Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Import of OpenSSL 1.0.1k. Upstream log: 

Changes between 1.0.1j and 1.0.1k [8 Jan 2015]

  *) Fix DTLS segmentation fault in dtls1_get_record. A carefully crafted DTLS
     message can cause a segmentation fault in OpenSSL due to a NULL pointer
     dereference. This could lead to a Denial Of Service attack. Thanks to
     Markus Stenberg of Cisco Systems, Inc. for reporting this issue.
     (CVE-2014-3571)
     [Steve Henson]

  *) Fix DTLS memory leak in dtls1_buffer_record. A memory leak can occur in the
     dtls1_buffer_record function under certain conditions. In particular this
     could occur if an attacker sent repeated DTLS records with the same
     sequence number but for the next epoch. The memory leak could be exploited
     by an attacker in a Denial of Service attack through memory exhaustion.
     Thanks to Chris Mueller for reporting this issue.
     (CVE-2015-0206)
     [Matt Caswell]

  *) Fix issue where no-ssl3 configuration sets method to NULL. When openssl is
     built with the no-ssl3 option and a SSL v3 ClientHello is received the ssl
     method would be set to NULL which could later result in a NULL pointer
     dereference. Thanks to Frank Schmirler for reporting this issue.
     (CVE-2014-3569)
     [Kurt Roeckx]

  *) Abort handshake if server key exchange message is omitted for ephemeral
     ECDH ciphersuites.

     Thanks to Karthikeyan Bhargavan of the PROSECCO team at INRIA for
     reporting this issue.
     (CVE-2014-3572)
     [Steve Henson]

  *) Remove non-export ephemeral RSA code on client and server. This code
     violated the TLS standard by allowing the use of temporary RSA keys in
     non-export ciphersuites and could be used by a server to effectively
     downgrade the RSA key length used to a value smaller than the server
     certificate. Thanks for Karthikeyan Bhargavan of the PROSECCO team at
     INRIA or reporting this issue.
     (CVE-2015-0204)
     [Steve Henson]

  *) Fixed issue where DH client certificates are accepted without verification.
     An OpenSSL server will accept a DH certificate for client authentication
     without the certificate verify message. This effectively allows a client to
     authenticate without the use of a private key. This only affects servers
     which trust a client certificate authority which issues certificates
     containing DH keys: these are extremely rare and hardly ever encountered.
     Thanks for Karthikeyan Bhargavan of the PROSECCO team at INRIA or reporting
     this issue.
     (CVE-2015-0205)
     [Steve Henson]

  *) Ensure that the session ID context of an SSL is updated when its
     SSL_CTX is updated via SSL_set_SSL_CTX.

     The session ID context is typically set from the parent SSL_CTX,
     and can vary with the CTX.
     [Adam Langley]

  *) Fix various certificate fingerprint issues.

     By using non-DER or invalid encodings outside the signed portion of a
     certificate the fingerprint can be changed without breaking the signature.
     Although no details of the signed portion of the certificate can be changed
     this can cause problems with some applications: e.g. those using the
     certificate fingerprint for blacklists.

     1. Reject signatures with non zero unused bits.

     If the BIT STRING containing the signature has non zero unused bits reject
     the signature. All current signature algorithms require zero unused bits.

     2. Check certificate algorithm consistency.

     Check the AlgorithmIdentifier inside TBS matches the one in the
     certificate signature. NB: this will result in signature failure
     errors for some broken certificates.

     Thanks to Konrad Kraszewski from Google for reporting this issue.

     3. Check DSA/ECDSA signatures use DER.

     Reencode DSA/ECDSA signatures and compare with the original received
     signature. Return an error if there is a mismatch.

     This will reject various cases including garbage after signature
     (thanks to Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS
     program for discovering this case) and use of BER or invalid ASN.1 INTEGERs
     (negative or with leading zeroes).

     Further analysis was conducted and fixes were developed by Stephen Henson
     of the OpenSSL core team.

     (CVE-2014-8275)
     [Steve Henson]

   *) Correct Bignum squaring. Bignum squaring (BN_sqr) may produce incorrect
      results on some platforms, including x86_64. This bug occurs at random
      with a very low probability, and is not known to be exploitable in any
      way, though its exact impact is difficult to determine. Thanks to Pieter
      Wuille (Blockstream) who reported this issue and also suggested an initial
      fix. Further analysis was conducted by the OpenSSL development team and
      Adam Langley of Google. The final fix was developed by Andy Polyakov of
      the OpenSSL core team.
      (CVE-2014-3570)
      [Andy Polyakov]

   *) Do not resume sessions on the server if the negotiated protocol
      version does not match the session's version. Resuming with a different
      version, while not strictly forbidden by the RFC, is of questionable
      sanity and breaks all known clients.
      [David Benjamin, Emilia Käsper]

   *) Tighten handling of the ChangeCipherSpec (CCS) message: reject
      early CCS messages during renegotiation. (Note that because
      renegotiation is encrypted, this early CCS was not exploitable.)
      [Emilia Käsper]

   *) Tighten client-side session ticket handling during renegotiation:
      ensure that the client only accepts a session ticket if the server sends
      the extension anew in the ServerHello. Previously, a TLS client would
      reuse the old extension state and thus accept a session ticket if one was
      announced in the initial ServerHello.

      Similarly, ensure that the client requires a session ticket if one
      was advertised in the ServerHello. Previously, a TLS client would
      ignore a missing NewSessionTicket message.
      [Emilia Käsper]
This commit is contained in:
spz 2015-01-13 07:59:08 +00:00
parent 14ce3e3f34
commit 05304d4329
60 changed files with 1220 additions and 868 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
crypto/external/bsd/openssl/dist/apps/dgst.c vendored
View File

@ -273,6 +273,8 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err,"-d to output debug info\n");
BIO_printf(bio_err,"-hex output as hex dump\n");
BIO_printf(bio_err,"-binary output in binary form\n");
BIO_printf(bio_err,"-hmac arg set the HMAC key to arg\n");
BIO_printf(bio_err,"-non-fips-allow allow use of non FIPS digest\n");
BIO_printf(bio_err,"-sign file sign digest using private key in file\n");
BIO_printf(bio_err,"-verify file verify a signature using public key in file\n");
BIO_printf(bio_err,"-prverify file verify a signature using private key in file\n");

5
crypto/external/bsd/openssl/dist/apps/openssl.c vendored
View File

@ -435,9 +435,7 @@ end:
if (prog != NULL) lh_FUNCTION_free(prog);
if (arg.data != NULL) OPENSSL_free(arg.data);
apps_shutdown();
CRYPTO_mem_leaks(bio_err);
if (bio_err != NULL)
{
BIO_free(bio_err);
@ -450,6 +448,9 @@ end:
OPENSSL_free(Argv);
}
#endif
apps_shutdown();
CRYPTO_mem_leaks(bio_err);
OPENSSL_EXIT(ret);
}

2
crypto/external/bsd/openssl/dist/crypto/aes/asm/aes-mips.pl vendored
View File

@ -70,7 +70,7 @@ $pf = ($flavour =~ /nubi/i) ? $t0 : $t2;
#
######################################################################
$big_endian=(`echo MIPSEL | $ENV{CC} -E -P -`=~/MIPSEL/)?1:0;
$big_endian=(`echo MIPSEL | $ENV{CC} -E -`=~/MIPSEL/)?1:0 if ($ENV{CC});
for (@ARGV) { $output=$_ if (/^\w[\w\-]*\.\w+$/); }
open STDOUT,">$output";

7
crypto/external/bsd/openssl/dist/crypto/asn1/a_bitstr.c vendored
View File

@ -136,11 +136,16 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
p= *pp;
i= *(p++);
if (i > 7)
{
i=ASN1_R_INVALID_BIT_STRING_BITS_LEFT;
goto err;
}
/* We do this to preserve the settings. If we modify
* the settings, via the _set_bit function, we will recalculate
* on output */
ret->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear */
ret->flags|=(ASN1_STRING_FLAG_BITS_LEFT|(i&0x07)); /* set */
ret->flags|=(ASN1_STRING_FLAG_BITS_LEFT|i); /* set */
if (len-- > 1) /* using one because of the bits left byte */
{

2
crypto/external/bsd/openssl/dist/crypto/asn1/a_type.c vendored
View File

@ -113,7 +113,7 @@ IMPLEMENT_STACK_OF(ASN1_TYPE)
IMPLEMENT_ASN1_SET_OF(ASN1_TYPE)
/* Returns 0 if they are equal, != 0 otherwise. */
int ASN1_TYPE_cmp(ASN1_TYPE *a, ASN1_TYPE *b)
int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b)
{
int result = -1;

12
crypto/external/bsd/openssl/dist/crypto/asn1/a_verify.c vendored
View File

@ -90,6 +90,12 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,
ASN1err(ASN1_F_ASN1_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
goto err;
}
if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7)
{
ASN1err(ASN1_F_ASN1_VERIFY, ASN1_R_INVALID_BIT_STRING_BITS_LEFT);
goto err;
}
inl=i2d(data,NULL);
buf_in=OPENSSL_malloc((unsigned int)inl);
@ -146,6 +152,12 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
return -1;
}
if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7)
{
ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ASN1_R_INVALID_BIT_STRING_BITS_LEFT);
return -1;
}
EVP_MD_CTX_init(&ctx);
/* Convert signature OID into digest and public key OIDs */

4
crypto/external/bsd/openssl/dist/crypto/asn1/asn1.h vendored
View File

@ -776,7 +776,7 @@ DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
int ASN1_TYPE_get(ASN1_TYPE *a);
void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
int ASN1_TYPE_cmp(ASN1_TYPE *a, ASN1_TYPE *b);
int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
ASN1_OBJECT * ASN1_OBJECT_new(void );
void ASN1_OBJECT_free(ASN1_OBJECT *a);
@ -1329,6 +1329,7 @@ void ERR_load_ASN1_strings(void);
#define ASN1_R_ILLEGAL_TIME_VALUE 184
#define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185
#define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128
#define ASN1_R_INVALID_BIT_STRING_BITS_LEFT 220
#define ASN1_R_INVALID_BMPSTRING_LENGTH 129
#define ASN1_R_INVALID_DIGIT 130
#define ASN1_R_INVALID_MIME_TYPE 205
@ -1378,6 +1379,7 @@ void ERR_load_ASN1_strings(void);
#define ASN1_R_TIME_NOT_ASCII_FORMAT 193
#define ASN1_R_TOO_LONG 155
#define ASN1_R_TYPE_NOT_CONSTRUCTED 156
#define ASN1_R_TYPE_NOT_PRIMITIVE 218
#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157
#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 158
#define ASN1_R_UNEXPECTED_EOC 159

4
crypto/external/bsd/openssl/dist/crypto/asn1/asn1_err.c vendored
View File

@ -1,6 +1,6 @@
/* crypto/asn1/asn1_err.c */
/* ====================================================================
* Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
* Copyright (c) 1999-2014 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -246,6 +246,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
{ERR_REASON(ASN1_R_ILLEGAL_TIME_VALUE) ,"illegal time value"},
{ERR_REASON(ASN1_R_INTEGER_NOT_ASCII_FORMAT),"integer not ascii format"},
{ERR_REASON(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG),"integer too large for long"},
{ERR_REASON(ASN1_R_INVALID_BIT_STRING_BITS_LEFT),"invalid bit string bits left"},
{ERR_REASON(ASN1_R_INVALID_BMPSTRING_LENGTH),"invalid bmpstring length"},
{ERR_REASON(ASN1_R_INVALID_DIGIT) ,"invalid digit"},
{ERR_REASON(ASN1_R_INVALID_MIME_TYPE) ,"invalid mime type"},
@ -295,6 +296,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
{ERR_REASON(ASN1_R_TIME_NOT_ASCII_FORMAT),"time not ascii format"},
{ERR_REASON(ASN1_R_TOO_LONG) ,"too long"},
{ERR_REASON(ASN1_R_TYPE_NOT_CONSTRUCTED) ,"type not constructed"},
{ERR_REASON(ASN1_R_TYPE_NOT_PRIMITIVE) ,"type not primitive"},
{ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY),"unable to decode rsa key"},
{ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY),"unable to decode rsa private key"},
{ERR_REASON(ASN1_R_UNEXPECTED_EOC) ,"unexpected eoc"},

8
crypto/external/bsd/openssl/dist/crypto/asn1/tasn_dec.c vendored
View File

@ -870,6 +870,14 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
}
else if (cst)
{
if (utype == V_ASN1_NULL || utype == V_ASN1_BOOLEAN
|| utype == V_ASN1_OBJECT || utype == V_ASN1_INTEGER
|| utype == V_ASN1_ENUMERATED)
{
ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
ASN1_R_TYPE_NOT_PRIMITIVE);
return 0;
}
buf.length = 0;
buf.max = 0;
buf.data = NULL;

11
crypto/external/bsd/openssl/dist/crypto/asn1/x_algor.c vendored
View File

@ -142,3 +142,14 @@ void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md)
X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, NULL);
}
int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b)
{
int rv;
rv = OBJ_cmp(a->algorithm, b->algorithm);
if (rv)
return rv;
if (!a->parameter && !b->parameter)
return 0;
return ASN1_TYPE_cmp(a->parameter, b->parameter);
}

2
crypto/external/bsd/openssl/dist/crypto/asn1/x_name.c vendored
View File

@ -350,6 +350,8 @@ static int x509_name_canon(X509_NAME *a)
set = entry->set;
}
tmpentry = X509_NAME_ENTRY_new();
if (!tmpentry)
goto err;
tmpentry->object = OBJ_dup(entry->object);
if (!asn1_string_canon(tmpentry->value, entry->value))
goto err;

4
crypto/external/bsd/openssl/dist/crypto/bio/bio.h vendored
View File

@ -175,6 +175,8 @@ extern "C" {
#define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT 45 /* Next DTLS handshake timeout to
* adjust socket timeouts */
#define BIO_CTRL_DGRAM_GET_MTU_OVERHEAD 49
#ifndef OPENSSL_NO_SCTP
/* SCTP stuff */
#define BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE 50
@ -607,6 +609,8 @@ int BIO_ctrl_reset_read_request(BIO *b);
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char *)peer)
#define BIO_dgram_set_peer(b,peer) \
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char *)peer)
#define BIO_dgram_get_mtu_overhead(b) \
(unsigned int)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_MTU_OVERHEAD, 0, NULL)
/* These two aren't currently implemented */
/* int BIO_get_ex_num(BIO *bio); */

