View file

@ -289,7 +289,7 @@ int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
if ((flags & SMIME_DETACHED) && data) {
/* We want multipart/signed */
/* Generate a random boundary */
if (RAND_pseudo_bytes((unsigned char *)bound, 32) < 0)
if (RAND_bytes((unsigned char *)bound, 32) <= 0)
return 0;
for (i = 0; i < 32; i++) {
c = bound[i] & 0xf;
@ -623,6 +623,8 @@ static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret)
if (bpart)
sk_BIO_push(parts, bpart);
bpart = BIO_new(BIO_s_mem());
if (bpart == NULL)
return 1;
BIO_set_mem_eof_return(bpart, 0);
} else if (eol)
BIO_write(bpart, "\r\n", 2);

6
crypto/openssl/crypto/asn1/bio_asn1.c
View file

@ -170,10 +170,12 @@ static int asn1_bio_init(BIO_ASN1_BUF_CTX *ctx, int size)
ctx->copylen = 0;
ctx->asn1_class = V_ASN1_UNIVERSAL;
ctx->asn1_tag = V_ASN1_OCTET_STRING;
ctx->ex_buf = 0;
ctx->ex_pos = 0;
ctx->ex_buf = NULL;
ctx->ex_len = 0;
ctx->ex_pos = 0;
ctx->state = ASN1_STATE_START;
ctx->prefix = ctx->prefix_free = ctx->suffix = ctx->suffix_free = NULL;
ctx->ex_arg = NULL;
return 1;
}

1
crypto/openssl/crypto/asn1/bio_ndef.c
View file

@ -136,6 +136,7 @@ BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it)
ndef_aux->ndef_bio = sarg.ndef_bio;
ndef_aux->boundary = sarg.boundary;
ndef_aux->out = out;
ndef_aux->derbuf = NULL;
BIO_ctrl(asn_bio, BIO_C_SET_EX_ARG, 0, ndef_aux);

14
crypto/openssl/crypto/asn1/charmap.pl
View file

@ -67,17 +67,19 @@ $arr[ord("?")] |= $PSTRING_CHAR;
# Now generate the C code
print <<EOF;
/* Auto generated with chartype.pl script.
* Mask of various character properties
/*
* Auto generated with chartype.pl script. Mask of various character
* properties
*/
static unsigned char char_type[] = {
static const unsigned char char_type[] = {
EOF
print " ";
for($i = 0; $i < 128; $i++) {
print("\n") if($i && (($i % 16) == 0));
printf("%2d", $arr[$i]);
print("\n ") if($i && (($i % 16) == 0));
printf(" %d", $arr[$i]);
print(",") if ($i != 127);
}
print("\n};\n\n");
print("\n};\n");

8
crypto/openssl/crypto/asn1/d2i_pr.c
View file

@ -97,15 +97,17 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
if (!ret->ameth->old_priv_decode ||
!ret->ameth->old_priv_decode(ret, &p, length)) {
if (ret->ameth->priv_decode) {
EVP_PKEY *tmp;
PKCS8_PRIV_KEY_INFO *p8 = NULL;
p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
if (!p8)
goto err;
EVP_PKEY_free(ret);
ret = EVP_PKCS82PKEY(p8);
tmp = EVP_PKCS82PKEY(p8);
PKCS8_PRIV_KEY_INFO_free(p8);
if (ret == NULL)
if (tmp == NULL)
goto err;
EVP_PKEY_free(ret);
ret = tmp;
} else {
ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
goto err;

4
crypto/openssl/crypto/asn1/f_enum.c
View file

@ -160,8 +160,6 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
i * 2);
if (sp == NULL) {
ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE);
if (s != NULL)
OPENSSL_free(s);
goto err;
}
s = sp;
@ -199,5 +197,7 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
err_sl:
ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ASN1_R_SHORT_LINE);
}
if (ret != 1)
OPENSSL_free(s);
return (ret);
}

4
crypto/openssl/crypto/asn1/f_int.c
View file

@ -172,8 +172,6 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
sp = OPENSSL_realloc_clean(s, slen, num + i * 2);
if (sp == NULL) {
ASN1err(ASN1_F_A2I_ASN1_INTEGER, ERR_R_MALLOC_FAILURE);
if (s != NULL)
OPENSSL_free(s);
goto err;
}
s = sp;
@ -211,5 +209,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
err_sl:
ASN1err(ASN1_F_A2I_ASN1_INTEGER, ASN1_R_SHORT_LINE);
}
if (ret != 1)
OPENSSL_free(s);
return (ret);
}

4
crypto/openssl/crypto/asn1/f_string.c
View file

@ -166,8 +166,6 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
i * 2);
if (sp == NULL) {
ASN1err(ASN1_F_A2I_ASN1_STRING, ERR_R_MALLOC_FAILURE);
if (s != NULL)
OPENSSL_free(s);
goto err;
}
s = sp;
@ -205,5 +203,7 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
err_sl:
ASN1err(ASN1_F_A2I_ASN1_STRING, ASN1_R_SHORT_LINE);
}
if (ret != 1)
OPENSSL_free(s);
return (ret);
}

9
crypto/openssl/crypto/asn1/i2d_pr.c
View file

@ -69,10 +69,13 @@ int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
}
if (a->ameth && a->ameth->priv_encode) {
PKCS8_PRIV_KEY_INFO *p8 = EVP_PKEY2PKCS8(a);
int ret = i2d_PKCS8_PRIV_KEY_INFO(p8, pp);
PKCS8_PRIV_KEY_INFO_free(p8);
int ret = 0;
if (p8 != NULL) {
ret = i2d_PKCS8_PRIV_KEY_INFO(p8, pp);
PKCS8_PRIV_KEY_INFO_free(p8);
}
return ret;
}
ASN1err(ASN1_F_I2D_PRIVATEKEY, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
return (-1);
return -1;
}

2
crypto/openssl/crypto/asn1/p5_pbe.c
View file

@ -101,7 +101,7 @@ int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
sstr = ASN1_STRING_data(pbe->salt);
if (salt)
memcpy(sstr, salt, saltlen);
else if (RAND_pseudo_bytes(sstr, saltlen) < 0)
else if (RAND_bytes(sstr, saltlen) <= 0)
goto err;
if (!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) {

4
crypto/openssl/crypto/asn1/p5_pbev2.c
View file

@ -120,7 +120,7 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
if (EVP_CIPHER_iv_length(cipher)) {
if (aiv)
memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
else if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
else if (RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)) <= 0)
goto err;
}
@ -225,7 +225,7 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
if (salt)
memcpy(osalt->data, salt, saltlen);
else if (RAND_pseudo_bytes(osalt->data, saltlen) < 0)
else if (RAND_bytes(osalt->data, saltlen) <= 0)
goto merr;
if (iter <= 0)

1
crypto/openssl/crypto/asn1/t_req.c
View file

@ -196,6 +196,7 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags,
if (BIO_puts(bp, ":") <= 0)
goto err;
if ((type == V_ASN1_PRINTABLESTRING) ||
(type == V_ASN1_UTF8STRING) ||
(type == V_ASN1_T61STRING) ||
(type == V_ASN1_IA5STRING)) {
if (BIO_write(bp, (char *)bs->data, bs->length)

8
crypto/openssl/crypto/asn1/tasn_dec.c
View file

@ -400,7 +400,9 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
if (tt->flags & ASN1_TFLG_ADB_MASK) {
const ASN1_TEMPLATE *seqtt;
ASN1_VALUE **pseqval;
seqtt = asn1_do_adb(pval, tt, 1);
seqtt = asn1_do_adb(pval, tt, 0);
if (seqtt == NULL)
continue;
pseqval = asn1_get_field_ptr(pval, seqtt);
ASN1_template_free(pseqval, seqtt);
}
@ -411,7 +413,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
const ASN1_TEMPLATE *seqtt;
ASN1_VALUE **pseqval;
seqtt = asn1_do_adb(pval, tt, 1);
if (!seqtt)
if (seqtt == NULL)
goto err;
pseqval = asn1_get_field_ptr(pval, seqtt);
/* Have we ran out of data? */
@ -476,7 +478,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
for (; i < it->tcount; tt++, i++) {
const ASN1_TEMPLATE *seqtt;
seqtt = asn1_do_adb(pval, tt, 1);
if (!seqtt)
if (seqtt == NULL)
goto err;
if (seqtt->flags & ASN1_TFLG_OPTIONAL) {
ASN1_VALUE **pseqval;

26
crypto/openssl/crypto/asn1/tasn_enc.c
View file

@ -59,6 +59,7 @@
#include <stddef.h>
#include <string.h>
#include <limits.h>
#include "cryptlib.h"
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
@ -216,17 +217,19 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
const ASN1_TEMPLATE *seqtt;
ASN1_VALUE **pseqval;
int tmplen;
seqtt = asn1_do_adb(pval, tt, 1);
if (!seqtt)
return 0;
pseqval = asn1_get_field_ptr(pval, seqtt);
/* FIXME: check for errors in enhanced version */
seqcontlen += asn1_template_ex_i2d(pseqval, NULL, seqtt,
-1, aclass);
tmplen = asn1_template_ex_i2d(pseqval, NULL, seqtt, -1, aclass);
if (tmplen == -1 || (tmplen > INT_MAX - seqcontlen))
return -1;
seqcontlen += tmplen;
}
seqlen = ASN1_object_size(ndef, seqcontlen, tag);
if (!out)
if (!out || seqlen == -1)
return seqlen;
/* Output SEQUENCE header */
ASN1_put_object(out, ndef, seqcontlen, tag, aclass);
@ -339,19 +342,24 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
/* Determine total length of items */
skcontlen = 0;
for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
int tmplen;
skitem = sk_ASN1_VALUE_value(sk, i);
skcontlen += ASN1_item_ex_i2d(&skitem, NULL,
ASN1_ITEM_ptr(tt->item),
-1, iclass);
tmplen = ASN1_item_ex_i2d(&skitem, NULL, ASN1_ITEM_ptr(tt->item),
-1, iclass);
if (tmplen == -1 || (skcontlen > INT_MAX - tmplen))
return -1;
skcontlen += tmplen;
}
sklen = ASN1_object_size(ndef, skcontlen, sktag);
if (sklen == -1)
return -1;
/* If EXPLICIT need length of surrounding tag */
if (flags & ASN1_TFLG_EXPTAG)
ret = ASN1_object_size(ndef, sklen, ttag);
else
ret = sklen;
if (!out)
if (!out || ret == -1)
return ret;
/* Now encode this lot... */
@ -380,7 +388,7 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
return 0;
/* Find length of EXPLICIT tag */
ret = ASN1_object_size(ndef, i, ttag);
if (out) {
if (out && ret != -1) {
/* Output tag and item */
ASN1_put_object(out, ndef, i, ttag, tclass);
ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), -1, iclass);

16
crypto/openssl/crypto/asn1/tasn_prn.c
View file

@ -204,7 +204,8 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
} else
asn1_cb = 0;
if (*fld == NULL) {
if (((it->itype != ASN1_ITYPE_PRIMITIVE)
|| (it->utype != V_ASN1_BOOLEAN)) && *fld == NULL) {
if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_ABSENT) {
if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
return 0;
@ -446,6 +447,8 @@ static int asn1_print_integer_ctx(BIO *out, ASN1_INTEGER *str,
char *s;
int ret = 1;
s = i2s_ASN1_INTEGER(NULL, str);
if (s == NULL)
return 0;
if (BIO_puts(out, s) <= 0)
ret = 0;
OPENSSL_free(s);
@ -496,11 +499,16 @@ static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
return 0;
if (pf && pf->prim_print)
return pf->prim_print(out, fld, it, indent, pctx);
str = (ASN1_STRING *)*fld;
if (it->itype == ASN1_ITYPE_MSTRING)
if (it->itype == ASN1_ITYPE_MSTRING) {
str = (ASN1_STRING *)*fld;
utype = str->type & ~V_ASN1_NEG;
else
} else {
utype = it->utype;
if (utype == V_ASN1_BOOLEAN)
str = NULL;
else
str = (ASN1_STRING *)*fld;
}
if (utype == V_ASN1_ANY) {
ASN1_TYPE *atype = (ASN1_TYPE *)*fld;
utype = atype->type;

2
crypto/openssl/crypto/asn1/tasn_utl.c
View file

@ -234,7 +234,7 @@ const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt,
sfld = offset2ptr(*pval, adb->offset);
/* Check if NULL */
if (!sfld) {
if (*sfld == NULL) {
if (!adb->null_tt)
goto err;
return adb->null_tt;

15
crypto/openssl/crypto/asn1/x_bignum.c
View file

@ -78,6 +78,8 @@ static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
const ASN1_ITEM *it);
static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
int utype, char *free_cont, const ASN1_ITEM *it);
static int bn_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it,
int indent, const ASN1_PCTX *pctx);
static ASN1_PRIMITIVE_FUNCS bignum_pf = {
NULL, 0,
@ -85,7 +87,8 @@ static ASN1_PRIMITIVE_FUNCS bignum_pf = {
bn_free,
0,
bn_c2i,
bn_i2c
bn_i2c,
bn_print
};
ASN1_ITEM_start(BIGNUM)
@ -151,3 +154,13 @@ static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
}
return 1;
}
static int bn_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it,
int indent, const ASN1_PCTX *pctx)
{
if (!BN_print(out, *(BIGNUM **)pval))
return 0;
if (BIO_puts(out, "\n") <= 0)
return 0;
return 1;
}

6
crypto/openssl/crypto/asn1/x_name.c
View file

@ -199,10 +199,8 @@ static int x509_name_ex_d2i(ASN1_VALUE **val,
int i, j, ret;
STACK_OF(X509_NAME_ENTRY) *entries;
X509_NAME_ENTRY *entry;
if (len > X509_NAME_MAX) {
ASN1err(ASN1_F_X509_NAME_EX_D2I, ASN1_R_TOO_LONG);
return 0;
}
if (len > X509_NAME_MAX)
len = X509_NAME_MAX;
q = p;
/* Get internal representation of Name */

