Import OpenSSL 1.0.2i.

This commit is contained in:
Jung-uk Kim 2016-09-22 13:04:03 +00:00
parent 57f1256b1a
commit e1b483878d
224 changed files with 3942 additions and 1353 deletions

160
CHANGES
View File

@ -2,6 +2,166 @@
OpenSSL CHANGES OpenSSL CHANGES
_______________ _______________
Changes between 1.0.2h and 1.0.2i [22 Sep 2016]
*) OCSP Status Request extension unbounded memory growth
A malicious client can send an excessively large OCSP Status Request
extension. If that client continually requests renegotiation, sending a
large OCSP Status Request extension each time, then there will be unbounded
memory growth on the server. This will eventually lead to a Denial Of
Service attack through memory exhaustion. Servers with a default
configuration are vulnerable even if they do not support OCSP. Builds using
the "no-ocsp" build time option are not affected.
This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
(CVE-2016-6304)
[Matt Caswell]
*) In order to mitigate the SWEET32 attack, the DES ciphers were moved from
HIGH to MEDIUM.
This issue was reported to OpenSSL Karthikeyan Bhargavan and Gaetan
Leurent (INRIA)
(CVE-2016-2183)
[Rich Salz]
*) OOB write in MDC2_Update()
An overflow can occur in MDC2_Update() either if called directly or
through the EVP_DigestUpdate() function using MDC2. If an attacker
is able to supply very large amounts of input data after a previous
call to EVP_EncryptUpdate() with a partial block then a length check
can overflow resulting in a heap corruption.
The amount of data needed is comparable to SIZE_MAX which is impractical
on most platforms.
This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
(CVE-2016-6303)
[Stephen Henson]
*) Malformed SHA512 ticket DoS
If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a
DoS attack where a malformed ticket will result in an OOB read which will
ultimately crash.
The use of SHA512 in TLS session tickets is comparatively rare as it requires
a custom server callback and ticket lookup mechanism.
This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
(CVE-2016-6302)
[Stephen Henson]
*) OOB write in BN_bn2dec()
The function BN_bn2dec() does not check the return value of BN_div_word().
This can cause an OOB write if an application uses this function with an
overly large BIGNUM. This could be a problem if an overly large certificate
or CRL is printed out from an untrusted source. TLS is not affected because
record limits will reject an oversized certificate before it is parsed.
This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
(CVE-2016-2182)
[Stephen Henson]
*) OOB read in TS_OBJ_print_bio()
The function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is
the total length the OID text representation would use and not the amount
of data written. This will result in OOB reads when large OIDs are
presented.
This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
(CVE-2016-2180)
[Stephen Henson]
*) Pointer arithmetic undefined behaviour
Avoid some undefined pointer arithmetic
A common idiom in the codebase is to check limits in the following manner:
"p + len > limit"
Where "p" points to some malloc'd data of SIZE bytes and
limit == p + SIZE
"len" here could be from some externally supplied data (e.g. from a TLS
message).
The rules of C pointer arithmetic are such that "p + len" is only well
defined where len <= SIZE. Therefore the above idiom is actually
undefined behaviour.
For example this could cause problems if some malloc implementation
provides an address for "p" such that "p + len" actually overflows for
values of len that are too big and therefore p + len < limit.
This issue was reported to OpenSSL by Guido Vranken
(CVE-2016-2177)
[Matt Caswell]
*) Constant time flag not preserved in DSA signing
Operations in the DSA signing algorithm should run in constant time in
order to avoid side channel attacks. A flaw in the OpenSSL DSA
implementation means that a non-constant time codepath is followed for
certain operations. This has been demonstrated through a cache-timing
attack to be sufficient for an attacker to recover the private DSA key.
This issue was reported by César Pereida (Aalto University), Billy Brumley
(Tampere University of Technology), and Yuval Yarom (The University of
Adelaide and NICTA).
(CVE-2016-2178)
[César Pereida]
*) DTLS buffered message DoS
In a DTLS connection where handshake messages are delivered out-of-order
those messages that OpenSSL is not yet ready to process will be buffered
for later use. Under certain circumstances, a flaw in the logic means that
those messages do not get removed from the buffer even though the handshake
has been completed. An attacker could force up to approx. 15 messages to
remain in the buffer when they are no longer required. These messages will
be cleared when the DTLS connection is closed. The default maximum size for
a message is 100k. Therefore the attacker could force an additional 1500k
to be consumed per connection. By opening many simulataneous connections an
attacker could cause a DoS attack through memory exhaustion.
This issue was reported to OpenSSL by Quan Luo.
(CVE-2016-2179)
[Matt Caswell]
*) DTLS replay protection DoS
A flaw in the DTLS replay attack protection mechanism means that records
that arrive for future epochs update the replay protection "window" before
the MAC for the record has been validated. This could be exploited by an
attacker by sending a record for the next epoch (which does not have to
decrypt or have a valid MAC), with a very large sequence number. This means
that all subsequent legitimate packets are dropped causing a denial of
service for a specific DTLS connection.
This issue was reported to OpenSSL by the OCAP audit team.
(CVE-2016-2181)
[Matt Caswell]
*) Certificate message OOB reads
In OpenSSL 1.0.2 and earlier some missing message length checks can result
in OOB reads of up to 2 bytes beyond an allocated buffer. There is a
theoretical DoS risk but this has not been observed in practice on common
platforms.
The messages affected are client certificate, client certificate request
and server certificate. As a result the attack can only be performed
against a client or a server which enables client authentication.
This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
(CVE-2016-6306)
[Stephen Henson]
Changes between 1.0.2g and 1.0.2h [3 May 2016] Changes between 1.0.2g and 1.0.2h [3 May 2016]
*) Prevent padding oracle in AES-NI CBC MAC check *) Prevent padding oracle in AES-NI CBC MAC check

View File

@ -1,38 +1,75 @@
HOW TO CONTRIBUTE TO OpenSSL HOW TO CONTRIBUTE TO PATCHES OpenSSL
---------------------------- ------------------------------------
Development is coordinated on the openssl-dev mailing list (see (Please visit https://www.openssl.org/community/getting-started.html for
http://www.openssl.org for information on subscribing). If you other ideas about how to contribute.)
would like to submit a patch, send it to rt@openssl.org with
the string "[PATCH]" in the subject. Please be sure to include a
textual explanation of what your patch does.
You can also make GitHub pull requests. If you do this, please also send
mail to rt@openssl.org with a brief description and a link to the PR so
that we can more easily keep track of it.
Development is coordinated on the openssl-dev mailing list (see the
above link or https://mta.openssl.org for information on subscribing).
If you are unsure as to whether a feature will be useful for the general If you are unsure as to whether a feature will be useful for the general
OpenSSL community please discuss it on the openssl-dev mailing list first. OpenSSL community you might want to discuss it on the openssl-dev mailing
Someone may be already working on the same thing or there may be a good list first. Someone may be already working on the same thing or there
reason as to why that feature isn't implemented. may be a good reason as to why that feature isn't implemented.
Patches should be as up to date as possible, preferably relative to the The best way to submit a patch is to make a pull request on GitHub.
current Git or the last snapshot. They should follow our coding style (It is not necessary to send mail to rt@openssl.org to open a ticket!)
(see https://www.openssl.org/policies/codingstyle.html) and compile without If you think the patch could use feedback from the community, please
warnings using the --strict-warnings flag. OpenSSL compiles on many varied start a thread on openssl-dev.
platforms: try to ensure you only use portable features.
Our preferred format for patch files is "git format-patch" output. For example You can also submit patches by sending it as mail to rt@openssl.org.
to provide a patch file containing the last commit in your local git repository Please include the word "PATCH" and an explanation of what the patch
use the following command: does in the subject line. If you do this, our preferred format is "git
format-patch" output. For example to provide a patch file containing the
last commit in your local git repository use the following command:
# git format-patch --stdout HEAD^ >mydiffs.patch % git format-patch --stdout HEAD^ >mydiffs.patch
Another method of creating an acceptable patch file without using git is as Another method of creating an acceptable patch file without using git is as
follows: follows:
# cd openssl-work % cd openssl-work
# [your changes] ...make your changes...
# ./Configure dist; make clean % ./Configure dist; make clean
# cd .. % cd ..
# diff -ur openssl-orig openssl-work > mydiffs.patch % diff -ur openssl-orig openssl-work >mydiffs.patch
Note that pull requests are generally easier for the team, and community, to
work with. Pull requests benefit from all of the standard GitHub features,
including code review tools, simpler integration, and CI build support.
No matter how a patch is submitted, the following items will help make
the acceptance and review process faster:
1. Anything other than trivial contributions will require a contributor
licensing agreement, giving us permission to use your code. See
https://www.openssl.org/policies/cla.html for details.
2. All source files should start with the following text (with
appropriate comment characters at the start of each line and the
year(s) updated):
Copyright 20xx-20yy The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
https://www.openssl.org/source/license.html
3. Patches should be as current as possible. When using GitHub, please
expect to have to rebase and update often. Note that we do not accept merge
commits. You will be asked to remove them before a patch is considered
acceptable.
4. Patches should follow our coding style (see
https://www.openssl.org/policies/codingstyle.html) and compile without
warnings. Where gcc or clang is availble you should use the
--strict-warnings Configure option. OpenSSL compiles on many varied
platforms: try to ensure you only use portable features.
5. When at all possible, patches should include tests. These can either be
added to an existing test, or completely new. Please see test/README
for information on the test framework.
6. New features or changed functionality must include documentation. Please
look at the "pod" files in doc/apps, doc/crypto and doc/ssl for examples of
our style.

View File

@ -799,7 +799,7 @@ my @experimental = ();
# This is what $depflags will look like with the above defaults # This is what $depflags will look like with the above defaults
# (we need this to see if we should advise the user to run "make depend"): # (we need this to see if we should advise the user to run "make depend"):
my $default_depflags = " -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_LIBUNBOUND -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL_TRACE -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST"; my $default_depflags = " -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_LIBUNBOUND -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL_TRACE -DOPENSSL_NO_SSL2 -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST -DOPENSSL_NO_WEAK_SSL_CIPHERS";
# Explicit "no-..." options will be collected in %disabled along with the defaults. # Explicit "no-..." options will be collected in %disabled along with the defaults.
# To remove something from %disabled, use "enable-foo" (unless it's experimental). # To remove something from %disabled, use "enable-foo" (unless it's experimental).
@ -1082,11 +1082,6 @@ if (defined($disabled{"md5"}) || defined($disabled{"sha"})
$disabled{"tls1"} = "forced"; $disabled{"tls1"} = "forced";
} }
if (defined($disabled{"tls1"}))
{
$disabled{"tlsext"} = "forced";
}
if (defined($disabled{"ec"}) || defined($disabled{"dsa"}) if (defined($disabled{"ec"}) || defined($disabled{"dsa"})
|| defined($disabled{"dh"})) || defined($disabled{"dh"}))
{ {
@ -1254,6 +1249,7 @@ my $shared_extension = $fields[$idx_shared_extension];
my $ranlib = $ENV{'RANLIB'} || $fields[$idx_ranlib]; my $ranlib = $ENV{'RANLIB'} || $fields[$idx_ranlib];
my $ar = $ENV{'AR'} || "ar"; my $ar = $ENV{'AR'} || "ar";
my $arflags = $fields[$idx_arflags]; my $arflags = $fields[$idx_arflags];
my $windres = $ENV{'RC'} || $ENV{'WINDRES'} || "windres";
my $multilib = $fields[$idx_multilib]; my $multilib = $fields[$idx_multilib];
# if $prefix/lib$multilib is not an existing directory, then # if $prefix/lib$multilib is not an existing directory, then
@ -1562,8 +1558,15 @@ $cpuid_obj="mem_clr.o" unless ($cpuid_obj =~ /\.o$/);
$des_obj=$des_enc unless ($des_obj =~ /\.o$/); $des_obj=$des_enc unless ($des_obj =~ /\.o$/);
$bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/); $bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/);
$cast_obj=$cast_enc unless ($cast_obj =~ /\.o$/); $cast_obj=$cast_enc unless ($cast_obj =~ /\.o$/);
$rc4_obj=$rc4_enc unless ($rc4_obj =~ /\.o$/);
$rc5_obj=$rc5_enc unless ($rc5_obj =~ /\.o$/); $rc5_obj=$rc5_enc unless ($rc5_obj =~ /\.o$/);
if ($rc4_obj =~ /\.o$/)
{
$cflags.=" -DRC4_ASM";
}
else
{
$rc4_obj=$rc4_enc;
}
if ($sha1_obj =~ /\.o$/) if ($sha1_obj =~ /\.o$/)
{ {
# $sha1_obj=$sha1_enc; # $sha1_obj=$sha1_enc;
@ -1717,12 +1720,14 @@ while (<IN>)
s/^AR=\s*/AR= \$\(CROSS_COMPILE\)/; s/^AR=\s*/AR= \$\(CROSS_COMPILE\)/;
s/^NM=\s*/NM= \$\(CROSS_COMPILE\)/; s/^NM=\s*/NM= \$\(CROSS_COMPILE\)/;
s/^RANLIB=\s*/RANLIB= \$\(CROSS_COMPILE\)/; s/^RANLIB=\s*/RANLIB= \$\(CROSS_COMPILE\)/;
s/^RC=\s*/RC= \$\(CROSS_COMPILE\)/;
s/^MAKEDEPPROG=.*$/MAKEDEPPROG= \$\(CROSS_COMPILE\)$cc/ if $cc eq "gcc"; s/^MAKEDEPPROG=.*$/MAKEDEPPROG= \$\(CROSS_COMPILE\)$cc/ if $cc eq "gcc";
} }
else { else {
s/^CC=.*$/CC= $cc/; s/^CC=.*$/CC= $cc/;
s/^AR=\s*ar/AR= $ar/; s/^AR=\s*ar/AR= $ar/;
s/^RANLIB=.*/RANLIB= $ranlib/; s/^RANLIB=.*/RANLIB= $ranlib/;
s/^RC=.*/RC= $windres/;
s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc"; s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc";
s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $ecc eq "gcc" || $ecc eq "clang"; s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $ecc eq "gcc" || $ecc eq "clang";
} }

View File

@ -26,7 +26,7 @@ openssl-*/apps/demoCA
openssl-*/apps/demoSRP openssl-*/apps/demoSRP
openssl-*/apps/md4.c openssl-*/apps/md4.c
openssl-*/apps/openssl-vms.cnf openssl-*/apps/openssl-vms.cnf
openssl-*/apps/vms_decc_init.c openssl-*/apps/vms_*
openssl-*/apps/winrand.c openssl-*/apps/winrand.c
openssl-*/bugs openssl-*/bugs
openssl-*/certs/demo openssl-*/certs/demo

View File

@ -11,8 +11,8 @@ First, read http://wiki.freebsd.org/SubversionPrimer/VendorImports
# Xlist # Xlist
setenv XLIST /FreeBSD/work/openssl/svn-FREEBSD-files/FREEBSD-Xlist setenv XLIST /FreeBSD/work/openssl/svn-FREEBSD-files/FREEBSD-Xlist
setenv FSVN "svn+ssh://repo.freebsd.org/base" setenv FSVN "svn+ssh://repo.freebsd.org/base"
setenv OSSLVER 1.0.2h setenv OSSLVER 1.0.2i
# OSSLTAG format: v1_0_2h # OSSLTAG format: v1_0_2i
###setenv OSSLTAG v`echo ${OSSLVER} | tr . _` ###setenv OSSLTAG v`echo ${OSSLVER} | tr . _`

View File

@ -4,7 +4,7 @@
## Makefile for OpenSSL ## Makefile for OpenSSL
## ##
VERSION=1.0.2h VERSION=1.0.2i
MAJOR=1 MAJOR=1
MINOR=0.2 MINOR=0.2
SHLIB_VERSION_NUMBER=1.0.0 SHLIB_VERSION_NUMBER=1.0.0
@ -68,6 +68,7 @@ EXE_EXT=
ARFLAGS= ARFLAGS=
AR= ar $(ARFLAGS) r AR= ar $(ARFLAGS) r
RANLIB= /usr/bin/ranlib RANLIB= /usr/bin/ranlib
RC= windres
NM= nm NM= nm
PERL= /usr/bin/perl PERL= /usr/bin/perl
TAR= tar TAR= tar
@ -210,6 +211,7 @@ BUILDENV= LC_ALL=C PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)'\
CC='$(CC)' CFLAG='$(CFLAG)' \ CC='$(CC)' CFLAG='$(CFLAG)' \
AS='$(CC)' ASFLAG='$(CFLAG) -c' \ AS='$(CC)' ASFLAG='$(CFLAG) -c' \
AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)' \ AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)' \
RC='$(RC)' \
CROSS_COMPILE='$(CROSS_COMPILE)' \ CROSS_COMPILE='$(CROSS_COMPILE)' \
PERL='$(PERL)' ENGDIRS='$(ENGDIRS)' \ PERL='$(PERL)' ENGDIRS='$(ENGDIRS)' \
SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)' \ SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)' \
@ -368,6 +370,7 @@ libcrypto.pc: Makefile
echo 'exec_prefix=$${prefix}'; \ echo 'exec_prefix=$${prefix}'; \
echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \ echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
echo 'includedir=$${prefix}/include'; \ echo 'includedir=$${prefix}/include'; \
echo 'enginesdir=$${libdir}/engines'; \
echo ''; \ echo ''; \
echo 'Name: OpenSSL-libcrypto'; \ echo 'Name: OpenSSL-libcrypto'; \
echo 'Description: OpenSSL cryptography library'; \ echo 'Description: OpenSSL cryptography library'; \

View File

@ -66,6 +66,7 @@ EXE_EXT=
ARFLAGS= ARFLAGS=
AR=ar $(ARFLAGS) r AR=ar $(ARFLAGS) r
RANLIB= ranlib RANLIB= ranlib
RC= windres
NM= nm NM= nm
PERL= perl PERL= perl
TAR= tar TAR= tar
@ -208,6 +209,7 @@ BUILDENV= LC_ALL=C PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)'\
CC='$(CC)' CFLAG='$(CFLAG)' \ CC='$(CC)' CFLAG='$(CFLAG)' \
AS='$(CC)' ASFLAG='$(CFLAG) -c' \ AS='$(CC)' ASFLAG='$(CFLAG) -c' \
AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)' \ AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)' \
RC='$(RC)' \
CROSS_COMPILE='$(CROSS_COMPILE)' \ CROSS_COMPILE='$(CROSS_COMPILE)' \
PERL='$(PERL)' ENGDIRS='$(ENGDIRS)' \ PERL='$(PERL)' ENGDIRS='$(ENGDIRS)' \
SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)' \ SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)' \
@ -366,6 +368,7 @@ libcrypto.pc: Makefile
echo 'exec_prefix=$${prefix}'; \ echo 'exec_prefix=$${prefix}'; \
echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \ echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
echo 'includedir=$${prefix}/include'; \ echo 'includedir=$${prefix}/include'; \
echo 'enginesdir=$${libdir}/engines'; \
echo ''; \ echo ''; \
echo 'Name: OpenSSL-libcrypto'; \ echo 'Name: OpenSSL-libcrypto'; \
echo 'Description: OpenSSL cryptography library'; \ echo 'Description: OpenSSL cryptography library'; \

View File

@ -293,7 +293,7 @@ link_a.cygwin:
fi; \ fi; \
dll_name=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX; \ dll_name=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX; \
$(PERL) util/mkrc.pl $$dll_name | \ $(PERL) util/mkrc.pl $$dll_name | \
$(CROSS_COMPILE)windres -o rc.o; \ $(RC) -o rc.o; \
extras="$$extras rc.o"; \ extras="$$extras rc.o"; \
ALLSYMSFLAGS='-Wl,--whole-archive'; \ ALLSYMSFLAGS='-Wl,--whole-archive'; \
NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \ NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \

14
NEWS
View File

@ -5,6 +5,20 @@
This file gives a brief overview of the major changes between each OpenSSL This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file. release. For more details please read the CHANGES file.
Major changes between OpenSSL 1.0.2h and OpenSSL 1.0.2i [22 Sep 2016]
o OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
o SWEET32 Mitigation (CVE-2016-2183)
o OOB write in MDC2_Update() (CVE-2016-6303)
o Malformed SHA512 ticket DoS (CVE-2016-6302)
o OOB write in BN_bn2dec() (CVE-2016-2182)
o OOB read in TS_OBJ_print_bio() (CVE-2016-2180)
o Pointer arithmetic undefined behaviour (CVE-2016-2177)
o Constant time flag not preserved in DSA signing (CVE-2016-2178)
o DTLS buffered message DoS (CVE-2016-2179)
o DTLS replay protection DoS (CVE-2016-2181)
o Certificate message OOB reads (CVE-2016-6306)
Major changes between OpenSSL 1.0.2g and OpenSSL 1.0.2h [3 May 2016] Major changes between OpenSSL 1.0.2g and OpenSSL 1.0.2h [3 May 2016]
o Prevent padding oracle in AES-NI CBC MAC check (CVE-2016-2107) o Prevent padding oracle in AES-NI CBC MAC check (CVE-2016-2107)

2
README
View File

@ -1,5 +1,5 @@
OpenSSL 1.0.2h 3 May 2016 OpenSSL 1.0.2i 22 Sep 2016
Copyright (c) 1998-2015 The OpenSSL Project Copyright (c) 1998-2015 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson

View File

@ -64,7 +64,7 @@ $RET = 0;
foreach (@ARGV) { foreach (@ARGV) {
if ( /^(-\?|-h|-help)$/ ) { if ( /^(-\?|-h|-help)$/ ) {
print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n"; print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-signcert|-verify\n";
exit 0; exit 0;
} elsif (/^-newcert$/) { } elsif (/^-newcert$/) {
# create a certificate # create a certificate
@ -186,4 +186,3 @@ while (<IN>) {
} }
} }
} }

View File

@ -64,7 +64,7 @@ $RET = 0;
foreach (@ARGV) { foreach (@ARGV) {
if ( /^(-\?|-h|-help)$/ ) { if ( /^(-\?|-h|-help)$/ ) {
print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n"; print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-signcert|-verify\n";
exit 0; exit 0;
} elsif (/^-newcert$/) { } elsif (/^-newcert$/) {
# create a certificate # create a certificate
@ -186,4 +186,3 @@ while (<IN>) {
} }
} }
} }

View File

@ -215,7 +215,8 @@ int args_from_file(char *file, int *argc, char **argv[])
if (arg != NULL) if (arg != NULL)
OPENSSL_free(arg); OPENSSL_free(arg);
arg = (char **)OPENSSL_malloc(sizeof(char *) * (i * 2)); arg = (char **)OPENSSL_malloc(sizeof(char *) * (i * 2));
if (arg == NULL)
return 0;
*argv = arg; *argv = arg;
num = 0; num = 0;
p = buf; p = buf;
@ -2374,6 +2375,8 @@ int args_verify(char ***pargs, int *pargc,
flags |= X509_V_FLAG_PARTIAL_CHAIN; flags |= X509_V_FLAG_PARTIAL_CHAIN;
else if (!strcmp(arg, "-no_alt_chains")) else if (!strcmp(arg, "-no_alt_chains"))
flags |= X509_V_FLAG_NO_ALT_CHAINS; flags |= X509_V_FLAG_NO_ALT_CHAINS;
else if (!strcmp(arg, "-allow_proxy_certs"))
flags |= X509_V_FLAG_ALLOW_PROXY_CERTS;
else else
return 0; return 0;
@ -3195,6 +3198,36 @@ int app_isdir(const char *name)
#endif #endif
/* raw_read|write section */ /* raw_read|write section */
#if defined(__VMS)
# include "vms_term_sock.h"
static int stdin_sock = -1;
static void close_stdin_sock(void)
{
TerminalSocket (TERM_SOCK_DELETE, &stdin_sock);
}
int fileno_stdin(void)
{
if (stdin_sock == -1) {
TerminalSocket(TERM_SOCK_CREATE, &stdin_sock);
atexit(close_stdin_sock);
}
return stdin_sock;
}
#else
int fileno_stdin(void)
{
return fileno(stdin);
}
#endif
int fileno_stdout(void)
{
return fileno(stdout);
}
#if defined(_WIN32) && defined(STD_INPUT_HANDLE) #if defined(_WIN32) && defined(STD_INPUT_HANDLE)
int raw_read_stdin(void *buf, int siz) int raw_read_stdin(void *buf, int siz)
{ {
@ -3204,10 +3237,17 @@ int raw_read_stdin(void *buf, int siz)
else else
return (-1); return (-1);
} }
#elif defined(__VMS)
#include <sys/socket.h>
int raw_read_stdin(void *buf, int siz)
{
return recv(fileno_stdin(), buf, siz, 0);
}
#else #else
int raw_read_stdin(void *buf, int siz) int raw_read_stdin(void *buf, int siz)
{ {
return read(fileno(stdin), buf, siz); return read(fileno_stdin(), buf, siz);
} }
#endif #endif
@ -3223,6 +3263,6 @@ int raw_write_stdout(const void *buf, int siz)
#else #else
int raw_write_stdout(const void *buf, int siz) int raw_write_stdout(const void *buf, int siz)
{ {
return write(fileno(stdout), buf, siz); return write(fileno_stdout(), buf, siz);
} }
#endif #endif

View File

@ -375,6 +375,8 @@ void store_setup_crl_download(X509_STORE *st);
# define SERIAL_RAND_BITS 64 # define SERIAL_RAND_BITS 64
int app_isdir(const char *); int app_isdir(const char *);
int fileno_stdin(void);
int fileno_stdout(void);
int raw_read_stdin(void *, int); int raw_read_stdin(void *, int);
int raw_write_stdout(const void *, int); int raw_write_stdout(const void *, int);

View File

@ -2103,25 +2103,23 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
goto err; goto err;
/* We now just add it to the database */ /* We now just add it to the database */
row[DB_type] = (char *)OPENSSL_malloc(2);
tm = X509_get_notAfter(ret); tm = X509_get_notAfter(ret);
row[DB_exp_date] = (char *)OPENSSL_malloc(tm->length + 1); row[DB_type] = OPENSSL_malloc(2);
memcpy(row[DB_exp_date], tm->data, tm->length); row[DB_exp_date] = OPENSSL_malloc(tm->length + 1);
row[DB_exp_date][tm->length] = '\0'; row[DB_rev_date] = OPENSSL_malloc(1);
row[DB_file] = OPENSSL_malloc(8);
row[DB_rev_date] = NULL;
/* row[DB_serial] done already */
row[DB_file] = (char *)OPENSSL_malloc(8);
row[DB_name] = X509_NAME_oneline(X509_get_subject_name(ret), NULL, 0); row[DB_name] = X509_NAME_oneline(X509_get_subject_name(ret), NULL, 0);
if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) || if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) ||
(row[DB_rev_date] == NULL) ||
(row[DB_file] == NULL) || (row[DB_name] == NULL)) { (row[DB_file] == NULL) || (row[DB_name] == NULL)) {
BIO_printf(bio_err, "Memory allocation failure\n"); BIO_printf(bio_err, "Memory allocation failure\n");
goto err; goto err;
} }
BUF_strlcpy(row[DB_file], "unknown", 8);
memcpy(row[DB_exp_date], tm->data, tm->length);
row[DB_exp_date][tm->length] = '\0';
row[DB_rev_date][0] = '\0';
strcpy(row[DB_file], "unknown");
row[DB_type][0] = 'V'; row[DB_type][0] = 'V';
row[DB_type][1] = '\0'; row[DB_type][1] = '\0';
@ -2307,6 +2305,7 @@ static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey,
j = NETSCAPE_SPKI_verify(spki, pktmp); j = NETSCAPE_SPKI_verify(spki, pktmp);
if (j <= 0) { if (j <= 0) {
EVP_PKEY_free(pktmp);
BIO_printf(bio_err, BIO_printf(bio_err,
"signature verification failed on SPKAC public key\n"); "signature verification failed on SPKAC public key\n");
goto err; goto err;

