Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Changes between 1.1.0h and 1.1.0i [14 Aug 2018] 

*) Client DoS due to large DH parameter

     During key agreement in a TLS handshake using a DH(E) based ciphersuite a
     malicious server can send a very large prime value to the client. This will
     cause the client to spend an unreasonably long period of time generating a
     key for this prime resulting in a hang until the client has finished. This
     could be exploited in a Denial Of Service attack.

     This issue was reported to OpenSSL on 5th June 2018 by Guido Vranken
     (CVE-2018-0732)
     [Guido Vranken]

  *) Cache timing vulnerability in RSA Key Generation

     The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to
     a cache timing side channel attack. An attacker with sufficient access to
     mount cache timing attacks during the RSA key generation process could
     recover the private key.

     This issue was reported to OpenSSL on 4th April 2018 by Alejandro Cabrera
     Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia.
     (CVE-2018-0737)
     [Billy Brumley]

  *) Make EVP_PKEY_asn1_new() a bit stricter about its input.  A NULL pem_str
     parameter is no longer accepted, as it leads to a corrupt table.  NULL
     pem_str is reserved for alias entries only.
     [Richard Levitte]

  *) Revert blinding in ECDSA sign and instead make problematic addition
     length-invariant. Switch even to fixed-length Montgomery multiplication.
     [Andy Polyakov]

  *) Change generating and checking of primes so that the error rate of not
     being prime depends on the intended use based on the size of the input.
     For larger primes this will result in more rounds of Miller-Rabin.
     The maximal error rate for primes with more than 1080 bits is lowered
     to 2^-128.
     [Kurt Roeckx, Annie Yousar]

  *) Increase the number of Miller-Rabin rounds for DSA key generating to 64.
     [Kurt Roeckx]

  *) Add blinding to ECDSA and DSA signatures to protect against side channel
     attacks discovered by Keegan Ryan (NCC Group).
     [Matt Caswell]

  *) When unlocking a pass phrase protected PEM file or PKCS#8 container, we
     now allow empty (zero character) pass phrases.
     [Richard Levitte]

  *) Certificate time validation (X509_cmp_time) enforces stricter
     compliance with RFC 5280. Fractional seconds and timezone offsets
     are no longer allowed.
     [Emilia Käsper]

  *) Fixed a text canonicalisation bug in CMS

     Where a CMS detached signature is used with text content the text goes
     through a canonicalisation process first prior to signing or verifying a
     signature. This process strips trailing space at the end of lines, converts
     line terminators to CRLF and removes additional trailing line terminators
     at the end of a file. A bug in the canonicalisation process meant that
     some characters, such as form-feed, were incorrectly treated as whitespace
     and removed. This is contrary to the specification (RFC5485). This fix
     could mean that detached text data signed with an earlier version of
     OpenSSL 1.1.0 may fail to verify using the fixed version, or text data
     signed with a fixed OpenSSL may fail to verify with an earlier version of
     OpenSSL 1.1.0. A workaround is to only verify the canonicalised text data
     and use the "-binary" flag (for the "cms" command line application) or set
     the SMIME_BINARY/PKCS7_BINARY/CMS_BINARY flags (if using CMS_verify()).
     [Matt Caswell]
This commit is contained in:
christos 2018-08-18 08:30:43 +00:00
parent be91dc2301
commit a68659eb19
283 changed files with 5422 additions and 2165 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
crypto/external/bsd/openssl/dist/.gitignore vendored
View File

@ -51,6 +51,7 @@ Makefile
/test/ssltest_old
/test/x509aux
/test/v3ext
/test/versions
# Certain files that get created by tests on the fly
/test/test-runs

12
crypto/external/bsd/openssl/dist/.travis.yml vendored
View File

@ -61,7 +61,7 @@ matrix:
sources:
- ubuntu-toolchain-r-test
compiler: gcc-5
env: CONFIG_OPTS="no-asm enable-ubsan enable-rc5 enable-md2 -DPEDANTIC"
env: UBUNTU_GCC_HACK="yes" CONFIG_OPTS="no-asm enable-ubsan enable-rc5 enable-md2 -DPEDANTIC"
- os: linux
addons:
apt:
@ -69,7 +69,7 @@ matrix:
- binutils-mingw-w64
- gcc-mingw-w64
compiler: i686-w64-mingw32-gcc
env: CONFIG_OPTS="no-pic" TESTS="-test_fuzz"
env: CONFIG_OPTS="no-pic"
- os: linux
addons:
apt:
@ -85,7 +85,7 @@ matrix:
- binutils-mingw-w64
- gcc-mingw-w64
compiler: x86_64-w64-mingw32-gcc
env: CONFIG_OPTS="no-pic" TESTS="-test_fuzz"
env: CONFIG_OPTS="no-pic"
- os: linux
addons:
apt:
@ -112,6 +112,10 @@ before_script:
srcdir=.;
top=.;
fi
- if [ -n "$UBUNTU_GCC_HACK" ]; then
$CC -dumpspecs | sed "s/--push-state//g; s/--pop-state/--as-needed/g" > gcc-specs.txt;
CC="$CC -specs=gcc-specs.txt";
fi
- if [ "$CC" == i686-w64-mingw32-gcc ]; then
export CROSS_COMPILE=${CC%%gcc}; unset CC;
$srcdir/Configure mingw $CONFIG_OPTS -Wno-pedantic-ms-format;
@ -186,7 +190,7 @@ script:
fi
- if [ -n "$DESTDIR" ]; then
mkdir "../$DESTDIR";
if $make install install_docs DESTDIR="../$DESTDIR"; then
if $make install DESTDIR="../$DESTDIR"; then
echo -e '+\057\057\057\057\057 MAKE INSTALL_DOCS OK';
else
echo -e '+\057\057\057\057\057 MAKE INSTALL_DOCS FAILED'; false;

75
crypto/external/bsd/openssl/dist/CHANGES vendored
View File

@ -7,6 +7,81 @@
https://github.com/openssl/openssl/commits/ and pick the appropriate
release branch.
Changes between 1.1.0h and 1.1.0i [14 Aug 2018]
*) Client DoS due to large DH parameter
During key agreement in a TLS handshake using a DH(E) based ciphersuite a
malicious server can send a very large prime value to the client. This will
cause the client to spend an unreasonably long period of time generating a
key for this prime resulting in a hang until the client has finished. This
could be exploited in a Denial Of Service attack.
This issue was reported to OpenSSL on 5th June 2018 by Guido Vranken
(CVE-2018-0732)
[Guido Vranken]
*) Cache timing vulnerability in RSA Key Generation
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to
a cache timing side channel attack. An attacker with sufficient access to
mount cache timing attacks during the RSA key generation process could
recover the private key.
This issue was reported to OpenSSL on 4th April 2018 by Alejandro Cabrera
Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia.
(CVE-2018-0737)
[Billy Brumley]
*) Make EVP_PKEY_asn1_new() a bit stricter about its input. A NULL pem_str
parameter is no longer accepted, as it leads to a corrupt table. NULL
pem_str is reserved for alias entries only.
[Richard Levitte]
*) Revert blinding in ECDSA sign and instead make problematic addition
length-invariant. Switch even to fixed-length Montgomery multiplication.
[Andy Polyakov]
*) Change generating and checking of primes so that the error rate of not
being prime depends on the intended use based on the size of the input.
For larger primes this will result in more rounds of Miller-Rabin.
The maximal error rate for primes with more than 1080 bits is lowered
to 2^-128.
[Kurt Roeckx, Annie Yousar]
*) Increase the number of Miller-Rabin rounds for DSA key generating to 64.
[Kurt Roeckx]
*) Add blinding to ECDSA and DSA signatures to protect against side channel
attacks discovered by Keegan Ryan (NCC Group).
[Matt Caswell]
*) When unlocking a pass phrase protected PEM file or PKCS#8 container, we
now allow empty (zero character) pass phrases.
[Richard Levitte]
*) Certificate time validation (X509_cmp_time) enforces stricter
compliance with RFC 5280. Fractional seconds and timezone offsets
are no longer allowed.
[Emilia Käsper]
*) Fixed a text canonicalisation bug in CMS
Where a CMS detached signature is used with text content the text goes
through a canonicalisation process first prior to signing or verifying a
signature. This process strips trailing space at the end of lines, converts
line terminators to CRLF and removes additional trailing line terminators
at the end of a file. A bug in the canonicalisation process meant that
some characters, such as form-feed, were incorrectly treated as whitespace
and removed. This is contrary to the specification (RFC5485). This fix
could mean that detached text data signed with an earlier version of
OpenSSL 1.1.0 may fail to verify using the fixed version, or text data
signed with a fixed OpenSSL may fail to verify with an earlier version of
OpenSSL 1.1.0. A workaround is to only verify the canonicalised text data
and use the "-binary" flag (for the "cms" command line application) or set
the SMIME_BINARY/PKCS7_BINARY/CMS_BINARY flags (if using CMS_verify()).
[Matt Caswell]
Changes between 1.1.0g and 1.1.0h [27 Mar 2018]
*) Constructed ASN.1 types with a recursive definition could exceed the stack

67
crypto/external/bsd/openssl/dist/CONTRIBUTING vendored
View File

@ -1,26 +1,26 @@
HOW TO CONTRIBUTE PATCHES TO OpenSSL
------------------------------------
HOW TO CONTRIBUTE TO OpenSSL
----------------------------
(Please visit https://www.openssl.org/community/getting-started.html for
other ideas about how to contribute.)
Development is coordinated on the openssl-dev mailing list (see the
above link or https://mta.openssl.org for information on subscribing).
If you are unsure as to whether a feature will be useful for the general
OpenSSL community you might want to discuss it on the openssl-dev mailing
list first. Someone may be already working on the same thing or there
may be a good reason as to why that feature isn't implemented.
Development is done on GitHub, https://github.com/openssl/openssl.
To submit a patch, make a pull request on GitHub. If you think the patch
could use feedback from the community, please start a thread on openssl-dev
to discuss it.
To request new features or report bugs, please open an issue on GitHub
Having addressed the following items before the PR will help make the
acceptance and review process faster:
To submit a patch, please open a pull request on GitHub. If you are thinking
of making a large contribution, open an issue for it before starting work,
to get comments from the community. Someone may be already working on
the same thing or there may be reasons why that feature isn't implemented.
1. Anything other than trivial contributions will require a contributor
licensing agreement, giving us permission to use your code. See
https://www.openssl.org/policies/cla.html for details.
To make it easier to review and accept your pull request, please follow these
guidelines:
1. Anything other than a trivial contribution requires a Contributor
License Agreement (CLA), giving us permission to use your code. See
https://www.openssl.org/policies/cla.html for details. If your
contribution is too small to require a CLA, put "CLA: trivial" on a
line by itself in your commit message body.
2. All source files should start with the following text (with
appropriate comment characters at the start of each line and the
@ -34,21 +34,38 @@ acceptance and review process faster:
https://www.openssl.org/source/license.html
3. Patches should be as current as possible; expect to have to rebase
often. We do not accept merge commits; You will be asked to remove
them before a patch is considered acceptable.
often. We do not accept merge commits, you will have to remove them
(usually by rebasing) before it will be acceptable.
4. Patches should follow our coding style (see
https://www.openssl.org/policies/codingstyle.html) and compile without
warnings. Where gcc or clang is available you should use the
https://www.openssl.org/policies/codingstyle.html) and compile
without warnings. Where gcc or clang is available you should use the
--strict-warnings Configure option. OpenSSL compiles on many varied
platforms: try to ensure you only use portable features.
Clean builds via Travis and AppVeyor are expected, and done whenever
a PR is created or updated.
platforms: try to ensure you only use portable features. Clean builds
via Travis and AppVeyor are required, and they are started automatically
whenever a PR is created or updated.
5. When at all possible, patches should include tests. These can
either be added to an existing test, or completely new. Please see
test/README for information on the test framework.
6. New features or changed functionality must include
documentation. Please look at the "pod" files in doc/apps, doc/crypto
and doc/ssl for examples of our style.
documentation. Please look at the "pod" files in doc for
examples of our style.
7. For user visible changes (API changes, behaviour changes, ...),
consider adding a note in CHANGES. This could be a summarising
description of the change, and could explain the grander details.
Have a look through existing entries for inspiration.
Please note that this is NOT simply a copy of git-log oneliners.
Also note that security fixes get an entry in CHANGES.
This file helps users get more in depth information of what comes
with a specific release without having to sift through the higher
noise ratio in git-log.
8. For larger or more important user visible changes, as well as
security fixes, please add a line in NEWS. On exception, it might be
worth adding a multi-line entry (such as the entry that announces all
the types that became opaque with OpenSSL 1.1.0).
This file helps users get a very quick summary of what comes with a
specific release, to see if an upgrade is worth the effort.

53
crypto/external/bsd/openssl/dist/Configurations/10-main.conf vendored
View File

@ -14,7 +14,7 @@ sub vc_win64a_info {
asflags => "/c /Cp /Cx /Zi",
asoutflag => "/Fo" };
} else {
$die->("NASM not found - please read INSTALL and NOTES.WIN for further details\n");
$die->("NASM not found - make sure it's installed and available on %PATH%\n");
$vc_win64a_info = { as => "{unknown}",
asflags => "",
asoutflag => "" };
@ -39,7 +39,7 @@ sub vc_win32_info {
asoutflag => "/Fo",
perlasm_scheme => "win32" };
} else {
$die->("NASM not found - please read INSTALL and NOTES.WIN for further details\n");
$die->("NASM not found - make sure it's installed and available on %PATH%\n");
$vc_win32_info = { as => "{unknown}",
asflags => "",
asoutflag => "",
@ -428,8 +428,17 @@ sub vms_info {
# even PA-RISC 2.0-specific code paths, which are chosen at run-time,
# thus adequate performance is provided even with PA-RISC 1.1 build.
# <appro@fy.chalmers.se>
"hpux-parisc-gcc" => {
"hpux-common" => {
inherit_from => [ "BASE_unix" ],
template => 1,
defines => add("_XOPEN_SOURCE", "_XOPEN_SOURCE_EXTENDED",
"_HPUX_ALT_XOPEN_SOCKET_API"),
thread_scheme => "pthreads",
dso_scheme => "dlfcn", # overridden in 32-bit PA-RISC builds
shared_target => "hpux-shared",
},
"hpux-parisc-gcc" => {
inherit_from => [ "hpux-common" ],
cc => "gcc",
cflags => combine(picker(default => "-DB_ENDIAN -DBN_DIV2W",
debug => "-O0 -g",
@ -437,9 +446,7 @@ sub vms_info {
threads("-pthread")),
ex_libs => add("-Wl,+s -ldld", threads("-pthread")),
bn_ops => "BN_LLONG",
thread_scheme => "pthreads",
dso_scheme => "dl",
shared_target => "hpux-shared",
shared_cflag => "-fPIC",
shared_ldflag => "-shared",
shared_extension => ".sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@ -449,7 +456,7 @@ sub vms_info {
multilib => "/pa1.1",
},
"hpux64-parisc2-gcc" => {
inherit_from => [ "BASE_unix", asm("parisc20_64_asm") ],
inherit_from => [ "hpux-common", asm("parisc20_64_asm") ],
cc => "gcc",
cflags => combine(picker(default => "-DB_ENDIAN",
debug => "-O0 -g",
@ -457,9 +464,6 @@ sub vms_info {
threads("-D_REENTRANT")),
ex_libs => add("-ldl"),
bn_ops => "SIXTY_FOUR_BIT_LONG RC4_CHAR",
thread_scheme => "pthreads",
dso_scheme => "dlfcn",
shared_target => "hpux-shared",
shared_cflag => "-fpic",
shared_ldflag => "-shared",
shared_extension => ".sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@ -471,7 +475,7 @@ sub vms_info {
# Chris Ruemmler <ruemmler@cup.hp.com>
# Kevin Steves <ks@hp.se>
"hpux-parisc-cc" => {
inherit_from => [ "BASE_unix" ],
inherit_from => [ "hpux-common" ],
cc => "cc",
cflags => combine(picker(default => "+Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY",
debug => "+O0 +d -g",
@ -479,9 +483,7 @@ sub vms_info {
threads("-D_REENTRANT")),
ex_libs => add("-Wl,+s -ldld",threads("-lpthread")),
bn_ops => "RC4_CHAR",
thread_scheme => "pthreads",
dso_scheme => "dl",
shared_target => "hpux-shared",
shared_cflag => "+Z",
shared_ldflag => "-b",
shared_extension => ".sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@ -492,7 +494,7 @@ sub vms_info {
multilib => "/pa1.1",
},
"hpux64-parisc2-cc" => {
inherit_from => [ "BASE_unix", asm("parisc20_64_asm") ],
inherit_from => [ "hpux-common", asm("parisc20_64_asm") ],
cc => "cc",
cflags => combine(picker(default => "+DD64 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY",
debug => "+O0 +d -g",
@ -500,9 +502,6 @@ sub vms_info {
threads("-D_REENTRANT")),
ex_libs => add("-ldl",threads("-lpthread")),
bn_ops => "SIXTY_FOUR_BIT_LONG RC4_CHAR",
thread_scheme => "pthreads",
dso_scheme => "dlfcn",
shared_target => "hpux-shared",
shared_cflag => "+Z",
shared_ldflag => "+DD64 -b",
shared_extension => ".sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@ -511,7 +510,7 @@ sub vms_info {
# HP/UX IA-64 targets
"hpux-ia64-cc" => {
inherit_from => [ "BASE_unix", asm("ia64_asm") ],
inherit_from => [ "hpux-common", asm("ia64_asm") ],
cc => "cc",
cflags => combine(picker(default => "-Ae +DD32 +Olit=all -z -DB_ENDIAN",
debug => "+O0 +d -g",
@ -519,9 +518,6 @@ sub vms_info {
threads("-D_REENTRANT")),
ex_libs => add("-ldl",threads("-lpthread")),
bn_ops => "SIXTY_FOUR_BIT",
thread_scheme => "pthreads",
dso_scheme => "dlfcn",
shared_target => "hpux-shared",
shared_cflag => "+Z",
shared_ldflag => "+DD32 -b",
shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@ -530,7 +526,7 @@ sub vms_info {
# Frank Geurts <frank.geurts@nl.abnamro.com> has patiently assisted
# with debugging of the following config.
"hpux64-ia64-cc" => {
inherit_from => [ "BASE_unix", asm("ia64_asm") ],
inherit_from => [ "hpux-common", asm("ia64_asm") ],
cc => "cc",
cflags => combine(picker(default => "-Ae +DD64 +Olit=all -z -DB_ENDIAN",
debug => "+O0 +d -g",
@ -538,9 +534,6 @@ sub vms_info {
threads("-D_REENTRANT")),
ex_libs => add("-ldl", threads("-lpthread")),
bn_ops => "SIXTY_FOUR_BIT_LONG",
thread_scheme => "pthreads",
dso_scheme => "dlfcn",
shared_target => "hpux-shared",
shared_cflag => "+Z",
shared_ldflag => "+DD64 -b",
shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@ -548,7 +541,7 @@ sub vms_info {
},
# GCC builds...
"hpux-ia64-gcc" => {
inherit_from => [ "BASE_unix", asm("ia64_asm") ],
inherit_from => [ "hpux-common", asm("ia64_asm") ],
cc => "gcc",
cflags => combine(picker(default => "-DB_ENDIAN",
debug => "-O0 -g",
@ -556,16 +549,13 @@ sub vms_info {
threads("-pthread")),
ex_libs => add("-ldl", threads("-pthread")),
bn_ops => "SIXTY_FOUR_BIT",
thread_scheme => "pthreads",
dso_scheme => "dlfcn",
shared_target => "hpux-shared",
shared_cflag => "-fpic",
shared_ldflag => "-shared",
shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
multilib => "/hpux32",
},
"hpux64-ia64-gcc" => {
inherit_from => [ "BASE_unix", asm("ia64_asm") ],
inherit_from => [ "hpux-common", asm("ia64_asm") ],
cc => "gcc",
cflags => combine(picker(default => "-mlp64 -DB_ENDIAN",
debug => "-O0 -g",
@ -573,9 +563,6 @@ sub vms_info {
threads("-pthread")),
ex_libs => add("-ldl", threads("-pthread")),
bn_ops => "SIXTY_FOUR_BIT_LONG",
thread_scheme => "pthreads",
dso_scheme => "dlfcn",
shared_target => "hpux-shared",
shared_cflag => "-fpic",
shared_ldflag => "-mlp64 -shared",
shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@ -1223,6 +1210,7 @@ sub vms_info {
perlasm_scheme => "aix32",
dso_scheme => "dlfcn",
shared_target => "aix-shared",
shared_cflag => "-qpic",
shared_ldflag => "-q32 -G",
shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
arflags => "-X 32",
@ -1241,6 +1229,7 @@ sub vms_info {
perlasm_scheme => "aix64",
dso_scheme => "dlfcn",
shared_target => "aix-shared",
shared_cflag => "-qpic",
shared_ldflag => "-q64 -G",
shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
arflags => "-X 64",

12
crypto/external/bsd/openssl/dist/Configurations/dist.conf vendored Normal file
View File

@ -0,0 +1,12 @@
## -*- mode: perl; -*-
## Build configuration targets for openssl-team members
# This is to support 'make dist'
%targets = (
"dist" => {
inherit_from => [ 'BASE_unix' ],
cc => "cc",
cflags => "-O",
thread_scheme => "(unknown)",
},
);

6
crypto/external/bsd/openssl/dist/Configurations/unix-Makefile.tmpl vendored
View File

@ -664,8 +664,10 @@ tar:
DISTDIR=$(NAME); \
mkdir -p $$TMPDIR/$$DISTDIR; \
(cd $(SRCDIR); \
excl_re="^(fuzz/corpora|Configurations/.*\.norelease\.conf)"; \
echo "$$excl_re"; \
git ls-tree -r --name-only --full-tree HEAD \
| grep -v '^fuzz/corpora' \
| egrep -v "$$excl_re" \
| while read F; do \
mkdir -p $$TMPDIR/$$DISTDIR/`dirname $$F`; \
cp $$F $$TMPDIR/$$DISTDIR/$$F; \
@ -848,7 +850,7 @@ EOF
$recipe .= <<"EOF";
$obj$objext: $deps
( trap "rm -f \$@.*" INT 0; \\
\$(CPP) $incs \$(CFLAGS) $ecflags $srcs | \\
\$(CC) $incs \$(CFLAGS) $ecflags -E $srcs | \\
\$(PERL) -ne '/^#(line)?\\s*[0-9]+/ or print' > \$@.s && \\
\$(CC) \$(CFLAGS) $ecflags -c -o \$\@ \$@.s )
EOF

2
crypto/external/bsd/openssl/dist/Configurations/windows-checker.pm vendored
View File

@ -6,7 +6,7 @@ use Config;
# we expect for the platform
use File::Spec::Functions qw(:DEFAULT rel2abs);
if (rel2abs('.') !~ m|\\|) {
if (!$ENV{CONFIGURE_INSIST} && rel2abs('.') !~ m|\\|) {
die <<EOF;
******************************************************************************

76
crypto/external/bsd/openssl/dist/Configurations/windows-makefile.tmpl vendored
View File