54
crypto/openssl/crypto/asn1/x_x509.c
View file

@ -199,12 +199,26 @@ X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
return NULL;
}
int i2d_X509_AUX(X509 *a, unsigned char **pp)
/*
* Serialize trusted certificate to *pp or just return the required buffer
* length if pp == NULL. We ultimately want to avoid modifying *pp in the
* error path, but that depends on similar hygiene in lower-level functions.
* Here we avoid compounding the problem.
*/
static int i2d_x509_aux_internal(X509 *a, unsigned char **pp)
{
int length, tmplen;
unsigned char *start = pp != NULL ? *pp : NULL;
OPENSSL_assert(pp == NULL || *pp != NULL);
/*
* This might perturb *pp on error, but fixing that belongs in i2d_X509()
* not here. It should be that if a == NULL length is zero, but we check
* both just in case.
*/
length = i2d_X509(a, pp);
if (length < 0 || a == NULL)
if (length <= 0 || a == NULL)
return length;
tmplen = i2d_X509_CERT_AUX(a->aux, pp);
@ -218,6 +232,42 @@ int i2d_X509_AUX(X509 *a, unsigned char **pp)
return length;
}
/*
* Serialize trusted certificate to *pp, or just return the required buffer
* length if pp == NULL.
*
* When pp is not NULL, but *pp == NULL, we allocate the buffer, but since
* we're writing two ASN.1 objects back to back, we can't have i2d_X509() do
* the allocation, nor can we allow i2d_X509_CERT_AUX() to increment the
* allocated buffer.
*/
int i2d_X509_AUX(X509 *a, unsigned char **pp)
{
int length;
unsigned char *tmp;
/* Buffer provided by caller */
if (pp == NULL || *pp != NULL)
return i2d_x509_aux_internal(a, pp);
/* Obtain the combined length */
if ((length = i2d_x509_aux_internal(a, NULL)) <= 0)
return length;
/* Allocate requisite combined storage */
*pp = tmp = OPENSSL_malloc(length);
if (tmp == NULL)
return -1; /* Push error onto error stack? */
/* Encode, but keep *pp at the originally malloced pointer */
length = i2d_x509_aux_internal(a, &tmp);
if (length <= 0) {
OPENSSL_free(*pp);
*pp = NULL;
}
return length;
}
int i2d_re_X509_tbs(X509 *x, unsigned char **pp)
{
x->cert_info->enc.modified = 1;

12
crypto/openssl/crypto/bio/b_print.c
View file

@ -423,9 +423,15 @@ _dopr(char **sbuffer,
break;
}
}
*truncated = (currlen > *maxlen - 1);
if (*truncated)
currlen = *maxlen - 1;
/*
* We have to truncate if there is no dynamic buffer and we have filled the
* static buffer.
*/
if (buffer == NULL) {
*truncated = (currlen > *maxlen - 1);
if (*truncated)
currlen = *maxlen - 1;
}
if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0'))
return 0;
*retlen = currlen - 1;

4
crypto/openssl/crypto/bio/bf_nbio.c
View file

@ -139,7 +139,7 @@ static int nbiof_read(BIO *b, char *out, int outl)
BIO_clear_retry_flags(b);
#if 1
if (RAND_pseudo_bytes(&n, 1) < 0)
if (RAND_bytes(&n, 1) <= 0)
return -1;
num = (n & 0x07);
@ -179,7 +179,7 @@ static int nbiof_write(BIO *b, const char *in, int inl)
num = nt->lwn;
nt->lwn = 0;
} else {
if (RAND_pseudo_bytes(&n, 1) < 0)
if (RAND_bytes(&n, 1) <= 0)
return -1;
num = (n & 7);
}

6
crypto/openssl/crypto/bio/bio.h
View file

@ -559,11 +559,11 @@ int BIO_read_filename(BIO *b, const char *name);
# define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
# define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
# define BIO_set_ssl_renegotiate_bytes(b,num) \
BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL);
BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL)
# define BIO_get_num_renegotiates(b) \
BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL);
BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL)
# define BIO_set_ssl_renegotiate_timeout(b,seconds) \
BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL);
BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL)
/* defined in evp.h */
/* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */

19
crypto/openssl/crypto/bio/bss_bio.c
View file

@ -149,9 +149,13 @@ static int bio_new(BIO *bio)
return 0;
b->peer = NULL;
b->closed = 0;
b->len = 0;
b->offset = 0;
/* enough for one TLS record (just a default) */
b->size = 17 * 1024;
b->buf = NULL;
b->request = 0;
bio->ptr = b;
return 1;
@ -655,16 +659,15 @@ static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr)
break;
case BIO_CTRL_EOF:
{
BIO *other_bio = ptr;
if (b->peer != NULL) {
struct bio_bio_st *peer_b = b->peer->ptr;
if (other_bio) {
struct bio_bio_st *other_b = other_bio->ptr;
assert(other_b != NULL);
ret = other_b->len == 0 && other_b->closed;
} else
if (peer_b->len == 0 && peer_b->closed)
ret = 1;
else
ret = 0;
} else {
ret = 1;
}
break;

6
crypto/openssl/crypto/bio/bss_file.c
View file

@ -174,7 +174,11 @@ BIO *BIO_new_file(const char *filename, const char *mode)
if (file == NULL) {
SYSerr(SYS_F_FOPEN, get_last_sys_error());
ERR_add_error_data(5, "fopen('", filename, "','", mode, "')");
if (errno == ENOENT)
if (errno == ENOENT
# ifdef ENXIO
|| errno == ENXIO
# endif
)
BIOerr(BIO_F_BIO_NEW_FILE, BIO_R_NO_SUCH_FILE);
else
BIOerr(BIO_F_BIO_NEW_FILE, ERR_R_SYS_LIB);

2
crypto/openssl/crypto/bio/bss_rtcp.c
View file

@ -170,6 +170,8 @@ static int rtcp_new(BIO *bi)
bi->num = 0;
bi->flags = 0;
bi->ptr = OPENSSL_malloc(sizeof(struct rpc_ctx));
if (bi->ptr == NULL)
return (0);
ctx = (struct rpc_ctx *)bi->ptr;
ctx->filled = 0;
ctx->pos = 0;

41
crypto/openssl/crypto/bn/asm/x86-mont.pl
View file

@ -63,27 +63,26 @@ $frame=32; # size of above frame rounded up to 16n
&lea ("esi",&wparam(0)); # put aside pointer to argument block
&lea ("edx",&wparam(1)); # load ap
&mov ("ebp","esp"); # saved stack pointer!
&add ("edi",2); # extra two words on top of tp
&neg ("edi");
&lea ("esp",&DWP(-$frame,"esp","edi",4)); # alloca($frame+4*(num+2))
&lea ("ebp",&DWP(-$frame,"esp","edi",4)); # future alloca($frame+4*(num+2))
&neg ("edi");
# minimize cache contention by arraning 2K window between stack
# pointer and ap argument [np is also position sensitive vector,
# but it's assumed to be near ap, as it's allocated at ~same
# time].
&mov ("eax","esp");
&mov ("eax","ebp");
&sub ("eax","edx");
&and ("eax",2047);
&sub ("esp","eax"); # this aligns sp and ap modulo 2048
&sub ("ebp","eax"); # this aligns sp and ap modulo 2048
&xor ("edx","esp");
&xor ("edx","ebp");
&and ("edx",2048);
&xor ("edx",2048);
&sub ("esp","edx"); # this splits them apart modulo 4096
&sub ("ebp","edx"); # this splits them apart modulo 4096
&and ("esp",-64); # align to cache line
&and ("ebp",-64); # align to cache line
# Some OSes, *cough*-dows, insist on stack being "wired" to
# physical memory in strictly sequential manner, i.e. if stack
@ -91,20 +90,28 @@ $frame=32; # size of above frame rounded up to 16n
# be punishable by SEGV. But page walking can do good even on
# other OSes, because it guarantees that villain thread hits
# the guard page before it can make damage to innocent one...
&mov ("eax","ebp");
&sub ("eax","esp");
&mov ("eax","esp");
&sub ("eax","ebp");
&and ("eax",-4096);
&set_label("page_walk");
&mov ("edx",&DWP(0,"esp","eax"));
&sub ("eax",4096);
&data_byte(0x2e);
&jnc (&label("page_walk"));
&mov ("edx","esp"); # saved stack pointer!
&lea ("esp",&DWP(0,"ebp","eax"));
&mov ("eax",&DWP(0,"esp"));
&cmp ("esp","ebp");
&ja (&label("page_walk"));
&jmp (&label("page_walk_done"));
&set_label("page_walk",16);
&lea ("esp",&DWP(-4096,"esp"));
&mov ("eax",&DWP(0,"esp"));
&cmp ("esp","ebp");
&ja (&label("page_walk"));
&set_label("page_walk_done");
################################# load argument block...
&mov ("eax",&DWP(0*4,"esi"));# BN_ULONG *rp
&mov ("ebx",&DWP(1*4,"esi"));# const BN_ULONG *ap
&mov ("ecx",&DWP(2*4,"esi"));# const BN_ULONG *bp
&mov ("edx",&DWP(3*4,"esi"));# const BN_ULONG *np
&mov ("ebp",&DWP(3*4,"esi"));# const BN_ULONG *np
&mov ("esi",&DWP(4*4,"esi"));# const BN_ULONG *n0
#&mov ("edi",&DWP(5*4,"esi"));# int num
@ -112,11 +119,11 @@ $frame=32; # size of above frame rounded up to 16n
&mov ($_rp,"eax"); # ... save a copy of argument block
&mov ($_ap,"ebx");
&mov ($_bp,"ecx");
&mov ($_np,"edx");
&mov ($_np,"ebp");
&mov ($_n0,"esi");
&lea ($num,&DWP(-3,"edi")); # num=num-1 to assist modulo-scheduling
#&mov ($_num,$num); # redundant as $num is not reused
&mov ($_sp,"ebp"); # saved stack pointer!
&mov ($_sp,"edx"); # saved stack pointer!
if($sse2) {
$acc0="mm0"; # mmx register bank layout

2
crypto/openssl/crypto/bn/asm/x86_64-gcc.c
View file

@ -194,7 +194,7 @@ BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
BN_ULONG ret, waste;
asm("divq %4":"=a"(ret), "=d"(waste)
: "a"(l), "d"(h), "g"(d)
: "a"(l), "d"(h), "r"(d)
: "cc");
return ret;

