Changes between 1.1.0h and 1.1.0i [14 Aug 2018]
*) Client DoS due to large DH parameter During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. This issue was reported to OpenSSL on 5th June 2018 by Guido Vranken (CVE-2018-0732) [Guido Vranken] *) Cache timing vulnerability in RSA Key Generation The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. This issue was reported to OpenSSL on 4th April 2018 by Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia. (CVE-2018-0737) [Billy Brumley] *) Make EVP_PKEY_asn1_new() a bit stricter about its input. A NULL pem_str parameter is no longer accepted, as it leads to a corrupt table. NULL pem_str is reserved for alias entries only. [Richard Levitte] *) Revert blinding in ECDSA sign and instead make problematic addition length-invariant. Switch even to fixed-length Montgomery multiplication. [Andy Polyakov] *) Change generating and checking of primes so that the error rate of not being prime depends on the intended use based on the size of the input. For larger primes this will result in more rounds of Miller-Rabin. The maximal error rate for primes with more than 1080 bits is lowered to 2^-128. [Kurt Roeckx, Annie Yousar] *) Increase the number of Miller-Rabin rounds for DSA key generating to 64. [Kurt Roeckx] *) Add blinding to ECDSA and DSA signatures to protect against side channel attacks discovered by Keegan Ryan (NCC Group). [Matt Caswell] *) When unlocking a pass phrase protected PEM file or PKCS#8 container, we now allow empty (zero character) pass phrases. [Richard Levitte] *) Certificate time validation (X509_cmp_time) enforces stricter compliance with RFC 5280. Fractional seconds and timezone offsets are no longer allowed. [Emilia Käsper] *) Fixed a text canonicalisation bug in CMS Where a CMS detached signature is used with text content the text goes through a canonicalisation process first prior to signing or verifying a signature. This process strips trailing space at the end of lines, converts line terminators to CRLF and removes additional trailing line terminators at the end of a file. A bug in the canonicalisation process meant that some characters, such as form-feed, were incorrectly treated as whitespace and removed. This is contrary to the specification (RFC5485). This fix could mean that detached text data signed with an earlier version of OpenSSL 1.1.0 may fail to verify using the fixed version, or text data signed with a fixed OpenSSL may fail to verify with an earlier version of OpenSSL 1.1.0. A workaround is to only verify the canonicalised text data and use the "-binary" flag (for the "cms" command line application) or set the SMIME_BINARY/PKCS7_BINARY/CMS_BINARY flags (if using CMS_verify()). [Matt Caswell]
This commit is contained in:
parent
be91dc2301
commit
a68659eb19
|
@ -51,6 +51,7 @@ Makefile
|
|||
/test/ssltest_old
|
||||
/test/x509aux
|
||||
/test/v3ext
|
||||
/test/versions
|
||||
|
||||
# Certain files that get created by tests on the fly
|
||||
/test/test-runs
|
||||
|
|
|
@ -61,7 +61,7 @@ matrix:
|
|||
sources:
|
||||
- ubuntu-toolchain-r-test
|
||||
compiler: gcc-5
|
||||
env: CONFIG_OPTS="no-asm enable-ubsan enable-rc5 enable-md2 -DPEDANTIC"
|
||||
env: UBUNTU_GCC_HACK="yes" CONFIG_OPTS="no-asm enable-ubsan enable-rc5 enable-md2 -DPEDANTIC"
|
||||
- os: linux
|
||||
addons:
|
||||
apt:
|
||||
|
@ -69,7 +69,7 @@ matrix:
|
|||
- binutils-mingw-w64
|
||||
- gcc-mingw-w64
|
||||
compiler: i686-w64-mingw32-gcc
|
||||
env: CONFIG_OPTS="no-pic" TESTS="-test_fuzz"
|
||||
env: CONFIG_OPTS="no-pic"
|
||||
- os: linux
|
||||
addons:
|
||||
apt:
|
||||
|
@ -85,7 +85,7 @@ matrix:
|
|||
- binutils-mingw-w64
|
||||
- gcc-mingw-w64
|
||||
compiler: x86_64-w64-mingw32-gcc
|
||||
env: CONFIG_OPTS="no-pic" TESTS="-test_fuzz"
|
||||
env: CONFIG_OPTS="no-pic"
|
||||
- os: linux
|
||||
addons:
|
||||
apt:
|
||||
|
@ -112,6 +112,10 @@ before_script:
|
|||
srcdir=.;
|
||||
top=.;
|
||||
fi
|
||||
- if [ -n "$UBUNTU_GCC_HACK" ]; then
|
||||
$CC -dumpspecs | sed "s/--push-state//g; s/--pop-state/--as-needed/g" > gcc-specs.txt;
|
||||
CC="$CC -specs=gcc-specs.txt";
|
||||
fi
|
||||
- if [ "$CC" == i686-w64-mingw32-gcc ]; then
|
||||
export CROSS_COMPILE=${CC%%gcc}; unset CC;
|
||||
$srcdir/Configure mingw $CONFIG_OPTS -Wno-pedantic-ms-format;
|
||||
|
@ -186,7 +190,7 @@ script:
|
|||
fi
|
||||
- if [ -n "$DESTDIR" ]; then
|
||||
mkdir "../$DESTDIR";
|
||||
if $make install install_docs DESTDIR="../$DESTDIR"; then
|
||||
if $make install DESTDIR="../$DESTDIR"; then
|
||||
echo -e '+\057\057\057\057\057 MAKE INSTALL_DOCS OK';
|
||||
else
|
||||
echo -e '+\057\057\057\057\057 MAKE INSTALL_DOCS FAILED'; false;
|
||||
|
|
|
@ -7,6 +7,81 @@
|
|||
https://github.com/openssl/openssl/commits/ and pick the appropriate
|
||||
release branch.
|
||||
|
||||
Changes between 1.1.0h and 1.1.0i [14 Aug 2018]
|
||||
|
||||
*) Client DoS due to large DH parameter
|
||||
|
||||
During key agreement in a TLS handshake using a DH(E) based ciphersuite a
|
||||
malicious server can send a very large prime value to the client. This will
|
||||
cause the client to spend an unreasonably long period of time generating a
|
||||
key for this prime resulting in a hang until the client has finished. This
|
||||
could be exploited in a Denial Of Service attack.
|
||||
|
||||
This issue was reported to OpenSSL on 5th June 2018 by Guido Vranken
|
||||
(CVE-2018-0732)
|
||||
[Guido Vranken]
|
||||
|
||||
*) Cache timing vulnerability in RSA Key Generation
|
||||
|
||||
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to
|
||||
a cache timing side channel attack. An attacker with sufficient access to
|
||||
mount cache timing attacks during the RSA key generation process could
|
||||
recover the private key.
|
||||
|
||||
This issue was reported to OpenSSL on 4th April 2018 by Alejandro Cabrera
|
||||
Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia.
|
||||
(CVE-2018-0737)
|
||||
[Billy Brumley]
|
||||
|
||||
*) Make EVP_PKEY_asn1_new() a bit stricter about its input. A NULL pem_str
|
||||
parameter is no longer accepted, as it leads to a corrupt table. NULL
|
||||
pem_str is reserved for alias entries only.
|
||||
[Richard Levitte]
|
||||
|
||||
*) Revert blinding in ECDSA sign and instead make problematic addition
|
||||
length-invariant. Switch even to fixed-length Montgomery multiplication.
|
||||
[Andy Polyakov]
|
||||
|
||||
*) Change generating and checking of primes so that the error rate of not
|
||||
being prime depends on the intended use based on the size of the input.
|
||||
For larger primes this will result in more rounds of Miller-Rabin.
|
||||
The maximal error rate for primes with more than 1080 bits is lowered
|
||||
to 2^-128.
|
||||
[Kurt Roeckx, Annie Yousar]
|
||||
|
||||
*) Increase the number of Miller-Rabin rounds for DSA key generating to 64.
|
||||
[Kurt Roeckx]
|
||||
|
||||
*) Add blinding to ECDSA and DSA signatures to protect against side channel
|
||||
attacks discovered by Keegan Ryan (NCC Group).
|
||||
[Matt Caswell]
|
||||
|
||||
*) When unlocking a pass phrase protected PEM file or PKCS#8 container, we
|
||||
now allow empty (zero character) pass phrases.
|
||||
[Richard Levitte]
|
||||
|
||||
*) Certificate time validation (X509_cmp_time) enforces stricter
|
||||
compliance with RFC 5280. Fractional seconds and timezone offsets
|
||||
are no longer allowed.
|
||||
[Emilia Käsper]
|
||||
|
||||
*) Fixed a text canonicalisation bug in CMS
|
||||
|
||||
Where a CMS detached signature is used with text content the text goes
|
||||
through a canonicalisation process first prior to signing or verifying a
|
||||
signature. This process strips trailing space at the end of lines, converts
|
||||
line terminators to CRLF and removes additional trailing line terminators
|
||||
at the end of a file. A bug in the canonicalisation process meant that
|
||||
some characters, such as form-feed, were incorrectly treated as whitespace
|
||||
and removed. This is contrary to the specification (RFC5485). This fix
|
||||
could mean that detached text data signed with an earlier version of
|
||||
OpenSSL 1.1.0 may fail to verify using the fixed version, or text data
|
||||
signed with a fixed OpenSSL may fail to verify with an earlier version of
|
||||
OpenSSL 1.1.0. A workaround is to only verify the canonicalised text data
|
||||
and use the "-binary" flag (for the "cms" command line application) or set
|
||||
the SMIME_BINARY/PKCS7_BINARY/CMS_BINARY flags (if using CMS_verify()).
|
||||
[Matt Caswell]
|
||||
|
||||
Changes between 1.1.0g and 1.1.0h [27 Mar 2018]
|
||||
|
||||
*) Constructed ASN.1 types with a recursive definition could exceed the stack
|
||||
|
|
|
@ -1,26 +1,26 @@
|
|||
HOW TO CONTRIBUTE PATCHES TO OpenSSL
|
||||
------------------------------------
|
||||
HOW TO CONTRIBUTE TO OpenSSL
|
||||
----------------------------
|
||||
|
||||
(Please visit https://www.openssl.org/community/getting-started.html for
|
||||
other ideas about how to contribute.)
|
||||
|
||||
Development is coordinated on the openssl-dev mailing list (see the
|
||||
above link or https://mta.openssl.org for information on subscribing).
|
||||
If you are unsure as to whether a feature will be useful for the general
|
||||
OpenSSL community you might want to discuss it on the openssl-dev mailing
|
||||
list first. Someone may be already working on the same thing or there
|
||||
may be a good reason as to why that feature isn't implemented.
|
||||
Development is done on GitHub, https://github.com/openssl/openssl.
|
||||
|
||||
To submit a patch, make a pull request on GitHub. If you think the patch
|
||||
could use feedback from the community, please start a thread on openssl-dev
|
||||
to discuss it.
|
||||
To request new features or report bugs, please open an issue on GitHub
|
||||
|
||||
Having addressed the following items before the PR will help make the
|
||||
acceptance and review process faster:
|
||||
To submit a patch, please open a pull request on GitHub. If you are thinking
|
||||
of making a large contribution, open an issue for it before starting work,
|
||||
to get comments from the community. Someone may be already working on
|
||||
the same thing or there may be reasons why that feature isn't implemented.
|
||||
|
||||
1. Anything other than trivial contributions will require a contributor
|
||||
licensing agreement, giving us permission to use your code. See
|
||||
https://www.openssl.org/policies/cla.html for details.
|
||||
To make it easier to review and accept your pull request, please follow these
|
||||
guidelines:
|
||||
|
||||
1. Anything other than a trivial contribution requires a Contributor
|
||||
License Agreement (CLA), giving us permission to use your code. See
|
||||
https://www.openssl.org/policies/cla.html for details. If your
|
||||
contribution is too small to require a CLA, put "CLA: trivial" on a
|
||||
line by itself in your commit message body.
|
||||
|
||||
2. All source files should start with the following text (with
|
||||
appropriate comment characters at the start of each line and the
|
||||
|
@ -34,21 +34,38 @@ acceptance and review process faster:
|
|||
https://www.openssl.org/source/license.html
|
||||
|
||||
3. Patches should be as current as possible; expect to have to rebase
|
||||
often. We do not accept merge commits; You will be asked to remove
|
||||
them before a patch is considered acceptable.
|
||||
often. We do not accept merge commits, you will have to remove them
|
||||
(usually by rebasing) before it will be acceptable.
|
||||
|
||||
4. Patches should follow our coding style (see
|
||||
https://www.openssl.org/policies/codingstyle.html) and compile without
|
||||
warnings. Where gcc or clang is available you should use the
|
||||
https://www.openssl.org/policies/codingstyle.html) and compile
|
||||
without warnings. Where gcc or clang is available you should use the
|
||||
--strict-warnings Configure option. OpenSSL compiles on many varied
|
||||
platforms: try to ensure you only use portable features.
|
||||
Clean builds via Travis and AppVeyor are expected, and done whenever
|
||||
a PR is created or updated.
|
||||
platforms: try to ensure you only use portable features. Clean builds
|
||||
via Travis and AppVeyor are required, and they are started automatically
|
||||
whenever a PR is created or updated.
|
||||
|
||||
5. When at all possible, patches should include tests. These can
|
||||
either be added to an existing test, or completely new. Please see
|
||||
test/README for information on the test framework.
|
||||
|
||||
6. New features or changed functionality must include
|
||||
documentation. Please look at the "pod" files in doc/apps, doc/crypto
|
||||
and doc/ssl for examples of our style.
|
||||
documentation. Please look at the "pod" files in doc for
|
||||
examples of our style.
|
||||
|
||||
7. For user visible changes (API changes, behaviour changes, ...),
|
||||
consider adding a note in CHANGES. This could be a summarising
|
||||
description of the change, and could explain the grander details.
|
||||
Have a look through existing entries for inspiration.
|
||||
Please note that this is NOT simply a copy of git-log oneliners.
|
||||
Also note that security fixes get an entry in CHANGES.
|
||||
This file helps users get more in depth information of what comes
|
||||
with a specific release without having to sift through the higher
|
||||
noise ratio in git-log.
|
||||
|
||||
8. For larger or more important user visible changes, as well as
|
||||
security fixes, please add a line in NEWS. On exception, it might be
|
||||
worth adding a multi-line entry (such as the entry that announces all
|
||||
the types that became opaque with OpenSSL 1.1.0).
|
||||
This file helps users get a very quick summary of what comes with a
|
||||
specific release, to see if an upgrade is worth the effort.
|
||||
|
|
|
@ -14,7 +14,7 @@ sub vc_win64a_info {
|
|||
asflags => "/c /Cp /Cx /Zi",
|
||||
asoutflag => "/Fo" };
|
||||
} else {
|
||||
$die->("NASM not found - please read INSTALL and NOTES.WIN for further details\n");
|
||||
$die->("NASM not found - make sure it's installed and available on %PATH%\n");
|
||||
$vc_win64a_info = { as => "{unknown}",
|
||||
asflags => "",
|
||||
asoutflag => "" };
|
||||
|
@ -39,7 +39,7 @@ sub vc_win32_info {
|
|||
asoutflag => "/Fo",
|
||||
perlasm_scheme => "win32" };
|
||||
} else {
|
||||
$die->("NASM not found - please read INSTALL and NOTES.WIN for further details\n");
|
||||
$die->("NASM not found - make sure it's installed and available on %PATH%\n");
|
||||
$vc_win32_info = { as => "{unknown}",
|
||||
asflags => "",
|
||||
asoutflag => "",
|
||||
|
@ -428,8 +428,17 @@ sub vms_info {
|
|||
# even PA-RISC 2.0-specific code paths, which are chosen at run-time,
|
||||
# thus adequate performance is provided even with PA-RISC 1.1 build.
|
||||
# <appro@fy.chalmers.se>
|
||||
"hpux-parisc-gcc" => {
|
||||
"hpux-common" => {
|
||||
inherit_from => [ "BASE_unix" ],
|
||||
template => 1,
|
||||
defines => add("_XOPEN_SOURCE", "_XOPEN_SOURCE_EXTENDED",
|
||||
"_HPUX_ALT_XOPEN_SOCKET_API"),
|
||||
thread_scheme => "pthreads",
|
||||
dso_scheme => "dlfcn", # overridden in 32-bit PA-RISC builds
|
||||
shared_target => "hpux-shared",
|
||||
},
|
||||
"hpux-parisc-gcc" => {
|
||||
inherit_from => [ "hpux-common" ],
|
||||
cc => "gcc",
|
||||
cflags => combine(picker(default => "-DB_ENDIAN -DBN_DIV2W",
|
||||
debug => "-O0 -g",
|
||||
|
@ -437,9 +446,7 @@ sub vms_info {
|
|||
threads("-pthread")),
|
||||
ex_libs => add("-Wl,+s -ldld", threads("-pthread")),
|
||||
bn_ops => "BN_LLONG",
|
||||
thread_scheme => "pthreads",
|
||||
dso_scheme => "dl",
|
||||
shared_target => "hpux-shared",
|
||||
shared_cflag => "-fPIC",
|
||||
shared_ldflag => "-shared",
|
||||
shared_extension => ".sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
|
@ -449,7 +456,7 @@ sub vms_info {
|
|||
multilib => "/pa1.1",
|
||||
},
|
||||
"hpux64-parisc2-gcc" => {
|
||||
inherit_from => [ "BASE_unix", asm("parisc20_64_asm") ],
|
||||
inherit_from => [ "hpux-common", asm("parisc20_64_asm") ],
|
||||
cc => "gcc",
|
||||
cflags => combine(picker(default => "-DB_ENDIAN",
|
||||
debug => "-O0 -g",
|
||||
|
@ -457,9 +464,6 @@ sub vms_info {
|
|||
threads("-D_REENTRANT")),
|
||||
ex_libs => add("-ldl"),
|
||||
bn_ops => "SIXTY_FOUR_BIT_LONG RC4_CHAR",
|
||||
thread_scheme => "pthreads",
|
||||
dso_scheme => "dlfcn",
|
||||
shared_target => "hpux-shared",
|
||||
shared_cflag => "-fpic",
|
||||
shared_ldflag => "-shared",
|
||||
shared_extension => ".sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
|
@ -471,7 +475,7 @@ sub vms_info {
|
|||
# Chris Ruemmler <ruemmler@cup.hp.com>
|
||||
# Kevin Steves <ks@hp.se>
|
||||
"hpux-parisc-cc" => {
|
||||
inherit_from => [ "BASE_unix" ],
|
||||
inherit_from => [ "hpux-common" ],
|
||||
cc => "cc",
|
||||
cflags => combine(picker(default => "+Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY",
|
||||
debug => "+O0 +d -g",
|
||||
|
@ -479,9 +483,7 @@ sub vms_info {
|
|||
threads("-D_REENTRANT")),
|
||||
ex_libs => add("-Wl,+s -ldld",threads("-lpthread")),
|
||||
bn_ops => "RC4_CHAR",
|
||||
thread_scheme => "pthreads",
|
||||
dso_scheme => "dl",
|
||||
shared_target => "hpux-shared",
|
||||
shared_cflag => "+Z",
|
||||
shared_ldflag => "-b",
|
||||
shared_extension => ".sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
|
@ -492,7 +494,7 @@ sub vms_info {
|
|||
multilib => "/pa1.1",
|
||||
},
|
||||
"hpux64-parisc2-cc" => {
|
||||
inherit_from => [ "BASE_unix", asm("parisc20_64_asm") ],
|
||||
inherit_from => [ "hpux-common", asm("parisc20_64_asm") ],
|
||||
cc => "cc",
|
||||
cflags => combine(picker(default => "+DD64 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY",
|
||||
debug => "+O0 +d -g",
|
||||
|
@ -500,9 +502,6 @@ sub vms_info {
|
|||
threads("-D_REENTRANT")),
|
||||
ex_libs => add("-ldl",threads("-lpthread")),
|
||||
bn_ops => "SIXTY_FOUR_BIT_LONG RC4_CHAR",
|
||||
thread_scheme => "pthreads",
|
||||
dso_scheme => "dlfcn",
|
||||
shared_target => "hpux-shared",
|
||||
shared_cflag => "+Z",
|
||||
shared_ldflag => "+DD64 -b",
|
||||
shared_extension => ".sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
|
@ -511,7 +510,7 @@ sub vms_info {
|
|||
|
||||
# HP/UX IA-64 targets
|
||||
"hpux-ia64-cc" => {
|
||||
inherit_from => [ "BASE_unix", asm("ia64_asm") ],
|
||||
inherit_from => [ "hpux-common", asm("ia64_asm") ],
|
||||
cc => "cc",
|
||||
cflags => combine(picker(default => "-Ae +DD32 +Olit=all -z -DB_ENDIAN",
|
||||
debug => "+O0 +d -g",
|
||||
|
@ -519,9 +518,6 @@ sub vms_info {
|
|||
threads("-D_REENTRANT")),
|
||||
ex_libs => add("-ldl",threads("-lpthread")),
|
||||
bn_ops => "SIXTY_FOUR_BIT",
|
||||
thread_scheme => "pthreads",
|
||||
dso_scheme => "dlfcn",
|
||||
shared_target => "hpux-shared",
|
||||
shared_cflag => "+Z",
|
||||
shared_ldflag => "+DD32 -b",
|
||||
shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
|
@ -530,7 +526,7 @@ sub vms_info {
|
|||
# Frank Geurts <frank.geurts@nl.abnamro.com> has patiently assisted
|
||||
# with debugging of the following config.
|
||||
"hpux64-ia64-cc" => {
|
||||
inherit_from => [ "BASE_unix", asm("ia64_asm") ],
|
||||
inherit_from => [ "hpux-common", asm("ia64_asm") ],
|
||||
cc => "cc",
|
||||
cflags => combine(picker(default => "-Ae +DD64 +Olit=all -z -DB_ENDIAN",
|
||||
debug => "+O0 +d -g",
|
||||
|
@ -538,9 +534,6 @@ sub vms_info {
|
|||
threads("-D_REENTRANT")),
|
||||
ex_libs => add("-ldl", threads("-lpthread")),
|
||||
bn_ops => "SIXTY_FOUR_BIT_LONG",
|
||||
thread_scheme => "pthreads",
|
||||
dso_scheme => "dlfcn",
|
||||
shared_target => "hpux-shared",
|
||||
shared_cflag => "+Z",
|
||||
shared_ldflag => "+DD64 -b",
|
||||
shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
|
@ -548,7 +541,7 @@ sub vms_info {
|
|||
},
|
||||
# GCC builds...
|
||||
"hpux-ia64-gcc" => {
|
||||
inherit_from => [ "BASE_unix", asm("ia64_asm") ],
|
||||
inherit_from => [ "hpux-common", asm("ia64_asm") ],
|
||||
cc => "gcc",
|
||||
cflags => combine(picker(default => "-DB_ENDIAN",
|
||||
debug => "-O0 -g",
|
||||
|
@ -556,16 +549,13 @@ sub vms_info {
|
|||
threads("-pthread")),
|
||||
ex_libs => add("-ldl", threads("-pthread")),
|
||||
bn_ops => "SIXTY_FOUR_BIT",
|
||||
thread_scheme => "pthreads",
|
||||
dso_scheme => "dlfcn",
|
||||
shared_target => "hpux-shared",
|
||||
shared_cflag => "-fpic",
|
||||
shared_ldflag => "-shared",
|
||||
shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
multilib => "/hpux32",
|
||||
},
|
||||
"hpux64-ia64-gcc" => {
|
||||
inherit_from => [ "BASE_unix", asm("ia64_asm") ],
|
||||
inherit_from => [ "hpux-common", asm("ia64_asm") ],
|
||||
cc => "gcc",
|
||||
cflags => combine(picker(default => "-mlp64 -DB_ENDIAN",
|
||||
debug => "-O0 -g",
|
||||
|
@ -573,9 +563,6 @@ sub vms_info {
|
|||
threads("-pthread")),
|
||||
ex_libs => add("-ldl", threads("-pthread")),
|
||||
bn_ops => "SIXTY_FOUR_BIT_LONG",
|
||||
thread_scheme => "pthreads",
|
||||
dso_scheme => "dlfcn",
|
||||
shared_target => "hpux-shared",
|
||||
shared_cflag => "-fpic",
|
||||
shared_ldflag => "-mlp64 -shared",
|
||||
shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
|
@ -1223,6 +1210,7 @@ sub vms_info {
|
|||
perlasm_scheme => "aix32",
|
||||
dso_scheme => "dlfcn",
|
||||
shared_target => "aix-shared",
|
||||
shared_cflag => "-qpic",
|
||||
shared_ldflag => "-q32 -G",
|
||||
shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
arflags => "-X 32",
|
||||
|
@ -1241,6 +1229,7 @@ sub vms_info {
|
|||
perlasm_scheme => "aix64",
|
||||
dso_scheme => "dlfcn",
|
||||
shared_target => "aix-shared",
|
||||
shared_cflag => "-qpic",
|
||||
shared_ldflag => "-q64 -G",
|
||||
shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
arflags => "-X 64",
|
||||
|
|
|
@ -0,0 +1,12 @@
|
|||
## -*- mode: perl; -*-
|
||||
## Build configuration targets for openssl-team members
|
||||
|
||||
# This is to support 'make dist'
|
||||
%targets = (
|
||||
"dist" => {
|
||||
inherit_from => [ 'BASE_unix' ],
|
||||
cc => "cc",
|
||||
cflags => "-O",
|
||||
thread_scheme => "(unknown)",
|
||||
},
|
||||
);
|
|
@ -664,8 +664,10 @@ tar:
|
|||
DISTDIR=$(NAME); \
|
||||
mkdir -p $$TMPDIR/$$DISTDIR; \
|
||||
(cd $(SRCDIR); \
|
||||
excl_re="^(fuzz/corpora|Configurations/.*\.norelease\.conf)"; \
|
||||
echo "$$excl_re"; \
|
||||
git ls-tree -r --name-only --full-tree HEAD \
|
||||
| grep -v '^fuzz/corpora' \
|
||||
| egrep -v "$$excl_re" \
|
||||
| while read F; do \
|
||||
mkdir -p $$TMPDIR/$$DISTDIR/`dirname $$F`; \
|
||||
cp $$F $$TMPDIR/$$DISTDIR/$$F; \
|
||||
|
@ -848,7 +850,7 @@ EOF
|
|||
$recipe .= <<"EOF";
|
||||
$obj$objext: $deps
|
||||
( trap "rm -f \$@.*" INT 0; \\
|
||||
\$(CPP) $incs \$(CFLAGS) $ecflags $srcs | \\
|
||||
\$(CC) $incs \$(CFLAGS) $ecflags -E $srcs | \\
|
||||
\$(PERL) -ne '/^#(line)?\\s*[0-9]+/ or print' > \$@.s && \\
|
||||
\$(CC) \$(CFLAGS) $ecflags -c -o \$\@ \$@.s )
|
||||
EOF
|
||||
|
|
|
@ -6,7 +6,7 @@ use Config;
|
|||
# we expect for the platform
|
||||
use File::Spec::Functions qw(:DEFAULT rel2abs);
|
||||
|
||||
if (rel2abs('.') !~ m|\\|) {
|
||||
if (!$ENV{CONFIGURE_INSIST} && rel2abs('.') !~ m|\\|) {
|
||||
die <<EOF;
|
||||
|
||||
******************************************************************************
|
||||
|
|
|
@ -88,20 +88,20 @@ GENERATED={- join(" ",
|
|||
grep { /\.o$/ } keys %{$unified_info{sources}} ),
|
||||
( grep { /\.h$/ } keys %{$unified_info{generate}} )) -}
|
||||
|
||||
INSTALL_LIBS={- join(" ", map { $_.$libext } @{$unified_info{install}->{libraries}}) -}
|
||||
INSTALL_SHLIBS={- join(" ", map { shlib($_) } @{$unified_info{install}->{libraries}}) -}
|
||||
INSTALL_SHLIBPDBS={- join(" ", map { local $shlibext = ".pdb"; shlib($_) } @{$unified_info{install}->{libraries}}) -}
|
||||
INSTALL_ENGINES={- join(" ", map { dso($_) } @{$unified_info{install}->{engines}}) -}
|
||||
INSTALL_ENGINEPDBS={- join(" ", map { local $dsoext = ".pdb"; dso($_) } @{$unified_info{install}->{engines}}) -}
|
||||
INSTALL_PROGRAMS={- join(" ", map { $_.$exeext } grep { !m|^test\\| } @{$unified_info{install}->{programs}}) -}
|
||||
INSTALL_PROGRAMPDBS={- join(" ", map { $_.".pdb" } grep { !m|^test\\| } @{$unified_info{install}->{programs}}) -}
|
||||
INSTALL_LIBS={- join(" ", map { quotify1($_.$libext) } @{$unified_info{install}->{libraries}}) -}
|
||||
INSTALL_SHLIBS={- join(" ", map { quotify_l(shlib($_)) } @{$unified_info{install}->{libraries}}) -}
|
||||
INSTALL_SHLIBPDBS={- join(" ", map { local $shlibext = ".pdb"; quotify_l(shlib($_)) } @{$unified_info{install}->{libraries}}) -}
|
||||
INSTALL_ENGINES={- join(" ", map { quotify1(dso($_)) } @{$unified_info{install}->{engines}}) -}
|
||||
INSTALL_ENGINEPDBS={- join(" ", map { local $dsoext = ".pdb"; quotify1(dso($_)) } @{$unified_info{install}->{engines}}) -}
|
||||
INSTALL_PROGRAMS={- join(" ", map { quotify1($_.$exeext) } grep { !m|^test\\| } @{$unified_info{install}->{programs}}) -}
|
||||
INSTALL_PROGRAMPDBS={- join(" ", map { quotify1($_.".pdb") } grep { !m|^test\\| } @{$unified_info{install}->{programs}}) -}
|
||||
{- output_off() if $disabled{apps}; "" -}
|
||||
BIN_SCRIPTS=$(BLDDIR)\tools\c_rehash.pl
|
||||
MISC_SCRIPTS=$(BLDDIR)\apps\CA.pl $(BLDDIR)\apps\tsget.pl
|
||||
BIN_SCRIPTS="$(BLDDIR)\tools\c_rehash.pl"
|
||||
MISC_SCRIPTS="$(BLDDIR)\apps\CA.pl" "$(BLDDIR)\apps\tsget.pl"
|
||||
{- output_on() if $disabled{apps}; "" -}
|
||||
|
||||
APPS_OPENSSL={- use File::Spec::Functions;
|
||||
catfile("apps","openssl") -}
|
||||
"\"".catfile("apps","openssl")."\"" -}
|
||||
|
||||
# Do not edit these manually. Use Configure with --prefix or --openssldir
|
||||
# to change this! Short explanation in the top comment in Configure
|
||||
|
@ -182,6 +182,9 @@ MTOUTFLAG={- $target{mtoutflag} || "-outputresource:" -}$(OSSL_EMPTY)
|
|||
AS={- $target{as} -}
|
||||
ASFLAGS={- $target{asflags} -}
|
||||
ASOUTFLAG={- $target{asoutflag} -}$(OSSL_EMPTY)
|
||||
|
||||
ECHO="$(PERL)" "$(SRCDIR)\util\echo.pl"
|
||||
|
||||
PERLASM_SCHEME= {- $target{perlasm_scheme} -}
|
||||
|
||||
PROCESSOR= {- $config{processor} -}
|
||||
|
@ -207,7 +210,7 @@ build_all_generated: $(GENERATED_MANDATORY) $(GENERATED)
|
|||
|
||||
test: tests
|
||||
{- dependmagic('tests'); -}: build_programs_nodep build_engines_nodep
|
||||
@rem {- output_off() if $disabled{tests}; "" -}
|
||||
@{- output_off() if $disabled{tests}; "" -}
|
||||
-mkdir $(BLDDIR)\test\test-runs
|
||||
set SRCTOP=$(SRCDIR)
|
||||
set BLDTOP=$(BLDDIR)
|
||||
|
@ -216,17 +219,17 @@ test: tests
|
|||
set OPENSSL_ENGINES=$(MAKEDIR)\engines
|
||||
set OPENSSL_DEBUG_MEMORY=on
|
||||
"$(PERL)" "$(SRCDIR)\test\run_tests.pl" $(TESTS)
|
||||
@rem {- if ($disabled{tests}) { output_on(); } else { output_off(); } "" -}
|
||||
@echo "Tests are not supported with your chosen Configure options"
|
||||
@rem {- output_on() if !$disabled{tests}; "" -}
|
||||
@{- if ($disabled{tests}) { output_on(); } else { output_off(); } "" -}
|
||||
@$(ECHO) "Tests are not supported with your chosen Configure options"
|
||||
@{- output_on() if !$disabled{tests}; "" -}
|
||||
|
||||
list-tests:
|
||||
@rem {- output_off() if $disabled{tests}; "" -}
|
||||
@{- output_off() if $disabled{tests}; "" -}
|
||||
@set SRCTOP=$(SRCDIR)
|
||||
@"$(PERL)" "$(SRCDIR)\test\run_tests.pl" list
|
||||
@rem {- if ($disabled{tests}) { output_on(); } else { output_off(); } "" -}
|
||||
@echo "Tests are not supported with your chosen Configure options"
|
||||
@rem {- output_on() if !$disabled{tests}; "" -}
|
||||
@{- if ($disabled{tests}) { output_on(); } else { output_off(); } "" -}
|
||||
@$(ECHO) "Tests are not supported with your chosen Configure options"
|
||||
@{- output_on() if !$disabled{tests}; "" -}
|
||||
|
||||
install: install_sw install_ssldirs install_docs
|
||||
|
||||
|
@ -285,16 +288,17 @@ install_ssldirs:
|
|||
"$(OPENSSLDIR)\misc"
|
||||
|
||||
install_dev:
|
||||
@if "$(INSTALLTOP)"=="" ( echo INSTALLTOP should not be empty & exit 1 )
|
||||
@echo *** Installing development files
|
||||
@if "$(INSTALLTOP)"=="" ( $(ECHO) "INSTALLTOP should not be empty" & exit 1 )
|
||||
@$(ECHO) "*** Installing development files"
|
||||
@"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(INSTALLTOP)\include\openssl"
|
||||
@rem {- output_off() unless grep { $_ eq "OPENSSL_USE_APPLINK" } @{$target{defines}}; "" -}
|
||||
@{- output_off() unless grep { $_ eq "OPENSSL_USE_APPLINK" } @{$target{defines}}; "" -}
|
||||
@"$(PERL)" "$(SRCDIR)\util\copy.pl" "$(SRCDIR)\ms\applink.c" \
|
||||
"$(INSTALLTOP)\include\openssl"
|
||||
@rem {- output_on() unless grep { $_ eq "OPENSSL_USE_APPLINK" } @{$target{defines}}; "" -}
|
||||
@"$(PERL)" "$(SRCDIR)\util\copy.pl" "$(SRCDIR)\include\openssl\*.h" \
|
||||
@{- output_on() unless grep { $_ eq "OPENSSL_USE_APPLINK" } @{$target{defines}}; "" -}
|
||||
@"$(PERL)" "$(SRCDIR)\util\copy.pl" "-exclude_re=/__DECC_" \
|
||||
"$(SRCDIR)\include\openssl\*.h" \
|
||||
"$(INSTALLTOP)\include\openssl"
|
||||
@"$(PERL)" "$(SRCDIR)\util\copy.pl" $(BLDDIR)\include\openssl\*.h \
|
||||
@"$(PERL)" "$(SRCDIR)\util\copy.pl" "$(BLDDIR)\include\openssl\*.h" \
|
||||
"$(INSTALLTOP)\include\openssl"
|
||||
@"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(INSTALLTOP)\$(LIBDIR)"
|
||||
@"$(PERL)" "$(SRCDIR)\util\copy.pl" $(INSTALL_LIBS) \
|
||||
|
@ -306,8 +310,8 @@ install_dev:
|
|||
uninstall_dev:
|
||||
|
||||
install_engines:
|
||||
@if "$(INSTALLTOP)"=="" ( echo INSTALLTOP should not be empty & exit 1 )
|
||||
@echo *** Installing engines
|
||||
@if "$(INSTALLTOP)"=="" ( $(ECHO) "INSTALLTOP should not be empty" & exit 1 )
|
||||
@$(ECHO) "*** Installing engines"
|
||||
@"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(ENGINESDIR)"
|
||||
@if not "$(ENGINES)"=="" \
|
||||
"$(PERL)" "$(SRCDIR)\util\copy.pl" $(INSTALL_ENGINES) "$(ENGINESDIR)"
|
||||
|
@ -317,8 +321,8 @@ install_engines:
|
|||
uninstall_engines:
|
||||
|
||||
install_runtime:
|
||||
@if "$(INSTALLTOP)"=="" ( echo INSTALLTOP should not be empty & exit 1 )
|
||||
@echo *** Installing runtime files
|
||||
@if "$(INSTALLTOP)"=="" ( $(ECHO) "INSTALLTOP should not be empty" & exit 1 )
|
||||
@$(ECHO) "*** Installing runtime files"
|
||||
@"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(INSTALLTOP)\bin"
|
||||
@if not "$(SHLIBS)"=="" \
|
||||
"$(PERL)" "$(SRCDIR)\util\copy.pl" $(INSTALL_SHLIBS) "$(INSTALLTOP)\bin"
|
||||
|
@ -343,14 +347,14 @@ uninstall_html_docs:
|
|||
# Building targets ###################################################
|
||||
|
||||
configdata.pm: "$(SRCDIR)\Configure" {- join(" ", map { '"'.$_.'"' } @{$config{build_file_templates}}, @{$config{build_infos}}, @{$config{conf_files}}) -}
|
||||
@echo "Detected changed: $?"
