aboutsummaryrefslogtreecommitdiff
path: root/openssl/crypto
diff options
context:
space:
mode:
authormarha <marha@users.sourceforge.net>2015-04-20 23:05:23 +0200
committermarha <marha@users.sourceforge.net>2015-04-20 23:05:23 +0200
commit0f7871ff824bcf064db3ab6bdfe26645ba6c8087 (patch)
tree90d3d2b6112e083289c9cf68146852087814f6d3 /openssl/crypto
parent934184bfecd402aae891b8740d788b486aa7269f (diff)
parent2a00e489122f6c4b525090dbdba2855a2ea2d519 (diff)
downloadvcxsrv-0f7871ff824bcf064db3ab6bdfe26645ba6c8087.tar.gz
vcxsrv-0f7871ff824bcf064db3ab6bdfe26645ba6c8087.tar.bz2
vcxsrv-0f7871ff824bcf064db3ab6bdfe26645ba6c8087.zip
Merge remote-tracking branch 'origin/released'
Conflicts: openssl/Makefile
Diffstat (limited to 'openssl/crypto')
-rw-r--r--openssl/crypto/aes/Makefile2
-rw-r--r--openssl/crypto/aes/aes_core.c64
-rw-r--r--openssl/crypto/aes/aes_x86core.c224
-rw-r--r--openssl/crypto/asn1/a_type.c3
-rw-r--r--openssl/crypto/asn1/a_utctm.c2
-rw-r--r--openssl/crypto/asn1/asn1.h1
-rw-r--r--openssl/crypto/asn1/asn1_gen.c9
-rw-r--r--openssl/crypto/asn1/asn1_lib.c7
-rw-r--r--openssl/crypto/asn1/asn1_par.c2
-rw-r--r--openssl/crypto/asn1/bio_ndef.c6
-rw-r--r--openssl/crypto/asn1/p8_pkey.c3
-rw-r--r--openssl/crypto/asn1/tasn_dec.c24
-rw-r--r--openssl/crypto/asn1/tasn_new.c7
-rw-r--r--openssl/crypto/asn1/tasn_prn.c3
-rw-r--r--openssl/crypto/asn1/x_bignum.c69
-rw-r--r--openssl/crypto/asn1/x_long.c149
-rw-r--r--openssl/crypto/asn1/x_x509.c12
-rw-r--r--openssl/crypto/bio/b_print.c15
-rw-r--r--openssl/crypto/bio/bio.h1
-rw-r--r--openssl/crypto/bio/bio_cb.c9
-rw-r--r--openssl/crypto/bio/bio_err.c3
-rw-r--r--openssl/crypto/bio/bss_dgram.c15
-rw-r--r--openssl/crypto/bn/Makefile2
-rw-r--r--openssl/crypto/bn/asm/modexp512-x86_64.pl1497
-rw-r--r--openssl/crypto/bn/bn_exp.c4
-rw-r--r--openssl/crypto/camellia/Makefile2
-rw-r--r--openssl/crypto/cms/cms_pwri.c2
-rw-r--r--openssl/crypto/conf/conf_def.c6
-rw-r--r--openssl/crypto/conf/conf_sap.c17
-rw-r--r--openssl/crypto/des/spr.h327
-rw-r--r--openssl/crypto/dh/dh_ameth.c20
-rw-r--r--openssl/crypto/dh/dh_pmeth.c3
-rw-r--r--openssl/crypto/dsa/dsa_ameth.c24
-rw-r--r--openssl/crypto/dso/dso_dlfcn.c7
-rw-r--r--openssl/crypto/dso/dso_vms.c19
-rw-r--r--openssl/crypto/ec/ec_asn1.c21
-rw-r--r--openssl/crypto/ec/ec_curve.c8
-rw-r--r--openssl/crypto/ec/ec_cvt.c6
-rw-r--r--openssl/crypto/ec/ecp_nistp224.c2
-rw-r--r--openssl/crypto/engine/eng_fat.c2
-rw-r--r--openssl/crypto/engine/eng_rsax.c701
-rw-r--r--openssl/crypto/evp/Makefile2
-rw-r--r--openssl/crypto/evp/digest.c9
-rw-r--r--openssl/crypto/evp/e_aes.c2
-rw-r--r--openssl/crypto/evp/evp_extra_test.c489
-rw-r--r--openssl/crypto/ex_data.c2
-rw-r--r--openssl/crypto/modes/gcm128.c8
-rw-r--r--openssl/crypto/objects/o_names.c15
-rw-r--r--openssl/crypto/objects/objects.pl44
-rw-r--r--openssl/crypto/objects/objxref.pl37
-rw-r--r--openssl/crypto/opensslv.h6
-rwxr-xr-xopenssl/crypto/perlasm/sparcv9_modes.pl1
-rw-r--r--openssl/crypto/pkcs7/pk7_doit.c87
-rw-r--r--openssl/crypto/pkcs7/pk7_lib.c3
-rw-r--r--openssl/crypto/rand/rand_egd.c1
-rw-r--r--openssl/crypto/rand/rand_os2.c3
-rw-r--r--openssl/crypto/rsa/rsa_ameth.c3
-rw-r--r--openssl/crypto/rsa/rsa_sign.c15
-rw-r--r--openssl/crypto/sha/asm/sha1-586.pl2
-rw-r--r--openssl/crypto/stack/stack.c2
-rw-r--r--openssl/crypto/threads/th-lock.c23
-rw-r--r--openssl/crypto/ui/ui_openssl.c60
-rw-r--r--openssl/crypto/x509/x509_req.c2
-rw-r--r--openssl/crypto/x509v3/v3_cpols.c16
-rw-r--r--openssl/crypto/x509v3/v3_utl.c7
65 files changed, 1320 insertions, 2819 deletions
diff --git a/openssl/crypto/aes/Makefile b/openssl/crypto/aes/Makefile
index 709b1af39..b94ca72a4 100644
--- a/openssl/crypto/aes/Makefile
+++ b/openssl/crypto/aes/Makefile
@@ -72,7 +72,7 @@ aesni-mb-x86_64.s: asm/aesni-mb-x86_64.pl
aes-sparcv9.s: asm/aes-sparcv9.pl
$(PERL) asm/aes-sparcv9.pl $(CFLAGS) > $@
-aest4-sparcv9.s: asm/aest4-sparcv9.pl
+aest4-sparcv9.s: asm/aest4-sparcv9.pl ../perlasm/sparcv9_modes.pl
$(PERL) asm/aest4-sparcv9.pl $(CFLAGS) > $@
aes-ppc.s: asm/aes-ppc.pl
diff --git a/openssl/crypto/aes/aes_core.c b/openssl/crypto/aes/aes_core.c
index ff0d1643f..2ddb0860d 100644
--- a/openssl/crypto/aes/aes_core.c
+++ b/openssl/crypto/aes/aes_core.c
@@ -1130,31 +1130,31 @@ void AES_decrypt(const unsigned char *in, unsigned char *out,
* map cipher state to byte array block:
*/
s0 =
- (Td4[(t0 >> 24) ] << 24) ^
- (Td4[(t3 >> 16) & 0xff] << 16) ^
- (Td4[(t2 >> 8) & 0xff] << 8) ^
- (Td4[(t1 ) & 0xff]) ^
+ ((u32)Td4[(t0 >> 24) ] << 24) ^
+ ((u32)Td4[(t3 >> 16) & 0xff] << 16) ^
+ ((u32)Td4[(t2 >> 8) & 0xff] << 8) ^
+ ((u32)Td4[(t1 ) & 0xff]) ^
rk[0];
PUTU32(out , s0);
s1 =
- (Td4[(t1 >> 24) ] << 24) ^
- (Td4[(t0 >> 16) & 0xff] << 16) ^
- (Td4[(t3 >> 8) & 0xff] << 8) ^
- (Td4[(t2 ) & 0xff]) ^
+ ((u32)Td4[(t1 >> 24) ] << 24) ^
+ ((u32)Td4[(t0 >> 16) & 0xff] << 16) ^
+ ((u32)Td4[(t3 >> 8) & 0xff] << 8) ^
+ ((u32)Td4[(t2 ) & 0xff]) ^
rk[1];
PUTU32(out + 4, s1);
s2 =
- (Td4[(t2 >> 24) ] << 24) ^
- (Td4[(t1 >> 16) & 0xff] << 16) ^
- (Td4[(t0 >> 8) & 0xff] << 8) ^
- (Td4[(t3 ) & 0xff]) ^
+ ((u32)Td4[(t2 >> 24) ] << 24) ^
+ ((u32)Td4[(t1 >> 16) & 0xff] << 16) ^
+ ((u32)Td4[(t0 >> 8) & 0xff] << 8) ^
+ ((u32)Td4[(t3 ) & 0xff]) ^
rk[2];
PUTU32(out + 8, s2);
s3 =
- (Td4[(t3 >> 24) ] << 24) ^
- (Td4[(t2 >> 16) & 0xff] << 16) ^
- (Td4[(t1 >> 8) & 0xff] << 8) ^
- (Td4[(t0 ) & 0xff]) ^
+ ((u32)Td4[(t3 >> 24) ] << 24) ^
+ ((u32)Td4[(t2 >> 16) & 0xff] << 16) ^
+ ((u32)Td4[(t1 >> 8) & 0xff] << 8) ^
+ ((u32)Td4[(t0 ) & 0xff]) ^
rk[3];
PUTU32(out + 12, s3);
}
