Merge OpenSSL 1.0.1f.
Approved by: so (delphij), benl (silence)
This commit is contained in:
commit
de78d5d8fd
@ -2,9 +2,31 @@
|
||||
OpenSSL CHANGES
|
||||
_______________
|
||||
|
||||
Changes between 1.0.1e and 1.0.1f [6 Jan 2014]
|
||||
|
||||
*) Fix for TLS record tampering bug. A carefully crafted invalid
|
||||
handshake could crash OpenSSL with a NULL pointer exception.
|
||||
Thanks to Anton Johansson for reporting this issues.
|
||||
(CVE-2013-4353)
|
||||
|
||||
*) Keep original DTLS digest and encryption contexts in retransmission
|
||||
structures so we can use the previous session parameters if they need
|
||||
to be resent. (CVE-2013-6450)
|
||||
[Steve Henson]
|
||||
|
||||
*) Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which
|
||||
avoids preferring ECDHE-ECDSA ciphers when the client appears to be
|
||||
Safari on OS X. Safari on OS X 10.8..10.8.3 advertises support for
|
||||
several ECDHE-ECDSA ciphers, but fails to negotiate them. The bug
|
||||
is fixed in OS X 10.8.4, but Apple have ruled out both hot fixing
|
||||
10.8..10.8.3 and forcing users to upgrade to 10.8.4 or newer.
|
||||
[Rob Stradling, Adam Langley]
|
||||
|
||||
Changes between 1.0.1d and 1.0.1e [11 Feb 2013]
|
||||
|
||||
*)
|
||||
*) Correct fix for CVE-2013-0169. The original didn't work on AES-NI
|
||||
supporting platforms or when small records were transferred.
|
||||
[Andy Polyakov, Steve Henson]
|
||||
|
||||
Changes between 1.0.1c and 1.0.1d [5 Feb 2013]
|
||||
|
||||
@ -404,6 +426,63 @@
|
||||
Add command line options to s_client/s_server.
|
||||
[Steve Henson]
|
||||
|
||||
Changes between 1.0.0j and 1.0.0k [5 Feb 2013]
|
||||
|
||||
*) Make the decoding of SSLv3, TLS and DTLS CBC records constant time.
|
||||
|
||||
This addresses the flaw in CBC record processing discovered by
|
||||
Nadhem Alfardan and Kenny Paterson. Details of this attack can be found
|
||||
at: http://www.isg.rhul.ac.uk/tls/
|
||||
|
||||
Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
|
||||
Security Group at Royal Holloway, University of London
|
||||
(www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and
|
||||
Emilia Käsper for the initial patch.
|
||||
(CVE-2013-0169)
|
||||
[Emilia Käsper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson]
|
||||
|
||||
*) Return an error when checking OCSP signatures when key is NULL.
|
||||
This fixes a DoS attack. (CVE-2013-0166)
|
||||
[Steve Henson]
|
||||
|
||||
*) Call OCSP Stapling callback after ciphersuite has been chosen, so
|
||||
the right response is stapled. Also change SSL_get_certificate()
|
||||
so it returns the certificate actually sent.
|
||||
See http://rt.openssl.org/Ticket/Display.html?id=2836.
|
||||
(This is a backport)
|
||||
[Rob Stradling <rob.stradling@comodo.com>]
|
||||
|
||||
*) Fix possible deadlock when decoding public keys.
|
||||
[Steve Henson]
|
||||
|
||||
Changes between 1.0.0i and 1.0.0j [10 May 2012]
|
||||
|
||||
[NB: OpenSSL 1.0.0i and later 1.0.0 patch levels were released after
|
||||
OpenSSL 1.0.1.]
|
||||
|
||||
*) Sanity check record length before skipping explicit IV in DTLS
|
||||
to fix DoS attack.
|
||||
|
||||
Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
|
||||
fuzzing as a service testing platform.
|
||||
(CVE-2012-2333)
|
||||
[Steve Henson]
|
||||
|
||||
*) Initialise tkeylen properly when encrypting CMS messages.
|
||||
Thanks to Solar Designer of Openwall for reporting this issue.
|
||||
[Steve Henson]
|
||||
|
||||
Changes between 1.0.0h and 1.0.0i [19 Apr 2012]
|
||||
|
||||
*) Check for potentially exploitable overflows in asn1_d2i_read_bio
|
||||
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
|
||||
in CRYPTO_realloc_clean.
|
||||
|
||||
Thanks to Tavis Ormandy, Google Security Team, for discovering this
|
||||
issue and to Adam Langley <agl@chromium.org> for fixing it.
|
||||
(CVE-2012-2110)
|
||||
[Adam Langley (Google), Tavis Ormandy, Google Security Team]
|
||||
|
||||
Changes between 1.0.0g and 1.0.0h [12 Mar 2012]
|
||||
|
||||
*) Fix MMA (Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) weakness
|
||||
@ -1394,6 +1473,86 @@
|
||||
*) Change 'Configure' script to enable Camellia by default.
|
||||
[NTT]
|
||||
|
||||
Changes between 0.9.8x and 0.9.8y [5 Feb 2013]
|
||||
|
||||
*) Make the decoding of SSLv3, TLS and DTLS CBC records constant time.
|
||||
|
||||
This addresses the flaw in CBC record processing discovered by
|
||||
Nadhem Alfardan and Kenny Paterson. Details of this attack can be found
|
||||
at: http://www.isg.rhul.ac.uk/tls/
|
||||
|
||||
Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
|
||||
Security Group at Royal Holloway, University of London
|
||||
(www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and
|
||||
Emilia Käsper for the initial patch.
|
||||
(CVE-2013-0169)
|
||||
[Emilia Käsper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson]
|
||||
|
||||
*) Return an error when checking OCSP signatures when key is NULL.
|
||||
This fixes a DoS attack. (CVE-2013-0166)
|
||||
[Steve Henson]
|
||||
|
||||
*) Call OCSP Stapling callback after ciphersuite has been chosen, so
|
||||
the right response is stapled. Also change SSL_get_certificate()
|
||||
so it returns the certificate actually sent.
|
||||
See http://rt.openssl.org/Ticket/Display.html?id=2836.
|
||||
(This is a backport)
|
||||
[Rob Stradling <rob.stradling@comodo.com>]
|
||||
|
||||
*) Fix possible deadlock when decoding public keys.
|
||||
[Steve Henson]
|
||||
|
||||
Changes between 0.9.8w and 0.9.8x [10 May 2012]
|
||||
|
||||
*) Sanity check record length before skipping explicit IV in DTLS
|
||||
to fix DoS attack.
|
||||
|
||||
Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
|
||||
fuzzing as a service testing platform.
|
||||
(CVE-2012-2333)
|
||||
[Steve Henson]
|
||||
|
||||
*) Initialise tkeylen properly when encrypting CMS messages.
|
||||
Thanks to Solar Designer of Openwall for reporting this issue.
|
||||
[Steve Henson]
|
||||
|
||||
Changes between 0.9.8v and 0.9.8w [23 Apr 2012]
|
||||
|
||||
*) The fix for CVE-2012-2110 did not take into account that the
|
||||
'len' argument to BUF_MEM_grow and BUF_MEM_grow_clean is an
|
||||
int in OpenSSL 0.9.8, making it still vulnerable. Fix by
|
||||
rejecting negative len parameter. (CVE-2012-2131)
|
||||
[Tomas Hoger <thoger@redhat.com>]
|
||||
|
||||
Changes between 0.9.8u and 0.9.8v [19 Apr 2012]
|
||||
|
||||
*) Check for potentially exploitable overflows in asn1_d2i_read_bio
|
||||
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
|
||||
in CRYPTO_realloc_clean.
|
||||
|
||||
Thanks to Tavis Ormandy, Google Security Team, for discovering this
|
||||
issue and to Adam Langley <agl@chromium.org> for fixing it.
|
||||
(CVE-2012-2110)
|
||||
[Adam Langley (Google), Tavis Ormandy, Google Security Team]
|
||||
|
||||
Changes between 0.9.8t and 0.9.8u [12 Mar 2012]
|
||||
|
||||
*) Fix MMA (Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) weakness
|
||||
in CMS and PKCS7 code. When RSA decryption fails use a random key for
|
||||
content decryption and always return the same error. Note: this attack
|
||||
needs on average 2^20 messages so it only affects automated senders. The
|
||||
old behaviour can be reenabled in the CMS code by setting the
|
||||
CMS_DEBUG_DECRYPT flag: this is useful for debugging and testing where
|
||||
an MMA defence is not necessary.
|
||||
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
|
||||
this issue. (CVE-2012-0884)
|
||||
[Steve Henson]
|
||||
|
||||
*) Fix CVE-2011-4619: make sure we really are receiving a
|
||||
client hello before rejecting multiple SGC restarts. Thanks to
|
||||
Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this bug.
|
||||
[Steve Henson]
|
||||
|
||||
Changes between 0.9.8s and 0.9.8t [18 Jan 2012]
|
||||
|
||||
*) Fix for DTLS DoS issue introduced by fix for CVE-2011-4109.
|
||||
@ -1401,7 +1560,7 @@
|
||||
Development, Cisco Systems, Inc. for discovering this bug and
|
||||
preparing a fix. (CVE-2012-0050)
|
||||
[Antonio Martin]
|
||||
|
||||
|
||||
Changes between 0.9.8r and 0.9.8s [4 Jan 2012]
|
||||
|
||||
*) Nadhem Alfardan and Kenny Paterson have discovered an extension
|
||||
|
@ -178,7 +178,7 @@ my %table=(
|
||||
"debug-ben-no-opt", "gcc: -Wall -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG -Werror -DL_ENDIAN -DTERMIOS -Wall -g3::(unknown)::::::",
|
||||
"debug-ben-strict", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown)::::::",
|
||||
"debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
|
||||
"debug-bodo", "gcc:$gcc_devteam_warn -DBN_DEBUG -DBN_DEBUG_RAND -DCONF_DEBUG -DBIO_PAIR_DEBUG -m64 -DL_ENDIAN -DTERMIO -g -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
|
||||
"debug-bodo", "gcc:$gcc_devteam_warn -Wno-error=overlength-strings -DBN_DEBUG -DBN_DEBUG_RAND -DCONF_DEBUG -DBIO_PAIR_DEBUG -m64 -DL_ENDIAN -DTERMIO -g -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
|
||||
"debug-ulf", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DBN_DEBUG_RAND -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations:::CYGWIN32:::${no_asm}:win32:cygwin-shared:::.dll",
|
||||
"debug-steve64", "gcc:$gcc_devteam_warn -m64 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -Wno-overlength-strings -g::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"debug-steve32", "gcc:$gcc_devteam_warn -m32 -DL_ENDIAN -DCONF_DEBUG -DDEBUG_SAFESTACK -g -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
|
@ -4,7 +4,7 @@
|
||||
## Makefile for OpenSSL
|
||||
##
|
||||
|
||||
VERSION=1.0.1e
|
||||
VERSION=1.0.1f
|
||||
MAJOR=1
|
||||
MINOR=0.1
|
||||
SHLIB_VERSION_NUMBER=1.0.0
|
||||
@ -304,7 +304,8 @@ libcrypto$(SHLIB_EXT): libcrypto.a fips_premain_dso$(EXE_EXT)
|
||||
FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; \
|
||||
export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \
|
||||
fi; \
|
||||
$(MAKE) -e SHLIBDIRS=crypto build-shared; \
|
||||
$(MAKE) -e SHLIBDIRS=crypto CC=$${CC:-$(CC)} build-shared; \
|
||||
touch -c fips_premain_dso$(EXE_EXT); \
|
||||
else \
|
||||
echo "There's no support for shared libraries on this platform" >&2; \
|
||||
exit 1; \
|
||||
|
@ -302,7 +302,8 @@ libcrypto$(SHLIB_EXT): libcrypto.a fips_premain_dso$(EXE_EXT)
|
||||
FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; \
|
||||
export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \
|
||||
fi; \
|
||||
$(MAKE) -e SHLIBDIRS=crypto build-shared; \
|
||||
$(MAKE) -e SHLIBDIRS=crypto CC=$${CC:-$(CC)} build-shared; \
|
||||
touch -c fips_premain_dso$(EXE_EXT); \
|
||||
else \
|
||||
echo "There's no support for shared libraries on this platform" >&2; \
|
||||
exit 1; \
|
||||
|
@ -5,11 +5,17 @@
|
||||
This file gives a brief overview of the major changes between each OpenSSL
|
||||
release. For more details please read the CHANGES file.
|
||||
|
||||
Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e:
|
||||
Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f [6 Jan 2014]
|
||||
|
||||
o Fix for TLS record tampering bug CVE-2013-4353
|
||||
o Fix for TLS version checking bug CVE-2013-6449
|
||||
o Fix for DTLS retransmission bug CVE-2013-6450
|
||||
|
||||
Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e [11 Feb 2013]:
|
||||
|
||||
o Corrected fix for CVE-2013-0169
|
||||
|
||||
Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d:
|
||||
Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d [4 Feb 2013]:
|
||||
|
||||
o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version.
|
||||
o Include the fips configuration module.
|
||||
@ -17,24 +23,24 @@
|
||||
o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
|
||||
o Fix for TLS AESNI record handling flaw CVE-2012-2686
|
||||
|
||||
Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c:
|
||||
Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c [10 May 2012]:
|
||||
|
||||
o Fix TLS/DTLS record length checking bug CVE-2012-2333
|
||||
o Don't attempt to use non-FIPS composite ciphers in FIPS mode.
|
||||
|
||||
Major changes between OpenSSL 1.0.1a and OpenSSL 1.0.1b:
|
||||
Major changes between OpenSSL 1.0.1a and OpenSSL 1.0.1b [26 Apr 2012]:
|
||||
|
||||
o Fix compilation error on non-x86 platforms.
|
||||
o Make FIPS capable OpenSSL ciphers work in non-FIPS mode.
|
||||
o Fix SSL_OP_NO_TLSv1_1 clash with SSL_OP_ALL in OpenSSL 1.0.0
|
||||
|
||||
Major changes between OpenSSL 1.0.1 and OpenSSL 1.0.1a:
|
||||
Major changes between OpenSSL 1.0.1 and OpenSSL 1.0.1a [19 Apr 2012]:
|
||||
|
||||
o Fix for ASN1 overflow bug CVE-2012-2110
|
||||
o Workarounds for some servers that hang on long client hellos.
|
||||
o Fix SEGV in AES code.
|
||||
|
||||
Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1:
|
||||
Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1 [14 Mar 2012]:
|
||||
|
||||
o TLS/DTLS heartbeat support.
|
||||
o SCTP support.
|
||||
@ -47,17 +53,30 @@
|
||||
o Preliminary FIPS capability for unvalidated 2.0 FIPS module.
|
||||
o SRP support.
|
||||
|
||||
Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h:
|
||||
Major changes between OpenSSL 1.0.0j and OpenSSL 1.0.0k [5 Feb 2013]:
|
||||
|
||||
o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
|
||||
o Fix OCSP bad key DoS attack CVE-2013-0166
|
||||
|
||||
Major changes between OpenSSL 1.0.0i and OpenSSL 1.0.0j [10 May 2012]:
|
||||
|
||||
o Fix DTLS record length checking bug CVE-2012-2333
|
||||
|
||||
Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.0i [19 Apr 2012]:
|
||||
|
||||
o Fix for ASN1 overflow bug CVE-2012-2110
|
||||
|
||||
Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h [12 Mar 2012]:
|
||||
|
||||
o Fix for CMS/PKCS#7 MMA CVE-2012-0884
|
||||
o Corrected fix for CVE-2011-4619
|
||||
o Various DTLS fixes.
|
||||
|
||||
Major changes between OpenSSL 1.0.0f and OpenSSL 1.0.0g:
|
||||
Major changes between OpenSSL 1.0.0f and OpenSSL 1.0.0g [18 Jan 2012]:
|
||||
|
||||
o Fix for DTLS DoS issue CVE-2012-0050
|
||||
|
||||
Major changes between OpenSSL 1.0.0e and OpenSSL 1.0.0f:
|
||||
Major changes between OpenSSL 1.0.0e and OpenSSL 1.0.0f [4 Jan 2012]:
|
||||
|
||||
o Fix for DTLS plaintext recovery attack CVE-2011-4108
|
||||
o Clear block padding bytes of SSL 3.0 records CVE-2011-4576
|
||||
@ -65,7 +84,7 @@
|
||||
o Check parameters are not NULL in GOST ENGINE CVE-2012-0027
|
||||
o Check for malformed RFC3779 data CVE-2011-4577
|
||||
|
||||
Major changes between OpenSSL 1.0.0d and OpenSSL 1.0.0e:
|
||||
Major changes between OpenSSL 1.0.0d and OpenSSL 1.0.0e [6 Sep 2011]:
|
||||
|
||||
o Fix for CRL vulnerability issue CVE-2011-3207
|
||||
o Fix for ECDH crashes CVE-2011-3210
|
||||
@ -73,11 +92,11 @@
|
||||
o Support ECDH ciphersuites for certificates using SHA2 algorithms.
|
||||
o Various DTLS fixes.
|
||||
|
||||
Major changes between OpenSSL 1.0.0c and OpenSSL 1.0.0d:
|
||||
Major changes between OpenSSL 1.0.0c and OpenSSL 1.0.0d [8 Feb 2011]:
|
||||
|
||||
o Fix for security issue CVE-2011-0014
|
||||
|
||||
Major changes between OpenSSL 1.0.0b and OpenSSL 1.0.0c:
|
||||
Major changes between OpenSSL 1.0.0b and OpenSSL 1.0.0c [2 Dec 2010]:
|
||||
|
||||
o Fix for security issue CVE-2010-4180
|
||||
o Fix for CVE-2010-4252
|
||||
@ -85,18 +104,18 @@
|
||||
o Fix various platform compilation issues.
|
||||
o Corrected fix for security issue CVE-2010-3864.
|
||||
|
||||
Major changes between OpenSSL 1.0.0a and OpenSSL 1.0.0b:
|
||||
Major changes between OpenSSL 1.0.0a and OpenSSL 1.0.0b [16 Nov 2010]:
|
||||
|
||||
o Fix for security issue CVE-2010-3864.
|
||||
o Fix for CVE-2010-2939
|
||||
o Fix WIN32 build system for GOST ENGINE.
|
||||
|
||||
Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a:
|
||||
Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a [1 Jun 2010]:
|
||||
|
||||
o Fix for security issue CVE-2010-1633.
|
||||
o GOST MAC and CFB fixes.
|
||||
|
||||
Major changes between OpenSSL 0.9.8n and OpenSSL 1.0.0:
|
||||
Major changes between OpenSSL 0.9.8n and OpenSSL 1.0.0 [29 Mar 2010]:
|
||||
|
||||
o RFC3280 path validation: sufficient to process PKITS tests.
|
||||
o Integrated support for PVK files and keyblobs.
|
||||
@ -119,20 +138,55 @@
|
||||
o Opaque PRF Input TLS extension support.
|
||||
o Updated time routines to avoid OS limitations.
|
||||
|
||||
Major changes between OpenSSL 0.9.8q and OpenSSL 0.9.8r:
|
||||
Major changes between OpenSSL 0.9.8x and OpenSSL 0.9.8y [5 Feb 2013]:
|
||||
|
||||
o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
|
||||
o Fix OCSP bad key DoS attack CVE-2013-0166
|
||||
|
||||
Major changes between OpenSSL 0.9.8w and OpenSSL 0.9.8x [10 May 2012]:
|
||||
|
||||
o Fix DTLS record length checking bug CVE-2012-2333
|
||||
|
||||
Major changes between OpenSSL 0.9.8v and OpenSSL 0.9.8w [23 Apr 2012]:
|
||||
|
||||
o Fix for CVE-2012-2131 (corrected fix for 0.9.8 and CVE-2012-2110)
|
||||
|
||||
Major changes between OpenSSL 0.9.8u and OpenSSL 0.9.8v [19 Apr 2012]:
|
||||
|
||||
o Fix for ASN1 overflow bug CVE-2012-2110
|
||||
|
||||
Major changes between OpenSSL 0.9.8t and OpenSSL 0.9.8u [12 Mar 2012]:
|
||||
|
||||
o Fix for CMS/PKCS#7 MMA CVE-2012-0884
|
||||
o Corrected fix for CVE-2011-4619
|
||||
o Various DTLS fixes.
|
||||
|
||||
Major changes between OpenSSL 0.9.8s and OpenSSL 0.9.8t [18 Jan 2012]:
|
||||
|
||||
o Fix for DTLS DoS issue CVE-2012-0050
|
||||
|
||||
Major changes between OpenSSL 0.9.8r and OpenSSL 0.9.8s [4 Jan 2012]:
|
||||
|
||||
o Fix for DTLS plaintext recovery attack CVE-2011-4108
|
||||
o Fix policy check double free error CVE-2011-4109
|
||||
o Clear block padding bytes of SSL 3.0 records CVE-2011-4576
|
||||
o Only allow one SGC handshake restart for SSL/TLS CVE-2011-4619
|
||||
o Check for malformed RFC3779 data CVE-2011-4577
|
||||
|
||||
Major changes between OpenSSL 0.9.8q and OpenSSL 0.9.8r [8 Feb 2011]:
|
||||
|
||||
o Fix for security issue CVE-2011-0014
|
||||
|
||||
Major changes between OpenSSL 0.9.8p and OpenSSL 0.9.8q:
|
||||
Major changes between OpenSSL 0.9.8p and OpenSSL 0.9.8q [2 Dec 2010]:
|
||||
|
||||
o Fix for security issue CVE-2010-4180
|
||||
o Fix for CVE-2010-4252
|
||||
|
||||
Major changes between OpenSSL 0.9.8o and OpenSSL 0.9.8p:
|
||||
Major changes between OpenSSL 0.9.8o and OpenSSL 0.9.8p [16 Nov 2010]:
|
||||
|
||||
o Fix for security issue CVE-2010-3864.
|
||||
|
||||
Major changes between OpenSSL 0.9.8n and OpenSSL 0.9.8o:
|
||||
Major changes between OpenSSL 0.9.8n and OpenSSL 0.9.8o [1 Jun 2010]:
|
||||
|
||||
o Fix for security issue CVE-2010-0742.
|
||||
o Various DTLS fixes.
|
||||
@ -140,12 +194,12 @@
|
||||
o Fix for no-rc4 compilation.
|
||||
o Chil ENGINE unload workaround.
|
||||
|
||||
Major changes between OpenSSL 0.9.8m and OpenSSL 0.9.8n:
|
||||
Major changes between OpenSSL 0.9.8m and OpenSSL 0.9.8n [24 Mar 2010]:
|
||||
|
||||
o CFB cipher definition fixes.
|
||||
o Fix security issues CVE-2010-0740 and CVE-2010-0433.
|
||||
|
||||
Major changes between OpenSSL 0.9.8l and OpenSSL 0.9.8m:
|
||||
Major changes between OpenSSL 0.9.8l and OpenSSL 0.9.8m [25 Feb 2010]:
|
||||
|
||||
o Cipher definition fixes.
|
||||
o Workaround for slow RAND_poll() on some WIN32 versions.
|
||||
@ -157,33 +211,33 @@
|
||||
o Ticket and SNI coexistence fixes.
|
||||
o Many fixes to DTLS handling.
|
||||
|
||||
Major changes between OpenSSL 0.9.8k and OpenSSL 0.9.8l:
|
||||
Major changes between OpenSSL 0.9.8k and OpenSSL 0.9.8l [5 Nov 2009]:
|
||||
|
||||
o Temporary work around for CVE-2009-3555: disable renegotiation.
|
||||
|
||||
Major changes between OpenSSL 0.9.8j and OpenSSL 0.9.8k:
|
||||
Major changes between OpenSSL 0.9.8j and OpenSSL 0.9.8k [25 Mar 2009]:
|
||||
|
||||
o Fix various build issues.
|
||||
o Fix security issues (CVE-2009-0590, CVE-2009-0591, CVE-2009-0789)
|
||||
|
||||
Major changes between OpenSSL 0.9.8i and OpenSSL 0.9.8j:
|
||||
Major changes between OpenSSL 0.9.8i and OpenSSL 0.9.8j [7 Jan 2009]:
|
||||
|
||||
o Fix security issue (CVE-2008-5077)
|
||||
o Merge FIPS 140-2 branch code.
|
||||
|
||||
Major changes between OpenSSL 0.9.8g and OpenSSL 0.9.8h:
|
||||
Major changes between OpenSSL 0.9.8g and OpenSSL 0.9.8h [28 May 2008]:
|
||||
|
||||
o CryptoAPI ENGINE support.
|
||||
o Various precautionary measures.
|
||||
o Fix for bugs affecting certificate request creation.
|
||||
o Support for local machine keyset attribute in PKCS#12 files.
|
||||
|
||||
Major changes between OpenSSL 0.9.8f and OpenSSL 0.9.8g:
|
||||
Major changes between OpenSSL 0.9.8f and OpenSSL 0.9.8g [19 Oct 2007]:
|
||||
|
||||
o Backport of CMS functionality to 0.9.8.
|
||||
o Fixes for bugs introduced with 0.9.8f.
|
||||
|
||||
Major changes between OpenSSL 0.9.8e and OpenSSL 0.9.8f:
|
||||
Major changes between OpenSSL 0.9.8e and OpenSSL 0.9.8f [11 Oct 2007]:
|
||||
|
||||
o Add gcc 4.2 support.
|
||||
o Add support for AES and SSE2 assembly lanugauge optimization
|
||||
@ -194,23 +248,23 @@
|
||||
o RFC4507bis support.
|
||||
o TLS Extensions support.
|
||||
|
||||
Major changes between OpenSSL 0.9.8d and OpenSSL 0.9.8e:
|
||||
Major changes between OpenSSL 0.9.8d and OpenSSL 0.9.8e [23 Feb 2007]:
|
||||
|
||||
o Various ciphersuite selection fixes.
|
||||
o RFC3779 support.
|
||||
|
||||
Major changes between OpenSSL 0.9.8c and OpenSSL 0.9.8d:
|
||||
Major changes between OpenSSL 0.9.8c and OpenSSL 0.9.8d [28 Sep 2006]:
|
||||
|
||||
o Introduce limits to prevent malicious key DoS (CVE-2006-2940)
|
||||
o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
|
||||
o Changes to ciphersuite selection algorithm
|
||||
|
||||
Major changes between OpenSSL 0.9.8b and OpenSSL 0.9.8c:
|
||||
Major changes between OpenSSL 0.9.8b and OpenSSL 0.9.8c [5 Sep 2006]:
|
||||
|
||||
o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
|
||||
o New cipher Camellia
|
||||
|
||||
Major changes between OpenSSL 0.9.8a and OpenSSL 0.9.8b:
|
||||
Major changes between OpenSSL 0.9.8a and OpenSSL 0.9.8b [4 May 2006]:
|
||||
|
||||
o Cipher string fixes.
|
||||
o Fixes for VC++ 2005.
|
||||
@ -220,12 +274,12 @@
|
||||
o Built in dynamic engine compilation support on Win32.
|
||||
o Fixes auto dynamic engine loading in Win32.
|
||||
|
||||
Major changes between OpenSSL 0.9.8 and OpenSSL 0.9.8a:
|
||||
Major changes between OpenSSL 0.9.8 and OpenSSL 0.9.8a [11 Oct 2005]:
|
||||
|
||||
o Fix potential SSL 2.0 rollback, CVE-2005-2969
|
||||
o Extended Windows CE support
|
||||
|
||||
Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.8:
|
||||
Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.8 [5 Jul 2005]:
|
||||
|
||||
o Major work on the BIGNUM library for higher efficiency and to
|
||||
make operations more streamlined and less contradictory. This
|
||||
@ -299,36 +353,36 @@
|
||||
o Added initial support for Win64.
|
||||
o Added alternate pkg-config files.
|
||||
|
||||
Major changes between OpenSSL 0.9.7l and OpenSSL 0.9.7m:
|
||||
Major changes between OpenSSL 0.9.7l and OpenSSL 0.9.7m [23 Feb 2007]:
|
||||
|
||||
o FIPS 1.1.1 module linking.
|
||||
o Various ciphersuite selection fixes.