189
crypto/openssl/crypto/bn/asm/x86_64-mont.pl
View file

@ -97,6 +97,8 @@ $code=<<___;
.type bn_mul_mont,\@function,6
.align 16
bn_mul_mont:
mov ${num}d,${num}d
mov %rsp,%rax
test \$3,${num}d
jnz .Lmul_enter
cmp \$8,${num}d
@ -121,29 +123,36 @@ $code.=<<___;
push %r14
push %r15
mov ${num}d,${num}d
lea 2($num),%r10
neg $num
mov %rsp,%r11
neg %r10
lea (%rsp,%r10,8),%rsp # tp=alloca(8*(num+2))
and \$-1024,%rsp # minimize TLB usage
lea -16(%rsp,$num,8),%r10 # future alloca(8*(num+2))
neg $num # restore $num
and \$-1024,%r10 # minimize TLB usage
mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp
.Lmul_body:
# Some OSes, *cough*-dows, insist on stack being "wired" to
# physical memory in strictly sequential manner, i.e. if stack
# allocation spans two pages, then reference to farmost one can
# be punishable by SEGV. But page walking can do good even on
# other OSes, because it guarantees that villain thread hits
# the guard page before it can make damage to innocent one...
sub %rsp,%r11
sub %r10,%r11
and \$-4096,%r11
.Lmul_page_walk:
mov (%rsp,%r11),%r10
sub \$4096,%r11
.byte 0x66,0x2e # predict non-taken
jnc .Lmul_page_walk
lea (%r10,%r11),%rsp
mov (%rsp),%r11
cmp %r10,%rsp
ja .Lmul_page_walk
jmp .Lmul_page_walk_done
.align 16
.Lmul_page_walk:
lea -4096(%rsp),%rsp
mov (%rsp),%r11
cmp %r10,%rsp
ja .Lmul_page_walk
.Lmul_page_walk_done:
mov %rax,8(%rsp,$num,8) # tp[num+1]=%rsp
.Lmul_body:
mov $bp,%r12 # reassign $bp
___
$bp="%r12";
@ -314,13 +323,13 @@ $code.=<<___;
mov 8(%rsp,$num,8),%rsi # restore %rsp
mov \$1,%rax
mov (%rsi),%r15
mov 8(%rsi),%r14
mov 16(%rsi),%r13
mov 24(%rsi),%r12
mov 32(%rsi),%rbp
mov 40(%rsi),%rbx
lea 48(%rsi),%rsp
mov -48(%rsi),%r15
mov -40(%rsi),%r14
mov -32(%rsi),%r13
mov -24(%rsi),%r12
mov -16(%rsi),%rbp
mov -8(%rsi),%rbx
lea (%rsi),%rsp
.Lmul_epilogue:
ret
.size bn_mul_mont,.-bn_mul_mont
@ -332,6 +341,8 @@ $code.=<<___;
.type bn_mul4x_mont,\@function,6
.align 16
bn_mul4x_mont:
mov ${num}d,${num}d
mov %rsp,%rax
.Lmul4x_enter:
___
$code.=<<___ if ($addx);
@ -347,23 +358,29 @@ $code.=<<___;
push %r14
push %r15
mov ${num}d,${num}d
lea 4($num),%r10
neg $num
mov %rsp,%r11
neg %r10
lea (%rsp,%r10,8),%rsp # tp=alloca(8*(num+4))
and \$-1024,%rsp # minimize TLB usage
lea -32(%rsp,$num,8),%r10 # future alloca(8*(num+4))
neg $num # restore
and \$-1024,%r10 # minimize TLB usage
mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp
.Lmul4x_body:
sub %rsp,%r11
sub %r10,%r11
and \$-4096,%r11
.Lmul4x_page_walk:
mov (%rsp,%r11),%r10
sub \$4096,%r11
.byte 0x2e # predict non-taken
jnc .Lmul4x_page_walk
lea (%r10,%r11),%rsp
mov (%rsp),%r11
cmp %r10,%rsp
ja .Lmul4x_page_walk
jmp .Lmul4x_page_walk_done
.Lmul4x_page_walk:
lea -4096(%rsp),%rsp
mov (%rsp),%r11
cmp %r10,%rsp
ja .Lmul4x_page_walk
.Lmul4x_page_walk_done:
mov %rax,8(%rsp,$num,8) # tp[num+1]=%rsp
.Lmul4x_body:
mov $rp,16(%rsp,$num,8) # tp[num+2]=$rp
mov %rdx,%r12 # reassign $bp
___
@ -742,13 +759,13 @@ ___
$code.=<<___;
mov 8(%rsp,$num,8),%rsi # restore %rsp
mov \$1,%rax
mov (%rsi),%r15
mov 8(%rsi),%r14
mov 16(%rsi),%r13
mov 24(%rsi),%r12
mov 32(%rsi),%rbp
mov 40(%rsi),%rbx
lea 48(%rsi),%rsp
mov -48(%rsi),%r15
mov -40(%rsi),%r14
mov -32(%rsi),%r13
mov -24(%rsi),%r12
mov -16(%rsi),%rbp
mov -8(%rsi),%rbx
lea (%rsi),%rsp
.Lmul4x_epilogue:
ret
.size bn_mul4x_mont,.-bn_mul4x_mont
@ -778,14 +795,15 @@ $code.=<<___;
.type bn_sqr8x_mont,\@function,6
.align 32
bn_sqr8x_mont:
.Lsqr8x_enter:
mov %rsp,%rax
.Lsqr8x_enter:
push %rbx
push %rbp
push %r12
push %r13
push %r14
push %r15
.Lsqr8x_prologue:
mov ${num}d,%r10d
shl \$3,${num}d # convert $num to bytes
@ -798,33 +816,42 @@ bn_sqr8x_mont:
# do its job.
#
lea -64(%rsp,$num,2),%r11
mov %rsp,%rbp
mov ($n0),$n0 # *n0
sub $aptr,%r11
and \$4095,%r11
cmp %r11,%r10
jb .Lsqr8x_sp_alt
sub %r11,%rsp # align with $aptr
lea -64(%rsp,$num,2),%rsp # alloca(frame+2*$num)
sub %r11,%rbp # align with $aptr
lea -64(%rbp,$num,2),%rbp # future alloca(frame+2*$num)
jmp .Lsqr8x_sp_done
.align 32
.Lsqr8x_sp_alt:
lea 4096-64(,$num,2),%r10 # 4096-frame-2*$num
lea -64(%rsp,$num,2),%rsp # alloca(frame+2*$num)
lea -64(%rbp,$num,2),%rbp # future alloca(frame+2*$num)
sub %r10,%r11
mov \$0,%r10
cmovc %r10,%r11
sub %r11,%rsp
sub %r11,%rbp
.Lsqr8x_sp_done:
and \$-64,%rsp
mov %rax,%r11
sub %rsp,%r11
and \$-64,%rbp
mov %rsp,%r11
sub %rbp,%r11
and \$-4096,%r11
lea (%rbp,%r11),%rsp
mov (%rsp),%r10
cmp %rbp,%rsp
ja .Lsqr8x_page_walk
jmp .Lsqr8x_page_walk_done
.align 16
.Lsqr8x_page_walk:
mov (%rsp,%r11),%r10
sub \$4096,%r11
.byte 0x2e # predict non-taken
jnc .Lsqr8x_page_walk
lea -4096(%rsp),%rsp
mov (%rsp),%r10
cmp %rbp,%rsp
ja .Lsqr8x_page_walk
.Lsqr8x_page_walk_done:
mov $num,%r10
neg $num
@ -948,30 +975,38 @@ $code.=<<___;
.type bn_mulx4x_mont,\@function,6
.align 32
bn_mulx4x_mont:
.Lmulx4x_enter:
mov %rsp,%rax
.Lmulx4x_enter:
push %rbx
push %rbp
push %r12
push %r13
push %r14
push %r15
.Lmulx4x_prologue:
shl \$3,${num}d # convert $num to bytes
.byte 0x67
xor %r10,%r10
sub $num,%r10 # -$num
mov ($n0),$n0 # *n0
lea -72(%rsp,%r10),%rsp # alloca(frame+$num+8)
and \$-128,%rsp
mov %rax,%r11
sub %rsp,%r11
lea -72(%rsp,%r10),%rbp # future alloca(frame+$num+8)
and \$-128,%rbp
mov %rsp,%r11
sub %rbp,%r11
and \$-4096,%r11
lea (%rbp,%r11),%rsp
mov (%rsp),%r10
cmp %rbp,%rsp
ja .Lmulx4x_page_walk
jmp .Lmulx4x_page_walk_done
.align 16
.Lmulx4x_page_walk:
mov (%rsp,%r11),%r10
sub \$4096,%r11
.byte 0x66,0x2e # predict non-taken
jnc .Lmulx4x_page_walk
lea -4096(%rsp),%rsp
mov (%rsp),%r10
cmp %rbp,%rsp
ja .Lmulx4x_page_walk
.Lmulx4x_page_walk_done:
lea ($bp,$num),%r10
##############################################################
@ -1332,22 +1367,8 @@ mul_handler:
mov 192($context),%r10 # pull $num
mov 8(%rax,%r10,8),%rax # pull saved stack pointer
lea 48(%rax),%rax
mov -8(%rax),%rbx
mov -16(%rax),%rbp
mov -24(%rax),%r12
mov -32(%rax),%r13
mov -40(%rax),%r14
mov -48(%rax),%r15
mov %rbx,144($context) # restore context->Rbx
mov %rbp,160($context) # restore context->Rbp
mov %r12,216($context) # restore context->R12
mov %r13,224($context) # restore context->R13
mov %r14,232($context) # restore context->R14
mov %r15,240($context) # restore context->R15
jmp .Lcommon_seh_tail
jmp .Lcommon_pop_regs
.size mul_handler,.-mul_handler
.type sqr_handler,\@abi-omnipotent
@ -1375,15 +1396,21 @@ sqr_handler:
cmp %r10,%rbx # context->Rip<.Lsqr_body
jb .Lcommon_seh_tail
mov 4(%r11),%r10d # HandlerData[1]
lea (%rsi,%r10),%r10 # body label
cmp %r10,%rbx # context->Rip>=.Lsqr_epilogue
jb .Lcommon_pop_regs
mov 152($context),%rax # pull context->Rsp
mov 4(%r11),%r10d # HandlerData[1]
mov 8(%r11),%r10d # HandlerData[2]
lea (%rsi,%r10),%r10 # epilogue label
cmp %r10,%rbx # context->Rip>=.Lsqr_epilogue
jae .Lcommon_seh_tail
mov 40(%rax),%rax # pull saved stack pointer
.Lcommon_pop_regs:
mov -8(%rax),%rbx
mov -16(%rax),%rbp
mov -24(%rax),%r12
@ -1470,13 +1497,15 @@ $code.=<<___;
.LSEH_info_bn_sqr8x_mont:
.byte 9,0,0,0
.rva sqr_handler
.rva .Lsqr8x_body,.Lsqr8x_epilogue # HandlerData[]
.rva .Lsqr8x_prologue,.Lsqr8x_body,.Lsqr8x_epilogue # HandlerData[]
.align 8
___
$code.=<<___ if ($addx);
.LSEH_info_bn_mulx4x_mont:
.byte 9,0,0,0
.rva sqr_handler
.rva .Lmulx4x_body,.Lmulx4x_epilogue # HandlerData[]
.rva .Lmulx4x_prologue,.Lmulx4x_body,.Lmulx4x_epilogue # HandlerData[]
.align 8
___
}

