Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

import 1.0.1d for http://www.openssl.org/news/secadv_20130204.txt

This commit is contained in:
christos 2013-02-05 19:04:09 +00:00
parent 5e26f78e26
commit 340218d9b9
134 changed files with 2052 additions and 441 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
crypto/external/bsd/openssl/dist/CHANGES vendored
View File

@ -2,6 +2,49 @@
OpenSSL CHANGES
_______________
Changes between 1.0.1c and 1.0.1d [5 Feb 2013]
*) Make the decoding of SSLv3, TLS and DTLS CBC records constant time.
This addresses the flaw in CBC record processing discovered by
Nadhem Alfardan and Kenny Paterson. Details of this attack can be found
at: http://www.isg.rhul.ac.uk/tls/
Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
Security Group at Royal Holloway, University of London
(www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and
Emilia Käsper for the initial patch.
(CVE-2013-0169)
[Emilia Käsper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson]
*) Fix flaw in AESNI handling of TLS 1.2 and 1.1 records for CBC mode
ciphersuites which can be exploited in a denial of service attack.
Thanks go to and to Adam Langley <agl@chromium.org> for discovering
and detecting this bug and to Wolfgang Ettlinger
<wolfgang.ettlinger@gmail.com> for independently discovering this issue.
(CVE-2012-2686)
[Adam Langley]
*) Return an error when checking OCSP signatures when key is NULL.
This fixes a DoS attack. (CVE-2013-0166)
[Steve Henson]
*) Make openssl verify return errors.
[Chris Palmer <palmer@google.com> and Ben Laurie]
*) Call OCSP Stapling callback after ciphersuite has been chosen, so
the right response is stapled. Also change SSL_get_certificate()
so it returns the certificate actually sent.
See http://rt.openssl.org/Ticket/Display.html?id=2836.
[Rob Stradling <rob.stradling@comodo.com>]
*) Fix possible deadlock when decoding public keys.
[Steve Henson]
*) Don't use TLS 1.0 record version number in initial client hello
if renegotiating.
[Steve Henson]
Changes between 1.0.1b and 1.0.1c [10 May 2012]
*) Sanity check record length before skipping explicit IV in TLS

2
crypto/external/bsd/openssl/dist/FAQ vendored
View File

@ -83,7 +83,7 @@ OpenSSL - Frequently Asked Questions
* Which is the current version of OpenSSL?
The current version is available from <URL: http://www.openssl.org>.
OpenSSL 1.0.1c was released on May 10th, 2012.
OpenSSL 1.0.1d was released on Feb 5th, 2013.
In addition to the current stable release, you can also access daily
snapshots of the OpenSSL development version at <URL:

4
crypto/external/bsd/openssl/dist/Makefile vendored
View File

@ -4,7 +4,7 @@
## Makefile for OpenSSL
##
VERSION=1.0.1c
VERSION=1.0.1d
MAJOR=1
MINOR=0.1
SHLIB_VERSION_NUMBER=1.0.0
@ -446,7 +446,7 @@ rehash.time: certs apps
[ -x "apps/openssl.exe" ] && OPENSSL="apps/openssl.exe" || :; \
OPENSSL_DEBUG_MEMORY=on; \
export OPENSSL OPENSSL_DEBUG_MEMORY; \
$(PERL) tools/c_rehash certs) && \
$(PERL) tools/c_rehash certs/demo) && \
touch rehash.time; \
else :; fi

2
crypto/external/bsd/openssl/dist/Makefile.org vendored
View File

@ -444,7 +444,7 @@ rehash.time: certs apps
[ -x "apps/openssl.exe" ] && OPENSSL="apps/openssl.exe" || :; \
OPENSSL_DEBUG_MEMORY=on; \
export OPENSSL OPENSSL_DEBUG_MEMORY; \
$(PERL) tools/c_rehash certs) && \
$(PERL) tools/c_rehash certs/demo) && \
touch rehash.time; \
else :; fi

8
crypto/external/bsd/openssl/dist/NEWS vendored
View File

@ -5,6 +5,14 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d:
o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version.
o Include the fips configuration module.
o Fix OCSP bad key DoS attack CVE-2013-0166
o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
o Fix for TLS AESNI record handling flaw CVE-2012-2686
Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c:
o Fix TLS/DTLS record length checking bug CVE-2012-2333

14
crypto/external/bsd/openssl/dist/PROBLEMS vendored
View File

@ -197,3 +197,17 @@ reconfigure with additional no-sse2 [or 386] option passed to ./config.
We don't have framework to associate -ldl with no-dso, therefore the only
way is to edit Makefile right after ./config no-dso and remove -ldl from
EX_LIBS line.
* hpux-parisc2-cc no-asm build fails with SEGV in ECDSA/DH.
Compiler bug, presumably at particular patch level. Remaining
hpux*-parisc*-cc configurations can be affected too. Drop optimization
level to +O2 when compiling bn_nist.o.
* solaris64-sparcv9-cc link failure
Solaris 8 ar can fail to maintain symbol table in .a, which results in
link failures. Apply 109147-09 or later or modify Makefile generated
by ./Configure solaris64-sparcv9-cc and replace RANLIB assignment with
RANLIB= /usr/ccs/bin/ar rs

2
crypto/external/bsd/openssl/dist/README vendored
View File

@ -1,5 +1,5 @@
OpenSSL 1.0.1c 10 May 2012
OpenSSL 1.0.1d 5 Feb 2013
Copyright (c) 1998-2011 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson

5
crypto/external/bsd/openssl/dist/apps/apps.c vendored
View File

@ -2132,7 +2132,7 @@ X509_NAME *parse_name(char *subject, long chtype, int multirdn)
X509_NAME *n = NULL;
int nid;
if (!buf || !ne_types || !ne_values)
if (!buf || !ne_types || !ne_values || !mval)
{
BIO_printf(bio_err, "malloc error\n");
goto error;
@ -2236,6 +2236,7 @@ X509_NAME *parse_name(char *subject, long chtype, int multirdn)
OPENSSL_free(ne_values);
OPENSSL_free(ne_types);
OPENSSL_free(buf);
OPENSSL_free(mval);
return n;
error:
@ -2244,6 +2245,8 @@ error:
OPENSSL_free(ne_values);
if (ne_types)
OPENSSL_free(ne_types);
if (mval)
OPENSSL_free(mval);
if (buf)
OPENSSL_free(buf);
return NULL;

4
crypto/external/bsd/openssl/dist/apps/cms.c vendored
View File

@ -233,6 +233,8 @@ int MAIN(int argc, char **argv)
else if (!strcmp(*args,"-camellia256"))
cipher = EVP_camellia_256_cbc();
#endif
else if (!strcmp (*args, "-debug_decrypt"))
flags |= CMS_DEBUG_DECRYPT;
else if (!strcmp (*args, "-text"))
flags |= CMS_TEXT;
else if (!strcmp (*args, "-nointern"))
@ -1039,6 +1041,8 @@ int MAIN(int argc, char **argv)
ret = 4;
if (operation == SMIME_DECRYPT)
{
if (flags & CMS_DEBUG_DECRYPT)
CMS_decrypt(cms, NULL, NULL, NULL, NULL, flags);
if (secret_key)
{

4
crypto/external/bsd/openssl/dist/apps/dgst.c vendored
View File

@ -216,10 +216,10 @@ int MAIN(int argc, char **argv)
out_bin = 1;
else if (strcmp(*argv,"-d") == 0)
debug=1;
else if (strcmp(*argv,"-non-fips-allow") == 0)
non_fips_allow=1;
else if (!strcmp(*argv,"-fips-fingerprint"))
hmac_key = "etaonrishdlcupfm";
else if (strcmp(*argv,"-non-fips-allow") == 0)
non_fips_allow=1;
else if (!strcmp(*argv,"-hmac"))
{
if (--argc < 1)

1
crypto/external/bsd/openssl/dist/apps/dhparam.c vendored
View File

@ -332,7 +332,6 @@ bad:
BIO_printf(bio_err,"This is going to take a long time\n");
if(!dh || !DH_generate_parameters_ex(dh, num, g, &cb))
{
if(dh) DH_free(dh);
ERR_print_errors(bio_err);
goto end;
}

9
crypto/external/bsd/openssl/dist/apps/dsaparam.c vendored
View File

@ -326,6 +326,7 @@ bad:
goto end;
}
#endif
ERR_print_errors(bio_err);
BIO_printf(bio_err,"Error, DSA key generation failed\n");
goto end;
}
@ -429,13 +430,19 @@ bad:
assert(need_rand);
if ((dsakey=DSAparams_dup(dsa)) == NULL) goto end;
if (!DSA_generate_key(dsakey)) goto end;
if (!DSA_generate_key(dsakey))
{
ERR_print_errors(bio_err);
DSA_free(dsakey);
goto end;
}
if (outformat == FORMAT_ASN1)
i=i2d_DSAPrivateKey_bio(out,dsakey);
else if (outformat == FORMAT_PEM)
i=PEM_write_bio_DSAPrivateKey(out,dsakey,NULL,NULL,0,NULL,NULL);
else {
BIO_printf(bio_err,"bad output format specified for outfile\n");
DSA_free(dsakey);
goto end;
}
DSA_free(dsakey);

2
crypto/external/bsd/openssl/dist/apps/genrsa.c vendored
View File

@ -78,7 +78,7 @@
#include <openssl/pem.h>
#include <openssl/rand.h>
#define DEFBITS 512
#define DEFBITS 1024
#undef PROG
#define PROG genrsa_main

6
crypto/external/bsd/openssl/dist/apps/s_cb.c vendored
View File

@ -237,8 +237,8 @@ int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file)
/* If we are using DSA, we can copy the parameters from
* the private key */
/* Now we know that a key and cert have been set against
* the SSL context */
if (!SSL_CTX_check_private_key(ctx))
@ -436,6 +436,8 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
if (version == SSL3_VERSION ||
version == TLS1_VERSION ||
version == TLS1_1_VERSION ||
version == TLS1_2_VERSION ||
version == DTLS1_VERSION ||
version == DTLS1_BAD_VER)
{

30
crypto/external/bsd/openssl/dist/apps/srp.c vendored
View File

@ -125,13 +125,13 @@ static int get_index(CA_DB *db, char* id, char type)
if (type == DB_SRP_INDEX)
for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++)
{
pp = (char **)sk_OPENSSL_PSTRING_value(db->db->data, i);
if (pp[DB_srptype][0] == DB_SRP_INDEX && !strcmp(id, pp[DB_srpid]))
pp = sk_OPENSSL_PSTRING_value(db->db->data,i);
if (pp[DB_srptype][0] == DB_SRP_INDEX && !strcmp(id,pp[DB_srpid]))
return i;
}
else for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++)
{
pp = (char **)sk_OPENSSL_PSTRING_value(db->db->data, i);
pp = sk_OPENSSL_PSTRING_value(db->db->data,i);
if (pp[DB_srptype][0] != DB_SRP_INDEX && !strcmp(id,pp[DB_srpid]))
return i;
@ -145,7 +145,7 @@ static void print_entry(CA_DB *db, BIO *bio, int indx, int verbose, char *s)
if (indx >= 0 && verbose)
{
int j;
char **pp = (char **)sk_OPENSSL_PSTRING_value(db->db->data, indx);
char **pp = sk_OPENSSL_PSTRING_value(db->db->data, indx);
BIO_printf(bio, "%s \"%s\"\n", s, pp[DB_srpid]);
for (j = 0; j < DB_NUMBER; j++)
{
@ -163,7 +163,7 @@ static void print_user(CA_DB *db, BIO *bio, int userindex, int verbose)
{
if (verbose > 0)
{
char **pp = (char **)sk_OPENSSL_PSTRING_value(db->db->data, userindex);
char **pp = sk_OPENSSL_PSTRING_value(db->db->data,userindex);
if (pp[DB_srptype][0] != 'I')
{
@ -517,7 +517,7 @@ bad:
/* Lets check some fields */
for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++)
{
pp = (char **)sk_OPENSSL_PSTRING_value(db->db->data, i);
pp = sk_OPENSSL_PSTRING_value(db->db->data, i);
if (pp[DB_srptype][0] == DB_SRP_INDEX)
{
@ -533,8 +533,8 @@ bad:
if (gNindex >= 0)
{
gNrow = (char **)sk_OPENSSL_PSTRING_value(db->db->data, gNindex);
print_entry(db, bio_err, gNindex, verbose > 1, "Default g and N") ;
gNrow = sk_OPENSSL_PSTRING_value(db->db->data,gNindex);
print_entry(db, bio_err, gNindex, verbose > 1, "Default g and N");
}
else if (maxgN > 0 && !SRP_get_default_gN(gN))
{
@ -587,7 +587,7 @@ bad:
if (userindex >= 0)
{
/* reactivation of a new user */
char **row = (char **)sk_OPENSSL_PSTRING_value(db->db->data, userindex);
char **row = sk_OPENSSL_PSTRING_value(db->db->data, userindex);
BIO_printf(bio_err, "user \"%s\" reactivated.\n", user);
row[DB_srptype][0] = 'V';
@ -634,7 +634,7 @@ bad:
else
{
char **row = (char **)sk_OPENSSL_PSTRING_value(db->db->data, userindex);
char **row = sk_OPENSSL_PSTRING_value(db->db->data, userindex);
char type = row[DB_srptype][0];
if (type == 'v')
{
@ -664,9 +664,9 @@ bad:
if (!(gNid=srp_create_user(user,&(row[DB_srpverifier]), &(row[DB_srpsalt]),gNrow?gNrow[DB_srpsalt]:NULL, gNrow?gNrow[DB_srpverifier]:NULL, passout, bio_err,verbose)))
{
BIO_printf(bio_err, "Cannot create srp verifier for user \"%s\", operation abandoned.\n", user);
errors++;
goto err;
BIO_printf(bio_err, "Cannot create srp verifier for user \"%s\", operation abandoned.\n", user);
errors++;
goto err;
}
row[DB_srptype][0] = 'v';
@ -689,7 +689,7 @@ bad:
}
else
{
char **xpp = (char **)sk_OPENSSL_PSTRING_value(db->db->data, userindex);
char **xpp = sk_OPENSSL_PSTRING_value(db->db->data,userindex);
BIO_printf(bio_err, "user \"%s\" revoked. t\n", user);
xpp[DB_srptype][0] = 'R';
@ -714,7 +714,7 @@ bad:
/* Lets check some fields */
for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++)
{
pp = (char **)sk_OPENSSL_PSTRING_value(db->db->data, i);
pp = sk_OPENSSL_PSTRING_value(db->db->data,i);
if (pp[DB_srptype][0] == 'v')
{