@ -88,20 +88,20 @@ GENERATED={- join(" ",
grep { /\.o$/ } keys %{$unified_info{sources}} ),
( grep { /\.h$/ } keys %{$unified_info{generate}} )) -}
INSTALL_LIBS={- join(" ", map { $_.$libext } @{$unified_info{install}->{libraries}}) -}
INSTALL_SHLIBS={- join(" ", map { shlib($_) } @{$unified_info{install}->{libraries}}) -}
INSTALL_SHLIBPDBS={- join(" ", map { local $shlibext = ".pdb"; shlib($_) } @{$unified_info{install}->{libraries}}) -}
INSTALL_ENGINES={- join(" ", map { dso($_) } @{$unified_info{install}->{engines}}) -}
INSTALL_ENGINEPDBS={- join(" ", map { local $dsoext = ".pdb"; dso($_) } @{$unified_info{install}->{engines}}) -}
INSTALL_PROGRAMS={- join(" ", map { $_.$exeext } grep { !m|^test\\| } @{$unified_info{install}->{programs}}) -}
INSTALL_PROGRAMPDBS={- join(" ", map { $_.".pdb" } grep { !m|^test\\| } @{$unified_info{install}->{programs}}) -}
INSTALL_LIBS={- join(" ", map { quotify1($_.$libext) } @{$unified_info{install}->{libraries}}) -}
INSTALL_SHLIBS={- join(" ", map { quotify_l(shlib($_)) } @{$unified_info{install}->{libraries}}) -}
INSTALL_SHLIBPDBS={- join(" ", map { local $shlibext = ".pdb"; quotify_l(shlib($_)) } @{$unified_info{install}->{libraries}}) -}
INSTALL_ENGINES={- join(" ", map { quotify1(dso($_)) } @{$unified_info{install}->{engines}}) -}
INSTALL_ENGINEPDBS={- join(" ", map { local $dsoext = ".pdb"; quotify1(dso($_)) } @{$unified_info{install}->{engines}}) -}
INSTALL_PROGRAMS={- join(" ", map { quotify1($_.$exeext) } grep { !m|^test\\| } @{$unified_info{install}->{programs}}) -}
INSTALL_PROGRAMPDBS={- join(" ", map { quotify1($_.".pdb") } grep { !m|^test\\| } @{$unified_info{install}->{programs}}) -}
{- output_off() if $disabled{apps}; "" -}
BIN_SCRIPTS=$(BLDDIR)\tools\c_rehash.pl
MISC_SCRIPTS=$(BLDDIR)\apps\CA.pl $(BLDDIR)\apps\tsget.pl
BIN_SCRIPTS="$(BLDDIR)\tools\c_rehash.pl"
MISC_SCRIPTS="$(BLDDIR)\apps\CA.pl" "$(BLDDIR)\apps\tsget.pl"
{- output_on() if $disabled{apps}; "" -}
APPS_OPENSSL={- use File::Spec::Functions;
catfile("apps","openssl") -}
"\"".catfile("apps","openssl")."\"" -}
# Do not edit these manually. Use Configure with --prefix or --openssldir
# to change this! Short explanation in the top comment in Configure
@ -182,6 +182,9 @@ MTOUTFLAG={- $target{mtoutflag} || "-outputresource:" -}$(OSSL_EMPTY)
AS={- $target{as} -}
ASFLAGS={- $target{asflags} -}
ASOUTFLAG={- $target{asoutflag} -}$(OSSL_EMPTY)
ECHO="$(PERL)" "$(SRCDIR)\util\echo.pl"
PERLASM_SCHEME= {- $target{perlasm_scheme} -}
PROCESSOR= {- $config{processor} -}
@ -207,7 +210,7 @@ build_all_generated: $(GENERATED_MANDATORY) $(GENERATED)
test: tests
{- dependmagic('tests'); -}: build_programs_nodep build_engines_nodep
@rem {- output_off() if $disabled{tests}; "" -}
@{- output_off() if $disabled{tests}; "" -}
-mkdir $(BLDDIR)\test\test-runs
set SRCTOP=$(SRCDIR)
set BLDTOP=$(BLDDIR)
@ -216,17 +219,17 @@ test: tests
set OPENSSL_ENGINES=$(MAKEDIR)\engines
set OPENSSL_DEBUG_MEMORY=on
"$(PERL)" "$(SRCDIR)\test\run_tests.pl" $(TESTS)
@rem {- if ($disabled{tests}) { output_on(); } else { output_off(); } "" -}
@echo "Tests are not supported with your chosen Configure options"
@rem {- output_on() if !$disabled{tests}; "" -}
@{- if ($disabled{tests}) { output_on(); } else { output_off(); } "" -}
@$(ECHO) "Tests are not supported with your chosen Configure options"
@{- output_on() if !$disabled{tests}; "" -}
list-tests:
@rem {- output_off() if $disabled{tests}; "" -}
@{- output_off() if $disabled{tests}; "" -}
@set SRCTOP=$(SRCDIR)
@"$(PERL)" "$(SRCDIR)\test\run_tests.pl" list
@rem {- if ($disabled{tests}) { output_on(); } else { output_off(); } "" -}
@echo "Tests are not supported with your chosen Configure options"
@rem {- output_on() if !$disabled{tests}; "" -}
@{- if ($disabled{tests}) { output_on(); } else { output_off(); } "" -}
@$(ECHO) "Tests are not supported with your chosen Configure options"
@{- output_on() if !$disabled{tests}; "" -}
install: install_sw install_ssldirs install_docs
@ -285,16 +288,17 @@ install_ssldirs:
"$(OPENSSLDIR)\misc"
install_dev:
@if "$(INSTALLTOP)"=="" ( echo INSTALLTOP should not be empty & exit 1 )
@echo *** Installing development files
@if "$(INSTALLTOP)"=="" ( $(ECHO) "INSTALLTOP should not be empty" & exit 1 )
@$(ECHO) "*** Installing development files"
@"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(INSTALLTOP)\include\openssl"
@rem {- output_off() unless grep { $_ eq "OPENSSL_USE_APPLINK" } @{$target{defines}}; "" -}
@{- output_off() unless grep { $_ eq "OPENSSL_USE_APPLINK" } @{$target{defines}}; "" -}
@"$(PERL)" "$(SRCDIR)\util\copy.pl" "$(SRCDIR)\ms\applink.c" \
"$(INSTALLTOP)\include\openssl"
@rem {- output_on() unless grep { $_ eq "OPENSSL_USE_APPLINK" } @{$target{defines}}; "" -}
@"$(PERL)" "$(SRCDIR)\util\copy.pl" "$(SRCDIR)\include\openssl\*.h" \
@{- output_on() unless grep { $_ eq "OPENSSL_USE_APPLINK" } @{$target{defines}}; "" -}
@"$(PERL)" "$(SRCDIR)\util\copy.pl" "-exclude_re=/__DECC_" \
"$(SRCDIR)\include\openssl\*.h" \
"$(INSTALLTOP)\include\openssl"
@"$(PERL)" "$(SRCDIR)\util\copy.pl" $(BLDDIR)\include\openssl\*.h \
@"$(PERL)" "$(SRCDIR)\util\copy.pl" "$(BLDDIR)\include\openssl\*.h" \
"$(INSTALLTOP)\include\openssl"
@"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(INSTALLTOP)\$(LIBDIR)"
@"$(PERL)" "$(SRCDIR)\util\copy.pl" $(INSTALL_LIBS) \
@ -306,8 +310,8 @@ install_dev:
uninstall_dev:
install_engines:
@if "$(INSTALLTOP)"=="" ( echo INSTALLTOP should not be empty & exit 1 )
@echo *** Installing engines
@if "$(INSTALLTOP)"=="" ( $(ECHO) "INSTALLTOP should not be empty" & exit 1 )
@$(ECHO) "*** Installing engines"
@"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(ENGINESDIR)"
@if not "$(ENGINES)"=="" \
"$(PERL)" "$(SRCDIR)\util\copy.pl" $(INSTALL_ENGINES) "$(ENGINESDIR)"
@ -317,8 +321,8 @@ install_engines:
uninstall_engines:
install_runtime:
@if "$(INSTALLTOP)"=="" ( echo INSTALLTOP should not be empty & exit 1 )
@echo *** Installing runtime files
@if "$(INSTALLTOP)"=="" ( $(ECHO) "INSTALLTOP should not be empty" & exit 1 )
@$(ECHO) "*** Installing runtime files"
@"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(INSTALLTOP)\bin"
@if not "$(SHLIBS)"=="" \
"$(PERL)" "$(SRCDIR)\util\copy.pl" $(INSTALL_SHLIBS) "$(INSTALLTOP)\bin"
@ -343,14 +347,14 @@ uninstall_html_docs:
# Building targets ###################################################
configdata.pm: "$(SRCDIR)\Configure" {- join(" ", map { '"'.$_.'"' } @{$config{build_file_templates}}, @{$config{build_infos}}, @{$config{conf_files}}) -}
@echo "Detected changed: $?"
@echo "Reconfiguring..."
@$(ECHO) "Detected changed: $?"
@$(ECHO) "Reconfiguring..."
"$(PERL)" "$(SRCDIR)\Configure" reconf
@echo "**************************************************"
@echo "*** ***"
@echo "*** Please run the same make command again ***"
@echo "*** ***"
@echo "**************************************************"
@$(ECHO) "**************************************************"
@$(ECHO) "*** ***"
@$(ECHO) "*** Please run the same make command again ***"
@$(ECHO) "*** ***"
@$(ECHO) "**************************************************"
@exit 1
{-
@ -604,8 +608,6 @@ EOF
foreach my $prod (@{$unified_info{dirinfo}->{$dir}->{products}->{$type}}) {
if (dirname($prod) eq $dir) {
push @deps, $prod.$extinfo{$type};
} else {
push @actions, "\t@rem No support to produce $type ".join(", ", @{$unified_info{dirinfo}->{$dir}->{products}->{$type}});
}
}
}

60
crypto/external/bsd/openssl/dist/Configure vendored
View File

@ -20,6 +20,9 @@ use OpenSSL::Glob;
# see INSTALL for instructions.
my $orig_death_handler = $SIG{__DIE__};
$SIG{__DIE__} = \&death_handler;
my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";
# Options:
@ -756,21 +759,21 @@ while (@argvcopy)
else
{ $config{options} .= " ".$_; }
}
}
if (defined($config{api}) && !exists $apitable->{$config{api}}) {
die "***** Unsupported api compatibility level: $config{api}\n",
}
if (defined($config{api}) && !exists $apitable->{$config{api}}) {
die "***** Unsupported api compatibility level: $config{api}\n",
}
if (keys %deprecated_options)
{
warn "***** Deprecated options: ",
join(", ", keys %deprecated_options), "\n";
}
if (keys %unsupported_options)
{
die "***** Unsupported options: ",
join(", ", keys %unsupported_options), "\n";
}
if (keys %deprecated_options)
{
warn "***** Deprecated options: ",
join(", ", keys %deprecated_options), "\n";
}
if (keys %unsupported_options)
{
die "***** Unsupported options: ",
join(", ", keys %unsupported_options), "\n";
}
if ($libs =~ /(^|\s)-Wl,-rpath,/
@ -908,11 +911,12 @@ if ($d) {
$target = $t;
}
}
&usage if !$table{$target} || $table{$target}->{template};
$config{target} = $target;
my %target = resolve_config($target);
&usage if (!%target || $target{template});
my %conf_files = map { $_ => 1 } (@{$target{_conf_fname_int}});
$config{conf_files} = [ sort keys %conf_files ];
%target = ( %{$table{DEFAULTS}}, %target );
@ -1215,8 +1219,10 @@ if ($^O ne "VMS") {
if (!$disabled{makedepend}) {
# We know that GNU C version 3 and up as well as all clang
# versions support dependency generation
if ($predefined{__GNUC__} >= 3) {
# versions support dependency generation, but Xcode did not
# handle $cc -M before clang support (but claims __GNUC__ = 3)
if (($predefined{__GNUC__} // -1) >= 3
&& !($predefined{__APPLE_CC__} && !$predefined{__clang__})) {
$config{makedepprog} = $cc;
} else {
$config{makedepprog} = which('makedepend');
@ -2125,6 +2131,8 @@ my %builders = (
$builders{$builder}->($builder_platform, @builder_opts);
$SIG{__DIE__} = $orig_death_handler;
print <<"EOF";
Configured for $target.
@ -2153,6 +2161,24 @@ exit(0);
# Helpers and utility functions
#
# Death handler, to print a helpful message in case of failure #######
#
sub death_handler {
die @_ if $^S; # To prevent the added message in eval blocks
my $build_file = $target{build_file} // "build file";
my @message = ( <<"_____", @_ );
Failure! $build_file wasn't produced.
Please read INSTALL and associated NOTES files. You may also have to look over
your available compiler tool chain or change your configuration.
_____
# Dying is terminal, so it's ok to reset the signal handler here.
$SIG{__DIE__} = $orig_death_handler;
die @message;
}
# Configuration file reading #########################################
# Note: All of the helper functions are for lazy evaluation. They all

5
crypto/external/bsd/openssl/dist/INSTALL vendored
View File

@ -3,7 +3,8 @@
--------------------
This document describes installation on all supported operating
systems (the Linux/Unix family, OpenVMS and Windows)
systems (the Unix/Linux family (which includes Mac OS/X), OpenVMS,
and Windows).
To install OpenSSL, you will need:
@ -76,7 +77,7 @@
If you want to just get on with it, do:
on Unix:
on Unix (again, this includes Mac OS/X):
$ ./config
$ make

108
crypto/external/bsd/openssl/dist/Makefile vendored
View File

File diff suppressed because one or more lines are too long

5
crypto/external/bsd/openssl/dist/NEWS vendored
View File

@ -5,6 +5,11 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
Major changes between OpenSSL 1.1.0h and OpenSSL 1.1.0i [14 Aug 2018]
o Client DoS due to large DH parameter (CVE-2018-0732)
o Cache timing vulnerability in RSA Key Generation (CVE-2018-0737)
Major changes between OpenSSL 1.1.0g and OpenSSL 1.1.0h [27 Mar 2018]
o Constructed ASN.1 types with a recursive definition could exceed the

4
crypto/external/bsd/openssl/dist/README vendored
View File

@ -1,7 +1,7 @@
OpenSSL 1.1.0h 27 Mar 2018
OpenSSL 1.1.0i 14 Aug 2018
Copyright (c) 1998-2016 The OpenSSL Project
Copyright (c) 1998-2018 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
All rights reserved.

5
crypto/external/bsd/openssl/dist/apps/apps.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -1012,7 +1012,8 @@ int set_name_ex(unsigned long *flags, const char *arg)
};
if (set_multi_opts(flags, arg, ex_tbl) == 0)
return 0;
if ((*flags & XN_FLAG_SEP_MASK) == 0)
if (*flags != XN_FLAG_COMPAT
&& (*flags & XN_FLAG_SEP_MASK) == 0)
*flags |= XN_FLAG_SEP_CPLUS_SPC;
return 1;
}

22
crypto/external/bsd/openssl/dist/apps/asn1pars.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -41,7 +41,7 @@ OPTIONS asn1parse_options[] = {
{"dump", OPT_DUMP, 0, "unknown data in hex form"},
{"dlimit", OPT_DLIMIT, 'p',
"dump the first arg bytes of unknown data in hex form"},
{"strparse", OPT_STRPARSE, 's',
{"strparse", OPT_STRPARSE, 'p',
"offset; a series of these can be used to 'dig'"},
{OPT_MORE_STR, 0, 0, "into multiple ASN1 blob wrappings"},
{"genstr", OPT_GENSTR, 's', "string to generate ASN1 structure from"},
@ -113,13 +113,13 @@ int asn1parse_main(int argc, char **argv)
offset = strtol(opt_arg(), NULL, 0);
break;
case OPT_LENGTH:
length = atoi(opt_arg());
length = strtol(opt_arg(), NULL, 0);
break;
case OPT_DUMP:
dump = -1;
break;
case OPT_DLIMIT:
dump = atoi(opt_arg());
dump = strtol(opt_arg(), NULL, 0);
break;
case OPT_STRPARSE:
sk_OPENSSL_STRING_push(osk, opt_arg());
@ -191,7 +191,7 @@ int asn1parse_main(int argc, char **argv)
num = 0;
for (;;) {
if (!BUF_MEM_grow(buf, (int)num + BUFSIZ))
if (!BUF_MEM_grow(buf, num + BUFSIZ))
goto end;
i = BIO_read(in, &(buf->data[num]), BUFSIZ);
if (i <= 0)
@ -211,9 +211,9 @@ int asn1parse_main(int argc, char **argv)
for (i = 0; i < sk_OPENSSL_STRING_num(osk); i++) {
ASN1_TYPE *atmp;
int typ;
j = atoi(sk_OPENSSL_STRING_value(osk, i));
if (j == 0) {
BIO_printf(bio_err, "'%s' is an invalid number\n",
j = strtol(sk_OPENSSL_STRING_value(osk, i), NULL, 0);
if (j <= 0 || j >= tmplen) {
BIO_printf(bio_err, "'%s' is out of range\n",
sk_OPENSSL_STRING_value(osk, i));
continue;
}
@ -244,14 +244,14 @@ int asn1parse_main(int argc, char **argv)
num = tmplen;
}
if (offset >= num) {
BIO_printf(bio_err, "Error: offset too large\n");
if (offset < 0 || offset >= num) {
BIO_printf(bio_err, "Error: offset out of range\n");
goto end;
}
num -= offset;
if ((length == 0) || ((long)length > num))
if (length == 0 || length > (unsigned int)num)
length = (unsigned int)num;
if (derout) {
if (BIO_write(derout, str + offset, length) != (int)length) {

29
crypto/external/bsd/openssl/dist/apps/ca.c vendored
View File

@ -725,10 +725,10 @@ end_of_options:
/*****************************************************************/
if (req || gencrl) {
/* FIXME: Is it really always text? */
Sout = bio_open_default(outfile, 'w', FORMAT_TEXT);
if (Sout == NULL)
goto end;
if (spkac_file != NULL) {
output_der = 1;
batch = 1;
}
}
if (md == NULL
@ -872,10 +872,6 @@ end_of_options:
BIO_printf(bio_err, "Memory allocation failure\n");
goto end;
}
if (outfile) {
output_der = 1;
batch = 1;
}
}
}
if (ss_cert_file != NULL) {
@ -929,10 +925,13 @@ end_of_options:
if (j > 0) {
total_done++;
BIO_printf(bio_err, "\n");
if (!BN_add_word(serial, 1))
if (!BN_add_word(serial, 1)) {
X509_free(x);
goto end;
}
if (!sk_X509_push(cert_sk, x)) {
BIO_printf(bio_err, "Memory allocation failure\n");
X509_free(x);
goto end;
}
}
@ -1017,6 +1016,11 @@ end_of_options:
if (verbose)
BIO_printf(bio_err, "writing %s\n", buf[2]);
Sout = bio_open_default(outfile, 'w',
output_der ? FORMAT_ASN1 : FORMAT_TEXT);
if (Sout == NULL)
goto end;
Cout = BIO_new_file(buf[2], "w");
if (Cout == NULL) {
perror(buf[2]);
@ -1025,6 +1029,8 @@ end_of_options:
write_new_certificate(Cout, xi, 0, notext);
write_new_certificate(Sout, xi, output_der, notext);
BIO_free_all(Cout);
BIO_free_all(Sout);
Sout = NULL;
}
if (sk_X509_num(cert_sk)) {
@ -1173,6 +1179,11 @@ end_of_options:
if (!do_X509_CRL_sign(crl, pkey, dgst, sigopts))
goto end;
Sout = bio_open_default(outfile, 'w',
output_der ? FORMAT_ASN1 : FORMAT_TEXT);
if (Sout == NULL)
goto end;
PEM_write_bio_X509_CRL(Sout, crl);
if (crlnumberfile != NULL) /* Rename the crlnumber file */

11
crypto/external/bsd/openssl/dist/apps/dhparam.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -151,6 +151,11 @@ int dhparam_main(int argc, char **argv)
goto end;
}
# endif
out = bio_open_default(outfile, 'w', outformat);
if (out == NULL)
goto end;
/* DH parameters */
if (num && !g)
g = 2;
@ -266,10 +271,6 @@ int dhparam_main(int argc, char **argv)
/* dh != NULL */
}
out = bio_open_default(outfile, 'w', outformat);
if (out == NULL)
goto end;
if (text) {
DHparams_print(out, dh);
}

29
crypto/external/bsd/openssl/dist/apps/dsaparam.c vendored
View File

@ -226,25 +226,28 @@ int dsaparam_main(int argc, char **argv)
data = app_malloc(len + 20, "BN space");
BIO_printf(bio_out, "DSA *get_dsa%d()\n{\n", bits_p);
print_bignum_var(bio_out, p, "dsap", len, data);
print_bignum_var(bio_out, q, "dsaq", len, data);
print_bignum_var(bio_out, g, "dsag", len, data);
BIO_printf(bio_out, "static DSA *get_dsa%d(void)\n{\n", bits_p);
print_bignum_var(bio_out, p, "dsap", bits_p, data);
print_bignum_var(bio_out, q, "dsaq", bits_p, data);
print_bignum_var(bio_out, g, "dsag", bits_p, data);
BIO_printf(bio_out, " DSA *dsa = DSA_new();\n"
" BIGNUM *p, *q, *g;\n"
"\n");
BIO_printf(bio_out, " if (dsa == NULL)\n"
" return NULL;\n");
BIO_printf(bio_out, " dsa->p = BN_bin2bn(dsap_%d, sizeof(dsap_%d), NULL);\n",
bits_p, bits_p);
BIO_printf(bio_out, " dsa->q = BN_bin2bn(dsaq_%d, sizeof(dsaq_%d), NULL);\n",
bits_p, bits_p);
BIO_printf(bio_out, " dsa->g = BN_bin2bn(dsag_%d, sizeof(dsag_%d), NULL);\n",
bits_p, bits_p);
BIO_printf(bio_out, " if (!dsa->p || !dsa->q || !dsa->g) {\n"
" DSA_free(dsa);\n"
BIO_printf(bio_out, " if (!DSA_set0_pqg(dsa, p = BN_bin2bn(dsap_%d, sizeof(dsap_%d), NULL),\n",
bits_p, bits_p);
BIO_printf(bio_out, " q = BN_bin2bn(dsaq_%d, sizeof(dsaq_%d), NULL),\n",
bits_p, bits_p);
BIO_printf(bio_out, " g = BN_bin2bn(dsag_%d, sizeof(dsag_%d), NULL))) {\n",
bits_p, bits_p);
BIO_printf(bio_out, " DSA_free(dsa);\n"
" BN_free(p);\n"
" BN_free(q);\n"
" BN_free(g);\n"
" return NULL;\n"
" }\n"
" return(dsa);\n}\n");
" return dsa;\n}\n");
OPENSSL_free(data);
}

3
crypto/external/bsd/openssl/dist/apps/ocsp.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -639,7 +639,6 @@ int ocsp_main(int argc, char **argv)
OCSP_response_status_str(i), i);
if (ignore_err)
goto redo_accept;
ret = 0;
goto end;
}

20
crypto/external/bsd/openssl/dist/apps/rehash.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -130,9 +130,10 @@ static int add_entry(enum Type type, unsigned int hash, const char *filename,
for (ep = bp->first_entry; ep; ep = ep->next) {
if (digest && memcmp(digest, ep->digest, evpmdsize) == 0) {
BIO_printf(bio_err,
"%s: skipping duplicate %s in %s\n", opt_getprog(),
"%s: warning: skipping duplicate %s in %s\n",
opt_getprog(),
type == TYPE_CERT ? "certificate" : "CRL", filename);
return 1;
return 0;
}
if (strcmp(filename, ep->filename) == 0) {
found = ep;
@ -144,7 +145,7 @@ static int add_entry(enum Type type, unsigned int hash, const char *filename,
if (ep == NULL) {
if (bp->num_needed >= MAX_COLLISIONS) {
BIO_printf(bio_err,
"%s: hash table overflow for %s\n",
"%s: error: hash table overflow for %s\n",
opt_getprog(), filename);
return 1;
}
@ -235,7 +236,7 @@ static int do_file(const char *filename, const char *fullpath, enum Hash h)
/* Does it have X.509 data in it? */
if ((b = BIO_new_file(fullpath, "r")) == NULL) {
BIO_printf(bio_err, "%s: skipping %s, cannot open file\n",
BIO_printf(bio_err, "%s: error: skipping %s, cannot open file\n",
opt_getprog(), filename);
errs++;
goto end;
@ -247,7 +248,7 @@ static int do_file(const char *filename, const char *fullpath, enum Hash h)
if (sk_X509_INFO_num(inf) != 1) {
BIO_printf(bio_err,
"%s: skipping %s,"
"%s: warning: skipping %s,"
"it does not contain exactly one certificate or CRL\n",
opt_getprog(), filename);
/* This is not an error. */
@ -502,13 +503,14 @@ int rehash_main(int argc, char **argv)
if (*argv) {
while (*argv)
errs += do_dir(*argv++, h);
} else if ((env = getenv("SSL_CERT_DIR")) != NULL) {
} else if ((env = getenv(X509_get_default_cert_dir_env())) != NULL) {
char lsc[2] = { LIST_SEPARATOR_CHAR, '\0' };
m = OPENSSL_strdup(env);
for (e = strtok(m, ":"); e != NULL; e = strtok(NULL, ":"))
for (e = strtok(m, lsc); e != NULL; e = strtok(NULL, lsc))
errs += do_dir(e, h);
OPENSSL_free(m);
} else {
errs += do_dir("/etc/ssl/certs", h);
errs += do_dir(X509_get_default_cert_dir(), h);
}
end:

10
crypto/external/bsd/openssl/dist/apps/s_client.c vendored
View File

@ -593,7 +593,8 @@ OPTIONS s_client_options[] = {
"Disable name checks when matching DANE-EE(3) TLSA records"},
{"reconnect", OPT_RECONNECT, '-',
"Drop and re-make the connection with the same Session-ID"},
{"showcerts", OPT_SHOWCERTS, '-', "Show all certificates in the chain"},
{"showcerts", OPT_SHOWCERTS, '-',
"Show all certificates sent by the server"},
{"debug", OPT_DEBUG, '-', "Extra output"},
{"msg", OPT_MSG, '-', "Show protocol messages"},
{"msgfile", OPT_MSGFILE, '>',
@ -2114,8 +2115,7 @@ int s_client_main(int argc, char **argv)
FD_ZERO(&readfds);
FD_ZERO(&writefds);
if ((SSL_version(con) == DTLS1_VERSION) &&
DTLSv1_get_timeout(con, &timeout))
if (SSL_is_dtls(con) && DTLSv1_get_timeout(con, &timeout))
timeoutp = &timeout;
else
timeoutp = NULL;
@ -2235,10 +2235,8 @@ int s_client_main(int argc, char **argv)
}
}
if ((SSL_version(con) == DTLS1_VERSION)
&& DTLSv1_handle_timeout(con) > 0) {
if (SSL_is_dtls(con) && DTLSv1_handle_timeout(con) > 0)
BIO_printf(bio_err, "TIMEOUT occurred\n");
}
if (!ssl_pending && FD_ISSET(SSL_get_fd(con), &writefds)) {
k = SSL_write(con, &(cbuf[cbuf_off]), (unsigned int)cbuf_len);