227
crypto/openssl/crypto/bn/asm/x86_64-mont5.pl
View file

@ -86,6 +86,8 @@ $code=<<___;
.type bn_mul_mont_gather5,\@function,6
.align 64
bn_mul_mont_gather5:
mov ${num}d,${num}d
mov %rsp,%rax
test \$7,${num}d
jnz .Lmul_enter
___
@ -97,10 +99,7 @@ $code.=<<___;
.align 16
.Lmul_enter:
mov ${num}d,${num}d
mov %rsp,%rax
movd `($win64?56:8)`(%rsp),%xmm5 # load 7th argument
lea .Linc(%rip),%r10
push %rbx
push %rbp
push %r12
@ -108,26 +107,36 @@ $code.=<<___;
push %r14
push %r15
lea 2($num),%r11
neg %r11
lea -264(%rsp,%r11,8),%rsp # tp=alloca(8*(num+2)+256+8)
and \$-1024,%rsp # minimize TLB usage
neg $num
mov %rsp,%r11
lea -280(%rsp,$num,8),%r10 # future alloca(8*(num+2)+256+8)
neg $num # restore $num
and \$-1024,%r10 # minimize TLB usage
mov %rax,8(%rsp,$num,8) # tp[num+1]=%rsp
.Lmul_body:
# Some OSes, *cough*-dows, insist on stack being "wired" to
# physical memory in strictly sequential manner, i.e. if stack
# allocation spans two pages, then reference to farmost one can
# be punishable by SEGV. But page walking can do good even on
# other OSes, because it guarantees that villain thread hits
# the guard page before it can make damage to innocent one...
sub %rsp,%rax
and \$-4096,%rax
sub %r10,%r11
and \$-4096,%r11
lea (%r10,%r11),%rsp
mov (%rsp),%r11
cmp %r10,%rsp
ja .Lmul_page_walk
jmp .Lmul_page_walk_done
.Lmul_page_walk:
mov (%rsp,%rax),%r11
sub \$4096,%rax
.byte 0x2e # predict non-taken
jnc .Lmul_page_walk
lea -4096(%rsp),%rsp
mov (%rsp),%r11
cmp %r10,%rsp
ja .Lmul_page_walk
.Lmul_page_walk_done:
lea .Linc(%rip),%r10
mov %rax,8(%rsp,$num,8) # tp[num+1]=%rsp
.Lmul_body:
lea 128($bp),%r12 # reassign $bp (+size optimization)
___
@ -433,6 +442,8 @@ $code.=<<___;
.type bn_mul4x_mont_gather5,\@function,6
.align 32
bn_mul4x_mont_gather5:
.byte 0x67
mov %rsp,%rax
.Lmul4x_enter:
___
$code.=<<___ if ($addx);
@ -441,14 +452,13 @@ $code.=<<___ if ($addx);
je .Lmulx4x_enter
___
$code.=<<___;
.byte 0x67
mov %rsp,%rax
push %rbx
push %rbp
push %r12
push %r13
push %r14
push %r15
.Lmul4x_prologue:
.byte 0x67
shl \$3,${num}d # convert $num to bytes
@ -465,32 +475,40 @@ $code.=<<___;
# calculated from 7th argument, the index.]
#
lea -320(%rsp,$num,2),%r11
mov %rsp,%rbp
sub $rp,%r11
and \$4095,%r11
cmp %r11,%r10
jb .Lmul4xsp_alt
sub %r11,%rsp # align with $rp
lea -320(%rsp,$num,2),%rsp # alloca(frame+2*num*8+256)
sub %r11,%rbp # align with $rp
lea -320(%rbp,$num,2),%rbp # future alloca(frame+2*num*8+256)
jmp .Lmul4xsp_done
.align 32
.Lmul4xsp_alt:
lea 4096-320(,$num,2),%r10
lea -320(%rsp,$num,2),%rsp # alloca(frame+2*num*8+256)
lea -320(%rbp,$num,2),%rbp # future alloca(frame+2*num*8+256)
sub %r10,%r11
mov \$0,%r10
cmovc %r10,%r11
sub %r11,%rsp
sub %r11,%rbp
.Lmul4xsp_done:
and \$-64,%rsp
mov %rax,%r11
sub %rsp,%r11
and \$-64,%rbp
mov %rsp,%r11
sub %rbp,%r11
and \$-4096,%r11
lea (%rbp,%r11),%rsp
mov (%rsp),%r10
cmp %rbp,%rsp
ja .Lmul4x_page_walk
jmp .Lmul4x_page_walk_done
.Lmul4x_page_walk:
mov (%rsp,%r11),%r10
sub \$4096,%r11
.byte 0x2e # predict non-taken
jnc .Lmul4x_page_walk
lea -4096(%rsp),%rsp
mov (%rsp),%r10
cmp %rbp,%rsp
ja .Lmul4x_page_walk
.Lmul4x_page_walk_done:
neg $num
@ -1034,6 +1052,7 @@ $code.=<<___;
.type bn_power5,\@function,6
.align 32
bn_power5:
mov %rsp,%rax
___
$code.=<<___ if ($addx);
mov OPENSSL_ia32cap_P+8(%rip),%r11d
@ -1042,13 +1061,13 @@ $code.=<<___ if ($addx);
je .Lpowerx5_enter
___
$code.=<<___;
mov %rsp,%rax
push %rbx
push %rbp
push %r12
push %r13
push %r14
push %r15
.Lpower5_prologue:
shl \$3,${num}d # convert $num to bytes
lea ($num,$num,2),%r10d # 3*$num
@ -1063,32 +1082,40 @@ $code.=<<___;
# calculated from 7th argument, the index.]
#
lea -320(%rsp,$num,2),%r11
mov %rsp,%rbp
sub $rptr,%r11
and \$4095,%r11
cmp %r11,%r10
jb .Lpwr_sp_alt
sub %r11,%rsp # align with $aptr
lea -320(%rsp,$num,2),%rsp # alloca(frame+2*num*8+256)
sub %r11,%rbp # align with $aptr
lea -320(%rbp,$num,2),%rbp # future alloca(frame+2*num*8+256)
jmp .Lpwr_sp_done
.align 32
.Lpwr_sp_alt:
lea 4096-320(,$num,2),%r10
lea -320(%rsp,$num,2),%rsp # alloca(frame+2*num*8+256)
lea -320(%rbp,$num,2),%rbp # future alloca(frame+2*num*8+256)
sub %r10,%r11
mov \$0,%r10
cmovc %r10,%r11
sub %r11,%rsp
sub %r11,%rbp
.Lpwr_sp_done:
and \$-64,%rsp
mov %rax,%r11
sub %rsp,%r11
and \$-64,%rbp
mov %rsp,%r11
sub %rbp,%r11
and \$-4096,%r11
lea (%rbp,%r11),%rsp
mov (%rsp),%r10
cmp %rbp,%rsp
ja .Lpwr_page_walk
jmp .Lpwr_page_walk_done
.Lpwr_page_walk:
mov (%rsp,%r11),%r10
sub \$4096,%r11
.byte 0x2e # predict non-taken
jnc .Lpwr_page_walk
lea -4096(%rsp),%rsp
mov (%rsp),%r10
cmp %rbp,%rsp
ja .Lpwr_page_walk
.Lpwr_page_walk_done:
mov $num,%r10
neg $num
@ -2028,6 +2055,7 @@ bn_from_mont8x:
push %r13
push %r14
push %r15
.Lfrom_prologue:
shl \$3,${num}d # convert $num to bytes
lea ($num,$num,2),%r10 # 3*$num in bytes
@ -2042,32 +2070,40 @@ bn_from_mont8x:
# last operation, we use the opportunity to cleanse it.
#
lea -320(%rsp,$num,2),%r11
mov %rsp,%rbp
sub $rptr,%r11
and \$4095,%r11
cmp %r11,%r10
jb .Lfrom_sp_alt
sub %r11,%rsp # align with $aptr
lea -320(%rsp,$num,2),%rsp # alloca(frame+2*$num*8+256)
sub %r11,%rbp # align with $aptr
lea -320(%rbp,$num,2),%rbp # future alloca(frame+2*$num*8+256)
jmp .Lfrom_sp_done
.align 32
.Lfrom_sp_alt:
lea 4096-320(,$num,2),%r10
lea -320(%rsp,$num,2),%rsp # alloca(frame+2*$num*8+256)
lea -320(%rbp,$num,2),%rbp # future alloca(frame+2*$num*8+256)
sub %r10,%r11
mov \$0,%r10
cmovc %r10,%r11
sub %r11,%rsp
sub %r11,%rbp
.Lfrom_sp_done:
and \$-64,%rsp
mov %rax,%r11
sub %rsp,%r11
and \$-64,%rbp
mov %rsp,%r11
sub %rbp,%r11
and \$-4096,%r11
lea (%rbp,%r11),%rsp
mov (%rsp),%r10
cmp %rbp,%rsp
ja .Lfrom_page_walk
jmp .Lfrom_page_walk_done
.Lfrom_page_walk:
mov (%rsp,%r11),%r10
sub \$4096,%r11
.byte 0x2e # predict non-taken
jnc .Lfrom_page_walk
lea -4096(%rsp),%rsp
mov (%rsp),%r10
cmp %rbp,%rsp
ja .Lfrom_page_walk
.Lfrom_page_walk_done:
mov $num,%r10
neg $num
@ -2173,14 +2209,15 @@ $code.=<<___;
.type bn_mulx4x_mont_gather5,\@function,6
.align 32
bn_mulx4x_mont_gather5:
.Lmulx4x_enter:
mov %rsp,%rax
.Lmulx4x_enter:
push %rbx
push %rbp
push %r12
push %r13
push %r14
push %r15
.Lmulx4x_prologue:
shl \$3,${num}d # convert $num to bytes
lea ($num,$num,2),%r10 # 3*$num in bytes
@ -2197,31 +2234,39 @@ bn_mulx4x_mont_gather5:
# calculated from 7th argument, the index.]
#
lea -320(%rsp,$num,2),%r11
mov %rsp,%rbp
sub $rp,%r11
and \$4095,%r11
cmp %r11,%r10
jb .Lmulx4xsp_alt
sub %r11,%rsp # align with $aptr
lea -320(%rsp,$num,2),%rsp # alloca(frame+2*$num*8+256)
sub %r11,%rbp # align with $aptr
lea -320(%rbp,$num,2),%rbp # future alloca(frame+2*$num*8+256)
jmp .Lmulx4xsp_done
.Lmulx4xsp_alt:
lea 4096-320(,$num,2),%r10
lea -320(%rsp,$num,2),%rsp # alloca(frame+2*$num*8+256)
lea -320(%rbp,$num,2),%rbp # future alloca(frame+2*$num*8+256)
sub %r10,%r11
mov \$0,%r10
cmovc %r10,%r11
sub %r11,%rsp
sub %r11,%rbp
.Lmulx4xsp_done:
and \$-64,%rsp # ensure alignment
mov %rax,%r11
sub %rsp,%r11
and \$-64,%rbp # ensure alignment
mov %rsp,%r11
sub %rbp,%r11
and \$-4096,%r11
lea (%rbp,%r11),%rsp
mov (%rsp),%r10
cmp %rbp,%rsp
ja .Lmulx4x_page_walk
jmp .Lmulx4x_page_walk_done
.Lmulx4x_page_walk:
mov (%rsp,%r11),%r10
sub \$4096,%r11
.byte 0x2e # predict non-taken
jnc .Lmulx4x_page_walk
lea -4096(%rsp),%rsp
mov (%rsp),%r10
cmp %rbp,%rsp
ja .Lmulx4x_page_walk
.Lmulx4x_page_walk_done:
##############################################################
# Stack layout
@ -2629,14 +2674,15 @@ $code.=<<___;
.type bn_powerx5,\@function,6
.align 32
bn_powerx5:
.Lpowerx5_enter:
mov %rsp,%rax
.Lpowerx5_enter:
push %rbx
push %rbp
push %r12
push %r13
push %r14
push %r15
.Lpowerx5_prologue:
shl \$3,${num}d # convert $num to bytes
lea ($num,$num,2),%r10 # 3*$num in bytes
@ -2651,32 +2697,40 @@ bn_powerx5:
# calculated from 7th argument, the index.]
#
lea -320(%rsp,$num,2),%r11
mov %rsp,%rbp
sub $rptr,%r11
and \$4095,%r11
cmp %r11,%r10
jb .Lpwrx_sp_alt
sub %r11,%rsp # align with $aptr
lea -320(%rsp,$num,2),%rsp # alloca(frame+2*$num*8+256)
sub %r11,%rbp # align with $aptr
lea -320(%rbp,$num,2),%rbp # future alloca(frame+2*$num*8+256)
jmp .Lpwrx_sp_done
.align 32
.Lpwrx_sp_alt:
lea 4096-320(,$num,2),%r10
lea -320(%rsp,$num,2),%rsp # alloca(frame+2*$num*8+256)
lea -320(%rbp,$num,2),%rbp # alloca(frame+2*$num*8+256)
sub %r10,%r11
mov \$0,%r10
cmovc %r10,%r11
sub %r11,%rsp
sub %r11,%rbp
.Lpwrx_sp_done:
and \$-64,%rsp
mov %rax,%r11
sub %rsp,%r11
and \$-64,%rbp
mov %rsp,%r11
sub %rbp,%r11
and \$-4096,%r11
lea (%rbp,%r11),%rsp
mov (%rsp),%r10
cmp %rbp,%rsp
ja .Lpwrx_page_walk
jmp .Lpwrx_page_walk_done
.Lpwrx_page_walk:
mov (%rsp,%r11),%r10
sub \$4096,%r11
.byte 0x2e # predict non-taken
jnc .Lpwrx_page_walk
lea -4096(%rsp),%rsp
mov (%rsp),%r10
cmp %rbp,%rsp
ja .Lpwrx_page_walk
.Lpwrx_page_walk_done:
mov $num,%r10
neg $num
@ -3607,9 +3661,14 @@ mul_handler:
cmp %r10,%rbx # context->Rip<end of prologue label
jb .Lcommon_seh_tail
mov 4(%r11),%r10d # HandlerData[1]
lea (%rsi,%r10),%r10 # epilogue label
cmp %r10,%rbx # context->Rip>=epilogue label
jb .Lcommon_pop_regs
mov 152($context),%rax # pull context->Rsp
mov 4(%r11),%r10d # HandlerData[1]
mov 8(%r11),%r10d # HandlerData[2]
lea (%rsi,%r10),%r10 # epilogue label
cmp %r10,%rbx # context->Rip>=epilogue label
jae .Lcommon_seh_tail
@ -3621,11 +3680,11 @@ mul_handler:
mov 192($context),%r10 # pull $num
mov 8(%rax,%r10,8),%rax # pull saved stack pointer
jmp .Lbody_proceed
jmp .Lcommon_pop_regs
.Lbody_40:
mov 40(%rax),%rax # pull saved stack pointer
.Lbody_proceed:
.Lcommon_pop_regs:
mov -8(%rax),%rbx
mov -16(%rax),%rbp
mov -24(%rax),%r12
@ -3716,34 +3775,34 @@ $code.=<<___;
.LSEH_info_bn_mul_mont_gather5:
.byte 9,0,0,0
.rva mul_handler
.rva .Lmul_body,.Lmul_epilogue # HandlerData[]
.rva .Lmul_body,.Lmul_body,.Lmul_epilogue # HandlerData[]
.align 8
.LSEH_info_bn_mul4x_mont_gather5:
.byte 9,0,0,0
.rva mul_handler
.rva .Lmul4x_body,.Lmul4x_epilogue # HandlerData[]
.rva .Lmul4x_prologue,.Lmul4x_body,.Lmul4x_epilogue # HandlerData[]
.align 8
.LSEH_info_bn_power5:
.byte 9,0,0,0
.rva mul_handler
.rva .Lpower5_body,.Lpower5_epilogue # HandlerData[]
.rva .Lpower5_prologue,.Lpower5_body,.Lpower5_epilogue # HandlerData[]
.align 8
.LSEH_info_bn_from_mont8x:
.byte 9,0,0,0
.rva mul_handler
.rva .Lfrom_body,.Lfrom_epilogue # HandlerData[]
.rva .Lfrom_prologue,.Lfrom_body,.Lfrom_epilogue # HandlerData[]
___
$code.=<<___ if ($addx);
.align 8
.LSEH_info_bn_mulx4x_mont_gather5:
.byte 9,0,0,0
.rva mul_handler
.rva .Lmulx4x_body,.Lmulx4x_epilogue # HandlerData[]
.rva .Lmulx4x_prologue,.Lmulx4x_body,.Lmulx4x_epilogue # HandlerData[]
.align 8
.LSEH_info_bn_powerx5:
.byte 9,0,0,0
.rva mul_handler
.rva .Lpowerx5_body,.Lpowerx5_epilogue # HandlerData[]
.rva .Lpowerx5_prologue,.Lpowerx5_body,.Lpowerx5_epilogue # HandlerData[]
___
$code.=<<___;
.align 8

2
crypto/openssl/crypto/bn/bn.h
View file

@ -842,6 +842,8 @@ int RAND_pseudo_bytes(unsigned char *buf, int num);
if (*(ftl--)) break; \
(a)->top = tmp_top; \
} \
if ((a)->top == 0) \
(a)->neg = 0; \
bn_pollute(a); \
}

4
crypto/openssl/crypto/bn/bn_div.c
View file

@ -155,7 +155,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
({ asm volatile ( \
"divl %4" \
: "=a"(q), "=d"(rem) \
: "a"(n1), "d"(n0), "g"(d0) \
: "a"(n1), "d"(n0), "r"(d0) \
: "cc"); \
q; \
})
@ -170,7 +170,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
({ asm volatile ( \
"divq %4" \
: "=a"(q), "=d"(rem) \
: "a"(n1), "d"(n0), "g"(d0) \
: "a"(n1), "d"(n0), "r"(d0) \
: "cc"); \
q; \
})

2
crypto/openssl/crypto/bn/bn_lib.c
View file

@ -569,7 +569,7 @@ void BN_clear(BIGNUM *a)
{
bn_check_top(a);
if (a->d != NULL)
memset(a->d, 0, a->dmax * sizeof(a->d[0]));
OPENSSL_cleanse(a->d, a->dmax * sizeof(a->d[0]));
a->top = 0;
a->neg = 0;
}

35
crypto/openssl/crypto/bn/bn_print.c
View file

@ -72,12 +72,9 @@ char *BN_bn2hex(const BIGNUM *a)
char *buf;
char *p;
if (a->neg && BN_is_zero(a)) {
/* "-0" == 3 bytes including NULL terminator */
buf = OPENSSL_malloc(3);
} else {
buf = OPENSSL_malloc(a->top * BN_BYTES * 2 + 2);
}
if (BN_is_zero(a))
return OPENSSL_strdup("0");
buf = OPENSSL_malloc(a->top * BN_BYTES * 2 + 2);
if (buf == NULL) {
BNerr(BN_F_BN_BN2HEX, ERR_R_MALLOC_FAILURE);
goto err;
@ -111,6 +108,7 @@ char *BN_bn2dec(const BIGNUM *a)
char *p;
BIGNUM *t = NULL;
BN_ULONG *bn_data = NULL, *lp;
int bn_data_num;
/*-
* get an upper bound for the length of the decimal integer
@ -120,9 +118,9 @@ char *BN_bn2dec(const BIGNUM *a)
*/
i = BN_num_bits(a) * 3;
num = (i / 10 + i / 1000 + 1) + 1;
bn_data =
(BN_ULONG *)OPENSSL_malloc((num / BN_DEC_NUM + 1) * sizeof(BN_ULONG));
buf = (char *)OPENSSL_malloc(num + 3);
bn_data_num = num / BN_DEC_NUM + 1;
bn_data = OPENSSL_malloc(bn_data_num * sizeof(BN_ULONG));
buf = OPENSSL_malloc(num + 3);
if ((buf == NULL) || (bn_data == NULL)) {
BNerr(BN_F_BN_BN2DEC, ERR_R_MALLOC_FAILURE);
goto err;
@ -140,9 +138,12 @@ char *BN_bn2dec(const BIGNUM *a)
if (BN_is_negative(t))
*p++ = '-';
i = 0;
while (!BN_is_zero(t)) {
if (lp - bn_data >= bn_data_num)
goto err;
*lp = BN_div_word(t, BN_DEC_CONV);
if (*lp == (BN_ULONG)-1)
goto err;
lp++;
}
lp--;
@ -240,10 +241,12 @@ int BN_hex2bn(BIGNUM **bn, const char *a)
}
ret->top = h;
bn_correct_top(ret);
ret->neg = neg;
*bn = ret;
bn_check_top(ret);
/* Don't set the negative flag if it's zero. */
if (ret->top != 0)
ret->neg = neg;
return (num);
err:
if (*bn == NULL)
@ -295,7 +298,7 @@ int BN_dec2bn(BIGNUM **bn, const char *a)
if (j == BN_DEC_NUM)
j = 0;
l = 0;
while (*a) {
while (--i >= 0) {
l *= 10;
l += *a - '0';
a++;
@ -306,11 +309,13 @@ int BN_dec2bn(BIGNUM **bn, const char *a)
j = 0;
}
}
ret->neg = neg;
bn_correct_top(ret);
*bn = ret;
bn_check_top(ret);
/* Don't set the negative flag if it's zero. */
if (ret->top != 0)
ret->neg = neg;
return (num);
err:
if (*bn == NULL)
@ -321,6 +326,7 @@ int BN_dec2bn(BIGNUM **bn, const char *a)
int BN_asc2bn(BIGNUM **bn, const char *a)
{
const char *p = a;
if (*p == '-')
p++;
@ -331,7 +337,8 @@ int BN_asc2bn(BIGNUM **bn, const char *a)
if (!BN_dec2bn(bn, p))
return 0;
}
if (*a == '-')
/* Don't set the negative flag if it's zero. */
if (*a == '-' && (*bn)->top != 0)
(*bn)->neg = 1;
return 1;
}