@@ -1233,10 +1233,10 @@ int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
while (1) {
temp = rk[3];
rk[4] = rk[0] ^
- (Te4[(temp >> 16) & 0xff] << 24) ^
- (Te4[(temp >> 8) & 0xff] << 16) ^
- (Te4[(temp ) & 0xff] << 8) ^
- (Te4[(temp >> 24) ]) ^
+ ((u32)Te4[(temp >> 16) & 0xff] << 24) ^
+ ((u32)Te4[(temp >> 8) & 0xff] << 16) ^
+ ((u32)Te4[(temp ) & 0xff] << 8) ^
+ ((u32)Te4[(temp >> 24) ]) ^
rcon[i];
rk[5] = rk[1] ^ rk[4];
rk[6] = rk[2] ^ rk[5];
@@ -1253,10 +1253,10 @@ int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
while (1) {
temp = rk[ 5];
rk[ 6] = rk[ 0] ^
- (Te4[(temp >> 16) & 0xff] << 24) ^
- (Te4[(temp >> 8) & 0xff] << 16) ^
- (Te4[(temp ) & 0xff] << 8) ^
- (Te4[(temp >> 24) ]) ^
+ ((u32)Te4[(temp >> 16) & 0xff] << 24) ^
+ ((u32)Te4[(temp >> 8) & 0xff] << 16) ^
+ ((u32)Te4[(temp ) & 0xff] << 8) ^
+ ((u32)Te4[(temp >> 24) ]) ^
rcon[i];
rk[ 7] = rk[ 1] ^ rk[ 6];
rk[ 8] = rk[ 2] ^ rk[ 7];
@@ -1275,10 +1275,10 @@ int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
while (1) {
temp = rk[ 7];
rk[ 8] = rk[ 0] ^
- (Te4[(temp >> 16) & 0xff] << 24) ^
- (Te4[(temp >> 8) & 0xff] << 16) ^
- (Te4[(temp ) & 0xff] << 8) ^
- (Te4[(temp >> 24) ]) ^
+ ((u32)Te4[(temp >> 16) & 0xff] << 24) ^
+ ((u32)Te4[(temp >> 8) & 0xff] << 16) ^
+ ((u32)Te4[(temp ) & 0xff] << 8) ^
+ ((u32)Te4[(temp >> 24) ]) ^
rcon[i];
rk[ 9] = rk[ 1] ^ rk[ 8];
rk[10] = rk[ 2] ^ rk[ 9];
@@ -1288,10 +1288,10 @@ int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
}
temp = rk[11];
rk[12] = rk[ 4] ^
- (Te4[(temp >> 24) ] << 24) ^
- (Te4[(temp >> 16) & 0xff] << 16) ^
- (Te4[(temp >> 8) & 0xff] << 8) ^
- (Te4[(temp ) & 0xff]);
+ ((u32)Te4[(temp >> 24) ] << 24) ^
+ ((u32)Te4[(temp >> 16) & 0xff] << 16) ^
+ ((u32)Te4[(temp >> 8) & 0xff] << 8) ^
+ ((u32)Te4[(temp ) & 0xff]);
rk[13] = rk[ 5] ^ rk[12];
rk[14] = rk[ 6] ^ rk[13];
rk[15] = rk[ 7] ^ rk[14];
diff --git a/openssl/crypto/aes/aes_x86core.c b/openssl/crypto/aes/aes_x86core.c
index 132b09a21..c869ed719 100644
--- a/openssl/crypto/aes/aes_x86core.c
+++ b/openssl/crypto/aes/aes_x86core.c
@@ -499,10 +499,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
while (1) {
temp = rk[3];
rk[4] = rk[0] ^
- (Te4[(temp >> 8) & 0xff] ) ^
- (Te4[(temp >> 16) & 0xff] << 8) ^
- (Te4[(temp >> 24) ] << 16) ^
- (Te4[(temp ) & 0xff] << 24) ^
+ ((u32)Te4[(temp >> 8) & 0xff] ) ^
+ ((u32)Te4[(temp >> 16) & 0xff] << 8) ^
+ ((u32)Te4[(temp >> 24) ] << 16) ^
+ ((u32)Te4[(temp ) & 0xff] << 24) ^
rcon[i];
rk[5] = rk[1] ^ rk[4];
rk[6] = rk[2] ^ rk[5];
@@ -519,10 +519,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
while (1) {
temp = rk[ 5];
rk[ 6] = rk[ 0] ^
- (Te4[(temp >> 8) & 0xff] ) ^
- (Te4[(temp >> 16) & 0xff] << 8) ^
- (Te4[(temp >> 24) ] << 16) ^
- (Te4[(temp ) & 0xff] << 24) ^
+ ((u32)Te4[(temp >> 8) & 0xff] ) ^
+ ((u32)Te4[(temp >> 16) & 0xff] << 8) ^
+ ((u32)Te4[(temp >> 24) ] << 16) ^
+ ((u32)Te4[(temp ) & 0xff] << 24) ^
rcon[i];
rk[ 7] = rk[ 1] ^ rk[ 6];
rk[ 8] = rk[ 2] ^ rk[ 7];
@@ -541,10 +541,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
while (1) {
temp = rk[ 7];
rk[ 8] = rk[ 0] ^
- (Te4[(temp >> 8) & 0xff] ) ^
- (Te4[(temp >> 16) & 0xff] << 8) ^
- (Te4[(temp >> 24) ] << 16) ^
- (Te4[(temp ) & 0xff] << 24) ^
+ ((u32)Te4[(temp >> 8) & 0xff] ) ^
+ ((u32)Te4[(temp >> 16) & 0xff] << 8) ^
+ ((u32)Te4[(temp >> 24) ] << 16) ^
+ ((u32)Te4[(temp ) & 0xff] << 24) ^
rcon[i];
rk[ 9] = rk[ 1] ^ rk[ 8];
rk[10] = rk[ 2] ^ rk[ 9];
@@ -554,10 +554,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
}
temp = rk[11];
rk[12] = rk[ 4] ^
- (Te4[(temp ) & 0xff] ) ^
- (Te4[(temp >> 8) & 0xff] << 8) ^
- (Te4[(temp >> 16) & 0xff] << 16) ^
- (Te4[(temp >> 24) ] << 24);
+ ((u32)Te4[(temp ) & 0xff] ) ^
+ ((u32)Te4[(temp >> 8) & 0xff] << 8) ^
+ ((u32)Te4[(temp >> 16) & 0xff] << 16) ^
+ ((u32)Te4[(temp >> 24) ] << 24);
rk[13] = rk[ 5] ^ rk[12];
rk[14] = rk[ 6] ^ rk[13];
rk[15] = rk[ 7] ^ rk[14];
@@ -676,22 +676,22 @@ void AES_encrypt(const unsigned char *in, unsigned char *out,
#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
prefetch256(Te4);
- t[0] = Te4[(s0 ) & 0xff] ^
- Te4[(s1 >> 8) & 0xff] << 8 ^
- Te4[(s2 >> 16) & 0xff] << 16 ^
- Te4[(s3 >> 24) ] << 24;
- t[1] = Te4[(s1 ) & 0xff] ^
- Te4[(s2 >> 8) & 0xff] << 8 ^
- Te4[(s3 >> 16) & 0xff] << 16 ^
- Te4[(s0 >> 24) ] << 24;
- t[2] = Te4[(s2 ) & 0xff] ^
- Te4[(s3 >> 8) & 0xff] << 8 ^
- Te4[(s0 >> 16) & 0xff] << 16 ^
- Te4[(s1 >> 24) ] << 24;
- t[3] = Te4[(s3 ) & 0xff] ^
- Te4[(s0 >> 8) & 0xff] << 8 ^
- Te4[(s1 >> 16) & 0xff] << 16 ^
- Te4[(s2 >> 24) ] << 24;
+ t[0] = (u32)Te4[(s0 ) & 0xff] ^
+ (u32)Te4[(s1 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s2 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s3 >> 24) ] << 24;
+ t[1] = (u32)Te4[(s1 ) & 0xff] ^
+ (u32)Te4[(s2 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s3 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s0 >> 24) ] << 24;
+ t[2] = (u32)Te4[(s2 ) & 0xff] ^
+ (u32)Te4[(s3 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s0 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s1 >> 24) ] << 24;
+ t[3] = (u32)Te4[(s3 ) & 0xff] ^
+ (u32)Te4[(s0 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s1 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s2 >> 24) ] << 24;
/* now do the linear transform using words */
{ int i;
@@ -742,22 +742,22 @@ void AES_encrypt(const unsigned char *in, unsigned char *out,
*/
for (rk+=8,r=key->rounds-2; r>0; rk+=4,r--) {
#if defined(AES_COMPACT_IN_INNER_ROUNDS)
- t[0] = Te4[(s0 ) & 0xff] ^
- Te4[(s1 >> 8) & 0xff] << 8 ^