|
||||
|
||||
Major changes between OpenSSL 0.9.7k and OpenSSL 0.9.7l:
|
||||
Major changes between OpenSSL 0.9.7k and OpenSSL 0.9.7l [28 Sep 2006]:
|
||||
|
||||
o Introduce limits to prevent malicious key DoS (CVE-2006-2940)
|
||||
o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
|
||||
|
||||
Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k:
|
||||
Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k [5 Sep 2006]:
|
||||
|
||||
o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
|
||||
|
||||
Major changes between OpenSSL 0.9.7i and OpenSSL 0.9.7j:
|
||||
Major changes between OpenSSL 0.9.7i and OpenSSL 0.9.7j [4 May 2006]:
|
||||
|
||||
o Visual C++ 2005 fixes.
|
||||
o Update Windows build system for FIPS.
|
||||
|
||||
Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i:
|
||||
Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i [14 Oct 2005]:
|
||||
|
||||
o Give EVP_MAX_MD_SIZE it's old value, except for a FIPS build.
|
||||
|
||||
Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h:
|
||||
Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h [11 Oct 2005]:
|
||||
|
||||
o Fix SSL 2.0 Rollback, CVE-2005-2969
|
||||
o Allow use of fixed-length exponent on DSA signing
|
||||
o Default fixed-window RSA, DSA, DH private-key operations
|
||||
|
||||
Major changes between OpenSSL 0.9.7f and OpenSSL 0.9.7g:
|
||||
Major changes between OpenSSL 0.9.7f and OpenSSL 0.9.7g [11 Apr 2005]:
|
||||
|
||||
o More compilation issues fixed.
|
||||
o Adaptation to more modern Kerberos API.
|
||||
@ -337,7 +391,7 @@
|
||||
o More constification.
|
||||
o Added processing of proxy certificates (RFC 3820).
|
||||
|
||||
Major changes between OpenSSL 0.9.7e and OpenSSL 0.9.7f:
|
||||
Major changes between OpenSSL 0.9.7e and OpenSSL 0.9.7f [22 Mar 2005]:
|
||||
|
||||
o Several compilation issues fixed.
|
||||
o Many memory allocation failure checks added.
|
||||
@ -345,12 +399,12 @@
|
||||
o Mandatory basic checks on certificates.
|
||||
o Performance improvements.
|
||||
|
||||
Major changes between OpenSSL 0.9.7d and OpenSSL 0.9.7e:
|
||||
Major changes between OpenSSL 0.9.7d and OpenSSL 0.9.7e [25 Oct 2004]:
|
||||
|
||||
o Fix race condition in CRL checking code.
|
||||
o Fixes to PKCS#7 (S/MIME) code.
|
||||
|
||||
Major changes between OpenSSL 0.9.7c and OpenSSL 0.9.7d:
|
||||
Major changes between OpenSSL 0.9.7c and OpenSSL 0.9.7d [17 Mar 2004]:
|
||||
|
||||
o Security: Fix Kerberos ciphersuite SSL/TLS handshaking bug
|
||||
o Security: Fix null-pointer assignment in do_change_cipher_spec()
|
||||
@ -358,14 +412,14 @@
|
||||
o Multiple X509 verification fixes
|
||||
o Speed up HMAC and other operations
|
||||
|
||||
Major changes between OpenSSL 0.9.7b and OpenSSL 0.9.7c:
|
||||
Major changes between OpenSSL 0.9.7b and OpenSSL 0.9.7c [30 Sep 2003]:
|
||||
|
||||
o Security: fix various ASN1 parsing bugs.
|
||||
o New -ignore_err option to OCSP utility.
|
||||
o Various interop and bug fixes in S/MIME code.
|
||||
o SSL/TLS protocol fix for unrequested client certificates.
|
||||
|
||||
Major changes between OpenSSL 0.9.7a and OpenSSL 0.9.7b:
|
||||
Major changes between OpenSSL 0.9.7a and OpenSSL 0.9.7b [10 Apr 2003]:
|
||||
|
||||
o Security: counter the Klima-Pokorny-Rosa extension of
|
||||
Bleichbacher's attack
|
||||
@ -376,7 +430,7 @@
|
||||
o ASN.1: treat domainComponent correctly.
|
||||
o Documentation: fixes and additions.
|
||||
|
||||
Major changes between OpenSSL 0.9.7 and OpenSSL 0.9.7a:
|
||||
Major changes between OpenSSL 0.9.7 and OpenSSL 0.9.7a [19 Feb 2003]:
|
||||
|
||||
o Security: Important security related bugfixes.
|
||||
o Enhanced compatibility with MIT Kerberos.
|
||||
@ -387,7 +441,7 @@
|
||||
o SSL/TLS: now handles manual certificate chain building.
|
||||
o SSL/TLS: certain session ID malfunctions corrected.
|
||||
|
||||
Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.7:
|
||||
Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.7 [30 Dec 2002]:
|
||||
|
||||
o New library section OCSP.
|
||||
o Complete rewrite of ASN1 code.
|
||||
@ -433,23 +487,23 @@
|
||||
o SSL/TLS: add callback to retrieve SSL/TLS messages.
|
||||
o SSL/TLS: support AES cipher suites (RFC3268).
|
||||
|
||||
Major changes between OpenSSL 0.9.6j and OpenSSL 0.9.6k:
|
||||
Major changes between OpenSSL 0.9.6j and OpenSSL 0.9.6k [30 Sep 2003]:
|
||||
|
||||
o Security: fix various ASN1 parsing bugs.
|
||||
o SSL/TLS protocol fix for unrequested client certificates.
|
||||
|
||||
Major changes between OpenSSL 0.9.6i and OpenSSL 0.9.6j:
|
||||
Major changes between OpenSSL 0.9.6i and OpenSSL 0.9.6j [10 Apr 2003]:
|
||||
|
||||
o Security: counter the Klima-Pokorny-Rosa extension of
|
||||
Bleichbacher's attack
|
||||
o Security: make RSA blinding default.
|
||||
o Build: shared library support fixes.
|
||||
|
||||
Major changes between OpenSSL 0.9.6h and OpenSSL 0.9.6i:
|
||||
Major changes between OpenSSL 0.9.6h and OpenSSL 0.9.6i [19 Feb 2003]:
|
||||
|
||||
o Important security related bugfixes.
|
||||
|
||||
Major changes between OpenSSL 0.9.6g and OpenSSL 0.9.6h:
|
||||
Major changes between OpenSSL 0.9.6g and OpenSSL 0.9.6h [5 Dec 2002]:
|
||||
|
||||
o New configuration targets for Tandem OSS and A/UX.
|
||||
o New OIDs for Microsoft attributes.
|
||||
@ -463,25 +517,25 @@
|
||||
o Fixes for smaller building problems.
|
||||
o Updates of manuals, FAQ and other instructive documents.
|
||||
|
||||
Major changes between OpenSSL 0.9.6f and OpenSSL 0.9.6g:
|
||||
Major changes between OpenSSL 0.9.6f and OpenSSL 0.9.6g [9 Aug 2002]:
|
||||
|
||||
o Important building fixes on Unix.
|
||||
|
||||
Major changes between OpenSSL 0.9.6e and OpenSSL 0.9.6f:
|
||||
Major changes between OpenSSL 0.9.6e and OpenSSL 0.9.6f [8 Aug 2002]:
|
||||
|
||||
o Various important bugfixes.
|
||||
|
||||
Major changes between OpenSSL 0.9.6d and OpenSSL 0.9.6e:
|
||||
Major changes between OpenSSL 0.9.6d and OpenSSL 0.9.6e [30 Jul 2002]:
|
||||
|
||||
o Important security related bugfixes.
|
||||
o Various SSL/TLS library bugfixes.
|
||||
|
||||
Major changes between OpenSSL 0.9.6c and OpenSSL 0.9.6d:
|
||||
Major changes between OpenSSL 0.9.6c and OpenSSL 0.9.6d [9 May 2002]:
|
||||
|
||||
o Various SSL/TLS library bugfixes.
|
||||
o Fix DH parameter generation for 'non-standard' generators.
|
||||
|
||||
Major changes between OpenSSL 0.9.6b and OpenSSL 0.9.6c:
|
||||
Major changes between OpenSSL 0.9.6b and OpenSSL 0.9.6c [21 Dec 2001]:
|
||||
|
||||
o Various SSL/TLS library bugfixes.
|
||||
o BIGNUM library fixes.
|
||||
@ -494,7 +548,7 @@
|
||||
Broadcom and Cryptographic Appliance's keyserver
|
||||
[in 0.9.6c-engine release].
|
||||
|
||||
Major changes between OpenSSL 0.9.6a and OpenSSL 0.9.6b:
|
||||
Major changes between OpenSSL 0.9.6a and OpenSSL 0.9.6b [9 Jul 2001]:
|
||||
|
||||
o Security fix: PRNG improvements.
|
||||
o Security fix: RSA OAEP check.
|
||||
@ -511,7 +565,7 @@
|
||||
o Increase default size for BIO buffering filter.
|
||||
o Compatibility fixes in some scripts.
|
||||
|
||||
Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.6a:
|
||||
Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.6a [5 Apr 2001]:
|
||||
|
||||
o Security fix: change behavior of OpenSSL to avoid using
|
||||
environment variables when running as root.
|
||||
@ -536,7 +590,7 @@
|
||||
o New function BN_rand_range().
|
||||
o Add "-rand" option to openssl s_client and s_server.
|
||||
|
||||
Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6:
|
||||
Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6 [10 Oct 2000]:
|
||||
|
||||
o Some documentation for BIO and SSL libraries.
|
||||
o Enhanced chain verification using key identifiers.
|
||||
@ -551,7 +605,7 @@
|
||||
[1] The support for external crypto devices is currently a separate
|
||||
distribution. See the file README.ENGINE.
|
||||
|
||||
Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a:
|
||||
Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a [1 Apr 2000]:
|
||||
|
||||
o Bug fixes for Win32, SuSE Linux, NeXTSTEP and FreeBSD 2.2.8
|
||||
o Shared library support for HPUX and Solaris-gcc
|
||||
@ -560,7 +614,7 @@
|
||||
o New 'rand' application
|
||||
o New way to check for existence of algorithms from scripts
|
||||
|
||||
Major changes between OpenSSL 0.9.4 and OpenSSL 0.9.5:
|
||||
Major changes between OpenSSL 0.9.4 and OpenSSL 0.9.5 [25 May 2000]:
|
||||
|
||||
o S/MIME support in new 'smime' command
|
||||
o Documentation for the OpenSSL command line application
|
||||
@ -596,7 +650,7 @@
|
||||
o Enhanced support for Alpha Linux
|
||||
o Experimental MacOS support
|
||||
|
||||
Major changes between OpenSSL 0.9.3 and OpenSSL 0.9.4:
|
||||
Major changes between OpenSSL 0.9.3 and OpenSSL 0.9.4 [9 Aug 1999]:
|
||||
|
||||
o Transparent support for PKCS#8 format private keys: these are used
|
||||
by several software packages and are more secure than the standard
|
||||
@ -607,7 +661,7 @@
|
||||
o New pipe-like BIO that allows using the SSL library when actual I/O
|
||||
must be handled by the application (BIO pair)
|
||||
|
||||
Major changes between OpenSSL 0.9.2b and OpenSSL 0.9.3:
|
||||
Major changes between OpenSSL 0.9.2b and OpenSSL 0.9.3 [24 May 1999]:
|
||||
o Lots of enhancements and cleanups to the Configuration mechanism
|
||||
o RSA OEAP related fixes
|
||||
o Added `openssl ca -revoke' option for revoking a certificate
|
||||
@ -621,7 +675,7 @@
|
||||
o Sparc assembler bignum implementation, optimized hash functions
|
||||
o Option to disable selected ciphers
|
||||
|
||||
Major changes between OpenSSL 0.9.1c and OpenSSL 0.9.2b:
|
||||
Major changes between OpenSSL 0.9.1c and OpenSSL 0.9.2b [22 Mar 1999]:
|
||||
o Fixed a security hole related to session resumption
|
||||
o Fixed RSA encryption routines for the p < q case
|
||||
o "ALL" in cipher lists now means "everything except NULL ciphers"
|
||||
@ -643,7 +697,7 @@
|
||||
o Lots of memory leak fixes.
|
||||
o Lots of bug fixes.
|
||||
|
||||
Major changes between SSLeay 0.9.0b and OpenSSL 0.9.1c:
|
||||
Major changes between SSLeay 0.9.0b and OpenSSL 0.9.1c [23 Dec 1998]:
|
||||
o Integration of the popular NO_RSA/NO_DSA patches
|
||||
o Initial support for compression inside the SSL record layer
|
||||
o Added BIO proxy and filtering functionality
|
||||
|
@ -1,5 +1,5 @@
|
||||
|
||||
OpenSSL 1.0.1e 11 Feb 2013
|
||||
OpenSSL 1.0.1f 6 Jan 2014
|
||||
|
||||
Copyright (c) 1998-2011 The OpenSSL Project
|
||||
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
|
||||
|
@ -577,14 +577,15 @@ openssl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
|
||||
openssl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
|
||||
openssl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
|
||||
openssl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
|
||||
openssl.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h
|
||||
openssl.o: ../include/openssl/sha.h ../include/openssl/srtp.h
|
||||
openssl.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
|
||||
openssl.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
|
||||
openssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
|
||||
openssl.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
|
||||
openssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
|
||||
openssl.o: ../include/openssl/x509v3.h apps.h openssl.c progs.h s_apps.h
|
||||
openssl.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
|
||||
openssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
|
||||
openssl.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
|
||||
openssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
|
||||
openssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
|
||||
openssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
|
||||
openssl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
|
||||
openssl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
|
||||
openssl.o: openssl.c progs.h s_apps.h
|
||||
passwd.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
|
||||
passwd.o: ../include/openssl/buffer.h ../include/openssl/conf.h
|
||||
passwd.o: ../include/openssl/crypto.h ../include/openssl/des.h
|
||||
|
@ -188,6 +188,7 @@ extern BIO *bio_err;
|
||||
do { CONF_modules_unload(1); destroy_ui_method(); \
|
||||
OBJ_cleanup(); EVP_cleanup(); ENGINE_cleanup(); \
|
||||
CRYPTO_cleanup_all_ex_data(); ERR_remove_thread_state(NULL); \
|
||||
RAND_cleanup(); \
|
||||
ERR_free_strings(); zlib_cleanup();} while(0)
|
||||
# else
|
||||
# define apps_startup() \
|
||||
@ -198,6 +199,7 @@ extern BIO *bio_err;
|
||||
do { CONF_modules_unload(1); destroy_ui_method(); \
|
||||
OBJ_cleanup(); EVP_cleanup(); \
|
||||
CRYPTO_cleanup_all_ex_data(); ERR_remove_thread_state(NULL); \
|
||||
RAND_cleanup(); \
|
||||
ERR_free_strings(); zlib_cleanup(); } while(0)
|
||||
# endif
|
||||
#endif
|
||||
|
@ -117,6 +117,7 @@
|
||||
#include "apps.h"
|
||||
#include <openssl/bio.h>
|
||||
#include <openssl/crypto.h>
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/lhash.h>
|
||||
#include <openssl/conf.h>
|
||||
#include <openssl/x509.h>
|
||||
|
@ -112,7 +112,7 @@ int MAIN(int argc, char **argv)
|
||||
int maciter = PKCS12_DEFAULT_ITER;
|
||||
int twopass = 0;
|
||||
int keytype = 0;
|
||||
int cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
|
||||
int cert_pbe;
|
||||
int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
|
||||
int ret = 1;
|
||||
int macver = 1;
|
||||
@ -130,6 +130,13 @@ int MAIN(int argc, char **argv)
|
||||
|
||||
apps_startup();
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
if (FIPS_mode())
|
||||
cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
|
||||
else
|
||||
#endif
|
||||
cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
|
||||
|
||||
enc = EVP_des_ede3_cbc();
|
||||
if (bio_err == NULL ) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
|
||||
|
||||
|
@ -739,7 +739,7 @@ case "$GUESSOS" in
|
||||
libc=/usr/lib/libc.so
|
||||
else # OpenBSD
|
||||
# ld searches for highest libc.so.* and so do we
|
||||
libc=`(ls /usr/lib/libc.so.* | tail -1) 2>/dev/null`
|
||||
libc=`(ls /usr/lib/libc.so.* /lib/libc.so.* | tail -1) 2>/dev/null`
|
||||
fi
|
||||
case "`(file -L $libc) 2>/dev/null`" in
|
||||
*ELF*) OUT="BSD-x86-elf" ;;
|
||||
|
@ -78,7 +78,9 @@ ia64cpuid.s: ia64cpuid.S; $(CC) $(CFLAGS) -E ia64cpuid.S > $@
|
||||
ppccpuid.s: ppccpuid.pl; $(PERL) ppccpuid.pl $(PERLASM_SCHEME) $@
|
||||
pariscid.s: pariscid.pl; $(PERL) pariscid.pl $(PERLASM_SCHEME) $@
|
||||
alphacpuid.s: alphacpuid.pl
|
||||
$(PERL) $< | $(CC) -E - | tee $@ > /dev/null
|
||||
(preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
|
||||
$(PERL) alphacpuid.pl > $$preproc && \
|
||||
$(CC) -E $$preproc > $@ && rm $$preproc)
|
||||
|
||||
testapps:
|
||||
[ -z "$(THIS)" ] || ( if echo $(SDIRS) | fgrep ' des '; \
|
||||
|
@ -1015,7 +1015,8 @@ foreach (split("\n",$code)) {
|
||||
$SIZE_T==4 ? sprintf("extru%s,%d,8,",$1,31-$2)
|
||||
: sprintf("extrd,u%s,%d,8,",$1,63-$2)/e;
|
||||
|
||||
s/,\*/,/ if ($SIZE_T==4);
|
||||
s/,\*/,/ if ($SIZE_T==4);
|
||||
s/\bbv\b(.*\(%r2\))/bve$1/ if ($SIZE_T==8);
|
||||
print $_,"\n";
|
||||
}
|
||||
close STDOUT;
|
||||
|
@ -83,9 +83,9 @@
|
||||
# Add decryption procedure. Performance in CPU cycles spent to decrypt
|
||||
# one byte out of 4096-byte buffer with 128-bit key is:
|
||||
#
|
||||
# Core 2 11.0
|
||||
# Nehalem 9.16
|
||||
# Atom 20.9
|
||||
# Core 2 9.83
|
||||
# Nehalem 7.74
|
||||
# Atom 19.0
|
||||
#
|
||||
# November 2011.
|
||||
#
|
||||
@ -456,6 +456,7 @@ sub MixColumns {
|
||||
# modified to emit output in order suitable for feeding back to aesenc[last]
|
||||
my @x=@_[0..7];
|
||||
my @t=@_[8..15];
|
||||
my $inv=@_[16]; # optional
|
||||
$code.=<<___;
|
||||
pshufd \$0x93, @x[0], @t[0] # x0 <<< 32
|
||||
pshufd \$0x93, @x[1], @t[1]
|
||||
@ -497,7 +498,8 @@ $code.=<<___;
|
||||
pxor @t[4], @t[0]
|
||||
pshufd \$0x4E, @x[2], @x[6]
|
||||
pxor @t[5], @t[1]
|
||||
|
||||
___
|
||||
$code.=<<___ if (!$inv);
|
||||
pxor @t[3], @x[4]
|
||||
pxor @t[7], @x[5]
|
||||
pxor @t[6], @x[3]
|
||||
@ -505,9 +507,20 @@ $code.=<<___;
|
||||
pxor @t[2], @x[6]
|
||||
movdqa @t[1], @x[7]
|
||||
___
|
||||
$code.=<<___ if ($inv);
|
||||
pxor @x[4], @t[3]
|
||||
pxor @t[7], @x[5]
|
||||
pxor @x[3], @t[6]
|
||||
movdqa @t[0], @x[3]
|
||||
pxor @t[2], @x[6]
|
||||
movdqa @t[6], @x[2]
|
||||
movdqa @t[1], @x[7]
|
||||
movdqa @x[6], @x[4]
|
||||
movdqa @t[3], @x[6]
|
||||
___
|
||||
}
|
||||
|
||||
sub InvMixColumns {
|
||||
sub InvMixColumns_orig {
|
||||
my @x=@_[0..7];
|
||||
my @t=@_[8..15];
|
||||
|
||||
@ -661,6 +674,54 @@ $code.=<<___;
|
||||
___
|
||||
}
|
||||
|
||||
sub InvMixColumns {
|
||||
my @x=@_[0..7];
|
||||
my @t=@_[8..15];
|
||||
|
||||
# Thanks to Jussi Kivilinna for providing pointer to
|
||||
#
|
||||
# | 0e 0b 0d 09 | | 02 03 01 01 | | 05 00 04 00 |
|
||||
# | 09 0e 0b 0d | = | 01 02 03 01 | x | 00 05 00 04 |
|
||||
# | 0d 09 0e 0b | | 01 01 02 03 | | 04 00 05 00 |
|
||||
# | 0b 0d 09 0e | | 03 01 01 02 | | 00 04 00 05 |
|
||||
|
||||
$code.=<<___;
|
||||
# multiplication by 0x05-0x00-0x04-0x00
|
||||
pshufd \$0x4E, @x[0], @t[0]
|
||||
pshufd \$0x4E, @x[6], @t[6]
|
||||
pxor @x[0], @t[0]
|
||||
pshufd \$0x4E, @x[7], @t[7]
|
||||
pxor @x[6], @t[6]
|
||||
pshufd \$0x4E, @x[1], @t[1]
|
||||
pxor @x[7], @t[7]
|
||||
pshufd \$0x4E, @x[2], @t[2]
|
||||
pxor @x[1], @t[1]
|
||||
pshufd \$0x4E, @x[3], @t[3]
|
||||
pxor @x[2], @t[2]
|
||||
pxor @t[6], @x[0]
|
||||
pxor @t[6], @x[1]
|
||||
pshufd \$0x4E, @x[4], @t[4]
|
||||
pxor @x[3], @t[3]
|
||||
pxor @t[0], @x[2]
|
||||
pxor @t[1], @x[3]
|
||||
pshufd \$0x4E, @x[5], @t[5]
|
||||
pxor @x[4], @t[4]
|
||||
pxor @t[7], @x[1]
|
||||
pxor @t[2], @x[4]
|
||||
pxor @x[5], @t[5]
|
||||
|
||||
pxor @t[7], @x[2]
|
||||
pxor @t[6], @x[3]
|
||||
pxor @t[6], @x[4]
|
||||
pxor @t[3], @x[5]
|
||||
pxor @t[4], @x[6]
|
||||
pxor @t[7], @x[4]
|
||||
pxor @t[7], @x[5]
|
||||
pxor @t[5], @x[7]
|
||||
___
|
||||
&MixColumns (@x,@t,1); # flipped 2<->3 and 4<->6
|
||||
}
|
||||
|
||||
sub aesenc { # not used
|
||||
my @b=@_[0..7];
|
||||
my @t=@_[8..15];
|
||||
@ -2028,6 +2089,8 @@ ___
|
||||
# const unsigned char iv[16]);
|
||||
#
|
||||
my ($twmask,$twres,$twtmp)=@XMM[13..15];
|
||||
$arg6=~s/d$//;
|
||||
|
||||
$code.=<<___;
|
||||
.globl bsaes_xts_encrypt
|
||||
.type bsaes_xts_encrypt,\@abi-omnipotent
|
||||
|
@ -23,7 +23,7 @@ unsigned int _armv7_tick(void);
|
||||
|
||||
unsigned int OPENSSL_rdtsc(void)
|
||||
{
|
||||
if (OPENSSL_armcap_P|ARMV7_TICK)
|
||||
if (OPENSSL_armcap_P & ARMV7_TICK)
|
||||
return _armv7_tick();
|
||||
else
|
||||
return 0;
|
||||
|
@ -116,7 +116,7 @@ int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
|
||||
int pad=0,ret,i,neg;
|
||||
unsigned char *p,*n,pb=0;
|
||||
|
||||
if ((a == NULL) || (a->data == NULL)) return(0);
|
||||
if (a == NULL) return(0);
|
||||
neg=a->type & V_ASN1_NEG;
|
||||
if (a->length == 0)
|
||||
ret=1;
|
||||
|
@ -906,8 +906,8 @@ BIO *BIO_new_dgram_sctp(int fd, int close_flag)
|
||||
memset(authchunks, 0, sizeof(sockopt_len));
|
||||
ret = getsockopt(fd, IPPROTO_SCTP, SCTP_LOCAL_AUTH_CHUNKS, authchunks, &sockopt_len);
|
||||
OPENSSL_assert(ret >= 0);
|
||||
|
||||
for (p = (unsigned char*) authchunks + sizeof(sctp_assoc_t);
|
||||
|
||||
for (p = (unsigned char*) authchunks->gauth_chunks;
|
||||
p < (unsigned char*) authchunks + sockopt_len;
|
||||
p += sizeof(uint8_t))
|
||||
{
|
||||
@ -1197,7 +1197,7 @@ static int dgram_sctp_read(BIO *b, char *out, int outl)
|
||||
ii = getsockopt(b->num, IPPROTO_SCTP, SCTP_PEER_AUTH_CHUNKS, authchunks, &optlen);
|
||||
OPENSSL_assert(ii >= 0);
|
||||
|
||||
for (p = (unsigned char*) authchunks + sizeof(sctp_assoc_t);
|
||||
for (p = (unsigned char*) authchunks->gauth_chunks;
|
||||
p < (unsigned char*) authchunks + optlen;
|
||||
p += sizeof(uint8_t))
|
||||
{
|
||||
|
@ -125,7 +125,9 @@ ppc-mont.s: asm/ppc-mont.pl;$(PERL) asm/ppc-mont.pl $(PERLASM_SCHEME) $@
|
||||
ppc64-mont.s: asm/ppc64-mont.pl;$(PERL) asm/ppc64-mont.pl $(PERLASM_SCHEME) $@
|
||||
|
||||
alpha-mont.s: asm/alpha-mont.pl
|
||||
$(PERL) $< | $(CC) -E - | tee $@ > /dev/null
|
||||
(preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
|
||||
$(PERL) asm/alpha-mont.pl > $$preproc && \
|
||||
$(CC) -E $$preproc > $@ && rm $$preproc)
|
||||
|
||||
# GNU make "catch all"
|
||||
%-mont.s: asm/%-mont.pl; $(PERL) $< $(PERLASM_SCHEME) $@
|
||||
|
@ -133,7 +133,7 @@ $code.=<<___;
|
||||
bnez $at,1f
|
||||
li $t0,0
|
||||
slt $at,$num,17 # on in-order CPU
|
||||
bnezl $at,bn_mul_mont_internal
|
||||
bnez $at,bn_mul_mont_internal
|
||||
nop
|
||||
1: jr $ra
|
||||
li $a0,0
|
||||
|
@ -140,10 +140,10 @@ $code.=<<___;
|
||||
.set reorder
|
||||
li $minus4,-4
|
||||
and $ta0,$a2,$minus4
|
||||
$LD $t0,0($a1)
|
||||
beqz $ta0,.L_bn_mul_add_words_tail
|
||||
|
||||
.L_bn_mul_add_words_loop:
|
||||
$LD $t0,0($a1)
|
||||
$MULTU $t0,$a3
|
||||
$LD $t1,0($a0)
|
||||
$LD $t2,$BNSZ($a1)
|
||||
@ -200,10 +200,9 @@ $code.=<<___;
|
||||
$ADDU $v0,$ta2
|
||||
sltu $at,$ta3,$at
|
||||
$ST $ta3,-$BNSZ($a0)
|
||||
$ADDU $v0,$at
|
||||
.set noreorder
|
||||
bgtzl $ta0,.L_bn_mul_add_words_loop
|
||||
$LD $t0,0($a1)
|
||||
bgtz $ta0,.L_bn_mul_add_words_loop
|
||||
$ADDU $v0,$at
|
||||
|
||||
beqz $a2,.L_bn_mul_add_words_return
|
||||
nop
|
||||
@ -300,10 +299,10 @@ $code.=<<___;
|
||||
.set reorder
|
||||
li $minus4,-4
|
||||
and $ta0,$a2,$minus4
|
||||
$LD $t0,0($a1)
|
||||
beqz $ta0,.L_bn_mul_words_tail
|
||||
|
||||
.L_bn_mul_words_loop:
|
||||
$LD $t0,0($a1)
|
||||
$MULTU $t0,$a3
|
||||
$LD $t2,$BNSZ($a1)
|
||||
$LD $ta0,2*$BNSZ($a1)
|
||||
@ -341,10 +340,9 @@ $code.=<<___;
|
||||
$ADDU $v0,$at
|
||||
sltu $ta3,$v0,$at
|
||||
$ST $v0,-$BNSZ($a0)
|
||||
$ADDU $v0,$ta3,$ta2
|
||||
.set noreorder
|
||||
bgtzl $ta0,.L_bn_mul_words_loop
|
||||
$LD $t0,0($a1)
|
||||
bgtz $ta0,.L_bn_mul_words_loop
|
||||
$ADDU $v0,$ta3,$ta2
|
||||
|
||||
beqz $a2,.L_bn_mul_words_return
|
||||
nop
|
||||
@ -429,10 +427,10 @@ $code.=<<___;
|
||||
.set reorder
|
||||
li $minus4,-4
|
||||
and $ta0,$a2,$minus4
|
||||
$LD $t0,0($a1)
|
||||
beqz $ta0,.L_bn_sqr_words_tail
|
||||
|
||||
.L_bn_sqr_words_loop:
|
||||
$LD $t0,0($a1)
|
||||
$MULTU $t0,$t0
|
||||
$LD $t2,$BNSZ($a1)
|
||||
$LD $ta0,2*$BNSZ($a1)
|
||||
@ -463,11 +461,10 @@ $code.=<<___;
|
||||
mflo $ta3
|
||||
mfhi $ta2
|
||||
$ST $ta3,-2*$BNSZ($a0)
|
||||
$ST $ta2,-$BNSZ($a0)
|
||||
|
||||
.set noreorder
|
||||
bgtzl $ta0,.L_bn_sqr_words_loop
|
||||
$LD $t0,0($a1)
|
||||
bgtz $ta0,.L_bn_sqr_words_loop
|
||||
$ST $ta2,-$BNSZ($a0)
|
||||
|
||||
beqz $a2,.L_bn_sqr_words_return
|
||||
nop
|
||||
@ -547,10 +544,10 @@ $code.=<<___;
|
||||
.set reorder
|
||||
li $minus4,-4
|
||||
and $at,$a3,$minus4
|
||||
$LD $t0,0($a1)
|
||||
beqz $at,.L_bn_add_words_tail
|
||||
|
||||
.L_bn_add_words_loop:
|
||||
$LD $t0,0($a1)
|
||||
$LD $ta0,0($a2)
|
||||
subu $a3,4
|
||||
$LD $t1,$BNSZ($a1)
|
||||
@ -589,11 +586,10 @@ $code.=<<___;
|
||||
$ADDU $t3,$ta3,$v0
|
||||
sltu $v0,$t3,$ta3
|
||||
$ST $t3,-$BNSZ($a0)
|
||||
$ADDU $v0,$t9
|
||||
|
||||
.set noreorder
|
||||
bgtzl $at,.L_bn_add_words_loop
|
||||
$LD $t0,0($a1)
|
||||
bgtz $at,.L_bn_add_words_loop
|
||||
$ADDU $v0,$t9
|
||||
|
||||
beqz $a3,.L_bn_add_words_return
|
||||
nop
|
||||
@ -679,10 +675,10 @@ $code.=<<___;
|
||||
.set reorder
|
||||
li $minus4,-4
|
||||
and $at,$a3,$minus4
|
||||
$LD $t0,0($a1)
|
||||
beqz $at,.L_bn_sub_words_tail
|
||||
|
||||
.L_bn_sub_words_loop:
|
||||
$LD $t0,0($a1)
|
||||
$LD $ta0,0($a2)
|
||||
subu $a3,4
|
||||
$LD $t1,$BNSZ($a1)
|
||||
@ -722,11 +718,10 @@ $code.=<<___;
|
||||
$SUBU $t3,$ta3,$v0
|
||||
sgtu $v0,$t3,$ta3
|
||||
$ST $t3,-$BNSZ($a0)
|
||||
$ADDU $v0,$t9
|
||||
|
||||
.set noreorder
|
||||
bgtzl $at,.L_bn_sub_words_loop
|
||||
$LD $t0,0($a1)
|
||||
bgtz $at,.L_bn_sub_words_loop
|
||||
$ADDU $v0,$t9
|
||||
|
||||
beqz $a3,.L_bn_sub_words_return
|
||||
nop
|
||||
@ -840,8 +835,9 @@ $code.=<<___;
|
||||
sltu $ta0,$a1,$a2
|
||||
or $t8,$ta0
|
||||
.set noreorder
|
||||
beqzl $at,.L_bn_div_3_words_inner_loop
|
||||
beqz $at,.L_bn_div_3_words_inner_loop
|
||||
$SUBU $v0,1
|
||||
$ADDU $v0,1
|
||||
.set reorder
|
||||
.L_bn_div_3_words_inner_loop_done:
|
||||
.set noreorder
|
||||
@ -902,7 +898,8 @@ $code.=<<___;
|
||||
and $t2,$a0
|
||||
$SRL $at,$a1,$t1
|
||||
.set noreorder
|
||||
bnezl $t2,.+8
|
||||
beqz $t2,.+12
|
||||
nop
|
||||
break 6 # signal overflow
|
||||
.set reorder
|
||||
$SLL $a0,$t9
|
||||
@ -917,7 +914,8 @@ $code.=<<___;