17
crypto/external/bsd/openssl/dist/apps/s_server.c vendored
View File

@ -2012,9 +2012,7 @@ static int sv_body(int s, int stype, unsigned char *context)
SSL *con = NULL;
BIO *sbio;
struct timeval timeout;
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
struct timeval tv;
#else
#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS))
struct timeval *timeoutp;
#endif
@ -2149,26 +2147,23 @@ static int sv_body(int s, int stype, unsigned char *context)
* second and check for any keypress. In a proper Windows
* application we wouldn't do this because it is inefficient.
*/
tv.tv_sec = 1;
tv.tv_usec = 0;
i = select(width, (void *)&readfds, NULL, NULL, &tv);
timeout.tv_sec = 1;
timeout.tv_usec = 0;
i = select(width, (void *)&readfds, NULL, NULL, &timeout);
if (has_stdin_waiting())
read_from_terminal = 1;
if ((i < 0) || (!i && !read_from_terminal))
continue;
#else
if ((SSL_version(con) == DTLS1_VERSION) &&
DTLSv1_get_timeout(con, &timeout))
if (SSL_is_dtls(con) && DTLSv1_get_timeout(con, &timeout))
timeoutp = &timeout;
else
timeoutp = NULL;
i = select(width, (void *)&readfds, NULL, NULL, timeoutp);
if ((SSL_version(con) == DTLS1_VERSION)
&& DTLSv1_handle_timeout(con) > 0) {
if ((SSL_is_dtls(con)) && DTLSv1_handle_timeout(con) > 0)
BIO_printf(bio_err, "TIMEOUT occurred\n");
}
if (i <= 0)
continue;

227
crypto/external/bsd/openssl/dist/apps/speed.c vendored
View File

@ -129,13 +129,6 @@
#define BUFSIZE (1024*16+1)
#define MAX_MISALIGNMENT 63
#define ALGOR_NUM 30
#define SIZE_NUM 6
#define PRIME_NUM 3
#define RSA_NUM 7
#define DSA_NUM 3
#define EC_NUM 17
#define MAX_ECDH_SIZE 256
#define MISALIGN 64
@ -144,37 +137,6 @@ static volatile int run = 0;
static int mr = 0;
static int usertime = 1;
typedef void *(*kdf_fn) (
const void *in, size_t inlen, void *out, size_t *xoutlen);
typedef struct loopargs_st {
ASYNC_JOB *inprogress_job;
ASYNC_WAIT_CTX *wait_ctx;
unsigned char *buf;
unsigned char *buf2;
unsigned char *buf_malloc;
unsigned char *buf2_malloc;
unsigned int siglen;
#ifndef OPENSSL_NO_RSA
RSA *rsa_key[RSA_NUM];
#endif
#ifndef OPENSSL_NO_DSA
DSA *dsa_key[DSA_NUM];
#endif
#ifndef OPENSSL_NO_EC
EC_KEY *ecdsa[EC_NUM];
EC_KEY *ecdh_a[EC_NUM];
EC_KEY *ecdh_b[EC_NUM];
unsigned char *secret_a;
unsigned char *secret_b;
size_t outlen;
kdf_fn kdf;
#endif
EVP_CIPHER_CTX *ctx;
HMAC_CTX *hctx;
GCM128_CONTEXT *gcm_ctx;
} loopargs_t;
#ifndef OPENSSL_NO_MD2
static int EVP_Digest_MD2_loop(void *args);
#endif
@ -227,7 +189,6 @@ static int ECDSA_sign_loop(void *args);
static int ECDSA_verify_loop(void *args);
static int ECDH_compute_key_loop(void *args);
#endif
static int run_benchmark(int async_jobs, int (*loop_function)(void *), loopargs_t *loopargs);
static double Time_F(int s);
static void print_message(const char *s, long num, int length);
@ -238,32 +199,10 @@ static void print_result(int alg, int run_no, int count, double time_used);
static int do_multi(int multi);
#endif
static const char *names[ALGOR_NUM] = {
"md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
"des cbc", "des ede3", "idea cbc", "seed cbc",
"rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
"aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
"camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
"evp", "sha256", "sha512", "whirlpool",
"aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash"
};
static double results[ALGOR_NUM][SIZE_NUM];
static const int lengths[SIZE_NUM] = {
static const int lengths[] = {
16, 64, 256, 1024, 8 * 1024, 16 * 1024
};
#ifndef OPENSSL_NO_RSA
static double rsa_results[RSA_NUM][2];
#endif
#ifndef OPENSSL_NO_DSA
static double dsa_results[DSA_NUM][2];
#endif
#ifndef OPENSSL_NO_EC
static double ecdsa_results[EC_NUM][2];
static double ecdh_results[EC_NUM][1];
#endif
#define SIZE_NUM OSSL_NELEM(lengths)
#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
static const char rnd_seed[] =
@ -348,9 +287,14 @@ static double Time_F(int s)
static void multiblock_speed(const EVP_CIPHER *evp_cipher);
static int found(const char *name, const OPT_PAIR *pairs, int *result)
#define found(value, pairs, result)\
opt_found(value, result, pairs, OSSL_NELEM(pairs))
static int opt_found(const char *name, unsigned int *result,
const OPT_PAIR pairs[], unsigned int nbelem)
{
for (; pairs->name; pairs++)
unsigned int idx;
for (idx = 0; idx < nbelem; ++idx, pairs++)
if (strcmp(name, pairs->name) == 0) {
*result = pairs->retval;
return 1;
@ -387,7 +331,7 @@ OPTIONS speed_options[] = {
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
#endif
{NULL},
{NULL}
};
#define D_MD2 0
@ -420,7 +364,19 @@ OPTIONS speed_options[] = {
#define D_IGE_192_AES 27
#define D_IGE_256_AES 28
#define D_GHASH 29
static OPT_PAIR doit_choices[] = {
/* name of algorithms to test */
static const char *names[] = {
"md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
"des cbc", "des ede3", "idea cbc", "seed cbc",
"rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
"aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
"camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
"evp", "sha256", "sha512", "whirlpool",
"aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash"
};
#define ALGOR_NUM OSSL_NELEM(names)
/* list of configured algorithm (remaining) */
static const OPT_PAIR doit_choices[] = {
#ifndef OPENSSL_NO_MD2
{"md2", D_MD2},
#endif
@ -484,21 +440,24 @@ static OPT_PAIR doit_choices[] = {
{"cast", D_CBC_CAST},
{"cast5", D_CBC_CAST},
#endif
{"ghash", D_GHASH},
{NULL}
{"ghash", D_GHASH}
};
static double results[ALGOR_NUM][SIZE_NUM];
#ifndef OPENSSL_NO_DSA
# define R_DSA_512 0
# define R_DSA_1024 1
# define R_DSA_2048 2
static OPT_PAIR dsa_choices[] = {
static const OPT_PAIR dsa_choices[] = {
{"dsa512", R_DSA_512},
{"dsa1024", R_DSA_1024},
{"dsa2048", R_DSA_2048},
{NULL},
{"dsa2048", R_DSA_2048}
};
#endif
# define DSA_NUM OSSL_NELEM(dsa_choices)
static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
#endif /* OPENSSL_NO_DSA */
#define R_RSA_512 0
#define R_RSA_1024 1
@ -507,16 +466,18 @@ static OPT_PAIR dsa_choices[] = {
#define R_RSA_4096 4
#define R_RSA_7680 5
#define R_RSA_15360 6
static OPT_PAIR rsa_choices[] = {
static const OPT_PAIR rsa_choices[] = {
{"rsa512", R_RSA_512},
{"rsa1024", R_RSA_1024},
{"rsa2048", R_RSA_2048},
{"rsa3072", R_RSA_3072},
{"rsa4096", R_RSA_4096},
{"rsa7680", R_RSA_7680},
{"rsa15360", R_RSA_15360},
{NULL}
{"rsa15360", R_RSA_15360}
};
# define RSA_NUM OSSL_NELEM(rsa_choices)
static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
#define R_EC_P160 0
#define R_EC_P192 1
@ -536,7 +497,7 @@ static OPT_PAIR rsa_choices[] = {
#define R_EC_B571 15
#define R_EC_X25519 16
#ifndef OPENSSL_NO_EC
static OPT_PAIR ecdsa_choices[] = {
static const OPT_PAIR ecdsa_choices[] = {
{"ecdsap160", R_EC_P160},
{"ecdsap192", R_EC_P192},
{"ecdsap224", R_EC_P224},
@ -552,11 +513,13 @@ static OPT_PAIR ecdsa_choices[] = {
{"ecdsab233", R_EC_B233},
{"ecdsab283", R_EC_B283},
{"ecdsab409", R_EC_B409},
{"ecdsab571", R_EC_B571},
{NULL}
{"ecdsab571", R_EC_B571}
};
# define ECDSA_NUM OSSL_NELEM(ecdsa_choices)
static OPT_PAIR ecdh_choices[] = {
static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
static const OPT_PAIR ecdh_choices[] = {
{"ecdhp160", R_EC_P160},
{"ecdhp192", R_EC_P192},
{"ecdhp224", R_EC_P224},
@ -576,7 +539,10 @@ static OPT_PAIR ecdh_choices[] = {
{"ecdhx25519", R_EC_X25519},
{NULL}
};
#endif
# define EC_NUM OSSL_NELEM(ecdh_choices)
static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
#endif /* OPENSSL_NO_EC */
#ifndef SIGALRM
# define COND(d) (count < (d))
@ -586,7 +552,40 @@ static OPT_PAIR ecdh_choices[] = {
# define COUNT(d) (count)
#endif /* SIGALRM */
static int testnum;
static unsigned int testnum;
typedef void *(*kdf_fn) (const void *in, size_t inlen, void *out,
size_t *xoutlen);
typedef struct loopargs_st {
ASYNC_JOB *inprogress_job;
ASYNC_WAIT_CTX *wait_ctx;
unsigned char *buf;
unsigned char *buf2;
unsigned char *buf_malloc;
unsigned char *buf2_malloc;
unsigned int siglen;
#ifndef OPENSSL_NO_RSA
RSA *rsa_key[RSA_NUM];
#endif
#ifndef OPENSSL_NO_DSA
DSA *dsa_key[DSA_NUM];
#endif
#ifndef OPENSSL_NO_EC
EC_KEY *ecdsa[ECDSA_NUM];
EC_KEY *ecdh_a[EC_NUM];
EC_KEY *ecdh_b[EC_NUM];
unsigned char *secret_a;
unsigned char *secret_b;
size_t outlen;
kdf_fn kdf;
#endif
EVP_CIPHER_CTX *ctx;
HMAC_CTX *hctx;
GCM128_CONTEXT *gcm_ctx;
} loopargs_t;
static int run_benchmark(int async_jobs, int (*loop_function) (void *),
loopargs_t * loopargs);
/* Nb of iterations to do per algorithm and key-size */
static long c[ALGOR_NUM][SIZE_NUM];
@ -995,7 +994,7 @@ static int DSA_verify_loop(void *args)
#endif
#ifndef OPENSSL_NO_EC
static long ecdsa_c[EC_NUM][2];
static long ecdsa_c[ECDSA_NUM][2];
static int ECDSA_sign_loop(void *args)
{
loopargs_t *tempargs = *(loopargs_t **)args;
@ -1222,26 +1221,23 @@ int speed_main(int argc, char **argv)
{
ENGINE *e = NULL;
loopargs_t *loopargs = NULL;
int async_init = 0;
int loopargs_len = 0;
char *prog;
const char *prog;
const char *engine_id = NULL;
const EVP_CIPHER *evp_cipher = NULL;
double d = 0.0;
OPTION_CHOICE o;
int multiblock = 0, pr_header = 0;
int async_init = 0, multiblock = 0, pr_header = 0;
int doit[ALGOR_NUM] = { 0 };
int ret = 1, i, k, misalign = 0;
int ret = 1, misalign = 0;
long count = 0;
unsigned int i, k, loop, loopargs_len = 0, async_jobs = 0;
#ifndef NO_FORK
int multi = 0;
#endif
unsigned int async_jobs = 0;
#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
|| !defined(OPENSSL_NO_EC)
long rsa_count = 1;
#endif
size_t loop;
/* What follows are the buffers and key material. */
#ifndef OPENSSL_NO_RC5
@ -1325,7 +1321,7 @@ int speed_main(int argc, char **argv)
/*
* We only test over the following curves as they are representative, To
* add tests over more curves, simply add the curve NID and curve name to
* the following arrays and increase the EC_NUM value accordingly.
* the following arrays and increase the |ecdh_choices| list accordingly.
*/
static const unsigned int test_curves[EC_NUM] = {
/* Prime Curves */
@ -1360,7 +1356,7 @@ int speed_main(int argc, char **argv)
571, 253 /* X25519 */
};
int ecdsa_doit[EC_NUM] = { 0 };
int ecdsa_doit[ECDSA_NUM] = { 0 };
int ecdh_doit[EC_NUM] = { 0 };
#endif /* ndef OPENSSL_NO_EC */
@ -1418,9 +1414,7 @@ int speed_main(int argc, char **argv)
goto opterr;
}
if (async_jobs > 99999) {
BIO_printf(bio_err,
"%s: too many async_jobs\n",
prog);
BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
goto opterr;
}
#endif
@ -1471,10 +1465,8 @@ int speed_main(int argc, char **argv)
if (strcmp(*argv, "openssl") == 0)
continue;
if (strcmp(*argv, "rsa") == 0) {
rsa_doit[R_RSA_512] = rsa_doit[R_RSA_1024] =
rsa_doit[R_RSA_2048] = rsa_doit[R_RSA_3072] =
rsa_doit[R_RSA_4096] = rsa_doit[R_RSA_7680] =
rsa_doit[R_RSA_15360] = 1;
for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++)
rsa_doit[loop] = 1;
continue;
}
if (found(*argv, rsa_choices, &i)) {
@ -1507,8 +1499,8 @@ int speed_main(int argc, char **argv)
#endif
#ifndef OPENSSL_NO_EC
if (strcmp(*argv, "ecdsa") == 0) {
for (loop = 0; loop < OSSL_NELEM(ecdsa_choices); loop++)
ecdsa_doit[ecdsa_choices[loop].retval] = 1;
for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
ecdsa_doit[loop] = 1;
continue;
}
if (found(*argv, ecdsa_choices, &i)) {
@ -1516,8 +1508,8 @@ int speed_main(int argc, char **argv)
continue;
}
if (strcmp(*argv, "ecdh") == 0) {
for (loop = 0; loop < OSSL_NELEM(ecdh_choices); loop++)
ecdh_doit[ecdh_choices[loop].retval] = 1;
for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
ecdh_doit[loop] = 1;
continue;
}
if (found(*argv, ecdh_choices, &i)) {
@ -1584,10 +1576,10 @@ int speed_main(int argc, char **argv)
dsa_doit[i] = 1;
#endif
#ifndef OPENSSL_NO_EC
for (loop = 0; loop < OSSL_NELEM(ecdsa_choices); loop++)
ecdsa_doit[ecdsa_choices[loop].retval] = 1;
for (loop = 0; loop < OSSL_NELEM(ecdh_choices); loop++)
ecdh_doit[ecdh_choices[loop].retval] = 1;
for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
ecdsa_doit[loop] = 1;
for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
ecdh_doit[loop] = 1;
#endif
}
for (i = 0; i < ALGOR_NUM; i++)
@ -1850,6 +1842,8 @@ int speed_main(int argc, char **argv)
}
}
}
/* default iteration count for the last EC Curve */
ecdh_c[R_EC_X25519][0] = count / 1800;
# endif
# else
@ -2472,7 +2466,7 @@ int speed_main(int argc, char **argv)
if (RAND_status() != 1) {
RAND_seed(rnd_seed, sizeof(rnd_seed));
}
for (testnum = 0; testnum < EC_NUM; testnum++) {
for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
int st = 1;
if (!ecdsa_doit[testnum])
@ -2584,7 +2578,7 @@ int speed_main(int argc, char **argv)
ecdh_checks = 0;
rsa_count = 1;
} else {
int secret_size_a, secret_size_b;
int secret_size_a, secret_size_b, j;
/*
* If field size is not more than 24 octets, then use SHA-1
* hash of result; otherwise, use result (see section 4.8 of
@ -2613,8 +2607,8 @@ int speed_main(int argc, char **argv)
else
ecdh_checks = 1;
for (k = 0; k < secret_size_a && ecdh_checks == 1; k++) {
if (loopargs[i].secret_a[k] != loopargs[i].secret_b[k])
for (j = 0; j < secret_size_a && ecdh_checks == 1; j++) {
if (loopargs[i].secret_a[j] != loopargs[i].secret_b[j])
ecdh_checks = 0;
}
@ -2644,7 +2638,7 @@ int speed_main(int argc, char **argv)
if (rsa_count <= 1) {
/* if longer than 10s, don't do any more */
for (testnum++; testnum < EC_NUM; testnum++)
for (testnum++; testnum < OSSL_NELEM(ecdh_doit); testnum++)
ecdh_doit[testnum] = 0;
}
}
@ -2693,7 +2687,7 @@ int speed_main(int argc, char **argv)
if (!doit[k])
continue;
if (mr)
printf("+F:%d:%s", k, names[k]);
printf("+F:%u:%s", k, names[k]);
else
printf("%-13s", names[k]);
for (testnum = 0; testnum < SIZE_NUM; testnum++) {
@ -2742,7 +2736,7 @@ int speed_main(int argc, char **argv)
#endif
#ifndef OPENSSL_NO_EC
testnum = 1;
for (k = 0; k < EC_NUM; k++) {
for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
if (!ecdsa_doit[k])
continue;
if (testnum && !mr) {
@ -2800,8 +2794,9 @@ int speed_main(int argc, char **argv)
DSA_free(loopargs[i].dsa_key[k]);
#endif
#ifndef OPENSSL_NO_EC
for (k = 0; k < EC_NUM; k++) {
for (k = 0; k < ECDSA_NUM; k++)
EC_KEY_free(loopargs[i].ecdsa[k]);
for (k = 0; k < EC_NUM; k++) {
EC_KEY_free(loopargs[i].ecdh_a[k]);
EC_KEY_free(loopargs[i].ecdh_b[k]);
}
@ -2950,7 +2945,7 @@ static int do_multi(int multi)
printf("Got: %s from %d\n", buf, n);
if (strncmp(buf, "+F:", 3) == 0) {
int alg;
int j;
unsigned int j;
p = buf + 3;
alg = atoi(sstrsep(&p, sep));

3
crypto/external/bsd/openssl/dist/apps/verify.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -219,6 +219,7 @@ static int check(X509_STORE *ctx, const char *file,
X509_STORE_set_flags(ctx, vflags);
if (!X509_STORE_CTX_init(csc, ctx, x, uchain)) {
X509_STORE_CTX_free(csc);
printf("error %s: X.509 store context initialization failed\n",
(file == NULL) ? "stdin" : file);
goto end;

2
crypto/external/bsd/openssl/dist/appveyor.yml vendored
View File

@ -41,5 +41,5 @@ test_script:
- cd _build
- nmake test
- mkdir ..\_install
- nmake install install_docs DESTDIR=..\_install
- nmake install DESTDIR=..\_install
- cd ..

115
crypto/external/bsd/openssl/dist/configdata.pm vendored
View File

@ -22,7 +22,7 @@ our %config = (
builddir => ".",
cc => "cc",
cflags => "",
conf_files => [ "Configurations/90-team.conf" ],
conf_files => [ "Configurations/00-base-templates.conf", "Configurations/dist.conf" ],
cross_compile_prefix => "",
defines => [ "NDEBUG", "OPENSSL_NO_DYNAMIC_ENGINE" ],
dirs => [ "crypto", "ssl", "engines", "apps", "test", "util", "tools", "fuzz" ],
@ -57,12 +57,12 @@ our %config = (
shlib_version_number => "1.1",
sourcedir => ".",
target => "dist",
version => "1.1.0h",
version_num => "0x1010008fL",
version => "1.1.0i",
version_num => "0x1010009fL",
);
our %target = (
_conf_fname_int => [ "Configurations/90-team.conf" ],
_conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/dist.conf" ],
aes_asm_src => "aes_core.c aes_cbc.c",
aes_obj => "aes_core.o aes_cbc.o",
apps_aux_src => "",
@ -1078,6 +1078,10 @@ our %unified_info = (
[
"libcrypto",
],
"test/errtest" =>
[
"libcrypto",
],
"test/evp_extra_test" =>
[
"libcrypto",
@ -1244,10 +1248,22 @@ our %unified_info = (
[
"libcrypto",
],
"test/versions" =>
[
"libcrypto",
],
"test/wp_test" =>
[
"libcrypto",
],
"test/x509_dup_cert_test" =>
[
"libcrypto",
],
"test/x509_time_test" =>
[
"libcrypto",
],
"test/x509aux" =>
[
"libcrypto",
@ -3909,6 +3925,12 @@ our %unified_info = (
"crypto/include",
"include",
],
"crypto/conf/conf_ssl.o" =>
[
".",
"crypto/include",
"include",
],
"crypto/cpt_err.o" =>
[
".",
@ -6167,6 +6189,12 @@ our %unified_info = (
"crypto/include",
"include",
],
"crypto/x509/x509_meth.o" =>
[
".",
"crypto/include",
"include",
],
"crypto/x509/x509_obj.o" =>
[
".",
@ -7158,6 +7186,10 @@ our %unified_info = (
[
"include",
],
"test/errtest.o" =>
[
"include",
],
"test/evp_extra_test.o" =>
[
"include",
@ -7330,8 +7362,8 @@ our %unified_info = (
],
"test/testutil.o" =>
[
"crypto/include",
"test",
"crypto/include",
"include",
".",
],
@ -7352,10 +7384,23 @@ our %unified_info = (
[
"include",
],
"test/versions.o" =>
[
"include",
],
"test/wp_test.o" =>
[
"include",
],
"test/x509_dup_cert_test.o" =>
[
"include",
],
"test/x509_time_test.o" =>
[
".",
"include",
],
"test/x509aux.o" =>
[
"include",
@ -7512,6 +7557,7 @@ our %unified_info = (
"test/ecdsatest",
"test/ectest",
"test/enginetest",
"test/errtest",
"test/evp_extra_test",
"test/evp_test",
"test/exdatatest",
@ -7552,7 +7598,10 @@ our %unified_info = (
"test/v3ext",
"test/v3nametest",
"test/verify_extra_test",
"test/versions",
"test/wp_test",
"test/x509_dup_cert_test",
"test/x509_time_test",
"test/x509aux",
],
"rawlines" =>
@ -7937,6 +7986,9 @@ our %unified_info = (
"test/enginetest" =>
[
],
"test/errtest" =>
[
],
"test/evp_extra_test" =>
[
],
@ -8057,9 +8109,18 @@ our %unified_info = (
"test/verify_extra_test" =>
[
],
"test/versions" =>
[
],
"test/wp_test" =>
[
],
"test/x509_dup_cert_test" =>
[
],
"test/x509_time_test" =>
[
],
"test/x509aux" =>
[
],
@ -9060,6 +9121,10 @@ our %unified_info = (
[
"crypto/conf/conf_sap.c",
],
"crypto/conf/conf_ssl.o" =>
[
"crypto/conf/conf_ssl.c",
],
"crypto/cpt_err.o" =>
[
"crypto/cpt_err.c",
@ -10500,6 +10565,10 @@ our %unified_info = (
[
"crypto/x509/x509_lu.c",
],
"crypto/x509/x509_meth.o" =>
[
"crypto/x509/x509_meth.c",
],
"crypto/x509/x509_obj.o" =>
[
"crypto/x509/x509_obj.c",
@ -11022,6 +11091,7 @@ our %unified_info = (
"crypto/conf/conf_mall.o",
"crypto/conf/conf_mod.o",
"crypto/conf/conf_sap.o",
"crypto/conf/conf_ssl.o",
"crypto/cpt_err.o",
"crypto/cryptlib.o",
"crypto/ct/ct_b64.o",
@ -11382,6 +11452,7 @@ our %unified_info = (
"crypto/x509/x509_err.o",
"crypto/x509/x509_ext.o",
"crypto/x509/x509_lu.o",
"crypto/x509/x509_meth.o",
"crypto/x509/x509_obj.o",
"crypto/x509/x509_r2x.o",
"crypto/x509/x509_req.o",
@ -12393,6 +12464,15 @@ our %unified_info = (
[
"test/enginetest.c",
],
"test/errtest" =>
[
"test/errtest.o",
"test/testutil.o",
],
"test/errtest.o" =>
[
"test/errtest.c",
],
"test/evp_extra_test" =>
[
"test/evp_extra_test.o",
@ -12742,6 +12822,14 @@ our %unified_info = (
[
"test/verify_extra_test.c",
],
"test/versions" =>
[
"test/versions.o",
],
"test/versions.o" =>
[
"test/versions.c",
],
"test/wp_test" =>
[
"test/wp_test.o",
@ -12750,6 +12838,23 @@ our %unified_info = (
[
"test/wp_test.c",
],
"test/x509_dup_cert_test" =>
[
"test/x509_dup_cert_test.o",
],
"test/x509_dup_cert_test.o" =>
[
"test/x509_dup_cert_test.c",
],
"test/x509_time_test" =>
[
"test/testutil.o",
"test/x509_time_test.o",
],
"test/x509_time_test.o" =>
[
"test/x509_time_test.c",
],
"test/x509aux" =>
[
"test/x509aux.o",