158
crypto/external/bsd/openssl/dist/crypto/bio/bss_dgram.c vendored
View File

@ -454,6 +454,36 @@ static int dgram_write(BIO *b, const char *in, int inl)
return(ret);
}
static long dgram_get_mtu_overhead(bio_dgram_data *data)
{
long ret;
switch (data->peer.sa.sa_family)
{
case AF_INET:
/* Assume this is UDP - 20 bytes for IP, 8 bytes for UDP */
ret = 28;
break;
#if OPENSSL_USE_IPV6
case AF_INET6:
#ifdef IN6_IS_ADDR_V4MAPPED
if (IN6_IS_ADDR_V4MAPPED(&data->peer.sa_in6.sin6_addr))
/* Assume this is UDP - 20 bytes for IP, 8 bytes for UDP */
ret = 28;
else
#endif
/* Assume this is UDP - 40 bytes for IP, 8 bytes for UDP */
ret = 48;
break;
#endif
default:
/* We don't know. Go with the historical default */
ret = 28;
break;
}
return ret;
}
static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
{
long ret=1;
@ -630,23 +660,24 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
#endif
break;
case BIO_CTRL_DGRAM_GET_FALLBACK_MTU:
ret = -dgram_get_mtu_overhead(data);
switch (data->peer.sa.sa_family)
{
case AF_INET:
ret = 576 - 20 - 8;
ret += 576;
break;
#if OPENSSL_USE_IPV6
case AF_INET6:
#ifdef IN6_IS_ADDR_V4MAPPED
if (IN6_IS_ADDR_V4MAPPED(&data->peer.sa_in6.sin6_addr))
ret = 576 - 20 - 8;
ret += 576;
else
#endif
ret = 1280 - 40 - 8;
ret += 1280;
break;
#endif
default:
ret = 576 - 20 - 8;
ret += 576;
break;
}
break;
@ -847,6 +878,9 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
ret = 0;
break;
#endif
case BIO_CTRL_DGRAM_GET_MTU_OVERHEAD:
ret = dgram_get_mtu_overhead(data);
break;
default:
ret=0;
break;
@ -893,10 +927,18 @@ BIO *BIO_new_dgram_sctp(int fd, int close_flag)
/* Activate SCTP-AUTH for DATA and FORWARD-TSN chunks */
auth.sauth_chunk = OPENSSL_SCTP_DATA_CHUNK_TYPE;
ret = setsockopt(fd, IPPROTO_SCTP, SCTP_AUTH_CHUNK, &auth, sizeof(struct sctp_authchunk));
OPENSSL_assert(ret >= 0);
if (ret < 0)
{
BIO_vfree(bio);
return(NULL);
}
auth.sauth_chunk = OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE;
ret = setsockopt(fd, IPPROTO_SCTP, SCTP_AUTH_CHUNK, &auth, sizeof(struct sctp_authchunk));
OPENSSL_assert(ret >= 0);
if (ret < 0)
{
BIO_vfree(bio);
return(NULL);
}
/* Test if activation was successful. When using accept(),
* SCTP-AUTH has to be activated for the listening socket
@ -905,7 +947,13 @@ BIO *BIO_new_dgram_sctp(int fd, int close_flag)
authchunks = OPENSSL_malloc(sockopt_len);
memset(authchunks, 0, sizeof(sockopt_len));
ret = getsockopt(fd, IPPROTO_SCTP, SCTP_LOCAL_AUTH_CHUNKS, authchunks, &sockopt_len);
OPENSSL_assert(ret >= 0);
if (ret < 0)
{
OPENSSL_free(authchunks);
BIO_vfree(bio);
return(NULL);
}
for (p = (unsigned char*) authchunks->gauth_chunks;
p < (unsigned char*) authchunks + sockopt_len;
@ -927,16 +975,28 @@ BIO *BIO_new_dgram_sctp(int fd, int close_flag)
event.se_type = SCTP_AUTHENTICATION_EVENT;
event.se_on = 1;
ret = setsockopt(fd, IPPROTO_SCTP, SCTP_EVENT, &event, sizeof(struct sctp_event));
OPENSSL_assert(ret >= 0);
if (ret < 0)
{
BIO_vfree(bio);
return(NULL);
}
#else
sockopt_len = (socklen_t) sizeof(struct sctp_event_subscribe);
ret = getsockopt(fd, IPPROTO_SCTP, SCTP_EVENTS, &event, &sockopt_len);
OPENSSL_assert(ret >= 0);
if (ret < 0)
{
BIO_vfree(bio);
return(NULL);
}
event.sctp_authentication_event = 1;
ret = setsockopt(fd, IPPROTO_SCTP, SCTP_EVENTS, &event, sizeof(struct sctp_event_subscribe));
OPENSSL_assert(ret >= 0);
if (ret < 0)
{
BIO_vfree(bio);
return(NULL);
}
#endif
#endif
@ -944,7 +1004,11 @@ BIO *BIO_new_dgram_sctp(int fd, int close_flag)
* larger than the max record size of 2^14 + 2048 + 13
*/
ret = setsockopt(fd, IPPROTO_SCTP, SCTP_PARTIAL_DELIVERY_POINT, &optval, sizeof(optval));
OPENSSL_assert(ret >= 0);
if (ret < 0)
{
BIO_vfree(bio);
return(NULL);
}
return(bio);
}
@ -982,7 +1046,12 @@ static int dgram_sctp_free(BIO *a)
return 0;
data = (bio_dgram_sctp_data *)a->ptr;
if(data != NULL) OPENSSL_free(data);
if(data != NULL)
{
if(data->saved_message.data != NULL)
OPENSSL_free(data->saved_message.data);
OPENSSL_free(data);
}
return(1);
}
@ -1034,6 +1103,13 @@ static int dgram_sctp_read(BIO *b, char *out, int outl)
msg.msg_flags = 0;
n = recvmsg(b->num, &msg, 0);
if (n <= 0)
{
if (n < 0)
ret = n;
break;
}
if (msg.msg_controllen > 0)
{
for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg))
@ -1073,13 +1149,6 @@ static int dgram_sctp_read(BIO *b, char *out, int outl)
}
}
if (n <= 0)
{
if (n < 0)
ret = n;
break;
}
if (msg.msg_flags & MSG_NOTIFICATION)
{
snp = (union sctp_notification*) out;
@ -1099,6 +1168,7 @@ static int dgram_sctp_read(BIO *b, char *out, int outl)
dgram_sctp_write(data->saved_message.bio, data->saved_message.data,
data->saved_message.length);
OPENSSL_free(data->saved_message.data);
data->saved_message.data = NULL;
data->saved_message.length = 0;
}
@ -1109,16 +1179,28 @@ static int dgram_sctp_read(BIO *b, char *out, int outl)
event.se_type = SCTP_SENDER_DRY_EVENT;
event.se_on = 0;
i = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event, sizeof(struct sctp_event));
OPENSSL_assert(i >= 0);
if (i < 0)
{
ret = i;
break;
}
#else
eventsize = sizeof(struct sctp_event_subscribe);
i = getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event, &eventsize);
OPENSSL_assert(i >= 0);
if (i < 0)
{
ret = i;
break;
}
event.sctp_sender_dry_event = 0;
i = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event, sizeof(struct sctp_event_subscribe));
OPENSSL_assert(i >= 0);
if (i < 0)
{
ret = i;
break;
}
#endif
}
@ -1151,8 +1233,8 @@ static int dgram_sctp_read(BIO *b, char *out, int outl)
*/
optlen = (socklen_t) sizeof(int);
ret = getsockopt(b->num, SOL_SOCKET, SO_RCVBUF, &optval, &optlen);
OPENSSL_assert(ret >= 0);
OPENSSL_assert(optval >= 18445);
if (ret >= 0)
OPENSSL_assert(optval >= 18445);
/* Test if SCTP doesn't partially deliver below
* max record size (2^14 + 2048 + 13)
@ -1160,8 +1242,8 @@ static int dgram_sctp_read(BIO *b, char *out, int outl)
optlen = (socklen_t) sizeof(int);
ret = getsockopt(b->num, IPPROTO_SCTP, SCTP_PARTIAL_DELIVERY_POINT,
&optval, &optlen);
OPENSSL_assert(ret >= 0);
OPENSSL_assert(optval >= 18445);
if (ret >= 0)
OPENSSL_assert(optval >= 18445);
/* Partially delivered notification??? Probably a bug.... */
OPENSSL_assert(!(msg.msg_flags & MSG_NOTIFICATION));
@ -1195,15 +1277,15 @@ static int dgram_sctp_read(BIO *b, char *out, int outl)
authchunks = OPENSSL_malloc(optlen);
memset(authchunks, 0, sizeof(optlen));
ii = getsockopt(b->num, IPPROTO_SCTP, SCTP_PEER_AUTH_CHUNKS, authchunks, &optlen);
OPENSSL_assert(ii >= 0);
for (p = (unsigned char*) authchunks->gauth_chunks;
p < (unsigned char*) authchunks + optlen;
p += sizeof(uint8_t))
{
if (*p == OPENSSL_SCTP_DATA_CHUNK_TYPE) auth_data = 1;
if (*p == OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE) auth_forward = 1;
}
if (ii >= 0)
for (p = (unsigned char*) authchunks->gauth_chunks;
p < (unsigned char*) authchunks + optlen;
p += sizeof(uint8_t))
{
if (*p == OPENSSL_SCTP_DATA_CHUNK_TYPE) auth_data = 1;
if (*p == OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE) auth_forward = 1;
}
OPENSSL_free(authchunks);
@ -1258,9 +1340,11 @@ static int dgram_sctp_write(BIO *b, const char *in, int inl)
if (data->save_shutdown && !BIO_dgram_sctp_wait_for_dry(b))
{
data->saved_message.bio = b;
data->saved_message.length = inl;
if (data->saved_message.data)
OPENSSL_free(data->saved_message.data);
data->saved_message.data = OPENSSL_malloc(inl);
memcpy(data->saved_message.data, in, inl);
data->saved_message.length = inl;
return inl;
}
@ -1367,6 +1451,10 @@ static long dgram_sctp_ctrl(BIO *b, int cmd, long num, void *ptr)
* Returns always 1.
*/
break;
case BIO_CTRL_DGRAM_GET_MTU_OVERHEAD:
/* We allow transport protocol fragmentation so this is irrelevant */
ret = 0;
break;
case BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE:
if (num > 0)
data->in_handshake = 1;

