Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Changes between 1.1.1h and 1.1.1i [08 Dec 2020]

Browse Source 
Fixed NULL pointer deref in the GENERAL_NAME_cmp function This
function could crash if both GENERAL_NAMEs contain an EDIPARTYNAME.
If an attacker can control both items being compared then this
could lead to a possible denial of service attack. OpenSSL itself
uses the GENERAL_NAME_cmp function for two purposes:

Comparing CRL distribution point names between an available CRL
and a CRL distribution point embedded in an X509 certificate When
verifying that a timestamp response token signer matches the
timestamp authority name (exposed via the API functions
TS_RESP_verify_response and TS_RESP_verify_token) (CVE-2020-1971)
Matt Caswell

Changes between 1.1.1g and 1.1.1h [22 Sep 2020]
Certificates with explicit curve parameters are now disallowed in
verification chains if the X509_V_FLAG_X509_STRICT flag is used.

Tomas Mraz

The 'MinProtocol' and 'MaxProtocol' configuration commands now
silently ignore TLS protocol version bounds when configuring
DTLS-based contexts, and conversely, silently ignore DTLS protocol
version bounds when configuring TLS-based contexts. The commands
can be repeated to set bounds of both types. The same applies with
the corresponding "min_protocol" and "max_protocol" command-line
switches, in case some application uses both TLS and DTLS.

SSL_CTX instances that are created for a fixed protocol version
(e.g. TLSv1_server_method()) also silently ignore version bounds.
Previously attempts to apply bounds to these protocol versions
would result in an error. Now only the "version-flexible" SSL_CTX
instances are subject to limits in configuration files in command-line
options.

Viktor Dukhovni

Handshake now fails if Extended Master Secret extension is dropped
on renegotiation.

Tomas Mraz

The Oracle Developer Studio compiler will start reporting deprecated
APIs
This commit is contained in:
christos 2020-12-10 00:12:35 +00:00
parent 04ba0baf0e
commit f30e0929c0
312 changed files with 3571 additions and 1880 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
crypto/external/bsd/openssl/dist/Configurations/10-main.conf vendored
View File

@ -741,7 +741,7 @@ my %targets = (
inherit_from => [ "linux-generic32", asm("mips64_asm") ],
cflags => add("-mabi=n32"),
cxxflags => add("-mabi=n32"),
bn_ops => "SIXTY_FOUR_BIT RC4_CHAR",
bn_ops => "RC4_CHAR",
perlasm_scheme => "n32",
multilib => "32",
},
@ -1125,7 +1125,7 @@ my %targets = (
CFLAGS => picker(debug => "-O0 -g",
release => "-O"),
cflags => add(threads("-pthread")),
ex_libs => threads("-pthread"),
ex_libs => add(threads("-pthread")),
bn_ops => "BN_LLONG RC4_CHAR",
perlasm_scheme => "aix32",
shared_ldflag => add_before("-shared -static-libgcc"),
@ -1138,7 +1138,7 @@ my %targets = (
CFLAGS => picker(debug => "-O0 -g",
release => "-O"),
cflags => combine("-maix64", threads("-pthread")),
ex_libs => threads("-pthread"),
ex_libs => add(threads("-pthread")),
bn_ops => "SIXTY_FOUR_BIT_LONG RC4_CHAR",
perlasm_scheme => "aix64",
shared_ldflag => add_before("-shared -static-libgcc"),
@ -1154,7 +1154,7 @@ my %targets = (
cflags => combine("-q32 -qmaxmem=16384 -qro -qroconst",
threads("-qthreaded")),
cppflags => threads("-D_THREAD_SAFE"),
ex_libs => threads("-lpthreads"),
ex_libs => add(threads("-lpthreads")),
bn_ops => "BN_LLONG RC4_CHAR",
perlasm_scheme => "aix32",
shared_cflag => "-qpic",
@ -1169,7 +1169,7 @@ my %targets = (
cflags => combine("-q64 -qmaxmem=16384 -qro -qroconst",
threads("-qthreaded")),
cppflags => threads("-D_THREAD_SAFE"),
ex_libs => threads("-lpthreads"),
ex_libs => add(threads("-lpthreads")),
bn_ops => "SIXTY_FOUR_BIT_LONG RC4_CHAR",
perlasm_scheme => "aix64",
dso_scheme => "dlfcn",
@ -1365,9 +1365,9 @@ my %targets = (
}
push @ex_libs, '$(PORTSDK_LIBPATH)/portlib.lib'
if (defined(env('PORTSDK_LIBPATH')));
push @ex_libs, ' /nodefaultlib coredll.lib corelibc.lib'
if (env('TARGETCPU') eq "X86");
return @ex_libs;
push @ex_libs, '/nodefaultlib coredll.lib corelibc.lib'
if (env('TARGETCPU') =~ /^X86|^ARMV4[IT]/);
return join(" ", @ex_libs);
}),
},
@ -1557,6 +1557,14 @@ my %targets = (
bn_ops => "SIXTY_FOUR_BIT_LONG",
perlasm_scheme => "macosx",
},
"darwin64-arm64-cc" => {
inherit_from => [ "darwin-common", asm("aarch64_asm") ],
CFLAGS => add("-Wall"),
cflags => add("-arch arm64"),
lib_cppflags => add("-DL_ENDIAN"),
bn_ops => "SIXTY_FOUR_BIT_LONG",
perlasm_scheme => "ios64",
},
##### GNU Hurd
"hurd-x86" => {

4
crypto/external/bsd/openssl/dist/Configurations/windows-makefile.tmpl vendored
View File

@ -211,8 +211,8 @@ CNF_CPPFLAGS={- our $cppfags2 =
join(' ', $target{cppflags} || (),
(map { '-D'.quotify1($_) } @{$target{defines}},
@{$config{defines}}),
(map { '-I'.quotify1($_) } @{$target{includes}},
@{$config{includes}}),
(map { '-I'.'"'.$_.'"' } @{$target{includes}},
@{$config{includes}}),
@{$config{cppflags}}) -}
CNF_CFLAGS={- join(' ', $target{cflags} || (),
@{$config{cflags}}) -}

4
crypto/external/bsd/openssl/dist/NOTES.ANDROID vendored
View File

@ -6,8 +6,8 @@
-------------------
Beside basic tools like perl and make you'll need to download the Android
NDK. It's available for Linux, Mac OS X and Windows, but only Linux
version was actually tested. There is no reason to believe that Mac OS X
NDK. It's available for Linux, macOS and Windows, but only Linux
version was actually tested. There is no reason to believe that macOS
wouldn't work. And as for Windows, it's unclear which "shell" would be
suitable, MSYS2 might have best chances. NDK version should play lesser
role, the goal is to support a range of most recent versions.

2
crypto/external/bsd/openssl/dist/NOTES.PERL vendored
View File

@ -109,7 +109,7 @@
$ cpan -f -i Text::Template
Note: on VMS, you must quote any argument that contains upper case
Note: on VMS, you must quote any argument that contains uppercase
characters, so the lines above would be:
$ cpan -i "Text::Template"

2
crypto/external/bsd/openssl/dist/NOTES.VMS vendored
View File

@ -18,7 +18,7 @@
An ANSI C compiled is needed among other things. This means that
VAX C is not and will not be supported.
We have only tested with DEC C (a.k.a HP VMS C / VSI C) and require
We have only tested with DEC C (aka HP VMS C / VSI C) and require
version 7.1 or later. Compiling with a different ANSI C compiler may
require some work.

10
crypto/external/bsd/openssl/dist/NOTES.WIN vendored
View File

@ -12,11 +12,11 @@
and require --cross-compile-prefix option. While on MSYS[2] it's solved
rather by placing gcc that produces "MinGW binary" code 1st on $PATH.
This is customarily source of confusion. "Hosted" applications "live" in
emulated file system name space with POSIX-y root, mount points, /dev
emulated filesystem name space with POSIX-y root, mount points, /dev
and even /proc. Confusion is intensified by the fact that MSYS2 shell
(or rather emulated execve(2) call) examines the binary it's about to
start, and if it's found *not* to be linked with MSYS2 POSIX-y thing,
command line arguments that look like file names get translated from
command line arguments that look like filenames get translated from
emulated name space to "native". For example '/c/some/where' becomes
'c:\some\where', '/dev/null' - 'nul'. This creates an illusion that
there is no difference between MSYS2 shell and "MinGW binary", but
@ -26,7 +26,7 @@
it's referred to in quotes here, as "MinGW binary", it's just as
"native" as it can get.)
Visual C++ builds, a.k.a. VC-*
Visual C++ builds, aka VC-*
==============================
Requirement details
@ -47,7 +47,7 @@
the other hand oldest one is known not to work. Everything between
falls into best-effort category.
- Netwide Assembler, a.k.a. NASM, available from https://www.nasm.us,
- Netwide Assembler, aka NASM, available from https://www.nasm.us,
is required. Note that NASM is the only supported assembler. Even
though Microsoft provided assembler is NOT supported, contemporary
64-bit version is exercised through continuous integration of
@ -132,7 +132,7 @@
If you link with static OpenSSL libraries then you're expected to
additionally link your application with WS2_32.LIB, GDI32.LIB,
ADVAPI32.LIB, CRYPT32.LIB and USER32.LIB. Those developing
non-interactive service applications might feel concerned about
noninteractive service applications might feel concerned about
linking with GDI32.LIB and USER32.LIB, as they are justly associated
with interactive desktop, which is not available to service
processes. The toolkit is designed to detect in which context it's

8
crypto/external/bsd/openssl/dist/apps/cms.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2008-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -545,9 +545,11 @@ int cms_main(int argc, char **argv)
if (key_param == NULL || key_param->idx != keyidx) {
cms_key_param *nparam;
nparam = app_malloc(sizeof(*nparam), "key param buffer");
nparam->idx = keyidx;
if ((nparam->param = sk_OPENSSL_STRING_new_null()) == NULL)
if ((nparam->param = sk_OPENSSL_STRING_new_null()) == NULL) {
OPENSSL_free(nparam);
goto end;
}
nparam->idx = keyidx;
nparam->next = NULL;
if (key_first == NULL)
key_first = nparam;

8
crypto/external/bsd/openssl/dist/apps/genpkey.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -177,9 +177,12 @@ int genpkey_main(int argc, char **argv)
goto end;
}
ret = 0;
if (rv <= 0) {
BIO_puts(bio_err, "Error writing key\n");
ERR_print_errors(bio_err);
ret = 1;
}
if (text) {
@ -191,11 +194,10 @@ int genpkey_main(int argc, char **argv)
if (rv <= 0) {
BIO_puts(bio_err, "Error printing key\n");
ERR_print_errors(bio_err);
ret = 1;
}
}
ret = 0;
end:
EVP_PKEY_free(pkey);
EVP_PKEY_CTX_free(ctx);

4
crypto/external/bsd/openssl/dist/apps/rsa8192.pem vendored
View File

@ -1,5 +1,4 @@
-----BEGIN RSA PRIVATE KEY-----
MIISKAIBAAKCBAEAiQ2f1X6Bte1DKD0OoCBKEikzPW+5w3oXk3WwnE97Wxzy6wJZ
ebbZC3CZKKBnJeBMrysPf+lK+9+fP6Vm8bp1wvbcSIA59BDrX6irFSuM/bdnkbuF
MFlDjt+uVrxwoyqfPi2IPot1HQg3l5mdyBqcTWvbOnU2L9HZxJfPUCjfzdTMPrMY
@ -62,7 +61,7 @@ JH1/Qx7C/mTAMRsN5SkOthnGq0djCNWfPv/3JV0H67Uf5krFlnwLebrgfTYoPPdo
yO7iBUNJzv6Qh22malLp4P8gzACkD7DGlSTnoB5cLwcjmDGg+i9WrUBbOiVTeQfZ
kOj1o+Tz35ndpq/DDUVlqliB9krcxva+QHeJPH53EGI+YVg1nD+s/vUDZ3mQMGX9
DQou2L8uU6RnWNv/BihGcL8QvS4Ty6QyPOUPpD3zc70JQAEcQk9BxQNaELgJX0IN
22cYn22tYvElew9G41OpDqzBRcfbdJmKXQ2HcroShutYJQRGUpAXHk24fy6JVkIU
2cYUn22tYvElew9G41OpDqzBRcfbdJmKXQ2HcroShutYJQRGUpAXHk24fy6JVkIU
ojF5U6cwextMja1ZIIZgh9eugIRUeIE7319nQNDzuXWjRCcoBLA25P7wnpHWDRpz
D9ovXCIvdja74lL5psqobV6L5+fbLPkSgXoImKR0LQKCAgAIC9Jk8kxumCyIVGCP
PeM5Uby9M3GMuKrfYsn0Y5e97+kSJF1dpojTodBgR2KQar6eVrvXt+8uZCcIjfx8
@ -98,4 +97,3 @@ TwEgE67iOb2iIoUpon/NyP4LesMzvdpsu2JFlfz13PmmQ34mFI7tWvOb3NA5DP3c
rMlMLtKfp2w8HlMZpsUlToNCx6CI+tJrohzcs3BAVAbjFAXRKWGijB1rxwyDdHPv
I+/wJTNaRNPQ1M0SwtEL/zJd21y3KSPn4eL+GP3efhlDSjtlDvZqkdAUsU8=
-----END RSA PRIVATE KEY-----

4
crypto/external/bsd/openssl/dist/apps/x509.c vendored
View File

@ -140,9 +140,9 @@ const OPTIONS x509_options[] = {
{"", OPT_MD, '-', "Any supported digest"},
#ifndef OPENSSL_NO_MD5
{"subject_hash_old", OPT_SUBJECT_HASH_OLD, '-',
"Print old-style (MD5) issuer hash value"},
{"issuer_hash_old", OPT_ISSUER_HASH_OLD, '-',
"Print old-style (MD5) subject hash value"},
{"issuer_hash_old", OPT_ISSUER_HASH_OLD, '-',
"Print old-style (MD5) issuer hash value"},
#endif
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},

3
crypto/external/bsd/openssl/dist/appveyor.yml vendored
View File

@ -46,7 +46,8 @@ before_build:
- cd ..
- ps: >-
if (-not $env:APPVEYOR_PULL_REQUEST_NUMBER`
-or (&git log -2 | Select-String "\[extended tests\]") ) {
-or (&git log -1 $env:APPVEYOR_PULL_REQUEST_HEAD_COMMIT |
Select-String "\[extended tests\]") ) {
$env:EXTENDED_TESTS="yes"
}

8
crypto/external/bsd/openssl/dist/config vendored
View File

@ -253,11 +253,8 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
Power*)
echo "ppc-apple-darwin${VERSION}"
;;
x86_64)
echo "x86_64-apple-darwin${VERSION}"
;;
*)
echo "i686-apple-darwin${VERSION}"
echo "${MACHINE}-apple-darwin${VERSION}"
;;
esac
exit 0
@ -497,6 +494,9 @@ case "$GUESSOS" in
else
OUT="darwin64-x86_64-cc"
fi ;;
$MACHINE-apple-darwin*)
OUT="darwin64-$MACHINE-cc"
;;
armv6+7-*-iphoneos)
__CNF_CFLAGS="$__CNF_CFLAGS -arch armv6 -arch armv7"
__CNF_CXXFLAGS="$__CNF_CXXFLAGS -arch armv6 -arch armv7"