|
||||
$SRL $DH,$a2,4*$BNSZ # bits
|
||||
sgeu $at,$a0,$a2
|
||||
.set noreorder
|
||||
bnezl $at,.+8
|
||||
beqz $at,.+12
|
||||
nop
|
||||
$SUBU $a0,$a2
|
||||
.set reorder
|
||||
|
||||
|
@ -40,7 +40,7 @@
|
||||
# of arithmetic operations, most notably multiplications. It requires
|
||||
# more memory references, most notably to tp[num], but this doesn't
|
||||
# seem to exhaust memory port capacity. And indeed, dedicated PA-RISC
|
||||
# 2.0 code path, provides virtually same performance as pa-risc2[W].s:
|
||||
# 2.0 code path provides virtually same performance as pa-risc2[W].s:
|
||||
# it's ~10% better for shortest key length and ~10% worse for longest
|
||||
# one.
|
||||
#
|
||||
@ -988,6 +988,8 @@ foreach (split("\n",$code)) {
|
||||
# assemble 2.0 instructions in 32-bit mode...
|
||||
s/^\s+([a-z]+)([\S]*)\s+([\S]*)/&assemble($1,$2,$3)/e if ($BN_SZ==4);
|
||||
|
||||
s/\bbv\b/bve/gm if ($SIZE_T==8);
|
||||
|
||||
print $_,"\n";
|
||||
}
|
||||
close STDOUT;
|
||||
|
@ -31,7 +31,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
|
||||
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
|
||||
die "can't locate x86_64-xlate.pl";
|
||||
|
||||
open STDOUT,"| \"$^X\" $xlate $flavour $output";
|
||||
open OUT,"| \"$^X\" $xlate $flavour $output";
|
||||
*STDOUT=*OUT;
|
||||
|
||||
($lo,$hi)=("%rax","%rdx"); $a=$lo;
|
||||
($i0,$i1)=("%rsi","%rdi");
|
||||
|
@ -901,8 +901,8 @@ $code.=<<___;
|
||||
jnz .Lgather
|
||||
___
|
||||
$code.=<<___ if ($win64);
|
||||
movaps %xmm6,(%rsp)
|
||||
movaps %xmm7,0x10(%rsp)
|
||||
movaps (%rsp),%xmm6
|
||||
movaps 0x10(%rsp),%xmm7
|
||||
lea 0x28(%rsp),%rsp
|
||||
___
|
||||
$code.=<<___;
|
||||
|
@ -286,26 +286,25 @@ const BIGNUM *BN_get0_nist_prime_521(void)
|
||||
}
|
||||
|
||||
|
||||
static void nist_cp_bn_0(BN_ULONG *buf, BN_ULONG *a, int top, int max)
|
||||
static void nist_cp_bn_0(BN_ULONG *dst, const BN_ULONG *src, int top, int max)
|
||||
{
|
||||
int i;
|
||||
BN_ULONG *_tmp1 = (buf), *_tmp2 = (a);
|
||||
|
||||
#ifdef BN_DEBUG
|
||||
OPENSSL_assert(top <= max);
|
||||
#endif
|
||||
for (i = (top); i != 0; i--)
|
||||
*_tmp1++ = *_tmp2++;
|
||||
for (i = (max) - (top); i != 0; i--)
|
||||
*_tmp1++ = (BN_ULONG) 0;
|
||||
for (i = 0; i < top; i++)
|
||||
dst[i] = src[i];
|
||||
for (; i < max; i++)
|
||||
dst[i] = 0;
|
||||
}
|
||||
|
||||
static void nist_cp_bn(BN_ULONG *buf, BN_ULONG *a, int top)
|
||||
static void nist_cp_bn(BN_ULONG *dst, const BN_ULONG *src, int top)
|
||||
{
|
||||
int i;
|
||||
BN_ULONG *_tmp1 = (buf), *_tmp2 = (a);
|
||||
for (i = (top); i != 0; i--)
|
||||
*_tmp1++ = *_tmp2++;
|
||||
|
||||
for (i = 0; i < top; i++)
|
||||
dst[i] = src[i];
|
||||
}
|
||||
|
||||
#if BN_BITS2 == 64
|
||||
@ -451,8 +450,9 @@ int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
|
||||
*/
|
||||
mask = 0-(PTR_SIZE_INT)bn_sub_words(c_d,r_d,_nist_p_192[0],BN_NIST_192_TOP);
|
||||
mask &= 0-(PTR_SIZE_INT)carry;
|
||||
res = c_d;
|
||||
res = (BN_ULONG *)
|
||||
(((PTR_SIZE_INT)c_d&~mask) | ((PTR_SIZE_INT)r_d&mask));
|
||||
(((PTR_SIZE_INT)res&~mask) | ((PTR_SIZE_INT)r_d&mask));
|
||||
nist_cp_bn(r_d, res, BN_NIST_192_TOP);
|
||||
r->top = BN_NIST_192_TOP;
|
||||
bn_correct_top(r);
|
||||
@ -479,8 +479,11 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
|
||||
int top = a->top, i;
|
||||
int carry;
|
||||
BN_ULONG *r_d, *a_d = a->d;
|
||||
BN_ULONG buf[BN_NIST_224_TOP],
|
||||
c_d[BN_NIST_224_TOP],
|
||||
union {
|
||||
BN_ULONG bn[BN_NIST_224_TOP];
|
||||
unsigned int ui[BN_NIST_224_TOP*sizeof(BN_ULONG)/sizeof(unsigned int)];
|
||||
} buf;
|
||||
BN_ULONG c_d[BN_NIST_224_TOP],
|
||||
*res;
|
||||
PTR_SIZE_INT mask;
|
||||
union { bn_addsub_f f; PTR_SIZE_INT p; } u;
|
||||
@ -519,18 +522,18 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
|
||||
/* copy upper 256 bits of 448 bit number ... */
|
||||
nist_cp_bn_0(c_d, a_d + (BN_NIST_224_TOP-1), top - (BN_NIST_224_TOP-1), BN_NIST_224_TOP);
|
||||
/* ... and right shift by 32 to obtain upper 224 bits */
|
||||
nist_set_224(buf, c_d, 14, 13, 12, 11, 10, 9, 8);
|
||||
nist_set_224(buf.bn, c_d, 14, 13, 12, 11, 10, 9, 8);
|
||||
/* truncate lower part to 224 bits too */
|
||||
r_d[BN_NIST_224_TOP-1] &= BN_MASK2l;
|
||||
#else
|
||||
nist_cp_bn_0(buf, a_d + BN_NIST_224_TOP, top - BN_NIST_224_TOP, BN_NIST_224_TOP);
|
||||
nist_cp_bn_0(buf.bn, a_d + BN_NIST_224_TOP, top - BN_NIST_224_TOP, BN_NIST_224_TOP);
|
||||
#endif
|
||||
|
||||
#if defined(NIST_INT64) && BN_BITS2!=64
|
||||
{
|
||||
NIST_INT64 acc; /* accumulator */
|
||||
unsigned int *rp=(unsigned int *)r_d;
|
||||
const unsigned int *bp=(const unsigned int *)buf;
|
||||
const unsigned int *bp=(const unsigned int *)buf.ui;
|
||||
|
||||
acc = rp[0]; acc -= bp[7-7];
|
||||
acc -= bp[11-7]; rp[0] = (unsigned int)acc; acc >>= 32;
|
||||
@ -565,13 +568,13 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
|
||||
{
|
||||
BN_ULONG t_d[BN_NIST_224_TOP];
|
||||
|
||||
nist_set_224(t_d, buf, 10, 9, 8, 7, 0, 0, 0);
|
||||
nist_set_224(t_d, buf.bn, 10, 9, 8, 7, 0, 0, 0);
|
||||
carry = (int)bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP);
|
||||
nist_set_224(t_d, buf, 0, 13, 12, 11, 0, 0, 0);
|
||||
nist_set_224(t_d, buf.bn, 0, 13, 12, 11, 0, 0, 0);
|
||||
carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP);
|
||||
nist_set_224(t_d, buf, 13, 12, 11, 10, 9, 8, 7);
|
||||
nist_set_224(t_d, buf.bn, 13, 12, 11, 10, 9, 8, 7);
|
||||
carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP);
|
||||
nist_set_224(t_d, buf, 0, 0, 0, 0, 13, 12, 11);
|
||||
nist_set_224(t_d, buf.bn, 0, 0, 0, 0, 13, 12, 11);
|
||||
carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP);
|
||||
|
||||
#if BN_BITS2==64
|
||||
@ -606,7 +609,8 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
|
||||
/* otherwise it's effectively same as in BN_nist_mod_192... */
|
||||
mask = 0-(PTR_SIZE_INT)(*u.f)(c_d,r_d,_nist_p_224[0],BN_NIST_224_TOP);
|
||||
mask &= 0-(PTR_SIZE_INT)carry;
|
||||
res = (BN_ULONG *)(((PTR_SIZE_INT)c_d&~mask) |
|
||||
res = c_d;
|
||||
res = (BN_ULONG *)(((PTR_SIZE_INT)res&~mask) |
|
||||
((PTR_SIZE_INT)r_d&mask));
|
||||
nist_cp_bn(r_d, res, BN_NIST_224_TOP);
|
||||
r->top = BN_NIST_224_TOP;
|
||||
@ -805,7 +809,8 @@ int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
|
||||
|
||||
mask = 0-(PTR_SIZE_INT)(*u.f)(c_d,r_d,_nist_p_256[0],BN_NIST_256_TOP);
|
||||
mask &= 0-(PTR_SIZE_INT)carry;
|
||||
res = (BN_ULONG *)(((PTR_SIZE_INT)c_d&~mask) |
|
||||
res = c_d;
|
||||
res = (BN_ULONG *)(((PTR_SIZE_INT)res&~mask) |
|
||||
((PTR_SIZE_INT)r_d&mask));
|
||||
nist_cp_bn(r_d, res, BN_NIST_256_TOP);
|
||||
r->top = BN_NIST_256_TOP;
|
||||
@ -1026,7 +1031,8 @@ int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
|
||||
|
||||
mask = 0-(PTR_SIZE_INT)(*u.f)(c_d,r_d,_nist_p_384[0],BN_NIST_384_TOP);
|
||||
mask &= 0-(PTR_SIZE_INT)carry;
|
||||
res = (BN_ULONG *)(((PTR_SIZE_INT)c_d&~mask) |
|
||||
res = c_d;
|
||||
res = (BN_ULONG *)(((PTR_SIZE_INT)res&~mask) |
|
||||
((PTR_SIZE_INT)r_d&mask));
|
||||
nist_cp_bn(r_d, res, BN_NIST_384_TOP);
|
||||
r->top = BN_NIST_384_TOP;
|
||||
@ -1092,7 +1098,8 @@ int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
|
||||
|
||||
bn_add_words(r_d,r_d,t_d,BN_NIST_521_TOP);
|
||||
mask = 0-(PTR_SIZE_INT)bn_sub_words(t_d,r_d,_nist_p_521,BN_NIST_521_TOP);
|
||||
res = (BN_ULONG *)(((PTR_SIZE_INT)t_d&~mask) |
|
||||
res = t_d;
|
||||
res = (BN_ULONG *)(((PTR_SIZE_INT)res&~mask) |
|
||||
((PTR_SIZE_INT)r_d&mask));
|
||||
nist_cp_bn(r_d,res,BN_NIST_521_TOP);
|
||||
r->top = BN_NIST_521_TOP;
|
||||
|
@ -179,14 +179,14 @@ int BUF_MEM_grow_clean(BUF_MEM *str, size_t len)
|
||||
return(len);
|
||||
}
|
||||
|
||||
void BUF_reverse(unsigned char *out, unsigned char *in, size_t size)
|
||||
void BUF_reverse(unsigned char *out, const unsigned char *in, size_t size)
|
||||
{
|
||||
size_t i;
|
||||
if (in)
|
||||
{
|
||||
out += size - 1;
|
||||
for (i = 0; i < size; i++)
|
||||
*in++ = *out--;
|
||||
*out-- = *in++;
|
||||
}
|
||||
else
|
||||
{
|
||||
|
@ -88,7 +88,7 @@ int BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
|
||||
char * BUF_strdup(const char *str);
|
||||
char * BUF_strndup(const char *str, size_t siz);
|
||||
void * BUF_memdup(const void *data, size_t siz);
|
||||
void BUF_reverse(unsigned char *out, unsigned char *in, size_t siz);
|
||||
void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz);
|
||||
|
||||
/* safe string functions */
|
||||
size_t BUF_strlcpy(char *dst,const char *src,size_t siz);
|
||||
|
@ -88,7 +88,7 @@ static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key)
|
||||
if (!pstr)
|
||||
return 0;
|
||||
pstr->length = i2d_ECParameters(ec_key, &pstr->data);
|
||||
if (pstr->length < 0)
|
||||
if (pstr->length <= 0)
|
||||
{
|
||||
ASN1_STRING_free(pstr);
|
||||
ECerr(EC_F_ECKEY_PARAM2TYPE, ERR_R_EC_LIB);
|
||||
|
@ -89,7 +89,8 @@ int EC_GROUP_get_trinomial_basis(const EC_GROUP *group, unsigned int *k)
|
||||
if (group == NULL)
|
||||
return 0;
|
||||
|
||||
if (EC_GROUP_method_of(group)->group_set_curve != ec_GF2m_simple_group_set_curve
|
||||
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
|
||||
NID_X9_62_characteristic_two_field
|
||||
|| !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[2] == 0)))
|
||||
{
|
||||
ECerr(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
||||
@ -107,7 +108,8 @@ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *group, unsigned int *k1,
|
||||
if (group == NULL)
|
||||
return 0;
|
||||
|
||||
if (EC_GROUP_method_of(group)->group_set_curve != ec_GF2m_simple_group_set_curve
|
||||
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
|
||||
NID_X9_62_characteristic_two_field
|
||||
|| !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[2] != 0) && (group->poly[3] != 0) && (group->poly[4] == 0)))
|
||||
{
|
||||
ECerr(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
||||
|
@ -480,10 +480,10 @@ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx)
|
||||
if (EC_METHOD_get_field_type(EC_GROUP_method_of(a)) !=
|
||||
EC_METHOD_get_field_type(EC_GROUP_method_of(b)))
|
||||
return 1;
|
||||
/* compare the curve name (if present) */
|
||||
/* compare the curve name (if present in both) */
|
||||
if (EC_GROUP_get_curve_name(a) && EC_GROUP_get_curve_name(b) &&
|
||||
EC_GROUP_get_curve_name(a) == EC_GROUP_get_curve_name(b))
|
||||
return 0;
|
||||
EC_GROUP_get_curve_name(a) != EC_GROUP_get_curve_name(b))
|
||||
return 1;
|
||||
|
||||
if (!ctx)
|
||||
ctx_new = ctx = BN_CTX_new();
|
||||
@ -993,12 +993,12 @@ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN
|
||||
if (group->meth->point_cmp == 0)
|
||||
{
|
||||
ECerr(EC_F_EC_POINT_CMP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
||||
return 0;
|
||||
return -1;
|
||||
}
|
||||
if ((group->meth != a->meth) || (a->meth != b->meth))
|
||||
{
|
||||
ECerr(EC_F_EC_POINT_CMP, EC_R_INCOMPATIBLE_OBJECTS);
|
||||
return 0;
|
||||
return -1;
|
||||
}
|
||||
return group->meth->point_cmp(group, a, b, ctx);
|
||||
}
|
||||
|
@ -104,6 +104,7 @@ static int bind_helper(ENGINE *e)
|
||||
{
|
||||
if (!ENGINE_set_id(e, engine_e_rdrand_id) ||
|
||||
!ENGINE_set_name(e, engine_e_rdrand_name) ||
|
||||
!ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL) ||
|
||||
!ENGINE_set_init_function(e, rdrand_init) ||
|
||||
!ENGINE_set_RAND(e, &rdrand_meth) )
|
||||
return 0;
|
||||
|
@ -67,7 +67,7 @@ files:
|
||||
links:
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
|
||||
[ ! -f $(TESTDATA) ] || cp $(TESTDATA) ../../test
|
||||
@[ -f $(TESTDATA) ] && cp $(TESTDATA) ../../test && echo "$(TESTDATA) -> ../../test/$(TESTDATA)"
|
||||
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
|
||||
|
||||
install:
|
||||
|
@ -366,8 +366,11 @@ int EVP_Digest(const void *data, size_t count,
|
||||
|
||||
void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
|
||||
{
|
||||
EVP_MD_CTX_cleanup(ctx);
|
||||
OPENSSL_free(ctx);
|
||||
if (ctx)
|
||||
{
|
||||
EVP_MD_CTX_cleanup(ctx);
|
||||
OPENSSL_free(ctx);
|
||||
}
|
||||
}
|
||||
|
||||
/* This call frees resources associated with the context */
|
||||
|
@ -842,7 +842,10 @@ static int aes_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
||||
gctx->ctr = NULL;
|
||||
break;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
(void)0; /* terminate potentially open 'else' */
|
||||
|
||||
AES_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks);
|
||||
CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks, (block128_f)AES_encrypt);
|
||||
#ifdef AES_CTR_ASM
|
||||
@ -1083,14 +1086,17 @@ static int aes_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
||||
xctx->xts.block1 = (block128_f)vpaes_decrypt;
|
||||
}
|
||||
|
||||
vpaes_set_encrypt_key(key + ctx->key_len/2,
|
||||
vpaes_set_encrypt_key(key + ctx->key_len/2,
|
||||
ctx->key_len * 4, &xctx->ks2);
|
||||
xctx->xts.block2 = (block128_f)vpaes_encrypt;
|
||||
xctx->xts.block2 = (block128_f)vpaes_encrypt;
|
||||
|
||||
xctx->xts.key1 = &xctx->ks1;
|
||||
break;
|
||||
}
|
||||
xctx->xts.key1 = &xctx->ks1;
|
||||
break;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
(void)0; /* terminate potentially open 'else' */
|
||||
|
||||
if (enc)
|
||||
{
|
||||
AES_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1);
|
||||
|
@ -328,10 +328,11 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
|
||||
if (res!=SHA_CBLOCK) continue;
|
||||
|
||||
mask = 0-((inp_len+8-j)>>(sizeof(j)*8-1));
|
||||
/* j is not incremented yet */
|
||||
mask = 0-((inp_len+7-j)>>(sizeof(j)*8-1));
|
||||
data->u[SHA_LBLOCK-1] |= bitlen&mask;
|
||||
sha1_block_data_order(&key->md,data,1);
|
||||
mask &= 0-((j-inp_len-73)>>(sizeof(j)*8-1));
|
||||
mask &= 0-((j-inp_len-72)>>(sizeof(j)*8-1));
|
||||
pmac->u[0] |= key->md.h0 & mask;
|
||||
pmac->u[1] |= key->md.h1 & mask;
|
||||
pmac->u[2] |= key->md.h2 & mask;
|
||||
|
@ -101,7 +101,7 @@ static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, size_t inl)
|
||||
{
|
||||
if (inl>=EVP_MAXCHUNK)
|
||||
while (inl>=EVP_MAXCHUNK)
|
||||
{
|
||||
DES_ede3_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK,
|
||||
&data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
|
||||
@ -132,7 +132,7 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
printf("\n");
|
||||
}
|
||||
#endif /* KSSL_DEBUG */
|
||||
if (inl>=EVP_MAXCHUNK)
|
||||
while (inl>=EVP_MAXCHUNK)
|
||||
{
|
||||
DES_ede3_cbc_encrypt(in, out, (long)EVP_MAXCHUNK,
|
||||
&data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
|
||||
@ -151,7 +151,7 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
static int des_ede_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, size_t inl)
|
||||
{
|
||||
if (inl>=EVP_MAXCHUNK)
|
||||
while (inl>=EVP_MAXCHUNK)
|
||||
{
|
||||
DES_ede3_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK,
|
||||
&data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
|
||||
|
@ -85,19 +85,24 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
|
||||
unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4];
|
||||
int cplen, j, k, tkeylen, mdlen;
|
||||
unsigned long i = 1;
|
||||
HMAC_CTX hctx;
|
||||
HMAC_CTX hctx_tpl, hctx;
|
||||
|
||||
mdlen = EVP_MD_size(digest);
|
||||
if (mdlen < 0)
|
||||
return 0;
|
||||
|
||||
HMAC_CTX_init(&hctx);
|
||||
HMAC_CTX_init(&hctx_tpl);
|
||||
p = out;
|
||||
tkeylen = keylen;
|
||||
if(!pass)
|
||||
passlen = 0;
|
||||
else if(passlen == -1)
|
||||
passlen = strlen(pass);
|
||||
if (!HMAC_Init_ex(&hctx_tpl, pass, passlen, digest, NULL))
|
||||
{
|
||||
HMAC_CTX_cleanup(&hctx_tpl);
|
||||
return 0;
|
||||
}
|
||||
while(tkeylen)
|
||||
{
|
||||
if(tkeylen > mdlen)
|
||||
@ -111,19 +116,36 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
|
||||
itmp[1] = (unsigned char)((i >> 16) & 0xff);
|
||||
itmp[2] = (unsigned char)((i >> 8) & 0xff);
|
||||
itmp[3] = (unsigned char)(i & 0xff);
|
||||
if (!HMAC_Init_ex(&hctx, pass, passlen, digest, NULL)
|
||||
|| !HMAC_Update(&hctx, salt, saltlen)
|
||||
|| !HMAC_Update(&hctx, itmp, 4)
|
||||
|| !HMAC_Final(&hctx, digtmp, NULL))
|
||||
if (!HMAC_CTX_copy(&hctx, &hctx_tpl))
|
||||
{
|
||||
HMAC_CTX_cleanup(&hctx_tpl);
|
||||
return 0;
|
||||
}
|
||||
if (!HMAC_Update(&hctx, salt, saltlen)
|
||||
|| !HMAC_Update(&hctx, itmp, 4)
|
||||
|| !HMAC_Final(&hctx, digtmp, NULL))
|
||||
{
|
||||
HMAC_CTX_cleanup(&hctx_tpl);
|
||||
HMAC_CTX_cleanup(&hctx);
|
||||
return 0;
|
||||
}
|
||||
HMAC_CTX_cleanup(&hctx);
|
||||
memcpy(p, digtmp, cplen);
|
||||
for(j = 1; j < iter; j++)
|
||||
{
|
||||
HMAC(digest, pass, passlen,
|
||||
digtmp, mdlen, digtmp, NULL);
|
||||
if (!HMAC_CTX_copy(&hctx, &hctx_tpl))
|
||||
{
|
||||
HMAC_CTX_cleanup(&hctx_tpl);
|
||||
return 0;
|
||||
}
|
||||
if (!HMAC_Update(&hctx, digtmp, mdlen)
|
||||
|| !HMAC_Final(&hctx, digtmp, NULL))
|
||||
{
|
||||
HMAC_CTX_cleanup(&hctx_tpl);
|
||||
HMAC_CTX_cleanup(&hctx);
|
||||
return 0;
|
||||
}
|
||||
HMAC_CTX_cleanup(&hctx);
|
||||
for(k = 0; k < cplen; k++)
|
||||
p[k] ^= digtmp[k];
|
||||
}
|
||||
@ -131,7 +153,7 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
|
||||
i++;
|
||||
p+= cplen;
|
||||
}
|
||||
HMAC_CTX_cleanup(&hctx);
|
||||
HMAC_CTX_cleanup(&hctx_tpl);
|
||||
#ifdef DEBUG_PKCS5V2
|
||||
fprintf(stderr, "Password:\n");
|
||||
h__dump (pass, passlen);
|
||||
|
@ -53,7 +53,10 @@ ghash-x86_64.s: asm/ghash-x86_64.pl
|
||||
ghash-sparcv9.s: asm/ghash-sparcv9.pl
|
||||
$(PERL) asm/ghash-sparcv9.pl $@ $(CFLAGS)
|
||||
ghash-alpha.s: asm/ghash-alpha.pl
|
||||
$(PERL) $< | $(CC) -E - | tee $@ > /dev/null
|
||||
(preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
|
||||
$(PERL) asm/ghash-alpha.pl > $$preproc && \
|
||||
$(CC) -E $$preproc > $@ && rm $$preproc)
|
||||
|
||||
ghash-parisc.s: asm/ghash-parisc.pl
|
||||
$(PERL) asm/ghash-parisc.pl $(PERLASM_SCHEME) $@
|
||||
|
||||
|
@ -724,6 +724,7 @@ foreach (split("\n",$code)) {
|
||||
s/cmpb,\*/comb,/;
|
||||
s/,\*/,/;
|
||||
}
|
||||
s/\bbv\b/bve/ if ($SIZE_T==8);
|
||||
print $_,"\n";
|
||||
}
|
||||
|
||||
|
@ -117,7 +117,7 @@ void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
|