611
crypto/external/bsd/openssl/dist/crypto/bn/asm/mips.pl vendored
View File

@ -1872,6 +1872,41 @@ ___
($a_4,$a_5,$a_6,$a_7)=($b_0,$b_1,$b_2,$b_3);
sub add_c2 () {
my ($hi,$lo,$c0,$c1,$c2,
$warm, # !$warm denotes first call with specific sequence of
# $c_[XYZ] when there is no Z-carry to accumulate yet;
$an,$bn # these two are arguments for multiplication which
# result is used in *next* step [which is why it's
# commented as "forward multiplication" below];
)=@_;
$code.=<<___;
mflo $lo
mfhi $hi
$ADDU $c0,$lo
sltu $at,$c0,$lo
$MULTU $an,$bn # forward multiplication
$ADDU $c0,$lo
$ADDU $at,$hi
sltu $lo,$c0,$lo
$ADDU $c1,$at
$ADDU $hi,$lo
___
$code.=<<___ if (!$warm);
sltu $c2,$c1,$at
$ADDU $c1,$hi
sltu $hi,$c1,$hi
$ADDU $c2,$hi
___
$code.=<<___ if ($warm);
sltu $at,$c1,$at
$ADDU $c1,$hi
$ADDU $c2,$at
sltu $hi,$c1,$hi
$ADDU $c2,$hi
___
}
$code.=<<___;
.align 5
@ -1920,21 +1955,10 @@ $code.=<<___;
sltu $at,$c_2,$t_1
$ADDU $c_3,$t_2,$at
$ST $c_2,$BNSZ($a0)
mflo $t_1
mfhi $t_2
slt $c_2,$t_2,$zero
$SLL $t_2,1
$MULTU $a_1,$a_1 # mul_add_c(a[1],b[1],c3,c1,c2);
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_3,$t_1
sltu $at,$c_3,$t_1
$ADDU $t_2,$at
$ADDU $c_1,$t_2
sltu $at,$c_1,$t_2
$ADDU $c_2,$at
___
&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0,
$a_1,$a_1); # mul_add_c(a[1],b[1],c3,c1,c2);
$code.=<<___;
mflo $t_1
mfhi $t_2
$ADDU $c_3,$t_1
@ -1945,67 +1969,19 @@ $code.=<<___;
sltu $at,$c_1,$t_2
$ADDU $c_2,$at
$ST $c_3,2*$BNSZ($a0)
mflo $t_1
mfhi $t_2
slt $c_3,$t_2,$zero
$SLL $t_2,1
$MULTU $a_1,$a_2 # mul_add_c2(a[1],b[2],c1,c2,c3);
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_1,$t_1
sltu $at,$c_1,$t_1
$ADDU $t_2,$at
$ADDU $c_2,$t_2
sltu $at,$c_2,$t_2
$ADDU $c_3,$at
mflo $t_1
mfhi $t_2
slt $at,$t_2,$zero
$ADDU $c_3,$at
$MULTU $a_4,$a_0 # mul_add_c2(a[4],b[0],c2,c3,c1);
$SLL $t_2,1
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_1,$t_1
sltu $at,$c_1,$t_1
$ADDU $t_2,$at
$ADDU $c_2,$t_2
sltu $at,$c_2,$t_2
$ADDU $c_3,$at
___
&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0,
$a_1,$a_2); # mul_add_c2(a[1],b[2],c1,c2,c3);
&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1,
$a_4,$a_0); # mul_add_c2(a[4],b[0],c2,c3,c1);
$code.=<<___;
$ST $c_1,3*$BNSZ($a0)
mflo $t_1
mfhi $t_2
slt $c_1,$t_2,$zero
$SLL $t_2,1
$MULTU $a_3,$a_1 # mul_add_c2(a[3],b[1],c2,c3,c1);
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_2,$t_1
sltu $at,$c_2,$t_1
$ADDU $t_2,$at
$ADDU $c_3,$t_2
sltu $at,$c_3,$t_2
$ADDU $c_1,$at
mflo $t_1
mfhi $t_2
slt $at,$t_2,$zero
$ADDU $c_1,$at
$MULTU $a_2,$a_2 # mul_add_c(a[2],b[2],c2,c3,c1);
$SLL $t_2,1
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_2,$t_1
sltu $at,$c_2,$t_1
$ADDU $t_2,$at
$ADDU $c_3,$t_2
sltu $at,$c_3,$t_2
$ADDU $c_1,$at
___
&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0,
$a_3,$a_1); # mul_add_c2(a[3],b[1],c2,c3,c1);
&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1,
$a_2,$a_2); # mul_add_c(a[2],b[2],c2,c3,c1);
$code.=<<___;
mflo $t_1
mfhi $t_2
$ADDU $c_2,$t_1
@ -2016,97 +1992,23 @@ $code.=<<___;
sltu $at,$c_3,$t_2
$ADDU $c_1,$at
$ST $c_2,4*$BNSZ($a0)
mflo $t_1
mfhi $t_2
slt $c_2,$t_2,$zero
$SLL $t_2,1
$MULTU $a_1,$a_4 # mul_add_c2(a[1],b[4],c3,c1,c2);
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_3,$t_1
sltu $at,$c_3,$t_1
$ADDU $t_2,$at
$ADDU $c_1,$t_2
sltu $at,$c_1,$t_2
$ADDU $c_2,$at
mflo $t_1
mfhi $t_2
slt $at,$t_2,$zero
$ADDU $c_2,$at
$MULTU $a_2,$a_3 # mul_add_c2(a[2],b[3],c3,c1,c2);
$SLL $t_2,1
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_3,$t_1
sltu $at,$c_3,$t_1
$ADDU $t_2,$at
$ADDU $c_1,$t_2
sltu $at,$c_1,$t_2
$ADDU $c_2,$at
mflo $t_1
mfhi $t_2
slt $at,$t_2,$zero
$MULTU $a_6,$a_0 # mul_add_c2(a[6],b[0],c1,c2,c3);
$ADDU $c_2,$at
$SLL $t_2,1
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_3,$t_1
sltu $at,$c_3,$t_1
$ADDU $t_2,$at
$ADDU $c_1,$t_2
sltu $at,$c_1,$t_2
$ADDU $c_2,$at
___
&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0,
$a_1,$a_4); # mul_add_c2(a[1],b[4],c3,c1,c2);
&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1,
$a_2,$a_3); # mul_add_c2(a[2],b[3],c3,c1,c2);
&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1,
$a_6,$a_0); # mul_add_c2(a[6],b[0],c1,c2,c3);
$code.=<<___;
$ST $c_3,5*$BNSZ($a0)
mflo $t_1
mfhi $t_2
slt $c_3,$t_2,$zero
$SLL $t_2,1
$MULTU $a_5,$a_1 # mul_add_c2(a[5],b[1],c1,c2,c3);
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_1,$t_1
sltu $at,$c_1,$t_1
$ADDU $t_2,$at
$ADDU $c_2,$t_2
sltu $at,$c_2,$t_2
$ADDU $c_3,$at
mflo $t_1
mfhi $t_2
slt $at,$t_2,$zero
$ADDU $c_3,$at
$MULTU $a_4,$a_2 # mul_add_c2(a[4],b[2],c1,c2,c3);
$SLL $t_2,1
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_1,$t_1
sltu $at,$c_1,$t_1
$ADDU $t_2,$at
$ADDU $c_2,$t_2
sltu $at,$c_2,$t_2
$ADDU $c_3,$at
mflo $t_1
mfhi $t_2
slt $at,$t_2,$zero
$ADDU $c_3,$at
$MULTU $a_3,$a_3 # mul_add_c(a[3],b[3],c1,c2,c3);
$SLL $t_2,1
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_1,$t_1
sltu $at,$c_1,$t_1
$ADDU $t_2,$at
$ADDU $c_2,$t_2
sltu $at,$c_2,$t_2
$ADDU $c_3,$at
___
&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0,
$a_5,$a_1); # mul_add_c2(a[5],b[1],c1,c2,c3);
&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1,
$a_4,$a_2); # mul_add_c2(a[4],b[2],c1,c2,c3);
&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1,
$a_3,$a_3); # mul_add_c(a[3],b[3],c1,c2,c3);
$code.=<<___;
mflo $t_1
mfhi $t_2
$ADDU $c_1,$t_1
@ -2117,112 +2019,25 @@ $code.=<<___;
sltu $at,$c_2,$t_2
$ADDU $c_3,$at
$ST $c_1,6*$BNSZ($a0)
mflo $t_1
mfhi $t_2
slt $c_1,$t_2,$zero
$SLL $t_2,1
$MULTU $a_1,$a_6 # mul_add_c2(a[1],b[6],c2,c3,c1);
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_2,$t_1
sltu $at,$c_2,$t_1
$ADDU $t_2,$at
$ADDU $c_3,$t_2
sltu $at,$c_3,$t_2
$ADDU $c_1,$at
mflo $t_1
mfhi $t_2
slt $at,$t_2,$zero
$ADDU $c_1,$at
$MULTU $a_2,$a_5 # mul_add_c2(a[2],b[5],c2,c3,c1);
$SLL $t_2,1
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_2,$t_1
sltu $at,$c_2,$t_1
$ADDU $t_2,$at
$ADDU $c_3,$t_2
sltu $at,$c_3,$t_2
$ADDU $c_1,$at
mflo $t_1
mfhi $t_2
slt $at,$t_2,$zero
$ADDU $c_1,$at
$MULTU $a_3,$a_4 # mul_add_c2(a[3],b[4],c2,c3,c1);
$SLL $t_2,1
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_2,$t_1
sltu $at,$c_2,$t_1
$ADDU $t_2,$at
$ADDU $c_3,$t_2
sltu $at,$c_3,$t_2
$ADDU $c_1,$at
mflo $t_1
mfhi $t_2
slt $at,$t_2,$zero
$ADDU $c_1,$at
$MULTU $a_7,$a_1 # mul_add_c2(a[7],b[1],c3,c1,c2);
$SLL $t_2,1
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_2,$t_1
sltu $at,$c_2,$t_1
$ADDU $t_2,$at
$ADDU $c_3,$t_2
sltu $at,$c_3,$t_2
$ADDU $c_1,$at
___
&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0,
$a_1,$a_6); # mul_add_c2(a[1],b[6],c2,c3,c1);
&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1,
$a_2,$a_5); # mul_add_c2(a[2],b[5],c2,c3,c1);
&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1,
$a_3,$a_4); # mul_add_c2(a[3],b[4],c2,c3,c1);
&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1,
$a_7,$a_1); # mul_add_c2(a[7],b[1],c3,c1,c2);
$code.=<<___;
$ST $c_2,7*$BNSZ($a0)
mflo $t_1
mfhi $t_2
slt $c_2,$t_2,$zero
$SLL $t_2,1
$MULTU $a_6,$a_2 # mul_add_c2(a[6],b[2],c3,c1,c2);
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_3,$t_1
sltu $at,$c_3,$t_1
$ADDU $t_2,$at
$ADDU $c_1,$t_2
sltu $at,$c_1,$t_2
$ADDU $c_2,$at
mflo $t_1
mfhi $t_2
slt $at,$t_2,$zero
$ADDU $c_2,$at
$MULTU $a_5,$a_3 # mul_add_c2(a[5],b[3],c3,c1,c2);
$SLL $t_2,1
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_3,$t_1
sltu $at,$c_3,$t_1
$ADDU $t_2,$at
$ADDU $c_1,$t_2
sltu $at,$c_1,$t_2
$ADDU $c_2,$at
mflo $t_1
mfhi $t_2
slt $at,$t_2,$zero
$ADDU $c_2,$at
$MULTU $a_4,$a_4 # mul_add_c(a[4],b[4],c3,c1,c2);
$SLL $t_2,1
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_3,$t_1
sltu $at,$c_3,$t_1
$ADDU $t_2,$at
$ADDU $c_1,$t_2
sltu $at,$c_1,$t_2
$ADDU $c_2,$at
___
&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0,
$a_6,$a_2); # mul_add_c2(a[6],b[2],c3,c1,c2);
&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1,
$a_5,$a_3); # mul_add_c2(a[5],b[3],c3,c1,c2);
&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1,
$a_4,$a_4); # mul_add_c(a[4],b[4],c3,c1,c2);
$code.=<<___;
mflo $t_1
mfhi $t_2
$ADDU $c_3,$t_1
@ -2233,82 +2048,21 @@ $code.=<<___;
sltu $at,$c_1,$t_2
$ADDU $c_2,$at
$ST $c_3,8*$BNSZ($a0)
mflo $t_1
mfhi $t_2
slt $c_3,$t_2,$zero
$SLL $t_2,1
$MULTU $a_3,$a_6 # mul_add_c2(a[3],b[6],c1,c2,c3);
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_1,$t_1
sltu $at,$c_1,$t_1
$ADDU $t_2,$at
$ADDU $c_2,$t_2
sltu $at,$c_2,$t_2
$ADDU $c_3,$at
mflo $t_1
mfhi $t_2
slt $at,$t_2,$zero
$ADDU $c_3,$at
$MULTU $a_4,$a_5 # mul_add_c2(a[4],b[5],c1,c2,c3);
$SLL $t_2,1
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_1,$t_1
sltu $at,$c_1,$t_1
$ADDU $t_2,$at
$ADDU $c_2,$t_2
sltu $at,$c_2,$t_2
$ADDU $c_3,$at
mflo $t_1
mfhi $t_2
slt $at,$t_2,$zero
$ADDU $c_3,$at
$MULTU $a_7,$a_3 # mul_add_c2(a[7],b[3],c2,c3,c1);
$SLL $t_2,1
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_1,$t_1
sltu $at,$c_1,$t_1
$ADDU $t_2,$at
$ADDU $c_2,$t_2
sltu $at,$c_2,$t_2
$ADDU $c_3,$at
___
&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0,
$a_3,$a_6); # mul_add_c2(a[3],b[6],c1,c2,c3);
&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1,
$a_4,$a_5); # mul_add_c2(a[4],b[5],c1,c2,c3);
&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1,
$a_7,$a_3); # mul_add_c2(a[7],b[3],c2,c3,c1);
$code.=<<___;
$ST $c_1,9*$BNSZ($a0)
mflo $t_1
mfhi $t_2
slt $c_1,$t_2,$zero
$SLL $t_2,1
$MULTU $a_6,$a_4 # mul_add_c2(a[6],b[4],c2,c3,c1);
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_2,$t_1
sltu $at,$c_2,$t_1
$ADDU $t_2,$at
$ADDU $c_3,$t_2
sltu $at,$c_3,$t_2
$ADDU $c_1,$at
mflo $t_1
mfhi $t_2
slt $at,$t_2,$zero
$ADDU $c_1,$at
$MULTU $a_5,$a_5 # mul_add_c(a[5],b[5],c2,c3,c1);
$SLL $t_2,1
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_2,$t_1
sltu $at,$c_2,$t_1
$ADDU $t_2,$at
$ADDU $c_3,$t_2
sltu $at,$c_3,$t_2
$ADDU $c_1,$at
___
&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0,
$a_6,$a_4); # mul_add_c2(a[6],b[4],c2,c3,c1);
&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1,
$a_5,$a_5); # mul_add_c(a[5],b[5],c2,c3,c1);
$code.=<<___;
mflo $t_1
mfhi $t_2
$ADDU $c_2,$t_1
@ -2319,52 +2073,17 @@ $code.=<<___;
sltu $at,$c_3,$t_2
$ADDU $c_1,$at
$ST $c_2,10*$BNSZ($a0)
mflo $t_1
mfhi $t_2
slt $c_2,$t_2,$zero
$SLL $t_2,1
$MULTU $a_5,$a_6 # mul_add_c2(a[5],b[6],c3,c1,c2);
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_3,$t_1
sltu $at,$c_3,$t_1
$ADDU $t_2,$at
$ADDU $c_1,$t_2
sltu $at,$c_1,$t_2
$ADDU $c_2,$at
mflo $t_1
mfhi $t_2
slt $at,$t_2,$zero
$ADDU $c_2,$at
$MULTU $a_7,$a_5 # mul_add_c2(a[7],b[5],c1,c2,c3);
$SLL $t_2,1
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_3,$t_1
sltu $at,$c_3,$t_1
$ADDU $t_2,$at
$ADDU $c_1,$t_2
sltu $at,$c_1,$t_2
$ADDU $c_2,$at
___
&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0,
$a_5,$a_6); # mul_add_c2(a[5],b[6],c3,c1,c2);
&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1,
$a_7,$a_5); # mul_add_c2(a[7],b[5],c1,c2,c3);
$code.=<<___;
$ST $c_3,11*$BNSZ($a0)
mflo $t_1
mfhi $t_2
slt $c_3,$t_2,$zero
$SLL $t_2,1
$MULTU $a_6,$a_6 # mul_add_c(a[6],b[6],c1,c2,c3);
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_1,$t_1
sltu $at,$c_1,$t_1
$ADDU $t_2,$at
$ADDU $c_2,$t_2
sltu $at,$c_2,$t_2
$ADDU $c_3,$at
___
&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0,
$a_6,$a_6); # mul_add_c(a[6],b[6],c1,c2,c3);
$code.=<<___;
mflo $t_1
mfhi $t_2
$ADDU $c_1,$t_1
@ -2375,21 +2094,10 @@ $code.=<<___;
sltu $at,$c_2,$t_2
$ADDU $c_3,$at
$ST $c_1,12*$BNSZ($a0)
mflo $t_1
mfhi $t_2
slt $c_1,$t_2,$zero
$SLL $t_2,1
$MULTU $a_7,$a_7 # mul_add_c(a[7],b[7],c3,c1,c2);
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_2,$t_1
sltu $at,$c_2,$t_1
$ADDU $t_2,$at
$ADDU $c_3,$t_2
sltu $at,$c_3,$t_2
$ADDU $c_1,$at
___
&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0,
$a_7,$a_7); # mul_add_c(a[7],b[7],c3,c1,c2);
$code.=<<___;
$ST $c_2,13*$BNSZ($a0)
mflo $t_1
@ -2457,21 +2165,10 @@ $code.=<<___;
sltu $at,$c_2,$t_1
$ADDU $c_3,$t_2,$at
$ST $c_2,$BNSZ($a0)
mflo $t_1
mfhi $t_2
slt $c_2,$t_2,$zero
$SLL $t_2,1
$MULTU $a_1,$a_1 # mul_add_c(a[1],b[1],c3,c1,c2);
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_3,$t_1
sltu $at,$c_3,$t_1
$ADDU $t_2,$at
$ADDU $c_1,$t_2
sltu $at,$c_1,$t_2
$ADDU $c_2,$at
___
&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0,
$a_1,$a_1); # mul_add_c(a[1],b[1],c3,c1,c2);
$code.=<<___;
mflo $t_1
mfhi $t_2
$ADDU $c_3,$t_1
@ -2482,52 +2179,17 @@ $code.=<<___;
sltu $at,$c_1,$t_2
$ADDU $c_2,$at
$ST $c_3,2*$BNSZ($a0)
mflo $t_1
mfhi $t_2
slt $c_3,$t_2,$zero
$SLL $t_2,1
$MULTU $a_1,$a_2 # mul_add_c(a2[1],b[2],c1,c2,c3);
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_1,$t_1
sltu $at,$c_1,$t_1
$ADDU $t_2,$at
$ADDU $c_2,$t_2
sltu $at,$c_2,$t_2
$ADDU $c_3,$at
mflo $t_1
mfhi $t_2
slt $at,$t_2,$zero
$ADDU $c_3,$at
$MULTU $a_3,$a_1 # mul_add_c2(a[3],b[1],c2,c3,c1);
$SLL $t_2,1
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_1,$t_1
sltu $at,$c_1,$t_1
$ADDU $t_2,$at
$ADDU $c_2,$t_2
sltu $at,$c_2,$t_2
$ADDU $c_3,$at
___
&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0,
$a_1,$a_2); # mul_add_c2(a2[1],b[2],c1,c2,c3);
&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1,
$a_3,$a_1); # mul_add_c2(a[3],b[1],c2,c3,c1);
$code.=<<___;
$ST $c_1,3*$BNSZ($a0)
mflo $t_1
mfhi $t_2
slt $c_1,$t_2,$zero
$SLL $t_2,1
$MULTU $a_2,$a_2 # mul_add_c(a[2],b[2],c2,c3,c1);
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_2,$t_1
sltu $at,$c_2,$t_1
$ADDU $t_2,$at
$ADDU $c_3,$t_2
sltu $at,$c_3,$t_2
$ADDU $c_1,$at
___
&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0,
$a_2,$a_2); # mul_add_c(a[2],b[2],c2,c3,c1);
$code.=<<___;
mflo $t_1
mfhi $t_2
$ADDU $c_2,$t_1
@ -2538,21 +2200,10 @@ $code.=<<___;
sltu $at,$c_3,$t_2
$ADDU $c_1,$at
$ST $c_2,4*$BNSZ($a0)
mflo $t_1
mfhi $t_2
slt $c_2,$t_2,$zero
$SLL $t_2,1
$MULTU $a_3,$a_3 # mul_add_c(a[3],b[3],c1,c2,c3);
slt $a2,$t_1,$zero
$ADDU $t_2,$a2
$SLL $t_1,1
$ADDU $c_3,$t_1
sltu $at,$c_3,$t_1
$ADDU $t_2,$at
$ADDU $c_1,$t_2
sltu $at,$c_1,$t_2
$ADDU $c_2,$at
___
&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0,
$a_3,$a_3); # mul_add_c(a[3],b[3],c1,c2,c3);
$code.=<<___;
$ST $c_3,5*$BNSZ($a0)
mflo $t_1