351
crypto/external/bsd/openssl/dist/crypto/aes/aes_core.c vendored
View File

@ -673,357 +673,6 @@ void AES_decrypt(const unsigned char *in, unsigned char *out,
InvCipher(in, out, rk, key->rounds);
}
# ifndef OPENSSL_SMALL_FOOTPRINT
void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out,
size_t blocks, const AES_KEY *key,
const unsigned char *ivec);
static void RawToBits(const u8 raw[64], u64 bits[8])
{
int i, j;
u64 in, out;
memset(bits, 0, 64);
for (i = 0; i < 8; i++) {
in = 0;
for (j = 0; j < 8; j++)
in |= ((u64)raw[i * 8 + j]) << (8 * j);
out = in & 0xF0F0F0F00F0F0F0FuLL;
out |= (in & 0x0F0F0F0F00000000uLL) >> 28;
out |= (in & 0x00000000F0F0F0F0uLL) << 28;
in = out & 0xCCCC3333CCCC3333uLL;
in |= (out & 0x3333000033330000uLL) >> 14;
in |= (out & 0x0000CCCC0000CCCCuLL) << 14;
out = in & 0xAA55AA55AA55AA55uLL;
out |= (in & 0x5500550055005500uLL) >> 7;
out |= (in & 0x00AA00AA00AA00AAuLL) << 7;
for (j = 0; j < 8; j++) {
bits[j] |= (out & 0xFFuLL) << (8 * i);
out = out >> 8;
}
}
}
static void BitsToRaw(const u64 bits[8], u8 raw[64])
{
int i, j;
u64 in, out;
for (i = 0; i < 8; i++) {
in = 0;
for (j = 0; j < 8; j++)
in |= ((bits[j] >> (8 * i)) & 0xFFuLL) << (8 * j);
out = in & 0xF0F0F0F00F0F0F0FuLL;
out |= (in & 0x0F0F0F0F00000000uLL) >> 28;
out |= (in & 0x00000000F0F0F0F0uLL) << 28;
in = out & 0xCCCC3333CCCC3333uLL;
in |= (out & 0x3333000033330000uLL) >> 14;
in |= (out & 0x0000CCCC0000CCCCuLL) << 14;
out = in & 0xAA55AA55AA55AA55uLL;
out |= (in & 0x5500550055005500uLL) >> 7;
out |= (in & 0x00AA00AA00AA00AAuLL) << 7;
for (j = 0; j < 8; j++) {
raw[i * 8 + j] = (u8)out;
out = out >> 8;
}
}
}
static void BitsXtime(u64 state[8])
{
u64 b;
b = state[7];
state[7] = state[6];
state[6] = state[5];
state[5] = state[4];
state[4] = state[3] ^ b;
state[3] = state[2] ^ b;
state[2] = state[1];
state[1] = state[0] ^ b;
state[0] = b;
}
/*
* This S-box implementation follows a circuit described in
* Boyar and Peralta: "A new combinational logic minimization
* technique with applications to cryptology."
* https://eprint.iacr.org/2009/191.pdf
*
* The math is similar to above, in that it uses
* a tower field of GF(2^2^2^2) but with a different
* basis representation, that is better suited to
* logic designs.
*/
static void BitsSub(u64 state[8])
{
u64 x0, x1, x2, x3, x4, x5, x6, x7;
u64 y1, y2, y3, y4, y5, y6, y7, y8, y9, y10, y11;
u64 y12, y13, y14, y15, y16, y17, y18, y19, y20, y21;
u64 t0, t1, t2, t3, t4, t5, t6, t7, t8, t9, t10, t11;
u64 t12, t13, t14, t15, t16, t17, t18, t19, t20, t21;
u64 t22, t23, t24, t25, t26, t27, t28, t29, t30, t31;
u64 t32, t33, t34, t35, t36, t37, t38, t39, t40, t41;
u64 t42, t43, t44, t45, t46, t47, t48, t49, t50, t51;
u64 t52, t53, t54, t55, t56, t57, t58, t59, t60, t61;
u64 t62, t63, t64, t65, t66, t67;
u64 z0, z1, z2, z3, z4, z5, z6, z7, z8, z9, z10, z11;
u64 z12, z13, z14, z15, z16, z17;
u64 s0, s1, s2, s3, s4, s5, s6, s7;
x7 = state[0];
x6 = state[1];
x5 = state[2];
x4 = state[3];
x3 = state[4];
x2 = state[5];
x1 = state[6];
x0 = state[7];
y14 = x3 ^ x5;
y13 = x0 ^ x6;
y9 = x0 ^ x3;
y8 = x0 ^ x5;
t0 = x1 ^ x2;
y1 = t0 ^ x7;
y4 = y1 ^ x3;
y12 = y13 ^ y14;
y2 = y1 ^ x0;
y5 = y1 ^ x6;
y3 = y5 ^ y8;
t1 = x4 ^ y12;
y15 = t1 ^ x5;
y20 = t1 ^ x1;
y6 = y15 ^ x7;
y10 = y15 ^ t0;
y11 = y20 ^ y9;
y7 = x7 ^ y11;
y17 = y10 ^ y11;
y19 = y10 ^ y8;
y16 = t0 ^ y11;
y21 = y13 ^ y16;
y18 = x0 ^ y16;
t2 = y12 & y15;
t3 = y3 & y6;
t4 = t3 ^ t2;
t5 = y4 & x7;
t6 = t5 ^ t2;
t7 = y13 & y16;
t8 = y5 & y1;
t9 = t8 ^ t7;
t10 = y2 & y7;
t11 = t10 ^ t7;
t12 = y9 & y11;
t13 = y14 & y17;
t14 = t13 ^ t12;
t15 = y8 & y10;
t16 = t15 ^ t12;
t17 = t4 ^ t14;
t18 = t6 ^ t16;
t19 = t9 ^ t14;
t20 = t11 ^ t16;
t21 = t17 ^ y20;
t22 = t18 ^ y19;
t23 = t19 ^ y21;
t24 = t20 ^ y18;
t25 = t21 ^ t22;
t26 = t21 & t23;
t27 = t24 ^ t26;
t28 = t25 & t27;
t29 = t28 ^ t22;
t30 = t23 ^ t24;
t31 = t22 ^ t26;
t32 = t31 & t30;
t33 = t32 ^ t24;
t34 = t23 ^ t33;
t35 = t27 ^ t33;
t36 = t24 & t35;
t37 = t36 ^ t34;
t38 = t27 ^ t36;
t39 = t29 & t38;
t40 = t25 ^ t39;
t41 = t40 ^ t37;
t42 = t29 ^ t33;
t43 = t29 ^ t40;
t44 = t33 ^ t37;
t45 = t42 ^ t41;
z0 = t44 & y15;
z1 = t37 & y6;
z2 = t33 & x7;
z3 = t43 & y16;
z4 = t40 & y1;
z5 = t29 & y7;
z6 = t42 & y11;
z7 = t45 & y17;
z8 = t41 & y10;
z9 = t44 & y12;
z10 = t37 & y3;
z11 = t33 & y4;
z12 = t43 & y13;
z13 = t40 & y5;
z14 = t29 & y2;
z15 = t42 & y9;
z16 = t45 & y14;
z17 = t41 & y8;
t46 = z15 ^ z16;
t47 = z10 ^ z11;
t48 = z5 ^ z13;
t49 = z9 ^ z10;
t50 = z2 ^ z12;
t51 = z2 ^ z5;
t52 = z7 ^ z8;
t53 = z0 ^ z3;
t54 = z6 ^ z7;
t55 = z16 ^ z17;
t56 = z12 ^ t48;
t57 = t50 ^ t53;
t58 = z4 ^ t46;
t59 = z3 ^ t54;
t60 = t46 ^ t57;
t61 = z14 ^ t57;
t62 = t52 ^ t58;
t63 = t49 ^ t58;
t64 = z4 ^ t59;
t65 = t61 ^ t62;
t66 = z1 ^ t63;
s0 = t59 ^ t63;
s6 = ~(t56 ^ t62);
s7 = ~(t48 ^ t60);
t67 = t64 ^ t65;
s3 = t53 ^ t66;
s4 = t51 ^ t66;
s5 = t47 ^ t65;
s1 = ~(t64 ^ s3);
s2 = ~(t55 ^ t67);
state[0] = s7;
state[1] = s6;
state[2] = s5;
state[3] = s4;
state[4] = s3;
state[5] = s2;
state[6] = s1;
state[7] = s0;
}
static void BitsShiftRows(u64 state[8])
{
u64 s, s0;
int i;
for (i = 0; i < 8; i++) {
s = state[i];
s0 = s & 0x1111111111111111uLL;
s0 |= ((s & 0x2220222022202220uLL) >> 4) | ((s & 0x0002000200020002uLL) << 12);
s0 |= ((s & 0x4400440044004400uLL) >> 8) | ((s & 0x0044004400440044uLL) << 8);
s0 |= ((s & 0x8000800080008000uLL) >> 12) | ((s & 0x0888088808880888uLL) << 4);
state[i] = s0;
}
}
static void BitsMixColumns(u64 state[8])
{
u64 s1, s;
u64 s0[8];
int i;
for (i = 0; i < 8; i++) {
s1 = state[i];
s = s1;
s ^= ((s & 0xCCCCCCCCCCCCCCCCuLL) >> 2) | ((s & 0x3333333333333333uLL) << 2);
s ^= ((s & 0xAAAAAAAAAAAAAAAAuLL) >> 1) | ((s & 0x5555555555555555uLL) << 1);
s ^= s1;
s0[i] = s;
}
BitsXtime(state);
for (i = 0; i < 8; i++) {
s1 = state[i];
s = s0[i];
s ^= s1;
s ^= ((s1 & 0xEEEEEEEEEEEEEEEEuLL) >> 1) | ((s1 & 0x1111111111111111uLL) << 3);
state[i] = s;
}
}
static void BitsAddRoundKey(u64 state[8], const u64 key[8])
{
int i;
for (i = 0; i < 8; i++)
state[i] ^= key[i];
}
void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out,
size_t blocks, const AES_KEY *key,
const unsigned char *ivec)
{
struct {
u8 cipher[64];
u64 state[8];
u64 rd_key[AES_MAXNR + 1][8];
} *bs;
u32 ctr32;
int i;
ctr32 = GETU32(ivec + 12);
if (blocks >= 4
&& (bs = OPENSSL_malloc(sizeof(*bs)))) {
for (i = 0; i < key->rounds + 1; i++) {
memcpy(bs->cipher + 0, &key->rd_key[4 * i], 16);
memcpy(bs->cipher + 16, bs->cipher, 16);
memcpy(bs->cipher + 32, bs->cipher, 32);
RawToBits(bs->cipher, bs->rd_key[i]);
}
while (blocks) {
memcpy(bs->cipher, ivec, 12);
PUTU32(bs->cipher + 12, ctr32);
ctr32++;
memcpy(bs->cipher + 16, ivec, 12);
PUTU32(bs->cipher + 28, ctr32);
ctr32++;
memcpy(bs->cipher + 32, ivec, 12);
PUTU32(bs->cipher + 44, ctr32);
ctr32++;
memcpy(bs->cipher + 48, ivec, 12);
PUTU32(bs->cipher + 60, ctr32);
ctr32++;
RawToBits(bs->cipher, bs->state);
BitsAddRoundKey(bs->state, bs->rd_key[0]);
for (i = 1; i < key->rounds; i++) {
BitsSub(bs->state);
BitsShiftRows(bs->state);
BitsMixColumns(bs->state);
BitsAddRoundKey(bs->state, bs->rd_key[i]);
}
BitsSub(bs->state);
BitsShiftRows(bs->state);
BitsAddRoundKey(bs->state, bs->rd_key[key->rounds]);
BitsToRaw(bs->state, bs->cipher);
for (i = 0; i < 64 && blocks; i++) {
out[i] = in[i] ^ bs->cipher[i];
if ((i & 15) == 15)
blocks--;
}
in += i;
out += i;
}
OPENSSL_clear_free(bs, sizeof(*bs));
} else {
unsigned char cipher[16];
while (blocks) {
memcpy(cipher, ivec, 12);
PUTU32(cipher + 12, ctr32);
AES_encrypt(cipher, cipher, key);
for (i = 0; i < 16; i++)
out[i] = in[i] ^ cipher[i];
in += 16;
out += 16;
ctr32++;
blocks--;
}
}
}
# endif
#elif !defined(AES_ASM)
/*-
Te0[x] = S [x].[02, 01, 01, 03];

16
crypto/external/bsd/openssl/dist/crypto/aes/aes_ige.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -12,11 +12,6 @@
#include <openssl/aes.h>
#include "aes_local.h"
#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long))
typedef struct {
unsigned long data[N_WORDS];
} aes_block_t;
/* XXX: probably some better way to do this */
#if defined(__i386__) || defined(__x86_64__)
# define UNALIGNED_MEMOPS_ARE_FAST 1
@ -24,6 +19,15 @@ typedef struct {
# define UNALIGNED_MEMOPS_ARE_FAST 0
#endif
#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long))
typedef struct {
unsigned long data[N_WORDS];
#if defined(__GNUC__) && UNALIGNED_MEMOPS_ARE_FAST
} aes_block_t __attribute((__aligned__(1)));
#else
} aes_block_t;
#endif
#if UNALIGNED_MEMOPS_ARE_FAST
# define load_block(d, s) (d) = *(const aes_block_t *)(s)
# define store_block(d, s) *(aes_block_t *)(d) = (s)

2
crypto/external/bsd/openssl/dist/crypto/aes/asm/aesni-mb-x86_64.pl vendored
View File

@ -70,7 +70,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$avx = ($1>=10) + ($1>=11);
}
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
$avx = ($2>=3.0) + ($2>3.0);
}

2
crypto/external/bsd/openssl/dist/crypto/aes/asm/aesni-sha256-x86_64.pl vendored
View File

@ -70,7 +70,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$avx = ($1>=10) + ($1>=12);
}
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
$avx = ($2>=3.0) + ($2>3.0);
}

38
crypto/external/bsd/openssl/dist/crypto/aes/asm/aesv8-armx.pl vendored
View File

@ -183,7 +183,12 @@ $code.=<<___;
.Loop192:
vtbl.8 $key,{$in1},$mask
vext.8 $tmp,$zero,$in0,#12
#ifdef __ARMEB__
vst1.32 {$in1},[$out],#16
sub $out,$out,#8
#else
vst1.32 {$in1},[$out],#8
#endif
aese $key,$zero
subs $bits,$bits,#1
@ -715,8 +720,11 @@ $code.=<<___;
ldr $rounds,[$key,#240]
ldr $ctr, [$ivp, #12]
#ifdef __ARMEB__
vld1.8 {$dat0},[$ivp]
#else
vld1.32 {$dat0},[$ivp]
#endif
vld1.32 {q8-q9},[$key] // load key schedule...
sub $rounds,$rounds,#4
mov $step,#16
@ -732,17 +740,17 @@ $code.=<<___;
#ifndef __ARMEB__
rev $ctr, $ctr
#endif
vorr $dat1,$dat0,$dat0
add $tctr1, $ctr, #1
vorr $dat2,$dat0,$dat0
add $ctr, $ctr, #2
vorr $ivec,$dat0,$dat0
rev $tctr1, $tctr1
vmov.32 ${dat1}[3],$tctr1
vmov.32 ${ivec}[3],$tctr1
add $ctr, $ctr, #2
vorr $dat1,$ivec,$ivec
b.ls .Lctr32_tail
rev $tctr2, $ctr
vmov.32 ${ivec}[3],$tctr2
sub $len,$len,#3 // bias
vmov.32 ${dat2}[3],$tctr2
vorr $dat2,$ivec,$ivec
b .Loop3x_ctr32
.align 4
@ -769,11 +777,11 @@ $code.=<<___;
aese $dat1,q8
aesmc $tmp1,$dat1
vld1.8 {$in0},[$inp],#16
vorr $dat0,$ivec,$ivec
add $tctr0,$ctr,#1
aese $dat2,q8
aesmc $dat2,$dat2
vld1.8 {$in1},[$inp],#16
vorr $dat1,$ivec,$ivec
rev $tctr0,$tctr0
aese $tmp0,q9
aesmc $tmp0,$tmp0
aese $tmp1,q9
@ -782,8 +790,6 @@ $code.=<<___;
mov $key_,$key
aese $dat2,q9
aesmc $tmp2,$dat2
vorr $dat2,$ivec,$ivec
add $tctr0,$ctr,#1
aese $tmp0,q12
aesmc $tmp0,$tmp0
aese $tmp1,q12
@ -799,20 +805,22 @@ $code.=<<___;
aese $tmp1,q13
aesmc $tmp1,$tmp1
veor $in2,$in2,$rndlast
rev $tctr0,$tctr0
vmov.32 ${ivec}[3], $tctr0
aese $tmp2,q13
aesmc $tmp2,$tmp2
vmov.32 ${dat0}[3], $tctr0
vorr $dat0,$ivec,$ivec
rev $tctr1,$tctr1
aese $tmp0,q14
aesmc $tmp0,$tmp0
vmov.32 ${ivec}[3], $tctr1
rev $tctr2,$ctr
aese $tmp1,q14
aesmc $tmp1,$tmp1
vmov.32 ${dat1}[3], $tctr1
rev $tctr2,$ctr
vorr $dat1,$ivec,$ivec
vmov.32 ${ivec}[3], $tctr2
aese $tmp2,q14
aesmc $tmp2,$tmp2
vmov.32 ${dat2}[3], $tctr2
vorr $dat2,$ivec,$ivec
subs $len,$len,#3
aese $tmp0,q15
aese $tmp1,q15

4
crypto/external/bsd/openssl/dist/crypto/asn1/asn1_err.c vendored
View File

@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -49,6 +49,7 @@ static const ERR_STRING_DATA ASN1_str_functs[] = {
"asn1_item_embed_d2i"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_EMBED_NEW, 0),
"asn1_item_embed_new"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_EX_I2D, 0), "ASN1_item_ex_i2d"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_FLAGS_I2D, 0),
"asn1_item_flags_i2d"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_I2D_BIO, 0), "ASN1_item_i2d_bio"},
@ -160,6 +161,7 @@ static const ERR_STRING_DATA ASN1_str_reasons[] = {
"asn1 sig parse error"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_AUX_ERROR), "aux error"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BAD_OBJECT_HEADER), "bad object header"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BAD_TEMPLATE), "bad template"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BMPSTRING_IS_WRONG_LENGTH),
"bmpstring is wrong length"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BN_LIB), "bn lib"},

4
crypto/external/bsd/openssl/dist/crypto/asn1/d2i_pr.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -56,6 +56,8 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
goto err;
EVP_PKEY_free(ret);
ret = tmp;
if (EVP_PKEY_type(type) != EVP_PKEY_base_id(ret))
goto err;
} else {
ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
goto err;

34
crypto/external/bsd/openssl/dist/crypto/asn1/x_algor.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1998-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -92,3 +92,35 @@ int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b)
return 0;
return ASN1_TYPE_cmp(a->parameter, b->parameter);
}
int X509_ALGOR_copy(X509_ALGOR *dest, const X509_ALGOR *src)
{
if (src == NULL || dest == NULL)
return 0;
if (dest->algorithm)
ASN1_OBJECT_free(dest->algorithm);
dest->algorithm = NULL;
if (dest->parameter)
ASN1_TYPE_free(dest->parameter);
dest->parameter = NULL;
if (src->algorithm)
if ((dest->algorithm = OBJ_dup(src->algorithm)) == NULL)
return 0;
if (src->parameter) {
dest->parameter = ASN1_TYPE_new();
if (dest->parameter == NULL)
return 0;
/* Assuming this is also correct for a BOOL.
* set does copy as a side effect.
*/
if (ASN1_TYPE_set1(dest->parameter,
src->parameter->type, src->parameter->value.ptr) == 0)
return 0;
}
return 1;
}

6
crypto/external/bsd/openssl/dist/crypto/bio/b_addr.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -7,6 +7,10 @@
* https://www.openssl.org/source/license.html
*/
#ifndef _GNU_SOURCE
# define _GNU_SOURCE
#endif
#include <assert.h>
#include <string.h>

8
crypto/external/bsd/openssl/dist/crypto/bio/b_print.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -635,7 +635,11 @@ fmtfp(char **sbuffer,
fvalue = tmpvalue;
}
ufvalue = abs_val(fvalue);
if (ufvalue > ULONG_MAX) {
/*
* By subtracting 65535 (2^16-1) we cancel the low order 15 bits
* of ULONG_MAX to avoid using imprecise floating point values.
*/
if (ufvalue >= (double)(ULONG_MAX - 65535) + 65536.0) {
/* Number too big */
return 0;
}

6
crypto/external/bsd/openssl/dist/crypto/bio/bss_acpt.c vendored
View File

@ -434,8 +434,10 @@ static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
b->init = 1;
} else if (num == 1) {
OPENSSL_free(data->param_serv);
data->param_serv = BUF_strdup(ptr);
b->init = 1;
if ((data->param_serv = OPENSSL_strdup(ptr)) == NULL)
ret = 0;
else
b->init = 1;
} else if (num == 2) {
data->bind_mode |= BIO_SOCK_NONBLOCK;
} else if (num == 3) {

36
crypto/external/bsd/openssl/dist/crypto/bio/bss_conn.c vendored
View File

@ -186,8 +186,17 @@ static int conn_state(BIO *b, BIO_CONNECT *c)
case BIO_CONN_S_BLOCKED_CONNECT:
i = BIO_sock_error(b->num);
if (i) {
if (i != 0) {
BIO_clear_retry_flags(b);
if ((c->addr_iter = BIO_ADDRINFO_next(c->addr_iter)) != NULL) {
/*
* if there are more addresses to try, do that first
*/
BIO_closesocket(b->num);
c->state = BIO_CONN_S_CREATE_SOCKET;
ERR_clear_error();
break;
}
SYSerr(SYS_F_CONNECT, i);
ERR_add_error_data(4,
"hostname=", c->param_hostname,
@ -407,12 +416,13 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
case BIO_C_SET_CONNECT:
if (ptr != NULL) {
b->init = 1;
if (num == 0) {
if (num == 0) { /* BIO_set_conn_hostname */
char *hold_service = data->param_service;
/* We affect the hostname regardless. However, the input
* string might contain a host:service spec, so we must
* parse it, which might or might not affect the service
*/
OPENSSL_free(data->param_hostname);
data->param_hostname = NULL;
ret = BIO_parse_hostserv(ptr,
@ -421,19 +431,29 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
BIO_PARSE_PRIO_HOST);
if (hold_service != data->param_service)
OPENSSL_free(hold_service);
} else if (num == 1) {
} else if (num == 1) { /* BIO_set_conn_port */
OPENSSL_free(data->param_service);
data->param_service = BUF_strdup(ptr);
} else if (num == 2) {
if ((data->param_service = OPENSSL_strdup(ptr)) == NULL)
ret = 0;
} else if (num == 2) { /* BIO_set_conn_address */
const BIO_ADDR *addr = (const BIO_ADDR *)ptr;
char *host = BIO_ADDR_hostname_string(addr, 1);
char *service = BIO_ADDR_service_string(addr, 1);
ret = host != NULL && service != NULL;
if (ret) {
data->param_hostname = BIO_ADDR_hostname_string(addr, 1);
data->param_service = BIO_ADDR_service_string(addr, 1);
OPENSSL_free(data->param_hostname);
data->param_hostname = host;
OPENSSL_free(data->param_service);
data->param_service = service;
BIO_ADDRINFO_free(data->addr_first);
data->addr_first = NULL;
data->addr_iter = NULL;
} else {
OPENSSL_free(host);
OPENSSL_free(service);
}
} else if (num == 3) {
} else if (num == 3) { /* BIO_set_conn_ip_family */
data->connect_family = *(int *)ptr;
} else {
ret = 0;