27
crypto/external/bsd/openssl/dist/apps/verify.c vendored
View File

@ -222,11 +222,19 @@ int MAIN(int argc, char **argv)
goto end;
}
if (argc < 1) check(cert_ctx, NULL, untrusted, trusted, crls, e);
ret = 0;
if (argc < 1)
{
if (1 != check(cert_ctx, NULL, untrusted, trusted, crls, e))
ret = -1;
}
else
{
for (i=0; i<argc; i++)
check(cert_ctx,argv[i], untrusted, trusted, crls, e);
ret=0;
if (1 != check(cert_ctx,argv[i], untrusted, trusted, crls, e))
ret = -1;
}
end:
if (ret == 1) {
BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check]");
@ -235,13 +243,16 @@ end:
BIO_printf(bio_err," [-engine e]");
#endif
BIO_printf(bio_err," cert1 cert2 ...\n");
BIO_printf(bio_err,"recognized usages:\n");
for(i = 0; i < X509_PURPOSE_get_count(); i++) {
for(i = 0; i < X509_PURPOSE_get_count(); i++)
{
X509_PURPOSE *ptmp;
ptmp = X509_PURPOSE_get0(i);
BIO_printf(bio_err, "\t%-10s\t%s\n", X509_PURPOSE_get0_sname(ptmp),
X509_PURPOSE_get0_name(ptmp));
}
BIO_printf(bio_err, "\t%-10s\t%s\n",
X509_PURPOSE_get0_sname(ptmp),
X509_PURPOSE_get0_name(ptmp));
}
}
if (vpm) X509_VERIFY_PARAM_free(vpm);
if (cert_ctx != NULL) X509_STORE_free(cert_ctx);
@ -249,7 +260,7 @@ end:
sk_X509_pop_free(trusted, X509_free);
sk_X509_CRL_pop_free(crls, X509_CRL_free);
apps_shutdown();
OPENSSL_EXIT(ret);
OPENSSL_EXIT(ret < 0 ? 2 : ret);
}
static int check(X509_STORE *ctx, char *file,

4
crypto/external/bsd/openssl/dist/apps/x509.c vendored
View File

@ -288,7 +288,7 @@ int MAIN(int argc, char **argv)
days=atoi(*(++argv));
if (days == 0)
{
BIO_printf(STDout,"bad number of days\n");
BIO_printf(bio_err,"bad number of days\n");
goto bad;
}
}
@ -912,7 +912,7 @@ bad:
}
else if (text == i)
{
X509_print_ex(out,x,nmflag, certflag);
X509_print_ex(STDout,x,nmflag, certflag);
}
else if (startdate == i)
{

20
crypto/external/bsd/openssl/dist/crypto/aes/asm/aes-mips.pl vendored
View File

@ -1036,9 +1036,9 @@ _mips_AES_set_encrypt_key:
nop
.end _mips_AES_set_encrypt_key
.globl AES_set_encrypt_key
.ent AES_set_encrypt_key
AES_set_encrypt_key:
.globl private_AES_set_encrypt_key
.ent private_AES_set_encrypt_key
private_AES_set_encrypt_key:
.frame $sp,$FRAMESIZE,$ra
.mask $SAVED_REGS_MASK,-$SZREG
.set noreorder
@ -1060,7 +1060,7 @@ $code.=<<___ if ($flavour =~ /nubi/i); # optimize non-nubi prologue
___
$code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification
.cplocal $Tbl
.cpsetup $pf,$zero,AES_set_encrypt_key
.cpsetup $pf,$zero,private_AES_set_encrypt_key
___
$code.=<<___;
.set reorder
@ -1083,7 +1083,7 @@ ___
$code.=<<___;
jr $ra
$PTR_ADD $sp,$FRAMESIZE
.end AES_set_encrypt_key
.end private_AES_set_encrypt_key
___
my ($head,$tail)=($inp,$bits);
@ -1091,9 +1091,9 @@ my ($tp1,$tp2,$tp4,$tp8,$tp9,$tpb,$tpd,$tpe)=($a4,$a5,$a6,$a7,$s0,$s1,$s2,$s3);
my ($m,$x80808080,$x7f7f7f7f,$x1b1b1b1b)=($at,$t0,$t1,$t2);
$code.=<<___;
.align 5
.globl AES_set_decrypt_key
.ent AES_set_decrypt_key
AES_set_decrypt_key:
.globl private_AES_set_decrypt_key
.ent private_AES_set_decrypt_key
private_AES_set_decrypt_key:
.frame $sp,$FRAMESIZE,$ra
.mask $SAVED_REGS_MASK,-$SZREG
.set noreorder
@ -1115,7 +1115,7 @@ $code.=<<___ if ($flavour =~ /nubi/i); # optimize non-nubi prologue
___
$code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification
.cplocal $Tbl
.cpsetup $pf,$zero,AES_set_decrypt_key
.cpsetup $pf,$zero,private_AES_set_decrypt_key
___
$code.=<<___;
.set reorder
@ -1226,7 +1226,7 @@ ___
$code.=<<___;
jr $ra
$PTR_ADD $sp,$FRAMESIZE
.end AES_set_decrypt_key
.end private_AES_set_decrypt_key
___
}}}

95
crypto/external/bsd/openssl/dist/crypto/aes/asm/aes-s390x.pl vendored
View File

@ -1598,11 +1598,11 @@ $code.=<<___ if(1);
lghi $s1,0x7f
nr $s1,%r0
lghi %r0,0 # query capability vector
la %r1,2*$SIZE_T($sp)
la %r1,$tweak-16($sp)
.long 0xb92e0042 # km %r4,%r2
llihh %r1,0x8000
srlg %r1,%r1,32($s1) # check for 32+function code
ng %r1,2*$SIZE_T($sp)
ng %r1,$tweak-16($sp)
lgr %r0,$s0 # restore the function code
la %r1,0($key1) # restore $key1
jz .Lxts_km_vanilla
@ -1628,7 +1628,7 @@ $code.=<<___ if(1);
lrvg $s0,$tweak+0($sp) # load the last tweak
lrvg $s1,$tweak+8($sp)
stmg %r0,%r3,$tweak-32(%r1) # wipe copy of the key
stmg %r0,%r3,$tweak-32($sp) # wipe copy of the key
nill %r0,0xffdf # switch back to original function code
la %r1,0($key1) # restore pointer to $key1
@ -1684,11 +1684,9 @@ $code.=<<___;
lghi $i1,0x87
srag $i2,$s1,63 # broadcast upper bit
ngr $i1,$i2 # rem
srlg $i2,$s0,63 # carry bit from lower half
sllg $s0,$s0,1
sllg $s1,$s1,1
algr $s0,$s0
alcgr $s1,$s1
xgr $s0,$i1
ogr $s1,$i2
.Lxts_km_start:
lrvgr $i1,$s0 # flip byte order
lrvgr $i2,$s1
@ -1745,11 +1743,9 @@ $code.=<<___;
lghi $i1,0x87
srag $i2,$s1,63 # broadcast upper bit
ngr $i1,$i2 # rem
srlg $i2,$s0,63 # carry bit from lower half
sllg $s0,$s0,1
sllg $s1,$s1,1
algr $s0,$s0
alcgr $s1,$s1
xgr $s0,$i1
ogr $s1,$i2
ltr $len,$len # clear zero flag
br $ra
@ -1781,8 +1777,8 @@ $code.=<<___ if (!$softonly);
clr %r0,%r1
jl .Lxts_enc_software
st${g} $ra,5*$SIZE_T($sp)
stm${g} %r6,$s3,6*$SIZE_T($sp)
st${g} $ra,14*$SIZE_T($sp)
sllg $len,$len,4 # $len&=~15
slgr $out,$inp
@ -1830,9 +1826,9 @@ $code.=<<___ if (!$softonly);
stg $i2,8($i3)
.Lxts_enc_km_done:
l${g} $ra,14*$SIZE_T($sp)
st${g} $sp,$tweak($sp) # wipe tweak
st${g} $sp,$tweak($sp)
stg $sp,$tweak+0($sp) # wipe tweak
stg $sp,$tweak+8($sp)
l${g} $ra,5*$SIZE_T($sp)
lm${g} %r6,$s3,6*$SIZE_T($sp)
br $ra
.align 16
@ -1843,12 +1839,11 @@ $code.=<<___;
slgr $out,$inp
xgr $s0,$s0 # clear upper half
xgr $s1,$s1
lrv $s0,$stdframe+4($sp) # load secno
lrv $s1,$stdframe+0($sp)
xgr $s2,$s2
xgr $s3,$s3
l${g} $s3,$stdframe($sp) # ivp
llgf $s0,0($s3) # load iv
llgf $s1,4($s3)
llgf $s2,8($s3)
llgf $s3,12($s3)
stm${g} %r2,%r5,2*$SIZE_T($sp)
la $key,0($key2)
larl $tbl,AES_Te
@ -1864,11 +1859,9 @@ $code.=<<___;
lghi %r1,0x87
srag %r0,$s3,63 # broadcast upper bit
ngr %r1,%r0 # rem
srlg %r0,$s1,63 # carry bit from lower half
sllg $s1,$s1,1
sllg $s3,$s3,1
algr $s1,$s1
alcgr $s3,$s3
xgr $s1,%r1
ogr $s3,%r0
lrvgr $s1,$s1 # flip byte order
lrvgr $s3,$s3
srlg $s0,$s1,32 # smash the tweak to 4x32-bits
@ -1917,11 +1910,9 @@ $code.=<<___;
lghi %r1,0x87
srag %r0,$s3,63 # broadcast upper bit
ngr %r1,%r0 # rem
srlg %r0,$s1,63 # carry bit from lower half
sllg $s1,$s1,1
sllg $s3,$s3,1
algr $s1,$s1
alcgr $s3,$s3
xgr $s1,%r1
ogr $s3,%r0
lrvgr $s1,$s1 # flip byte order
lrvgr $s3,$s3
srlg $s0,$s1,32 # smash the tweak to 4x32-bits
@ -1956,7 +1947,8 @@ $code.=<<___;
.size AES_xts_encrypt,.-AES_xts_encrypt
___
# void AES_xts_decrypt(const char *inp,char *out,size_t len,
# const AES_KEY *key1, const AES_KEY *key2,u64 secno);
# const AES_KEY *key1, const AES_KEY *key2,
# const unsigned char iv[16]);
#
$code.=<<___;
.globl AES_xts_decrypt
@ -1988,8 +1980,8 @@ $code.=<<___ if (!$softonly);
clr %r0,%r1
jl .Lxts_dec_software
st${g} $ra,5*$SIZE_T($sp)
stm${g} %r6,$s3,6*$SIZE_T($sp)
st${g} $ra,14*$SIZE_T($sp)
nill $len,0xfff0 # $len&=~15
slgr $out,$inp
@ -2028,11 +2020,9 @@ $code.=<<___ if (!$softonly);
lghi $i1,0x87
srag $i2,$s1,63 # broadcast upper bit
ngr $i1,$i2 # rem
srlg $i2,$s0,63 # carry bit from lower half
sllg $s0,$s0,1
sllg $s1,$s1,1
algr $s0,$s0
alcgr $s1,$s1
xgr $s0,$i1
ogr $s1,$i2
lrvgr $i1,$s0 # flip byte order
lrvgr $i2,$s1
@ -2075,9 +2065,9 @@ $code.=<<___ if (!$softonly);
stg $s2,0($i3)
stg $s3,8($i3)
.Lxts_dec_km_done:
l${g} $ra,14*$SIZE_T($sp)
st${g} $sp,$tweak($sp) # wipe tweak
st${g} $sp,$tweak($sp)
stg $sp,$tweak+0($sp) # wipe tweak
stg $sp,$tweak+8($sp)
l${g} $ra,5*$SIZE_T($sp)
lm${g} %r6,$s3,6*$SIZE_T($sp)
br $ra
.align 16
@ -2089,12 +2079,11 @@ $code.=<<___;
srlg $len,$len,4
slgr $out,$inp
xgr $s0,$s0 # clear upper half
xgr $s1,$s1
lrv $s0,$stdframe+4($sp) # load secno
lrv $s1,$stdframe+0($sp)
xgr $s2,$s2
xgr $s3,$s3
l${g} $s3,$stdframe($sp) # ivp
llgf $s0,0($s3) # load iv
llgf $s1,4($s3)
llgf $s2,8($s3)
llgf $s3,12($s3)
stm${g} %r2,%r5,2*$SIZE_T($sp)
la $key,0($key2)
larl $tbl,AES_Te
@ -2113,11 +2102,9 @@ $code.=<<___;
lghi %r1,0x87
srag %r0,$s3,63 # broadcast upper bit
ngr %r1,%r0 # rem
srlg %r0,$s1,63 # carry bit from lower half
sllg $s1,$s1,1
sllg $s3,$s3,1
algr $s1,$s1
alcgr $s3,$s3
xgr $s1,%r1
ogr $s3,%r0
lrvgr $s1,$s1 # flip byte order
lrvgr $s3,$s3
srlg $s0,$s1,32 # smash the tweak to 4x32-bits
@ -2156,11 +2143,9 @@ $code.=<<___;
lghi %r1,0x87
srag %r0,$s3,63 # broadcast upper bit
ngr %r1,%r0 # rem
srlg %r0,$s1,63 # carry bit from lower half
sllg $s1,$s1,1
sllg $s3,$s3,1
algr $s1,$s1
alcgr $s3,$s3
xgr $s1,%r1
ogr $s3,%r0
lrvgr $i2,$s1 # flip byte order
lrvgr $i3,$s3
stmg $i2,$i3,$tweak($sp) # save the 1st tweak
@ -2176,11 +2161,9 @@ $code.=<<___;
lghi %r1,0x87
srag %r0,$s3,63 # broadcast upper bit
ngr %r1,%r0 # rem
srlg %r0,$s1,63 # carry bit from lower half
sllg $s1,$s1,1
sllg $s3,$s3,1
algr $s1,$s1
alcgr $s3,$s3
xgr $s1,%r1
ogr $s3,%r0
lrvgr $s1,$s1 # flip byte order
lrvgr $s3,$s3
srlg $s0,$s1,32 # smash the tweak to 4x32-bits