- Te4[(s2 >> 16) & 0xff] << 16 ^
- Te4[(s3 >> 24) ] << 24;
- t[1] = Te4[(s1 ) & 0xff] ^
- Te4[(s2 >> 8) & 0xff] << 8 ^
- Te4[(s3 >> 16) & 0xff] << 16 ^
- Te4[(s0 >> 24) ] << 24;
- t[2] = Te4[(s2 ) & 0xff] ^
- Te4[(s3 >> 8) & 0xff] << 8 ^
- Te4[(s0 >> 16) & 0xff] << 16 ^
- Te4[(s1 >> 24) ] << 24;
- t[3] = Te4[(s3 ) & 0xff] ^
- Te4[(s0 >> 8) & 0xff] << 8 ^
- Te4[(s1 >> 16) & 0xff] << 16 ^
- Te4[(s2 >> 24) ] << 24;
+ t[0] = (u32)Te4[(s0 ) & 0xff] ^
+ (u32)Te4[(s1 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s2 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s3 >> 24) ] << 24;
+ t[1] = (u32)Te4[(s1 ) & 0xff] ^
+ (u32)Te4[(s2 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s3 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s0 >> 24) ] << 24;
+ t[2] = (u32)Te4[(s2 ) & 0xff] ^
+ (u32)Te4[(s3 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s0 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s1 >> 24) ] << 24;
+ t[3] = (u32)Te4[(s3 ) & 0xff] ^
+ (u32)Te4[(s0 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s1 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s2 >> 24) ] << 24;
/* now do the linear transform using words */
{
@@ -812,28 +812,28 @@ void AES_encrypt(const unsigned char *in, unsigned char *out,
prefetch256(Te4);
*(u32*)(out+0) =
- Te4[(s0 ) & 0xff] ^
- Te4[(s1 >> 8) & 0xff] << 8 ^
- Te4[(s2 >> 16) & 0xff] << 16 ^
- Te4[(s3 >> 24) ] << 24 ^
+ (u32)Te4[(s0 ) & 0xff] ^
+ (u32)Te4[(s1 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s2 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s3 >> 24) ] << 24 ^
rk[0];
*(u32*)(out+4) =
- Te4[(s1 ) & 0xff] ^
- Te4[(s2 >> 8) & 0xff] << 8 ^
- Te4[(s3 >> 16) & 0xff] << 16 ^
- Te4[(s0 >> 24) ] << 24 ^
+ (u32)Te4[(s1 ) & 0xff] ^
+ (u32)Te4[(s2 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s3 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s0 >> 24) ] << 24 ^
rk[1];
*(u32*)(out+8) =
- Te4[(s2 ) & 0xff] ^
- Te4[(s3 >> 8) & 0xff] << 8 ^
- Te4[(s0 >> 16) & 0xff] << 16 ^
- Te4[(s1 >> 24) ] << 24 ^
+ (u32)Te4[(s2 ) & 0xff] ^
+ (u32)Te4[(s3 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s0 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s1 >> 24) ] << 24 ^
rk[2];
*(u32*)(out+12) =
- Te4[(s3 ) & 0xff] ^
- Te4[(s0 >> 8) & 0xff] << 8 ^
- Te4[(s1 >> 16) & 0xff] << 16 ^
- Te4[(s2 >> 24) ] << 24 ^
+ (u32)Te4[(s3 ) & 0xff] ^
+ (u32)Te4[(s0 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s1 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s2 >> 24) ] << 24 ^
rk[3];
#else
*(u32*)(out+0) =
@@ -890,22 +890,22 @@ void AES_decrypt(const unsigned char *in, unsigned char *out,
#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
prefetch256(Td4);
- t[0] = Td4[(s0 ) & 0xff] ^
- Td4[(s3 >> 8) & 0xff] << 8 ^
- Td4[(s2 >> 16) & 0xff] << 16 ^
- Td4[(s1 >> 24) ] << 24;
- t[1] = Td4[(s1 ) & 0xff] ^
- Td4[(s0 >> 8) & 0xff] << 8 ^
- Td4[(s3 >> 16) & 0xff] << 16 ^
- Td4[(s2 >> 24) ] << 24;
- t[2] = Td4[(s2 ) & 0xff] ^
- Td4[(s1 >> 8) & 0xff] << 8 ^
- Td4[(s0 >> 16) & 0xff] << 16 ^
- Td4[(s3 >> 24) ] << 24;
- t[3] = Td4[(s3 ) & 0xff] ^
- Td4[(s2 >> 8) & 0xff] << 8 ^
- Td4[(s1 >> 16) & 0xff] << 16 ^
- Td4[(s0 >> 24) ] << 24;
+ t[0] = (u32)Td4[(s0 ) & 0xff] ^
+ (u32)Td4[(s3 >> 8) & 0xff] << 8 ^
+ (u32)Td4[(s2 >> 16) & 0xff] << 16 ^
+ (u32)Td4[(s1 >> 24) ] << 24;
+ t[1] = (u32)Td4[(s1 ) & 0xff] ^
+ (u32)Td4[(s0 >> 8) & 0xff] << 8 ^
+ (u32)Td4[(s3 >> 16) & 0xff] << 16 ^
+ (u32)Td4[(s2 >> 24) ] << 24;
+ t[2] = (u32)Td4[(s2 ) & 0xff] ^
+ (u32)Td4[(s1 >> 8) & 0xff] << 8 ^
+ (u32)Td4[(s0 >> 16) & 0xff] << 16 ^
+ (u32)Td4[(s3 >> 24) ] << 24;
+ t[3] = (u32)Td4[(s3 ) & 0xff] ^
+ (u32)Td4[(s2 >> 8) & 0xff] << 8 ^
+ (u32)Td4[(s1 >> 16) & 0xff] << 16 ^
+ (u32)Td4[(s0 >> 24) ] << 24;
/* now do the linear transform using words */
{
@@ -967,22 +967,22 @@ void AES_decrypt(const unsigned char *in, unsigned char *out,
*/
for (rk+=8,r=key->rounds-2; r>0; rk+=4,r--) {
#if defined(AES_COMPACT_IN_INNER_ROUNDS)
- t[0] = Td4[(s0 ) & 0xff] ^
- Td4[(s3 >> 8) & 0xff] << 8 ^
- Td4[(s2 >> 16) & 0xff] << 16 ^
- Td4[(s1 >> 24) ] << 24;
- t[1] = Td4[(s1 ) & 0xff] ^
- Td4[(s0 >> 8) & 0xff] << 8 ^
- Td4[(s3 >> 16) & 0xff] << 16 ^
- Td4[(s2 >> 24) ] << 24;
- t[2] = Td4[(s2 ) & 0xff] ^
- Td4[(s1 >> 8) & 0xff] << 8 ^
- Td4[(s0 >> 16) & 0xff] << 16 ^
- Td4[(s3 >> 24) ] << 24;
- t[3] = Td4[(s3 ) & 0xff] ^
- Td4[(s2 >> 8) & 0xff] << 8 ^
- Td4[(s1 >> 16) & 0xff] << 16 ^
- Td4[(s0 >> 24) ] << 24;
+ t[0] = (u32)Td4[(s0 ) & 0xff] ^
+ (u32)Td4[(s3 >> 8) & 0xff] << 8 ^
+ (u32)Td4[(s2 >> 16) & 0xff] << 16 ^
+ (u32)Td4[(s1 >> 24) ] << 24;
+ t[1] = (u32)Td4[(s1 ) & 0xff] ^
+ (u32)Td4[(s0 >> 8) & 0xff] << 8 ^
+ (u32)Td4[(s3 >> 16) & 0xff] << 16 ^
+ (u32)Td4[(s2 >> 24) ] << 24;
+ t[2] = (u32)Td4[(s2 ) & 0xff] ^
+ (u32)Td4[(s1 >> 8) & 0xff] << 8 ^
+ (u32)Td4[(s0 >> 16) & 0xff] << 16 ^
+ (u32)Td4[(s3 >> 24) ] << 24;
+ t[3] = (u32)Td4[(s3 ) & 0xff] ^
+ (u32)Td4[(s2 >> 8) & 0xff] << 8 ^
+ (u32)Td4[(s1 >> 16) & 0xff] << 16 ^
+ (u32)Td4[(s0 >> 24) ] << 24;
/* now do the linear transform using words */
{
@@ -1046,27 +1046,27 @@ void AES_decrypt(const unsigned char *in, unsigned char *out,
prefetch256(Td4);
*(u32*)(out+0) =
- (Td4[(s0 ) & 0xff]) ^
- (Td4[(s3 >> 8) & 0xff] << 8) ^
- (Td4[(s2 >> 16) & 0xff] << 16) ^
- (Td4[(s1 >> 24) ] << 24) ^
+ ((u32)Td4[(s0 ) & 0xff]) ^
+ ((u32)Td4[(s3 >> 8) & 0xff] << 8) ^
+ ((u32)Td4[(s2 >> 16) & 0xff] << 16) ^
+ ((u32)Td4[(s1 >> 24) ] << 24) ^
rk[0];
*(u32*)(out+4) =
- (Td4[(s1 ) & 0xff]) ^
- (Td4[(s0 >> 8) & 0xff] << 8) ^
- (Td4[(s3 >> 16) & 0xff] << 16) ^