16
crypto/external/bsd/openssl/dist/crypto/bn/bn_asm.c vendored
View File

@ -438,6 +438,10 @@ BN_ULONG bn_sub_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n)
/* sqr_add_c(a,i,c0,c1,c2) -- c+=a[i]^2 for three word number c=(c2,c1,c0) */
/* sqr_add_c2(a,i,c0,c1,c2) -- c+=2*a[i]*a[j] for three word number c=(c2,c1,c0) */
/*
* Keep in mind that carrying into high part of multiplication result
* can not overflow, because it cannot be all-ones.
*/
#ifdef BN_LLONG
#define mul_add_c(a,b,c0,c1,c2) \
t=(BN_ULLONG)a*b; \
@ -478,10 +482,10 @@ BN_ULONG bn_sub_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n)
#define mul_add_c2(a,b,c0,c1,c2) { \
BN_ULONG ta=(a),tb=(b),t0; \
BN_UMULT_LOHI(t0,t1,ta,tb); \
t2 = t1+t1; c2 += (t2<t1)?1:0; \
t1 = t0+t0; t2 += (t1<t0)?1:0; \
c0 += t1; t2 += (c0<t1)?1:0; \
c0 += t0; t2 = t1+((c0<t0)?1:0);\
c1 += t2; c2 += (c1<t2)?1:0; \
c0 += t0; t1 += (c0<t0)?1:0; \
c1 += t1; c2 += (c1<t1)?1:0; \
}
#define sqr_add_c(a,i,c0,c1,c2) { \
@ -508,10 +512,10 @@ BN_ULONG bn_sub_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n)
BN_ULONG ta=(a),tb=(b),t0; \
t1 = BN_UMULT_HIGH(ta,tb); \
t0 = ta * tb; \
t2 = t1+t1; c2 += (t2<t1)?1:0; \
t1 = t0+t0; t2 += (t1<t0)?1:0; \
c0 += t1; t2 += (c0<t1)?1:0; \
c0 += t0; t2 = t1+((c0<t0)?1:0);\
c1 += t2; c2 += (c1<t2)?1:0; \
c0 += t0; t1 += (c0<t0)?1:0; \
c1 += t1; c2 += (c1<t1)?1:0; \
}
#define sqr_add_c(a,i,c0,c1,c2) { \

2
crypto/external/bsd/openssl/dist/crypto/bn/bn_ctx.c vendored
View File

@ -158,7 +158,7 @@ static void ctxdbg(BN_CTX *ctx)
unsigned int bnidx = 0, fpidx = 0;
BN_POOL_ITEM *item = ctx->pool.head;
BN_STACK *stack = &ctx->stack;
fprintf(stderr,"(%08x): ", (unsigned int)ctx);
fprintf(stderr,"(%16p): ", ctx);
while(bnidx < ctx->used)
{
fprintf(stderr,"%03x ", item->vals[bnidx++ % BN_CTX_POOL_SIZE].dmax);

8
crypto/external/bsd/openssl/dist/crypto/bn/bn_div.c vendored
View File

@ -189,15 +189,17 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
int no_branch=0;
/* Invalid zero-padding would have particularly bad consequences
* in the case of 'num', so don't just rely on bn_check_top() for this one
* so don't just rely on bn_check_top() here
* (bn_check_top() works only for BN_DEBUG builds) */
if (num->top > 0 && num->d[num->top - 1] == 0)
if ((num->top > 0 && num->d[num->top - 1] == 0) ||
(divisor->top > 0 && divisor->d[divisor->top - 1] == 0))
{
BNerr(BN_F_BN_DIV,BN_R_NOT_INITIALIZED);
return 0;
}
bn_check_top(num);
bn_check_top(divisor);
if ((BN_get_flags(num, BN_FLG_CONSTTIME) != 0) || (BN_get_flags(divisor, BN_FLG_CONSTTIME) != 0))
{
@ -207,7 +209,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
bn_check_top(dv);
bn_check_top(rm);
/* bn_check_top(num); */ /* 'num' has been checked already */
bn_check_top(divisor);
/* bn_check_top(divisor); */ /* 'divisor' has been checked already */
if (BN_is_zero(divisor))
{

16
crypto/external/bsd/openssl/dist/crypto/constant_time_locl.h vendored
View File

@ -129,17 +129,12 @@ static inline int constant_time_select_int(unsigned int mask, int a, int b);
static inline unsigned int constant_time_msb(unsigned int a)
{
return (unsigned int)((int)(a) >> (sizeof(int) * 8 - 1));
return 0-(a >> (sizeof(a) * 8 - 1));
}
static inline unsigned int constant_time_lt(unsigned int a, unsigned int b)
{
unsigned int lt;
/* Case 1: msb(a) == msb(b). a < b iff the MSB of a - b is set.*/
lt = ~(a ^ b) & (a - b);
/* Case 2: msb(a) != msb(b). a < b iff the MSB of b is set. */
lt |= ~a & b;
return constant_time_msb(lt);
return constant_time_msb(a^((a^b)|((a-b)^b)));
}
static inline unsigned char constant_time_lt_8(unsigned int a, unsigned int b)
@ -149,12 +144,7 @@ static inline unsigned char constant_time_lt_8(unsigned int a, unsigned int b)
static inline unsigned int constant_time_ge(unsigned int a, unsigned int b)
{
unsigned int ge;
/* Case 1: msb(a) == msb(b). a >= b iff the MSB of a - b is not set.*/
ge = ~((a ^ b) | (a - b));
/* Case 2: msb(a) != msb(b). a >= b iff the MSB of a is set. */
ge |= a & ~b;
return constant_time_msb(ge);
return ~constant_time_lt(a, b);
}
static inline unsigned char constant_time_ge_8(unsigned int a, unsigned int b)

330
crypto/external/bsd/openssl/dist/crypto/constant_time_test.c vendored Normal file
View File

@ -0,0 +1,330 @@
/* crypto/constant_time_test.c */
/*
* Utilities for constant-time cryptography.
*
* Author: Emilia Kasper (emilia@openssl.org)
* Based on previous work by Bodo Moeller, Emilia Kasper, Adam Langley
* (Google).
* ====================================================================
* Copyright (c) 2014 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include "../crypto/constant_time_locl.h"
#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
static const unsigned int CONSTTIME_TRUE = (unsigned)(~0);
static const unsigned int CONSTTIME_FALSE = 0;
static const unsigned char CONSTTIME_TRUE_8 = 0xff;
static const unsigned char CONSTTIME_FALSE_8 = 0;
static int test_binary_op(unsigned int (*op)(unsigned int a, unsigned int b),
const char* op_name, unsigned int a, unsigned int b, int is_true)
{
unsigned c = op(a, b);
if (is_true && c != CONSTTIME_TRUE)
{
fprintf(stderr, "Test failed for %s(%du, %du): expected %du "
"(TRUE), got %du\n", op_name, a, b, CONSTTIME_TRUE, c);
return 1;
}
else if (!is_true && c != CONSTTIME_FALSE)
{
fprintf(stderr, "Test failed for %s(%du, %du): expected %du "
"(FALSE), got %du\n", op_name, a, b, CONSTTIME_FALSE,
c);
return 1;
}
return 0;
}
static int test_binary_op_8(unsigned char (*op)(unsigned int a, unsigned int b),
const char* op_name, unsigned int a, unsigned int b, int is_true)
{
unsigned char c = op(a, b);
if (is_true && c != CONSTTIME_TRUE_8)
{
fprintf(stderr, "Test failed for %s(%du, %du): expected %u "
"(TRUE), got %u\n", op_name, a, b, CONSTTIME_TRUE_8, c);
return 1;
}
else if (!is_true && c != CONSTTIME_FALSE_8)
{
fprintf(stderr, "Test failed for %s(%du, %du): expected %u "
"(FALSE), got %u\n", op_name, a, b, CONSTTIME_FALSE_8,
c);
return 1;
}
return 0;
}
static int test_is_zero(unsigned int a)
{
unsigned int c = constant_time_is_zero(a);
if (a == 0 && c != CONSTTIME_TRUE)
{
fprintf(stderr, "Test failed for constant_time_is_zero(%du): "
"expected %du (TRUE), got %du\n", a, CONSTTIME_TRUE, c);
return 1;
}
else if (a != 0 && c != CONSTTIME_FALSE)
{
fprintf(stderr, "Test failed for constant_time_is_zero(%du): "
"expected %du (FALSE), got %du\n", a, CONSTTIME_FALSE,
c);
return 1;
}
return 0;
}
static int test_is_zero_8(unsigned int a)
{
unsigned char c = constant_time_is_zero_8(a);
if (a == 0 && c != CONSTTIME_TRUE_8)
{
fprintf(stderr, "Test failed for constant_time_is_zero(%du): "
"expected %u (TRUE), got %u\n", a, CONSTTIME_TRUE_8, c);
return 1;
}
else if (a != 0 && c != CONSTTIME_FALSE)
{
fprintf(stderr, "Test failed for constant_time_is_zero(%du): "
"expected %u (FALSE), got %u\n", a, CONSTTIME_FALSE_8,
c);
return 1;
}
return 0;
}
static int test_select(unsigned int a, unsigned int b)
{
unsigned int selected = constant_time_select(CONSTTIME_TRUE, a, b);
if (selected != a)
{
fprintf(stderr, "Test failed for constant_time_select(%du, %du,"
"%du): expected %du(first value), got %du\n",
CONSTTIME_TRUE, a, b, a, selected);
return 1;
}
selected = constant_time_select(CONSTTIME_FALSE, a, b);
if (selected != b)
{
fprintf(stderr, "Test failed for constant_time_select(%du, %du,"
"%du): expected %du(second value), got %du\n",
CONSTTIME_FALSE, a, b, b, selected);
return 1;
}
return 0;
}
static int test_select_8(unsigned char a, unsigned char b)
{
unsigned char selected = constant_time_select_8(CONSTTIME_TRUE_8, a, b);
if (selected != a)
{
fprintf(stderr, "Test failed for constant_time_select(%u, %u,"
"%u): expected %u(first value), got %u\n",
CONSTTIME_TRUE, a, b, a, selected);
return 1;
}
selected = constant_time_select_8(CONSTTIME_FALSE_8, a, b);
if (selected != b)
{
fprintf(stderr, "Test failed for constant_time_select(%u, %u,"
"%u): expected %u(second value), got %u\n",
CONSTTIME_FALSE, a, b, b, selected);
return 1;
}
return 0;
}
static int test_select_int(int a, int b)
{
int selected = constant_time_select_int(CONSTTIME_TRUE, a, b);
if (selected != a)
{
fprintf(stderr, "Test failed for constant_time_select(%du, %d,"
"%d): expected %d(first value), got %d\n",
CONSTTIME_TRUE, a, b, a, selected);
return 1;
}
selected = constant_time_select_int(CONSTTIME_FALSE, a, b);
if (selected != b)
{
fprintf(stderr, "Test failed for constant_time_select(%du, %d,"
"%d): expected %d(second value), got %d\n",
CONSTTIME_FALSE, a, b, b, selected);
return 1;
}
return 0;
}
static int test_eq_int(int a, int b)
{
unsigned int equal = constant_time_eq_int(a, b);
if (a == b && equal != CONSTTIME_TRUE)
{
fprintf(stderr, "Test failed for constant_time_eq_int(%d, %d): "
"expected %du(TRUE), got %du\n",
a, b, CONSTTIME_TRUE, equal);
return 1;
}
else if (a != b && equal != CONSTTIME_FALSE)
{
fprintf(stderr, "Test failed for constant_time_eq_int(%d, %d): "
"expected %du(FALSE), got %du\n",
a, b, CONSTTIME_FALSE, equal);
return 1;
}
return 0;
}
static int test_eq_int_8(int a, int b)
{
unsigned char equal = constant_time_eq_int_8(a, b);
if (a == b && equal != CONSTTIME_TRUE_8)
{
fprintf(stderr, "Test failed for constant_time_eq_int_8(%d, %d): "
"expected %u(TRUE), got %u\n",
a, b, CONSTTIME_TRUE_8, equal);
return 1;
}
else if (a != b && equal != CONSTTIME_FALSE_8)
{
fprintf(stderr, "Test failed for constant_time_eq_int_8(%d, %d): "
"expected %u(FALSE), got %u\n",
a, b, CONSTTIME_FALSE_8, equal);
return 1;
}
return 0;
}
static unsigned int test_values[] = {0, 1, 1024, 12345, 32000, UINT_MAX/2-1,
UINT_MAX/2, UINT_MAX/2+1, UINT_MAX-1,
UINT_MAX};
static unsigned char test_values_8[] = {0, 1, 2, 20, 32, 127, 128, 129, 255};
static int signed_test_values[] = {0, 1, -1, 1024, -1024, 12345, -12345,
32000, -32000, INT_MAX, INT_MIN, INT_MAX-1,
INT_MIN+1};
int main(int argc, char *argv[])
{
unsigned int a, b, i, j;
int c, d;
unsigned char e, f;
int num_failed = 0, num_all = 0;
fprintf(stdout, "Testing constant time operations...\n");
for (i = 0; i < sizeof(test_values)/sizeof(int); ++i)
{
a = test_values[i];
num_failed += test_is_zero(a);
num_failed += test_is_zero_8(a);
num_all += 2;
for (j = 0; j < sizeof(test_values)/sizeof(int); ++j)
{
b = test_values[j];
num_failed += test_binary_op(&constant_time_lt,
"constant_time_lt", a, b, a < b);
num_failed += test_binary_op_8(&constant_time_lt_8,
"constant_time_lt_8", a, b, a < b);
num_failed += test_binary_op(&constant_time_lt,
"constant_time_lt_8", b, a, b < a);
num_failed += test_binary_op_8(&constant_time_lt_8,
"constant_time_lt_8", b, a, b < a);
num_failed += test_binary_op(&constant_time_ge,
"constant_time_ge", a, b, a >= b);
num_failed += test_binary_op_8(&constant_time_ge_8,
"constant_time_ge_8", a, b, a >= b);
num_failed += test_binary_op(&constant_time_ge,
"constant_time_ge", b, a, b >= a);
num_failed += test_binary_op_8(&constant_time_ge_8,
"constant_time_ge_8", b, a, b >= a);
num_failed += test_binary_op(&constant_time_eq,
"constant_time_eq", a, b, a == b);
num_failed += test_binary_op_8(&constant_time_eq_8,
"constant_time_eq_8", a, b, a == b);
num_failed += test_binary_op(&constant_time_eq,
"constant_time_eq", b, a, b == a);
num_failed += test_binary_op_8(&constant_time_eq_8,
"constant_time_eq_8", b, a, b == a);
num_failed += test_select(a, b);
num_all += 13;
}
}
for (i = 0; i < sizeof(signed_test_values)/sizeof(int); ++i)
{
c = signed_test_values[i];
for (j = 0; j < sizeof(signed_test_values)/sizeof(int); ++j)
{
d = signed_test_values[j];
num_failed += test_select_int(c, d);
num_failed += test_eq_int(c, d);
num_failed += test_eq_int_8(c, d);
num_all += 3;
}
}
for (i = 0; i < sizeof(test_values_8); ++i)
{
e = test_values_8[i];
for (j = 0; j < sizeof(test_values_8); ++j)
{
f = test_values_8[j];
num_failed += test_select_8(e, f);
num_all += 1;
}
}
if (!num_failed)
{
fprintf(stdout, "ok (ran %d tests)\n", num_all);
return EXIT_SUCCESS;
}
else
{
fprintf(stdout, "%d of %d tests failed!\n", num_failed, num_all);
return EXIT_FAILURE;
}
}