||||
unsigned char ivec[16], block128_f block)
|
||||
{
|
||||
size_t n;
|
||||
union { size_t align; unsigned char c[16]; } tmp;
|
||||
union { size_t t[16/sizeof(size_t)]; unsigned char c[16]; } tmp;
|
||||
|
||||
assert(in && out && key && ivec);
|
||||
|
||||
@ -137,11 +137,13 @@ void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
|
||||
out += 16;
|
||||
}
|
||||
}
|
||||
else {
|
||||
else if (16%sizeof(size_t) == 0) { /* always true */
|
||||
while (len>=16) {
|
||||
size_t *out_t=(size_t *)out, *iv_t=(size_t *)iv;
|
||||
|
||||
(*block)(in, out, key);
|
||||
for(n=0; n<16; n+=sizeof(size_t))
|
||||
*(size_t *)(out+n) ^= *(size_t *)(iv+n);
|
||||
for(n=0; n<16/sizeof(size_t); n++)
|
||||
out_t[n] ^= iv_t[n];
|
||||
iv = in;
|
||||
len -= 16;
|
||||
in += 16;
|
||||
@ -165,15 +167,16 @@ void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
|
||||
out += 16;
|
||||
}
|
||||
}
|
||||
else {
|
||||
size_t c;
|
||||
else if (16%sizeof(size_t) == 0) { /* always true */
|
||||
while (len>=16) {
|
||||
size_t c, *out_t=(size_t *)out, *ivec_t=(size_t *)ivec;
|
||||
const size_t *in_t=(const size_t *)in;
|
||||
|
||||
(*block)(in, tmp.c, key);
|
||||
for(n=0; n<16; n+=sizeof(size_t)) {
|
||||
c = *(size_t *)(in+n);
|
||||
*(size_t *)(out+n) =
|
||||
*(size_t *)(tmp.c+n) ^ *(size_t *)(ivec+n);
|
||||
*(size_t *)(ivec+n) = c;
|
||||
for(n=0; n<16/sizeof(size_t); n++) {
|
||||
c = in_t[n];
|
||||
out_t[n] = tmp.t[n] ^ ivec_t[n];
|
||||
ivec_t[n] = c;
|
||||
}
|
||||
len -= 16;
|
||||
in += 16;
|
||||
|
@ -87,7 +87,7 @@ int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx,
|
||||
ctx->nonce.c[11] = (u8)(mlen>>(32%(sizeof(mlen)*8)));
|
||||
}
|
||||
else
|
||||
*(u32*)(&ctx->nonce.c[8]) = 0;
|
||||
ctx->nonce.u[1] = 0;
|
||||
|
||||
ctx->nonce.c[12] = (u8)(mlen>>24);
|
||||
ctx->nonce.c[13] = (u8)(mlen>>16);
|
||||
|
@ -108,12 +108,8 @@ size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
(*cbc)(in,out-16,residue,key,ivec,1);
|
||||
memcpy(out,tmp.c,residue);
|
||||
#else
|
||||
{
|
||||
size_t n;
|
||||
for (n=0; n<16; n+=sizeof(size_t))
|
||||
*(size_t *)(tmp.c+n) = 0;
|
||||
memset(tmp.c,0,sizeof(tmp));
|
||||
memcpy(tmp.c,in,residue);
|
||||
}
|
||||
memcpy(out,out-16,residue);
|
||||
(*cbc)(tmp.c,out-16,16,key,ivec,1);
|
||||
#endif
|
||||
@ -144,12 +140,8 @@ size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
#if defined(CBC_HANDLES_TRUNCATED_IO)
|
||||
(*cbc)(in,out-16+residue,residue,key,ivec,1);
|
||||
#else
|
||||
{
|
||||
size_t n;
|
||||
for (n=0; n<16; n+=sizeof(size_t))
|
||||
*(size_t *)(tmp.c+n) = 0;
|
||||
memset(tmp.c,0,sizeof(tmp));
|
||||
memcpy(tmp.c,in,residue);
|
||||
}
|
||||
(*cbc)(tmp.c,out-16+residue,16,key,ivec,1);
|
||||
#endif
|
||||
return len+residue;
|
||||
@ -177,8 +169,7 @@ size_t CRYPTO_cts128_decrypt_block(const unsigned char *in, unsigned char *out,
|
||||
|
||||
(*block)(in,tmp.c+16,key);
|
||||
|
||||
for (n=0; n<16; n+=sizeof(size_t))
|
||||
*(size_t *)(tmp.c+n) = *(size_t *)(tmp.c+16+n);
|
||||
memcpy(tmp.c,tmp.c+16,16);
|
||||
memcpy(tmp.c,in+16,residue);
|
||||
(*block)(tmp.c,tmp.c,key);
|
||||
|
||||
@ -220,8 +211,7 @@ size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in, unsigned char *o
|
||||
|
||||
(*block)(in+residue,tmp.c+16,key);
|
||||
|
||||
for (n=0; n<16; n+=sizeof(size_t))
|
||||
*(size_t *)(tmp.c+n) = *(size_t *)(tmp.c+16+n);
|
||||
memcpy(tmp.c,tmp.c+16,16);
|
||||
memcpy(tmp.c,in,residue);
|
||||
(*block)(tmp.c,tmp.c,key);
|
||||
|
||||
@ -240,7 +230,7 @@ size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in, unsigned char *o
|
||||
size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], cbc128_f cbc)
|
||||
{ size_t residue, n;
|
||||
{ size_t residue;
|
||||
union { size_t align; unsigned char c[32]; } tmp;
|
||||
|
||||
assert (in && out && key && ivec);
|
||||
@ -257,8 +247,7 @@ size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
|
||||
out += len;
|
||||
}
|
||||
|
||||
for (n=16; n<32; n+=sizeof(size_t))
|
||||
*(size_t *)(tmp.c+n) = 0;
|
||||
memset(tmp.c,0,sizeof(tmp));
|
||||
/* this places in[16] at &tmp.c[16] and decrypted block at &tmp.c[0] */
|
||||
(*cbc)(in,tmp.c,16,key,tmp.c+16,0);
|
||||
|
||||
@ -275,7 +264,7 @@ size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], cbc128_f cbc)
|
||||
{ size_t residue, n;
|
||||
{ size_t residue;
|
||||
union { size_t align; unsigned char c[32]; } tmp;
|
||||
|
||||
assert (in && out && key && ivec);
|
||||
@ -297,8 +286,7 @@ size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
|
||||
out += len;
|
||||
}
|
||||
|
||||
for (n=16; n<32; n+=sizeof(size_t))
|
||||
*(size_t *)(tmp.c+n) = 0;
|
||||
memset(tmp.c,0,sizeof(tmp));
|
||||
/* this places in[16] at &tmp.c[16] and decrypted block at &tmp.c[0] */
|
||||
(*cbc)(in+residue,tmp.c,16,key,tmp.c+16,0);
|
||||
|
||||
|
@ -941,15 +941,17 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
|
||||
size_t j=GHASH_CHUNK;
|
||||
|
||||
while (j) {
|
||||
size_t *out_t=(size_t *)out;
|
||||
const size_t *in_t=(const size_t *)in;
|
||||
|
||||
(*block)(ctx->Yi.c,ctx->EKi.c,key);
|
||||
++ctr;
|
||||
if (is_endian.little)
|
||||
PUTU32(ctx->Yi.c+12,ctr);
|
||||
else
|
||||
ctx->Yi.d[3] = ctr;
|
||||
for (i=0; i<16; i+=sizeof(size_t))
|
||||
*(size_t *)(out+i) =
|
||||
*(size_t *)(in+i)^*(size_t *)(ctx->EKi.c+i);
|
||||
for (i=0; i<16/sizeof(size_t); ++i)
|
||||
out_t[i] = in_t[i] ^ ctx->EKi.t[i];
|
||||
out += 16;
|
||||
in += 16;
|
||||
j -= 16;
|
||||
@ -961,15 +963,17 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
|
||||
size_t j=i;
|
||||
|
||||
while (len>=16) {
|
||||
size_t *out_t=(size_t *)out;
|
||||
const size_t *in_t=(const size_t *)in;
|
||||
|
||||
(*block)(ctx->Yi.c,ctx->EKi.c,key);
|
||||
++ctr;
|
||||
if (is_endian.little)
|
||||
PUTU32(ctx->Yi.c+12,ctr);
|
||||
else
|
||||
ctx->Yi.d[3] = ctr;
|
||||
for (i=0; i<16; i+=sizeof(size_t))
|
||||
*(size_t *)(out+i) =
|
||||
*(size_t *)(in+i)^*(size_t *)(ctx->EKi.c+i);
|
||||
for (i=0; i<16/sizeof(size_t); ++i)
|
||||
out_t[i] = in_t[i] ^ ctx->EKi.t[i];
|
||||
out += 16;
|
||||
in += 16;
|
||||
len -= 16;
|
||||
@ -978,16 +982,18 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
|
||||
}
|
||||
#else
|
||||
while (len>=16) {
|
||||
size_t *out_t=(size_t *)out;
|
||||
const size_t *in_t=(const size_t *)in;
|
||||
|
||||
(*block)(ctx->Yi.c,ctx->EKi.c,key);
|
||||
++ctr;
|
||||
if (is_endian.little)
|
||||
PUTU32(ctx->Yi.c+12,ctr);
|
||||
else
|
||||
ctx->Yi.d[3] = ctr;
|
||||
for (i=0; i<16; i+=sizeof(size_t))
|
||||
*(size_t *)(ctx->Xi.c+i) ^=
|
||||
*(size_t *)(out+i) =
|
||||
*(size_t *)(in+i)^*(size_t *)(ctx->EKi.c+i);
|
||||
for (i=0; i<16/sizeof(size_t); ++i)
|
||||
ctx->Xi.t[i] ^=
|
||||
out_t[i] = in_t[i]^ctx->EKi.t[i];
|
||||
GCM_MUL(ctx,Xi);
|
||||
out += 16;
|
||||
in += 16;
|
||||
@ -1091,15 +1097,17 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
|
||||
|
||||
GHASH(ctx,in,GHASH_CHUNK);
|
||||
while (j) {
|
||||
size_t *out_t=(size_t *)out;
|
||||
const size_t *in_t=(const size_t *)in;
|
||||
|
||||
(*block)(ctx->Yi.c,ctx->EKi.c,key);
|
||||
++ctr;
|
||||
if (is_endian.little)
|
||||
PUTU32(ctx->Yi.c+12,ctr);
|
||||
else
|
||||
ctx->Yi.d[3] = ctr;
|
||||
for (i=0; i<16; i+=sizeof(size_t))
|
||||
*(size_t *)(out+i) =
|
||||
*(size_t *)(in+i)^*(size_t *)(ctx->EKi.c+i);
|
||||
for (i=0; i<16/sizeof(size_t); ++i)
|
||||
out_t[i] = in_t[i]^ctx->EKi.t[i];
|
||||
out += 16;
|
||||
in += 16;
|
||||
j -= 16;
|
||||
@ -1109,15 +1117,17 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
|
||||
if ((i = (len&(size_t)-16))) {
|
||||
GHASH(ctx,in,i);
|
||||
while (len>=16) {
|
||||
size_t *out_t=(size_t *)out;
|
||||
const size_t *in_t=(const size_t *)in;
|
||||
|
||||
(*block)(ctx->Yi.c,ctx->EKi.c,key);
|
||||
++ctr;
|
||||
if (is_endian.little)
|
||||
PUTU32(ctx->Yi.c+12,ctr);
|
||||
else
|
||||
ctx->Yi.d[3] = ctr;
|
||||
for (i=0; i<16; i+=sizeof(size_t))
|
||||
*(size_t *)(out+i) =
|
||||
*(size_t *)(in+i)^*(size_t *)(ctx->EKi.c+i);
|
||||
for (i=0; i<16/sizeof(size_t); ++i)
|
||||
out_t[i] = in_t[i]^ctx->EKi.t[i];
|
||||
out += 16;
|
||||
in += 16;
|
||||
len -= 16;
|
||||
@ -1125,16 +1135,19 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
|
||||
}
|
||||
#else
|
||||
while (len>=16) {
|
||||
size_t *out_t=(size_t *)out;
|
||||
const size_t *in_t=(const size_t *)in;
|
||||
|
||||
(*block)(ctx->Yi.c,ctx->EKi.c,key);
|
||||
++ctr;
|
||||
if (is_endian.little)
|
||||
PUTU32(ctx->Yi.c+12,ctr);
|
||||
else
|
||||
ctx->Yi.d[3] = ctr;
|
||||
for (i=0; i<16; i+=sizeof(size_t)) {
|
||||
size_t c = *(size_t *)(in+i);
|
||||
*(size_t *)(out+i) = c^*(size_t *)(ctx->EKi.c+i);
|
||||
*(size_t *)(ctx->Xi.c+i) ^= c;
|
||||
for (i=0; i<16/sizeof(size_t); ++i) {
|
||||
size_t c = in[i];
|
||||
out[i] = c^ctx->EKi.t[i];
|
||||
ctx->Xi.t[i] ^= c;
|
||||
}
|
||||
GCM_MUL(ctx,Xi);
|
||||
out += 16;
|
||||
@ -1669,6 +1682,46 @@ static const u8 IV18[]={0x93,0x13,0x22,0x5d,0xf8,0x84,0x06,0xe5,0x55,0x90,0x9c,0
|
||||
0xa2,0x41,0x89,0x97,0x20,0x0e,0xf8,0x2e,0x44,0xae,0x7e,0x3f},
|
||||
T18[]= {0xa4,0x4a,0x82,0x66,0xee,0x1c,0x8e,0xb0,0xc8,0xb5,0xd4,0xcf,0x5a,0xe9,0xf1,0x9a};
|
||||
|
||||
/* Test Case 19 */
|
||||
#define K19 K1
|
||||
#define P19 P1
|
||||
#define IV19 IV1
|
||||
#define C19 C1
|
||||
static const u8 A19[]= {0xd9,0x31,0x32,0x25,0xf8,0x84,0x06,0xe5,0xa5,0x59,0x09,0xc5,0xaf,0xf5,0x26,0x9a,
|
||||
0x86,0xa7,0xa9,0x53,0x15,0x34,0xf7,0xda,0x2e,0x4c,0x30,0x3d,0x8a,0x31,0x8a,0x72,
|
||||
0x1c,0x3c,0x0c,0x95,0x95,0x68,0x09,0x53,0x2f,0xcf,0x0e,0x24,0x49,0xa6,0xb5,0x25,
|
||||
0xb1,0x6a,0xed,0xf5,0xaa,0x0d,0xe6,0x57,0xba,0x63,0x7b,0x39,0x1a,0xaf,0xd2,0x55,
|
||||
0x52,0x2d,0xc1,0xf0,0x99,0x56,0x7d,0x07,0xf4,0x7f,0x37,0xa3,0x2a,0x84,0x42,0x7d,
|
||||
0x64,0x3a,0x8c,0xdc,0xbf,0xe5,0xc0,0xc9,0x75,0x98,0xa2,0xbd,0x25,0x55,0xd1,0xaa,
|
||||
0x8c,0xb0,0x8e,0x48,0x59,0x0d,0xbb,0x3d,0xa7,0xb0,0x8b,0x10,0x56,0x82,0x88,0x38,
|
||||
0xc5,0xf6,0x1e,0x63,0x93,0xba,0x7a,0x0a,0xbc,0xc9,0xf6,0x62,0x89,0x80,0x15,0xad},
|
||||
T19[]= {0x5f,0xea,0x79,0x3a,0x2d,0x6f,0x97,0x4d,0x37,0xe6,0x8e,0x0c,0xb8,0xff,0x94,0x92};
|
||||
|
||||
/* Test Case 20 */
|
||||
#define K20 K1
|
||||
#define A20 A1
|
||||
static const u8 IV20[64]={0xff,0xff,0xff,0xff}, /* this results in 0xff in counter LSB */
|
||||
P20[288],
|
||||
C20[]= {0x56,0xb3,0x37,0x3c,0xa9,0xef,0x6e,0x4a,0x2b,0x64,0xfe,0x1e,0x9a,0x17,0xb6,0x14,
|
||||
0x25,0xf1,0x0d,0x47,0xa7,0x5a,0x5f,0xce,0x13,0xef,0xc6,0xbc,0x78,0x4a,0xf2,0x4f,
|
||||
0x41,0x41,0xbd,0xd4,0x8c,0xf7,0xc7,0x70,0x88,0x7a,0xfd,0x57,0x3c,0xca,0x54,0x18,
|
||||
0xa9,0xae,0xff,0xcd,0x7c,0x5c,0xed,0xdf,0xc6,0xa7,0x83,0x97,0xb9,0xa8,0x5b,0x49,
|
||||
0x9d,0xa5,0x58,0x25,0x72,0x67,0xca,0xab,0x2a,0xd0,0xb2,0x3c,0xa4,0x76,0xa5,0x3c,
|
||||
0xb1,0x7f,0xb4,0x1c,0x4b,0x8b,0x47,0x5c,0xb4,0xf3,0xf7,0x16,0x50,0x94,0xc2,0x29,
|
||||
0xc9,0xe8,0xc4,0xdc,0x0a,0x2a,0x5f,0xf1,0x90,0x3e,0x50,0x15,0x11,0x22,0x13,0x76,
|
||||
0xa1,0xcd,0xb8,0x36,0x4c,0x50,0x61,0xa2,0x0c,0xae,0x74,0xbc,0x4a,0xcd,0x76,0xce,
|
||||
0xb0,0xab,0xc9,0xfd,0x32,0x17,0xef,0x9f,0x8c,0x90,0xbe,0x40,0x2d,0xdf,0x6d,0x86,
|
||||
0x97,0xf4,0xf8,0x80,0xdf,0xf1,0x5b,0xfb,0x7a,0x6b,0x28,0x24,0x1e,0xc8,0xfe,0x18,
|
||||
0x3c,0x2d,0x59,0xe3,0xf9,0xdf,0xff,0x65,0x3c,0x71,0x26,0xf0,0xac,0xb9,0xe6,0x42,
|
||||
0x11,0xf4,0x2b,0xae,0x12,0xaf,0x46,0x2b,0x10,0x70,0xbe,0xf1,0xab,0x5e,0x36,0x06,
|
||||
0x87,0x2c,0xa1,0x0d,0xee,0x15,0xb3,0x24,0x9b,0x1a,0x1b,0x95,0x8f,0x23,0x13,0x4c,
|
||||
0x4b,0xcc,0xb7,0xd0,0x32,0x00,0xbc,0xe4,0x20,0xa2,0xf8,0xeb,0x66,0xdc,0xf3,0x64,
|
||||
0x4d,0x14,0x23,0xc1,0xb5,0x69,0x90,0x03,0xc1,0x3e,0xce,0xf4,0xbf,0x38,0xa3,0xb6,
|
||||
0x0e,0xed,0xc3,0x40,0x33,0xba,0xc1,0x90,0x27,0x83,0xdc,0x6d,0x89,0xe2,0xe7,0x74,
|
||||
0x18,0x8a,0x43,0x9c,0x7e,0xbc,0xc0,0x67,0x2d,0xbd,0xa4,0xdd,0xcf,0xb2,0x79,0x46,
|
||||
0x13,0xb0,0xbe,0x41,0x31,0x5e,0xf7,0x78,0x70,0x8a,0x70,0xee,0x7d,0x75,0x16,0x5c},
|
||||
T20[]= {0x8b,0x30,0x7f,0x6b,0x33,0x28,0x6d,0x0a,0xb0,0x26,0xa9,0xed,0x3f,0xe1,0xe8,0x5f};
|
||||
|
||||
#define TEST_CASE(n) do { \
|
||||
u8 out[sizeof(P##n)]; \
|
||||
AES_set_encrypt_key(K##n,sizeof(K##n)*8,&key); \
|
||||
@ -1713,6 +1766,8 @@ int main()
|
||||
TEST_CASE(16);
|
||||
TEST_CASE(17);
|
||||
TEST_CASE(18);
|
||||
TEST_CASE(19);
|
||||
TEST_CASE(20);
|
||||
|
||||
#ifdef OPENSSL_CPUID_OBJ
|
||||
{
|
||||
@ -1743,11 +1798,16 @@ int main()
|
||||
ctr_t/(double)sizeof(buf),
|
||||
(gcm_t-ctr_t)/(double)sizeof(buf));
|
||||
#ifdef GHASH
|
||||
GHASH(&ctx,buf.c,sizeof(buf));
|
||||
{
|
||||
void (*gcm_ghash_p)(u64 Xi[2],const u128 Htable[16],
|
||||
const u8 *inp,size_t len) = ctx.ghash;
|
||||
|
||||
GHASH((&ctx),buf.c,sizeof(buf));
|
||||
start = OPENSSL_rdtsc();
|
||||
for (i=0;i<100;++i) GHASH(&ctx,buf.c,sizeof(buf));
|
||||
for (i=0;i<100;++i) GHASH((&ctx),buf.c,sizeof(buf));
|
||||
gcm_t = OPENSSL_rdtsc() - start;
|
||||
printf("%.2f\n",gcm_t/(double)sizeof(buf)/(double)i);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
|
@ -29,10 +29,7 @@ typedef unsigned char u8;
|
||||
#if defined(__i386) || defined(__i386__) || \
|
||||
defined(__x86_64) || defined(__x86_64__) || \
|
||||
defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64) || \
|
||||
defined(__s390__) || defined(__s390x__) || \
|
||||
( (defined(__arm__) || defined(__arm)) && \
|
||||
(defined(__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__) || \
|
||||
defined(__ARM_ARCH_7R__) || defined(__ARM_ARCH_7M__)) )
|
||||
defined(__s390__) || defined(__s390x__)
|
||||
# undef STRICT_ALIGNMENT
|
||||
#endif
|
||||
|
||||
@ -101,8 +98,8 @@ typedef struct { u64 hi,lo; } u128;
|
||||
|
||||
struct gcm128_context {
|
||||
/* Following 6 names follow names in GCM specification */
|
||||
union { u64 u[2]; u32 d[4]; u8 c[16]; } Yi,EKi,EK0,len,
|
||||
Xi,H;
|
||||
union { u64 u[2]; u32 d[4]; u8 c[16]; size_t t[16/sizeof(size_t)]; }
|
||||
Yi,EKi,EK0,len,Xi,H;
|
||||
/* Relative position of Xi, H and pre-computed Htable is used
|
||||
* in some assembler modules, i.e. don't change the order! */
|
||||
#if TABLE_BITS==8
|
||||
|
@ -25,11 +25,11 @@
|
||||
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
|
||||
* major minor fix final patch/beta)
|
||||
*/
|
||||
#define OPENSSL_VERSION_NUMBER 0x1000105fL
|
||||
#define OPENSSL_VERSION_NUMBER 0x1000106fL
|
||||
#ifdef OPENSSL_FIPS
|
||||
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1e-fips 11 Feb 2013"
|
||||
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1f-fips 6 Jan 2014"
|
||||
#else
|
||||
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1e-freebsd 11 Feb 2013"
|
||||
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1f-freebsd 6 Jan 2014"
|
||||
#endif
|
||||
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
|
||||
|
||||
|
@ -97,33 +97,33 @@ OPENSSL_cleanse
|
||||
.PROC
|
||||
.CALLINFO NO_CALLS
|
||||
.ENTRY
|
||||
cmpib,*= 0,$len,Ldone
|
||||
cmpib,*= 0,$len,L\$done
|
||||
nop
|
||||
cmpib,*>>= 15,$len,Little
|
||||
cmpib,*>>= 15,$len,L\$ittle
|
||||
ldi $SIZE_T-1,%r1
|
||||
|
||||
Lalign
|
||||
L\$align
|
||||
and,*<> $inp,%r1,%r28
|
||||
b,n Laligned
|
||||
b,n L\$aligned
|
||||
stb %r0,0($inp)
|
||||
ldo -1($len),$len
|
||||
b Lalign
|
||||
b L\$align
|
||||
ldo 1($inp),$inp
|
||||
|
||||
Laligned
|
||||
L\$aligned
|
||||
andcm $len,%r1,%r28
|
||||
Lot
|
||||
L\$ot
|
||||
$ST %r0,0($inp)
|
||||
addib,*<> -$SIZE_T,%r28,Lot
|
||||
addib,*<> -$SIZE_T,%r28,L\$ot
|
||||
ldo $SIZE_T($inp),$inp
|
||||
|
||||
and,*<> $len,%r1,$len
|
||||
b,n Ldone
|
||||
Little
|
||||
b,n L\$done
|
||||
L\$ittle
|
||||
stb %r0,0($inp)
|
||||
addib,*<> -1,$len,Little
|
||||
addib,*<> -1,$len,L\$ittle
|
||||
ldo 1($inp),$inp
|
||||
Ldone
|
||||
L\$done
|
||||
bv ($rp)
|
||||
.EXIT
|
||||
nop
|
||||
@ -151,7 +151,7 @@ OPENSSL_instrument_bus
|
||||
ldw 0($out),$tick
|
||||
add $diff,$tick,$tick
|
||||
stw $tick,0($out)
|
||||
Loop
|
||||
L\$oop
|
||||
mfctl %cr16,$tick
|
||||
sub $tick,$lasttick,$diff
|
||||
copy $tick,$lasttick
|
||||
@ -161,7 +161,7 @@ Loop
|
||||
add $diff,$tick,$tick
|
||||
stw $tick,0($out)
|
||||
|
||||
addib,<> -1,$cnt,Loop
|
||||
addib,<> -1,$cnt,L\$oop
|
||||
addi 4,$out,$out
|
||||
|
||||
bv ($rp)
|
||||
@ -190,14 +190,14 @@ OPENSSL_instrument_bus2
|
||||
mfctl %cr16,$tick
|
||||
sub $tick,$lasttick,$diff
|
||||
copy $tick,$lasttick
|
||||
Loop2
|
||||
L\$oop2
|
||||
copy $diff,$lastdiff
|
||||
fdc 0($out)
|
||||
ldw 0($out),$tick
|
||||
add $diff,$tick,$tick
|
||||
stw $tick,0($out)
|
||||
|
||||
addib,= -1,$max,Ldone2
|
||||
addib,= -1,$max,L\$done2
|
||||
nop
|
||||
|
||||
mfctl %cr16,$tick
|
||||
@ -208,17 +208,18 @@ Loop2
|
||||
|
||||
ldi 1,%r1
|
||||
xor %r1,$tick,$tick
|
||||
addb,<> $tick,$cnt,Loop2
|
||||
addb,<> $tick,$cnt,L\$oop2
|
||||
shladd,l $tick,2,$out,$out
|
||||
Ldone2
|
||||
L\$done2
|
||||
bv ($rp)
|
||||
.EXIT
|
||||
add $rv,$cnt,$rv
|
||||
.PROCEND
|
||||
___
|
||||
}
|
||||
$code =~ s/cmpib,\*/comib,/gm if ($SIZE_T==4);
|
||||
$code =~ s/,\*/,/gm if ($SIZE_T==4);
|
||||
$code =~ s/cmpib,\*/comib,/gm if ($SIZE_T==4);
|
||||
$code =~ s/,\*/,/gm if ($SIZE_T==4);
|
||||
$code =~ s/\bbv\b/bve/gm if ($SIZE_T==8);
|
||||
print $code;
|
||||
close STDOUT;
|
||||
|
||||
|
@ -167,6 +167,7 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pe
|
||||
#ifndef OPENSSL_NO_RSA
|
||||
if (strcmp(name,PEM_STRING_RSA) == 0)
|
||||
{
|
||||
d2i=(D2I_OF(void))d2i_RSAPrivateKey;
|
||||
if (xi->x_pkey != NULL)
|
||||
{
|
||||
if (!sk_X509_INFO_push(ret,xi)) goto err;
|
||||
|
@ -90,7 +90,14 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
|
||||
|
||||
/* Set defaults */
|
||||
if (!nid_cert)
|
||||
{
|
||||
#ifdef OPENSSL_FIPS
|
||||
if (FIPS_mode())
|
||||
nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
|
||||
else
|
||||
#endif
|
||||
nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC;
|
||||
}
|
||||
if (!nid_key)
|
||||
nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
|
||||
if (!iter)
|
||||
|
@ -380,8 +380,11 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo)
|
||||
* are fed into the hash function and the results are kept in the
|
||||
* global 'md'.