|
||||
@echo "Reconfiguring..."
|
||||
@$(ECHO) "Detected changed: $?"
|
||||
@$(ECHO) "Reconfiguring..."
|
||||
"$(PERL)" "$(SRCDIR)\Configure" reconf
|
||||
@echo "**************************************************"
|
||||
@echo "*** ***"
|
||||
@echo "*** Please run the same make command again ***"
|
||||
@echo "*** ***"
|
||||
@echo "**************************************************"
|
||||
@$(ECHO) "**************************************************"
|
||||
@$(ECHO) "*** ***"
|
||||
@$(ECHO) "*** Please run the same make command again ***"
|
||||
@$(ECHO) "*** ***"
|
||||
@$(ECHO) "**************************************************"
|
||||
@exit 1
|
||||
|
||||
{-
|
||||
|
@ -604,8 +608,6 @@ EOF
|
|||
foreach my $prod (@{$unified_info{dirinfo}->{$dir}->{products}->{$type}}) {
|
||||
if (dirname($prod) eq $dir) {
|
||||
push @deps, $prod.$extinfo{$type};
|
||||
} else {
|
||||
push @actions, "\t@rem No support to produce $type ".join(", ", @{$unified_info{dirinfo}->{$dir}->{products}->{$type}});
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -20,6 +20,9 @@ use OpenSSL::Glob;
|
|||
|
||||
# see INSTALL for instructions.
|
||||
|
||||
my $orig_death_handler = $SIG{__DIE__};
|
||||
$SIG{__DIE__} = \&death_handler;
|
||||
|
||||
my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";
|
||||
|
||||
# Options:
|
||||
|
@ -756,21 +759,21 @@ while (@argvcopy)
|
|||
else
|
||||
{ $config{options} .= " ".$_; }
|
||||
}
|
||||
}
|
||||
|
||||
if (defined($config{api}) && !exists $apitable->{$config{api}}) {
|
||||
die "***** Unsupported api compatibility level: $config{api}\n",
|
||||
}
|
||||
if (defined($config{api}) && !exists $apitable->{$config{api}}) {
|
||||
die "***** Unsupported api compatibility level: $config{api}\n",
|
||||
}
|
||||
|
||||
if (keys %deprecated_options)
|
||||
{
|
||||
warn "***** Deprecated options: ",
|
||||
join(", ", keys %deprecated_options), "\n";
|
||||
}
|
||||
if (keys %unsupported_options)
|
||||
{
|
||||
die "***** Unsupported options: ",
|
||||
join(", ", keys %unsupported_options), "\n";
|
||||
}
|
||||
if (keys %deprecated_options)
|
||||
{
|
||||
warn "***** Deprecated options: ",
|
||||
join(", ", keys %deprecated_options), "\n";
|
||||
}
|
||||
if (keys %unsupported_options)
|
||||
{
|
||||
die "***** Unsupported options: ",
|
||||
join(", ", keys %unsupported_options), "\n";
|
||||
}
|
||||
|
||||
if ($libs =~ /(^|\s)-Wl,-rpath,/
|
||||
|
@ -908,11 +911,12 @@ if ($d) {
|
|||
$target = $t;
|
||||
}
|
||||
}
|
||||
|
||||
&usage if !$table{$target} || $table{$target}->{template};
|
||||
|
||||
$config{target} = $target;
|
||||
my %target = resolve_config($target);
|
||||
|
||||
&usage if (!%target || $target{template});
|
||||
|
||||
my %conf_files = map { $_ => 1 } (@{$target{_conf_fname_int}});
|
||||
$config{conf_files} = [ sort keys %conf_files ];
|
||||
%target = ( %{$table{DEFAULTS}}, %target );
|
||||
|
@ -1215,8 +1219,10 @@ if ($^O ne "VMS") {
|
|||
|
||||
if (!$disabled{makedepend}) {
|
||||
# We know that GNU C version 3 and up as well as all clang
|
||||
# versions support dependency generation
|
||||
if ($predefined{__GNUC__} >= 3) {
|
||||
# versions support dependency generation, but Xcode did not
|
||||
# handle $cc -M before clang support (but claims __GNUC__ = 3)
|
||||
if (($predefined{__GNUC__} // -1) >= 3
|
||||
&& !($predefined{__APPLE_CC__} && !$predefined{__clang__})) {
|
||||
$config{makedepprog} = $cc;
|
||||
} else {
|
||||
$config{makedepprog} = which('makedepend');
|
||||
|
@ -2125,6 +2131,8 @@ my %builders = (
|
|||
|
||||
$builders{$builder}->($builder_platform, @builder_opts);
|
||||
|
||||
$SIG{__DIE__} = $orig_death_handler;
|
||||
|
||||
print <<"EOF";
|
||||
|
||||
Configured for $target.
|
||||
|
@ -2153,6 +2161,24 @@ exit(0);
|
|||
# Helpers and utility functions
|
||||
#
|
||||
|
||||
# Death handler, to print a helpful message in case of failure #######
|
||||
#
|
||||
sub death_handler {
|
||||
die @_ if $^S; # To prevent the added message in eval blocks
|
||||
my $build_file = $target{build_file} // "build file";
|
||||
my @message = ( <<"_____", @_ );
|
||||
|
||||
Failure! $build_file wasn't produced.
|
||||
Please read INSTALL and associated NOTES files. You may also have to look over
|
||||
your available compiler tool chain or change your configuration.
|
||||
|
||||
_____
|
||||
|
||||
# Dying is terminal, so it's ok to reset the signal handler here.
|
||||
$SIG{__DIE__} = $orig_death_handler;
|
||||
die @message;
|
||||
}
|
||||
|
||||
# Configuration file reading #########################################
|
||||
|
||||
# Note: All of the helper functions are for lazy evaluation. They all
|
||||
|
|
|
@ -3,7 +3,8 @@
|
|||
--------------------
|
||||
|
||||
This document describes installation on all supported operating
|
||||
systems (the Linux/Unix family, OpenVMS and Windows)
|
||||
systems (the Unix/Linux family (which includes Mac OS/X), OpenVMS,
|
||||
and Windows).
|
||||
|
||||
To install OpenSSL, you will need:
|
||||
|
||||
|
@ -76,7 +77,7 @@
|
|||
|
||||
If you want to just get on with it, do:
|
||||
|
||||
on Unix:
|
||||
on Unix (again, this includes Mac OS/X):
|
||||
|
||||
$ ./config
|
||||
$ make
|
||||
|
|
File diff suppressed because one or more lines are too long
|
@ -5,6 +5,11 @@
|
|||
This file gives a brief overview of the major changes between each OpenSSL
|
||||
release. For more details please read the CHANGES file.
|
||||
|
||||
Major changes between OpenSSL 1.1.0h and OpenSSL 1.1.0i [14 Aug 2018]
|
||||
|
||||
o Client DoS due to large DH parameter (CVE-2018-0732)
|
||||
o Cache timing vulnerability in RSA Key Generation (CVE-2018-0737)
|
||||
|
||||
Major changes between OpenSSL 1.1.0g and OpenSSL 1.1.0h [27 Mar 2018]
|
||||
|
||||
o Constructed ASN.1 types with a recursive definition could exceed the
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
|
||||
OpenSSL 1.1.0h 27 Mar 2018
|
||||
OpenSSL 1.1.0i 14 Aug 2018
|
||||
|
||||
Copyright (c) 1998-2016 The OpenSSL Project
|
||||
Copyright (c) 1998-2018 The OpenSSL Project
|
||||
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
|
||||
All rights reserved.
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -1012,7 +1012,8 @@ int set_name_ex(unsigned long *flags, const char *arg)
|
|||
};
|
||||
if (set_multi_opts(flags, arg, ex_tbl) == 0)
|
||||
return 0;
|
||||
if ((*flags & XN_FLAG_SEP_MASK) == 0)
|
||||
if (*flags != XN_FLAG_COMPAT
|
||||
&& (*flags & XN_FLAG_SEP_MASK) == 0)
|
||||
*flags |= XN_FLAG_SEP_CPLUS_SPC;
|
||||
return 1;
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -41,7 +41,7 @@ OPTIONS asn1parse_options[] = {
|
|||
{"dump", OPT_DUMP, 0, "unknown data in hex form"},
|
||||
{"dlimit", OPT_DLIMIT, 'p',
|
||||
"dump the first arg bytes of unknown data in hex form"},
|
||||
{"strparse", OPT_STRPARSE, 's',
|
||||
{"strparse", OPT_STRPARSE, 'p',
|
||||
"offset; a series of these can be used to 'dig'"},
|
||||
{OPT_MORE_STR, 0, 0, "into multiple ASN1 blob wrappings"},
|
||||
{"genstr", OPT_GENSTR, 's', "string to generate ASN1 structure from"},
|
||||
|
@ -113,13 +113,13 @@ int asn1parse_main(int argc, char **argv)
|
|||
offset = strtol(opt_arg(), NULL, 0);
|
||||
break;
|
||||
case OPT_LENGTH:
|
||||
length = atoi(opt_arg());
|
||||
length = strtol(opt_arg(), NULL, 0);
|
||||
break;
|
||||
case OPT_DUMP:
|
||||
dump = -1;
|
||||
break;
|
||||
case OPT_DLIMIT:
|
||||
dump = atoi(opt_arg());
|
||||
dump = strtol(opt_arg(), NULL, 0);
|
||||
break;
|
||||
case OPT_STRPARSE:
|
||||
sk_OPENSSL_STRING_push(osk, opt_arg());
|
||||
|
@ -191,7 +191,7 @@ int asn1parse_main(int argc, char **argv)
|
|||
|
||||
num = 0;
|
||||
for (;;) {
|
||||
if (!BUF_MEM_grow(buf, (int)num + BUFSIZ))
|
||||
if (!BUF_MEM_grow(buf, num + BUFSIZ))
|
||||
goto end;
|
||||
i = BIO_read(in, &(buf->data[num]), BUFSIZ);
|
||||
if (i <= 0)
|
||||
|
@ -211,9 +211,9 @@ int asn1parse_main(int argc, char **argv)
|
|||
for (i = 0; i < sk_OPENSSL_STRING_num(osk); i++) {
|
||||
ASN1_TYPE *atmp;
|
||||
int typ;
|
||||
j = atoi(sk_OPENSSL_STRING_value(osk, i));
|
||||
if (j == 0) {
|
||||
BIO_printf(bio_err, "'%s' is an invalid number\n",
|
||||
j = strtol(sk_OPENSSL_STRING_value(osk, i), NULL, 0);
|
||||
if (j <= 0 || j >= tmplen) {
|
||||
BIO_printf(bio_err, "'%s' is out of range\n",
|
||||
sk_OPENSSL_STRING_value(osk, i));
|
||||
continue;
|
||||
}
|
||||
|
@ -244,14 +244,14 @@ int asn1parse_main(int argc, char **argv)
|
|||
num = tmplen;
|
||||
}
|
||||
|
||||
if (offset >= num) {
|
||||
BIO_printf(bio_err, "Error: offset too large\n");
|
||||
if (offset < 0 || offset >= num) {
|
||||
BIO_printf(bio_err, "Error: offset out of range\n");
|
||||
goto end;
|
||||
}
|
||||
|
||||
num -= offset;
|
||||
|
||||
if ((length == 0) || ((long)length > num))
|
||||
if (length == 0 || length > (unsigned int)num)
|
||||
length = (unsigned int)num;
|
||||
if (derout) {
|
||||
if (BIO_write(derout, str + offset, length) != (int)length) {
|
||||
|
|
|
@ -725,10 +725,10 @@ end_of_options:
|
|||
|
||||
/*****************************************************************/
|
||||
if (req || gencrl) {
|
||||
/* FIXME: Is it really always text? */
|
||||
Sout = bio_open_default(outfile, 'w', FORMAT_TEXT);
|
||||
if (Sout == NULL)
|
||||
goto end;
|
||||
if (spkac_file != NULL) {
|
||||
output_der = 1;
|
||||
batch = 1;
|
||||
}
|
||||
}
|
||||
|
||||
if (md == NULL
|
||||
|
@ -872,10 +872,6 @@ end_of_options:
|
|||
BIO_printf(bio_err, "Memory allocation failure\n");
|
||||
goto end;
|
||||
}
|
||||
if (outfile) {
|
||||
output_der = 1;
|
||||
batch = 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
if (ss_cert_file != NULL) {
|
||||
|
@ -929,10 +925,13 @@ end_of_options:
|
|||
if (j > 0) {
|
||||
total_done++;
|
||||
BIO_printf(bio_err, "\n");
|
||||
if (!BN_add_word(serial, 1))
|
||||
if (!BN_add_word(serial, 1)) {
|
||||
X509_free(x);
|
||||
goto end;
|
||||
}
|
||||
if (!sk_X509_push(cert_sk, x)) {
|
||||
BIO_printf(bio_err, "Memory allocation failure\n");
|
||||
X509_free(x);
|
||||
goto end;
|
||||
}
|
||||
}
|
||||
|
@ -1017,6 +1016,11 @@ end_of_options:
|
|||
if (verbose)
|
||||
BIO_printf(bio_err, "writing %s\n", buf[2]);
|
||||
|
||||
Sout = bio_open_default(outfile, 'w',
|
||||
output_der ? FORMAT_ASN1 : FORMAT_TEXT);
|
||||
if (Sout == NULL)
|
||||
goto end;
|
||||
|
||||
Cout = BIO_new_file(buf[2], "w");
|
||||
if (Cout == NULL) {
|
||||
perror(buf[2]);
|
||||
|
@ -1025,6 +1029,8 @@ end_of_options:
|
|||
write_new_certificate(Cout, xi, 0, notext);
|
||||
write_new_certificate(Sout, xi, output_der, notext);
|
||||
BIO_free_all(Cout);
|
||||
BIO_free_all(Sout);
|
||||
Sout = NULL;
|
||||
}
|
||||
|
||||
if (sk_X509_num(cert_sk)) {
|
||||
|
@ -1173,6 +1179,11 @@ end_of_options:
|
|||
if (!do_X509_CRL_sign(crl, pkey, dgst, sigopts))
|
||||
goto end;
|
||||
|
||||
Sout = bio_open_default(outfile, 'w',
|
||||
output_der ? FORMAT_ASN1 : FORMAT_TEXT);
|
||||
if (Sout == NULL)
|
||||
goto end;
|
||||
|
||||
PEM_write_bio_X509_CRL(Sout, crl);
|
||||
|
||||
if (crlnumberfile != NULL) /* Rename the crlnumber file */
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -151,6 +151,11 @@ int dhparam_main(int argc, char **argv)
|
|||
goto end;
|
||||
}
|
||||
# endif
|
||||
|
||||
out = bio_open_default(outfile, 'w', outformat);
|
||||
if (out == NULL)
|
||||
goto end;
|
||||
|
||||
/* DH parameters */
|
||||
if (num && !g)
|
||||
g = 2;
|
||||
|
@ -266,10 +271,6 @@ int dhparam_main(int argc, char **argv)
|
|||
/* dh != NULL */
|
||||
}
|
||||
|
||||
out = bio_open_default(outfile, 'w', outformat);
|
||||
if (out == NULL)
|
||||
goto end;
|
||||
|
||||
if (text) {
|
||||
DHparams_print(out, dh);
|
||||
}
|
||||
|
|
|
@ -226,25 +226,28 @@ int dsaparam_main(int argc, char **argv)
|
|||
|
||||
data = app_malloc(len + 20, "BN space");
|
||||
|
||||
BIO_printf(bio_out, "DSA *get_dsa%d()\n{\n", bits_p);
|
||||
print_bignum_var(bio_out, p, "dsap", len, data);
|
||||
print_bignum_var(bio_out, q, "dsaq", len, data);
|
||||
print_bignum_var(bio_out, g, "dsag", len, data);
|
||||
BIO_printf(bio_out, "static DSA *get_dsa%d(void)\n{\n", bits_p);
|
||||
print_bignum_var(bio_out, p, "dsap", bits_p, data);
|
||||
print_bignum_var(bio_out, q, "dsaq", bits_p, data);
|
||||
print_bignum_var(bio_out, g, "dsag", bits_p, data);
|
||||
BIO_printf(bio_out, " DSA *dsa = DSA_new();\n"
|
||||
" BIGNUM *p, *q, *g;\n"
|
||||
"\n");
|
||||
BIO_printf(bio_out, " if (dsa == NULL)\n"
|
||||
" return NULL;\n");
|
||||
BIO_printf(bio_out, " dsa->p = BN_bin2bn(dsap_%d, sizeof(dsap_%d), NULL);\n",
|
||||
bits_p, bits_p);
|
||||
BIO_printf(bio_out, " dsa->q = BN_bin2bn(dsaq_%d, sizeof(dsaq_%d), NULL);\n",
|
||||
bits_p, bits_p);
|
||||
BIO_printf(bio_out, " dsa->g = BN_bin2bn(dsag_%d, sizeof(dsag_%d), NULL);\n",
|
||||
bits_p, bits_p);
|
||||
BIO_printf(bio_out, " if (!dsa->p || !dsa->q || !dsa->g) {\n"
|
||||
" DSA_free(dsa);\n"
|
||||
BIO_printf(bio_out, " if (!DSA_set0_pqg(dsa, p = BN_bin2bn(dsap_%d, sizeof(dsap_%d), NULL),\n",
|
||||
bits_p, bits_p);
|
||||
BIO_printf(bio_out, " q = BN_bin2bn(dsaq_%d, sizeof(dsaq_%d), NULL),\n",
|
||||
bits_p, bits_p);
|
||||
BIO_printf(bio_out, " g = BN_bin2bn(dsag_%d, sizeof(dsag_%d), NULL))) {\n",
|
||||
bits_p, bits_p);
|
||||
BIO_printf(bio_out, " DSA_free(dsa);\n"
|
||||
" BN_free(p);\n"
|
||||
" BN_free(q);\n"
|
||||
" BN_free(g);\n"
|
||||
" return NULL;\n"
|
||||
" }\n"
|
||||
" return(dsa);\n}\n");
|
||||
" return dsa;\n}\n");
|
||||
OPENSSL_free(data);
|
||||
}
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -639,7 +639,6 @@ int ocsp_main(int argc, char **argv)
|
|||
OCSP_response_status_str(i), i);
|
||||
if (ignore_err)
|
||||
goto redo_accept;
|
||||
ret = 0;
|
||||
goto end;
|
||||
}
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -130,9 +130,10 @@ static int add_entry(enum Type type, unsigned int hash, const char *filename,
|
|||
for (ep = bp->first_entry; ep; ep = ep->next) {
|
||||
if (digest && memcmp(digest, ep->digest, evpmdsize) == 0) {
|
||||
BIO_printf(bio_err,
|
||||
"%s: skipping duplicate %s in %s\n", opt_getprog(),
|
||||
"%s: warning: skipping duplicate %s in %s\n",
|
||||
opt_getprog(),
|
||||
type == TYPE_CERT ? "certificate" : "CRL", filename);
|
||||
return 1;
|
||||
return 0;
|
||||
}
|
||||
if (strcmp(filename, ep->filename) == 0) {
|
||||
found = ep;
|
||||
|
@ -144,7 +145,7 @@ static int add_entry(enum Type type, unsigned int hash, const char *filename,
|
|||
if (ep == NULL) {
|
||||
if (bp->num_needed >= MAX_COLLISIONS) {
|
||||
BIO_printf(bio_err,
|
||||
"%s: hash table overflow for %s\n",
|
||||
"%s: error: hash table overflow for %s\n",
|
||||
opt_getprog(), filename);
|
||||
return 1;
|
||||
}
|
||||
|
@ -235,7 +236,7 @@ static int do_file(const char *filename, const char *fullpath, enum Hash h)
|
|||
|
||||
/* Does it have X.509 data in it? */
|
||||
if ((b = BIO_new_file(fullpath, "r")) == NULL) {
|
||||
BIO_printf(bio_err, "%s: skipping %s, cannot open file\n",
|
||||
BIO_printf(bio_err, "%s: error: skipping %s, cannot open file\n",
|
||||
opt_getprog(), filename);
|
||||
errs++;
|
||||
goto end;
|
||||
|
@ -247,7 +248,7 @@ static int do_file(const char *filename, const char *fullpath, enum Hash h)
|
|||
|
||||
if (sk_X509_INFO_num(inf) != 1) {
|
||||
BIO_printf(bio_err,
|
||||
"%s: skipping %s,"
|
||||
"%s: warning: skipping %s,"
|
||||
"it does not contain exactly one certificate or CRL\n",
|
||||
opt_getprog(), filename);
|
||||
/* This is not an error. */
|
||||
|
@ -502,13 +503,14 @@ int rehash_main(int argc, char **argv)
|
|||
if (*argv) {
|
||||
while (*argv)
|
||||
errs += do_dir(*argv++, h);
|
||||
} else if ((env = getenv("SSL_CERT_DIR")) != NULL) {
|
||||
} else if ((env = getenv(X509_get_default_cert_dir_env())) != NULL) {
|
||||
char lsc[2] = { LIST_SEPARATOR_CHAR, '\0' };
|
||||
m = OPENSSL_strdup(env);
|
||||
for (e = strtok(m, ":"); e != NULL; e = strtok(NULL, ":"))
|
||||
for (e = strtok(m, lsc); e != NULL; e = strtok(NULL, lsc))
|
||||
errs += do_dir(e, h);
|
||||
OPENSSL_free(m);
|
||||
} else {
|
||||
errs += do_dir("/etc/ssl/certs", h);
|
||||
errs += do_dir(X509_get_default_cert_dir(), h);
|
||||
}
|
||||
|
||||
end:
|
||||
|
|
|
@ -593,7 +593,8 @@ OPTIONS s_client_options[] = {
|
|||
"Disable name checks when matching DANE-EE(3) TLSA records"},
|
||||
{"reconnect", OPT_RECONNECT, '-',
|
||||
"Drop and re-make the connection with the same Session-ID"},
|
||||
{"showcerts", OPT_SHOWCERTS, '-', "Show all certificates in the chain"},
|
||||
{"showcerts", OPT_SHOWCERTS, '-',
|
||||
"Show all certificates sent by the server"},
|
||||
{"debug", OPT_DEBUG, '-', "Extra output"},
|
||||
{"msg", OPT_MSG, '-', "Show protocol messages"},
|
||||
{"msgfile", OPT_MSGFILE, '>',
|
||||
|
@ -2114,8 +2115,7 @@ int s_client_main(int argc, char **argv)
|
|||
FD_ZERO(&readfds);
|
||||
FD_ZERO(&writefds);
|
||||
|
||||
if ((SSL_version(con) == DTLS1_VERSION) &&
|
||||
DTLSv1_get_timeout(con, &timeout))
|
||||
if (SSL_is_dtls(con) && DTLSv1_get_timeout(con, &timeout))
|
||||
timeoutp = &timeout;
|
||||
else
|
||||
timeoutp = NULL;
|
||||
|
@ -2235,10 +2235,8 @@ int s_client_main(int argc, char **argv)
|
|||
}
|
||||
}
|
||||
|
||||
if ((SSL_version(con) == DTLS1_VERSION)
|
||||
&& DTLSv1_handle_timeout(con) > 0) {
|
||||
if (SSL_is_dtls(con) && DTLSv1_handle_timeout(con) > 0)
|
||||
BIO_printf(bio_err, "TIMEOUT occurred\n");
|
||||
}
|
||||
|
||||
if (!ssl_pending && FD_ISSET(SSL_get_fd(con), &writefds)) {
|
||||
k = SSL_write(con, &(cbuf[cbuf_off]), (unsigned int)cbuf_len);
|
||||
|
|
|
@ -2012,9 +2012,7 @@ static int sv_body(int s, int stype, unsigned char *context)
|
|||
SSL *con = NULL;
|
||||
BIO *sbio;
|
||||
struct timeval timeout;
|
||||
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
|
||||
struct timeval tv;
|
||||
#else
|
||||
#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS))
|
||||
struct timeval *timeoutp;
|
||||
#endif
|
||||
|
||||
|
@ -2149,26 +2147,23 @@ static int sv_body(int s, int stype, unsigned char *context)
|
|||
* second and check for any keypress. In a proper Windows
|
||||
* application we wouldn't do this because it is inefficient.