4
crypto/external/bsd/openssl/dist/crypto/arm_arch.h vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2011-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -69,7 +69,7 @@
# endif
# endif
# if !__ASSEMBLER__
# ifndef __ASSEMBLER__
extern unsigned int OPENSSL_armcap_P;
# endif

3
crypto/external/bsd/openssl/dist/crypto/armcap.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2011-2017 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2011-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -13,6 +13,7 @@
#include <setjmp.h>
#include <signal.h>
#include <openssl/crypto.h>
#include <internal/cryptlib.h>
#include "arm_arch.h"

4
crypto/external/bsd/openssl/dist/crypto/armv4cpuid.pl vendored
View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -125,7 +125,7 @@ CRYPTO_memcmp:
ldmia sp!,{r4,r5}
.Lno_data:
neg r0,ip
rsb r0,ip,#0
mov r0,r0,lsr#31
#if __ARM_ARCH__>=5
bx lr

23
crypto/external/bsd/openssl/dist/crypto/asn1/a_object.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -19,7 +19,7 @@
int i2d_ASN1_OBJECT(const ASN1_OBJECT *a, unsigned char **pp)
{
unsigned char *p;
unsigned char *p, *allocated = NULL;
int objsize;
if ((a == NULL) || (a->data == NULL))
@ -29,13 +29,24 @@ int i2d_ASN1_OBJECT(const ASN1_OBJECT *a, unsigned char **pp)
if (pp == NULL || objsize == -1)
return objsize;
p = *pp;
if (*pp == NULL) {
if ((p = allocated = OPENSSL_malloc(objsize)) == NULL) {
ASN1err(ASN1_F_I2D_ASN1_OBJECT, ERR_R_MALLOC_FAILURE);
return 0;
}
} else {
p = *pp;
}
ASN1_put_object(&p, 0, a->length, V_ASN1_OBJECT, V_ASN1_UNIVERSAL);
memcpy(p, a->data, a->length);
p += a->length;
*pp = p;
return (objsize);
/*
* If a new buffer was allocated, just return it back.
* If not, return the incremented buffer pointer.
*/
*pp = allocated != NULL ? allocated : p + a->length;
return objsize;
}
int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)

77
crypto/external/bsd/openssl/dist/crypto/asn1/a_strex.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -139,7 +139,7 @@ static int do_buf(unsigned char *buf, int buflen,
int type, unsigned short flags, char *quotes, char_io *io_ch,
void *arg)
{
int i, outlen, len;
int i, outlen, len, charwidth;
unsigned short orflags;
unsigned char *p, *q;
unsigned long c;
@ -147,12 +147,32 @@ static int do_buf(unsigned char *buf, int buflen,
p = buf;
q = buf + buflen;
outlen = 0;
charwidth = type & BUF_TYPE_WIDTH_MASK;
switch (charwidth) {
case 4:
if (buflen & 3) {
ASN1err(ASN1_F_DO_BUF, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH);
return -1;
}
break;
case 2:
if (buflen & 1) {
ASN1err(ASN1_F_DO_BUF, ASN1_R_INVALID_BMPSTRING_LENGTH);
return -1;
}
break;
default:
break;
}
while (p != q) {
if (p == buf && flags & ASN1_STRFLGS_ESC_2253)
orflags = CHARTYPE_FIRST_ESC_2253;
else
orflags = 0;
switch (type & BUF_TYPE_WIDTH_MASK) {
switch (charwidth) {
case 4:
c = ((unsigned long)*p++) << 24;
c |= ((unsigned long)*p++) << 16;
@ -173,6 +193,7 @@ static int do_buf(unsigned char *buf, int buflen,
i = UTF8_getc(p, buflen, &c);
if (i < 0)
return -1; /* Invalid UTF8String */
buflen -= i;
p += i;
break;
default:
@ -592,53 +613,3 @@ int ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in)
*out = stmp.data;
return stmp.length;
}
/* Return 1 if host is a valid hostname and 0 otherwise */
int asn1_valid_host(const ASN1_STRING *host)
{
int hostlen = host->length;
const unsigned char *hostptr = host->data;
int type = host->type;
int i;
signed char width = -1;
unsigned short chflags = 0, prevchflags;
if (type > 0 && type < 31)
width = tag2nbyte[type];
if (width == -1 || hostlen == 0)
return 0;
/* Treat UTF8String as width 1 as any MSB set is invalid */
if (width == 0)
width = 1;
for (i = 0 ; i < hostlen; i+= width) {
prevchflags = chflags;
/* Value must be <= 0x7F: check upper bytes are all zeroes */
if (width == 4) {
if (*hostptr++ != 0 || *hostptr++ != 0 || *hostptr++ != 0)
return 0;
} else if (width == 2) {
if (*hostptr++ != 0)
return 0;
}
if (*hostptr > 0x7f)
return 0;
chflags = char_type[*hostptr++];
if (!(chflags & (CHARTYPE_HOST_ANY | CHARTYPE_HOST_WILD))) {
/* Nothing else allowed at start or end of string */
if (i == 0 || i == hostlen - 1)
return 0;
/* Otherwise invalid if not dot or hyphen */
if (!(chflags & (CHARTYPE_HOST_DOT | CHARTYPE_HOST_HYPHEN)))
return 0;
/*
* If previous is dot or hyphen then illegal unless both
* are hyphens: as .- -. .. are all illegal
*/
if (prevchflags & (CHARTYPE_HOST_DOT | CHARTYPE_HOST_HYPHEN)
&& ((prevchflags & CHARTYPE_HOST_DOT)
|| (chflags & CHARTYPE_HOST_DOT)))
return 0;
}
}
return 1;
}

12
crypto/external/bsd/openssl/dist/crypto/asn1/ameth_lib.c vendored
View File

@ -255,6 +255,18 @@ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
goto err;
}
/*
* One of the following must be true:
*
* pem_str == NULL AND ASN1_PKEY_ALIAS is set
* pem_str != NULL AND ASN1_PKEY_ALIAS is clear
*
* Anything else is an error and may lead to a corrupt ASN1 method table
*/
if (!((pem_str == NULL && (flags & ASN1_PKEY_ALIAS) != 0)
|| (pem_str != NULL && (flags & ASN1_PKEY_ALIAS) == 0)))
goto err;
if (pem_str) {
ameth->pem_str = OPENSSL_strdup(pem_str);
if (!ameth->pem_str)

2
crypto/external/bsd/openssl/dist/crypto/asn1/asn1_err.c vendored
View File

@ -92,8 +92,10 @@ static ERR_STRING_DATA ASN1_str_functs[] = {
{ERR_FUNC(ASN1_F_D2I_AUTOPRIVATEKEY), "d2i_AutoPrivateKey"},
{ERR_FUNC(ASN1_F_D2I_PRIVATEKEY), "d2i_PrivateKey"},
{ERR_FUNC(ASN1_F_D2I_PUBLICKEY), "d2i_PublicKey"},
{ERR_FUNC(ASN1_F_DO_BUF), "do_buf"},
{ERR_FUNC(ASN1_F_DO_TCREATE), "do_tcreate"},
{ERR_FUNC(ASN1_F_I2D_ASN1_BIO_STREAM), "i2d_ASN1_bio_stream"},
{ERR_FUNC(ASN1_F_I2D_ASN1_OBJECT), "i2d_ASN1_OBJECT"},
{ERR_FUNC(ASN1_F_I2D_DSA_PUBKEY), "i2d_DSA_PUBKEY"},
{ERR_FUNC(ASN1_F_I2D_EC_PUBKEY), "i2d_EC_PUBKEY"},
{ERR_FUNC(ASN1_F_I2D_PRIVATEKEY), "i2d_PrivateKey"},

8
crypto/external/bsd/openssl/dist/crypto/asn1/asn_mime.c vendored
View File

@ -969,12 +969,14 @@ static int strip_eol(char *linebuf, int *plen, int flags)
p = linebuf + len - 1;
for (p = linebuf + len - 1; len > 0; len--, p--) {
c = *p;
if (c == '\n')
if (c == '\n') {
is_eol = 1;
else if (is_eol && flags & SMIME_ASCIICRLF && c < 33)
} else if (is_eol && flags & SMIME_ASCIICRLF && c == 32) {
/* Strip trailing space on a line; 32 == ASCII for ' ' */
continue;
else if (c != '\r')
} else if (c != '\r') {
break;
}
}
*plen = len;
return is_eol;

4
crypto/external/bsd/openssl/dist/crypto/asn1/p5_scrypt.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -91,7 +91,7 @@ X509_ALGOR *PKCS5_pbe2_set_scrypt(const EVP_CIPHER *cipher,
if (EVP_CIPHER_iv_length(cipher)) {
if (aiv)
memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
else if (RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
else if (RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)) <= 0)
goto err;
}

4
crypto/external/bsd/openssl/dist/crypto/asn1/tasn_enc.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -528,6 +528,8 @@ static int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
otmp = (ASN1_OBJECT *)*pval;
cont = otmp->data;
len = otmp->length;
if (cont == NULL || len == 0)
return -1;
break;
case V_ASN1_NULL:

4
crypto/external/bsd/openssl/dist/crypto/asn1/tasn_utl.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -76,7 +76,7 @@ int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it)
}
return 1;
}
if (CRYPTO_atomic_add(lck, op, &ret, *lock) < 0)
if (!CRYPTO_atomic_add(lck, op, &ret, *lock))
return -1; /* failed */
#ifdef REF_PRINT
fprintf(stderr, "%p:%4d:%s\n", it, *lck, it->sname);

80
crypto/external/bsd/openssl/dist/crypto/async/async.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -30,11 +30,12 @@
static CRYPTO_THREAD_LOCAL ctxkey;
static CRYPTO_THREAD_LOCAL poolkey;
static void async_free_pool_internal(async_pool *pool);
static async_ctx *async_ctx_new(void)
{
async_ctx *nctx = NULL;
async_ctx *nctx;
if (!ossl_init_thread_start(OPENSSL_INIT_THREAD_ASYNC))
return NULL;
nctx = OPENSSL_malloc(sizeof(async_ctx));
if (nctx == NULL) {
@ -57,9 +58,6 @@ err:
async_ctx *async_get_ctx(void)
{
if (!OPENSSL_init_crypto(OPENSSL_INIT_ASYNC, NULL))
return NULL;
return (async_ctx *)CRYPTO_THREAD_get_local(&ctxkey);
}
@ -169,16 +167,19 @@ void async_start_func(void)
int ASYNC_start_job(ASYNC_JOB **job, ASYNC_WAIT_CTX *wctx, int *ret,
int (*func)(void *), void *args, size_t size)
{
async_ctx *ctx = async_get_ctx();
async_ctx *ctx;
if (!OPENSSL_init_crypto(OPENSSL_INIT_ASYNC, NULL))
return ASYNC_ERR;
ctx = async_get_ctx();
if (ctx == NULL)
ctx = async_ctx_new();
if (ctx == NULL) {
if (ctx == NULL)
return ASYNC_ERR;
}
if (*job) {
if (*job)
ctx->currjob = *job;
}
for (;;) {
if (ctx->currjob != NULL) {
@ -219,9 +220,8 @@ int ASYNC_start_job(ASYNC_JOB **job, ASYNC_WAIT_CTX *wctx, int *ret,
}
/* Start a new job */
if ((ctx->currjob = async_get_pool_job()) == NULL) {
if ((ctx->currjob = async_get_pool_job()) == NULL)
return ASYNC_NO_JOBS;
}
if (args != NULL) {
ctx->currjob->funcargs = OPENSSL_malloc(size);
@ -323,12 +323,11 @@ int ASYNC_init_thread(size_t max_size, size_t init_size)
return 0;
}
if (!OPENSSL_init_crypto(OPENSSL_INIT_ASYNC, NULL)) {
if (!OPENSSL_init_crypto(OPENSSL_INIT_ASYNC, NULL))
return 0;
}
if (!ossl_init_thread_start(OPENSSL_INIT_THREAD_ASYNC)) {
if (!ossl_init_thread_start(OPENSSL_INIT_THREAD_ASYNC))
return 0;
}
pool = OPENSSL_zalloc(sizeof(*pool));
if (pool == NULL) {
@ -369,32 +368,41 @@ int ASYNC_init_thread(size_t max_size, size_t init_size)
return 1;
err:
async_free_pool_internal(pool);
return 0;
}
static void async_free_pool_internal(async_pool *pool)
{
if (pool == NULL)
return;
async_empty_pool(pool);
sk_ASYNC_JOB_free(pool->jobs);
OPENSSL_free(pool);
CRYPTO_THREAD_set_local(&poolkey, NULL);
return 0;
}
void async_delete_thread_state(void)
{
async_pool *pool = (async_pool *)CRYPTO_THREAD_get_local(&poolkey);
if (pool != NULL) {
async_empty_pool(pool);
sk_ASYNC_JOB_free(pool->jobs);
OPENSSL_free(pool);
CRYPTO_THREAD_set_local(&poolkey, NULL);
}
async_local_cleanup();
async_ctx_free();
}
void ASYNC_cleanup_thread(void)
{
async_free_pool_internal((async_pool *)CRYPTO_THREAD_get_local(&poolkey));
if (!OPENSSL_init_crypto(OPENSSL_INIT_ASYNC, NULL))
return;
async_delete_thread_state();
}
ASYNC_JOB *ASYNC_get_current_job(void)
{
async_ctx *ctx;
if (!OPENSSL_init_crypto(OPENSSL_INIT_ASYNC, NULL))
return NULL;
ctx = async_get_ctx();
if (ctx == NULL)
return NULL;
@ -409,7 +417,12 @@ ASYNC_WAIT_CTX *ASYNC_get_wait_ctx(ASYNC_JOB *job)
void ASYNC_block_pause(void)
{
async_ctx *ctx = async_get_ctx();
async_ctx *ctx;
if (!OPENSSL_init_crypto(OPENSSL_INIT_ASYNC, NULL))
return;
ctx = async_get_ctx();
if (ctx == NULL || ctx->currjob == NULL) {
/*
* We're not in a job anyway so ignore this
@ -421,7 +434,12 @@ void ASYNC_block_pause(void)
void ASYNC_unblock_pause(void)
{
async_ctx *ctx = async_get_ctx();
async_ctx *ctx;
if (!OPENSSL_init_crypto(OPENSSL_INIT_ASYNC, NULL))
return;
ctx = async_get_ctx();
if (ctx == NULL || ctx->currjob == NULL) {
/*
* We're not in a job anyway so ignore this

11
crypto/external/bsd/openssl/dist/crypto/bio/b_addr.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -66,18 +66,18 @@ void BIO_ADDR_clear(BIO_ADDR *ap)
int BIO_ADDR_make(BIO_ADDR *ap, const struct sockaddr *sa)
{
if (sa->sa_family == AF_INET) {
ap->s_in = *(const struct sockaddr_in *)sa;
memcpy(&(ap->s_in), sa, sizeof(struct sockaddr_in));
return 1;
}
#ifdef AF_INET6
if (sa->sa_family == AF_INET6) {
ap->s_in6 = *(const struct sockaddr_in6 *)sa;
memcpy(&(ap->s_in6), sa, sizeof(struct sockaddr_in6));
return 1;
}
#endif
#ifdef AF_UNIX
if (sa->sa_family == AF_UNIX) {
ap->s_un = *(const struct sockaddr_un *)sa;
memcpy(&(ap->s_un), sa, sizeof(struct sockaddr_un));
return 1;
}
#endif
@ -604,7 +604,8 @@ static int addrinfo_wrap(int family, int socktype,
DEFINE_RUN_ONCE_STATIC(do_bio_lookup_init)
{
OPENSSL_init_crypto(0, NULL);
if (!OPENSSL_init_crypto(0, NULL))
return 0;
bio_lookup_lock = CRYPTO_THREAD_lock_new();
return bio_lookup_lock != NULL;
}

6
crypto/external/bsd/openssl/dist/crypto/bio/b_sock.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -317,7 +317,7 @@ int BIO_socket_nbio(int s, int mode)
l = fcntl(s, F_GETFL, 0);
if (l == -1) {
SYSerr(SYS_F_FCNTL, get_last_rtl_error());
SYSerr(SYS_F_FCNTL, get_last_sys_error());
ret = -1;
} else {
# if defined(O_NONBLOCK)
@ -335,7 +335,7 @@ int BIO_socket_nbio(int s, int mode)
ret = fcntl(s, F_SETFL, l);
if (ret < 0) {
SYSerr(SYS_F_FCNTL, get_last_rtl_error());
SYSerr(SYS_F_FCNTL, get_last_sys_error());
}
}
# else

17
crypto/external/bsd/openssl/dist/crypto/bio/bio_meth.c vendored
View File

@ -43,6 +43,7 @@ BIO_METHOD *BIO_meth_new(int type, const char *name)
BIOerr(BIO_F_BIO_METH_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
}
biom->type = type;
return biom;
}
@ -54,7 +55,7 @@ void BIO_meth_free(BIO_METHOD *biom)
}
}
int (*BIO_meth_get_write(BIO_METHOD *biom)) (BIO *, const char *, int)
int (*BIO_meth_get_write(const BIO_METHOD *biom)) (BIO *, const char *, int)
{
return biom->bwrite;
}
@ -66,7 +67,7 @@ int BIO_meth_set_write(BIO_METHOD *biom,
return 1;
}
int (*BIO_meth_get_read(BIO_METHOD *biom)) (BIO *, char *, int)
int (*BIO_meth_get_read(const BIO_METHOD *biom)) (BIO *, char *, int)
{
return biom->bread;
}
@ -78,7 +79,7 @@ int BIO_meth_set_read(BIO_METHOD *biom,
return 1;
}
int (*BIO_meth_get_puts(BIO_METHOD *biom)) (BIO *, const char *)
int (*BIO_meth_get_puts(const BIO_METHOD *biom)) (BIO *, const char *)
{
return biom->bputs;
}
@ -90,7 +91,7 @@ int BIO_meth_set_puts(BIO_METHOD *biom,
return 1;
}
int (*BIO_meth_get_gets(BIO_METHOD *biom)) (BIO *, char *, int)
int (*BIO_meth_get_gets(const BIO_METHOD *biom)) (BIO *, char *, int)
{
return biom->bgets;
}
@ -102,7 +103,7 @@ int BIO_meth_set_gets(BIO_METHOD *biom,
return 1;
}
long (*BIO_meth_get_ctrl(BIO_METHOD *biom)) (BIO *, int, long, void *)
long (*BIO_meth_get_ctrl(const BIO_METHOD *biom)) (BIO *, int, long, void *)
{
return biom->ctrl;
}
@ -114,7 +115,7 @@ int BIO_meth_set_ctrl(BIO_METHOD *biom,
return 1;
}
int (*BIO_meth_get_create(BIO_METHOD *biom)) (BIO *)
int (*BIO_meth_get_create(const BIO_METHOD *biom)) (BIO *)
{
return biom->create;
}
@ -125,7 +126,7 @@ int BIO_meth_set_create(BIO_METHOD *biom, int (*create) (BIO *))
return 1;
}
int (*BIO_meth_get_destroy(BIO_METHOD *biom)) (BIO *)
int (*BIO_meth_get_destroy(const BIO_METHOD *biom)) (BIO *)
{
return biom->destroy;
}
@ -136,7 +137,7 @@ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy) (BIO *))
return 1;
}
long (*BIO_meth_get_callback_ctrl(BIO_METHOD *biom)) (BIO *, int, BIO_info_cb *)
long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom)) (BIO *, int, BIO_info_cb *)
{
return biom->callback_ctrl;
}

4
crypto/external/bsd/openssl/dist/crypto/bio/bss_log.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -196,7 +196,7 @@ static int slg_write(BIO *b, const char *in, int inl)
if ((buf = OPENSSL_malloc(inl + 1)) == NULL) {
return (0);
}
strncpy(buf, in, inl);
memcpy(buf, in, inl);
buf[inl] = '\0';
i = 0;

4
crypto/external/bsd/openssl/dist/crypto/bio/bss_mem.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -212,6 +212,8 @@ static int mem_write(BIO *b, const char *in, int inl)
goto end;
}
BIO_clear_retry_flags(b);
if (inl == 0)
return 0;
blen = bbm->readp->length;
mem_buf_sync(b);
if (BUF_MEM_grow_clean(bbm->buf, blen + inl) == 0)

11
crypto/external/bsd/openssl/dist/crypto/bn/asm/alpha-mont.pl vendored
View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -297,15 +297,12 @@ bn_mul_mont:
mov sp,$tp
mov $bp,$rp # restore rp
and sp,$hi0,$ap
bic $bp,$hi0,$bp
bis $bp,$ap,$ap # ap=borrow?tp:rp
.align 4
.Lcopy: ldq $aj,0($ap) # copy or in-place refresh
.Lcopy: ldq $aj,0($tp) # conditional copy
ldq $nj,0($rp)
lda $tp,8($tp)
lda $rp,8($rp)
lda $ap,8($ap)
cmoveq $hi0,$nj,$aj
stq zero,-8($tp) # zap tp
cmpult $tp,$tj,AT
stq $aj,-8($rp)

17
crypto/external/bsd/openssl/dist/crypto/bn/asm/armv4-mont.pl vendored
View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -262,14 +262,15 @@ bn_mul_mont:
mov $tp,sp @ "rewind" $tp
sub $rp,$rp,$aj @ "rewind" $rp
and $ap,$tp,$nhi
bic $np,$rp,$nhi
orr $ap,$ap,$np @ ap=borrow?tp:rp
.Lcopy: ldr $tj,[$ap],#4 @ copy or in-place refresh
.Lcopy: ldr $tj,[$tp] @ conditional copy
ldr $aj,[$rp]
str sp,[$tp],#4 @ zap tp
str $tj,[$rp],#4
cmp $tp,$num
#ifdef __thumb2__
it cc
#endif
movcc $aj,$tj
str $aj,[$rp],#4
teq $tp,$num @ preserve carry
bne .Lcopy
mov sp,$num

20
crypto/external/bsd/openssl/dist/crypto/bn/asm/ia64-mont.pl vendored
View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2010-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -341,19 +341,19 @@ bn_mul_mont_general:
{ .mmb; sub rptr=rptr,len // rewind
sub tptr=tptr,len
clrrrb.pr };;
{ .mmi; and aptr=tptr,topbit
andcm bptr=rptr,topbit
{ .mmi; mov aptr=rptr
mov bptr=tptr
mov pr.rot=1<<16 };;
{ .mii; or nptr=aptr,bptr
{ .mii; cmp.eq p0,p6=topbit,r0
mov ar.lc=lc
mov ar.ec=3 };;
mov ar.ec=2 };;
.Lcopy_ctop:
{ .mmb; (p16) ld8 n[0]=[nptr],8
(p18) st8 [tptr]=r0,8
(p16) nop.b 0 }
{ .mmb; (p16) nop.m 0
(p18) st8 [rptr]=n[2],8
{ .mmi; (p16) ld8 a[0]=[aptr],8
(p16) ld8 t[0]=[bptr],8
(p6) mov a[1]=t[1] };; // (p17)
{ .mmb; (p17) st8 [rptr]=a[1],8
(p17) st8 [tptr]=r0,8
br.ctop.sptk .Lcopy_ctop };;
.Lcopy_cend:

14
crypto/external/bsd/openssl/dist/crypto/bn/asm/mips-mont.pl vendored
View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2010-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -384,15 +384,13 @@ $code.=<<___;
$PTR_SUB $rp,$num # restore rp
not $hi1,$hi0
and $ap,$hi0,$sp
and $bp,$hi1,$rp
or $ap,$ap,$bp # ap=borrow?tp:rp
.align 4
.Lcopy: $LD $aj,($ap)
$PTR_ADD $ap,$BNSZ
.Lcopy: $LD $nj,($tp) # conditional move
$LD $aj,($rp)
$ST $zero,($tp)
$PTR_ADD $tp,$BNSZ
and $nj,$hi0
and $aj,$hi1
or $aj,$nj
sltu $at,$tp,$tj
$ST $aj,($rp)
bnez $at,.Lcopy