3
crypto/external/bsd/openssl/dist/crypto/aes/asm/aes-x86_64.pl vendored
View File

@ -36,7 +36,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
open STDOUT,"| $^X $xlate $flavour $output";
open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
$verticalspin=1; # unlike 32-bit version $verticalspin performs
# ~15% better on both AMD and Intel cores

3
crypto/external/bsd/openssl/dist/crypto/aes/asm/aesni-sha1-x86_64.pl vendored
View File

@ -69,7 +69,8 @@ $avx=1 if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
`ml64 2>&1` =~ /Version ([0-9]+)\./ &&
$1>=10);
open STDOUT,"| $^X $xlate $flavour $output";
open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
# void aesni_cbc_sha1_enc(const void *inp,
# void *out,

3
crypto/external/bsd/openssl/dist/crypto/aes/asm/aesni-x86_64.pl vendored
View File

@ -172,7 +172,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
open STDOUT,"| $^X $xlate $flavour $output";
open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
$movkey = $PREFIX eq "aesni" ? "movups" : "movups";
@_4args=$win64? ("%rcx","%rdx","%r8", "%r9") : # Win64 order

3
crypto/external/bsd/openssl/dist/crypto/aes/asm/bsaes-x86_64.pl vendored
View File

@ -105,7 +105,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
open STDOUT,"| $^X $xlate $flavour $output";
open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
my ($inp,$out,$len,$key,$ivp)=("%rdi","%rsi","%rdx","%rcx");
my @XMM=map("%xmm$_",(15,0..14)); # best on Atom, +10% over (0..15)

3
crypto/external/bsd/openssl/dist/crypto/aes/asm/vpaes-x86_64.pl vendored
View File

@ -56,7 +56,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
open STDOUT,"| $^X $xlate $flavour $output";
open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
$PREFIX="vpaes";

1
crypto/external/bsd/openssl/dist/crypto/asn1/a_strex.c vendored
View File

@ -567,6 +567,7 @@ int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in)
if(mbflag == -1) return -1;
mbflag |= MBSTRING_FLAG;
stmp.data = NULL;
stmp.length = 0;
ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag, B_ASN1_UTF8STRING);
if(ret < 0) return ret;
*out = stmp.data;

6
crypto/external/bsd/openssl/dist/crypto/asn1/a_verify.c vendored
View File

@ -140,6 +140,12 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
int mdnid, pknid;
if (!pkey)
{
ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_PASSED_NULL_PARAMETER);
return -1;
}
EVP_MD_CTX_init(&ctx);
/* Convert signature OID into digest and public key OIDs */

5
crypto/external/bsd/openssl/dist/crypto/asn1/x_pubkey.c vendored
View File

@ -175,12 +175,15 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
if (key->pkey)
{
CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
EVP_PKEY_free(ret);
ret = key->pkey;
}
else
{
key->pkey = ret;
CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
}
CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY);
return ret;

85
crypto/external/bsd/openssl/dist/crypto/bio/bss_dgram.c vendored
View File

@ -77,10 +77,20 @@
#define OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE 0xc0
#endif
#ifdef OPENSSL_SYS_LINUX
#if defined(OPENSSL_SYS_LINUX) && !defined(IP_MTU)
#define IP_MTU 14 /* linux is lame */
#endif
#if defined(__FreeBSD__) && defined(IN6_IS_ADDR_V4MAPPED)
/* Standard definition causes type-punning problems. */
#undef IN6_IS_ADDR_V4MAPPED
#define s6_addr32 __u6_addr.__u6_addr32
#define IN6_IS_ADDR_V4MAPPED(a) \
(((a)->s6_addr32[0] == 0) && \
((a)->s6_addr32[1] == 0) && \
((a)->s6_addr32[2] == htonl(0x0000ffff)))
#endif
#ifdef WATT32
#define sock_write SockWrite /* Watt-32 uses same names */
#define sock_read SockRead
@ -255,7 +265,7 @@ static void dgram_adjust_rcv_timeout(BIO *b)
{
#if defined(SO_RCVTIMEO)
bio_dgram_data *data = (bio_dgram_data *)b->ptr;
int sz = sizeof(int);
union { size_t s; int i; } sz = {0};
/* Is a timer active? */
if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0)
@ -265,8 +275,10 @@ static void dgram_adjust_rcv_timeout(BIO *b)
/* Read current socket timeout */
#ifdef OPENSSL_SYS_WINDOWS
int timeout;
sz.i = sizeof(timeout);
if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
(void*)&timeout, &sz) < 0)
(void*)&timeout, &sz.i) < 0)
{ perror("getsockopt"); }
else
{
@ -274,9 +286,12 @@ static void dgram_adjust_rcv_timeout(BIO *b)
data->socket_timeout.tv_usec = (timeout % 1000) * 1000;
}
#else
sz.i = sizeof(data->socket_timeout);
if ( getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
&(data->socket_timeout), (void *)&sz) < 0)
{ perror("getsockopt"); }
else if (sizeof(sz.s)!=sizeof(sz.i) && sz.i==0)
OPENSSL_assert(sz.s<=sizeof(data->socket_timeout));
#endif
/* Get current time */
@ -445,11 +460,10 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
int *ip;
struct sockaddr *to = NULL;
bio_dgram_data *data = NULL;
#if defined(IP_MTU_DISCOVER) || defined(IP_MTU)
long sockopt_val = 0;
unsigned int sockopt_len = 0;
#endif
#ifdef OPENSSL_SYS_LINUX
#if defined(OPENSSL_SYS_LINUX) && (defined(IP_MTU_DISCOVER) || defined(IP_MTU))
int sockopt_val = 0;
socklen_t sockopt_len; /* assume that system supporting IP_MTU is
* modern enough to define socklen_t */
socklen_t addr_len;
union {
struct sockaddr sa;
@ -531,7 +545,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
break;
/* (Linux)kernel sets DF bit on outgoing IP packets */
case BIO_CTRL_DGRAM_MTU_DISCOVER:
#ifdef OPENSSL_SYS_LINUX
#if defined(OPENSSL_SYS_LINUX) && defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DO)
addr_len = (socklen_t)sizeof(addr);
memset((void *)&addr, 0, sizeof(addr));
if (getsockname(b->num, &addr.sa, &addr_len) < 0)
@ -539,7 +553,6 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
ret = 0;
break;
}
sockopt_len = sizeof(sockopt_val);
switch (addr.sa.sa_family)
{
case AF_INET:
@ -548,7 +561,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
&sockopt_val, sizeof(sockopt_val))) < 0)
perror("setsockopt");
break;
#if OPENSSL_USE_IPV6 && defined(IPV6_MTU_DISCOVER)
#if OPENSSL_USE_IPV6 && defined(IPV6_MTU_DISCOVER) && defined(IPV6_PMTUDISC_DO)
case AF_INET6:
sockopt_val = IPV6_PMTUDISC_DO;
if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
@ -565,7 +578,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
break;
#endif
case BIO_CTRL_DGRAM_QUERY_MTU:
#ifdef OPENSSL_SYS_LINUX
#if defined(OPENSSL_SYS_LINUX) && defined(IP_MTU)
addr_len = (socklen_t)sizeof(addr);
memset((void *)&addr, 0, sizeof(addr));
if (getsockname(b->num, &addr.sa, &addr_len) < 0)
@ -727,12 +740,15 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
#endif
break;
case BIO_CTRL_DGRAM_GET_RECV_TIMEOUT:
#ifdef OPENSSL_SYS_WINDOWS
{
int timeout, sz = sizeof(timeout);
union { size_t s; int i; } sz = {0};
#ifdef OPENSSL_SYS_WINDOWS
int timeout;
struct timeval *tv = (struct timeval *)ptr;
sz.i = sizeof(timeout);
if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
(void*)&timeout, &sz) < 0)
(void*)&timeout, &sz.i) < 0)
{ perror("getsockopt"); ret = -1; }
else
{
@ -740,12 +756,20 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
tv->tv_usec = (timeout % 1000) * 1000;
ret = sizeof(*tv);
}
}
#else
sz.i = sizeof(struct timeval);
if ( getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
ptr, (void *)&ret) < 0)
ptr, (void *)&sz) < 0)
{ perror("getsockopt"); ret = -1; }
else if (sizeof(sz.s)!=sizeof(sz.i) && sz.i==0)
{
OPENSSL_assert(sz.s<=sizeof(struct timeval));
ret = (int)sz.s;
}
else
ret = sz.i;
#endif
}
break;
#endif
#if defined(SO_SNDTIMEO)
@ -765,12 +789,15 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
#endif
break;
case BIO_CTRL_DGRAM_GET_SEND_TIMEOUT:
#ifdef OPENSSL_SYS_WINDOWS
{
int timeout, sz = sizeof(timeout);
union { size_t s; int i; } sz = {0};
#ifdef OPENSSL_SYS_WINDOWS
int timeout;
struct timeval *tv = (struct timeval *)ptr;
sz.i = sizeof(timeout);
if (getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
(void*)&timeout, &sz) < 0)
(void*)&timeout, &sz.i) < 0)
{ perror("getsockopt"); ret = -1; }
else
{
@ -778,12 +805,20 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
tv->tv_usec = (timeout % 1000) * 1000;
ret = sizeof(*tv);
}
}
#else
sz.i = sizeof(struct timeval);
if ( getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
ptr, (void *)&ret) < 0)
ptr, (void *)&sz) < 0)
{ perror("getsockopt"); ret = -1; }
else if (sizeof(sz.s)!=sizeof(sz.i) && sz.i==0)
{
OPENSSL_assert(sz.s<=sizeof(struct timeval));
ret = (int)sz.s;
}
else
ret = sz.i;
#endif
}
break;
#endif
case BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP:
@ -955,7 +990,6 @@ static int dgram_sctp_free(BIO *a)
#ifdef SCTP_AUTHENTICATION_EVENT
void dgram_sctp_handle_auth_free_key_event(BIO *b, union sctp_notification *snp)
{
unsigned int sockopt_len = 0;
int ret;
struct sctp_authkey_event* authkeyevent = &snp->sn_auth_event;
@ -965,9 +999,8 @@ void dgram_sctp_handle_auth_free_key_event(BIO *b, union sctp_notification *snp)
/* delete key */
authkeyid.scact_keynumber = authkeyevent->auth_keynumber;
sockopt_len = sizeof(struct sctp_authkeyid);
ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DELETE_KEY,
&authkeyid, sockopt_len);
&authkeyid, sizeof(struct sctp_authkeyid));
}
}
#endif
@ -1298,7 +1331,7 @@ static long dgram_sctp_ctrl(BIO *b, int cmd, long num, void *ptr)
{
long ret=1;
bio_dgram_sctp_data *data = NULL;
unsigned int sockopt_len = 0;
socklen_t sockopt_len = 0;
struct sctp_authkeyid authkeyid;
struct sctp_authkey *authkey;

2
crypto/external/bsd/openssl/dist/crypto/bn/asm/mips.pl vendored
View File

@ -819,7 +819,7 @@ ___
$code.=<<___;
.set reorder
move $ta3,$ra
bal bn_div_words
bal bn_div_words_internal
move $ra,$ta3
$MULTU $ta2,$v0
$LD $t2,-2*$BNSZ($a3)

3
crypto/external/bsd/openssl/dist/crypto/bn/asm/modexp512-x86_64.pl vendored
View File

@ -68,7 +68,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
open STDOUT,"| $^X $xlate $flavour $output";
open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
use strict;
my $code=".text\n\n";

2
crypto/external/bsd/openssl/dist/crypto/bn/asm/x86_64-gf2m.pl vendored
View File

@ -31,7 +31,7 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
open STDOUT,"| $^X $xlate $flavour $output";
open STDOUT,"| \"$^X\" $xlate $flavour $output";
($lo,$hi)=("%rax","%rdx"); $a=$lo;
($i0,$i1)=("%rsi","%rdi");

3
crypto/external/bsd/openssl/dist/crypto/bn/asm/x86_64-mont.pl vendored
View File

@ -40,7 +40,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
open STDOUT,"| $^X $xlate $flavour $output";
open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
# int bn_mul_mont(
$rp="%rdi"; # BN_ULONG *rp,

3
crypto/external/bsd/openssl/dist/crypto/bn/asm/x86_64-mont5.pl vendored
View File

@ -28,7 +28,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
open STDOUT,"| $^X $xlate $flavour $output";
open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
# int bn_mul_mont_gather5(
$rp="%rdi"; # BN_ULONG *rp,