15
crypto/external/bsd/openssl/dist/crypto/cversion.c vendored
View File

@ -69,10 +69,7 @@ const char *SSLeay_version(int t)
if (t == SSLEAY_BUILT_ON)
{
#ifdef DATE
static char buf[sizeof(DATE)+11];
BIO_snprintf(buf,sizeof buf,"built on: %s",DATE);
return(buf);
return(DATE);
#else
return("built on: date not available");
#endif
@ -80,10 +77,7 @@ const char *SSLeay_version(int t)
if (t == SSLEAY_CFLAGS)
{
#ifdef CFLAGS
static char buf[sizeof(CFLAGS)+11];
BIO_snprintf(buf,sizeof buf,"compiler: %s",CFLAGS);
return(buf);
return(cflags);
#else
return("compiler: information not available");
#endif
@ -91,10 +85,7 @@ const char *SSLeay_version(int t)
if (t == SSLEAY_PLATFORM)
{
#ifdef PLATFORM
static char buf[sizeof(PLATFORM)+11];
BIO_snprintf(buf,sizeof buf,"platform: %s", PLATFORM);
return(buf);
return(PLATFORM);
#else
return("platform: information not available");
#endif

14
crypto/external/bsd/openssl/dist/crypto/dsa/dsa_asn1.c vendored
View File

@ -176,13 +176,25 @@ int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
const unsigned char *sigbuf, int siglen, DSA *dsa)
{
DSA_SIG *s;
const unsigned char *p = sigbuf;
unsigned char *der = NULL;
int derlen = -1;
int ret=-1;
s = DSA_SIG_new();
if (s == NULL) return(ret);
if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err;
if (d2i_DSA_SIG(&s,&p,siglen) == NULL) goto err;
/* Ensure signature uses DER and doesn't have trailing garbage */
derlen = i2d_DSA_SIG(s, &der);
if (derlen != siglen || memcmp(sigbuf, der, derlen))
goto err;
ret=DSA_do_verify(dgst,dgst_len,s,dsa);
err:
if (derlen > 0)
{
OPENSSL_cleanse(der, derlen);
OPENSSL_free(der);
}
DSA_SIG_free(s);
return(ret);
}

2
crypto/external/bsd/openssl/dist/crypto/ec/ec_lib.c vendored
View File

@ -68,7 +68,7 @@
#include "ec_lcl.h"
static const char EC_version[] = "EC" OPENSSL_VERSION_PTEXT;
const char EC_version[] = "EC" OPENSSL_VERSION_PTEXT;
/* functions for EC_GROUP objects */

7
crypto/external/bsd/openssl/dist/crypto/ec/ec_mult.c vendored
View File

@ -445,15 +445,16 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
wNAF_len = OPENSSL_malloc(totalnum * sizeof wNAF_len[0]);
wNAF = OPENSSL_malloc((totalnum + 1) * sizeof wNAF[0]); /* includes space for pivot */
val_sub = OPENSSL_malloc(totalnum * sizeof val_sub[0]);
/* Ensure wNAF is initialised in case we end up going to err */
if (wNAF) wNAF[0] = NULL; /* preliminary pivot */
if (!wsize || !wNAF_len || !wNAF || !val_sub)
{
ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
goto err;
}
wNAF[0] = NULL; /* preliminary pivot */
/* num_val will be the total number of temporarily precomputed points */
num_val = 0;

6
crypto/external/bsd/openssl/dist/crypto/ec/ec_pmeth.c vendored
View File

@ -167,6 +167,7 @@ static int pkey_ec_verify(EVP_PKEY_CTX *ctx,
return ret;
}
#ifndef OPENSSL_NO_ECDH
static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
{
int ret;
@ -200,6 +201,7 @@ static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
*keylen = ret;
return 1;
}
#endif
static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
{
@ -333,7 +335,11 @@ const EVP_PKEY_METHOD ec_pkey_meth =
0,0,
0,
#ifndef OPENSSL_NO_ECDH
pkey_ec_derive,
#else
0,
#endif
pkey_ec_ctrl,
pkey_ec_ctrl_str

1
crypto/external/bsd/openssl/dist/crypto/ec/ecp_nistp256.c vendored
View File

@ -113,7 +113,6 @@ typedef u64 smallfelem[NLIMBS];
/* This is the value of the prime as four 64-bit words, little-endian. */
static const u64 kPrime[4] = { 0xfffffffffffffffful, 0xffffffff, 0, 0xffffffff00000001ul };
static const limb bottom32bits = 0xffffffff;
static const u64 bottom63bits = 0x7ffffffffffffffful;
/* bin32_to_felem takes a little-endian byte array and converts it into felem

13
crypto/external/bsd/openssl/dist/crypto/ecdsa/Makefile vendored
View File

@ -126,15 +126,16 @@ ecs_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
ecs_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
ecs_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
ecs_sign.o: ecs_locl.h ecs_sign.c
ecs_vrf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ecs_vrf.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
ecs_vrf.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
ecs_vrf.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
ecs_vrf.o: ../../include/openssl/engine.h ../../include/openssl/evp.h
ecs_vrf.o: ../../e_os.h ../../include/openssl/asn1.h
ecs_vrf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
ecs_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
ecs_vrf.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
ecs_vrf.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
ecs_vrf.o: ../../include/openssl/err.h ../../include/openssl/evp.h
ecs_vrf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
ecs_vrf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
ecs_vrf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ecs_vrf.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
ecs_vrf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
ecs_vrf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
ecs_vrf.o: ../../include/openssl/x509_vfy.h ecs_locl.h ecs_vrf.c
ecs_vrf.o: ../../include/openssl/x509_vfy.h ../cryptlib.h ecs_locl.h ecs_vrf.c

15
crypto/external/bsd/openssl/dist/crypto/ecdsa/ecs_vrf.c vendored
View File

@ -57,6 +57,7 @@
*/
#include "ecs_locl.h"
#include "cryptlib.h"
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
@ -84,13 +85,25 @@ int ECDSA_verify(int type, const unsigned char *dgst, int dgst_len,
const unsigned char *sigbuf, int sig_len, EC_KEY *eckey)
{
ECDSA_SIG *s;
const unsigned char *p = sigbuf;
unsigned char *der = NULL;
int derlen = -1;
int ret=-1;
s = ECDSA_SIG_new();
if (s == NULL) return(ret);
if (d2i_ECDSA_SIG(&s, &sigbuf, sig_len) == NULL) goto err;
if (d2i_ECDSA_SIG(&s, &p, sig_len) == NULL) goto err;
/* Ensure signature uses DER and doesn't have trailing garbage */
derlen = i2d_ECDSA_SIG(s, &der);
if (derlen != sig_len || memcmp(sigbuf, der, derlen))
goto err;
ret=ECDSA_do_verify(dgst, dgst_len, s, eckey);
err:
if (derlen > 0)
{
OPENSSL_cleanse(der, derlen);
OPENSSL_free(der);
}
ECDSA_SIG_free(s);
return(ret);
}

3
crypto/external/bsd/openssl/dist/crypto/engine/eng_dyn.c vendored
View File

@ -114,9 +114,6 @@ static const ENGINE_CMD_DEFN dynamic_cmd_defns[] = {
ENGINE_CMD_FLAG_NO_INPUT},
{0, NULL, NULL, 0}
};
static const ENGINE_CMD_DEFN dynamic_cmd_defns_empty[] = {
{0, NULL, NULL, 0}
};
/* Loading code stores state inside the ENGINE structure via the "ex_data"
* element. We load all our state into a single structure and use that as a

22
crypto/external/bsd/openssl/dist/crypto/evp/e_des3.c vendored
View File

@ -124,12 +124,11 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
#ifdef KSSL_DEBUG
{
int i;
char *cp;
printf("des_ede_cbc_cipher(ctx=%lx, buflen=%d)\n", ctx, ctx->buf_len);
printf("\t iv= ");
fprintf(stderr,"des_ede_cbc_cipher(ctx=%p, buflen=%d)\n", ctx, ctx->buf_len);
fprintf(stderr,"\t iv= ");
for(i=0;i<8;i++)
printf("%02X",ctx->iv[i]);
printf("\n");
fprintf(stderr,"%02X",ctx->iv[i]);
fprintf(stderr,"\n");
}
#endif /* KSSL_DEBUG */
while (inl>=EVP_MAXCHUNK)
@ -260,11 +259,14 @@ static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
#ifdef KSSL_DEBUG
{
int i;
printf("des_ede3_init_key(ctx=%lx)\n", ctx);
printf("\tKEY= ");
for(i=0;i<24;i++) printf("%02X",key[i]); printf("\n");
printf("\t IV= ");
for(i=0;i<8;i++) printf("%02X",iv[i]); printf("\n");
fprintf(stderr,"des_ede3_init_key(ctx=%p)\n", ctx);
fprintf(stderr,"\tKEY= ");
for(i=0;i<24;i++) fprintf(stderr,"%02X",key[i]); fprintf(stderr,"\n");
if (iv)
{
fprintf(stderr,"\t IV= ");
for(i=0;i<8;i++) fprintf(stderr,"%02X",iv[i]); fprintf(stderr,"\n");
}
}
#endif /* KSSL_DEBUG */

3
crypto/external/bsd/openssl/dist/crypto/objects/obj_xref.h vendored
View File

@ -43,9 +43,6 @@ static const nid_triple sigoid_srt[] =
static const nid_triple * const sigoid_srt_xref[] =
{
&sigoid_srt[29],
&sigoid_srt[17],
&sigoid_srt[18],
&sigoid_srt[0],
&sigoid_srt[1],
&sigoid_srt[7],

5
crypto/external/bsd/openssl/dist/crypto/objects/objxref.pl vendored
View File

@ -90,7 +90,10 @@ EOF
foreach (@srt2)
{
my $x = $xref_tbl{$_}[2];
my ($p1, $p2, $x) = @{$xref_tbl{$_}};
# If digest or signature algorithm is "undef" then the algorithm
# needs special handling and is excluded from the cross reference table.
next if $p1 eq "undef" || $p2 eq "undef";
print "\t\&sigoid_srt\[$x\],\n";
}

2
crypto/external/bsd/openssl/dist/crypto/sha/asm/sha1-mips.pl vendored
View File

@ -64,7 +64,7 @@ if ($flavour =~ /64|n32/i) {
#
######################################################################
$big_endian=(`echo MIPSEL | $ENV{CC} -E -P -`=~/MIPSEL/)?1:0;
$big_endian=(`echo MIPSEL | $ENV{CC} -E -`=~/MIPSEL/)?1:0 if ($ENV{CC});
for (@ARGV) { $output=$_ if (/^\w[\w\-]*\.\w+$/); }
open STDOUT,">$output";

2
crypto/external/bsd/openssl/dist/crypto/sha/asm/sha512-mips.pl vendored
View File

@ -68,7 +68,7 @@ $pf = ($flavour =~ /nubi/i) ? $t0 : $t2;
#
######################################################################
$big_endian=(`echo MIPSEL | $ENV{CC} -E -P -`=~/MIPSEL/)?1:0;
$big_endian=(`echo MIPSEL | $ENV{CC} -E -`=~/MIPSEL/)?1:0 if ($ENV{CC});
for (@ARGV) { $output=$_ if (/^\w[\w\-]*\.\w+$/); }
open STDOUT,">$output";

2
crypto/external/bsd/openssl/dist/crypto/ts/ts_rsp_sign.c vendored
View File

@ -977,7 +977,7 @@ TS_RESP_set_genTime_with_precision(ASN1_GENERALIZEDTIME *asn1_time,
if (precision > 0)
{
/* Add fraction of seconds (leave space for dot and null). */
BIO_snprintf(p, 2 + precision, ".%ld", usec);
BIO_snprintf(p, 2 + precision, ".%06ld", usec);
/* We cannot use the snprintf return value,
because it might have been truncated. */
p += strlen(p);

1
crypto/external/bsd/openssl/dist/crypto/x509/x509.h vendored
View File

@ -768,6 +768,7 @@ int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval);
void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
X509_ALGOR *algor);
void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);
X509_NAME *X509_NAME_dup(X509_NAME *xn);
X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);

2
crypto/external/bsd/openssl/dist/crypto/x509/x509_vpm.c vendored
View File

@ -89,6 +89,8 @@ X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void)
{
X509_VERIFY_PARAM *param;
param = OPENSSL_malloc(sizeof(X509_VERIFY_PARAM));
if (!param)
return NULL;
memset(param, 0, sizeof(X509_VERIFY_PARAM));
x509_verify_param_zero(param);
return param;

2
crypto/external/bsd/openssl/dist/crypto/x509/x_all.c vendored
View File

@ -72,6 +72,8 @@
int X509_verify(X509 *a, EVP_PKEY *r)
{
if (X509_ALGOR_cmp(a->sig_alg, a->cert_info->signature))
return 0;
return(ASN1_item_verify(ASN1_ITEM_rptr(X509_CINF),a->sig_alg,
a->signature,a->cert_info,r));
}

75
crypto/external/bsd/openssl/dist/doc/HOWTO/certificates.txt vendored
View File