|
||||
*/
|
||||
tv.tv_sec = 1;
|
||||
tv.tv_usec = 0;
|
||||
i = select(width, (void *)&readfds, NULL, NULL, &tv);
|
||||
timeout.tv_sec = 1;
|
||||
timeout.tv_usec = 0;
|
||||
i = select(width, (void *)&readfds, NULL, NULL, &timeout);
|
||||
if (has_stdin_waiting())
|
||||
read_from_terminal = 1;
|
||||
if ((i < 0) || (!i && !read_from_terminal))
|
||||
continue;
|
||||
#else
|
||||
if ((SSL_version(con) == DTLS1_VERSION) &&
|
||||
DTLSv1_get_timeout(con, &timeout))
|
||||
if (SSL_is_dtls(con) && DTLSv1_get_timeout(con, &timeout))
|
||||
timeoutp = &timeout;
|
||||
else
|
||||
timeoutp = NULL;
|
||||
|
||||
i = select(width, (void *)&readfds, NULL, NULL, timeoutp);
|
||||
|
||||
if ((SSL_version(con) == DTLS1_VERSION)
|
||||
&& DTLSv1_handle_timeout(con) > 0) {
|
||||
if ((SSL_is_dtls(con)) && DTLSv1_handle_timeout(con) > 0)
|
||||
BIO_printf(bio_err, "TIMEOUT occurred\n");
|
||||
}
|
||||
|
||||
if (i <= 0)
|
||||
continue;
|
||||
|
|
|
@ -129,13 +129,6 @@
|
|||
#define BUFSIZE (1024*16+1)
|
||||
#define MAX_MISALIGNMENT 63
|
||||
|
||||
#define ALGOR_NUM 30
|
||||
#define SIZE_NUM 6
|
||||
#define PRIME_NUM 3
|
||||
#define RSA_NUM 7
|
||||
#define DSA_NUM 3
|
||||
|
||||
#define EC_NUM 17
|
||||
#define MAX_ECDH_SIZE 256
|
||||
#define MISALIGN 64
|
||||
|
||||
|
@ -144,37 +137,6 @@ static volatile int run = 0;
|
|||
static int mr = 0;
|
||||
static int usertime = 1;
|
||||
|
||||
typedef void *(*kdf_fn) (
|
||||
const void *in, size_t inlen, void *out, size_t *xoutlen);
|
||||
|
||||
typedef struct loopargs_st {
|
||||
ASYNC_JOB *inprogress_job;
|
||||
ASYNC_WAIT_CTX *wait_ctx;
|
||||
unsigned char *buf;
|
||||
unsigned char *buf2;
|
||||
unsigned char *buf_malloc;
|
||||
unsigned char *buf2_malloc;
|
||||
unsigned int siglen;
|
||||
#ifndef OPENSSL_NO_RSA
|
||||
RSA *rsa_key[RSA_NUM];
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_DSA
|
||||
DSA *dsa_key[DSA_NUM];
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_EC
|
||||
EC_KEY *ecdsa[EC_NUM];
|
||||
EC_KEY *ecdh_a[EC_NUM];
|
||||
EC_KEY *ecdh_b[EC_NUM];
|
||||
unsigned char *secret_a;
|
||||
unsigned char *secret_b;
|
||||
size_t outlen;
|
||||
kdf_fn kdf;
|
||||
#endif
|
||||
EVP_CIPHER_CTX *ctx;
|
||||
HMAC_CTX *hctx;
|
||||
GCM128_CONTEXT *gcm_ctx;
|
||||
} loopargs_t;
|
||||
|
||||
#ifndef OPENSSL_NO_MD2
|
||||
static int EVP_Digest_MD2_loop(void *args);
|
||||
#endif
|
||||
|
@ -227,7 +189,6 @@ static int ECDSA_sign_loop(void *args);
|
|||
static int ECDSA_verify_loop(void *args);
|
||||
static int ECDH_compute_key_loop(void *args);
|
||||
#endif
|
||||
static int run_benchmark(int async_jobs, int (*loop_function)(void *), loopargs_t *loopargs);
|
||||
|
||||
static double Time_F(int s);
|
||||
static void print_message(const char *s, long num, int length);
|
||||
|
@ -238,32 +199,10 @@ static void print_result(int alg, int run_no, int count, double time_used);
|
|||
static int do_multi(int multi);
|
||||
#endif
|
||||
|
||||
static const char *names[ALGOR_NUM] = {
|
||||
"md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
|
||||
"des cbc", "des ede3", "idea cbc", "seed cbc",
|
||||
"rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
|
||||
"aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
|
||||
"camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
|
||||
"evp", "sha256", "sha512", "whirlpool",
|
||||
"aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash"
|
||||
};
|
||||
|
||||
static double results[ALGOR_NUM][SIZE_NUM];
|
||||
|
||||
static const int lengths[SIZE_NUM] = {
|
||||
static const int lengths[] = {
|
||||
16, 64, 256, 1024, 8 * 1024, 16 * 1024
|
||||
};
|
||||
|
||||
#ifndef OPENSSL_NO_RSA
|
||||
static double rsa_results[RSA_NUM][2];
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_DSA
|
||||
static double dsa_results[DSA_NUM][2];
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_EC
|
||||
static double ecdsa_results[EC_NUM][2];
|
||||
static double ecdh_results[EC_NUM][1];
|
||||
#endif
|
||||
#define SIZE_NUM OSSL_NELEM(lengths)
|
||||
|
||||
#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
|
||||
static const char rnd_seed[] =
|
||||
|
@ -348,9 +287,14 @@ static double Time_F(int s)
|
|||
|
||||
static void multiblock_speed(const EVP_CIPHER *evp_cipher);
|
||||
|
||||
static int found(const char *name, const OPT_PAIR *pairs, int *result)
|
||||
#define found(value, pairs, result)\
|
||||
opt_found(value, result, pairs, OSSL_NELEM(pairs))
|
||||
static int opt_found(const char *name, unsigned int *result,
|
||||
const OPT_PAIR pairs[], unsigned int nbelem)
|
||||
{
|
||||
for (; pairs->name; pairs++)
|
||||
unsigned int idx;
|
||||
|
||||
for (idx = 0; idx < nbelem; ++idx, pairs++)
|
||||
if (strcmp(name, pairs->name) == 0) {
|
||||
*result = pairs->retval;
|
||||
return 1;
|
||||
|
@ -387,7 +331,7 @@ OPTIONS speed_options[] = {
|
|||
#ifndef OPENSSL_NO_ENGINE
|
||||
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
|
||||
#endif
|
||||
{NULL},
|
||||
{NULL}
|
||||
};
|
||||
|
||||
#define D_MD2 0
|
||||
|
@ -420,7 +364,19 @@ OPTIONS speed_options[] = {
|
|||
#define D_IGE_192_AES 27
|
||||
#define D_IGE_256_AES 28
|
||||
#define D_GHASH 29
|
||||
static OPT_PAIR doit_choices[] = {
|
||||
/* name of algorithms to test */
|
||||
static const char *names[] = {
|
||||
"md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
|
||||
"des cbc", "des ede3", "idea cbc", "seed cbc",
|
||||
"rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
|
||||
"aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
|
||||
"camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
|
||||
"evp", "sha256", "sha512", "whirlpool",
|
||||
"aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash"
|
||||
};
|
||||
#define ALGOR_NUM OSSL_NELEM(names)
|
||||
/* list of configured algorithm (remaining) */
|
||||
static const OPT_PAIR doit_choices[] = {
|
||||
#ifndef OPENSSL_NO_MD2
|
||||
{"md2", D_MD2},
|
||||
#endif
|
||||
|
@ -484,21 +440,24 @@ static OPT_PAIR doit_choices[] = {
|
|||
{"cast", D_CBC_CAST},
|
||||
{"cast5", D_CBC_CAST},
|
||||
#endif
|
||||
{"ghash", D_GHASH},
|
||||
{NULL}
|
||||
{"ghash", D_GHASH}
|
||||
};
|
||||
|
||||
static double results[ALGOR_NUM][SIZE_NUM];
|
||||
|
||||
#ifndef OPENSSL_NO_DSA
|
||||
# define R_DSA_512 0
|
||||
# define R_DSA_1024 1
|
||||
# define R_DSA_2048 2
|
||||
static OPT_PAIR dsa_choices[] = {
|
||||
static const OPT_PAIR dsa_choices[] = {
|
||||
{"dsa512", R_DSA_512},
|
||||
{"dsa1024", R_DSA_1024},
|
||||
{"dsa2048", R_DSA_2048},
|
||||
{NULL},
|
||||
{"dsa2048", R_DSA_2048}
|
||||
};
|
||||
#endif
|
||||
# define DSA_NUM OSSL_NELEM(dsa_choices)
|
||||
|
||||
static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
|
||||
#endif /* OPENSSL_NO_DSA */
|
||||
|
||||
#define R_RSA_512 0
|
||||
#define R_RSA_1024 1
|
||||
|
@ -507,16 +466,18 @@ static OPT_PAIR dsa_choices[] = {
|
|||
#define R_RSA_4096 4
|
||||
#define R_RSA_7680 5
|
||||
#define R_RSA_15360 6
|
||||
static OPT_PAIR rsa_choices[] = {
|
||||
static const OPT_PAIR rsa_choices[] = {
|
||||
{"rsa512", R_RSA_512},
|
||||
{"rsa1024", R_RSA_1024},
|
||||
{"rsa2048", R_RSA_2048},
|
||||
{"rsa3072", R_RSA_3072},
|
||||
{"rsa4096", R_RSA_4096},
|
||||
{"rsa7680", R_RSA_7680},
|
||||
{"rsa15360", R_RSA_15360},
|
||||
{NULL}
|
||||
{"rsa15360", R_RSA_15360}
|
||||
};
|
||||
# define RSA_NUM OSSL_NELEM(rsa_choices)
|
||||
|
||||
static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
|
||||
|
||||
#define R_EC_P160 0
|
||||
#define R_EC_P192 1
|
||||
|
@ -536,7 +497,7 @@ static OPT_PAIR rsa_choices[] = {
|
|||
#define R_EC_B571 15
|
||||
#define R_EC_X25519 16
|
||||
#ifndef OPENSSL_NO_EC
|
||||
static OPT_PAIR ecdsa_choices[] = {
|
||||
static const OPT_PAIR ecdsa_choices[] = {
|
||||
{"ecdsap160", R_EC_P160},
|
||||
{"ecdsap192", R_EC_P192},
|
||||
{"ecdsap224", R_EC_P224},
|
||||
|
@ -552,11 +513,13 @@ static OPT_PAIR ecdsa_choices[] = {
|
|||
{"ecdsab233", R_EC_B233},
|
||||
{"ecdsab283", R_EC_B283},
|
||||
{"ecdsab409", R_EC_B409},
|
||||
{"ecdsab571", R_EC_B571},
|
||||
{NULL}
|
||||
{"ecdsab571", R_EC_B571}
|
||||
};
|
||||
# define ECDSA_NUM OSSL_NELEM(ecdsa_choices)
|
||||
|
||||
static OPT_PAIR ecdh_choices[] = {
|
||||
static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
|
||||
|
||||
static const OPT_PAIR ecdh_choices[] = {
|
||||
{"ecdhp160", R_EC_P160},
|
||||
{"ecdhp192", R_EC_P192},
|
||||
{"ecdhp224", R_EC_P224},
|
||||
|
@ -576,7 +539,10 @@ static OPT_PAIR ecdh_choices[] = {
|
|||
{"ecdhx25519", R_EC_X25519},
|
||||
{NULL}
|
||||
};
|
||||
#endif
|
||||
# define EC_NUM OSSL_NELEM(ecdh_choices)
|
||||
|
||||
static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
|
||||
#endif /* OPENSSL_NO_EC */
|
||||
|
||||
#ifndef SIGALRM
|
||||
# define COND(d) (count < (d))
|
||||
|
@ -586,7 +552,40 @@ static OPT_PAIR ecdh_choices[] = {
|
|||
# define COUNT(d) (count)
|
||||
#endif /* SIGALRM */
|
||||
|
||||
static int testnum;
|
||||
static unsigned int testnum;
|
||||
typedef void *(*kdf_fn) (const void *in, size_t inlen, void *out,
|
||||
size_t *xoutlen);
|
||||
|
||||
typedef struct loopargs_st {
|
||||
ASYNC_JOB *inprogress_job;
|
||||
ASYNC_WAIT_CTX *wait_ctx;
|
||||
unsigned char *buf;
|
||||
unsigned char *buf2;
|
||||
unsigned char *buf_malloc;
|
||||
unsigned char *buf2_malloc;
|
||||
unsigned int siglen;
|
||||
#ifndef OPENSSL_NO_RSA
|
||||
RSA *rsa_key[RSA_NUM];
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_DSA
|
||||
DSA *dsa_key[DSA_NUM];
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_EC
|
||||
EC_KEY *ecdsa[ECDSA_NUM];
|
||||
EC_KEY *ecdh_a[EC_NUM];
|
||||
EC_KEY *ecdh_b[EC_NUM];
|
||||
unsigned char *secret_a;
|
||||
unsigned char *secret_b;
|
||||
size_t outlen;
|
||||
kdf_fn kdf;
|
||||
#endif
|
||||
EVP_CIPHER_CTX *ctx;
|
||||
HMAC_CTX *hctx;
|
||||
GCM128_CONTEXT *gcm_ctx;
|
||||
} loopargs_t;
|
||||
|
||||
static int run_benchmark(int async_jobs, int (*loop_function) (void *),
|
||||
loopargs_t * loopargs);
|
||||
|
||||
/* Nb of iterations to do per algorithm and key-size */
|
||||
static long c[ALGOR_NUM][SIZE_NUM];
|
||||
|
@ -995,7 +994,7 @@ static int DSA_verify_loop(void *args)
|
|||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_EC
|
||||
static long ecdsa_c[EC_NUM][2];
|
||||
static long ecdsa_c[ECDSA_NUM][2];
|
||||
static int ECDSA_sign_loop(void *args)
|
||||
{
|
||||
loopargs_t *tempargs = *(loopargs_t **)args;
|
||||
|
@ -1222,26 +1221,23 @@ int speed_main(int argc, char **argv)
|
|||
{
|
||||
ENGINE *e = NULL;
|
||||
loopargs_t *loopargs = NULL;
|
||||
int async_init = 0;
|
||||
int loopargs_len = 0;
|
||||
char *prog;
|
||||
const char *prog;
|
||||
const char *engine_id = NULL;
|
||||
const EVP_CIPHER *evp_cipher = NULL;
|
||||
double d = 0.0;
|
||||
OPTION_CHOICE o;
|
||||
int multiblock = 0, pr_header = 0;
|
||||
int async_init = 0, multiblock = 0, pr_header = 0;
|
||||
int doit[ALGOR_NUM] = { 0 };
|
||||
int ret = 1, i, k, misalign = 0;
|
||||
int ret = 1, misalign = 0;
|
||||
long count = 0;
|
||||
unsigned int i, k, loop, loopargs_len = 0, async_jobs = 0;
|
||||
#ifndef NO_FORK
|
||||
int multi = 0;
|
||||
#endif
|
||||
unsigned int async_jobs = 0;
|
||||
#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
|
||||
|| !defined(OPENSSL_NO_EC)
|
||||
long rsa_count = 1;
|
||||
#endif
|
||||
size_t loop;
|
||||
|
||||
/* What follows are the buffers and key material. */
|
||||
#ifndef OPENSSL_NO_RC5
|
||||
|
@ -1325,7 +1321,7 @@ int speed_main(int argc, char **argv)
|
|||
/*
|
||||
* We only test over the following curves as they are representative, To
|
||||
* add tests over more curves, simply add the curve NID and curve name to
|
||||
* the following arrays and increase the EC_NUM value accordingly.
|
||||
* the following arrays and increase the |ecdh_choices| list accordingly.
|
||||
*/
|
||||
static const unsigned int test_curves[EC_NUM] = {
|
||||
/* Prime Curves */
|
||||
|
@ -1360,7 +1356,7 @@ int speed_main(int argc, char **argv)
|
|||
571, 253 /* X25519 */
|
||||
};
|
||||
|
||||
int ecdsa_doit[EC_NUM] = { 0 };
|
||||
int ecdsa_doit[ECDSA_NUM] = { 0 };
|
||||
int ecdh_doit[EC_NUM] = { 0 };
|
||||
#endif /* ndef OPENSSL_NO_EC */
|
||||
|
||||
|
@ -1418,9 +1414,7 @@ int speed_main(int argc, char **argv)
|
|||
goto opterr;
|
||||
}
|
||||
if (async_jobs > 99999) {
|
||||
BIO_printf(bio_err,
|
||||
"%s: too many async_jobs\n",
|
||||
prog);
|
||||
BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
|
||||
goto opterr;
|
||||
}
|
||||
#endif
|
||||
|
@ -1471,10 +1465,8 @@ int speed_main(int argc, char **argv)
|
|||
if (strcmp(*argv, "openssl") == 0)
|
||||
continue;
|
||||
if (strcmp(*argv, "rsa") == 0) {
|
||||
rsa_doit[R_RSA_512] = rsa_doit[R_RSA_1024] =
|
||||
rsa_doit[R_RSA_2048] = rsa_doit[R_RSA_3072] =
|
||||
rsa_doit[R_RSA_4096] = rsa_doit[R_RSA_7680] =
|
||||
rsa_doit[R_RSA_15360] = 1;
|
||||
for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++)
|
||||
rsa_doit[loop] = 1;
|
||||
continue;
|
||||
}
|
||||
if (found(*argv, rsa_choices, &i)) {
|
||||
|
@ -1507,8 +1499,8 @@ int speed_main(int argc, char **argv)
|
|||
#endif
|
||||
#ifndef OPENSSL_NO_EC
|
||||
if (strcmp(*argv, "ecdsa") == 0) {
|
||||
for (loop = 0; loop < OSSL_NELEM(ecdsa_choices); loop++)
|
||||
ecdsa_doit[ecdsa_choices[loop].retval] = 1;
|
||||
for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
|
||||
ecdsa_doit[loop] = 1;
|
||||
continue;
|
||||
}
|
||||
if (found(*argv, ecdsa_choices, &i)) {
|
||||
|
@ -1516,8 +1508,8 @@ int speed_main(int argc, char **argv)
|
|||
continue;
|
||||
}
|
||||
if (strcmp(*argv, "ecdh") == 0) {
|
||||
for (loop = 0; loop < OSSL_NELEM(ecdh_choices); loop++)
|
||||
ecdh_doit[ecdh_choices[loop].retval] = 1;
|
||||
for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
|
||||
ecdh_doit[loop] = 1;
|
||||
continue;
|
||||
}
|
||||
if (found(*argv, ecdh_choices, &i)) {
|
||||
|
@ -1584,10 +1576,10 @@ int speed_main(int argc, char **argv)
|
|||
dsa_doit[i] = 1;
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_EC
|
||||
for (loop = 0; loop < OSSL_NELEM(ecdsa_choices); loop++)
|
||||
ecdsa_doit[ecdsa_choices[loop].retval] = 1;
|
||||
for (loop = 0; loop < OSSL_NELEM(ecdh_choices); loop++)
|
||||
ecdh_doit[ecdh_choices[loop].retval] = 1;
|
||||
for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
|
||||
ecdsa_doit[loop] = 1;
|
||||
for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
|
||||
ecdh_doit[loop] = 1;
|
||||
#endif
|
||||
}
|
||||
for (i = 0; i < ALGOR_NUM; i++)
|
||||
|
@ -1850,6 +1842,8 @@ int speed_main(int argc, char **argv)
|
|||
}
|
||||
}
|
||||
}
|
||||
/* default iteration count for the last EC Curve */
|
||||
ecdh_c[R_EC_X25519][0] = count / 1800;
|
||||
# endif
|
||||
|
||||
# else
|
||||
|
@ -2472,7 +2466,7 @@ int speed_main(int argc, char **argv)
|
|||
if (RAND_status() != 1) {
|
||||
RAND_seed(rnd_seed, sizeof(rnd_seed));
|
||||
}
|
||||
for (testnum = 0; testnum < EC_NUM; testnum++) {
|
||||
for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
|
||||
int st = 1;
|
||||
|
||||
if (!ecdsa_doit[testnum])
|
||||
|
@ -2584,7 +2578,7 @@ int speed_main(int argc, char **argv)
|
|||
ecdh_checks = 0;
|
||||
rsa_count = 1;
|
||||
} else {
|
||||
int secret_size_a, secret_size_b;
|
||||
int secret_size_a, secret_size_b, j;
|
||||
/*
|
||||
* If field size is not more than 24 octets, then use SHA-1
|
||||
* hash of result; otherwise, use result (see section 4.8 of
|
||||
|
@ -2613,8 +2607,8 @@ int speed_main(int argc, char **argv)
|
|||
else
|
||||
ecdh_checks = 1;
|
||||
|
||||
for (k = 0; k < secret_size_a && ecdh_checks == 1; k++) {
|
||||
if (loopargs[i].secret_a[k] != loopargs[i].secret_b[k])
|
||||
for (j = 0; j < secret_size_a && ecdh_checks == 1; j++) {
|
||||
if (loopargs[i].secret_a[j] != loopargs[i].secret_b[j])
|
||||
ecdh_checks = 0;
|
||||
}
|
||||
|
||||
|
@ -2644,7 +2638,7 @@ int speed_main(int argc, char **argv)
|
|||
|
||||
if (rsa_count <= 1) {
|
||||
/* if longer than 10s, don't do any more */
|
||||
for (testnum++; testnum < EC_NUM; testnum++)
|
||||
for (testnum++; testnum < OSSL_NELEM(ecdh_doit); testnum++)
|
||||
ecdh_doit[testnum] = 0;
|
||||
}
|
||||
}
|
||||
|
@ -2693,7 +2687,7 @@ int speed_main(int argc, char **argv)
|
|||
if (!doit[k])
|
||||
continue;
|
||||
if (mr)
|
||||
printf("+F:%d:%s", k, names[k]);
|
||||
printf("+F:%u:%s", k, names[k]);
|
||||
else
|
||||
printf("%-13s", names[k]);
|
||||
for (testnum = 0; testnum < SIZE_NUM; testnum++) {
|
||||
|
@ -2742,7 +2736,7 @@ int speed_main(int argc, char **argv)
|
|||
#endif
|
||||
#ifndef OPENSSL_NO_EC
|
||||
testnum = 1;
|
||||
for (k = 0; k < EC_NUM; k++) {
|
||||
for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
|
||||
if (!ecdsa_doit[k])
|
||||
continue;
|
||||
if (testnum && !mr) {
|
||||
|
@ -2800,8 +2794,9 @@ int speed_main(int argc, char **argv)
|
|||
DSA_free(loopargs[i].dsa_key[k]);
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_EC
|
||||
for (k = 0; k < EC_NUM; k++) {
|
||||
for (k = 0; k < ECDSA_NUM; k++)
|
||||
EC_KEY_free(loopargs[i].ecdsa[k]);
|
||||
for (k = 0; k < EC_NUM; k++) {
|
||||
EC_KEY_free(loopargs[i].ecdh_a[k]);
|
||||
EC_KEY_free(loopargs[i].ecdh_b[k]);
|
||||
}
|
||||
|
@ -2950,7 +2945,7 @@ static int do_multi(int multi)
|
|||
printf("Got: %s from %d\n", buf, n);
|
||||
if (strncmp(buf, "+F:", 3) == 0) {
|
||||
int alg;
|
||||
int j;
|
||||
unsigned int j;
|
||||
|
||||
p = buf + 3;
|
||||
alg = atoi(sstrsep(&p, sep));
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -219,6 +219,7 @@ static int check(X509_STORE *ctx, const char *file,
|
|||
|
||||
X509_STORE_set_flags(ctx, vflags);
|
||||
if (!X509_STORE_CTX_init(csc, ctx, x, uchain)) {
|
||||
X509_STORE_CTX_free(csc);
|
||||
printf("error %s: X.509 store context initialization failed\n",
|
||||
(file == NULL) ? "stdin" : file);
|
||||
goto end;
|
||||
|
|
|
@ -41,5 +41,5 @@ test_script:
|
|||
- cd _build
|
||||
- nmake test
|
||||
- mkdir ..\_install
|
||||
- nmake install install_docs DESTDIR=..\_install
|
||||
- nmake install DESTDIR=..\_install
|
||||
- cd ..
|
||||
|
|
|
@ -22,7 +22,7 @@ our %config = (
|
|||
builddir => ".",
|
||||
cc => "cc",
|
||||
cflags => "",
|
||||
conf_files => [ "Configurations/90-team.conf" ],
|
||||
conf_files => [ "Configurations/00-base-templates.conf", "Configurations/dist.conf" ],
|
||||
cross_compile_prefix => "",
|
||||
defines => [ "NDEBUG", "OPENSSL_NO_DYNAMIC_ENGINE" ],
|
||||
dirs => [ "crypto", "ssl", "engines", "apps", "test", "util", "tools", "fuzz" ],
|
||||
|
@ -57,12 +57,12 @@ our %config = (
|
|||
shlib_version_number => "1.1",
|
||||
sourcedir => ".",
|
||||
target => "dist",
|
||||
version => "1.1.0h",
|
||||
version_num => "0x1010008fL",
|
||||
version => "1.1.0i",
|
||||
version_num => "0x1010009fL",
|
||||
);
|
||||
|
||||
our %target = (
|
||||
_conf_fname_int => [ "Configurations/90-team.conf" ],
|
||||
_conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/dist.conf" ],
|
||||
aes_asm_src => "aes_core.c aes_cbc.c",
|
||||
aes_obj => "aes_core.o aes_cbc.o",
|
||||
apps_aux_src => "",
|
||||
|
@ -1078,6 +1078,10 @@ our %unified_info = (
|
|||
[
|
||||
"libcrypto",
|
||||
],
|
||||
"test/errtest" =>
|
||||
[
|
||||
"libcrypto",
|
||||
],
|
||||
"test/evp_extra_test" =>
|
||||
[
|
||||
"libcrypto",
|
||||
|
@ -1244,10 +1248,22 @@ our %unified_info = (
|
|||
[
|
||||
"libcrypto",
|
||||
],
|
||||
"test/versions" =>
|
||||
[
|
||||
"libcrypto",
|
||||
],
|
||||
"test/wp_test" =>
|
||||
[
|
||||
"libcrypto",
|
||||
],
|
||||
"test/x509_dup_cert_test" =>
|
||||
[
|
||||
"libcrypto",
|
||||
],
|
||||
"test/x509_time_test" =>
|
||||
[
|
||||
"libcrypto",
|
||||
],
|
||||
"test/x509aux" =>
|
||||
[
|
||||
"libcrypto",
|
||||
|
@ -3909,6 +3925,12 @@ our %unified_info = (
|
|||
"crypto/include",
|
||||
"include",
|
||||
],
|
||||
"crypto/conf/conf_ssl.o" =>
|
||||
[
|
||||
".",
|
||||
"crypto/include",
|
||||
"include",
|
||||
],
|
||||
"crypto/cpt_err.o" =>
|
||||
[
|
||||
".",
|
||||
|
@ -6167,6 +6189,12 @@ our %unified_info = (
|
|||
"crypto/include",
|
||||
"include",
|
||||
],
|
||||
"crypto/x509/x509_meth.o" =>
|
||||
[
|
||||
".",
|
||||
"crypto/include",
|
||||
"include",
|
||||
],
|
||||
"crypto/x509/x509_obj.o" =>
|
||||
[
|
||||
".",
|
||||
|
@ -7158,6 +7186,10 @@ our %unified_info = (
|
|||
[
|
||||
"include",
|
||||
],
|
||||
"test/errtest.o" =>
|
||||
[
|
||||
"include",
|
||||
],
|
||||
"test/evp_extra_test.o" =>
|
||||
[
|
||||
"include",
|
||||
|
@ -7330,8 +7362,8 @@ our %unified_info = (
|
|||
],
|
||||
"test/testutil.o" =>
|
||||
[
|
||||
"crypto/include",
|
||||
"test",
|
||||
"crypto/include",
|
||||
"include",
|
||||
".",
|
||||
],
|
||||
|
@ -7352,10 +7384,23 @@ our %unified_info = (
|
|||
[
|
||||
"include",
|
||||
],
|
||||
"test/versions.o" =>
|
||||
[
|
||||
"include",
|
||||
],
|
||||
"test/wp_test.o" =>
|
||||
[
|
||||
"include",
|
||||
],
|
||||
"test/x509_dup_cert_test.o" =>
|
||||
[
|
||||
"include",
|
||||
],
|
||||
"test/x509_time_test.o" =>
|
||||
[
|
||||
".",
|
||||
"include",
|
||||
],
|
||||
"test/x509aux.o" =>
|
||||
[
|
||||
"include",
|
||||
|
@ -7512,6 +7557,7 @@ our %unified_info = (
|
|||
"test/ecdsatest",
|
||||
"test/ectest",
|
||||
"test/enginetest",
|
||||
"test/errtest",
|
||||
"test/evp_extra_test",
|
||||
"test/evp_test",
|
||||
"test/exdatatest",
|
||||
|
@ -7552,7 +7598,10 @@ our %unified_info = (
|
|||
"test/v3ext",
|
||||
"test/v3nametest",
|
||||
"test/verify_extra_test",
|
||||
"test/versions",
|
||||
"test/wp_test",
|
||||
"test/x509_dup_cert_test",
|
||||
"test/x509_time_test",
|
||||
"test/x509aux",
|
||||
],
|
||||
"rawlines" =>
|
||||
|
@ -7937,6 +7986,9 @@ our %unified_info = (
|
|||
"test/enginetest" =>
|
||||
[
|
||||
],
|
||||
"test/errtest" =>
|
||||
[
|
||||
],
|
||||
"test/evp_extra_test" =>
|
||||
[
|
||||
],
|
||||
|
@ -8057,9 +8109,18 @@ our %unified_info = (
|
|||
"test/verify_extra_test" =>
|
||||
[
|
||||
],
|
||||
"test/versions" =>
|
||||
[
|
||||
],
|
||||
"test/wp_test" =>
|
||||
[
|
||||
],
|
||||
"test/x509_dup_cert_test" =>
|
||||
[
|
||||
],
|
||||
"test/x509_time_test" =>
|
||||
[
|
||||
],
|
||||
"test/x509aux" =>
|
||||
[
|
||||
],
|
||||
|
@ -9060,6 +9121,10 @@ our %unified_info = (
|
|||
[
|
||||
"crypto/conf/conf_sap.c",
|
||||
],
|
||||
"crypto/conf/conf_ssl.o" =>
|
||||
[
|
||||
"crypto/conf/conf_ssl.c",
|
||||
],
|
||||
"crypto/cpt_err.o" =>
|
||||
[
|
||||
"crypto/cpt_err.c",
|
||||
|
@ -10500,6 +10565,10 @@ our %unified_info = (
|
|||
[
|
||||
"crypto/x509/x509_lu.c",
|
||||
],
|
||||
"crypto/x509/x509_meth.o" =>
|
||||
[
|
||||
"crypto/x509/x509_meth.c",
|
||||
],
|
||||
"crypto/x509/x509_obj.o" =>
|
||||
[
|
||||
"crypto/x509/x509_obj.c",
|
||||
|
@ -11022,6 +11091,7 @@ our %unified_info = (
|
|||
"crypto/conf/conf_mall.o",
|
||||
"crypto/conf/conf_mod.o",
|
||||
"crypto/conf/conf_sap.o",
|
||||
"crypto/conf/conf_ssl.o",
|
||||
"crypto/cpt_err.o",
|
||||
"crypto/cryptlib.o",
|
||||
"crypto/ct/ct_b64.o",
|
||||
|
@ -11382,6 +11452,7 @@ our %unified_info = (
|
|||
"crypto/x509/x509_err.o",
|
||||
"crypto/x509/x509_ext.o",
|
||||
"crypto/x509/x509_lu.o",
|
||||
"crypto/x509/x509_meth.o",
|
||||
"crypto/x509/x509_obj.o",
|
||||
"crypto/x509/x509_r2x.o",
|
||||
"crypto/x509/x509_req.o",
|
||||
|
@ -12393,6 +12464,15 @@ our %unified_info = (
|
|||
[
|
||||
"test/enginetest.c",
|
||||
],
|
||||
"test/errtest" =>
|
||||
[
|
||||
"test/errtest.o",
|
||||
"test/testutil.o",
|
||||
],
|
||||
"test/errtest.o" =>
|
||||
[
|
||||
"test/errtest.c",
|
||||
],
|
||||
"test/evp_extra_test" =>
|
||||
[
|
||||
"test/evp_extra_test.o",
|
||||
|
@ -12742,6 +12822,14 @@ our %unified_info = (
|
|||
[
|
||||
"test/verify_extra_test.c",
|
||||
],
|
||||
"test/versions" =>
|
||||
[
|
||||
"test/versions.o",
|
||||
],
|
||||
"test/versions.o" =>
|
||||
[
|
||||
"test/versions.c",
|
||||
],
|
||||
"test/wp_test" =>
|
||||
[
|
||||
"test/wp_test.o",
|
||||
|
@ -12750,6 +12838,23 @@ our %unified_info = (
|
|||
[
|
||||
"test/wp_test.c",
|
||||
],
|
||||
"test/x509_dup_cert_test" =>
|
||||
[
|
||||
"test/x509_dup_cert_test.o",
|
||||
],
|
||||
"test/x509_dup_cert_test.o" =>
|
||||
[
|
||||
"test/x509_dup_cert_test.c",
|
||||
],
|
||||
"test/x509_time_test" =>
|
||||
[
|
||||
"test/testutil.o",
|
||||
"test/x509_time_test.o",
|
||||
],
|
||||
"test/x509_time_test.o" =>
|
||||
[
|
||||
"test/x509_time_test.c",
|
||||
],
|
||||
"test/x509aux" =>
|
||||
[
|
||||
"test/x509aux.o",
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2011-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -69,7 +69,7 @@
|
|||
# endif
|
||||
# endif
|
||||
|
||||
# if !__ASSEMBLER__
|
||||
# ifndef __ASSEMBLER__
|
||||
extern unsigned int OPENSSL_armcap_P;
|
||||
# endif
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2011-2017 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2011-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -13,6 +13,7 @@
|
|||
#include <setjmp.h>
|
||||
#include <signal.h>
|
||||
#include <openssl/crypto.h>
|
||||
#include <internal/cryptlib.h>
|
||||
|
||||
#include "arm_arch.h"
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#! /usr/bin/env perl
|
||||
# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -125,7 +125,7 @@ CRYPTO_memcmp:
|
|||
|
||||
ldmia sp!,{r4,r5}
|
||||
.Lno_data:
|
||||
neg r0,ip
|
||||
rsb r0,ip,#0
|
||||
mov r0,r0,lsr#31
|
||||
#if __ARM_ARCH__>=5
|
||||
bx lr
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -19,7 +19,7 @@
|
|||
|
||||
int i2d_ASN1_OBJECT(const ASN1_OBJECT *a, unsigned char **pp)
|
||||
{
|
||||
unsigned char *p;
|
||||
unsigned char *p, *allocated = NULL;
|
||||
int objsize;
|
||||
|
||||
if ((a == NULL) || (a->data == NULL))
|
||||
|
@ -29,13 +29,24 @@ int i2d_ASN1_OBJECT(const ASN1_OBJECT *a, unsigned char **pp)
|
|||
if (pp == NULL || objsize == -1)
|
||||
return objsize;
|
||||
|
||||
p = *pp;
|
||||
if (*pp == NULL) {
|
||||
if ((p = allocated = OPENSSL_malloc(objsize)) == NULL) {
|
||||
ASN1err(ASN1_F_I2D_ASN1_OBJECT, ERR_R_MALLOC_FAILURE);
|
||||
return 0;
|
||||
}
|
||||
} else {
|
||||
p = *pp;
|
||||
}
|
||||
|
||||
ASN1_put_object(&p, 0, a->length, V_ASN1_OBJECT, V_ASN1_UNIVERSAL);
|
||||
memcpy(p, a->data, a->length);
|
||||
p += a->length;
|
||||
|
||||
*pp = p;
|
||||
return (objsize);
|
||||
/*
|
||||
* If a new buffer was allocated, just return it back.