23
crypto/openssl/crypto/bn/bn_rand.c
View file

@ -121,15 +121,14 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
int ret = 0, bit, bytes, mask;
time_t tim;
if (bits < 0 || (bits == 1 && top > 0)) {
BNerr(BN_F_BNRAND, BN_R_BITS_TOO_SMALL);
return 0;
}
if (bits == 0) {
if (top != -1 || bottom != 0)
goto toosmall;
BN_zero(rnd);
return 1;
}
if (bits < 0 || (bits == 1 && top > 0))
goto toosmall;
bytes = (bits + 7) / 8;
bit = (bits - 1) % 8;
@ -145,13 +144,9 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
time(&tim);
RAND_add(&tim, sizeof(tim), 0.0);
if (pseudorand) {
if (RAND_pseudo_bytes(buf, bytes) == -1)
goto err;
} else {
if (RAND_bytes(buf, bytes) <= 0)
goto err;
}
/* We ignore the value of pseudorand and always call RAND_bytes */
if (RAND_bytes(buf, bytes) <= 0)
goto err;
#if 1
if (pseudorand == 2) {
@ -199,6 +194,10 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
}
bn_check_top(rnd);
return (ret);
toosmall:
BNerr(BN_F_BNRAND, BN_R_BITS_TOO_SMALL);
return 0;
}
int BN_rand(BIGNUM *rnd, int bits, int top, int bottom)

22
crypto/openssl/crypto/bn/bn_word.c
View file

@ -72,10 +72,32 @@ BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w)
if (w == 0)
return (BN_ULONG)-1;
#ifndef BN_LLONG
/*
* If |w| is too long and we don't have BN_ULLONG then we need to fall
* back to using BN_div_word
*/
if (w > ((BN_ULONG)1 << BN_BITS4)) {
BIGNUM *tmp = BN_dup(a);
if (tmp == NULL)
return (BN_ULONG)-1;
ret = BN_div_word(tmp, w);
BN_free(tmp);
return ret;
}
#endif
bn_check_top(a);
w &= BN_MASK2;
for (i = a->top - 1; i >= 0; i--) {
#ifndef BN_LLONG
/*
* We can assume here that | w <= ((BN_ULONG)1 << BN_BITS4) | and so
* | ret < ((BN_ULONG)1 << BN_BITS4) | and therefore the shifts here are
* safe and will not overflow
*/
ret = ((ret << BN_BITS4) | ((a->d[i] >> BN_BITS4) & BN_MASK2l)) % w;
ret = ((ret << BN_BITS4) | (a->d[i] & BN_MASK2l)) % w;
#else

8
crypto/openssl/crypto/bn/bntest.c
View file

@ -514,7 +514,7 @@ static void print_word(BIO *bp, BN_ULONG w)
int test_div_word(BIO *bp)
{
BIGNUM a, b;
BN_ULONG r, s;
BN_ULONG r, rmod, s;
int i;
BN_init(&a);
@ -528,8 +528,14 @@ int test_div_word(BIO *bp)
s = b.d[0];
BN_copy(&b, &a);
rmod = BN_mod_word(&b, s);
r = BN_div_word(&b, s);
if (rmod != r) {
fprintf(stderr, "Mod (word) test failed!\n");
return 0;
}
if (bp != NULL) {
if (!results) {
BN_print(bp, &a);

12
crypto/openssl/crypto/cms/cms_enc.c
View file

@ -119,7 +119,7 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
/* Generate a random IV if we need one */
ivlen = EVP_CIPHER_CTX_iv_length(ctx);
if (ivlen > 0) {
if (RAND_pseudo_bytes(iv, ivlen) <= 0)
if (RAND_bytes(iv, ivlen) <= 0)
goto err;
piv = iv;
}
@ -179,10 +179,9 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
CMS_R_CIPHER_INITIALISATION_ERROR);
goto err;
}
if (piv) {
if (enc) {
calg->parameter = ASN1_TYPE_new();
if (!calg->parameter) {
if (calg->parameter == NULL) {
CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
goto err;
}
@ -191,6 +190,11 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
goto err;
}
/* If parameter type not set omit parameter */
if (calg->parameter->type == V_ASN1_UNDEF) {
ASN1_TYPE_free(calg->parameter);
calg->parameter = NULL;
}
}
ok = 1;

3
crypto/openssl/crypto/cms/cms_ess.c
View file

@ -107,8 +107,7 @@ CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
else {
if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32))
goto merr;
if (RAND_pseudo_bytes(rr->signedContentIdentifier->data, 32)
<= 0)
if (RAND_bytes(rr->signedContentIdentifier->data, 32) <= 0)
goto err;
}

4
crypto/openssl/crypto/cms/cms_lib.c
View file

@ -413,6 +413,8 @@ static STACK_OF(CMS_CertificateChoices)
return &cms->d.signedData->certificates;
case NID_pkcs7_enveloped:
if (cms->d.envelopedData->originatorInfo == NULL)
return NULL;
return &cms->d.envelopedData->originatorInfo->certificates;
default:
@ -488,6 +490,8 @@ static STACK_OF(CMS_RevocationInfoChoice)
return &cms->d.signedData->crls;
case NID_pkcs7_enveloped:
if (cms->d.envelopedData->originatorInfo == NULL)
return NULL;
return &cms->d.envelopedData->originatorInfo->crls;
default:

4
crypto/openssl/crypto/cms/cms_pwri.c
View file

@ -134,7 +134,7 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
ivlen = EVP_CIPHER_CTX_iv_length(&ctx);
if (ivlen > 0) {
if (RAND_pseudo_bytes(iv, ivlen) <= 0)
if (RAND_bytes(iv, ivlen) <= 0)
goto err;
if (EVP_EncryptInit_ex(&ctx, NULL, NULL, NULL, iv) <= 0) {
CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_EVP_LIB);
@ -301,7 +301,7 @@ static int kek_wrap_key(unsigned char *out, size_t *outlen,
memcpy(out + 4, in, inlen);
/* Add random padding to end */
if (olen > inlen + 4
&& RAND_pseudo_bytes(out + 4 + inlen, olen - 4 - inlen) < 0)
&& RAND_bytes(out + 4 + inlen, olen - 4 - inlen) <= 0)
return 0;
/* Encrypt twice */
EVP_EncryptUpdate(ctx, out, &dummy, out, olen);

4
crypto/openssl/crypto/comp/comp.h
View file

@ -14,7 +14,7 @@ extern "C" {
typedef struct comp_ctx_st COMP_CTX;
typedef struct comp_method_st {
struct comp_method_st {
int type; /* NID for compression library */
const char *name; /* A text string to identify the library */
int (*init) (COMP_CTX *ctx);
@ -30,7 +30,7 @@ typedef struct comp_method_st {
*/
long (*ctrl) (void);
long (*callback_ctrl) (void);
} COMP_METHOD;
};
struct comp_ctx_st {
COMP_METHOD *meth;

44
crypto/openssl/crypto/conf/conf_def.h
View file

@ -81,34 +81,34 @@
#define KEYTYPES(c) ((unsigned short *)((c)->meth_data))
#ifndef CHARSET_EBCDIC
# define IS_COMMENT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_COMMENT)
# define IS_FCOMMENT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_FCOMMENT)
# define IS_EOF(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_EOF)
# define IS_ESC(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_ESC)
# define IS_NUMBER(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_NUMBER)
# define IS_WS(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_WS)
# define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC)
# define IS_COMMENT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_COMMENT)
# define IS_FCOMMENT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_FCOMMENT)
# define IS_EOF(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_EOF)
# define IS_ESC(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_ESC)
# define IS_NUMBER(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_NUMBER)
# define IS_WS(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_WS)
# define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC)
# define IS_ALPHA_NUMERIC_PUNCT(c,a) \
(KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC_PUNCT)
# define IS_QUOTE(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_QUOTE)
# define IS_DQUOTE(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_DQUOTE)
# define IS_HIGHBIT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_HIGHBIT)
# define IS_QUOTE(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_QUOTE)
# define IS_DQUOTE(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_DQUOTE)
# define IS_HIGHBIT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_HIGHBIT)
#else /* CHARSET_EBCDIC */
#else /*CHARSET_EBCDIC*/
# define IS_COMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_COMMENT)
# define IS_FCOMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_FCOMMENT)
# define IS_EOF(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_EOF)
# define IS_ESC(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ESC)
# define IS_NUMBER(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_NUMBER)
# define IS_WS(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_WS)
# define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC)
# define IS_COMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_COMMENT)
# define IS_FCOMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_FCOMMENT)
# define IS_EOF(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_EOF)
# define IS_ESC(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ESC)
# define IS_NUMBER(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_NUMBER)
# define IS_WS(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_WS)
# define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC)
# define IS_ALPHA_NUMERIC_PUNCT(c,a) \
(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC_PUNCT)
# define IS_QUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_QUOTE)
# define IS_DQUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_DQUOTE)
# define IS_HIGHBIT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_HIGHBIT)
#endif /* CHARSET_EBCDIC */
# define IS_QUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_QUOTE)
# define IS_DQUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_DQUOTE)
# define IS_HIGHBIT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_HIGHBIT)
#endif /*CHARSET_EBCDIC*/
static unsigned short CONF_type_default[256] = {
0x0008, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,

4
crypto/openssl/crypto/conf/conf_mod.c
View file

@ -288,6 +288,10 @@ static CONF_MODULE *module_add(DSO *dso, const char *name,
tmod->dso = dso;
tmod->name = BUF_strdup(name);
if (tmod->name == NULL) {
OPENSSL_free(tmod);
return NULL;
}
tmod->init = ifunc;
tmod->finish = ffunc;
tmod->links = 0;

116
crypto/openssl/crypto/conf/keysets.pl
View file

@ -59,21 +59,21 @@ print <<"EOF";
* This package is an SSL implementation written
* by Eric Young (eay\@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh\@cryptsoft.com).
*
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@ -88,10 +88,10 @@ print <<"EOF";
* Eric Young (eay\@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh\@cryptsoft.com)"
*
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@ -103,83 +103,85 @@ print <<"EOF";
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
/* THIS FILE WAS AUTOMAGICALLY GENERATED!
Please modify and use keysets.pl to regenerate it. */
/*
* THIS FILE WAS AUTOMAGICALLY GENERATED! Please modify and use keysets.pl to
* regenerate it.
*/
#define CONF_NUMBER $NUMBER
#define CONF_UPPER $UPPER
#define CONF_LOWER $LOWER
#define CONF_UNDER $UNDER
#define CONF_PUNCTUATION $PUNCTUATION
#define CONF_WS $WS
#define CONF_ESC $ESC
#define CONF_QUOTE $QUOTE
#define CONF_DQUOTE $DQUOTE
#define CONF_COMMENT $COMMENT
#define CONF_FCOMMENT $FCOMMENT
#define CONF_EOF $EOF
#define CONF_HIGHBIT $HIGHBIT
#define CONF_ALPHA (CONF_UPPER|CONF_LOWER)
#define CONF_ALPHA_NUMERIC (CONF_ALPHA|CONF_NUMBER|CONF_UNDER)
#define CONF_NUMBER $NUMBER
#define CONF_UPPER $UPPER
#define CONF_LOWER $LOWER
#define CONF_UNDER $UNDER
#define CONF_PUNCTUATION $PUNCTUATION
#define CONF_WS $WS
#define CONF_ESC $ESC
#define CONF_QUOTE $QUOTE
#define CONF_DQUOTE $DQUOTE
#define CONF_COMMENT $COMMENT
#define CONF_FCOMMENT $FCOMMENT
#define CONF_EOF $EOF
#define CONF_HIGHBIT $HIGHBIT
#define CONF_ALPHA (CONF_UPPER|CONF_LOWER)
#define CONF_ALPHA_NUMERIC (CONF_ALPHA|CONF_NUMBER|CONF_UNDER)
#define CONF_ALPHA_NUMERIC_PUNCT (CONF_ALPHA|CONF_NUMBER|CONF_UNDER| \\
CONF_PUNCTUATION)
CONF_PUNCTUATION)
#define KEYTYPES(c) ((unsigned short *)((c)->meth_data))
#define KEYTYPES(c) ((unsigned short *)((c)->meth_data))
#ifndef CHARSET_EBCDIC
#define IS_COMMENT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_COMMENT)
#define IS_FCOMMENT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_FCOMMENT)
#define IS_EOF(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_EOF)
#define IS_ESC(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_ESC)
#define IS_NUMBER(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_NUMBER)
#define IS_WS(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_WS)
#define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC)
#define IS_ALPHA_NUMERIC_PUNCT(c,a) \\
(KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC_PUNCT)
#define IS_QUOTE(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_QUOTE)
#define IS_DQUOTE(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_DQUOTE)
#define IS_HIGHBIT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_HIGHBIT)
# define IS_COMMENT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_COMMENT)
# define IS_FCOMMENT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_FCOMMENT)
# define IS_EOF(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_EOF)
# define IS_ESC(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_ESC)
# define IS_NUMBER(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_NUMBER)
# define IS_WS(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_WS)
# define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC)
# define IS_ALPHA_NUMERIC_PUNCT(c,a) \\
(KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC_PUNCT)
# define IS_QUOTE(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_QUOTE)
# define IS_DQUOTE(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_DQUOTE)
# define IS_HIGHBIT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_HIGHBIT)
#else /*CHARSET_EBCDIC*/
#define IS_COMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_COMMENT)
#define IS_FCOMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_FCOMMENT)
#define IS_EOF(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_EOF)
#define IS_ESC(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ESC)
#define IS_NUMBER(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_NUMBER)
#define IS_WS(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_WS)
#define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC)
#define IS_ALPHA_NUMERIC_PUNCT(c,a) \\
(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC_PUNCT)
#define IS_QUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_QUOTE)
#define IS_DQUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_DQUOTE)
#define IS_HIGHBIT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_HIGHBIT)
# define IS_COMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_COMMENT)
# define IS_FCOMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_FCOMMENT)
# define IS_EOF(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_EOF)
# define IS_ESC(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ESC)
# define IS_NUMBER(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_NUMBER)
# define IS_WS(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_WS)
# define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC)
# define IS_ALPHA_NUMERIC_PUNCT(c,a) \\
(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC_PUNCT)
# define IS_QUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_QUOTE)
# define IS_DQUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_DQUOTE)
# define IS_HIGHBIT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_HIGHBIT)
#endif /*CHARSET_EBCDIC*/
EOF
print "static unsigned short CONF_type_default[256]={";
print "static unsigned short CONF_type_default[256] = {";
for ($i=0; $i<256; $i++)
{
print "\n\t" if ($i % 8) == 0;
printf "0x%04X,",$V_def[$i];
print "\n " if ($i % 8) == 0;
printf " 0x%04X,",$V_def[$i];
}
print "\n\t};\n\n";
print "\n};\n\n";
print "static unsigned short CONF_type_win32[256]={";
print "static unsigned short CONF_type_win32[256] = {";
for ($i=0; $i<256; $i++)
{
print "\n\t" if ($i % 8) == 0;
printf "0x%04X,",$V_w32[$i];
print "\n " if ($i % 8) == 0;
printf " 0x%04X,",$V_w32[$i];
}
print "\n\t};\n\n";
print "\n};\n";