2
crypto/external/bsd/openssl/dist/crypto/bn/asm/rsaz-avx2.pl vendored
View File

@ -66,7 +66,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$addx = ($1>=11);
}
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([0-9]+)\.([0-9]+)/) {
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|based on LLVM) ([0-9]+)\.([0-9]+)/) {
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
$avx = ($ver>=3.0) + ($ver>=3.01);
$addx = ($ver>=3.03);

2
crypto/external/bsd/openssl/dist/crypto/bn/asm/rsaz-x86_64.pl vendored
View File

@ -81,7 +81,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$addx = ($1>=12);
}
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
$addx = ($ver>=3.03);
}

2
crypto/external/bsd/openssl/dist/crypto/bn/asm/x86_64-mont.pl vendored
View File

@ -75,7 +75,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$addx = ($1>=12);
}
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
$addx = ($ver>=3.03);
}

2
crypto/external/bsd/openssl/dist/crypto/bn/asm/x86_64-mont5.pl vendored
View File

@ -60,7 +60,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$addx = ($1>=12);
}
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
$addx = ($ver>=3.03);
}

386
crypto/external/bsd/openssl/dist/crypto/bn/bn_gcd.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -10,22 +10,189 @@
#include "internal/cryptlib.h"
#include "bn_local.h"
/* solves ax == 1 (mod n) */
static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n,
BN_CTX *ctx);
BIGNUM *BN_mod_inverse(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
/*
* bn_mod_inverse_no_branch is a special version of BN_mod_inverse. It does
* not contain branches that may leak sensitive information.
*
* This is a static function, we ensure all callers in this file pass valid
* arguments: all passed pointers here are non-NULL.
*/
static ossl_inline
BIGNUM *bn_mod_inverse_no_branch(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n,
BN_CTX *ctx, int *pnoinv)
{
BIGNUM *rv;
int noinv;
rv = int_bn_mod_inverse(in, a, n, ctx, &noinv);
if (noinv)
BNerr(BN_F_BN_MOD_INVERSE, BN_R_NO_INVERSE);
return rv;
BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL;
BIGNUM *ret = NULL;
int sign;
bn_check_top(a);
bn_check_top(n);
BN_CTX_start(ctx);
A = BN_CTX_get(ctx);
B = BN_CTX_get(ctx);
X = BN_CTX_get(ctx);
D = BN_CTX_get(ctx);
M = BN_CTX_get(ctx);
Y = BN_CTX_get(ctx);
T = BN_CTX_get(ctx);
if (T == NULL)
goto err;
if (in == NULL)
R = BN_new();
else
R = in;
if (R == NULL)
goto err;
BN_one(X);
BN_zero(Y);
if (BN_copy(B, a) == NULL)
goto err;
if (BN_copy(A, n) == NULL)
goto err;
A->neg = 0;
if (B->neg || (BN_ucmp(B, A) >= 0)) {
/*
* Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked,
* BN_div_no_branch will be called eventually.
*/
{
BIGNUM local_B;
bn_init(&local_B);
BN_with_flags(&local_B, B, BN_FLG_CONSTTIME);
if (!BN_nnmod(B, &local_B, A, ctx))
goto err;
/* Ensure local_B goes out of scope before any further use of B */
}
}
sign = -1;
/*-
* From B = a mod |n|, A = |n| it follows that
*
* 0 <= B < A,
* -sign*X*a == B (mod |n|),
* sign*Y*a == A (mod |n|).
*/
while (!BN_is_zero(B)) {
BIGNUM *tmp;
/*-
* 0 < B < A,
* (*) -sign*X*a == B (mod |n|),
* sign*Y*a == A (mod |n|)
*/
/*
* Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked,
* BN_div_no_branch will be called eventually.
*/
{
BIGNUM local_A;
bn_init(&local_A);
BN_with_flags(&local_A, A, BN_FLG_CONSTTIME);
/* (D, M) := (A/B, A%B) ... */
if (!BN_div(D, M, &local_A, B, ctx))
goto err;
/* Ensure local_A goes out of scope before any further use of A */
}
/*-
* Now
* A = D*B + M;
* thus we have
* (**) sign*Y*a == D*B + M (mod |n|).
*/
tmp = A; /* keep the BIGNUM object, the value does not
* matter */
/* (A, B) := (B, A mod B) ... */
A = B;
B = M;
/* ... so we have 0 <= B < A again */
/*-
* Since the former M is now B and the former B is now A,
* (**) translates into
* sign*Y*a == D*A + B (mod |n|),
* i.e.
* sign*Y*a - D*A == B (mod |n|).
* Similarly, (*) translates into
* -sign*X*a == A (mod |n|).
*
* Thus,
* sign*Y*a + D*sign*X*a == B (mod |n|),
* i.e.
* sign*(Y + D*X)*a == B (mod |n|).
*
* So if we set (X, Y, sign) := (Y + D*X, X, -sign), we arrive back at
* -sign*X*a == B (mod |n|),
* sign*Y*a == A (mod |n|).
* Note that X and Y stay non-negative all the time.
*/
if (!BN_mul(tmp, D, X, ctx))
goto err;
if (!BN_add(tmp, tmp, Y))
goto err;
M = Y; /* keep the BIGNUM object, the value does not
* matter */
Y = X;
X = tmp;
sign = -sign;
}
/*-
* The while loop (Euclid's algorithm) ends when
* A == gcd(a,n);
* we have
* sign*Y*a == A (mod |n|),
* where Y is non-negative.
*/
if (sign < 0) {
if (!BN_sub(Y, n, Y))
goto err;
}
/* Now Y*a == A (mod |n|). */
if (BN_is_one(A)) {
/* Y*a == 1 (mod |n|) */
if (!Y->neg && BN_ucmp(Y, n) < 0) {
if (!BN_copy(R, Y))
goto err;
} else {
if (!BN_nnmod(R, Y, n, ctx))
goto err;
}
} else {
*pnoinv = 1;
/* caller sets the BN_R_NO_INVERSE error */
goto err;
}
ret = R;
*pnoinv = 0;
err:
if ((ret == NULL) && (in == NULL))
BN_free(R);
BN_CTX_end(ctx);
bn_check_top(ret);
return ret;
}
/*
* This is an internal function, we assume all callers pass valid arguments:
* all pointers passed here are assumed non-NULL.
*/
BIGNUM *int_bn_mod_inverse(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx,
int *pnoinv)
@ -36,17 +203,15 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in,
/* This is invalid input so we don't worry about constant time here */
if (BN_abs_is_word(n, 1) || BN_is_zero(n)) {
if (pnoinv != NULL)
*pnoinv = 1;
*pnoinv = 1;
return NULL;
}
if (pnoinv != NULL)
*pnoinv = 0;
*pnoinv = 0;
if ((BN_get_flags(a, BN_FLG_CONSTTIME) != 0)
|| (BN_get_flags(n, BN_FLG_CONSTTIME) != 0)) {
return BN_mod_inverse_no_branch(in, a, n, ctx);
return bn_mod_inverse_no_branch(in, a, n, ctx, pnoinv);
}
bn_check_top(a);
@ -332,8 +497,7 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in,
goto err;
}
} else {
if (pnoinv)
*pnoinv = 1;
*pnoinv = 1;
goto err;
}
ret = R;
@ -345,175 +509,27 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in,
return ret;
}
/*
* BN_mod_inverse_no_branch is a special version of BN_mod_inverse. It does
* not contain branches that may leak sensitive information.
*/
static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n,
BN_CTX *ctx)
/* solves ax == 1 (mod n) */
BIGNUM *BN_mod_inverse(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
{
BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL;
BIGNUM *ret = NULL;
int sign;
BN_CTX *new_ctx = NULL;
BIGNUM *rv;
int noinv = 0;
bn_check_top(a);
bn_check_top(n);
BN_CTX_start(ctx);
A = BN_CTX_get(ctx);
B = BN_CTX_get(ctx);
X = BN_CTX_get(ctx);
D = BN_CTX_get(ctx);
M = BN_CTX_get(ctx);
Y = BN_CTX_get(ctx);
T = BN_CTX_get(ctx);
if (T == NULL)
goto err;
if (in == NULL)
R = BN_new();
else
R = in;
if (R == NULL)
goto err;
BN_one(X);
BN_zero(Y);
if (BN_copy(B, a) == NULL)
goto err;
if (BN_copy(A, n) == NULL)
goto err;
A->neg = 0;
if (B->neg || (BN_ucmp(B, A) >= 0)) {
/*
* Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked,
* BN_div_no_branch will be called eventually.
*/
{
BIGNUM local_B;
bn_init(&local_B);
BN_with_flags(&local_B, B, BN_FLG_CONSTTIME);
if (!BN_nnmod(B, &local_B, A, ctx))
goto err;
/* Ensure local_B goes out of scope before any further use of B */
if (ctx == NULL) {
ctx = new_ctx = BN_CTX_new();
if (ctx == NULL) {
BNerr(BN_F_BN_MOD_INVERSE, ERR_R_MALLOC_FAILURE);
return NULL;
}
}
sign = -1;
/*-
* From B = a mod |n|, A = |n| it follows that
*
* 0 <= B < A,
* -sign*X*a == B (mod |n|),
* sign*Y*a == A (mod |n|).
*/
while (!BN_is_zero(B)) {
BIGNUM *tmp;
/*-
* 0 < B < A,
* (*) -sign*X*a == B (mod |n|),
* sign*Y*a == A (mod |n|)
*/
/*
* Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked,
* BN_div_no_branch will be called eventually.
*/
{
BIGNUM local_A;
bn_init(&local_A);
BN_with_flags(&local_A, A, BN_FLG_CONSTTIME);
/* (D, M) := (A/B, A%B) ... */
if (!BN_div(D, M, &local_A, B, ctx))
goto err;
/* Ensure local_A goes out of scope before any further use of A */
}
/*-
* Now
* A = D*B + M;
* thus we have
* (**) sign*Y*a == D*B + M (mod |n|).
*/
tmp = A; /* keep the BIGNUM object, the value does not
* matter */
/* (A, B) := (B, A mod B) ... */
A = B;
B = M;
/* ... so we have 0 <= B < A again */
/*-
* Since the former M is now B and the former B is now A,
* (**) translates into
* sign*Y*a == D*A + B (mod |n|),
* i.e.
* sign*Y*a - D*A == B (mod |n|).
* Similarly, (*) translates into
* -sign*X*a == A (mod |n|).
*
* Thus,
* sign*Y*a + D*sign*X*a == B (mod |n|),
* i.e.
* sign*(Y + D*X)*a == B (mod |n|).
*
* So if we set (X, Y, sign) := (Y + D*X, X, -sign), we arrive back at
* -sign*X*a == B (mod |n|),
* sign*Y*a == A (mod |n|).
* Note that X and Y stay non-negative all the time.
*/
if (!BN_mul(tmp, D, X, ctx))
goto err;
if (!BN_add(tmp, tmp, Y))
goto err;
M = Y; /* keep the BIGNUM object, the value does not
* matter */
Y = X;
X = tmp;
sign = -sign;
}
/*-
* The while loop (Euclid's algorithm) ends when
* A == gcd(a,n);
* we have
* sign*Y*a == A (mod |n|),
* where Y is non-negative.
*/
if (sign < 0) {
if (!BN_sub(Y, n, Y))
goto err;
}
/* Now Y*a == A (mod |n|). */
if (BN_is_one(A)) {
/* Y*a == 1 (mod |n|) */
if (!Y->neg && BN_ucmp(Y, n) < 0) {
if (!BN_copy(R, Y))
goto err;
} else {
if (!BN_nnmod(R, Y, n, ctx))
goto err;
}
} else {
BNerr(BN_F_BN_MOD_INVERSE_NO_BRANCH, BN_R_NO_INVERSE);
goto err;
}
ret = R;
err:
if ((ret == NULL) && (in == NULL))
BN_free(R);
BN_CTX_end(ctx);
bn_check_top(ret);
return ret;
rv = int_bn_mod_inverse(in, a, n, ctx, &noinv);
if (noinv)
BNerr(BN_F_BN_MOD_INVERSE, BN_R_NO_INVERSE);
BN_CTX_free(new_ctx);
return rv;
}
/*-

4
crypto/external/bsd/openssl/dist/crypto/bn/bn_mpi.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -45,7 +45,7 @@ BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *ain)
int neg = 0;
BIGNUM *a = NULL;
if (n < 4) {
if (n < 4 || (d[0] & 0x80) != 0) {
BNerr(BN_F_BN_MPI2BN, BN_R_INVALID_LENGTH);
return NULL;
}

1
crypto/external/bsd/openssl/dist/crypto/chacha/asm/chacha-armv8.pl vendored
View File

@ -125,6 +125,7 @@ $code.=<<___;
.text
.extern OPENSSL_armcap_P
.hidden OPENSSL_armcap_P
.align 5
.Lsigma:

2
crypto/external/bsd/openssl/dist/crypto/chacha/asm/chacha-x86.pl vendored
View File

@ -62,7 +62,7 @@ $ymm=1 if ($xmm && !$ymm && $ARGV[0] eq "win32" &&
$1>=10); # first version supporting AVX
$ymm=1 if ($xmm && !$ymm &&
`$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/ &&
`$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/ &&
$2>=3.0); # first version supporting AVX
$a="eax";

2
crypto/external/bsd/openssl/dist/crypto/chacha/asm/chacha-x86_64.pl vendored
View File

@ -85,7 +85,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$avx = ($1>=10) + ($1>=11);
}
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
$avx = ($2>=3.0) + ($2>3.0);
}

21
crypto/external/bsd/openssl/dist/crypto/cmac/cmac.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2010-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2010-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -116,11 +116,18 @@ int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
return 1;
}
/* Initialise context */
if (cipher && !EVP_EncryptInit_ex(ctx->cctx, cipher, impl, NULL, NULL))
return 0;
if (cipher != NULL) {
/* Ensure we can't use this ctx until we also have a key */
ctx->nlast_block = -1;
if (!EVP_EncryptInit_ex(ctx->cctx, cipher, impl, NULL, NULL))
return 0;
}
/* Non-NULL key means initialisation complete */
if (key) {
if (key != NULL) {
int bl;
/* If anything fails then ensure we can't use this ctx */
ctx->nlast_block = -1;
if (!EVP_CIPHER_CTX_cipher(ctx->cctx))
return 0;
if (!EVP_CIPHER_CTX_set_key_length(ctx->cctx, keylen))
@ -128,7 +135,7 @@ int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
if (!EVP_EncryptInit_ex(ctx->cctx, NULL, NULL, key, zero_iv))
return 0;
bl = EVP_CIPHER_CTX_block_size(ctx->cctx);
if (!EVP_Cipher(ctx->cctx, ctx->tbl, zero_iv, bl))
if (EVP_Cipher(ctx->cctx, ctx->tbl, zero_iv, bl) <= 0)
return 0;
make_kn(ctx->k1, ctx->tbl, bl);
make_kn(ctx->k2, ctx->k1, bl);
@ -166,12 +173,12 @@ int CMAC_Update(CMAC_CTX *ctx, const void *in, size_t dlen)
return 1;
data += nleft;
/* Else not final block so encrypt it */
if (!EVP_Cipher(ctx->cctx, ctx->tbl, ctx->last_block, bl))
if (EVP_Cipher(ctx->cctx, ctx->tbl, ctx->last_block, bl) <= 0)
return 0;
}
/* Encrypt all but one of the complete blocks left */
while (dlen > bl) {
if (!EVP_Cipher(ctx->cctx, ctx->tbl, data, bl))
if (EVP_Cipher(ctx->cctx, ctx->tbl, data, bl) <= 0)
return 0;
dlen -= bl;
data += bl;

5
crypto/external/bsd/openssl/dist/crypto/cms/cms_lib.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -92,12 +92,13 @@ BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont)
default:
CMSerr(CMS_F_CMS_DATAINIT, CMS_R_UNSUPPORTED_TYPE);
return NULL;
goto err;
}
if (cmsbio)
return BIO_push(cmsbio, cont);
err:
if (!icont)
BIO_free(cont);
return NULL;

6
crypto/external/bsd/openssl/dist/crypto/cms/cms_sd.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2008-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -897,8 +897,10 @@ int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
ASN1_INTEGER *key = NULL;
if (keysize > 0) {
key = ASN1_INTEGER_new();
if (key == NULL || !ASN1_INTEGER_set(key, keysize))
if (key == NULL || !ASN1_INTEGER_set(key, keysize)) {
ASN1_INTEGER_free(key);
return 0;
}
}
alg = X509_ALGOR_new();
if (alg == NULL) {

4
crypto/external/bsd/openssl/dist/crypto/cms/cms_smime.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2008-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -341,7 +341,7 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
char *ptr;
long len;
len = BIO_get_mem_data(dcont, &ptr);
tmpin = BIO_new_mem_buf(ptr, len);
tmpin = (len == 0) ? dcont : BIO_new_mem_buf(ptr, len);
if (tmpin == NULL) {
CMSerr(CMS_F_CMS_VERIFY, ERR_R_MALLOC_FAILURE);
goto err2;

6
crypto/external/bsd/openssl/dist/crypto/dso/dso_win32.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -565,8 +565,8 @@ static int win32_pathbyaddr(void *addr, char *path, int sz)
/* Enumerate the modules to find one which includes me. */
do {
if ((uintptr_t) addr >= (uintptr_t) me32.modBaseAddr &&
(uintptr_t) addr < (uintptr_t) (me32.modBaseAddr + me32.modBaseSize)) {
if ((size_t) addr >= (size_t) me32.modBaseAddr &&
(size_t) addr < (size_t) (me32.modBaseAddr + me32.modBaseSize)) {
(*close_snap) (hModuleSnap);
FreeLibrary(dll);
# ifdef _WIN32_WCE

6
crypto/external/bsd/openssl/dist/crypto/ec/asm/ecp_nistz256-armv4.pl vendored
View File

@ -1517,9 +1517,9 @@ ecp_nistz256_point_add:
ldr $t2,[sp,#32*18+12] @ ~is_equal(S1,S2)
mvn $t0,$t0 @ -1/0 -> 0/-1
mvn $t1,$t1 @ -1/0 -> 0/-1
orr $a0,$t0
orr $a0,$t1
orrs $a0,$t2 @ set flags
orr $a0,$a0,$t0
orr $a0,$a0,$t1
orrs $a0,$a0,$t2 @ set flags
@ if(~is_equal(U1,U2) | in1infty | in2infty | ~is_equal(S1,S2))
bne .Ladd_proceed

2
crypto/external/bsd/openssl/dist/crypto/ec/asm/ecp_nistz256-x86_64.pl vendored
View File

@ -72,7 +72,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$addx = ($1>=12);
}
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
$avx = ($ver>=3.0) + ($ver>=3.01);
$addx = ($ver>=3.03);