2
crypto/external/bsd/openssl/dist/crypto/bn/bn_div.c vendored
View File

@ -141,6 +141,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
*
* <appro@fy.chalmers.se>
*/
#undef bn_div_words
# define bn_div_words(n0,n1,d0) \
({ asm volatile ( \
"divl %4" \
@ -155,6 +156,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
* Same story here, but it's 128-bit by 64-bit division. Wow!
* <appro@fy.chalmers.se>
*/
# undef bn_div_words
# define bn_div_words(n0,n1,d0) \
({ asm volatile ( \
"divq %4" \

1
crypto/external/bsd/openssl/dist/crypto/bn/bn_gcd.c vendored
View File

@ -205,6 +205,7 @@ err:
/* solves ax == 1 (mod n) */
static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
BIGNUM *BN_mod_inverse(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
{

25
crypto/external/bsd/openssl/dist/crypto/bn/bn_word.c vendored
View File

@ -144,26 +144,17 @@ int BN_add_word(BIGNUM *a, BN_ULONG w)
a->neg=!(a->neg);
return(i);
}
/* Only expand (and risk failing) if it's possibly necessary */
if (((BN_ULONG)(a->d[a->top - 1] + 1) == 0) &&
(bn_wexpand(a,a->top+1) == NULL))
return(0);
i=0;
for (;;)
for (i=0;w!=0 && i<a->top;i++)
{
if (i >= a->top)
l=w;
else
l=(a->d[i]+w)&BN_MASK2;
a->d[i]=l;
if (w > l)
w=1;
else
break;
i++;
a->d[i] = l = (a->d[i]+w)&BN_MASK2;
w = (w>l)?1:0;
}
if (i >= a->top)
if (w && i==a->top)
{
if (bn_wexpand(a,a->top+1) == NULL) return 0;
a->top++;
a->d[i]=w;
}
bn_check_top(a);
return(1);
}

3
crypto/external/bsd/openssl/dist/crypto/camellia/asm/cmll-x86_64.pl vendored
View File

@ -40,7 +40,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
open STDOUT,"| $^X $xlate $flavour $output";
open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
sub hi() { my $r=shift; $r =~ s/%[er]([a-d])x/%\1h/; $r; }
sub lo() { my $r=shift; $r =~ s/%[er]([a-d])x/%\1l/;

2
crypto/external/bsd/openssl/dist/crypto/cms/cms_cd.c vendored
View File

@ -58,7 +58,9 @@
#include <openssl/err.h>
#include <openssl/cms.h>
#include <openssl/bio.h>
#ifndef OPENSSL_NO_COMP
#include <openssl/comp.h>
#endif
#include "cms_lcl.h"
DECLARE_ASN1_ITEM(CMS_CompressedData)

2
crypto/external/bsd/openssl/dist/crypto/cms/cms_enc.c vendored
View File

@ -74,7 +74,7 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL;
unsigned char *tkey = NULL;
size_t tkeylen;
size_t tkeylen = 0;
int ok = 0;

2
crypto/external/bsd/openssl/dist/crypto/cms/cms_lib.c vendored
View File

@ -411,9 +411,7 @@ int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
* algorithm OID instead of digest.
*/
|| EVP_MD_pkey_type(EVP_MD_CTX_md(mtmp)) == nid)
{
return EVP_MD_CTX_copy_ex(mctx, mtmp);
}
chain = BIO_next(chain);
}
}

1
crypto/external/bsd/openssl/dist/crypto/conf/conf_mall.c vendored
View File

@ -76,5 +76,6 @@ void OPENSSL_load_builtin_modules(void)
#ifndef OPENSSL_NO_ENGINE
ENGINE_add_conf_module();
#endif
EVP_add_alg_module();
}

2
crypto/external/bsd/openssl/dist/crypto/crypto-lib.com vendored
View File

@ -282,7 +282,7 @@ $ LIB_RAND = "md_rand,randfile,rand_lib,rand_err,rand_egd,"+ -
"rand_vms"
$ LIB_ERR = "err,err_all,err_prn"
$ LIB_OBJECTS = "o_names,obj_dat,obj_lib,obj_err,obj_xref"
$ LIB_EVP = "encode,digest,evp_enc,evp_key,evp_acnf,"+ -
$ LIB_EVP = "encode,digest,evp_enc,evp_key,evp_acnf,evp_cnf,"+ -
"e_des,e_bf,e_idea,e_des3,e_camellia,"+ -
"e_rc4,e_aes,names,e_seed,"+ -
"e_xcbc_d,e_rc2,e_cast,e_rc5"

3
crypto/external/bsd/openssl/dist/crypto/des/set_key.c vendored
View File

@ -63,9 +63,8 @@
* 1.1 added norm_expand_bits
* 1.0 First working version
*/
#include "des_locl.h"
#include <openssl/crypto.h>
#include "des_locl.h"
OPENSSL_IMPLEMENT_GLOBAL(int,DES_check_key,0) /* defaults to false */

2
crypto/external/bsd/openssl/dist/crypto/des/str2key.c vendored
View File

@ -56,8 +56,8 @@
* [including the GNU Public Licence.]
*/
#include "des_locl.h"
#include <openssl/crypto.h>
#include "des_locl.h"
void DES_string_to_key(const char *str, DES_cblock *key)
{

28
crypto/external/bsd/openssl/dist/crypto/ec/ec.h vendored
View File

@ -274,10 +274,10 @@ int EC_GROUP_get_curve_name(const EC_GROUP *group);
void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
void EC_GROUP_set_point_conversion_form(EC_GROUP *, point_conversion_form_t);
void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
unsigned char *EC_GROUP_get0_seed(const EC_GROUP *);
unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
size_t EC_GROUP_get_seed_len(const EC_GROUP *);
size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
@ -626,8 +626,8 @@ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *c
*/
int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
int EC_POINT_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *);
int EC_POINTs_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *);
int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx);
/** Computes r = generator * n sum_{i=0}^num p[i] * m[i]
* \param group underlying EC_GROUP object
@ -800,16 +800,24 @@ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
unsigned EC_KEY_get_enc_flags(const EC_KEY *key);
void EC_KEY_set_enc_flags(EC_KEY *, unsigned int);
point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *);
void EC_KEY_set_conv_form(EC_KEY *, point_conversion_form_t);
void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags);
point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
/* functions to set/get method specific data */
void *EC_KEY_get_key_method_data(EC_KEY *,
void *EC_KEY_get_key_method_data(EC_KEY *key,
void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
void EC_KEY_insert_key_method_data(EC_KEY *, void *data,
/** Sets the key method data of an EC_KEY object, if none has yet been set.
* \param key EC_KEY object
* \param data opaque data to install.
* \param dup_func a function that duplicates |data|.
* \param free_func a function that frees |data|.
* \param clear_free_func a function that wipes and frees |data|.
* \return the previously set data pointer, or NULL if |data| was inserted.
*/
void *EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
/* wrapper functions for the underlying EC_GROUP object */
void EC_KEY_set_asn1_flag(EC_KEY *, int);
void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
/** Creates a table of pre-computed multiples of the generator to
* accelerate further EC_KEY operations.

13
crypto/external/bsd/openssl/dist/crypto/ec/ec_key.c vendored
View File

@ -520,18 +520,27 @@ void EC_KEY_set_conv_form(EC_KEY *key, point_conversion_form_t cform)
void *EC_KEY_get_key_method_data(EC_KEY *key,
void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *))
{
return EC_EX_DATA_get_data(key->method_data, dup_func, free_func, clear_free_func);
void *ret;
CRYPTO_r_lock(CRYPTO_LOCK_EC);
ret = EC_EX_DATA_get_data(key->method_data, dup_func, free_func, clear_free_func);
CRYPTO_r_unlock(CRYPTO_LOCK_EC);
return ret;
}
void EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
void *EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *))
{
EC_EXTRA_DATA *ex_data;
CRYPTO_w_lock(CRYPTO_LOCK_EC);
ex_data = EC_EX_DATA_get_data(key->method_data, dup_func, free_func, clear_free_func);
if (ex_data == NULL)
EC_EX_DATA_set_data(&key->method_data, data, dup_func, free_func, clear_free_func);
CRYPTO_w_unlock(CRYPTO_LOCK_EC);
return ex_data;
}
void EC_KEY_set_asn1_flag(EC_KEY *key, int flag)

2
crypto/external/bsd/openssl/dist/crypto/ec/ec_pmeth.c vendored
View File

@ -188,7 +188,7 @@ static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
pubkey = EC_KEY_get0_public_key(ctx->peerkey->pkey.ec);
/* NB: unlike PKS#3 DH, if *outlen is less than maximum size this is
/* NB: unlike PKCS#3 DH, if *outlen is less than maximum size this is
* not an error, the result is truncated.
*/

1
crypto/external/bsd/openssl/dist/crypto/ec/ecp_mont.c vendored
View File

@ -114,7 +114,6 @@ const EC_METHOD *EC_GFp_mont_method(void)
ec_GFp_mont_field_decode,
ec_GFp_mont_field_set_to_one };
return &ret;
#endif
}

17
crypto/external/bsd/openssl/dist/crypto/ecdh/Makefile vendored
View File

@ -84,17 +84,12 @@ ech_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
ech_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
ech_err.o: ech_err.c
ech_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ech_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
ech_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
ech_key.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
ech_key.o: ../../include/openssl/engine.h ../../include/openssl/evp.h
ech_key.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
ech_key.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
ech_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ech_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
ech_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
ech_key.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
ech_key.o: ../../include/openssl/x509_vfy.h ech_key.c ech_locl.h
ech_key.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
ech_key.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
ech_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
ech_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
ech_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
ech_key.o: ech_key.c ech_locl.h
ech_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ech_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
ech_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h

3
crypto/external/bsd/openssl/dist/crypto/ecdh/ech_key.c vendored
View File

@ -68,9 +68,6 @@
*/
#include "ech_locl.h"
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
EC_KEY *eckey,

11
crypto/external/bsd/openssl/dist/crypto/ecdh/ech_lib.c vendored
View File

@ -222,8 +222,15 @@ ECDH_DATA *ecdh_check(EC_KEY *key)
ecdh_data = (ECDH_DATA *)ecdh_data_new();
if (ecdh_data == NULL)
return NULL;
EC_KEY_insert_key_method_data(key, (void *)ecdh_data,
ecdh_data_dup, ecdh_data_free, ecdh_data_free);
data = EC_KEY_insert_key_method_data(key, (void *)ecdh_data,
ecdh_data_dup, ecdh_data_free, ecdh_data_free);
if (data != NULL)
{
/* Another thread raced us to install the key_method
* data and won. */
ecdh_data_free(ecdh_data);
ecdh_data = (ECDH_DATA *)data;
}
}
else
ecdh_data = (ECDH_DATA *)data;

11
crypto/external/bsd/openssl/dist/crypto/ecdsa/ecs_lib.c vendored
View File

@ -200,8 +200,15 @@ ECDSA_DATA *ecdsa_check(EC_KEY *key)
ecdsa_data = (ECDSA_DATA *)ecdsa_data_new();
if (ecdsa_data == NULL)
return NULL;
EC_KEY_insert_key_method_data(key, (void *)ecdsa_data,
ecdsa_data_dup, ecdsa_data_free, ecdsa_data_free);
data = EC_KEY_insert_key_method_data(key, (void *)ecdsa_data,
ecdsa_data_dup, ecdsa_data_free, ecdsa_data_free);
if (data != NULL)
{
/* Another thread raced us to install the key_method
* data and won. */
ecdsa_data_free(ecdsa_data);
ecdsa_data = (ECDSA_DATA *)data;
}
}
else
ecdsa_data = (ECDSA_DATA *)data;

19
crypto/external/bsd/openssl/dist/crypto/err/err_all.c vendored
View File

@ -64,7 +64,9 @@
#endif
#include <openssl/buffer.h>
#include <openssl/bio.h>
#ifndef OPENSSL_NO_COMP
#include <openssl/comp.h>
#endif
#ifndef OPENSSL_NO_RSA
#include <openssl/rsa.h>
#endif
@ -95,6 +97,9 @@
#include <openssl/ui.h>
#include <openssl/ocsp.h>
#include <openssl/err.h>
#ifdef OPENSSL_FIPS
#include <openssl/fips.h>
#endif
#include <openssl/ts.h>
#ifndef OPENSSL_NO_CMS
#include <openssl/cms.h>
@ -102,11 +107,6 @@
#ifndef OPENSSL_NO_JPAKE
#include <openssl/jpake.h>
#endif
#include <openssl/comp.h>
#ifdef OPENSSL_FIPS
#include <openssl/fips.h>
#endif
void ERR_load_crypto_strings(void)
{
@ -130,7 +130,9 @@ void ERR_load_crypto_strings(void)
ERR_load_ASN1_strings();
ERR_load_CONF_strings();
ERR_load_CRYPTO_strings();
#ifndef OPENSSL_NO_COMP
ERR_load_COMP_strings();
#endif
#ifndef OPENSSL_NO_EC
ERR_load_EC_strings();
#endif
@ -153,15 +155,14 @@ void ERR_load_crypto_strings(void)
#endif
ERR_load_OCSP_strings();
ERR_load_UI_strings();
#ifdef OPENSSL_FIPS
ERR_load_FIPS_strings();
#endif
#ifndef OPENSSL_NO_CMS
ERR_load_CMS_strings();
#endif
#ifndef OPENSSL_NO_JPAKE
ERR_load_JPAKE_strings();
#endif
ERR_load_COMP_strings();
#endif
#ifdef OPENSSL_FIPS
ERR_load_FIPS_strings();
#endif
}