8
crypto/openssl/crypto/des/asm/dest4-sparcv9.pl
View file

@ -96,7 +96,7 @@ $code.=<<___;
des_t4_cbc_encrypt:
cmp $len, 0
be,pn $::size_t_cc, .Lcbc_abort
nop
srln $len, 0, $len ! needed on v8+, "nop" on v9
ld [$ivec + 0], %f0 ! load ivec
ld [$ivec + 4], %f1
@ -197,7 +197,7 @@ des_t4_cbc_encrypt:
des_t4_cbc_decrypt:
cmp $len, 0
be,pn $::size_t_cc, .Lcbc_abort
nop
srln $len, 0, $len ! needed on v8+, "nop" on v9
ld [$ivec + 0], %f2 ! load ivec
ld [$ivec + 4], %f3
@ -305,7 +305,7 @@ $code.=<<___;
des_t4_ede3_cbc_encrypt:
cmp $len, 0
be,pn $::size_t_cc, .Lcbc_abort
nop
srln $len, 0, $len ! needed on v8+, "nop" on v9
ld [$ivec + 0], %f0 ! load ivec
ld [$ivec + 4], %f1
@ -457,7 +457,7 @@ des_t4_ede3_cbc_encrypt:
des_t4_ede3_cbc_decrypt:
cmp $len, 0
be,pn $::size_t_cc, .Lcbc_abort
nop
srln $len, 0, $len ! needed on v8+, "nop" on v9
ld [$ivec + 0], %f2 ! load ivec
ld [$ivec + 4], %f3

2
crypto/openssl/crypto/des/des.c
View file

@ -456,7 +456,7 @@ void doencryption(void)
len = l - rem;
if (feof(DES_IN)) {
for (i = 7 - rem; i > 0; i--) {
if (RAND_pseudo_bytes(buf + l++, 1) < 0)
if (RAND_bytes(buf + l++, 1) <= 0)
goto problems;
}
buf[l++] = rem;

2
crypto/openssl/crypto/des/enc_writ.c
View file

@ -135,7 +135,7 @@ int DES_enc_write(int fd, const void *_buf, int len,
if (len < 8) {
cp = shortbuf;
memcpy(shortbuf, buf, len);
if (RAND_pseudo_bytes(shortbuf + len, 8 - len) < 0) {
if (RAND_bytes(shortbuf + len, 8 - len) <= 0) {
return -1;
}
rnum = 8;

2
crypto/openssl/crypto/dh/dh_ameth.c
View file

@ -519,7 +519,7 @@ static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
static int dh_missing_parameters(const EVP_PKEY *a)
{
if (!a->pkey.dh->p || !a->pkey.dh->g)
if (a->pkey.dh == NULL || a->pkey.dh->p == NULL || a->pkey.dh->g == NULL)
return 1;
return 0;
}

2
crypto/openssl/crypto/dsa/dsa_ameth.c
View file

@ -350,7 +350,7 @@ static int dsa_missing_parameters(const EVP_PKEY *pkey)
{
DSA *dsa;
dsa = pkey->pkey.dsa;
if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
if (dsa == NULL || dsa->p == NULL || dsa->q == NULL || dsa->g == NULL)
return 1;
return 0;
}

7
crypto/openssl/crypto/dsa/dsa_gen.c
View file

@ -185,6 +185,9 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
p = BN_CTX_get(ctx);
test = BN_CTX_get(ctx);
if (test == NULL)
goto err;
if (!BN_lshift(test, BN_value_one(), bits - 1))
goto err;
@ -197,7 +200,7 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
goto err;
if (!seed_len || !seed_in) {
if (RAND_pseudo_bytes(seed, qsize) < 0)
if (RAND_bytes(seed, qsize) <= 0)
goto err;
seed_is_random = 1;
} else {
@ -491,7 +494,7 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
goto err;
if (!seed_in) {
if (RAND_pseudo_bytes(seed, seed_len) < 0)
if (RAND_bytes(seed, seed_len) <= 0)
goto err;
}
/* step 2 */

7
crypto/openssl/crypto/dsa/dsa_ossl.c
View file

@ -247,11 +247,13 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
do
if (!BN_rand_range(&k, dsa->q))
goto err;
while (BN_is_zero(&k)) ;
while (BN_is_zero(&k));
if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
BN_set_flags(&k, BN_FLG_CONSTTIME);
}
if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,
CRYPTO_LOCK_DSA, dsa->p, ctx))
@ -264,6 +266,8 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
if (!BN_copy(&kq, &k))
goto err;
BN_set_flags(&kq, BN_FLG_CONSTTIME);
/*
* We do not want timing information to leak the length of k, so we
* compute g^k using an equivalent exponent of fixed length. (This
@ -282,6 +286,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
} else {
K = &k;
}
DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx,
dsa->method_mont_p);
if (!BN_mod(r, r, dsa->q, ctx))

2
crypto/openssl/crypto/ec/Makefile
View file

@ -131,7 +131,7 @@ ec_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
ec_ameth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
ec_ameth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
ec_ameth.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
ec_ameth.o: ec_ameth.c
ec_ameth.o: ec_ameth.c ec_lcl.h
ec_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
ec_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
ec_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h