View File

@ -243,6 +243,11 @@ int MAIN(int argc, char **argv)
argv++; argv++;
} }
if (keyfile != NULL && argc > 1) {
BIO_printf(bio_err, "Can only sign or verify one file\n");
goto end;
}
if (do_verify && !sigfile) { if (do_verify && !sigfile) {
BIO_printf(bio_err, BIO_printf(bio_err,
"No signature to verify: use the -signature option\n"); "No signature to verify: use the -signature option\n");

View File

@ -509,7 +509,7 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "invalid hex salt value\n"); BIO_printf(bio_err, "invalid hex salt value\n");
goto end; goto end;
} }
} else if (RAND_pseudo_bytes(salt, sizeof salt) < 0) } else if (RAND_bytes(salt, sizeof salt) <= 0)
goto end; goto end;
/* /*
* If -P option then don't bother writing * If -P option then don't bother writing

View File

@ -416,7 +416,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
if (*salt_malloc_p == NULL) if (*salt_malloc_p == NULL)
goto err; goto err;
} }
if (RAND_pseudo_bytes((unsigned char *)*salt_p, 2) < 0) if (RAND_bytes((unsigned char *)*salt_p, 2) <= 0)
goto err; goto err;
(*salt_p)[0] = cov_2char[(*salt_p)[0] & 0x3f]; /* 6 bits */ (*salt_p)[0] = cov_2char[(*salt_p)[0] & 0x3f]; /* 6 bits */
(*salt_p)[1] = cov_2char[(*salt_p)[1] & 0x3f]; /* 6 bits */ (*salt_p)[1] = cov_2char[(*salt_p)[1] & 0x3f]; /* 6 bits */
@ -437,7 +437,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
if (*salt_malloc_p == NULL) if (*salt_malloc_p == NULL)
goto err; goto err;
} }
if (RAND_pseudo_bytes((unsigned char *)*salt_p, 8) < 0) if (RAND_bytes((unsigned char *)*salt_p, 8) <= 0)
goto err; goto err;
for (i = 0; i < 8; i++) for (i = 0; i < 8; i++)

View File

@ -832,6 +832,7 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass,
EVP_PKEY *pkey; EVP_PKEY *pkey;
PKCS8_PRIV_KEY_INFO *p8; PKCS8_PRIV_KEY_INFO *p8;
X509 *x509; X509 *x509;
int ret = 0;
switch (M_PKCS12_bag_type(bag)) { switch (M_PKCS12_bag_type(bag)) {
case NID_keyBag: case NID_keyBag:
@ -844,7 +845,7 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass,
if (!(pkey = EVP_PKCS82PKEY(p8))) if (!(pkey = EVP_PKCS82PKEY(p8)))
return 0; return 0;
print_attribs(out, p8->attributes, "Key Attributes"); print_attribs(out, p8->attributes, "Key Attributes");
PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass); ret = PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass);
EVP_PKEY_free(pkey); EVP_PKEY_free(pkey);
break; break;
@ -864,7 +865,7 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass,
} }
print_attribs(out, p8->attributes, "Key Attributes"); print_attribs(out, p8->attributes, "Key Attributes");
PKCS8_PRIV_KEY_INFO_free(p8); PKCS8_PRIV_KEY_INFO_free(p8);
PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass); ret = PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass);
EVP_PKEY_free(pkey); EVP_PKEY_free(pkey);
break; break;
@ -884,7 +885,7 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass,
if (!(x509 = PKCS12_certbag2x509(bag))) if (!(x509 = PKCS12_certbag2x509(bag)))
return 0; return 0;
dump_cert_text(out, x509); dump_cert_text(out, x509);
PEM_write_bio_X509(out, x509); ret = PEM_write_bio_X509(out, x509);
X509_free(x509); X509_free(x509);
break; break;
@ -902,7 +903,7 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass,
return 1; return 1;
break; break;
} }
return 1; return ret;
} }
/* Given a single certificate return a verified chain or NULL if error */ /* Given a single certificate return a verified chain or NULL if error */
@ -931,16 +932,70 @@ static int get_cert_chain(X509 *cert, X509_STORE *store,
int alg_print(BIO *x, X509_ALGOR *alg) int alg_print(BIO *x, X509_ALGOR *alg)
{ {
PBEPARAM *pbe; int pbenid, aparamtype;
const unsigned char *p; ASN1_OBJECT *aoid;
p = alg->parameter->value.sequence->data; void *aparam;
pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length); PBEPARAM *pbe = NULL;
if (!pbe)
return 1; X509_ALGOR_get0(&aoid, &aparamtype, &aparam, alg);
BIO_printf(bio_err, "%s, Iteration %ld\n",
OBJ_nid2ln(OBJ_obj2nid(alg->algorithm)), pbenid = OBJ_obj2nid(aoid);
ASN1_INTEGER_get(pbe->iter));
BIO_printf(x, "%s", OBJ_nid2ln(pbenid));
/*
* If PBE algorithm is PBES2 decode algorithm parameters
* for additional details.
*/
if (pbenid == NID_pbes2) {
PBE2PARAM *pbe2 = NULL;
int encnid;
if (aparamtype == V_ASN1_SEQUENCE)
pbe2 = ASN1_item_unpack(aparam, ASN1_ITEM_rptr(PBE2PARAM));
if (pbe2 == NULL) {
BIO_puts(x, "<unsupported parameters>");
goto done;
}
X509_ALGOR_get0(&aoid, &aparamtype, &aparam, pbe2->keyfunc);
pbenid = OBJ_obj2nid(aoid);
X509_ALGOR_get0(&aoid, NULL, NULL, pbe2->encryption);
encnid = OBJ_obj2nid(aoid);
BIO_printf(x, ", %s, %s", OBJ_nid2ln(pbenid),
OBJ_nid2sn(encnid));
/* If KDF is PBKDF2 decode parameters */
if (pbenid == NID_id_pbkdf2) {
PBKDF2PARAM *kdf = NULL;
int prfnid;
if (aparamtype == V_ASN1_SEQUENCE)
kdf = ASN1_item_unpack(aparam, ASN1_ITEM_rptr(PBKDF2PARAM));
if (kdf == NULL) {
BIO_puts(x, "<unsupported parameters>");
goto done;
}
if (kdf->prf == NULL) {
prfnid = NID_hmacWithSHA1;
} else {
X509_ALGOR_get0(&aoid, NULL, NULL, kdf->prf);
prfnid = OBJ_obj2nid(aoid);
}
BIO_printf(x, ", Iteration %ld, PRF %s",
ASN1_INTEGER_get(kdf->iter), OBJ_nid2sn(prfnid));
PBKDF2PARAM_free(kdf);
}
PBE2PARAM_free(pbe2);
} else {
if (aparamtype == V_ASN1_SEQUENCE)
pbe = ASN1_item_unpack(aparam, ASN1_ITEM_rptr(PBEPARAM));
if (pbe == NULL) {
BIO_puts(x, "<unsupported parameters>");
goto done;
}
BIO_printf(x, ", Iteration %ld", ASN1_INTEGER_get(pbe->iter));
PBEPARAM_free(pbe); PBEPARAM_free(pbe);
}
done:
BIO_puts(x, "\n");
return 1; return 1;
} }

View File

@ -332,9 +332,10 @@ int MAIN(int argc, char **argv)
subject = 1; subject = 1;
else if (strcmp(*argv, "-text") == 0) else if (strcmp(*argv, "-text") == 0)
text = 1; text = 1;
else if (strcmp(*argv, "-x509") == 0) else if (strcmp(*argv, "-x509") == 0) {
newreq = 1;
x509 = 1; x509 = 1;
else if (strcmp(*argv, "-asn1-kludge") == 0) } else if (strcmp(*argv, "-asn1-kludge") == 0)
kludge = 1; kludge = 1;
else if (strcmp(*argv, "-no-asn1-kludge") == 0) else if (strcmp(*argv, "-no-asn1-kludge") == 0)
kludge = 0; kludge = 0;
@ -756,7 +757,7 @@ int MAIN(int argc, char **argv)
} }
} }
if (newreq || x509) { if (newreq) {
if (pkey == NULL) { if (pkey == NULL) {
BIO_printf(bio_err, "you need to specify a private key\n"); BIO_printf(bio_err, "you need to specify a private key\n");
goto end; goto end;
@ -1331,12 +1332,11 @@ static int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *dn_sk,
break; break;
} }
#ifndef CHARSET_EBCDIC #ifndef CHARSET_EBCDIC
if (*p == '+') if (*type == '+') {
#else #else
if (*p == os_toascii['+']) if (*type == os_toascii['+']) {
#endif #endif
{ type++;
p++;
mval = -1; mval = -1;
} else } else
mval = 0; mval = 0;

View File

@ -199,7 +199,8 @@ int load_excert(SSL_EXCERT **pexc, BIO *err);
void print_ssl_summary(BIO *bio, SSL *s); void print_ssl_summary(BIO *bio, SSL *s);
#ifdef HEADER_SSL_H #ifdef HEADER_SSL_H
int args_ssl(char ***pargs, int *pargc, SSL_CONF_CTX *cctx, int args_ssl(char ***pargs, int *pargc, SSL_CONF_CTX *cctx,
int *badarg, BIO *err, STACK_OF(OPENSSL_STRING) **pstr); int *badarg, BIO *err, STACK_OF(OPENSSL_STRING) **pstr,
int *no_prot_opt);
int args_ssl_call(SSL_CTX *ctx, BIO *err, SSL_CONF_CTX *cctx, int args_ssl_call(SSL_CTX *ctx, BIO *err, SSL_CONF_CTX *cctx,
STACK_OF(OPENSSL_STRING) *str, int no_ecdhe, int no_jpake); STACK_OF(OPENSSL_STRING) *str, int no_ecdhe, int no_jpake);
int ssl_ctx_add_crls(SSL_CTX *ctx, STACK_OF(X509_CRL) *crls, int ssl_ctx_add_crls(SSL_CTX *ctx, STACK_OF(X509_CRL) *crls,

View File

@ -1507,11 +1507,18 @@ void print_ssl_summary(BIO *bio, SSL *s)
} }
int args_ssl(char ***pargs, int *pargc, SSL_CONF_CTX *cctx, int args_ssl(char ***pargs, int *pargc, SSL_CONF_CTX *cctx,
int *badarg, BIO *err, STACK_OF(OPENSSL_STRING) **pstr) int *badarg, BIO *err, STACK_OF(OPENSSL_STRING) **pstr,
int *no_prot_opt)
{ {
char *arg = **pargs, *argn = (*pargs)[1]; char *arg = **pargs, *argn = (*pargs)[1];
int rv; int rv;
if (strcmp(arg, "-no_ssl2") == 0 || strcmp(arg, "-no_ssl3") == 0
|| strcmp(arg, "-no_tls1") == 0 || strcmp(arg, "-no_tls1_1") == 0
|| strcmp(arg, "-no_tls1_2") == 0) {
*no_prot_opt = 1;
}
/* Attempt to run SSL configuration command */ /* Attempt to run SSL configuration command */
rv = SSL_CONF_cmd_argv(cctx, pargc, pargs); rv = SSL_CONF_cmd_argv(cctx, pargc, pargs);
/* If parameter not recognised just return */ /* If parameter not recognised just return */

View File

@ -242,9 +242,9 @@ static unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity,
unsigned char *psk, unsigned char *psk,
unsigned int max_psk_len) unsigned int max_psk_len)
{ {
unsigned int psk_len = 0;
int ret; int ret;
BIGNUM *bn = NULL; long key_len;
unsigned char *key;
if (c_debug) if (c_debug)
BIO_printf(bio_c_out, "psk_client_cb\n"); BIO_printf(bio_c_out, "psk_client_cb\n");
@ -265,32 +265,29 @@ static unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity,
if (c_debug) if (c_debug)
BIO_printf(bio_c_out, "created identity '%s' len=%d\n", identity, BIO_printf(bio_c_out, "created identity '%s' len=%d\n", identity,
ret); ret);
ret = BN_hex2bn(&bn, psk_key);
if (!ret) { /* convert the PSK key to binary */
BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n", key = string_to_hex(psk_key, &key_len);
if (key == NULL) {
BIO_printf(bio_err, "Could not convert PSK key '%s' to buffer\n",
psk_key); psk_key);
if (bn)
BN_free(bn);
return 0; return 0;
} }
if ((unsigned long)key_len > (unsigned long)max_psk_len) {
if ((unsigned int)BN_num_bytes(bn) > max_psk_len) {
BIO_printf(bio_err, BIO_printf(bio_err,
"psk buffer of callback is too small (%d) for key (%d)\n", "psk buffer of callback is too small (%d) for key (%ld)\n",
max_psk_len, BN_num_bytes(bn)); max_psk_len, key_len);
BN_free(bn); OPENSSL_free(key);
return 0; return 0;
} }
psk_len = BN_bn2bin(bn, psk); memcpy(psk, key, key_len);
BN_free(bn); OPENSSL_free(key);
if (psk_len == 0)
goto out_err;
if (c_debug) if (c_debug)
BIO_printf(bio_c_out, "created PSK len=%d\n", psk_len); BIO_printf(bio_c_out, "created PSK len=%ld\n", key_len);
return psk_len; return key_len;
out_err: out_err:
if (c_debug) if (c_debug)
BIO_printf(bio_err, "Error in PSK client callback\n"); BIO_printf(bio_err, "Error in PSK client callback\n");
@ -747,6 +744,7 @@ int MAIN(int argc, char **argv)
int crl_format = FORMAT_PEM; int crl_format = FORMAT_PEM;
int crl_download = 0; int crl_download = 0;
STACK_OF(X509_CRL) *crls = NULL; STACK_OF(X509_CRL) *crls = NULL;
int prot_opt = 0, no_prot_opt = 0;
meth = SSLv23_client_method(); meth = SSLv23_client_method();
@ -850,7 +848,8 @@ int MAIN(int argc, char **argv)
if (badarg) if (badarg)
goto bad; goto bad;
continue; continue;
} else if (args_ssl(&argv, &argc, cctx, &badarg, bio_err, &ssl_args)) { } else if (args_ssl(&argv, &argc, cctx, &badarg, bio_err, &ssl_args,
&no_prot_opt)) {
if (badarg) if (badarg)
goto bad; goto bad;
continue; continue;
@ -942,31 +941,42 @@ int MAIN(int argc, char **argv)
} }
#endif #endif
#ifndef OPENSSL_NO_SSL2 #ifndef OPENSSL_NO_SSL2
else if (strcmp(*argv, "-ssl2") == 0) else if (strcmp(*argv, "-ssl2") == 0) {
meth = SSLv2_client_method(); meth = SSLv2_client_method();
prot_opt++;
}
#endif #endif
#ifndef OPENSSL_NO_SSL3_METHOD #ifndef OPENSSL_NO_SSL3_METHOD
else if (strcmp(*argv, "-ssl3") == 0) else if (strcmp(*argv, "-ssl3") == 0) {
meth = SSLv3_client_method(); meth = SSLv3_client_method();
prot_opt++;
}
#endif #endif
#ifndef OPENSSL_NO_TLS1 #ifndef OPENSSL_NO_TLS1
else if (strcmp(*argv, "-tls1_2") == 0) else if (strcmp(*argv, "-tls1_2") == 0) {
meth = TLSv1_2_client_method(); meth = TLSv1_2_client_method();
else if (strcmp(*argv, "-tls1_1") == 0) prot_opt++;
} else if (strcmp(*argv, "-tls1_1") == 0) {
meth = TLSv1_1_client_method(); meth = TLSv1_1_client_method();
else if (strcmp(*argv, "-tls1") == 0) prot_opt++;
} else if (strcmp(*argv, "-tls1") == 0) {
meth = TLSv1_client_method(); meth = TLSv1_client_method();
prot_opt++;
}
#endif #endif
#ifndef OPENSSL_NO_DTLS1 #ifndef OPENSSL_NO_DTLS1
else if (strcmp(*argv, "-dtls") == 0) { else if (strcmp(*argv, "-dtls") == 0) {
meth = DTLS_client_method(); meth = DTLS_client_method();
socket_type = SOCK_DGRAM; socket_type = SOCK_DGRAM;
prot_opt++;
} else if (strcmp(*argv, "-dtls1") == 0) { } else if (strcmp(*argv, "-dtls1") == 0) {
meth = DTLSv1_client_method(); meth = DTLSv1_client_method();
socket_type = SOCK_DGRAM; socket_type = SOCK_DGRAM;
prot_opt++;
} else if (strcmp(*argv, "-dtls1_2") == 0) { } else if (strcmp(*argv, "-dtls1_2") == 0) {
meth = DTLSv1_2_client_method(); meth = DTLSv1_2_client_method();
socket_type = SOCK_DGRAM; socket_type = SOCK_DGRAM;
prot_opt++;
} else if (strcmp(*argv, "-timeout") == 0) } else if (strcmp(*argv, "-timeout") == 0)
enable_timeouts = 1; enable_timeouts = 1;
else if (strcmp(*argv, "-mtu") == 0) { else if (strcmp(*argv, "-mtu") == 0) {
@ -1149,6 +1159,17 @@ int MAIN(int argc, char **argv)
} }
#endif #endif
if (prot_opt > 1) {
BIO_printf(bio_err, "Cannot supply multiple protocol flags\n");
goto end;
}
if (prot_opt == 1 && no_prot_opt) {
BIO_printf(bio_err, "Cannot supply both a protocol flag and "
"\"-no_<prot>\"\n");
goto end;
}
OpenSSL_add_ssl_algorithms(); OpenSSL_add_ssl_algorithms();
SSL_load_error_strings(); SSL_load_error_strings();
@ -1540,6 +1561,9 @@ int MAIN(int argc, char **argv)
SSL_set_connect_state(con); SSL_set_connect_state(con);
/* ok, lets connect */ /* ok, lets connect */
if (fileno_stdin() > SSL_get_fd(con))
width = fileno_stdin() + 1;
else
width = SSL_get_fd(con) + 1; width = SSL_get_fd(con) + 1;
read_tty = 1; read_tty = 1;
@ -1723,9 +1747,11 @@ int MAIN(int argc, char **argv)
#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined (OPENSSL_SYS_BEOS_R5) #if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined (OPENSSL_SYS_BEOS_R5)
if (tty_on) { if (tty_on) {
if (read_tty) if (read_tty)
openssl_fdset(fileno(stdin), &readfds); openssl_fdset(fileno_stdin(), &readfds);
#if !defined(OPENSSL_SYS_VMS)
if (write_tty) if (write_tty)
openssl_fdset(fileno(stdout), &writefds); openssl_fdset(fileno_stdout(), &writefds);
#endif
} }
if (read_ssl) if (read_ssl)
openssl_fdset(SSL_get_fd(con), &readfds); openssl_fdset(SSL_get_fd(con), &readfds);
@ -1795,14 +1821,14 @@ int MAIN(int argc, char **argv)
/* Under BeOS-R5 the situation is similar to DOS */ /* Under BeOS-R5 the situation is similar to DOS */
i = 0; i = 0;
stdin_set = 0; stdin_set = 0;
(void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK); (void)fcntl(fileno_stdin(), F_SETFL, O_NONBLOCK);
if (!write_tty) { if (!write_tty) {
if (read_tty) { if (read_tty) {
tv.tv_sec = 1; tv.tv_sec = 1;
tv.tv_usec = 0; tv.tv_usec = 0;
i = select(width, (void *)&readfds, (void *)&writefds, i = select(width, (void *)&readfds, (void *)&writefds,
NULL, &tv); NULL, &tv);
if (read(fileno(stdin), sbuf, 0) >= 0) if (read(fileno_stdin(), sbuf, 0) >= 0)
stdin_set = 1; stdin_set = 1;
if (!i && (stdin_set != 1 || !read_tty)) if (!i && (stdin_set != 1 || !read_tty))
continue; continue;
@ -1810,7 +1836,7 @@ int MAIN(int argc, char **argv)
i = select(width, (void *)&readfds, (void *)&writefds, i = select(width, (void *)&readfds, (void *)&writefds,
NULL, timeoutp); NULL, timeoutp);
} }
(void)fcntl(fileno(stdin), F_SETFL, 0); (void)fcntl(fileno_stdin(), F_SETFL, 0);
#else #else
i = select(width, (void *)&readfds, (void *)&writefds, i = select(width, (void *)&readfds, (void *)&writefds,
NULL, timeoutp); NULL, timeoutp);
@ -1886,11 +1912,11 @@ int MAIN(int argc, char **argv)
goto shut; goto shut;
} }
} }
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5) #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5) || defined(OPENSSL_SYS_VMS)
/* Assume Windows/DOS/BeOS can always write */ /* Assume Windows/DOS/BeOS can always write */
else if (!ssl_pending && write_tty) else if (!ssl_pending && write_tty)
#else #else
else if (!ssl_pending && FD_ISSET(fileno(stdout), &writefds)) else if (!ssl_pending && FD_ISSET(fileno_stdout(), &writefds))
#endif #endif
{ {
#ifdef CHARSET_EBCDIC #ifdef CHARSET_EBCDIC
@ -1988,7 +2014,7 @@ int MAIN(int argc, char **argv)
#elif defined(OPENSSL_SYS_BEOS_R5) #elif defined(OPENSSL_SYS_BEOS_R5)
else if (stdin_set) else if (stdin_set)
#else #else
else if (FD_ISSET(fileno(stdin), &readfds)) else if (FD_ISSET(fileno_stdin(), &readfds))
#endif #endif
{ {
if (crlf) { if (crlf) {

View File

@ -353,9 +353,8 @@ static unsigned int psk_server_cb(SSL *ssl, const char *identity,
unsigned char *psk, unsigned char *psk,
unsigned int max_psk_len) unsigned int max_psk_len)
{ {
unsigned int psk_len = 0; long key_len = 0;
int ret; unsigned char *key;
BIGNUM *bn = NULL;
if (s_debug) if (s_debug)
BIO_printf(bio_s_out, "psk_server_cb\n"); BIO_printf(bio_s_out, "psk_server_cb\n");
@ -377,32 +376,26 @@ static unsigned int psk_server_cb(SSL *ssl, const char *identity,
BIO_printf(bio_s_out, "PSK client identity found\n"); BIO_printf(bio_s_out, "PSK client identity found\n");
/* convert the PSK key to binary */ /* convert the PSK key to binary */
ret = BN_hex2bn(&bn, psk_key); key = string_to_hex(psk_key, &key_len);
if (!ret) { if (key == NULL) {
BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n", BIO_printf(bio_err, "Could not convert PSK key '%s' to buffer\n",
psk_key); psk_key);
if (bn)
BN_free(bn);
return 0; return 0;
} }
if (BN_num_bytes(bn) > (int)max_psk_len) { if (key_len > (int)max_psk_len) {
BIO_printf(bio_err, BIO_printf(bio_err,
"psk buffer of callback is too small (%d) for key (%d)\n", "psk buffer of callback is too small (%d) for key (%ld)\n",
max_psk_len, BN_num_bytes(bn)); max_psk_len, key_len);
BN_free(bn); OPENSSL_free(key);
return 0; return 0;
} }
ret = BN_bn2bin(bn, psk); memcpy(psk, key, key_len);
BN_free(bn); OPENSSL_free(key);
if (ret < 0)
goto out_err;
psk_len = (unsigned int)ret;
if (s_debug) if (s_debug)
BIO_printf(bio_s_out, "fetched PSK len=%d\n", psk_len); BIO_printf(bio_s_out, "fetched PSK len=%ld\n", key_len);
return psk_len; return key_len;
out_err: out_err:
if (s_debug) if (s_debug)
BIO_printf(bio_err, "Error in PSK server callback\n"); BIO_printf(bio_err, "Error in PSK server callback\n");
@ -1144,6 +1137,7 @@ int MAIN(int argc, char *argv[])
int crl_format = FORMAT_PEM; int crl_format = FORMAT_PEM;
int crl_download = 0; int crl_download = 0;
STACK_OF(X509_CRL) *crls = NULL; STACK_OF(X509_CRL) *crls = NULL;
int prot_opt = 0, no_prot_opt = 0;
meth = SSLv23_server_method(); meth = SSLv23_server_method();
@ -1307,7 +1301,8 @@ int MAIN(int argc, char *argv[])
if (badarg) if (badarg)
goto bad; goto bad;
continue; continue;
} else if (args_ssl(&argv, &argc, cctx, &badarg, bio_err, &ssl_args)) { } else if (args_ssl(&argv, &argc, cctx, &badarg, bio_err, &ssl_args,
&no_prot_opt)) {
if (badarg) if (badarg)
goto bad; goto bad;
continue; continue;
@ -1451,32 +1446,40 @@ int MAIN(int argc, char *argv[])
else if (strcmp(*argv, "-ssl2") == 0) { else if (strcmp(*argv, "-ssl2") == 0) {
no_ecdhe = 1; no_ecdhe = 1;
meth = SSLv2_server_method(); meth = SSLv2_server_method();
prot_opt++;
} }
#endif #endif
#ifndef OPENSSL_NO_SSL3_METHOD #ifndef OPENSSL_NO_SSL3_METHOD
else if (strcmp(*argv, "-ssl3") == 0) { else if (strcmp(*argv, "-ssl3") == 0) {
meth = SSLv3_server_method(); meth = SSLv3_server_method();
prot_opt++;
} }
#endif #endif
#ifndef OPENSSL_NO_TLS1 #ifndef OPENSSL_NO_TLS1
else if (strcmp(*argv, "-tls1") == 0) { else if (strcmp(*argv, "-tls1") == 0) {
meth = TLSv1_server_method(); meth = TLSv1_server_method();
prot_opt++;
} else if (strcmp(*argv, "-tls1_1") == 0) { } else if (strcmp(*argv, "-tls1_1") == 0) {
meth = TLSv1_1_server_method(); meth = TLSv1_1_server_method();
prot_opt++;
} else if (strcmp(*argv, "-tls1_2") == 0) { } else if (strcmp(*argv, "-tls1_2") == 0) {
meth = TLSv1_2_server_method(); meth = TLSv1_2_server_method();
prot_opt++;
} }
#endif #endif
#ifndef OPENSSL_NO_DTLS1 #ifndef OPENSSL_NO_DTLS1
else if (strcmp(*argv, "-dtls") == 0) { else if (strcmp(*argv, "-dtls") == 0) {
meth = DTLS_server_method(); meth = DTLS_server_method();
socket_type = SOCK_DGRAM; socket_type = SOCK_DGRAM;
prot_opt++;
} else if (strcmp(*argv, "-dtls1") == 0) { } else if (strcmp(*argv, "-dtls1") == 0) {
meth = DTLSv1_server_method(); meth = DTLSv1_server_method();
socket_type = SOCK_DGRAM; socket_type = SOCK_DGRAM;
prot_opt++;
} else if (strcmp(*argv, "-dtls1_2") == 0) { } else if (strcmp(*argv, "-dtls1_2") == 0) {
meth = DTLSv1_2_server_method(); meth = DTLSv1_2_server_method();
socket_type = SOCK_DGRAM; socket_type = SOCK_DGRAM;
prot_opt++;
} else if (strcmp(*argv, "-timeout") == 0) } else if (strcmp(*argv, "-timeout") == 0)
enable_timeouts = 1; enable_timeouts = 1;
else if (strcmp(*argv, "-mtu") == 0) { else if (strcmp(*argv, "-mtu") == 0) {
@ -1586,6 +1589,17 @@ int MAIN(int argc, char *argv[])
} }
#endif #endif
if (prot_opt > 1) {
BIO_printf(bio_err, "Cannot supply multiple protocol flags\n");
goto end;
}
if (prot_opt == 1 && no_prot_opt) {
BIO_printf(bio_err, "Cannot supply both a protocol flag and "
"\"-no_<prot>\"\n");
goto end;
}
SSL_load_error_strings(); SSL_load_error_strings();
OpenSSL_add_ssl_algorithms(); OpenSSL_add_ssl_algorithms();
@ -2293,6 +2307,9 @@ static int sv_body(char *hostname, int s, int stype, unsigned char *context)
} }
#endif #endif
if (fileno_stdin() > s)
width = fileno_stdin() + 1;
else
width = s + 1; width = s + 1;
for (;;) { for (;;) {
int read_from_terminal; int read_from_terminal;
@ -2304,7 +2321,7 @@ static int sv_body(char *hostname, int s, int stype, unsigned char *context)
if (!read_from_sslcon) { if (!read_from_sslcon) {
FD_ZERO(&readfds); FD_ZERO(&readfds);
#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined(OPENSSL_SYS_BEOS_R5) #if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined(OPENSSL_SYS_BEOS_R5)
openssl_fdset(fileno(stdin), &readfds); openssl_fdset(fileno_stdin(), &readfds);
#endif #endif
openssl_fdset(s, &readfds); openssl_fdset(s, &readfds);
/* /*
@ -2332,13 +2349,13 @@ static int sv_body(char *hostname, int s, int stype, unsigned char *context)
/* Under BeOS-R5 the situation is similar to DOS */ /* Under BeOS-R5 the situation is similar to DOS */
tv.tv_sec = 1; tv.tv_sec = 1;
tv.tv_usec = 0; tv.tv_usec = 0;
(void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK); (void)fcntl(fileno_stdin(), F_SETFL, O_NONBLOCK);
i = select(width, (void *)&readfds, NULL, NULL, &tv); i = select(width, (void *)&readfds, NULL, NULL, &tv);
if ((i < 0) || (!i && read(fileno(stdin), buf, 0) < 0)) if ((i < 0) || (!i && read(fileno_stdin(), buf, 0) < 0))
continue; continue;
if (read(fileno(stdin), buf, 0) >= 0) if (read(fileno_stdin(), buf, 0) >= 0)
read_from_terminal = 1; read_from_terminal = 1;
(void)fcntl(fileno(stdin), F_SETFL, 0); (void)fcntl(fileno_stdin(), F_SETFL, 0);
#else #else
if ((SSL_version(con) == DTLS1_VERSION) && if ((SSL_version(con) == DTLS1_VERSION) &&
DTLSv1_get_timeout(con, &timeout)) DTLSv1_get_timeout(con, &timeout))
@ -2355,7 +2372,7 @@ static int sv_body(char *hostname, int s, int stype, unsigned char *context)
if (i <= 0) if (i <= 0)
continue; continue;
if (FD_ISSET(fileno(stdin), &readfds)) if (FD_ISSET(fileno_stdin(), &readfds))
read_from_terminal = 1; read_from_terminal = 1;
#endif #endif
if (FD_ISSET(s, &readfds)) if (FD_ISSET(s, &readfds))
@ -2382,6 +2399,7 @@ static int sv_body(char *hostname, int s, int stype, unsigned char *context)
assert(lf_num == 0); assert(lf_num == 0);
} else } else
i = raw_read_stdin(buf, bufsize); i = raw_read_stdin(buf, bufsize);
if (!s_quiet && !s_brief) { if (!s_quiet && !s_brief) {
if ((i <= 0) || (buf[0] == 'Q')) { if ((i <= 0) || (buf[0] == 'Q')) {
BIO_printf(bio_s_out, "DONE\n"); BIO_printf(bio_s_out, "DONE\n");
@ -3371,7 +3389,7 @@ static int generate_session_id(const SSL *ssl, unsigned char *id,
{ {
unsigned int count = 0; unsigned int count = 0;
do { do {
if (RAND_pseudo_bytes(id, *id_len) < 0) if (RAND_bytes(id, *id_len) <= 0)
return 0; return 0;
/* /*
* Prefix the session_id with the required prefix. NB: If our prefix * Prefix the session_id with the required prefix. NB: If our prefix