|
||||
* If not, return the incremented buffer pointer.
|
||||
*/
|
||||
*pp = allocated != NULL ? allocated : p + a->length;
|
||||
return objsize;
|
||||
}
|
||||
|
||||
int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -139,7 +139,7 @@ static int do_buf(unsigned char *buf, int buflen,
|
|||
int type, unsigned short flags, char *quotes, char_io *io_ch,
|
||||
void *arg)
|
||||
{
|
||||
int i, outlen, len;
|
||||
int i, outlen, len, charwidth;
|
||||
unsigned short orflags;
|
||||
unsigned char *p, *q;
|
||||
unsigned long c;
|
||||
|
@ -147,12 +147,32 @@ static int do_buf(unsigned char *buf, int buflen,
|
|||
p = buf;
|
||||
q = buf + buflen;
|
||||
outlen = 0;
|
||||
charwidth = type & BUF_TYPE_WIDTH_MASK;
|
||||
|
||||
switch (charwidth) {
|
||||
case 4:
|
||||
if (buflen & 3) {
|
||||
ASN1err(ASN1_F_DO_BUF, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH);
|
||||
return -1;
|
||||
}
|
||||
break;
|
||||
case 2:
|
||||
if (buflen & 1) {
|
||||
ASN1err(ASN1_F_DO_BUF, ASN1_R_INVALID_BMPSTRING_LENGTH);
|
||||
return -1;
|
||||
}
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
|
||||
while (p != q) {
|
||||
if (p == buf && flags & ASN1_STRFLGS_ESC_2253)
|
||||
orflags = CHARTYPE_FIRST_ESC_2253;
|
||||
else
|
||||
orflags = 0;
|
||||
switch (type & BUF_TYPE_WIDTH_MASK) {
|
||||
|
||||
switch (charwidth) {
|
||||
case 4:
|
||||
c = ((unsigned long)*p++) << 24;
|
||||
c |= ((unsigned long)*p++) << 16;
|
||||
|
@ -173,6 +193,7 @@ static int do_buf(unsigned char *buf, int buflen,
|
|||
i = UTF8_getc(p, buflen, &c);
|
||||
if (i < 0)
|
||||
return -1; /* Invalid UTF8String */
|
||||
buflen -= i;
|
||||
p += i;
|
||||
break;
|
||||
default:
|
||||
|
@ -592,53 +613,3 @@ int ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in)
|
|||
*out = stmp.data;
|
||||
return stmp.length;
|
||||
}
|
||||
|
||||
/* Return 1 if host is a valid hostname and 0 otherwise */
|
||||
int asn1_valid_host(const ASN1_STRING *host)
|
||||
{
|
||||
int hostlen = host->length;
|
||||
const unsigned char *hostptr = host->data;
|
||||
int type = host->type;
|
||||
int i;
|
||||
signed char width = -1;
|
||||
unsigned short chflags = 0, prevchflags;
|
||||
|
||||
if (type > 0 && type < 31)
|
||||
width = tag2nbyte[type];
|
||||
if (width == -1 || hostlen == 0)
|
||||
return 0;
|
||||
/* Treat UTF8String as width 1 as any MSB set is invalid */
|
||||
if (width == 0)
|
||||
width = 1;
|
||||
for (i = 0 ; i < hostlen; i+= width) {
|
||||
prevchflags = chflags;
|
||||
/* Value must be <= 0x7F: check upper bytes are all zeroes */
|
||||
if (width == 4) {
|
||||
if (*hostptr++ != 0 || *hostptr++ != 0 || *hostptr++ != 0)
|
||||
return 0;
|
||||
} else if (width == 2) {
|
||||
if (*hostptr++ != 0)
|
||||
return 0;
|
||||
}
|
||||
if (*hostptr > 0x7f)
|
||||
return 0;
|
||||
chflags = char_type[*hostptr++];
|
||||
if (!(chflags & (CHARTYPE_HOST_ANY | CHARTYPE_HOST_WILD))) {
|
||||
/* Nothing else allowed at start or end of string */
|
||||
if (i == 0 || i == hostlen - 1)
|
||||
return 0;
|
||||
/* Otherwise invalid if not dot or hyphen */
|
||||
if (!(chflags & (CHARTYPE_HOST_DOT | CHARTYPE_HOST_HYPHEN)))
|
||||
return 0;
|
||||
/*
|
||||
* If previous is dot or hyphen then illegal unless both
|
||||
* are hyphens: as .- -. .. are all illegal
|
||||
*/
|
||||
if (prevchflags & (CHARTYPE_HOST_DOT | CHARTYPE_HOST_HYPHEN)
|
||||
&& ((prevchflags & CHARTYPE_HOST_DOT)
|
||||
|| (chflags & CHARTYPE_HOST_DOT)))
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
|
|
@ -255,6 +255,18 @@ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
|
|||
goto err;
|
||||
}
|
||||
|
||||
/*
|
||||
* One of the following must be true:
|
||||
*
|
||||
* pem_str == NULL AND ASN1_PKEY_ALIAS is set
|
||||
* pem_str != NULL AND ASN1_PKEY_ALIAS is clear
|
||||
*
|
||||
* Anything else is an error and may lead to a corrupt ASN1 method table
|
||||
*/
|
||||
if (!((pem_str == NULL && (flags & ASN1_PKEY_ALIAS) != 0)
|
||||
|| (pem_str != NULL && (flags & ASN1_PKEY_ALIAS) == 0)))
|
||||
goto err;
|
||||
|
||||
if (pem_str) {
|
||||
ameth->pem_str = OPENSSL_strdup(pem_str);
|
||||
if (!ameth->pem_str)
|
||||
|
|
|
@ -92,8 +92,10 @@ static ERR_STRING_DATA ASN1_str_functs[] = {
|
|||
{ERR_FUNC(ASN1_F_D2I_AUTOPRIVATEKEY), "d2i_AutoPrivateKey"},
|
||||
{ERR_FUNC(ASN1_F_D2I_PRIVATEKEY), "d2i_PrivateKey"},
|
||||
{ERR_FUNC(ASN1_F_D2I_PUBLICKEY), "d2i_PublicKey"},
|
||||
{ERR_FUNC(ASN1_F_DO_BUF), "do_buf"},
|
||||
{ERR_FUNC(ASN1_F_DO_TCREATE), "do_tcreate"},
|
||||
{ERR_FUNC(ASN1_F_I2D_ASN1_BIO_STREAM), "i2d_ASN1_bio_stream"},
|
||||
{ERR_FUNC(ASN1_F_I2D_ASN1_OBJECT), "i2d_ASN1_OBJECT"},
|
||||
{ERR_FUNC(ASN1_F_I2D_DSA_PUBKEY), "i2d_DSA_PUBKEY"},
|
||||
{ERR_FUNC(ASN1_F_I2D_EC_PUBKEY), "i2d_EC_PUBKEY"},
|
||||
{ERR_FUNC(ASN1_F_I2D_PRIVATEKEY), "i2d_PrivateKey"},
|
||||
|
|
|
@ -969,12 +969,14 @@ static int strip_eol(char *linebuf, int *plen, int flags)
|
|||
p = linebuf + len - 1;
|
||||
for (p = linebuf + len - 1; len > 0; len--, p--) {
|
||||
c = *p;
|
||||
if (c == '\n')
|
||||
if (c == '\n') {
|
||||
is_eol = 1;
|
||||
else if (is_eol && flags & SMIME_ASCIICRLF && c < 33)
|
||||
} else if (is_eol && flags & SMIME_ASCIICRLF && c == 32) {
|
||||
/* Strip trailing space on a line; 32 == ASCII for ' ' */
|
||||
continue;
|
||||
else if (c != '\r')
|
||||
} else if (c != '\r') {
|
||||
break;
|
||||
}
|
||||
}
|
||||
*plen = len;
|
||||
return is_eol;
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -91,7 +91,7 @@ X509_ALGOR *PKCS5_pbe2_set_scrypt(const EVP_CIPHER *cipher,
|
|||
if (EVP_CIPHER_iv_length(cipher)) {
|
||||
if (aiv)
|
||||
memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
|
||||
else if (RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
|
||||
else if (RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)) <= 0)
|
||||
goto err;
|
||||
}
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -528,6 +528,8 @@ static int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
|
|||
otmp = (ASN1_OBJECT *)*pval;
|
||||
cont = otmp->data;
|
||||
len = otmp->length;
|
||||
if (cont == NULL || len == 0)
|
||||
return -1;
|
||||
break;
|
||||
|
||||
case V_ASN1_NULL:
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -76,7 +76,7 @@ int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it)
|
|||
}
|
||||
return 1;
|
||||
}
|
||||
if (CRYPTO_atomic_add(lck, op, &ret, *lock) < 0)
|
||||
if (!CRYPTO_atomic_add(lck, op, &ret, *lock))
|
||||
return -1; /* failed */
|
||||
#ifdef REF_PRINT
|
||||
fprintf(stderr, "%p:%4d:%s\n", it, *lck, it->sname);
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -30,11 +30,12 @@
|
|||
static CRYPTO_THREAD_LOCAL ctxkey;
|
||||
static CRYPTO_THREAD_LOCAL poolkey;
|
||||
|
||||
static void async_free_pool_internal(async_pool *pool);
|
||||
|
||||
static async_ctx *async_ctx_new(void)
|
||||
{
|
||||
async_ctx *nctx = NULL;
|
||||
async_ctx *nctx;
|
||||
|
||||
if (!ossl_init_thread_start(OPENSSL_INIT_THREAD_ASYNC))
|
||||
return NULL;
|
||||
|
||||
nctx = OPENSSL_malloc(sizeof(async_ctx));
|
||||
if (nctx == NULL) {
|
||||
|
@ -57,9 +58,6 @@ err:
|
|||
|
||||
async_ctx *async_get_ctx(void)
|
||||
{
|
||||
if (!OPENSSL_init_crypto(OPENSSL_INIT_ASYNC, NULL))
|
||||
return NULL;
|
||||
|
||||
return (async_ctx *)CRYPTO_THREAD_get_local(&ctxkey);
|
||||
}
|
||||
|
||||
|
@ -169,16 +167,19 @@ void async_start_func(void)
|
|||
int ASYNC_start_job(ASYNC_JOB **job, ASYNC_WAIT_CTX *wctx, int *ret,
|
||||
int (*func)(void *), void *args, size_t size)
|
||||
{
|
||||
async_ctx *ctx = async_get_ctx();
|
||||
async_ctx *ctx;
|
||||
|
||||
if (!OPENSSL_init_crypto(OPENSSL_INIT_ASYNC, NULL))
|
||||
return ASYNC_ERR;
|
||||
|
||||
ctx = async_get_ctx();
|
||||
if (ctx == NULL)
|
||||
ctx = async_ctx_new();
|
||||
if (ctx == NULL) {
|
||||
if (ctx == NULL)
|
||||
return ASYNC_ERR;
|
||||
}
|
||||
|
||||
if (*job) {
|
||||
if (*job)
|
||||
ctx->currjob = *job;
|
||||
}
|
||||
|
||||
for (;;) {
|
||||
if (ctx->currjob != NULL) {
|
||||
|
@ -219,9 +220,8 @@ int ASYNC_start_job(ASYNC_JOB **job, ASYNC_WAIT_CTX *wctx, int *ret,
|
|||
}
|
||||
|
||||
/* Start a new job */
|
||||
if ((ctx->currjob = async_get_pool_job()) == NULL) {
|
||||
if ((ctx->currjob = async_get_pool_job()) == NULL)
|
||||
return ASYNC_NO_JOBS;
|
||||
}
|
||||
|
||||
if (args != NULL) {
|
||||
ctx->currjob->funcargs = OPENSSL_malloc(size);
|
||||
|
@ -323,12 +323,11 @@ int ASYNC_init_thread(size_t max_size, size_t init_size)
|
|||
return 0;
|
||||
}
|
||||
|
||||
if (!OPENSSL_init_crypto(OPENSSL_INIT_ASYNC, NULL)) {
|
||||
if (!OPENSSL_init_crypto(OPENSSL_INIT_ASYNC, NULL))
|
||||
return 0;
|
||||
}
|
||||
if (!ossl_init_thread_start(OPENSSL_INIT_THREAD_ASYNC)) {
|
||||
|
||||
if (!ossl_init_thread_start(OPENSSL_INIT_THREAD_ASYNC))
|
||||
return 0;
|
||||
}
|
||||
|
||||
pool = OPENSSL_zalloc(sizeof(*pool));
|
||||
if (pool == NULL) {
|
||||
|
@ -369,32 +368,41 @@ int ASYNC_init_thread(size_t max_size, size_t init_size)
|
|||
|
||||
return 1;
|
||||
err:
|
||||
async_free_pool_internal(pool);
|
||||
return 0;
|
||||
}
|
||||
|
||||
static void async_free_pool_internal(async_pool *pool)
|
||||
{
|
||||
if (pool == NULL)
|
||||
return;
|
||||
|
||||
async_empty_pool(pool);
|
||||
sk_ASYNC_JOB_free(pool->jobs);
|
||||
OPENSSL_free(pool);
|
||||
CRYPTO_THREAD_set_local(&poolkey, NULL);
|
||||
return 0;
|
||||
}
|
||||
|
||||
void async_delete_thread_state(void)
|
||||
{
|
||||
async_pool *pool = (async_pool *)CRYPTO_THREAD_get_local(&poolkey);
|
||||
|
||||
if (pool != NULL) {
|
||||
async_empty_pool(pool);
|
||||
sk_ASYNC_JOB_free(pool->jobs);
|
||||
OPENSSL_free(pool);
|
||||
CRYPTO_THREAD_set_local(&poolkey, NULL);
|
||||
}
|
||||
async_local_cleanup();
|
||||
async_ctx_free();
|
||||
}
|
||||
|
||||
void ASYNC_cleanup_thread(void)
|
||||
{
|
||||
async_free_pool_internal((async_pool *)CRYPTO_THREAD_get_local(&poolkey));
|
||||
if (!OPENSSL_init_crypto(OPENSSL_INIT_ASYNC, NULL))
|
||||
return;
|
||||
|
||||
async_delete_thread_state();
|
||||
}
|
||||
|
||||
ASYNC_JOB *ASYNC_get_current_job(void)
|
||||
{
|
||||
async_ctx *ctx;
|
||||
|
||||
if (!OPENSSL_init_crypto(OPENSSL_INIT_ASYNC, NULL))
|
||||
return NULL;
|
||||
|
||||
ctx = async_get_ctx();
|
||||
if (ctx == NULL)
|
||||
return NULL;
|
||||
|
@ -409,7 +417,12 @@ ASYNC_WAIT_CTX *ASYNC_get_wait_ctx(ASYNC_JOB *job)
|
|||
|
||||
void ASYNC_block_pause(void)
|
||||
{
|
||||
async_ctx *ctx = async_get_ctx();
|
||||
async_ctx *ctx;
|
||||
|
||||
if (!OPENSSL_init_crypto(OPENSSL_INIT_ASYNC, NULL))
|
||||
return;
|
||||
|
||||
ctx = async_get_ctx();
|
||||
if (ctx == NULL || ctx->currjob == NULL) {
|
||||
/*
|
||||
* We're not in a job anyway so ignore this
|
||||
|
@ -421,7 +434,12 @@ void ASYNC_block_pause(void)
|
|||
|
||||
void ASYNC_unblock_pause(void)
|
||||
{
|
||||
async_ctx *ctx = async_get_ctx();
|
||||
async_ctx *ctx;
|
||||
|
||||
if (!OPENSSL_init_crypto(OPENSSL_INIT_ASYNC, NULL))
|
||||
return;
|
||||
|
||||
ctx = async_get_ctx();
|
||||
if (ctx == NULL || ctx->currjob == NULL) {
|
||||
/*
|
||||
* We're not in a job anyway so ignore this
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -66,18 +66,18 @@ void BIO_ADDR_clear(BIO_ADDR *ap)
|
|||
int BIO_ADDR_make(BIO_ADDR *ap, const struct sockaddr *sa)
|
||||
{
|
||||
if (sa->sa_family == AF_INET) {
|
||||
ap->s_in = *(const struct sockaddr_in *)sa;
|
||||
memcpy(&(ap->s_in), sa, sizeof(struct sockaddr_in));
|
||||
return 1;
|
||||
}
|
||||
#ifdef AF_INET6
|
||||
if (sa->sa_family == AF_INET6) {
|
||||
ap->s_in6 = *(const struct sockaddr_in6 *)sa;
|
||||
memcpy(&(ap->s_in6), sa, sizeof(struct sockaddr_in6));
|
||||
return 1;
|
||||
}
|
||||
#endif
|
||||
#ifdef AF_UNIX
|
||||
if (sa->sa_family == AF_UNIX) {
|
||||
ap->s_un = *(const struct sockaddr_un *)sa;
|
||||
memcpy(&(ap->s_un), sa, sizeof(struct sockaddr_un));
|
||||
return 1;
|
||||
}
|
||||
#endif
|
||||
|
@ -604,7 +604,8 @@ static int addrinfo_wrap(int family, int socktype,
|
|||
|
||||
DEFINE_RUN_ONCE_STATIC(do_bio_lookup_init)
|
||||
{
|
||||
OPENSSL_init_crypto(0, NULL);
|
||||
if (!OPENSSL_init_crypto(0, NULL))
|
||||
return 0;
|
||||
bio_lookup_lock = CRYPTO_THREAD_lock_new();
|
||||
return bio_lookup_lock != NULL;
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -317,7 +317,7 @@ int BIO_socket_nbio(int s, int mode)
|
|||
|
||||
l = fcntl(s, F_GETFL, 0);
|
||||
if (l == -1) {
|
||||
SYSerr(SYS_F_FCNTL, get_last_rtl_error());
|
||||
SYSerr(SYS_F_FCNTL, get_last_sys_error());
|
||||
ret = -1;
|
||||
} else {
|
||||
# if defined(O_NONBLOCK)
|
||||
|
@ -335,7 +335,7 @@ int BIO_socket_nbio(int s, int mode)
|
|||
ret = fcntl(s, F_SETFL, l);
|
||||
|
||||
if (ret < 0) {
|
||||
SYSerr(SYS_F_FCNTL, get_last_rtl_error());
|
||||
SYSerr(SYS_F_FCNTL, get_last_sys_error());
|
||||
}
|
||||
}
|
||||
# else
|
||||
|
|
|
@ -43,6 +43,7 @@ BIO_METHOD *BIO_meth_new(int type, const char *name)
|
|||
BIOerr(BIO_F_BIO_METH_NEW, ERR_R_MALLOC_FAILURE);
|
||||
return NULL;
|
||||
}
|
||||
biom->type = type;
|
||||
return biom;
|
||||
}
|
||||
|
||||
|
@ -54,7 +55,7 @@ void BIO_meth_free(BIO_METHOD *biom)
|
|||
}
|
||||
}
|
||||
|
||||
int (*BIO_meth_get_write(BIO_METHOD *biom)) (BIO *, const char *, int)
|
||||
int (*BIO_meth_get_write(const BIO_METHOD *biom)) (BIO *, const char *, int)
|
||||
{
|
||||
return biom->bwrite;
|
||||
}
|
||||
|
@ -66,7 +67,7 @@ int BIO_meth_set_write(BIO_METHOD *biom,
|
|||
return 1;
|
||||
}
|
||||
|
||||
int (*BIO_meth_get_read(BIO_METHOD *biom)) (BIO *, char *, int)
|
||||
int (*BIO_meth_get_read(const BIO_METHOD *biom)) (BIO *, char *, int)
|
||||
{
|
||||
return biom->bread;
|
||||
}
|
||||
|
@ -78,7 +79,7 @@ int BIO_meth_set_read(BIO_METHOD *biom,
|
|||
return 1;
|
||||
}
|
||||
|
||||
int (*BIO_meth_get_puts(BIO_METHOD *biom)) (BIO *, const char *)
|
||||
int (*BIO_meth_get_puts(const BIO_METHOD *biom)) (BIO *, const char *)
|
||||
{
|
||||
return biom->bputs;
|
||||
}
|
||||
|
@ -90,7 +91,7 @@ int BIO_meth_set_puts(BIO_METHOD *biom,
|
|||
return 1;
|
||||
}
|
||||
|
||||
int (*BIO_meth_get_gets(BIO_METHOD *biom)) (BIO *, char *, int)
|
||||
int (*BIO_meth_get_gets(const BIO_METHOD *biom)) (BIO *, char *, int)
|
||||
{
|
||||
return biom->bgets;
|
||||
}
|
||||
|
@ -102,7 +103,7 @@ int BIO_meth_set_gets(BIO_METHOD *biom,
|
|||
return 1;
|
||||
}
|
||||
|
||||
long (*BIO_meth_get_ctrl(BIO_METHOD *biom)) (BIO *, int, long, void *)
|
||||
long (*BIO_meth_get_ctrl(const BIO_METHOD *biom)) (BIO *, int, long, void *)
|
||||
{
|
||||
return biom->ctrl;
|
||||
}
|
||||
|
@ -114,7 +115,7 @@ int BIO_meth_set_ctrl(BIO_METHOD *biom,
|
|||
return 1;
|
||||
}
|
||||
|
||||
int (*BIO_meth_get_create(BIO_METHOD *biom)) (BIO *)
|
||||
int (*BIO_meth_get_create(const BIO_METHOD *biom)) (BIO *)
|
||||
{
|
||||
return biom->create;
|
||||
}
|
||||
|
@ -125,7 +126,7 @@ int BIO_meth_set_create(BIO_METHOD *biom, int (*create) (BIO *))
|
|||
return 1;
|
||||
}
|
||||
|
||||
int (*BIO_meth_get_destroy(BIO_METHOD *biom)) (BIO *)
|
||||
int (*BIO_meth_get_destroy(const BIO_METHOD *biom)) (BIO *)
|
||||
{
|
||||
return biom->destroy;
|
||||
}
|
||||
|
@ -136,7 +137,7 @@ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy) (BIO *))
|
|||
return 1;
|
||||
}
|
||||
|
||||
long (*BIO_meth_get_callback_ctrl(BIO_METHOD *biom)) (BIO *, int, BIO_info_cb *)
|
||||
long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom)) (BIO *, int, BIO_info_cb *)
|
||||
{
|
||||
return biom->callback_ctrl;
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -196,7 +196,7 @@ static int slg_write(BIO *b, const char *in, int inl)
|
|||
if ((buf = OPENSSL_malloc(inl + 1)) == NULL) {
|
||||
return (0);
|
||||
}
|
||||
strncpy(buf, in, inl);
|
||||
memcpy(buf, in, inl);
|
||||
buf[inl] = '\0';
|
||||
|
||||
i = 0;
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -212,6 +212,8 @@ static int mem_write(BIO *b, const char *in, int inl)
|
|||
goto end;
|
||||
}
|
||||
BIO_clear_retry_flags(b);
|
||||
if (inl == 0)
|
||||
return 0;
|
||||
blen = bbm->readp->length;
|
||||
mem_buf_sync(b);
|
||||
if (BUF_MEM_grow_clean(bbm->buf, blen + inl) == 0)
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#! /usr/bin/env perl
|
||||
# Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -297,15 +297,12 @@ bn_mul_mont:
|
|||
mov sp,$tp
|
||||
mov $bp,$rp # restore rp
|
||||
|
||||
and sp,$hi0,$ap
|
||||
bic $bp,$hi0,$bp
|
||||
bis $bp,$ap,$ap # ap=borrow?tp:rp
|
||||
|
||||
.align 4
|
||||
.Lcopy: ldq $aj,0($ap) # copy or in-place refresh
|
||||
.Lcopy: ldq $aj,0($tp) # conditional copy
|
||||
ldq $nj,0($rp)
|
||||
lda $tp,8($tp)
|
||||
lda $rp,8($rp)
|
||||
lda $ap,8($ap)
|
||||
cmoveq $hi0,$nj,$aj
|
||||
stq zero,-8($tp) # zap tp
|
||||
cmpult $tp,$tj,AT
|
||||
stq $aj,-8($rp)
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#! /usr/bin/env perl
|
||||
# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -262,14 +262,15 @@ bn_mul_mont:
|
|||
mov $tp,sp @ "rewind" $tp
|
||||
sub $rp,$rp,$aj @ "rewind" $rp
|
||||
|
||||
and $ap,$tp,$nhi
|
||||
bic $np,$rp,$nhi
|
||||
orr $ap,$ap,$np @ ap=borrow?tp:rp
|
||||
|
||||
.Lcopy: ldr $tj,[$ap],#4 @ copy or in-place refresh
|
||||
.Lcopy: ldr $tj,[$tp] @ conditional copy
|
||||
ldr $aj,[$rp]
|
||||
str sp,[$tp],#4 @ zap tp
|
||||
str $tj,[$rp],#4
|
||||
cmp $tp,$num
|
||||
#ifdef __thumb2__
|
||||
it cc
|
||||
#endif
|
||||
movcc $aj,$tj
|
||||
str $aj,[$rp],#4
|
||||
teq $tp,$num @ preserve carry
|
||||
bne .Lcopy
|
||||
|
||||
mov sp,$num
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#! /usr/bin/env perl
|
||||
# Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2010-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -341,19 +341,19 @@ bn_mul_mont_general:
|
|||
{ .mmb; sub rptr=rptr,len // rewind
|
||||
sub tptr=tptr,len
|
||||
clrrrb.pr };;
|
||||
{ .mmi; and aptr=tptr,topbit
|
||||
andcm bptr=rptr,topbit
|
||||
{ .mmi; mov aptr=rptr
|
||||
mov bptr=tptr
|
||||
mov pr.rot=1<<16 };;
|
||||
{ .mii; or nptr=aptr,bptr
|
||||
{ .mii; cmp.eq p0,p6=topbit,r0
|
||||
mov ar.lc=lc
|
||||
mov ar.ec=3 };;
|
||||
mov ar.ec=2 };;
|
||||
|
||||
.Lcopy_ctop:
|
||||
{ .mmb; (p16) ld8 n[0]=[nptr],8
|
||||
(p18) st8 [tptr]=r0,8
|
||||
(p16) nop.b 0 }
|
||||
{ .mmb; (p16) nop.m 0
|
||||
(p18) st8 [rptr]=n[2],8
|
||||
{ .mmi; (p16) ld8 a[0]=[aptr],8
|
||||
(p16) ld8 t[0]=[bptr],8
|
||||
(p6) mov a[1]=t[1] };; // (p17)
|
||||
{ .mmb; (p17) st8 [rptr]=a[1],8
|
||||
(p17) st8 [tptr]=r0,8
|
||||
br.ctop.sptk .Lcopy_ctop };;
|
||||
.Lcopy_cend:
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#! /usr/bin/env perl
|
||||
# Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2010-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -384,15 +384,13 @@ $code.=<<___;
|
|||
$PTR_SUB $rp,$num # restore rp
|
||||
not $hi1,$hi0
|
||||
|
||||
and $ap,$hi0,$sp
|
||||
and $bp,$hi1,$rp
|
||||
or $ap,$ap,$bp # ap=borrow?tp:rp
|
||||
|
||||
.align 4
|
||||
.Lcopy: $LD $aj,($ap)
|
||||
$PTR_ADD $ap,$BNSZ
|
||||
.Lcopy: $LD $nj,($tp) # conditional move
|
||||
$LD $aj,($rp)
|
||||
$ST $zero,($tp)
|
||||
$PTR_ADD $tp,$BNSZ
|
||||
and $nj,$hi0
|
||||
and $aj,$hi1
|
||||
or $aj,$nj
|
||||
sltu $at,$tp,$tj
|
||||
$ST $aj,($rp)
|
||||
bnez $at,.Lcopy
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#! /usr/bin/env perl
|
||||
# Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -517,7 +517,6 @@ L\$sub
|
|||
stws,ma $hi1,4($rp)
|
||||
|
||||
subb $ti0,%r0,$hi1
|
||||
ldo -4($tp),$tp
|
||||
___
|
||||
$code.=<<___ if ($BN_SZ==8);
|
||||
ldd,ma 8($tp),$ti0
|
||||
|
@ -532,21 +531,19 @@ L\$sub
|
|||
|
||||
extrd,u $ti0,31,32,$ti0 ; carry in flipped word order
|
||||
sub,db $ti0,%r0,$hi1
|
||||
ldo -8($tp),$tp
|
||||
___
|
||||
$code.=<<___;
|
||||
and $tp,$hi1,$ap
|
||||
andcm $rp,$hi1,$bp
|
||||
or $ap,$bp,$np
|
||||
|
||||
ldo `$LOCALS+32`($fp),$tp
|
||||
sub $rp,$arrsz,$rp ; rewind rp
|
||||
subi 0,$arrsz,$idx
|
||||
ldo `$LOCALS+32`($fp),$tp
|
||||
L\$copy
|
||||
ldd $idx($np),$hi0
|
||||
ldd 0($tp),$ti0
|
||||
ldd 0($rp),$hi0
|
||||
std,ma %r0,8($tp)
|
||||
addib,<> 8,$idx,.-8 ; L\$copy
|
||||
std,ma $hi0,8($rp)
|
||||
comiclr,= 0,$hi1,%r0
|
||||
copy $ti0,$hi0
|
||||
addib,<> 8,$idx,L\$copy
|
||||
std,ma $hi0,8($rp)
|
||||
___
|
||||
|
||||
if ($BN_SZ==4) { # PA-RISC 1.1 code-path
|
||||
|
@ -856,17 +853,16 @@ L\$sub_pa11
|
|||
stws,ma $hi1,4($rp)
|
||||
|
||||
subb $ti0,%r0,$hi1
|
||||
ldo -4($tp),$tp
|
||||
and $tp,$hi1,$ap
|
||||
andcm $rp,$hi1,$bp