@ -3,22 +3,22 @@
1. Introduction
How you handle certificates depend a great deal on what your role is.
How you handle certificates depends a great deal on what your role is.
Your role can be one or several of:
- User of some client software
- User of some server software
- User of some client application
- User of some server application
- Certificate authority
This file is for users who wish to get a certificate of their own.
Certificate authorities should read ca.txt.
Certificate authorities should read https://www.openssl.org/docs/apps/ca.html.
In all the cases shown below, the standard configuration file, as
compiled into openssl, will be used. You may find it in /etc/,
/usr/local/ssl/ or somewhere else. The name is openssl.cnf, and
is better described in another HOWTO <config.txt?>. If you want to
use a different configuration file, use the argument '-config {file}'
with the command shown below.
/usr/local/ssl/ or somewhere else. By default the file is named
openssl.cnf and is described at https://www.openssl.org/docs/apps/config.html.
You can specify a different configuration file using the
'-config {file}' argument with the commands shown below.
2. Relationship with keys
@ -29,24 +29,26 @@ somewhere. With OpenSSL, public keys are easily derived from private
keys, so before you create a certificate or a certificate request, you
need to create a private key.
Private keys are generated with 'openssl genrsa' if you want a RSA
private key, or 'openssl gendsa' if you want a DSA private key.
Further information on how to create private keys can be found in
another HOWTO <keys.txt?>. The rest of this text assumes you have
a private key in the file privkey.pem.
Private keys are generated with 'openssl genrsa -out privkey.pem' if
you want a RSA private key, or if you want a DSA private key:
'openssl dsaparam -out dsaparam.pem 2048; openssl gendsa -out privkey.pem dsaparam.pem'.
The private keys created by these commands are not passphrase protected;
it might or might not be the desirable thing. Further information on how to
create private keys can be found at https://www.openssl.org/docs/HOWTO/keys.txt.
The rest of this text assumes you have a private key in the file privkey.pem.
3. Creating a certificate request
To create a certificate, you need to start with a certificate
request (or, as some certificate authorities like to put
it, "certificate signing request", since that's exactly what they do,
they sign it and give you the result back, thus making it authentic
according to their policies). A certificate request can then be sent
to a certificate authority to get it signed into a certificate, or if
you have your own certificate authority, you may sign it yourself, or
if you need a self-signed certificate (because you just want a test
certificate or because you are setting up your own CA).
To create a certificate, you need to start with a certificate request
(or, as some certificate authorities like to put it, "certificate
signing request", since that's exactly what they do, they sign it and
give you the result back, thus making it authentic according to their
policies). A certificate request is sent to a certificate authority
to get it signed into a certificate. You can also sign the certificate
yourself if you have your own certificate authority or create a
self-signed certificate (typically for testing purpose).
The certificate request is created like this:
@ -55,12 +57,14 @@ The certificate request is created like this:
Now, cert.csr can be sent to the certificate authority, if they can
handle files in PEM format. If not, use the extra argument '-outform'
followed by the keyword for the format to use (see another HOWTO
<formats.txt?>). In some cases, that isn't sufficient and you will
have to be more creative.
<formats.txt?>). In some cases, -outform does not let you output the
certificate request in the right format and you will have to use one
of the various other commands that are exposed by openssl (or get
creative and use a combination of tools).
When the certificate authority has then done the checks the need to
do (and probably gotten payment from you), they will hand over your
new certificate to you.
The certificate authority performs various checks (according to their
policies) and usually waits for payment from you. Once that is
complete, they send you your new certificate.
Section 5 will tell you more on how to handle the certificate you
received.
@ -68,11 +72,12 @@ received.
4. Creating a self-signed test certificate
If you don't want to deal with another certificate authority, or just
want to create a test certificate for yourself. This is similar to
creating a certificate request, but creates a certificate instead of
a certificate request. This is NOT the recommended way to create a
CA certificate, see ca.txt.
You can create a self-signed certificate if you don't want to deal
with a certificate authority, or if you just want to create a test
certificate for yourself. This is similar to creating a certificate
request, but creates a certificate instead of a certificate request.
This is NOT the recommended way to create a CA certificate, see
https://www.openssl.org/docs/apps/ca.html.
openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095
@ -93,13 +98,13 @@ certificate and your key to various formats, most often also putting
them together into one file. The ways to do this is described in
another HOWTO <formats.txt?>, I will just mention the simplest case.
In the case of a raw DER thing in PEM format, and assuming that's all
right for yor applications, simply concatenating the certificate and
right for your applications, simply concatenating the certificate and
the key into a new file and using that one should be enough. With
some applications, you don't even have to do that.
By now, you have your cetificate and your private key and can start
using the software that depend on it.
By now, you have your certificate and your private key and can start
using applications that depend on it.
--
Richard Levitte

206
crypto/external/bsd/openssl/dist/doc/HOWTO/proxy_certificates.txt vendored
View File

@ -1,74 +1,69 @@
<DRAFT!>
HOWTO proxy certificates
0. WARNING
NONE OF THE CODE PRESENTED HERE HAVE BEEN CHECKED! They are just an
example to show you how things can be done. There may be typos or
type conflicts, and you will have to resolve them.
NONE OF THE CODE PRESENTED HERE HAS BEEN CHECKED! The code is just examples to
show you how things could be done. There might be typos or type conflicts, and
you will have to resolve them.
1. Introduction
Proxy certificates are defined in RFC 3820. They are really usual
certificates with the mandatory extension proxyCertInfo.
Proxy certificates are defined in RFC 3820. They are really usual certificates
with the mandatory extension proxyCertInfo.
Proxy certificates are issued by an End Entity (typically a user),
either directly with the EE certificate as issuing certificate, or by
extension through an already issued proxy certificate.. They are used
to extend rights to some other entity (a computer process, typically,
or sometimes to the user itself), so it can perform operations in the
name of the owner of the EE certificate.
Proxy certificates are issued by an End Entity (typically a user), either
directly with the EE certificate as issuing certificate, or by extension through
an already issued proxy certificate. Proxy certificates are used to extend
rights to some other entity (a computer process, typically, or sometimes to the
user itself). This allows the entity to perform operations on behalf of the
owner of the EE certificate.
See http://www.ietf.org/rfc/rfc3820.txt for more information.
2. A warning about proxy certificates
Noone seems to have tested proxy certificates with security in mind.
Basically, to this date, it seems that proxy certificates have only
been used in a world that's highly aware of them. What would happen
if an unsuspecting application is to validate a chain of certificates
that contains proxy certificates? It would usually consider the leaf
to be the certificate to check for authorisation data, and since proxy
certificates are controlled by the EE certificate owner alone, it's
would be normal to consider what the EE certificate owner could do
with them.
No one seems to have tested proxy certificates with security in mind. To this
date, it seems that proxy certificates have only been used in a context highly
aware of them.
subjectAltName and issuerAltName are forbidden in proxy certificates,
and this is enforced in OpenSSL. The subject must be the same as the
issuer, with one commonName added on.
Existing applications might misbehave when trying to validate a chain of
certificates which use a proxy certificate. They might incorrectly consider the
leaf to be the certificate to check for authorisation data, which is controlled
by the EE certificate owner.
Possible threats are, as far as has been imagined so far:
subjectAltName and issuerAltName are forbidden in proxy certificates, and this
is enforced in OpenSSL. The subject must be the same as the issuer, with one
commonName added on.
Possible threats we can think of at this time include:
- impersonation through commonName (think server certificates).
- use of additional extensions, possibly non-standard ones used in
certain environments, that would grant extra or different
authorisation rights.
- use of additional extensions, possibly non-standard ones used in certain
environments, that would grant extra or different authorisation rights.
For this reason, OpenSSL requires that the use of proxy certificates
be explicitely allowed. Currently, this can be done using the
following methods:
For these reasons, OpenSSL requires that the use of proxy certificates be
explicitly allowed. Currently, this can be done using the following methods:
- if the application calls X509_verify_cert() itself, it can do the
following prior to that call (ctx is the pointer passed in the call
to X509_verify_cert()):
- if the application directly calls X509_verify_cert(), it can first call:
X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
- in all other cases, proxy certificate validation can be enabled
before starting the application by setting the envirnoment variable
OPENSSL_ALLOW_PROXY_CERTS with some non-empty value.
Where ctx is the pointer which then gets passed to X509_verify_cert().
There are thoughts to allow proxy certificates with a line in the
default openssl.cnf, but that's still in the future.
- proxy certificate validation can be enabled before starting the application
by setting the environment variable OPENSSL_ALLOW_PROXY_CERTS.
In the future, it might be possible to enable proxy certificates by editing
openssl.cnf.
3. How to create proxy cerificates
3. How to create proxy certificates
It's quite easy to create proxy certificates, by taking advantage of
the lack of checks of the 'openssl x509' application (*ahem*). But
first, you need to create a configuration section that contains a
definition of the proxyCertInfo extension, a little like this:
Creating proxy certificates is quite easy, by taking advantage of a lack of
checks in the 'openssl x509' application (*ahem*). You must first create a
configuration section that contains a definition of the proxyCertInfo extension,
for example:
[ v3_proxy ]
# A proxy certificate MUST NEVER be a CA certificate.
@ -77,10 +72,10 @@ definition of the proxyCertInfo extension, a little like this:
# Usual authority key ID
authorityKeyIdentifier=keyid,issuer:always
# Now, for the extension that marks this certificate as a proxy one
# The extension which marks this certificate as a proxy
proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:1,policy:text:AB
It's also possible to give the proxy extension in a separate section:
It's also possible to specify the proxy extension in a separate section:
proxyCertInfo=critical,@proxy_ext
@ -89,96 +84,85 @@ It's also possible to give the proxy extension in a separate section:
pathlen=0
policy=text:BC
The policy value has a specific syntax, {syntag}:{string}, where the
syntag determines what will be done with the string. The recognised
syntags are as follows:
The policy value has a specific syntax, {syntag}:{string}, where the syntag
determines what will be done with the string. The following syntags are
recognised:
text indicates that the string is simply the bytes, not
encoded in any kind of way:
text indicates that the string is simply bytes, without any encoding:
policy=text:räksmörgås
policy=text:räksmörgås
Previous versions of this design had a specific tag
for UTF-8 text. However, since the bytes are copied
as-is anyway, there's no need for it. Instead, use
the text: tag, like this:
Previous versions of this design had a specific tag for UTF-8 text.
However, since the bytes are copied as-is anyway, there is no need for
such a specific tag.
policy=text:räksmörgås
hex indicates the string is encoded in hex, with colons between each byte
(every second hex digit):
hex indicates the string is encoded in hex, with colons
between each byte (every second hex digit):
policy=hex:72:E4:6B:73:6D:F6:72:67:E5:73
policy=hex:72:E4:6B:73:6D:F6:72:67:E5:73
Previous versions of this design had a tag to insert a complete DER
blob. However, the only legal use for this would be to surround the
bytes that would go with the hex: tag with whatever is needed to
construct a correct OCTET STRING. The DER tag therefore felt
superfluous, and was removed.
Previous versions of this design had a tag to insert a
complete DER blob. However, the only legal use for
this would be to surround the bytes that would go with
the hex: tag with what's needed to construct a correct
OCTET STRING. Since hex: does that, the DER tag felt
superfluous, and was therefore removed.
file indicates that the text of the policy should really be
taken from a file. The string is then really a file
name. This is useful for policies that are large
(more than a few of lines) XML documents, for example.
file indicates that the text of the policy should really be taken from a
file. The string is then really a file name. This is useful for
policies that are large (more than a few lines, e.g. XML documents).
The 'policy' setting can be split up in multiple lines like this:
0.policy=This is
1.polisy= a multi-
1.policy= a multi-
2.policy=line policy.
NOTE: the proxy policy value is the part that determines the rights
granted to the process using the proxy certificate. The value is
completely dependent on the application reading and interpretting it!
NOTE: the proxy policy value is the part which determines the rights granted to
the process using the proxy certificate. The value is completely dependent on
the application reading and interpreting it!
Now that you have created an extension section for your proxy
certificate, you can now easily create a proxy certificate like this:
Now that you have created an extension section for your proxy certificate, you
can easily create a proxy certificate by doing:
openssl req -new -config openssl.cnf \
-out proxy.req -keyout proxy.key
openssl x509 -req -CAcreateserial -in proxy.req -days 7 \
-out proxy.crt -CA user.crt -CAkey user.key \
-extfile openssl.cnf -extensions v3_proxy
openssl req -new -config openssl.cnf -out proxy.req -keyout proxy.key
openssl x509 -req -CAcreateserial -in proxy.req -days 7 -out proxy.crt \
-CA user.crt -CAkey user.key -extfile openssl.cnf -extensions v3_proxy
It's just as easy to create a proxy certificate using another proxy
certificate as issuer (note that I'm using a different configuration
section for it):
You can also create a proxy certificate using another proxy certificate as
issuer (note: I'm using a different configuration section for it):
openssl req -new -config openssl.cnf \
-out proxy2.req -keyout proxy2.key
openssl x509 -req -CAcreateserial -in proxy2.req -days 7 \
-out proxy2.crt -CA proxy.crt -CAkey proxy.key \
-extfile openssl.cnf -extensions v3_proxy2
openssl req -new -config openssl.cnf -out proxy2.req -keyout proxy2.key
openssl x509 -req -CAcreateserial -in proxy2.req -days 7 -out proxy2.crt \
-CA proxy.crt -CAkey proxy.key -extfile openssl.cnf -extensions v3_proxy2
4. How to have your application interpret the policy?
The basic way to interpret proxy policies is to prepare some default
rights, then do a check of the proxy certificate against the a chain
of proxy certificates, user certificate and CA certificates, and see
what rights came out by the end. Sounds easy, huh? It almost is.
The basic way to interpret proxy policies is to start with some default rights,
then compute the resulting rights by checking the proxy certificate against
the chain of proxy certificates, user certificate and CA certificates. You then
use the final computed rights. Sounds easy, huh? It almost is.
The slightly complicated part is how to pass data between your
The slightly complicated part is figuring out how to pass data between your
application and the certificate validation procedure.
You need the following ingredients:
- a callback routing that will be called for every certificate that's
validated. It will be called several times for each certificates,
so you must be attentive to when it's a good time to do the proxy
policy interpretation and check, as well as to fill in the defaults
when the EE certificate is checked.
- a callback function that will be called for every certificate being
validated. The callback be called several times for each certificate,
so you must be careful to do the proxy policy interpretation at the right
time. You also need to fill in the defaults when the EE certificate is
checked.
- a structure of data that's shared between your application code and
the callback.
- a data structure that is shared between your application code and the
callback.
- a wrapper function that sets it all up.
- an ex_data index function that creates an index into the generic
ex_data store that's attached to an X509 validation context.
- an ex_data index function that creates an index into the generic ex_data
store that is attached to an X509 validation context.
This is some cookbook code for you to fill in:
Here is some skeleton code you can fill in:
/* In this example, I will use a view of granted rights as a bit
array, one bit for each possible right. */
@ -210,7 +194,7 @@ This is some cookbook code for you to fill in:
static int verify_callback(int ok, X509_STORE_CTX *ctx)
{
if (ok == 1) /* It's REALLY important you keep the proxy policy
check within this secion. It's important to know
check within this section. It's important to know
that when ok is 1, the certificates are checked
from top to bottom. You get the CA root first,
followed by the possible chain of intermediate
@ -221,7 +205,7 @@ This is some cookbook code for you to fill in:
if (xs->ex_flags & EXFLAG_PROXY)
{
YOUR_RIGHTS *rights =
YOUR_RIGHTS *rights =
(YOUR_RIGHTS *)X509_STORE_CTX_get_ex_data(ctx,
get_proxy_auth_ex_data_idx());
PROXY_CERT_INFO_EXTENSION *pci =
@ -250,12 +234,12 @@ This is some cookbook code for you to fill in:
bit array and fill it with the rights granted by
the current proxy certificate, then use it as a
mask on the accumulated rights bit array, and
voilà, you now have a new accumulated rights bit
voilà, you now have a new accumulated rights bit
array. */
{
int i;
YOUR_RIGHTS tmp_rights;
memset(tmp_rights.rights, 0, sizeof(tmp_rights.rights));
memset(tmp_rights.rights, 0, sizeof(tmp_rights.rights));
/* process_rights() is supposed to be a procedure
that takes a string and it's length, interprets
@ -276,7 +260,7 @@ This is some cookbook code for you to fill in:
{
/* We have a EE certificate, let's use it to set default!
*/
YOUR_RIGHTS *rights =
YOUR_RIGHTS *rights =
(YOUR_RIGHTS *)X509_STORE_CTX_get_ex_data(ctx,
get_proxy_auth_ex_data_idx());

81
crypto/external/bsd/openssl/dist/doc/apps/c_rehash.pod vendored Normal file
View File

@ -0,0 +1,81 @@
=pod
=for comment
Original text by James Westby, contributed under the OpenSSL license.
=head1 NAME
c_rehash - Create symbolic links to files named by the hash values
=head1 SYNOPSIS
B<c_rehash>
[ I<directory>...]
=head1 DESCRIPTION
B<c_rehash> scans directories and calculates a hash value of each C<.pem>
file in the specified directory list and creates symbolic links
for each file, where the name of the link is the hash value.
This utility is useful as many programs that use OpenSSL require
directories to be set up like this in order to find certificates.
If any directories are named on the command line, then those are
processed in turn. If not, then the B<SSL_CERT_DIR> environment variable
is consulted; this shold be a colon-separated list of directories,
like the Unix B<PATH> variable.
If that is not set then the default directory (installation-specific
but often B</usr/local/ssl/certs>) is processed.
In order for a directory to be processed, the user must have write
permissions on that directory, otherwise it will be skipped.
The links created are of the form C<HHHHHHHH.D>, where each B<H>
is a hexadecimal character and B<D> is a single decimal digit.
When processing a directory, B<c_rehash> will first remove all links
that have a name in that syntax. If you have links in that format
used for other purposes, they will be removed.
Hashes for CRL's look similar except the letter B<r> appears after
the period, like this: C<HHHHHHHH.rD>.
Multiple objects may have the same hash; they will be indicated by
incrementing the B<D> value. Duplicates are found by comparing the
full SHA-1 fingerprint. A warning will be displayed if a duplicate
is found.
A warning will also be displayed if there are B<.pem> files that
cannot be parsed as either a certificate or a CRL.
The program uses the B<openssl> program to compute the hashes and
fingerprints. If not found in the user's B<PATH>, then set the
B<OPENSSL> environment variable to the full pathname.
Any program can be used, it will be invoked as follows for either
a certificate or CRL:
$OPENSSL x509 -hash -fingerprint -noout -in FFFFFF
$OPENSSL crl -hash -fingerprint -noout -in FFFFFF
where B<FFFFFF> is the filename. It must output the hash of the
file on the first line, and the fingerprint on the second,
optionally prefixed with some text and an equals sign.
=head1 ENVIRONMENT
=over
=item B<OPENSSL>
The path to an executable to use to generate hashes and
fingerprints (see above).
=item B<SSL_CERT_DIR>
Colon separated list of directories to operate on.
Ignored if directories are listed on the command line.
=back
=head1 SEE ALSO
L<openssl(1)|openssl(1)>,
L<crl(1)|crl(1)>.
L<x509(1)|x509(1)>.