30
crypto/external/bsd/openssl/dist/crypto/bn/asm/parisc-mont.pl vendored
View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -517,7 +517,6 @@ L\$sub
stws,ma $hi1,4($rp)
subb $ti0,%r0,$hi1
ldo -4($tp),$tp
___
$code.=<<___ if ($BN_SZ==8);
ldd,ma 8($tp),$ti0
@ -532,21 +531,19 @@ L\$sub
extrd,u $ti0,31,32,$ti0 ; carry in flipped word order
sub,db $ti0,%r0,$hi1
ldo -8($tp),$tp
___
$code.=<<___;
and $tp,$hi1,$ap
andcm $rp,$hi1,$bp
or $ap,$bp,$np
ldo `$LOCALS+32`($fp),$tp
sub $rp,$arrsz,$rp ; rewind rp
subi 0,$arrsz,$idx
ldo `$LOCALS+32`($fp),$tp
L\$copy
ldd $idx($np),$hi0
ldd 0($tp),$ti0
ldd 0($rp),$hi0
std,ma %r0,8($tp)
addib,<> 8,$idx,.-8 ; L\$copy
std,ma $hi0,8($rp)
comiclr,= 0,$hi1,%r0
copy $ti0,$hi0
addib,<> 8,$idx,L\$copy
std,ma $hi0,8($rp)
___
if ($BN_SZ==4) { # PA-RISC 1.1 code-path
@ -856,17 +853,16 @@ L\$sub_pa11
stws,ma $hi1,4($rp)
subb $ti0,%r0,$hi1
ldo -4($tp),$tp
and $tp,$hi1,$ap
andcm $rp,$hi1,$bp
or $ap,$bp,$np
ldo `$LOCALS+32`($fp),$tp
sub $rp,$arrsz,$rp ; rewind rp
subi 0,$arrsz,$idx
ldo `$LOCALS+32`($fp),$tp
L\$copy_pa11
ldwx $idx($np),$hi0
ldw 0($tp),$ti0
ldw 0($rp),$hi0
stws,ma %r0,4($tp)
comiclr,= 0,$hi1,%r0
copy $ti0,$hi0
addib,<> 4,$idx,L\$copy_pa11
stws,ma $hi0,4($rp)

15
crypto/external/bsd/openssl/dist/crypto/bn/asm/ppc-mont.pl vendored
View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -301,15 +301,16 @@ Lsub: $LDX $tj,$tp,$j
li $j,0
mtctr $num
subfe $ovf,$j,$ovf ; handle upmost overflow bit
and $ap,$tp,$ovf
andc $np,$rp,$ovf
or $ap,$ap,$np ; ap=borrow?tp:rp
.align 4
Lcopy: ; copy or in-place refresh
$LDX $tj,$ap,$j
$STX $tj,$rp,$j
Lcopy: ; conditional copy
$LDX $tj,$tp,$j
$LDX $aj,$rp,$j
and $tj,$tj,$ovf
andc $aj,$aj,$ovf
$STX $j,$tp,$j ; zap at once
or $aj,$aj,$tj
$STX $aj,$rp,$j
addi $j,$j,$BNSZ
bdnz Lcopy

43
crypto/external/bsd/openssl/dist/crypto/bn/asm/ppc64-mont.pl vendored
View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -1501,16 +1501,14 @@ Lsub: ldx $t0,$tp,$i
li $i,0
subfe $ovf,$i,$ovf ; handle upmost overflow bit
and $ap,$tp,$ovf
andc $np,$rp,$ovf
or $ap,$ap,$np ; ap=borrow?tp:rp
addi $t7,$ap,8
mtctr $j
.align 4
Lcopy: ; copy or in-place refresh
ldx $t0,$ap,$i
ldx $t1,$t7,$i
Lcopy: ; conditional copy
ldx $t0,$tp,$i
ldx $t1,$t4,$i
ldx $t2,$rp,$i
ldx $t3,$t6,$i
std $i,8($nap_d) ; zap nap_d
std $i,16($nap_d)
std $i,24($nap_d)
@ -1519,6 +1517,12 @@ Lcopy: ; copy or in-place refresh
std $i,48($nap_d)
std $i,56($nap_d)
stdu $i,64($nap_d)
and $t0,$t0,$ovf
and $t1,$t1,$ovf
andc $t2,$t2,$ovf
andc $t3,$t3,$ovf
or $t0,$t0,$t2
or $t1,$t1,$t3
stdx $t0,$rp,$i
stdx $t1,$t6,$i
stdx $i,$tp,$i ; zap tp at once
@ -1561,20 +1565,21 @@ Lsub: lwz $t0,12($tp) ; load tp[j..j+3] in 64-bit word order
li $i,0
subfe $ovf,$i,$ovf ; handle upmost overflow bit
addi $tp,$sp,`$FRAME+$TRANSFER+4`
addi $ap,$sp,`$FRAME+$TRANSFER+4`
subf $rp,$num,$rp ; rewind rp
and $ap,$tp,$ovf
andc $np,$rp,$ovf
or $ap,$ap,$np ; ap=borrow?tp:rp
addi $tp,$sp,`$FRAME+$TRANSFER`
mtctr $j
.align 4
Lcopy: ; copy or in-place refresh
Lcopy: ; conditional copy
lwz $t0,4($ap)
lwz $t1,8($ap)
lwz $t2,12($ap)
lwzu $t3,16($ap)
lwz $t4,4($rp)
lwz $t5,8($rp)
lwz $t6,12($rp)
lwz $t7,16($rp)
std $i,8($nap_d) ; zap nap_d
std $i,16($nap_d)
std $i,24($nap_d)
@ -1583,6 +1588,18 @@ Lcopy: ; copy or in-place refresh
std $i,48($nap_d)
std $i,56($nap_d)
stdu $i,64($nap_d)
and $t0,$t0,$ovf
and $t1,$t1,$ovf
and $t2,$t2,$ovf
and $t3,$t3,$ovf
andc $t4,$t4,$ovf
andc $t5,$t5,$ovf
andc $t6,$t6,$ovf
andc $t7,$t7,$ovf
or $t0,$t0,$t4
or $t1,$t1,$t5
or $t2,$t2,$t6
or $t3,$t3,$t7
stw $t0,4($rp)
stw $t1,8($rp)
stw $t2,12($rp)

4
crypto/external/bsd/openssl/dist/crypto/bn/asm/rsaz-avx2.pl vendored
View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -104,7 +104,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$addx = ($1>=11);
}
if (!$avx && `$ENV{CC} -v 2>&1` =~ /(^clang version|based on LLVM) ([3-9])\.([0-9]+)/) {
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([3-9])\.([0-9]+)/) {
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
$avx = ($ver>=3.0) + ($ver>=3.01);
$addx = ($ver>=3.03);

16
crypto/external/bsd/openssl/dist/crypto/bn/asm/s390x-mont.pl vendored
View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -252,16 +252,16 @@ $code.=<<___;
brct $count,.Lsub
lghi $ahi,0
slbgr $AHI,$ahi # handle upmost carry
ngr $ap,$AHI
lghi $np,-1
xgr $np,$AHI
ngr $np,$rp
ogr $ap,$np # ap=borrow?tp:rp
lghi $NHI,-1
xgr $NHI,$AHI
la $j,0(%r0)
lgr $count,$num
.Lcopy: lg $alo,0($j,$ap) # copy or in-place refresh
.Lcopy: lg $ahi,$stdframe($j,$sp) # conditional copy
lg $alo,0($j,$rp)
ngr $ahi,$AHI
ngr $alo,$NHI
ogr $alo,$ahi
_dswap $alo
stg $j,$stdframe($j,$sp) # zap tp
stg $alo,0($j,$rp)

26
crypto/external/bsd/openssl/dist/crypto/bn/asm/sparct4-mont.pl vendored
View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2012-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -888,19 +888,17 @@ $code.=<<___;
sub $tp, $num, $tp
sub $rp, $num, $rp
subc $ovf, %g0, $ovf ! handle upmost overflow bit
and $tp, $ovf, $ap
andn $rp, $ovf, $np
or $np, $ap, $ap ! ap=borrow?tp:rp
subccc $ovf, %g0, $ovf ! handle upmost overflow bit
ba .Lcopy
sub $num, 8, $cnt
.align 16
.Lcopy: ! copy or in-place refresh
ldx [$ap+0], $t2
add $ap, 8, $ap
.Lcopy: ! conditional copy
ldx [$tp], $tj
ldx [$rp+0], $t2
stx %g0, [$tp] ! zap
add $tp, 8, $tp
movcs %icc, $tj, $t2
stx $t2, [$rp+0]
add $rp, 8, $rp
brnz $cnt, .Lcopy
@ -1136,19 +1134,17 @@ $code.=<<___;
sub $tp, $num, $tp
sub $rp, $num, $rp
subc $ovf, %g0, $ovf ! handle upmost overflow bit
and $tp, $ovf, $ap
andn $rp, $ovf, $np
or $np, $ap, $ap ! ap=borrow?tp:rp
subccc $ovf, %g0, $ovf ! handle upmost overflow bit
ba .Lcopy_g5
sub $num, 8, $cnt
.align 16
.Lcopy_g5: ! copy or in-place refresh
ldx [$ap+0], $t2
add $ap, 8, $ap
.Lcopy_g5: ! conditional copy
ldx [$tp], $tj
ldx [$rp+0], $t2
stx %g0, [$tp] ! zap
add $tp, 8, $tp
movcs %icc, $tj, $t2
stx $t2, [$rp+0]
add $rp, 8, $rp
brnz $cnt, .Lcopy_g5

15
crypto/external/bsd/openssl/dist/crypto/bn/asm/sparcv9-mont.pl vendored
View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2005-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -265,7 +265,6 @@ $fname:
.Ltail:
add $np,$num,$np
add $rp,$num,$rp
mov $tp,$ap
sub %g0,$num,%o7 ! k=-num
ba .Lsub
subcc %g0,%g0,%g0 ! clear %icc.c
@ -278,15 +277,14 @@ $fname:
add %o7,4,%o7
brnz %o7,.Lsub
st %o1,[$i]
subc $car2,0,$car2 ! handle upmost overflow bit
and $tp,$car2,$ap
andn $rp,$car2,$np
or $ap,$np,$ap
subccc $car2,0,$car2 ! handle upmost overflow bit
sub %g0,$num,%o7
.Lcopy:
ld [$ap+%o7],%o0 ! copy or in-place refresh
ld [$tp+%o7],%o1 ! conditional copy
ld [$rp+%o7],%o0
st %g0,[$tp+%o7] ! zap tp
movcs %icc,%o1,%o0
st %o0,[$rp+%o7]
add %o7,4,%o7
brnz %o7,.Lcopy
@ -495,6 +493,9 @@ $code.=<<___;
mulx $npj,$mul1,$acc1
add $tpj,$car1,$car1
ld [$np+$j],$npj ! np[j]
srlx $car1,32,$tmp0
and $car1,$mask,$car1
add $tmp0,$sbit,$sbit
add $acc0,$car1,$car1
ld [$tp+8],$tpj ! tp[j]
add $acc1,$car1,$car1

15
crypto/external/bsd/openssl/dist/crypto/bn/asm/via-mont.pl vendored
View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -213,18 +213,15 @@ $sp=&DWP(28,"esp");
&mov ("eax",&DWP(0,"esi","edx",4)); # upmost overflow bit
&sbb ("eax",0);
&and ("esi","eax");
&not ("eax");
&mov ("ebp","edi");
&and ("ebp","eax");
&or ("esi","ebp"); # tp=carry?tp:rp
&mov ("ecx","edx"); # num
&xor ("edx","edx"); # i=0
&mov ("edx",0); # i=0
&set_label("copy",8);
&mov ("eax",&DWP(0,"esi","edx",4));
&mov (&DWP(64,"esp","edx",4),"ecx"); # zap tp
&mov ("ebx",&DWP(0,"esi","edx",4));
&mov ("eax",&DWP(0,"edi","edx",4));
&mov (&DWP(0,"esi","edx",4),"ecx"); # zap tp
&cmovc ("eax","ebx");
&mov (&DWP(0,"edi","edx",4),"eax");
&lea ("edx",&DWP(1,"edx")); # i++
&loop (&label("copy"));

18
crypto/external/bsd/openssl/dist/crypto/bn/asm/vis3-mont.pl vendored
View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2012-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -310,23 +310,23 @@ $code.=<<___;
sub $anp, $num, $anp
sub $rp, $num, $rp
subc $ovf, %g0, $ovf ! handle upmost overflow bit
and $tp, $ovf, $ap
andn $rp, $ovf, $np
or $np, $ap, $ap ! ap=borrow?tp:rp
subccc $ovf, %g0, $ovf ! handle upmost overflow bit
ba .Lcopy
sub $num, 8, $cnt
.align 16
.Lcopy: ! copy or in-place refresh
ld [$ap+0], $t2
ld [$ap+4], $t3
add $ap, 8, $ap
.Lcopy: ! conditional copy
ld [$tp+0], $t0
ld [$tp+4], $t1
ld [$rp+0], $t2
ld [$rp+4], $t3
stx %g0, [$tp] ! zap
add $tp, 8, $tp
stx %g0, [$anp] ! zap
stx %g0, [$anp+8]
add $anp, 16, $anp
movcs %icc, $t0, $t2
movcs %icc, $t1, $t3
st $t3, [$rp+0] ! flip order
st $t2, [$rp+4]
add $rp, 8, $rp

20
crypto/external/bsd/openssl/dist/crypto/bn/asm/x86-mont.pl vendored
View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2005-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -604,16 +604,18 @@ $sbit=$num;
&jge (&label("sub"));
&sbb ("eax",0); # handle upmost overflow bit
&and ($tp,"eax");
&not ("eax");
&mov ($np,$rp);
&and ($np,"eax");
&or ($tp,$np); # tp=carry?tp:rp
&mov ("edx",-1);
&xor ("edx","eax");
&jmp (&label("copy"));
&set_label("copy",16); # copy or in-place refresh
&mov ("eax",&DWP(0,$tp,$num,4));
&mov (&DWP(0,$rp,$num,4),"eax"); # rp[i]=tp[i]
&set_label("copy",16); # conditional copy
&mov ($tp,&DWP($frame,"esp",$num,4));
&mov ($np,&DWP(0,$rp,$num,4));
&mov (&DWP($frame,"esp",$num,4),$j); # zap temporary vector
&and ($tp,"eax");
&and ($np,"edx");
&or ($np,$tp);
&mov (&DWP(0,$rp,$num,4),$np);
&dec ($num);
&jge (&label("copy"));

83
crypto/external/bsd/openssl/dist/crypto/bn/asm/x86_64-mont.pl vendored
View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2005-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -302,30 +302,30 @@ $code.=<<___;
xor $i,$i # i=0 and clear CF!
mov (%rsp),%rax # tp[0]
lea (%rsp),$ap # borrow ap for tp
mov $num,$j # j=num
jmp .Lsub
.align 16
.Lsub: sbb ($np,$i,8),%rax
mov %rax,($rp,$i,8) # rp[i]=tp[i]-np[i]
mov 8($ap,$i,8),%rax # tp[i+1]
mov 8(%rsp,$i,8),%rax # tp[i+1]
lea 1($i),$i # i++
dec $j # doesnn't affect CF!
jnz .Lsub
sbb \$0,%rax # handle upmost overflow bit
mov \$-1,%rbx
xor %rax,%rbx # not %rax
xor $i,$i
and %rax,$ap
not %rax
mov $rp,$np
and %rax,$np
mov $num,$j # j=num
or $np,$ap # ap=borrow?tp:rp
.align 16
.Lcopy: # copy or in-place refresh
mov ($ap,$i,8),%rax
mov $i,(%rsp,$i,8) # zap temporary vector
mov %rax,($rp,$i,8) # rp[i]=tp[i]
.Lcopy: # conditional copy
mov ($rp,$i,8),%rcx
mov (%rsp,$i,8),%rdx
and %rbx,%rcx
and %rax,%rdx
mov $num,(%rsp,$i,8) # zap temporary vector
or %rcx,%rdx
mov %rdx,($rp,$i,8) # rp[i]=tp[i]
lea 1($i),$i
sub \$1,$j
jnz .Lcopy
@ -695,10 +695,10 @@ ___
my @ri=("%rax","%rdx",$m0,$m1);
$code.=<<___;
mov 16(%rsp,$num,8),$rp # restore $rp
lea -4($num),$j
mov 0(%rsp),@ri[0] # tp[0]
pxor %xmm0,%xmm0
mov 8(%rsp),@ri[1] # tp[1]
shr \$2,$num # num/=4
shr \$2,$j # j=num/4-1
lea (%rsp),$ap # borrow ap for tp
xor $i,$i # i=0 and clear CF!
@ -706,9 +706,7 @@ $code.=<<___;
mov 16($ap),@ri[2] # tp[2]
mov 24($ap),@ri[3] # tp[3]
sbb 8($np),@ri[1]
lea -1($num),$j # j=num/4-1
jmp .Lsub4x
.align 16
.Lsub4x:
mov @ri[0],0($rp,$i,8) # rp[i]=tp[i]-np[i]
mov @ri[1],8($rp,$i,8) # rp[i]=tp[i]-np[i]
@ -735,34 +733,35 @@ $code.=<<___;
sbb \$0,@ri[0] # handle upmost overflow bit
mov @ri[3],24($rp,$i,8) # rp[i]=tp[i]-np[i]
xor $i,$i # i=0
and @ri[0],$ap
not @ri[0]
mov $rp,$np
and @ri[0],$np
lea -1($num),$j
or $np,$ap # ap=borrow?tp:rp
pxor %xmm0,%xmm0
movq @ri[0],%xmm4
pcmpeqd %xmm5,%xmm5
pshufd \$0,%xmm4,%xmm4
mov $num,$j
pxor %xmm4,%xmm5
shr \$2,$j # j=num/4
xor %eax,%eax # i=0
movdqu ($ap),%xmm1
movdqa %xmm0,(%rsp)
movdqu %xmm1,($rp)
jmp .Lcopy4x
.align 16
.Lcopy4x: # copy or in-place refresh
movdqu 16($ap,$i),%xmm2
movdqu 32($ap,$i),%xmm1
movdqa %xmm0,16(%rsp,$i)
movdqu %xmm2,16($rp,$i)
movdqa %xmm0,32(%rsp,$i)
movdqu %xmm1,32($rp,$i)
lea 32($i),$i
.Lcopy4x: # conditional copy
movdqa (%rsp,%rax),%xmm1
movdqu ($rp,%rax),%xmm2
pand %xmm4,%xmm1
pand %xmm5,%xmm2
movdqa 16(%rsp,%rax),%xmm3
movdqa %xmm0,(%rsp,%rax)
por %xmm2,%xmm1
movdqu 16($rp,%rax),%xmm2
movdqu %xmm1,($rp,%rax)
pand %xmm4,%xmm3
pand %xmm5,%xmm2
movdqa %xmm0,16(%rsp,%rax)
por %xmm2,%xmm3
movdqu %xmm3,16($rp,%rax)
lea 32(%rax),%rax
dec $j
jnz .Lcopy4x
shl \$2,$num
movdqu 16($ap,$i),%xmm2
movdqa %xmm0,16(%rsp,$i)
movdqu %xmm2,16($rp,$i)
___
}
$code.=<<___;

21
crypto/external/bsd/openssl/dist/crypto/bn/asm/x86_64-mont5.pl vendored
View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2011-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -414,18 +414,19 @@ $code.=<<___;
jnz .Lsub
sbb \$0,%rax # handle upmost overflow bit
mov \$-1,%rbx
xor %rax,%rbx
xor $i,$i
and %rax,$ap
not %rax
mov $rp,$np
and %rax,$np
mov $num,$j # j=num
or $np,$ap # ap=borrow?tp:rp
.align 16
.Lcopy: # copy or in-place refresh
mov ($ap,$i,8),%rax
.Lcopy: # conditional copy
mov ($rp,$i,8),%rcx
mov (%rsp,$i,8),%rdx
and %rbx,%rcx
and %rax,%rdx
mov $i,(%rsp,$i,8) # zap temporary vector
mov %rax,($rp,$i,8) # rp[i]=tp[i]
or %rcx,%rdx
mov %rdx,($rp,$i,8) # rp[i]=tp[i]
lea 1($i),$i
sub \$1,$j
jnz .Lcopy

3
crypto/external/bsd/openssl/dist/crypto/bn/bn_div.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -240,6 +240,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
wnum.neg = 0;
wnum.d = &(snum->d[loop]);
wnum.top = div_n;
wnum.flags = BN_FLG_STATIC_DATA;
/*
* only needed when BN_ucmp messes up the values between top and max
*/

69
crypto/external/bsd/openssl/dist/crypto/bn/bn_exp.c vendored
View File

@ -188,8 +188,8 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
bits = BN_num_bits(p);
if (bits == 0) {
/* x**0 mod 1 is still zero. */
if (BN_is_one(m)) {
/* x**0 mod 1, or x**0 mod -1 is still zero. */
if (BN_abs_is_word(m, 1)) {
ret = 1;
BN_zero(r);
} else {
@ -330,8 +330,8 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
}
bits = BN_num_bits(p);
if (bits == 0) {
/* x**0 mod 1 is still zero. */
if (BN_is_one(m)) {
/* x**0 mod 1, or x**0 mod -1 is still zero. */
if (BN_abs_is_word(m, 1)) {
ret = 1;
BN_zero(rr);
} else {
@ -371,17 +371,17 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
ret = 1;
goto err;
}
if (!BN_to_montgomery(val[0], aa, mont, ctx))
if (!bn_to_mont_fixed_top(val[0], aa, mont, ctx))
goto err; /* 1 */
window = BN_window_bits_for_exponent_size(bits);
if (window > 1) {
if (!BN_mod_mul_montgomery(d, val[0], val[0], mont, ctx))
if (!bn_mul_mont_fixed_top(d, val[0], val[0], mont, ctx))
goto err; /* 2 */
j = 1 << (window - 1);
for (i = 1; i < j; i++) {
if (((val[i] = BN_CTX_get(ctx)) == NULL) ||
!BN_mod_mul_montgomery(val[i], val[i - 1], d, mont, ctx))
!bn_mul_mont_fixed_top(val[i], val[i - 1], d, mont, ctx))
goto err;
}
}
@ -403,19 +403,15 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
for (i = 1; i < j; i++)
r->d[i] = (~m->d[i]) & BN_MASK2;
r->top = j;
/*
* Upper words will be zero if the corresponding words of 'm' were
* 0xfff[...], so decrement r->top accordingly.
*/
bn_correct_top(r);
r->flags |= BN_FLG_FIXED_TOP;
} else
#endif
if (!BN_to_montgomery(r, BN_value_one(), mont, ctx))
if (!bn_to_mont_fixed_top(r, BN_value_one(), mont, ctx))
goto err;
for (;;) {
if (BN_is_bit_set(p, wstart) == 0) {
if (!start) {
if (!BN_mod_mul_montgomery(r, r, r, mont, ctx))
if (!bn_mul_mont_fixed_top(r, r, r, mont, ctx))
goto err;
}
if (wstart == 0)
@ -446,12 +442,12 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
/* add the 'bytes above' */
if (!start)
for (i = 0; i < j; i++) {
if (!BN_mod_mul_montgomery(r, r, r, mont, ctx))
if (!bn_mul_mont_fixed_top(r, r, r, mont, ctx))
goto err;
}
/* wvalue will be an odd number < 2^window */
if (!BN_mod_mul_montgomery(r, r, val[wvalue >> 1], mont, ctx))
if (!bn_mul_mont_fixed_top(r, r, val[wvalue >> 1], mont, ctx))
goto err;
/* move the 'window' down further */
@ -461,6 +457,11 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
if (wstart < 0)
break;
}
/*
* Done with zero-padded intermediate BIGNUMs. Final BN_from_montgomery
* removes padding [if any] and makes return value suitable for public
* API consumer.
*/
#if defined(SPARC_T4_MONT)
if (OPENSSL_sparcv9cap_P[0] & (SPARCV9_VIS3 | SPARCV9_PREFER_FPU)) {
j = mont->N.top; /* borrow j */
@ -587,7 +588,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top,
}
b->top = top;
bn_correct_top(b);
b->flags |= BN_FLG_FIXED_TOP;
return 1;
}
@ -639,8 +640,8 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
*/
bits = p->top * BN_BITS2;
if (bits == 0) {
/* x**0 mod 1 is still zero. */
if (BN_is_one(m)) {
/* x**0 mod 1, or x**0 mod -1 is still zero. */
if (BN_abs_is_word(m, 1)) {
ret = 1;
BN_zero(rr);
} else {
@ -757,16 +758,16 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
tmp.top = top;
} else
#endif
if (!BN_to_montgomery(&tmp, BN_value_one(), mont, ctx))
if (!bn_to_mont_fixed_top(&tmp, BN_value_one(), mont, ctx))
goto err;
/* prepare a^1 in Montgomery domain */
if (a->neg || BN_ucmp(a, m) >= 0) {
if (!BN_mod(&am, a, m, ctx))
goto err;
if (!BN_to_montgomery(&am, &am, mont, ctx))
if (!bn_to_mont_fixed_top(&am, &am, mont, ctx))
goto err;
} else if (!BN_to_montgomery(&am, a, mont, ctx))
} else if (!bn_to_mont_fixed_top(&am, a, mont, ctx))
goto err;
#if defined(SPARC_T4_MONT)
@ -1033,14 +1034,14 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
* performance advantage of sqr over mul).
*/
if (window > 1) {
if (!BN_mod_mul_montgomery(&tmp, &am, &am, mont, ctx))
if (!bn_mul_mont_fixed_top(&tmp, &am, &am, mont, ctx))
goto err;
if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, powerbuf, 2,
window))
goto err;
for (i = 3; i < numPowers; i++) {
/* Calculate a^i = a^(i-1) * a */
if (!BN_mod_mul_montgomery(&tmp, &am, &tmp, mont, ctx))
if (!bn_mul_mont_fixed_top(&tmp, &am, &tmp, mont, ctx))
goto err;
if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, powerbuf, i,
window))
@ -1064,7 +1065,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
/* Scan the window, squaring the result as we go */
for (i = 0; i < window; i++, bits--) {
if (!BN_mod_mul_montgomery(&tmp, &tmp, &tmp, mont, ctx))
if (!bn_mul_mont_fixed_top(&tmp, &tmp, &tmp, mont, ctx))
goto err;
wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
}
@ -1077,12 +1078,16 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
goto err;
/* Multiply the result into the intermediate result */
if (!BN_mod_mul_montgomery(&tmp, &tmp, &am, mont, ctx))
if (!bn_mul_mont_fixed_top(&tmp, &tmp, &am, mont, ctx))
goto err;
}
}
/* Convert the final result from montgomery to standard format */
/*
* Done with zero-padded intermediate BIGNUMs. Final BN_from_montgomery
* removes padding [if any] and makes return value suitable for public
* API consumer.
*/
#if defined(SPARC_T4_MONT)
if (OPENSSL_sparcv9cap_P[0] & (SPARCV9_VIS3 | SPARCV9_PREFER_FPU)) {
am.d[0] = 1; /* borrow am */
@ -1151,8 +1156,8 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
bits = BN_num_bits(p);
if (bits == 0) {
/* x**0 mod 1 is still zero. */
if (BN_is_one(m)) {
/* x**0 mod 1, or x**0 mod -1 is still zero. */
if (BN_abs_is_word(m, 1)) {
ret = 1;
BN_zero(rr);
} else {
@ -1273,9 +1278,9 @@ int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
}
bits = BN_num_bits(p);
if (bits == 0) {
/* x**0 mod 1 is still zero. */
if (BN_is_one(m)) {
if (bits == 0) {
/* x**0 mod 1, or x**0 mod -1 is still zero. */
if (BN_abs_is_word(m, 1)) {
ret = 1;
BN_zero(r);
} else {

11
crypto/external/bsd/openssl/dist/crypto/bn/bn_gcd.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -140,7 +140,14 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in,
BIGNUM *ret = NULL;
int sign;
if (pnoinv)
/* This is invalid input so we don't worry about constant time here */
if (BN_abs_is_word(n, 1) || BN_is_zero(n)) {
if (pnoinv != NULL)
*pnoinv = 1;
return NULL;
}
if (pnoinv != NULL)
*pnoinv = 0;
if ((BN_get_flags(a, BN_FLG_CONSTTIME) != 0)

34
crypto/external/bsd/openssl/dist/crypto/bn/bn_gf2m.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -32,30 +32,32 @@
*/
# define MAX_ITERATIONS 50
static const BN_ULONG SQR_tb[16] = { 0, 1, 4, 5, 16, 17, 20, 21,
64, 65, 68, 69, 80, 81, 84, 85
};
# define SQR_nibble(w) ((((w) & 8) << 3) \
| (((w) & 4) << 2) \
| (((w) & 2) << 1) \
| ((w) & 1))
/* Platform-specific macros to accelerate squaring. */
# if defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
# define SQR1(w) \
SQR_tb[(w) >> 60 & 0xF] << 56 | SQR_tb[(w) >> 56 & 0xF] << 48 | \
SQR_tb[(w) >> 52 & 0xF] << 40 | SQR_tb[(w) >> 48 & 0xF] << 32 | \
SQR_tb[(w) >> 44 & 0xF] << 24 | SQR_tb[(w) >> 40 & 0xF] << 16 | \
SQR_tb[(w) >> 36 & 0xF] << 8 | SQR_tb[(w) >> 32 & 0xF]
SQR_nibble((w) >> 60) << 56 | SQR_nibble((w) >> 56) << 48 | \
SQR_nibble((w) >> 52) << 40 | SQR_nibble((w) >> 48) << 32 | \
SQR_nibble((w) >> 44) << 24 | SQR_nibble((w) >> 40) << 16 | \
SQR_nibble((w) >> 36) << 8 | SQR_nibble((w) >> 32)
# define SQR0(w) \
SQR_tb[(w) >> 28 & 0xF] << 56 | SQR_tb[(w) >> 24 & 0xF] << 48 | \
SQR_tb[(w) >> 20 & 0xF] << 40 | SQR_tb[(w) >> 16 & 0xF] << 32 | \
SQR_tb[(w) >> 12 & 0xF] << 24 | SQR_tb[(w) >> 8 & 0xF] << 16 | \
SQR_tb[(w) >> 4 & 0xF] << 8 | SQR_tb[(w) & 0xF]
SQR_nibble((w) >> 28) << 56 | SQR_nibble((w) >> 24) << 48 | \
SQR_nibble((w) >> 20) << 40 | SQR_nibble((w) >> 16) << 32 | \
SQR_nibble((w) >> 12) << 24 | SQR_nibble((w) >> 8) << 16 | \
SQR_nibble((w) >> 4) << 8 | SQR_nibble((w) )
# endif
# ifdef THIRTY_TWO_BIT
# define SQR1(w) \
SQR_tb[(w) >> 28 & 0xF] << 24 | SQR_tb[(w) >> 24 & 0xF] << 16 | \
SQR_tb[(w) >> 20 & 0xF] << 8 | SQR_tb[(w) >> 16 & 0xF]
SQR_nibble((w) >> 28) << 24 | SQR_nibble((w) >> 24) << 16 | \
SQR_nibble((w) >> 20) << 8 | SQR_nibble((w) >> 16)
# define SQR0(w) \
SQR_tb[(w) >> 12 & 0xF] << 24 | SQR_tb[(w) >> 8 & 0xF] << 16 | \
SQR_tb[(w) >> 4 & 0xF] << 8 | SQR_tb[(w) & 0xF]
SQR_nibble((w) >> 12) << 24 | SQR_nibble((w) >> 8) << 16 | \
SQR_nibble((w) >> 4) << 8 | SQR_nibble((w) )
# endif
# if !defined(OPENSSL_BN_ASM_GF2m)

12
crypto/external/bsd/openssl/dist/crypto/bn/bn_intern.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -177,16 +177,20 @@ BN_ULONG *bn_get_words(const BIGNUM *a)
return a->d;
}
void bn_set_static_words(BIGNUM *a, BN_ULONG *words, int size)
void bn_set_static_words(BIGNUM *a, const BN_ULONG *words, int size)
{
a->d = words;
/*
* |const| qualifier omission is compensated by BN_FLG_STATIC_DATA
* flag, which effectively means "read-only data".
*/
a->d = (BN_ULONG *)words;
a->dmax = a->top = size;
a->neg = 0;
a->flags |= BN_FLG_STATIC_DATA;
bn_correct_top(a);
}
int bn_set_words(BIGNUM *a, BN_ULONG *words, int num_words)
int bn_set_words(BIGNUM *a, const BN_ULONG *words, int num_words)
{
if (bn_wexpand(a, num_words) == NULL) {
BNerr(BN_F_BN_SET_WORDS, ERR_R_MALLOC_FAILURE);

23
crypto/external/bsd/openssl/dist/crypto/bn/bn_lcl.h vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -145,7 +145,16 @@ extern "C" {
*/
# ifdef BN_DEBUG
/*
* The new BN_FLG_FIXED_TOP flag marks vectors that were not treated with
* bn_correct_top, in other words such vectors are permitted to have zeros
* in most significant limbs. Such vectors are used internally to achieve
* execution time invariance for critical operations with private keys.
* It's BN_DEBUG-only flag, because user application is not supposed to
* observe it anyway. Moreover, optimizing compiler would actually remove
* all operations manipulating the bit in question in non-BN_DEBUG build.
*/
# define BN_FLG_FIXED_TOP 0x10000
# ifdef BN_DEBUG_RAND
/* To avoid "make update" cvs wars due to BN_DEBUG, use some tricks */
# ifndef RAND_bytes
@ -177,8 +186,10 @@ int RAND_bytes(unsigned char *buf, int num);
do { \
const BIGNUM *_bnum2 = (a); \
if (_bnum2 != NULL) { \
OPENSSL_assert(((_bnum2->top == 0) && !_bnum2->neg) || \
(_bnum2->top && (_bnum2->d[_bnum2->top - 1] != 0))); \
int _top = _bnum2->top; \
OPENSSL_assert((_top == 0 && !_bnum2->neg) || \
(_top && ((_bnum2->flags & BN_FLG_FIXED_TOP) \
|| _bnum2->d[_top - 1] != 0))); \
bn_pollute(_bnum2); \
} \
} while(0)
@ -197,6 +208,7 @@ int RAND_bytes(unsigned char *buf, int num);
# else /* !BN_DEBUG */
# define BN_FLG_FIXED_TOP 0
# define bn_pollute(a)
# define bn_check_top(a)
# define bn_fix_top(a) bn_correct_top(a)
@ -228,7 +240,8 @@ struct bignum_st {
/* Used for montgomery multiplication */
struct bn_mont_ctx_st {
int ri; /* number of bits in R */
BIGNUM RR; /* used to convert to montgomery form */
BIGNUM RR; /* used to convert to montgomery form,
possibly zero-padded */
BIGNUM N; /* The modulus */
BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 (Ni is only
* stored for bignum algorithm) */

85
crypto/external/bsd/openssl/dist/crypto/bn/bn_lib.c vendored
View File

@ -12,6 +12,7 @@
#include "internal/cryptlib.h"
#include "bn_lcl.h"
#include <openssl/opensslconf.h>
#include "internal/constant_time_locl.h"
/* This stuff appears to be completely unused, so is deprecated */
#if OPENSSL_API_COMPAT < 0x00908000L
@ -222,8 +223,6 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
const BN_ULONG *B;
int i;
bn_check_top(b);
if (words > (INT_MAX / (4 * BN_BITS2))) {
BNerr(BN_F_BN_EXPAND_INTERNAL, BN_R_BIGNUM_TOO_LONG);
return NULL;
@ -298,8 +297,6 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
BIGNUM *bn_expand2(BIGNUM *b, int words)
{
bn_check_top(b);
if (words > b->dmax) {
BN_ULONG *a = bn_expand_internal(b, words);
if (!a)
@ -312,7 +309,6 @@ BIGNUM *bn_expand2(BIGNUM *b, int words)
b->dmax = words;
}
bn_check_top(b);
return b;
}
@ -379,12 +375,19 @@ BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b)
memcpy(a->d, b->d, sizeof(b->d[0]) * b->top);
#endif
a->top = b->top;
a->neg = b->neg;
a->top = b->top;
a->flags |= b->flags & BN_FLG_FIXED_TOP;
bn_check_top(a);
return (a);
}
#define FLAGS_DATA(flags) ((flags) & (BN_FLG_STATIC_DATA \
| BN_FLG_CONSTTIME \
| BN_FLG_SECURE \
| BN_FLG_FIXED_TOP))
#define FLAGS_STRUCT(flags) ((flags) & (BN_FLG_MALLOCED))
void BN_swap(BIGNUM *a, BIGNUM *b)
{
int flags_old_a, flags_old_b;
@ -412,10 +415,8 @@ void BN_swap(BIGNUM *a, BIGNUM *b)
b->dmax = tmp_dmax;
b->neg = tmp_neg;
a->flags =
(flags_old_a & BN_FLG_MALLOCED) | (flags_old_b & BN_FLG_STATIC_DATA);
b->flags =
(flags_old_b & BN_FLG_MALLOCED) | (flags_old_a & BN_FLG_STATIC_DATA);
a->flags = FLAGS_STRUCT(flags_old_a) | FLAGS_DATA(flags_old_b);
b->flags = FLAGS_STRUCT(flags_old_b) | FLAGS_DATA(flags_old_a);
bn_check_top(a);
bn_check_top(b);
}
@ -425,8 +426,9 @@ void BN_clear(BIGNUM *a)
bn_check_top(a);
if (a->d != NULL)
OPENSSL_cleanse(a->d, sizeof(*a->d) * a->dmax);
a->top = 0;
a->neg = 0;
a->top = 0;
a->flags &= ~BN_FLG_FIXED_TOP;
}
BN_ULONG BN_get_word(const BIGNUM *a)
@ -447,6 +449,7 @@ int BN_set_word(BIGNUM *a, BN_ULONG w)
a->neg = 0;
a->d[0] = w;
a->top = (w ? 1 : 0);
a->flags &= ~BN_FLG_FIXED_TOP;
bn_check_top(a);
return (1);
}
@ -499,24 +502,29 @@ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
/* ignore negative */
static int bn2binpad(const BIGNUM *a, unsigned char *to, int tolen)
{
int i;
int n;
size_t i, inc, lasti, j;
BN_ULONG l;
bn_check_top(a);
i = BN_num_bytes(a);
n = BN_num_bytes(a);
if (tolen == -1)
tolen = i;
else if (tolen < i)
tolen = n;
else if (tolen < n)
return -1;
/* Add leading zeroes if necessary */
if (tolen > i) {
memset(to, 0, tolen - i);
to += tolen - i;
if (n == 0) {
OPENSSL_cleanse(to, tolen);
return tolen;
}
while (i--) {
lasti = n - 1;
for (i = 0, inc = 1, j = tolen; j > 0;) {
l = a->d[i / BN_BYTES];
*(to++) = (unsigned char)(l >> (8 * (i % BN_BYTES))) & 0xff;
to[--j] = (unsigned char)(l >> (8 * (i % BN_BYTES)) & (0 - inc));
inc = (i - lasti) >> (8 * sizeof(i) - 1);
i += inc; /* stay on top limb */
}
return tolen;
}
@ -683,6 +691,7 @@ int BN_set_bit(BIGNUM *a, int n)
for (k = a->top; k < i + 1; k++)
a->d[k] = 0;
a->top = i + 1;
a->flags &= ~BN_FLG_FIXED_TOP;
}
a->d[i] |= (((BN_ULONG)1) << j);
@ -824,6 +833,34 @@ void BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords)
a->top ^= t;
b->top ^= t;
t = (a->neg ^ b->neg) & condition;
a->neg ^= t;
b->neg ^= t;
/*-
* Idea behind BN_FLG_STATIC_DATA is actually to
* indicate that data may not be written to.
* Intention is actually to treat it as it's
* read-only data, and some (if not most) of it does
* reside in read-only segment. In other words
* observation of BN_FLG_STATIC_DATA in
* BN_consttime_swap should be treated as fatal
* condition. It would either cause SEGV or
* effectively cause data corruption.
* BN_FLG_MALLOCED refers to BN structure itself,
* and hence must be preserved. Remaining flags are
* BN_FLG_CONSTIME and BN_FLG_SECURE. Latter must be
* preserved, because it determines how x->d was
* allocated and hence how to free it. This leaves
* BN_FLG_CONSTTIME that one can do something about.
* To summarize it's sufficient to mask and swap
* BN_FLG_CONSTTIME alone. BN_FLG_STATIC_DATA should
* be treated as fatal.
*/
t = ((a->flags ^ b->flags) & BN_FLG_CONSTTIME) & condition;
a->flags ^= t;
b->flags ^= t;
#define BN_CONSTTIME_SWAP(ind) \
do { \
t = (a->d[ind] ^ b->d[ind]) & condition; \
@ -887,8 +924,9 @@ int BN_security_bits(int L, int N)
void BN_zero_ex(BIGNUM *a)
{
a->top = 0;
a->neg = 0;
a->top = 0;
a->flags &= ~BN_FLG_FIXED_TOP;
}
int BN_abs_is_word(const BIGNUM *a, const BN_ULONG w)
@ -1012,5 +1050,6 @@ void bn_correct_top(BIGNUM *a)
}
if (a->top == 0)
a->neg = 0;
a->flags &= ~BN_FLG_FIXED_TOP;
bn_pollute(a);
}

69
crypto/external/bsd/openssl/dist/crypto/bn/bn_mod.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -35,16 +35,71 @@ int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
/*
* BN_mod_add variant that may be used if both a and b are non-negative and
* less than m
* less than m. The original algorithm was
*
* if (!BN_uadd(r, a, b))
* return 0;
* if (BN_ucmp(r, m) >= 0)
* return BN_usub(r, r, m);
*
* which is replaced with addition, subtracting modulus, and conditional
* move depending on whether or not subtraction borrowed.
*/
int bn_mod_add_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const BIGNUM *m)
{
size_t i, ai, bi, mtop = m->top;
BN_ULONG storage[1024 / BN_BITS2];
BN_ULONG carry, temp, mask, *rp, *tp = storage;
const BN_ULONG *ap, *bp;
if (bn_wexpand(r, mtop) == NULL)
return 0;
if (mtop > sizeof(storage) / sizeof(storage[0])
&& (tp = OPENSSL_malloc(mtop * sizeof(BN_ULONG))) == NULL)
return 0;
ap = a->d != NULL ? a->d : tp;
bp = b->d != NULL ? b->d : tp;
for (i = 0, ai = 0, bi = 0, carry = 0; i < mtop;) {
mask = (BN_ULONG)0 - ((i - a->top) >> (8 * sizeof(i) - 1));
temp = ((ap[ai] & mask) + carry) & BN_MASK2;
carry = (temp < carry);
mask = (BN_ULONG)0 - ((i - b->top) >> (8 * sizeof(i) - 1));
tp[i] = ((bp[bi] & mask) + temp) & BN_MASK2;
carry += (tp[i] < temp);
i++;
ai += (i - a->dmax) >> (8 * sizeof(i) - 1);
bi += (i - b->dmax) >> (8 * sizeof(i) - 1);
}
rp = r->d;
carry -= bn_sub_words(rp, tp, m->d, mtop);
for (i = 0; i < mtop; i++) {
rp[i] = (carry & tp[i]) | (~carry & rp[i]);
((volatile BN_ULONG *)tp)[i] = 0;
}
r->top = mtop;
r->neg = 0;
if (tp != storage)
OPENSSL_free(tp);
return 1;
}
int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const BIGNUM *m)
{
if (!BN_uadd(r, a, b))
return 0;
if (BN_ucmp(r, m) >= 0)
return BN_usub(r, r, m);
return 1;
int ret = bn_mod_add_fixed_top(r, a, b, m);
if (ret)
bn_correct_top(r);
return ret;
}
int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,

69
crypto/external/bsd/openssl/dist/crypto/bn/bn_mont.c vendored
View File

@ -20,29 +20,43 @@
#define MONT_WORD /* use the faster word-based algorithm */
#ifdef MONT_WORD
static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont);
static int bn_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont);
#endif
int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
BN_MONT_CTX *mont, BN_CTX *ctx)
{
int ret = bn_mul_mont_fixed_top(r, a, b, mont, ctx);
bn_correct_top(r);
bn_check_top(r);
return ret;
}
int bn_mul_mont_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
BN_MONT_CTX *mont, BN_CTX *ctx)
{
BIGNUM *tmp;
int ret = 0;
#if defined(OPENSSL_BN_ASM_MONT) && defined(MONT_WORD)
int num = mont->N.top;
#if defined(OPENSSL_BN_ASM_MONT) && defined(MONT_WORD)
if (num > 1 && a->top == num && b->top == num) {
if (bn_wexpand(r, num) == NULL)
return (0);
if (bn_mul_mont(r->d, a->d, b->d, mont->N.d, mont->n0, num)) {
r->neg = a->neg ^ b->neg;
r->top = num;
bn_correct_top(r);
r->flags |= BN_FLG_FIXED_TOP;
return (1);
}
}
#endif
if ((a->top + b->top) > 2 * num)
return 0;
BN_CTX_start(ctx);
tmp = BN_CTX_get(ctx);
if (tmp == NULL)
@ -58,13 +72,12 @@ int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
}
/* reduce from aRR to aR */
#ifdef MONT_WORD
if (!BN_from_montgomery_word(r, tmp, mont))
if (!bn_from_montgomery_word(r, tmp, mont))
goto err;
#else
if (!BN_from_montgomery(r, tmp, mont, ctx))
goto err;
#endif
bn_check_top(r);
ret = 1;
err:
BN_CTX_end(ctx);
@ -72,7 +85,7 @@ int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
}
#ifdef MONT_WORD
static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
static int bn_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
{
BIGNUM *n;
BN_ULONG *ap, *np, *rp, n0, v, carry;
@ -99,6 +112,7 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
memset(&rp[r->top], 0, sizeof(*rp) * i);
r->top = max;
r->flags |= BN_FLG_FIXED_TOP;
n0 = mont->n0[0];
/*
@ -117,6 +131,7 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
if (bn_wexpand(ret, nl) == NULL)
return (0);
ret->top = nl;
ret->flags |= BN_FLG_FIXED_TOP;
ret->neg = r->neg;
rp = ret->d;
@ -127,20 +142,16 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
*/
ap = &(r->d[nl]);
carry -= bn_sub_words(rp, ap, np, nl);
/*
* |v| is one if |ap| - |np| underflowed or zero if it did not. Note |v|
* cannot be -1. That would imply the subtraction did not fit in |nl| words,
* and we know at most one subtraction is needed.
* |carry| is -1 if |ap| - |np| underflowed or zero if it did not. Note
* |carry| cannot be 1. That would imply the subtraction did not fit in
* |nl| words, and we know at most one subtraction is needed.
*/
v = bn_sub_words(rp, ap, np, nl) - carry;
v = 0 - v;
for (i = 0; i < nl; i++) {
rp[i] = (v & ap[i]) | (~v & rp[i]);
rp[i] = (carry & ap[i]) | (~carry & rp[i]);
ap[i] = 0;
}
bn_correct_top(r);
bn_correct_top(ret);
bn_check_top(ret);
return (1);
}
@ -154,8 +165,11 @@ int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,
BIGNUM *t;
BN_CTX_start(ctx);
if ((t = BN_CTX_get(ctx)) && BN_copy(t, a))
retn = BN_from_montgomery_word(ret, t, mont);
if ((t = BN_CTX_get(ctx)) && BN_copy(t, a)) {
retn = bn_from_montgomery_word(ret, t, mont);
bn_correct_top(ret);
bn_check_top(ret);
}
BN_CTX_end(ctx);
#else /* !MONT_WORD */
BIGNUM *t1, *t2;
@ -193,6 +207,12 @@ int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,
return (retn);
}
int bn_to_mont_fixed_top(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
BN_CTX *ctx)
{
return bn_mul_mont_fixed_top(r, a, &(mont->RR), mont, ctx);
}
BN_MONT_CTX *BN_MONT_CTX_new(void)
{
BN_MONT_CTX *ret;
@ -229,7 +249,7 @@ void BN_MONT_CTX_free(BN_MONT_CTX *mont)
int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
{
int ret = 0;
int i, ret = 0;
BIGNUM *Ri, *R;
if (BN_is_zero(mod))
@ -278,7 +298,9 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
if ((buf[1] = mod->top > 1 ? mod->d[1] : 0))
tmod.top = 2;
if ((BN_mod_inverse(Ri, R, &tmod, ctx)) == NULL)
if (BN_is_one(&tmod))
BN_zero(Ri);
else if ((BN_mod_inverse(Ri, R, &tmod, ctx)) == NULL)
goto err;
if (!BN_lshift(Ri, Ri, 2 * BN_BITS2))
goto err; /* R*Ri */
@ -311,7 +333,9 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
buf[1] = 0;
tmod.top = buf[0] != 0 ? 1 : 0;
/* Ri = R^-1 mod N */
if ((BN_mod_inverse(Ri, R, &tmod, ctx)) == NULL)
if (BN_is_one(&tmod))
BN_zero(Ri);
else if ((BN_mod_inverse(Ri, R, &tmod, ctx)) == NULL)
goto err;
if (!BN_lshift(Ri, Ri, BN_BITS2))
goto err; /* R*Ri */
@ -360,6 +384,11 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
if (!BN_mod(&(mont->RR), &(mont->RR), &(mont->N), ctx))
goto err;
for (i = mont->RR.top, ret = mont->N.top; i < ret; i++)
mont->RR.d[i] = 0;
mont->RR.top = ret;
mont->RR.flags |= BN_FLG_FIXED_TOP;
ret = 1;
err:
BN_CTX_end(ctx);

12
crypto/external/bsd/openssl/dist/crypto/bn/bn_sqr.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -82,14 +82,8 @@ int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
}
rr->neg = 0;
/*
* If the most-significant half of the top word of 'a' is zero, then the
* square of 'a' will max-1 words.
*/
if (a->d[al - 1] == (a->d[al - 1] & BN_MASK2l))
rr->top = max - 1;
else
rr->top = max;
rr->top = max;
bn_correct_top(rr);
if (r != rr && BN_copy(r, rr) == NULL)
goto err;

1
crypto/external/bsd/openssl/dist/crypto/build.info vendored
View File

@ -1,4 +1,3 @@
{- use File::Spec::Functions qw/catdir catfile/; -}
LIBS=../libcrypto
SOURCE[../libcrypto]=\
cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c cpt_err.c \

4
crypto/external/bsd/openssl/dist/crypto/chacha/asm/chacha-x86.pl vendored
View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -61,7 +61,7 @@ $ymm=1 if ($xmm && !$ymm && $ARGV[0] eq "win32" &&
$1>=10); # first version supporting AVX
$ymm=1 if ($xmm && !$ymm &&
`$ENV{CC} -v 2>&1` =~ /(^clang version|based on LLVM) ([3-9]\.[0-9]+)/ &&
`$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([3-9]\.[0-9]+)/ &&
$2>=3.0); # first version supporting AVX
$a="eax";

3
crypto/external/bsd/openssl/dist/crypto/cms/cms_env.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -282,6 +282,7 @@ int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey)
CMSerr(CMS_F_CMS_RECIPIENTINFO_SET0_PKEY, CMS_R_NOT_KEY_TRANSPORT);
return 0;
}
EVP_PKEY_free(ri->d.ktri->pkey);
ri->d.ktri->pkey = pkey;
return 1;
}

3
crypto/external/bsd/openssl/dist/crypto/cms/cms_smime.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -631,6 +631,7 @@ int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
* all.
*/
else if (!cert || !CMS_RecipientInfo_ktri_cert_cmp(ri, cert)) {
EVP_PKEY_up_ref(pk);
CMS_RecipientInfo_set0_pkey(ri, pk);
r = CMS_RecipientInfo_decrypt(cms, ri);
CMS_RecipientInfo_set0_pkey(ri, NULL);

2
crypto/external/bsd/openssl/dist/crypto/conf/build.info vendored
View File

@ -1,4 +1,4 @@
LIBS=../../libcrypto
SOURCE[../../libcrypto]= \
conf_err.c conf_lib.c conf_api.c conf_def.c conf_mod.c \
conf_mall.c conf_sap.c
conf_mall.c conf_sap.c conf_ssl.c

6
crypto/external/bsd/openssl/dist/crypto/conf/conf_api.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -205,10 +205,14 @@ CONF_VALUE *_CONF_new_section(CONF *conf, const char *section)
vv = lh_CONF_VALUE_insert(conf->data, v);
OPENSSL_assert(vv == NULL);
if (lh_CONF_VALUE_error(conf->data) > 0)
goto err;
return v;
err:
sk_CONF_VALUE_free(sk);
if (v != NULL)
OPENSSL_free(v->section);
OPENSSL_free(v);
return NULL;
}

9
crypto/external/bsd/openssl/dist/crypto/conf/conf_err.c vendored
View File

@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -37,6 +37,7 @@ static ERR_STRING_DATA CONF_str_functs[] = {
{ERR_FUNC(CONF_F_NCONF_LOAD_BIO), "NCONF_load_bio"},
{ERR_FUNC(CONF_F_NCONF_LOAD_FP), "NCONF_load_fp"},
{ERR_FUNC(CONF_F_NCONF_NEW), "NCONF_new"},
{ERR_FUNC(CONF_F_SSL_MODULE_INIT), "ssl_module_init"},
{ERR_FUNC(CONF_F_STR_COPY), "str_copy"},
{0, NULL}
};
@ -57,6 +58,12 @@ static ERR_STRING_DATA CONF_str_reasons[] = {
{ERR_REASON(CONF_R_NO_SECTION), "no section"},
{ERR_REASON(CONF_R_NO_SUCH_FILE), "no such file"},
{ERR_REASON(CONF_R_NO_VALUE), "no value"},
{ERR_REASON(CONF_R_SSL_COMMAND_SECTION_EMPTY),
"ssl command section empty"},
{ERR_REASON(CONF_R_SSL_COMMAND_SECTION_NOT_FOUND),
"ssl command section not found"},
{ERR_REASON(CONF_R_SSL_SECTION_EMPTY), "ssl section empty"},
{ERR_REASON(CONF_R_SSL_SECTION_NOT_FOUND), "ssl section not found"},
{ERR_REASON(CONF_R_UNABLE_TO_CREATE_NEW_SECTION),
"unable to create new section"},
{ERR_REASON(CONF_R_UNKNOWN_MODULE_NAME), "unknown module name"},

11
crypto/external/bsd/openssl/dist/crypto/conf/conf_lcl.h vendored Normal file
View File

@ -0,0 +1,11 @@
/*
* Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
void conf_add_ssl_module(void);

4
crypto/external/bsd/openssl/dist/crypto/conf/conf_mall.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -14,6 +14,7 @@
#include <openssl/x509.h>
#include <openssl/asn1.h>
#include <openssl/engine.h>
#include "conf_lcl.h"
/* Load all OpenSSL builtin modules */
@ -26,4 +27,5 @@ void OPENSSL_load_builtin_modules(void)
ENGINE_add_conf_module();
#endif
EVP_add_alg_module();
conf_add_ssl_module();
}

178
crypto/external/bsd/openssl/dist/crypto/conf/conf_ssl.c vendored Normal file
View File

@ -0,0 +1,178 @@
/*
* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <string.h>
#include <openssl/conf.h>
#include <openssl/err.h>
#include "internal/sslconf.h"
#include "conf_lcl.h"
/*
* SSL library configuration module placeholder. We load it here but defer
* all decisions about its contents to libssl.
*/
struct ssl_conf_name_st {
/* Name of this set of commands */
char *name;
/* List of commands */
SSL_CONF_CMD *cmds;
/* Number of commands */
size_t cmd_count;
};
struct ssl_conf_cmd_st {
/* Command */
char *cmd;
/* Argument */
char *arg;
};
static struct ssl_conf_name_st *ssl_names;
static size_t ssl_names_count;
static void ssl_module_free(CONF_IMODULE *md)
{
size_t i, j;
if (ssl_names == NULL)
return;
for (i = 0; i < ssl_names_count; i++) {
struct ssl_conf_name_st *tname = ssl_names + i;
OPENSSL_free(tname->name);
for (j = 0; j < tname->cmd_count; j++) {
OPENSSL_free(tname->cmds[j].cmd);
OPENSSL_free(tname->cmds[j].arg);
}
OPENSSL_free(tname->cmds);
}
OPENSSL_free(ssl_names);
ssl_names = NULL;
ssl_names_count = 0;
}
static int ssl_module_init(CONF_IMODULE *md, const CONF *cnf)
{
size_t i, j, cnt;
int rv = 0;
const char *ssl_conf_section;
STACK_OF(CONF_VALUE) *cmd_lists;
ssl_conf_section = CONF_imodule_get_value(md);
cmd_lists = NCONF_get_section(cnf, ssl_conf_section);
if (sk_CONF_VALUE_num(cmd_lists) <= 0) {
if (cmd_lists == NULL)
CONFerr(CONF_F_SSL_MODULE_INIT, CONF_R_SSL_SECTION_NOT_FOUND);
else
CONFerr(CONF_F_SSL_MODULE_INIT, CONF_R_SSL_SECTION_EMPTY);
ERR_add_error_data(2, "section=", ssl_conf_section);
goto err;
}
cnt = sk_CONF_VALUE_num(cmd_lists);
ssl_names = OPENSSL_zalloc(sizeof(*ssl_names) * cnt);
ssl_names_count = cnt;
for (i = 0; i < ssl_names_count; i++) {
struct ssl_conf_name_st *ssl_name = ssl_names + i;
CONF_VALUE *sect = sk_CONF_VALUE_value(cmd_lists, (int)i);
STACK_OF(CONF_VALUE) *cmds = NCONF_get_section(cnf, sect->value);
if (sk_CONF_VALUE_num(cmds) <= 0) {
if (cmds == NULL)
CONFerr(CONF_F_SSL_MODULE_INIT,
CONF_R_SSL_COMMAND_SECTION_NOT_FOUND);
else
CONFerr(CONF_F_SSL_MODULE_INIT,
CONF_R_SSL_COMMAND_SECTION_EMPTY);
ERR_add_error_data(4, "name=", sect->name, ", value=", sect->value);
goto err;
}
ssl_name->name = OPENSSL_strdup(sect->name);
if (ssl_name->name == NULL)
goto err;
cnt = sk_CONF_VALUE_num(cmds);
ssl_name->cmds = OPENSSL_zalloc(cnt * sizeof(struct ssl_conf_cmd_st));
if (ssl_name->cmds == NULL)
goto err;
ssl_name->cmd_count = cnt;
for (j = 0; j < cnt; j++) {
const char *name;
CONF_VALUE *cmd_conf = sk_CONF_VALUE_value(cmds, (int)j);
struct ssl_conf_cmd_st *cmd = ssl_name->cmds + j;
/* Skip any initial dot in name */
name = strchr(cmd_conf->name, '.');
if (name != NULL)
name++;
else
name = cmd_conf->name;
cmd->cmd = OPENSSL_strdup(name);
cmd->arg = OPENSSL_strdup(cmd_conf->value);
if (cmd->cmd == NULL || cmd->arg == NULL)
goto err;
}
}
rv = 1;
err:
if (rv == 0)
ssl_module_free(md);
return rv;
}
/*
* Returns the set of commands with index |idx| previously searched for via
* conf_ssl_name_find. Also stores the name of the set of commands in |*name|
* and the number of commands in the set in |*cnt|.
*/
const SSL_CONF_CMD *conf_ssl_get(size_t idx, const char **name, size_t *cnt)
{
*name = ssl_names[idx].name;
*cnt = ssl_names[idx].cmd_count;
return ssl_names[idx].cmds;
}
/*
* Search for the named set of commands given in |name|. On success return the
* index for the command set in |*idx|.
* Returns 1 on success or 0 on failure.
*/
int conf_ssl_name_find(const char *name, size_t *idx)
{
size_t i;
const struct ssl_conf_name_st *nm;
if (name == NULL)
return 0;
for (i = 0, nm = ssl_names; i < ssl_names_count; i++, nm++) {
if (strcmp(nm->name, name) == 0) {
*idx = i;
return 1;
}
}
return 0;
}
/*
* Given a command set |cmd|, return details on the command at index |idx| which
* must be less than the number of commands in the set (as returned by
* conf_ssl_get). The name of the command will be returned in |*cmdstr| and the
* argument is returned in |*arg|.
*/
void conf_ssl_get_cmd(const SSL_CONF_CMD *cmd, size_t idx, char **cmdstr,
char **arg)
{
*cmdstr = cmd[idx].cmd;
*arg = cmd[idx].arg;
}
void conf_add_ssl_module(void)
{
CONF_module_add("ssl_conf", ssl_module_init, ssl_module_free);
}

112
crypto/external/bsd/openssl/dist/crypto/cryptlib.c vendored
View File

@ -23,29 +23,97 @@
extern unsigned int OPENSSL_ia32cap_P[4];
# if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM) && !defined(I386_ONLY)
#include <stdio.h>
/*
* Purpose of these minimalistic and character-type-agnostic subroutines
* is to break dependency on MSVCRT (on Windows) and locale. This makes
* OPENSSL_cpuid_setup safe to use as "constructor". "Character-type-
* agnostic" means that they work with either wide or 8-bit characters,
* exploiting the fact that first 127 characters can be simply casted
* between the sets, while the rest would be simply rejected by ossl_is*
* subroutines.
*/
# ifdef _WIN32
typedef WCHAR variant_char;
static variant_char *ossl_getenv(const char *name)
{
/*
* Since we pull only one environment variable, it's simpler to
* to just ignore |name| and use equivalent wide-char L-literal.
* As well as to ignore excessively long values...
*/
static WCHAR value[48];
DWORD len = GetEnvironmentVariableW(L"OPENSSL_ia32cap", value, 48);
return (len > 0 && len < 48) ? value : NULL;
}
# else
typedef char variant_char;
# define ossl_getenv getenv
# endif
static int todigit(variant_char c)
{
if (c >= '0' && c <= '9')
return c - '0';
else if (c >= 'A' && c <= 'F')
return c - 'A' + 10;
else if (c >= 'a' && c <= 'f')
return c - 'a' + 10;
/* return largest base value to make caller terminate the loop */
return 16;
}
static uint64_t ossl_strtouint64(const variant_char *str)
{
uint64_t ret = 0;
unsigned int digit, base = 10;
if (*str == '0') {
base = 8, str++;
if (*str == 'x' || *str == 'X')
base = 16, str++;
}
while((digit = todigit(*str++)) < base)
ret = ret * base + digit;
return ret;
}
static variant_char *ossl_strchr(const variant_char *str, char srch)
{ variant_char c;
while((c = *str)) {
if (c == srch)
return (variant_char *)str;
str++;
}
return NULL;
}
# define OPENSSL_CPUID_SETUP
typedef uint64_t IA32CAP;
void OPENSSL_cpuid_setup(void)
{
static int trigger = 0;
IA32CAP OPENSSL_ia32_cpuid(unsigned int *);
IA32CAP vec;
char *env;
const variant_char *env;
if (trigger)
return;
trigger = 1;
if ((env = getenv("OPENSSL_ia32cap"))) {
if ((env = ossl_getenv("OPENSSL_ia32cap")) != NULL) {
int off = (env[0] == '~') ? 1 : 0;
# if defined(_WIN32)
if (!sscanf(env + off, "%I64i", &vec))
vec = strtoul(env + off, NULL, 0);
# else
if (!sscanf(env + off, "%lli", (long long *)&vec))
vec = strtoul(env + off, NULL, 0);
# endif
vec = ossl_strtouint64(env + off);
if (off) {
IA32CAP mask = vec;
vec = OPENSSL_ia32_cpuid(OPENSSL_ia32cap_P) & ~mask;
@ -64,15 +132,17 @@ void OPENSSL_cpuid_setup(void)
vec = OPENSSL_ia32_cpuid(OPENSSL_ia32cap_P);
}
if ((env = strchr(env, ':'))) {
unsigned int vecx;
if ((env = ossl_strchr(env, ':')) != NULL) {
IA32CAP vecx;
env++;
off = (env[0] == '~') ? 1 : 0;
vecx = strtoul(env + off, NULL, 0);
if (off)
OPENSSL_ia32cap_P[2] &= ~vecx;
else
OPENSSL_ia32cap_P[2] = vecx;
vecx = ossl_strtouint64(env + off);
if (off) {
OPENSSL_ia32cap_P[2] &= ~(unsigned int)vecx;
} else {
OPENSSL_ia32cap_P[2] = (unsigned int)vecx;
}
} else {
OPENSSL_ia32cap_P[2] = 0;
}
@ -128,10 +198,14 @@ int OPENSSL_isservice(void)
if (_OPENSSL_isservice.p == NULL) {
HANDLE mod = GetModuleHandle(NULL);
FARPROC f;
if (mod != NULL)
_OPENSSL_isservice.f = GetProcAddress(mod, "_OPENSSL_isservice");
if (_OPENSSL_isservice.p == NULL)
f = GetProcAddress(mod, "_OPENSSL_isservice");
if (f == NULL)
_OPENSSL_isservice.p = (void *)-1;
else
_OPENSSL_isservice.f = f;
}
if (_OPENSSL_isservice.p != (void *)-1)

9
crypto/external/bsd/openssl/dist/crypto/dh/dh_key.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -78,10 +78,15 @@ static int generate_key(DH *dh)
int ok = 0;
int generate_new_key = 0;
unsigned l;
BN_CTX *ctx;
BN_CTX *ctx = NULL;
BN_MONT_CTX *mont = NULL;
BIGNUM *pub_key = NULL, *priv_key = NULL;
if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) {
DHerr(DH_F_GENERATE_KEY, DH_R_MODULUS_TOO_LARGE);
return 0;
}
ctx = BN_CTX_new();
if (ctx == NULL)
goto err;

4
crypto/external/bsd/openssl/dist/crypto/dh/dh_meth.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -75,7 +75,7 @@ int DH_meth_set1_name(DH_METHOD *dhm, const char *name)
return 1;
}
int DH_meth_get_flags(DH_METHOD *dhm)
int DH_meth_get_flags(const DH_METHOD *dhm)
{
return dhm->flags;
}

3
crypto/external/bsd/openssl/dist/crypto/dsa/dsa_err.c vendored
View File

@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -40,6 +40,7 @@ static ERR_STRING_DATA DSA_str_functs[] = {
{ERR_FUNC(DSA_F_DSA_SIG_NEW), "DSA_SIG_new"},
{ERR_FUNC(DSA_F_OLD_DSA_PRIV_DECODE), "old_dsa_priv_decode"},
{ERR_FUNC(DSA_F_PKEY_DSA_CTRL), "pkey_dsa_ctrl"},
{ERR_FUNC(DSA_F_PKEY_DSA_CTRL_STR), "pkey_dsa_ctrl_str"},
{ERR_FUNC(DSA_F_PKEY_DSA_KEYGEN), "pkey_dsa_keygen"},
{0, NULL}
};

15
crypto/external/bsd/openssl/dist/crypto/dsa/dsa_gen.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -64,9 +64,16 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
/* invalid q size */
return 0;
if (evpmd == NULL)
/* use SHA1 as default */
evpmd = EVP_sha1();
if (evpmd == NULL) {
if (qsize == SHA_DIGEST_LENGTH)
evpmd = EVP_sha1();
else if (qsize == SHA224_DIGEST_LENGTH)
evpmd = EVP_sha224();
else
evpmd = EVP_sha256();
} else {
qsize = EVP_MD_size(evpmd);
}
if (bits < 512)
bits = 512;

4
crypto/external/bsd/openssl/dist/crypto/dsa/dsa_meth.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -83,7 +83,7 @@ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name)
return 1;
}
int DSA_meth_get_flags(DSA_METHOD *dsam)
int DSA_meth_get_flags(const DSA_METHOD *dsam)
{
return dsam->flags;
}

68
crypto/external/bsd/openssl/dist/crypto/dsa/dsa_ossl.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -61,19 +61,13 @@ const DSA_METHOD *DSA_OpenSSL(void)
static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
{
BIGNUM *kinv = NULL;
BIGNUM *m;
BIGNUM *xr;
BIGNUM *m, *blind, *blindm, *tmp;
BN_CTX *ctx = NULL;
int reason = ERR_R_BN_LIB;
DSA_SIG *ret = NULL;
int rv = 0;
m = BN_new();
xr = BN_new();
if (m == NULL || xr == NULL)
goto err;
if (!dsa->p || !dsa->q || !dsa->g) {
if (dsa->p == NULL || dsa->q == NULL || dsa->g == NULL) {
reason = DSA_R_MISSING_PARAMETERS;
goto err;
}
@ -89,6 +83,13 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
ctx = BN_CTX_new();
if (ctx == NULL)
goto err;
m = BN_CTX_get(ctx);
blind = BN_CTX_get(ctx);
blindm = BN_CTX_get(ctx);
tmp = BN_CTX_get(ctx);
if (tmp == NULL)
goto err;
redo:
if (!dsa_sign_setup(dsa, ctx, &kinv, &ret->r, dgst, dlen))
goto err;
@ -103,17 +104,50 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
if (BN_bin2bn(dgst, dlen, m) == NULL)
goto err;
/* Compute s = inv(k) (m + xr) mod q */
if (!BN_mod_mul(xr, dsa->priv_key, ret->r, dsa->q, ctx))
goto err; /* s = xr */
if (!BN_add(ret->s, xr, m))
goto err; /* s = m + xr */
if (BN_cmp(ret->s, dsa->q) > 0)
if (!BN_sub(ret->s, ret->s, dsa->q))
/*
* The normal signature calculation is:
*
* s := k^-1 * (m + r * priv_key) mod q
*
* We will blind this to protect against side channel attacks
*
* s := blind^-1 * k^-1 * (blind * m + blind * r * priv_key) mod q
*/
/* Generate a blinding value */
do {
if (!BN_rand(blind, BN_num_bits(dsa->q) - 1, BN_RAND_TOP_ANY,
BN_RAND_BOTTOM_ANY))
goto err;
} while (BN_is_zero(blind));
BN_set_flags(blind, BN_FLG_CONSTTIME);
BN_set_flags(blindm, BN_FLG_CONSTTIME);
BN_set_flags(tmp, BN_FLG_CONSTTIME);
/* tmp := blind * priv_key * r mod q */
if (!BN_mod_mul(tmp, blind, dsa->priv_key, dsa->q, ctx))
goto err;
if (!BN_mod_mul(tmp, tmp, ret->r, dsa->q, ctx))
goto err;
/* blindm := blind * m mod q */
if (!BN_mod_mul(blindm, blind, m, dsa->q, ctx))
goto err;
/* s : = (blind * priv_key * r) + (blind * m) mod q */
if (!BN_mod_add_quick(ret->s, tmp, blindm, dsa->q))
goto err;
/* s := s * k^-1 mod q */
if (!BN_mod_mul(ret->s, ret->s, kinv, dsa->q, ctx))
goto err;
/* s:= s * blind^-1 mod q */
if (BN_mod_inverse(blind, blind, dsa->q, ctx) == NULL)
goto err;
if (!BN_mod_mul(ret->s, ret->s, blind, dsa->q, ctx))
goto err;
/*
* Redo if r or s is zero as required by FIPS 186-3: this is very
* unlikely.
@ -130,8 +164,6 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
ret = NULL;
}
BN_CTX_free(ctx);
BN_clear_free(m);
BN_clear_free(xr);
BN_clear_free(kinv);
return ret;
}

28
crypto/external/bsd/openssl/dist/crypto/dsa/dsa_pmeth.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -76,13 +76,8 @@ static int pkey_dsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
DSA_PKEY_CTX *dctx = ctx->data;
DSA *dsa = ctx->pkey->pkey.dsa;
if (dctx->md) {
if (tbslen != (size_t)EVP_MD_size(dctx->md))
return 0;
} else {
if (tbslen != SHA_DIGEST_LENGTH)
return 0;
}
if (dctx->md != NULL && tbslen != (size_t)EVP_MD_size(dctx->md))
return 0;
ret = DSA_sign(0, tbs, tbslen, sig, &sltmp, dsa);
@ -100,13 +95,8 @@ static int pkey_dsa_verify(EVP_PKEY_CTX *ctx,
DSA_PKEY_CTX *dctx = ctx->data;
DSA *dsa = ctx->pkey->pkey.dsa;
if (dctx->md) {
if (tbslen != (size_t)EVP_MD_size(dctx->md))
return 0;
} else {
if (tbslen != SHA_DIGEST_LENGTH)
return 0;
}
if (dctx->md != NULL && tbslen != (size_t)EVP_MD_size(dctx->md))
return 0;
ret = DSA_verify(0, tbs, tbslen, sig, siglen, dsa);
@ -187,9 +177,15 @@ static int pkey_dsa_ctrl_str(EVP_PKEY_CTX *ctx,
NULL);
}
if (strcmp(type, "dsa_paramgen_md") == 0) {
const EVP_MD *md = EVP_get_digestbyname(value);
if (md == NULL) {
DSAerr(DSA_F_PKEY_DSA_CTRL_STR, DSA_R_INVALID_DIGEST_TYPE);
return 0;
}
return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN,
EVP_PKEY_CTRL_DSA_PARAMGEN_MD, 0,
(void *)EVP_get_digestbyname(value));
(void *)md);
}
return -2;
}

83
crypto/external/bsd/openssl/dist/crypto/dso/dso_dlfcn.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -26,7 +26,7 @@
# endif
# include <dlfcn.h>
# define HAVE_DLINFO 1
# if defined(_AIX) || defined(__CYGWIN__) || \
# if defined(__CYGWIN__) || \
defined(__SCO_VERSION__) || defined(_SCO_ELF) || \
(defined(__osf__) && !defined(RTLD_NEXT)) || \
(defined(__OpenBSD__) && !defined(RTLD_SELF)) || \
@ -308,6 +308,76 @@ static int dladdr(void *address, Dl_info *dl)
}
# endif /* __sgi */
# ifdef _AIX
/*-
* See IBM's AIX Version 7.2, Technical Reference:
* Base Operating System and Extensions, Volume 1 and 2
* https://www.ibm.com/support/knowledgecenter/ssw_aix_72/com.ibm.aix.base/technicalreferences.htm
*/
# include <sys/ldr.h>
# include <errno.h>
/* ~ 64 * (sizeof(struct ld_info) + _XOPEN_PATH_MAX + _XOPEN_NAME_MAX) */
# define DLFCN_LDINFO_SIZE 86976
typedef struct Dl_info {
const char *dli_fname;
} Dl_info;
/*
* This dladdr()-implementation will also find the ptrgl (Pointer Glue) virtual
* address of a function, which is just located in the DATA segment instead of
* the TEXT segment.
*/
static int dladdr(void *ptr, Dl_info *dl)
{
uintptr_t addr = (uintptr_t)ptr;
unsigned int found = 0;
struct ld_info *ldinfos, *next_ldi, *this_ldi;
if ((ldinfos = (struct ld_info *)OPENSSL_malloc(DLFCN_LDINFO_SIZE)) == NULL) {
errno = ENOMEM;
dl->dli_fname = NULL;
return 0;
}
if ((loadquery(L_GETINFO, (void *)ldinfos, DLFCN_LDINFO_SIZE)) < 0) {
/*-
* Error handling is done through errno and dlerror() reading errno:
* ENOMEM (ldinfos buffer is too small),
* EINVAL (invalid flags),
* EFAULT (invalid ldinfos ptr)
*/
OPENSSL_free((void *)ldinfos);
dl->dli_fname = NULL;
return 0;
}
next_ldi = ldinfos;
do {
this_ldi = next_ldi;
if (((addr >= (uintptr_t)this_ldi->ldinfo_textorg)
&& (addr < ((uintptr_t)this_ldi->ldinfo_textorg +
this_ldi->ldinfo_textsize)))
|| ((addr >= (uintptr_t)this_ldi->ldinfo_dataorg)
&& (addr < ((uintptr_t)this_ldi->ldinfo_dataorg +
this_ldi->ldinfo_datasize)))) {
found = 1;
/*
* Ignoring the possibility of a member name and just returning
* the path name. See docs: sys/ldr.h, loadquery() and
* dlopen()/RTLD_MEMBER.
*/
if ((dl->dli_fname =
OPENSSL_strdup(this_ldi->ldinfo_filename)) == NULL)
errno = ENOMEM;
} else {
next_ldi =
(struct ld_info *)((uintptr_t)this_ldi + this_ldi->ldinfo_next);
}
} while (this_ldi->ldinfo_next && !found);
OPENSSL_free((void *)ldinfos);
return (found && dl->dli_fname != NULL);
}
# endif /* _AIX */
static int dlfcn_pathbyaddr(void *addr, char *path, int sz)
{
# ifdef HAVE_DLINFO
@ -326,12 +396,19 @@ static int dlfcn_pathbyaddr(void *addr, char *path, int sz)
if (dladdr(addr, &dli)) {
len = (int)strlen(dli.dli_fname);
if (sz <= 0)
if (sz <= 0) {
# ifdef _AIX
OPENSSL_free((void *)dli.dli_fname);
# endif
return len + 1;
}
if (len >= sz)
len = sz - 1;
memcpy(path, dli.dli_fname, len);
path[len++] = 0;
# ifdef _AIX
OPENSSL_free((void *)dli.dli_fname);
# endif
return len;
}

12
crypto/external/bsd/openssl/dist/crypto/ec/asm/ecp_nistz256-armv4.pl vendored
View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -894,13 +894,13 @@ ecp_nistz256_scatter_w7:
.Loop_scatter_w7:
ldr $mask,[$inp],#4
subs $index,$index,#1
strb $mask,[$out,#64*0-1]
strb $mask,[$out,#64*0]
mov $mask,$mask,lsr#8
strb $mask,[$out,#64*1-1]
strb $mask,[$out,#64*1]
mov $mask,$mask,lsr#8
strb $mask,[$out,#64*2-1]
strb $mask,[$out,#64*2]
mov $mask,$mask,lsr#8
strb $mask,[$out,#64*3-1]
strb $mask,[$out,#64*3]
add $out,$out,#64*4
bne .Loop_scatter_w7
@ -1633,7 +1633,7 @@ ___
$code.=<<___;
.Ladd_done:
add sp,sp,#32*18+16+16 @ +16 means "skip even over saved r0-r3"
#if __ARM_ARCH__>=5 || defined(__thumb__)
#if __ARM_ARCH__>=5 || !defined(__thumb__)
ldmia sp!,{r4-r12,pc}
#else
ldmia sp!,{r4-r12,lr}

18
crypto/external/bsd/openssl/dist/crypto/ec/asm/ecp_nistz256-armv8.pl vendored
View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -1477,21 +1477,21 @@ ecp_nistz256_scatter_w7:
prfm pstl1strm,[$out,#4096+64*5]
prfm pstl1strm,[$out,#4096+64*6]
prfm pstl1strm,[$out,#4096+64*7]
strb w3,[$out,#64*0-1]
strb w3,[$out,#64*0]
lsr x3,x3,#8
strb w3,[$out,#64*1-1]
strb w3,[$out,#64*1]
lsr x3,x3,#8
strb w3,[$out,#64*2-1]
strb w3,[$out,#64*2]
lsr x3,x3,#8
strb w3,[$out,#64*3-1]
strb w3,[$out,#64*3]
lsr x3,x3,#8
strb w3,[$out,#64*4-1]
strb w3,[$out,#64*4]
lsr x3,x3,#8
strb w3,[$out,#64*5-1]
strb w3,[$out,#64*5]
lsr x3,x3,#8
strb w3,[$out,#64*6-1]
strb w3,[$out,#64*6]
lsr x3,x3,#8
strb w3,[$out,#64*7-1]
strb w3,[$out,#64*7]
add $out,$out,#64*8
b.ne .Loop_scatter_w7

4
crypto/external/bsd/openssl/dist/crypto/ec/asm/ecp_nistz256-avx2.pl vendored
View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -67,7 +67,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$addx = ($1>=12);
}
if (!$addx && `$ENV{CC} -v 2>&1` =~ /(^clang version|based on LLVM) ([3-9])\.([0-9]+)/) {
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([3-9])\.([0-9]+)/) {
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
$avx = ($ver>=3.0) + ($ver>=3.01);
$addx = ($ver>=3.03);

10
crypto/external/bsd/openssl/dist/crypto/ec/asm/ecp_nistz256-sparcv9.pl vendored
View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -1531,13 +1531,13 @@ ecp_nistz256_scatter_w7:
ld [$inp],%l0
add $inp,4,$inp
subcc $index,1,$index
stb %l0,[$out+64*0-1]
stb %l0,[$out+64*0]
srl %l0,8,%l1
stb %l1,[$out+64*1-1]
stb %l1,[$out+64*1]
srl %l0,16,%l2
stb %l2,[$out+64*2-1]
stb %l2,[$out+64*2]
srl %l0,24,%l3
stb %l3,[$out+64*3-1]
stb %l3,[$out+64*3]
bne .Loop_scatter_w7
add $out,64*4,$out

4
crypto/external/bsd/openssl/dist/crypto/ec/asm/ecp_nistz256-x86.pl vendored
View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -1179,7 +1179,7 @@ for ($i=0;$i<7;$i++) {
&mov ("esi",&wparam(1));
&mov ("ebp",&wparam(2));
&lea ("edi",&DWP(-1,"edi","ebp"));
&lea ("edi",&DWP(0,"edi","ebp"));
&mov ("ebp",64/4);
&set_label("scatter_w7_loop");
&mov ("eax",&DWP(0,"esi"));

3
crypto/external/bsd/openssl/dist/crypto/ec/ec2_smpl.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -330,6 +330,7 @@ int ec_GF2m_simple_point_copy(EC_POINT *dest, const EC_POINT *src)
if (!BN_copy(dest->Z, src->Z))
return 0;
dest->Z_is_one = src->Z_is_one;
dest->curve_name = src->curve_name;
return 1;
}

13
crypto/external/bsd/openssl/dist/crypto/ec/ec_ameth.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -92,19 +92,19 @@ static int eckey_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
static EC_KEY *eckey_type2param(int ptype, const void *pval)
{
EC_KEY *eckey = NULL;
EC_GROUP *group = NULL;
if (ptype == V_ASN1_SEQUENCE) {
const ASN1_STRING *pstr = pval;
const unsigned char *pm = NULL;
int pmlen;
pm = pstr->data;
pmlen = pstr->length;
const unsigned char *pm = pstr->data;
int pmlen = pstr->length;
if ((eckey = d2i_ECParameters(NULL, &pm, pmlen)) == NULL) {
ECerr(EC_F_ECKEY_TYPE2PARAM, EC_R_DECODE_ERROR);
goto ecerr;
}
} else if (ptype == V_ASN1_OBJECT) {
const ASN1_OBJECT *poid = pval;
EC_GROUP *group;
/*
* type == V_ASN1_OBJECT => the parameters are given by an asn1 OID
@ -129,6 +129,7 @@ static EC_KEY *eckey_type2param(int ptype, const void *pval)
ecerr:
EC_KEY_free(eckey);
EC_GROUP_free(group);
return NULL;
}

6
crypto/external/bsd/openssl/dist/crypto/ec/ec_curve.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -3036,6 +3036,8 @@ static EC_GROUP *ec_group_new_from_data(const ec_list_element curve)
}
#endif
EC_GROUP_set_curve_name(group, curve.nid);
if ((P = EC_POINT_new(group)) == NULL) {
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
goto err;
@ -3101,8 +3103,6 @@ EC_GROUP *EC_GROUP_new_by_curve_name(int nid)
return NULL;
}
EC_GROUP_set_curve_name(ret, nid);
return ret;
}

18
crypto/external/bsd/openssl/dist/crypto/ec/ec_lcl.h vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -269,6 +269,8 @@ struct ec_key_st {
struct ec_point_st {
const EC_METHOD *meth;
/* NID for the curve if known */
int curve_name;
/*
* All members except 'meth' are handled by the method functions, even if
* they appear generic
@ -281,6 +283,20 @@ struct ec_point_st {
* special case */
};
static ossl_inline int ec_point_is_compat(const EC_POINT *point,
const EC_GROUP *group)
{
if (group->meth != point->meth
|| (group->curve_name != 0
&& point->curve_name != 0
&& group->curve_name != point->curve_name))
return 0;
return 1;
}
NISTP224_PRE_COMP *EC_nistp224_pre_comp_dup(NISTP224_PRE_COMP *);
NISTP256_PRE_COMP *EC_nistp256_pre_comp_dup(NISTP256_PRE_COMP *);
NISTP521_PRE_COMP *EC_nistp521_pre_comp_dup(NISTP521_PRE_COMP *);

41
crypto/external/bsd/openssl/dist/crypto/ec/ec_lib.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -140,6 +140,8 @@ int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src)
if (dest == src)
return 1;
dest->curve_name = src->curve_name;
/* Copy precomputed */
dest->pre_comp_type = src->pre_comp_type;
switch (src->pre_comp_type) {
@ -202,7 +204,6 @@ int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src)
return 0;
}
dest->curve_name = src->curve_name;
dest->asn1_flag = src->asn1_flag;
dest->asn1_form = src->asn1_form;
@ -563,6 +564,7 @@ EC_POINT *EC_POINT_new(const EC_GROUP *group)
}
ret->meth = group->meth;
ret->curve_name = group->curve_name;
if (!ret->meth->point_init(ret)) {
OPENSSL_free(ret);
@ -600,7 +602,10 @@ int EC_POINT_copy(EC_POINT *dest, const EC_POINT *src)
ECerr(EC_F_EC_POINT_COPY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
if (dest->meth != src->meth) {
if (dest->meth != src->meth
|| (dest->curve_name != src->curve_name
&& dest->curve_name != 0
&& src->curve_name != 0)) {
ECerr(EC_F_EC_POINT_COPY, EC_R_INCOMPATIBLE_OBJECTS);
return 0;
}
@ -657,7 +662,7 @@ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
if (group->meth != point->meth) {
if (!ec_point_is_compat(point, group)) {
ECerr(EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP,
EC_R_INCOMPATIBLE_OBJECTS);
return 0;
@ -676,7 +681,7 @@ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
if (group->meth != point->meth) {
if (!ec_point_is_compat(point, group)) {
ECerr(EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP,
EC_R_INCOMPATIBLE_OBJECTS);
return 0;
@ -694,7 +699,7 @@ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group,
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
if (group->meth != point->meth) {
if (!ec_point_is_compat(point, group)) {
ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP,
EC_R_INCOMPATIBLE_OBJECTS);
return 0;
@ -720,7 +725,7 @@ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group,
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
if (group->meth != point->meth) {
if (!ec_point_is_compat(point, group)) {
ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M,
EC_R_INCOMPATIBLE_OBJECTS);
return 0;
@ -746,7 +751,7 @@ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
if (group->meth != point->meth) {
if (!ec_point_is_compat(point, group)) {
ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP,
EC_R_INCOMPATIBLE_OBJECTS);
return 0;
@ -764,7 +769,7 @@ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
if (group->meth != point->meth) {
if (!ec_point_is_compat(point, group)) {
ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M,
EC_R_INCOMPATIBLE_OBJECTS);
return 0;
@ -780,8 +785,8 @@ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
ECerr(EC_F_EC_POINT_ADD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
if ((group->meth != r->meth) || (r->meth != a->meth)
|| (a->meth != b->meth)) {
if (!ec_point_is_compat(r, group) || !ec_point_is_compat(a, group)
|| !ec_point_is_compat(b, group)) {
ECerr(EC_F_EC_POINT_ADD, EC_R_INCOMPATIBLE_OBJECTS);
return 0;
}
@ -795,7 +800,7 @@ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
ECerr(EC_F_EC_POINT_DBL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
if ((group->meth != r->meth) || (r->meth != a->meth)) {
if (!ec_point_is_compat(r, group) || !ec_point_is_compat(a, group)) {
ECerr(EC_F_EC_POINT_DBL, EC_R_INCOMPATIBLE_OBJECTS);
return 0;
}
@ -808,7 +813,7 @@ int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx)
ECerr(EC_F_EC_POINT_INVERT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
if (group->meth != a->meth) {
if (!ec_point_is_compat(a, group)) {
ECerr(EC_F_EC_POINT_INVERT, EC_R_INCOMPATIBLE_OBJECTS);
return 0;
}
@ -822,7 +827,7 @@ int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *point)
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
if (group->meth != point->meth) {
if (!ec_point_is_compat(point, group)) {
ECerr(EC_F_EC_POINT_IS_AT_INFINITY, EC_R_INCOMPATIBLE_OBJECTS);
return 0;
}
@ -843,7 +848,7 @@ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
ECerr(EC_F_EC_POINT_IS_ON_CURVE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
if (group->meth != point->meth) {
if (!ec_point_is_compat(point, group)) {
ECerr(EC_F_EC_POINT_IS_ON_CURVE, EC_R_INCOMPATIBLE_OBJECTS);
return 0;
}
@ -857,7 +862,7 @@ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b,
ECerr(EC_F_EC_POINT_CMP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return -1;
}
if ((group->meth != a->meth) || (a->meth != b->meth)) {
if (!ec_point_is_compat(a, group) || !ec_point_is_compat(b, group)) {
ECerr(EC_F_EC_POINT_CMP, EC_R_INCOMPATIBLE_OBJECTS);
return -1;
}
@ -870,7 +875,7 @@ int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
ECerr(EC_F_EC_POINT_MAKE_AFFINE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
if (group->meth != point->meth) {
if (!ec_point_is_compat(point, group)) {
ECerr(EC_F_EC_POINT_MAKE_AFFINE, EC_R_INCOMPATIBLE_OBJECTS);
return 0;
}
@ -887,7 +892,7 @@ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
return 0;
}
for (i = 0; i < num; i++) {
if (group->meth != points[i]->meth) {
if (!ec_point_is_compat(points[i], group)) {
ECerr(EC_F_EC_POINTS_MAKE_AFFINE, EC_R_INCOMPATIBLE_OBJECTS);
return 0;
}

250
crypto/external/bsd/openssl/dist/crypto/ec/ec_mult.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -105,6 +105,224 @@ void EC_ec_pre_comp_free(EC_PRE_COMP *pre)
OPENSSL_free(pre);
}
#define EC_POINT_BN_set_flags(P, flags) do { \
BN_set_flags((P)->X, (flags)); \
BN_set_flags((P)->Y, (flags)); \
BN_set_flags((P)->Z, (flags)); \
} while(0)
/*-
* This functions computes (in constant time) a point multiplication over the
* EC group.
*
* At a high level, it is Montgomery ladder with conditional swaps.
*
* It performs either a fixed scalar point multiplication
* (scalar * generator)
* when point is NULL, or a generic scalar point multiplication
* (scalar * point)
* when point is not NULL.
*
* scalar should be in the range [0,n) otherwise all constant time bets are off.
*
* NB: This says nothing about EC_POINT_add and EC_POINT_dbl,
* which of course are not constant time themselves.
*
* The product is stored in r.
*
* Returns 1 on success, 0 otherwise.
*/
static int ec_mul_consttime(const EC_GROUP *group, EC_POINT *r,
const BIGNUM *scalar, const EC_POINT *point,
BN_CTX *ctx)
{
int i, cardinality_bits, group_top, kbit, pbit, Z_is_one;
EC_POINT *s = NULL;
BIGNUM *k = NULL;
BIGNUM *lambda = NULL;
BIGNUM *cardinality = NULL;
BN_CTX *new_ctx = NULL;
int ret = 0;
if (ctx == NULL && (ctx = new_ctx = BN_CTX_secure_new()) == NULL)
return 0;
BN_CTX_start(ctx);
s = EC_POINT_new(group);
if (s == NULL)
goto err;
if (point == NULL) {
if (!EC_POINT_copy(s, group->generator))
goto err;
} else {
if (!EC_POINT_copy(s, point))
goto err;
}
EC_POINT_BN_set_flags(s, BN_FLG_CONSTTIME);
cardinality = BN_CTX_get(ctx);
lambda = BN_CTX_get(ctx);
k = BN_CTX_get(ctx);
if (k == NULL || !BN_mul(cardinality, group->order, group->cofactor, ctx))
goto err;
/*
* Group cardinalities are often on a word boundary.
* So when we pad the scalar, some timing diff might
* pop if it needs to be expanded due to carries.
* So expand ahead of time.
*/
cardinality_bits = BN_num_bits(cardinality);
group_top = bn_get_top(cardinality);
if ((bn_wexpand(k, group_top + 1) == NULL)
|| (bn_wexpand(lambda, group_top + 1) == NULL))
goto err;
if (!BN_copy(k, scalar))
goto err;
BN_set_flags(k, BN_FLG_CONSTTIME);
if ((BN_num_bits(k) > cardinality_bits) || (BN_is_negative(k))) {
/*-
* this is an unusual input, and we don't guarantee
* constant-timeness
*/
if (!BN_nnmod(k, k, cardinality, ctx))
goto err;
}
if (!BN_add(lambda, k, cardinality))
goto err;
BN_set_flags(lambda, BN_FLG_CONSTTIME);
if (!BN_add(k, lambda, cardinality))
goto err;
/*
* lambda := scalar + cardinality
* k := scalar + 2*cardinality
*/
kbit = BN_is_bit_set(lambda, cardinality_bits);
BN_consttime_swap(kbit, k, lambda, group_top + 1);
group_top = bn_get_top(group->field);
if ((bn_wexpand(s->X, group_top) == NULL)
|| (bn_wexpand(s->Y, group_top) == NULL)
|| (bn_wexpand(s->Z, group_top) == NULL)
|| (bn_wexpand(r->X, group_top) == NULL)
|| (bn_wexpand(r->Y, group_top) == NULL)
|| (bn_wexpand(r->Z, group_top) == NULL))
goto err;
/* top bit is a 1, in a fixed pos */
if (!EC_POINT_copy(r, s))
goto err;
EC_POINT_BN_set_flags(r, BN_FLG_CONSTTIME);
if (!EC_POINT_dbl(group, s, s, ctx))
goto err;
pbit = 0;
#define EC_POINT_CSWAP(c, a, b, w, t) do { \
BN_consttime_swap(c, (a)->X, (b)->X, w); \
BN_consttime_swap(c, (a)->Y, (b)->Y, w); \
BN_consttime_swap(c, (a)->Z, (b)->Z, w); \
t = ((a)->Z_is_one ^ (b)->Z_is_one) & (c); \
(a)->Z_is_one ^= (t); \
(b)->Z_is_one ^= (t); \
} while(0)
/*-
* The ladder step, with branches, is
*
* k[i] == 0: S = add(R, S), R = dbl(R)
* k[i] == 1: R = add(S, R), S = dbl(S)
*
* Swapping R, S conditionally on k[i] leaves you with state
*
* k[i] == 0: T, U = R, S
* k[i] == 1: T, U = S, R
*
* Then perform the ECC ops.
*
* U = add(T, U)
* T = dbl(T)
*
* Which leaves you with state
*
* k[i] == 0: U = add(R, S), T = dbl(R)
* k[i] == 1: U = add(S, R), T = dbl(S)
*
* Swapping T, U conditionally on k[i] leaves you with state
*
* k[i] == 0: R, S = T, U
* k[i] == 1: R, S = U, T
*
* Which leaves you with state
*
* k[i] == 0: S = add(R, S), R = dbl(R)
* k[i] == 1: R = add(S, R), S = dbl(S)
*
* So we get the same logic, but instead of a branch it's a
* conditional swap, followed by ECC ops, then another conditional swap.
*
* Optimization: The end of iteration i and start of i-1 looks like
*
* ...
* CSWAP(k[i], R, S)
* ECC
* CSWAP(k[i], R, S)
* (next iteration)
* CSWAP(k[i-1], R, S)
* ECC
* CSWAP(k[i-1], R, S)
* ...
*
* So instead of two contiguous swaps, you can merge the condition
* bits and do a single swap.
*
* k[i] k[i-1] Outcome
* 0 0 No Swap
* 0 1 Swap
* 1 0 Swap
* 1 1 No Swap
*
* This is XOR. pbit tracks the previous bit of k.
*/
for (i = cardinality_bits - 1; i >= 0; i--) {
kbit = BN_is_bit_set(k, i) ^ pbit;
EC_POINT_CSWAP(kbit, r, s, group_top, Z_is_one);
if (!EC_POINT_add(group, s, r, s, ctx))
goto err;
if (!EC_POINT_dbl(group, r, r, ctx))
goto err;
/*
* pbit logic merges this cswap with that of the
* next iteration
*/
pbit ^= kbit;
}
/* one final cswap to move the right value into r */
EC_POINT_CSWAP(pbit, r, s, group_top, Z_is_one);
#undef EC_POINT_CSWAP
ret = 1;
err:
EC_POINT_free(s);
BN_CTX_end(ctx);
BN_CTX_free(new_ctx);
return ret;
}
#undef EC_POINT_BN_set_flags
/*
* TODO: table should be optimised for the wNAF-based implementation,
* sometimes smaller windows will give better performance (thus the
@ -155,7 +373,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
* precomputation is not available */
int ret = 0;
if (group->meth != r->meth) {
if (!ec_point_is_compat(r, group)) {
ECerr(EC_F_EC_WNAF_MUL, EC_R_INCOMPATIBLE_OBJECTS);
return 0;
}
@ -164,8 +382,34 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
return EC_POINT_set_to_infinity(group, r);
}
/*-
* Handle the common cases where the scalar is secret, enforcing a constant
* time scalar multiplication algorithm.
*/
if ((scalar != NULL) && (num == 0)) {
/*-
* In this case we want to compute scalar * GeneratorPoint: this
* codepath is reached most prominently by (ephemeral) key generation
* of EC cryptosystems (i.e. ECDSA keygen and sign setup, ECDH
* keygen/first half), where the scalar is always secret. This is why
* we ignore if BN_FLG_CONSTTIME is actually set and we always call the
* constant time version.
*/
return ec_mul_consttime(group, r, scalar, NULL, ctx);
}
if ((scalar == NULL) && (num == 1)) {
/*-
* In this case we want to compute scalar * GenericPoint: this codepath
* is reached most prominently by the second half of ECDH, where the
* secret scalar is multiplied by the peer's public point. To protect
* the secret scalar, we ignore if BN_FLG_CONSTTIME is actually set and
* we always call the constant time version.
*/
return ec_mul_consttime(group, r, scalars[0], points[0], ctx);
}
for (i = 0; i < num; i++) {
if (group->meth != points[i]->meth) {
if (!ec_point_is_compat(points[i], group)) {
ECerr(EC_F_EC_WNAF_MUL, EC_R_INCOMPATIBLE_OBJECTS);
return 0;
}

Some files were not shown because too many files have changed in this diff Show More