View File

@ -2614,6 +2614,10 @@ static int do_multi(int multi)
static char sep[] = ":"; static char sep[] = ":";
fds = malloc(multi * sizeof *fds); fds = malloc(multi * sizeof *fds);
if (fds == NULL) {
fprintf(stderr, "Out of memory in speed (do_multi)\n");
exit(1);
}
for (n = 0; n < multi; ++n) { for (n = 0; n < multi; ++n) {
if (pipe(fd) == -1) { if (pipe(fd) == -1) {
fprintf(stderr, "pipe failure\n"); fprintf(stderr, "pipe failure\n");

View File

@ -765,4 +765,6 @@ int MAIN(int argc, char **argv)
OPENSSL_EXIT(ret); OPENSSL_EXIT(ret);
} }
#else
static void *dummy = &dummy;
#endif #endif

View File

@ -115,43 +115,43 @@ int MAIN(int argc, char **argv)
if (argc >= 1) { if (argc >= 1) {
if (strcmp(*argv, "-CApath") == 0) { if (strcmp(*argv, "-CApath") == 0) {
if (argc-- < 1) if (argc-- < 1)
goto end; goto usage;
CApath = *(++argv); CApath = *(++argv);
} else if (strcmp(*argv, "-CAfile") == 0) { } else if (strcmp(*argv, "-CAfile") == 0) {
if (argc-- < 1) if (argc-- < 1)
goto end; goto usage;
CAfile = *(++argv); CAfile = *(++argv);
} else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) { } else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) {
if (badarg) if (badarg)
goto end; goto usage;
continue; continue;
} else if (strcmp(*argv, "-untrusted") == 0) { } else if (strcmp(*argv, "-untrusted") == 0) {
if (argc-- < 1) if (argc-- < 1)
goto end; goto usage;
untfile = *(++argv); untfile = *(++argv);
} else if (strcmp(*argv, "-trusted") == 0) { } else if (strcmp(*argv, "-trusted") == 0) {
if (argc-- < 1) if (argc-- < 1)
goto end; goto usage;
trustfile = *(++argv); trustfile = *(++argv);
} else if (strcmp(*argv, "-CRLfile") == 0) { } else if (strcmp(*argv, "-CRLfile") == 0) {
if (argc-- < 1) if (argc-- < 1)
goto end; goto usage;
crlfile = *(++argv); crlfile = *(++argv);
} else if (strcmp(*argv, "-crl_download") == 0) } else if (strcmp(*argv, "-crl_download") == 0)
crl_download = 1; crl_download = 1;
#ifndef OPENSSL_NO_ENGINE #ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv, "-engine") == 0) { else if (strcmp(*argv, "-engine") == 0) {
if (--argc < 1) if (--argc < 1)
goto end; goto usage;
engine = *(++argv); engine = *(++argv);
} }
#endif #endif
else if (strcmp(*argv, "-help") == 0) else if (strcmp(*argv, "-help") == 0)
goto end; goto usage;
else if (strcmp(*argv, "-verbose") == 0) else if (strcmp(*argv, "-verbose") == 0)
v_verbose = 1; v_verbose = 1;
else if (argv[0][0] == '-') else if (argv[0][0] == '-')
goto end; goto usage;
else else
break; break;
argc--; argc--;
@ -228,7 +228,7 @@ int MAIN(int argc, char **argv)
ret = -1; ret = -1;
} }
end: usage:
if (ret == 1) { if (ret == 1) {
BIO_printf(bio_err, BIO_printf(bio_err,
"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check]"); "usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check]");
@ -247,6 +247,7 @@ int MAIN(int argc, char **argv)
X509_PURPOSE_get0_name(ptmp)); X509_PURPOSE_get0_name(ptmp));
} }
} }
end:
if (vpm) if (vpm)
X509_VERIFY_PARAM_free(vpm); X509_VERIFY_PARAM_free(vpm);
if (cert_ctx != NULL) if (cert_ctx != NULL)

View File

@ -1105,6 +1105,10 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
EVP_PKEY *upkey; EVP_PKEY *upkey;
upkey = X509_get_pubkey(xca); upkey = X509_get_pubkey(xca);
if (upkey == NULL) {
BIO_printf(bio_err, "Error obtaining CA X509 public key\n");
goto end;
}
EVP_PKEY_copy_parameters(upkey, pkey); EVP_PKEY_copy_parameters(upkey, pkey);
EVP_PKEY_free(upkey); EVP_PKEY_free(upkey);
@ -1217,6 +1221,8 @@ static int sign(X509 *x, EVP_PKEY *pkey, int days, int clrext,
EVP_PKEY *pktmp; EVP_PKEY *pktmp;
pktmp = X509_get_pubkey(x); pktmp = X509_get_pubkey(x);
if (pktmp == NULL)
goto err;
EVP_PKEY_copy_parameters(pktmp, pkey); EVP_PKEY_copy_parameters(pktmp, pkey);
EVP_PKEY_save_parameters(pktmp, 1); EVP_PKEY_save_parameters(pktmp, 1);
EVP_PKEY_free(pktmp); EVP_PKEY_free(pktmp);

View File

@ -1,7 +1,3 @@
/*
* $LP: LPlib/source/LPdir_unix.c,v 1.11 2004/09/23 22:07:22 _cvs_levitte Exp
* $
*/
/* /*
* Copyright (c) 2004, Richard Levitte <richard@levitte.org> * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
* All rights reserved. * All rights reserved.

View File

@ -1797,8 +1797,6 @@ $code.=<<___;
b .Lxts_enc_done b .Lxts_enc_done
.align 4 .align 4
.Lxts_enc_6: .Lxts_enc_6:
vst1.64 {@XMM[14]}, [r0,:128] @ next round tweak
veor @XMM[4], @XMM[4], @XMM[12] veor @XMM[4], @XMM[4], @XMM[12]
#ifndef BSAES_ASM_EXTENDED_KEY #ifndef BSAES_ASM_EXTENDED_KEY
add r4, sp, #0x90 @ pass key schedule add r4, sp, #0x90 @ pass key schedule
@ -1834,8 +1832,6 @@ $code.=<<___;
.align 5 .align 5
.Lxts_enc_5: .Lxts_enc_5:
vst1.64 {@XMM[13]}, [r0,:128] @ next round tweak
veor @XMM[3], @XMM[3], @XMM[11] veor @XMM[3], @XMM[3], @XMM[11]
#ifndef BSAES_ASM_EXTENDED_KEY #ifndef BSAES_ASM_EXTENDED_KEY
add r4, sp, #0x90 @ pass key schedule add r4, sp, #0x90 @ pass key schedule
@ -1864,8 +1860,6 @@ $code.=<<___;
b .Lxts_enc_done b .Lxts_enc_done
.align 4 .align 4
.Lxts_enc_4: .Lxts_enc_4:
vst1.64 {@XMM[12]}, [r0,:128] @ next round tweak
veor @XMM[2], @XMM[2], @XMM[10] veor @XMM[2], @XMM[2], @XMM[10]
#ifndef BSAES_ASM_EXTENDED_KEY #ifndef BSAES_ASM_EXTENDED_KEY
add r4, sp, #0x90 @ pass key schedule add r4, sp, #0x90 @ pass key schedule
@ -1891,8 +1885,6 @@ $code.=<<___;
b .Lxts_enc_done b .Lxts_enc_done
.align 4 .align 4
.Lxts_enc_3: .Lxts_enc_3:
vst1.64 {@XMM[11]}, [r0,:128] @ next round tweak
veor @XMM[1], @XMM[1], @XMM[9] veor @XMM[1], @XMM[1], @XMM[9]
#ifndef BSAES_ASM_EXTENDED_KEY #ifndef BSAES_ASM_EXTENDED_KEY
add r4, sp, #0x90 @ pass key schedule add r4, sp, #0x90 @ pass key schedule
@ -1917,8 +1909,6 @@ $code.=<<___;
b .Lxts_enc_done b .Lxts_enc_done
.align 4 .align 4
.Lxts_enc_2: .Lxts_enc_2:
vst1.64 {@XMM[10]}, [r0,:128] @ next round tweak
veor @XMM[0], @XMM[0], @XMM[8] veor @XMM[0], @XMM[0], @XMM[8]
#ifndef BSAES_ASM_EXTENDED_KEY #ifndef BSAES_ASM_EXTENDED_KEY
add r4, sp, #0x90 @ pass key schedule add r4, sp, #0x90 @ pass key schedule
@ -1941,7 +1931,7 @@ $code.=<<___;
.align 4 .align 4
.Lxts_enc_1: .Lxts_enc_1:
mov r0, sp mov r0, sp
veor @XMM[0], @XMM[8] veor @XMM[0], @XMM[0], @XMM[8]
mov r1, sp mov r1, sp
vst1.8 {@XMM[0]}, [sp,:128] vst1.8 {@XMM[0]}, [sp,:128]
mov r2, $key mov r2, $key
@ -2251,8 +2241,6 @@ $code.=<<___;
b .Lxts_dec_done b .Lxts_dec_done
.align 4 .align 4
.Lxts_dec_5: .Lxts_dec_5:
vst1.64 {@XMM[13]}, [r0,:128] @ next round tweak
veor @XMM[3], @XMM[3], @XMM[11] veor @XMM[3], @XMM[3], @XMM[11]
#ifndef BSAES_ASM_EXTENDED_KEY #ifndef BSAES_ASM_EXTENDED_KEY
add r4, sp, #0x90 @ pass key schedule add r4, sp, #0x90 @ pass key schedule
@ -2281,8 +2269,6 @@ $code.=<<___;
b .Lxts_dec_done b .Lxts_dec_done
.align 4 .align 4
.Lxts_dec_4: .Lxts_dec_4:
vst1.64 {@XMM[12]}, [r0,:128] @ next round tweak
veor @XMM[2], @XMM[2], @XMM[10] veor @XMM[2], @XMM[2], @XMM[10]
#ifndef BSAES_ASM_EXTENDED_KEY #ifndef BSAES_ASM_EXTENDED_KEY
add r4, sp, #0x90 @ pass key schedule add r4, sp, #0x90 @ pass key schedule
@ -2308,8 +2294,6 @@ $code.=<<___;
b .Lxts_dec_done b .Lxts_dec_done
.align 4 .align 4
.Lxts_dec_3: .Lxts_dec_3:
vst1.64 {@XMM[11]}, [r0,:128] @ next round tweak
veor @XMM[1], @XMM[1], @XMM[9] veor @XMM[1], @XMM[1], @XMM[9]
#ifndef BSAES_ASM_EXTENDED_KEY #ifndef BSAES_ASM_EXTENDED_KEY
add r4, sp, #0x90 @ pass key schedule add r4, sp, #0x90 @ pass key schedule
@ -2334,8 +2318,6 @@ $code.=<<___;
b .Lxts_dec_done b .Lxts_dec_done
.align 4 .align 4
.Lxts_dec_2: .Lxts_dec_2:
vst1.64 {@XMM[10]}, [r0,:128] @ next round tweak
veor @XMM[0], @XMM[0], @XMM[8] veor @XMM[0], @XMM[0], @XMM[8]
#ifndef BSAES_ASM_EXTENDED_KEY #ifndef BSAES_ASM_EXTENDED_KEY
add r4, sp, #0x90 @ pass key schedule add r4, sp, #0x90 @ pass key schedule
@ -2358,12 +2340,12 @@ $code.=<<___;
.align 4 .align 4
.Lxts_dec_1: .Lxts_dec_1:
mov r0, sp mov r0, sp
veor @XMM[0], @XMM[8] veor @XMM[0], @XMM[0], @XMM[8]
mov r1, sp mov r1, sp
vst1.8 {@XMM[0]}, [sp,:128] vst1.8 {@XMM[0]}, [sp,:128]
mov r5, $magic @ preserve magic
mov r2, $key mov r2, $key
mov r4, $fp @ preserve fp mov r4, $fp @ preserve fp
mov r5, $magic @ preserve magic
bl AES_decrypt bl AES_decrypt

View File

@ -60,7 +60,12 @@
#include "cryptlib.h" #include "cryptlib.h"
#include <openssl/asn1.h> #include <openssl/asn1.h>
static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c); static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c,
int depth);
static ASN1_STRING *int_d2i_ASN1_bytes(ASN1_STRING **a,
const unsigned char **pp, long length,
int Ptag, int Pclass, int depth,
int *perr);
/* /*
* type is a 'bitmap' of acceptable string types. * type is a 'bitmap' of acceptable string types.
*/ */
@ -99,7 +104,7 @@ ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp,
ret = (*a); ret = (*a);
if (len != 0) { if (len != 0) {
s = (unsigned char *)OPENSSL_malloc((int)len + 1); s = OPENSSL_malloc((int)len + 1);
if (s == NULL) { if (s == NULL) {
i = ERR_R_MALLOC_FAILURE; i = ERR_R_MALLOC_FAILURE;
goto err; goto err;
@ -154,15 +159,38 @@ int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass)
return (r); return (r);
} }
/*
* Maximum recursion depth of d2i_ASN1_bytes(): much more than should be
* encountered in pratice.
*/
#define ASN1_BYTES_MAXDEPTH 20
ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp, ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
long length, int Ptag, int Pclass) long length, int Ptag, int Pclass)
{
int err = 0;
ASN1_STRING *s = int_d2i_ASN1_bytes(a, pp, length, Ptag, Pclass, 0, &err);
if (err != 0)
ASN1err(ASN1_F_D2I_ASN1_BYTES, err);
return s;
}
static ASN1_STRING *int_d2i_ASN1_bytes(ASN1_STRING **a,
const unsigned char **pp, long length,
int Ptag, int Pclass,
int depth, int *perr)
{ {
ASN1_STRING *ret = NULL; ASN1_STRING *ret = NULL;
const unsigned char *p; const unsigned char *p;
unsigned char *s; unsigned char *s;
long len; long len;
int inf, tag, xclass; int inf, tag, xclass;
int i = 0;
if (depth > ASN1_BYTES_MAXDEPTH) {
*perr = ASN1_R_NESTED_ASN1_STRING;
return NULL;
}
if ((a == NULL) || ((*a) == NULL)) { if ((a == NULL) || ((*a) == NULL)) {
if ((ret = ASN1_STRING_new()) == NULL) if ((ret = ASN1_STRING_new()) == NULL)
@ -173,18 +201,19 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
p = *pp; p = *pp;
inf = ASN1_get_object(&p, &len, &tag, &xclass, length); inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
if (inf & 0x80) { if (inf & 0x80) {
i = ASN1_R_BAD_OBJECT_HEADER; *perr = ASN1_R_BAD_OBJECT_HEADER;
goto err; goto err;
} }
if (tag != Ptag) { if (tag != Ptag) {
i = ASN1_R_WRONG_TAG; *perr = ASN1_R_WRONG_TAG;
goto err; goto err;
} }
if (inf & V_ASN1_CONSTRUCTED) { if (inf & V_ASN1_CONSTRUCTED) {
ASN1_const_CTX c; ASN1_const_CTX c;
c.error = 0;
c.pp = pp; c.pp = pp;
c.p = p; c.p = p;
c.inf = inf; c.inf = inf;
@ -192,17 +221,18 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
c.tag = Ptag; c.tag = Ptag;
c.xclass = Pclass; c.xclass = Pclass;
c.max = (length == 0) ? 0 : (p + length); c.max = (length == 0) ? 0 : (p + length);
if (!asn1_collate_primitive(ret, &c)) if (!asn1_collate_primitive(ret, &c, depth)) {
*perr = c.error;
goto err; goto err;
else { } else {
p = c.p; p = c.p;
} }
} else { } else {
if (len != 0) { if (len != 0) {
if ((ret->length < len) || (ret->data == NULL)) { if ((ret->length < len) || (ret->data == NULL)) {
s = (unsigned char *)OPENSSL_malloc((int)len + 1); s = OPENSSL_malloc((int)len + 1);
if (s == NULL) { if (s == NULL) {
i = ERR_R_MALLOC_FAILURE; *perr = ERR_R_MALLOC_FAILURE;
goto err; goto err;
} }
if (ret->data != NULL) if (ret->data != NULL)
@ -230,7 +260,6 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
err: err:
if ((ret != NULL) && ((a == NULL) || (*a != ret))) if ((ret != NULL) && ((a == NULL) || (*a != ret)))
ASN1_STRING_free(ret); ASN1_STRING_free(ret);
ASN1err(ASN1_F_D2I_ASN1_BYTES, i);
return (NULL); return (NULL);
} }
@ -242,7 +271,8 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
* There have been a few bug fixes for this function from Paul Keogh * There have been a few bug fixes for this function from Paul Keogh
* <paul.keogh@sse.ie>, many thanks to him * <paul.keogh@sse.ie>, many thanks to him
*/ */
static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c) static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c,
int depth)
{ {
ASN1_STRING *os = NULL; ASN1_STRING *os = NULL;
BUF_MEM b; BUF_MEM b;
@ -270,9 +300,8 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c)
} }
c->q = c->p; c->q = c->p;
if (d2i_ASN1_bytes(&os, &c->p, c->max - c->p, c->tag, c->xclass) if (int_d2i_ASN1_bytes(&os, &c->p, c->max - c->p, c->tag, c->xclass,
== NULL) { depth + 1, &c->error) == NULL) {
c->error = ERR_R_ASN1_LIB;
goto err; goto err;
} }
@ -297,7 +326,6 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c)
ASN1_STRING_free(os); ASN1_STRING_free(os);
return (1); return (1);
err: err:
ASN1err(ASN1_F_ASN1_COLLATE_PRIMITIVE, c->error);
if (os != NULL) if (os != NULL)
ASN1_STRING_free(os); ASN1_STRING_free(os);
if (b.data != NULL) if (b.data != NULL)

View File

@ -73,7 +73,7 @@ int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
return (0); return (0);
objsize = ASN1_object_size(0, a->length, V_ASN1_OBJECT); objsize = ASN1_object_size(0, a->length, V_ASN1_OBJECT);
if (pp == NULL) if (pp == NULL || objsize == -1)
return objsize; return objsize;
p = *pp; p = *pp;
@ -174,8 +174,12 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
if (!tmp) if (!tmp)
goto err; goto err;
} }
while (blsize--) while (blsize--) {
tmp[i++] = (unsigned char)BN_div_word(bl, 0x80L); BN_ULONG t = BN_div_word(bl, 0x80L);
if (t == (BN_ULONG)-1)
goto err;
tmp[i++] = (unsigned char)t;
}
} else { } else {
for (;;) { for (;;) {

View File

@ -57,6 +57,7 @@
*/ */
#include <stdio.h> #include <stdio.h>
#include <limits.h>
#include "cryptlib.h" #include "cryptlib.h"
#include <openssl/asn1_mac.h> #include <openssl/asn1_mac.h>
@ -98,10 +99,14 @@ int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp,
if (a == NULL) if (a == NULL)
return (0); return (0);
for (i = sk_OPENSSL_BLOCK_num(a) - 1; i >= 0; i--) for (i = sk_OPENSSL_BLOCK_num(a) - 1; i >= 0; i--) {
int tmplen = i2d(sk_OPENSSL_BLOCK_value(a, i), NULL);
if (tmplen > INT_MAX - ret)
return -1;
ret += i2d(sk_OPENSSL_BLOCK_value(a, i), NULL); ret += i2d(sk_OPENSSL_BLOCK_value(a, i), NULL);
}
r = ASN1_object_size(1, ret, ex_tag); r = ASN1_object_size(1, ret, ex_tag);
if (pp == NULL) if (pp == NULL || r == -1)
return (r); return (r);
p = *pp; p = *pp;

View File

@ -337,7 +337,7 @@ static const signed char tag2nbyte[] = {
-1, -1, -1, -1, -1, /* 5-9 */ -1, -1, -1, -1, -1, /* 5-9 */
-1, -1, 0, -1, /* 10-13 */ -1, -1, 0, -1, /* 10-13 */
-1, -1, -1, -1, /* 15-17 */ -1, -1, -1, -1, /* 15-17 */
-1, 1, 1, /* 18-20 */ 1, 1, 1, /* 18-20 */
-1, 1, 1, 1, /* 21-24 */ -1, 1, 1, 1, /* 21-24 */
-1, 1, -1, /* 25-27 */ -1, 1, -1, /* 25-27 */
4, -1, 2 /* 28-30 */ 4, -1, 2 /* 28-30 */

View File

@ -250,6 +250,7 @@ int ASN1_STRING_TABLE_add(int nid,
} }
tmp->flags = flags | STABLE_FLAGS_MALLOC; tmp->flags = flags | STABLE_FLAGS_MALLOC;
tmp->nid = nid; tmp->nid = nid;
tmp->minsize = tmp->maxsize = -1;
new_nid = 1; new_nid = 1;
} else } else
tmp->flags = (tmp->flags & STABLE_FLAGS_MALLOC) | flags; tmp->flags = (tmp->flags & STABLE_FLAGS_MALLOC) | flags;

View File

@ -93,7 +93,9 @@ static const EVP_PKEY_ASN1_METHOD *standard_methods[] = {
&eckey_asn1_meth, &eckey_asn1_meth,
#endif #endif
&hmac_asn1_meth, &hmac_asn1_meth,
#ifndef OPENSSL_NO_CMAC
&cmac_asn1_meth, &cmac_asn1_meth,
#endif
#ifndef OPENSSL_NO_DH #ifndef OPENSSL_NO_DH
&dhx_asn1_meth &dhx_asn1_meth
#endif #endif

View File

@ -256,26 +256,30 @@ static void asn1_put_length(unsigned char **pp, int length)
int ASN1_object_size(int constructed, int length, int tag) int ASN1_object_size(int constructed, int length, int tag)
{ {
int ret; int ret = 1;
if (length < 0)
ret = length; return -1;
ret++;
if (tag >= 31) { if (tag >= 31) {
while (tag > 0) { while (tag > 0) {
tag >>= 7; tag >>= 7;
ret++; ret++;
} }
} }
if (constructed == 2) if (constructed == 2) {
return ret + 3; ret += 3;
} else {
ret++; ret++;
if (length > 127) { if (length > 127) {
while (length > 0) { int tmplen = length;
length >>= 8; while (tmplen > 0) {
tmplen >>= 8;
ret++; ret++;
} }
} }
return (ret); }
if (ret >= INT_MAX - length)
return -1;
return ret + length;
} }
static int _asn1_Finish(ASN1_const_CTX *c) static int _asn1_Finish(ASN1_const_CTX *c)
@ -324,7 +328,7 @@ int asn1_GetSequence(ASN1_const_CTX *c, long *length)
return (0); return (0);
} }
if (c->inf == (1 | V_ASN1_CONSTRUCTED)) if (c->inf == (1 | V_ASN1_CONSTRUCTED))
c->slen = *length + *(c->pp) - c->p; c->slen = *length;
c->eos = 0; c->eos = 0;
return (1); return (1);
} }
@ -366,7 +370,7 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
else else
len = strlen(data); len = strlen(data);
} }
if ((str->length < len) || (str->data == NULL)) { if ((str->length <= len) || (str->data == NULL)) {
c = str->data; c = str->data;
if (c == NULL) if (c == NULL)
str->data = OPENSSL_malloc(len + 1); str->data = OPENSSL_malloc(len + 1);

View File

@ -289,7 +289,7 @@ int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
if ((flags & SMIME_DETACHED) && data) { if ((flags & SMIME_DETACHED) && data) {
/* We want multipart/signed */ /* We want multipart/signed */
/* Generate a random boundary */ /* Generate a random boundary */
if (RAND_pseudo_bytes((unsigned char *)bound, 32) < 0) if (RAND_bytes((unsigned char *)bound, 32) <= 0)
return 0; return 0;
for (i = 0; i < 32; i++) { for (i = 0; i < 32; i++) {
c = bound[i] & 0xf; c = bound[i] & 0xf;
@ -623,6 +623,8 @@ static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret)
if (bpart) if (bpart)
sk_BIO_push(parts, bpart); sk_BIO_push(parts, bpart);
bpart = BIO_new(BIO_s_mem()); bpart = BIO_new(BIO_s_mem());
if (bpart == NULL)
return 1;
BIO_set_mem_eof_return(bpart, 0); BIO_set_mem_eof_return(bpart, 0);
} else if (eol) } else if (eol)
BIO_write(bpart, "\r\n", 2); BIO_write(bpart, "\r\n", 2);