4
crypto/external/bsd/openssl/dist/doc/apps/ocsp.pod vendored
View File

@ -133,6 +133,10 @@ if the B<host> option is present then the OCSP request is sent to the host
B<hostname> on port B<port>. B<path> specifies the HTTP path name to use
or "/" by default.
=item B<-timeout seconds>
connection timeout to the OCSP responder in seconds
=item B<-CAfile file>, B<-CApath pathname>
file or pathname containing trusted CA certificates. These are used to verify

101
crypto/external/bsd/openssl/dist/doc/crypto/CMS_add1_signer.pod vendored Normal file
View File

@ -0,0 +1,101 @@
=pod
=head1 NAME
CMS_add1_signer, CMS_SignerInfo_sign - add a signer to a CMS_ContentInfo signed data structure.
=head1 SYNOPSIS
#include <openssl/cms.h>
CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md, unsigned int flags);
int CMS_SignerInfo_sign(CMS_SignerInfo *si);
=head1 DESCRIPTION
CMS_add1_signer() adds a signer with certificate B<signcert> and private
key B<pkey> using message digest B<md> to CMS_ContentInfo SignedData
structure B<cms>.
The CMS_ContentInfo structure should be obtained from an initial call to
CMS_sign() with the flag B<CMS_PARTIAL> set or in the case or re-signing a
valid CMS_ContentInfo SignedData structure.
If the B<md> parameter is B<NULL> then the default digest for the public
key algorithm will be used.
Unless the B<CMS_REUSE_DIGEST> flag is set the returned CMS_ContentInfo
structure is not complete and must be finalized either by streaming (if
applicable) or a call to CMS_final().
The CMS_SignerInfo_sign() function will explicitly sign a CMS_SignerInfo
structure, its main use is when B<CMS_REUSE_DIGEST> and B<CMS_PARTIAL> flags
are both set.
=head1 NOTES
The main purpose of CMS_add1_signer() is to provide finer control
over a CMS signed data structure where the simpler CMS_sign() function defaults
are not appropriate. For example if multiple signers or non default digest
algorithms are needed. New attributes can also be added using the returned
CMS_SignerInfo structure and the CMS attribute utility functions or the
CMS signed receipt request functions.
Any of the following flags (ored together) can be passed in the B<flags>
parameter.
If B<CMS_REUSE_DIGEST> is set then an attempt is made to copy the content
digest value from the CMS_ContentInfo structure: to add a signer to an existing
structure. An error occurs if a matching digest value cannot be found to copy.
The returned CMS_ContentInfo structure will be valid and finalized when this
flag is set.
If B<CMS_PARTIAL> is set in addition to B<CMS_REUSE_DIGEST> then the
CMS_SignerInfo structure will not be finalized so additional attributes
can be added. In this case an explicit call to CMS_SignerInfo_sign() is
needed to finalize it.
If B<CMS_NOCERTS> is set the signer's certificate will not be included in the
CMS_ContentInfo structure, the signer's certificate must still be supplied in
the B<signcert> parameter though. This can reduce the size of the signature if
the signers certificate can be obtained by other means: for example a
previously signed message.
The SignedData structure includes several CMS signedAttributes including the
signing time, the CMS content type and the supported list of ciphers in an
SMIMECapabilities attribute. If B<CMS_NOATTR> is set then no signedAttributes
will be used. If B<CMS_NOSMIMECAP> is set then just the SMIMECapabilities are
omitted.
OpenSSL will by default identify signing certificates using issuer name
and serial number. If B<CMS_USE_KEYID> is set it will use the subject key
identifier value instead. An error occurs if the signing certificate does not
have a subject key identifier extension.
If present the SMIMECapabilities attribute indicates support for the following
algorithms in preference order: 256 bit AES, Gost R3411-94, Gost 28147-89, 192
bit AES, 128 bit AES, triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2.
If any of these algorithms is not available then it will not be included: for example the GOST algorithms will not be included if the GOST ENGINE is
not loaded.
CMS_add1_signer() returns an internal pointer to the CMS_SignerInfo
structure just added, this can be used to set additional attributes
before it is finalized.
=head1 RETURN VALUES
CMS_add1_signer() returns an internal pointer to the CMS_SignerInfo
structure just added or NULL if an error occurs.
=head1 SEE ALSO
L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
L<CMS_final(3)|CMS_final(3)>,
=head1 HISTORY
CMS_add1_signer() was added to OpenSSL 0.9.8
=cut

12
crypto/external/bsd/openssl/dist/doc/crypto/EVP_PKEY_encrypt.pod vendored
View File

@ -43,19 +43,23 @@ indicates the operation is not supported by the public key algorithm.
=head1 EXAMPLE
Encrypt data using OAEP (for RSA keys):
Encrypt data using OAEP (for RSA keys). See also L<PEM_read_PUBKEY(3)|pem(3)> or
L<d2i_X509(3)|d2i_X509(3)> for means to load a public key. You may also simply
set 'eng = NULL;' to start with the default OpenSSL RSA implementation:
#include <openssl/evp.h>
#include <openssl/rsa.h>
#include <openssl/engine.h>
EVP_PKEY_CTX *ctx;
ENGINE *eng;
unsigned char *out, *in;
size_t outlen, inlen;
EVP_PKEY *key;
/* NB: assumes key in, inlen are already set up
/* NB: assumes eng, key, in, inlen are already set up,
* and that key is an RSA public key
*/
ctx = EVP_PKEY_CTX_new(key);
ctx = EVP_PKEY_CTX_new(key,eng);
if (!ctx)
/* Error occurred */
if (EVP_PKEY_encrypt_init(ctx) <= 0)
@ -79,6 +83,8 @@ Encrypt data using OAEP (for RSA keys):
=head1 SEE ALSO
L<d2i_X509(3)|d2i_X509(3)>,
L<engine(3)|engine(3)>,
L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,

12
crypto/external/bsd/openssl/dist/doc/crypto/X509_NAME_add_entry_by_txt.pod vendored
View File

@ -81,14 +81,14 @@ Create an B<X509_NAME> structure:
nm = X509_NAME_new();
if (nm == NULL)
/* Some error */
if (!X509_NAME_add_entry_by_txt(nm, MBSTRING_ASC,
"C", "UK", -1, -1, 0))
if (!X509_NAME_add_entry_by_txt(nm, "C", MBSTRING_ASC,
"UK", -1, -1, 0))
/* Error */
if (!X509_NAME_add_entry_by_txt(nm, MBSTRING_ASC,
"O", "Disorganized Organization", -1, -1, 0))
if (!X509_NAME_add_entry_by_txt(nm, "O", MBSTRING_ASC,
"Disorganized Organization", -1, -1, 0))
/* Error */
if (!X509_NAME_add_entry_by_txt(nm, MBSTRING_ASC,
"CN", "Joe Bloggs", -1, -1, 0))
if (!X509_NAME_add_entry_by_txt(nm, "CN", MBSTRING_ASC,
"Joe Bloggs", -1, -1, 0))
/* Error */
=head1 RETURN VALUES

4
crypto/external/bsd/openssl/dist/doc/crypto/X509_NAME_get_index_by_NID.pod vendored
View File

@ -59,6 +59,10 @@ X509_NAME_get_index_by_OBJ() should be used followed by
X509_NAME_get_entry() on any matching indices and then the
various B<X509_NAME_ENTRY> utility functions on the result.
The list of all relevant B<NID_*> and B<OBJ_* codes> can be found in
the source code header files E<lt>openssl/obj_mac.hE<gt> and/or
E<lt>openssl/objects.hE<gt>.
=head1 EXAMPLES
Process all entries:

10
crypto/external/bsd/openssl/dist/doc/ssl/SSL_CTX_set_mode.pod vendored
View File

@ -71,6 +71,16 @@ SSL_CTX->freelist_max_len, which defaults to 32. Using this flag can
save around 34k per idle SSL connection.
This flag has no effect on SSL v2 connections, or on DTLS connections.
=item SSL_MODE_SEND_FALLBACK_SCSV
Send TLS_FALLBACK_SCSV in the ClientHello.
To be set only by applications that reconnect with a downgraded protocol
version; see draft-ietf-tls-downgrade-scsv-00 for details.
DO NOT ENABLE THIS if your application attempts a normal handshake.
Only use this in explicit fallback retries, following the guidance
in draft-ietf-tls-downgrade-scsv-00.
=back
=head1 RETURN VALUES

10
crypto/external/bsd/openssl/dist/doc/ssl/SSL_CTX_set_options.pod vendored
View File

@ -158,15 +158,7 @@ temporary/ephemeral DH parameters are used.
=item SSL_OP_EPHEMERAL_RSA
Always use ephemeral (temporary) RSA key when doing RSA operations
(see L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>).
According to the specifications this is only done, when a RSA key
can only be used for signature operations (namely under export ciphers
with restricted RSA keylength). By setting this option, ephemeral
RSA keys are always used. This option breaks compatibility with the
SSL/TLS specifications and may lead to interoperability problems with
clients and should therefore never be used. Ciphers with EDH (ephemeral
Diffie-Hellman) key exchange should be used instead.
This option is no longer implemented and is treated as no op.
=item SSL_OP_CIPHER_SERVER_PREFERENCE

23
crypto/external/bsd/openssl/dist/doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod vendored
View File

@ -74,21 +74,14 @@ exchange and use EDH (Ephemeral Diffie-Hellman) key exchange instead
in order to achieve forward secrecy (see
L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>).
On OpenSSL servers ephemeral RSA key exchange is therefore disabled by default
and must be explicitly enabled using the SSL_OP_EPHEMERAL_RSA option of
L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>, violating the TLS/SSL
standard. When ephemeral RSA key exchange is required for export ciphers,
it will automatically be used without this option!
An application may either directly specify the key or can supply the key via
a callback function. The callback approach has the advantage, that the
callback may generate the key only in case it is actually needed. As the
generation of a RSA key is however costly, it will lead to a significant
delay in the handshake procedure. Another advantage of the callback function
is that it can supply keys of different size (e.g. for SSL_OP_EPHEMERAL_RSA
usage) while the explicit setting of the key is only useful for key size of
512 bits to satisfy the export restricted ciphers and does give away key length
if a longer key would be allowed.
An application may either directly specify the key or can supply the key via a
callback function. The callback approach has the advantage, that the callback
may generate the key only in case it is actually needed. As the generation of a
RSA key is however costly, it will lead to a significant delay in the handshake
procedure. Another advantage of the callback function is that it can supply
keys of different size while the explicit setting of the key is only useful for
key size of 512 bits to satisfy the export restricted ciphers and does give
away key length if a longer key would be allowed.
The B<tmp_rsa_callback> is called with the B<keylength> needed and
the B<is_export> information. The B<is_export> flag is set, when the

25
crypto/external/bsd/openssl/dist/ssl/d1_clnt.c vendored
View File

@ -249,6 +249,9 @@ int dtls1_connect(SSL *s)
memset(s->s3->client_random,0,sizeof(s->s3->client_random));
s->d1->send_cookie = 0;
s->hit = 0;
s->d1->change_cipher_spec_ok = 0;
/* Should have been reset by ssl3_get_finished, too. */
s->s3->change_cipher_spec = 0;
break;
#ifndef OPENSSL_NO_SCTP
@ -370,20 +373,6 @@ int dtls1_connect(SSL *s)
case SSL3_ST_CR_CERT_A:
case SSL3_ST_CR_CERT_B:
#ifndef OPENSSL_NO_TLSEXT
ret=ssl3_check_finished(s);
if (ret <= 0) goto end;
if (ret == 2)
{
s->hit = 1;
if (s->tlsext_ticket_expected)
s->state=SSL3_ST_CR_SESSION_TICKET_A;
else
s->state=SSL3_ST_CR_FINISHED_A;
s->init_num=0;
break;
}
#endif
/* Check if it is anon DH or PSK */
if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
!(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
@ -506,7 +495,6 @@ int dtls1_connect(SSL *s)
else
#endif
s->state=SSL3_ST_CW_CHANGE_A;
s->s3->change_cipher_spec=0;
}
s->init_num=0;
@ -527,7 +515,6 @@ int dtls1_connect(SSL *s)
#endif
s->state=SSL3_ST_CW_CHANGE_A;
s->init_num=0;
s->s3->change_cipher_spec=0;
break;
case SSL3_ST_CW_CHANGE_A:
@ -1730,6 +1717,12 @@ int dtls1_send_client_certificate(SSL *s)
s->state=SSL3_ST_CW_CERT_D;
l=dtls1_output_cert_chain(s,
(s->s3->tmp.cert_req == 2)?NULL:s->cert->key->x509);
if (!l)
{
SSLerr(SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR);
ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INTERNAL_ERROR);
return 0;
}
s->init_num=(int)l;
s->init_off=0;