|
||||
*/
|
||||
|
||||
CRYPTO_w_lock(CRYPTO_LOCK_RAND);
|
||||
#ifdef OPENSSL_FIPS
|
||||
/* NB: in FIPS mode we are already under a lock */
|
||||
if (!FIPS_mode())
|
||||
#endif
|
||||
CRYPTO_w_lock(CRYPTO_LOCK_RAND);
|
||||
|
||||
/* prevent ssleay_rand_bytes() from trying to obtain the lock again */
|
||||
CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
|
||||
@ -460,7 +463,10 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo)
|
||||
|
||||
/* before unlocking, we must clear 'crypto_lock_rand' */
|
||||
crypto_lock_rand = 0;
|
||||
CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
|
||||
#ifdef OPENSSL_FIPS
|
||||
if (!FIPS_mode())
|
||||
#endif
|
||||
CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
|
||||
|
||||
while (num > 0)
|
||||
{
|
||||
@ -512,10 +518,16 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo)
|
||||
MD_Init(&m);
|
||||
MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
|
||||
MD_Update(&m,local_md,MD_DIGEST_LENGTH);
|
||||
CRYPTO_w_lock(CRYPTO_LOCK_RAND);
|
||||
#ifdef OPENSSL_FIPS
|
||||
if (!FIPS_mode())
|
||||
#endif
|
||||
CRYPTO_w_lock(CRYPTO_LOCK_RAND);
|
||||
MD_Update(&m,md,MD_DIGEST_LENGTH);
|
||||
MD_Final(&m,md);
|
||||
CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
|
||||
#ifdef OPENSSL_FIPS
|
||||
if (!FIPS_mode())
|
||||
#endif
|
||||
CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
|
||||
|
||||
EVP_MD_CTX_cleanup(&m);
|
||||
if (ok)
|
||||
|
@ -138,6 +138,7 @@ void ERR_load_RAND_strings(void);
|
||||
#define RAND_F_SSLEAY_RAND_BYTES 100
|
||||
|
||||
/* Reason codes. */
|
||||
#define RAND_R_DUAL_EC_DRBG_DISABLED 104
|
||||
#define RAND_R_ERROR_INITIALISING_DRBG 102
|
||||
#define RAND_R_ERROR_INSTANTIATING_DRBG 103
|
||||
#define RAND_R_NO_FIPS_RANDOM_METHOD_SET 101
|
||||
|
@ -78,6 +78,7 @@ static ERR_STRING_DATA RAND_str_functs[]=
|
||||
|
||||
static ERR_STRING_DATA RAND_str_reasons[]=
|
||||
{
|
||||
{ERR_REASON(RAND_R_DUAL_EC_DRBG_DISABLED),"dual ec drbg disabled"},
|
||||
{ERR_REASON(RAND_R_ERROR_INITIALISING_DRBG),"error initialising drbg"},
|
||||
{ERR_REASON(RAND_R_ERROR_INSTANTIATING_DRBG),"error instantiating drbg"},
|
||||
{ERR_REASON(RAND_R_NO_FIPS_RANDOM_METHOD_SET),"no fips random method set"},
|
||||
|
@ -269,6 +269,14 @@ int RAND_init_fips(void)
|
||||
DRBG_CTX *dctx;
|
||||
size_t plen;
|
||||
unsigned char pers[32], *p;
|
||||
#ifndef OPENSSL_ALLOW_DUAL_EC_DRBG
|
||||
if (fips_drbg_type >> 16)
|
||||
{
|
||||
RANDerr(RAND_F_RAND_INIT_FIPS, RAND_R_DUAL_EC_DRBG_DISABLED);
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
dctx = FIPS_get_default_drbg();
|
||||
if (FIPS_drbg_init(dctx, fips_drbg_type, fips_drbg_flags) <= 0)
|
||||
{
|
||||
|
@ -307,7 +307,8 @@ L\$opts
|
||||
.STRINGZ "RC4 for PA-RISC, CRYPTOGAMS by <appro\@openssl.org>"
|
||||
___
|
||||
$code =~ s/\`([^\`]*)\`/eval $1/gem;
|
||||
$code =~ s/cmpib,\*/comib,/gm if ($SIZE_T==4);
|
||||
$code =~ s/cmpib,\*/comib,/gm if ($SIZE_T==4);
|
||||
$code =~ s/\bbv\b/bve/gm if ($SIZE_T==8);
|
||||
|
||||
print $code;
|
||||
close STDOUT;
|
||||
|
@ -351,27 +351,27 @@ static int rsa_pss_param_print(BIO *bp, RSA_PSS_PARAMS *pss,
|
||||
|
||||
if (!BIO_indent(bp, indent, 128))
|
||||
goto err;
|
||||
if (BIO_puts(bp, "Salt Length: ") <= 0)
|
||||
if (BIO_puts(bp, "Salt Length: 0x") <= 0)
|
||||
goto err;
|
||||
if (pss->saltLength)
|
||||
{
|
||||
if (i2a_ASN1_INTEGER(bp, pss->saltLength) <= 0)
|
||||
goto err;
|
||||
}
|
||||
else if (BIO_puts(bp, "20 (default)") <= 0)
|
||||
else if (BIO_puts(bp, "0x14 (default)") <= 0)
|
||||
goto err;
|
||||
BIO_puts(bp, "\n");
|
||||
|
||||
if (!BIO_indent(bp, indent, 128))
|
||||
goto err;
|
||||
if (BIO_puts(bp, "Trailer Field: ") <= 0)
|
||||
if (BIO_puts(bp, "Trailer Field: 0x") <= 0)
|
||||
goto err;
|
||||
if (pss->trailerField)
|
||||
{
|
||||
if (i2a_ASN1_INTEGER(bp, pss->trailerField) <= 0)
|
||||
goto err;
|
||||
}
|
||||
else if (BIO_puts(bp, "0xbc (default)") <= 0)
|
||||
else if (BIO_puts(bp, "BC (default)") <= 0)
|
||||
goto err;
|
||||
BIO_puts(bp, "\n");
|
||||
|
||||
|
@ -59,6 +59,12 @@ int RSA_check_key(const RSA *key)
|
||||
BN_CTX *ctx;
|
||||
int r;
|
||||
int ret=1;
|
||||
|
||||
if (!key->p || !key->q || !key->n || !key->e || !key->d)
|
||||
{
|
||||
RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_VALUE_MISSING);
|
||||
return 0;
|
||||
}
|
||||
|
||||
i = BN_new();
|
||||
j = BN_new();
|
||||
|
@ -611,6 +611,8 @@ static int pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx,
|
||||
pm = RSA_NO_PADDING;
|
||||
else if (!strcmp(value, "oeap"))
|
||||
pm = RSA_PKCS1_OAEP_PADDING;
|
||||
else if (!strcmp(value, "oaep"))
|
||||
pm = RSA_PKCS1_OAEP_PADDING;
|
||||
else if (!strcmp(value, "x931"))
|
||||
pm = RSA_X931_PADDING;
|
||||
else if (!strcmp(value, "pss"))
|
||||
|
@ -60,7 +60,9 @@ sha256-armv4.S: asm/sha256-armv4.pl
|
||||
$(PERL) $< $(PERLASM_SCHEME) $@
|
||||
|
||||
sha1-alpha.s: asm/sha1-alpha.pl
|
||||
$(PERL) $< | $(CC) -E - | tee $@ > /dev/null
|
||||
(preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
|
||||
$(PERL) asm/sha1-alpha.pl > $$preproc && \
|
||||
$(CC) -E $$preproc > $@ && rm $$preproc)
|
||||
|
||||
# Solaris make has to be explicitly told
|
||||
sha1-x86_64.s: asm/sha1-x86_64.pl; $(PERL) asm/sha1-x86_64.pl $(PERLASM_SCHEME) > $@
|
||||
|
@ -254,6 +254,7 @@ $code.=<<___;
|
||||
___
|
||||
|
||||
$code =~ s/\`([^\`]*)\`/eval $1/gem;
|
||||
$code =~ s/,\*/,/gm if ($SIZE_T==4);
|
||||
$code =~ s/,\*/,/gm if ($SIZE_T==4);
|
||||
$code =~ s/\bbv\b/bve/gm if ($SIZE_T==8);
|
||||
print $code;
|
||||
close STDOUT;
|
||||
|
@ -745,7 +745,7 @@ $code.=<<___;
|
||||
mov %rdi,$ctx # reassigned argument
|
||||
mov %rsi,$inp # reassigned argument
|
||||
mov %rdx,$num # reassigned argument
|
||||
vzeroall
|
||||
vzeroupper
|
||||
|
||||
shl \$6,$num
|
||||
add $inp,$num
|
||||
@ -1038,7 +1038,7 @@ ___
|
||||
&Xtail_avx(\&body_20_39);
|
||||
|
||||
$code.=<<___;
|
||||
vzeroall
|
||||
vzeroupper
|
||||
|
||||
add 0($ctx),$A # update context
|
||||
add 4($ctx),@T[0]
|
||||
|
@ -351,7 +351,7 @@ $code.=<<___;
|
||||
$ST $G,6*$SZ($ctx)
|
||||
$ST $H,7*$SZ($ctx)
|
||||
|
||||
bnel $inp,@X[15],.Loop
|
||||
bne $inp,@X[15],.Loop
|
||||
$PTR_SUB $Ktbl,`($rounds-16)*$SZ` # rewind $Ktbl
|
||||
|
||||
$REG_L $ra,$FRAMESIZE-1*$SZREG($sp)
|
||||
|
@ -785,6 +785,8 @@ foreach (split("\n",$code)) {
|
||||
|
||||
s/cmpb,\*/comb,/ if ($SIZE_T==4);
|
||||
|
||||
s/\bbv\b/bve/ if ($SIZE_T==8);
|
||||
|
||||
print $_,"\n";
|
||||
}
|
||||
|
||||
|
@ -232,7 +232,14 @@ int SHA384_Update (SHA512_CTX *c, const void *data, size_t len)
|
||||
{ return SHA512_Update (c,data,len); }
|
||||
|
||||
void SHA512_Transform (SHA512_CTX *c, const unsigned char *data)
|
||||
{ sha512_block_data_order (c,data,1); }
|
||||
{
|
||||
#ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
|
||||
if ((size_t)data%sizeof(c->u.d[0]) != 0)
|
||||
memcpy(c->u.p,data,sizeof(c->u.p)),
|
||||
data = c->u.p;
|
||||
#endif
|
||||
sha512_block_data_order (c,data,1);
|
||||
}
|
||||
|
||||
unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md)
|
||||
{
|
||||
|
@ -1,22 +1,22 @@
|
||||
/* start of generated data */
|
||||
|
||||
static BN_ULONG bn_group_1024_value[] = {
|
||||
bn_pack4(9FC6,1D2F,C0EB,06E3),
|
||||
bn_pack4(FD51,38FE,8376,435B),
|
||||
bn_pack4(2FD4,CBF4,976E,AA9A),
|
||||
bn_pack4(68ED,BC3C,0572,6CC0),
|
||||
bn_pack4(C529,F566,660E,57EC),
|
||||
bn_pack4(8255,9B29,7BCF,1885),
|
||||
bn_pack4(CE8E,F4AD,69B1,5D49),
|
||||
bn_pack4(5DC7,D7B4,6154,D6B6),
|
||||
bn_pack4(8E49,5C1D,6089,DAD1),
|
||||
bn_pack4(E0D5,D8E2,50B9,8BE4),
|
||||
bn_pack4(383B,4813,D692,C6E0),
|
||||
bn_pack4(D674,DF74,96EA,81D3),
|
||||
bn_pack4(9EA2,314C,9C25,6576),
|
||||
bn_pack4(6072,6187,75FF,3C0B),
|
||||
bn_pack4(9C33,F80A,FA8F,C5E8),
|
||||
bn_pack4(EEAF,0AB9,ADB3,8DD6)
|
||||
bn_pack4(0x9FC6,0x1D2F,0xC0EB,0x06E3),
|
||||
bn_pack4(0xFD51,0x38FE,0x8376,0x435B),
|
||||
bn_pack4(0x2FD4,0xCBF4,0x976E,0xAA9A),
|
||||
bn_pack4(0x68ED,0xBC3C,0x0572,0x6CC0),
|
||||
bn_pack4(0xC529,0xF566,0x660E,0x57EC),
|
||||
bn_pack4(0x8255,0x9B29,0x7BCF,0x1885),
|
||||
bn_pack4(0xCE8E,0xF4AD,0x69B1,0x5D49),
|
||||
bn_pack4(0x5DC7,0xD7B4,0x6154,0xD6B6),
|
||||
bn_pack4(0x8E49,0x5C1D,0x6089,0xDAD1),
|
||||
bn_pack4(0xE0D5,0xD8E2,0x50B9,0x8BE4),
|
||||
bn_pack4(0x383B,0x4813,0xD692,0xC6E0),
|
||||
bn_pack4(0xD674,0xDF74,0x96EA,0x81D3),
|
||||
bn_pack4(0x9EA2,0x314C,0x9C25,0x6576),
|
||||
bn_pack4(0x6072,0x6187,0x75FF,0x3C0B),
|
||||
bn_pack4(0x9C33,0xF80A,0xFA8F,0xC5E8),
|
||||
bn_pack4(0xEEAF,0x0AB9,0xADB3,0x8DD6)
|
||||
};
|
||||
static BIGNUM bn_group_1024 = {
|
||||
bn_group_1024_value,
|
||||
@ -27,30 +27,30 @@ static BIGNUM bn_group_1024 = {
|
||||
};
|
||||
|
||||
static BN_ULONG bn_group_1536_value[] = {
|
||||
bn_pack4(CF76,E3FE,D135,F9BB),
|
||||
bn_pack4(1518,0F93,499A,234D),
|
||||
bn_pack4(8CE7,A28C,2442,C6F3),
|
||||
bn_pack4(5A02,1FFF,5E91,479E),
|
||||
bn_pack4(7F8A,2FE9,B8B5,292E),
|
||||
bn_pack4(837C,264A,E3A9,BEB8),
|
||||
bn_pack4(E442,734A,F7CC,B7AE),
|
||||
bn_pack4(6577,2E43,7D6C,7F8C),
|
||||
bn_pack4(DB2F,D53D,24B7,C486),
|
||||
bn_pack4(6EDF,0195,3934,9627),
|
||||
bn_pack4(158B,FD3E,2B9C,8CF5),
|
||||
bn_pack4(764E,3F4B,53DD,9DA1),
|
||||
bn_pack4(4754,8381,DBC5,B1FC),
|
||||
bn_pack4(9B60,9E0B,E3BA,B63D),
|
||||
bn_pack4(8134,B1C8,B979,8914),
|
||||
bn_pack4(DF02,8A7C,EC67,F0D0),
|
||||
bn_pack4(80B6,55BB,9A22,E8DC),
|
||||
bn_pack4(1558,903B,A0D0,F843),
|
||||
bn_pack4(51C6,A94B,E460,7A29),
|
||||
bn_pack4(5F4F,5F55,6E27,CBDE),
|
||||
bn_pack4(BEEE,A961,4B19,CC4D),
|
||||
bn_pack4(DBA5,1DF4,99AC,4C80),
|
||||
bn_pack4(B1F1,2A86,17A4,7BBB),
|
||||
bn_pack4(9DEF,3CAF,B939,277A)
|
||||
bn_pack4(0xCF76,0xE3FE,0xD135,0xF9BB),
|
||||
bn_pack4(0x1518,0x0F93,0x499A,0x234D),
|
||||
bn_pack4(0x8CE7,0xA28C,0x2442,0xC6F3),
|
||||
bn_pack4(0x5A02,0x1FFF,0x5E91,0x479E),
|
||||
bn_pack4(0x7F8A,0x2FE9,0xB8B5,0x292E),
|
||||
bn_pack4(0x837C,0x264A,0xE3A9,0xBEB8),
|
||||
bn_pack4(0xE442,0x734A,0xF7CC,0xB7AE),
|
||||
bn_pack4(0x6577,0x2E43,0x7D6C,0x7F8C),
|
||||
bn_pack4(0xDB2F,0xD53D,0x24B7,0xC486),
|
||||
bn_pack4(0x6EDF,0x0195,0x3934,0x9627),
|
||||
bn_pack4(0x158B,0xFD3E,0x2B9C,0x8CF5),
|
||||
bn_pack4(0x764E,0x3F4B,0x53DD,0x9DA1),
|
||||
bn_pack4(0x4754,0x8381,0xDBC5,0xB1FC),
|
||||
bn_pack4(0x9B60,0x9E0B,0xE3BA,0xB63D),
|
||||
bn_pack4(0x8134,0xB1C8,0xB979,0x8914),
|
||||
bn_pack4(0xDF02,0x8A7C,0xEC67,0xF0D0),
|
||||
bn_pack4(0x80B6,0x55BB,0x9A22,0xE8DC),
|
||||
bn_pack4(0x1558,0x903B,0xA0D0,0xF843),
|
||||
bn_pack4(0x51C6,0xA94B,0xE460,0x7A29),
|
||||
bn_pack4(0x5F4F,0x5F55,0x6E27,0xCBDE),
|
||||
bn_pack4(0xBEEE,0xA961,0x4B19,0xCC4D),
|
||||
bn_pack4(0xDBA5,0x1DF4,0x99AC,0x4C80),
|
||||
bn_pack4(0xB1F1,0x2A86,0x17A4,0x7BBB),
|
||||
bn_pack4(0x9DEF,0x3CAF,0xB939,0x277A)
|
||||
};
|
||||
static BIGNUM bn_group_1536 = {
|
||||
bn_group_1536_value,
|
||||
@ -61,38 +61,38 @@ static BIGNUM bn_group_1536 = {
|
||||
};
|
||||
|
||||
static BN_ULONG bn_group_2048_value[] = {
|
||||
bn_pack4(0FA7,111F,9E4A,FF73),
|
||||
bn_pack4(9B65,E372,FCD6,8EF2),
|
||||
bn_pack4(35DE,236D,525F,5475),
|
||||
bn_pack4(94B5,C803,D89F,7AE4),
|
||||
bn_pack4(71AE,35F8,E9DB,FBB6),
|
||||
bn_pack4(2A56,98F3,A8D0,C382),
|
||||
bn_pack4(9CCC,041C,7BC3,08D8),
|
||||
bn_pack4(AF87,4E73,03CE,5329),
|
||||
bn_pack4(6160,2790,04E5,7AE6),
|
||||
bn_pack4(032C,FBDB,F52F,B378),
|
||||
bn_pack4(5EA7,7A27,75D2,ECFA),
|
||||
bn_pack4(5445,23B5,24B0,D57D),
|
||||
bn_pack4(5B9D,32E6,88F8,7748),
|
||||
bn_pack4(F1D2,B907,8717,461A),
|
||||
bn_pack4(76BD,207A,436C,6481),
|
||||
bn_pack4(CA97,B43A,23FB,8016),
|
||||
bn_pack4(1D28,1E44,6B14,773B),
|
||||
bn_pack4(7359,D041,D5C3,3EA7),
|
||||
bn_pack4(A80D,740A,DBF4,FF74),
|
||||
bn_pack4(55F9,7993,EC97,5EEA),
|
||||
bn_pack4(2918,A996,2F0B,93B8),
|
||||
bn_pack4(661A,05FB,D5FA,AAE8),
|
||||
bn_pack4(CF60,9517,9A16,3AB3),
|
||||
bn_pack4(E808,3969,EDB7,67B0),
|
||||
bn_pack4(CD7F,48A9,DA04,FD50),
|
||||
bn_pack4(D523,12AB,4B03,310D),
|
||||
bn_pack4(8193,E075,7767,A13D),
|
||||
bn_pack4(A373,29CB,B4A0,99ED),
|
||||
bn_pack4(FC31,9294,3DB5,6050),
|
||||
bn_pack4(AF72,B665,1987,EE07),
|
||||
bn_pack4(F166,DE5E,1389,582F),
|
||||
bn_pack4(AC6B,DB41,324A,9A9B)
|
||||
bn_pack4(0x0FA7,0x111F,0x9E4A,0xFF73),
|
||||
bn_pack4(0x9B65,0xE372,0xFCD6,0x8EF2),
|
||||
bn_pack4(0x35DE,0x236D,0x525F,0x5475),
|
||||
bn_pack4(0x94B5,0xC803,0xD89F,0x7AE4),
|
||||
bn_pack4(0x71AE,0x35F8,0xE9DB,0xFBB6),
|
||||
bn_pack4(0x2A56,0x98F3,0xA8D0,0xC382),
|
||||
bn_pack4(0x9CCC,0x041C,0x7BC3,0x08D8),
|
||||
bn_pack4(0xAF87,0x4E73,0x03CE,0x5329),
|
||||
bn_pack4(0x6160,0x2790,0x04E5,0x7AE6),
|
||||
bn_pack4(0x032C,0xFBDB,0xF52F,0xB378),
|
||||
bn_pack4(0x5EA7,0x7A27,0x75D2,0xECFA),
|
||||
bn_pack4(0x5445,0x23B5,0x24B0,0xD57D),
|
||||
bn_pack4(0x5B9D,0x32E6,0x88F8,0x7748),
|
||||
bn_pack4(0xF1D2,0xB907,0x8717,0x461A),
|
||||
bn_pack4(0x76BD,0x207A,0x436C,0x6481),
|
||||
bn_pack4(0xCA97,0xB43A,0x23FB,0x8016),
|
||||
bn_pack4(0x1D28,0x1E44,0x6B14,0x773B),
|
||||
bn_pack4(0x7359,0xD041,0xD5C3,0x3EA7),
|
||||
bn_pack4(0xA80D,0x740A,0xDBF4,0xFF74),
|
||||
bn_pack4(0x55F9,0x7993,0xEC97,0x5EEA),
|
||||
bn_pack4(0x2918,0xA996,0x2F0B,0x93B8),
|
||||
bn_pack4(0x661A,0x05FB,0xD5FA,0xAAE8),
|
||||
bn_pack4(0xCF60,0x9517,0x9A16,0x3AB3),
|
||||
bn_pack4(0xE808,0x3969,0xEDB7,0x67B0),
|
||||
bn_pack4(0xCD7F,0x48A9,0xDA04,0xFD50),
|
||||
bn_pack4(0xD523,0x12AB,0x4B03,0x310D),
|
||||
bn_pack4(0x8193,0xE075,0x7767,0xA13D),
|
||||
bn_pack4(0xA373,0x29CB,0xB4A0,0x99ED),
|
||||
bn_pack4(0xFC31,0x9294,0x3DB5,0x6050),
|
||||
bn_pack4(0xAF72,0xB665,0x1987,0xEE07),
|
||||
bn_pack4(0xF166,0xDE5E,0x1389,0x582F),
|
||||
bn_pack4(0xAC6B,0xDB41,0x324A,0x9A9B)
|
||||
};
|
||||
static BIGNUM bn_group_2048 = {
|
||||
bn_group_2048_value,
|
||||
@ -103,54 +103,54 @@ static BIGNUM bn_group_2048 = {
|
||||
};
|
||||
|
||||
static BN_ULONG bn_group_3072_value[] = {
|
||||
bn_pack4(FFFF,FFFF,FFFF,FFFF),
|
||||
bn_pack4(4B82,D120,A93A,D2CA),
|
||||
bn_pack4(43DB,5BFC,E0FD,108E),
|
||||
bn_pack4(08E2,4FA0,74E5,AB31),
|
||||
bn_pack4(7709,88C0,BAD9,46E2),
|
||||
bn_pack4(BBE1,1757,7A61,5D6C),
|
||||
bn_pack4(521F,2B18,177B,200C),
|
||||
bn_pack4(D876,0273,3EC8,6A64),
|
||||
bn_pack4(F12F,FA06,D98A,0864),
|
||||
bn_pack4(CEE3,D226,1AD2,EE6B),
|
||||
bn_pack4(1E8C,94E0,4A25,619D),
|
||||
bn_pack4(ABF5,AE8C,DB09,33D7),
|
||||
bn_pack4(B397,0F85,A6E1,E4C7),
|
||||
bn_pack4(8AEA,7157,5D06,0C7D),
|
||||
bn_pack4(ECFB,8504,58DB,EF0A),
|
||||
bn_pack4(A855,21AB,DF1C,BA64),
|
||||
bn_pack4(AD33,170D,0450,7A33),
|
||||
bn_pack4(1572,8E5A,8AAA,C42D),
|
||||
bn_pack4(15D2,2618,98FA,0510),
|
||||
bn_pack4(3995,497C,EA95,6AE5),
|
||||
bn_pack4(DE2B,CBF6,9558,1718),
|
||||
bn_pack4(B5C5,5DF0,6F4C,52C9),
|
||||
bn_pack4(9B27,83A2,EC07,A28F),
|
||||
bn_pack4(E39E,772C,180E,8603),
|
||||
bn_pack4(3290,5E46,2E36,CE3B),
|
||||
bn_pack4(F174,6C08,CA18,217C),
|
||||
bn_pack4(670C,354E,4ABC,9804),
|
||||
bn_pack4(9ED5,2907,7096,966D),
|
||||
bn_pack4(1C62,F356,2085,52BB),
|
||||
bn_pack4(8365,5D23,DCA3,AD96),
|
||||
bn_pack4(6916,3FA8,FD24,CF5F),
|
||||
bn_pack4(98DA,4836,1C55,D39A),
|
||||
bn_pack4(C200,7CB8,A163,BF05),
|
||||
bn_pack4(4928,6651,ECE4,5B3D),
|
||||
bn_pack4(AE9F,2411,7C4B,1FE6),
|
||||
bn_pack4(EE38,6BFB,5A89,9FA5),
|
||||
bn_pack4(0BFF,5CB6,F406,B7ED),
|
||||
bn_pack4(F44C,42E9,A637,ED6B),
|
||||
bn_pack4(E485,B576,625E,7EC6),
|
||||
bn_pack4(4FE1,356D,6D51,C245),
|
||||
bn_pack4(302B,0A6D,F25F,1437),
|
||||
bn_pack4(EF95,19B3,CD3A,431B),
|
||||
bn_pack4(514A,0879,8E34,04DD),
|
||||
bn_pack4(020B,BEA6,3B13,9B22),
|