|
||||
or $ap,$bp,$np
|
||||
|
||||
ldo `$LOCALS+32`($fp),$tp
|
||||
sub $rp,$arrsz,$rp ; rewind rp
|
||||
subi 0,$arrsz,$idx
|
||||
ldo `$LOCALS+32`($fp),$tp
|
||||
L\$copy_pa11
|
||||
ldwx $idx($np),$hi0
|
||||
ldw 0($tp),$ti0
|
||||
ldw 0($rp),$hi0
|
||||
stws,ma %r0,4($tp)
|
||||
comiclr,= 0,$hi1,%r0
|
||||
copy $ti0,$hi0
|
||||
addib,<> 4,$idx,L\$copy_pa11
|
||||
stws,ma $hi0,4($rp)
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#! /usr/bin/env perl
|
||||
# Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -301,15 +301,16 @@ Lsub: $LDX $tj,$tp,$j
|
|||
li $j,0
|
||||
mtctr $num
|
||||
subfe $ovf,$j,$ovf ; handle upmost overflow bit
|
||||
and $ap,$tp,$ovf
|
||||
andc $np,$rp,$ovf
|
||||
or $ap,$ap,$np ; ap=borrow?tp:rp
|
||||
|
||||
.align 4
|
||||
Lcopy: ; copy or in-place refresh
|
||||
$LDX $tj,$ap,$j
|
||||
$STX $tj,$rp,$j
|
||||
Lcopy: ; conditional copy
|
||||
$LDX $tj,$tp,$j
|
||||
$LDX $aj,$rp,$j
|
||||
and $tj,$tj,$ovf
|
||||
andc $aj,$aj,$ovf
|
||||
$STX $j,$tp,$j ; zap at once
|
||||
or $aj,$aj,$tj
|
||||
$STX $aj,$rp,$j
|
||||
addi $j,$j,$BNSZ
|
||||
bdnz Lcopy
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#! /usr/bin/env perl
|
||||
# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -1501,16 +1501,14 @@ Lsub: ldx $t0,$tp,$i
|
|||
|
||||
li $i,0
|
||||
subfe $ovf,$i,$ovf ; handle upmost overflow bit
|
||||
and $ap,$tp,$ovf
|
||||
andc $np,$rp,$ovf
|
||||
or $ap,$ap,$np ; ap=borrow?tp:rp
|
||||
addi $t7,$ap,8
|
||||
mtctr $j
|
||||
|
||||
.align 4
|
||||
Lcopy: ; copy or in-place refresh
|
||||
ldx $t0,$ap,$i
|
||||
ldx $t1,$t7,$i
|
||||
Lcopy: ; conditional copy
|
||||
ldx $t0,$tp,$i
|
||||
ldx $t1,$t4,$i
|
||||
ldx $t2,$rp,$i
|
||||
ldx $t3,$t6,$i
|
||||
std $i,8($nap_d) ; zap nap_d
|
||||
std $i,16($nap_d)
|
||||
std $i,24($nap_d)
|
||||
|
@ -1519,6 +1517,12 @@ Lcopy: ; copy or in-place refresh
|
|||
std $i,48($nap_d)
|
||||
std $i,56($nap_d)
|
||||
stdu $i,64($nap_d)
|
||||
and $t0,$t0,$ovf
|
||||
and $t1,$t1,$ovf
|
||||
andc $t2,$t2,$ovf
|
||||
andc $t3,$t3,$ovf
|
||||
or $t0,$t0,$t2
|
||||
or $t1,$t1,$t3
|
||||
stdx $t0,$rp,$i
|
||||
stdx $t1,$t6,$i
|
||||
stdx $i,$tp,$i ; zap tp at once
|
||||
|
@ -1561,20 +1565,21 @@ Lsub: lwz $t0,12($tp) ; load tp[j..j+3] in 64-bit word order
|
|||
|
||||
li $i,0
|
||||
subfe $ovf,$i,$ovf ; handle upmost overflow bit
|
||||
addi $tp,$sp,`$FRAME+$TRANSFER+4`
|
||||
addi $ap,$sp,`$FRAME+$TRANSFER+4`
|
||||
subf $rp,$num,$rp ; rewind rp
|
||||
and $ap,$tp,$ovf
|
||||
andc $np,$rp,$ovf
|
||||
or $ap,$ap,$np ; ap=borrow?tp:rp
|
||||
addi $tp,$sp,`$FRAME+$TRANSFER`
|
||||
mtctr $j
|
||||
|
||||
.align 4
|
||||
Lcopy: ; copy or in-place refresh
|
||||
Lcopy: ; conditional copy
|
||||
lwz $t0,4($ap)
|
||||
lwz $t1,8($ap)
|
||||
lwz $t2,12($ap)
|
||||
lwzu $t3,16($ap)
|
||||
lwz $t4,4($rp)
|
||||
lwz $t5,8($rp)
|
||||
lwz $t6,12($rp)
|
||||
lwz $t7,16($rp)
|
||||
std $i,8($nap_d) ; zap nap_d
|
||||
std $i,16($nap_d)
|
||||
std $i,24($nap_d)
|
||||
|
@ -1583,6 +1588,18 @@ Lcopy: ; copy or in-place refresh
|
|||
std $i,48($nap_d)
|
||||
std $i,56($nap_d)
|
||||
stdu $i,64($nap_d)
|
||||
and $t0,$t0,$ovf
|
||||
and $t1,$t1,$ovf
|
||||
and $t2,$t2,$ovf
|
||||
and $t3,$t3,$ovf
|
||||
andc $t4,$t4,$ovf
|
||||
andc $t5,$t5,$ovf
|
||||
andc $t6,$t6,$ovf
|
||||
andc $t7,$t7,$ovf
|
||||
or $t0,$t0,$t4
|
||||
or $t1,$t1,$t5
|
||||
or $t2,$t2,$t6
|
||||
or $t3,$t3,$t7
|
||||
stw $t0,4($rp)
|
||||
stw $t1,8($rp)
|
||||
stw $t2,12($rp)
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#! /usr/bin/env perl
|
||||
# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -104,7 +104,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
|
|||
$addx = ($1>=11);
|
||||
}
|
||||
|
||||
if (!$avx && `$ENV{CC} -v 2>&1` =~ /(^clang version|based on LLVM) ([3-9])\.([0-9]+)/) {
|
||||
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([3-9])\.([0-9]+)/) {
|
||||
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
|
||||
$avx = ($ver>=3.0) + ($ver>=3.01);
|
||||
$addx = ($ver>=3.03);
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#! /usr/bin/env perl
|
||||
# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -252,16 +252,16 @@ $code.=<<___;
|
|||
brct $count,.Lsub
|
||||
lghi $ahi,0
|
||||
slbgr $AHI,$ahi # handle upmost carry
|
||||
|
||||
ngr $ap,$AHI
|
||||
lghi $np,-1
|
||||
xgr $np,$AHI
|
||||
ngr $np,$rp
|
||||
ogr $ap,$np # ap=borrow?tp:rp
|
||||
lghi $NHI,-1
|
||||
xgr $NHI,$AHI
|
||||
|
||||
la $j,0(%r0)
|
||||
lgr $count,$num
|
||||
.Lcopy: lg $alo,0($j,$ap) # copy or in-place refresh
|
||||
.Lcopy: lg $ahi,$stdframe($j,$sp) # conditional copy
|
||||
lg $alo,0($j,$rp)
|
||||
ngr $ahi,$AHI
|
||||
ngr $alo,$NHI
|
||||
ogr $alo,$ahi
|
||||
_dswap $alo
|
||||
stg $j,$stdframe($j,$sp) # zap tp
|
||||
stg $alo,0($j,$rp)
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#! /usr/bin/env perl
|
||||
# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2012-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -888,19 +888,17 @@ $code.=<<___;
|
|||
sub $tp, $num, $tp
|
||||
sub $rp, $num, $rp
|
||||
|
||||
subc $ovf, %g0, $ovf ! handle upmost overflow bit
|
||||
and $tp, $ovf, $ap
|
||||
andn $rp, $ovf, $np
|
||||
or $np, $ap, $ap ! ap=borrow?tp:rp
|
||||
subccc $ovf, %g0, $ovf ! handle upmost overflow bit
|
||||
ba .Lcopy
|
||||
sub $num, 8, $cnt
|
||||
|
||||
.align 16
|
||||
.Lcopy: ! copy or in-place refresh
|
||||
ldx [$ap+0], $t2
|
||||
add $ap, 8, $ap
|
||||
.Lcopy: ! conditional copy
|
||||
ldx [$tp], $tj
|
||||
ldx [$rp+0], $t2
|
||||
stx %g0, [$tp] ! zap
|
||||
add $tp, 8, $tp
|
||||
movcs %icc, $tj, $t2
|
||||
stx $t2, [$rp+0]
|
||||
add $rp, 8, $rp
|
||||
brnz $cnt, .Lcopy
|
||||
|
@ -1136,19 +1134,17 @@ $code.=<<___;
|
|||
sub $tp, $num, $tp
|
||||
sub $rp, $num, $rp
|
||||
|
||||
subc $ovf, %g0, $ovf ! handle upmost overflow bit
|
||||
and $tp, $ovf, $ap
|
||||
andn $rp, $ovf, $np
|
||||
or $np, $ap, $ap ! ap=borrow?tp:rp
|
||||
subccc $ovf, %g0, $ovf ! handle upmost overflow bit
|
||||
ba .Lcopy_g5
|
||||
sub $num, 8, $cnt
|
||||
|
||||
.align 16
|
||||
.Lcopy_g5: ! copy or in-place refresh
|
||||
ldx [$ap+0], $t2
|
||||
add $ap, 8, $ap
|
||||
.Lcopy_g5: ! conditional copy
|
||||
ldx [$tp], $tj
|
||||
ldx [$rp+0], $t2
|
||||
stx %g0, [$tp] ! zap
|
||||
add $tp, 8, $tp
|
||||
movcs %icc, $tj, $t2
|
||||
stx $t2, [$rp+0]
|
||||
add $rp, 8, $rp
|
||||
brnz $cnt, .Lcopy_g5
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#! /usr/bin/env perl
|
||||
# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2005-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -265,7 +265,6 @@ $fname:
|
|||
.Ltail:
|
||||
add $np,$num,$np
|
||||
add $rp,$num,$rp
|
||||
mov $tp,$ap
|
||||
sub %g0,$num,%o7 ! k=-num
|
||||
ba .Lsub
|
||||
subcc %g0,%g0,%g0 ! clear %icc.c
|
||||
|
@ -278,15 +277,14 @@ $fname:
|
|||
add %o7,4,%o7
|
||||
brnz %o7,.Lsub
|
||||
st %o1,[$i]
|
||||
subc $car2,0,$car2 ! handle upmost overflow bit
|
||||
and $tp,$car2,$ap
|
||||
andn $rp,$car2,$np
|
||||
or $ap,$np,$ap
|
||||
subccc $car2,0,$car2 ! handle upmost overflow bit
|
||||
sub %g0,$num,%o7
|
||||
|
||||
.Lcopy:
|
||||
ld [$ap+%o7],%o0 ! copy or in-place refresh
|
||||
ld [$tp+%o7],%o1 ! conditional copy
|
||||
ld [$rp+%o7],%o0
|
||||
st %g0,[$tp+%o7] ! zap tp
|
||||
movcs %icc,%o1,%o0
|
||||
st %o0,[$rp+%o7]
|
||||
add %o7,4,%o7
|
||||
brnz %o7,.Lcopy
|
||||
|
@ -495,6 +493,9 @@ $code.=<<___;
|
|||
mulx $npj,$mul1,$acc1
|
||||
add $tpj,$car1,$car1
|
||||
ld [$np+$j],$npj ! np[j]
|
||||
srlx $car1,32,$tmp0
|
||||
and $car1,$mask,$car1
|
||||
add $tmp0,$sbit,$sbit
|
||||
add $acc0,$car1,$car1
|
||||
ld [$tp+8],$tpj ! tp[j]
|
||||
add $acc1,$car1,$car1
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#! /usr/bin/env perl
|
||||
# Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -213,18 +213,15 @@ $sp=&DWP(28,"esp");
|
|||
|
||||
&mov ("eax",&DWP(0,"esi","edx",4)); # upmost overflow bit
|
||||
&sbb ("eax",0);
|
||||
&and ("esi","eax");
|
||||
¬ ("eax");
|
||||
&mov ("ebp","edi");
|
||||
&and ("ebp","eax");
|
||||
&or ("esi","ebp"); # tp=carry?tp:rp
|
||||
|
||||
&mov ("ecx","edx"); # num
|
||||
&xor ("edx","edx"); # i=0
|
||||
&mov ("edx",0); # i=0
|
||||
|
||||
&set_label("copy",8);
|
||||
&mov ("eax",&DWP(0,"esi","edx",4));
|
||||
&mov (&DWP(64,"esp","edx",4),"ecx"); # zap tp
|
||||
&mov ("ebx",&DWP(0,"esi","edx",4));
|
||||
&mov ("eax",&DWP(0,"edi","edx",4));
|
||||
&mov (&DWP(0,"esi","edx",4),"ecx"); # zap tp
|
||||
&cmovc ("eax","ebx");
|
||||
&mov (&DWP(0,"edi","edx",4),"eax");
|
||||
&lea ("edx",&DWP(1,"edx")); # i++
|
||||
&loop (&label("copy"));
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#! /usr/bin/env perl
|
||||
# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2012-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -310,23 +310,23 @@ $code.=<<___;
|
|||
sub $anp, $num, $anp
|
||||
sub $rp, $num, $rp
|
||||
|
||||
subc $ovf, %g0, $ovf ! handle upmost overflow bit
|
||||
and $tp, $ovf, $ap
|
||||
andn $rp, $ovf, $np
|
||||
or $np, $ap, $ap ! ap=borrow?tp:rp
|
||||
subccc $ovf, %g0, $ovf ! handle upmost overflow bit
|
||||
ba .Lcopy
|
||||
sub $num, 8, $cnt
|
||||
|
||||
.align 16
|
||||
.Lcopy: ! copy or in-place refresh
|
||||
ld [$ap+0], $t2
|
||||
ld [$ap+4], $t3
|
||||
add $ap, 8, $ap
|
||||
.Lcopy: ! conditional copy
|
||||
ld [$tp+0], $t0
|
||||
ld [$tp+4], $t1
|
||||
ld [$rp+0], $t2
|
||||
ld [$rp+4], $t3
|
||||
stx %g0, [$tp] ! zap
|
||||
add $tp, 8, $tp
|
||||
stx %g0, [$anp] ! zap
|
||||
stx %g0, [$anp+8]
|
||||
add $anp, 16, $anp
|
||||
movcs %icc, $t0, $t2
|
||||
movcs %icc, $t1, $t3
|
||||
st $t3, [$rp+0] ! flip order
|
||||
st $t2, [$rp+4]
|
||||
add $rp, 8, $rp
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#! /usr/bin/env perl
|
||||
# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2005-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -604,16 +604,18 @@ $sbit=$num;
|
|||
&jge (&label("sub"));
|
||||
|
||||
&sbb ("eax",0); # handle upmost overflow bit
|
||||
&and ($tp,"eax");
|
||||
¬ ("eax");
|
||||
&mov ($np,$rp);
|
||||
&and ($np,"eax");
|
||||
&or ($tp,$np); # tp=carry?tp:rp
|
||||
&mov ("edx",-1);
|
||||
&xor ("edx","eax");
|
||||
&jmp (&label("copy"));
|
||||
|
||||
&set_label("copy",16); # copy or in-place refresh
|
||||
&mov ("eax",&DWP(0,$tp,$num,4));
|
||||
&mov (&DWP(0,$rp,$num,4),"eax"); # rp[i]=tp[i]
|
||||
&set_label("copy",16); # conditional copy
|
||||
&mov ($tp,&DWP($frame,"esp",$num,4));
|
||||
&mov ($np,&DWP(0,$rp,$num,4));
|
||||
&mov (&DWP($frame,"esp",$num,4),$j); # zap temporary vector
|
||||
&and ($tp,"eax");
|
||||
&and ($np,"edx");
|
||||
&or ($np,$tp);
|
||||
&mov (&DWP(0,$rp,$num,4),$np);
|
||||
&dec ($num);
|
||||
&jge (&label("copy"));
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#! /usr/bin/env perl
|
||||
# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2005-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -302,30 +302,30 @@ $code.=<<___;
|
|||
|
||||
xor $i,$i # i=0 and clear CF!
|
||||
mov (%rsp),%rax # tp[0]
|
||||
lea (%rsp),$ap # borrow ap for tp
|
||||
mov $num,$j # j=num
|
||||
jmp .Lsub
|
||||
|
||||
.align 16
|
||||
.Lsub: sbb ($np,$i,8),%rax
|
||||
mov %rax,($rp,$i,8) # rp[i]=tp[i]-np[i]
|
||||
mov 8($ap,$i,8),%rax # tp[i+1]
|
||||
mov 8(%rsp,$i,8),%rax # tp[i+1]
|
||||
lea 1($i),$i # i++
|
||||
dec $j # doesnn't affect CF!
|
||||
jnz .Lsub
|
||||
|
||||
sbb \$0,%rax # handle upmost overflow bit
|
||||
mov \$-1,%rbx
|
||||
xor %rax,%rbx # not %rax
|
||||
xor $i,$i
|
||||
and %rax,$ap
|
||||
not %rax
|
||||
mov $rp,$np
|
||||
and %rax,$np
|
||||
mov $num,$j # j=num
|
||||
or $np,$ap # ap=borrow?tp:rp
|
||||
.align 16
|
||||
.Lcopy: # copy or in-place refresh
|
||||
mov ($ap,$i,8),%rax
|
||||
mov $i,(%rsp,$i,8) # zap temporary vector
|
||||
mov %rax,($rp,$i,8) # rp[i]=tp[i]
|
||||
|
||||
.Lcopy: # conditional copy
|
||||
mov ($rp,$i,8),%rcx
|
||||
mov (%rsp,$i,8),%rdx
|
||||
and %rbx,%rcx
|
||||
and %rax,%rdx
|
||||
mov $num,(%rsp,$i,8) # zap temporary vector
|
||||
or %rcx,%rdx
|
||||
mov %rdx,($rp,$i,8) # rp[i]=tp[i]
|
||||
lea 1($i),$i
|
||||
sub \$1,$j
|
||||
jnz .Lcopy
|
||||
|
@ -695,10 +695,10 @@ ___
|
|||
my @ri=("%rax","%rdx",$m0,$m1);
|
||||
$code.=<<___;
|
||||
mov 16(%rsp,$num,8),$rp # restore $rp
|
||||
lea -4($num),$j
|
||||
mov 0(%rsp),@ri[0] # tp[0]
|
||||
pxor %xmm0,%xmm0
|
||||
mov 8(%rsp),@ri[1] # tp[1]
|
||||
shr \$2,$num # num/=4
|
||||
shr \$2,$j # j=num/4-1
|
||||
lea (%rsp),$ap # borrow ap for tp
|
||||
xor $i,$i # i=0 and clear CF!
|
||||
|
||||
|
@ -706,9 +706,7 @@ $code.=<<___;
|
|||
mov 16($ap),@ri[2] # tp[2]
|
||||
mov 24($ap),@ri[3] # tp[3]
|
||||
sbb 8($np),@ri[1]
|
||||
lea -1($num),$j # j=num/4-1
|
||||
jmp .Lsub4x
|
||||
.align 16
|
||||
|
||||
.Lsub4x:
|
||||
mov @ri[0],0($rp,$i,8) # rp[i]=tp[i]-np[i]
|
||||
mov @ri[1],8($rp,$i,8) # rp[i]=tp[i]-np[i]
|
||||
|
@ -735,34 +733,35 @@ $code.=<<___;
|
|||
|
||||
sbb \$0,@ri[0] # handle upmost overflow bit
|
||||
mov @ri[3],24($rp,$i,8) # rp[i]=tp[i]-np[i]
|
||||
xor $i,$i # i=0
|
||||
and @ri[0],$ap
|
||||
not @ri[0]
|
||||
mov $rp,$np
|
||||
and @ri[0],$np
|
||||
lea -1($num),$j
|
||||
or $np,$ap # ap=borrow?tp:rp
|
||||
pxor %xmm0,%xmm0
|
||||
movq @ri[0],%xmm4
|
||||
pcmpeqd %xmm5,%xmm5
|
||||
pshufd \$0,%xmm4,%xmm4
|
||||
mov $num,$j
|
||||
pxor %xmm4,%xmm5
|
||||
shr \$2,$j # j=num/4
|
||||
xor %eax,%eax # i=0
|
||||
|
||||
movdqu ($ap),%xmm1
|
||||
movdqa %xmm0,(%rsp)
|
||||
movdqu %xmm1,($rp)
|
||||
jmp .Lcopy4x
|
||||
.align 16
|
||||
.Lcopy4x: # copy or in-place refresh
|
||||
movdqu 16($ap,$i),%xmm2
|
||||
movdqu 32($ap,$i),%xmm1
|
||||
movdqa %xmm0,16(%rsp,$i)
|
||||
movdqu %xmm2,16($rp,$i)
|
||||
movdqa %xmm0,32(%rsp,$i)
|
||||
movdqu %xmm1,32($rp,$i)
|
||||
lea 32($i),$i
|
||||
.Lcopy4x: # conditional copy
|
||||
movdqa (%rsp,%rax),%xmm1
|
||||
movdqu ($rp,%rax),%xmm2
|
||||
pand %xmm4,%xmm1
|
||||
pand %xmm5,%xmm2
|
||||
movdqa 16(%rsp,%rax),%xmm3
|
||||
movdqa %xmm0,(%rsp,%rax)
|
||||
por %xmm2,%xmm1
|
||||
movdqu 16($rp,%rax),%xmm2
|
||||
movdqu %xmm1,($rp,%rax)
|
||||
pand %xmm4,%xmm3
|
||||
pand %xmm5,%xmm2
|
||||
movdqa %xmm0,16(%rsp,%rax)
|
||||
por %xmm2,%xmm3
|
||||
movdqu %xmm3,16($rp,%rax)
|
||||
lea 32(%rax),%rax
|
||||
dec $j
|
||||
jnz .Lcopy4x
|
||||
|
||||
shl \$2,$num
|
||||
movdqu 16($ap,$i),%xmm2
|
||||
movdqa %xmm0,16(%rsp,$i)
|
||||
movdqu %xmm2,16($rp,$i)
|
||||
___
|
||||
}
|
||||
$code.=<<___;
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#! /usr/bin/env perl
|
||||
# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2011-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -414,18 +414,19 @@ $code.=<<___;
|
|||
jnz .Lsub
|
||||
|
||||
sbb \$0,%rax # handle upmost overflow bit
|
||||
mov \$-1,%rbx
|
||||
xor %rax,%rbx
|
||||
xor $i,$i
|
||||
and %rax,$ap
|
||||
not %rax
|
||||
mov $rp,$np
|
||||
and %rax,$np
|
||||
mov $num,$j # j=num
|
||||
or $np,$ap # ap=borrow?tp:rp
|
||||
.align 16
|
||||
.Lcopy: # copy or in-place refresh
|
||||
mov ($ap,$i,8),%rax
|
||||
|
||||
.Lcopy: # conditional copy
|
||||
mov ($rp,$i,8),%rcx
|
||||
mov (%rsp,$i,8),%rdx
|
||||
and %rbx,%rcx
|
||||
and %rax,%rdx
|
||||
mov $i,(%rsp,$i,8) # zap temporary vector
|
||||
mov %rax,($rp,$i,8) # rp[i]=tp[i]
|
||||
or %rcx,%rdx
|
||||
mov %rdx,($rp,$i,8) # rp[i]=tp[i]
|
||||
lea 1($i),$i
|
||||
sub \$1,$j
|
||||
jnz .Lcopy
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -240,6 +240,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
|
|||
wnum.neg = 0;
|
||||
wnum.d = &(snum->d[loop]);
|
||||
wnum.top = div_n;
|
||||
wnum.flags = BN_FLG_STATIC_DATA;
|
||||
/*
|
||||
* only needed when BN_ucmp messes up the values between top and max
|
||||
*/
|
||||
|
|
|
@ -188,8 +188,8 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
|||
|
||||
bits = BN_num_bits(p);
|
||||
if (bits == 0) {
|
||||
/* x**0 mod 1 is still zero. */
|
||||
if (BN_is_one(m)) {
|
||||
/* x**0 mod 1, or x**0 mod -1 is still zero. */
|
||||
if (BN_abs_is_word(m, 1)) {
|
||||
ret = 1;
|
||||
BN_zero(r);
|
||||
} else {
|
||||
|
@ -330,8 +330,8 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
|||
}
|
||||
bits = BN_num_bits(p);
|
||||
if (bits == 0) {
|
||||
/* x**0 mod 1 is still zero. */
|
||||
if (BN_is_one(m)) {
|
||||
/* x**0 mod 1, or x**0 mod -1 is still zero. */
|
||||
if (BN_abs_is_word(m, 1)) {
|
||||
ret = 1;
|
||||
BN_zero(rr);
|
||||
} else {
|
||||
|
@ -371,17 +371,17 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
|||
ret = 1;
|
||||
goto err;
|
||||
}
|
||||
if (!BN_to_montgomery(val[0], aa, mont, ctx))
|
||||
if (!bn_to_mont_fixed_top(val[0], aa, mont, ctx))
|
||||
goto err; /* 1 */
|
||||
|
||||
window = BN_window_bits_for_exponent_size(bits);
|
||||
if (window > 1) {
|
||||
if (!BN_mod_mul_montgomery(d, val[0], val[0], mont, ctx))
|
||||
if (!bn_mul_mont_fixed_top(d, val[0], val[0], mont, ctx))
|
||||
goto err; /* 2 */
|
||||
j = 1 << (window - 1);
|
||||
for (i = 1; i < j; i++) {
|
||||
if (((val[i] = BN_CTX_get(ctx)) == NULL) ||
|
||||
!BN_mod_mul_montgomery(val[i], val[i - 1], d, mont, ctx))
|
||||
!bn_mul_mont_fixed_top(val[i], val[i - 1], d, mont, ctx))
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
|
@ -403,19 +403,15 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
|||
for (i = 1; i < j; i++)
|
||||
r->d[i] = (~m->d[i]) & BN_MASK2;
|
||||
r->top = j;
|
||||
/*
|
||||
* Upper words will be zero if the corresponding words of 'm' were
|
||||
* 0xfff[...], so decrement r->top accordingly.
|
||||
*/
|
||||
bn_correct_top(r);
|
||||
r->flags |= BN_FLG_FIXED_TOP;
|
||||
} else
|
||||
#endif
|
||||
if (!BN_to_montgomery(r, BN_value_one(), mont, ctx))
|
||||
if (!bn_to_mont_fixed_top(r, BN_value_one(), mont, ctx))
|
||||
goto err;
|
||||
for (;;) {
|
||||
if (BN_is_bit_set(p, wstart) == 0) {
|
||||
if (!start) {
|
||||
if (!BN_mod_mul_montgomery(r, r, r, mont, ctx))
|
||||
if (!bn_mul_mont_fixed_top(r, r, r, mont, ctx))
|
||||
goto err;
|
||||
}
|
||||
if (wstart == 0)
|
||||
|
@ -446,12 +442,12 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
|||
/* add the 'bytes above' */
|
||||
if (!start)
|
||||
for (i = 0; i < j; i++) {
|
||||
if (!BN_mod_mul_montgomery(r, r, r, mont, ctx))
|
||||
if (!bn_mul_mont_fixed_top(r, r, r, mont, ctx))
|
||||
goto err;
|
||||
}
|
||||
|
||||
/* wvalue will be an odd number < 2^window */
|
||||
if (!BN_mod_mul_montgomery(r, r, val[wvalue >> 1], mont, ctx))
|
||||
if (!bn_mul_mont_fixed_top(r, r, val[wvalue >> 1], mont, ctx))
|
||||
goto err;
|
||||
|
||||
/* move the 'window' down further */
|
||||
|
@ -461,6 +457,11 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
|||
if (wstart < 0)
|
||||
break;
|
||||
}
|
||||
/*
|
||||
* Done with zero-padded intermediate BIGNUMs. Final BN_from_montgomery
|
||||
* removes padding [if any] and makes return value suitable for public
|
||||
* API consumer.
|
||||
*/
|
||||
#if defined(SPARC_T4_MONT)
|
||||
if (OPENSSL_sparcv9cap_P[0] & (SPARCV9_VIS3 | SPARCV9_PREFER_FPU)) {
|
||||
j = mont->N.top; /* borrow j */
|
||||
|
@ -587,7 +588,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top,
|
|||
}
|
||||
|
||||
b->top = top;
|
||||
bn_correct_top(b);
|
||||
b->flags |= BN_FLG_FIXED_TOP;
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
@ -639,8 +640,8 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
|||
*/
|
||||
bits = p->top * BN_BITS2;
|
||||
if (bits == 0) {
|
||||
/* x**0 mod 1 is still zero. */
|
||||
if (BN_is_one(m)) {
|
||||
/* x**0 mod 1, or x**0 mod -1 is still zero. */
|
||||
if (BN_abs_is_word(m, 1)) {
|
||||
ret = 1;
|
||||
BN_zero(rr);
|
||||
} else {
|
||||
|
@ -757,16 +758,16 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
|||
tmp.top = top;
|
||||
} else
|
||||
#endif
|
||||
if (!BN_to_montgomery(&tmp, BN_value_one(), mont, ctx))
|
||||
if (!bn_to_mont_fixed_top(&tmp, BN_value_one(), mont, ctx))
|
||||
goto err;
|
||||
|
||||
/* prepare a^1 in Montgomery domain */
|
||||
if (a->neg || BN_ucmp(a, m) >= 0) {
|
||||
if (!BN_mod(&am, a, m, ctx))
|
||||
goto err;
|
||||
if (!BN_to_montgomery(&am, &am, mont, ctx))
|
||||
if (!bn_to_mont_fixed_top(&am, &am, mont, ctx))
|
||||
goto err;
|
||||
} else if (!BN_to_montgomery(&am, a, mont, ctx))
|
||||
} else if (!bn_to_mont_fixed_top(&am, a, mont, ctx))
|
||||
goto err;
|
||||
|
||||
#if defined(SPARC_T4_MONT)
|
||||
|
@ -1033,14 +1034,14 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
|||
* performance advantage of sqr over mul).