View File

@ -170,10 +170,12 @@ static int asn1_bio_init(BIO_ASN1_BUF_CTX *ctx, int size)
ctx->copylen = 0; ctx->copylen = 0;
ctx->asn1_class = V_ASN1_UNIVERSAL; ctx->asn1_class = V_ASN1_UNIVERSAL;
ctx->asn1_tag = V_ASN1_OCTET_STRING; ctx->asn1_tag = V_ASN1_OCTET_STRING;
ctx->ex_buf = 0; ctx->ex_buf = NULL;
ctx->ex_pos = 0;
ctx->ex_len = 0; ctx->ex_len = 0;
ctx->ex_pos = 0;
ctx->state = ASN1_STATE_START; ctx->state = ASN1_STATE_START;
ctx->prefix = ctx->prefix_free = ctx->suffix = ctx->suffix_free = NULL;
ctx->ex_arg = NULL;
return 1; return 1;
} }

View File

@ -136,6 +136,7 @@ BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it)
ndef_aux->ndef_bio = sarg.ndef_bio; ndef_aux->ndef_bio = sarg.ndef_bio;
ndef_aux->boundary = sarg.boundary; ndef_aux->boundary = sarg.boundary;
ndef_aux->out = out; ndef_aux->out = out;
ndef_aux->derbuf = NULL;
BIO_ctrl(asn_bio, BIO_C_SET_EX_ARG, 0, ndef_aux); BIO_ctrl(asn_bio, BIO_C_SET_EX_ARG, 0, ndef_aux);

View File

@ -67,17 +67,19 @@ $arr[ord("?")] |= $PSTRING_CHAR;
# Now generate the C code # Now generate the C code
print <<EOF; print <<EOF;
/* Auto generated with chartype.pl script. /*
* Mask of various character properties * Auto generated with chartype.pl script. Mask of various character
* properties
*/ */
static unsigned char char_type[] = { static const unsigned char char_type[] = {
EOF EOF
print " ";
for($i = 0; $i < 128; $i++) { for($i = 0; $i < 128; $i++) {
print("\n") if($i && (($i % 16) == 0)); print("\n ") if($i && (($i % 16) == 0));
printf("%2d", $arr[$i]); printf(" %d", $arr[$i]);
print(",") if ($i != 127); print(",") if ($i != 127);
} }
print("\n};\n\n"); print("\n};\n");

View File

@ -97,15 +97,17 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
if (!ret->ameth->old_priv_decode || if (!ret->ameth->old_priv_decode ||
!ret->ameth->old_priv_decode(ret, &p, length)) { !ret->ameth->old_priv_decode(ret, &p, length)) {
if (ret->ameth->priv_decode) { if (ret->ameth->priv_decode) {
EVP_PKEY *tmp;
PKCS8_PRIV_KEY_INFO *p8 = NULL; PKCS8_PRIV_KEY_INFO *p8 = NULL;
p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length); p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
if (!p8) if (!p8)
goto err; goto err;
EVP_PKEY_free(ret); tmp = EVP_PKCS82PKEY(p8);
ret = EVP_PKCS82PKEY(p8);
PKCS8_PRIV_KEY_INFO_free(p8); PKCS8_PRIV_KEY_INFO_free(p8);
if (ret == NULL) if (tmp == NULL)
goto err; goto err;
EVP_PKEY_free(ret);
ret = tmp;
} else { } else {
ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB); ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
goto err; goto err;

View File

@ -160,8 +160,6 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
i * 2); i * 2);
if (sp == NULL) { if (sp == NULL) {
ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE); ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE);
if (s != NULL)
OPENSSL_free(s);
goto err; goto err;
} }
s = sp; s = sp;
@ -199,5 +197,7 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
err_sl: err_sl:
ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ASN1_R_SHORT_LINE); ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ASN1_R_SHORT_LINE);
} }
if (ret != 1)
OPENSSL_free(s);
return (ret); return (ret);
} }

View File

@ -172,8 +172,6 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
sp = OPENSSL_realloc_clean(s, slen, num + i * 2); sp = OPENSSL_realloc_clean(s, slen, num + i * 2);
if (sp == NULL) { if (sp == NULL) {
ASN1err(ASN1_F_A2I_ASN1_INTEGER, ERR_R_MALLOC_FAILURE); ASN1err(ASN1_F_A2I_ASN1_INTEGER, ERR_R_MALLOC_FAILURE);
if (s != NULL)
OPENSSL_free(s);
goto err; goto err;
} }
s = sp; s = sp;
@ -211,5 +209,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
err_sl: err_sl:
ASN1err(ASN1_F_A2I_ASN1_INTEGER, ASN1_R_SHORT_LINE); ASN1err(ASN1_F_A2I_ASN1_INTEGER, ASN1_R_SHORT_LINE);
} }
if (ret != 1)
OPENSSL_free(s);
return (ret); return (ret);
} }

View File

@ -166,8 +166,6 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
i * 2); i * 2);
if (sp == NULL) { if (sp == NULL) {
ASN1err(ASN1_F_A2I_ASN1_STRING, ERR_R_MALLOC_FAILURE); ASN1err(ASN1_F_A2I_ASN1_STRING, ERR_R_MALLOC_FAILURE);
if (s != NULL)
OPENSSL_free(s);
goto err; goto err;
} }
s = sp; s = sp;
@ -205,5 +203,7 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
err_sl: err_sl:
ASN1err(ASN1_F_A2I_ASN1_STRING, ASN1_R_SHORT_LINE); ASN1err(ASN1_F_A2I_ASN1_STRING, ASN1_R_SHORT_LINE);
} }
if (ret != 1)
OPENSSL_free(s);
return (ret); return (ret);
} }

View File

@ -69,10 +69,13 @@ int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
} }
if (a->ameth && a->ameth->priv_encode) { if (a->ameth && a->ameth->priv_encode) {
PKCS8_PRIV_KEY_INFO *p8 = EVP_PKEY2PKCS8(a); PKCS8_PRIV_KEY_INFO *p8 = EVP_PKEY2PKCS8(a);
int ret = i2d_PKCS8_PRIV_KEY_INFO(p8, pp); int ret = 0;
if (p8 != NULL) {
ret = i2d_PKCS8_PRIV_KEY_INFO(p8, pp);
PKCS8_PRIV_KEY_INFO_free(p8); PKCS8_PRIV_KEY_INFO_free(p8);
}
return ret; return ret;
} }
ASN1err(ASN1_F_I2D_PRIVATEKEY, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); ASN1err(ASN1_F_I2D_PRIVATEKEY, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
return (-1); return -1;
} }

View File

@ -101,7 +101,7 @@ int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
sstr = ASN1_STRING_data(pbe->salt); sstr = ASN1_STRING_data(pbe->salt);
if (salt) if (salt)
memcpy(sstr, salt, saltlen); memcpy(sstr, salt, saltlen);
else if (RAND_pseudo_bytes(sstr, saltlen) < 0) else if (RAND_bytes(sstr, saltlen) <= 0)
goto err; goto err;
if (!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) { if (!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) {

View File

@ -120,7 +120,7 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
if (EVP_CIPHER_iv_length(cipher)) { if (EVP_CIPHER_iv_length(cipher)) {
if (aiv) if (aiv)
memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher)); memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
else if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0) else if (RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)) <= 0)
goto err; goto err;
} }
@ -225,7 +225,7 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
if (salt) if (salt)
memcpy(osalt->data, salt, saltlen); memcpy(osalt->data, salt, saltlen);
else if (RAND_pseudo_bytes(osalt->data, saltlen) < 0) else if (RAND_bytes(osalt->data, saltlen) <= 0)
goto merr; goto merr;
if (iter <= 0) if (iter <= 0)

View File

@ -196,6 +196,7 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags,
if (BIO_puts(bp, ":") <= 0) if (BIO_puts(bp, ":") <= 0)
goto err; goto err;
if ((type == V_ASN1_PRINTABLESTRING) || if ((type == V_ASN1_PRINTABLESTRING) ||
(type == V_ASN1_UTF8STRING) ||
(type == V_ASN1_T61STRING) || (type == V_ASN1_T61STRING) ||
(type == V_ASN1_IA5STRING)) { (type == V_ASN1_IA5STRING)) {
if (BIO_write(bp, (char *)bs->data, bs->length) if (BIO_write(bp, (char *)bs->data, bs->length)

View File

@ -400,7 +400,9 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
if (tt->flags & ASN1_TFLG_ADB_MASK) { if (tt->flags & ASN1_TFLG_ADB_MASK) {
const ASN1_TEMPLATE *seqtt; const ASN1_TEMPLATE *seqtt;
ASN1_VALUE **pseqval; ASN1_VALUE **pseqval;
seqtt = asn1_do_adb(pval, tt, 1); seqtt = asn1_do_adb(pval, tt, 0);
if (seqtt == NULL)
continue;
pseqval = asn1_get_field_ptr(pval, seqtt); pseqval = asn1_get_field_ptr(pval, seqtt);
ASN1_template_free(pseqval, seqtt); ASN1_template_free(pseqval, seqtt);
} }
@ -411,7 +413,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
const ASN1_TEMPLATE *seqtt; const ASN1_TEMPLATE *seqtt;
ASN1_VALUE **pseqval; ASN1_VALUE **pseqval;
seqtt = asn1_do_adb(pval, tt, 1); seqtt = asn1_do_adb(pval, tt, 1);
if (!seqtt) if (seqtt == NULL)
goto err; goto err;
pseqval = asn1_get_field_ptr(pval, seqtt); pseqval = asn1_get_field_ptr(pval, seqtt);
/* Have we ran out of data? */ /* Have we ran out of data? */
@ -476,7 +478,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
for (; i < it->tcount; tt++, i++) { for (; i < it->tcount; tt++, i++) {
const ASN1_TEMPLATE *seqtt; const ASN1_TEMPLATE *seqtt;
seqtt = asn1_do_adb(pval, tt, 1); seqtt = asn1_do_adb(pval, tt, 1);
if (!seqtt) if (seqtt == NULL)
goto err; goto err;
if (seqtt->flags & ASN1_TFLG_OPTIONAL) { if (seqtt->flags & ASN1_TFLG_OPTIONAL) {
ASN1_VALUE **pseqval; ASN1_VALUE **pseqval;

View File

@ -59,6 +59,7 @@
#include <stddef.h> #include <stddef.h>
#include <string.h> #include <string.h>
#include <limits.h>
#include "cryptlib.h" #include "cryptlib.h"
#include <openssl/asn1.h> #include <openssl/asn1.h>
#include <openssl/asn1t.h> #include <openssl/asn1t.h>
@ -216,17 +217,19 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) { for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
const ASN1_TEMPLATE *seqtt; const ASN1_TEMPLATE *seqtt;
ASN1_VALUE **pseqval; ASN1_VALUE **pseqval;
int tmplen;
seqtt = asn1_do_adb(pval, tt, 1); seqtt = asn1_do_adb(pval, tt, 1);
if (!seqtt) if (!seqtt)
return 0; return 0;
pseqval = asn1_get_field_ptr(pval, seqtt); pseqval = asn1_get_field_ptr(pval, seqtt);
/* FIXME: check for errors in enhanced version */ tmplen = asn1_template_ex_i2d(pseqval, NULL, seqtt, -1, aclass);
seqcontlen += asn1_template_ex_i2d(pseqval, NULL, seqtt, if (tmplen == -1 || (tmplen > INT_MAX - seqcontlen))
-1, aclass); return -1;
seqcontlen += tmplen;
} }
seqlen = ASN1_object_size(ndef, seqcontlen, tag); seqlen = ASN1_object_size(ndef, seqcontlen, tag);
if (!out) if (!out || seqlen == -1)
return seqlen; return seqlen;
/* Output SEQUENCE header */ /* Output SEQUENCE header */
ASN1_put_object(out, ndef, seqcontlen, tag, aclass); ASN1_put_object(out, ndef, seqcontlen, tag, aclass);
@ -339,19 +342,24 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
/* Determine total length of items */ /* Determine total length of items */
skcontlen = 0; skcontlen = 0;
for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) { for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
int tmplen;
skitem = sk_ASN1_VALUE_value(sk, i); skitem = sk_ASN1_VALUE_value(sk, i);
skcontlen += ASN1_item_ex_i2d(&skitem, NULL, tmplen = ASN1_item_ex_i2d(&skitem, NULL, ASN1_ITEM_ptr(tt->item),
ASN1_ITEM_ptr(tt->item),
-1, iclass); -1, iclass);
if (tmplen == -1 || (skcontlen > INT_MAX - tmplen))
return -1;
skcontlen += tmplen;
} }
sklen = ASN1_object_size(ndef, skcontlen, sktag); sklen = ASN1_object_size(ndef, skcontlen, sktag);
if (sklen == -1)
return -1;
/* If EXPLICIT need length of surrounding tag */ /* If EXPLICIT need length of surrounding tag */
if (flags & ASN1_TFLG_EXPTAG) if (flags & ASN1_TFLG_EXPTAG)
ret = ASN1_object_size(ndef, sklen, ttag); ret = ASN1_object_size(ndef, sklen, ttag);
else else
ret = sklen; ret = sklen;
if (!out) if (!out || ret == -1)
return ret; return ret;
/* Now encode this lot... */ /* Now encode this lot... */
@ -380,7 +388,7 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
return 0; return 0;
/* Find length of EXPLICIT tag */ /* Find length of EXPLICIT tag */
ret = ASN1_object_size(ndef, i, ttag); ret = ASN1_object_size(ndef, i, ttag);
if (out) { if (out && ret != -1) {
/* Output tag and item */ /* Output tag and item */
ASN1_put_object(out, ndef, i, ttag, tclass); ASN1_put_object(out, ndef, i, ttag, tclass);
ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), -1, iclass); ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), -1, iclass);

View File

@ -204,7 +204,8 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
} else } else
asn1_cb = 0; asn1_cb = 0;
if (*fld == NULL) { if (((it->itype != ASN1_ITYPE_PRIMITIVE)
|| (it->utype != V_ASN1_BOOLEAN)) && *fld == NULL) {
if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_ABSENT) { if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_ABSENT) {
if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx)) if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
return 0; return 0;
@ -446,6 +447,8 @@ static int asn1_print_integer_ctx(BIO *out, ASN1_INTEGER *str,
char *s; char *s;
int ret = 1; int ret = 1;
s = i2s_ASN1_INTEGER(NULL, str); s = i2s_ASN1_INTEGER(NULL, str);
if (s == NULL)
return 0;
if (BIO_puts(out, s) <= 0) if (BIO_puts(out, s) <= 0)
ret = 0; ret = 0;
OPENSSL_free(s); OPENSSL_free(s);
@ -496,11 +499,16 @@ static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
return 0; return 0;
if (pf && pf->prim_print) if (pf && pf->prim_print)
return pf->prim_print(out, fld, it, indent, pctx); return pf->prim_print(out, fld, it, indent, pctx);
if (it->itype == ASN1_ITYPE_MSTRING) {
str = (ASN1_STRING *)*fld; str = (ASN1_STRING *)*fld;
if (it->itype == ASN1_ITYPE_MSTRING)
utype = str->type & ~V_ASN1_NEG; utype = str->type & ~V_ASN1_NEG;
else } else {
utype = it->utype; utype = it->utype;
if (utype == V_ASN1_BOOLEAN)
str = NULL;
else
str = (ASN1_STRING *)*fld;
}
if (utype == V_ASN1_ANY) { if (utype == V_ASN1_ANY) {
ASN1_TYPE *atype = (ASN1_TYPE *)*fld; ASN1_TYPE *atype = (ASN1_TYPE *)*fld;
utype = atype->type; utype = atype->type;

View File

@ -234,7 +234,7 @@ const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt,
sfld = offset2ptr(*pval, adb->offset); sfld = offset2ptr(*pval, adb->offset);
/* Check if NULL */ /* Check if NULL */
if (!sfld) { if (*sfld == NULL) {
if (!adb->null_tt) if (!adb->null_tt)
goto err; goto err;
return adb->null_tt; return adb->null_tt;

View File

@ -78,6 +78,8 @@ static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
const ASN1_ITEM *it); const ASN1_ITEM *it);
static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
int utype, char *free_cont, const ASN1_ITEM *it); int utype, char *free_cont, const ASN1_ITEM *it);
static int bn_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it,
int indent, const ASN1_PCTX *pctx);
static ASN1_PRIMITIVE_FUNCS bignum_pf = { static ASN1_PRIMITIVE_FUNCS bignum_pf = {
NULL, 0, NULL, 0,
@ -85,7 +87,8 @@ static ASN1_PRIMITIVE_FUNCS bignum_pf = {
bn_free, bn_free,
0, 0,
bn_c2i, bn_c2i,
bn_i2c bn_i2c,
bn_print
}; };
ASN1_ITEM_start(BIGNUM) ASN1_ITEM_start(BIGNUM)
@ -151,3 +154,13 @@ static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
} }
return 1; return 1;
} }
static int bn_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it,
int indent, const ASN1_PCTX *pctx)
{
if (!BN_print(out, *(BIGNUM **)pval))
return 0;
if (BIO_puts(out, "\n") <= 0)
return 0;
return 1;
}

View File

@ -199,10 +199,8 @@ static int x509_name_ex_d2i(ASN1_VALUE **val,
int i, j, ret; int i, j, ret;
STACK_OF(X509_NAME_ENTRY) *entries; STACK_OF(X509_NAME_ENTRY) *entries;
X509_NAME_ENTRY *entry; X509_NAME_ENTRY *entry;
if (len > X509_NAME_MAX) { if (len > X509_NAME_MAX)
ASN1err(ASN1_F_X509_NAME_EX_D2I, ASN1_R_TOO_LONG); len = X509_NAME_MAX;
return 0;
}
q = p; q = p;
/* Get internal representation of Name */ /* Get internal representation of Name */

View File

@ -199,12 +199,26 @@ X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
return NULL; return NULL;
} }
int i2d_X509_AUX(X509 *a, unsigned char **pp) /*
* Serialize trusted certificate to *pp or just return the required buffer
* length if pp == NULL. We ultimately want to avoid modifying *pp in the
* error path, but that depends on similar hygiene in lower-level functions.
* Here we avoid compounding the problem.
*/
static int i2d_x509_aux_internal(X509 *a, unsigned char **pp)
{ {
int length, tmplen; int length, tmplen;
unsigned char *start = pp != NULL ? *pp : NULL; unsigned char *start = pp != NULL ? *pp : NULL;
OPENSSL_assert(pp == NULL || *pp != NULL);
/*
* This might perturb *pp on error, but fixing that belongs in i2d_X509()
* not here. It should be that if a == NULL length is zero, but we check
* both just in case.
*/
length = i2d_X509(a, pp); length = i2d_X509(a, pp);
if (length < 0 || a == NULL) if (length <= 0 || a == NULL)
return length; return length;
tmplen = i2d_X509_CERT_AUX(a->aux, pp); tmplen = i2d_X509_CERT_AUX(a->aux, pp);
@ -218,6 +232,42 @@ int i2d_X509_AUX(X509 *a, unsigned char **pp)
return length; return length;
} }
/*
* Serialize trusted certificate to *pp, or just return the required buffer
* length if pp == NULL.
*
* When pp is not NULL, but *pp == NULL, we allocate the buffer, but since
* we're writing two ASN.1 objects back to back, we can't have i2d_X509() do
* the allocation, nor can we allow i2d_X509_CERT_AUX() to increment the
* allocated buffer.
*/
int i2d_X509_AUX(X509 *a, unsigned char **pp)
{
int length;
unsigned char *tmp;
/* Buffer provided by caller */
if (pp == NULL || *pp != NULL)
return i2d_x509_aux_internal(a, pp);
/* Obtain the combined length */
if ((length = i2d_x509_aux_internal(a, NULL)) <= 0)
return length;
/* Allocate requisite combined storage */
*pp = tmp = OPENSSL_malloc(length);
if (tmp == NULL)
return -1; /* Push error onto error stack? */
/* Encode, but keep *pp at the originally malloced pointer */
length = i2d_x509_aux_internal(a, &tmp);
if (length <= 0) {
OPENSSL_free(*pp);
*pp = NULL;
}
return length;
}
int i2d_re_X509_tbs(X509 *x, unsigned char **pp) int i2d_re_X509_tbs(X509 *x, unsigned char **pp)
{ {
x->cert_info->enc.modified = 1; x->cert_info->enc.modified = 1;

View File

@ -423,9 +423,15 @@ _dopr(char **sbuffer,
break; break;
} }
} }
/*
* We have to truncate if there is no dynamic buffer and we have filled the
* static buffer.
*/
if (buffer == NULL) {
*truncated = (currlen > *maxlen - 1); *truncated = (currlen > *maxlen - 1);
if (*truncated) if (*truncated)
currlen = *maxlen - 1; currlen = *maxlen - 1;
}
if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0')) if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0'))
return 0; return 0;
*retlen = currlen - 1; *retlen = currlen - 1;

View File

@ -139,7 +139,7 @@ static int nbiof_read(BIO *b, char *out, int outl)
BIO_clear_retry_flags(b); BIO_clear_retry_flags(b);
#if 1 #if 1
if (RAND_pseudo_bytes(&n, 1) < 0) if (RAND_bytes(&n, 1) <= 0)
return -1; return -1;
num = (n & 0x07); num = (n & 0x07);
@ -179,7 +179,7 @@ static int nbiof_write(BIO *b, const char *in, int inl)
num = nt->lwn; num = nt->lwn;
nt->lwn = 0; nt->lwn = 0;
} else { } else {
if (RAND_pseudo_bytes(&n, 1) < 0) if (RAND_bytes(&n, 1) <= 0)
return -1; return -1;
num = (n & 7); num = (n & 7);
} }

View File

@ -559,11 +559,11 @@ int BIO_read_filename(BIO *b, const char *name);
# define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp) # define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
# define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL) # define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
# define BIO_set_ssl_renegotiate_bytes(b,num) \ # define BIO_set_ssl_renegotiate_bytes(b,num) \
BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL); BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL)
# define BIO_get_num_renegotiates(b) \ # define BIO_get_num_renegotiates(b) \
BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL); BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL)
# define BIO_set_ssl_renegotiate_timeout(b,seconds) \ # define BIO_set_ssl_renegotiate_timeout(b,seconds) \
BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL); BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL)
/* defined in evp.h */ /* defined in evp.h */
/* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */ /* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */

View File

@ -149,9 +149,13 @@ static int bio_new(BIO *bio)
return 0; return 0;
b->peer = NULL; b->peer = NULL;
b->closed = 0;
b->len = 0;
b->offset = 0;
/* enough for one TLS record (just a default) */ /* enough for one TLS record (just a default) */
b->size = 17 * 1024; b->size = 17 * 1024;
b->buf = NULL; b->buf = NULL;
b->request = 0;
bio->ptr = b; bio->ptr = b;
return 1; return 1;
@ -655,15 +659,14 @@ static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr)
break; break;
case BIO_CTRL_EOF: case BIO_CTRL_EOF:
{ if (b->peer != NULL) {
BIO *other_bio = ptr; struct bio_bio_st *peer_b = b->peer->ptr;
if (other_bio) { if (peer_b->len == 0 && peer_b->closed)
struct bio_bio_st *other_b = other_bio->ptr; ret = 1;
else
assert(other_b != NULL); ret = 0;
ret = other_b->len == 0 && other_b->closed; } else {
} else
ret = 1; ret = 1;
} }
break; break;

View File

@ -174,7 +174,11 @@ BIO *BIO_new_file(const char *filename, const char *mode)
if (file == NULL) { if (file == NULL) {
SYSerr(SYS_F_FOPEN, get_last_sys_error()); SYSerr(SYS_F_FOPEN, get_last_sys_error());
ERR_add_error_data(5, "fopen('", filename, "','", mode, "')"); ERR_add_error_data(5, "fopen('", filename, "','", mode, "')");
if (errno == ENOENT) if (errno == ENOENT
# ifdef ENXIO
|| errno == ENXIO
# endif
)
BIOerr(BIO_F_BIO_NEW_FILE, BIO_R_NO_SUCH_FILE); BIOerr(BIO_F_BIO_NEW_FILE, BIO_R_NO_SUCH_FILE);
else else
BIOerr(BIO_F_BIO_NEW_FILE, ERR_R_SYS_LIB); BIOerr(BIO_F_BIO_NEW_FILE, ERR_R_SYS_LIB);

View File

@ -170,6 +170,8 @@ static int rtcp_new(BIO *bi)
bi->num = 0; bi->num = 0;
bi->flags = 0; bi->flags = 0;
bi->ptr = OPENSSL_malloc(sizeof(struct rpc_ctx)); bi->ptr = OPENSSL_malloc(sizeof(struct rpc_ctx));
if (bi->ptr == NULL)
return (0);
ctx = (struct rpc_ctx *)bi->ptr; ctx = (struct rpc_ctx *)bi->ptr;
ctx->filled = 0; ctx->filled = 0;
ctx->pos = 0; ctx->pos = 0;

View File

@ -63,27 +63,26 @@ $frame=32; # size of above frame rounded up to 16n
&lea ("esi",&wparam(0)); # put aside pointer to argument block &lea ("esi",&wparam(0)); # put aside pointer to argument block
&lea ("edx",&wparam(1)); # load ap &lea ("edx",&wparam(1)); # load ap
&mov ("ebp","esp"); # saved stack pointer!
&add ("edi",2); # extra two words on top of tp &add ("edi",2); # extra two words on top of tp
&neg ("edi"); &neg ("edi");
&lea ("esp",&DWP(-$frame,"esp","edi",4)); # alloca($frame+4*(num+2)) &lea ("ebp",&DWP(-$frame,"esp","edi",4)); # future alloca($frame+4*(num+2))
&neg ("edi"); &neg ("edi");
# minimize cache contention by arraning 2K window between stack # minimize cache contention by arraning 2K window between stack
# pointer and ap argument [np is also position sensitive vector, # pointer and ap argument [np is also position sensitive vector,
# but it's assumed to be near ap, as it's allocated at ~same # but it's assumed to be near ap, as it's allocated at ~same
# time]. # time].
&mov ("eax","esp"); &mov ("eax","ebp");
&sub ("eax","edx"); &sub ("eax","edx");
&and ("eax",2047); &and ("eax",2047);
&sub ("esp","eax"); # this aligns sp and ap modulo 2048 &sub ("ebp","eax"); # this aligns sp and ap modulo 2048
&xor ("edx","esp"); &xor ("edx","ebp");
&and ("edx",2048); &and ("edx",2048);
&xor ("edx",2048); &xor ("edx",2048);
&sub ("esp","edx"); # this splits them apart modulo 4096 &sub ("ebp","edx"); # this splits them apart modulo 4096
&and ("esp",-64); # align to cache line &and ("ebp",-64); # align to cache line
# Some OSes, *cough*-dows, insist on stack being "wired" to # Some OSes, *cough*-dows, insist on stack being "wired" to
# physical memory in strictly sequential manner, i.e. if stack # physical memory in strictly sequential manner, i.e. if stack
@ -91,20 +90,28 @@ $frame=32; # size of above frame rounded up to 16n
# be punishable by SEGV. But page walking can do good even on # be punishable by SEGV. But page walking can do good even on
# other OSes, because it guarantees that villain thread hits # other OSes, because it guarantees that villain thread hits
# the guard page before it can make damage to innocent one... # the guard page before it can make damage to innocent one...
&mov ("eax","ebp"); &mov ("eax","esp");
&sub ("eax","esp"); &sub ("eax","ebp");
&and ("eax",-4096); &and ("eax",-4096);
&set_label("page_walk"); &mov ("edx","esp"); # saved stack pointer!
&mov ("edx",&DWP(0,"esp","eax")); &lea ("esp",&DWP(0,"ebp","eax"));
&sub ("eax",4096); &mov ("eax",&DWP(0,"esp"));
&data_byte(0x2e); &cmp ("esp","ebp");
&jnc (&label("page_walk")); &ja (&label("page_walk"));
&jmp (&label("page_walk_done"));
&set_label("page_walk",16);
&lea ("esp",&DWP(-4096,"esp"));
&mov ("eax",&DWP(0,"esp"));
&cmp ("esp","ebp");
&ja (&label("page_walk"));
&set_label("page_walk_done");
################################# load argument block... ################################# load argument block...
&mov ("eax",&DWP(0*4,"esi"));# BN_ULONG *rp &mov ("eax",&DWP(0*4,"esi"));# BN_ULONG *rp
&mov ("ebx",&DWP(1*4,"esi"));# const BN_ULONG *ap &mov ("ebx",&DWP(1*4,"esi"));# const BN_ULONG *ap
&mov ("ecx",&DWP(2*4,"esi"));# const BN_ULONG *bp &mov ("ecx",&DWP(2*4,"esi"));# const BN_ULONG *bp
&mov ("edx",&DWP(3*4,"esi"));# const BN_ULONG *np &mov ("ebp",&DWP(3*4,"esi"));# const BN_ULONG *np
&mov ("esi",&DWP(4*4,"esi"));# const BN_ULONG *n0 &mov ("esi",&DWP(4*4,"esi"));# const BN_ULONG *n0
#&mov ("edi",&DWP(5*4,"esi"));# int num #&mov ("edi",&DWP(5*4,"esi"));# int num
@ -112,11 +119,11 @@ $frame=32; # size of above frame rounded up to 16n
&mov ($_rp,"eax"); # ... save a copy of argument block &mov ($_rp,"eax"); # ... save a copy of argument block
&mov ($_ap,"ebx"); &mov ($_ap,"ebx");
&mov ($_bp,"ecx"); &mov ($_bp,"ecx");
&mov ($_np,"edx"); &mov ($_np,"ebp");
&mov ($_n0,"esi"); &mov ($_n0,"esi");
&lea ($num,&DWP(-3,"edi")); # num=num-1 to assist modulo-scheduling &lea ($num,&DWP(-3,"edi")); # num=num-1 to assist modulo-scheduling
#&mov ($_num,$num); # redundant as $num is not reused #&mov ($_num,$num); # redundant as $num is not reused
&mov ($_sp,"ebp"); # saved stack pointer! &mov ($_sp,"edx"); # saved stack pointer!
if($sse2) { if($sse2) {
$acc0="mm0"; # mmx register bank layout $acc0="mm0"; # mmx register bank layout