55
crypto/external/bsd/openssl/dist/crypto/evp/Makefile vendored
View File

@ -18,7 +18,7 @@ TESTDATA=evptests.txt
APPS=
LIB=$(TOP)/libcrypto.a
LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \
LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c evp_cnf.c \
e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\
e_rc4.c e_aes.c names.c e_seed.c \
e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
@ -31,7 +31,7 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \
e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c evp_fips.c \
e_aes_cbc_hmac_sha1.c e_rc4_hmac_md5.c
LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o \
LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o evp_cnf.o \
e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\
e_rc4.o e_aes.o names.o e_seed.o \
e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
@ -67,7 +67,7 @@ files:
links:
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
cp $(TESTDATA) ../../test
[ ! -f $(TESTDATA) ] || cp $(TESTDATA) ../../test
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
@ -356,6 +356,20 @@ evp_acnf.o: ../../include/openssl/opensslconf.h
evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
evp_acnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
evp_acnf.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_acnf.c
evp_cnf.o: ../../e_os.h ../../include/openssl/asn1.h
evp_cnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
evp_cnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
evp_cnf.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
evp_cnf.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
evp_cnf.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
evp_cnf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
evp_cnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
evp_cnf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
evp_cnf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
evp_cnf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
evp_cnf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
evp_cnf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
evp_cnf.o: ../../include/openssl/x509v3.h ../cryptlib.h evp_cnf.c
evp_enc.o: ../../e_os.h ../../include/openssl/asn1.h
evp_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
evp_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@ -437,28 +451,22 @@ evp_pkey.o: ../asn1/asn1_locl.h ../cryptlib.h evp_pkey.c
m_dss.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
m_dss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
m_dss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
m_dss.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
m_dss.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
m_dss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
m_dss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
m_dss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
m_dss.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
m_dss.o: ../../include/openssl/err.h ../../include/openssl/evp.h
m_dss.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
m_dss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
m_dss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
m_dss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
m_dss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
m_dss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
m_dss.o: ../cryptlib.h m_dss.c
m_dss1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
m_dss1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
m_dss1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
m_dss1.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
m_dss1.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
m_dss1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
m_dss1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
m_dss1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
m_dss1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
m_dss1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
m_dss1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
m_dss1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
m_dss1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
m_dss1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
m_dss1.o: ../cryptlib.h m_dss1.c
m_ecdsa.o: ../../e_os.h ../../include/openssl/asn1.h
m_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
@ -563,16 +571,13 @@ m_sha.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
m_sha.o: ../cryptlib.h evp_locl.h m_sha.c
m_sha1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
m_sha1.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
m_sha1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
m_sha1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
m_sha1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
m_sha1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
m_sha1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
m_sha1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
m_sha1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
m_sha1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
m_sha1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
m_sha1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
m_sha1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
m_sha1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
m_sha1.o: ../cryptlib.h m_sha1.c
m_sigver.o: ../../e_os.h ../../include/openssl/asn1.h
m_sigver.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h

1
crypto/external/bsd/openssl/dist/crypto/evp/digest.c vendored
View File

@ -267,6 +267,7 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
return FIPS_digestfinal(ctx, md, size);
#else
int ret;
OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
ret=ctx->digest->final(ctx,md);
if (size != NULL)

5
crypto/external/bsd/openssl/dist/crypto/evp/e_aes.c vendored
View File

@ -969,8 +969,6 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
if (!gctx->iv_set)
return -1;
if (!ctx->encrypt && gctx->taglen < 0)
return -1;
if (in)
{
if (out == NULL)
@ -1012,6 +1010,8 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
{
if (!ctx->encrypt)
{
if (gctx->taglen < 0)
return -1;
if (CRYPTO_gcm128_finish(&gctx->gcm,
ctx->buf, gctx->taglen) != 0)
return -1;
@ -1217,6 +1217,7 @@ static int aes_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
vpaes_set_encrypt_key(key, ctx->key_len*8, &cctx->ks);
CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
&cctx->ks, (block128_f)vpaes_encrypt);
cctx->str = NULL;
cctx->key_set = 1;
break;
}

209
crypto/external/bsd/openssl/dist/crypto/evp/e_aes_cbc_hmac_sha1.c vendored
View File

@ -1,5 +1,5 @@
/* ====================================================================
* Copyright (c) 2011 The OpenSSL Project. All rights reserved.
* Copyright (c) 2011-2013 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -90,6 +90,10 @@ typedef struct
defined(_M_AMD64) || defined(_M_X64) || \
defined(__INTEL__) )
#if defined(__GNUC__) && __GNUC__>=2 && !defined(PEDANTIC)
# define BSWAP(x) ({ unsigned int r=(x); asm ("bswapl %0":"=r"(r):"0"(r)); r; })
#endif
extern unsigned int OPENSSL_ia32cap_P[2];
#define AESNI_CAPABLE (1<<(57-32))
@ -167,6 +171,9 @@ static void sha1_update(SHA_CTX *c,const void *data,size_t len)
SHA1_Update(c,ptr,res);
}
#ifdef SHA1_Update
#undef SHA1_Update
#endif
#define SHA1_Update sha1_update
static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
@ -184,6 +191,8 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
sha_off = SHA_CBLOCK-key->md.num;
#endif
key->payload_length = NO_PAYLOAD_LENGTH;
if (len%AES_BLOCK_SIZE) return 0;
if (ctx->encrypt) {
@ -234,47 +243,203 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
&key->ks,ctx->iv,1);
}
} else {
unsigned char mac[SHA_DIGEST_LENGTH];
union { unsigned int u[SHA_DIGEST_LENGTH/sizeof(unsigned int)];
unsigned char c[SHA_DIGEST_LENGTH]; } mac;
/* decrypt HMAC|padding at once */
aesni_cbc_encrypt(in,out,len,
&key->ks,ctx->iv,0);
if (plen) { /* "TLS" mode of operation */
/* figure out payload length */
if (len<(size_t)(out[len-1]+1+SHA_DIGEST_LENGTH))
return 0;
len -= (out[len-1]+1+SHA_DIGEST_LENGTH);
size_t inp_len, mask, j, i;
unsigned int res, maxpad, pad, bitlen;
int ret = 1;
union { unsigned int u[SHA_LBLOCK];
unsigned char c[SHA_CBLOCK]; }
*data = (void *)key->md.data;
if ((key->aux.tls_aad[plen-4]<<8|key->aux.tls_aad[plen-3])
>= TLS1_1_VERSION) {
len -= AES_BLOCK_SIZE;
>= TLS1_1_VERSION)
iv = AES_BLOCK_SIZE;
}
key->aux.tls_aad[plen-2] = len>>8;
key->aux.tls_aad[plen-1] = len;
if (len<(iv+SHA_DIGEST_LENGTH+1))
return 0;
/* calculate HMAC and verify it */
/* omit explicit iv */
out += iv;
len -= iv;
/* figure out payload length */
pad = out[len-1];
maxpad = len-(SHA_DIGEST_LENGTH+1);
maxpad |= (255-maxpad)>>(sizeof(maxpad)*8-8);
maxpad &= 255;
inp_len = len - (SHA_DIGEST_LENGTH+pad+1);
mask = (0-((inp_len-len)>>(sizeof(inp_len)*8-1)));
inp_len &= mask;
ret &= (int)mask;
key->aux.tls_aad[plen-2] = inp_len>>8;
key->aux.tls_aad[plen-1] = inp_len;
/* calculate HMAC */
key->md = key->head;
SHA1_Update(&key->md,key->aux.tls_aad,plen);
SHA1_Update(&key->md,out+iv,len);
SHA1_Final(mac,&key->md);
#if 1
len -= SHA_DIGEST_LENGTH; /* amend mac */
if (len>=(256+SHA_CBLOCK)) {
j = (len-(256+SHA_CBLOCK))&(0-SHA_CBLOCK);
j += SHA_CBLOCK-key->md.num;
SHA1_Update(&key->md,out,j);
out += j;
len -= j;
inp_len -= j;
}
/* but pretend as if we hashed padded payload */
bitlen = key->md.Nl+(inp_len<<3); /* at most 18 bits */
mac.c[0] = 0;
mac.c[1] = (unsigned char)(bitlen>>16);
mac.c[2] = (unsigned char)(bitlen>>8);
mac.c[3] = (unsigned char)bitlen;
bitlen = mac.u[0];
mac.u[0]=0;
mac.u[1]=0;
mac.u[2]=0;
mac.u[3]=0;
mac.u[4]=0;
for (res=key->md.num, j=0;j<len;j++) {
size_t c = out[j];
mask = (j-inp_len)>>(sizeof(j)*8-8);
c &= mask;
c |= 0x80&~mask&~((inp_len-j)>>(sizeof(j)*8-8));
data->c[res++]=(unsigned char)c;
if (res!=SHA_CBLOCK) continue;
mask = 0-((inp_len+8-j)>>(sizeof(j)*8-1));
data->u[SHA_LBLOCK-1] |= bitlen&mask;
sha1_block_data_order(&key->md,data,1);
mask &= 0-((j-inp_len-73)>>(sizeof(j)*8-1));
mac.u[0] |= key->md.h0 & mask;
mac.u[1] |= key->md.h1 & mask;
mac.u[2] |= key->md.h2 & mask;
mac.u[3] |= key->md.h3 & mask;
mac.u[4] |= key->md.h4 & mask;
res=0;
}
for(i=res;i<SHA_CBLOCK;i++,j++) data->c[i]=0;
if (res>SHA_CBLOCK-8) {
mask = 0-((inp_len+8-j)>>(sizeof(j)*8-1));
data->u[SHA_LBLOCK-1] |= bitlen&mask;
sha1_block_data_order(&key->md,data,1);
mask &= 0-((j-inp_len-73)>>(sizeof(j)*8-1));
mac.u[0] |= key->md.h0 & mask;
mac.u[1] |= key->md.h1 & mask;
mac.u[2] |= key->md.h2 & mask;
mac.u[3] |= key->md.h3 & mask;
mac.u[4] |= key->md.h4 & mask;
memset(data,0,SHA_CBLOCK);
j+=64;
}
data->u[SHA_LBLOCK-1] = bitlen;
sha1_block_data_order(&key->md,data,1);
mask = 0-((j-inp_len-73)>>(sizeof(j)*8-1));
mac.u[0] |= key->md.h0 & mask;
mac.u[1] |= key->md.h1 & mask;
mac.u[2] |= key->md.h2 & mask;
mac.u[3] |= key->md.h3 & mask;
mac.u[4] |= key->md.h4 & mask;
#ifdef BSWAP
mac.u[0] = BSWAP(mac.u[0]);
mac.u[1] = BSWAP(mac.u[1]);
mac.u[2] = BSWAP(mac.u[2]);
mac.u[3] = BSWAP(mac.u[3]);
mac.u[4] = BSWAP(mac.u[4]);
#else
for (i=0;i<5;i++) {
res = mac.u[i];
mac.c[4*i+0]=(unsigned char)(res>>24);
mac.c[4*i+1]=(unsigned char)(res>>16);
mac.c[4*i+2]=(unsigned char)(res>>8);
mac.c[4*i+3]=(unsigned char)res;
}
#endif
len += SHA_DIGEST_LENGTH;
#else
SHA1_Update(&key->md,out,inp_len);
res = key->md.num;
SHA1_Final(mac.c,&key->md);
{
unsigned int inp_blocks, pad_blocks;
/* but pretend as if we hashed padded payload */
inp_blocks = 1+((SHA_CBLOCK-9-res)>>(sizeof(res)*8-1));
res += (unsigned int)(len-inp_len);
pad_blocks = res / SHA_CBLOCK;
res %= SHA_CBLOCK;
pad_blocks += 1+((SHA_CBLOCK-9-res)>>(sizeof(res)*8-1));
for (;inp_blocks<pad_blocks;inp_blocks++)
sha1_block_data_order(&key->md,data,1);
}
#endif
key->md = key->tail;
SHA1_Update(&key->md,mac,SHA_DIGEST_LENGTH);
SHA1_Final(mac,&key->md);
SHA1_Update(&key->md,mac.c,SHA_DIGEST_LENGTH);
SHA1_Final(mac.c,&key->md);
if (memcmp(out+iv+len,mac,SHA_DIGEST_LENGTH))
return 0;
/* verify HMAC */
out += inp_len;
len -= inp_len;
#if 1
{
unsigned char *p = out+len-1-maxpad-SHA_DIGEST_LENGTH;
size_t off = out-p;
unsigned int c, cmask;
maxpad += SHA_DIGEST_LENGTH;
for (res=0,i=0,j=0;j<maxpad;j++) {
c = p[j];
cmask = ((int)(j-off-SHA_DIGEST_LENGTH))>>(sizeof(int)*8-1);
res |= (c^pad)&~cmask; /* ... and padding */
cmask &= ((int)(off-1-j))>>(sizeof(int)*8-1);
res |= (c^mac.c[i])&cmask;
i += 1&cmask;
}
maxpad -= SHA_DIGEST_LENGTH;
res = 0-((0-res)>>(sizeof(res)*8-1));
ret &= (int)~res;
}
#else
for (res=0,i=0;i<SHA_DIGEST_LENGTH;i++)
res |= out[i]^mac.c[i];
res = 0-((0-res)>>(sizeof(res)*8-1));
ret &= (int)~res;
/* verify padding */
pad = (pad&~res) | (maxpad&res);
out = out+len-1-pad;
for (res=0,i=0;i<pad;i++)
res |= out[i]^pad;
res = (0-res)>>(sizeof(res)*8-1);
ret &= (int)~res;
#endif
return ret;
} else {
SHA1_Update(&key->md,out,len);
}
}
key->payload_length = NO_PAYLOAD_LENGTH;
return 1;
}
@ -309,6 +474,8 @@ static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void
SHA1_Init(&key->tail);
SHA1_Update(&key->tail,hmac_key,sizeof(hmac_key));
OPENSSL_cleanse(hmac_key,sizeof(hmac_key));
return 1;
}
case EVP_CTRL_AEAD_TLS1_AAD:

15
crypto/external/bsd/openssl/dist/crypto/evp/evp.h vendored
View File

@ -402,7 +402,6 @@ struct evp_cipher_st
/* Length of tag for TLS */
#define EVP_GCM_TLS_TAG_LEN 16
typedef struct evp_cipher_info_st
{
const EVP_CIPHER *cipher;
@ -789,8 +788,8 @@ const EVP_CIPHER *EVP_aes_128_cfb128(void);
# define EVP_aes_128_cfb EVP_aes_128_cfb128
const EVP_CIPHER *EVP_aes_128_ofb(void);
const EVP_CIPHER *EVP_aes_128_ctr(void);
const EVP_CIPHER *EVP_aes_128_gcm(void);
const EVP_CIPHER *EVP_aes_128_ccm(void);
const EVP_CIPHER *EVP_aes_128_gcm(void);
const EVP_CIPHER *EVP_aes_128_xts(void);
const EVP_CIPHER *EVP_aes_192_ecb(void);
const EVP_CIPHER *EVP_aes_192_cbc(void);
@ -800,8 +799,8 @@ const EVP_CIPHER *EVP_aes_192_cfb128(void);
# define EVP_aes_192_cfb EVP_aes_192_cfb128
const EVP_CIPHER *EVP_aes_192_ofb(void);
const EVP_CIPHER *EVP_aes_192_ctr(void);
const EVP_CIPHER *EVP_aes_192_gcm(void);
const EVP_CIPHER *EVP_aes_192_ccm(void);
const EVP_CIPHER *EVP_aes_192_gcm(void);
const EVP_CIPHER *EVP_aes_256_ecb(void);
const EVP_CIPHER *EVP_aes_256_cbc(void);
const EVP_CIPHER *EVP_aes_256_cfb1(void);
@ -810,8 +809,8 @@ const EVP_CIPHER *EVP_aes_256_cfb128(void);
# define EVP_aes_256_cfb EVP_aes_256_cfb128
const EVP_CIPHER *EVP_aes_256_ofb(void);
const EVP_CIPHER *EVP_aes_256_ctr(void);
const EVP_CIPHER *EVP_aes_256_gcm(void);
const EVP_CIPHER *EVP_aes_256_ccm(void);
const EVP_CIPHER *EVP_aes_256_gcm(void);
const EVP_CIPHER *EVP_aes_256_xts(void);
#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void);
@ -1243,6 +1242,8 @@ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
int (*ctrl_str)(EVP_PKEY_CTX *ctx,
const char *type, const char *value));
void EVP_add_alg_module(void);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
@ -1257,6 +1258,7 @@ void ERR_load_EVP_strings(void);
#define EVP_F_AES_INIT_KEY 133
#define EVP_F_AES_XTS 172
#define EVP_F_AES_XTS_CIPHER 175
#define EVP_F_ALG_MODULE_INIT 177
#define EVP_F_CAMELLIA_INIT_KEY 159
#define EVP_F_CMAC_INIT 173
#define EVP_F_D2I_PKEY 100
@ -1350,15 +1352,19 @@ void ERR_load_EVP_strings(void);
#define EVP_R_DIFFERENT_PARAMETERS 153
#define EVP_R_DISABLED_FOR_FIPS 163
#define EVP_R_ENCODE_ERROR 115
#define EVP_R_ERROR_LOADING_SECTION 165
#define EVP_R_ERROR_SETTING_FIPS_MODE 166
#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119
#define EVP_R_EXPECTING_AN_RSA_KEY 127
#define EVP_R_EXPECTING_A_DH_KEY 128
#define EVP_R_EXPECTING_A_DSA_KEY 129
#define EVP_R_EXPECTING_A_ECDSA_KEY 141
#define EVP_R_EXPECTING_A_EC_KEY 142
#define EVP_R_FIPS_MODE_NOT_SUPPORTED 167
#define EVP_R_INITIALIZATION_ERROR 134
#define EVP_R_INPUT_NOT_INITIALIZED 111
#define EVP_R_INVALID_DIGEST 152
#define EVP_R_INVALID_FIPS_MODE 168
#define EVP_R_INVALID_KEY_LENGTH 130
#define EVP_R_INVALID_OPERATION 148
#define EVP_R_IV_TOO_LARGE 102
@ -1383,6 +1389,7 @@ void ERR_load_EVP_strings(void);
#define EVP_R_TOO_LARGE 164
#define EVP_R_UNKNOWN_CIPHER 160
#define EVP_R_UNKNOWN_DIGEST 161
#define EVP_R_UNKNOWN_OPTION 169
#define EVP_R_UNKNOWN_PBE_ALGORITHM 121
#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135
#define EVP_R_UNSUPPORTED_ALGORITHM 156

125
crypto/external/bsd/openssl/dist/crypto/evp/evp_cnf.c vendored Normal file
View File

@ -0,0 +1,125 @@
/* evp_cnf.c */
/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
* project 2007.
*/
/* ====================================================================
* Copyright (c) 2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <stdio.h>
#include <ctype.h>
#include <openssl/crypto.h>
#include "cryptlib.h"
#include <openssl/conf.h>
#include <openssl/dso.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#ifdef OPENSSL_FIPS
#include <openssl/fips.h>
#endif
/* Algorithm configuration module. */
static int alg_module_init(CONF_IMODULE *md, const CONF *cnf)
{
int i;
const char *oid_section;
STACK_OF(CONF_VALUE) *sktmp;
CONF_VALUE *oval;
oid_section = CONF_imodule_get_value(md);
if(!(sktmp = NCONF_get_section(cnf, oid_section)))
{
EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_LOADING_SECTION);
return 0;
}
for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++)
{
oval = sk_CONF_VALUE_value(sktmp, i);
if (!strcmp(oval->name, "fips_mode"))
{
int m;
if (!X509V3_get_value_bool(oval, &m))
{
EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_INVALID_FIPS_MODE);
return 0;
}
if (m > 0)
{
#ifdef OPENSSL_FIPS
if (!FIPS_mode() && !FIPS_mode_set(1))
{
EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_SETTING_FIPS_MODE);
return 0;
}
#else
EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_FIPS_MODE_NOT_SUPPORTED);
return 0;
#endif
}
}
else
{
EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_UNKNOWN_OPTION);
ERR_add_error_data(4, "name=", oval->name,
", value=", oval->value);
}
}
return 1;
}
void EVP_add_alg_module(void)
{
CONF_module_add("alg_section", alg_module_init, 0);
}

6
crypto/external/bsd/openssl/dist/crypto/evp/evp_err.c vendored
View File

@ -75,6 +75,7 @@ static ERR_STRING_DATA EVP_str_functs[]=
{ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"},
{ERR_FUNC(EVP_F_AES_XTS), "AES_XTS"},
{ERR_FUNC(EVP_F_AES_XTS_CIPHER), "AES_XTS_CIPHER"},
{ERR_FUNC(EVP_F_ALG_MODULE_INIT), "ALG_MODULE_INIT"},
{ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"},
{ERR_FUNC(EVP_F_CMAC_INIT), "CMAC_INIT"},
{ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"},
@ -171,15 +172,19 @@ static ERR_STRING_DATA EVP_str_reasons[]=
{ERR_REASON(EVP_R_DIFFERENT_PARAMETERS) ,"different parameters"},
{ERR_REASON(EVP_R_DISABLED_FOR_FIPS) ,"disabled for fips"},
{ERR_REASON(EVP_R_ENCODE_ERROR) ,"encode error"},
{ERR_REASON(EVP_R_ERROR_LOADING_SECTION) ,"error loading section"},
{ERR_REASON(EVP_R_ERROR_SETTING_FIPS_MODE),"error setting fips mode"},
{ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"},
{ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) ,"expecting an rsa key"},
{ERR_REASON(EVP_R_EXPECTING_A_DH_KEY) ,"expecting a dh key"},
{ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY) ,"expecting a dsa key"},
{ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY) ,"expecting a ecdsa key"},
{ERR_REASON(EVP_R_EXPECTING_A_EC_KEY) ,"expecting a ec key"},
{ERR_REASON(EVP_R_FIPS_MODE_NOT_SUPPORTED),"fips mode not supported"},
{ERR_REASON(EVP_R_INITIALIZATION_ERROR) ,"initialization error"},
{ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) ,"input not initialized"},
{ERR_REASON(EVP_R_INVALID_DIGEST) ,"invalid digest"},
{ERR_REASON(EVP_R_INVALID_FIPS_MODE) ,"invalid fips mode"},
{ERR_REASON(EVP_R_INVALID_KEY_LENGTH) ,"invalid key length"},
{ERR_REASON(EVP_R_INVALID_OPERATION) ,"invalid operation"},
{ERR_REASON(EVP_R_IV_TOO_LARGE) ,"iv too large"},
@ -204,6 +209,7 @@ static ERR_STRING_DATA EVP_str_reasons[]=
{ERR_REASON(EVP_R_TOO_LARGE) ,"too large"},
{ERR_REASON(EVP_R_UNKNOWN_CIPHER) ,"unknown cipher"},
{ERR_REASON(EVP_R_UNKNOWN_DIGEST) ,"unknown digest"},
{ERR_REASON(EVP_R_UNKNOWN_OPTION) ,"unknown option"},
{ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) ,"unknown pbe algorithm"},
{ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS),"unsuported number of rounds"},
{ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM) ,"unsupported algorithm"},

2
crypto/external/bsd/openssl/dist/crypto/evp/m_dss.c vendored
View File

@ -60,7 +60,7 @@
#include "cryptlib.h"
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
#include <openssl/sha.h>
#ifndef OPENSSL_NO_DSA
#include <openssl/dsa.h>
#endif

2
crypto/external/bsd/openssl/dist/crypto/evp/m_dss1.c vendored
View File

@ -63,7 +63,7 @@
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
#include <openssl/sha.h>
#ifndef OPENSSL_NO_DSA
#include <openssl/dsa.h>
#endif

2
crypto/external/bsd/openssl/dist/crypto/evp/p_sign.c vendored
View File

@ -80,7 +80,7 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
{
unsigned char m[EVP_MAX_MD_SIZE];
unsigned int m_len;
int i=0,ok=0,v;
int i = 0,ok = 0,v;
EVP_MD_CTX tmp_ctx;
EVP_PKEY_CTX *pkctx = NULL;

2
crypto/external/bsd/openssl/dist/crypto/evp/p_verify.c vendored
View File

@ -67,7 +67,7 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
{
unsigned char m[EVP_MAX_MD_SIZE];
unsigned int m_len;
int i=-1,ok=0,v;
int i = 0,ok = 0,v;
EVP_MD_CTX tmp_ctx;
EVP_PKEY_CTX *pkctx = NULL;

8
crypto/external/bsd/openssl/dist/crypto/md4/md4_locl.h vendored
View File

@ -77,10 +77,10 @@ void md4_block_data_order (MD4_CTX *c, const void *p,size_t num);
#define HASH_FINAL MD4_Final
#define HASH_MAKE_STRING(c,s) do { \
unsigned long ll; \
ll=(c)->A; HOST_l2c(ll,(s)); \
ll=(c)->B; HOST_l2c(ll,(s)); \
ll=(c)->C; HOST_l2c(ll,(s)); \
ll=(c)->D; HOST_l2c(ll,(s)); \
ll=(c)->A; (void)HOST_l2c(ll,(s)); \
ll=(c)->B; (void)HOST_l2c(ll,(s)); \
ll=(c)->C; (void)HOST_l2c(ll,(s)); \
ll=(c)->D; (void)HOST_l2c(ll,(s)); \
} while (0)
#define HASH_BLOCK_DATA_ORDER md4_block_data_order

3
crypto/external/bsd/openssl/dist/crypto/md5/asm/md5-x86_64.pl vendored
View File

@ -120,7 +120,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; my $dir=$1; my $xlate;
die "can't locate x86_64-xlate.pl";
no warnings qw(uninitialized);
open STDOUT,"| $^X $xlate $flavour $output";
open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
$code .= <<EOF;
.text

2
crypto/external/bsd/openssl/dist/crypto/mdc2/mdc2dgst.c vendored
View File

@ -59,9 +59,9 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/crypto.h>
#include <openssl/des.h>
#include <openssl/mdc2.h>
#include <openssl/crypto.h>
#undef c2l
#define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \

6
crypto/external/bsd/openssl/dist/crypto/modes/asm/ghash-x86.pl vendored
View File

@ -635,7 +635,7 @@ sub mmx_loop() {
{ my @lo = ("mm0","mm1","mm2");
my @hi = ("mm3","mm4","mm5");
my @tmp = ("mm6","mm7");
my $off1=0,$off2=0,$i;
my ($off1,$off2,$i) = (0,0,);
&add ($Htbl,128); # optimize for size
&lea ("edi",&DWP(16+128,"esp"));
@ -883,7 +883,7 @@ sub reduction_alg9 { # 17/13 times faster than Intel version
my ($Xhi,$Xi) = @_;
# 1st phase
&movdqa ($T1,$Xi) #
&movdqa ($T1,$Xi); #
&psllq ($Xi,1);
&pxor ($Xi,$T1); #
&psllq ($Xi,5); #
@ -1019,7 +1019,7 @@ my ($Xhi,$Xi) = @_;
&movdqa ($Xhn,$Xn);
&pxor ($Xhi,$T1); # "Ii+Xi", consume early
&movdqa ($T1,$Xi) #&reduction_alg9($Xhi,$Xi); 1st phase
&movdqa ($T1,$Xi); #&reduction_alg9($Xhi,$Xi); 1st phase
&psllq ($Xi,1);
&pxor ($Xi,$T1); #
&psllq ($Xi,5); #

3
crypto/external/bsd/openssl/dist/crypto/modes/asm/ghash-x86_64.pl vendored
View File

@ -50,7 +50,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
open STDOUT,"| $^X $xlate $flavour $output";
open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
# common register layout
$nlo="%rax";

4
crypto/external/bsd/openssl/dist/crypto/modes/gcm128.c vendored
View File

@ -723,7 +723,7 @@ void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx,void *key,block128_f block)
# endif
gcm_init_4bit(ctx->Htable,ctx->H.u);
# if defined(GHASH_ASM_X86) /* x86 only */
# if defined(OPENSSL_IA32_SSE2)
# if defined(OPENSSL_IA32_SSE2)
if (OPENSSL_ia32cap_P[0]&(1<<25)) { /* check SSE bit */
# else
if (OPENSSL_ia32cap_P[0]&(1<<23)) { /* check MMX bit */
@ -1398,7 +1398,7 @@ int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx,const unsigned char *tag,
void (*gcm_gmult_p)(u64 Xi[2],const u128 Htable[16]) = ctx->gmult;
#endif
if (ctx->mres)
if (ctx->mres || ctx->ares)
GCM_MUL(ctx,Xi);
if (is_endian.little) {

10
crypto/external/bsd/openssl/dist/crypto/ocsp/ocsp_vfy.c vendored
View File

@ -91,9 +91,12 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
{
EVP_PKEY *skey;
skey = X509_get_pubkey(signer);
ret = OCSP_BASICRESP_verify(bs, skey, 0);
EVP_PKEY_free(skey);
if(ret <= 0)
if (skey)
{
ret = OCSP_BASICRESP_verify(bs, skey, 0);
EVP_PKEY_free(skey);
}
if(!skey || ret <= 0)
{
OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, OCSP_R_SIGNATURE_FAILURE);
goto end;
@ -108,6 +111,7 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
init_res = X509_STORE_CTX_init(&ctx, st, signer, bs->certs);
if(!init_res)
{
ret = -1;
OCSPerr(OCSP_F_OCSP_BASIC_VERIFY,ERR_R_X509_LIB);
goto end;
}

161
crypto/external/bsd/openssl/dist/crypto/pem/pem_all.c vendored
View File

@ -193,7 +193,61 @@ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb,
#endif
#ifdef OPENSSL_FIPS
int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u)
{
if (FIPS_mode())
{
EVP_PKEY *k;
int ret;
k = EVP_PKEY_new();
if (!k)
return 0;
EVP_PKEY_set1_RSA(k, x);
ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
EVP_PKEY_free(k);
return ret;
}
else
return PEM_ASN1_write_bio((i2d_of_void *)i2d_RSAPrivateKey,
PEM_STRING_RSA,bp,x,enc,kstr,klen,cb,u);
}
#ifndef OPENSSL_NO_FP_API
int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u)
{
if (FIPS_mode())
{
EVP_PKEY *k;
int ret;
k = EVP_PKEY_new();
if (!k)
return 0;
EVP_PKEY_set1_RSA(k, x);
ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
EVP_PKEY_free(k);
return ret;
}
else
return PEM_ASN1_write((i2d_of_void *)i2d_RSAPrivateKey,
PEM_STRING_RSA,fp,x,enc,kstr,klen,cb,u);
}
#endif
#else
IMPLEMENT_PEM_write_cb_const(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey)
#endif
IMPLEMENT_PEM_rw_const(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey)
IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY)
@ -223,7 +277,59 @@ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb,
return pkey_get_dsa(pktmp, dsa); /* will free pktmp */
}
#ifdef OPENSSL_FIPS
int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u)
{
if (FIPS_mode())
{
EVP_PKEY *k;
int ret;
k = EVP_PKEY_new();
if (!k)
return 0;
EVP_PKEY_set1_DSA(k, x);
ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
EVP_PKEY_free(k);
return ret;
}
else
return PEM_ASN1_write_bio((i2d_of_void *)i2d_DSAPrivateKey,
PEM_STRING_DSA,bp,x,enc,kstr,klen,cb,u);
}
#ifndef OPENSSL_NO_FP_API
int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u)
{
if (FIPS_mode())
{
EVP_PKEY *k;
int ret;
k = EVP_PKEY_new();
if (!k)
return 0;
EVP_PKEY_set1_DSA(k, x);
ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
EVP_PKEY_free(k);
return ret;
}
else
return PEM_ASN1_write((i2d_of_void *)i2d_DSAPrivateKey,
PEM_STRING_DSA,fp,x,enc,kstr,klen,cb,u);
}
#endif
#else
IMPLEMENT_PEM_write_cb_const(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey)
#endif
IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY)
#ifndef OPENSSL_NO_FP_API
@ -269,8 +375,63 @@ EC_KEY *PEM_read_bio_ECPrivateKey(BIO *bp, EC_KEY **key, pem_password_cb *cb,
IMPLEMENT_PEM_rw_const(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKParameters)
#ifdef OPENSSL_FIPS
int PEM_write_bio_ECPrivateKey(BIO *bp, EC_KEY *x, const EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u)
{
if (FIPS_mode())
{
EVP_PKEY *k;
int ret;
k = EVP_PKEY_new();
if (!k)
return 0;
EVP_PKEY_set1_EC_KEY(k, x);
ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
EVP_PKEY_free(k);
return ret;
}
else
return PEM_ASN1_write_bio((i2d_of_void *)i2d_ECPrivateKey,
PEM_STRING_ECPRIVATEKEY,
bp,x,enc,kstr,klen,cb,u);
}
#ifndef OPENSSL_NO_FP_API
int PEM_write_ECPrivateKey(FILE *fp, EC_KEY *x, const EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u)
{
if (FIPS_mode())
{
EVP_PKEY *k;
int ret;
k = EVP_PKEY_new();
if (!k)
return 0;
EVP_PKEY_set1_EC_KEY(k, x);
ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
EVP_PKEY_free(k);
return ret;
}
else
return PEM_ASN1_write((i2d_of_void *)i2d_ECPrivateKey,
PEM_STRING_ECPRIVATEKEY,
fp,x,enc,kstr,klen,cb,u);
}
#endif
#else
IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, ECPrivateKey)
#endif
IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY)
#ifndef OPENSSL_NO_FP_API

27
crypto/external/bsd/openssl/dist/crypto/pem/pem_lib.c vendored
View File

@ -394,7 +394,8 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
goto err;
/* The 'iv' is used as the iv and as a salt. It is
* NOT taken from the BytesToKey function */
EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL);
if (!EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL))
goto err;
if (kstr == (unsigned char *)buf) OPENSSL_cleanse(buf,PEM_BUFSIZE);
@ -406,12 +407,15 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
/* k=strlen(buf); */
EVP_CIPHER_CTX_init(&ctx);
EVP_EncryptInit_ex(&ctx,enc,NULL,key,iv);
EVP_EncryptUpdate(&ctx,data,&j,data,i);
EVP_EncryptFinal_ex(&ctx,&(data[j]),&i);
ret = 1;
if (!EVP_EncryptInit_ex(&ctx,enc,NULL,key,iv)
|| !EVP_EncryptUpdate(&ctx,data,&j,data,i)
|| !EVP_EncryptFinal_ex(&ctx,&(data[j]),&i))
ret = 0;
EVP_CIPHER_CTX_cleanup(&ctx);
if (ret == 0)
goto err;
i+=j;
ret=1;
}
else
{
@ -459,14 +463,17 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
ebcdic2ascii(buf, buf, klen);
#endif
EVP_BytesToKey(cipher->cipher,EVP_md5(),&(cipher->iv[0]),
(unsigned char *)buf,klen,1,key,NULL);
if (!EVP_BytesToKey(cipher->cipher,EVP_md5(),&(cipher->iv[0]),
(unsigned char *)buf,klen,1,key,NULL))
return 0;
j=(int)len;
EVP_CIPHER_CTX_init(&ctx);
EVP_DecryptInit_ex(&ctx,cipher->cipher,NULL, key,&(cipher->iv[0]));
EVP_DecryptUpdate(&ctx,data,&i,data,j);
o=EVP_DecryptFinal_ex(&ctx,&(data[i]),&j);
o = EVP_DecryptInit_ex(&ctx,cipher->cipher,NULL, key,&(cipher->iv[0]));
if (o)
o = EVP_DecryptUpdate(&ctx,data,&i,data,j);
if (o)
o = EVP_DecryptFinal_ex(&ctx,&(data[i]),&j);
EVP_CIPHER_CTX_cleanup(&ctx);
OPENSSL_cleanse((char *)buf,sizeof(buf));
OPENSSL_cleanse((char *)key,sizeof(key));

6
crypto/external/bsd/openssl/dist/crypto/pem/pem_seal.c vendored
View File

@ -96,7 +96,8 @@ int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
EVP_EncodeInit(&ctx->encode);
EVP_MD_CTX_init(&ctx->md);
EVP_SignInit(&ctx->md,md_type);
if (!EVP_SignInit(&ctx->md,md_type))
goto err;
EVP_CIPHER_CTX_init(&ctx->cipher);
ret=EVP_SealInit(&ctx->cipher,type,ek,ekl,iv,pubk,npubk);
@ -163,7 +164,8 @@ int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
goto err;
}
EVP_EncryptFinal_ex(&ctx->cipher,s,(int *)&i);
if (!EVP_EncryptFinal_ex(&ctx->cipher,s,(int *)&i))
goto err;
EVP_EncodeUpdate(&ctx->encode,out,&j,s,i);
*outl=j;
out+=j;

2
crypto/external/bsd/openssl/dist/crypto/perlasm/cbc.pl vendored
View File

@ -150,7 +150,7 @@ sub cbc
&set_label("PIC_point");
&blindpop("edx");
&lea("ecx",&DWP(&label("cbc_enc_jmp_table")."-".&label("PIC_point"),"edx"));
&mov($count,&DWP(0,"ecx",$count,4))
&mov($count,&DWP(0,"ecx",$count,4));
&add($count,"edx");
&xor("ecx","ecx");
&xor("edx","edx");

1
crypto/external/bsd/openssl/dist/crypto/perlasm/x86masm.pl vendored
View File

@ -33,6 +33,7 @@ sub ::generic
sub ::call { &::emit("call",(&::islabel($_[0]) or "$nmdecor$_[0]")); }
sub ::call_ptr { &::emit("call",@_); }
sub ::jmp_ptr { &::emit("jmp",@_); }
sub ::lock { &::data_byte(0xf0); }
sub get_mem
{ my($size,$addr,$reg1,$reg2,$idx)=@_;

24
crypto/external/bsd/openssl/dist/crypto/pkcs12/p12_key.c vendored
View File

@ -176,24 +176,32 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
out += u;
for (j = 0; j < v; j++) B[j] = Ai[j % u];
/* Work out B + 1 first then can use B as tmp space */
if (!BN_bin2bn (B, v, Bpl1)) goto err;
if (!BN_add_word (Bpl1, 1)) goto err;
if (!BN_bin2bn (B, v, Bpl1))
goto err;
if (!BN_add_word (Bpl1, 1))
goto err;
for (j = 0; j < Ilen ; j+=v) {
if (!BN_bin2bn (I + j, v, Ij)) goto err;
if (!BN_add (Ij, Ij, Bpl1)) goto err;
BN_bn2bin (Ij, B);
if (!BN_bin2bn(I + j, v, Ij))
goto err;
if (!BN_add(Ij, Ij, Bpl1))
goto err;
if (!BN_bn2bin(Ij, B))
goto err;
Ijlen = BN_num_bytes (Ij);
/* If more than 2^(v*8) - 1 cut off MSB */
if (Ijlen > v) {
BN_bn2bin (Ij, B);
if (!BN_bn2bin (Ij, B))
goto err;
memcpy (I + j, B + 1, v);
#ifndef PKCS12_BROKEN_KEYGEN
/* If less than v bytes pad with zeroes */
} else if (Ijlen < v) {
memset(I + j, 0, v - Ijlen);
BN_bn2bin(Ij, I + j + v - Ijlen);
if (!BN_bn2bin(Ij, I + j + v - Ijlen))
goto err;
#endif
} else BN_bn2bin (Ij, I + j);
} else if (!BN_bn2bin (Ij, I + j))
goto err;
}
}

2
crypto/external/bsd/openssl/dist/crypto/pkcs7/bio_pk7.c vendored
View File

@ -56,7 +56,7 @@
#include <openssl/pkcs7.h>
#include <openssl/bio.h>
#ifndef OPENSSL_SYSNAME_NETWARE
#if !defined(OPENSSL_SYSNAME_NETWARE) && !defined(OPENSSL_SYSNAME_VXWORKS)
#include <memory.h>
#endif
#include <stdio.h>

7
crypto/external/bsd/openssl/dist/crypto/rand/rand_lib.c vendored
View File

@ -210,8 +210,11 @@ static size_t drbg_get_entropy(DRBG_CTX *ctx, unsigned char **pout,
static void drbg_free_entropy(DRBG_CTX *ctx, unsigned char *out, size_t olen)
{
OPENSSL_cleanse(out, olen);
OPENSSL_free(out);
if (out)
{
OPENSSL_cleanse(out, olen);
OPENSSL_free(out);
}
}
/* Set "additional input" when generating random data. This uses the

3
crypto/external/bsd/openssl/dist/crypto/rc4/asm/rc4-md5-x86_64.pl vendored
View File

@ -51,7 +51,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; my $dir=$1; my $xlate;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
open STDOUT,"| $^X $xlate $flavour $output";
open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
my ($dat,$in0,$out,$ctx,$inp,$len, $func,$nargs);

3
crypto/external/bsd/openssl/dist/crypto/rc4/asm/rc4-x86_64.pl vendored
View File

@ -112,7 +112,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
open STDOUT,"| $^X $xlate $flavour $output";
open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
$dat="%rdi"; # arg1
$len="%rsi"; # arg2

2
crypto/external/bsd/openssl/dist/crypto/rsa/rsa.h vendored
View File

@ -280,7 +280,7 @@ struct rsa_st
RSA * RSA_new(void);
RSA * RSA_new_method(ENGINE *engine);
int RSA_size(const RSA *);
int RSA_size(const RSA *rsa);
/* Deprecated version */
#ifndef OPENSSL_NO_DEPRECATED