2
crypto/external/bsd/openssl/dist/crypto/ec/asm/x25519-x86_64.pl vendored
View File

@ -90,7 +90,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$addx = ($1>=12);
}
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
$addx = ($ver>=3.03);
}

3
crypto/external/bsd/openssl/dist/crypto/ec/ec_err.c vendored
View File

@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -341,6 +341,7 @@ static const ERR_STRING_DATA EC_str_reasons[] = {
{ERR_PACK(ERR_LIB_EC, 0, EC_R_LADDER_POST_FAILURE), "ladder post failure"},
{ERR_PACK(ERR_LIB_EC, 0, EC_R_LADDER_PRE_FAILURE), "ladder pre failure"},
{ERR_PACK(ERR_LIB_EC, 0, EC_R_LADDER_STEP_FAILURE), "ladder step failure"},
{ERR_PACK(ERR_LIB_EC, 0, EC_R_MISSING_OID), "missing OID"},
{ERR_PACK(ERR_LIB_EC, 0, EC_R_MISSING_PARAMETERS), "missing parameters"},
{ERR_PACK(ERR_LIB_EC, 0, EC_R_MISSING_PRIVATE_KEY), "missing private key"},
{ERR_PACK(ERR_LIB_EC, 0, EC_R_NEED_NEW_SETUP_VALUES),

4
crypto/external/bsd/openssl/dist/crypto/ec/ec_local.h vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the OpenSSL license (the "License"). You may not use
@ -209,6 +209,8 @@ struct ec_group_st {
BIGNUM *order, *cofactor;
int curve_name; /* optional NID for named curve */
int asn1_flag; /* flag to control the asn1 encoding */
int decoded_from_explicit_params; /* set if decoded from explicit
* curve parameters encoding */
point_conversion_form_t asn1_form;
unsigned char *seed; /* optional seed for parameters (appears in
* ASN1) */

9
crypto/external/bsd/openssl/dist/crypto/ec/ecp_nistp224.c vendored
View File

@ -72,6 +72,7 @@ typedef uint64_t u64;
*/
typedef uint64_t limb;
typedef uint64_t limb_aX __attribute((__aligned__(1)));
typedef uint128_t widelimb;
typedef limb felem[4];
@ -307,10 +308,10 @@ const EC_METHOD *EC_GFp_nistp224_method(void)
*/
static void bin28_to_felem(felem out, const u8 in[28])
{
out[0] = *((const uint64_t *)(in)) & 0x00ffffffffffffff;
out[1] = (*((const uint64_t *)(in + 7))) & 0x00ffffffffffffff;
out[2] = (*((const uint64_t *)(in + 14))) & 0x00ffffffffffffff;
out[3] = (*((const uint64_t *)(in+20))) >> 8;
out[0] = *((const limb *)(in)) & 0x00ffffffffffffff;
out[1] = (*((const limb_aX *)(in + 7))) & 0x00ffffffffffffff;
out[2] = (*((const limb_aX *)(in + 14))) & 0x00ffffffffffffff;
out[3] = (*((const limb_aX *)(in + 20))) >> 8;
}
static void felem_to_bin28(u8 out[28], const felem in)

33
crypto/external/bsd/openssl/dist/crypto/ec/ecp_nistp521.c vendored
View File

@ -128,6 +128,7 @@ static const felem_bytearray nistp521_curve_params[5] = {
# define NLIMBS 9
typedef uint64_t limb;
typedef limb limb_aX __attribute((__aligned__(1)));
typedef limb felem[NLIMBS];
typedef uint128_t largefelem[NLIMBS];
@ -141,14 +142,14 @@ static const limb bottom58bits = 0x3ffffffffffffff;
static void bin66_to_felem(felem out, const u8 in[66])
{
out[0] = (*((limb *) & in[0])) & bottom58bits;
out[1] = (*((limb *) & in[7]) >> 2) & bottom58bits;
out[2] = (*((limb *) & in[14]) >> 4) & bottom58bits;
out[3] = (*((limb *) & in[21]) >> 6) & bottom58bits;
out[4] = (*((limb *) & in[29])) & bottom58bits;
out[5] = (*((limb *) & in[36]) >> 2) & bottom58bits;
out[6] = (*((limb *) & in[43]) >> 4) & bottom58bits;
out[7] = (*((limb *) & in[50]) >> 6) & bottom58bits;
out[8] = (*((limb *) & in[58])) & bottom57bits;
out[1] = (*((limb_aX *) & in[7]) >> 2) & bottom58bits;
out[2] = (*((limb_aX *) & in[14]) >> 4) & bottom58bits;
out[3] = (*((limb_aX *) & in[21]) >> 6) & bottom58bits;
out[4] = (*((limb_aX *) & in[29])) & bottom58bits;
out[5] = (*((limb_aX *) & in[36]) >> 2) & bottom58bits;
out[6] = (*((limb_aX *) & in[43]) >> 4) & bottom58bits;
out[7] = (*((limb_aX *) & in[50]) >> 6) & bottom58bits;
out[8] = (*((limb_aX *) & in[58])) & bottom57bits;
}
/*
@ -159,14 +160,14 @@ static void felem_to_bin66(u8 out[66], const felem in)
{
memset(out, 0, 66);
(*((limb *) & out[0])) = in[0];
(*((limb *) & out[7])) |= in[1] << 2;
(*((limb *) & out[14])) |= in[2] << 4;
(*((limb *) & out[21])) |= in[3] << 6;
(*((limb *) & out[29])) = in[4];
(*((limb *) & out[36])) |= in[5] << 2;
(*((limb *) & out[43])) |= in[6] << 4;
(*((limb *) & out[50])) |= in[7] << 6;
(*((limb *) & out[58])) = in[8];
(*((limb_aX *) & out[7])) |= in[1] << 2;
(*((limb_aX *) & out[14])) |= in[2] << 4;
(*((limb_aX *) & out[21])) |= in[3] << 6;
(*((limb_aX *) & out[29])) = in[4];
(*((limb_aX *) & out[36])) |= in[5] << 2;
(*((limb_aX *) & out[43])) |= in[6] << 4;
(*((limb_aX *) & out[50])) |= in[7] << 6;
(*((limb_aX *) & out[58])) = in[8];
}
/* BN_to_felem converts an OpenSSL BIGNUM into an felem */

302
crypto/external/bsd/openssl/dist/crypto/ec/ecp_nistz256.c vendored
View File

@ -929,207 +929,6 @@ __owur static int ecp_nistz256_mult_precompute(EC_GROUP *group, BN_CTX *ctx)
return ret;
}
/*
* Note that by default ECP_NISTZ256_AVX2 is undefined. While it's great
* code processing 4 points in parallel, corresponding serial operation
* is several times slower, because it uses 29x29=58-bit multiplication
* as opposite to 64x64=128-bit in integer-only scalar case. As result
* it doesn't provide *significant* performance improvement. Note that
* just defining ECP_NISTZ256_AVX2 is not sufficient to make it work,
* you'd need to compile even asm/ecp_nistz256-avx.pl module.
*/
#if defined(ECP_NISTZ256_AVX2)
# if !(defined(__x86_64) || defined(__x86_64__) || \
defined(_M_AMD64) || defined(_M_X64)) || \
!(defined(__GNUC__) || defined(_MSC_VER)) /* this is for ALIGN32 */
# undef ECP_NISTZ256_AVX2
# else
/* Constant time access, loading four values, from four consecutive tables */
void ecp_nistz256_avx2_multi_gather_w7(void *result, const void *in,
int index0, int index1, int index2,
int index3);
void ecp_nistz256_avx2_transpose_convert(void *RESULTx4, const void *in);
void ecp_nistz256_avx2_convert_transpose_back(void *result, const void *Ax4);
void ecp_nistz256_avx2_point_add_affine_x4(void *RESULTx4, const void *Ax4,
const void *Bx4);
void ecp_nistz256_avx2_point_add_affines_x4(void *RESULTx4, const void *Ax4,
const void *Bx4);
void ecp_nistz256_avx2_to_mont(void *RESULTx4, const void *Ax4);
void ecp_nistz256_avx2_from_mont(void *RESULTx4, const void *Ax4);
void ecp_nistz256_avx2_set1(void *RESULTx4);
int ecp_nistz_avx2_eligible(void);
static void booth_recode_w7(unsigned char *sign,
unsigned char *digit, unsigned char in)
{
unsigned char s, d;
s = ~((in >> 7) - 1);
d = (1 << 8) - in - 1;
d = (d & s) | (in & ~s);
d = (d >> 1) + (d & 1);
*sign = s & 1;
*digit = d;
}
/*
* ecp_nistz256_avx2_mul_g performs multiplication by G, using only the
* precomputed table. It does 4 affine point additions in parallel,
* significantly speeding up point multiplication for a fixed value.
*/
static void ecp_nistz256_avx2_mul_g(P256_POINT *r,
unsigned char p_str[33],
const P256_POINT_AFFINE(*preComputedTable)[64])
{
const unsigned int window_size = 7;
const unsigned int mask = (1 << (window_size + 1)) - 1;
unsigned int wvalue;
/* Using 4 windows at a time */
unsigned char sign0, digit0;
unsigned char sign1, digit1;
unsigned char sign2, digit2;
unsigned char sign3, digit3;
unsigned int idx = 0;
BN_ULONG tmp[P256_LIMBS];
int i;
ALIGN32 BN_ULONG aX4[4 * 9 * 3] = { 0 };
ALIGN32 BN_ULONG bX4[4 * 9 * 2] = { 0 };
ALIGN32 P256_POINT_AFFINE point_arr[4];
ALIGN32 P256_POINT res_point_arr[4];
/* Initial four windows */
wvalue = *((u16 *) & p_str[0]);
wvalue = (wvalue << 1) & mask;
idx += window_size;
booth_recode_w7(&sign0, &digit0, wvalue);
wvalue = *((u16 *) & p_str[(idx - 1) / 8]);
wvalue = (wvalue >> ((idx - 1) % 8)) & mask;
idx += window_size;
booth_recode_w7(&sign1, &digit1, wvalue);
wvalue = *((u16 *) & p_str[(idx - 1) / 8]);
wvalue = (wvalue >> ((idx - 1) % 8)) & mask;
idx += window_size;
booth_recode_w7(&sign2, &digit2, wvalue);
wvalue = *((u16 *) & p_str[(idx - 1) / 8]);
wvalue = (wvalue >> ((idx - 1) % 8)) & mask;
idx += window_size;
booth_recode_w7(&sign3, &digit3, wvalue);
ecp_nistz256_avx2_multi_gather_w7(point_arr, preComputedTable[0],
digit0, digit1, digit2, digit3);
ecp_nistz256_neg(tmp, point_arr[0].Y);
copy_conditional(point_arr[0].Y, tmp, sign0);
ecp_nistz256_neg(tmp, point_arr[1].Y);
copy_conditional(point_arr[1].Y, tmp, sign1);
ecp_nistz256_neg(tmp, point_arr[2].Y);
copy_conditional(point_arr[2].Y, tmp, sign2);
ecp_nistz256_neg(tmp, point_arr[3].Y);
copy_conditional(point_arr[3].Y, tmp, sign3);
ecp_nistz256_avx2_transpose_convert(aX4, point_arr);
ecp_nistz256_avx2_to_mont(aX4, aX4);
ecp_nistz256_avx2_to_mont(&aX4[4 * 9], &aX4[4 * 9]);
ecp_nistz256_avx2_set1(&aX4[4 * 9 * 2]);
wvalue = *((u16 *) & p_str[(idx - 1) / 8]);
wvalue = (wvalue >> ((idx - 1) % 8)) & mask;
idx += window_size;
booth_recode_w7(&sign0, &digit0, wvalue);
wvalue = *((u16 *) & p_str[(idx - 1) / 8]);
wvalue = (wvalue >> ((idx - 1) % 8)) & mask;
idx += window_size;
booth_recode_w7(&sign1, &digit1, wvalue);
wvalue = *((u16 *) & p_str[(idx - 1) / 8]);
wvalue = (wvalue >> ((idx - 1) % 8)) & mask;
idx += window_size;
booth_recode_w7(&sign2, &digit2, wvalue);
wvalue = *((u16 *) & p_str[(idx - 1) / 8]);
wvalue = (wvalue >> ((idx - 1) % 8)) & mask;
idx += window_size;
booth_recode_w7(&sign3, &digit3, wvalue);
ecp_nistz256_avx2_multi_gather_w7(point_arr, preComputedTable[4 * 1],
digit0, digit1, digit2, digit3);
ecp_nistz256_neg(tmp, point_arr[0].Y);
copy_conditional(point_arr[0].Y, tmp, sign0);
ecp_nistz256_neg(tmp, point_arr[1].Y);
copy_conditional(point_arr[1].Y, tmp, sign1);
ecp_nistz256_neg(tmp, point_arr[2].Y);
copy_conditional(point_arr[2].Y, tmp, sign2);
ecp_nistz256_neg(tmp, point_arr[3].Y);
copy_conditional(point_arr[3].Y, tmp, sign3);
ecp_nistz256_avx2_transpose_convert(bX4, point_arr);
ecp_nistz256_avx2_to_mont(bX4, bX4);
ecp_nistz256_avx2_to_mont(&bX4[4 * 9], &bX4[4 * 9]);
/* Optimized when both inputs are affine */
ecp_nistz256_avx2_point_add_affines_x4(aX4, aX4, bX4);
for (i = 2; i < 9; i++) {
wvalue = *((u16 *) & p_str[(idx - 1) / 8]);
wvalue = (wvalue >> ((idx - 1) % 8)) & mask;
idx += window_size;
booth_recode_w7(&sign0, &digit0, wvalue);
wvalue = *((u16 *) & p_str[(idx - 1) / 8]);
wvalue = (wvalue >> ((idx - 1) % 8)) & mask;
idx += window_size;
booth_recode_w7(&sign1, &digit1, wvalue);
wvalue = *((u16 *) & p_str[(idx - 1) / 8]);
wvalue = (wvalue >> ((idx - 1) % 8)) & mask;
idx += window_size;
booth_recode_w7(&sign2, &digit2, wvalue);
wvalue = *((u16 *) & p_str[(idx - 1) / 8]);
wvalue = (wvalue >> ((idx - 1) % 8)) & mask;
idx += window_size;
booth_recode_w7(&sign3, &digit3, wvalue);
ecp_nistz256_avx2_multi_gather_w7(point_arr,
preComputedTable[4 * i],
digit0, digit1, digit2, digit3);
ecp_nistz256_neg(tmp, point_arr[0].Y);
copy_conditional(point_arr[0].Y, tmp, sign0);
ecp_nistz256_neg(tmp, point_arr[1].Y);
copy_conditional(point_arr[1].Y, tmp, sign1);
ecp_nistz256_neg(tmp, point_arr[2].Y);
copy_conditional(point_arr[2].Y, tmp, sign2);
ecp_nistz256_neg(tmp, point_arr[3].Y);
copy_conditional(point_arr[3].Y, tmp, sign3);
ecp_nistz256_avx2_transpose_convert(bX4, point_arr);
ecp_nistz256_avx2_to_mont(bX4, bX4);
ecp_nistz256_avx2_to_mont(&bX4[4 * 9], &bX4[4 * 9]);
ecp_nistz256_avx2_point_add_affine_x4(aX4, aX4, bX4);
}
ecp_nistz256_avx2_from_mont(&aX4[4 * 9 * 0], &aX4[4 * 9 * 0]);
ecp_nistz256_avx2_from_mont(&aX4[4 * 9 * 1], &aX4[4 * 9 * 1]);
ecp_nistz256_avx2_from_mont(&aX4[4 * 9 * 2], &aX4[4 * 9 * 2]);
ecp_nistz256_avx2_convert_transpose_back(res_point_arr, aX4);
/* Last window is performed serially */
wvalue = *((u16 *) & p_str[(idx - 1) / 8]);
wvalue = (wvalue >> ((idx - 1) % 8)) & mask;
booth_recode_w7(&sign0, &digit0, wvalue);
ecp_nistz256_gather_w7((P256_POINT_AFFINE *)r,
preComputedTable[36], digit0);
ecp_nistz256_neg(tmp, r->Y);
copy_conditional(r->Y, tmp, sign0);
memcpy(r->Z, ONE, sizeof(ONE));
/* Sum the four windows */
ecp_nistz256_point_add(r, r, &res_point_arr[0]);
ecp_nistz256_point_add(r, r, &res_point_arr[1]);
ecp_nistz256_point_add(r, r, &res_point_arr[2]);
ecp_nistz256_point_add(r, r, &res_point_arr[3]);
}
# endif
#endif
__owur static int ecp_nistz256_set_from_affine(EC_POINT *out, const EC_GROUP *group,
const P256_POINT_AFFINE *in,
BN_CTX *ctx)
@ -1219,6 +1018,8 @@ __owur static int ecp_nistz256_points_mul(const EC_GROUP *group,
}
if (preComputedTable) {
BN_ULONG infty;
if ((BN_num_bits(scalar) > 256)
|| BN_is_negative(scalar)) {
if ((tmp_scalar = BN_CTX_get(ctx)) == NULL)
@ -1250,67 +1051,58 @@ __owur static int ecp_nistz256_points_mul(const EC_GROUP *group,
for (; i < 33; i++)
p_str[i] = 0;
#if defined(ECP_NISTZ256_AVX2)
if (ecp_nistz_avx2_eligible()) {
ecp_nistz256_avx2_mul_g(&p.p, p_str, preComputedTable);
} else
#endif
{
BN_ULONG infty;
/* First window */
wvalue = (p_str[0] << 1) & mask;
idx += window_size;
/* First window */
wvalue = (p_str[0] << 1) & mask;
wvalue = _booth_recode_w7(wvalue);
ecp_nistz256_gather_w7(&p.a, preComputedTable[0],
wvalue >> 1);
ecp_nistz256_neg(p.p.Z, p.p.Y);
copy_conditional(p.p.Y, p.p.Z, wvalue & 1);
/*
* Since affine infinity is encoded as (0,0) and
* Jacobian is (,,0), we need to harmonize them
* by assigning "one" or zero to Z.
*/
infty = (p.p.X[0] | p.p.X[1] | p.p.X[2] | p.p.X[3] |
p.p.Y[0] | p.p.Y[1] | p.p.Y[2] | p.p.Y[3]);
if (P256_LIMBS == 8)
infty |= (p.p.X[4] | p.p.X[5] | p.p.X[6] | p.p.X[7] |
p.p.Y[4] | p.p.Y[5] | p.p.Y[6] | p.p.Y[7]);
infty = 0 - is_zero(infty);
infty = ~infty;
p.p.Z[0] = ONE[0] & infty;
p.p.Z[1] = ONE[1] & infty;
p.p.Z[2] = ONE[2] & infty;
p.p.Z[3] = ONE[3] & infty;
if (P256_LIMBS == 8) {
p.p.Z[4] = ONE[4] & infty;
p.p.Z[5] = ONE[5] & infty;
p.p.Z[6] = ONE[6] & infty;
p.p.Z[7] = ONE[7] & infty;
}
for (i = 1; i < 37; i++) {
unsigned int off = (idx - 1) / 8;
wvalue = p_str[off] | p_str[off + 1] << 8;
wvalue = (wvalue >> ((idx - 1) % 8)) & mask;
idx += window_size;
wvalue = _booth_recode_w7(wvalue);
ecp_nistz256_gather_w7(&p.a, preComputedTable[0],
wvalue >> 1);
ecp_nistz256_gather_w7(&t.a,
preComputedTable[i], wvalue >> 1);
ecp_nistz256_neg(p.p.Z, p.p.Y);
copy_conditional(p.p.Y, p.p.Z, wvalue & 1);
ecp_nistz256_neg(t.p.Z, t.a.Y);
copy_conditional(t.a.Y, t.p.Z, wvalue & 1);
/*
* Since affine infinity is encoded as (0,0) and
* Jacobian ias (,,0), we need to harmonize them
* by assigning "one" or zero to Z.
*/
infty = (p.p.X[0] | p.p.X[1] | p.p.X[2] | p.p.X[3] |
p.p.Y[0] | p.p.Y[1] | p.p.Y[2] | p.p.Y[3]);
if (P256_LIMBS == 8)
infty |= (p.p.X[4] | p.p.X[5] | p.p.X[6] | p.p.X[7] |
p.p.Y[4] | p.p.Y[5] | p.p.Y[6] | p.p.Y[7]);
infty = 0 - is_zero(infty);
infty = ~infty;
p.p.Z[0] = ONE[0] & infty;
p.p.Z[1] = ONE[1] & infty;
p.p.Z[2] = ONE[2] & infty;
p.p.Z[3] = ONE[3] & infty;
if (P256_LIMBS == 8) {
p.p.Z[4] = ONE[4] & infty;
p.p.Z[5] = ONE[5] & infty;
p.p.Z[6] = ONE[6] & infty;
p.p.Z[7] = ONE[7] & infty;
}
for (i = 1; i < 37; i++) {
unsigned int off = (idx - 1) / 8;
wvalue = p_str[off] | p_str[off + 1] << 8;
wvalue = (wvalue >> ((idx - 1) % 8)) & mask;
idx += window_size;
wvalue = _booth_recode_w7(wvalue);
ecp_nistz256_gather_w7(&t.a,
preComputedTable[i], wvalue >> 1);
ecp_nistz256_neg(t.p.Z, t.a.Y);
copy_conditional(t.a.Y, t.p.Z, wvalue & 1);
ecp_nistz256_point_add_affine(&p.p, &p.p, &t.a);
}
ecp_nistz256_point_add_affine(&p.p, &p.p, &t.a);
}
} else {
p_is_infinity = 1;

7
crypto/external/bsd/openssl/dist/crypto/err/openssl.txt vendored
View File

@ -36,6 +36,7 @@ ASN1_F_ASN1_ITEM_D2I_FP:206:ASN1_item_d2i_fp
ASN1_F_ASN1_ITEM_DUP:191:ASN1_item_dup
ASN1_F_ASN1_ITEM_EMBED_D2I:120:asn1_item_embed_d2i
ASN1_F_ASN1_ITEM_EMBED_NEW:121:asn1_item_embed_new
ASN1_F_ASN1_ITEM_EX_I2D:144:ASN1_item_ex_i2d
ASN1_F_ASN1_ITEM_FLAGS_I2D:118:asn1_item_flags_i2d
ASN1_F_ASN1_ITEM_I2D_BIO:192:ASN1_item_i2d_bio
ASN1_F_ASN1_ITEM_I2D_FP:193:ASN1_item_i2d_fp
@ -934,6 +935,8 @@ PEM_F_PEM_READ_PRIVATEKEY:124:PEM_read_PrivateKey
PEM_F_PEM_SIGNFINAL:112:PEM_SignFinal
PEM_F_PEM_WRITE:113:PEM_write
PEM_F_PEM_WRITE_BIO:114:PEM_write_bio
PEM_F_PEM_WRITE_BIO_PRIVATEKEY_TRADITIONAL:147:\
PEM_write_bio_PrivateKey_traditional
PEM_F_PEM_WRITE_PRIVATEKEY:139:PEM_write_PrivateKey
PEM_F_PEM_X509_INFO_READ:115:PEM_X509_INFO_read
PEM_F_PEM_X509_INFO_READ_BIO:116:PEM_X509_INFO_read_bio
@ -1742,6 +1745,7 @@ X509_F_X509_NAME_PRINT:117:X509_NAME_print
X509_F_X509_OBJECT_NEW:150:X509_OBJECT_new
X509_F_X509_PRINT_EX_FP:118:X509_print_ex_fp
X509_F_X509_PUBKEY_DECODE:148:x509_pubkey_decode
X509_F_X509_PUBKEY_GET:161:X509_PUBKEY_get
X509_F_X509_PUBKEY_GET0:119:X509_PUBKEY_get0
X509_F_X509_PUBKEY_SET:120:X509_PUBKEY_set
X509_F_X509_REQ_CHECK_PRIVATE_KEY:144:X509_REQ_check_private_key
@ -1768,6 +1772,7 @@ ASN1_R_ASN1_PARSE_ERROR:203:asn1 parse error
ASN1_R_ASN1_SIG_PARSE_ERROR:204:asn1 sig parse error
ASN1_R_AUX_ERROR:100:aux error
ASN1_R_BAD_OBJECT_HEADER:102:bad object header
ASN1_R_BAD_TEMPLATE:230:bad template
ASN1_R_BMPSTRING_IS_WRONG_LENGTH:214:bmpstring is wrong length
ASN1_R_BN_LIB:105:bn lib
ASN1_R_BOOLEAN_IS_WRONG_LENGTH:106:boolean is wrong length
@ -2164,6 +2169,7 @@ EC_R_KEYS_NOT_SET:140:keys not set
EC_R_LADDER_POST_FAILURE:136:ladder post failure
EC_R_LADDER_PRE_FAILURE:153:ladder pre failure
EC_R_LADDER_STEP_FAILURE:162:ladder step failure
EC_R_MISSING_OID:167:missing OID
EC_R_MISSING_PARAMETERS:124:missing parameters
EC_R_MISSING_PRIVATE_KEY:125:missing private key
EC_R_NEED_NEW_SETUP_VALUES:157:need new setup values
@ -2398,6 +2404,7 @@ PEM_R_UNEXPECTED_DEK_IV:130:unexpected dek iv
PEM_R_UNSUPPORTED_CIPHER:113:unsupported cipher
PEM_R_UNSUPPORTED_ENCRYPTION:114:unsupported encryption
PEM_R_UNSUPPORTED_KEY_COMPONENTS:126:unsupported key components
PEM_R_UNSUPPORTED_PUBLIC_KEY_TYPE:110:unsupported public key type
PKCS12_R_CANT_PACK_STRUCTURE:100:cant pack structure
PKCS12_R_CONTENT_TYPE_NOT_DATA:121:content type not data
PKCS12_R_DECODE_ERROR:101:decode error

4
crypto/external/bsd/openssl/dist/crypto/evp/bio_ok.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -203,7 +203,7 @@ static int ok_read(BIO *b, char *out, int outl)
/*
* copy start of the next block into proper place
*/
if (ctx->buf_len_save - ctx->buf_off_save > 0) {
if (ctx->buf_len_save > ctx->buf_off_save) {
ctx->buf_len = ctx->buf_len_save - ctx->buf_off_save;
memmove(ctx->buf, &(ctx->buf[ctx->buf_off_save]),
ctx->buf_len);

4
crypto/external/bsd/openssl/dist/crypto/evp/encode.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -423,7 +423,7 @@ static int evp_decodeblock_int(EVP_ENCODE_CTX *ctx, unsigned char *t,
table = data_ascii2bin;
/* trim white space from the start of the line. */
while ((conv_ascii2bin(*f, table) == B64_WS) && (n > 0)) {
while ((n > 0) && (conv_ascii2bin(*f, table) == B64_WS)) {
f++;
n--;
}

4
crypto/external/bsd/openssl/dist/crypto/mem_sec.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2004-2014, Akamai Technologies. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
@ -502,7 +502,7 @@ static void sh_done(void)
OPENSSL_free(sh.freelist);
OPENSSL_free(sh.bittable);
OPENSSL_free(sh.bitmalloc);
if (sh.map_result != NULL && sh.map_size)
if (sh.map_result != MAP_FAILED && sh.map_size)
munmap(sh.map_result, sh.map_size);
memset(&sh, 0, sizeof(sh));
}

2
crypto/external/bsd/openssl/dist/crypto/modes/asm/aesni-gcm-x86_64.pl vendored
View File

@ -66,7 +66,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$avx = ($1>=10) + ($1>=11);
}
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
$avx = ($2>=3.0) + ($2>3.0);
}

2
crypto/external/bsd/openssl/dist/crypto/modes/asm/ghash-x86_64.pl vendored
View File

@ -116,7 +116,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$avx = ($1>=10) + ($1>=11);
}
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
$avx = ($2>=3.0) + ($2>3.0);
}

21
crypto/external/bsd/openssl/dist/crypto/modes/cbc128.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -15,6 +15,12 @@
# define STRICT_ALIGNMENT 0
#endif
#if defined(__GNUC__) && !STRICT_ALIGNMENT
typedef size_t size_t_aX __attribute((__aligned__(1)));
#else
typedef size_t size_t_aX;
#endif
void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], block128_f block)
@ -40,8 +46,8 @@ void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
} else {
while (len >= 16) {
for (n = 0; n < 16; n += sizeof(size_t))
*(size_t *)(out + n) =
*(size_t *)(in + n) ^ *(size_t *)(iv + n);
*(size_t_aX *)(out + n) =
*(size_t_aX *)(in + n) ^ *(size_t_aX *)(iv + n);
(*block) (out, out, key);
iv = out;
len -= 16;
@ -96,7 +102,8 @@ void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
}
} else if (16 % sizeof(size_t) == 0) { /* always true */
while (len >= 16) {
size_t *out_t = (size_t *)out, *iv_t = (size_t *)iv;
size_t_aX *out_t = (size_t_aX *)out;
size_t_aX *iv_t = (size_t_aX *)iv;
(*block) (in, out, key);
for (n = 0; n < 16 / sizeof(size_t); n++)
@ -125,8 +132,10 @@ void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
}
} else if (16 % sizeof(size_t) == 0) { /* always true */
while (len >= 16) {
size_t c, *out_t = (size_t *)out, *ivec_t = (size_t *)ivec;
const size_t *in_t = (const size_t *)in;
size_t c;
size_t_aX *out_t = (size_t_aX *)out;
size_t_aX *ivec_t = (size_t_aX *)ivec;
const size_t_aX *in_t = (const size_t_aX *)in;
(*block) (in, tmp.c, key);
for (n = 0; n < 16 / sizeof(size_t); n++) {

24
crypto/external/bsd/openssl/dist/crypto/modes/ccm128.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2011-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2011-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -11,6 +11,14 @@
#include "modes_local.h"
#include <string.h>
#ifndef STRICT_ALIGNMENT
# ifdef __GNUC__
typedef u64 u64_a1 __attribute((__aligned__(1)));
# else
typedef u64 u64_a1;
# endif
#endif
/*
* First you setup M and L parameters and pass the key schedule. This is
* called once per session setup...
@ -170,8 +178,8 @@ int CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx,
ctx->cmac.u[0] ^= temp.u[0];
ctx->cmac.u[1] ^= temp.u[1];
#else
ctx->cmac.u[0] ^= ((u64 *)inp)[0];
ctx->cmac.u[1] ^= ((u64 *)inp)[1];
ctx->cmac.u[0] ^= ((u64_a1 *)inp)[0];
ctx->cmac.u[1] ^= ((u64_a1 *)inp)[1];
#endif
(*block) (ctx->cmac.c, ctx->cmac.c, key);
(*block) (ctx->nonce.c, scratch.c, key);
@ -181,8 +189,8 @@ int CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx,
temp.u[1] ^= scratch.u[1];
memcpy(out, temp.c, 16);
#else
((u64 *)out)[0] = scratch.u[0] ^ ((u64 *)inp)[0];
((u64 *)out)[1] = scratch.u[1] ^ ((u64 *)inp)[1];
((u64_a1 *)out)[0] = scratch.u[0] ^ ((u64_a1 *)inp)[0];
((u64_a1 *)out)[1] = scratch.u[1] ^ ((u64_a1 *)inp)[1];
#endif
inp += 16;
out += 16;
@ -254,8 +262,10 @@ int CRYPTO_ccm128_decrypt(CCM128_CONTEXT *ctx,
ctx->cmac.u[1] ^= (scratch.u[1] ^= temp.u[1]);
memcpy(out, scratch.c, 16);
#else
ctx->cmac.u[0] ^= (((u64 *)out)[0] = scratch.u[0] ^ ((u64 *)inp)[0]);
ctx->cmac.u[1] ^= (((u64 *)out)[1] = scratch.u[1] ^ ((u64 *)inp)[1]);
ctx->cmac.u[0] ^= (((u64_a1 *)out)[0]
= scratch.u[0] ^ ((u64_a1 *)inp)[0]);
ctx->cmac.u[1] ^= (((u64_a1 *)out)[1]
= scratch.u[1] ^ ((u64_a1 *)inp)[1]);
#endif
(*block) (ctx->cmac.c, ctx->cmac.c, key);

20
crypto/external/bsd/openssl/dist/crypto/modes/cfb128.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -11,6 +11,12 @@
#include "modes_local.h"
#include <string.h>
#if defined(__GNUC__) && !defined(STRICT_ALIGNMENT)
typedef size_t size_t_aX __attribute((__aligned__(1)));
#else
typedef size_t size_t_aX;
#endif
/*
* The input and output encrypted as though 128bit cfb mode is being used.
* The extra state information to record how much of the 128bit block we have
@ -43,8 +49,9 @@ void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
while (len >= 16) {
(*block) (ivec, ivec, key);
for (; n < 16; n += sizeof(size_t)) {
*(size_t *)(out + n) =
*(size_t *)(ivec + n) ^= *(size_t *)(in + n);
*(size_t_aX *)(out + n) =
*(size_t_aX *)(ivec + n)
^= *(size_t_aX *)(in + n);
}
len -= 16;
out += 16;
@ -92,9 +99,10 @@ void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
while (len >= 16) {
(*block) (ivec, ivec, key);
for (; n < 16; n += sizeof(size_t)) {
size_t t = *(size_t *)(in + n);
*(size_t *)(out + n) = *(size_t *)(ivec + n) ^ t;
*(size_t *)(ivec + n) = t;
size_t t = *(size_t_aX *)(in + n);
*(size_t_aX *)(out + n)
= *(size_t_aX *)(ivec + n) ^ t;
*(size_t_aX *)(ivec + n) = t;
}
len -= 16;
out += 16;

13
crypto/external/bsd/openssl/dist/crypto/modes/ctr128.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -11,6 +11,12 @@
#include "modes_local.h"
#include <string.h>
#if defined(__GNUC__) && !defined(STRICT_ALIGNMENT)
typedef size_t size_t_aX __attribute((__aligned__(1)));
#else
typedef size_t size_t_aX;
#endif
/*
* NOTE: the IV/counter CTR mode is big-endian. The code itself is
* endian-neutral.
@ -97,8 +103,9 @@ void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
(*block) (ivec, ecount_buf, key);
ctr128_inc_aligned(ivec);
for (n = 0; n < 16; n += sizeof(size_t))
*(size_t *)(out + n) =
*(size_t *)(in + n) ^ *(size_t *)(ecount_buf + n);
*(size_t_aX *)(out + n) =
*(size_t_aX *)(in + n)
^ *(size_t_aX *)(ecount_buf + n);
len -= 16;
out += 16;
in += 16;

21
crypto/external/bsd/openssl/dist/crypto/modes/modes_local.h vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2010-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2010-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -37,6 +37,14 @@ typedef unsigned char u8;
# endif
#endif
#ifndef STRICT_ALIGNMENT
# ifdef __GNUC__
typedef u32 u32_a1 __attribute((__aligned__(1)));
# else
typedef u32 u32_a1;
# endif
#endif
#if !defined(PEDANTIC) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
# if defined(__GNUC__) && __GNUC__>=2
# if defined(__x86_64) || defined(__x86_64__)
@ -55,12 +63,15 @@ typedef unsigned char u8;
asm ("bswapl %0" \
: "+r"(ret_)); ret_; })
# elif defined(__aarch64__)
# define BSWAP8(x) ({ u64 ret_; \
# if defined(__BYTE_ORDER__) && defined(__ORDER_LITTLE_ENDIAN__) && \
__BYTE_ORDER__==__ORDER_LITTLE_ENDIAN__
# define BSWAP8(x) ({ u64 ret_; \
asm ("rev %0,%1" \
: "=r"(ret_) : "r"(x)); ret_; })
# define BSWAP4(x) ({ u32 ret_; \
# define BSWAP4(x) ({ u32 ret_; \
asm ("rev %w0,%w1" \
: "=r"(ret_) : "r"(x)); ret_; })
# endif
# elif (defined(__arm__) || defined(__arm)) && !defined(STRICT_ALIGNMENT)
# define BSWAP8(x) ({ u32 lo_=(u64)(x)>>32,hi_=(x); \
asm ("rev %0,%0; rev %1,%1" \
@ -86,8 +97,8 @@ _asm mov eax, val _asm bswap eax}
# endif
#endif
#if defined(BSWAP4) && !defined(STRICT_ALIGNMENT)
# define GETU32(p) BSWAP4(*(const u32 *)(p))
# define PUTU32(p,v) *(u32 *)(p) = BSWAP4(v)
# define GETU32(p) BSWAP4(*(const u32_a1 *)(p))
# define PUTU32(p,v) *(u32_a1 *)(p) = BSWAP4(v)
#else
# define GETU32(p) ((u32)(p)[0]<<24|(u32)(p)[1]<<16|(u32)(p)[2]<<8|(u32)(p)[3])
# define PUTU32(p,v) ((p)[0]=(u8)((v)>>24),(p)[1]=(u8)((v)>>16),(p)[2]=(u8)((v)>>8),(p)[3]=(u8)(v))

13
crypto/external/bsd/openssl/dist/crypto/modes/ofb128.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -11,6 +11,12 @@
#include "modes_local.h"
#include <string.h>
#if defined(__GNUC__) && !defined(STRICT_ALIGNMENT)
typedef size_t size_t_aX __attribute((__aligned__(1)));
#else
typedef size_t size_t_aX;
#endif
/*
* The input and output encrypted as though 128bit ofb mode is being used.
* The extra state information to record how much of the 128bit block we have
@ -41,8 +47,9 @@ void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
while (len >= 16) {
(*block) (ivec, ivec, key);
for (; n < 16; n += sizeof(size_t))
*(size_t *)(out + n) =
*(size_t *)(in + n) ^ *(size_t *)(ivec + n);
*(size_t_aX *)(out + n) =
*(size_t_aX *)(in + n)
^ *(size_t_aX *)(ivec + n);
len -= 16;
out += 16;
in += 16;

26
crypto/external/bsd/openssl/dist/crypto/modes/xts128.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2011-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -11,6 +11,14 @@
#include "modes_local.h"
#include <string.h>
#ifndef STRICT_ALIGNMENT
# ifdef __GNUC__
typedef u64 u64_a1 __attribute((__aligned__(1)));
# else
typedef u64 u64_a1;
# endif
#endif
int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx,
const unsigned char iv[16],
const unsigned char *inp, unsigned char *out,
@ -45,8 +53,8 @@ int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx,
scratch.u[0] ^= tweak.u[0];
scratch.u[1] ^= tweak.u[1];
#else
scratch.u[0] = ((u64 *)inp)[0] ^ tweak.u[0];
scratch.u[1] = ((u64 *)inp)[1] ^ tweak.u[1];
scratch.u[0] = ((u64_a1 *)inp)[0] ^ tweak.u[0];
scratch.u[1] = ((u64_a1 *)inp)[1] ^ tweak.u[1];
#endif
(*ctx->block1) (scratch.c, scratch.c, ctx->key1);
#if defined(STRICT_ALIGNMENT)
@ -54,8 +62,8 @@ int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx,
scratch.u[1] ^= tweak.u[1];
memcpy(out, scratch.c, 16);
#else
((u64 *)out)[0] = scratch.u[0] ^= tweak.u[0];
((u64 *)out)[1] = scratch.u[1] ^= tweak.u[1];
((u64_a1 *)out)[0] = scratch.u[0] ^= tweak.u[0];
((u64_a1 *)out)[1] = scratch.u[1] ^= tweak.u[1];
#endif
inp += 16;
out += 16;
@ -128,8 +136,8 @@ int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx,
scratch.u[0] ^= tweak1.u[0];
scratch.u[1] ^= tweak1.u[1];
#else
scratch.u[0] = ((u64 *)inp)[0] ^ tweak1.u[0];
scratch.u[1] = ((u64 *)inp)[1] ^ tweak1.u[1];
scratch.u[0] = ((u64_a1 *)inp)[0] ^ tweak1.u[0];
scratch.u[1] = ((u64_a1 *)inp)[1] ^ tweak1.u[1];
#endif
(*ctx->block1) (scratch.c, scratch.c, ctx->key1);
scratch.u[0] ^= tweak1.u[0];
@ -148,8 +156,8 @@ int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx,
scratch.u[1] ^= tweak.u[1];
memcpy(out, scratch.c, 16);
#else
((u64 *)out)[0] = scratch.u[0] ^ tweak.u[0];
((u64 *)out)[1] = scratch.u[1] ^ tweak.u[1];
((u64_a1 *)out)[0] = scratch.u[0] ^ tweak.u[0];
((u64_a1 *)out)[1] = scratch.u[1] ^ tweak.u[1];
#endif
}

4
crypto/external/bsd/openssl/dist/crypto/o_str.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2003-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2003-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -220,7 +220,7 @@ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len)
int openssl_strerror_r(int errnum, char *buf, size_t buflen)
{
#if defined(_MSC_VER) && _MSC_VER>=1400
#if defined(_MSC_VER) && _MSC_VER>=1400 && !defined(_WIN32_WCE)
return !strerror_s(buf, buflen, errnum);
#elif defined(_GNU_SOURCE)
char *err;

4
crypto/external/bsd/openssl/dist/crypto/o_time.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -41,7 +41,7 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
if (gmtime_r(timer, result) == NULL)
return NULL;
ts = result;
#elif defined (OPENSSL_SYS_WINDOWS) && defined(_MSC_VER) && _MSC_VER >= 1400
#elif defined (OPENSSL_SYS_WINDOWS) && defined(_MSC_VER) && _MSC_VER >= 1400 && !defined(_WIN32_WCE)
if (gmtime_s(result, timer))
return NULL;
ts = result;

6
crypto/external/bsd/openssl/dist/crypto/pem/pem_err.c vendored
View File

@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -60,6 +60,8 @@ static const ERR_STRING_DATA PEM_str_functs[] = {
{ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_SIGNFINAL, 0), "PEM_SignFinal"},
{ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_WRITE, 0), "PEM_write"},
{ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_WRITE_BIO, 0), "PEM_write_bio"},
{ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_WRITE_BIO_PRIVATEKEY_TRADITIONAL, 0),
"PEM_write_bio_PrivateKey_traditional"},
{ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_WRITE_PRIVATEKEY, 0),
"PEM_write_PrivateKey"},
{ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_X509_INFO_READ, 0), "PEM_X509_INFO_read"},
@ -109,6 +111,8 @@ static const ERR_STRING_DATA PEM_str_reasons[] = {
"unsupported encryption"},
{ERR_PACK(ERR_LIB_PEM, 0, PEM_R_UNSUPPORTED_KEY_COMPONENTS),
"unsupported key components"},
{ERR_PACK(ERR_LIB_PEM, 0, PEM_R_UNSUPPORTED_PUBLIC_KEY_TYPE),
"unsupported public key type"},
{0, NULL}
};

34
crypto/external/bsd/openssl/dist/crypto/pem/pem_lib.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -332,7 +332,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
}
}
if ((dsize = i2d(x, NULL)) < 0) {
if ((dsize = i2d(x, NULL)) <= 0) {
PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, ERR_R_ASN1_LIB);
dsize = 0;
goto err;
@ -791,7 +791,7 @@ static int get_header_and_data(BIO *bp, BIO **header, BIO **data, char *name,
{
BIO *tmp = *header;
char *linebuf, *p;
int len, line, ret = 0, end = 0;
int len, line, ret = 0, end = 0, prev_partial_line_read = 0, partial_line_read = 0;
/* 0 if not seen (yet), 1 if reading header, 2 if finished header */
enum header_status got_header = MAYBE_HEADER;
unsigned int flags_mask;
@ -809,10 +809,18 @@ static int get_header_and_data(BIO *bp, BIO **header, BIO **data, char *name,
flags_mask = ~0u;
len = BIO_gets(bp, linebuf, LINESIZE);
if (len <= 0) {
PEMerr(PEM_F_GET_HEADER_AND_DATA, PEM_R_SHORT_HEADER);
PEMerr(PEM_F_GET_HEADER_AND_DATA, PEM_R_BAD_END_LINE);
goto err;
}
/*
* Check if line has been read completely or if only part of the line
* has been read. Keep the previous value to ignore newlines that
* appear due to reading a line up until the char before the newline.
*/
prev_partial_line_read = partial_line_read;
partial_line_read = len == LINESIZE-1 && linebuf[LINESIZE-2] != '\n';
if (got_header == MAYBE_HEADER) {
if (memchr(linebuf, ':', len) != NULL)
got_header = IN_HEADER;
@ -823,13 +831,19 @@ static int get_header_and_data(BIO *bp, BIO **header, BIO **data, char *name,
/* Check for end of header. */
if (linebuf[0] == '\n') {
if (got_header == POST_HEADER) {
/* Another blank line is an error. */
PEMerr(PEM_F_GET_HEADER_AND_DATA, PEM_R_BAD_END_LINE);
goto err;
/*
* If previous line has been read only partially this newline is a
* regular newline at the end of a line and not an empty line.
*/
if (!prev_partial_line_read) {
if (got_header == POST_HEADER) {
/* Another blank line is an error. */
PEMerr(PEM_F_GET_HEADER_AND_DATA, PEM_R_BAD_END_LINE);
goto err;
}
got_header = POST_HEADER;
tmp = *data;
}
got_header = POST_HEADER;
tmp = *data;
continue;
}

8
crypto/external/bsd/openssl/dist/crypto/pem/pem_pkey.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -108,6 +108,12 @@ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
pem_password_cb *cb, void *u)
{
char pem_str[80];
if (x->ameth == NULL || x->ameth->old_priv_encode == NULL) {
PEMerr(PEM_F_PEM_WRITE_BIO_PRIVATEKEY_TRADITIONAL,
PEM_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
return 0;
}
BIO_snprintf(pem_str, 80, "%s PRIVATE KEY", x->ameth->pem_str);
return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey,
pem_str, bp, x, enc, kstr, klen, cb, u);

12
crypto/external/bsd/openssl/dist/crypto/pem/pvkfmt.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2005-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2005-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -29,10 +29,10 @@ static unsigned int read_ledword(const unsigned char **in)
{
const unsigned char *p = *in;
unsigned int ret;
ret = *p++;
ret |= (*p++ << 8);
ret |= (*p++ << 16);
ret |= (*p++ << 24);
ret = (unsigned int)*p++;
ret |= (unsigned int)*p++ << 8;
ret |= (unsigned int)*p++ << 16;
ret |= (unsigned int)*p++ << 24;
*in = p;
return ret;
}
@ -875,9 +875,9 @@ int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
wrlen = BIO_write(out, tmp, outlen);
OPENSSL_free(tmp);
if (wrlen == outlen) {
PEMerr(PEM_F_I2B_PVK_BIO, PEM_R_BIO_WRITE_FAILURE);
return outlen;
}
PEMerr(PEM_F_I2B_PVK_BIO, PEM_R_BIO_WRITE_FAILURE);
return -1;
}

4
crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_smime.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -301,7 +301,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
char *ptr;
long len;
len = BIO_get_mem_data(indata, &ptr);
tmpin = BIO_new_mem_buf(ptr, len);
tmpin = (len == 0) ? indata : BIO_new_mem_buf(ptr, len);
if (tmpin == NULL) {
PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_MALLOC_FAILURE);
goto err;

12
crypto/external/bsd/openssl/dist/crypto/poly1305/asm/poly1305-armv8.pl vendored
View File

@ -57,10 +57,14 @@ $code.=<<___;
// forward "declarations" are required for Apple
.extern OPENSSL_armcap_P
.globl poly1305_blocks
.globl poly1305_emit
.hidden OPENSSL_armcap_P
.globl poly1305_init
.hidden poly1305_init
.globl poly1305_blocks
.hidden poly1305_blocks
.globl poly1305_emit
.hidden poly1305_emit
.type poly1305_init,%function
.align 5
poly1305_init:
@ -860,8 +864,8 @@ poly1305_blocks_neon:
st1 {$ACC4}[0],[$ctx]
.Lno_data_neon:
.inst 0xd50323bf // autiasp
ldr x29,[sp],#80
.inst 0xd50323bf // autiasp
ret
.size poly1305_blocks_neon,.-poly1305_blocks_neon

2
crypto/external/bsd/openssl/dist/crypto/poly1305/asm/poly1305-x86.pl vendored
View File

@ -71,7 +71,7 @@ if ($sse2) {
$avx = ($1>=2.09) + ($1>=2.10);
}
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/) {
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/) {
$avx = ($2>=3.0) + ($2>3.0);
}
}

2
crypto/external/bsd/openssl/dist/crypto/poly1305/asm/poly1305-x86_64.pl vendored
View File

@ -90,7 +90,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$avx = ($1>=10) + ($1>=12);
}
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
$avx = ($2>=3.0) + ($2>3.0);
}

200
crypto/external/bsd/openssl/dist/crypto/rand/drbg_ctr.c vendored
View File

@ -63,15 +63,15 @@ static void ctr_XOR(RAND_DRBG_CTR *ctr, const unsigned char *in, size_t inlen)
* Process a complete block using BCC algorithm of SP 800-90A 10.3.3
*/
__owur static int ctr_BCC_block(RAND_DRBG_CTR *ctr, unsigned char *out,
const unsigned char *in)
const unsigned char *in, int len)
{
int i, outlen = AES_BLOCK_SIZE;
for (i = 0; i < 16; i++)
for (i = 0; i < len; i++)
out[i] ^= in[i];
if (!EVP_CipherUpdate(ctr->ctx_df, out, &outlen, out, AES_BLOCK_SIZE)
|| outlen != AES_BLOCK_SIZE)
if (!EVP_CipherUpdate(ctr->ctx_df, out, &outlen, out, len)
|| outlen != len)
return 0;
return 1;
}
@ -82,12 +82,16 @@ __owur static int ctr_BCC_block(RAND_DRBG_CTR *ctr, unsigned char *out,
*/
__owur static int ctr_BCC_blocks(RAND_DRBG_CTR *ctr, const unsigned char *in)
{
if (!ctr_BCC_block(ctr, ctr->KX, in)
|| !ctr_BCC_block(ctr, ctr->KX + 16, in))
return 0;
if (ctr->keylen != 16 && !ctr_BCC_block(ctr, ctr->KX + 32, in))
return 0;
return 1;
unsigned char in_tmp[48];
unsigned char num_of_blk = 2;
memcpy(in_tmp, in, 16);
memcpy(in_tmp + 16, in, 16);
if (ctr->keylen != 16) {
memcpy(in_tmp + 32, in, 16);
num_of_blk = 3;
}
return ctr_BCC_block(ctr, ctr->KX, in_tmp, AES_BLOCK_SIZE * num_of_blk);
}
/*
@ -96,19 +100,14 @@ __owur static int ctr_BCC_blocks(RAND_DRBG_CTR *ctr, const unsigned char *in)
*/
__owur static int ctr_BCC_init(RAND_DRBG_CTR *ctr)
{
unsigned char bltmp[48] = {0};
unsigned char num_of_blk;
memset(ctr->KX, 0, 48);
memset(ctr->bltmp, 0, 16);
if (!ctr_BCC_block(ctr, ctr->KX, ctr->bltmp))
return 0;
ctr->bltmp[3] = 1;
if (!ctr_BCC_block(ctr, ctr->KX + 16, ctr->bltmp))
return 0;
if (ctr->keylen != 16) {
ctr->bltmp[3] = 2;
if (!ctr_BCC_block(ctr, ctr->KX + 32, ctr->bltmp))
return 0;
}
return 1;
num_of_blk = ctr->keylen == 16 ? 2 : 3;
bltmp[(AES_BLOCK_SIZE * 1) + 3] = 1;
bltmp[(AES_BLOCK_SIZE * 2) + 3] = 2;
return ctr_BCC_block(ctr, ctr->KX, bltmp, num_of_blk * AES_BLOCK_SIZE);
}
/*
@ -197,20 +196,20 @@ __owur static int ctr_df(RAND_DRBG_CTR *ctr,
|| !ctr_BCC_final(ctr))
return 0;
/* Set up key K */
if (!EVP_CipherInit_ex(ctr->ctx, ctr->cipher, NULL, ctr->KX, NULL, 1))
if (!EVP_CipherInit_ex(ctr->ctx_ecb, NULL, NULL, ctr->KX, NULL, -1))
return 0;
/* X follows key K */
if (!EVP_CipherUpdate(ctr->ctx, ctr->KX, &outlen, ctr->KX + ctr->keylen,
if (!EVP_CipherUpdate(ctr->ctx_ecb, ctr->KX, &outlen, ctr->KX + ctr->keylen,
AES_BLOCK_SIZE)
|| outlen != AES_BLOCK_SIZE)
return 0;
if (!EVP_CipherUpdate(ctr->ctx, ctr->KX + 16, &outlen, ctr->KX,
if (!EVP_CipherUpdate(ctr->ctx_ecb, ctr->KX + 16, &outlen, ctr->KX,
AES_BLOCK_SIZE)
|| outlen != AES_BLOCK_SIZE)
return 0;
if (ctr->keylen != 16)
if (!EVP_CipherUpdate(ctr->ctx, ctr->KX + 32, &outlen, ctr->KX + 16,
AES_BLOCK_SIZE)
if (!EVP_CipherUpdate(ctr->ctx_ecb, ctr->KX + 32, &outlen,
ctr->KX + 16, AES_BLOCK_SIZE)
|| outlen != AES_BLOCK_SIZE)
return 0;
return 1;
@ -229,31 +228,25 @@ __owur static int ctr_update(RAND_DRBG *drbg,
{
RAND_DRBG_CTR *ctr = &drbg->data.ctr;
int outlen = AES_BLOCK_SIZE;
unsigned char V_tmp[48], out[48];
unsigned char len;
/* correct key is already set up. */
memcpy(V_tmp, ctr->V, 16);
inc_128(ctr);
if (!EVP_CipherUpdate(ctr->ctx, ctr->K, &outlen, ctr->V, AES_BLOCK_SIZE)
|| outlen != AES_BLOCK_SIZE)
return 0;
/* If keylen longer than 128 bits need extra encrypt */
if (ctr->keylen != 16) {
memcpy(V_tmp + 16, ctr->V, 16);
if (ctr->keylen == 16) {
len = 32;
} else {
inc_128(ctr);
if (!EVP_CipherUpdate(ctr->ctx, ctr->K+16, &outlen, ctr->V,
AES_BLOCK_SIZE)
|| outlen != AES_BLOCK_SIZE)
return 0;
memcpy(V_tmp + 32, ctr->V, 16);
len = 48;
}
inc_128(ctr);
if (!EVP_CipherUpdate(ctr->ctx, ctr->V, &outlen, ctr->V, AES_BLOCK_SIZE)
|| outlen != AES_BLOCK_SIZE)
if (!EVP_CipherUpdate(ctr->ctx_ecb, out, &outlen, V_tmp, len)
|| outlen != len)
return 0;
/* If 192 bit key part of V is on end of K */
if (ctr->keylen == 24) {
memcpy(ctr->V + 8, ctr->V, 8);
memcpy(ctr->V, ctr->K + 24, 8);
}
memcpy(ctr->K, out, ctr->keylen);
memcpy(ctr->V, out + ctr->keylen, 16);
if ((drbg->flags & RAND_DRBG_FLAG_CTR_NO_DF) == 0) {
/* If no input reuse existing derived value */
@ -268,7 +261,8 @@ __owur static int ctr_update(RAND_DRBG *drbg,
ctr_XOR(ctr, in2, in2len);
}
if (!EVP_CipherInit_ex(ctr->ctx, ctr->cipher, NULL, ctr->K, NULL, 1))
if (!EVP_CipherInit_ex(ctr->ctx_ecb, NULL, NULL, ctr->K, NULL, -1)
|| !EVP_CipherInit_ex(ctr->ctx_ctr, NULL, NULL, ctr->K, NULL, -1))
return 0;
return 1;
}
@ -285,8 +279,10 @@ __owur static int drbg_ctr_instantiate(RAND_DRBG *drbg,
memset(ctr->K, 0, sizeof(ctr->K));
memset(ctr->V, 0, sizeof(ctr->V));
if (!EVP_CipherInit_ex(ctr->ctx, ctr->cipher, NULL, ctr->K, NULL, 1))
if (!EVP_CipherInit_ex(ctr->ctx_ecb, NULL, NULL, ctr->K, NULL, -1))
return 0;
inc_128(ctr);
if (!ctr_update(drbg, entropy, entropylen, pers, perslen, nonce, noncelen))
return 0;
return 1;
@ -296,20 +292,40 @@ __owur static int drbg_ctr_reseed(RAND_DRBG *drbg,
const unsigned char *entropy, size_t entropylen,
const unsigned char *adin, size_t adinlen)
{
RAND_DRBG_CTR *ctr = &drbg->data.ctr;
if (entropy == NULL)
return 0;
inc_128(ctr);
if (!ctr_update(drbg, entropy, entropylen, adin, adinlen, NULL, 0))
return 0;
return 1;
}
static void ctr96_inc(unsigned char *counter)
{
u32 n = 12, c = 1;
do {
--n;
c += counter[n];
counter[n] = (u8)c;
c >>= 8;
} while (n);
}
__owur static int drbg_ctr_generate(RAND_DRBG *drbg,
unsigned char *out, size_t outlen,
const unsigned char *adin, size_t adinlen)
{
RAND_DRBG_CTR *ctr = &drbg->data.ctr;
unsigned int ctr32, blocks;
int outl, buflen;
if (adin != NULL && adinlen != 0) {
inc_128(ctr);
if (!ctr_update(drbg, adin, adinlen, NULL, 0, NULL, 0))
return 0;
/* This means we reuse derived value */
@ -321,28 +337,53 @@ __owur static int drbg_ctr_generate(RAND_DRBG *drbg,
adinlen = 0;
}
for ( ; ; ) {
int outl = AES_BLOCK_SIZE;
inc_128(ctr);
if (outlen == 0) {
inc_128(ctr);
if (outlen < 16) {
/* Use K as temp space as it will be updated */
if (!EVP_CipherUpdate(ctr->ctx, ctr->K, &outl, ctr->V,
AES_BLOCK_SIZE)
|| outl != AES_BLOCK_SIZE)
return 0;
memcpy(out, ctr->K, outlen);
break;
}
if (!EVP_CipherUpdate(ctr->ctx, out, &outl, ctr->V, AES_BLOCK_SIZE)
|| outl != AES_BLOCK_SIZE)
if (!ctr_update(drbg, adin, adinlen, NULL, 0, NULL, 0))
return 0;
out += 16;
outlen -= 16;
if (outlen == 0)
break;
return 1;
}
memset(out, 0, outlen);
do {
if (!EVP_CipherInit_ex(ctr->ctx_ctr,
NULL, NULL, NULL, ctr->V, -1))
return 0;
/*-
* outlen has type size_t while EVP_CipherUpdate takes an
* int argument and thus cannot be guaranteed to process more
* than 2^31-1 bytes at a time. We process such huge generate
* requests in 2^30 byte chunks, which is the greatest multiple
* of AES block size lower than or equal to 2^31-1.
*/
buflen = outlen > (1U << 30) ? (1U << 30) : outlen;
blocks = (buflen + 15) / 16;
ctr32 = GETU32(ctr->V + 12) + blocks;
if (ctr32 < blocks) {
/* 32-bit counter overflow into V. */
if (ctr32 != 0) {
blocks -= ctr32;
buflen = blocks * 16;
ctr32 = 0;
}
ctr96_inc(ctr->V);
}
PUTU32(ctr->V + 12, ctr32);
if (!EVP_CipherUpdate(ctr->ctx_ctr, out, &outl, out, buflen)
|| outl != buflen)
return 0;
out += buflen;
outlen -= buflen;
} while (outlen);
if (!ctr_update(drbg, adin, adinlen, NULL, 0, NULL, 0))
return 0;
return 1;
@ -350,7 +391,8 @@ __owur static int drbg_ctr_generate(RAND_DRBG *drbg,
static int drbg_ctr_uninstantiate(RAND_DRBG *drbg)
{
EVP_CIPHER_CTX_free(drbg->data.ctr.ctx);
EVP_CIPHER_CTX_free(drbg->data.ctr.ctx_ecb);
EVP_CIPHER_CTX_free(drbg->data.ctr.ctx_ctr);
EVP_CIPHER_CTX_free(drbg->data.ctr.ctx_df);
OPENSSL_cleanse(&drbg->data.ctr, sizeof(drbg->data.ctr));
return 1;
@ -374,25 +416,36 @@ int drbg_ctr_init(RAND_DRBG *drbg)
return 0;
case NID_aes_128_ctr:
keylen = 16;
ctr->cipher = EVP_aes_128_ecb();
ctr->cipher_ecb = EVP_aes_128_ecb();
ctr->cipher_ctr = EVP_aes_128_ctr();
break;
case NID_aes_192_ctr:
keylen = 24;
ctr->cipher = EVP_aes_192_ecb();
ctr->cipher_ecb = EVP_aes_192_ecb();
ctr->cipher_ctr = EVP_aes_192_ctr();
break;
case NID_aes_256_ctr:
keylen = 32;
ctr->cipher = EVP_aes_256_ecb();
ctr->cipher_ecb = EVP_aes_256_ecb();
ctr->cipher_ctr = EVP_aes_256_ctr();
break;
}
drbg->meth = &drbg_ctr_meth;
ctr->keylen = keylen;
if (ctr->ctx == NULL)
ctr->ctx = EVP_CIPHER_CTX_new();
if (ctr->ctx == NULL)
if (ctr->ctx_ecb == NULL)
ctr->ctx_ecb = EVP_CIPHER_CTX_new();
if (ctr->ctx_ctr == NULL)
ctr->ctx_ctr = EVP_CIPHER_CTX_new();
if (ctr->ctx_ecb == NULL || ctr->ctx_ctr == NULL
|| !EVP_CipherInit_ex(ctr->ctx_ecb,
ctr->cipher_ecb, NULL, NULL, NULL, 1)
|| !EVP_CipherInit_ex(ctr->ctx_ctr,
ctr->cipher_ctr, NULL, NULL, NULL, 1))
return 0;
drbg->meth = &drbg_ctr_meth;
drbg->strength = keylen * 8;
drbg->seedlen = keylen + 16;
@ -410,7 +463,8 @@ int drbg_ctr_init(RAND_DRBG *drbg)
if (ctr->ctx_df == NULL)
return 0;
/* Set key schedule for df_key */
if (!EVP_CipherInit_ex(ctr->ctx_df, ctr->cipher, NULL, df_key, NULL, 1))
if (!EVP_CipherInit_ex(ctr->ctx_df,
ctr->cipher_ecb, NULL, df_key, NULL, 1))
return 0;
drbg->min_entropylen = ctr->keylen;