View File

@ -194,7 +194,7 @@ BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
BN_ULONG ret, waste; BN_ULONG ret, waste;
asm("divq %4":"=a"(ret), "=d"(waste) asm("divq %4":"=a"(ret), "=d"(waste)
: "a"(l), "d"(h), "g"(d) : "a"(l), "d"(h), "r"(d)
: "cc"); : "cc");
return ret; return ret;

View File

@ -97,6 +97,8 @@ $code=<<___;
.type bn_mul_mont,\@function,6 .type bn_mul_mont,\@function,6
.align 16 .align 16
bn_mul_mont: bn_mul_mont:
mov ${num}d,${num}d
mov %rsp,%rax
test \$3,${num}d test \$3,${num}d
jnz .Lmul_enter jnz .Lmul_enter
cmp \$8,${num}d cmp \$8,${num}d
@ -121,29 +123,36 @@ $code.=<<___;
push %r14 push %r14
push %r15 push %r15
mov ${num}d,${num}d neg $num
lea 2($num),%r10
mov %rsp,%r11 mov %rsp,%r11
neg %r10 lea -16(%rsp,$num,8),%r10 # future alloca(8*(num+2))
lea (%rsp,%r10,8),%rsp # tp=alloca(8*(num+2)) neg $num # restore $num
and \$-1024,%rsp # minimize TLB usage and \$-1024,%r10 # minimize TLB usage
mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp
.Lmul_body:
# Some OSes, *cough*-dows, insist on stack being "wired" to # Some OSes, *cough*-dows, insist on stack being "wired" to
# physical memory in strictly sequential manner, i.e. if stack # physical memory in strictly sequential manner, i.e. if stack
# allocation spans two pages, then reference to farmost one can # allocation spans two pages, then reference to farmost one can
# be punishable by SEGV. But page walking can do good even on # be punishable by SEGV. But page walking can do good even on
# other OSes, because it guarantees that villain thread hits # other OSes, because it guarantees that villain thread hits
# the guard page before it can make damage to innocent one... # the guard page before it can make damage to innocent one...
sub %rsp,%r11 sub %r10,%r11
and \$-4096,%r11 and \$-4096,%r11
.Lmul_page_walk: lea (%r10,%r11),%rsp
mov (%rsp,%r11),%r10 mov (%rsp),%r11
sub \$4096,%r11 cmp %r10,%rsp
.byte 0x66,0x2e # predict non-taken ja .Lmul_page_walk
jnc .Lmul_page_walk jmp .Lmul_page_walk_done
.align 16
.Lmul_page_walk:
lea -4096(%rsp),%rsp
mov (%rsp),%r11
cmp %r10,%rsp
ja .Lmul_page_walk
.Lmul_page_walk_done:
mov %rax,8(%rsp,$num,8) # tp[num+1]=%rsp
.Lmul_body:
mov $bp,%r12 # reassign $bp mov $bp,%r12 # reassign $bp
___ ___
$bp="%r12"; $bp="%r12";
@ -314,13 +323,13 @@ $code.=<<___;
mov 8(%rsp,$num,8),%rsi # restore %rsp mov 8(%rsp,$num,8),%rsi # restore %rsp
mov \$1,%rax mov \$1,%rax
mov (%rsi),%r15 mov -48(%rsi),%r15
mov 8(%rsi),%r14 mov -40(%rsi),%r14
mov 16(%rsi),%r13 mov -32(%rsi),%r13
mov 24(%rsi),%r12 mov -24(%rsi),%r12
mov 32(%rsi),%rbp mov -16(%rsi),%rbp
mov 40(%rsi),%rbx mov -8(%rsi),%rbx
lea 48(%rsi),%rsp lea (%rsi),%rsp
.Lmul_epilogue: .Lmul_epilogue:
ret ret
.size bn_mul_mont,.-bn_mul_mont .size bn_mul_mont,.-bn_mul_mont
@ -332,6 +341,8 @@ $code.=<<___;
.type bn_mul4x_mont,\@function,6 .type bn_mul4x_mont,\@function,6
.align 16 .align 16
bn_mul4x_mont: bn_mul4x_mont:
mov ${num}d,${num}d
mov %rsp,%rax
.Lmul4x_enter: .Lmul4x_enter:
___ ___
$code.=<<___ if ($addx); $code.=<<___ if ($addx);
@ -347,23 +358,29 @@ $code.=<<___;
push %r14 push %r14
push %r15 push %r15
mov ${num}d,${num}d neg $num
lea 4($num),%r10
mov %rsp,%r11 mov %rsp,%r11
neg %r10 lea -32(%rsp,$num,8),%r10 # future alloca(8*(num+4))
lea (%rsp,%r10,8),%rsp # tp=alloca(8*(num+4)) neg $num # restore
and \$-1024,%rsp # minimize TLB usage and \$-1024,%r10 # minimize TLB usage
mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp sub %r10,%r11
.Lmul4x_body:
sub %rsp,%r11
and \$-4096,%r11 and \$-4096,%r11
.Lmul4x_page_walk: lea (%r10,%r11),%rsp
mov (%rsp,%r11),%r10 mov (%rsp),%r11
sub \$4096,%r11 cmp %r10,%rsp
.byte 0x2e # predict non-taken ja .Lmul4x_page_walk
jnc .Lmul4x_page_walk jmp .Lmul4x_page_walk_done
.Lmul4x_page_walk:
lea -4096(%rsp),%rsp
mov (%rsp),%r11
cmp %r10,%rsp
ja .Lmul4x_page_walk
.Lmul4x_page_walk_done:
mov %rax,8(%rsp,$num,8) # tp[num+1]=%rsp
.Lmul4x_body:
mov $rp,16(%rsp,$num,8) # tp[num+2]=$rp mov $rp,16(%rsp,$num,8) # tp[num+2]=$rp
mov %rdx,%r12 # reassign $bp mov %rdx,%r12 # reassign $bp
___ ___
@ -742,13 +759,13 @@ ___
$code.=<<___; $code.=<<___;
mov 8(%rsp,$num,8),%rsi # restore %rsp mov 8(%rsp,$num,8),%rsi # restore %rsp
mov \$1,%rax mov \$1,%rax
mov (%rsi),%r15 mov -48(%rsi),%r15
mov 8(%rsi),%r14 mov -40(%rsi),%r14
mov 16(%rsi),%r13 mov -32(%rsi),%r13
mov 24(%rsi),%r12 mov -24(%rsi),%r12
mov 32(%rsi),%rbp mov -16(%rsi),%rbp
mov 40(%rsi),%rbx mov -8(%rsi),%rbx
lea 48(%rsi),%rsp lea (%rsi),%rsp
.Lmul4x_epilogue: .Lmul4x_epilogue:
ret ret
.size bn_mul4x_mont,.-bn_mul4x_mont .size bn_mul4x_mont,.-bn_mul4x_mont
@ -778,14 +795,15 @@ $code.=<<___;
.type bn_sqr8x_mont,\@function,6 .type bn_sqr8x_mont,\@function,6
.align 32 .align 32
bn_sqr8x_mont: bn_sqr8x_mont:
.Lsqr8x_enter:
mov %rsp,%rax mov %rsp,%rax
.Lsqr8x_enter:
push %rbx push %rbx
push %rbp push %rbp
push %r12 push %r12
push %r13 push %r13
push %r14 push %r14
push %r15 push %r15
.Lsqr8x_prologue:
mov ${num}d,%r10d mov ${num}d,%r10d
shl \$3,${num}d # convert $num to bytes shl \$3,${num}d # convert $num to bytes
@ -798,33 +816,42 @@ bn_sqr8x_mont:
# do its job. # do its job.
# #
lea -64(%rsp,$num,2),%r11 lea -64(%rsp,$num,2),%r11
mov %rsp,%rbp
mov ($n0),$n0 # *n0 mov ($n0),$n0 # *n0
sub $aptr,%r11 sub $aptr,%r11
and \$4095,%r11 and \$4095,%r11
cmp %r11,%r10 cmp %r11,%r10
jb .Lsqr8x_sp_alt jb .Lsqr8x_sp_alt
sub %r11,%rsp # align with $aptr sub %r11,%rbp # align with $aptr
lea -64(%rsp,$num,2),%rsp # alloca(frame+2*$num) lea -64(%rbp,$num,2),%rbp # future alloca(frame+2*$num)
jmp .Lsqr8x_sp_done jmp .Lsqr8x_sp_done
.align 32 .align 32
.Lsqr8x_sp_alt: .Lsqr8x_sp_alt:
lea 4096-64(,$num,2),%r10 # 4096-frame-2*$num lea 4096-64(,$num,2),%r10 # 4096-frame-2*$num
lea -64(%rsp,$num,2),%rsp # alloca(frame+2*$num) lea -64(%rbp,$num,2),%rbp # future alloca(frame+2*$num)
sub %r10,%r11 sub %r10,%r11
mov \$0,%r10 mov \$0,%r10
cmovc %r10,%r11 cmovc %r10,%r11
sub %r11,%rsp sub %r11,%rbp
.Lsqr8x_sp_done: .Lsqr8x_sp_done:
and \$-64,%rsp and \$-64,%rbp
mov %rax,%r11 mov %rsp,%r11
sub %rsp,%r11 sub %rbp,%r11
and \$-4096,%r11 and \$-4096,%r11
lea (%rbp,%r11),%rsp
mov (%rsp),%r10
cmp %rbp,%rsp
ja .Lsqr8x_page_walk
jmp .Lsqr8x_page_walk_done
.align 16
.Lsqr8x_page_walk: .Lsqr8x_page_walk:
mov (%rsp,%r11),%r10 lea -4096(%rsp),%rsp
sub \$4096,%r11 mov (%rsp),%r10
.byte 0x2e # predict non-taken cmp %rbp,%rsp
jnc .Lsqr8x_page_walk ja .Lsqr8x_page_walk
.Lsqr8x_page_walk_done:
mov $num,%r10 mov $num,%r10
neg $num neg $num
@ -948,30 +975,38 @@ $code.=<<___;
.type bn_mulx4x_mont,\@function,6 .type bn_mulx4x_mont,\@function,6
.align 32 .align 32
bn_mulx4x_mont: bn_mulx4x_mont:
.Lmulx4x_enter:
mov %rsp,%rax mov %rsp,%rax
.Lmulx4x_enter:
push %rbx push %rbx
push %rbp push %rbp
push %r12 push %r12
push %r13 push %r13
push %r14 push %r14
push %r15 push %r15
.Lmulx4x_prologue:
shl \$3,${num}d # convert $num to bytes shl \$3,${num}d # convert $num to bytes
.byte 0x67
xor %r10,%r10 xor %r10,%r10
sub $num,%r10 # -$num sub $num,%r10 # -$num
mov ($n0),$n0 # *n0 mov ($n0),$n0 # *n0
lea -72(%rsp,%r10),%rsp # alloca(frame+$num+8) lea -72(%rsp,%r10),%rbp # future alloca(frame+$num+8)
and \$-128,%rsp and \$-128,%rbp
mov %rax,%r11 mov %rsp,%r11
sub %rsp,%r11 sub %rbp,%r11
and \$-4096,%r11 and \$-4096,%r11
lea (%rbp,%r11),%rsp
mov (%rsp),%r10
cmp %rbp,%rsp
ja .Lmulx4x_page_walk
jmp .Lmulx4x_page_walk_done
.align 16
.Lmulx4x_page_walk: .Lmulx4x_page_walk:
mov (%rsp,%r11),%r10 lea -4096(%rsp),%rsp
sub \$4096,%r11 mov (%rsp),%r10
.byte 0x66,0x2e # predict non-taken cmp %rbp,%rsp
jnc .Lmulx4x_page_walk ja .Lmulx4x_page_walk
.Lmulx4x_page_walk_done:
lea ($bp,$num),%r10 lea ($bp,$num),%r10
############################################################## ##############################################################
@ -1332,22 +1367,8 @@ mul_handler:
mov 192($context),%r10 # pull $num mov 192($context),%r10 # pull $num
mov 8(%rax,%r10,8),%rax # pull saved stack pointer mov 8(%rax,%r10,8),%rax # pull saved stack pointer
lea 48(%rax),%rax
mov -8(%rax),%rbx jmp .Lcommon_pop_regs
mov -16(%rax),%rbp
mov -24(%rax),%r12
mov -32(%rax),%r13
mov -40(%rax),%r14
mov -48(%rax),%r15
mov %rbx,144($context) # restore context->Rbx
mov %rbp,160($context) # restore context->Rbp
mov %r12,216($context) # restore context->R12
mov %r13,224($context) # restore context->R13
mov %r14,232($context) # restore context->R14
mov %r15,240($context) # restore context->R15
jmp .Lcommon_seh_tail
.size mul_handler,.-mul_handler .size mul_handler,.-mul_handler
.type sqr_handler,\@abi-omnipotent .type sqr_handler,\@abi-omnipotent
@ -1375,15 +1396,21 @@ sqr_handler:
cmp %r10,%rbx # context->Rip<.Lsqr_body cmp %r10,%rbx # context->Rip<.Lsqr_body
jb .Lcommon_seh_tail jb .Lcommon_seh_tail
mov 4(%r11),%r10d # HandlerData[1]
lea (%rsi,%r10),%r10 # body label
cmp %r10,%rbx # context->Rip>=.Lsqr_epilogue
jb .Lcommon_pop_regs
mov 152($context),%rax # pull context->Rsp mov 152($context),%rax # pull context->Rsp
mov 4(%r11),%r10d # HandlerData[1] mov 8(%r11),%r10d # HandlerData[2]
lea (%rsi,%r10),%r10 # epilogue label lea (%rsi,%r10),%r10 # epilogue label
cmp %r10,%rbx # context->Rip>=.Lsqr_epilogue cmp %r10,%rbx # context->Rip>=.Lsqr_epilogue
jae .Lcommon_seh_tail jae .Lcommon_seh_tail
mov 40(%rax),%rax # pull saved stack pointer mov 40(%rax),%rax # pull saved stack pointer
.Lcommon_pop_regs:
mov -8(%rax),%rbx mov -8(%rax),%rbx
mov -16(%rax),%rbp mov -16(%rax),%rbp
mov -24(%rax),%r12 mov -24(%rax),%r12
@ -1470,13 +1497,15 @@ $code.=<<___;
.LSEH_info_bn_sqr8x_mont: .LSEH_info_bn_sqr8x_mont:
.byte 9,0,0,0 .byte 9,0,0,0
.rva sqr_handler .rva sqr_handler
.rva .Lsqr8x_body,.Lsqr8x_epilogue # HandlerData[] .rva .Lsqr8x_prologue,.Lsqr8x_body,.Lsqr8x_epilogue # HandlerData[]
.align 8
___ ___
$code.=<<___ if ($addx); $code.=<<___ if ($addx);
.LSEH_info_bn_mulx4x_mont: .LSEH_info_bn_mulx4x_mont:
.byte 9,0,0,0 .byte 9,0,0,0
.rva sqr_handler .rva sqr_handler
.rva .Lmulx4x_body,.Lmulx4x_epilogue # HandlerData[] .rva .Lmulx4x_prologue,.Lmulx4x_body,.Lmulx4x_epilogue # HandlerData[]
.align 8
___ ___
} }