139
crypto/openssl/crypto/ec/asm/ecp_nistz256-x86_64.pl
View file

@ -128,6 +128,7 @@ ecp_nistz256_mul_by_2:
push %r13
mov 8*0($a_ptr), $a0
xor $t4,$t4
mov 8*1($a_ptr), $a1
add $a0, $a0 # a0:a3+a0:a3
mov 8*2($a_ptr), $a2
@ -138,7 +139,7 @@ ecp_nistz256_mul_by_2:
adc $a2, $a2
adc $a3, $a3
mov $a1, $t1
sbb $t4, $t4
adc \$0, $t4
sub 8*0($a_ptr), $a0
mov $a2, $t2
@ -146,14 +147,14 @@ ecp_nistz256_mul_by_2:
sbb 8*2($a_ptr), $a2
mov $a3, $t3
sbb 8*3($a_ptr), $a3
test $t4, $t4
sbb \$0, $t4
cmovz $t0, $a0
cmovz $t1, $a1
cmovc $t0, $a0
cmovc $t1, $a1
mov $a0, 8*0($r_ptr)
cmovz $t2, $a2
cmovc $t2, $a2
mov $a1, 8*1($r_ptr)
cmovz $t3, $a3
cmovc $t3, $a3
mov $a2, 8*2($r_ptr)
mov $a3, 8*3($r_ptr)
@ -250,12 +251,12 @@ ecp_nistz256_mul_by_3:
sbb \$0, $a2
mov $a3, $t3
sbb .Lpoly+8*3(%rip), $a3
test $t4, $t4
sbb \$0, $t4
cmovz $t0, $a0
cmovz $t1, $a1
cmovz $t2, $a2
cmovz $t3, $a3
cmovc $t0, $a0
cmovc $t1, $a1
cmovc $t2, $a2
cmovc $t3, $a3
xor $t4, $t4
add 8*0($a_ptr), $a0 # a0:a3+=a_ptr[0:3]
@ -272,14 +273,14 @@ ecp_nistz256_mul_by_3:
sbb \$0, $a2
mov $a3, $t3
sbb .Lpoly+8*3(%rip), $a3
test $t4, $t4
sbb \$0, $t4
cmovz $t0, $a0
cmovz $t1, $a1
cmovc $t0, $a0
cmovc $t1, $a1
mov $a0, 8*0($r_ptr)
cmovz $t2, $a2
cmovc $t2, $a2
mov $a1, 8*1($r_ptr)
cmovz $t3, $a3
cmovc $t3, $a3
mov $a2, 8*2($r_ptr)
mov $a3, 8*3($r_ptr)
@ -318,14 +319,14 @@ ecp_nistz256_add:
sbb 8*2($a_ptr), $a2
mov $a3, $t3
sbb 8*3($a_ptr), $a3
test $t4, $t4
sbb \$0, $t4
cmovz $t0, $a0
cmovz $t1, $a1
cmovc $t0, $a0
cmovc $t1, $a1
mov $a0, 8*0($r_ptr)
cmovz $t2, $a2
cmovc $t2, $a2
mov $a1, 8*1($r_ptr)
cmovz $t3, $a3
cmovc $t3, $a3
mov $a2, 8*2($r_ptr)
mov $a3, 8*3($r_ptr)
@ -1840,13 +1841,14 @@ $code.=<<___;
.type __ecp_nistz256_add_toq,\@abi-omnipotent
.align 32
__ecp_nistz256_add_toq:
xor $t4,$t4
add 8*0($b_ptr), $a0
adc 8*1($b_ptr), $a1
mov $a0, $t0
adc 8*2($b_ptr), $a2
adc 8*3($b_ptr), $a3
mov $a1, $t1
sbb $t4, $t4
adc \$0, $t4
sub \$-1, $a0
mov $a2, $t2
@ -1854,14 +1856,14 @@ __ecp_nistz256_add_toq:
sbb \$0, $a2
mov $a3, $t3
sbb $poly3, $a3
test $t4, $t4
sbb \$0, $t4
cmovz $t0, $a0
cmovz $t1, $a1
cmovc $t0, $a0
cmovc $t1, $a1
mov $a0, 8*0($r_ptr)
cmovz $t2, $a2
cmovc $t2, $a2
mov $a1, 8*1($r_ptr)
cmovz $t3, $a3
cmovc $t3, $a3
mov $a2, 8*2($r_ptr)
mov $a3, 8*3($r_ptr)
@ -1929,13 +1931,14 @@ __ecp_nistz256_subq:
.type __ecp_nistz256_mul_by_2q,\@abi-omnipotent
.align 32
__ecp_nistz256_mul_by_2q:
xor $t4, $t4
add $a0, $a0 # a0:a3+a0:a3
adc $a1, $a1
mov $a0, $t0
adc $a2, $a2
adc $a3, $a3
mov $a1, $t1
sbb $t4, $t4
adc \$0, $t4
sub \$-1, $a0
mov $a2, $t2
@ -1943,14 +1946,14 @@ __ecp_nistz256_mul_by_2q:
sbb \$0, $a2
mov $a3, $t3
sbb $poly3, $a3
test $t4, $t4
sbb \$0, $t4
cmovz $t0, $a0
cmovz $t1, $a1
cmovc $t0, $a0
cmovc $t1, $a1
mov $a0, 8*0($r_ptr)
cmovz $t2, $a2
cmovc $t2, $a2
mov $a1, 8*1($r_ptr)
cmovz $t3, $a3
cmovc $t3, $a3
mov $a2, 8*2($r_ptr)
mov $a3, 8*3($r_ptr)
@ -2241,16 +2244,14 @@ $code.=<<___;
mov $b_org, $a_ptr # reassign
movdqa %xmm0, $in1_x(%rsp)
movdqa %xmm1, $in1_x+0x10(%rsp)
por %xmm0, %xmm1
movdqa %xmm2, $in1_y(%rsp)
movdqa %xmm3, $in1_y+0x10(%rsp)
por %xmm2, %xmm3
movdqa %xmm4, $in1_z(%rsp)
movdqa %xmm5, $in1_z+0x10(%rsp)
por %xmm1, %xmm3
por %xmm4, %xmm5
movdqu 0x00($a_ptr), %xmm0 # copy *(P256_POINT *)$b_ptr
pshufd \$0xb1, %xmm3, %xmm5
pshufd \$0xb1, %xmm5, %xmm3
movdqu 0x10($a_ptr), %xmm1
movdqu 0x20($a_ptr), %xmm2
por %xmm3, %xmm5
@ -2262,14 +2263,14 @@ $code.=<<___;
movdqa %xmm0, $in2_x(%rsp)
pshufd \$0x1e, %xmm5, %xmm4
movdqa %xmm1, $in2_x+0x10(%rsp)
por %xmm0, %xmm1
movq $r_ptr, %xmm0 # save $r_ptr
movdqu 0x40($a_ptr),%xmm0 # in2_z again
movdqu 0x50($a_ptr),%xmm1
movdqa %xmm2, $in2_y(%rsp)
movdqa %xmm3, $in2_y+0x10(%rsp)
por %xmm2, %xmm3
por %xmm4, %xmm5
pxor %xmm4, %xmm4
por %xmm1, %xmm3
por %xmm0, %xmm1
movq $r_ptr, %xmm0 # save $r_ptr
lea 0x40-$bias($a_ptr), $a_ptr # $a_ptr is still valid
mov $src0, $in2_z+8*0(%rsp) # make in2_z copy
@ -2280,8 +2281,8 @@ $code.=<<___;
call __ecp_nistz256_sqr_mont$x # p256_sqr_mont(Z2sqr, in2_z);
pcmpeqd %xmm4, %xmm5
pshufd \$0xb1, %xmm3, %xmm4
por %xmm3, %xmm4
pshufd \$0xb1, %xmm1, %xmm4
por %xmm1, %xmm4
pshufd \$0, %xmm5, %xmm5 # in1infty
pshufd \$0x1e, %xmm4, %xmm3
por %xmm3, %xmm4
@ -2405,6 +2406,7 @@ $code.=<<___;
#lea $Hsqr(%rsp), $r_ptr # 2*U1*H^2
#call __ecp_nistz256_mul_by_2 # ecp_nistz256_mul_by_2(Hsqr, U2);
xor $t4, $t4
add $acc0, $acc0 # a0:a3+a0:a3
lea $Rsqr(%rsp), $a_ptr
adc $acc1, $acc1
@ -2412,7 +2414,7 @@ $code.=<<___;
adc $acc2, $acc2
adc $acc3, $acc3
mov $acc1, $t1
sbb $t4, $t4
adc \$0, $t4
sub \$-1, $acc0
mov $acc2, $t2
@ -2420,15 +2422,15 @@ $code.=<<___;
sbb \$0, $acc2
mov $acc3, $t3
sbb $poly3, $acc3
test $t4, $t4
sbb \$0, $t4
cmovz $t0, $acc0
cmovc $t0, $acc0
mov 8*0($a_ptr), $t0
cmovz $t1, $acc1
cmovc $t1, $acc1
mov 8*1($a_ptr), $t1
cmovz $t2, $acc2
cmovc $t2, $acc2
mov 8*2($a_ptr), $t2
cmovz $t3, $acc3
cmovc $t3, $acc3
mov 8*3($a_ptr), $t3
call __ecp_nistz256_sub$x # p256_sub(res_x, Rsqr, Hsqr);
@ -2612,16 +2614,14 @@ $code.=<<___;
mov 0x40+8*3($a_ptr), $acc0
movdqa %xmm0, $in1_x(%rsp)
movdqa %xmm1, $in1_x+0x10(%rsp)
por %xmm0, %xmm1
movdqa %xmm2, $in1_y(%rsp)
movdqa %xmm3, $in1_y+0x10(%rsp)
por %xmm2, %xmm3
movdqa %xmm4, $in1_z(%rsp)
movdqa %xmm5, $in1_z+0x10(%rsp)
por %xmm1, %xmm3
por %xmm4, %xmm5
movdqu 0x00($b_ptr), %xmm0 # copy *(P256_POINT_AFFINE *)$b_ptr
pshufd \$0xb1, %xmm3, %xmm5
pshufd \$0xb1, %xmm5, %xmm3
movdqu 0x10($b_ptr), %xmm1
movdqu 0x20($b_ptr), %xmm2
por %xmm3, %xmm5
@ -2710,6 +2710,7 @@ $code.=<<___;
#lea $Hsqr(%rsp), $r_ptr # 2*U1*H^2
#call __ecp_nistz256_mul_by_2 # ecp_nistz256_mul_by_2(Hsqr, U2);
xor $t4, $t4
add $acc0, $acc0 # a0:a3+a0:a3
lea $Rsqr(%rsp), $a_ptr
adc $acc1, $acc1
@ -2717,7 +2718,7 @@ $code.=<<___;
adc $acc2, $acc2
adc $acc3, $acc3
mov $acc1, $t1
sbb $t4, $t4
adc \$0, $t4
sub \$-1, $acc0
mov $acc2, $t2
@ -2725,15 +2726,15 @@ $code.=<<___;
sbb \$0, $acc2
mov $acc3, $t3
sbb $poly3, $acc3
test $t4, $t4
sbb \$0, $t4
cmovz $t0, $acc0
cmovc $t0, $acc0
mov 8*0($a_ptr), $t0
cmovz $t1, $acc1
cmovc $t1, $acc1
mov 8*1($a_ptr), $t1
cmovz $t2, $acc2
cmovc $t2, $acc2
mov 8*2($a_ptr), $t2
cmovz $t3, $acc3
cmovc $t3, $acc3
mov 8*3($a_ptr), $t3
call __ecp_nistz256_sub$x # p256_sub(res_x, Rsqr, Hsqr);
@ -2885,14 +2886,14 @@ __ecp_nistz256_add_tox:
sbb \$0, $a2
mov $a3, $t3
sbb $poly3, $a3
sbb \$0, $t4
bt \$0, $t4
cmovnc $t0, $a0
cmovnc $t1, $a1
cmovc $t0, $a0
cmovc $t1, $a1
mov $a0, 8*0($r_ptr)
cmovnc $t2, $a2
cmovc $t2, $a2
mov $a1, 8*1($r_ptr)
cmovnc $t3, $a3
cmovc $t3, $a3
mov $a2, 8*2($r_ptr)
mov $a3, 8*3($r_ptr)
@ -2980,14 +2981,14 @@ __ecp_nistz256_mul_by_2x:
sbb \$0, $a2
mov $a3, $t3
sbb $poly3, $a3
sbb \$0, $t4
bt \$0, $t4
cmovnc $t0, $a0
cmovnc $t1, $a1
cmovc $t0, $a0
cmovc $t1, $a1
mov $a0, 8*0($r_ptr)
cmovnc $t2, $a2
cmovc $t2, $a2
mov $a1, 8*1($r_ptr)
cmovnc $t3, $a3
cmovc $t3, $a3
mov $a2, 8*2($r_ptr)
mov $a3, 8*3($r_ptr)

32
crypto/openssl/crypto/ec/ec_ameth.c
View file

@ -66,9 +66,12 @@
#endif
#include <openssl/asn1t.h>
#include "asn1_locl.h"
#include "ec_lcl.h"
#ifndef OPENSSL_NO_CMS
static int ecdh_cms_decrypt(CMS_RecipientInfo *ri);
static int ecdh_cms_encrypt(CMS_RecipientInfo *ri);
#endif
static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key)
{
@ -221,6 +224,8 @@ static int eckey_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
const EC_GROUP *group = EC_KEY_get0_group(b->pkey.ec);
const EC_POINT *pa = EC_KEY_get0_public_key(a->pkey.ec),
*pb = EC_KEY_get0_public_key(b->pkey.ec);
if (group == NULL || pa == NULL || pb == NULL)
return -2;
r = EC_POINT_cmp(group, pa, pb, NULL);
if (r == 0)
return 1;
@ -299,15 +304,13 @@ static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
{
EC_KEY *ec_key;
EC_KEY ec_key = *(pkey->pkey.ec);
unsigned char *ep, *p;
int eplen, ptype;
void *pval;
unsigned int tmp_flags, old_flags;
unsigned int old_flags;
ec_key = pkey->pkey.ec;
if (!eckey_param2type(&ptype, &pval, ec_key)) {
if (!eckey_param2type(&ptype, &pval, &ec_key)) {
ECerr(EC_F_ECKEY_PRIV_ENCODE, EC_R_DECODE_ERROR);
return 0;
}
@ -318,30 +321,25 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
* do not include the parameters in the SEC1 private key see PKCS#11
* 12.11
*/
old_flags = EC_KEY_get_enc_flags(ec_key);
tmp_flags = old_flags | EC_PKEY_NO_PARAMETERS;
EC_KEY_set_enc_flags(ec_key, tmp_flags);
eplen = i2d_ECPrivateKey(ec_key, NULL);
old_flags = EC_KEY_get_enc_flags(&ec_key);
EC_KEY_set_enc_flags(&ec_key, old_flags | EC_PKEY_NO_PARAMETERS);
eplen = i2d_ECPrivateKey(&ec_key, NULL);
if (!eplen) {
EC_KEY_set_enc_flags(ec_key, old_flags);
ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
return 0;
}
ep = (unsigned char *)OPENSSL_malloc(eplen);
if (!ep) {
EC_KEY_set_enc_flags(ec_key, old_flags);
ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
return 0;
}
p = ep;
if (!i2d_ECPrivateKey(ec_key, &p)) {
EC_KEY_set_enc_flags(ec_key, old_flags);
if (!i2d_ECPrivateKey(&ec_key, &p)) {
OPENSSL_free(ep);
ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
return 0;
}
/* restore old encoding flags */
EC_KEY_set_enc_flags(ec_key, old_flags);
if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_X9_62_id_ecPublicKey), 0,
ptype, pval, ep, eplen))
@ -378,7 +376,7 @@ static int ec_bits(const EVP_PKEY *pkey)
static int ec_missing_parameters(const EVP_PKEY *pkey)
{
if (EC_KEY_get0_group(pkey->pkey.ec) == NULL)
if (pkey->pkey.ec == NULL || EC_KEY_get0_group(pkey->pkey.ec) == NULL)
return 1;
return 0;
}
@ -398,6 +396,8 @@ static int ec_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
{
const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec),
*group_b = EC_KEY_get0_group(b->pkey.ec);
if (group_a == NULL || group_b == NULL)
return -2;
if (EC_GROUP_cmp(group_a, group_b, NULL))
return 0;
else

13
crypto/openssl/crypto/ec/ec_key.c
View file

@ -377,9 +377,9 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
return 0;
}
ctx = BN_CTX_new();
if (!ctx)
goto err;
if (ctx == NULL)
return 0;
BN_CTX_start(ctx);
point = EC_POINT_new(key->group);
if (!point)
@ -432,10 +432,9 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
ok = 1;
err:
if (ctx)
BN_CTX_free(ctx);
if (point)
EC_POINT_free(point);
BN_CTX_end(ctx);
BN_CTX_free(ctx);
EC_POINT_free(point);
return ok;
}

127
crypto/openssl/crypto/ec/ecp_nistz256.c
View file

@ -82,19 +82,36 @@ typedef struct ec_pre_comp_st {
} EC_PRE_COMP;
/* Functions implemented in assembly */
/* Modular mul by 2: res = 2*a mod P */
void ecp_nistz256_mul_by_2(BN_ULONG res[P256_LIMBS],
const BN_ULONG a[P256_LIMBS]);
/* Modular div by 2: res = a/2 mod P */
void ecp_nistz256_div_by_2(BN_ULONG res[P256_LIMBS],
const BN_ULONG a[P256_LIMBS]);
/* Modular mul by 3: res = 3*a mod P */
void ecp_nistz256_mul_by_3(BN_ULONG res[P256_LIMBS],
const BN_ULONG a[P256_LIMBS]);
/*
* Most of below mentioned functions *preserve* the property of inputs
* being fully reduced, i.e. being in [0, modulus) range. Simply put if
* inputs are fully reduced, then output is too. Note that reverse is
* not true, in sense that given partially reduced inputs output can be
* either, not unlikely reduced. And "most" in first sentence refers to
* the fact that given the calculations flow one can tolerate that
* addition, 1st function below, produces partially reduced result *if*
* multiplications by 2 and 3, which customarily use addition, fully
* reduce it. This effectively gives two options: a) addition produces
* fully reduced result [as long as inputs are, just like remaining
* functions]; b) addition is allowed to produce partially reduced
* result, but multiplications by 2 and 3 perform additional reduction
* step. Choice between the two can be platform-specific, but it was a)
* in all cases so far...
*/
/* Modular add: res = a+b mod P */
void ecp_nistz256_add(BN_ULONG res[P256_LIMBS],
const BN_ULONG a[P256_LIMBS],
const BN_ULONG b[P256_LIMBS]);
/* Modular mul by 2: res = 2*a mod P */
void ecp_nistz256_mul_by_2(BN_ULONG res[P256_LIMBS],
const BN_ULONG a[P256_LIMBS]);
/* Modular mul by 3: res = 3*a mod P */
void ecp_nistz256_mul_by_3(BN_ULONG res[P256_LIMBS],
const BN_ULONG a[P256_LIMBS]);
/* Modular div by 2: res = a/2 mod P */
void ecp_nistz256_div_by_2(BN_ULONG res[P256_LIMBS],
const BN_ULONG a[P256_LIMBS]);
/* Modular sub: res = a-b mod P */
void ecp_nistz256_sub(BN_ULONG res[P256_LIMBS],
const BN_ULONG a[P256_LIMBS],
@ -205,21 +222,29 @@ static BN_ULONG is_equal(const BN_ULONG a[P256_LIMBS],
return is_zero(res);
}
static BN_ULONG is_one(const BN_ULONG a[P256_LIMBS])
static BN_ULONG is_one(const BIGNUM *z)
{
BN_ULONG res;
BN_ULONG res = 0;
BN_ULONG *a = z->d;
res = a[0] ^ ONE[0];
res |= a[1] ^ ONE[1];
res |= a[2] ^ ONE[2];
res |= a[3] ^ ONE[3];
if (P256_LIMBS == 8) {
res |= a[4] ^ ONE[4];
res |= a[5] ^ ONE[5];
res |= a[6] ^ ONE[6];
if (z->top == (P256_LIMBS - P256_LIMBS / 8)) {
res = a[0] ^ ONE[0];
res |= a[1] ^ ONE[1];
res |= a[2] ^ ONE[2];
res |= a[3] ^ ONE[3];
if (P256_LIMBS == 8) {
res |= a[4] ^ ONE[4];
res |= a[5] ^ ONE[5];
res |= a[6] ^ ONE[6];
/*
* no check for a[7] (being zero) on 32-bit platforms,
* because value of "one" takes only 7 limbs.
*/
}
res = is_zero(res);
}
return is_zero(res);
return res;
}
static int ecp_nistz256_set_words(BIGNUM *a, BN_ULONG words[P256_LIMBS])
@ -315,19 +340,16 @@ static void ecp_nistz256_point_add(P256_POINT *r,
const BN_ULONG *in2_y = b->Y;
const BN_ULONG *in2_z = b->Z;
/* We encode infinity as (0,0), which is not on the curve,
* so it is OK. */
in1infty = (in1_x[0] | in1_x[1] | in1_x[2] | in1_x[3] |
in1_y[0] | in1_y[1] | in1_y[2] | in1_y[3]);
/*
* Infinity in encoded as (,,0)
*/
in1infty = (in1_z[0] | in1_z[1] | in1_z[2] | in1_z[3]);
if (P256_LIMBS == 8)
in1infty |= (in1_x[4] | in1_x[5] | in1_x[6] | in1_x[7] |
in1_y[4] | in1_y[5] | in1_y[6] | in1_y[7]);
in1infty |= (in1_z[4] | in1_z[5] | in1_z[6] | in1_z[7]);
in2infty = (in2_x[0] | in2_x[1] | in2_x[2] | in2_x[3] |
in2_y[0] | in2_y[1] | in2_y[2] | in2_y[3]);
in2infty = (in2_z[0] | in2_z[1] | in2_z[2] | in2_z[3]);
if (P256_LIMBS == 8)
in2infty |= (in2_x[4] | in2_x[5] | in2_x[6] | in2_x[7] |
in2_y[4] | in2_y[5] | in2_y[6] | in2_y[7]);
in2infty |= (in2_z[4] | in2_z[5] | in2_z[6] | in2_z[7]);
in1infty = is_zero(in1infty);
in2infty = is_zero(in2infty);
@ -416,15 +438,16 @@ static void ecp_nistz256_point_add_affine(P256_POINT *r,
const BN_ULONG *in2_y = b->Y;
/*
* In affine representation we encode infty as (0,0), which is not on the
* curve, so it is OK
* Infinity in encoded as (,,0)
*/
in1infty = (in1_x[0] | in1_x[1] | in1_x[2] | in1_x[3] |
in1_y[0] | in1_y[1] | in1_y[2] | in1_y[3]);
in1infty = (in1_z[0] | in1_z[1] | in1_z[2] | in1_z[3]);
if (P256_LIMBS == 8)
in1infty |= (in1_x[4] | in1_x[5] | in1_x[6] | in1_x[7] |
in1_y[4] | in1_y[5] | in1_y[6] | in1_y[7]);
in1infty |= (in1_z[4] | in1_z[5] | in1_z[6] | in1_z[7]);
/*
* In affine representation we encode infinity as (0,0), which is
* not on the curve, so it is OK
*/
in2infty = (in2_x[0] | in2_x[1] | in2_x[2] | in2_x[3] |
in2_y[0] | in2_y[1] | in2_y[2] | in2_y[3]);
if (P256_LIMBS == 8)
@ -741,9 +764,8 @@ static int ecp_nistz256_is_affine_G(const EC_POINT *generator)
{
return (generator->X.top == P256_LIMBS) &&
(generator->Y.top == P256_LIMBS) &&
(generator->Z.top == (P256_LIMBS - P256_LIMBS / 8)) &&
is_equal(generator->X.d, def_xG) &&
is_equal(generator->Y.d, def_yG) && is_one(generator->Z.d);
is_equal(generator->Y.d, def_yG) && is_one(&generator->Z);
}
static int ecp_nistz256_mult_precompute(EC_GROUP *group, BN_CTX *ctx)
@ -1249,6 +1271,8 @@ static int ecp_nistz256_points_mul(const EC_GROUP *group,
} else
#endif
{
BN_ULONG infty;
/* First window */
wvalue = (p_str[0] << 1) & mask;
index += window_size;
@ -1260,7 +1284,30 @@ static int ecp_nistz256_points_mul(const EC_GROUP *group,
ecp_nistz256_neg(p.p.Z, p.p.Y);
copy_conditional(p.p.Y, p.p.Z, wvalue & 1);
memcpy(p.p.Z, ONE, sizeof(ONE));
/*
* Since affine infinity is encoded as (0,0) and
* Jacobian ias (,,0), we need to harmonize them
* by assigning "one" or zero to Z.
*/
infty = (p.p.X[0] | p.p.X[1] | p.p.X[2] | p.p.X[3] |
p.p.Y[0] | p.p.Y[1] | p.p.Y[2] | p.p.Y[3]);
if (P256_LIMBS == 8)
infty |= (p.p.X[4] | p.p.X[5] | p.p.X[6] | p.p.X[7] |
p.p.Y[4] | p.p.Y[5] | p.p.Y[6] | p.p.Y[7]);
infty = 0 - is_zero(infty);
infty = ~infty;
p.p.Z[0] = ONE[0] & infty;
p.p.Z[1] = ONE[1] & infty;
p.p.Z[2] = ONE[2] & infty;
p.p.Z[3] = ONE[3] & infty;
if (P256_LIMBS == 8) {
p.p.Z[4] = ONE[4] & infty;
p.p.Z[5] = ONE[5] & infty;
p.p.Z[6] = ONE[6] & infty;
p.p.Z[7] = ONE[7] & infty;
}
for (i = 1; i < 37; i++) {
unsigned int off = (index - 1) / 8;
@ -1331,7 +1378,7 @@ static int ecp_nistz256_points_mul(const EC_GROUP *group,
!ecp_nistz256_set_words(&r->Z, p.p.Z)) {
goto err;
}
r->Z_is_one = is_one(p.p.Z) & 1;
r->Z_is_one = is_one(&r->Z) & 1;
ret = 1;

29
crypto/openssl/crypto/engine/eng_cryptodev.c
View file

@ -26,6 +26,7 @@
*
*/
#include <string.h>
#include <openssl/objects.h>
#include <openssl/engine.h>
#include <openssl/evp.h>
@ -934,11 +935,15 @@ static int cryptodev_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
return (0);
}
dstate->mac_len = fstate->mac_len;
if (fstate->mac_len != 0) {
if (fstate->mac_data != NULL) {
dstate->mac_data = OPENSSL_malloc(fstate->mac_len);
if (dstate->ac_data == NULL) {
printf("cryptodev_digest_init: malloc failed\n");
return 0;
}
memcpy(dstate->mac_data, fstate->mac_data, fstate->mac_len);
dstate->mac_len = fstate->mac_len;
}
}
@ -1064,8 +1069,7 @@ static void zapparams(struct crypt_kop *kop)
int i;
for (i = 0; i < kop->crk_iparams + kop->crk_oparams; i++) {
if (kop->crk_param[i].crp_p)
free(kop->crk_param[i].crp_p);
OPENSSL_free(kop->crk_param[i].crp_p);
kop->crk_param[i].crp_p = NULL;
kop->crk_param[i].crp_nbits = 0;
}
@ -1078,16 +1082,25 @@ cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen,
int fd, ret = -1;
if ((fd = get_asym_dev_crypto()) < 0)
return (ret);
return ret;
if (r) {
kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char));
kop->crk_param[kop->crk_iparams].crp_p = OPENSSL_malloc(rlen);
if (kop->crk_param[kop->crk_iparams].crp_p == NULL)
return ret;
memset(kop->crk_param[kop->crk_iparams].crp_p, 0, (size_t)rlen);
kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8;
kop->crk_oparams++;
}
if (s) {
kop->crk_param[kop->crk_iparams + 1].crp_p =
calloc(slen, sizeof(char));
kop->crk_param[kop->crk_iparams + 1].crp_p = OPENSSL_malloc(slen);
/* No need to free the kop->crk_iparams parameter if it was allocated,
* callers of this routine have to free allocated parameters through
* zapparams both in case of success and failure
*/
if (kop->crk_param[kop->crk_iparams+1].crp_p == NULL)
return ret;
memset(kop->crk_param[kop->crk_iparams + 1].crp_p, 0, (size_t)slen);
kop->crk_param[kop->crk_iparams + 1].crp_nbits = slen * 8;
kop->crk_oparams++;
}
@ -1100,7 +1113,7 @@ cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen,
ret = 0;
}
return (ret);
return ret;
}
static int

21
crypto/openssl/crypto/evp/bio_enc.c
View file

@ -201,9 +201,14 @@ static int enc_read(BIO *b, char *out, int outl)
break;
}
} else {
EVP_CipherUpdate(&(ctx->cipher),
(unsigned char *)ctx->buf, &ctx->buf_len,
(unsigned char *)&(ctx->buf[BUF_OFFSET]), i);
if (!EVP_CipherUpdate(&ctx->cipher,
(unsigned char *)ctx->buf, &ctx->buf_len,
(unsigned char *)&(ctx->buf[BUF_OFFSET]),
i)) {
BIO_clear_retry_flags(b);
ctx->ok = 0;
return 0;
}
ctx->cont = 1;
/*
* Note: it is possible for EVP_CipherUpdate to decrypt zero
@ -260,9 +265,13 @@ static int enc_write(BIO *b, const char *in, int inl)
ctx->buf_off = 0;
while (inl > 0) {
n = (inl > ENC_BLOCK_SIZE) ? ENC_BLOCK_SIZE : inl;
EVP_CipherUpdate(&(ctx->cipher),
(unsigned char *)ctx->buf, &ctx->buf_len,
(unsigned char *)in, n);
if (!EVP_CipherUpdate(&ctx->cipher,
(unsigned char *)ctx->buf, &ctx->buf_len,
(unsigned char *)in, n)) {
BIO_clear_retry_flags(b);
ctx->ok = 0;
return 0;
}
inl -= n;
in += n;

2
crypto/openssl/crypto/evp/bio_ok.c
View file

@ -491,7 +491,7 @@ static int sig_out(BIO *b)
* FIXME: there's absolutely no guarantee this makes any sense at all,
* particularly now EVP_MD_CTX has been restructured.
*/
if (RAND_pseudo_bytes(md->md_data, md->digest->md_size) < 0)
if (RAND_bytes(md->md_data, md->digest->md_size) <= 0)
goto berr;
memcpy(&(ctx->buf[ctx->buf_len]), md->md_data, md->digest->md_size);
longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size);

5
crypto/openssl/crypto/evp/c_all.c
View file

@ -82,9 +82,4 @@ void OPENSSL_add_all_algorithms_noconf(void)
OPENSSL_cpuid_setup();
OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();
#ifndef OPENSSL_NO_ENGINE
# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
ENGINE_setup_bsd_cryptodev();
# endif
#endif
}

16
crypto/openssl/crypto/evp/digest.c
View file

@ -253,10 +253,10 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
{
#ifdef OPENSSL_FIPS
return FIPS_digestupdate(ctx, data, count);
#else
return ctx->update(ctx, data, count);
if (FIPS_mode())
return FIPS_digestupdate(ctx, data, count);
#endif
return ctx->update(ctx, data, count);
}
/* The caller can assume that this removes any secret data from the context */
@ -271,10 +271,11 @@ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
/* The caller can assume that this removes any secret data from the context */
int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
{
#ifdef OPENSSL_FIPS
return FIPS_digestfinal(ctx, md, size);
#else
int ret;
#ifdef OPENSSL_FIPS
if (FIPS_mode())
return FIPS_digestfinal(ctx, md, size);
#endif
OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
ret = ctx->digest->final(ctx, md);
@ -284,9 +285,8 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
ctx->digest->cleanup(ctx);
EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
}
memset(ctx->md_data, 0, ctx->digest->ctx_size);
OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size);
return ret;
#endif
}
int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)

4
crypto/openssl/crypto/evp/e_rc4_hmac_md5.c
View file

@ -99,7 +99,7 @@ static int rc4_hmac_md5_init_key(EVP_CIPHER_CTX *ctx,
return 1;
}
# if !defined(OPENSSL_NO_ASM) && ( \
# if defined(RC4_ASM) && defined(MD5_ASM) && ( \
defined(__x86_64) || defined(__x86_64__) || \
defined(_M_AMD64) || defined(_M_X64) || \
defined(__INTEL__) ) && \
@ -254,6 +254,8 @@ static int rc4_hmac_md5_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
MD5_Init(&key->tail);
MD5_Update(&key->tail, hmac_key, sizeof(hmac_key));
OPENSSL_cleanse(hmac_key, sizeof(hmac_key));
return 1;
}
case EVP_CTRL_AEAD_TLS1_AAD:

3
crypto/openssl/crypto/evp/e_seed.c
View file

@ -70,7 +70,8 @@ typedef struct {
} EVP_SEED_KEY;
IMPLEMENT_BLOCK_CIPHER(seed, ks, SEED, EVP_SEED_KEY, NID_seed,
16, 16, 16, 128, 0, seed_init_key, 0, 0, 0, 0)
16, 16, 16, 128, EVP_CIPH_FLAG_DEFAULT_ASN1,
seed_init_key, 0, 0, 0, 0)
static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)

2
crypto/openssl/crypto/evp/evp_enc.c
View file

@ -170,7 +170,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
#ifdef OPENSSL_FIPS
if (FIPS_mode()) {
const EVP_CIPHER *fcipher;
const EVP_CIPHER *fcipher = NULL;
if (cipher)
fcipher = evp_get_fips_cipher(cipher);
if (fcipher)

4
crypto/openssl/crypto/evp/evp_test.c
View file

@ -76,6 +76,7 @@ static void hexdump(FILE *f, const char *title, const unsigned char *s, int l)
static int convert(unsigned char *s)
{
unsigned char *d;
int digits = 0;
for (d = s; *s; s += 2, ++d) {
unsigned int n;
@ -86,8 +87,9 @@ static int convert(unsigned char *s)
}
sscanf((char *)s, "%2x", &n);
*d = (unsigned char)n;
digits++;
}
return s - d;
return digits;
}
static char *sstrsep(char **string, const char *delim)

Some files were not shown because too many files have changed in this diff Show more