|
||||
*/
|
||||
if (window > 1) {
|
||||
if (!BN_mod_mul_montgomery(&tmp, &am, &am, mont, ctx))
|
||||
if (!bn_mul_mont_fixed_top(&tmp, &am, &am, mont, ctx))
|
||||
goto err;
|
||||
if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, powerbuf, 2,
|
||||
window))
|
||||
goto err;
|
||||
for (i = 3; i < numPowers; i++) {
|
||||
/* Calculate a^i = a^(i-1) * a */
|
||||
if (!BN_mod_mul_montgomery(&tmp, &am, &tmp, mont, ctx))
|
||||
if (!bn_mul_mont_fixed_top(&tmp, &am, &tmp, mont, ctx))
|
||||
goto err;
|
||||
if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, powerbuf, i,
|
||||
window))
|
||||
|
@ -1064,7 +1065,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
|||
|
||||
/* Scan the window, squaring the result as we go */
|
||||
for (i = 0; i < window; i++, bits--) {
|
||||
if (!BN_mod_mul_montgomery(&tmp, &tmp, &tmp, mont, ctx))
|
||||
if (!bn_mul_mont_fixed_top(&tmp, &tmp, &tmp, mont, ctx))
|
||||
goto err;
|
||||
wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
|
||||
}
|
||||
|
@ -1077,12 +1078,16 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
|||
goto err;
|
||||
|
||||
/* Multiply the result into the intermediate result */
|
||||
if (!BN_mod_mul_montgomery(&tmp, &tmp, &am, mont, ctx))
|
||||
if (!bn_mul_mont_fixed_top(&tmp, &tmp, &am, mont, ctx))
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
|
||||
/* Convert the final result from montgomery to standard format */
|
||||
/*
|
||||
* Done with zero-padded intermediate BIGNUMs. Final BN_from_montgomery
|
||||
* removes padding [if any] and makes return value suitable for public
|
||||
* API consumer.
|
||||
*/
|
||||
#if defined(SPARC_T4_MONT)
|
||||
if (OPENSSL_sparcv9cap_P[0] & (SPARCV9_VIS3 | SPARCV9_PREFER_FPU)) {
|
||||
am.d[0] = 1; /* borrow am */
|
||||
|
@ -1151,8 +1156,8 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
|
|||
|
||||
bits = BN_num_bits(p);
|
||||
if (bits == 0) {
|
||||
/* x**0 mod 1 is still zero. */
|
||||
if (BN_is_one(m)) {
|
||||
/* x**0 mod 1, or x**0 mod -1 is still zero. */
|
||||
if (BN_abs_is_word(m, 1)) {
|
||||
ret = 1;
|
||||
BN_zero(rr);
|
||||
} else {
|
||||
|
@ -1273,9 +1278,9 @@ int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
|||
}
|
||||
|
||||
bits = BN_num_bits(p);
|
||||
if (bits == 0) {
|
||||
/* x**0 mod 1 is still zero. */
|
||||
if (BN_is_one(m)) {
|
||||
if (bits == 0) {
|
||||
/* x**0 mod 1, or x**0 mod -1 is still zero. */
|
||||
if (BN_abs_is_word(m, 1)) {
|
||||
ret = 1;
|
||||
BN_zero(r);
|
||||
} else {
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -140,7 +140,14 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in,
|
|||
BIGNUM *ret = NULL;
|
||||
int sign;
|
||||
|
||||
if (pnoinv)
|
||||
/* This is invalid input so we don't worry about constant time here */
|
||||
if (BN_abs_is_word(n, 1) || BN_is_zero(n)) {
|
||||
if (pnoinv != NULL)
|
||||
*pnoinv = 1;
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if (pnoinv != NULL)
|
||||
*pnoinv = 0;
|
||||
|
||||
if ((BN_get_flags(a, BN_FLG_CONSTTIME) != 0)
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -32,30 +32,32 @@
|
|||
*/
|
||||
# define MAX_ITERATIONS 50
|
||||
|
||||
static const BN_ULONG SQR_tb[16] = { 0, 1, 4, 5, 16, 17, 20, 21,
|
||||
64, 65, 68, 69, 80, 81, 84, 85
|
||||
};
|
||||
# define SQR_nibble(w) ((((w) & 8) << 3) \
|
||||
| (((w) & 4) << 2) \
|
||||
| (((w) & 2) << 1) \
|
||||
| ((w) & 1))
|
||||
|
||||
|
||||
/* Platform-specific macros to accelerate squaring. */
|
||||
# if defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
|
||||
# define SQR1(w) \
|
||||
SQR_tb[(w) >> 60 & 0xF] << 56 | SQR_tb[(w) >> 56 & 0xF] << 48 | \
|
||||
SQR_tb[(w) >> 52 & 0xF] << 40 | SQR_tb[(w) >> 48 & 0xF] << 32 | \
|
||||
SQR_tb[(w) >> 44 & 0xF] << 24 | SQR_tb[(w) >> 40 & 0xF] << 16 | \
|
||||
SQR_tb[(w) >> 36 & 0xF] << 8 | SQR_tb[(w) >> 32 & 0xF]
|
||||
SQR_nibble((w) >> 60) << 56 | SQR_nibble((w) >> 56) << 48 | \
|
||||
SQR_nibble((w) >> 52) << 40 | SQR_nibble((w) >> 48) << 32 | \
|
||||
SQR_nibble((w) >> 44) << 24 | SQR_nibble((w) >> 40) << 16 | \
|
||||
SQR_nibble((w) >> 36) << 8 | SQR_nibble((w) >> 32)
|
||||
# define SQR0(w) \
|
||||
SQR_tb[(w) >> 28 & 0xF] << 56 | SQR_tb[(w) >> 24 & 0xF] << 48 | \
|
||||
SQR_tb[(w) >> 20 & 0xF] << 40 | SQR_tb[(w) >> 16 & 0xF] << 32 | \
|
||||
SQR_tb[(w) >> 12 & 0xF] << 24 | SQR_tb[(w) >> 8 & 0xF] << 16 | \
|
||||
SQR_tb[(w) >> 4 & 0xF] << 8 | SQR_tb[(w) & 0xF]
|
||||
SQR_nibble((w) >> 28) << 56 | SQR_nibble((w) >> 24) << 48 | \
|
||||
SQR_nibble((w) >> 20) << 40 | SQR_nibble((w) >> 16) << 32 | \
|
||||
SQR_nibble((w) >> 12) << 24 | SQR_nibble((w) >> 8) << 16 | \
|
||||
SQR_nibble((w) >> 4) << 8 | SQR_nibble((w) )
|
||||
# endif
|
||||
# ifdef THIRTY_TWO_BIT
|
||||
# define SQR1(w) \
|
||||
SQR_tb[(w) >> 28 & 0xF] << 24 | SQR_tb[(w) >> 24 & 0xF] << 16 | \
|
||||
SQR_tb[(w) >> 20 & 0xF] << 8 | SQR_tb[(w) >> 16 & 0xF]
|
||||
SQR_nibble((w) >> 28) << 24 | SQR_nibble((w) >> 24) << 16 | \
|
||||
SQR_nibble((w) >> 20) << 8 | SQR_nibble((w) >> 16)
|
||||
# define SQR0(w) \
|
||||
SQR_tb[(w) >> 12 & 0xF] << 24 | SQR_tb[(w) >> 8 & 0xF] << 16 | \
|
||||
SQR_tb[(w) >> 4 & 0xF] << 8 | SQR_tb[(w) & 0xF]
|
||||
SQR_nibble((w) >> 12) << 24 | SQR_nibble((w) >> 8) << 16 | \
|
||||
SQR_nibble((w) >> 4) << 8 | SQR_nibble((w) )
|
||||
# endif
|
||||
|
||||
# if !defined(OPENSSL_BN_ASM_GF2m)
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -177,16 +177,20 @@ BN_ULONG *bn_get_words(const BIGNUM *a)
|
|||
return a->d;
|
||||
}
|
||||
|
||||
void bn_set_static_words(BIGNUM *a, BN_ULONG *words, int size)
|
||||
void bn_set_static_words(BIGNUM *a, const BN_ULONG *words, int size)
|
||||
{
|
||||
a->d = words;
|
||||
/*
|
||||
* |const| qualifier omission is compensated by BN_FLG_STATIC_DATA
|
||||
* flag, which effectively means "read-only data".
|
||||
*/
|
||||
a->d = (BN_ULONG *)words;
|
||||
a->dmax = a->top = size;
|
||||
a->neg = 0;
|
||||
a->flags |= BN_FLG_STATIC_DATA;
|
||||
bn_correct_top(a);
|
||||
}
|
||||
|
||||
int bn_set_words(BIGNUM *a, BN_ULONG *words, int num_words)
|
||||
int bn_set_words(BIGNUM *a, const BN_ULONG *words, int num_words)
|
||||
{
|
||||
if (bn_wexpand(a, num_words) == NULL) {
|
||||
BNerr(BN_F_BN_SET_WORDS, ERR_R_MALLOC_FAILURE);
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -145,7 +145,16 @@ extern "C" {
|
|||
*/
|
||||
|
||||
# ifdef BN_DEBUG
|
||||
|
||||
/*
|
||||
* The new BN_FLG_FIXED_TOP flag marks vectors that were not treated with
|
||||
* bn_correct_top, in other words such vectors are permitted to have zeros
|
||||
* in most significant limbs. Such vectors are used internally to achieve
|
||||
* execution time invariance for critical operations with private keys.
|
||||
* It's BN_DEBUG-only flag, because user application is not supposed to
|
||||
* observe it anyway. Moreover, optimizing compiler would actually remove
|
||||
* all operations manipulating the bit in question in non-BN_DEBUG build.
|
||||
*/
|
||||
# define BN_FLG_FIXED_TOP 0x10000
|
||||
# ifdef BN_DEBUG_RAND
|
||||
/* To avoid "make update" cvs wars due to BN_DEBUG, use some tricks */
|
||||
# ifndef RAND_bytes
|
||||
|
@ -177,8 +186,10 @@ int RAND_bytes(unsigned char *buf, int num);
|
|||
do { \
|
||||
const BIGNUM *_bnum2 = (a); \
|
||||
if (_bnum2 != NULL) { \
|
||||
OPENSSL_assert(((_bnum2->top == 0) && !_bnum2->neg) || \
|
||||
(_bnum2->top && (_bnum2->d[_bnum2->top - 1] != 0))); \
|
||||
int _top = _bnum2->top; \
|
||||
OPENSSL_assert((_top == 0 && !_bnum2->neg) || \
|
||||
(_top && ((_bnum2->flags & BN_FLG_FIXED_TOP) \
|
||||
|| _bnum2->d[_top - 1] != 0))); \
|
||||
bn_pollute(_bnum2); \
|
||||
} \
|
||||
} while(0)
|
||||
|
@ -197,6 +208,7 @@ int RAND_bytes(unsigned char *buf, int num);
|
|||
|
||||
# else /* !BN_DEBUG */
|
||||
|
||||
# define BN_FLG_FIXED_TOP 0
|
||||
# define bn_pollute(a)
|
||||
# define bn_check_top(a)
|
||||
# define bn_fix_top(a) bn_correct_top(a)
|
||||
|
@ -228,7 +240,8 @@ struct bignum_st {
|
|||
/* Used for montgomery multiplication */
|
||||
struct bn_mont_ctx_st {
|
||||
int ri; /* number of bits in R */
|
||||
BIGNUM RR; /* used to convert to montgomery form */
|
||||
BIGNUM RR; /* used to convert to montgomery form,
|
||||
possibly zero-padded */
|
||||
BIGNUM N; /* The modulus */
|
||||
BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 (Ni is only
|
||||
* stored for bignum algorithm) */
|
||||
|
|
|
@ -12,6 +12,7 @@
|
|||
#include "internal/cryptlib.h"
|
||||
#include "bn_lcl.h"
|
||||
#include <openssl/opensslconf.h>
|
||||
#include "internal/constant_time_locl.h"
|
||||
|
||||
/* This stuff appears to be completely unused, so is deprecated */
|
||||
#if OPENSSL_API_COMPAT < 0x00908000L
|
||||
|
@ -222,8 +223,6 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
|
|||
const BN_ULONG *B;
|
||||
int i;
|
||||
|
||||
bn_check_top(b);
|
||||
|
||||
if (words > (INT_MAX / (4 * BN_BITS2))) {
|
||||
BNerr(BN_F_BN_EXPAND_INTERNAL, BN_R_BIGNUM_TOO_LONG);
|
||||
return NULL;
|
||||
|
@ -298,8 +297,6 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
|
|||
|
||||
BIGNUM *bn_expand2(BIGNUM *b, int words)
|
||||
{
|
||||
bn_check_top(b);
|
||||
|
||||
if (words > b->dmax) {
|
||||
BN_ULONG *a = bn_expand_internal(b, words);
|
||||
if (!a)
|
||||
|
@ -312,7 +309,6 @@ BIGNUM *bn_expand2(BIGNUM *b, int words)
|
|||
b->dmax = words;
|
||||
}
|
||||
|
||||
bn_check_top(b);
|
||||
return b;
|
||||
}
|
||||
|
||||
|
@ -379,12 +375,19 @@ BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b)
|
|||
memcpy(a->d, b->d, sizeof(b->d[0]) * b->top);
|
||||
#endif
|
||||
|
||||
a->top = b->top;
|
||||
a->neg = b->neg;
|
||||
a->top = b->top;
|
||||
a->flags |= b->flags & BN_FLG_FIXED_TOP;
|
||||
bn_check_top(a);
|
||||
return (a);
|
||||
}
|
||||
|
||||
#define FLAGS_DATA(flags) ((flags) & (BN_FLG_STATIC_DATA \
|
||||
| BN_FLG_CONSTTIME \
|
||||
| BN_FLG_SECURE \
|
||||
| BN_FLG_FIXED_TOP))
|
||||
#define FLAGS_STRUCT(flags) ((flags) & (BN_FLG_MALLOCED))
|
||||
|
||||
void BN_swap(BIGNUM *a, BIGNUM *b)
|
||||
{
|
||||
int flags_old_a, flags_old_b;
|
||||
|
@ -412,10 +415,8 @@ void BN_swap(BIGNUM *a, BIGNUM *b)
|
|||
b->dmax = tmp_dmax;
|
||||
b->neg = tmp_neg;
|
||||
|
||||
a->flags =
|
||||
(flags_old_a & BN_FLG_MALLOCED) | (flags_old_b & BN_FLG_STATIC_DATA);
|
||||
b->flags =
|
||||
(flags_old_b & BN_FLG_MALLOCED) | (flags_old_a & BN_FLG_STATIC_DATA);
|
||||
a->flags = FLAGS_STRUCT(flags_old_a) | FLAGS_DATA(flags_old_b);
|
||||
b->flags = FLAGS_STRUCT(flags_old_b) | FLAGS_DATA(flags_old_a);
|
||||
bn_check_top(a);
|
||||
bn_check_top(b);
|
||||
}
|
||||
|
@ -425,8 +426,9 @@ void BN_clear(BIGNUM *a)
|
|||
bn_check_top(a);
|
||||
if (a->d != NULL)
|
||||
OPENSSL_cleanse(a->d, sizeof(*a->d) * a->dmax);
|
||||
a->top = 0;
|
||||
a->neg = 0;
|
||||
a->top = 0;
|
||||
a->flags &= ~BN_FLG_FIXED_TOP;
|
||||
}
|
||||
|
||||
BN_ULONG BN_get_word(const BIGNUM *a)
|
||||
|
@ -447,6 +449,7 @@ int BN_set_word(BIGNUM *a, BN_ULONG w)
|
|||
a->neg = 0;
|
||||
a->d[0] = w;
|
||||
a->top = (w ? 1 : 0);
|
||||
a->flags &= ~BN_FLG_FIXED_TOP;
|
||||
bn_check_top(a);
|
||||
return (1);
|
||||
}
|
||||
|
@ -499,24 +502,29 @@ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
|
|||
/* ignore negative */
|
||||
static int bn2binpad(const BIGNUM *a, unsigned char *to, int tolen)
|
||||
{
|
||||
int i;
|
||||
int n;
|
||||
size_t i, inc, lasti, j;
|
||||
BN_ULONG l;
|
||||
|
||||
bn_check_top(a);
|
||||
i = BN_num_bytes(a);
|
||||
n = BN_num_bytes(a);
|
||||
if (tolen == -1)
|
||||
tolen = i;
|
||||
else if (tolen < i)
|
||||
tolen = n;
|
||||
else if (tolen < n)
|
||||
return -1;
|
||||
/* Add leading zeroes if necessary */
|
||||
if (tolen > i) {
|
||||
memset(to, 0, tolen - i);
|
||||
to += tolen - i;
|
||||
|
||||
if (n == 0) {
|
||||
OPENSSL_cleanse(to, tolen);
|
||||
return tolen;
|
||||
}
|
||||
while (i--) {
|
||||
|
||||
lasti = n - 1;
|
||||
for (i = 0, inc = 1, j = tolen; j > 0;) {
|
||||
l = a->d[i / BN_BYTES];
|
||||
*(to++) = (unsigned char)(l >> (8 * (i % BN_BYTES))) & 0xff;
|
||||
to[--j] = (unsigned char)(l >> (8 * (i % BN_BYTES)) & (0 - inc));
|
||||
inc = (i - lasti) >> (8 * sizeof(i) - 1);
|
||||
i += inc; /* stay on top limb */
|
||||
}
|
||||
|
||||
return tolen;
|
||||
}
|
||||
|
||||
|
@ -683,6 +691,7 @@ int BN_set_bit(BIGNUM *a, int n)
|
|||
for (k = a->top; k < i + 1; k++)
|
||||
a->d[k] = 0;
|
||||
a->top = i + 1;
|
||||
a->flags &= ~BN_FLG_FIXED_TOP;
|
||||
}
|
||||
|
||||
a->d[i] |= (((BN_ULONG)1) << j);
|
||||
|
@ -824,6 +833,34 @@ void BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords)
|
|||
a->top ^= t;
|
||||
b->top ^= t;
|
||||
|
||||
t = (a->neg ^ b->neg) & condition;
|
||||
a->neg ^= t;
|
||||
b->neg ^= t;
|
||||
|
||||
/*-
|
||||
* Idea behind BN_FLG_STATIC_DATA is actually to
|
||||
* indicate that data may not be written to.
|
||||
* Intention is actually to treat it as it's
|
||||
* read-only data, and some (if not most) of it does
|
||||
* reside in read-only segment. In other words
|
||||
* observation of BN_FLG_STATIC_DATA in
|
||||
* BN_consttime_swap should be treated as fatal
|
||||
* condition. It would either cause SEGV or
|
||||
* effectively cause data corruption.
|
||||
* BN_FLG_MALLOCED refers to BN structure itself,
|
||||
* and hence must be preserved. Remaining flags are
|
||||
* BN_FLG_CONSTIME and BN_FLG_SECURE. Latter must be
|
||||
* preserved, because it determines how x->d was
|
||||
* allocated and hence how to free it. This leaves
|
||||
* BN_FLG_CONSTTIME that one can do something about.
|
||||
* To summarize it's sufficient to mask and swap
|
||||
* BN_FLG_CONSTTIME alone. BN_FLG_STATIC_DATA should
|
||||
* be treated as fatal.
|
||||
*/
|
||||
t = ((a->flags ^ b->flags) & BN_FLG_CONSTTIME) & condition;
|
||||
a->flags ^= t;
|
||||
b->flags ^= t;
|
||||
|
||||
#define BN_CONSTTIME_SWAP(ind) \
|
||||
do { \
|
||||
t = (a->d[ind] ^ b->d[ind]) & condition; \
|
||||
|
@ -887,8 +924,9 @@ int BN_security_bits(int L, int N)
|
|||
|
||||
void BN_zero_ex(BIGNUM *a)
|
||||
{
|
||||
a->top = 0;
|
||||
a->neg = 0;
|
||||
a->top = 0;
|
||||
a->flags &= ~BN_FLG_FIXED_TOP;
|
||||
}
|
||||
|
||||
int BN_abs_is_word(const BIGNUM *a, const BN_ULONG w)
|
||||
|
@ -1012,5 +1050,6 @@ void bn_correct_top(BIGNUM *a)
|
|||
}
|
||||
if (a->top == 0)
|
||||
a->neg = 0;
|
||||
a->flags &= ~BN_FLG_FIXED_TOP;
|
||||
bn_pollute(a);
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -35,16 +35,71 @@ int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
|
|||
|
||||
/*
|
||||
* BN_mod_add variant that may be used if both a and b are non-negative and
|
||||
* less than m
|
||||
* less than m. The original algorithm was
|
||||
*
|
||||
* if (!BN_uadd(r, a, b))
|
||||
* return 0;
|
||||
* if (BN_ucmp(r, m) >= 0)
|
||||
* return BN_usub(r, r, m);
|
||||
*
|
||||
* which is replaced with addition, subtracting modulus, and conditional
|
||||
* move depending on whether or not subtraction borrowed.
|
||||
*/
|
||||
int bn_mod_add_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||
const BIGNUM *m)
|
||||
{
|
||||
size_t i, ai, bi, mtop = m->top;
|
||||
BN_ULONG storage[1024 / BN_BITS2];
|
||||
BN_ULONG carry, temp, mask, *rp, *tp = storage;
|
||||
const BN_ULONG *ap, *bp;
|
||||
|
||||
if (bn_wexpand(r, mtop) == NULL)
|
||||
return 0;
|
||||
|
||||
if (mtop > sizeof(storage) / sizeof(storage[0])
|
||||
&& (tp = OPENSSL_malloc(mtop * sizeof(BN_ULONG))) == NULL)
|
||||
return 0;
|
||||
|
||||
ap = a->d != NULL ? a->d : tp;
|
||||
bp = b->d != NULL ? b->d : tp;
|
||||
|
||||
for (i = 0, ai = 0, bi = 0, carry = 0; i < mtop;) {
|
||||
mask = (BN_ULONG)0 - ((i - a->top) >> (8 * sizeof(i) - 1));
|
||||
temp = ((ap[ai] & mask) + carry) & BN_MASK2;
|
||||
carry = (temp < carry);
|
||||
|
||||
mask = (BN_ULONG)0 - ((i - b->top) >> (8 * sizeof(i) - 1));
|
||||
tp[i] = ((bp[bi] & mask) + temp) & BN_MASK2;
|
||||
carry += (tp[i] < temp);
|
||||
|
||||
i++;
|
||||
ai += (i - a->dmax) >> (8 * sizeof(i) - 1);
|
||||
bi += (i - b->dmax) >> (8 * sizeof(i) - 1);
|
||||
}
|
||||
rp = r->d;
|
||||
carry -= bn_sub_words(rp, tp, m->d, mtop);
|
||||
for (i = 0; i < mtop; i++) {
|
||||
rp[i] = (carry & tp[i]) | (~carry & rp[i]);
|
||||
((volatile BN_ULONG *)tp)[i] = 0;
|
||||
}
|
||||
r->top = mtop;
|
||||
r->neg = 0;
|
||||
|
||||
if (tp != storage)
|
||||
OPENSSL_free(tp);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||
const BIGNUM *m)
|
||||
{
|
||||
if (!BN_uadd(r, a, b))
|
||||
return 0;
|
||||
if (BN_ucmp(r, m) >= 0)
|
||||
return BN_usub(r, r, m);
|
||||
return 1;
|
||||
int ret = bn_mod_add_fixed_top(r, a, b, m);
|
||||
|
||||
if (ret)
|
||||
bn_correct_top(r);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
|
||||
|
|
|
@ -20,29 +20,43 @@
|
|||
#define MONT_WORD /* use the faster word-based algorithm */
|
||||
|
||||
#ifdef MONT_WORD
|
||||
static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont);
|
||||
static int bn_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont);
|
||||
#endif
|
||||
|
||||
int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||
BN_MONT_CTX *mont, BN_CTX *ctx)
|
||||
{
|
||||
int ret = bn_mul_mont_fixed_top(r, a, b, mont, ctx);
|
||||
|
||||
bn_correct_top(r);
|
||||
bn_check_top(r);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
int bn_mul_mont_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||
BN_MONT_CTX *mont, BN_CTX *ctx)
|
||||
{
|
||||
BIGNUM *tmp;
|
||||
int ret = 0;
|
||||
#if defined(OPENSSL_BN_ASM_MONT) && defined(MONT_WORD)
|
||||
int num = mont->N.top;
|
||||
|
||||
#if defined(OPENSSL_BN_ASM_MONT) && defined(MONT_WORD)
|
||||
if (num > 1 && a->top == num && b->top == num) {
|
||||
if (bn_wexpand(r, num) == NULL)
|
||||
return (0);
|
||||
if (bn_mul_mont(r->d, a->d, b->d, mont->N.d, mont->n0, num)) {
|
||||
r->neg = a->neg ^ b->neg;
|
||||
r->top = num;
|
||||
bn_correct_top(r);
|
||||
r->flags |= BN_FLG_FIXED_TOP;
|
||||
return (1);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
if ((a->top + b->top) > 2 * num)
|
||||
return 0;
|
||||
|
||||
BN_CTX_start(ctx);
|
||||
tmp = BN_CTX_get(ctx);
|
||||
if (tmp == NULL)
|
||||
|
@ -58,13 +72,12 @@ int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
|||
}
|
||||
/* reduce from aRR to aR */
|
||||
#ifdef MONT_WORD
|
||||
if (!BN_from_montgomery_word(r, tmp, mont))
|
||||
if (!bn_from_montgomery_word(r, tmp, mont))
|
||||
goto err;
|
||||
#else
|
||||
if (!BN_from_montgomery(r, tmp, mont, ctx))
|
||||
goto err;
|
||||
#endif
|
||||
bn_check_top(r);
|
||||
ret = 1;
|
||||
err:
|
||||
BN_CTX_end(ctx);
|
||||
|
@ -72,7 +85,7 @@ int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
|||
}
|
||||
|
||||
#ifdef MONT_WORD
|
||||
static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
|
||||
static int bn_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
|
||||
{
|
||||
BIGNUM *n;
|
||||
BN_ULONG *ap, *np, *rp, n0, v, carry;
|
||||
|
@ -99,6 +112,7 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
|
|||
memset(&rp[r->top], 0, sizeof(*rp) * i);
|
||||
|
||||
r->top = max;
|
||||
r->flags |= BN_FLG_FIXED_TOP;
|
||||
n0 = mont->n0[0];
|
||||
|
||||
/*
|
||||
|
@ -117,6 +131,7 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
|
|||
if (bn_wexpand(ret, nl) == NULL)
|
||||
return (0);
|
||||
ret->top = nl;
|
||||
ret->flags |= BN_FLG_FIXED_TOP;
|
||||
ret->neg = r->neg;
|
||||
|
||||
rp = ret->d;
|
||||
|
@ -127,20 +142,16 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
|
|||
*/
|
||||
ap = &(r->d[nl]);
|
||||
|
||||
carry -= bn_sub_words(rp, ap, np, nl);
|
||||
/*
|
||||
* |v| is one if |ap| - |np| underflowed or zero if it did not. Note |v|
|
||||
* cannot be -1. That would imply the subtraction did not fit in |nl| words,
|
||||
* and we know at most one subtraction is needed.
|
||||
* |carry| is -1 if |ap| - |np| underflowed or zero if it did not. Note
|
||||
* |carry| cannot be 1. That would imply the subtraction did not fit in
|
||||
* |nl| words, and we know at most one subtraction is needed.
|
||||
*/
|
||||
v = bn_sub_words(rp, ap, np, nl) - carry;
|
||||
v = 0 - v;
|
||||
for (i = 0; i < nl; i++) {
|
||||
rp[i] = (v & ap[i]) | (~v & rp[i]);
|
||||
rp[i] = (carry & ap[i]) | (~carry & rp[i]);
|
||||
ap[i] = 0;
|
||||
}
|
||||
bn_correct_top(r);
|
||||
bn_correct_top(ret);
|
||||
bn_check_top(ret);
|
||||
|
||||
return (1);
|
||||
}
|
||||
|
@ -154,8 +165,11 @@ int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,
|
|||
BIGNUM *t;
|
||||
|
||||
BN_CTX_start(ctx);
|
||||
if ((t = BN_CTX_get(ctx)) && BN_copy(t, a))
|
||||
retn = BN_from_montgomery_word(ret, t, mont);
|
||||
if ((t = BN_CTX_get(ctx)) && BN_copy(t, a)) {
|
||||
retn = bn_from_montgomery_word(ret, t, mont);
|
||||
bn_correct_top(ret);
|
||||
bn_check_top(ret);
|
||||
}
|
||||
BN_CTX_end(ctx);
|
||||
#else /* !MONT_WORD */
|
||||
BIGNUM *t1, *t2;
|
||||
|
@ -193,6 +207,12 @@ int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,
|
|||
return (retn);
|
||||
}
|
||||
|
||||
int bn_to_mont_fixed_top(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
|
||||
BN_CTX *ctx)
|
||||
{
|
||||
return bn_mul_mont_fixed_top(r, a, &(mont->RR), mont, ctx);
|
||||
}
|
||||
|
||||
BN_MONT_CTX *BN_MONT_CTX_new(void)
|
||||
{
|
||||
BN_MONT_CTX *ret;
|
||||
|
@ -229,7 +249,7 @@ void BN_MONT_CTX_free(BN_MONT_CTX *mont)
|
|||
|
||||
int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
|
||||
{
|
||||
int ret = 0;
|
||||
int i, ret = 0;
|
||||
BIGNUM *Ri, *R;
|
||||
|
||||
if (BN_is_zero(mod))
|
||||
|
@ -278,7 +298,9 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
|
|||
if ((buf[1] = mod->top > 1 ? mod->d[1] : 0))
|
||||
tmod.top = 2;
|
||||
|
||||
if ((BN_mod_inverse(Ri, R, &tmod, ctx)) == NULL)
|
||||
if (BN_is_one(&tmod))
|
||||
BN_zero(Ri);
|
||||
else if ((BN_mod_inverse(Ri, R, &tmod, ctx)) == NULL)
|
||||
goto err;
|
||||
if (!BN_lshift(Ri, Ri, 2 * BN_BITS2))
|
||||
goto err; /* R*Ri */
|
||||
|
@ -311,7 +333,9 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
|
|||
buf[1] = 0;
|
||||
tmod.top = buf[0] != 0 ? 1 : 0;
|
||||
/* Ri = R^-1 mod N */
|
||||
if ((BN_mod_inverse(Ri, R, &tmod, ctx)) == NULL)
|
||||
if (BN_is_one(&tmod))
|
||||
BN_zero(Ri);
|
||||
else if ((BN_mod_inverse(Ri, R, &tmod, ctx)) == NULL)
|
||||
goto err;
|
||||
if (!BN_lshift(Ri, Ri, BN_BITS2))
|
||||
goto err; /* R*Ri */
|
||||
|
@ -360,6 +384,11 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
|
|||
if (!BN_mod(&(mont->RR), &(mont->RR), &(mont->N), ctx))
|
||||
goto err;
|
||||
|
||||
for (i = mont->RR.top, ret = mont->N.top; i < ret; i++)
|
||||
mont->RR.d[i] = 0;
|
||||
mont->RR.top = ret;
|
||||
mont->RR.flags |= BN_FLG_FIXED_TOP;
|
||||
|
||||
ret = 1;
|
||||
err:
|
||||
BN_CTX_end(ctx);
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -82,14 +82,8 @@ int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
|
|||
}
|
||||
|
||||
rr->neg = 0;
|
||||
/*
|
||||
* If the most-significant half of the top word of 'a' is zero, then the
|
||||
* square of 'a' will max-1 words.