58
crypto/external/bsd/openssl/dist/crypto/rand/drbg_lib.c vendored
View File

@ -327,13 +327,6 @@ int RAND_DRBG_instantiate(RAND_DRBG *drbg,
max_entropylen += drbg->max_noncelen;
}
drbg->reseed_next_counter = tsan_load(&drbg->reseed_prop_counter);
if (drbg->reseed_next_counter) {
drbg->reseed_next_counter++;
if(!drbg->reseed_next_counter)
drbg->reseed_next_counter = 1;
}
if (drbg->get_entropy != NULL)
entropylen = drbg->get_entropy(drbg, &entropy, min_entropy,
min_entropylen, max_entropylen, 0);
@ -359,9 +352,15 @@ int RAND_DRBG_instantiate(RAND_DRBG *drbg,
}
drbg->state = DRBG_READY;
drbg->reseed_gen_counter = 1;
drbg->generate_counter = 1;
drbg->reseed_time = time(NULL);
tsan_store(&drbg->reseed_prop_counter, drbg->reseed_next_counter);
if (drbg->enable_reseed_propagation) {
if (drbg->parent == NULL)
tsan_counter(&drbg->reseed_counter);
else
tsan_store(&drbg->reseed_counter,
tsan_load(&drbg->parent->reseed_counter));
}
end:
if (entropy != NULL && drbg->cleanup_entropy != NULL)
@ -428,14 +427,6 @@ int RAND_DRBG_reseed(RAND_DRBG *drbg,
}
drbg->state = DRBG_ERROR;
drbg->reseed_next_counter = tsan_load(&drbg->reseed_prop_counter);
if (drbg->reseed_next_counter) {
drbg->reseed_next_counter++;
if(!drbg->reseed_next_counter)
drbg->reseed_next_counter = 1;
}
if (drbg->get_entropy != NULL)
entropylen = drbg->get_entropy(drbg, &entropy, drbg->strength,
drbg->min_entropylen,
@ -451,9 +442,15 @@ int RAND_DRBG_reseed(RAND_DRBG *drbg,
goto end;
drbg->state = DRBG_READY;
drbg->reseed_gen_counter = 1;
drbg->generate_counter = 1;
drbg->reseed_time = time(NULL);
tsan_store(&drbg->reseed_prop_counter, drbg->reseed_next_counter);
if (drbg->enable_reseed_propagation) {
if (drbg->parent == NULL)
tsan_counter(&drbg->reseed_counter);
else
tsan_store(&drbg->reseed_counter,
tsan_load(&drbg->parent->reseed_counter));
}
end:
if (entropy != NULL && drbg->cleanup_entropy != NULL)
@ -554,7 +551,9 @@ int rand_drbg_restart(RAND_DRBG *drbg,
drbg->meth->reseed(drbg, adin, adinlen, NULL, 0);
} else if (reseeded == 0) {
/* do a full reseeding if it has not been done yet above */
RAND_DRBG_reseed(drbg, NULL, 0, 0);
if (!RAND_DRBG_reseed(drbg, NULL, 0, 0)) {
RANDerr(RAND_F_RAND_DRBG_RESTART, RAND_R_RESEED_ERROR);
}
}
}
@ -612,7 +611,7 @@ int RAND_DRBG_generate(RAND_DRBG *drbg, unsigned char *out, size_t outlen,
}
if (drbg->reseed_interval > 0) {
if (drbg->reseed_gen_counter >= drbg->reseed_interval)
if (drbg->generate_counter >= drbg->reseed_interval)
reseed_required = 1;
}
if (drbg->reseed_time_interval > 0) {
@ -621,11 +620,8 @@ int RAND_DRBG_generate(RAND_DRBG *drbg, unsigned char *out, size_t outlen,
|| now - drbg->reseed_time >= drbg->reseed_time_interval)
reseed_required = 1;
}
if (drbg->parent != NULL) {
unsigned int reseed_counter = tsan_load(&drbg->reseed_prop_counter);
if (reseed_counter > 0
&& tsan_load(&drbg->parent->reseed_prop_counter)
!= reseed_counter)
if (drbg->enable_reseed_propagation && drbg->parent != NULL) {
if (drbg->reseed_counter != tsan_load(&drbg->parent->reseed_counter))
reseed_required = 1;
}
@ -644,7 +640,7 @@ int RAND_DRBG_generate(RAND_DRBG *drbg, unsigned char *out, size_t outlen,
return 0;
}
drbg->reseed_gen_counter++;
drbg->generate_counter++;
return 1;
}
@ -706,8 +702,7 @@ int RAND_DRBG_set_callbacks(RAND_DRBG *drbg,
RAND_DRBG_get_nonce_fn get_nonce,
RAND_DRBG_cleanup_nonce_fn cleanup_nonce)
{
if (drbg->state != DRBG_UNINITIALISED
|| drbg->parent != NULL)
if (drbg->state != DRBG_UNINITIALISED)
return 0;
drbg->get_entropy = get_entropy;
drbg->cleanup_entropy = cleanup_entropy;
@ -883,8 +878,9 @@ static RAND_DRBG *drbg_setup(RAND_DRBG *parent)
if (parent == NULL && rand_drbg_enable_locking(drbg) == 0)
goto err;
/* enable seed propagation */
tsan_store(&drbg->reseed_prop_counter, 1);
/* enable reseed propagation */
drbg->enable_reseed_propagation = 1;
drbg->reseed_counter = 1;
/*
* Ignore instantiation error to support just-in-time instantiation.

2
crypto/external/bsd/openssl/dist/crypto/rand/rand_lib.c vendored
View File

@ -174,8 +174,6 @@ size_t rand_drbg_get_entropy(RAND_DRBG *drbg,
prediction_resistance,
(unsigned char *)&drbg, sizeof(drbg)) != 0)
bytes = bytes_needed;
drbg->reseed_next_counter
= tsan_load(&drbg->parent->reseed_prop_counter);
rand_drbg_unlock(drbg->parent);
rand_pool_add_end(pool, bytes, 8 * bytes);

19
crypto/external/bsd/openssl/dist/crypto/rand/rand_local.h vendored
View File

@ -138,9 +138,11 @@ typedef struct rand_drbg_method_st {
* The state of a DRBG AES-CTR.
*/
typedef struct rand_drbg_ctr_st {
EVP_CIPHER_CTX *ctx;
EVP_CIPHER_CTX *ctx_ecb;
EVP_CIPHER_CTX *ctx_ctr;
EVP_CIPHER_CTX *ctx_df;
const EVP_CIPHER *cipher;
const EVP_CIPHER *cipher_ecb;
const EVP_CIPHER *cipher_ctr;
size_t keylen;
unsigned char K[32];
unsigned char V[16];
@ -233,7 +235,7 @@ struct rand_drbg_st {
size_t max_perslen, max_adinlen;
/* Counts the number of generate requests since the last reseed. */
unsigned int reseed_gen_counter;
unsigned int generate_counter;
/*
* Maximum number of generate requests until a reseed is required.
* This value is ignored if it is zero.
@ -246,9 +248,15 @@ struct rand_drbg_st {
* This value is ignored if it is zero.
*/
time_t reseed_time_interval;
/*
* Enables reseed propagation (see following comment)
*/
unsigned int enable_reseed_propagation;
/*
* Counts the number of reseeds since instantiation.
* This value is ignored if it is zero.
* This value is ignored if enable_reseed_propagation is zero.
*
* This counter is used only for seed propagation from the <master> DRBG
* to its two children, the <public> and <private> DRBG. This feature is
@ -256,8 +264,7 @@ struct rand_drbg_st {
* is added by RAND_add() or RAND_seed() will have an immediate effect on
* the output of RAND_bytes() resp. RAND_priv_bytes().
*/
TSAN_QUALIFIER unsigned int reseed_prop_counter;
unsigned int reseed_next_counter;
TSAN_QUALIFIER unsigned int reseed_counter;
size_t seedlen;
DRBG_STATUS state;

11
crypto/external/bsd/openssl/dist/crypto/rsa/rsa_ameth.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2006-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -118,6 +118,15 @@ static int rsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
static int rsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
{
/*
* Don't check the public/private key, this is mostly for smart
* cards.
*/
if (((RSA_flags(a->pkey.rsa) & RSA_METHOD_FLAG_NO_CHECK))
|| (RSA_flags(b->pkey.rsa) & RSA_METHOD_FLAG_NO_CHECK)) {
return 1;
}
if (BN_cmp(b->pkey.rsa->n, a->pkey.rsa->n) != 0
|| BN_cmp(b->pkey.rsa->e, a->pkey.rsa->e) != 0)
return 0;

2
crypto/external/bsd/openssl/dist/crypto/sha/asm/sha1-586.pl vendored
View File

@ -144,7 +144,7 @@ $ymm=1 if ($xmm && !$ymm && $ARGV[0] eq "win32" &&
`ml 2>&1` =~ /Version ([0-9]+)\./ &&
$1>=10); # first version supporting AVX
$ymm=1 if ($xmm && !$ymm && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/ &&
$ymm=1 if ($xmm && !$ymm && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/ &&
$2>=3.0); # first version supporting AVX
$shaext=$xmm; ### set to zero if compiling for 1.0.1

2
crypto/external/bsd/openssl/dist/crypto/sha/asm/sha1-armv8.pl vendored
View File

@ -176,6 +176,7 @@ $code.=<<___;
.text
.extern OPENSSL_armcap_P
.hidden OPENSSL_armcap_P
.globl sha1_block_data_order
.type sha1_block_data_order,%function
.align 6
@ -329,7 +330,6 @@ $code.=<<___;
#endif
.asciz "SHA1 block transform for ARMv8, CRYPTOGAMS by <appro\@openssl.org>"
.align 2
.comm OPENSSL_armcap_P,4,4
___
}}}

2
crypto/external/bsd/openssl/dist/crypto/sha/asm/sha1-mb-x86_64.pl vendored
View File

@ -66,7 +66,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$avx = ($1>=10) + ($1>=11);
}
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
$avx = ($2>=3.0) + ($2>3.0);
}

2
crypto/external/bsd/openssl/dist/crypto/sha/asm/sha256-586.pl vendored
View File

@ -96,7 +96,7 @@ if ($xmm && !$avx && $ARGV[0] eq "win32" &&
$avx = ($1>=10) + ($1>=11);
}
if ($xmm && !$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/) {
if ($xmm && !$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/) {
$avx = ($2>=3.0) + ($2>3.0);
}

2
crypto/external/bsd/openssl/dist/crypto/sha/asm/sha256-mb-x86_64.pl vendored
View File

@ -67,7 +67,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$avx = ($1>=10) + ($1>=11);
}
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
$avx = ($2>=3.0) + ($2>3.0);
}

7
crypto/external/bsd/openssl/dist/crypto/sha/asm/sha512-armv8.pl vendored
View File

@ -193,6 +193,7 @@ $code.=<<___;
.text
.extern OPENSSL_armcap_P
.hidden OPENSSL_armcap_P
.globl $func
.type $func,%function
.align 6
@ -840,12 +841,6 @@ $code.=<<___;
___
}
$code.=<<___;
#ifndef __KERNEL__
.comm OPENSSL_armcap_P,4,4
#endif
___
{ my %opcode = (
"sha256h" => 0x5e004000, "sha256h2" => 0x5e005000,
"sha256su0" => 0x5e282800, "sha256su1" => 0x5e006000 );

2
crypto/external/bsd/openssl/dist/crypto/sha/asm/sha512-x86_64.pl vendored
View File

@ -135,7 +135,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$avx = ($1>=10) + ($1>=11);
}
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
$avx = ($2>=3.0) + ($2>3.0);
}

38
crypto/external/bsd/openssl/dist/crypto/store/loader_file.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -429,6 +429,42 @@ static OSSL_STORE_INFO *try_decode_PrivateKey(const char *pem_name,
}
} else {
int i;
#ifndef OPENSSL_NO_ENGINE
ENGINE *curengine = ENGINE_get_first();
while (curengine != NULL) {
ENGINE_PKEY_ASN1_METHS_PTR asn1meths =
ENGINE_get_pkey_asn1_meths(curengine);
if (asn1meths != NULL) {
const int *nids = NULL;
int nids_n = asn1meths(curengine, NULL, &nids, 0);
for (i = 0; i < nids_n; i++) {
EVP_PKEY_ASN1_METHOD *ameth2 = NULL;
EVP_PKEY *tmp_pkey = NULL;
const unsigned char *tmp_blob = blob;
if (!asn1meths(curengine, &ameth2, NULL, nids[i]))
continue;
if (ameth2 == NULL
|| ameth2->pkey_flags & ASN1_PKEY_ALIAS)
continue;
tmp_pkey = d2i_PrivateKey(ameth2->pkey_id, NULL,
&tmp_blob, len);
if (tmp_pkey != NULL) {
if (pkey != NULL)
EVP_PKEY_free(tmp_pkey);
else
pkey = tmp_pkey;
(*matchcount)++;
}
}
}
curengine = ENGINE_get_next(curengine);
}
#endif
for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) {
EVP_PKEY *tmp_pkey = NULL;

8
crypto/external/bsd/openssl/dist/crypto/store/store_lib.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -218,7 +218,11 @@ int OSSL_STORE_eof(OSSL_STORE_CTX *ctx)
int OSSL_STORE_close(OSSL_STORE_CTX *ctx)
{
int loader_ret = ctx->loader->close(ctx->loader_ctx);
int loader_ret;
if (ctx == NULL)
return 1;
loader_ret = ctx->loader->close(ctx->loader_ctx);
OPENSSL_free(ctx);
return loader_ret;

2
crypto/external/bsd/openssl/dist/crypto/ts/ts_rsp_sign.c vendored
View File

@ -57,12 +57,14 @@ static ASN1_INTEGER *def_serial_cb(struct TS_resp_ctx *ctx, void *data)
goto err;
if (!ASN1_INTEGER_set(serial, 1))
goto err;
return serial;
err:
TSerr(TS_F_DEF_SERIAL_CB, ERR_R_MALLOC_FAILURE);
TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
"Error during serial number generation.");
ASN1_INTEGER_free(serial);
return NULL;
}

34
crypto/external/bsd/openssl/dist/crypto/whrlpool/wp_block.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2005-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2005-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -63,6 +63,20 @@ typedef unsigned long long u64;
# undef STRICT_ALIGNMENT
#endif
#ifndef STRICT_ALIGNMENT
# ifdef __GNUC__
typedef u64 u64_a1 __attribute((__aligned__(1)));
# else
typedef u64 u64_a1;
# endif
#endif
#if defined(__GNUC__) && !defined(STRICT_ALIGNMENT)
typedef u64 u64_aX __attribute((__aligned__(1)));
#else
typedef u64 u64_aX;
#endif
#undef SMALL_REGISTER_BANK
#if defined(__i386) || defined(__i386__) || defined(_M_IX86)
# define SMALL_REGISTER_BANK
@ -191,13 +205,13 @@ typedef unsigned long long u64;
# define LL(c0,c1,c2,c3,c4,c5,c6,c7) c0,c1,c2,c3,c4,c5,c6,c7, \
c0,c1,c2,c3,c4,c5,c6,c7
# define C0(K,i) (((u64*)(Cx.c+0))[2*K.c[(i)*8+0]])
# define C1(K,i) (((u64*)(Cx.c+7))[2*K.c[(i)*8+1]])
# define C2(K,i) (((u64*)(Cx.c+6))[2*K.c[(i)*8+2]])
# define C3(K,i) (((u64*)(Cx.c+5))[2*K.c[(i)*8+3]])
# define C4(K,i) (((u64*)(Cx.c+4))[2*K.c[(i)*8+4]])
# define C5(K,i) (((u64*)(Cx.c+3))[2*K.c[(i)*8+5]])
# define C6(K,i) (((u64*)(Cx.c+2))[2*K.c[(i)*8+6]])
# define C7(K,i) (((u64*)(Cx.c+1))[2*K.c[(i)*8+7]])
# define C1(K,i) (((u64_a1*)(Cx.c+7))[2*K.c[(i)*8+1]])
# define C2(K,i) (((u64_a1*)(Cx.c+6))[2*K.c[(i)*8+2]])
# define C3(K,i) (((u64_a1*)(Cx.c+5))[2*K.c[(i)*8+3]])
# define C4(K,i) (((u64_a1*)(Cx.c+4))[2*K.c[(i)*8+4]])
# define C5(K,i) (((u64_a1*)(Cx.c+3))[2*K.c[(i)*8+5]])
# define C6(K,i) (((u64_a1*)(Cx.c+2))[2*K.c[(i)*8+6]])
# define C7(K,i) (((u64_a1*)(Cx.c+1))[2*K.c[(i)*8+7]])
#endif
static const
@ -531,7 +545,7 @@ void whirlpool_block(WHIRLPOOL_CTX *ctx, const void *inp, size_t n)
} else
# endif
{
const u64 *pa = (const u64 *)p;
const u64_aX *pa = (const u64_aX *)p;
S.q[0] = (K.q[0] = H->q[0]) ^ pa[0];
S.q[1] = (K.q[1] = H->q[1]) ^ pa[1];
S.q[2] = (K.q[2] = H->q[2]) ^ pa[2];
@ -769,7 +783,7 @@ void whirlpool_block(WHIRLPOOL_CTX *ctx, const void *inp, size_t n)
} else
# endif
{
const u64 *pa = (const u64 *)p;
const u64_aX *pa = (const u64_aX *)p;
H->q[0] ^= S.q[0] ^ pa[0];
H->q[1] ^= S.q[1] ^ pa[1];
H->q[2] ^= S.q[2] ^ pa[2];

4
crypto/external/bsd/openssl/dist/crypto/x509/x509_att.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -149,7 +149,7 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE)
return ret;
}
void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
void *X509at_get0_data_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *x,
const ASN1_OBJECT *obj, int lastpos, int type)
{
int i;

2
crypto/external/bsd/openssl/dist/crypto/x509/x509_cmp.c vendored
View File

@ -135,6 +135,8 @@ int X509_cmp(const X509 *a, const X509 *b)
{
int rv;
if (a == b) /* for efficiency */
return 0;
/* ensure hash is valid */
if (X509_check_purpose((X509 *)a, -1, 0) != 1)
return -2;

3
crypto/external/bsd/openssl/dist/crypto/x509/x509_err.c vendored
View File

@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -79,6 +79,7 @@ static const ERR_STRING_DATA X509_str_functs[] = {
{ERR_PACK(ERR_LIB_X509, X509_F_X509_PRINT_EX_FP, 0), "X509_print_ex_fp"},
{ERR_PACK(ERR_LIB_X509, X509_F_X509_PUBKEY_DECODE, 0),
"x509_pubkey_decode"},
{ERR_PACK(ERR_LIB_X509, X509_F_X509_PUBKEY_GET, 0), "X509_PUBKEY_get"},
{ERR_PACK(ERR_LIB_X509, X509_F_X509_PUBKEY_GET0, 0), "X509_PUBKEY_get0"},
{ERR_PACK(ERR_LIB_X509, X509_F_X509_PUBKEY_SET, 0), "X509_PUBKEY_set"},
{ERR_PACK(ERR_LIB_X509, X509_F_X509_REQ_CHECK_PRIVATE_KEY, 0),

4
crypto/external/bsd/openssl/dist/crypto/x509/x509_local.h vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -145,3 +145,5 @@ DEFINE_STACK_OF(STACK_OF_X509_NAME_ENTRY)
void x509_set_signature_info(X509_SIG_INFO *siginf, const X509_ALGOR *alg,
const ASN1_STRING *sig);
int x509_likely_issued(X509 *issuer, X509 *subject);
int x509_signing_allowed(const X509 *issuer, const X509 *subject);

14
crypto/external/bsd/openssl/dist/crypto/x509/x509_req.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -286,6 +286,18 @@ void X509_REQ_get0_signature(const X509_REQ *req, const ASN1_BIT_STRING **psig,
*palg = &req->sig_alg;
}
void X509_REQ_set0_signature(X509_REQ *req, ASN1_BIT_STRING *psig)
{
if (req->signature)
ASN1_BIT_STRING_free(req->signature);
req->signature = psig;
}
int X509_REQ_set1_signature_algo(X509_REQ *req, X509_ALGOR *palg)
{
return X509_ALGOR_copy(&req->sig_alg, palg);
}
int X509_REQ_get_signature_nid(const X509_REQ *req)
{
return OBJ_obj2nid(req->sig_alg.algorithm);

4
crypto/external/bsd/openssl/dist/crypto/x509/x509_txt.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -174,6 +174,8 @@ const char *X509_verify_cert_error_string(long n)
return "OCSP verification failed";
case X509_V_ERR_OCSP_CERT_UNKNOWN:
return "OCSP unknown cert";
case X509_V_ERR_EC_KEY_EXPLICIT_PARAMS:
return "Certificate public key has explicit ECC parameters";
default:
/* Printing an error number into a static buffer is not thread-safe */

9
crypto/external/bsd/openssl/dist/crypto/x509/x_pubkey.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -169,8 +169,11 @@ EVP_PKEY *X509_PUBKEY_get0(X509_PUBKEY *key)
EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
{
EVP_PKEY *ret = X509_PUBKEY_get0(key);
if (ret != NULL)
EVP_PKEY_up_ref(ret);
if (ret != NULL && !EVP_PKEY_up_ref(ret)) {
X509err(X509_F_X509_PUBKEY_GET, ERR_R_INTERNAL_ERROR);
ret = NULL;
}
return ret;
}

3
crypto/external/bsd/openssl/dist/crypto/x509v3/pcy_data.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2004-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -52,6 +52,7 @@ X509_POLICY_DATA *policy_data_new(POLICYINFO *policy,
ret = OPENSSL_zalloc(sizeof(*ret));
if (ret == NULL) {
X509V3err(X509V3_F_POLICY_DATA_NEW, ERR_R_MALLOC_FAILURE);
ASN1_OBJECT_free(id);
return NULL;
}
ret->expected_policy_set = sk_ASN1_OBJECT_new_null();

3
crypto/external/bsd/openssl/dist/crypto/x509v3/v3_alt.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1999-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -275,6 +275,7 @@ static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens)
num = sk_GENERAL_NAME_num(ialt);
if (!sk_GENERAL_NAME_reserve(gens, num)) {
X509V3err(X509V3_F_COPY_ISSUER, ERR_R_MALLOC_FAILURE);
sk_GENERAL_NAME_free(ialt);
goto err;
}

52
crypto/external/bsd/openssl/dist/crypto/x509v3/v3_genn.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1999-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -22,8 +22,9 @@ ASN1_SEQUENCE(OTHERNAME) = {
IMPLEMENT_ASN1_FUNCTIONS(OTHERNAME)
ASN1_SEQUENCE(EDIPARTYNAME) = {
ASN1_IMP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0),
ASN1_IMP_OPT(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1)
/* DirectoryString is a CHOICE type so use explicit tagging */
ASN1_EXP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0),
ASN1_EXP(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1)
} ASN1_SEQUENCE_END(EDIPARTYNAME)
IMPLEMENT_ASN1_FUNCTIONS(EDIPARTYNAME)
@ -57,6 +58,37 @@ GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a)
(char *)a);
}
static int edipartyname_cmp(const EDIPARTYNAME *a, const EDIPARTYNAME *b)
{
int res;
if (a == NULL || b == NULL) {
/*
* Shouldn't be possible in a valid GENERAL_NAME, but we handle it
* anyway. OTHERNAME_cmp treats NULL != NULL so we do the same here
*/
return -1;
}
if (a->nameAssigner == NULL && b->nameAssigner != NULL)
return -1;
if (a->nameAssigner != NULL && b->nameAssigner == NULL)
return 1;
/* If we get here then both have nameAssigner set, or both unset */
if (a->nameAssigner != NULL) {
res = ASN1_STRING_cmp(a->nameAssigner, b->nameAssigner);
if (res != 0)
return res;
}
/*
* partyName is required, so these should never be NULL. We treat it in
* the same way as the a == NULL || b == NULL case above
*/
if (a->partyName == NULL || b->partyName == NULL)
return -1;
return ASN1_STRING_cmp(a->partyName, b->partyName);
}
/* Returns 0 if they are equal, != 0 otherwise. */
int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b)
{
@ -66,8 +98,11 @@ int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b)
return -1;
switch (a->type) {
case GEN_X400:
result = ASN1_TYPE_cmp(a->d.x400Address, b->d.x400Address);
break;
case GEN_EDIPARTY:
result = ASN1_TYPE_cmp(a->d.other, b->d.other);
result = edipartyname_cmp(a->d.ediPartyName, b->d.ediPartyName);
break;
case GEN_OTHERNAME:
@ -114,8 +149,11 @@ void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value)
{
switch (type) {
case GEN_X400:
a->d.x400Address = value;
break;
case GEN_EDIPARTY:
a->d.other = value;
a->d.ediPartyName = value;
break;
case GEN_OTHERNAME:
@ -149,8 +187,10 @@ void *GENERAL_NAME_get0_value(const GENERAL_NAME *a, int *ptype)
*ptype = a->type;
switch (a->type) {
case GEN_X400:
return a->d.x400Address;
case GEN_EDIPARTY:
return a->d.other;
return a->d.ediPartyName;
case GEN_OTHERNAME:
return a->d.otherName;

64
crypto/external/bsd/openssl/dist/crypto/x509v3/v3_purp.c vendored
View File

@ -13,6 +13,7 @@
#include <openssl/x509v3.h>
#include <openssl/x509_vfy.h>
#include "crypto/x509.h"
#include "../x509/x509_local.h" /* for x509_signing_allowed() */
#include "internal/tsan_assist.h"
static void x509v3_cache_extensions(X509 *x);
@ -344,6 +345,21 @@ static int setup_crldp(X509 *x)
return 1;
}
/* Check that issuer public key algorithm matches subject signature algorithm */
static int check_sig_alg_match(const EVP_PKEY *pkey, const X509 *subject)
{
int pkey_nid;
if (pkey == NULL)
return X509_V_ERR_NO_ISSUER_PUBLIC_KEY;
if (OBJ_find_sigid_algs(OBJ_obj2nid(subject->cert_info.signature.algorithm),
NULL, &pkey_nid) == 0)
return X509_V_ERR_UNSUPPORTED_SIGNATURE_ALGORITHM;
if (EVP_PKEY_type(pkey_nid) != EVP_PKEY_base_id(pkey))
return X509_V_ERR_SIGNATURE_ALGORITHM_MISMATCH;
return X509_V_OK;
}
#define V1_ROOT (EXFLAG_V1|EXFLAG_SS)
#define ku_reject(x, usage) \
(((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
@ -496,11 +512,11 @@ static void x509v3_cache_extensions(X509 *x)
x->ex_flags |= EXFLAG_INVALID;
/* Does subject name match issuer ? */
if (!X509_NAME_cmp(X509_get_subject_name(x), X509_get_issuer_name(x))) {
x->ex_flags |= EXFLAG_SI;
/* If SKID matches AKID also indicate self signed */
if (X509_check_akid(x, x->akid) == X509_V_OK &&
!ku_reject(x, KU_KEY_CERT_SIGN))
x->ex_flags |= EXFLAG_SS;
x->ex_flags |= EXFLAG_SI; /* cert is self-issued */
if (X509_check_akid(x, x->akid) == X509_V_OK /* SKID matches AKID */
/* .. and the signature alg matches the PUBKEY alg: */
&& check_sig_alg_match(X509_get0_pubkey(x), x) == X509_V_OK)
x->ex_flags |= EXFLAG_SS; /* indicate self-signed */
}
x->altname = X509_get_ext_d2i(x, NID_subject_alt_name, &i, NULL);
if (x->altname == NULL && i != -1)
@ -792,6 +808,23 @@ static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca)
return 1;
}
/*-
* Check if certificate I<issuer> is allowed to issue certificate I<subject>
* according to the B<keyUsage> field of I<issuer> if present
* depending on any proxyCertInfo extension of I<subject>.
* Returns 0 for OK, or positive for reason for rejection
* where reason codes match those for X509_verify_cert().
*/
int x509_signing_allowed(const X509 *issuer, const X509 *subject)
{
if (subject->ex_flags & EXFLAG_PROXY) {
if (ku_reject(issuer, KU_DIGITAL_SIGNATURE))
return X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE;
} else if (ku_reject(issuer, KU_KEY_CERT_SIGN))
return X509_V_ERR_KEYUSAGE_NO_CERTSIGN;
return X509_V_OK;
}
/*-
* Various checks to see if one certificate issued the second.
* This can be used to prune a set of possible issuer certificates
@ -800,12 +833,23 @@ static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca)
* These are:
* 1. Check issuer_name(subject) == subject_name(issuer)
* 2. If akid(subject) exists check it matches issuer
* 3. If key_usage(issuer) exists check it supports certificate signing
* 3. Check that issuer public key algorithm matches subject signature algorithm
* 4. If key_usage(issuer) exists check it supports certificate signing
* returns 0 for OK, positive for reason for mismatch, reasons match
* codes for X509_verify_cert()
*/
int X509_check_issued(X509 *issuer, X509 *subject)
{
int ret;
if ((ret = x509_likely_issued(issuer, subject)) != X509_V_OK)
return ret;
return x509_signing_allowed(issuer, subject);
}
/* do the checks 1., 2., and 3. as described above for X509_check_issued() */
int x509_likely_issued(X509 *issuer, X509 *subject)
{
if (X509_NAME_cmp(X509_get_subject_name(issuer),
X509_get_issuer_name(subject)))
@ -824,12 +868,8 @@ int X509_check_issued(X509 *issuer, X509 *subject)
return ret;
}
if (subject->ex_flags & EXFLAG_PROXY) {
if (ku_reject(issuer, KU_DIGITAL_SIGNATURE))
return X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE;
} else if (ku_reject(issuer, KU_KEY_CERT_SIGN))
return X509_V_ERR_KEYUSAGE_NO_CERTSIGN;
return X509_V_OK;
/* check if the subject signature alg matches the issuer's PUBKEY alg */
return check_sig_alg_match(X509_get0_pubkey(issuer), subject);
}
int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid)

10
crypto/external/bsd/openssl/dist/doc/man1/CA.pl.pod vendored
View File

@ -91,7 +91,7 @@ to standard output. Leverages B<openssl ca> command.
=item B<-signCA>
This option is the same as the B<-signreq> option except it uses the
This option is the same as the B<-sign> option except it uses the
configuration file section B<v3_ca> and so makes the signed request a
valid CA certificate. This is useful when creating intermediate CA from
a root CA. Extra params are passed on to B<openssl ca> command.
@ -143,7 +143,7 @@ the request and finally create a PKCS#12 file containing it.
CA.pl -newca
CA.pl -newreq
CA.pl -signreq
CA.pl -sign
CA.pl -pkcs12 "My Test Certificate"
=head1 DSA CERTIFICATES
@ -164,7 +164,7 @@ Create the CA directories and files:
CA.pl -newca
enter cacert.pem when prompted for the CA file name.
enter cacert.pem when prompted for the CA filename.
Create a DSA certificate request and private key (a different set of parameters
can optionally be created first):
@ -173,7 +173,7 @@ can optionally be created first):
Sign the request:
CA.pl -signreq
CA.pl -sign
=head1 NOTES
@ -204,7 +204,7 @@ L<config(5)>
=head1 COPYRIGHT
Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy

4
crypto/external/bsd/openssl/dist/doc/man1/ca.pod vendored
View File

@ -219,7 +219,7 @@ DNs match the order of the request. This is not needed for Xenroll.
=item B<-noemailDN>
The DN of a certificate can contain the EMAIL field if present in the
request DN, however it is good policy just having the e-mail set into
request DN, however, it is good policy just having the e-mail set into
the altName extension of the certificate. When this option is set the
EMAIL field is removed from the certificate' subject and set only in
the, eventually present, extensions. The B<email_in_dn> keyword can be
@ -759,7 +759,7 @@ L<config(5)>, L<x509v3_config(5)>
=head1 COPYRIGHT
Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy

5
crypto/external/bsd/openssl/dist/doc/man1/dgst.pod vendored
View File

@ -94,8 +94,7 @@ Filename to output to, or standard output by default.
=item B<-sign filename>
Digitally sign the digest using the private key in "filename". Note this option
does not support Ed25519 or Ed448 private keys. Use the B<pkeyutl> command
instead for this.
does not support Ed25519 or Ed448 private keys.
=item B<-keyform arg>
@ -242,7 +241,7 @@ The FIPS-related options were removed in OpenSSL 1.1.0.
=head1 COPYRIGHT
Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy

4
crypto/external/bsd/openssl/dist/doc/man1/enc.pod vendored
View File

@ -240,7 +240,7 @@ a strong block cipher, such as AES, in CBC mode.
All the block ciphers normally use PKCS#5 padding, also known as standard
block padding. This allows a rudimentary integrity or password check to
be performed. However since the chance of random data passing the test
be performed. However, since the chance of random data passing the test
is better than 1 in 256 it isn't a very good test.
If padding is disabled then the input data must be a multiple of the cipher
@ -428,7 +428,7 @@ The B<-list> option was added in OpenSSL 1.1.1e.
=head1 COPYRIGHT
Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy

Some files were not shown because too many files have changed in this diff Show More