2
crypto/external/bsd/openssl/dist/crypto/rsa/rsa_oaep.c vendored
View File

@ -149,7 +149,7 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
if (!EVP_Digest((void *)param, plen, phash, NULL, EVP_sha1(), NULL))
return -1;
if (memcmp(db, phash, SHA_DIGEST_LENGTH) != 0 || bad)
if (CRYPTO_memcmp(db, phash, SHA_DIGEST_LENGTH) != 0 || bad)
goto decoding_err;
else
{

2
crypto/external/bsd/openssl/dist/crypto/sha/asm/sha1-armv4-large.pl vendored
View File

@ -177,6 +177,7 @@ for($i=0;$i<5;$i++) {
$code.=<<___;
teq $Xi,sp
bne .L_00_15 @ [((11+4)*5+2)*3]
sub sp,sp,#25*4
___
&BODY_00_15(@V); unshift(@V,pop(@V));
&BODY_16_19(@V); unshift(@V,pop(@V));
@ -186,7 +187,6 @@ ___
$code.=<<___;
ldr $K,.LK_20_39 @ [+15+16*4]
sub sp,sp,#25*4
cmn sp,#0 @ [+3], clear carry to denote 20_39
.L_20_39_or_60_79:
___

3
crypto/external/bsd/openssl/dist/crypto/sha/asm/sha1-ia64.pl vendored
View File

@ -271,7 +271,8 @@ tmp6=loc13;
___
{ my $i,@V=($A,$B,$C,$D,$E);
{ my $i;
my @V=($A,$B,$C,$D,$E);
for($i=0;$i<16;$i++) { &BODY_00_15(\$code,$i,@V); unshift(@V,pop(@V)); }
for(;$i<20;$i++) { &BODY_16_19(\$code,$i,@V); unshift(@V,pop(@V)); }

2
crypto/external/bsd/openssl/dist/crypto/sha/asm/sha1-sparcv9a.pl vendored
View File

@ -549,7 +549,7 @@ ___
# programmer detect if current CPU is VIS capable at run-time.
sub unvis {
my ($mnemonic,$rs1,$rs2,$rd)=@_;
my $ref,$opf;
my ($ref,$opf);
my %visopf = ( "fmul8ulx16" => 0x037,
"faligndata" => 0x048,
"fpadd32" => 0x052,

3
crypto/external/bsd/openssl/dist/crypto/sha/asm/sha1-x86_64.pl vendored
View File

@ -82,7 +82,8 @@ $avx=1 if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
`ml64 2>&1` =~ /Version ([0-9]+)\./ &&
$1>=10);
open STDOUT,"| $^X $xlate $flavour $output";
open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
$ctx="%rdi"; # 1st arg
$inp="%rsi"; # 2nd arg

16
crypto/external/bsd/openssl/dist/crypto/sha/asm/sha512-586.pl vendored
View File

@ -142,9 +142,9 @@ sub BODY_00_15_x86 {
&mov ("edx",$Ehi);
&mov ("esi","ecx");
&shr ("ecx",9) # lo>>9
&shr ("ecx",9); # lo>>9
&mov ("edi","edx");
&shr ("edx",9) # hi>>9
&shr ("edx",9); # hi>>9
&mov ("ebx","ecx");
&shl ("esi",14); # lo<<14
&mov ("eax","edx");
@ -207,9 +207,9 @@ sub BODY_00_15_x86 {
&mov ($Dhi,"ebx");
&mov ("esi","ecx");
&shr ("ecx",2) # lo>>2
&shr ("ecx",2); # lo>>2
&mov ("edi","edx");
&shr ("edx",2) # hi>>2
&shr ("edx",2); # hi>>2
&mov ("ebx","ecx");
&shl ("esi",4); # lo<<4
&mov ("eax","edx");
@ -452,9 +452,9 @@ if ($sse2) {
&mov ("edx",&DWP(8*(9+15+16-1)+4,"esp"));
&mov ("esi","ecx");
&shr ("ecx",1) # lo>>1
&shr ("ecx",1); # lo>>1
&mov ("edi","edx");
&shr ("edx",1) # hi>>1
&shr ("edx",1); # hi>>1
&mov ("eax","ecx");
&shl ("esi",24); # lo<<24
&mov ("ebx","edx");
@ -488,9 +488,9 @@ if ($sse2) {
&mov ("edx",&DWP(8*(9+15+16-14)+4,"esp"));
&mov ("esi","ecx");
&shr ("ecx",6) # lo>>6
&shr ("ecx",6); # lo>>6
&mov ("edi","edx");
&shr ("edx",6) # hi>>6
&shr ("edx",6); # hi>>6
&mov ("eax","ecx");
&shl ("esi",3); # lo<<3
&mov ("ebx","edx");

3
crypto/external/bsd/openssl/dist/crypto/sha/asm/sha512-x86_64.pl vendored
View File

@ -51,7 +51,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
open STDOUT,"| $^X $xlate $flavour $output";
open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
if ($output =~ /512/) {
$func="sha512_block_data_order";

2
crypto/external/bsd/openssl/dist/crypto/sha/sha1_one.c vendored
View File

@ -58,8 +58,8 @@
#include <stdio.h>
#include <string.h>
#include <openssl/sha.h>
#include <openssl/crypto.h>
#include <openssl/sha.h>
#ifndef OPENSSL_NO_SHA1
unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md)

2
crypto/external/bsd/openssl/dist/crypto/sha/sha1dgst.c vendored
View File

@ -56,8 +56,8 @@
* [including the GNU Public Licence.]
*/
#include <openssl/opensslconf.h>
#include <openssl/crypto.h>
#include <openssl/opensslconf.h>
#if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_SHA)
#undef SHA_0

2
crypto/external/bsd/openssl/dist/crypto/sha/sha_dgst.c vendored
View File

@ -56,8 +56,8 @@
* [including the GNU Public Licence.]
*/
#include <openssl/opensslconf.h>
#include <openssl/crypto.h>
#include <openssl/opensslconf.h>
#if !defined(OPENSSL_NO_SHA0) && !defined(OPENSSL_NO_SHA)
#undef SHA_1

5
crypto/external/bsd/openssl/dist/crypto/srp/srp_vfy.c vendored
View File

@ -390,7 +390,7 @@ int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file)
}
for (i = 0; i < sk_OPENSSL_PSTRING_num(tmpdb->data); i++)
{
pp = (char **)sk_OPENSSL_PSTRING_value(tmpdb->data,i);
pp = sk_OPENSSL_PSTRING_value(tmpdb->data,i);
if (pp[DB_srptype][0] == DB_SRP_INDEX)
{
/*we add this couple in the internal Stack */
@ -581,7 +581,8 @@ char *SRP_create_verifier(const char *user, const char *pass, char **salt,
if (*salt == NULL)
{
char *tmp_salt;
if ((tmp_salt = (char *)OPENSSL_malloc(SRP_RANDOM_SALT_LEN * 2)) == NULL)
if ((tmp_salt = OPENSSL_malloc(SRP_RANDOM_SALT_LEN * 2)) == NULL)
{
OPENSSL_free(vf);
goto err;

14
crypto/external/bsd/openssl/dist/crypto/symhacks.h vendored
View File

@ -193,17 +193,17 @@
#undef SSL_CTX_set_srp_username_callback
#define SSL_CTX_set_srp_username_callback SSL_CTX_set_srp_un_cb
#undef ssl_add_clienthello_use_srtp_ext
#define ssl_add_clienthello_use_srtp_ext ssl_add_clihello_use_srtp_ext
#define ssl_add_clienthello_use_srtp_ext ssl_add_clihello_use_srtp_ext
#undef ssl_add_serverhello_use_srtp_ext
#define ssl_add_serverhello_use_srtp_ext ssl_add_serhello_use_srtp_ext
#define ssl_add_serverhello_use_srtp_ext ssl_add_serhello_use_srtp_ext
#undef ssl_parse_clienthello_use_srtp_ext
#define ssl_parse_clienthello_use_srtp_ext ssl_parse_clihello_use_srtp_ext
#define ssl_parse_clienthello_use_srtp_ext ssl_parse_clihello_use_srtp_ext
#undef ssl_parse_serverhello_use_srtp_ext
#define ssl_parse_serverhello_use_srtp_ext ssl_parse_serhello_use_srtp_ext
#define ssl_parse_serverhello_use_srtp_ext ssl_parse_serhello_use_srtp_ext
#undef SSL_CTX_set_next_protos_advertised_cb
#define SSL_CTX_set_next_protos_advertised_cb SSL_CTX_set_next_protos_adv_cb
#define SSL_CTX_set_next_protos_advertised_cb SSL_CTX_set_next_protos_adv_cb
#undef SSL_CTX_set_next_proto_select_cb
#define SSL_CTX_set_next_proto_select_cb SSL_CTX_set_next_proto_sel_cb
#define SSL_CTX_set_next_proto_select_cb SSL_CTX_set_next_proto_sel_cb
/* Hack some long ENGINE names */
#undef ENGINE_get_default_BN_mod_exp_crt
@ -316,8 +316,6 @@
#define ec_GFp_simple_point_set_to_infinity ec_GFp_simple_pt_set_to_inf
#undef ec_GFp_simple_points_make_affine
#define ec_GFp_simple_points_make_affine ec_GFp_simple_pts_make_affine
#undef ec_GFp_simple_group_get_curve_GFp
#define ec_GFp_simple_group_get_curve_GFp ec_GFp_simple_grp_get_curve_GFp
#undef ec_GFp_simple_set_Jprojective_coordinates_GFp
#define ec_GFp_simple_set_Jprojective_coordinates_GFp \
ec_GFp_smp_set_Jproj_coords_GFp

2
crypto/external/bsd/openssl/dist/crypto/whrlpool/asm/wp-mmx.pl vendored
View File

@ -119,7 +119,7 @@ $tbl="ebp";
&mov ("eax",&DWP(0,"esp"));
&mov ("ebx",&DWP(4,"esp"));
for($i=0;$i<8;$i++) {
my $func = ($i==0)? movq : pxor;
my $func = ($i==0)? \&movq : \&pxor;
&movb (&LB("ecx"),&LB("eax"));
&movb (&LB("edx"),&HB("eax"));
&scale ("esi","ecx");

3
crypto/external/bsd/openssl/dist/crypto/whrlpool/asm/wp-x86_64.pl vendored
View File

@ -41,7 +41,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; my $dir=$1; my $xlate;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
open STDOUT,"| $^X $xlate $flavour $output";
open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
sub L() { $code.=".byte ".join(',',@_)."\n"; }
sub LL(){ $code.=".byte ".join(',',@_).",".join(',',@_)."\n"; }

15
crypto/external/bsd/openssl/dist/crypto/x509/x509_cmp.c vendored
View File

@ -86,10 +86,9 @@ unsigned long X509_issuer_and_serial_hash(X509 *a)
EVP_MD_CTX_init(&ctx);
f=X509_NAME_oneline(a->cert_info->issuer,NULL,0);
ret=strlen(f);
if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL))
goto err;
if (!EVP_DigestUpdate(&ctx,(unsigned char *)f,ret))
if (!EVP_DigestUpdate(&ctx,(unsigned char *)f,strlen(f)))
goto err;
OPENSSL_free(f);
if(!EVP_DigestUpdate(&ctx,(unsigned char *)a->cert_info->serialNumber->data,
@ -249,14 +248,14 @@ unsigned long X509_NAME_hash_old(X509_NAME *x)
i2d_X509_NAME(x,NULL);
EVP_MD_CTX_init(&md_ctx);
EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL);
EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length);
EVP_DigestFinal_ex(&md_ctx,md,NULL);
if (EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL)
&& EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length)
&& EVP_DigestFinal_ex(&md_ctx,md,NULL))
ret=(((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
)&0xffffffffL;
EVP_MD_CTX_cleanup(&md_ctx);
ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
)&0xffffffffL;
return(ret);
}
#endif

4
crypto/external/bsd/openssl/dist/crypto/x509v3/v3_purp.c vendored
View File

@ -474,11 +474,11 @@ static void x509v3_cache_extensions(X509 *x)
for (i = 0; i < X509_get_ext_count(x); i++)
{
ex = X509_get_ext(x, i);
if (!X509_EXTENSION_get_critical(ex))
continue;
if (OBJ_obj2nid(X509_EXTENSION_get_object(ex))
== NID_freshest_crl)
x->ex_flags |= EXFLAG_FRESHEST;
if (!X509_EXTENSION_get_critical(ex))
continue;
if (!X509_supported_extension(ex))
{
x->ex_flags |= EXFLAG_CRITICAL;

3
crypto/external/bsd/openssl/dist/crypto/x86_64cpuid.pl vendored
View File

@ -11,7 +11,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
open STDOUT,"| $^X $xlate $flavour $output";
open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
($arg1,$arg2,$arg3,$arg4)=$win64?("%rcx","%rdx","%r8", "%r9") : # Win64 order
("%rdi","%rsi","%rdx","%rcx"); # Unix order

4
crypto/external/bsd/openssl/dist/crypto/x86cpuid.pl vendored
View File

@ -165,7 +165,7 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
&jnz (&label("nohalt")); # not enough privileges
&pushf ();
&pop ("eax")
&pop ("eax");
&bt ("eax",9);
&jnc (&label("nohalt")); # interrupts are disabled
@ -280,7 +280,7 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
# arguments is 1 or 2!
&function_begin_B("OPENSSL_indirect_call");
{
my $i,$max=7; # $max has to be chosen as 4*n-1
my ($max,$i)=(7,); # $max has to be chosen as 4*n-1
# in order to preserve eventual
# stack alignment
&push ("ebp");

Some files were not shown because too many files have changed in this diff Show More