|
||||
*/
|
||||
if (a->d[al - 1] == (a->d[al - 1] & BN_MASK2l))
|
||||
rr->top = max - 1;
|
||||
else
|
||||
rr->top = max;
|
||||
rr->top = max;
|
||||
bn_correct_top(rr);
|
||||
if (r != rr && BN_copy(r, rr) == NULL)
|
||||
goto err;
|
||||
|
||||
|
|
|
@ -1,4 +1,3 @@
|
|||
{- use File::Spec::Functions qw/catdir catfile/; -}
|
||||
LIBS=../libcrypto
|
||||
SOURCE[../libcrypto]=\
|
||||
cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c cpt_err.c \
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#! /usr/bin/env perl
|
||||
# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -61,7 +61,7 @@ $ymm=1 if ($xmm && !$ymm && $ARGV[0] eq "win32" &&
|
|||
$1>=10); # first version supporting AVX
|
||||
|
||||
$ymm=1 if ($xmm && !$ymm &&
|
||||
`$ENV{CC} -v 2>&1` =~ /(^clang version|based on LLVM) ([3-9]\.[0-9]+)/ &&
|
||||
`$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([3-9]\.[0-9]+)/ &&
|
||||
$2>=3.0); # first version supporting AVX
|
||||
|
||||
$a="eax";
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -282,6 +282,7 @@ int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey)
|
|||
CMSerr(CMS_F_CMS_RECIPIENTINFO_SET0_PKEY, CMS_R_NOT_KEY_TRANSPORT);
|
||||
return 0;
|
||||
}
|
||||
EVP_PKEY_free(ri->d.ktri->pkey);
|
||||
ri->d.ktri->pkey = pkey;
|
||||
return 1;
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -631,6 +631,7 @@ int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
|
|||
* all.
|
||||
*/
|
||||
else if (!cert || !CMS_RecipientInfo_ktri_cert_cmp(ri, cert)) {
|
||||
EVP_PKEY_up_ref(pk);
|
||||
CMS_RecipientInfo_set0_pkey(ri, pk);
|
||||
r = CMS_RecipientInfo_decrypt(cms, ri);
|
||||
CMS_RecipientInfo_set0_pkey(ri, NULL);
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
LIBS=../../libcrypto
|
||||
SOURCE[../../libcrypto]= \
|
||||
conf_err.c conf_lib.c conf_api.c conf_def.c conf_mod.c \
|
||||
conf_mall.c conf_sap.c
|
||||
conf_mall.c conf_sap.c conf_ssl.c
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -205,10 +205,14 @@ CONF_VALUE *_CONF_new_section(CONF *conf, const char *section)
|
|||
|
||||
vv = lh_CONF_VALUE_insert(conf->data, v);
|
||||
OPENSSL_assert(vv == NULL);
|
||||
if (lh_CONF_VALUE_error(conf->data) > 0)
|
||||
goto err;
|
||||
return v;
|
||||
|
||||
err:
|
||||
sk_CONF_VALUE_free(sk);
|
||||
if (v != NULL)
|
||||
OPENSSL_free(v->section);
|
||||
OPENSSL_free(v);
|
||||
return NULL;
|
||||
}
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
* Generated by util/mkerr.pl DO NOT EDIT
|
||||
* Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -37,6 +37,7 @@ static ERR_STRING_DATA CONF_str_functs[] = {
|
|||
{ERR_FUNC(CONF_F_NCONF_LOAD_BIO), "NCONF_load_bio"},
|
||||
{ERR_FUNC(CONF_F_NCONF_LOAD_FP), "NCONF_load_fp"},
|
||||
{ERR_FUNC(CONF_F_NCONF_NEW), "NCONF_new"},
|
||||
{ERR_FUNC(CONF_F_SSL_MODULE_INIT), "ssl_module_init"},
|
||||
{ERR_FUNC(CONF_F_STR_COPY), "str_copy"},
|
||||
{0, NULL}
|
||||
};
|
||||
|
@ -57,6 +58,12 @@ static ERR_STRING_DATA CONF_str_reasons[] = {
|
|||
{ERR_REASON(CONF_R_NO_SECTION), "no section"},
|
||||
{ERR_REASON(CONF_R_NO_SUCH_FILE), "no such file"},
|
||||
{ERR_REASON(CONF_R_NO_VALUE), "no value"},
|
||||
{ERR_REASON(CONF_R_SSL_COMMAND_SECTION_EMPTY),
|
||||
"ssl command section empty"},
|
||||
{ERR_REASON(CONF_R_SSL_COMMAND_SECTION_NOT_FOUND),
|
||||
"ssl command section not found"},
|
||||
{ERR_REASON(CONF_R_SSL_SECTION_EMPTY), "ssl section empty"},
|
||||
{ERR_REASON(CONF_R_SSL_SECTION_NOT_FOUND), "ssl section not found"},
|
||||
{ERR_REASON(CONF_R_UNABLE_TO_CREATE_NEW_SECTION),
|
||||
"unable to create new section"},
|
||||
{ERR_REASON(CONF_R_UNKNOWN_MODULE_NAME), "unknown module name"},
|
||||
|
|
|
@ -0,0 +1,11 @@
|
|||
/*
|
||||
* Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
void conf_add_ssl_module(void);
|
||||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -14,6 +14,7 @@
|
|||
#include <openssl/x509.h>
|
||||
#include <openssl/asn1.h>
|
||||
#include <openssl/engine.h>
|
||||
#include "conf_lcl.h"
|
||||
|
||||
/* Load all OpenSSL builtin modules */
|
||||
|
||||
|
@ -26,4 +27,5 @@ void OPENSSL_load_builtin_modules(void)
|
|||
ENGINE_add_conf_module();
|
||||
#endif
|
||||
EVP_add_alg_module();
|
||||
conf_add_ssl_module();
|
||||
}
|
||||
|
|
|
@ -0,0 +1,178 @@
|
|||
/*
|
||||
* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <openssl/conf.h>
|
||||
#include <openssl/err.h>
|
||||
#include "internal/sslconf.h"
|
||||
#include "conf_lcl.h"
|
||||
|
||||
/*
|
||||
* SSL library configuration module placeholder. We load it here but defer
|
||||
* all decisions about its contents to libssl.
|
||||
*/
|
||||
|
||||
struct ssl_conf_name_st {
|
||||
/* Name of this set of commands */
|
||||
char *name;
|
||||
/* List of commands */
|
||||
SSL_CONF_CMD *cmds;
|
||||
/* Number of commands */
|
||||
size_t cmd_count;
|
||||
};
|
||||
|
||||
struct ssl_conf_cmd_st {
|
||||
/* Command */
|
||||
char *cmd;
|
||||
/* Argument */
|
||||
char *arg;
|
||||
};
|
||||
|
||||
static struct ssl_conf_name_st *ssl_names;
|
||||
static size_t ssl_names_count;
|
||||
|
||||
static void ssl_module_free(CONF_IMODULE *md)
|
||||
{
|
||||
size_t i, j;
|
||||
if (ssl_names == NULL)
|
||||
return;
|
||||
for (i = 0; i < ssl_names_count; i++) {
|
||||
struct ssl_conf_name_st *tname = ssl_names + i;
|
||||
|
||||
OPENSSL_free(tname->name);
|
||||
for (j = 0; j < tname->cmd_count; j++) {
|
||||
OPENSSL_free(tname->cmds[j].cmd);
|
||||
OPENSSL_free(tname->cmds[j].arg);
|
||||
}
|
||||
OPENSSL_free(tname->cmds);
|
||||
}
|
||||
OPENSSL_free(ssl_names);
|
||||
ssl_names = NULL;
|
||||
ssl_names_count = 0;
|
||||
}
|
||||
|
||||
static int ssl_module_init(CONF_IMODULE *md, const CONF *cnf)
|
||||
{
|
||||
size_t i, j, cnt;
|
||||
int rv = 0;
|
||||
const char *ssl_conf_section;
|
||||
STACK_OF(CONF_VALUE) *cmd_lists;
|
||||
|
||||
ssl_conf_section = CONF_imodule_get_value(md);
|
||||
cmd_lists = NCONF_get_section(cnf, ssl_conf_section);
|
||||
if (sk_CONF_VALUE_num(cmd_lists) <= 0) {
|
||||
if (cmd_lists == NULL)
|
||||
CONFerr(CONF_F_SSL_MODULE_INIT, CONF_R_SSL_SECTION_NOT_FOUND);
|
||||
else
|
||||
CONFerr(CONF_F_SSL_MODULE_INIT, CONF_R_SSL_SECTION_EMPTY);
|
||||
ERR_add_error_data(2, "section=", ssl_conf_section);
|
||||
goto err;
|
||||
}
|
||||
cnt = sk_CONF_VALUE_num(cmd_lists);
|
||||
ssl_names = OPENSSL_zalloc(sizeof(*ssl_names) * cnt);
|
||||
ssl_names_count = cnt;
|
||||
for (i = 0; i < ssl_names_count; i++) {
|
||||
struct ssl_conf_name_st *ssl_name = ssl_names + i;
|
||||
CONF_VALUE *sect = sk_CONF_VALUE_value(cmd_lists, (int)i);
|
||||
STACK_OF(CONF_VALUE) *cmds = NCONF_get_section(cnf, sect->value);
|
||||
|
||||
if (sk_CONF_VALUE_num(cmds) <= 0) {
|
||||
if (cmds == NULL)
|
||||
CONFerr(CONF_F_SSL_MODULE_INIT,
|
||||
CONF_R_SSL_COMMAND_SECTION_NOT_FOUND);
|
||||
else
|
||||
CONFerr(CONF_F_SSL_MODULE_INIT,
|
||||
CONF_R_SSL_COMMAND_SECTION_EMPTY);
|
||||
ERR_add_error_data(4, "name=", sect->name, ", value=", sect->value);
|
||||
goto err;
|
||||
}
|
||||
ssl_name->name = OPENSSL_strdup(sect->name);
|
||||
if (ssl_name->name == NULL)
|
||||
goto err;
|
||||
cnt = sk_CONF_VALUE_num(cmds);
|
||||
ssl_name->cmds = OPENSSL_zalloc(cnt * sizeof(struct ssl_conf_cmd_st));
|
||||
if (ssl_name->cmds == NULL)
|
||||
goto err;
|
||||
ssl_name->cmd_count = cnt;
|
||||
for (j = 0; j < cnt; j++) {
|
||||
const char *name;
|
||||
CONF_VALUE *cmd_conf = sk_CONF_VALUE_value(cmds, (int)j);
|
||||
struct ssl_conf_cmd_st *cmd = ssl_name->cmds + j;
|
||||
|
||||
/* Skip any initial dot in name */
|
||||
name = strchr(cmd_conf->name, '.');
|
||||
if (name != NULL)
|
||||
name++;
|
||||
else
|
||||
name = cmd_conf->name;
|
||||
cmd->cmd = OPENSSL_strdup(name);
|
||||
cmd->arg = OPENSSL_strdup(cmd_conf->value);
|
||||
if (cmd->cmd == NULL || cmd->arg == NULL)
|
||||
goto err;
|
||||
}
|
||||
|
||||
}
|
||||
rv = 1;
|
||||
err:
|
||||
if (rv == 0)
|
||||
ssl_module_free(md);
|
||||
return rv;
|
||||
}
|
||||
|
||||
/*
|
||||
* Returns the set of commands with index |idx| previously searched for via
|
||||
* conf_ssl_name_find. Also stores the name of the set of commands in |*name|
|
||||
* and the number of commands in the set in |*cnt|.
|
||||
*/
|
||||
const SSL_CONF_CMD *conf_ssl_get(size_t idx, const char **name, size_t *cnt)
|
||||
{
|
||||
*name = ssl_names[idx].name;
|
||||
*cnt = ssl_names[idx].cmd_count;
|
||||
return ssl_names[idx].cmds;
|
||||
}
|
||||
|
||||
/*
|
||||
* Search for the named set of commands given in |name|. On success return the
|
||||
* index for the command set in |*idx|.
|
||||
* Returns 1 on success or 0 on failure.
|
||||
*/
|
||||
int conf_ssl_name_find(const char *name, size_t *idx)
|
||||
{
|
||||
size_t i;
|
||||
const struct ssl_conf_name_st *nm;
|
||||
|
||||
if (name == NULL)
|
||||
return 0;
|
||||
for (i = 0, nm = ssl_names; i < ssl_names_count; i++, nm++) {
|
||||
if (strcmp(nm->name, name) == 0) {
|
||||
*idx = i;
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* Given a command set |cmd|, return details on the command at index |idx| which
|
||||
* must be less than the number of commands in the set (as returned by
|
||||
* conf_ssl_get). The name of the command will be returned in |*cmdstr| and the
|
||||
* argument is returned in |*arg|.
|
||||
*/
|
||||
void conf_ssl_get_cmd(const SSL_CONF_CMD *cmd, size_t idx, char **cmdstr,
|
||||
char **arg)
|
||||
{
|
||||
*cmdstr = cmd[idx].cmd;
|
||||
*arg = cmd[idx].arg;
|
||||
}
|
||||
|
||||
void conf_add_ssl_module(void)
|
||||
{
|
||||
CONF_module_add("ssl_conf", ssl_module_init, ssl_module_free);
|
||||
}
|
|
@ -23,29 +23,97 @@
|
|||
extern unsigned int OPENSSL_ia32cap_P[4];
|
||||
|
||||
# if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM) && !defined(I386_ONLY)
|
||||
#include <stdio.h>
|
||||
|
||||
/*
|
||||
* Purpose of these minimalistic and character-type-agnostic subroutines
|
||||
* is to break dependency on MSVCRT (on Windows) and locale. This makes
|
||||
* OPENSSL_cpuid_setup safe to use as "constructor". "Character-type-
|
||||
* agnostic" means that they work with either wide or 8-bit characters,
|
||||
* exploiting the fact that first 127 characters can be simply casted
|
||||
* between the sets, while the rest would be simply rejected by ossl_is*
|
||||
* subroutines.
|
||||
*/
|
||||
# ifdef _WIN32
|
||||
typedef WCHAR variant_char;
|
||||
|
||||
static variant_char *ossl_getenv(const char *name)
|
||||
{
|
||||
/*
|
||||
* Since we pull only one environment variable, it's simpler to
|
||||
* to just ignore |name| and use equivalent wide-char L-literal.
|
||||
* As well as to ignore excessively long values...
|
||||
*/
|
||||
static WCHAR value[48];
|
||||
DWORD len = GetEnvironmentVariableW(L"OPENSSL_ia32cap", value, 48);
|
||||
|
||||
return (len > 0 && len < 48) ? value : NULL;
|
||||
}
|
||||
# else
|
||||
typedef char variant_char;
|
||||
# define ossl_getenv getenv
|
||||
# endif
|
||||
|
||||
static int todigit(variant_char c)
|
||||
{
|
||||
if (c >= '0' && c <= '9')
|
||||
return c - '0';
|
||||
else if (c >= 'A' && c <= 'F')
|
||||
return c - 'A' + 10;
|
||||
else if (c >= 'a' && c <= 'f')
|
||||
return c - 'a' + 10;
|
||||
|
||||
/* return largest base value to make caller terminate the loop */
|
||||
return 16;
|
||||
}
|
||||
|
||||
static uint64_t ossl_strtouint64(const variant_char *str)
|
||||
{
|
||||
uint64_t ret = 0;
|
||||
unsigned int digit, base = 10;
|
||||
|
||||
if (*str == '0') {
|
||||
base = 8, str++;
|
||||
if (*str == 'x' || *str == 'X')
|
||||
base = 16, str++;
|
||||
}
|
||||
|
||||
while((digit = todigit(*str++)) < base)
|
||||
ret = ret * base + digit;
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
static variant_char *ossl_strchr(const variant_char *str, char srch)
|
||||
{ variant_char c;
|
||||
|
||||
while((c = *str)) {
|
||||
if (c == srch)
|
||||
return (variant_char *)str;
|
||||
str++;
|
||||
}
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
||||
# define OPENSSL_CPUID_SETUP
|
||||
typedef uint64_t IA32CAP;
|
||||
|
||||
void OPENSSL_cpuid_setup(void)
|
||||
{
|
||||
static int trigger = 0;
|
||||
IA32CAP OPENSSL_ia32_cpuid(unsigned int *);
|
||||
IA32CAP vec;
|
||||
char *env;
|
||||
const variant_char *env;
|
||||
|
||||
if (trigger)
|
||||
return;
|
||||
|
||||
trigger = 1;
|
||||
if ((env = getenv("OPENSSL_ia32cap"))) {
|
||||
if ((env = ossl_getenv("OPENSSL_ia32cap")) != NULL) {
|
||||
int off = (env[0] == '~') ? 1 : 0;
|
||||
# if defined(_WIN32)
|
||||
if (!sscanf(env + off, "%I64i", &vec))
|
||||
vec = strtoul(env + off, NULL, 0);
|
||||
# else
|
||||
if (!sscanf(env + off, "%lli", (long long *)&vec))
|
||||
vec = strtoul(env + off, NULL, 0);
|
||||
# endif
|
||||
|
||||
vec = ossl_strtouint64(env + off);
|
||||
|
||||
if (off) {
|
||||
IA32CAP mask = vec;
|
||||
vec = OPENSSL_ia32_cpuid(OPENSSL_ia32cap_P) & ~mask;
|
||||
|
@ -64,15 +132,17 @@ void OPENSSL_cpuid_setup(void)
|
|||
vec = OPENSSL_ia32_cpuid(OPENSSL_ia32cap_P);
|
||||
}
|
||||
|
||||
if ((env = strchr(env, ':'))) {
|
||||
unsigned int vecx;
|
||||
if ((env = ossl_strchr(env, ':')) != NULL) {
|
||||
IA32CAP vecx;
|
||||
|
||||
env++;
|
||||
off = (env[0] == '~') ? 1 : 0;
|
||||
vecx = strtoul(env + off, NULL, 0);
|
||||
if (off)
|
||||
OPENSSL_ia32cap_P[2] &= ~vecx;
|
||||
else
|
||||
OPENSSL_ia32cap_P[2] = vecx;
|
||||
vecx = ossl_strtouint64(env + off);
|
||||
if (off) {
|
||||
OPENSSL_ia32cap_P[2] &= ~(unsigned int)vecx;
|
||||
} else {
|
||||
OPENSSL_ia32cap_P[2] = (unsigned int)vecx;
|
||||
}
|
||||
} else {
|
||||
OPENSSL_ia32cap_P[2] = 0;
|
||||
}
|
||||
|
@ -128,10 +198,14 @@ int OPENSSL_isservice(void)
|
|||
|
||||
if (_OPENSSL_isservice.p == NULL) {
|
||||
HANDLE mod = GetModuleHandle(NULL);
|
||||
FARPROC f;
|
||||
|
||||
if (mod != NULL)
|
||||
_OPENSSL_isservice.f = GetProcAddress(mod, "_OPENSSL_isservice");
|
||||
if (_OPENSSL_isservice.p == NULL)
|
||||
f = GetProcAddress(mod, "_OPENSSL_isservice");
|
||||
if (f == NULL)
|
||||
_OPENSSL_isservice.p = (void *)-1;
|
||||
else
|
||||
_OPENSSL_isservice.f = f;
|
||||
}
|
||||
|
||||
if (_OPENSSL_isservice.p != (void *)-1)
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -78,10 +78,15 @@ static int generate_key(DH *dh)
|
|||
int ok = 0;
|
||||
int generate_new_key = 0;
|
||||
unsigned l;
|
||||
BN_CTX *ctx;
|
||||
BN_CTX *ctx = NULL;
|
||||
BN_MONT_CTX *mont = NULL;
|
||||
BIGNUM *pub_key = NULL, *priv_key = NULL;
|
||||
|
||||
if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) {
|
||||
DHerr(DH_F_GENERATE_KEY, DH_R_MODULUS_TOO_LARGE);
|
||||
return 0;
|
||||
}
|
||||
|
||||
ctx = BN_CTX_new();
|
||||
if (ctx == NULL)
|
||||
goto err;
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -75,7 +75,7 @@ int DH_meth_set1_name(DH_METHOD *dhm, const char *name)
|
|||
return 1;
|
||||
}
|
||||
|
||||
int DH_meth_get_flags(DH_METHOD *dhm)
|
||||
int DH_meth_get_flags(const DH_METHOD *dhm)
|
||||
{
|
||||
return dhm->flags;
|
||||
}
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
* Generated by util/mkerr.pl DO NOT EDIT
|
||||
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -40,6 +40,7 @@ static ERR_STRING_DATA DSA_str_functs[] = {
|
|||
{ERR_FUNC(DSA_F_DSA_SIG_NEW), "DSA_SIG_new"},
|
||||
{ERR_FUNC(DSA_F_OLD_DSA_PRIV_DECODE), "old_dsa_priv_decode"},
|
||||
{ERR_FUNC(DSA_F_PKEY_DSA_CTRL), "pkey_dsa_ctrl"},
|
||||
{ERR_FUNC(DSA_F_PKEY_DSA_CTRL_STR), "pkey_dsa_ctrl_str"},
|
||||
{ERR_FUNC(DSA_F_PKEY_DSA_KEYGEN), "pkey_dsa_keygen"},
|
||||
{0, NULL}
|
||||
};
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -64,9 +64,16 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
|
|||
/* invalid q size */
|
||||
return 0;
|
||||
|
||||
if (evpmd == NULL)
|
||||
/* use SHA1 as default */
|
||||
evpmd = EVP_sha1();
|
||||
if (evpmd == NULL) {
|
||||
if (qsize == SHA_DIGEST_LENGTH)
|
||||
evpmd = EVP_sha1();
|
||||
else if (qsize == SHA224_DIGEST_LENGTH)
|
||||
evpmd = EVP_sha224();
|
||||
else
|
||||
evpmd = EVP_sha256();
|
||||
} else {
|
||||
qsize = EVP_MD_size(evpmd);
|
||||
}
|
||||
|
||||
if (bits < 512)
|
||||
bits = 512;
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -83,7 +83,7 @@ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name)
|
|||
return 1;
|
||||
}
|
||||
|
||||
int DSA_meth_get_flags(DSA_METHOD *dsam)
|
||||
int DSA_meth_get_flags(const DSA_METHOD *dsam)
|
||||
{
|
||||
return dsam->flags;
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -61,19 +61,13 @@ const DSA_METHOD *DSA_OpenSSL(void)
|
|||
static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
|
||||
{
|
||||
BIGNUM *kinv = NULL;
|
||||
BIGNUM *m;
|
||||
BIGNUM *xr;
|
||||
BIGNUM *m, *blind, *blindm, *tmp;
|
||||
BN_CTX *ctx = NULL;
|
||||
int reason = ERR_R_BN_LIB;
|
||||
DSA_SIG *ret = NULL;
|
||||
int rv = 0;
|
||||
|
||||
m = BN_new();
|
||||
xr = BN_new();
|
||||
if (m == NULL || xr == NULL)
|
||||
goto err;
|
||||
|
||||
if (!dsa->p || !dsa->q || !dsa->g) {
|
||||
if (dsa->p == NULL || dsa->q == NULL || dsa->g == NULL) {
|
||||
reason = DSA_R_MISSING_PARAMETERS;
|
||||
goto err;
|
||||
}
|
||||
|
@ -89,6 +83,13 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
|
|||
ctx = BN_CTX_new();
|
||||
if (ctx == NULL)
|
||||
goto err;
|
||||
m = BN_CTX_get(ctx);
|
||||
blind = BN_CTX_get(ctx);
|
||||
blindm = BN_CTX_get(ctx);
|
||||
tmp = BN_CTX_get(ctx);
|
||||
if (tmp == NULL)
|
||||
goto err;
|
||||
|
||||
redo:
|
||||
if (!dsa_sign_setup(dsa, ctx, &kinv, &ret->r, dgst, dlen))
|
||||
goto err;
|
||||
|
@ -103,17 +104,50 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
|
|||
if (BN_bin2bn(dgst, dlen, m) == NULL)
|
||||
goto err;
|
||||
|
||||
/* Compute s = inv(k) (m + xr) mod q */
|
||||
if (!BN_mod_mul(xr, dsa->priv_key, ret->r, dsa->q, ctx))
|
||||
goto err; /* s = xr */
|
||||
if (!BN_add(ret->s, xr, m))
|
||||
goto err; /* s = m + xr */
|
||||
if (BN_cmp(ret->s, dsa->q) > 0)
|
||||
if (!BN_sub(ret->s, ret->s, dsa->q))
|
||||
/*
|
||||
* The normal signature calculation is:
|
||||
*
|
||||
* s := k^-1 * (m + r * priv_key) mod q
|
||||
*
|
||||
* We will blind this to protect against side channel attacks
|
||||
*
|
||||
* s := blind^-1 * k^-1 * (blind * m + blind * r * priv_key) mod q
|
||||
*/
|
||||
|
||||
/* Generate a blinding value */
|
||||
do {
|
||||
if (!BN_rand(blind, BN_num_bits(dsa->q) - 1, BN_RAND_TOP_ANY,
|
||||
BN_RAND_BOTTOM_ANY))
|
||||
goto err;
|
||||
} while (BN_is_zero(blind));
|
||||
BN_set_flags(blind, BN_FLG_CONSTTIME);
|
||||
BN_set_flags(blindm, BN_FLG_CONSTTIME);
|
||||
BN_set_flags(tmp, BN_FLG_CONSTTIME);
|
||||
|
||||
/* tmp := blind * priv_key * r mod q */
|
||||
if (!BN_mod_mul(tmp, blind, dsa->priv_key, dsa->q, ctx))
|
||||
goto err;
|
||||
if (!BN_mod_mul(tmp, tmp, ret->r, dsa->q, ctx))
|
||||
goto err;
|
||||
|
||||
/* blindm := blind * m mod q */
|
||||
if (!BN_mod_mul(blindm, blind, m, dsa->q, ctx))
|
||||
goto err;
|
||||
|
||||
/* s : = (blind * priv_key * r) + (blind * m) mod q */
|
||||
if (!BN_mod_add_quick(ret->s, tmp, blindm, dsa->q))
|
||||
goto err;
|
||||
|
||||
/* s := s * k^-1 mod q */
|
||||
if (!BN_mod_mul(ret->s, ret->s, kinv, dsa->q, ctx))
|
||||
goto err;
|
||||
|
||||
/* s:= s * blind^-1 mod q */
|
||||
if (BN_mod_inverse(blind, blind, dsa->q, ctx) == NULL)
|
||||
goto err;
|
||||
if (!BN_mod_mul(ret->s, ret->s, blind, dsa->q, ctx))
|
||||
goto err;
|
||||
|
||||
/*
|
||||
* Redo if r or s is zero as required by FIPS 186-3: this is very
|
||||
* unlikely.
|
||||
|
@ -130,8 +164,6 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
|
|||
ret = NULL;
|
||||
}
|
||||
BN_CTX_free(ctx);
|
||||
BN_clear_free(m);
|
||||
BN_clear_free(xr);
|
||||
BN_clear_free(kinv);
|
||||
return ret;
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -76,13 +76,8 @@ static int pkey_dsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
|
|||
DSA_PKEY_CTX *dctx = ctx->data;
|
||||
DSA *dsa = ctx->pkey->pkey.dsa;
|
||||
|
||||
if (dctx->md) {
|
||||
if (tbslen != (size_t)EVP_MD_size(dctx->md))
|
||||
return 0;
|
||||
} else {
|
||||
if (tbslen != SHA_DIGEST_LENGTH)
|
||||
return 0;
|
||||
}
|
||||
if (dctx->md != NULL && tbslen != (size_t)EVP_MD_size(dctx->md))
|
||||
return 0;
|
||||
|
||||
ret = DSA_sign(0, tbs, tbslen, sig, &sltmp, dsa);
|
||||
|
||||
|
@ -100,13 +95,8 @@ static int pkey_dsa_verify(EVP_PKEY_CTX *ctx,
|
|||
DSA_PKEY_CTX *dctx = ctx->data;
|
||||
DSA *dsa = ctx->pkey->pkey.dsa;
|
||||
|
||||
if (dctx->md) {
|
||||
if (tbslen != (size_t)EVP_MD_size(dctx->md))
|
||||
return 0;
|
||||
} else {
|
||||
if (tbslen != SHA_DIGEST_LENGTH)
|
||||
return 0;
|
||||
}
|
||||
if (dctx->md != NULL && tbslen != (size_t)EVP_MD_size(dctx->md))
|
||||
return 0;
|
||||
|
||||
ret = DSA_verify(0, tbs, tbslen, sig, siglen, dsa);
|
||||
|
||||
|
@ -187,9 +177,15 @@ static int pkey_dsa_ctrl_str(EVP_PKEY_CTX *ctx,
|
|||
NULL);
|
||||
}
|
||||
if (strcmp(type, "dsa_paramgen_md") == 0) {
|
||||
const EVP_MD *md = EVP_get_digestbyname(value);
|
||||
|
||||
if (md == NULL) {
|
||||
DSAerr(DSA_F_PKEY_DSA_CTRL_STR, DSA_R_INVALID_DIGEST_TYPE);
|
||||
return 0;
|
||||
}
|
||||
return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN,
|
||||
EVP_PKEY_CTRL_DSA_PARAMGEN_MD, 0,
|
||||
(void *)EVP_get_digestbyname(value));
|
||||
(void *)md);
|
||||
}
|
||||
return -2;
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -26,7 +26,7 @@
|
|||
# endif
|
||||
# include <dlfcn.h>
|
||||
# define HAVE_DLINFO 1
|
||||
# if defined(_AIX) || defined(__CYGWIN__) || \
|
||||
# if defined(__CYGWIN__) || \
|
||||
defined(__SCO_VERSION__) || defined(_SCO_ELF) || \
|
||||
(defined(__osf__) && !defined(RTLD_NEXT)) || \
|
||||
(defined(__OpenBSD__) && !defined(RTLD_SELF)) || \
|
||||
|
@ -308,6 +308,76 @@ static int dladdr(void *address, Dl_info *dl)
|
|||
}
|
||||
# endif /* __sgi */
|
||||
|
||||
# ifdef _AIX
|
||||
/*-
|
||||
* See IBM's AIX Version 7.2, Technical Reference:
|
||||
* Base Operating System and Extensions, Volume 1 and 2
|
||||
* https://www.ibm.com/support/knowledgecenter/ssw_aix_72/com.ibm.aix.base/technicalreferences.htm
|
||||
*/
|
||||
# include <sys/ldr.h>
|
||||
# include <errno.h>
|
||||
/* ~ 64 * (sizeof(struct ld_info) + _XOPEN_PATH_MAX + _XOPEN_NAME_MAX) */
|
||||
# define DLFCN_LDINFO_SIZE 86976
|
||||
typedef struct Dl_info {
|
||||
const char *dli_fname;
|
||||
} Dl_info;
|
||||
/*
|
||||
* This dladdr()-implementation will also find the ptrgl (Pointer Glue) virtual
|
||||
* address of a function, which is just located in the DATA segment instead of
|
||||
* the TEXT segment.