72
crypto/external/bsd/openssl/dist/ssl/kssl.c vendored
View File

@ -954,15 +954,15 @@ print_krb5_data(char *label, krb5_data *kdata)
{
int i;
printf("%s[%d] ", label, kdata->length);
fprintf(stderr,"%s[%d] ", label, kdata->length);
for (i=0; i < (int)kdata->length; i++)
{
if (0 && isprint((int) kdata->data[i]))
printf( "%c ", kdata->data[i]);
fprintf(stderr, "%c ", kdata->data[i]);
else
printf( "%02x ", (unsigned char) kdata->data[i]);
fprintf(stderr, "%02x ", (unsigned char) kdata->data[i]);
}
printf("\n");
fprintf(stderr,"\n");
}
@ -973,20 +973,20 @@ print_krb5_authdata(char *label, krb5_authdata **adata)
{
if (adata == NULL)
{
printf("%s, authdata==0\n", label);
fprintf(stderr,"%s, authdata==0\n", label);
return;
}
printf("%s [%p]\n", label, (void *)adata);
fprintf(stderr,"%s [%p]\n", label, (void *)adata);
#if 0
{
int i;
printf("%s[at%d:%d] ", label, adata->ad_type, adata->length);
fprintf(stderr,"%s[at%d:%d] ", label, adata->ad_type, adata->length);
for (i=0; i < adata->length; i++)
{
printf((isprint(adata->contents[i]))? "%c ": "%02x",
fprintf(stderr,(isprint(adata->contents[i]))? "%c ": "%02x",
adata->contents[i]);
}
printf("\n");
fprintf(stderr,"\n");
}
#endif
}
@ -1001,24 +1001,24 @@ print_krb5_keyblock(char *label, krb5_keyblock *keyblk)
if (keyblk == NULL)
{
printf("%s, keyblk==0\n", label);
fprintf(stderr,"%s, keyblk==0\n", label);
return;
}
#ifdef KRB5_HEIMDAL
printf("%s\n\t[et%d:%d]: ", label, keyblk->keytype,
fprintf(stderr,"%s\n\t[et%d:%d]: ", label, keyblk->keytype,
keyblk->keyvalue->length);
for (i=0; i < (int)keyblk->keyvalue->length; i++)
{
printf("%02x",(unsigned char *)(keyblk->keyvalue->contents)[i]);
fprintf(stderr,"%02x",(unsigned char *)(keyblk->keyvalue->contents)[i]);
}
printf("\n");
fprintf(stderr,"\n");
#else
printf("%s\n\t[et%d:%d]: ", label, keyblk->enctype, keyblk->length);
fprintf(stderr,"%s\n\t[et%d:%d]: ", label, keyblk->enctype, keyblk->length);
for (i=0; i < (int)keyblk->length; i++)
{
printf("%02x",keyblk->contents[i]);
fprintf(stderr,"%02x",keyblk->contents[i]);
}
printf("\n");
fprintf(stderr,"\n");
#endif
}
@ -1031,17 +1031,17 @@ print_krb5_princ(char *label, krb5_principal_data *princ)
{
int i, ui, uj;
printf("%s principal Realm: ", label);
fprintf(stderr,"%s principal Realm: ", label);
if (princ == NULL) return;
for (ui=0; ui < (int)princ->realm.length; ui++) putchar(princ->realm.data[ui]);
printf(" (nametype %d) has %d strings:\n", princ->type,princ->length);
fprintf(stderr," (nametype %d) has %d strings:\n", princ->type,princ->length);
for (i=0; i < (int)princ->length; i++)
{
printf("\t%d [%d]: ", i, princ->data[i].length);
fprintf(stderr,"\t%d [%d]: ", i, princ->data[i].length);
for (uj=0; uj < (int)princ->data[i].length; uj++) {
putchar(princ->data[i].data[uj]);
}
printf("\n");
fprintf(stderr,"\n");
}
return;
}
@ -1332,7 +1332,7 @@ kssl_sget_tkt( /* UPDATE */ KSSL_CTX *kssl_ctx,
}
#ifdef KSSL_DEBUG
printf("in kssl_sget_tkt(%s)\n", kstring(kssl_ctx->service_name));
fprintf(stderr,"in kssl_sget_tkt(%s)\n", kstring(kssl_ctx->service_name));
#endif /* KSSL_DEBUG */
if (!krb5context && (krb5rc = krb5_init_context(&krb5context)))
@ -1481,18 +1481,18 @@ kssl_sget_tkt( /* UPDATE */ KSSL_CTX *kssl_ctx,
#ifdef KSSL_DEBUG
{
int i; krb5_address **paddr = krb5ticket->enc_part2->caddrs;
printf("Decrypted ticket fields:\n");
printf("\tflags: %X, transit-type: %X",
fprintf(stderr,"Decrypted ticket fields:\n");
fprintf(stderr,"\tflags: %X, transit-type: %X",
krb5ticket->enc_part2->flags,
krb5ticket->enc_part2->transited.tr_type);
print_krb5_data("\ttransit-data: ",
&(krb5ticket->enc_part2->transited.tr_contents));
printf("\tcaddrs: %p, authdata: %p\n",
fprintf(stderr,"\tcaddrs: %p, authdata: %p\n",
krb5ticket->enc_part2->caddrs,
krb5ticket->enc_part2->authorization_data);
if (paddr)
{
printf("\tcaddrs:\n");
fprintf(stderr,"\tcaddrs:\n");
for (i=0; paddr[i] != NULL; i++)
{
krb5_data d;
@ -1501,7 +1501,7 @@ kssl_sget_tkt( /* UPDATE */ KSSL_CTX *kssl_ctx,
print_krb5_data("\t\tIP: ", &d);
}
}
printf("\tstart/auth/end times: %d / %d / %d\n",
fprintf(stderr,"\tstart/auth/end times: %d / %d / %d\n",
krb5ticket->enc_part2->times.starttime,
krb5ticket->enc_part2->times.authtime,
krb5ticket->enc_part2->times.endtime);
@ -1976,7 +1976,7 @@ krb5_error_code kssl_validate_times( krb5_timestamp atime,
if ((now - ttimes->endtime) > skew) return SSL_R_KRB5_S_TKT_EXPIRED;
#ifdef KSSL_DEBUG
printf("kssl_validate_times: %d |<- | %d - %d | < %d ->| %d\n",
fprintf(stderr,"kssl_validate_times: %d |<- | %d - %d | < %d ->| %d\n",
start, atime, now, skew, ttimes->endtime);
#endif /* KSSL_DEBUG */
@ -2027,10 +2027,10 @@ krb5_error_code kssl_check_authent(
#ifdef KSSL_DEBUG
{
unsigned int ui;
printf("kssl_check_authent: authenticator[%d]:\n",authentp->length);
fprintf(stderr,"kssl_check_authent: authenticator[%d]:\n",authentp->length);
p = authentp->data;
for (ui=0; ui < authentp->length; ui++) printf("%02x ",p[ui]);
printf("\n");
for (ui=0; ui < authentp->length; ui++) fprintf(stderr,"%02x ",p[ui]);
fprintf(stderr,"\n");
}
#endif /* KSSL_DEBUG */
@ -2095,9 +2095,9 @@ krb5_error_code kssl_check_authent(
#ifdef KSSL_DEBUG
{
int padl;
printf("kssl_check_authent: decrypted authenticator[%d] =\n", outl);
for (padl=0; padl < outl; padl++) printf("%02x ",unenc_authent[padl]);
printf("\n");
fprintf(stderr,"kssl_check_authent: decrypted authenticator[%d] =\n", outl);
for (padl=0; padl < outl; padl++) fprintf(stderr,"%02x ",unenc_authent[padl]);
fprintf(stderr,"\n");
}
#endif /* KSSL_DEBUG */
@ -2132,10 +2132,10 @@ krb5_error_code kssl_check_authent(
}
#ifdef KSSL_DEBUG
printf("kssl_check_authent: returns %d for client time ", *atimep);
fprintf(stderr,"kssl_check_authent: returns %d for client time ", *atimep);
if (auth && auth->ctime && auth->ctime->length && auth->ctime->data)
printf("%.*s\n", auth->ctime->length, auth->ctime->data);
else printf("NULL\n");
fprintf(stderr,"%.*s\n", auth->ctime->length, auth->ctime->data);
else fprintf(stderr,"NULL\n");
#endif /* KSSL_DEBUG */
err:

12
crypto/external/bsd/openssl/dist/ssl/s2_enc.c vendored
View File

@ -117,8 +117,9 @@ err:
/* read/writes from s->s2->mac_data using length for encrypt and
* decrypt. It sets s->s2->padding and s->[rw]length
* if we are encrypting */
void ssl2_enc(SSL *s, int send)
* if we are encrypting
* Returns 0 on error and 1 on success */
int ssl2_enc(SSL *s, int send)
{
EVP_CIPHER_CTX *ds;
unsigned long l;
@ -136,7 +137,7 @@ void ssl2_enc(SSL *s, int send)
}
/* check for NULL cipher */
if (ds == NULL) return;
if (ds == NULL) return 1;
bs=ds->cipher->block_size;
@ -145,7 +146,10 @@ void ssl2_enc(SSL *s, int send)
if (bs == 8)
l=(l+7)/8*8;
EVP_Cipher(ds,s->s2->mac_data,s->s2->mac_data,l);
if(EVP_Cipher(ds,s->s2->mac_data,s->s2->mac_data,l) < 1)
return 0;
return 1;
}
void ssl2_mac(SSL *s, unsigned char *md, int send)

9
crypto/external/bsd/openssl/dist/ssl/s2_pkt.c vendored
View File

@ -265,7 +265,11 @@ static int ssl2_read_internal(SSL *s, void *buf, int len, int peek)
if ((!s->s2->clear_text) &&
(s->s2->rlength >= (unsigned int)mac_size))
{
ssl2_enc(s,0);
if(!ssl2_enc(s,0))
{
SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_DECRYPTION_FAILED);
return(-1);
}
s->s2->ract_data_length-=mac_size;
ssl2_mac(s,mac,0);
s->s2->ract_data_length-=s->s2->padding;
@ -616,7 +620,8 @@ static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
s->s2->wact_data_length=len+p;
ssl2_mac(s,s->s2->mac_data,1);
s->s2->wlength+=p+mac_size;
ssl2_enc(s,1);
if(ssl2_enc(s,1) < 1)
return -1;
}
/* package up the header */

22
crypto/external/bsd/openssl/dist/ssl/s2_srvr.c vendored
View File

@ -188,13 +188,21 @@ int ssl2_accept(SSL *s)
s->version=SSL2_VERSION;
s->type=SSL_ST_ACCEPT;
buf=s->init_buf;
if ((buf == NULL) && ((buf=BUF_MEM_new()) == NULL))
{ ret= -1; goto end; }
if (!BUF_MEM_grow(buf,(int)
SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
{ ret= -1; goto end; }
s->init_buf=buf;
if(s->init_buf == NULL)
{
if ((buf=BUF_MEM_new()) == NULL)
{
ret= -1;
goto end;
}
if (!BUF_MEM_grow(buf,(int) SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
{
BUF_MEM_free(buf);
ret= -1;
goto end;
}
s->init_buf=buf;
}
s->init_num=0;
s->ctx->stats.sess_accept++;
s->handshake_func=ssl2_accept;

1
crypto/external/bsd/openssl/dist/ssl/s3_both.c vendored
View File

@ -439,6 +439,7 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
goto f_err;
}
*ok=1;
s->state = stn;
s->init_msg = s->init_buf->data + 4;
s->init_num = (int)s->s3->tmp.message_size;
return s->init_num;

5
crypto/external/bsd/openssl/dist/ssl/s3_meth.c vendored
View File

@ -60,7 +60,7 @@
#include <openssl/objects.h>
#include "ssl_locl.h"
static const SSL_METHOD *ssl3_get_method(int ver);
#ifndef OPENSSL_NO_SSL3_METHOD
static const SSL_METHOD *ssl3_get_method(int ver)
{
if (ver == SSL3_VERSION)
@ -73,5 +73,4 @@ IMPLEMENT_ssl3_meth_func(SSLv3_method,
ssl3_accept,
ssl3_connect,
ssl3_get_method)
#endif

29
crypto/external/bsd/openssl/dist/ssl/ssl_cert.c vendored
View File

@ -286,35 +286,6 @@ CERT *ssl_cert_dup(CERT *cert)
ret->pkeys[i].privatekey = cert->pkeys[i].privatekey;
CRYPTO_add(&ret->pkeys[i].privatekey->references, 1,
CRYPTO_LOCK_EVP_PKEY);
switch(i)
{
/* If there was anything special to do for
* certain types of keys, we'd do it here.
* (Nothing at the moment, I think.) */
case SSL_PKEY_RSA_ENC:
case SSL_PKEY_RSA_SIGN:
/* We have an RSA key. */
break;
case SSL_PKEY_DSA_SIGN:
/* We have a DSA key. */
break;
case SSL_PKEY_DH_RSA:
case SSL_PKEY_DH_DSA:
/* We have a DH key. */
break;
case SSL_PKEY_ECC:
/* We have an ECC key */
break;
default:
/* Can't happen. */
SSLerr(SSL_F_SSL_CERT_DUP, SSL_R_LIBRARY_BUG);
}
}
}

16
crypto/external/bsd/openssl/dist/ssl/ssl_sess.c vendored
View File

@ -335,7 +335,21 @@ int ssl_get_new_session(SSL *s, int session)
return(0);
}
#ifndef OPENSSL_NO_TLSEXT
/* If RFC4507 ticket use empty session ID */
/*
* If RFC5077 ticket, use empty session ID (as server).
* Note that:
* (a) ssl_get_prev_session() does lookahead into the
* ClientHello extensions to find the session ticket.
* When ssl_get_prev_session() fails, s3_srvr.c calls
* ssl_get_new_session() in ssl3_get_client_hello().
* At that point, it has not yet parsed the extensions,
* however, because of the lookahead, it already knows
* whether a ticket is expected or not.
*
* (b) s3_clnt.c calls ssl_get_new_session() before parsing
* ServerHello extensions, and before recording the session
* ID received from the server, so this block is a noop.
*/
if (s->tlsext_ticket_expected)
{
ss->session_id_length = 0;

1
crypto/external/bsd/openssl/dist/util/libeay.num vendored
View File

@ -1807,6 +1807,7 @@ ASN1_UTCTIME_get 2350 NOEXIST::FUNCTION:
X509_REQ_digest 2362 EXIST::FUNCTION:EVP
X509_CRL_digest 2391 EXIST::FUNCTION:EVP
d2i_ASN1_SET_OF_PKCS7 2397 NOEXIST::FUNCTION:
X509_ALGOR_cmp 2398 EXIST::FUNCTION:
EVP_CIPHER_CTX_set_key_length 2399 EXIST::FUNCTION:
EVP_CIPHER_CTX_ctrl 2400 EXIST::FUNCTION:
BN_mod_exp_mont_word 2401 EXIST::FUNCTION:

35
crypto/external/bsd/openssl/dist/util/mkbuildinf.pl vendored Executable file
View File

@ -0,0 +1,35 @@
#!/usr/local/bin/perl
my ($cflags, $platform) = @ARGV;
$cflags = "compiler: $cflags";
$date = localtime();
print <<"END_OUTPUT";
#ifndef MK1MF_BUILD
/* auto-generated by util/mkbuildinf.pl for crypto/cversion.c */
#define CFLAGS
/*
* Generate CFLAGS as an array of individual characters. This is a
* workaround for the situation where CFLAGS gets too long for a C90 string
* literal
*/
static const char cflags[] = {
END_OUTPUT
my $ctr = 0;
foreach my $c (split //, $cflags) {
# Max 18 characters per line
if (($ctr++ % 18) == 0) {
if ($ctr != 1) {
print "\n";
}
print " ";
}
print "'$c',";
}
print <<"END_OUTPUT";
'\\0'
};
#define PLATFORM "platform: $platform"
#define DATE "built on: $date"
#endif
END_OUTPUT

2
crypto/external/bsd/openssl/dist/util/pl/netware.pl vendored
View File

@ -212,7 +212,7 @@ else
# Turned off the "possible" warnings ( -w nopossible ). Metrowerks
# complained a lot about various stuff. May want to turn back
# on for further development.
$cflags.=" -nostdinc -ir crypto -ir engines -ir apps -I$include_path \\
$cflags.=" -nostdinc -ir crypto -ir ssl -ir engines -ir apps -I$include_path \\
-msgstyle gcc -align 4 -processor pentium -char unsigned \\
-w on -w nolargeargs -w nopossible -w nounusedarg -w nounusedexpr \\
-w noimplicitconv -relax_pointers -nosyspath -maxerrors 20";