- (Td4[(s2 >> 24) ] << 24) ^
+ ((u32)Td4[(s1 ) & 0xff]) ^
+ ((u32)Td4[(s0 >> 8) & 0xff] << 8) ^
+ ((u32)Td4[(s3 >> 16) & 0xff] << 16) ^
+ ((u32)Td4[(s2 >> 24) ] << 24) ^
rk[1];
*(u32*)(out+8) =
- (Td4[(s2 ) & 0xff]) ^
- (Td4[(s1 >> 8) & 0xff] << 8) ^
- (Td4[(s0 >> 16) & 0xff] << 16) ^
- (Td4[(s3 >> 24) ] << 24) ^
+ ((u32)Td4[(s2 ) & 0xff]) ^
+ ((u32)Td4[(s1 >> 8) & 0xff] << 8) ^
+ ((u32)Td4[(s0 >> 16) & 0xff] << 16) ^
+ ((u32)Td4[(s3 >> 24) ] << 24) ^
rk[2];
*(u32*)(out+12) =
- (Td4[(s3 ) & 0xff]) ^
- (Td4[(s2 >> 8) & 0xff] << 8) ^
- (Td4[(s1 >> 16) & 0xff] << 16) ^
- (Td4[(s0 >> 24) ] << 24) ^
+ ((u32)Td4[(s3 ) & 0xff]) ^
+ ((u32)Td4[(s2 >> 8) & 0xff] << 8) ^
+ ((u32)Td4[(s1 >> 16) & 0xff] << 16) ^
+ ((u32)Td4[(s0 >> 24) ] << 24) ^
rk[3];
}
diff --git a/openssl/crypto/asn1/a_type.c b/openssl/crypto/asn1/a_type.c
index 4a36aff6a..af795306b 100644
--- a/openssl/crypto/asn1/a_type.c
+++ b/openssl/crypto/asn1/a_type.c
@@ -119,6 +119,9 @@ int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b)
case V_ASN1_OBJECT:
result = OBJ_cmp(a->value.object, b->value.object);
break;
+ case V_ASN1_BOOLEAN:
+ result = a->value.boolean - b->value.boolean;
+ break;
case V_ASN1_NULL:
result = 0; /* They do not have content. */
break;
diff --git a/openssl/crypto/asn1/a_utctm.c b/openssl/crypto/asn1/a_utctm.c
index 0578c8887..724a10be4 100644
--- a/openssl/crypto/asn1/a_utctm.c
+++ b/openssl/crypto/asn1/a_utctm.c
@@ -297,7 +297,7 @@ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
if (!OPENSSL_gmtime(&t, &ttm))
return -2;
- if (!OPENSSL_gmtime_diff(&day, &sec, &stm, &ttm))
+ if (!OPENSSL_gmtime_diff(&day, &sec, &ttm, &stm))
return -2;
if (day > 0)
diff --git a/openssl/crypto/asn1/asn1.h b/openssl/crypto/asn1/asn1.h
index bb6ac95bd..68e791fcd 100644
--- a/openssl/crypto/asn1/asn1.h
+++ b/openssl/crypto/asn1/asn1.h
@@ -795,6 +795,7 @@ DECLARE_ASN1_SET_OF(ASN1_OBJECT)
ASN1_STRING *ASN1_STRING_new(void);
void ASN1_STRING_free(ASN1_STRING *a);
+void ASN1_STRING_clear_free(ASN1_STRING *a);
int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str);
ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *a);
ASN1_STRING *ASN1_STRING_type_new(int type);
diff --git a/openssl/crypto/asn1/asn1_gen.c b/openssl/crypto/asn1/asn1_gen.c
index 132a9ef46..11b582dd3 100644
--- a/openssl/crypto/asn1/asn1_gen.c
+++ b/openssl/crypto/asn1/asn1_gen.c
@@ -279,6 +279,9 @@ static int asn1_cb(const char *elem, int len, void *bitstr)
int tmp_tag, tmp_class;
+ if (elem == NULL)
+ return 0;
+
for (i = 0, p = elem; i < len; p++, i++) {
/* Look for the ':' in name value pairs */
if (*p == ':') {
@@ -350,13 +353,17 @@ static int asn1_cb(const char *elem, int len, void *bitstr)
break;
case ASN1_GEN_FLAG_FORMAT:
+ if(!vstart) {
+ ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKNOWN_FORMAT);
+ return -1;
+ }
if (!strncmp(vstart, "ASCII", 5))
arg->format = ASN1_GEN_FORMAT_ASCII;
else if (!strncmp(vstart, "UTF8", 4))
arg->format = ASN1_GEN_FORMAT_UTF8;
else if (!strncmp(vstart, "HEX", 3))
arg->format = ASN1_GEN_FORMAT_HEX;
- else if (!strncmp(vstart, "BITLIST", 3))
+ else if (!strncmp(vstart, "BITLIST", 7))
arg->format = ASN1_GEN_FORMAT_BITLIST;
else {
ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKOWN_FORMAT);
diff --git a/openssl/crypto/asn1/asn1_lib.c b/openssl/crypto/asn1/asn1_lib.c
index 00733a6a8..0b61fc930 100644
--- a/openssl/crypto/asn1/asn1_lib.c
+++ b/openssl/crypto/asn1/asn1_lib.c
@@ -430,6 +430,13 @@ void ASN1_STRING_free(ASN1_STRING *a)
OPENSSL_free(a);
}
+void ASN1_STRING_clear_free(ASN1_STRING *a)
+{
+ if (a && a->data && !(a->flags & ASN1_STRING_FLAG_NDEF))
+ OPENSSL_cleanse(a->data, a->length);
+ ASN1_STRING_free(a);
+}
+
int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
{
int i;
diff --git a/openssl/crypto/asn1/asn1_par.c b/openssl/crypto/asn1/asn1_par.c
index f6cd4b2b8..a5d2da10b 100644
--- a/openssl/crypto/asn1/asn1_par.c
+++ b/openssl/crypto/asn1/asn1_par.c
@@ -337,7 +337,7 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
goto end;
}
} else {
- if (BIO_write(bp, "BAD ENUMERATED", 11) <= 0)
+ if (BIO_write(bp, "BAD ENUMERATED", 14) <= 0)
goto end;
}
M_ASN1_ENUMERATED_free(bs);
diff --git a/openssl/crypto/asn1/bio_ndef.c b/openssl/crypto/asn1/bio_ndef.c
index 5817a2b8a..4a73ca9ea 100644
--- a/openssl/crypto/asn1/bio_ndef.c
+++ b/openssl/crypto/asn1/bio_ndef.c
@@ -162,6 +162,9 @@ static int ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it);
p = OPENSSL_malloc(derlen);
+ if(!p)
+ return 0;
+
ndef_aux->derbuf = p;
*pbuf = p;
derlen = ASN1_item_ndef_i2d(ndef_aux->val, &p, ndef_aux->it);
@@ -229,6 +232,9 @@ static int ndef_suffix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it);
p = OPENSSL_malloc(derlen);
+ if(!p)
+ return 0;
+
ndef_aux->derbuf = p;
*pbuf = p;
derlen = ASN1_item_ndef_i2d(ndef_aux->val, &p, ndef_aux->it);
diff --git a/openssl/crypto/asn1/p8_pkey.c b/openssl/crypto/asn1/p8_pkey.c
index 90754831f..0a425cd29 100644
--- a/openssl/crypto/asn1/p8_pkey.c
+++ b/openssl/crypto/asn1/p8_pkey.c
@@ -69,7 +69,8 @@ static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
/* Since the structure must still be valid use ASN1_OP_FREE_PRE */
if (operation == ASN1_OP_FREE_PRE) {
PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval;
- if (key->pkey->value.octet_string)
+ if (key->pkey && key->pkey->type == V_ASN1_OCTET_STRING
+ && key->pkey->value.octet_string != NULL)
OPENSSL_cleanse(key->pkey->value.octet_string->data,
key->pkey->value.octet_string->length);
}
diff --git a/openssl/crypto/asn1/tasn_dec.c b/openssl/crypto/asn1/tasn_dec.c
index 459566440..7fd336a40 100644
--- a/openssl/crypto/asn1/tasn_dec.c
+++ b/openssl/crypto/asn1/tasn_dec.c
@@ -304,9 +304,16 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
case ASN1_ITYPE_CHOICE:
if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
goto auxerr;
-
- /* Allocate structure */
- if (!*pval && !ASN1_item_ex_new(pval, it)) {
+ if (*pval) {
+ /* Free up and zero CHOICE value if initialised */
+ i = asn1_get_choice_selector(pval, it);
+ if ((i >= 0) && (i < it->tcount)) {
+ tt = it->templates + i;
+ pchptr = asn1_get_field_ptr(pval, tt);
+ ASN1_template_free(pchptr, tt);
+ asn1_set_choice_selector(pval, -1, it);
+ }
+ } else if (!ASN1_item_ex_new(pval, it)) {
ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
goto err;
}
@@ -386,6 +393,17 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
goto auxerr;
+ /* Free up and zero any ADB found */
+ for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
+ if (tt->flags & ASN1_TFLG_ADB_MASK) {
+ const ASN1_TEMPLATE *seqtt;
+ ASN1_VALUE **pseqval;
+ seqtt = asn1_do_adb(pval, tt, 1);
+ pseqval = asn1_get_field_ptr(pval, seqtt);
+ ASN1_template_free(pseqval, seqtt);
+ }
+ }
+
/* Get each field entry */
for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
const ASN1_TEMPLATE *seqtt;
diff --git a/openssl/crypto/asn1/tasn_new.c b/openssl/crypto/asn1/tasn_new.c
index d25c68c54..7d2964f02 100644
--- a/openssl/crypto/asn1/tasn_new.c
+++ b/openssl/crypto/asn1/tasn_new.c
@@ -315,13 +315,16 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
ASN1_STRING *str;
int utype;
- if (it && it->funcs) {
+ if (!it)
+ return 0;
+
+ if (it->funcs) {
const ASN1_PRIMITIVE_FUNCS *pf = it->funcs;
if (pf->prim_new)
return pf->prim_new(pval, it);
}
- if (!it || (it->itype == ASN1_ITYPE_MSTRING))
+ if (it->itype == ASN1_ITYPE_MSTRING)
utype = -1;
else
utype = it->utype;
diff --git a/openssl/crypto/asn1/tasn_prn.c b/openssl/crypto/asn1/tasn_prn.c
index 11d784ccd..7c54f9d1d 100644
--- a/openssl/crypto/asn1/tasn_prn.c
+++ b/openssl/crypto/asn1/tasn_prn.c
@@ -220,6 +220,7 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
if (!asn1_template_print_ctx(out, fld, indent,
it->templates, pctx))
return 0;
+ break;
}
/* fall thru */
case ASN1_ITYPE_MSTRING:
@@ -289,6 +290,8 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
const ASN1_TEMPLATE *seqtt;
seqtt = asn1_do_adb(fld, tt, 1);
+ if(!seqtt)
+ return 0;
tmpfld = asn1_get_field_ptr(fld, seqtt);
if (!asn1_template_print_ctx(out, tmpfld,
indent + 2, seqtt, pctx))
diff --git a/openssl/crypto/asn1/x_bignum.c b/openssl/crypto/asn1/x_bignum.c
index 1f1036409..a5a403c26 100644
--- a/openssl/crypto/asn1/x_bignum.c
+++ b/openssl/crypto/asn1/x_bignum.c
@@ -98,46 +98,55 @@ ASN1_ITEM_end(CBIGNUM)
static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
- *pval = (ASN1_VALUE *)BN_new();
- if(*pval) return 1;
- else return 0;
+ *pval = (ASN1_VALUE *)BN_new();
+ if (*pval)
+ return 1;
+ else
+ return 0;
}
static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
- if(!*pval) return;
- if(it->size & BN_SENSITIVE) BN_clear_free((BIGNUM *)*pval);
- else BN_free((BIGNUM *)*pval);
- *pval = NULL;
+ if (!*pval)
+ return;
+ if (it->size & BN_SENSITIVE)
+ BN_clear_free((BIGNUM *)*pval);
+ else
+ BN_free((BIGNUM *)*pval);
+ *pval = NULL;
}
-static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it)
+static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
+ const ASN1_ITEM *it)
{
- BIGNUM *bn;
- int pad;
- if(!*pval) return -1;
- bn = (BIGNUM *)*pval;
- /* If MSB set in an octet we need a padding byte */
- if(BN_num_bits(bn) & 0x7) pad = 0;
- else pad = 1;
- if(cont) {
- if(pad) *cont++ = 0;
- BN_bn2bin(bn, cont);
- }
- return pad + BN_num_bytes(bn);
+ BIGNUM *bn;
+ int pad;
+ if (!*pval)
+ return -1;
+ bn = (BIGNUM *)*pval;
+ /* If MSB set in an octet we need a padding byte */
+ if (BN_num_bits(bn) & 0x7)
+ pad = 0;
+ else
+ pad = 1;
+ if (cont) {
+ if (pad)
+ *cont++ = 0;
+ BN_bn2bin(bn, cont);
+ }
+ return pad + BN_num_bytes(bn);
}
static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
int utype, char *free_cont, const ASN1_ITEM *it)
{
- BIGNUM *bn;
- if(!*pval) bn_new(pval, it);
- bn = (BIGNUM *)*pval;
- if(!BN_bin2bn(cont, len, bn)) {
- bn_free(pval, it);
- return 0;
- }
- return 1;
+ BIGNUM *bn;
+ if (!*pval)
+ bn_new(pval, it);
+ bn = (BIGNUM *)*pval;
+ if (!BN_bin2bn(cont, len, bn)) {
+ bn_free(pval, it);
+ return 0;
+ }
+ return 1;
}
-
-
diff --git a/openssl/crypto/asn1/x_long.c b/openssl/crypto/asn1/x_long.c
index f39361974..3aed44a3d 100644
--- a/openssl/crypto/asn1/x_long.c
+++ b/openssl/crypto/asn1/x_long.c
@@ -97,87 +97,100 @@ ASN1_ITEM_end(ZLONG)
static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
- *(long *)pval = it->size;
- return 1;
+ *(long *)pval = it->size;
+ return 1;
}
static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
- *(long *)pval = it->size;
+ *(long *)pval = it->size;
}
-static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it)
+static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
+ const ASN1_ITEM *it)
{
- long ltmp;
- unsigned long utmp;
- int clen, pad, i;
- /* this exists to bypass broken gcc optimization */
- char *cp = (char *)pval;
-
- /* use memcpy, because we may not be long aligned */
- memcpy(&ltmp, cp, sizeof(long));
-
- if(ltmp == it->size) return -1;
- /* Convert the long to positive: we subtract one if negative so
- * we can cleanly handle the padding if only the MSB of the leading
- * octet is set.
- */
- if(ltmp < 0) utmp = -ltmp - 1;
- else utmp = ltmp;
- clen = BN_num_bits_word(utmp);
- /* If MSB of leading octet set we need to pad */
- if(!(clen & 0x7)) pad = 1;
- else pad = 0;
-
- /* Convert number of bits to number of octets */
- clen = (clen + 7) >> 3;
-
- if(cont) {
- if(pad) *cont++ = (ltmp < 0) ? 0xff : 0;
- for(i = clen - 1; i >= 0; i--) {
- cont[i] = (unsigned char)(utmp & 0xff);
- if(ltmp < 0) cont[i] ^= 0xff;
- utmp >>= 8;
- }
+ long ltmp;
+ unsigned long utmp;
+ int clen, pad, i;
+ /* this exists to bypass broken gcc optimization */
+ char *cp = (char *)pval;
+
+ /* use memcpy, because we may not be long aligned */
+ memcpy(&ltmp, cp, sizeof(long));
+
+ if (ltmp == it->size)
+ return -1;
+ /*
+ * Convert the long to positive: we subtract one if negative so we can
+ * cleanly handle the padding if only the MSB of the leading octet is
+ * set.
+ */
+ if (ltmp < 0)
+ utmp = -ltmp - 1;
+ else
+ utmp = ltmp;
+ clen = BN_num_bits_word(utmp);
+ /* If MSB of leading octet set we need to pad */
+ if (!(clen & 0x7))
+ pad = 1;
+ else
+ pad = 0;
+
+ /* Convert number of bits to number of octets */
+ clen = (clen + 7) >> 3;
+
+ if (cont) {
+ if (pad)
+ *cont++ = (ltmp < 0) ? 0xff : 0;
+ for (i = clen - 1; i >= 0; i--) {
+ cont[i] = (unsigned char)(utmp & 0xff);
+ if (ltmp < 0)
+ cont[i] ^= 0xff;
+ utmp >>= 8;
}
- return clen + pad;
+ }
+ return clen + pad;
}
static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
int utype, char *free_cont, const ASN1_ITEM *it)
{
- int neg, i;
- long ltmp;
- unsigned long utmp = 0;
- char *cp = (char *)pval;
- if(len > (int)sizeof(long)) {
- ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
- return 0;
- }
- /* Is it negative? */
- if(len && (cont[0] & 0x80)) neg = 1;
- else neg = 0;
- utmp = 0;
- for(i = 0; i < len; i++) {
- utmp <<= 8;
- if(neg) utmp |= cont[i] ^ 0xff;
- else utmp |= cont[i];
- }
- ltmp = (long)utmp;
- if(neg) {
- ltmp++;
- ltmp = -ltmp;
- }
- if(ltmp == it->size) {
- ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
- return 0;
- }
- memcpy(cp, &ltmp, sizeof(long));
- return 1;
+ int neg, i;
+ long ltmp;
+ unsigned long utmp = 0;
+ char *cp = (char *)pval;
+ if (len > (int)sizeof(long)) {
+ ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
+ return 0;
+ }
+ /* Is it negative? */
+ if (len && (cont[0] & 0x80))
+ neg = 1;
+ else
+ neg = 0;
+ utmp = 0;
+ for (i = 0; i < len; i++) {
+ utmp <<= 8;
+ if (neg)
+ utmp |= cont[i] ^ 0xff;
+ else
+ utmp |= cont[i];
+ }
+ ltmp = (long)utmp;
+ if (neg) {
+ ltmp++;
+ ltmp = -ltmp;
+ }
+ if (ltmp == it->size) {
+ ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
+ return 0;
+ }
+ memcpy(cp, &ltmp, sizeof(long));
+ return 1;
}
static int long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it,
- int indent, const ASN1_PCTX *pctx)
- {
- return BIO_printf(out, "%ld\n", *(long *)pval);
- }
+ int indent, const ASN1_PCTX *pctx)
+{
+ return BIO_printf(out, "%ld\n", *(long *)pval);
+}
diff --git a/openssl/crypto/asn1/x_x509.c b/openssl/crypto/asn1/x_x509.c
index cd838e01c..55319acf9 100644
--- a/openssl/crypto/asn1/x_x509.c
+++ b/openssl/crypto/asn1/x_x509.c
@@ -172,8 +172,14 @@ X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
{
const unsigned char *q;
X509 *ret;
+ int freeret = 0;
+
/* Save start position */
q = *pp;
+
+ if(!a || *a == NULL) {
+ freeret = 1;
+ }
ret = d2i_X509(a, pp, length);
/* If certificate unreadable then forget it */
if (!ret)
@@ -186,7 +192,11 @@ X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
goto err;
return ret;
err:
- X509_free(ret);
+ if(freeret) {
+ X509_free(ret);
+ if (a)
+ *a = NULL;
+ }
return NULL;
}
diff --git a/openssl/crypto/bio/b_print.c b/openssl/crypto/bio/b_print.c
index 5dc763000..c2cf6e619 100644
--- a/openssl/crypto/bio/b_print.c
+++ b/openssl/crypto/bio/b_print.c
@@ -592,7 +592,6 @@ fmtfp(char **sbuffer,
int fplace = 0;
int padlen = 0;
int zpadlen = 0;
- int caps = 0;
long intpart;
long fracpart;
long max10;
@@ -630,8 +629,7 @@ fmtfp(char **sbuffer,
/* convert integer part */
do {
- iconvert[iplace++] =
- (caps ? "0123456789ABCDEF" : "0123456789abcdef")[intpart % 10];
+ iconvert[iplace++] = "0123456789"[intpart % 10];
intpart = (intpart / 10);
} while (intpart && (iplace < (int)sizeof(iconvert)));
if (iplace == sizeof iconvert)
@@ -640,8 +638,7 @@ fmtfp(char **sbuffer,
/* convert fractional part */
do {
- fconvert[fplace++] =
- (caps ? "0123456789ABCDEF" : "0123456789abcdef")[fracpart % 10];
+ fconvert[fplace++] = "0123456789"[fracpart % 10];
fracpart = (fracpart / 10);
} while (fplace < max);
if (fplace == sizeof fconvert)
@@ -713,6 +710,10 @@ doapr_outch(char **sbuffer,
if (*maxlen == 0)
*maxlen = 1024;
*buffer = OPENSSL_malloc(*maxlen);
+ if(!*buffer) {
+ /* Panic! Can't really do anything sensible. Just return */
+ return;
+ }
if (*currlen > 0) {
assert(*sbuffer != NULL);
memcpy(*buffer, *sbuffer, *currlen);
@@ -721,6 +722,10 @@ doapr_outch(char **sbuffer,
} else {
*maxlen += 1024;
*buffer = OPENSSL_realloc(*buffer, *maxlen);
+ if(!*buffer) {
+ /* Panic! Can't really do anything sensible. Just return */
+ return;
+ }
}
}
/* What to do if *buffer is NULL? */
diff --git a/openssl/crypto/bio/bio.h b/openssl/crypto/bio/bio.h
index 60083bfde..7878fb198 100644
--- a/openssl/crypto/bio/bio.h
+++ b/openssl/crypto/bio/bio.h
@@ -833,6 +833,7 @@ void ERR_load_BIO_strings(void);
# define BIO_F_CONN_CTRL 127
# define BIO_F_CONN_STATE 115
# define BIO_F_DGRAM_SCTP_READ 132
+# define BIO_F_DGRAM_SCTP_WRITE 133
# define BIO_F_FILE_CTRL 116
# define BIO_F_FILE_READ 130
# define BIO_F_LINEBUFFER_CTRL 129
diff --git a/openssl/crypto/bio/bio_cb.c b/openssl/crypto/bio/bio_cb.c
index 8715f5cbc..d3e860686 100644
--- a/openssl/crypto/bio/bio_cb.c
+++ b/openssl/crypto/bio/bio_cb.c
@@ -70,14 +70,17 @@ long MS_CALLBACK BIO_debug_callback(BIO *bio, int cmd, const char *argp,
MS_STATIC char buf[256];
char *p;
long r = 1;
+ int len;
size_t p_maxlen;
if (BIO_CB_RETURN & cmd)
r = ret;
- BIO_snprintf(buf, sizeof buf, "BIO[%08lX]:", (unsigned long)bio);
- p = &(buf[14]);
- p_maxlen = sizeof buf - 14;
+ len = BIO_snprintf(buf,sizeof buf,"BIO[%p]: ",(void *)bio);
+
+ p = buf + len;
+ p_maxlen = sizeof(buf) - len;
+
switch (cmd) {
case BIO_CB_FREE:
BIO_snprintf(p, p_maxlen, "Free - %s\n", bio->method->name);
diff --git a/openssl/crypto/bio/bio_err.c b/openssl/crypto/bio/bio_err.c
index e8d3027c6..d9007aa3d 100644
--- a/openssl/crypto/bio/bio_err.c
+++ b/openssl/crypto/bio/bio_err.c
@@ -1,6 +1,6 @@
/* crypto/bio/bio_err.c */
/* ====================================================================
- * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -96,6 +96,7 @@ static ERR_STRING_DATA BIO_str_functs[] = {
{ERR_FUNC(BIO_F_CONN_CTRL), "CONN_CTRL"},
{ERR_FUNC(BIO_F_CONN_STATE), "CONN_STATE"},
{ERR_FUNC(BIO_F_DGRAM_SCTP_READ), "DGRAM_SCTP_READ"},
+ {ERR_FUNC(BIO_F_DGRAM_SCTP_WRITE), "DGRAM_SCTP_WRITE"},
{ERR_FUNC(BIO_F_FILE_CTRL), "FILE_CTRL"},
{ERR_FUNC(BIO_F_FILE_READ), "FILE_READ"},
{ERR_FUNC(BIO_F_LINEBUFFER_CTRL), "LINEBUFFER_CTRL"},
diff --git a/openssl/crypto/bio/bss_dgram.c b/openssl/crypto/bio/bss_dgram.c
index fcbae5f74..388d90d02 100644
--- a/openssl/crypto/bio/bss_dgram.c
+++ b/openssl/crypto/bio/bss_dgram.c
@@ -1012,6 +1012,10 @@ BIO *BIO_new_dgram_sctp(int fd, int close_flag)
*/
sockopt_len = (socklen_t) (sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
authchunks = OPENSSL_malloc(sockopt_len);
+ if(!authchunks) {
+ BIO_vfree(bio);
+ return (NULL);
+ }
memset(authchunks, 0, sizeof(sockopt_len));
ret =
getsockopt(fd, IPPROTO_SCTP, SCTP_LOCAL_AUTH_CHUNKS, authchunks,
@@ -1347,6 +1351,10 @@ static int dgram_sctp_read(BIO *b, char *out, int outl)
optlen =
(socklen_t) (sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
authchunks = OPENSSL_malloc(optlen);
+ if (!authchunks) {
+ BIOerr(BIO_F_DGRAM_SCTP_READ, ERR_R_MALLOC_ERROR);
+ return -1;
+ }
memset(authchunks, 0, sizeof(optlen));
ii = getsockopt(b->num, IPPROTO_SCTP, SCTP_PEER_AUTH_CHUNKS,
authchunks, &optlen);
@@ -1413,10 +1421,15 @@ static int dgram_sctp_write(BIO *b, const char *in, int inl)
* yet, we have to save it and send it as soon as the socket gets dry.
*/
if (data->save_shutdown && !BIO_dgram_sctp_wait_for_dry(b)) {
+ char *tmp;
data->saved_message.bio = b;
+ if(!(tmp = OPENSSL_malloc(inl))) {
+ BIOerr(BIO_F_DGRAM_SCTP_WRITE, ERR_R_MALLOC_ERROR);
+ return -1;
+ }
if (data->saved_message.data)
OPENSSL_free(data->saved_message.data);
- data->saved_message.data = OPENSSL_malloc(inl);
+ data->saved_message.data = tmp;
memcpy(data->saved_message.data, in, inl);
data->saved_message.length = inl;
return inl;
diff --git a/openssl/crypto/bn/Makefile b/openssl/crypto/bn/Makefile
index 0cdbd2016..5361dc827 100644
--- a/openssl/crypto/bn/Makefile
+++ b/openssl/crypto/bn/Makefile
@@ -108,8 +108,6 @@ x86_64-mont5.s: asm/x86_64-mont5.pl
$(PERL) asm/x86_64-mont5.pl $(PERLASM_SCHEME) > $@
x86_64-gf2m.s: asm/x86_64-gf2m.pl
$(PERL) asm/x86_64-gf2m.pl $(PERLASM_SCHEME) > $@
-modexp512-x86_64.s: asm/modexp512-x86_64.pl
- $(PERL) asm/modexp512-x86_64.pl $(PERLASM_SCHEME) > $@
rsaz-x86_64.s: asm/rsaz-x86_64.pl
$(PERL) asm/rsaz-x86_64.pl $(PERLASM_SCHEME) > $@
rsaz-avx2.s: asm/rsaz-avx2.pl
diff --git a/openssl/crypto/bn/asm/modexp512-x86_64.pl b/openssl/crypto/bn/asm/modexp512-x86_64.pl
deleted file mode 100644
index bfd6e9754..000000000
--- a/openssl/crypto/bn/asm/modexp512-x86_64.pl
+++ /dev/null
@@ -1,1497 +0,0 @@
-#!/usr/bin/env perl
-#
-# Copyright (c) 2010-2011 Intel Corp.
-# Author: Vinodh.Gopal@intel.com
-# Jim Guilford
-# Erdinc.Ozturk@intel.com
-# Maxim.Perminov@intel.com
-#
-# More information about algorithm used can be found at:
-# http://www.cse.buffalo.edu/srds2009/escs2009_submission_Gopal.pdf
-#
-# ====================================================================
-# Copyright (c) 2011 The OpenSSL Project. All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# 1. Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# 2. Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# 3. All advertising materials mentioning features or use of this
-# software must display the following acknowledgment:
-# "This product includes software developed by the OpenSSL Project
-# for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
-#
-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
-# endorse or promote products derived from this software without
-# prior written permission. For written permission, please contact
-# licensing@OpenSSL.org.
-#
-# 5. Products derived from this software may not be called "OpenSSL"
-# nor may "OpenSSL" appear in their names without prior written
-# permission of the OpenSSL Project.
-#
-# 6. Redistributions of any form whatsoever must retain the following
-# acknowledgment:
-# "This product includes software developed by the OpenSSL Project
-# for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
-#
-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-# OF THE POSSIBILITY OF SUCH DAMAGE.