|
||||
*/
|
||||
static int dladdr(void *ptr, Dl_info *dl)
|
||||
{
|
||||
uintptr_t addr = (uintptr_t)ptr;
|
||||
unsigned int found = 0;
|
||||
struct ld_info *ldinfos, *next_ldi, *this_ldi;
|
||||
|
||||
if ((ldinfos = (struct ld_info *)OPENSSL_malloc(DLFCN_LDINFO_SIZE)) == NULL) {
|
||||
errno = ENOMEM;
|
||||
dl->dli_fname = NULL;
|
||||
return 0;
|
||||
}
|
||||
|
||||
if ((loadquery(L_GETINFO, (void *)ldinfos, DLFCN_LDINFO_SIZE)) < 0) {
|
||||
/*-
|
||||
* Error handling is done through errno and dlerror() reading errno:
|
||||
* ENOMEM (ldinfos buffer is too small),
|
||||
* EINVAL (invalid flags),
|
||||
* EFAULT (invalid ldinfos ptr)
|
||||
*/
|
||||
OPENSSL_free((void *)ldinfos);
|
||||
dl->dli_fname = NULL;
|
||||
return 0;
|
||||
}
|
||||
next_ldi = ldinfos;
|
||||
|
||||
do {
|
||||
this_ldi = next_ldi;
|
||||
if (((addr >= (uintptr_t)this_ldi->ldinfo_textorg)
|
||||
&& (addr < ((uintptr_t)this_ldi->ldinfo_textorg +
|
||||
this_ldi->ldinfo_textsize)))
|
||||
|| ((addr >= (uintptr_t)this_ldi->ldinfo_dataorg)
|
||||
&& (addr < ((uintptr_t)this_ldi->ldinfo_dataorg +
|
||||
this_ldi->ldinfo_datasize)))) {
|
||||
found = 1;
|
||||
/*
|
||||
* Ignoring the possibility of a member name and just returning
|
||||
* the path name. See docs: sys/ldr.h, loadquery() and
|
||||
* dlopen()/RTLD_MEMBER.
|
||||
*/
|
||||
if ((dl->dli_fname =
|
||||
OPENSSL_strdup(this_ldi->ldinfo_filename)) == NULL)
|
||||
errno = ENOMEM;
|
||||
} else {
|
||||
next_ldi =
|
||||
(struct ld_info *)((uintptr_t)this_ldi + this_ldi->ldinfo_next);
|
||||
}
|
||||
} while (this_ldi->ldinfo_next && !found);
|
||||
OPENSSL_free((void *)ldinfos);
|
||||
return (found && dl->dli_fname != NULL);
|
||||
}
|
||||
# endif /* _AIX */
|
||||
|
||||
static int dlfcn_pathbyaddr(void *addr, char *path, int sz)
|
||||
{
|
||||
# ifdef HAVE_DLINFO
|
||||
|
@ -326,12 +396,19 @@ static int dlfcn_pathbyaddr(void *addr, char *path, int sz)
|
|||
|
||||
if (dladdr(addr, &dli)) {
|
||||
len = (int)strlen(dli.dli_fname);
|
||||
if (sz <= 0)
|
||||
if (sz <= 0) {
|
||||
# ifdef _AIX
|
||||
OPENSSL_free((void *)dli.dli_fname);
|
||||
# endif
|
||||
return len + 1;
|
||||
}
|
||||
if (len >= sz)
|
||||
len = sz - 1;
|
||||
memcpy(path, dli.dli_fname, len);
|
||||
path[len++] = 0;
|
||||
# ifdef _AIX
|
||||
OPENSSL_free((void *)dli.dli_fname);
|
||||
# endif
|
||||
return len;
|
||||
}
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#! /usr/bin/env perl
|
||||
# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -894,13 +894,13 @@ ecp_nistz256_scatter_w7:
|
|||
.Loop_scatter_w7:
|
||||
ldr $mask,[$inp],#4
|
||||
subs $index,$index,#1
|
||||
strb $mask,[$out,#64*0-1]
|
||||
strb $mask,[$out,#64*0]
|
||||
mov $mask,$mask,lsr#8
|
||||
strb $mask,[$out,#64*1-1]
|
||||
strb $mask,[$out,#64*1]
|
||||
mov $mask,$mask,lsr#8
|
||||
strb $mask,[$out,#64*2-1]
|
||||
strb $mask,[$out,#64*2]
|
||||
mov $mask,$mask,lsr#8
|
||||
strb $mask,[$out,#64*3-1]
|
||||
strb $mask,[$out,#64*3]
|
||||
add $out,$out,#64*4
|
||||
bne .Loop_scatter_w7
|
||||
|
||||
|
@ -1633,7 +1633,7 @@ ___
|
|||
$code.=<<___;
|
||||
.Ladd_done:
|
||||
add sp,sp,#32*18+16+16 @ +16 means "skip even over saved r0-r3"
|
||||
#if __ARM_ARCH__>=5 || defined(__thumb__)
|
||||
#if __ARM_ARCH__>=5 || !defined(__thumb__)
|
||||
ldmia sp!,{r4-r12,pc}
|
||||
#else
|
||||
ldmia sp!,{r4-r12,lr}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#! /usr/bin/env perl
|
||||
# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -1477,21 +1477,21 @@ ecp_nistz256_scatter_w7:
|
|||
prfm pstl1strm,[$out,#4096+64*5]
|
||||
prfm pstl1strm,[$out,#4096+64*6]
|
||||
prfm pstl1strm,[$out,#4096+64*7]
|
||||
strb w3,[$out,#64*0-1]
|
||||
strb w3,[$out,#64*0]
|
||||
lsr x3,x3,#8
|
||||
strb w3,[$out,#64*1-1]
|
||||
strb w3,[$out,#64*1]
|
||||
lsr x3,x3,#8
|
||||
strb w3,[$out,#64*2-1]
|
||||
strb w3,[$out,#64*2]
|
||||
lsr x3,x3,#8
|
||||
strb w3,[$out,#64*3-1]
|
||||
strb w3,[$out,#64*3]
|
||||
lsr x3,x3,#8
|
||||
strb w3,[$out,#64*4-1]
|
||||
strb w3,[$out,#64*4]
|
||||
lsr x3,x3,#8
|
||||
strb w3,[$out,#64*5-1]
|
||||
strb w3,[$out,#64*5]
|
||||
lsr x3,x3,#8
|
||||
strb w3,[$out,#64*6-1]
|
||||
strb w3,[$out,#64*6]
|
||||
lsr x3,x3,#8
|
||||
strb w3,[$out,#64*7-1]
|
||||
strb w3,[$out,#64*7]
|
||||
add $out,$out,#64*8
|
||||
b.ne .Loop_scatter_w7
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#! /usr/bin/env perl
|
||||
# Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -67,7 +67,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
|
|||
$addx = ($1>=12);
|
||||
}
|
||||
|
||||
if (!$addx && `$ENV{CC} -v 2>&1` =~ /(^clang version|based on LLVM) ([3-9])\.([0-9]+)/) {
|
||||
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([3-9])\.([0-9]+)/) {
|
||||
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
|
||||
$avx = ($ver>=3.0) + ($ver>=3.01);
|
||||
$addx = ($ver>=3.03);
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#! /usr/bin/env perl
|
||||
# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -1531,13 +1531,13 @@ ecp_nistz256_scatter_w7:
|
|||
ld [$inp],%l0
|
||||
add $inp,4,$inp
|
||||
subcc $index,1,$index
|
||||
stb %l0,[$out+64*0-1]
|
||||
stb %l0,[$out+64*0]
|
||||
srl %l0,8,%l1
|
||||
stb %l1,[$out+64*1-1]
|
||||
stb %l1,[$out+64*1]
|
||||
srl %l0,16,%l2
|
||||
stb %l2,[$out+64*2-1]
|
||||
stb %l2,[$out+64*2]
|
||||
srl %l0,24,%l3
|
||||
stb %l3,[$out+64*3-1]
|
||||
stb %l3,[$out+64*3]
|
||||
bne .Loop_scatter_w7
|
||||
add $out,64*4,$out
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#! /usr/bin/env perl
|
||||
# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -1179,7 +1179,7 @@ for ($i=0;$i<7;$i++) {
|
|||
&mov ("esi",&wparam(1));
|
||||
&mov ("ebp",&wparam(2));
|
||||
|
||||
&lea ("edi",&DWP(-1,"edi","ebp"));
|
||||
&lea ("edi",&DWP(0,"edi","ebp"));
|
||||
&mov ("ebp",64/4);
|
||||
&set_label("scatter_w7_loop");
|
||||
&mov ("eax",&DWP(0,"esi"));
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -330,6 +330,7 @@ int ec_GF2m_simple_point_copy(EC_POINT *dest, const EC_POINT *src)
|
|||
if (!BN_copy(dest->Z, src->Z))
|
||||
return 0;
|
||||
dest->Z_is_one = src->Z_is_one;
|
||||
dest->curve_name = src->curve_name;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -92,19 +92,19 @@ static int eckey_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
|
|||
static EC_KEY *eckey_type2param(int ptype, const void *pval)
|
||||
{
|
||||
EC_KEY *eckey = NULL;
|
||||
EC_GROUP *group = NULL;
|
||||
|
||||
if (ptype == V_ASN1_SEQUENCE) {
|
||||
const ASN1_STRING *pstr = pval;
|
||||
const unsigned char *pm = NULL;
|
||||
int pmlen;
|
||||
pm = pstr->data;
|
||||
pmlen = pstr->length;
|
||||
const unsigned char *pm = pstr->data;
|
||||
int pmlen = pstr->length;
|
||||
|
||||
if ((eckey = d2i_ECParameters(NULL, &pm, pmlen)) == NULL) {
|
||||
ECerr(EC_F_ECKEY_TYPE2PARAM, EC_R_DECODE_ERROR);
|
||||
goto ecerr;
|
||||
}
|
||||
} else if (ptype == V_ASN1_OBJECT) {
|
||||
const ASN1_OBJECT *poid = pval;
|
||||
EC_GROUP *group;
|
||||
|
||||
/*
|
||||
* type == V_ASN1_OBJECT => the parameters are given by an asn1 OID
|
||||
|
@ -129,6 +129,7 @@ static EC_KEY *eckey_type2param(int ptype, const void *pval)
|
|||
|
||||
ecerr:
|
||||
EC_KEY_free(eckey);
|
||||
EC_GROUP_free(group);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -3036,6 +3036,8 @@ static EC_GROUP *ec_group_new_from_data(const ec_list_element curve)
|
|||
}
|
||||
#endif
|
||||
|
||||
EC_GROUP_set_curve_name(group, curve.nid);
|
||||
|
||||
if ((P = EC_POINT_new(group)) == NULL) {
|
||||
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
|
||||
goto err;
|
||||
|
@ -3101,8 +3103,6 @@ EC_GROUP *EC_GROUP_new_by_curve_name(int nid)
|
|||
return NULL;
|
||||
}
|
||||
|
||||
EC_GROUP_set_curve_name(ret, nid);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -269,6 +269,8 @@ struct ec_key_st {
|
|||
|
||||
struct ec_point_st {
|
||||
const EC_METHOD *meth;
|
||||
/* NID for the curve if known */
|
||||
int curve_name;
|
||||
/*
|
||||
* All members except 'meth' are handled by the method functions, even if
|
||||
* they appear generic
|
||||
|
@ -281,6 +283,20 @@ struct ec_point_st {
|
|||
* special case */
|
||||
};
|
||||
|
||||
|
||||
static ossl_inline int ec_point_is_compat(const EC_POINT *point,
|
||||
const EC_GROUP *group)
|
||||
{
|
||||
if (group->meth != point->meth
|
||||
|| (group->curve_name != 0
|
||||
&& point->curve_name != 0
|
||||
&& group->curve_name != point->curve_name))
|
||||
return 0;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
NISTP224_PRE_COMP *EC_nistp224_pre_comp_dup(NISTP224_PRE_COMP *);
|
||||
NISTP256_PRE_COMP *EC_nistp256_pre_comp_dup(NISTP256_PRE_COMP *);
|
||||
NISTP521_PRE_COMP *EC_nistp521_pre_comp_dup(NISTP521_PRE_COMP *);
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -140,6 +140,8 @@ int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src)
|
|||
if (dest == src)
|
||||
return 1;
|
||||
|
||||
dest->curve_name = src->curve_name;
|
||||
|
||||
/* Copy precomputed */
|
||||
dest->pre_comp_type = src->pre_comp_type;
|
||||
switch (src->pre_comp_type) {
|
||||
|
@ -202,7 +204,6 @@ int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src)
|
|||
return 0;
|
||||
}
|
||||
|
||||
dest->curve_name = src->curve_name;
|
||||
dest->asn1_flag = src->asn1_flag;
|
||||
dest->asn1_form = src->asn1_form;
|
||||
|
||||
|
@ -563,6 +564,7 @@ EC_POINT *EC_POINT_new(const EC_GROUP *group)
|
|||
}
|
||||
|
||||
ret->meth = group->meth;
|
||||
ret->curve_name = group->curve_name;
|
||||
|
||||
if (!ret->meth->point_init(ret)) {
|
||||
OPENSSL_free(ret);
|
||||
|
@ -600,7 +602,10 @@ int EC_POINT_copy(EC_POINT *dest, const EC_POINT *src)
|
|||
ECerr(EC_F_EC_POINT_COPY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
||||
return 0;
|
||||
}
|
||||
if (dest->meth != src->meth) {
|
||||
if (dest->meth != src->meth
|
||||
|| (dest->curve_name != src->curve_name
|
||||
&& dest->curve_name != 0
|
||||
&& src->curve_name != 0)) {
|
||||
ECerr(EC_F_EC_POINT_COPY, EC_R_INCOMPATIBLE_OBJECTS);
|
||||
return 0;
|
||||
}
|
||||
|
@ -657,7 +662,7 @@ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
|
|||
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
||||
return 0;
|
||||
}
|
||||
if (group->meth != point->meth) {
|
||||
if (!ec_point_is_compat(point, group)) {
|
||||
ECerr(EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP,
|
||||
EC_R_INCOMPATIBLE_OBJECTS);
|
||||
return 0;
|
||||
|
@ -676,7 +681,7 @@ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
|
|||
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
||||
return 0;
|
||||
}
|
||||
if (group->meth != point->meth) {
|
||||
if (!ec_point_is_compat(point, group)) {
|
||||
ECerr(EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP,
|
||||
EC_R_INCOMPATIBLE_OBJECTS);
|
||||
return 0;
|
||||
|
@ -694,7 +699,7 @@ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group,
|
|||
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
||||
return 0;
|
||||
}
|
||||
if (group->meth != point->meth) {
|
||||
if (!ec_point_is_compat(point, group)) {
|
||||
ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP,
|
||||
EC_R_INCOMPATIBLE_OBJECTS);
|
||||
return 0;
|
||||
|
@ -720,7 +725,7 @@ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group,
|
|||
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
||||
return 0;
|
||||
}
|
||||
if (group->meth != point->meth) {
|
||||
if (!ec_point_is_compat(point, group)) {
|
||||
ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M,
|
||||
EC_R_INCOMPATIBLE_OBJECTS);
|
||||
return 0;
|
||||
|
@ -746,7 +751,7 @@ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
|
|||
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
||||
return 0;
|
||||
}
|
||||
if (group->meth != point->meth) {
|
||||
if (!ec_point_is_compat(point, group)) {
|
||||
ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP,
|
||||
EC_R_INCOMPATIBLE_OBJECTS);
|
||||
return 0;
|
||||
|
@ -764,7 +769,7 @@ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
|
|||
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
||||
return 0;
|
||||
}
|
||||
if (group->meth != point->meth) {
|
||||
if (!ec_point_is_compat(point, group)) {
|
||||
ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M,
|
||||
EC_R_INCOMPATIBLE_OBJECTS);
|
||||
return 0;
|
||||
|
@ -780,8 +785,8 @@ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
|
|||
ECerr(EC_F_EC_POINT_ADD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
||||
return 0;
|
||||
}
|
||||
if ((group->meth != r->meth) || (r->meth != a->meth)
|
||||
|| (a->meth != b->meth)) {
|
||||
if (!ec_point_is_compat(r, group) || !ec_point_is_compat(a, group)
|
||||
|| !ec_point_is_compat(b, group)) {
|
||||
ECerr(EC_F_EC_POINT_ADD, EC_R_INCOMPATIBLE_OBJECTS);
|
||||
return 0;
|
||||
}
|
||||
|
@ -795,7 +800,7 @@ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
|
|||
ECerr(EC_F_EC_POINT_DBL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
||||
return 0;
|
||||
}
|
||||
if ((group->meth != r->meth) || (r->meth != a->meth)) {
|
||||
if (!ec_point_is_compat(r, group) || !ec_point_is_compat(a, group)) {
|
||||
ECerr(EC_F_EC_POINT_DBL, EC_R_INCOMPATIBLE_OBJECTS);
|
||||
return 0;
|
||||
}
|
||||
|
@ -808,7 +813,7 @@ int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx)
|
|||
ECerr(EC_F_EC_POINT_INVERT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
||||
return 0;
|
||||
}
|
||||
if (group->meth != a->meth) {
|
||||
if (!ec_point_is_compat(a, group)) {
|
||||
ECerr(EC_F_EC_POINT_INVERT, EC_R_INCOMPATIBLE_OBJECTS);
|
||||
return 0;
|
||||
}
|
||||
|
@ -822,7 +827,7 @@ int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *point)
|
|||
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
||||
return 0;
|
||||
}
|
||||
if (group->meth != point->meth) {
|
||||
if (!ec_point_is_compat(point, group)) {
|
||||
ECerr(EC_F_EC_POINT_IS_AT_INFINITY, EC_R_INCOMPATIBLE_OBJECTS);
|
||||
return 0;
|
||||
}
|
||||
|
@ -843,7 +848,7 @@ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
|
|||
ECerr(EC_F_EC_POINT_IS_ON_CURVE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
||||
return 0;
|
||||
}
|
||||
if (group->meth != point->meth) {
|
||||
if (!ec_point_is_compat(point, group)) {
|
||||
ECerr(EC_F_EC_POINT_IS_ON_CURVE, EC_R_INCOMPATIBLE_OBJECTS);
|
||||
return 0;
|
||||
}
|
||||
|
@ -857,7 +862,7 @@ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b,
|
|||
ECerr(EC_F_EC_POINT_CMP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
||||
return -1;
|
||||
}
|
||||
if ((group->meth != a->meth) || (a->meth != b->meth)) {
|
||||
if (!ec_point_is_compat(a, group) || !ec_point_is_compat(b, group)) {
|
||||
ECerr(EC_F_EC_POINT_CMP, EC_R_INCOMPATIBLE_OBJECTS);
|
||||
return -1;
|
||||
}
|
||||
|
@ -870,7 +875,7 @@ int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
|
|||
ECerr(EC_F_EC_POINT_MAKE_AFFINE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
||||
return 0;
|
||||
}
|
||||
if (group->meth != point->meth) {
|
||||
if (!ec_point_is_compat(point, group)) {
|
||||
ECerr(EC_F_EC_POINT_MAKE_AFFINE, EC_R_INCOMPATIBLE_OBJECTS);
|
||||
return 0;
|
||||
}
|
||||
|
@ -887,7 +892,7 @@ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
|
|||
return 0;
|
||||
}
|
||||
for (i = 0; i < num; i++) {
|
||||
if (group->meth != points[i]->meth) {
|
||||
if (!ec_point_is_compat(points[i], group)) {
|
||||
ECerr(EC_F_EC_POINTS_MAKE_AFFINE, EC_R_INCOMPATIBLE_OBJECTS);
|
||||
return 0;
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -105,6 +105,224 @@ void EC_ec_pre_comp_free(EC_PRE_COMP *pre)
|
|||
OPENSSL_free(pre);
|
||||
}
|
||||
|
||||
#define EC_POINT_BN_set_flags(P, flags) do { \
|
||||
BN_set_flags((P)->X, (flags)); \
|
||||
BN_set_flags((P)->Y, (flags)); \
|
||||
BN_set_flags((P)->Z, (flags)); \
|
||||
} while(0)
|
||||
|
||||
/*-
|
||||
* This functions computes (in constant time) a point multiplication over the
|
||||
* EC group.
|
||||
*
|
||||
* At a high level, it is Montgomery ladder with conditional swaps.
|
||||
*
|
||||
* It performs either a fixed scalar point multiplication
|
||||
* (scalar * generator)
|
||||
* when point is NULL, or a generic scalar point multiplication
|
||||
* (scalar * point)
|
||||
* when point is not NULL.
|
||||
*
|
||||
* scalar should be in the range [0,n) otherwise all constant time bets are off.
|
||||
*
|
||||
* NB: This says nothing about EC_POINT_add and EC_POINT_dbl,
|
||||
* which of course are not constant time themselves.
|
||||
*
|
||||
* The product is stored in r.
|
||||
*
|
||||
* Returns 1 on success, 0 otherwise.
|
||||
*/
|
||||
static int ec_mul_consttime(const EC_GROUP *group, EC_POINT *r,
|
||||
const BIGNUM *scalar, const EC_POINT *point,
|
||||
BN_CTX *ctx)
|
||||
{
|
||||
int i, cardinality_bits, group_top, kbit, pbit, Z_is_one;
|
||||
EC_POINT *s = NULL;
|
||||
BIGNUM *k = NULL;
|
||||
BIGNUM *lambda = NULL;
|
||||
BIGNUM *cardinality = NULL;
|
||||
BN_CTX *new_ctx = NULL;
|
||||
int ret = 0;
|
||||
|
||||
if (ctx == NULL && (ctx = new_ctx = BN_CTX_secure_new()) == NULL)
|
||||
return 0;
|
||||
|
||||
BN_CTX_start(ctx);
|
||||
|
||||
s = EC_POINT_new(group);
|
||||
if (s == NULL)
|
||||
goto err;
|
||||
|
||||
if (point == NULL) {
|
||||
if (!EC_POINT_copy(s, group->generator))
|
||||
goto err;
|
||||
} else {
|
||||
if (!EC_POINT_copy(s, point))
|
||||
goto err;
|
||||
}
|
||||
|
||||
EC_POINT_BN_set_flags(s, BN_FLG_CONSTTIME);
|
||||
|
||||
cardinality = BN_CTX_get(ctx);
|
||||
lambda = BN_CTX_get(ctx);
|
||||
k = BN_CTX_get(ctx);
|
||||
if (k == NULL || !BN_mul(cardinality, group->order, group->cofactor, ctx))
|
||||
goto err;
|
||||
|
||||
/*
|
||||
* Group cardinalities are often on a word boundary.
|
||||
* So when we pad the scalar, some timing diff might
|
||||
* pop if it needs to be expanded due to carries.
|
||||
* So expand ahead of time.
|
||||
*/
|
||||
cardinality_bits = BN_num_bits(cardinality);
|
||||
group_top = bn_get_top(cardinality);
|
||||
if ((bn_wexpand(k, group_top + 1) == NULL)
|
||||
|| (bn_wexpand(lambda, group_top + 1) == NULL))
|
||||
goto err;
|
||||
|
||||
if (!BN_copy(k, scalar))
|
||||
goto err;
|
||||
|
||||
BN_set_flags(k, BN_FLG_CONSTTIME);
|
||||
|
||||
if ((BN_num_bits(k) > cardinality_bits) || (BN_is_negative(k))) {
|
||||
/*-
|
||||
* this is an unusual input, and we don't guarantee
|
||||
* constant-timeness
|
||||
*/
|
||||
if (!BN_nnmod(k, k, cardinality, ctx))
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (!BN_add(lambda, k, cardinality))
|
||||
goto err;
|
||||
BN_set_flags(lambda, BN_FLG_CONSTTIME);
|
||||
if (!BN_add(k, lambda, cardinality))
|
||||
goto err;
|
||||
/*
|
||||
* lambda := scalar + cardinality
|
||||
* k := scalar + 2*cardinality
|
||||
*/
|
||||
kbit = BN_is_bit_set(lambda, cardinality_bits);
|
||||
BN_consttime_swap(kbit, k, lambda, group_top + 1);
|
||||
|
||||
group_top = bn_get_top(group->field);
|
||||
if ((bn_wexpand(s->X, group_top) == NULL)
|
||||
|| (bn_wexpand(s->Y, group_top) == NULL)
|
||||
|| (bn_wexpand(s->Z, group_top) == NULL)
|
||||
|| (bn_wexpand(r->X, group_top) == NULL)
|
||||
|| (bn_wexpand(r->Y, group_top) == NULL)
|
||||
|| (bn_wexpand(r->Z, group_top) == NULL))
|
||||
goto err;
|
||||
|
||||
/* top bit is a 1, in a fixed pos */
|
||||
if (!EC_POINT_copy(r, s))
|
||||
goto err;
|
||||
|
||||
EC_POINT_BN_set_flags(r, BN_FLG_CONSTTIME);
|
||||
|
||||
if (!EC_POINT_dbl(group, s, s, ctx))
|
||||
goto err;
|
||||
|
||||
pbit = 0;
|
||||
|
||||
#define EC_POINT_CSWAP(c, a, b, w, t) do { \
|
||||
BN_consttime_swap(c, (a)->X, (b)->X, w); \
|
||||
BN_consttime_swap(c, (a)->Y, (b)->Y, w); \
|
||||
BN_consttime_swap(c, (a)->Z, (b)->Z, w); \
|
||||
t = ((a)->Z_is_one ^ (b)->Z_is_one) & (c); \
|
||||
(a)->Z_is_one ^= (t); \
|
||||
(b)->Z_is_one ^= (t); \
|
||||
} while(0)
|
||||
|
||||
/*-
|
||||
* The ladder step, with branches, is
|
||||
*
|
||||
* k[i] == 0: S = add(R, S), R = dbl(R)
|
||||
* k[i] == 1: R = add(S, R), S = dbl(S)
|
||||
*
|
||||
* Swapping R, S conditionally on k[i] leaves you with state
|
||||
*
|
||||
* k[i] == 0: T, U = R, S
|
||||
* k[i] == 1: T, U = S, R
|
||||
*
|
||||
* Then perform the ECC ops.
|
||||
*
|
||||
* U = add(T, U)
|
||||
* T = dbl(T)
|
||||
*
|
||||
* Which leaves you with state
|
||||
*
|
||||
* k[i] == 0: U = add(R, S), T = dbl(R)
|
||||
* k[i] == 1: U = add(S, R), T = dbl(S)
|
||||
*
|
||||
* Swapping T, U conditionally on k[i] leaves you with state
|
||||
*
|
||||
* k[i] == 0: R, S = T, U
|
||||
* k[i] == 1: R, S = U, T
|
||||
*
|
||||
* Which leaves you with state
|
||||
*
|
||||
* k[i] == 0: S = add(R, S), R = dbl(R)
|
||||
* k[i] == 1: R = add(S, R), S = dbl(S)
|
||||
*
|
||||
* So we get the same logic, but instead of a branch it's a
|
||||
* conditional swap, followed by ECC ops, then another conditional swap.
|
||||
*
|
||||
* Optimization: The end of iteration i and start of i-1 looks like
|
||||
*
|
||||
* ...
|
||||
* CSWAP(k[i], R, S)
|
||||
* ECC
|
||||
* CSWAP(k[i], R, S)
|
||||
* (next iteration)
|
||||
* CSWAP(k[i-1], R, S)
|
||||
* ECC
|
||||
* CSWAP(k[i-1], R, S)
|
||||
* ...
|
||||
*
|
||||
* So instead of two contiguous swaps, you can merge the condition
|
||||
* bits and do a single swap.
|
||||
*
|
||||
* k[i] k[i-1] Outcome
|
||||
* 0 0 No Swap
|
||||
* 0 1 Swap
|
||||
* 1 0 Swap
|
||||
* 1 1 No Swap
|
||||
*
|
||||
* This is XOR. pbit tracks the previous bit of k.
|
||||
*/
|
||||
|
||||
for (i = cardinality_bits - 1; i >= 0; i--) {
|
||||
kbit = BN_is_bit_set(k, i) ^ pbit;
|
||||
EC_POINT_CSWAP(kbit, r, s, group_top, Z_is_one);
|
||||
if (!EC_POINT_add(group, s, r, s, ctx))
|
||||
goto err;
|
||||
if (!EC_POINT_dbl(group, r, r, ctx))
|
||||
goto err;
|
||||
/*
|
||||
* pbit logic merges this cswap with that of the
|
||||
* next iteration
|
||||
*/
|
||||
pbit ^= kbit;
|
||||
}
|
||||
/* one final cswap to move the right value into r */
|
||||
EC_POINT_CSWAP(pbit, r, s, group_top, Z_is_one);
|
||||
#undef EC_POINT_CSWAP
|
||||
|
||||
ret = 1;
|
||||
|
||||
err:
|
||||
EC_POINT_free(s);
|
||||
BN_CTX_end(ctx);
|
||||
BN_CTX_free(new_ctx);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
#undef EC_POINT_BN_set_flags
|
||||
|
||||
/*
|
||||
* TODO: table should be optimised for the wNAF-based implementation,
|
||||
* sometimes smaller windows will give better performance (thus the
|
||||
|
@ -155,7 +373,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
|
|||
* precomputation is not available */
|
||||
int ret = 0;
|
||||
|
||||
if (group->meth != r->meth) {
|
||||
if (!ec_point_is_compat(r, group)) {
|
||||
ECerr(EC_F_EC_WNAF_MUL, EC_R_INCOMPATIBLE_OBJECTS);
|
||||
return 0;
|
||||
}
|
||||
|
@ -164,8 +382,34 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
|
|||
return EC_POINT_set_to_infinity(group, r);
|
||||
}
|
||||
|
||||
/*-
|
||||
* Handle the common cases where the scalar is secret, enforcing a constant
|
||||
* time scalar multiplication algorithm.
|
||||
*/
|
||||
if ((scalar != NULL) && (num == 0)) {
|
||||
/*-
|
||||
* In this case we want to compute scalar * GeneratorPoint: this
|
||||
* codepath is reached most prominently by (ephemeral) key generation
|
||||
* of EC cryptosystems (i.e. ECDSA keygen and sign setup, ECDH
|
||||
* keygen/first half), where the scalar is always secret. This is why
|
||||
* we ignore if BN_FLG_CONSTTIME is actually set and we always call the
|
||||
* constant time version.
|
||||
*/
|
||||
return ec_mul_consttime(group, r, scalar, NULL, ctx);
|
||||
}
|
||||
if ((scalar == NULL) && (num == 1)) {
|
||||
/*-
|
||||
* In this case we want to compute scalar * GenericPoint: this codepath
|
||||
* is reached most prominently by the second half of ECDH, where the
|
||||
* secret scalar is multiplied by the peer's public point. To protect
|
||||
* the secret scalar, we ignore if BN_FLG_CONSTTIME is actually set and
|
||||
* we always call the constant time version.
|
||||
*/
|
||||
return ec_mul_consttime(group, r, scalars[0], points[0], ctx);
|
||||
}
|
||||
|
||||
for (i = 0; i < num; i++) {
|
||||
if (group->meth != points[i]->meth) {
|
||||
if (!ec_point_is_compat(points[i], group)) {
|
||||
ECerr(EC_F_EC_WNAF_MUL, EC_R_INCOMPATIBLE_OBJECTS);
|
||||
return 0;
|
||||
}
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue