Merge conflicts after import of OpenSSL 0.9.7c.

2003-10-01 12:37:51 +00:00 · 2003-10-01 12:37:51 +00:00 · 5fad2af4e3
commit 5fad2af4e3
parent 8ae0780c3a
5 changed files with 170 additions and 114 deletions
--- a/crypto/openssl/crypto/rsa/rsa.h
+++ b/crypto/openssl/crypto/rsa/rsa.h
@ -55,6 +55,7 @@
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */
 /* $FreeBSD$ */
 #ifndef HEADER_RSA_H
 #define HEADER_RSA_H
@ -170,6 +171,12 @@ struct rsa_st
 */
 #define RSA_FLAG_SIGN_VER		0x40
 #define RSA_FLAG_NO_BLINDING		0x80 /* new with 0.9.6j and 0.9.7b; the built-in
                                              * RSA implementation now uses blinding by
                                              * default (ignoring RSA_FLAG_BLINDING),
                                              * but other engines might not need it
                                              */
 #define RSA_PKCS1_PADDING	1
 #define RSA_SSLV23_PADDING	2
 #define RSA_NO_PADDING		3
--- a/crypto/openssl/crypto/rsa/rsa_eay.c
+++ b/crypto/openssl/crypto/rsa/rsa_eay.c
@ -55,15 +55,13 @@
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */
 /* $FreeBSD$ */
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/bn.h>
 #include <openssl/rsa.h>
 #include <openssl/rand.h>
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
 #ifndef RSA_NULL
@ -208,12 +206,46 @@ static int rsa_eay_blinding(RSA *rsa, BN_CTX *ctx)
 #define BLINDING_HELPER(rsa, ctx, err_instr) \
 	do { \
-		if(((rsa)->flags & RSA_FLAG_BLINDING) && \
+		if((!((rsa)->flags & RSA_FLAG_NO_BLINDING)) && \
-				((rsa)->blinding == NULL) && \
+		    ((rsa)->blinding == NULL) && \
-				!rsa_eay_blinding(rsa, ctx)) \
+		    !rsa_eay_blinding(rsa, ctx)) \
-			err_instr \
+		    err_instr \
 	} while(0)
 static BN_BLINDING *setup_blinding(RSA *rsa, BN_CTX *ctx)
 	{
 	BIGNUM *A, *Ai;
 	BN_BLINDING *ret = NULL;
 	/* added in OpenSSL 0.9.6j and 0.9.7b */
 	/* NB: similar code appears in RSA_blinding_on (rsa_lib.c);
 	 * this should be placed in a new function of its own, but for reasons
 	 * of binary compatibility can't */
 	BN_CTX_start(ctx);
 	A = BN_CTX_get(ctx);
 	if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL)
 		{
 		/* if PRNG is not properly seeded, resort to secret exponent as unpredictable seed */
 		RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0);
 		if (!BN_pseudo_rand_range(A,rsa->n)) goto err;
 		}
 	else
 		{
 		if (!BN_rand_range(A,rsa->n)) goto err;
 		}
 	if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err;
 	if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n))
 		goto err;
 	ret = BN_BLINDING_new(A,Ai,rsa->n);
 	BN_free(Ai);
 err:
 	BN_CTX_end(ctx);
 	return ret;
 	}
 /* signing */
 static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
 	     unsigned char *to, RSA *rsa, int padding)
@ -222,6 +254,8 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
 	int i,j,k,num=0,r= -1;
 	unsigned char *buf=NULL;
 	BN_CTX *ctx=NULL;
 	int local_blinding = 0;
 	BN_BLINDING *blinding = NULL;
 	BN_init(&f);
 	BN_init(&ret);
@ -259,9 +293,38 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
 		}
 	BLINDING_HELPER(rsa, ctx, goto err;);
 	blinding = rsa->blinding;
 	/* Now unless blinding is disabled, 'blinding' is non-NULL.
 	 * But the BN_BLINDING object may be owned by some other thread
 	 * (we don't want to keep it constant and we don't want to use
 	 * lots of locking to avoid race conditions, so only a single
 	 * thread can use it; other threads have to use local blinding
 	 * factors) */
 	if (!(rsa->flags & RSA_FLAG_NO_BLINDING))
 		{
 		if (blinding == NULL)
 			{
 			RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_INTERNAL_ERROR);
 			goto err;
 			}
 		}
 	if (blinding != NULL)
 		{
 		if (blinding->thread_id != CRYPTO_thread_id())
 			{
 			/* we need a local one-time blinding factor */
-	if (rsa->flags & RSA_FLAG_BLINDING)
+			blinding = setup_blinding(rsa, ctx);
-		if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err;
+			if (blinding == NULL)
 				goto err;
 			local_blinding = 1;
 			}
 		}
 	if (blinding)
 		if (!BN_BLINDING_convert(&f, blinding, ctx)) goto err;
 	if ( (rsa->flags & RSA_FLAG_EXT_PKEY) ||
 		((rsa->p != NULL) &&
@ -275,8 +338,8 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
 		if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err;
 		}
-	if (rsa->flags & RSA_FLAG_BLINDING)
+	if (blinding)
-		if (!BN_BLINDING_invert(&ret,rsa->blinding,ctx)) goto err;
+		if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err;
 	/* put in leading 0 bytes if the number is less than the
 	 * length of the modulus */
@ -290,6 +353,8 @@ err:
 	if (ctx != NULL) BN_CTX_free(ctx);
 	BN_clear_free(&ret);
 	BN_clear_free(&f);
 	if (local_blinding)
 		BN_BLINDING_free(blinding);
 	if (buf != NULL)
 		{
 		OPENSSL_cleanse(buf,num);
@ -306,6 +371,8 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
 	unsigned char *p;
 	unsigned char *buf=NULL;
 	BN_CTX *ctx=NULL;
 	int local_blinding = 0;
 	BN_BLINDING *blinding = NULL;
 	BN_init(&f);
 	BN_init(&ret);
@ -338,9 +405,38 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
 		}
 	BLINDING_HELPER(rsa, ctx, goto err;);
 	blinding = rsa->blinding;
 	/* Now unless blinding is disabled, 'blinding' is non-NULL.
 	 * But the BN_BLINDING object may be owned by some other thread
 	 * (we don't want to keep it constant and we don't want to use
 	 * lots of locking to avoid race conditions, so only a single
 	 * thread can use it; other threads have to use local blinding
 	 * factors) */
 	if (!(rsa->flags & RSA_FLAG_NO_BLINDING))
 		{
 		if (blinding == NULL)
 			{
 			RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, ERR_R_INTERNAL_ERROR);
 			goto err;
 			}
 		}
 	if (blinding != NULL)
 		{
 		if (blinding->thread_id != CRYPTO_thread_id())
 			{
 			/* we need a local one-time blinding factor */
-	if (rsa->flags & RSA_FLAG_BLINDING)
+			blinding = setup_blinding(rsa, ctx);
-		if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err;
+			if (blinding == NULL)
 				goto err;
 			local_blinding = 1;
 			}
 		}
 	if (blinding)
 		if (!BN_BLINDING_convert(&f, blinding, ctx)) goto err;
 	/* do the decrypt */
 	if ( (rsa->flags & RSA_FLAG_EXT_PKEY) ||
@ -356,8 +452,8 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
 			goto err;
 		}
-	if (rsa->flags & RSA_FLAG_BLINDING)
+	if (blinding)
-		if (!BN_BLINDING_invert(&ret,rsa->blinding,ctx)) goto err;
+		if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err;
 	p=buf;
 	j=BN_bn2bin(&ret,p); /* j is only used with no-padding mode */
@ -389,6 +485,8 @@ err:
 	if (ctx != NULL) BN_CTX_free(ctx);
 	BN_clear_free(&f);
 	BN_clear_free(&ret);
 	if (local_blinding)
 		BN_BLINDING_free(blinding);
 	if (buf != NULL)
 		{
 		OPENSSL_cleanse(buf,num);
--- a/crypto/openssl/crypto/rsa/rsa_lib.c
+++ b/crypto/openssl/crypto/rsa/rsa_lib.c
@ -55,6 +55,7 @@
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */
 /* $FreeBSD$ */
 #include <stdio.h>
 #include <openssl/crypto.h>
@ -62,6 +63,7 @@
 #include <openssl/lhash.h>
 #include <openssl/bn.h>
 #include <openssl/rsa.h>
 #include <openssl/rand.h>
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
@ -77,7 +79,6 @@ RSA *RSA_new(void)
 #ifndef OPENSSL_NO_FORCE_RSA_BLINDING
 	r->flags|=RSA_FLAG_BLINDING;
 #endif
 	return r;
 	}
@ -313,12 +314,13 @@ void RSA_blinding_off(RSA *rsa)
 		BN_BLINDING_free(rsa->blinding);
 		rsa->blinding=NULL;
 		}
-	rsa->flags&= ~RSA_FLAG_BLINDING;
+	rsa->flags &= ~RSA_FLAG_BLINDING;
 	rsa->flags |= RSA_FLAG_NO_BLINDING;
 	}
 int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx)
 	{
-	BIGNUM *A,*Ai;
+	BIGNUM *A,*Ai = NULL;
 	BN_CTX *ctx;
 	int ret=0;
@ -329,21 +331,42 @@ int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx)
 	else
 		ctx=p_ctx;
 	/* XXXXX: Shouldn't this be RSA_blinding_off(rsa)? */
 	if (rsa->blinding != NULL)
 		{
 		BN_BLINDING_free(rsa->blinding);
 		rsa->blinding = NULL;
 		}
 	/* NB: similar code appears in setup_blinding (rsa_eay.c);
 	 * this should be placed in a new function of its own, but for reasons
 	 * of binary compatibility can't */
 	BN_CTX_start(ctx);
 	A = BN_CTX_get(ctx);
-	if (!BN_rand_range(A,rsa->n)) goto err;
+	if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL)
 		{
 		/* if PRNG is not properly seeded, resort to secret exponent as unpredictable seed */
 		RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0);
 		if (!BN_pseudo_rand_range(A,rsa->n)) goto err;
 		}
 	else
 		{
 		if (!BN_rand_range(A,rsa->n)) goto err;
 		}
 	if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err;
 	if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n))
-	    goto err;
+		goto err;
-	rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n);
+	if ((rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n)) == NULL) goto err;
-	rsa->flags|=RSA_FLAG_BLINDING;
+	/* to make things thread-safe without excessive locking,
-	BN_free(Ai);
+	 * rsa->blinding will be used just by the current thread: */
 	rsa->blinding->thread_id = CRYPTO_thread_id();
 	rsa->flags |= RSA_FLAG_BLINDING;
 	rsa->flags &= ~RSA_FLAG_NO_BLINDING;
 	ret=1;
 err:
 	if (Ai != NULL) BN_free(Ai);
 	BN_CTX_end(ctx);
 	if (ctx != p_ctx) BN_CTX_free(ctx);
 	return(ret);
--- a/crypto/openssl/util/pl/Mingw32.pl
+++ b/crypto/openssl/util/pl/Mingw32.pl
@ -1,17 +1,18 @@
 #!/usr/local/bin/perl
 # $FreeBSD$
 #
-# Mingw32.pl -- Mingw32 with GNU cp (Mingw32f.pl uses DOS tools) 
+# Mingw32.pl -- Mingw
 #
 $o='/';
 $cp='cp';
-$rm='rem'; # use 'rm -f' if using GNU file utilities
+$rm='rm -f';
 $mkdir='gmkdir';
-# gcc wouldn't accept backslashes in paths
+$o='\\';
-#$o='\\';
+$cp='copy';
-#$cp='copy';
+$rm='del';
-#$rm='del';
+$mkdir='mkdir';
 # C compiler stuff
@ -19,29 +20,29 @@ $cc='gcc';
 if ($debug)
 	{ $cflags="-DL_ENDIAN -DDSO_WIN32 -g2 -ggdb"; }
 else
-	{ $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -m486 -Wall"; }
+	{ $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -mcpu=i486 -Wall"; }
 if ($gaswin and !$no_asm)
 	{
-        $bn_asm_obj='$(OBJ_D)/bn-win32.o';
+        $bn_asm_obj='$(OBJ_D)\bn-win32.o';
        $bn_asm_src='crypto/bn/asm/bn-win32.s';
-        $bnco_asm_obj='$(OBJ_D)/co-win32.o';
+        $bnco_asm_obj='$(OBJ_D)\co-win32.o';
        $bnco_asm_src='crypto/bn/asm/co-win32.s';
-        $des_enc_obj='$(OBJ_D)/d-win32.o $(OBJ_D)/y-win32.o';
+        $des_enc_obj='$(OBJ_D)\d-win32.o $(OBJ_D)\y-win32.o';
        $des_enc_src='crypto/des/asm/d-win32.s crypto/des/asm/y-win32.s';
-        $bf_enc_obj='$(OBJ_D)/b-win32.o';
+        $bf_enc_obj='$(OBJ_D)\b-win32.o';
        $bf_enc_src='crypto/bf/asm/b-win32.s';
-#       $cast_enc_obj='$(OBJ_D)/c-win32.o';
+#       $cast_enc_obj='$(OBJ_D)\c-win32.o';
 #       $cast_enc_src='crypto/cast/asm/c-win32.s';
-        $rc4_enc_obj='$(OBJ_D)/r4-win32.o';
+        $rc4_enc_obj='$(OBJ_D)\r4-win32.o';
        $rc4_enc_src='crypto/rc4/asm/r4-win32.s';
-        $rc5_enc_obj='$(OBJ_D)/r5-win32.o';
+        $rc5_enc_obj='$(OBJ_D)\r5-win32.o';
        $rc5_enc_src='crypto/rc5/asm/r5-win32.s';
-        $md5_asm_obj='$(OBJ_D)/m5-win32.o';
+        $md5_asm_obj='$(OBJ_D)\m5-win32.o';
        $md5_asm_src='crypto/md5/asm/m5-win32.s';
-        $rmd160_asm_obj='$(OBJ_D)/rm-win32.o';
+        $rmd160_asm_obj='$(OBJ_D)\rm-win32.o';
        $rmd160_asm_src='crypto/ripemd/asm/rm-win32.s';
-        $sha1_asm_obj='$(OBJ_D)/s1-win32.o';
+        $sha1_asm_obj='$(OBJ_D)\s1-win32.o';
        $sha1_asm_src='crypto/sha/asm/s1-win32.s';
 	$cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM";
 	}
@ -85,7 +86,7 @@ sub do_lib_rule
 	($Name=$name) =~ tr/a-z/A-Z/;
 	$ret.="$target: \$(${Name}OBJ)\n";
-	$ret.="\t\$(RM) $target\n";
+	$ret.="\tif exist $target \$(RM) $target\n";
 	$ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n";
 	$ret.="\t\$(RANLIB) $target\n\n";
 	}
--- a/crypto/openssl/util/pl/Mingw32f.pl
+++ b/crypto/openssl/util/pl/Mingw32f.pl
@ -1,73 +0,0 @@
 #!/usr/local/bin/perl
 #
 # Mingw32f.pl -- copy files; Mingw32.pl is needed to do the compiling. 
 #
 $o='\\';
 $cp='copy';
 $rm='del';
 # C compiler stuff
 $cc='gcc';
 if ($debug)
 	{ $cflags="-g2 -ggdb -DDSO_WIN32"; }
 else
 	{ $cflags="-O3 -fomit-frame-pointer -DDSO_WIN32"; }
 $obj='.o';
 $ofile='-o ';
 # EXE linking stuff
 $link='${CC}';
 $lflags='${CFLAGS}';
 $efile='-o ';
 $exep='';
 $ex_libs="-lwsock32 -lgdi32";
 # static library stuff
 $mklib='ar r';
 $mlflags='';
 $ranlib='ranlib';
 $plib='lib';
 $libp=".a";
 $shlibp=".a";
 $lfile='';
 $asm='as';
 $afile='-o ';
 $bn_asm_obj="";
 $bn_asm_src="";
 $des_enc_obj="";
 $des_enc_src="";
 $bf_enc_obj="";
 $bf_enc_src="";
 sub do_lib_rule
 	{
 	local($obj,$target,$name,$shlib)=@_;
 	local($ret,$_,$Name);
 	$target =~ s/\//$o/g if $o ne '/';
 	$target="$target";
 	($Name=$name) =~ tr/a-z/A-Z/;
 	$ret.="$target: \$(${Name}OBJ)\n";
 	$ret.="\t\$(RM) $target\n";
 	$ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n";
 	$ret.="\t\$(RANLIB) $target\n\n";
 	}
 sub do_link_rule
 	{
 	local($target,$files,$dep_libs,$libs)=@_;
 	local($ret,$_);
 	$file =~ s/\//$o/g if $o ne '/';
 	$n=&bname($target);
 	$ret.="$target: $files $dep_libs\n";
 	$ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
 	return($ret);
 	}
 1;