View File

@ -86,6 +86,8 @@ $code=<<___;
.type bn_mul_mont_gather5,\@function,6 .type bn_mul_mont_gather5,\@function,6
.align 64 .align 64
bn_mul_mont_gather5: bn_mul_mont_gather5:
mov ${num}d,${num}d
mov %rsp,%rax
test \$7,${num}d test \$7,${num}d
jnz .Lmul_enter jnz .Lmul_enter
___ ___
@ -97,10 +99,7 @@ $code.=<<___;
.align 16 .align 16
.Lmul_enter: .Lmul_enter:
mov ${num}d,${num}d
mov %rsp,%rax
movd `($win64?56:8)`(%rsp),%xmm5 # load 7th argument movd `($win64?56:8)`(%rsp),%xmm5 # load 7th argument
lea .Linc(%rip),%r10
push %rbx push %rbx
push %rbp push %rbp
push %r12 push %r12
@ -108,26 +107,36 @@ $code.=<<___;
push %r14 push %r14
push %r15 push %r15
lea 2($num),%r11 neg $num
neg %r11 mov %rsp,%r11
lea -264(%rsp,%r11,8),%rsp # tp=alloca(8*(num+2)+256+8) lea -280(%rsp,$num,8),%r10 # future alloca(8*(num+2)+256+8)
and \$-1024,%rsp # minimize TLB usage neg $num # restore $num
and \$-1024,%r10 # minimize TLB usage
mov %rax,8(%rsp,$num,8) # tp[num+1]=%rsp
.Lmul_body:
# Some OSes, *cough*-dows, insist on stack being "wired" to # Some OSes, *cough*-dows, insist on stack being "wired" to
# physical memory in strictly sequential manner, i.e. if stack # physical memory in strictly sequential manner, i.e. if stack
# allocation spans two pages, then reference to farmost one can # allocation spans two pages, then reference to farmost one can
# be punishable by SEGV. But page walking can do good even on # be punishable by SEGV. But page walking can do good even on
# other OSes, because it guarantees that villain thread hits # other OSes, because it guarantees that villain thread hits
# the guard page before it can make damage to innocent one... # the guard page before it can make damage to innocent one...
sub %rsp,%rax sub %r10,%r11
and \$-4096,%rax and \$-4096,%r11
lea (%r10,%r11),%rsp
mov (%rsp),%r11
cmp %r10,%rsp
ja .Lmul_page_walk
jmp .Lmul_page_walk_done
.Lmul_page_walk: .Lmul_page_walk:
mov (%rsp,%rax),%r11 lea -4096(%rsp),%rsp
sub \$4096,%rax mov (%rsp),%r11
.byte 0x2e # predict non-taken cmp %r10,%rsp
jnc .Lmul_page_walk ja .Lmul_page_walk
.Lmul_page_walk_done:
lea .Linc(%rip),%r10
mov %rax,8(%rsp,$num,8) # tp[num+1]=%rsp
.Lmul_body:
lea 128($bp),%r12 # reassign $bp (+size optimization) lea 128($bp),%r12 # reassign $bp (+size optimization)
___ ___
@ -433,6 +442,8 @@ $code.=<<___;
.type bn_mul4x_mont_gather5,\@function,6 .type bn_mul4x_mont_gather5,\@function,6
.align 32 .align 32
bn_mul4x_mont_gather5: bn_mul4x_mont_gather5:
.byte 0x67
mov %rsp,%rax
.Lmul4x_enter: .Lmul4x_enter:
___ ___
$code.=<<___ if ($addx); $code.=<<___ if ($addx);
@ -441,14 +452,13 @@ $code.=<<___ if ($addx);
je .Lmulx4x_enter je .Lmulx4x_enter
___ ___
$code.=<<___; $code.=<<___;
.byte 0x67
mov %rsp,%rax
push %rbx push %rbx
push %rbp push %rbp
push %r12 push %r12
push %r13 push %r13
push %r14 push %r14
push %r15 push %r15
.Lmul4x_prologue:
.byte 0x67 .byte 0x67
shl \$3,${num}d # convert $num to bytes shl \$3,${num}d # convert $num to bytes
@ -465,32 +475,40 @@ $code.=<<___;
# calculated from 7th argument, the index.] # calculated from 7th argument, the index.]
# #
lea -320(%rsp,$num,2),%r11 lea -320(%rsp,$num,2),%r11
mov %rsp,%rbp
sub $rp,%r11 sub $rp,%r11
and \$4095,%r11 and \$4095,%r11
cmp %r11,%r10 cmp %r11,%r10
jb .Lmul4xsp_alt jb .Lmul4xsp_alt
sub %r11,%rsp # align with $rp sub %r11,%rbp # align with $rp
lea -320(%rsp,$num,2),%rsp # alloca(frame+2*num*8+256) lea -320(%rbp,$num,2),%rbp # future alloca(frame+2*num*8+256)
jmp .Lmul4xsp_done jmp .Lmul4xsp_done
.align 32 .align 32
.Lmul4xsp_alt: .Lmul4xsp_alt:
lea 4096-320(,$num,2),%r10 lea 4096-320(,$num,2),%r10
lea -320(%rsp,$num,2),%rsp # alloca(frame+2*num*8+256) lea -320(%rbp,$num,2),%rbp # future alloca(frame+2*num*8+256)
sub %r10,%r11 sub %r10,%r11
mov \$0,%r10 mov \$0,%r10
cmovc %r10,%r11 cmovc %r10,%r11
sub %r11,%rsp sub %r11,%rbp
.Lmul4xsp_done: .Lmul4xsp_done:
and \$-64,%rsp and \$-64,%rbp
mov %rax,%r11 mov %rsp,%r11
sub %rsp,%r11 sub %rbp,%r11
and \$-4096,%r11 and \$-4096,%r11
lea (%rbp,%r11),%rsp
mov (%rsp),%r10
cmp %rbp,%rsp
ja .Lmul4x_page_walk
jmp .Lmul4x_page_walk_done
.Lmul4x_page_walk: .Lmul4x_page_walk:
mov (%rsp,%r11),%r10 lea -4096(%rsp),%rsp
sub \$4096,%r11 mov (%rsp),%r10
.byte 0x2e # predict non-taken cmp %rbp,%rsp
jnc .Lmul4x_page_walk ja .Lmul4x_page_walk
.Lmul4x_page_walk_done:
neg $num neg $num
@ -1034,6 +1052,7 @@ $code.=<<___;
.type bn_power5,\@function,6 .type bn_power5,\@function,6
.align 32 .align 32
bn_power5: bn_power5:
mov %rsp,%rax
___ ___
$code.=<<___ if ($addx); $code.=<<___ if ($addx);
mov OPENSSL_ia32cap_P+8(%rip),%r11d mov OPENSSL_ia32cap_P+8(%rip),%r11d
@ -1042,13 +1061,13 @@ $code.=<<___ if ($addx);
je .Lpowerx5_enter je .Lpowerx5_enter
___ ___
$code.=<<___; $code.=<<___;
mov %rsp,%rax
push %rbx push %rbx
push %rbp push %rbp
push %r12 push %r12
push %r13 push %r13
push %r14 push %r14
push %r15 push %r15
.Lpower5_prologue:
shl \$3,${num}d # convert $num to bytes shl \$3,${num}d # convert $num to bytes
lea ($num,$num,2),%r10d # 3*$num lea ($num,$num,2),%r10d # 3*$num
@ -1063,32 +1082,40 @@ $code.=<<___;
# calculated from 7th argument, the index.] # calculated from 7th argument, the index.]
# #
lea -320(%rsp,$num,2),%r11 lea -320(%rsp,$num,2),%r11
mov %rsp,%rbp
sub $rptr,%r11 sub $rptr,%r11
and \$4095,%r11 and \$4095,%r11
cmp %r11,%r10 cmp %r11,%r10
jb .Lpwr_sp_alt jb .Lpwr_sp_alt
sub %r11,%rsp # align with $aptr sub %r11,%rbp # align with $aptr
lea -320(%rsp,$num,2),%rsp # alloca(frame+2*num*8+256) lea -320(%rbp,$num,2),%rbp # future alloca(frame+2*num*8+256)
jmp .Lpwr_sp_done jmp .Lpwr_sp_done
.align 32 .align 32
.Lpwr_sp_alt: .Lpwr_sp_alt:
lea 4096-320(,$num,2),%r10 lea 4096-320(,$num,2),%r10
lea -320(%rsp,$num,2),%rsp # alloca(frame+2*num*8+256) lea -320(%rbp,$num,2),%rbp # future alloca(frame+2*num*8+256)
sub %r10,%r11 sub %r10,%r11
mov \$0,%r10 mov \$0,%r10
cmovc %r10,%r11 cmovc %r10,%r11
sub %r11,%rsp sub %r11,%rbp
.Lpwr_sp_done: .Lpwr_sp_done:
and \$-64,%rsp and \$-64,%rbp
mov %rax,%r11 mov %rsp,%r11
sub %rsp,%r11 sub %rbp,%r11
and \$-4096,%r11 and \$-4096,%r11
lea (%rbp,%r11),%rsp
mov (%rsp),%r10
cmp %rbp,%rsp
ja .Lpwr_page_walk
jmp .Lpwr_page_walk_done
.Lpwr_page_walk: .Lpwr_page_walk:
mov (%rsp,%r11),%r10 lea -4096(%rsp),%rsp
sub \$4096,%r11 mov (%rsp),%r10
.byte 0x2e # predict non-taken cmp %rbp,%rsp
jnc .Lpwr_page_walk ja .Lpwr_page_walk
.Lpwr_page_walk_done:
mov $num,%r10 mov $num,%r10
neg $num neg $num
@ -2028,6 +2055,7 @@ bn_from_mont8x:
push %r13 push %r13
push %r14 push %r14
push %r15 push %r15
.Lfrom_prologue:
shl \$3,${num}d # convert $num to bytes shl \$3,${num}d # convert $num to bytes
lea ($num,$num,2),%r10 # 3*$num in bytes lea ($num,$num,2),%r10 # 3*$num in bytes
@ -2042,32 +2070,40 @@ bn_from_mont8x:
# last operation, we use the opportunity to cleanse it. # last operation, we use the opportunity to cleanse it.
# #
lea -320(%rsp,$num,2),%r11 lea -320(%rsp,$num,2),%r11
mov %rsp,%rbp
sub $rptr,%r11 sub $rptr,%r11
and \$4095,%r11 and \$4095,%r11
cmp %r11,%r10 cmp %r11,%r10
jb .Lfrom_sp_alt jb .Lfrom_sp_alt
sub %r11,%rsp # align with $aptr sub %r11,%rbp # align with $aptr
lea -320(%rsp,$num,2),%rsp # alloca(frame+2*$num*8+256) lea -320(%rbp,$num,2),%rbp # future alloca(frame+2*$num*8+256)
jmp .Lfrom_sp_done jmp .Lfrom_sp_done
.align 32 .align 32
.Lfrom_sp_alt: .Lfrom_sp_alt:
lea 4096-320(,$num,2),%r10 lea 4096-320(,$num,2),%r10
lea -320(%rsp,$num,2),%rsp # alloca(frame+2*$num*8+256) lea -320(%rbp,$num,2),%rbp # future alloca(frame+2*$num*8+256)
sub %r10,%r11 sub %r10,%r11
mov \$0,%r10 mov \$0,%r10
cmovc %r10,%r11 cmovc %r10,%r11
sub %r11,%rsp sub %r11,%rbp
.Lfrom_sp_done: .Lfrom_sp_done:
and \$-64,%rsp and \$-64,%rbp
mov %rax,%r11 mov %rsp,%r11
sub %rsp,%r11 sub %rbp,%r11
and \$-4096,%r11 and \$-4096,%r11
lea (%rbp,%r11),%rsp
mov (%rsp),%r10
cmp %rbp,%rsp
ja .Lfrom_page_walk
jmp .Lfrom_page_walk_done
.Lfrom_page_walk: .Lfrom_page_walk:
mov (%rsp,%r11),%r10 lea -4096(%rsp),%rsp
sub \$4096,%r11 mov (%rsp),%r10
.byte 0x2e # predict non-taken cmp %rbp,%rsp
jnc .Lfrom_page_walk ja .Lfrom_page_walk
.Lfrom_page_walk_done:
mov $num,%r10 mov $num,%r10
neg $num neg $num
@ -2173,14 +2209,15 @@ $code.=<<___;
.type bn_mulx4x_mont_gather5,\@function,6 .type bn_mulx4x_mont_gather5,\@function,6
.align 32 .align 32
bn_mulx4x_mont_gather5: bn_mulx4x_mont_gather5:
.Lmulx4x_enter:
mov %rsp,%rax mov %rsp,%rax
.Lmulx4x_enter:
push %rbx push %rbx
push %rbp push %rbp
push %r12 push %r12
push %r13 push %r13
push %r14 push %r14
push %r15 push %r15
.Lmulx4x_prologue:
shl \$3,${num}d # convert $num to bytes shl \$3,${num}d # convert $num to bytes
lea ($num,$num,2),%r10 # 3*$num in bytes lea ($num,$num,2),%r10 # 3*$num in bytes
@ -2197,31 +2234,39 @@ bn_mulx4x_mont_gather5:
# calculated from 7th argument, the index.] # calculated from 7th argument, the index.]
# #
lea -320(%rsp,$num,2),%r11 lea -320(%rsp,$num,2),%r11
mov %rsp,%rbp
sub $rp,%r11 sub $rp,%r11
and \$4095,%r11 and \$4095,%r11
cmp %r11,%r10 cmp %r11,%r10
jb .Lmulx4xsp_alt jb .Lmulx4xsp_alt
sub %r11,%rsp # align with $aptr sub %r11,%rbp # align with $aptr
lea -320(%rsp,$num,2),%rsp # alloca(frame+2*$num*8+256) lea -320(%rbp,$num,2),%rbp # future alloca(frame+2*$num*8+256)
jmp .Lmulx4xsp_done jmp .Lmulx4xsp_done
.Lmulx4xsp_alt: .Lmulx4xsp_alt:
lea 4096-320(,$num,2),%r10 lea 4096-320(,$num,2),%r10
lea -320(%rsp,$num,2),%rsp # alloca(frame+2*$num*8+256) lea -320(%rbp,$num,2),%rbp # future alloca(frame+2*$num*8+256)
sub %r10,%r11 sub %r10,%r11
mov \$0,%r10 mov \$0,%r10
cmovc %r10,%r11 cmovc %r10,%r11
sub %r11,%rsp sub %r11,%rbp
.Lmulx4xsp_done: .Lmulx4xsp_done:
and \$-64,%rsp # ensure alignment and \$-64,%rbp # ensure alignment
mov %rax,%r11 mov %rsp,%r11
sub %rsp,%r11 sub %rbp,%r11
and \$-4096,%r11 and \$-4096,%r11
lea (%rbp,%r11),%rsp
mov (%rsp),%r10
cmp %rbp,%rsp
ja .Lmulx4x_page_walk
jmp .Lmulx4x_page_walk_done
.Lmulx4x_page_walk: .Lmulx4x_page_walk:
mov (%rsp,%r11),%r10 lea -4096(%rsp),%rsp
sub \$4096,%r11 mov (%rsp),%r10
.byte 0x2e # predict non-taken cmp %rbp,%rsp
jnc .Lmulx4x_page_walk ja .Lmulx4x_page_walk
.Lmulx4x_page_walk_done:
############################################################## ##############################################################
# Stack layout # Stack layout
@ -2629,14 +2674,15 @@ $code.=<<___;
.type bn_powerx5,\@function,6 .type bn_powerx5,\@function,6
.align 32 .align 32
bn_powerx5: bn_powerx5:
.Lpowerx5_enter:
mov %rsp,%rax mov %rsp,%rax
.Lpowerx5_enter:
push %rbx push %rbx
push %rbp push %rbp
push %r12 push %r12
push %r13 push %r13
push %r14 push %r14
push %r15 push %r15
.Lpowerx5_prologue:
shl \$3,${num}d # convert $num to bytes shl \$3,${num}d # convert $num to bytes
lea ($num,$num,2),%r10 # 3*$num in bytes lea ($num,$num,2),%r10 # 3*$num in bytes
@ -2651,32 +2697,40 @@ bn_powerx5:
# calculated from 7th argument, the index.] # calculated from 7th argument, the index.]
# #
lea -320(%rsp,$num,2),%r11 lea -320(%rsp,$num,2),%r11
mov %rsp,%rbp
sub $rptr,%r11 sub $rptr,%r11
and \$4095,%r11 and \$4095,%r11
cmp %r11,%r10 cmp %r11,%r10
jb .Lpwrx_sp_alt jb .Lpwrx_sp_alt
sub %r11,%rsp # align with $aptr sub %r11,%rbp # align with $aptr
lea -320(%rsp,$num,2),%rsp # alloca(frame+2*$num*8+256) lea -320(%rbp,$num,2),%rbp # future alloca(frame+2*$num*8+256)
jmp .Lpwrx_sp_done jmp .Lpwrx_sp_done
.align 32 .align 32
.Lpwrx_sp_alt: .Lpwrx_sp_alt:
lea 4096-320(,$num,2),%r10 lea 4096-320(,$num,2),%r10
lea -320(%rsp,$num,2),%rsp # alloca(frame+2*$num*8+256) lea -320(%rbp,$num,2),%rbp # alloca(frame+2*$num*8+256)
sub %r10,%r11 sub %r10,%r11
mov \$0,%r10 mov \$0,%r10
cmovc %r10,%r11 cmovc %r10,%r11
sub %r11,%rsp sub %r11,%rbp
.Lpwrx_sp_done: .Lpwrx_sp_done:
and \$-64,%rsp and \$-64,%rbp
mov %rax,%r11 mov %rsp,%r11
sub %rsp,%r11 sub %rbp,%r11
and \$-4096,%r11 and \$-4096,%r11
lea (%rbp,%r11),%rsp
mov (%rsp),%r10
cmp %rbp,%rsp
ja .Lpwrx_page_walk
jmp .Lpwrx_page_walk_done
.Lpwrx_page_walk: .Lpwrx_page_walk:
mov (%rsp,%r11),%r10 lea -4096(%rsp),%rsp
sub \$4096,%r11 mov (%rsp),%r10
.byte 0x2e # predict non-taken cmp %rbp,%rsp
jnc .Lpwrx_page_walk ja .Lpwrx_page_walk
.Lpwrx_page_walk_done:
mov $num,%r10 mov $num,%r10
neg $num neg $num
@ -3607,9 +3661,14 @@ mul_handler:
cmp %r10,%rbx # context->Rip<end of prologue label cmp %r10,%rbx # context->Rip<end of prologue label
jb .Lcommon_seh_tail jb .Lcommon_seh_tail
mov 4(%r11),%r10d # HandlerData[1]
lea (%rsi,%r10),%r10 # epilogue label
cmp %r10,%rbx # context->Rip>=epilogue label
jb .Lcommon_pop_regs
mov 152($context),%rax # pull context->Rsp mov 152($context),%rax # pull context->Rsp
mov 4(%r11),%r10d # HandlerData[1] mov 8(%r11),%r10d # HandlerData[2]
lea (%rsi,%r10),%r10 # epilogue label lea (%rsi,%r10),%r10 # epilogue label
cmp %r10,%rbx # context->Rip>=epilogue label cmp %r10,%rbx # context->Rip>=epilogue label
jae .Lcommon_seh_tail jae .Lcommon_seh_tail
@ -3621,11 +3680,11 @@ mul_handler:
mov 192($context),%r10 # pull $num mov 192($context),%r10 # pull $num
mov 8(%rax,%r10,8),%rax # pull saved stack pointer mov 8(%rax,%r10,8),%rax # pull saved stack pointer
jmp .Lbody_proceed jmp .Lcommon_pop_regs
.Lbody_40: .Lbody_40:
mov 40(%rax),%rax # pull saved stack pointer mov 40(%rax),%rax # pull saved stack pointer
.Lbody_proceed: .Lcommon_pop_regs:
mov -8(%rax),%rbx mov -8(%rax),%rbx
mov -16(%rax),%rbp mov -16(%rax),%rbp
mov -24(%rax),%r12 mov -24(%rax),%r12
@ -3716,34 +3775,34 @@ $code.=<<___;
.LSEH_info_bn_mul_mont_gather5: .LSEH_info_bn_mul_mont_gather5:
.byte 9,0,0,0 .byte 9,0,0,0
.rva mul_handler .rva mul_handler
.rva .Lmul_body,.Lmul_epilogue # HandlerData[] .rva .Lmul_body,.Lmul_body,.Lmul_epilogue # HandlerData[]
.align 8 .align 8
.LSEH_info_bn_mul4x_mont_gather5: .LSEH_info_bn_mul4x_mont_gather5:
.byte 9,0,0,0 .byte 9,0,0,0
.rva mul_handler .rva mul_handler
.rva .Lmul4x_body,.Lmul4x_epilogue # HandlerData[] .rva .Lmul4x_prologue,.Lmul4x_body,.Lmul4x_epilogue # HandlerData[]
.align 8 .align 8
.LSEH_info_bn_power5: .LSEH_info_bn_power5:
.byte 9,0,0,0 .byte 9,0,0,0
.rva mul_handler .rva mul_handler
.rva .Lpower5_body,.Lpower5_epilogue # HandlerData[] .rva .Lpower5_prologue,.Lpower5_body,.Lpower5_epilogue # HandlerData[]
.align 8 .align 8
.LSEH_info_bn_from_mont8x: .LSEH_info_bn_from_mont8x:
.byte 9,0,0,0 .byte 9,0,0,0
.rva mul_handler .rva mul_handler
.rva .Lfrom_body,.Lfrom_epilogue # HandlerData[] .rva .Lfrom_prologue,.Lfrom_body,.Lfrom_epilogue # HandlerData[]
___ ___
$code.=<<___ if ($addx); $code.=<<___ if ($addx);
.align 8 .align 8
.LSEH_info_bn_mulx4x_mont_gather5: .LSEH_info_bn_mulx4x_mont_gather5:
.byte 9,0,0,0 .byte 9,0,0,0
.rva mul_handler .rva mul_handler
.rva .Lmulx4x_body,.Lmulx4x_epilogue # HandlerData[] .rva .Lmulx4x_prologue,.Lmulx4x_body,.Lmulx4x_epilogue # HandlerData[]
.align 8 .align 8
.LSEH_info_bn_powerx5: .LSEH_info_bn_powerx5:
.byte 9,0,0,0 .byte 9,0,0,0
.rva mul_handler .rva mul_handler
.rva .Lpowerx5_body,.Lpowerx5_epilogue # HandlerData[] .rva .Lpowerx5_prologue,.Lpowerx5_body,.Lpowerx5_epilogue # HandlerData[]
___ ___
$code.=<<___; $code.=<<___;
.align 8 .align 8

View File

@ -842,6 +842,8 @@ int RAND_pseudo_bytes(unsigned char *buf, int num);
if (*(ftl--)) break; \ if (*(ftl--)) break; \
(a)->top = tmp_top; \ (a)->top = tmp_top; \
} \ } \
if ((a)->top == 0) \
(a)->neg = 0; \
bn_pollute(a); \ bn_pollute(a); \
} }

View File

@ -155,7 +155,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
({ asm volatile ( \ ({ asm volatile ( \
"divl %4" \ "divl %4" \
: "=a"(q), "=d"(rem) \ : "=a"(q), "=d"(rem) \
: "a"(n1), "d"(n0), "g"(d0) \ : "a"(n1), "d"(n0), "r"(d0) \
: "cc"); \ : "cc"); \
q; \ q; \
}) })
@ -170,7 +170,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
({ asm volatile ( \ ({ asm volatile ( \
"divq %4" \ "divq %4" \
: "=a"(q), "=d"(rem) \ : "=a"(q), "=d"(rem) \
: "a"(n1), "d"(n0), "g"(d0) \ : "a"(n1), "d"(n0), "r"(d0) \
: "cc"); \ : "cc"); \
q; \ q; \
}) })

View File

@ -569,7 +569,7 @@ void BN_clear(BIGNUM *a)
{ {
bn_check_top(a); bn_check_top(a);
if (a->d != NULL) if (a->d != NULL)
memset(a->d, 0, a->dmax * sizeof(a->d[0])); OPENSSL_cleanse(a->d, a->dmax * sizeof(a->d[0]));
a->top = 0; a->top = 0;
a->neg = 0; a->neg = 0;
} }

View File

@ -72,12 +72,9 @@ char *BN_bn2hex(const BIGNUM *a)
char *buf; char *buf;
char *p; char *p;
if (a->neg && BN_is_zero(a)) { if (BN_is_zero(a))
/* "-0" == 3 bytes including NULL terminator */ return OPENSSL_strdup("0");
buf = OPENSSL_malloc(3);
} else {
buf = OPENSSL_malloc(a->top * BN_BYTES * 2 + 2); buf = OPENSSL_malloc(a->top * BN_BYTES * 2 + 2);
}
if (buf == NULL) { if (buf == NULL) {
BNerr(BN_F_BN_BN2HEX, ERR_R_MALLOC_FAILURE); BNerr(BN_F_BN_BN2HEX, ERR_R_MALLOC_FAILURE);
goto err; goto err;
@ -111,6 +108,7 @@ char *BN_bn2dec(const BIGNUM *a)
char *p; char *p;
BIGNUM *t = NULL; BIGNUM *t = NULL;
BN_ULONG *bn_data = NULL, *lp; BN_ULONG *bn_data = NULL, *lp;
int bn_data_num;
/*- /*-
* get an upper bound for the length of the decimal integer * get an upper bound for the length of the decimal integer
@ -120,9 +118,9 @@ char *BN_bn2dec(const BIGNUM *a)
*/ */
i = BN_num_bits(a) * 3; i = BN_num_bits(a) * 3;
num = (i / 10 + i / 1000 + 1) + 1; num = (i / 10 + i / 1000 + 1) + 1;
bn_data = bn_data_num = num / BN_DEC_NUM + 1;
(BN_ULONG *)OPENSSL_malloc((num / BN_DEC_NUM + 1) * sizeof(BN_ULONG)); bn_data = OPENSSL_malloc(bn_data_num * sizeof(BN_ULONG));
buf = (char *)OPENSSL_malloc(num + 3); buf = OPENSSL_malloc(num + 3);
if ((buf == NULL) || (bn_data == NULL)) { if ((buf == NULL) || (bn_data == NULL)) {
BNerr(BN_F_BN_BN2DEC, ERR_R_MALLOC_FAILURE); BNerr(BN_F_BN_BN2DEC, ERR_R_MALLOC_FAILURE);
goto err; goto err;
@ -140,9 +138,12 @@ char *BN_bn2dec(const BIGNUM *a)
if (BN_is_negative(t)) if (BN_is_negative(t))
*p++ = '-'; *p++ = '-';
i = 0;
while (!BN_is_zero(t)) { while (!BN_is_zero(t)) {
if (lp - bn_data >= bn_data_num)
goto err;
*lp = BN_div_word(t, BN_DEC_CONV); *lp = BN_div_word(t, BN_DEC_CONV);
if (*lp == (BN_ULONG)-1)
goto err;
lp++; lp++;
} }
lp--; lp--;
@ -240,10 +241,12 @@ int BN_hex2bn(BIGNUM **bn, const char *a)
} }
ret->top = h; ret->top = h;
bn_correct_top(ret); bn_correct_top(ret);
ret->neg = neg;
*bn = ret; *bn = ret;
bn_check_top(ret); bn_check_top(ret);
/* Don't set the negative flag if it's zero. */
if (ret->top != 0)
ret->neg = neg;
return (num); return (num);
err: err:
if (*bn == NULL) if (*bn == NULL)
@ -295,7 +298,7 @@ int BN_dec2bn(BIGNUM **bn, const char *a)
if (j == BN_DEC_NUM) if (j == BN_DEC_NUM)
j = 0; j = 0;
l = 0; l = 0;
while (*a) { while (--i >= 0) {
l *= 10; l *= 10;
l += *a - '0'; l += *a - '0';
a++; a++;
@ -306,11 +309,13 @@ int BN_dec2bn(BIGNUM **bn, const char *a)
j = 0; j = 0;
} }
} }
ret->neg = neg;
bn_correct_top(ret); bn_correct_top(ret);
*bn = ret; *bn = ret;
bn_check_top(ret); bn_check_top(ret);
/* Don't set the negative flag if it's zero. */
if (ret->top != 0)
ret->neg = neg;
return (num); return (num);
err: err:
if (*bn == NULL) if (*bn == NULL)
@ -321,6 +326,7 @@ int BN_dec2bn(BIGNUM **bn, const char *a)
int BN_asc2bn(BIGNUM **bn, const char *a) int BN_asc2bn(BIGNUM **bn, const char *a)
{ {
const char *p = a; const char *p = a;
if (*p == '-') if (*p == '-')
p++; p++;
@ -331,7 +337,8 @@ int BN_asc2bn(BIGNUM **bn, const char *a)
if (!BN_dec2bn(bn, p)) if (!BN_dec2bn(bn, p))
return 0; return 0;
} }
if (*a == '-') /* Don't set the negative flag if it's zero. */
if (*a == '-' && (*bn)->top != 0)
(*bn)->neg = 1; (*bn)->neg = 1;
return 1; return 1;
} }

View File

@ -121,15 +121,14 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
int ret = 0, bit, bytes, mask; int ret = 0, bit, bytes, mask;
time_t tim; time_t tim;
if (bits < 0 || (bits == 1 && top > 0)) {
BNerr(BN_F_BNRAND, BN_R_BITS_TOO_SMALL);
return 0;
}
if (bits == 0) { if (bits == 0) {
if (top != -1 || bottom != 0)
goto toosmall;
BN_zero(rnd); BN_zero(rnd);
return 1; return 1;
} }
if (bits < 0 || (bits == 1 && top > 0))
goto toosmall;
bytes = (bits + 7) / 8; bytes = (bits + 7) / 8;
bit = (bits - 1) % 8; bit = (bits - 1) % 8;
@ -145,13 +144,9 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
time(&tim); time(&tim);
RAND_add(&tim, sizeof(tim), 0.0); RAND_add(&tim, sizeof(tim), 0.0);
if (pseudorand) { /* We ignore the value of pseudorand and always call RAND_bytes */
if (RAND_pseudo_bytes(buf, bytes) == -1)
goto err;
} else {
if (RAND_bytes(buf, bytes) <= 0) if (RAND_bytes(buf, bytes) <= 0)
goto err; goto err;
}
#if 1 #if 1
if (pseudorand == 2) { if (pseudorand == 2) {
@ -199,6 +194,10 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
} }
bn_check_top(rnd); bn_check_top(rnd);
return (ret); return (ret);
toosmall:
BNerr(BN_F_BNRAND, BN_R_BITS_TOO_SMALL);
return 0;
} }
int BN_rand(BIGNUM *rnd, int bits, int top, int bottom) int BN_rand(BIGNUM *rnd, int bits, int top, int bottom)

View File

@ -72,10 +72,32 @@ BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w)
if (w == 0) if (w == 0)
return (BN_ULONG)-1; return (BN_ULONG)-1;
#ifndef BN_LLONG
/*
* If |w| is too long and we don't have BN_ULLONG then we need to fall
* back to using BN_div_word
*/
if (w > ((BN_ULONG)1 << BN_BITS4)) {
BIGNUM *tmp = BN_dup(a);
if (tmp == NULL)
return (BN_ULONG)-1;
ret = BN_div_word(tmp, w);
BN_free(tmp);
return ret;
}
#endif
bn_check_top(a); bn_check_top(a);
w &= BN_MASK2; w &= BN_MASK2;
for (i = a->top - 1; i >= 0; i--) { for (i = a->top - 1; i >= 0; i--) {
#ifndef BN_LLONG #ifndef BN_LLONG
/*
* We can assume here that | w <= ((BN_ULONG)1 << BN_BITS4) | and so
* | ret < ((BN_ULONG)1 << BN_BITS4) | and therefore the shifts here are
* safe and will not overflow
*/
ret = ((ret << BN_BITS4) | ((a->d[i] >> BN_BITS4) & BN_MASK2l)) % w; ret = ((ret << BN_BITS4) | ((a->d[i] >> BN_BITS4) & BN_MASK2l)) % w;
ret = ((ret << BN_BITS4) | (a->d[i] & BN_MASK2l)) % w; ret = ((ret << BN_BITS4) | (a->d[i] & BN_MASK2l)) % w;
#else #else

View File

@ -514,7 +514,7 @@ static void print_word(BIO *bp, BN_ULONG w)
int test_div_word(BIO *bp) int test_div_word(BIO *bp)
{ {
BIGNUM a, b; BIGNUM a, b;
BN_ULONG r, s; BN_ULONG r, rmod, s;
int i; int i;
BN_init(&a); BN_init(&a);
@ -528,8 +528,14 @@ int test_div_word(BIO *bp)
s = b.d[0]; s = b.d[0];
BN_copy(&b, &a); BN_copy(&b, &a);
rmod = BN_mod_word(&b, s);
r = BN_div_word(&b, s); r = BN_div_word(&b, s);
if (rmod != r) {
fprintf(stderr, "Mod (word) test failed!\n");
return 0;
}
if (bp != NULL) { if (bp != NULL) {
if (!results) { if (!results) {
BN_print(bp, &a); BN_print(bp, &a);

View File

@ -119,7 +119,7 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
/* Generate a random IV if we need one */ /* Generate a random IV if we need one */
ivlen = EVP_CIPHER_CTX_iv_length(ctx); ivlen = EVP_CIPHER_CTX_iv_length(ctx);
if (ivlen > 0) { if (ivlen > 0) {
if (RAND_pseudo_bytes(iv, ivlen) <= 0) if (RAND_bytes(iv, ivlen) <= 0)
goto err; goto err;
piv = iv; piv = iv;
} }
@ -179,10 +179,9 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
CMS_R_CIPHER_INITIALISATION_ERROR); CMS_R_CIPHER_INITIALISATION_ERROR);
goto err; goto err;
} }
if (enc) {
if (piv) {
calg->parameter = ASN1_TYPE_new(); calg->parameter = ASN1_TYPE_new();
if (!calg->parameter) { if (calg->parameter == NULL) {
CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE); CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
goto err; goto err;
} }
@ -191,6 +190,11 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR); CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
goto err; goto err;
} }
/* If parameter type not set omit parameter */
if (calg->parameter->type == V_ASN1_UNDEF) {
ASN1_TYPE_free(calg->parameter);
calg->parameter = NULL;
}
} }
ok = 1; ok = 1;

View File

@ -107,8 +107,7 @@ CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
else { else {
if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32)) if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32))
goto merr; goto merr;
if (RAND_pseudo_bytes(rr->signedContentIdentifier->data, 32) if (RAND_bytes(rr->signedContentIdentifier->data, 32) <= 0)
<= 0)
goto err; goto err;
} }

View File

@ -413,6 +413,8 @@ static STACK_OF(CMS_CertificateChoices)
return &cms->d.signedData->certificates; return &cms->d.signedData->certificates;
case NID_pkcs7_enveloped: case NID_pkcs7_enveloped:
if (cms->d.envelopedData->originatorInfo == NULL)
return NULL;
return &cms->d.envelopedData->originatorInfo->certificates; return &cms->d.envelopedData->originatorInfo->certificates;
default: default:
@ -488,6 +490,8 @@ static STACK_OF(CMS_RevocationInfoChoice)
return &cms->d.signedData->crls; return &cms->d.signedData->crls;
case NID_pkcs7_enveloped: case NID_pkcs7_enveloped:
if (cms->d.envelopedData->originatorInfo == NULL)
return NULL;
return &cms->d.envelopedData->originatorInfo->crls; return &cms->d.envelopedData->originatorInfo->crls;
default: default:

View File

@ -134,7 +134,7 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
ivlen = EVP_CIPHER_CTX_iv_length(&ctx); ivlen = EVP_CIPHER_CTX_iv_length(&ctx);
if (ivlen > 0) { if (ivlen > 0) {
if (RAND_pseudo_bytes(iv, ivlen) <= 0) if (RAND_bytes(iv, ivlen) <= 0)
goto err; goto err;
if (EVP_EncryptInit_ex(&ctx, NULL, NULL, NULL, iv) <= 0) { if (EVP_EncryptInit_ex(&ctx, NULL, NULL, NULL, iv) <= 0) {
CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_EVP_LIB); CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_EVP_LIB);
@ -301,7 +301,7 @@ static int kek_wrap_key(unsigned char *out, size_t *outlen,
memcpy(out + 4, in, inlen); memcpy(out + 4, in, inlen);
/* Add random padding to end */ /* Add random padding to end */
if (olen > inlen + 4 if (olen > inlen + 4
&& RAND_pseudo_bytes(out + 4 + inlen, olen - 4 - inlen) < 0) && RAND_bytes(out + 4 + inlen, olen - 4 - inlen) <= 0)
return 0; return 0;
/* Encrypt twice */ /* Encrypt twice */
EVP_EncryptUpdate(ctx, out, &dummy, out, olen); EVP_EncryptUpdate(ctx, out, &dummy, out, olen);

View File

@ -14,7 +14,7 @@ extern "C" {
typedef struct comp_ctx_st COMP_CTX; typedef struct comp_ctx_st COMP_CTX;
typedef struct comp_method_st { struct comp_method_st {
int type; /* NID for compression library */ int type; /* NID for compression library */
const char *name; /* A text string to identify the library */ const char *name; /* A text string to identify the library */
int (*init) (COMP_CTX *ctx); int (*init) (COMP_CTX *ctx);
@ -30,7 +30,7 @@ typedef struct comp_method_st {
*/ */
long (*ctrl) (void); long (*ctrl) (void);
long (*callback_ctrl) (void); long (*callback_ctrl) (void);
} COMP_METHOD; };
struct comp_ctx_st { struct comp_ctx_st {
COMP_METHOD *meth; COMP_METHOD *meth;

View File

@ -94,7 +94,7 @@
# define IS_DQUOTE(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_DQUOTE) # define IS_DQUOTE(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_DQUOTE)
# define IS_HIGHBIT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_HIGHBIT) # define IS_HIGHBIT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_HIGHBIT)
#else /* CHARSET_EBCDIC */ #else /*CHARSET_EBCDIC*/
# define IS_COMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_COMMENT) # define IS_COMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_COMMENT)
# define IS_FCOMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_FCOMMENT) # define IS_FCOMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_FCOMMENT)
@ -108,7 +108,7 @@
# define IS_QUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_QUOTE) # define IS_QUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_QUOTE)
# define IS_DQUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_DQUOTE) # define IS_DQUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_DQUOTE)
# define IS_HIGHBIT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_HIGHBIT) # define IS_HIGHBIT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_HIGHBIT)
#endif /* CHARSET_EBCDIC */ #endif /*CHARSET_EBCDIC*/
static unsigned short CONF_type_default[256] = { static unsigned short CONF_type_default[256] = {
0x0008, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0008, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,