||||
bn_pack4(2902,4E08,8A67,CC74),
|
||||
bn_pack4(C4C6,628B,80DC,1CD1),
|
||||
bn_pack4(C90F,DAA2,2168,C234),
|
||||
bn_pack4(FFFF,FFFF,FFFF,FFFF)
|
||||
bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF),
|
||||
bn_pack4(0x4B82,0xD120,0xA93A,0xD2CA),
|
||||
bn_pack4(0x43DB,0x5BFC,0xE0FD,0x108E),
|
||||
bn_pack4(0x08E2,0x4FA0,0x74E5,0xAB31),
|
||||
bn_pack4(0x7709,0x88C0,0xBAD9,0x46E2),
|
||||
bn_pack4(0xBBE1,0x1757,0x7A61,0x5D6C),
|
||||
bn_pack4(0x521F,0x2B18,0x177B,0x200C),
|
||||
bn_pack4(0xD876,0x0273,0x3EC8,0x6A64),
|
||||
bn_pack4(0xF12F,0xFA06,0xD98A,0x0864),
|
||||
bn_pack4(0xCEE3,0xD226,0x1AD2,0xEE6B),
|
||||
bn_pack4(0x1E8C,0x94E0,0x4A25,0x619D),
|
||||
bn_pack4(0xABF5,0xAE8C,0xDB09,0x33D7),
|
||||
bn_pack4(0xB397,0x0F85,0xA6E1,0xE4C7),
|
||||
bn_pack4(0x8AEA,0x7157,0x5D06,0x0C7D),
|
||||
bn_pack4(0xECFB,0x8504,0x58DB,0xEF0A),
|
||||
bn_pack4(0xA855,0x21AB,0xDF1C,0xBA64),
|
||||
bn_pack4(0xAD33,0x170D,0x0450,0x7A33),
|
||||
bn_pack4(0x1572,0x8E5A,0x8AAA,0xC42D),
|
||||
bn_pack4(0x15D2,0x2618,0x98FA,0x0510),
|
||||
bn_pack4(0x3995,0x497C,0xEA95,0x6AE5),
|
||||
bn_pack4(0xDE2B,0xCBF6,0x9558,0x1718),
|
||||
bn_pack4(0xB5C5,0x5DF0,0x6F4C,0x52C9),
|
||||
bn_pack4(0x9B27,0x83A2,0xEC07,0xA28F),
|
||||
bn_pack4(0xE39E,0x772C,0x180E,0x8603),
|
||||
bn_pack4(0x3290,0x5E46,0x2E36,0xCE3B),
|
||||
bn_pack4(0xF174,0x6C08,0xCA18,0x217C),
|
||||
bn_pack4(0x670C,0x354E,0x4ABC,0x9804),
|
||||
bn_pack4(0x9ED5,0x2907,0x7096,0x966D),
|
||||
bn_pack4(0x1C62,0xF356,0x2085,0x52BB),
|
||||
bn_pack4(0x8365,0x5D23,0xDCA3,0xAD96),
|
||||
bn_pack4(0x6916,0x3FA8,0xFD24,0xCF5F),
|
||||
bn_pack4(0x98DA,0x4836,0x1C55,0xD39A),
|
||||
bn_pack4(0xC200,0x7CB8,0xA163,0xBF05),
|
||||
bn_pack4(0x4928,0x6651,0xECE4,0x5B3D),
|
||||
bn_pack4(0xAE9F,0x2411,0x7C4B,0x1FE6),
|
||||
bn_pack4(0xEE38,0x6BFB,0x5A89,0x9FA5),
|
||||
bn_pack4(0x0BFF,0x5CB6,0xF406,0xB7ED),
|
||||
bn_pack4(0xF44C,0x42E9,0xA637,0xED6B),
|
||||
bn_pack4(0xE485,0xB576,0x625E,0x7EC6),
|
||||
bn_pack4(0x4FE1,0x356D,0x6D51,0xC245),
|
||||
bn_pack4(0x302B,0x0A6D,0xF25F,0x1437),
|
||||
bn_pack4(0xEF95,0x19B3,0xCD3A,0x431B),
|
||||
bn_pack4(0x514A,0x0879,0x8E34,0x04DD),
|
||||
bn_pack4(0x020B,0xBEA6,0x3B13,0x9B22),
|
||||
bn_pack4(0x2902,0x4E08,0x8A67,0xCC74),
|
||||
bn_pack4(0xC4C6,0x628B,0x80DC,0x1CD1),
|
||||
bn_pack4(0xC90F,0xDAA2,0x2168,0xC234),
|
||||
bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF)
|
||||
};
|
||||
static BIGNUM bn_group_3072 = {
|
||||
bn_group_3072_value,
|
||||
@ -161,70 +161,70 @@ static BIGNUM bn_group_3072 = {
|
||||
};
|
||||
|
||||
static BN_ULONG bn_group_4096_value[] = {
|
||||
bn_pack4(FFFF,FFFF,FFFF,FFFF),
|
||||
bn_pack4(4DF4,35C9,3406,3199),
|
||||
bn_pack4(86FF,B7DC,90A6,C08F),
|
||||
bn_pack4(93B4,EA98,8D8F,DDC1),
|
||||
bn_pack4(D006,9127,D5B0,5AA9),
|
||||
bn_pack4(B81B,DD76,2170,481C),
|
||||
bn_pack4(1F61,2970,CEE2,D7AF),
|
||||
bn_pack4(233B,A186,515B,E7ED),
|
||||
bn_pack4(99B2,964F,A090,C3A2),
|
||||
bn_pack4(287C,5947,4E6B,C05D),
|
||||
bn_pack4(2E8E,FC14,1FBE,CAA6),
|
||||
bn_pack4(DBBB,C2DB,04DE,8EF9),
|
||||
bn_pack4(2583,E9CA,2AD4,4CE8),
|
||||
bn_pack4(1A94,6834,B615,0BDA),
|
||||
bn_pack4(99C3,2718,6AF4,E23C),
|
||||
bn_pack4(8871,9A10,BDBA,5B26),
|
||||
bn_pack4(1A72,3C12,A787,E6D7),
|
||||
bn_pack4(4B82,D120,A921,0801),
|
||||
bn_pack4(43DB,5BFC,E0FD,108E),
|
||||
bn_pack4(08E2,4FA0,74E5,AB31),
|
||||
bn_pack4(7709,88C0,BAD9,46E2),
|
||||
bn_pack4(BBE1,1757,7A61,5D6C),
|
||||
bn_pack4(521F,2B18,177B,200C),
|
||||
bn_pack4(D876,0273,3EC8,6A64),
|
||||
bn_pack4(F12F,FA06,D98A,0864),
|
||||
bn_pack4(CEE3,D226,1AD2,EE6B),
|
||||
bn_pack4(1E8C,94E0,4A25,619D),
|
||||
bn_pack4(ABF5,AE8C,DB09,33D7),
|
||||
bn_pack4(B397,0F85,A6E1,E4C7),
|
||||
bn_pack4(8AEA,7157,5D06,0C7D),
|
||||
bn_pack4(ECFB,8504,58DB,EF0A),
|
||||
bn_pack4(A855,21AB,DF1C,BA64),
|
||||
bn_pack4(AD33,170D,0450,7A33),
|
||||
bn_pack4(1572,8E5A,8AAA,C42D),
|
||||
bn_pack4(15D2,2618,98FA,0510),
|
||||
bn_pack4(3995,497C,EA95,6AE5),
|
||||
bn_pack4(DE2B,CBF6,9558,1718),
|
||||
bn_pack4(B5C5,5DF0,6F4C,52C9),
|
||||
bn_pack4(9B27,83A2,EC07,A28F),
|
||||
bn_pack4(E39E,772C,180E,8603),
|
||||
bn_pack4(3290,5E46,2E36,CE3B),
|
||||
bn_pack4(F174,6C08,CA18,217C),
|
||||
bn_pack4(670C,354E,4ABC,9804),
|
||||
bn_pack4(9ED5,2907,7096,966D),
|
||||
bn_pack4(1C62,F356,2085,52BB),
|
||||
bn_pack4(8365,5D23,DCA3,AD96),
|
||||
bn_pack4(6916,3FA8,FD24,CF5F),
|
||||
bn_pack4(98DA,4836,1C55,D39A),
|
||||
bn_pack4(C200,7CB8,A163,BF05),
|
||||
bn_pack4(4928,6651,ECE4,5B3D),
|
||||
bn_pack4(AE9F,2411,7C4B,1FE6),
|
||||
bn_pack4(EE38,6BFB,5A89,9FA5),
|
||||
bn_pack4(0BFF,5CB6,F406,B7ED),
|
||||
bn_pack4(F44C,42E9,A637,ED6B),
|
||||
bn_pack4(E485,B576,625E,7EC6),
|
||||
bn_pack4(4FE1,356D,6D51,C245),
|
||||
bn_pack4(302B,0A6D,F25F,1437),
|
||||
bn_pack4(EF95,19B3,CD3A,431B),
|
||||
bn_pack4(514A,0879,8E34,04DD),
|
||||
bn_pack4(020B,BEA6,3B13,9B22),
|
||||
bn_pack4(2902,4E08,8A67,CC74),
|
||||
bn_pack4(C4C6,628B,80DC,1CD1),
|
||||
bn_pack4(C90F,DAA2,2168,C234),
|
||||
bn_pack4(FFFF,FFFF,FFFF,FFFF)
|
||||
bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF),
|
||||
bn_pack4(0x4DF4,0x35C9,0x3406,0x3199),
|
||||
bn_pack4(0x86FF,0xB7DC,0x90A6,0xC08F),
|
||||
bn_pack4(0x93B4,0xEA98,0x8D8F,0xDDC1),
|
||||
bn_pack4(0xD006,0x9127,0xD5B0,0x5AA9),
|
||||
bn_pack4(0xB81B,0xDD76,0x2170,0x481C),
|
||||
bn_pack4(0x1F61,0x2970,0xCEE2,0xD7AF),
|
||||
bn_pack4(0x233B,0xA186,0x515B,0xE7ED),
|
||||
bn_pack4(0x99B2,0x964F,0xA090,0xC3A2),
|
||||
bn_pack4(0x287C,0x5947,0x4E6B,0xC05D),
|
||||
bn_pack4(0x2E8E,0xFC14,0x1FBE,0xCAA6),
|
||||
bn_pack4(0xDBBB,0xC2DB,0x04DE,0x8EF9),
|
||||
bn_pack4(0x2583,0xE9CA,0x2AD4,0x4CE8),
|
||||
bn_pack4(0x1A94,0x6834,0xB615,0x0BDA),
|
||||
bn_pack4(0x99C3,0x2718,0x6AF4,0xE23C),
|
||||
bn_pack4(0x8871,0x9A10,0xBDBA,0x5B26),
|
||||
bn_pack4(0x1A72,0x3C12,0xA787,0xE6D7),
|
||||
bn_pack4(0x4B82,0xD120,0xA921,0x0801),
|
||||
bn_pack4(0x43DB,0x5BFC,0xE0FD,0x108E),
|
||||
bn_pack4(0x08E2,0x4FA0,0x74E5,0xAB31),
|
||||
bn_pack4(0x7709,0x88C0,0xBAD9,0x46E2),
|
||||
bn_pack4(0xBBE1,0x1757,0x7A61,0x5D6C),
|
||||
bn_pack4(0x521F,0x2B18,0x177B,0x200C),
|
||||
bn_pack4(0xD876,0x0273,0x3EC8,0x6A64),
|
||||
bn_pack4(0xF12F,0xFA06,0xD98A,0x0864),
|
||||
bn_pack4(0xCEE3,0xD226,0x1AD2,0xEE6B),
|
||||
bn_pack4(0x1E8C,0x94E0,0x4A25,0x619D),
|
||||
bn_pack4(0xABF5,0xAE8C,0xDB09,0x33D7),
|
||||
bn_pack4(0xB397,0x0F85,0xA6E1,0xE4C7),
|
||||
bn_pack4(0x8AEA,0x7157,0x5D06,0x0C7D),
|
||||
bn_pack4(0xECFB,0x8504,0x58DB,0xEF0A),
|
||||
bn_pack4(0xA855,0x21AB,0xDF1C,0xBA64),
|
||||
bn_pack4(0xAD33,0x170D,0x0450,0x7A33),
|
||||
bn_pack4(0x1572,0x8E5A,0x8AAA,0xC42D),
|
||||
bn_pack4(0x15D2,0x2618,0x98FA,0x0510),
|
||||
bn_pack4(0x3995,0x497C,0xEA95,0x6AE5),
|
||||
bn_pack4(0xDE2B,0xCBF6,0x9558,0x1718),
|
||||
bn_pack4(0xB5C5,0x5DF0,0x6F4C,0x52C9),
|
||||
bn_pack4(0x9B27,0x83A2,0xEC07,0xA28F),
|
||||
bn_pack4(0xE39E,0x772C,0x180E,0x8603),
|
||||
bn_pack4(0x3290,0x5E46,0x2E36,0xCE3B),
|
||||
bn_pack4(0xF174,0x6C08,0xCA18,0x217C),
|
||||
bn_pack4(0x670C,0x354E,0x4ABC,0x9804),
|
||||
bn_pack4(0x9ED5,0x2907,0x7096,0x966D),
|
||||
bn_pack4(0x1C62,0xF356,0x2085,0x52BB),
|
||||
bn_pack4(0x8365,0x5D23,0xDCA3,0xAD96),
|
||||
bn_pack4(0x6916,0x3FA8,0xFD24,0xCF5F),
|
||||
bn_pack4(0x98DA,0x4836,0x1C55,0xD39A),
|
||||
bn_pack4(0xC200,0x7CB8,0xA163,0xBF05),
|
||||
bn_pack4(0x4928,0x6651,0xECE4,0x5B3D),
|
||||
bn_pack4(0xAE9F,0x2411,0x7C4B,0x1FE6),
|
||||
bn_pack4(0xEE38,0x6BFB,0x5A89,0x9FA5),
|
||||
bn_pack4(0x0BFF,0x5CB6,0xF406,0xB7ED),
|
||||
bn_pack4(0xF44C,0x42E9,0xA637,0xED6B),
|
||||
bn_pack4(0xE485,0xB576,0x625E,0x7EC6),
|
||||
bn_pack4(0x4FE1,0x356D,0x6D51,0xC245),
|
||||
bn_pack4(0x302B,0x0A6D,0xF25F,0x1437),
|
||||
bn_pack4(0xEF95,0x19B3,0xCD3A,0x431B),
|
||||
bn_pack4(0x514A,0x0879,0x8E34,0x04DD),
|
||||
bn_pack4(0x020B,0xBEA6,0x3B13,0x9B22),
|
||||
bn_pack4(0x2902,0x4E08,0x8A67,0xCC74),
|
||||
bn_pack4(0xC4C6,0x628B,0x80DC,0x1CD1),
|
||||
bn_pack4(0xC90F,0xDAA2,0x2168,0xC234),
|
||||
bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF)
|
||||
};
|
||||
static BIGNUM bn_group_4096 = {
|
||||
bn_group_4096_value,
|
||||
@ -235,102 +235,102 @@ static BIGNUM bn_group_4096 = {
|
||||
};
|
||||
|
||||
static BN_ULONG bn_group_6144_value[] = {
|
||||
bn_pack4(FFFF,FFFF,FFFF,FFFF),
|
||||
bn_pack4(E694,F91E,6DCC,4024),
|
||||
bn_pack4(12BF,2D5B,0B74,74D6),
|
||||
bn_pack4(043E,8F66,3F48,60EE),
|
||||
bn_pack4(387F,E8D7,6E3C,0468),
|
||||
bn_pack4(DA56,C9EC,2EF2,9632),
|
||||
bn_pack4(EB19,CCB1,A313,D55C),
|
||||
bn_pack4(F550,AA3D,8A1F,BFF0),
|
||||
bn_pack4(06A1,D58B,B7C5,DA76),
|
||||
bn_pack4(A797,15EE,F29B,E328),
|
||||
bn_pack4(14CC,5ED2,0F80,37E0),
|
||||
bn_pack4(CC8F,6D7E,BF48,E1D8),
|
||||
bn_pack4(4BD4,07B2,2B41,54AA),
|
||||
bn_pack4(0F1D,45B7,FF58,5AC5),
|
||||
bn_pack4(23A9,7A7E,36CC,88BE),
|
||||
bn_pack4(59E7,C97F,BEC7,E8F3),
|
||||
bn_pack4(B5A8,4031,900B,1C9E),
|
||||
bn_pack4(D55E,702F,4698,0C82),
|
||||
bn_pack4(F482,D7CE,6E74,FEF6),
|
||||
bn_pack4(F032,EA15,D172,1D03),
|
||||
bn_pack4(5983,CA01,C64B,92EC),
|
||||
bn_pack4(6FB8,F401,378C,D2BF),
|
||||
bn_pack4(3320,5151,2BD7,AF42),
|
||||
bn_pack4(DB7F,1447,E6CC,254B),
|
||||
bn_pack4(44CE,6CBA,CED4,BB1B),
|
||||
bn_pack4(DA3E,DBEB,CF9B,14ED),
|
||||
bn_pack4(1797,27B0,865A,8918),
|
||||
bn_pack4(B06A,53ED,9027,D831),
|
||||
bn_pack4(E5DB,382F,4130,01AE),
|
||||
bn_pack4(F8FF,9406,AD9E,530E),
|
||||
bn_pack4(C975,1E76,3DBA,37BD),
|
||||
bn_pack4(C1D4,DCB2,6026,46DE),
|
||||
bn_pack4(36C3,FAB4,D27C,7026),
|
||||
bn_pack4(4DF4,35C9,3402,8492),
|
||||
bn_pack4(86FF,B7DC,90A6,C08F),
|
||||
bn_pack4(93B4,EA98,8D8F,DDC1),
|
||||
bn_pack4(D006,9127,D5B0,5AA9),
|
||||
bn_pack4(B81B,DD76,2170,481C),
|
||||
bn_pack4(1F61,2970,CEE2,D7AF),
|
||||
bn_pack4(233B,A186,515B,E7ED),
|
||||
bn_pack4(99B2,964F,A090,C3A2),
|
||||
bn_pack4(287C,5947,4E6B,C05D),
|
||||
bn_pack4(2E8E,FC14,1FBE,CAA6),
|
||||
bn_pack4(DBBB,C2DB,04DE,8EF9),
|
||||
bn_pack4(2583,E9CA,2AD4,4CE8),
|
||||
bn_pack4(1A94,6834,B615,0BDA),
|
||||
bn_pack4(99C3,2718,6AF4,E23C),
|
||||
bn_pack4(8871,9A10,BDBA,5B26),
|
||||
bn_pack4(1A72,3C12,A787,E6D7),
|
||||
bn_pack4(4B82,D120,A921,0801),
|
||||
bn_pack4(43DB,5BFC,E0FD,108E),
|
||||
bn_pack4(08E2,4FA0,74E5,AB31),
|
||||
bn_pack4(7709,88C0,BAD9,46E2),
|
||||
bn_pack4(BBE1,1757,7A61,5D6C),
|
||||
bn_pack4(521F,2B18,177B,200C),
|
||||
bn_pack4(D876,0273,3EC8,6A64),
|
||||
bn_pack4(F12F,FA06,D98A,0864),
|
||||
bn_pack4(CEE3,D226,1AD2,EE6B),
|
||||
bn_pack4(1E8C,94E0,4A25,619D),
|
||||
bn_pack4(ABF5,AE8C,DB09,33D7),
|
||||
bn_pack4(B397,0F85,A6E1,E4C7),
|
||||
bn_pack4(8AEA,7157,5D06,0C7D),
|
||||
bn_pack4(ECFB,8504,58DB,EF0A),
|
||||
bn_pack4(A855,21AB,DF1C,BA64),
|
||||
bn_pack4(AD33,170D,0450,7A33),
|
||||
bn_pack4(1572,8E5A,8AAA,C42D),
|
||||
bn_pack4(15D2,2618,98FA,0510),
|
||||
bn_pack4(3995,497C,EA95,6AE5),
|
||||
bn_pack4(DE2B,CBF6,9558,1718),
|
||||
bn_pack4(B5C5,5DF0,6F4C,52C9),
|
||||
bn_pack4(9B27,83A2,EC07,A28F),
|
||||
bn_pack4(E39E,772C,180E,8603),
|
||||
bn_pack4(3290,5E46,2E36,CE3B),
|
||||
bn_pack4(F174,6C08,CA18,217C),
|
||||
bn_pack4(670C,354E,4ABC,9804),
|
||||
bn_pack4(9ED5,2907,7096,966D),
|
||||
bn_pack4(1C62,F356,2085,52BB),
|
||||
bn_pack4(8365,5D23,DCA3,AD96),
|
||||
bn_pack4(6916,3FA8,FD24,CF5F),
|
||||
bn_pack4(98DA,4836,1C55,D39A),
|
||||
bn_pack4(C200,7CB8,A163,BF05),
|
||||
bn_pack4(4928,6651,ECE4,5B3D),
|
||||
bn_pack4(AE9F,2411,7C4B,1FE6),
|
||||
bn_pack4(EE38,6BFB,5A89,9FA5),
|
||||
bn_pack4(0BFF,5CB6,F406,B7ED),
|
||||
bn_pack4(F44C,42E9,A637,ED6B),
|
||||
bn_pack4(E485,B576,625E,7EC6),
|
||||
bn_pack4(4FE1,356D,6D51,C245),
|
||||
bn_pack4(302B,0A6D,F25F,1437),
|
||||
bn_pack4(EF95,19B3,CD3A,431B),
|
||||
bn_pack4(514A,0879,8E34,04DD),
|
||||
bn_pack4(020B,BEA6,3B13,9B22),
|
||||
bn_pack4(2902,4E08,8A67,CC74),
|
||||
bn_pack4(C4C6,628B,80DC,1CD1),
|
||||
bn_pack4(C90F,DAA2,2168,C234),
|
||||
bn_pack4(FFFF,FFFF,FFFF,FFFF)
|
||||
bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF),
|
||||
bn_pack4(0xE694,0xF91E,0x6DCC,0x4024),
|
||||
bn_pack4(0x12BF,0x2D5B,0x0B74,0x74D6),
|
||||
bn_pack4(0x043E,0x8F66,0x3F48,0x60EE),
|
||||
bn_pack4(0x387F,0xE8D7,0x6E3C,0x0468),
|
||||
bn_pack4(0xDA56,0xC9EC,0x2EF2,0x9632),
|
||||
bn_pack4(0xEB19,0xCCB1,0xA313,0xD55C),
|
||||
bn_pack4(0xF550,0xAA3D,0x8A1F,0xBFF0),
|
||||
bn_pack4(0x06A1,0xD58B,0xB7C5,0xDA76),
|
||||
bn_pack4(0xA797,0x15EE,0xF29B,0xE328),
|
||||
bn_pack4(0x14CC,0x5ED2,0x0F80,0x37E0),
|
||||
bn_pack4(0xCC8F,0x6D7E,0xBF48,0xE1D8),
|
||||
bn_pack4(0x4BD4,0x07B2,0x2B41,0x54AA),
|
||||
bn_pack4(0x0F1D,0x45B7,0xFF58,0x5AC5),
|
||||
bn_pack4(0x23A9,0x7A7E,0x36CC,0x88BE),
|
||||
bn_pack4(0x59E7,0xC97F,0xBEC7,0xE8F3),
|
||||
bn_pack4(0xB5A8,0x4031,0x900B,0x1C9E),
|
||||
bn_pack4(0xD55E,0x702F,0x4698,0x0C82),
|
||||
bn_pack4(0xF482,0xD7CE,0x6E74,0xFEF6),
|
||||
bn_pack4(0xF032,0xEA15,0xD172,0x1D03),
|
||||
bn_pack4(0x5983,0xCA01,0xC64B,0x92EC),
|
||||
bn_pack4(0x6FB8,0xF401,0x378C,0xD2BF),
|
||||
bn_pack4(0x3320,0x5151,0x2BD7,0xAF42),
|
||||
bn_pack4(0xDB7F,0x1447,0xE6CC,0x254B),
|
||||
bn_pack4(0x44CE,0x6CBA,0xCED4,0xBB1B),
|
||||
bn_pack4(0xDA3E,0xDBEB,0xCF9B,0x14ED),
|
||||
bn_pack4(0x1797,0x27B0,0x865A,0x8918),
|
||||
bn_pack4(0xB06A,0x53ED,0x9027,0xD831),
|
||||
bn_pack4(0xE5DB,0x382F,0x4130,0x01AE),
|
||||
bn_pack4(0xF8FF,0x9406,0xAD9E,0x530E),
|
||||
bn_pack4(0xC975,0x1E76,0x3DBA,0x37BD),
|
||||
bn_pack4(0xC1D4,0xDCB2,0x6026,0x46DE),
|
||||
bn_pack4(0x36C3,0xFAB4,0xD27C,0x7026),
|
||||
bn_pack4(0x4DF4,0x35C9,0x3402,0x8492),
|
||||
bn_pack4(0x86FF,0xB7DC,0x90A6,0xC08F),
|
||||
bn_pack4(0x93B4,0xEA98,0x8D8F,0xDDC1),
|
||||
bn_pack4(0xD006,0x9127,0xD5B0,0x5AA9),
|
||||
bn_pack4(0xB81B,0xDD76,0x2170,0x481C),
|
||||
bn_pack4(0x1F61,0x2970,0xCEE2,0xD7AF),
|
||||
bn_pack4(0x233B,0xA186,0x515B,0xE7ED),
|
||||
bn_pack4(0x99B2,0x964F,0xA090,0xC3A2),
|
||||
bn_pack4(0x287C,0x5947,0x4E6B,0xC05D),
|
||||
bn_pack4(0x2E8E,0xFC14,0x1FBE,0xCAA6),
|
||||
bn_pack4(0xDBBB,0xC2DB,0x04DE,0x8EF9),
|
||||
bn_pack4(0x2583,0xE9CA,0x2AD4,0x4CE8),
|
||||
bn_pack4(0x1A94,0x6834,0xB615,0x0BDA),
|
||||
bn_pack4(0x99C3,0x2718,0x6AF4,0xE23C),
|
||||
bn_pack4(0x8871,0x9A10,0xBDBA,0x5B26),
|
||||
bn_pack4(0x1A72,0x3C12,0xA787,0xE6D7),
|
||||
bn_pack4(0x4B82,0xD120,0xA921,0x0801),
|
||||
bn_pack4(0x43DB,0x5BFC,0xE0FD,0x108E),
|
||||
bn_pack4(0x08E2,0x4FA0,0x74E5,0xAB31),
|
||||
bn_pack4(0x7709,0x88C0,0xBAD9,0x46E2),
|
||||
bn_pack4(0xBBE1,0x1757,0x7A61,0x5D6C),
|
||||
bn_pack4(0x521F,0x2B18,0x177B,0x200C),
|
||||
bn_pack4(0xD876,0x0273,0x3EC8,0x6A64),
|
||||
bn_pack4(0xF12F,0xFA06,0xD98A,0x0864),
|
||||
bn_pack4(0xCEE3,0xD226,0x1AD2,0xEE6B),
|
||||
bn_pack4(0x1E8C,0x94E0,0x4A25,0x619D),
|
||||
bn_pack4(0xABF5,0xAE8C,0xDB09,0x33D7),
|
||||
bn_pack4(0xB397,0x0F85,0xA6E1,0xE4C7),
|
||||
bn_pack4(0x8AEA,0x7157,0x5D06,0x0C7D),
|
||||
bn_pack4(0xECFB,0x8504,0x58DB,0xEF0A),
|
||||
bn_pack4(0xA855,0x21AB,0xDF1C,0xBA64),
|
||||
bn_pack4(0xAD33,0x170D,0x0450,0x7A33),
|
||||
bn_pack4(0x1572,0x8E5A,0x8AAA,0xC42D),
|
||||
bn_pack4(0x15D2,0x2618,0x98FA,0x0510),
|
||||
bn_pack4(0x3995,0x497C,0xEA95,0x6AE5),
|
||||
bn_pack4(0xDE2B,0xCBF6,0x9558,0x1718),
|
||||
bn_pack4(0xB5C5,0x5DF0,0x6F4C,0x52C9),
|
||||
bn_pack4(0x9B27,0x83A2,0xEC07,0xA28F),
|
||||
bn_pack4(0xE39E,0x772C,0x180E,0x8603),
|
||||
bn_pack4(0x3290,0x5E46,0x2E36,0xCE3B),
|
||||
bn_pack4(0xF174,0x6C08,0xCA18,0x217C),
|
||||
bn_pack4(0x670C,0x354E,0x4ABC,0x9804),
|
||||
bn_pack4(0x9ED5,0x2907,0x7096,0x966D),
|
||||
bn_pack4(0x1C62,0xF356,0x2085,0x52BB),
|
||||
bn_pack4(0x8365,0x5D23,0xDCA3,0xAD96),
|
||||
bn_pack4(0x6916,0x3FA8,0xFD24,0xCF5F),
|
||||
bn_pack4(0x98DA,0x4836,0x1C55,0xD39A),
|
||||
bn_pack4(0xC200,0x7CB8,0xA163,0xBF05),
|
||||
bn_pack4(0x4928,0x6651,0xECE4,0x5B3D),
|
||||
bn_pack4(0xAE9F,0x2411,0x7C4B,0x1FE6),
|
||||
bn_pack4(0xEE38,0x6BFB,0x5A89,0x9FA5),
|
||||
bn_pack4(0x0BFF,0x5CB6,0xF406,0xB7ED),
|
||||
bn_pack4(0xF44C,0x42E9,0xA637,0xED6B),
|
||||
bn_pack4(0xE485,0xB576,0x625E,0x7EC6),
|
||||
bn_pack4(0x4FE1,0x356D,0x6D51,0xC245),
|
||||
bn_pack4(0x302B,0x0A6D,0xF25F,0x1437),
|
||||
bn_pack4(0xEF95,0x19B3,0xCD3A,0x431B),
|
||||
bn_pack4(0x514A,0x0879,0x8E34,0x04DD),
|
||||
bn_pack4(0x020B,0xBEA6,0x3B13,0x9B22),
|
||||
bn_pack4(0x2902,0x4E08,0x8A67,0xCC74),
|
||||
bn_pack4(0xC4C6,0x628B,0x80DC,0x1CD1),
|
||||
bn_pack4(0xC90F,0xDAA2,0x2168,0xC234),
|
||||
bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF)
|
||||
};
|
||||
static BIGNUM bn_group_6144 = {
|
||||
bn_group_6144_value,
|
||||
@ -341,134 +341,134 @@ static BIGNUM bn_group_6144 = {
|
||||
};
|
||||
|
||||
static BN_ULONG bn_group_8192_value[] = {
|
||||
bn_pack4(FFFF,FFFF,FFFF,FFFF),
|
||||
bn_pack4(60C9,80DD,98ED,D3DF),
|
||||
bn_pack4(C81F,56E8,80B9,6E71),
|
||||
bn_pack4(9E30,50E2,7656,94DF),
|
||||
bn_pack4(9558,E447,5677,E9AA),
|
||||
bn_pack4(C919,0DA6,FC02,6E47),
|
||||
bn_pack4(889A,002E,D5EE,382B),
|
||||
bn_pack4(4009,438B,481C,6CD7),
|
||||
bn_pack4(3590,46F4,EB87,9F92),
|
||||
bn_pack4(FAF3,6BC3,1ECF,A268),
|
||||
bn_pack4(B1D5,10BD,7EE7,4D73),
|
||||
bn_pack4(F9AB,4819,5DED,7EA1),
|
||||
bn_pack4(64F3,1CC5,0846,851D),
|
||||
bn_pack4(4597,E899,A025,5DC1),
|
||||
bn_pack4(DF31,0EE0,74AB,6A36),
|
||||
bn_pack4(6D2A,13F8,3F44,F82D),
|
||||
bn_pack4(062B,3CF5,B3A2,78A6),
|
||||
bn_pack4(7968,3303,ED5B,DD3A),
|
||||
bn_pack4(FA9D,4B7F,A2C0,87E8),
|
||||
bn_pack4(4BCB,C886,2F83,85DD),
|
||||
bn_pack4(3473,FC64,6CEA,306B),
|
||||
bn_pack4(13EB,57A8,1A23,F0C7),
|
||||
bn_pack4(2222,2E04,A403,7C07),
|
||||
bn_pack4(E3FD,B8BE,FC84,8AD9),
|
||||
bn_pack4(238F,16CB,E39D,652D),
|
||||
bn_pack4(3423,B474,2BF1,C978),
|
||||
bn_pack4(3AAB,639C,5AE4,F568),
|
||||
bn_pack4(2576,F693,6BA4,2466),
|
||||
bn_pack4(741F,A7BF,8AFC,47ED),
|
||||
bn_pack4(3BC8,32B6,8D9D,D300),
|
||||
bn_pack4(D8BE,C4D0,73B9,31BA),
|
||||
bn_pack4(3877,7CB6,A932,DF8C),
|
||||
bn_pack4(74A3,926F,12FE,E5E4),
|
||||
bn_pack4(E694,F91E,6DBE,1159),
|
||||
bn_pack4(12BF,2D5B,0B74,74D6),
|
||||
bn_pack4(043E,8F66,3F48,60EE),
|
||||
bn_pack4(387F,E8D7,6E3C,0468),
|
||||
bn_pack4(DA56,C9EC,2EF2,9632),
|
||||
bn_pack4(EB19,CCB1,A313,D55C),
|
||||
bn_pack4(F550,AA3D,8A1F,BFF0),
|
||||
bn_pack4(06A1,D58B,B7C5,DA76),
|
||||
bn_pack4(A797,15EE,F29B,E328),
|
||||
bn_pack4(14CC,5ED2,0F80,37E0),
|
||||
bn_pack4(CC8F,6D7E,BF48,E1D8),
|
||||
bn_pack4(4BD4,07B2,2B41,54AA),
|
||||
bn_pack4(0F1D,45B7,FF58,5AC5),
|
||||
bn_pack4(23A9,7A7E,36CC,88BE),
|
||||
bn_pack4(59E7,C97F,BEC7,E8F3),
|
||||
bn_pack4(B5A8,4031,900B,1C9E),
|
||||
bn_pack4(D55E,702F,4698,0C82),
|
||||
bn_pack4(F482,D7CE,6E74,FEF6),
|
||||
bn_pack4(F032,EA15,D172,1D03),
|
||||
bn_pack4(5983,CA01,C64B,92EC),
|
||||
bn_pack4(6FB8,F401,378C,D2BF),
|
||||
bn_pack4(3320,5151,2BD7,AF42),
|
||||
bn_pack4(DB7F,1447,E6CC,254B),
|
||||
bn_pack4(44CE,6CBA,CED4,BB1B),
|
||||
bn_pack4(DA3E,DBEB,CF9B,14ED),
|
||||
bn_pack4(1797,27B0,865A,8918),
|
||||
bn_pack4(B06A,53ED,9027,D831),
|
||||
bn_pack4(E5DB,382F,4130,01AE),
|
||||
bn_pack4(F8FF,9406,AD9E,530E),
|
||||
bn_pack4(C975,1E76,3DBA,37BD),
|
||||
bn_pack4(C1D4,DCB2,6026,46DE),
|
||||
bn_pack4(36C3,FAB4,D27C,7026),
|
||||
bn_pack4(4DF4,35C9,3402,8492),
|
||||
bn_pack4(86FF,B7DC,90A6,C08F),
|
||||
bn_pack4(93B4,EA98,8D8F,DDC1),
|
||||
bn_pack4(D006,9127,D5B0,5AA9),
|
||||
bn_pack4(B81B,DD76,2170,481C),
|
||||
bn_pack4(1F61,2970,CEE2,D7AF),
|
||||
bn_pack4(233B,A186,515B,E7ED),
|
||||
bn_pack4(99B2,964F,A090,C3A2),
|
||||
bn_pack4(287C,5947,4E6B,C05D),
|
||||
bn_pack4(2E8E,FC14,1FBE,CAA6),
|
||||
bn_pack4(DBBB,C2DB,04DE,8EF9),
|
||||
bn_pack4(2583,E9CA,2AD4,4CE8),
|
||||
bn_pack4(1A94,6834,B615,0BDA),
|
||||
bn_pack4(99C3,2718,6AF4,E23C),
|
||||
bn_pack4(8871,9A10,BDBA,5B26),
|
||||
bn_pack4(1A72,3C12,A787,E6D7),
|
||||
bn_pack4(4B82,D120,A921,0801),
|
||||
bn_pack4(43DB,5BFC,E0FD,108E),
|
||||
bn_pack4(08E2,4FA0,74E5,AB31),
|
||||
bn_pack4(7709,88C0,BAD9,46E2),
|
||||
bn_pack4(BBE1,1757,7A61,5D6C),
|
||||
bn_pack4(521F,2B18,177B,200C),
|
||||
bn_pack4(D876,0273,3EC8,6A64),
|
||||
bn_pack4(F12F,FA06,D98A,0864),
|
||||
bn_pack4(CEE3,D226,1AD2,EE6B),
|
||||
bn_pack4(1E8C,94E0,4A25,619D),
|
||||
bn_pack4(ABF5,AE8C,DB09,33D7),
|
||||
bn_pack4(B397,0F85,A6E1,E4C7),
|
||||
bn_pack4(8AEA,7157,5D06,0C7D),
|
||||
bn_pack4(ECFB,8504,58DB,EF0A),
|
||||
bn_pack4(A855,21AB,DF1C,BA64),
|
||||
bn_pack4(AD33,170D,0450,7A33),
|
||||
bn_pack4(1572,8E5A,8AAA,C42D),
|
||||
bn_pack4(15D2,2618,98FA,0510),
|
||||
bn_pack4(3995,497C,EA95,6AE5),
|
||||
bn_pack4(DE2B,CBF6,9558,1718),
|
||||
bn_pack4(B5C5,5DF0,6F4C,52C9),
|
||||
bn_pack4(9B27,83A2,EC07,A28F),
|
||||
bn_pack4(E39E,772C,180E,8603),
|
||||
bn_pack4(3290,5E46,2E36,CE3B),
|
||||
bn_pack4(F174,6C08,CA18,217C),
|
||||
bn_pack4(670C,354E,4ABC,9804),
|
||||
bn_pack4(9ED5,2907,7096,966D),
|
||||
bn_pack4(1C62,F356,2085,52BB),
|
||||
bn_pack4(8365,5D23,DCA3,AD96),
|
||||
bn_pack4(6916,3FA8,FD24,CF5F),
|
||||
bn_pack4(98DA,4836,1C55,D39A),
|
||||
bn_pack4(C200,7CB8,A163,BF05),
|
||||
bn_pack4(4928,6651,ECE4,5B3D),
|
||||
bn_pack4(AE9F,2411,7C4B,1FE6),
|
||||
bn_pack4(EE38,6BFB,5A89,9FA5),
|
||||
bn_pack4(0BFF,5CB6,F406,B7ED),
|
||||
bn_pack4(F44C,42E9,A637,ED6B),
|
||||
bn_pack4(E485,B576,625E,7EC6),
|
||||
bn_pack4(4FE1,356D,6D51,C245),
|
||||
bn_pack4(302B,0A6D,F25F,1437),
|
||||
bn_pack4(EF95,19B3,CD3A,431B),
|
||||
bn_pack4(514A,0879,8E34,04DD),
|
||||
bn_pack4(020B,BEA6,3B13,9B22),
|
||||
bn_pack4(2902,4E08,8A67,CC74),
|
||||
bn_pack4(C4C6,628B,80DC,1CD1),
|
||||
bn_pack4(C90F,DAA2,2168,C234),
|
||||
bn_pack4(FFFF,FFFF,FFFF,FFFF)
|
||||
bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF),
|
||||
bn_pack4(0x60C9,0x80DD,0x98ED,0xD3DF),
|
||||
bn_pack4(0xC81F,0x56E8,0x80B9,0x6E71),
|
||||
bn_pack4(0x9E30,0x50E2,0x7656,0x94DF),
|
||||
bn_pack4(0x9558,0xE447,0x5677,0xE9AA),
|
||||
bn_pack4(0xC919,0x0DA6,0xFC02,0x6E47),
|
||||
bn_pack4(0x889A,0x002E,0xD5EE,0x382B),
|
||||
bn_pack4(0x4009,0x438B,0x481C,0x6CD7),
|
||||
bn_pack4(0x3590,0x46F4,0xEB87,0x9F92),
|
||||
bn_pack4(0xFAF3,0x6BC3,0x1ECF,0xA268),
|
||||
bn_pack4(0xB1D5,0x10BD,0x7EE7,0x4D73),
|
||||
bn_pack4(0xF9AB,0x4819,0x5DED,0x7EA1),
|
||||
bn_pack4(0x64F3,0x1CC5,0x0846,0x851D),
|
||||
bn_pack4(0x4597,0xE899,0xA025,0x5DC1),
|
||||
bn_pack4(0xDF31,0x0EE0,0x74AB,0x6A36),
|
||||
bn_pack4(0x6D2A,0x13F8,0x3F44,0xF82D),
|
||||
bn_pack4(0x062B,0x3CF5,0xB3A2,0x78A6),
|
||||
bn_pack4(0x7968,0x3303,0xED5B,0xDD3A),
|
||||
bn_pack4(0xFA9D,0x4B7F,0xA2C0,0x87E8),
|
||||
bn_pack4(0x4BCB,0xC886,0x2F83,0x85DD),
|
||||
bn_pack4(0x3473,0xFC64,0x6CEA,0x306B),
|
||||
bn_pack4(0x13EB,0x57A8,0x1A23,0xF0C7),
|
||||
bn_pack4(0x2222,0x2E04,0xA403,0x7C07),
|
||||
bn_pack4(0xE3FD,0xB8BE,0xFC84,0x8AD9),
|
||||
bn_pack4(0x238F,0x16CB,0xE39D,0x652D),
|
||||
bn_pack4(0x3423,0xB474,0x2BF1,0xC978),
|
||||
bn_pack4(0x3AAB,0x639C,0x5AE4,0xF568),
|
||||
bn_pack4(0x2576,0xF693,0x6BA4,0x2466),
|
||||
bn_pack4(0x741F,0xA7BF,0x8AFC,0x47ED),
|
||||
bn_pack4(0x3BC8,0x32B6,0x8D9D,0xD300),
|
||||
bn_pack4(0xD8BE,0xC4D0,0x73B9,0x31BA),
|
||||
bn_pack4(0x3877,0x7CB6,0xA932,0xDF8C),
|
||||
bn_pack4(0x74A3,0x926F,0x12FE,0xE5E4),
|
||||
bn_pack4(0xE694,0xF91E,0x6DBE,0x1159),
|
||||
bn_pack4(0x12BF,0x2D5B,0x0B74,0x74D6),
|
||||
bn_pack4(0x043E,0x8F66,0x3F48,0x60EE),
|
||||
bn_pack4(0x387F,0xE8D7,0x6E3C,0x0468),
|
||||
bn_pack4(0xDA56,0xC9EC,0x2EF2,0x9632),
|
||||
bn_pack4(0xEB19,0xCCB1,0xA313,0xD55C),
|
||||
bn_pack4(0xF550,0xAA3D,0x8A1F,0xBFF0),
|
||||
bn_pack4(0x06A1,0xD58B,0xB7C5,0xDA76),
|
||||
bn_pack4(0xA797,0x15EE,0xF29B,0xE328),
|
||||
bn_pack4(0x14CC,0x5ED2,0x0F80,0x37E0),
|
||||
bn_pack4(0xCC8F,0x6D7E,0xBF48,0xE1D8),
|
||||
bn_pack4(0x4BD4,0x07B2,0x2B41,0x54AA),
|
||||
bn_pack4(0x0F1D,0x45B7,0xFF58,0x5AC5),
|
||||
bn_pack4(0x23A9,0x7A7E,0x36CC,0x88BE),
|
||||
bn_pack4(0x59E7,0xC97F,0xBEC7,0xE8F3),
|
||||
bn_pack4(0xB5A8,0x4031,0x900B,0x1C9E),
|
||||
bn_pack4(0xD55E,0x702F,0x4698,0x0C82),
|
||||
bn_pack4(0xF482,0xD7CE,0x6E74,0xFEF6),
|
||||
bn_pack4(0xF032,0xEA15,0xD172,0x1D03),
|
||||
bn_pack4(0x5983,0xCA01,0xC64B,0x92EC),
|
||||
bn_pack4(0x6FB8,0xF401,0x378C,0xD2BF),
|
||||
bn_pack4(0x3320,0x5151,0x2BD7,0xAF42),
|
||||
bn_pack4(0xDB7F,0x1447,0xE6CC,0x254B),
|
||||
bn_pack4(0x44CE,0x6CBA,0xCED4,0xBB1B),
|
||||
bn_pack4(0xDA3E,0xDBEB,0xCF9B,0x14ED),
|
||||
bn_pack4(0x1797,0x27B0,0x865A,0x8918),
|
||||
bn_pack4(0xB06A,0x53ED,0x9027,0xD831),
|
||||
bn_pack4(0xE5DB,0x382F,0x4130,0x01AE),
|
||||
bn_pack4(0xF8FF,0x9406,0xAD9E,0x530E),
|
||||
bn_pack4(0xC975,0x1E76,0x3DBA,0x37BD),
|
||||
bn_pack4(0xC1D4,0xDCB2,0x6026,0x46DE),
|
||||
bn_pack4(0x36C3,0xFAB4,0xD27C,0x7026),
|
||||
bn_pack4(0x4DF4,0x35C9,0x3402,0x8492),
|
||||
bn_pack4(0x86FF,0xB7DC,0x90A6,0xC08F),
|
||||
bn_pack4(0x93B4,0xEA98,0x8D8F,0xDDC1),
|
||||
bn_pack4(0xD006,0x9127,0xD5B0,0x5AA9),
|
||||
bn_pack4(0xB81B,0xDD76,0x2170,0x481C),
|
||||
bn_pack4(0x1F61,0x2970,0xCEE2,0xD7AF),
|
||||
bn_pack4(0x233B,0xA186,0x515B,0xE7ED),
|
||||
bn_pack4(0x99B2,0x964F,0xA090,0xC3A2),
|
||||
bn_pack4(0x287C,0x5947,0x4E6B,0xC05D),
|
||||
bn_pack4(0x2E8E,0xFC14,0x1FBE,0xCAA6),
|
||||
bn_pack4(0xDBBB,0xC2DB,0x04DE,0x8EF9),
|
||||
bn_pack4(0x2583,0xE9CA,0x2AD4,0x4CE8),
|
||||
bn_pack4(0x1A94,0x6834,0xB615,0x0BDA),
|
||||
bn_pack4(0x99C3,0x2718,0x6AF4,0xE23C),
|
||||
bn_pack4(0x8871,0x9A10,0xBDBA,0x5B26),
|
||||
bn_pack4(0x1A72,0x3C12,0xA787,0xE6D7),
|
||||
bn_pack4(0x4B82,0xD120,0xA921,0x0801),
|
||||
bn_pack4(0x43DB,0x5BFC,0xE0FD,0x108E),
|
||||
bn_pack4(0x08E2,0x4FA0,0x74E5,0xAB31),
|
||||
bn_pack4(0x7709,0x88C0,0xBAD9,0x46E2),
|
||||
bn_pack4(0xBBE1,0x1757,0x7A61,0x5D6C),
|
||||
bn_pack4(0x521F,0x2B18,0x177B,0x200C),
|
||||
bn_pack4(0xD876,0x0273,0x3EC8,0x6A64),
|
||||
bn_pack4(0xF12F,0xFA06,0xD98A,0x0864),
|
||||
bn_pack4(0xCEE3,0xD226,0x1AD2,0xEE6B),
|
||||
bn_pack4(0x1E8C,0x94E0,0x4A25,0x619D),
|
||||
bn_pack4(0xABF5,0xAE8C,0xDB09,0x33D7),
|
||||
bn_pack4(0xB397,0x0F85,0xA6E1,0xE4C7),
|
||||
bn_pack4(0x8AEA,0x7157,0x5D06,0x0C7D),
|
||||
bn_pack4(0xECFB,0x8504,0x58DB,0xEF0A),
|
||||
bn_pack4(0xA855,0x21AB,0xDF1C,0xBA64),
|
||||
bn_pack4(0xAD33,0x170D,0x0450,0x7A33),
|
||||
bn_pack4(0x1572,0x8E5A,0x8AAA,0xC42D),
|
||||
bn_pack4(0x15D2,0x2618,0x98FA,0x0510),
|
||||
bn_pack4(0x3995,0x497C,0xEA95,0x6AE5),
|
||||
bn_pack4(0xDE2B,0xCBF6,0x9558,0x1718),
|
||||
bn_pack4(0xB5C5,0x5DF0,0x6F4C,0x52C9),
|
||||
bn_pack4(0x9B27,0x83A2,0xEC07,0xA28F),
|
||||
bn_pack4(0xE39E,0x772C,0x180E,0x8603),
|
||||
bn_pack4(0x3290,0x5E46,0x2E36,0xCE3B),
|
||||
bn_pack4(0xF174,0x6C08,0xCA18,0x217C),
|
||||
bn_pack4(0x670C,0x354E,0x4ABC,0x9804),
|
||||
bn_pack4(0x9ED5,0x2907,0x7096,0x966D),
|
||||
bn_pack4(0x1C62,0xF356,0x2085,0x52BB),
|
||||
bn_pack4(0x8365,0x5D23,0xDCA3,0xAD96),
|
||||
bn_pack4(0x6916,0x3FA8,0xFD24,0xCF5F),
|
||||
bn_pack4(0x98DA,0x4836,0x1C55,0xD39A),
|
||||
bn_pack4(0xC200,0x7CB8,0xA163,0xBF05),
|
||||
bn_pack4(0x4928,0x6651,0xECE4,0x5B3D),
|
||||
bn_pack4(0xAE9F,0x2411,0x7C4B,0x1FE6),
|
||||
bn_pack4(0xEE38,0x6BFB,0x5A89,0x9FA5),
|
||||
bn_pack4(0x0BFF,0x5CB6,0xF406,0xB7ED),
|
||||
bn_pack4(0xF44C,0x42E9,0xA637,0xED6B),
|
||||
bn_pack4(0xE485,0xB576,0x625E,0x7EC6),
|
||||
bn_pack4(0x4FE1,0x356D,0x6D51,0xC245),
|
||||
bn_pack4(0x302B,0x0A6D,0xF25F,0x1437),
|
||||
bn_pack4(0xEF95,0x19B3,0xCD3A,0x431B),
|
||||
bn_pack4(0x514A,0x0879,0x8E34,0x04DD),
|
||||
bn_pack4(0x020B,0xBEA6,0x3B13,0x9B22),
|
||||
bn_pack4(0x2902,0x4E08,0x8A67,0xCC74),
|
||||
bn_pack4(0xC4C6,0x628B,0x80DC,0x1CD1),
|
||||
bn_pack4(0xC90F,0xDAA2,0x2168,0xC234),
|
||||
bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF)
|
||||
};
|
||||
static BIGNUM bn_group_8192 = {
|
||||
bn_group_8192_value,
|
||||
|
@ -63,13 +63,17 @@
|
||||
#include <openssl/evp.h>
|
||||
|
||||
#if (BN_BYTES == 8)
|
||||
#define bn_pack4(a1,a2,a3,a4) 0x##a1##a2##a3##a4##ul
|
||||
#endif
|
||||
#if (BN_BYTES == 4)
|
||||
#define bn_pack4(a1,a2,a3,a4) 0x##a3##a4##ul, 0x##a1##a2##ul
|
||||
#endif
|
||||
#if (BN_BYTES == 2)
|
||||
#define bn_pack4(a1,a2,a3,a4) 0x##a4##u,0x##a3##u,0x##a2##u,0x##a1##u
|
||||
# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
|
||||
# define bn_pack4(a1,a2,a3,a4) ((a1##UI64<<48)|(a2##UI64<<32)|(a3##UI64<<16)|a4##UI64)
|
||||
# elif defined(__arch64__)
|
||||
# define bn_pack4(a1,a2,a3,a4) ((a1##UL<<48)|(a2##UL<<32)|(a3##UL<<16)|a4##UL)
|
||||
# else
|
||||
# define bn_pack4(a1,a2,a3,a4) ((a1##ULL<<48)|(a2##ULL<<32)|(a3##ULL<<16)|a4##ULL)
|
||||
# endif
|
||||
#elif (BN_BYTES == 4)
|
||||
# define bn_pack4(a1,a2,a3,a4) ((a3##UL<<16)|a4##UL), ((a1##UL<<16)|a2##UL)
|
||||
#else
|
||||
# error "unsupported BN_BYTES"
|
||||
#endif
|
||||
|
||||
|
||||
|
@ -694,6 +694,7 @@ static int check_cert(X509_STORE_CTX *ctx)
|
||||
X509_CRL *crl = NULL, *dcrl = NULL;
|
||||
X509 *x;
|
||||
int ok, cnum;
|
||||
unsigned int last_reasons;
|
||||
cnum = ctx->error_depth;
|
||||
x = sk_X509_value(ctx->chain, cnum);
|
||||
ctx->current_cert = x;
|
||||
@ -702,6 +703,7 @@ static int check_cert(X509_STORE_CTX *ctx)
|
||||
ctx->current_reasons = 0;
|
||||
while (ctx->current_reasons != CRLDP_ALL_REASONS)
|
||||
{
|
||||
last_reasons = ctx->current_reasons;
|
||||
/* Try to retrieve relevant CRL */
|
||||
if (ctx->get_crl)
|
||||
ok = ctx->get_crl(ctx, &crl, x);
|
||||
@ -745,6 +747,15 @@ static int check_cert(X509_STORE_CTX *ctx)
|
||||
X509_CRL_free(dcrl);
|
||||
crl = NULL;
|
||||
dcrl = NULL;
|
||||
/* If reasons not updated we wont get anywhere by
|
||||
* another iteration, so exit loop.
|
||||
*/
|
||||
if (last_reasons == ctx->current_reasons)
|
||||
{
|
||||
ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
|
||||
ok = ctx->verify_cb(0, ctx);
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
err:
|
||||
X509_CRL_free(crl);
|
||||
|
@ -97,6 +97,7 @@ int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
|
||||
|
||||
int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx)
|
||||
{
|
||||
x->cert_info->enc.modified = 1;
|
||||
return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CINF),
|
||||
x->cert_info->signature,
|
||||
x->sig_alg, x->signature, x->cert_info, ctx);
|
||||
@ -123,6 +124,7 @@ int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md)
|
||||
|
||||
int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx)
|
||||
{
|
||||
x->crl->enc.modified = 1;
|
||||
return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CRL_INFO),
|
||||
x->crl->sig_alg, x->sig_alg, x->signature, x->crl, ctx);
|
||||
}
|
||||
|
@ -67,6 +67,7 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
|
||||
&inc ("esi"); # number of cores
|
||||
|
||||
&mov ("eax",1);
|
||||
&xor ("ecx","ecx");
|
||||
&cpuid ();
|
||||
&bt ("edx",28);
|
||||
&jnc (&label("generic"));
|
||||
@ -91,6 +92,7 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
|
||||
|
||||
&set_label("nocacheinfo");
|
||||
&mov ("eax",1);
|
||||
&xor ("ecx","ecx");
|
||||
&cpuid ();
|
||||
&and ("edx",0xbfefffff); # force reserved bits #20, #30 to 0
|
||||
&cmp ("ebp",0);
|
||||
|
@ -450,28 +450,28 @@ remains DER.
|
||||
|
||||
=over 4
|
||||
|
||||
=item 0
|
||||
=item Z<>0
|
||||
|
||||
the operation was completely successfully.
|
||||
|
||||
=item 1
|
||||
=item Z<>1
|
||||
|
||||
an error occurred parsing the command options.
|
||||
|
||||
=item 2
|
||||
=item Z<>2
|
||||
|
||||
one of the input files could not be read.