View File

@ -288,6 +288,10 @@ static CONF_MODULE *module_add(DSO *dso, const char *name,
tmod->dso = dso; tmod->dso = dso;
tmod->name = BUF_strdup(name); tmod->name = BUF_strdup(name);
if (tmod->name == NULL) {
OPENSSL_free(tmod);
return NULL;
}
tmod->init = ifunc; tmod->init = ifunc;
tmod->finish = ffunc; tmod->finish = ffunc;
tmod->links = 0; tmod->links = 0;

View File

@ -110,8 +110,10 @@ print <<"EOF";
* [including the GNU Public Licence.] * [including the GNU Public Licence.]
*/ */
/* THIS FILE WAS AUTOMAGICALLY GENERATED! /*
Please modify and use keysets.pl to regenerate it. */ * THIS FILE WAS AUTOMAGICALLY GENERATED! Please modify and use keysets.pl to
* regenerate it.
*/
#define CONF_NUMBER $NUMBER #define CONF_NUMBER $NUMBER
#define CONF_UPPER $UPPER #define CONF_UPPER $UPPER
@ -133,53 +135,53 @@ print <<"EOF";
#define KEYTYPES(c) ((unsigned short *)((c)->meth_data)) #define KEYTYPES(c) ((unsigned short *)((c)->meth_data))
#ifndef CHARSET_EBCDIC #ifndef CHARSET_EBCDIC
#define IS_COMMENT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_COMMENT) # define IS_COMMENT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_COMMENT)
#define IS_FCOMMENT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_FCOMMENT) # define IS_FCOMMENT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_FCOMMENT)
#define IS_EOF(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_EOF) # define IS_EOF(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_EOF)
#define IS_ESC(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_ESC) # define IS_ESC(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_ESC)
#define IS_NUMBER(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_NUMBER) # define IS_NUMBER(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_NUMBER)
#define IS_WS(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_WS) # define IS_WS(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_WS)
#define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC) # define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC)
#define IS_ALPHA_NUMERIC_PUNCT(c,a) \\ # define IS_ALPHA_NUMERIC_PUNCT(c,a) \\
(KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC_PUNCT) (KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC_PUNCT)
#define IS_QUOTE(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_QUOTE) # define IS_QUOTE(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_QUOTE)
#define IS_DQUOTE(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_DQUOTE) # define IS_DQUOTE(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_DQUOTE)
#define IS_HIGHBIT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_HIGHBIT) # define IS_HIGHBIT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_HIGHBIT)
#else /*CHARSET_EBCDIC*/ #else /*CHARSET_EBCDIC*/
#define IS_COMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_COMMENT) # define IS_COMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_COMMENT)
#define IS_FCOMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_FCOMMENT) # define IS_FCOMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_FCOMMENT)
#define IS_EOF(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_EOF) # define IS_EOF(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_EOF)
#define IS_ESC(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ESC) # define IS_ESC(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ESC)
#define IS_NUMBER(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_NUMBER) # define IS_NUMBER(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_NUMBER)
#define IS_WS(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_WS) # define IS_WS(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_WS)
#define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC) # define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC)
#define IS_ALPHA_NUMERIC_PUNCT(c,a) \\ # define IS_ALPHA_NUMERIC_PUNCT(c,a) \\
(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC_PUNCT) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC_PUNCT)
#define IS_QUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_QUOTE) # define IS_QUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_QUOTE)
#define IS_DQUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_DQUOTE) # define IS_DQUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_DQUOTE)
#define IS_HIGHBIT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_HIGHBIT) # define IS_HIGHBIT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_HIGHBIT)
#endif /*CHARSET_EBCDIC*/ #endif /*CHARSET_EBCDIC*/
EOF EOF
print "static unsigned short CONF_type_default[256]={"; print "static unsigned short CONF_type_default[256] = {";
for ($i=0; $i<256; $i++) for ($i=0; $i<256; $i++)
{ {
print "\n\t" if ($i % 8) == 0; print "\n " if ($i % 8) == 0;
printf "0x%04X,",$V_def[$i]; printf " 0x%04X,",$V_def[$i];
} }
print "\n\t};\n\n"; print "\n};\n\n";
print "static unsigned short CONF_type_win32[256]={"; print "static unsigned short CONF_type_win32[256] = {";
for ($i=0; $i<256; $i++) for ($i=0; $i<256; $i++)
{ {
print "\n\t" if ($i % 8) == 0; print "\n " if ($i % 8) == 0;
printf "0x%04X,",$V_w32[$i]; printf " 0x%04X,",$V_w32[$i];
} }
print "\n\t};\n\n"; print "\n};\n";

View File

@ -96,7 +96,7 @@ $code.=<<___;
des_t4_cbc_encrypt: des_t4_cbc_encrypt:
cmp $len, 0 cmp $len, 0
be,pn $::size_t_cc, .Lcbc_abort be,pn $::size_t_cc, .Lcbc_abort
nop srln $len, 0, $len ! needed on v8+, "nop" on v9
ld [$ivec + 0], %f0 ! load ivec ld [$ivec + 0], %f0 ! load ivec
ld [$ivec + 4], %f1 ld [$ivec + 4], %f1
@ -197,7 +197,7 @@ des_t4_cbc_encrypt:
des_t4_cbc_decrypt: des_t4_cbc_decrypt:
cmp $len, 0 cmp $len, 0
be,pn $::size_t_cc, .Lcbc_abort be,pn $::size_t_cc, .Lcbc_abort
nop srln $len, 0, $len ! needed on v8+, "nop" on v9
ld [$ivec + 0], %f2 ! load ivec ld [$ivec + 0], %f2 ! load ivec
ld [$ivec + 4], %f3 ld [$ivec + 4], %f3
@ -305,7 +305,7 @@ $code.=<<___;
des_t4_ede3_cbc_encrypt: des_t4_ede3_cbc_encrypt:
cmp $len, 0 cmp $len, 0
be,pn $::size_t_cc, .Lcbc_abort be,pn $::size_t_cc, .Lcbc_abort
nop srln $len, 0, $len ! needed on v8+, "nop" on v9
ld [$ivec + 0], %f0 ! load ivec ld [$ivec + 0], %f0 ! load ivec
ld [$ivec + 4], %f1 ld [$ivec + 4], %f1
@ -457,7 +457,7 @@ des_t4_ede3_cbc_encrypt:
des_t4_ede3_cbc_decrypt: des_t4_ede3_cbc_decrypt:
cmp $len, 0 cmp $len, 0
be,pn $::size_t_cc, .Lcbc_abort be,pn $::size_t_cc, .Lcbc_abort
nop srln $len, 0, $len ! needed on v8+, "nop" on v9
ld [$ivec + 0], %f2 ! load ivec ld [$ivec + 0], %f2 ! load ivec
ld [$ivec + 4], %f3 ld [$ivec + 4], %f3

View File

@ -456,7 +456,7 @@ void doencryption(void)
len = l - rem; len = l - rem;
if (feof(DES_IN)) { if (feof(DES_IN)) {
for (i = 7 - rem; i > 0; i--) { for (i = 7 - rem; i > 0; i--) {
if (RAND_pseudo_bytes(buf + l++, 1) < 0) if (RAND_bytes(buf + l++, 1) <= 0)
goto problems; goto problems;
} }
buf[l++] = rem; buf[l++] = rem;

View File

@ -135,7 +135,7 @@ int DES_enc_write(int fd, const void *_buf, int len,
if (len < 8) { if (len < 8) {
cp = shortbuf; cp = shortbuf;
memcpy(shortbuf, buf, len); memcpy(shortbuf, buf, len);
if (RAND_pseudo_bytes(shortbuf + len, 8 - len) < 0) { if (RAND_bytes(shortbuf + len, 8 - len) <= 0) {
return -1; return -1;
} }
rnum = 8; rnum = 8;

View File

@ -519,7 +519,7 @@ static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
static int dh_missing_parameters(const EVP_PKEY *a) static int dh_missing_parameters(const EVP_PKEY *a)
{ {
if (!a->pkey.dh->p || !a->pkey.dh->g) if (a->pkey.dh == NULL || a->pkey.dh->p == NULL || a->pkey.dh->g == NULL)
return 1; return 1;
return 0; return 0;
} }

View File

@ -350,7 +350,7 @@ static int dsa_missing_parameters(const EVP_PKEY *pkey)
{ {
DSA *dsa; DSA *dsa;
dsa = pkey->pkey.dsa; dsa = pkey->pkey.dsa;
if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL)) if (dsa == NULL || dsa->p == NULL || dsa->q == NULL || dsa->g == NULL)
return 1; return 1;
return 0; return 0;
} }

View File

@ -185,6 +185,9 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
p = BN_CTX_get(ctx); p = BN_CTX_get(ctx);
test = BN_CTX_get(ctx); test = BN_CTX_get(ctx);
if (test == NULL)
goto err;
if (!BN_lshift(test, BN_value_one(), bits - 1)) if (!BN_lshift(test, BN_value_one(), bits - 1))
goto err; goto err;
@ -197,7 +200,7 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
goto err; goto err;
if (!seed_len || !seed_in) { if (!seed_len || !seed_in) {
if (RAND_pseudo_bytes(seed, qsize) < 0) if (RAND_bytes(seed, qsize) <= 0)
goto err; goto err;
seed_is_random = 1; seed_is_random = 1;
} else { } else {
@ -491,7 +494,7 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
goto err; goto err;
if (!seed_in) { if (!seed_in) {
if (RAND_pseudo_bytes(seed, seed_len) < 0) if (RAND_bytes(seed, seed_len) <= 0)
goto err; goto err;
} }
/* step 2 */ /* step 2 */

View File

@ -247,11 +247,13 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
do do
if (!BN_rand_range(&k, dsa->q)) if (!BN_rand_range(&k, dsa->q))
goto err; goto err;
while (BN_is_zero(&k)) ; while (BN_is_zero(&k));
if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) { if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
BN_set_flags(&k, BN_FLG_CONSTTIME); BN_set_flags(&k, BN_FLG_CONSTTIME);
} }
if (dsa->flags & DSA_FLAG_CACHE_MONT_P) { if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p, if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,
CRYPTO_LOCK_DSA, dsa->p, ctx)) CRYPTO_LOCK_DSA, dsa->p, ctx))
@ -264,6 +266,8 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
if (!BN_copy(&kq, &k)) if (!BN_copy(&kq, &k))
goto err; goto err;
BN_set_flags(&kq, BN_FLG_CONSTTIME);
/* /*
* We do not want timing information to leak the length of k, so we * We do not want timing information to leak the length of k, so we
* compute g^k using an equivalent exponent of fixed length. (This * compute g^k using an equivalent exponent of fixed length. (This
@ -282,6 +286,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
} else { } else {
K = &k; K = &k;
} }
DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx, DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx,
dsa->method_mont_p); dsa->method_mont_p);
if (!BN_mod(r, r, dsa->q, ctx)) if (!BN_mod(r, r, dsa->q, ctx))

View File

@ -131,7 +131,7 @@ ec_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
ec_ameth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h ec_ameth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
ec_ameth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h ec_ameth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
ec_ameth.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h ec_ameth.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
ec_ameth.o: ec_ameth.c ec_ameth.o: ec_ameth.c ec_lcl.h
ec_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h ec_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
ec_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h ec_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
ec_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h ec_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h

View File

@ -128,6 +128,7 @@ ecp_nistz256_mul_by_2:
push %r13 push %r13
mov 8*0($a_ptr), $a0 mov 8*0($a_ptr), $a0
xor $t4,$t4
mov 8*1($a_ptr), $a1 mov 8*1($a_ptr), $a1
add $a0, $a0 # a0:a3+a0:a3 add $a0, $a0 # a0:a3+a0:a3
mov 8*2($a_ptr), $a2 mov 8*2($a_ptr), $a2
@ -138,7 +139,7 @@ ecp_nistz256_mul_by_2:
adc $a2, $a2 adc $a2, $a2
adc $a3, $a3 adc $a3, $a3
mov $a1, $t1 mov $a1, $t1
sbb $t4, $t4 adc \$0, $t4
sub 8*0($a_ptr), $a0 sub 8*0($a_ptr), $a0
mov $a2, $t2 mov $a2, $t2
@ -146,14 +147,14 @@ ecp_nistz256_mul_by_2:
sbb 8*2($a_ptr), $a2 sbb 8*2($a_ptr), $a2
mov $a3, $t3 mov $a3, $t3
sbb 8*3($a_ptr), $a3 sbb 8*3($a_ptr), $a3
test $t4, $t4 sbb \$0, $t4
cmovz $t0, $a0 cmovc $t0, $a0
cmovz $t1, $a1 cmovc $t1, $a1
mov $a0, 8*0($r_ptr) mov $a0, 8*0($r_ptr)
cmovz $t2, $a2 cmovc $t2, $a2
mov $a1, 8*1($r_ptr) mov $a1, 8*1($r_ptr)
cmovz $t3, $a3 cmovc $t3, $a3
mov $a2, 8*2($r_ptr) mov $a2, 8*2($r_ptr)
mov $a3, 8*3($r_ptr) mov $a3, 8*3($r_ptr)
@ -250,12 +251,12 @@ ecp_nistz256_mul_by_3:
sbb \$0, $a2 sbb \$0, $a2
mov $a3, $t3 mov $a3, $t3
sbb .Lpoly+8*3(%rip), $a3 sbb .Lpoly+8*3(%rip), $a3
test $t4, $t4 sbb \$0, $t4
cmovz $t0, $a0 cmovc $t0, $a0
cmovz $t1, $a1 cmovc $t1, $a1
cmovz $t2, $a2 cmovc $t2, $a2
cmovz $t3, $a3 cmovc $t3, $a3
xor $t4, $t4 xor $t4, $t4
add 8*0($a_ptr), $a0 # a0:a3+=a_ptr[0:3] add 8*0($a_ptr), $a0 # a0:a3+=a_ptr[0:3]
@ -272,14 +273,14 @@ ecp_nistz256_mul_by_3:
sbb \$0, $a2 sbb \$0, $a2
mov $a3, $t3 mov $a3, $t3
sbb .Lpoly+8*3(%rip), $a3 sbb .Lpoly+8*3(%rip), $a3
test $t4, $t4 sbb \$0, $t4
cmovz $t0, $a0 cmovc $t0, $a0
cmovz $t1, $a1 cmovc $t1, $a1
mov $a0, 8*0($r_ptr) mov $a0, 8*0($r_ptr)
cmovz $t2, $a2 cmovc $t2, $a2
mov $a1, 8*1($r_ptr) mov $a1, 8*1($r_ptr)
cmovz $t3, $a3 cmovc $t3, $a3
mov $a2, 8*2($r_ptr) mov $a2, 8*2($r_ptr)
mov $a3, 8*3($r_ptr) mov $a3, 8*3($r_ptr)
@ -318,14 +319,14 @@ ecp_nistz256_add:
sbb 8*2($a_ptr), $a2 sbb 8*2($a_ptr), $a2
mov $a3, $t3 mov $a3, $t3
sbb 8*3($a_ptr), $a3 sbb 8*3($a_ptr), $a3
test $t4, $t4 sbb \$0, $t4
cmovz $t0, $a0 cmovc $t0, $a0
cmovz $t1, $a1 cmovc $t1, $a1
mov $a0, 8*0($r_ptr) mov $a0, 8*0($r_ptr)
cmovz $t2, $a2 cmovc $t2, $a2
mov $a1, 8*1($r_ptr) mov $a1, 8*1($r_ptr)
cmovz $t3, $a3 cmovc $t3, $a3
mov $a2, 8*2($r_ptr) mov $a2, 8*2($r_ptr)
mov $a3, 8*3($r_ptr) mov $a3, 8*3($r_ptr)
@ -1840,13 +1841,14 @@ $code.=<<___;
.type __ecp_nistz256_add_toq,\@abi-omnipotent .type __ecp_nistz256_add_toq,\@abi-omnipotent
.align 32 .align 32
__ecp_nistz256_add_toq: __ecp_nistz256_add_toq:
xor $t4,$t4
add 8*0($b_ptr), $a0 add 8*0($b_ptr), $a0
adc 8*1($b_ptr), $a1 adc 8*1($b_ptr), $a1
mov $a0, $t0 mov $a0, $t0
adc 8*2($b_ptr), $a2 adc 8*2($b_ptr), $a2
adc 8*3($b_ptr), $a3 adc 8*3($b_ptr), $a3
mov $a1, $t1 mov $a1, $t1
sbb $t4, $t4 adc \$0, $t4
sub \$-1, $a0 sub \$-1, $a0
mov $a2, $t2 mov $a2, $t2
@ -1854,14 +1856,14 @@ __ecp_nistz256_add_toq:
sbb \$0, $a2 sbb \$0, $a2
mov $a3, $t3 mov $a3, $t3
sbb $poly3, $a3 sbb $poly3, $a3
test $t4, $t4 sbb \$0, $t4
cmovz $t0, $a0 cmovc $t0, $a0
cmovz $t1, $a1 cmovc $t1, $a1
mov $a0, 8*0($r_ptr) mov $a0, 8*0($r_ptr)
cmovz $t2, $a2 cmovc $t2, $a2
mov $a1, 8*1($r_ptr) mov $a1, 8*1($r_ptr)
cmovz $t3, $a3 cmovc $t3, $a3
mov $a2, 8*2($r_ptr) mov $a2, 8*2($r_ptr)
mov $a3, 8*3($r_ptr) mov $a3, 8*3($r_ptr)
@ -1929,13 +1931,14 @@ __ecp_nistz256_subq:
.type __ecp_nistz256_mul_by_2q,\@abi-omnipotent .type __ecp_nistz256_mul_by_2q,\@abi-omnipotent
.align 32 .align 32
__ecp_nistz256_mul_by_2q: __ecp_nistz256_mul_by_2q:
xor $t4, $t4
add $a0, $a0 # a0:a3+a0:a3 add $a0, $a0 # a0:a3+a0:a3
adc $a1, $a1 adc $a1, $a1
mov $a0, $t0 mov $a0, $t0
adc $a2, $a2 adc $a2, $a2
adc $a3, $a3 adc $a3, $a3
mov $a1, $t1 mov $a1, $t1
sbb $t4, $t4 adc \$0, $t4
sub \$-1, $a0 sub \$-1, $a0
mov $a2, $t2 mov $a2, $t2
@ -1943,14 +1946,14 @@ __ecp_nistz256_mul_by_2q:
sbb \$0, $a2 sbb \$0, $a2
mov $a3, $t3 mov $a3, $t3
sbb $poly3, $a3 sbb $poly3, $a3
test $t4, $t4 sbb \$0, $t4
cmovz $t0, $a0 cmovc $t0, $a0
cmovz $t1, $a1 cmovc $t1, $a1
mov $a0, 8*0($r_ptr) mov $a0, 8*0($r_ptr)
cmovz $t2, $a2 cmovc $t2, $a2
mov $a1, 8*1($r_ptr) mov $a1, 8*1($r_ptr)
cmovz $t3, $a3 cmovc $t3, $a3
mov $a2, 8*2($r_ptr) mov $a2, 8*2($r_ptr)
mov $a3, 8*3($r_ptr) mov $a3, 8*3($r_ptr)
@ -2241,16 +2244,14 @@ $code.=<<___;
mov $b_org, $a_ptr # reassign mov $b_org, $a_ptr # reassign
movdqa %xmm0, $in1_x(%rsp) movdqa %xmm0, $in1_x(%rsp)
movdqa %xmm1, $in1_x+0x10(%rsp) movdqa %xmm1, $in1_x+0x10(%rsp)
por %xmm0, %xmm1
movdqa %xmm2, $in1_y(%rsp) movdqa %xmm2, $in1_y(%rsp)
movdqa %xmm3, $in1_y+0x10(%rsp) movdqa %xmm3, $in1_y+0x10(%rsp)
por %xmm2, %xmm3
movdqa %xmm4, $in1_z(%rsp) movdqa %xmm4, $in1_z(%rsp)
movdqa %xmm5, $in1_z+0x10(%rsp) movdqa %xmm5, $in1_z+0x10(%rsp)
por %xmm1, %xmm3 por %xmm4, %xmm5
movdqu 0x00($a_ptr), %xmm0 # copy *(P256_POINT *)$b_ptr movdqu 0x00($a_ptr), %xmm0 # copy *(P256_POINT *)$b_ptr
pshufd \$0xb1, %xmm3, %xmm5 pshufd \$0xb1, %xmm5, %xmm3
movdqu 0x10($a_ptr), %xmm1 movdqu 0x10($a_ptr), %xmm1
movdqu 0x20($a_ptr), %xmm2 movdqu 0x20($a_ptr), %xmm2
por %xmm3, %xmm5 por %xmm3, %xmm5
@ -2262,14 +2263,14 @@ $code.=<<___;
movdqa %xmm0, $in2_x(%rsp) movdqa %xmm0, $in2_x(%rsp)
pshufd \$0x1e, %xmm5, %xmm4 pshufd \$0x1e, %xmm5, %xmm4
movdqa %xmm1, $in2_x+0x10(%rsp) movdqa %xmm1, $in2_x+0x10(%rsp)
por %xmm0, %xmm1 movdqu 0x40($a_ptr),%xmm0 # in2_z again
movq $r_ptr, %xmm0 # save $r_ptr movdqu 0x50($a_ptr),%xmm1
movdqa %xmm2, $in2_y(%rsp) movdqa %xmm2, $in2_y(%rsp)
movdqa %xmm3, $in2_y+0x10(%rsp) movdqa %xmm3, $in2_y+0x10(%rsp)
por %xmm2, %xmm3
por %xmm4, %xmm5 por %xmm4, %xmm5
pxor %xmm4, %xmm4 pxor %xmm4, %xmm4
por %xmm1, %xmm3 por %xmm0, %xmm1
movq $r_ptr, %xmm0 # save $r_ptr
lea 0x40-$bias($a_ptr), $a_ptr # $a_ptr is still valid lea 0x40-$bias($a_ptr), $a_ptr # $a_ptr is still valid
mov $src0, $in2_z+8*0(%rsp) # make in2_z copy mov $src0, $in2_z+8*0(%rsp) # make in2_z copy
@ -2280,8 +2281,8 @@ $code.=<<___;
call __ecp_nistz256_sqr_mont$x # p256_sqr_mont(Z2sqr, in2_z); call __ecp_nistz256_sqr_mont$x # p256_sqr_mont(Z2sqr, in2_z);
pcmpeqd %xmm4, %xmm5 pcmpeqd %xmm4, %xmm5
pshufd \$0xb1, %xmm3, %xmm4 pshufd \$0xb1, %xmm1, %xmm4
por %xmm3, %xmm4 por %xmm1, %xmm4
pshufd \$0, %xmm5, %xmm5 # in1infty pshufd \$0, %xmm5, %xmm5 # in1infty
pshufd \$0x1e, %xmm4, %xmm3 pshufd \$0x1e, %xmm4, %xmm3
por %xmm3, %xmm4 por %xmm3, %xmm4
@ -2405,6 +2406,7 @@ $code.=<<___;
#lea $Hsqr(%rsp), $r_ptr # 2*U1*H^2 #lea $Hsqr(%rsp), $r_ptr # 2*U1*H^2
#call __ecp_nistz256_mul_by_2 # ecp_nistz256_mul_by_2(Hsqr, U2); #call __ecp_nistz256_mul_by_2 # ecp_nistz256_mul_by_2(Hsqr, U2);
xor $t4, $t4
add $acc0, $acc0 # a0:a3+a0:a3 add $acc0, $acc0 # a0:a3+a0:a3
lea $Rsqr(%rsp), $a_ptr lea $Rsqr(%rsp), $a_ptr
adc $acc1, $acc1 adc $acc1, $acc1
@ -2412,7 +2414,7 @@ $code.=<<___;
adc $acc2, $acc2 adc $acc2, $acc2
adc $acc3, $acc3 adc $acc3, $acc3
mov $acc1, $t1 mov $acc1, $t1
sbb $t4, $t4 adc \$0, $t4
sub \$-1, $acc0 sub \$-1, $acc0
mov $acc2, $t2 mov $acc2, $t2
@ -2420,15 +2422,15 @@ $code.=<<___;
sbb \$0, $acc2 sbb \$0, $acc2
mov $acc3, $t3 mov $acc3, $t3
sbb $poly3, $acc3 sbb $poly3, $acc3
test $t4, $t4 sbb \$0, $t4
cmovz $t0, $acc0 cmovc $t0, $acc0
mov 8*0($a_ptr), $t0 mov 8*0($a_ptr), $t0
cmovz $t1, $acc1 cmovc $t1, $acc1
mov 8*1($a_ptr), $t1 mov 8*1($a_ptr), $t1
cmovz $t2, $acc2 cmovc $t2, $acc2
mov 8*2($a_ptr), $t2 mov 8*2($a_ptr), $t2
cmovz $t3, $acc3 cmovc $t3, $acc3
mov 8*3($a_ptr), $t3 mov 8*3($a_ptr), $t3
call __ecp_nistz256_sub$x # p256_sub(res_x, Rsqr, Hsqr); call __ecp_nistz256_sub$x # p256_sub(res_x, Rsqr, Hsqr);
@ -2612,16 +2614,14 @@ $code.=<<___;
mov 0x40+8*3($a_ptr), $acc0 mov 0x40+8*3($a_ptr), $acc0
movdqa %xmm0, $in1_x(%rsp) movdqa %xmm0, $in1_x(%rsp)
movdqa %xmm1, $in1_x+0x10(%rsp) movdqa %xmm1, $in1_x+0x10(%rsp)
por %xmm0, %xmm1
movdqa %xmm2, $in1_y(%rsp) movdqa %xmm2, $in1_y(%rsp)
movdqa %xmm3, $in1_y+0x10(%rsp) movdqa %xmm3, $in1_y+0x10(%rsp)
por %xmm2, %xmm3
movdqa %xmm4, $in1_z(%rsp) movdqa %xmm4, $in1_z(%rsp)
movdqa %xmm5, $in1_z+0x10(%rsp) movdqa %xmm5, $in1_z+0x10(%rsp)
por %xmm1, %xmm3 por %xmm4, %xmm5
movdqu 0x00($b_ptr), %xmm0 # copy *(P256_POINT_AFFINE *)$b_ptr movdqu 0x00($b_ptr), %xmm0 # copy *(P256_POINT_AFFINE *)$b_ptr
pshufd \$0xb1, %xmm3, %xmm5 pshufd \$0xb1, %xmm5, %xmm3
movdqu 0x10($b_ptr), %xmm1 movdqu 0x10($b_ptr), %xmm1
movdqu 0x20($b_ptr), %xmm2 movdqu 0x20($b_ptr), %xmm2
por %xmm3, %xmm5 por %xmm3, %xmm5
@ -2710,6 +2710,7 @@ $code.=<<___;
#lea $Hsqr(%rsp), $r_ptr # 2*U1*H^2 #lea $Hsqr(%rsp), $r_ptr # 2*U1*H^2
#call __ecp_nistz256_mul_by_2 # ecp_nistz256_mul_by_2(Hsqr, U2); #call __ecp_nistz256_mul_by_2 # ecp_nistz256_mul_by_2(Hsqr, U2);
xor $t4, $t4
add $acc0, $acc0 # a0:a3+a0:a3 add $acc0, $acc0 # a0:a3+a0:a3
lea $Rsqr(%rsp), $a_ptr lea $Rsqr(%rsp), $a_ptr
adc $acc1, $acc1 adc $acc1, $acc1
@ -2717,7 +2718,7 @@ $code.=<<___;
adc $acc2, $acc2 adc $acc2, $acc2
adc $acc3, $acc3 adc $acc3, $acc3
mov $acc1, $t1 mov $acc1, $t1
sbb $t4, $t4 adc \$0, $t4
sub \$-1, $acc0 sub \$-1, $acc0
mov $acc2, $t2 mov $acc2, $t2
@ -2725,15 +2726,15 @@ $code.=<<___;
sbb \$0, $acc2 sbb \$0, $acc2
mov $acc3, $t3 mov $acc3, $t3
sbb $poly3, $acc3 sbb $poly3, $acc3
test $t4, $t4 sbb \$0, $t4
cmovz $t0, $acc0 cmovc $t0, $acc0
mov 8*0($a_ptr), $t0 mov 8*0($a_ptr), $t0
cmovz $t1, $acc1 cmovc $t1, $acc1
mov 8*1($a_ptr), $t1 mov 8*1($a_ptr), $t1
cmovz $t2, $acc2 cmovc $t2, $acc2
mov 8*2($a_ptr), $t2 mov 8*2($a_ptr), $t2
cmovz $t3, $acc3 cmovc $t3, $acc3
mov 8*3($a_ptr), $t3 mov 8*3($a_ptr), $t3
call __ecp_nistz256_sub$x # p256_sub(res_x, Rsqr, Hsqr); call __ecp_nistz256_sub$x # p256_sub(res_x, Rsqr, Hsqr);
@ -2885,14 +2886,14 @@ __ecp_nistz256_add_tox:
sbb \$0, $a2 sbb \$0, $a2
mov $a3, $t3 mov $a3, $t3
sbb $poly3, $a3 sbb $poly3, $a3
sbb \$0, $t4
bt \$0, $t4 cmovc $t0, $a0
cmovnc $t0, $a0 cmovc $t1, $a1
cmovnc $t1, $a1
mov $a0, 8*0($r_ptr) mov $a0, 8*0($r_ptr)
cmovnc $t2, $a2 cmovc $t2, $a2
mov $a1, 8*1($r_ptr) mov $a1, 8*1($r_ptr)
cmovnc $t3, $a3 cmovc $t3, $a3
mov $a2, 8*2($r_ptr) mov $a2, 8*2($r_ptr)
mov $a3, 8*3($r_ptr) mov $a3, 8*3($r_ptr)
@ -2980,14 +2981,14 @@ __ecp_nistz256_mul_by_2x:
sbb \$0, $a2 sbb \$0, $a2
mov $a3, $t3 mov $a3, $t3
sbb $poly3, $a3 sbb $poly3, $a3
sbb \$0, $t4
bt \$0, $t4 cmovc $t0, $a0
cmovnc $t0, $a0 cmovc $t1, $a1
cmovnc $t1, $a1
mov $a0, 8*0($r_ptr) mov $a0, 8*0($r_ptr)
cmovnc $t2, $a2 cmovc $t2, $a2
mov $a1, 8*1($r_ptr) mov $a1, 8*1($r_ptr)
cmovnc $t3, $a3 cmovc $t3, $a3
mov $a2, 8*2($r_ptr) mov $a2, 8*2($r_ptr)
mov $a3, 8*3($r_ptr) mov $a3, 8*3($r_ptr)