|
||||
|
||||
=item 3
|
||||
=item Z<>3
|
||||
|
||||
an error occurred creating the CMS file or when reading the MIME
|
||||
message.
|
||||
|
||||
=item 4
|
||||
=item Z<>4
|
||||
|
||||
an error occurred decrypting or verifying the message.
|
||||
|
||||
=item 5
|
||||
=item Z<>5
|
||||
|
||||
the message was verified correctly but an error occurred writing out
|
||||
the signers certificates.
|
||||
|
@ -24,6 +24,8 @@ B<openssl> B<rsa>
|
||||
[B<-check>]
|
||||
[B<-pubin>]
|
||||
[B<-pubout>]
|
||||
[B<-RSAPublicKey_in>]
|
||||
[B<-RSAPublicKey_out>]
|
||||
[B<-engine id>]
|
||||
|
||||
=head1 DESCRIPTION
|
||||
@ -118,6 +120,10 @@ by default a private key is output: with this option a public
|
||||
key will be output instead. This option is automatically set if
|
||||
the input is a public key.
|
||||
|
||||
=item B<-RSAPublicKey_in>, B<-RSAPublicKey_out>
|
||||
|
||||
like B<-pubin> and B<-pubout> except B<RSAPublicKey> format is used instead.
|
||||
|
||||
=item B<-engine id>
|
||||
|
||||
specifying an engine (by its unique B<id> string) will cause B<rsa>
|
||||
@ -139,6 +145,11 @@ The PEM public key format uses the header and footer lines:
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
-----END PUBLIC KEY-----
|
||||
|
||||
The PEM B<RSAPublicKey> format uses the header and footer lines:
|
||||
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
-----END RSA PUBLIC KEY-----
|
||||
|
||||
The B<NET> form is a format compatible with older Netscape servers
|
||||
and Microsoft IIS .key files, this uses unsalted RC4 for its encryption.
|
||||
It is not very secure and so should only be used when necessary.
|
||||
@ -173,6 +184,10 @@ To just output the public part of a private key:
|
||||
|
||||
openssl rsa -in key.pem -pubout -out pubkey.pem
|
||||
|
||||
Output the public part of a private key in B<RSAPublicKey> format:
|
||||
|
||||
openssl rsa -in key.pem -RSAPublicKey_out -out pubkey.pem
|
||||
|
||||
=head1 BUGS
|
||||
|
||||
The command line password arguments don't currently work with
|
||||
|
@ -308,28 +308,28 @@ remains DER.
|
||||
|
||||
=over 4
|
||||
|
||||
=item 0
|
||||
=item Z<>0
|
||||
|
||||
the operation was completely successfully.
|
||||
|
||||
=item 1
|
||||
=item Z<>1
|
||||
|
||||
an error occurred parsing the command options.
|
||||
|
||||
=item 2
|
||||
=item Z<>2
|
||||
|
||||
one of the input files could not be read.
|
||||
|
||||
=item 3
|
||||
=item Z<>3
|
||||
|
||||
an error occurred creating the PKCS#7 file or when reading the MIME
|
||||
message.
|
||||
|
||||
=item 4
|
||||
=item Z<>4
|
||||
|
||||
an error occurred decrypting or verifying the message.
|
||||
|
||||
=item 5
|
||||
=item Z<>5
|
||||
|
||||
the message was verified correctly but an error occurred writing out
|
||||
the signers certificates.
|
||||
|
@ -278,6 +278,8 @@ happen if extended CRL checking is enabled.
|
||||
an application specific error. This will never be returned unless explicitly
|
||||
set by an application.
|
||||
|
||||
=back
|
||||
|
||||
=head1 NOTES
|
||||
|
||||
The above functions should be used instead of directly referencing the fields
|
||||
|
@ -95,7 +95,7 @@ is ignored.
|
||||
|
||||
ECDSA_verify() verifies that the signature in B<sig> of size
|
||||
B<siglen> is a valid ECDSA signature of the hash value
|
||||
value B<dgst> of size B<dgstlen> using the public key B<eckey>.
|
||||
B<dgst> of size B<dgstlen> using the public key B<eckey>.
|
||||
The parameter B<type> is ignored.
|
||||
|
||||
ECDSA_do_sign() is wrapper function for ECDSA_do_sign_ex with B<kinv>
|
||||
@ -131,16 +131,12 @@ specific)
|
||||
|
||||
int ret;
|
||||
ECDSA_SIG *sig;
|
||||
EC_KEY *eckey = EC_KEY_new();
|
||||
EC_KEY *eckey;
|
||||
eckey = EC_KEY_new_by_curve_name(NID_secp192k1);
|
||||
if (eckey == NULL)
|
||||
{
|
||||
/* error */
|
||||
}
|
||||
key->group = EC_GROUP_new_by_nid(NID_secp192k1);
|
||||
if (key->group == NULL)
|
||||
{
|
||||
/* error */
|
||||
}
|
||||
if (!EC_KEY_generate_key(eckey))
|
||||
{
|
||||
/* error */
|
||||
|
@ -53,11 +53,11 @@ SSL_COMP_add_compression_method() may return the following values:
|
||||
|
||||
=over 4
|
||||
|
||||
=item 0
|
||||
=item Z<>0
|
||||
|
||||
The operation succeeded.
|
||||
|
||||
=item 1
|
||||
=item Z<>1
|
||||
|
||||
The operation failed. Check the error queue to find out the reason.
|
||||
|
||||
|
@ -52,13 +52,13 @@ The following values are returned by all functions:
|
||||
|
||||
=over 4
|
||||
|
||||
=item 0
|
||||
=item Z<>0
|
||||
|
||||
The operation failed. In case of the add operation, it was tried to add
|
||||
the same (identical) session twice. In case of the remove operation, the
|
||||
session was not found in the cache.
|
||||
|
||||
=item 1
|
||||
=item Z<>1
|
||||
|
||||
The operation succeeded.
|
||||
|
||||
|
@ -100,13 +100,13 @@ The following return values can occur:
|
||||
|
||||
=over 4
|
||||
|
||||
=item 0
|
||||
=item Z<>0
|
||||
|
||||
The operation failed because B<CAfile> and B<CApath> are NULL or the
|
||||
processing at one of the locations specified failed. Check the error
|
||||
stack to find out the reason.
|
||||
|
||||
=item 1
|
||||
=item Z<>1
|
||||
|
||||
The operation succeeded.
|
||||
|
||||
|
@ -66,16 +66,16 @@ values:
|
||||
|
||||
=over 4
|
||||
|
||||
=item 1
|
||||
|
||||
The operation succeeded.
|
||||
|
||||
=item 0
|
||||
=item Z<>0
|
||||
|
||||
A failure while manipulating the STACK_OF(X509_NAME) object occurred or
|
||||
the X509_NAME could not be extracted from B<cacert>. Check the error stack
|
||||
to find out the reason.
|
||||
|
||||
=item Z<>1
|
||||
|
||||
The operation succeeded.
|
||||
|
||||
=back
|
||||
|
||||
=head1 EXAMPLES
|
||||
|
@ -88,9 +88,10 @@ As of OpenSSL 0.9.8q and 1.0.0c, this option has no effect.
|
||||
|
||||
...
|
||||
|
||||
=item SSL_OP_MSIE_SSLV2_RSA_PADDING
|
||||
=item SSL_OP_SAFARI_ECDHE_ECDSA_BUG
|
||||
|
||||
As of OpenSSL 0.9.7h and 0.9.8a, this option has no effect.
|
||||
Don't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X.
|
||||
OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.
|
||||
|
||||
=item SSL_OP_SSLEAY_080_CLIENT_DH_BUG
|
||||
|
||||
|
@ -64,13 +64,13 @@ return the following values:
|
||||
|
||||
=over 4
|
||||
|
||||
=item 0
|
||||
=item Z<>0
|
||||
|
||||
The length B<sid_ctx_len> of the session id context B<sid_ctx> exceeded
|
||||
the maximum allowed length of B<SSL_MAX_SSL_SESSION_ID_LENGTH>. The error
|
||||
is logged to the error stack.
|
||||
|
||||
=item 1
|
||||
=item Z<>1
|
||||
|
||||
The operation succeeded.
|
||||
|
||||
|
@ -42,11 +42,11 @@ and SSL_set_ssl_method():
|
||||
|
||||
=over 4
|
||||
|
||||
=item 0
|
||||
=item Z<>0
|
||||
|
||||
The new choice failed, check the error stack to find out the reason.
|
||||
|
||||
=item 1
|
||||
=item Z<>1
|
||||
|
||||
The operation succeeded.
|
||||
|
||||
|
@ -81,6 +81,8 @@ SSL_CTX_use_psk_identity_hint() and SSL_use_psk_identity_hint() return
|
||||
|
||||
Return values from the server callback are interpreted as follows:
|
||||
|
||||
=over 4
|
||||
|
||||
=item > 0
|
||||
|
||||
PSK identity was found and the server callback has provided the PSK
|
||||
@ -94,9 +96,11 @@ data to B<psk> and return the length of the random data, so the
|
||||
connection will fail with decryption_error before it will be finished
|
||||
completely.
|
||||
|
||||
=item 0
|
||||
=item Z<>0
|
||||
|
||||
PSK identity was not found. An "unknown_psk_identity" alert message
|
||||
will be sent and the connection setup fails.
|
||||
|
||||
=back
|
||||
|
||||
=cut
|
||||
|
@ -44,17 +44,17 @@ The following return values can occur:
|
||||
|
||||
=over 4
|
||||
|
||||
=item 1
|
||||
|
||||
The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
|
||||
established.
|
||||
|
||||
=item 0
|
||||
=item Z<>0
|
||||
|
||||
The TLS/SSL handshake was not successful but was shut down controlled and
|
||||
by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
|
||||
return value B<ret> to find out the reason.
|
||||
|
||||
=item Z<>1
|
||||
|
||||
The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
|
||||
established.
|
||||
|
||||
=item E<lt>0
|
||||
|
||||
The TLS/SSL handshake was not successful because a fatal error occurred either
|
||||
|
@ -56,12 +56,12 @@ The following return values can occur:
|
||||
|
||||
=over 4
|
||||
|
||||
=item 0
|
||||
=item Z<>0
|
||||
|
||||
The SSL_clear() operation could not be performed. Check the error stack to
|
||||
find out the reason.
|
||||
|
||||
=item 1
|
||||
=item Z<>1
|
||||
|
||||
The SSL_clear() operation was successful.
|
||||
|
||||
|
@ -41,17 +41,17 @@ The following return values can occur:
|
||||
|
||||
=over 4
|
||||
|
||||
=item 1
|
||||
|
||||
The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
|
||||
established.
|
||||
|
||||
=item 0
|
||||
=item Z<>0
|
||||
|
||||
The TLS/SSL handshake was not successful but was shut down controlled and
|
||||
by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
|
||||
return value B<ret> to find out the reason.
|
||||
|
||||
=item Z<>1
|
||||
|
||||
The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
|
||||
established.
|
||||
|
||||
=item E<lt>0
|
||||
|
||||
The TLS/SSL handshake was not successful, because a fatal error occurred either
|
||||
|
@ -45,17 +45,17 @@ The following return values can occur:
|
||||
|
||||
=over 4
|
||||
|
||||
=item 1
|
||||
|
||||
The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
|
||||
established.
|
||||
|
||||
=item 0
|
||||
=item Z<>0
|
||||
|
||||
The TLS/SSL handshake was not successful but was shut down controlled and
|
||||
by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
|
||||
return value B<ret> to find out the reason.
|
||||
|
||||
=item Z<>1
|
||||
|
||||
The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
|
||||
established.
|
||||
|
||||
=item E<lt>0
|
||||
|
||||
The TLS/SSL handshake was not successful because a fatal error occurred either
|
||||
|
@ -86,7 +86,7 @@ The following return values can occur:
|
||||
The read operation was successful; the return value is the number of
|
||||
bytes actually read from the TLS/SSL connection.
|
||||
|
||||
=item 0
|
||||
=item Z<>0
|
||||
|
||||
The read operation was not successful. The reason may either be a clean
|
||||
shutdown due to a "close notify" alert sent by the peer (in which case
|
||||
|
@ -27,11 +27,11 @@ The following return values can occur:
|
||||
|
||||
=over 4
|
||||
|
||||
=item 0
|
||||
=item Z<>0
|
||||
|
||||
A new session was negotiated.
|
||||
|
||||
=item 1
|
||||
=item Z<>1
|
||||
|
||||
A session was reused.
|
||||
|
||||
|
@ -35,11 +35,11 @@ The following return values can occur:
|
||||
|
||||
=over 4
|
||||
|
||||
=item 0
|
||||
=item Z<>0
|
||||
|
||||
The operation failed. Check the error stack to find out why.
|
||||
|
||||
=item 1
|
||||
=item Z<>1
|
||||
|
||||
The operation succeeded.
|
||||
|
||||
|
@ -37,11 +37,11 @@ The following return values can occur:
|
||||
|
||||
=over 4
|
||||
|
||||
=item 0
|
||||
=item Z<>0
|
||||
|
||||
The operation failed; check the error stack to find out the reason.
|
||||
|
||||
=item 1
|
||||
=item Z<>1
|
||||
|
||||
The operation succeeded.
|
||||
|
||||
|
@ -92,18 +92,18 @@ The following return values can occur:
|
||||
|
||||
=over 4
|
||||
|
||||
=item 1
|
||||
|
||||
The shutdown was successfully completed. The "close notify" alert was sent
|
||||
and the peer's "close notify" alert was received.
|
||||
|
||||
=item 0
|
||||
=item Z<>0
|
||||
|
||||
The shutdown is not yet finished. Call SSL_shutdown() for a second time,
|
||||
if a bidirectional shutdown shall be performed.
|
||||
The output of L<SSL_get_error(3)|SSL_get_error(3)> may be misleading, as an
|
||||
erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred.
|
||||
|
||||
=item Z<>1
|
||||
|
||||
The shutdown was successfully completed. The "close notify" alert was sent
|
||||
and the peer's "close notify" alert was received.
|
||||
|
||||
=item -1
|
||||
|
||||
The shutdown was not successful because a fatal error occurred either
|
||||
|
@ -79,7 +79,7 @@ The following return values can occur:
|
||||
The write operation was successful, the return value is the number of
|
||||
bytes actually written to the TLS/SSL connection.
|
||||
|
||||
=item 0
|
||||
=item Z<>0
|
||||
|
||||
The write operation was not successful. Probably the underlying connection
|
||||
was closed. Call SSL_get_error() with the return value B<ret> to find out,
|
||||
|
@ -87,10 +87,6 @@ extern gost_subst_block Gost28147_CryptoProParamSetB;
|
||||
extern gost_subst_block Gost28147_CryptoProParamSetC;
|
||||
extern gost_subst_block Gost28147_CryptoProParamSetD;
|
||||
extern const byte CryptoProKeyMeshingKey[];
|
||||
#if __LONG_MAX__ > 2147483647L
|
||||
typedef unsigned int word32;
|
||||
#else
|
||||
typedef unsigned long word32;
|
||||
#endif
|
||||
|
||||
#endif
|
||||
|
@ -319,9 +319,10 @@ int dtls1_do_write(SSL *s, int type)
|
||||
s->init_off -= DTLS1_HM_HEADER_LENGTH;
|
||||
s->init_num += DTLS1_HM_HEADER_LENGTH;
|
||||
|
||||
/* write atleast DTLS1_HM_HEADER_LENGTH bytes */
|
||||
if ( len <= DTLS1_HM_HEADER_LENGTH)
|
||||
len += DTLS1_HM_HEADER_LENGTH;
|
||||
if ( s->init_num > curr_mtu)
|
||||
len = curr_mtu;
|
||||
else
|
||||
len = s->init_num;
|
||||
}
|
||||
|
||||
dtls1_fix_message_header(s, frag_off,
|
||||
|
@ -538,13 +538,6 @@ int dtls1_connect(SSL *s)
|
||||
SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
|
||||
if (ret <= 0) goto end;
|
||||
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
/* Change to new shared key of SCTP-Auth,
|
||||
* will be ignored if no SCTP used.
|
||||
*/
|
||||
BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
|
||||
#endif
|
||||
|
||||
s->state=SSL3_ST_CW_FINISHED_A;
|
||||
s->init_num=0;
|
||||
|
||||
@ -571,6 +564,16 @@ int dtls1_connect(SSL *s)
|
||||
goto end;
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
if (s->hit)
|
||||
{
|
||||
/* Change to new shared key of SCTP-Auth,
|
||||
* will be ignored if no SCTP used.
|
||||
*/
|
||||
BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
|
||||
}
|
||||
#endif
|
||||
|
||||
dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
|
||||
break;
|
||||
|
||||
@ -613,6 +616,13 @@ int dtls1_connect(SSL *s)
|
||||
}
|
||||
else
|
||||
{
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
/* Change to new shared key of SCTP-Auth,
|
||||
* will be ignored if no SCTP used.
|
||||
*/
|
||||
BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_TLSEXT
|
||||
/* Allow NewSessionTicket if ticket expected */
|
||||
if (s->tlsext_ticket_expected)
|
||||
@ -773,7 +783,7 @@ int dtls1_client_hello(SSL *s)
|
||||
unsigned char *buf;
|
||||
unsigned char *p,*d;
|
||||
unsigned int i,j;
|
||||
unsigned long Time,l;
|
||||
unsigned long l;
|
||||
SSL_COMP *comp;
|
||||
|
||||
buf=(unsigned char *)s->init_buf->data;
|
||||
@ -798,13 +808,11 @@ int dtls1_client_hello(SSL *s)
|
||||
|
||||
/* if client_random is initialized, reuse it, we are
|
||||
* required to use same upon reply to HelloVerify */
|
||||
for (i=0;p[i]=='\0' && i<sizeof(s->s3->client_random);i++) ;
|
||||
for (i=0;p[i]=='\0' && i<sizeof(s->s3->client_random);i++)
|
||||
;
|
||||
if (i==sizeof(s->s3->client_random))
|
||||
{
|
||||
Time=(unsigned long)time(NULL); /* Time */
|
||||
l2n(Time,p);
|
||||
RAND_pseudo_bytes(p,sizeof(s->s3->client_random)-4);
|
||||
}
|
||||
ssl_fill_hello_random(s, 0, p,
|
||||
sizeof(s->s3->client_random));
|
||||
|
||||
/* Do the message type and length last */
|
||||
d=p= &(buf[DTLS1_HM_HEADER_LENGTH]);
|
||||
|
@ -196,6 +196,7 @@ void dtls1_free(SSL *s)
|
||||
pqueue_free(s->d1->buffered_app_data.q);
|
||||
|
||||
OPENSSL_free(s->d1);
|
||||
s->d1 = NULL;
|
||||
}
|
||||
|
||||
void dtls1_clear(SSL *s)
|
||||
|
@ -847,6 +847,12 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
|
||||
}
|
||||
}
|
||||
|
||||
if (s->d1->listen && rr->type != SSL3_RT_HANDSHAKE)
|
||||
{
|
||||
rr->length = 0;
|
||||
goto start;
|
||||
}
|
||||
|
||||
/* we now have a packet which can be read and processed */
|
||||
|
||||
if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
|
||||
@ -1051,6 +1057,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
|
||||
!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
|
||||
!s->s3->renegotiate)
|
||||
{
|
||||
s->d1->handshake_read_seq++;
|
||||
s->new_session = 1;
|
||||
ssl3_renegotiate(s);
|
||||
if (ssl3_renegotiate_check(s))
|
||||
|
@ -276,10 +276,11 @@ int dtls1_accept(SSL *s)
|
||||
case SSL3_ST_SW_HELLO_REQ_B:
|
||||
|
||||
s->shutdown=0;
|
||||
dtls1_clear_record_buffer(s);
|
||||
dtls1_start_timer(s);
|
||||
ret=dtls1_send_hello_request(s);
|
||||
if (ret <= 0) goto end;
|
||||
s->s3->tmp.next_state=SSL3_ST_SW_HELLO_REQ_C;
|
||||
s->s3->tmp.next_state=SSL3_ST_SR_CLNT_HELLO_A;
|
||||
s->state=SSL3_ST_SW_FLUSH;
|
||||
s->init_num=0;
|
||||
|
||||
@ -721,10 +722,13 @@ int dtls1_accept(SSL *s)
|
||||
if (ret <= 0) goto end;
|
||||
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
/* Change to new shared key of SCTP-Auth,
|
||||
* will be ignored if no SCTP used.
|
||||
*/
|
||||
BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
|
||||
if (!s->hit)
|
||||
{
|
||||
/* Change to new shared key of SCTP-Auth,
|
||||
* will be ignored if no SCTP used.
|
||||
*/
|
||||
BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
|
||||
}
|
||||
#endif
|
||||
|
||||
s->state=SSL3_ST_SW_FINISHED_A;
|
||||
@ -749,7 +753,16 @@ int dtls1_accept(SSL *s)
|
||||
if (ret <= 0) goto end;
|
||||
s->state=SSL3_ST_SW_FLUSH;
|
||||
if (s->hit)
|
||||
{
|
||||
s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
|
||||
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
/* Change to new shared key of SCTP-Auth,
|
||||
* will be ignored if no SCTP used.
|
||||
*/
|
||||
BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
|
||||
#endif
|
||||
}
|
||||
else
|
||||
{
|
||||
s->s3->tmp.next_state=SSL_ST_OK;
|
||||
@ -912,15 +925,13 @@ int dtls1_send_server_hello(SSL *s)
|
||||
unsigned char *p,*d;
|
||||
int i;
|
||||
unsigned int sl;
|
||||
unsigned long l,Time;
|
||||
unsigned long l;
|
||||
|
||||
if (s->state == SSL3_ST_SW_SRVR_HELLO_A)
|
||||
{
|
||||
buf=(unsigned char *)s->init_buf->data;
|
||||
p=s->s3->server_random;
|
||||
Time=(unsigned long)time(NULL); /* Time */
|
||||
l2n(Time,p);
|
||||
RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4);
|
||||
ssl_fill_hello_random(s, 1, p, SSL3_RANDOM_SIZE);
|
||||
/* Do the message type and length last */
|
||||
d=p= &(buf[DTLS1_HM_HEADER_LENGTH]);
|
||||
|
||||
|
@ -269,12 +269,35 @@ static int ssl23_no_ssl2_ciphers(SSL *s)
|
||||
return 1;
|
||||
}
|
||||
|
||||
/* Fill a ClientRandom or ServerRandom field of length len. Returns <= 0
|
||||
* on failure, 1 on success. */
|
||||
int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len)
|
||||
{
|
||||
int send_time = 0;
|
||||
|
||||
if (len < 4)
|
||||
return 0;
|
||||
if (server)
|
||||
send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0;
|
||||
else
|
||||
send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0;
|
||||
if (send_time)
|
||||
{
|
||||
unsigned long Time = time(NULL);
|
||||
unsigned char *p = result;
|
||||
l2n(Time, p);
|
||||
return RAND_pseudo_bytes(p, len-4);
|
||||
}
|
||||
else
|
||||
return RAND_pseudo_bytes(result, len);
|
||||
}
|
||||
|
||||
static int ssl23_client_hello(SSL *s)
|
||||
{
|
||||
unsigned char *buf;
|
||||
unsigned char *p,*d;
|
||||
int i,ch_len;
|
||||
unsigned long Time,l;
|
||||
unsigned long l;
|
||||
int ssl2_compat;
|
||||
int version = 0, version_major, version_minor;
|
||||
#ifndef OPENSSL_NO_COMP
|
||||
@ -355,9 +378,7 @@ static int ssl23_client_hello(SSL *s)
|
||||
#endif
|
||||
|
||||
p=s->s3->client_random;
|
||||
Time=(unsigned long)time(NULL); /* Time */
|
||||
l2n(Time,p);
|
||||
if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
|
||||
if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0)
|
||||
return -1;
|
||||
|
||||
if (version == TLS1_2_VERSION)
|
||||
|
@ -161,6 +161,8 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
|
||||
|
||||
i=s->method->ssl3_enc->final_finish_mac(s,
|
||||
sender,slen,s->s3->tmp.finish_md);
|
||||
if (i == 0)
|
||||
return 0;
|
||||
s->s3->tmp.finish_md_len = i;
|
||||
memcpy(p, s->s3->tmp.finish_md, i);
|
||||
p+=i;
|
||||
|
@ -655,7 +655,7 @@ int ssl3_client_hello(SSL *s)
|
||||
unsigned char *buf;
|
||||
unsigned char *p,*d;
|
||||
int i;
|
||||
unsigned long Time,l;
|
||||
unsigned long l;
|
||||
#ifndef OPENSSL_NO_COMP
|
||||
int j;
|
||||
SSL_COMP *comp;
|
||||
@ -680,9 +680,8 @@ int ssl3_client_hello(SSL *s)
|
||||
/* else use the pre-loaded session */
|
||||
|
||||
p=s->s3->client_random;
|
||||
Time=(unsigned long)time(NULL); /* Time */
|
||||
l2n(Time,p);
|
||||
if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
|
||||
|
||||
if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0)
|
||||
goto err;
|
||||
|
||||
/* Do the message type and length last */
|
||||
|
@ -1683,7 +1683,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
||||
SSL_3DES,
|
||||
SSL_SHA1,
|
||||
SSL_TLSV1,
|
||||
SSL_NOT_EXP|SSL_HIGH,
|
||||
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
|
||||
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
|
||||
168,
|
||||
168,
|
||||
@ -1699,7 +1699,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
||||
SSL_AES128,
|
||||
SSL_SHA1,
|
||||
SSL_TLSV1,
|
||||
SSL_NOT_EXP|SSL_HIGH,
|
||||
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
|
||||
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
|
||||
128,
|
||||
128,
|
||||
@ -1715,7 +1715,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
||||
SSL_AES256,
|
||||
SSL_SHA1,
|
||||
SSL_TLSV1,
|
||||
SSL_NOT_EXP|SSL_HIGH,
|
||||
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
|
||||
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
|
||||
256,
|
||||
256,
|
||||
@ -3037,6 +3037,11 @@ void ssl3_clear(SSL *s)
|
||||
s->s3->tmp.ecdh = NULL;
|
||||
}
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_TLSEXT
|
||||
#ifndef OPENSSL_NO_EC
|
||||
s->s3->is_probably_safari = 0;
|
||||
#endif /* !OPENSSL_NO_EC */
|
||||
#endif /* !OPENSSL_NO_TLSEXT */
|
||||
|
||||
rp = s->s3->rbuf.buf;
|
||||
wp = s->s3->wbuf.buf;
|
||||
@ -4016,6 +4021,13 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
|
||||
ii=sk_SSL_CIPHER_find(allow,c);
|
||||
if (ii >= 0)
|
||||
{
|
||||
#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT)
|
||||
if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA) && s->s3->is_probably_safari)
|
||||
{
|
||||
if (!ret) ret=sk_SSL_CIPHER_value(allow,ii);
|
||||
continue;
|
||||
}
|
||||
#endif
|
||||
ret=sk_SSL_CIPHER_value(allow,ii);
|
||||
break;
|
||||
}
|
||||
|
@ -335,7 +335,7 @@ fprintf(stderr, "Record type=%d, Length=%d\n", rr->type, rr->length);
|
||||
if (version != s->version)
|
||||
{
|
||||
SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
|
||||
if ((s->version & 0xFF00) == (version & 0xFF00))
|
||||
if ((s->version & 0xFF00) == (version & 0xFF00) && !s->enc_write_ctx && !s->write_hash)
|
||||
/* Send back error using their minor version number :-) */
|
||||
s->version = (unsigned short)version;
|
||||
al=SSL_AD_PROTOCOL_VERSION;
|
||||
@ -1459,8 +1459,14 @@ int ssl3_do_change_cipher_spec(SSL *s)
|
||||
slen=s->method->ssl3_enc->client_finished_label_len;
|
||||
}
|
||||
|
||||
s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
|
||||
i = s->method->ssl3_enc->final_finish_mac(s,
|
||||
sender,slen,s->s3->tmp.peer_finish_md);
|
||||
if (i == 0)
|
||||
{
|
||||
SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
s->s3->tmp.peer_finish_md_len = i;
|
||||
|
||||
return(1);
|
||||
}
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user