View File

@ -66,9 +66,12 @@
#endif #endif
#include <openssl/asn1t.h> #include <openssl/asn1t.h>
#include "asn1_locl.h" #include "asn1_locl.h"
#include "ec_lcl.h"
#ifndef OPENSSL_NO_CMS
static int ecdh_cms_decrypt(CMS_RecipientInfo *ri); static int ecdh_cms_decrypt(CMS_RecipientInfo *ri);
static int ecdh_cms_encrypt(CMS_RecipientInfo *ri); static int ecdh_cms_encrypt(CMS_RecipientInfo *ri);
#endif
static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key) static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key)
{ {
@ -221,6 +224,8 @@ static int eckey_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
const EC_GROUP *group = EC_KEY_get0_group(b->pkey.ec); const EC_GROUP *group = EC_KEY_get0_group(b->pkey.ec);
const EC_POINT *pa = EC_KEY_get0_public_key(a->pkey.ec), const EC_POINT *pa = EC_KEY_get0_public_key(a->pkey.ec),
*pb = EC_KEY_get0_public_key(b->pkey.ec); *pb = EC_KEY_get0_public_key(b->pkey.ec);
if (group == NULL || pa == NULL || pb == NULL)
return -2;
r = EC_POINT_cmp(group, pa, pb, NULL); r = EC_POINT_cmp(group, pa, pb, NULL);
if (r == 0) if (r == 0)
return 1; return 1;
@ -299,15 +304,13 @@ static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
{ {
EC_KEY *ec_key; EC_KEY ec_key = *(pkey->pkey.ec);
unsigned char *ep, *p; unsigned char *ep, *p;
int eplen, ptype; int eplen, ptype;
void *pval; void *pval;
unsigned int tmp_flags, old_flags; unsigned int old_flags;
ec_key = pkey->pkey.ec; if (!eckey_param2type(&ptype, &pval, &ec_key)) {
if (!eckey_param2type(&ptype, &pval, ec_key)) {
ECerr(EC_F_ECKEY_PRIV_ENCODE, EC_R_DECODE_ERROR); ECerr(EC_F_ECKEY_PRIV_ENCODE, EC_R_DECODE_ERROR);
return 0; return 0;
} }
@ -318,30 +321,25 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
* do not include the parameters in the SEC1 private key see PKCS#11 * do not include the parameters in the SEC1 private key see PKCS#11
* 12.11 * 12.11
*/ */
old_flags = EC_KEY_get_enc_flags(ec_key); old_flags = EC_KEY_get_enc_flags(&ec_key);
tmp_flags = old_flags | EC_PKEY_NO_PARAMETERS; EC_KEY_set_enc_flags(&ec_key, old_flags | EC_PKEY_NO_PARAMETERS);
EC_KEY_set_enc_flags(ec_key, tmp_flags);
eplen = i2d_ECPrivateKey(ec_key, NULL); eplen = i2d_ECPrivateKey(&ec_key, NULL);
if (!eplen) { if (!eplen) {
EC_KEY_set_enc_flags(ec_key, old_flags);
ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB); ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
return 0; return 0;
} }
ep = (unsigned char *)OPENSSL_malloc(eplen); ep = (unsigned char *)OPENSSL_malloc(eplen);
if (!ep) { if (!ep) {
EC_KEY_set_enc_flags(ec_key, old_flags);
ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_MALLOC_FAILURE); ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
return 0; return 0;
} }
p = ep; p = ep;
if (!i2d_ECPrivateKey(ec_key, &p)) { if (!i2d_ECPrivateKey(&ec_key, &p)) {
EC_KEY_set_enc_flags(ec_key, old_flags);
OPENSSL_free(ep); OPENSSL_free(ep);
ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB); ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
return 0; return 0;
} }
/* restore old encoding flags */
EC_KEY_set_enc_flags(ec_key, old_flags);
if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_X9_62_id_ecPublicKey), 0, if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_X9_62_id_ecPublicKey), 0,
ptype, pval, ep, eplen)) ptype, pval, ep, eplen))
@ -378,7 +376,7 @@ static int ec_bits(const EVP_PKEY *pkey)
static int ec_missing_parameters(const EVP_PKEY *pkey) static int ec_missing_parameters(const EVP_PKEY *pkey)
{ {
if (EC_KEY_get0_group(pkey->pkey.ec) == NULL) if (pkey->pkey.ec == NULL || EC_KEY_get0_group(pkey->pkey.ec) == NULL)
return 1; return 1;
return 0; return 0;
} }
@ -398,6 +396,8 @@ static int ec_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
{ {
const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec), const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec),
*group_b = EC_KEY_get0_group(b->pkey.ec); *group_b = EC_KEY_get0_group(b->pkey.ec);
if (group_a == NULL || group_b == NULL)
return -2;
if (EC_GROUP_cmp(group_a, group_b, NULL)) if (EC_GROUP_cmp(group_a, group_b, NULL))
return 0; return 0;
else else

View File

@ -377,9 +377,9 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
return 0; return 0;
} }
ctx = BN_CTX_new(); ctx = BN_CTX_new();
if (!ctx) if (ctx == NULL)
goto err; return 0;
BN_CTX_start(ctx);
point = EC_POINT_new(key->group); point = EC_POINT_new(key->group);
if (!point) if (!point)
@ -432,9 +432,8 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
ok = 1; ok = 1;
err: err:
if (ctx) BN_CTX_end(ctx);
BN_CTX_free(ctx); BN_CTX_free(ctx);
if (point)
EC_POINT_free(point); EC_POINT_free(point);
return ok; return ok;

View File

@ -82,19 +82,36 @@ typedef struct ec_pre_comp_st {
} EC_PRE_COMP; } EC_PRE_COMP;
/* Functions implemented in assembly */ /* Functions implemented in assembly */
/* Modular mul by 2: res = 2*a mod P */ /*
void ecp_nistz256_mul_by_2(BN_ULONG res[P256_LIMBS], * Most of below mentioned functions *preserve* the property of inputs
const BN_ULONG a[P256_LIMBS]); * being fully reduced, i.e. being in [0, modulus) range. Simply put if
/* Modular div by 2: res = a/2 mod P */ * inputs are fully reduced, then output is too. Note that reverse is
void ecp_nistz256_div_by_2(BN_ULONG res[P256_LIMBS], * not true, in sense that given partially reduced inputs output can be
const BN_ULONG a[P256_LIMBS]); * either, not unlikely reduced. And "most" in first sentence refers to
/* Modular mul by 3: res = 3*a mod P */ * the fact that given the calculations flow one can tolerate that
void ecp_nistz256_mul_by_3(BN_ULONG res[P256_LIMBS], * addition, 1st function below, produces partially reduced result *if*
const BN_ULONG a[P256_LIMBS]); * multiplications by 2 and 3, which customarily use addition, fully
* reduce it. This effectively gives two options: a) addition produces
* fully reduced result [as long as inputs are, just like remaining
* functions]; b) addition is allowed to produce partially reduced
* result, but multiplications by 2 and 3 perform additional reduction
* step. Choice between the two can be platform-specific, but it was a)
* in all cases so far...
*/
/* Modular add: res = a+b mod P */ /* Modular add: res = a+b mod P */
void ecp_nistz256_add(BN_ULONG res[P256_LIMBS], void ecp_nistz256_add(BN_ULONG res[P256_LIMBS],
const BN_ULONG a[P256_LIMBS], const BN_ULONG a[P256_LIMBS],
const BN_ULONG b[P256_LIMBS]); const BN_ULONG b[P256_LIMBS]);
/* Modular mul by 2: res = 2*a mod P */
void ecp_nistz256_mul_by_2(BN_ULONG res[P256_LIMBS],
const BN_ULONG a[P256_LIMBS]);
/* Modular mul by 3: res = 3*a mod P */
void ecp_nistz256_mul_by_3(BN_ULONG res[P256_LIMBS],
const BN_ULONG a[P256_LIMBS]);
/* Modular div by 2: res = a/2 mod P */
void ecp_nistz256_div_by_2(BN_ULONG res[P256_LIMBS],
const BN_ULONG a[P256_LIMBS]);
/* Modular sub: res = a-b mod P */ /* Modular sub: res = a-b mod P */
void ecp_nistz256_sub(BN_ULONG res[P256_LIMBS], void ecp_nistz256_sub(BN_ULONG res[P256_LIMBS],
const BN_ULONG a[P256_LIMBS], const BN_ULONG a[P256_LIMBS],
@ -205,10 +222,12 @@ static BN_ULONG is_equal(const BN_ULONG a[P256_LIMBS],
return is_zero(res); return is_zero(res);
} }
static BN_ULONG is_one(const BN_ULONG a[P256_LIMBS]) static BN_ULONG is_one(const BIGNUM *z)
{ {
BN_ULONG res; BN_ULONG res = 0;
BN_ULONG *a = z->d;
if (z->top == (P256_LIMBS - P256_LIMBS / 8)) {
res = a[0] ^ ONE[0]; res = a[0] ^ ONE[0];
res |= a[1] ^ ONE[1]; res |= a[1] ^ ONE[1];
res |= a[2] ^ ONE[2]; res |= a[2] ^ ONE[2];
@ -217,9 +236,15 @@ static BN_ULONG is_one(const BN_ULONG a[P256_LIMBS])
res |= a[4] ^ ONE[4]; res |= a[4] ^ ONE[4];
res |= a[5] ^ ONE[5]; res |= a[5] ^ ONE[5];
res |= a[6] ^ ONE[6]; res |= a[6] ^ ONE[6];
/*
* no check for a[7] (being zero) on 32-bit platforms,
* because value of "one" takes only 7 limbs.
*/
}
res = is_zero(res);
} }
return is_zero(res); return res;
} }
static int ecp_nistz256_set_words(BIGNUM *a, BN_ULONG words[P256_LIMBS]) static int ecp_nistz256_set_words(BIGNUM *a, BN_ULONG words[P256_LIMBS])
@ -315,19 +340,16 @@ static void ecp_nistz256_point_add(P256_POINT *r,
const BN_ULONG *in2_y = b->Y; const BN_ULONG *in2_y = b->Y;
const BN_ULONG *in2_z = b->Z; const BN_ULONG *in2_z = b->Z;
/* We encode infinity as (0,0), which is not on the curve, /*
* so it is OK. */ * Infinity in encoded as (,,0)
in1infty = (in1_x[0] | in1_x[1] | in1_x[2] | in1_x[3] | */
in1_y[0] | in1_y[1] | in1_y[2] | in1_y[3]); in1infty = (in1_z[0] | in1_z[1] | in1_z[2] | in1_z[3]);
if (P256_LIMBS == 8) if (P256_LIMBS == 8)
in1infty |= (in1_x[4] | in1_x[5] | in1_x[6] | in1_x[7] | in1infty |= (in1_z[4] | in1_z[5] | in1_z[6] | in1_z[7]);
in1_y[4] | in1_y[5] | in1_y[6] | in1_y[7]);
in2infty = (in2_x[0] | in2_x[1] | in2_x[2] | in2_x[3] | in2infty = (in2_z[0] | in2_z[1] | in2_z[2] | in2_z[3]);
in2_y[0] | in2_y[1] | in2_y[2] | in2_y[3]);
if (P256_LIMBS == 8) if (P256_LIMBS == 8)
in2infty |= (in2_x[4] | in2_x[5] | in2_x[6] | in2_x[7] | in2infty |= (in2_z[4] | in2_z[5] | in2_z[6] | in2_z[7]);
in2_y[4] | in2_y[5] | in2_y[6] | in2_y[7]);
in1infty = is_zero(in1infty); in1infty = is_zero(in1infty);
in2infty = is_zero(in2infty); in2infty = is_zero(in2infty);
@ -416,15 +438,16 @@ static void ecp_nistz256_point_add_affine(P256_POINT *r,
const BN_ULONG *in2_y = b->Y; const BN_ULONG *in2_y = b->Y;
/* /*
* In affine representation we encode infty as (0,0), which is not on the * Infinity in encoded as (,,0)
* curve, so it is OK
*/ */
in1infty = (in1_x[0] | in1_x[1] | in1_x[2] | in1_x[3] | in1infty = (in1_z[0] | in1_z[1] | in1_z[2] | in1_z[3]);
in1_y[0] | in1_y[1] | in1_y[2] | in1_y[3]);
if (P256_LIMBS == 8) if (P256_LIMBS == 8)
in1infty |= (in1_x[4] | in1_x[5] | in1_x[6] | in1_x[7] | in1infty |= (in1_z[4] | in1_z[5] | in1_z[6] | in1_z[7]);
in1_y[4] | in1_y[5] | in1_y[6] | in1_y[7]);
/*
* In affine representation we encode infinity as (0,0), which is
* not on the curve, so it is OK
*/
in2infty = (in2_x[0] | in2_x[1] | in2_x[2] | in2_x[3] | in2infty = (in2_x[0] | in2_x[1] | in2_x[2] | in2_x[3] |
in2_y[0] | in2_y[1] | in2_y[2] | in2_y[3]); in2_y[0] | in2_y[1] | in2_y[2] | in2_y[3]);
if (P256_LIMBS == 8) if (P256_LIMBS == 8)
@ -741,9 +764,8 @@ static int ecp_nistz256_is_affine_G(const EC_POINT *generator)
{ {
return (generator->X.top == P256_LIMBS) && return (generator->X.top == P256_LIMBS) &&
(generator->Y.top == P256_LIMBS) && (generator->Y.top == P256_LIMBS) &&
(generator->Z.top == (P256_LIMBS - P256_LIMBS / 8)) &&
is_equal(generator->X.d, def_xG) && is_equal(generator->X.d, def_xG) &&
is_equal(generator->Y.d, def_yG) && is_one(generator->Z.d); is_equal(generator->Y.d, def_yG) && is_one(&generator->Z);
} }
static int ecp_nistz256_mult_precompute(EC_GROUP *group, BN_CTX *ctx) static int ecp_nistz256_mult_precompute(EC_GROUP *group, BN_CTX *ctx)
@ -1249,6 +1271,8 @@ static int ecp_nistz256_points_mul(const EC_GROUP *group,
} else } else
#endif #endif
{ {
BN_ULONG infty;
/* First window */ /* First window */
wvalue = (p_str[0] << 1) & mask; wvalue = (p_str[0] << 1) & mask;
index += window_size; index += window_size;
@ -1260,7 +1284,30 @@ static int ecp_nistz256_points_mul(const EC_GROUP *group,
ecp_nistz256_neg(p.p.Z, p.p.Y); ecp_nistz256_neg(p.p.Z, p.p.Y);
copy_conditional(p.p.Y, p.p.Z, wvalue & 1); copy_conditional(p.p.Y, p.p.Z, wvalue & 1);
memcpy(p.p.Z, ONE, sizeof(ONE)); /*
* Since affine infinity is encoded as (0,0) and
* Jacobian ias (,,0), we need to harmonize them
* by assigning "one" or zero to Z.
*/
infty = (p.p.X[0] | p.p.X[1] | p.p.X[2] | p.p.X[3] |
p.p.Y[0] | p.p.Y[1] | p.p.Y[2] | p.p.Y[3]);
if (P256_LIMBS == 8)
infty |= (p.p.X[4] | p.p.X[5] | p.p.X[6] | p.p.X[7] |
p.p.Y[4] | p.p.Y[5] | p.p.Y[6] | p.p.Y[7]);
infty = 0 - is_zero(infty);
infty = ~infty;
p.p.Z[0] = ONE[0] & infty;
p.p.Z[1] = ONE[1] & infty;
p.p.Z[2] = ONE[2] & infty;
p.p.Z[3] = ONE[3] & infty;
if (P256_LIMBS == 8) {
p.p.Z[4] = ONE[4] & infty;
p.p.Z[5] = ONE[5] & infty;
p.p.Z[6] = ONE[6] & infty;
p.p.Z[7] = ONE[7] & infty;
}
for (i = 1; i < 37; i++) { for (i = 1; i < 37; i++) {
unsigned int off = (index - 1) / 8; unsigned int off = (index - 1) / 8;
@ -1331,7 +1378,7 @@ static int ecp_nistz256_points_mul(const EC_GROUP *group,
!ecp_nistz256_set_words(&r->Z, p.p.Z)) { !ecp_nistz256_set_words(&r->Z, p.p.Z)) {
goto err; goto err;
} }
r->Z_is_one = is_one(p.p.Z) & 1; r->Z_is_one = is_one(&r->Z) & 1;
ret = 1; ret = 1;

View File

@ -26,6 +26,7 @@
* *
*/ */
#include <string.h>
#include <openssl/objects.h> #include <openssl/objects.h>
#include <openssl/engine.h> #include <openssl/engine.h>
#include <openssl/evp.h> #include <openssl/evp.h>
@ -934,11 +935,15 @@ static int cryptodev_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
return (0); return (0);
} }
dstate->mac_len = fstate->mac_len;
if (fstate->mac_len != 0) { if (fstate->mac_len != 0) {
if (fstate->mac_data != NULL) { if (fstate->mac_data != NULL) {
dstate->mac_data = OPENSSL_malloc(fstate->mac_len); dstate->mac_data = OPENSSL_malloc(fstate->mac_len);
if (dstate->ac_data == NULL) {
printf("cryptodev_digest_init: malloc failed\n");
return 0;
}
memcpy(dstate->mac_data, fstate->mac_data, fstate->mac_len); memcpy(dstate->mac_data, fstate->mac_data, fstate->mac_len);
dstate->mac_len = fstate->mac_len;
} }
} }
@ -1064,8 +1069,7 @@ static void zapparams(struct crypt_kop *kop)
int i; int i;
for (i = 0; i < kop->crk_iparams + kop->crk_oparams; i++) { for (i = 0; i < kop->crk_iparams + kop->crk_oparams; i++) {
if (kop->crk_param[i].crp_p) OPENSSL_free(kop->crk_param[i].crp_p);
free(kop->crk_param[i].crp_p);
kop->crk_param[i].crp_p = NULL; kop->crk_param[i].crp_p = NULL;
kop->crk_param[i].crp_nbits = 0; kop->crk_param[i].crp_nbits = 0;
} }
@ -1078,16 +1082,25 @@ cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen,
int fd, ret = -1; int fd, ret = -1;
if ((fd = get_asym_dev_crypto()) < 0) if ((fd = get_asym_dev_crypto()) < 0)
return (ret); return ret;
if (r) { if (r) {
kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char)); kop->crk_param[kop->crk_iparams].crp_p = OPENSSL_malloc(rlen);
if (kop->crk_param[kop->crk_iparams].crp_p == NULL)
return ret;
memset(kop->crk_param[kop->crk_iparams].crp_p, 0, (size_t)rlen);
kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8; kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8;
kop->crk_oparams++; kop->crk_oparams++;
} }
if (s) { if (s) {
kop->crk_param[kop->crk_iparams + 1].crp_p = kop->crk_param[kop->crk_iparams + 1].crp_p = OPENSSL_malloc(slen);
calloc(slen, sizeof(char)); /* No need to free the kop->crk_iparams parameter if it was allocated,
* callers of this routine have to free allocated parameters through
* zapparams both in case of success and failure
*/
if (kop->crk_param[kop->crk_iparams+1].crp_p == NULL)
return ret;
memset(kop->crk_param[kop->crk_iparams + 1].crp_p, 0, (size_t)slen);
kop->crk_param[kop->crk_iparams + 1].crp_nbits = slen * 8; kop->crk_param[kop->crk_iparams + 1].crp_nbits = slen * 8;
kop->crk_oparams++; kop->crk_oparams++;
} }
@ -1100,7 +1113,7 @@ cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen,
ret = 0; ret = 0;
} }
return (ret); return ret;
} }
static int static int

View File

@ -201,9 +201,14 @@ static int enc_read(BIO *b, char *out, int outl)
break; break;
} }
} else { } else {
EVP_CipherUpdate(&(ctx->cipher), if (!EVP_CipherUpdate(&ctx->cipher,
(unsigned char *)ctx->buf, &ctx->buf_len, (unsigned char *)ctx->buf, &ctx->buf_len,
(unsigned char *)&(ctx->buf[BUF_OFFSET]), i); (unsigned char *)&(ctx->buf[BUF_OFFSET]),
i)) {
BIO_clear_retry_flags(b);
ctx->ok = 0;
return 0;
}
ctx->cont = 1; ctx->cont = 1;
/* /*
* Note: it is possible for EVP_CipherUpdate to decrypt zero * Note: it is possible for EVP_CipherUpdate to decrypt zero
@ -260,9 +265,13 @@ static int enc_write(BIO *b, const char *in, int inl)
ctx->buf_off = 0; ctx->buf_off = 0;
while (inl > 0) { while (inl > 0) {
n = (inl > ENC_BLOCK_SIZE) ? ENC_BLOCK_SIZE : inl; n = (inl > ENC_BLOCK_SIZE) ? ENC_BLOCK_SIZE : inl;
EVP_CipherUpdate(&(ctx->cipher), if (!EVP_CipherUpdate(&ctx->cipher,
(unsigned char *)ctx->buf, &ctx->buf_len, (unsigned char *)ctx->buf, &ctx->buf_len,
(unsigned char *)in, n); (unsigned char *)in, n)) {
BIO_clear_retry_flags(b);
ctx->ok = 0;
return 0;
}
inl -= n; inl -= n;
in += n; in += n;

View File

@ -491,7 +491,7 @@ static int sig_out(BIO *b)
* FIXME: there's absolutely no guarantee this makes any sense at all, * FIXME: there's absolutely no guarantee this makes any sense at all,
* particularly now EVP_MD_CTX has been restructured. * particularly now EVP_MD_CTX has been restructured.
*/ */
if (RAND_pseudo_bytes(md->md_data, md->digest->md_size) < 0) if (RAND_bytes(md->md_data, md->digest->md_size) <= 0)
goto berr; goto berr;
memcpy(&(ctx->buf[ctx->buf_len]), md->md_data, md->digest->md_size); memcpy(&(ctx->buf[ctx->buf_len]), md->md_data, md->digest->md_size);
longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size); longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size);

View File

@ -82,9 +82,4 @@ void OPENSSL_add_all_algorithms_noconf(void)
OPENSSL_cpuid_setup(); OPENSSL_cpuid_setup();
OpenSSL_add_all_ciphers(); OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests(); OpenSSL_add_all_digests();
#ifndef OPENSSL_NO_ENGINE
# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
ENGINE_setup_bsd_cryptodev();
# endif
#endif
} }

View File

@ -253,10 +253,10 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count) int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
{ {
#ifdef OPENSSL_FIPS #ifdef OPENSSL_FIPS
if (FIPS_mode())
return FIPS_digestupdate(ctx, data, count); return FIPS_digestupdate(ctx, data, count);
#else
return ctx->update(ctx, data, count);
#endif #endif
return ctx->update(ctx, data, count);
} }
/* The caller can assume that this removes any secret data from the context */ /* The caller can assume that this removes any secret data from the context */
@ -271,10 +271,11 @@ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
/* The caller can assume that this removes any secret data from the context */ /* The caller can assume that this removes any secret data from the context */
int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
{ {
#ifdef OPENSSL_FIPS
return FIPS_digestfinal(ctx, md, size);
#else
int ret; int ret;
#ifdef OPENSSL_FIPS
if (FIPS_mode())
return FIPS_digestfinal(ctx, md, size);
#endif
OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
ret = ctx->digest->final(ctx, md); ret = ctx->digest->final(ctx, md);
@ -284,9 +285,8 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
ctx->digest->cleanup(ctx); ctx->digest->cleanup(ctx);
EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED); EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
} }
memset(ctx->md_data, 0, ctx->digest->ctx_size); OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size);
return ret; return ret;
#endif
} }
int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in) int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)

View File

@ -99,7 +99,7 @@ static int rc4_hmac_md5_init_key(EVP_CIPHER_CTX *ctx,
return 1; return 1;
} }
# if !defined(OPENSSL_NO_ASM) && ( \ # if defined(RC4_ASM) && defined(MD5_ASM) && ( \
defined(__x86_64) || defined(__x86_64__) || \ defined(__x86_64) || defined(__x86_64__) || \
defined(_M_AMD64) || defined(_M_X64) || \ defined(_M_AMD64) || defined(_M_X64) || \
defined(__INTEL__) ) && \ defined(__INTEL__) ) && \
@ -254,6 +254,8 @@ static int rc4_hmac_md5_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
MD5_Init(&key->tail); MD5_Init(&key->tail);
MD5_Update(&key->tail, hmac_key, sizeof(hmac_key)); MD5_Update(&key->tail, hmac_key, sizeof(hmac_key));
OPENSSL_cleanse(hmac_key, sizeof(hmac_key));
return 1; return 1;
} }
case EVP_CTRL_AEAD_TLS1_AAD: case EVP_CTRL_AEAD_TLS1_AAD:

View File

@ -70,7 +70,8 @@ typedef struct {
} EVP_SEED_KEY; } EVP_SEED_KEY;
IMPLEMENT_BLOCK_CIPHER(seed, ks, SEED, EVP_SEED_KEY, NID_seed, IMPLEMENT_BLOCK_CIPHER(seed, ks, SEED, EVP_SEED_KEY, NID_seed,
16, 16, 16, 128, 0, seed_init_key, 0, 0, 0, 0) 16, 16, 16, 128, EVP_CIPH_FLAG_DEFAULT_ASN1,
seed_init_key, 0, 0, 0, 0)
static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc) const unsigned char *iv, int enc)

Some files were not shown because too many files have changed in this diff Show More