-# ====================================================================
-
-$flavour = shift;
-$output = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-my $win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-open OUT,"| \"$^X\" $xlate $flavour $output";
-*STDOUT=*OUT;
-
-use strict;
-my $code=".text\n\n";
-my $m=0;
-
-#
-# Define x512 macros
-#
-
-#MULSTEP_512_ADD MACRO x7, x6, x5, x4, x3, x2, x1, x0, dst, src1, src2, add_src, tmp1, tmp2
-#
-# uses rax, rdx, and args
-sub MULSTEP_512_ADD
-{
- my ($x, $DST, $SRC2, $ASRC, $OP, $TMP)=@_;
- my @X=@$x; # make a copy
-$code.=<<___;
- mov (+8*0)($SRC2), %rax
- mul $OP # rdx:rax = %OP * [0]
- mov ($ASRC), $X[0]
- add %rax, $X[0]
- adc \$0, %rdx
- mov $X[0], $DST
-___
-for(my $i=1;$i<8;$i++) {
-$code.=<<___;
- mov %rdx, $TMP
-
- mov (+8*$i)($SRC2), %rax
- mul $OP # rdx:rax = %OP * [$i]
- mov (+8*$i)($ASRC), $X[$i]
- add %rax, $X[$i]
- adc \$0, %rdx
- add $TMP, $X[$i]
- adc \$0, %rdx
-___
-}
-$code.=<<___;
- mov %rdx, $X[0]
-___
-}
-
-#MULSTEP_512 MACRO x7, x6, x5, x4, x3, x2, x1, x0, dst, src2, src1_val, tmp
-#
-# uses rax, rdx, and args
-sub MULSTEP_512
-{
- my ($x, $DST, $SRC2, $OP, $TMP)=@_;
- my @X=@$x; # make a copy
-$code.=<<___;
- mov (+8*0)($SRC2), %rax
- mul $OP # rdx:rax = %OP * [0]
- add %rax, $X[0]
- adc \$0, %rdx
- mov $X[0], $DST
-___
-for(my $i=1;$i<8;$i++) {
-$code.=<<___;
- mov %rdx, $TMP
-
- mov (+8*$i)($SRC2), %rax
- mul $OP # rdx:rax = %OP * [$i]
- add %rax, $X[$i]
- adc \$0, %rdx
- add $TMP, $X[$i]
- adc \$0, %rdx
-___
-}
-$code.=<<___;
- mov %rdx, $X[0]
-___
-}
-
-#
-# Swizzle Macros
-#
-
-# macro to copy data from flat space to swizzled table
-#MACRO swizzle pDst, pSrc, tmp1, tmp2
-# pDst and pSrc are modified
-sub swizzle
-{
- my ($pDst, $pSrc, $cnt, $d0)=@_;
-$code.=<<___;
- mov \$8, $cnt
-loop_$m:
- mov ($pSrc), $d0
- mov $d0#w, ($pDst)
- shr \$16, $d0
- mov $d0#w, (+64*1)($pDst)
- shr \$16, $d0
- mov $d0#w, (+64*2)($pDst)
- shr \$16, $d0
- mov $d0#w, (+64*3)($pDst)
- lea 8($pSrc), $pSrc
- lea 64*4($pDst), $pDst
- dec $cnt
- jnz loop_$m
-___
-
- $m++;
-}
-
-# macro to copy data from swizzled table to flat space
-#MACRO unswizzle pDst, pSrc, tmp*3
-sub unswizzle
-{
- my ($pDst, $pSrc, $cnt, $d0, $d1)=@_;
-$code.=<<___;
- mov \$4, $cnt
-loop_$m:
- movzxw (+64*3+256*0)($pSrc), $d0
- movzxw (+64*3+256*1)($pSrc), $d1
- shl \$16, $d0
- shl \$16, $d1
- mov (+64*2+256*0)($pSrc), $d0#w
- mov (+64*2+256*1)($pSrc), $d1#w
- shl \$16, $d0
- shl \$16, $d1
- mov (+64*1+256*0)($pSrc), $d0#w
- mov (+64*1+256*1)($pSrc), $d1#w
- shl \$16, $d0
- shl \$16, $d1
- mov (+64*0+256*0)($pSrc), $d0#w
- mov (+64*0+256*1)($pSrc), $d1#w
- mov $d0, (+8*0)($pDst)
- mov $d1, (+8*1)($pDst)
- lea 256*2($pSrc), $pSrc
- lea 8*2($pDst), $pDst
- sub \$1, $cnt
- jnz loop_$m
-___
-
- $m++;
-}
-
-#
-# Data Structures
-#
-
-# Reduce Data
-#
-#
-# Offset Value
-# 0C0 Carries
-# 0B8 X2[10]
-# 0B0 X2[9]
-# 0A8 X2[8]
-# 0A0 X2[7]
-# 098 X2[6]
-# 090 X2[5]
-# 088 X2[4]
-# 080 X2[3]
-# 078 X2[2]
-# 070 X2[1]
-# 068 X2[0]
-# 060 X1[12] P[10]
-# 058 X1[11] P[9] Z[8]
-# 050 X1[10] P[8] Z[7]
-# 048 X1[9] P[7] Z[6]
-# 040 X1[8] P[6] Z[5]
-# 038 X1[7] P[5] Z[4]
-# 030 X1[6] P[4] Z[3]
-# 028 X1[5] P[3] Z[2]
-# 020 X1[4] P[2] Z[1]
-# 018 X1[3] P[1] Z[0]
-# 010 X1[2] P[0] Y[2]
-# 008 X1[1] Q[1] Y[1]
-# 000 X1[0] Q[0] Y[0]
-
-my $X1_offset = 0; # 13 qwords
-my $X2_offset = $X1_offset + 13*8; # 11 qwords
-my $Carries_offset = $X2_offset + 11*8; # 1 qword
-my $Q_offset = 0; # 2 qwords
-my $P_offset = $Q_offset + 2*8; # 11 qwords
-my $Y_offset = 0; # 3 qwords
-my $Z_offset = $Y_offset + 3*8; # 9 qwords
-
-my $Red_Data_Size = $Carries_offset + 1*8; # (25 qwords)
-
-#
-# Stack Frame
-#
-#
-# offset value
-# ... <old stack contents>
-# ...
-# 280 Garray
-
-# 278 tmp16[15]
-# ... ...
-# 200 tmp16[0]
-
-# 1F8 tmp[7]
-# ... ...
-# 1C0 tmp[0]
-
-# 1B8 GT[7]
-# ... ...
-# 180 GT[0]
-
-# 178 Reduce Data
-# ... ...
-# 0B8 Reduce Data
-# 0B0 reserved
-# 0A8 reserved
-# 0A0 reserved
-# 098 reserved
-# 090 reserved
-# 088 reduce result addr
-# 080 exp[8]
-
-# ...
-# 048 exp[1]
-# 040 exp[0]
-
-# 038 reserved
-# 030 loop_idx
-# 028 pg
-# 020 i
-# 018 pData ; arg 4
-# 010 pG ; arg 2
-# 008 pResult ; arg 1
-# 000 rsp ; stack pointer before subtract
-
-my $rsp_offset = 0;
-my $pResult_offset = 8*1 + $rsp_offset;
-my $pG_offset = 8*1 + $pResult_offset;
-my $pData_offset = 8*1 + $pG_offset;
-my $i_offset = 8*1 + $pData_offset;
-my $pg_offset = 8*1 + $i_offset;
-my $loop_idx_offset = 8*1 + $pg_offset;
-my $reserved1_offset = 8*1 + $loop_idx_offset;
-my $exp_offset = 8*1 + $reserved1_offset;
-my $red_result_addr_offset= 8*9 + $exp_offset;
-my $reserved2_offset = 8*1 + $red_result_addr_offset;
-my $Reduce_Data_offset = 8*5 + $reserved2_offset;
-my $GT_offset = $Red_Data_Size + $Reduce_Data_offset;
-my $tmp_offset = 8*8 + $GT_offset;
-my $tmp16_offset = 8*8 + $tmp_offset;
-my $garray_offset = 8*16 + $tmp16_offset;
-my $mem_size = 8*8*32 + $garray_offset;
-
-#
-# Offsets within Reduce Data
-#
-#
-# struct MODF_2FOLD_MONT_512_C1_DATA {
-# UINT64 t[8][8];
-# UINT64 m[8];
-# UINT64 m1[8]; /* 2^768 % m */
-# UINT64 m2[8]; /* 2^640 % m */
-# UINT64 k1[2]; /* (- 1/m) % 2^128 */
-# };
-
-my $T = 0;
-my $M = 512; # = 8 * 8 * 8
-my $M1 = 576; # = 8 * 8 * 9 /* += 8 * 8 */
-my $M2 = 640; # = 8 * 8 * 10 /* += 8 * 8 */
-my $K1 = 704; # = 8 * 8 * 11 /* += 8 * 8 */
-
-#
-# FUNCTIONS
-#
-
-{{{
-#
-# MULADD_128x512 : Function to multiply 128-bits (2 qwords) by 512-bits (8 qwords)
-# and add 512-bits (8 qwords)
-# to get 640 bits (10 qwords)
-# Input: 128-bit mul source: [rdi+8*1], rbp
-# 512-bit mul source: [rsi+8*n]
-# 512-bit add source: r15, r14, ..., r9, r8
-# Output: r9, r8, r15, r14, r13, r12, r11, r10, [rcx+8*1], [rcx+8*0]
-# Clobbers all regs except: rcx, rsi, rdi
-$code.=<<___;
-.type MULADD_128x512,\@abi-omnipotent
-.align 16
-MULADD_128x512:
-___
- &MULSTEP_512([map("%r$_",(8..15))], "(+8*0)(%rcx)", "%rsi", "%rbp", "%rbx");
-$code.=<<___;
- mov (+8*1)(%rdi), %rbp
-___
- &MULSTEP_512([map("%r$_",(9..15,8))], "(+8*1)(%rcx)", "%rsi", "%rbp", "%rbx");
-$code.=<<___;
- ret
-.size MULADD_128x512,.-MULADD_128x512
-___
-}}}
-
-{{{
-#MULADD_256x512 MACRO pDst, pA, pB, OP, TMP, X7, X6, X5, X4, X3, X2, X1, X0
-#
-# Inputs: pDst: Destination (768 bits, 12 qwords)
-# pA: Multiplicand (1024 bits, 16 qwords)
-# pB: Multiplicand (512 bits, 8 qwords)
-# Dst = Ah * B + Al
-# where Ah is (in qwords) A[15:12] (256 bits) and Al is A[7:0] (512 bits)
-# Results in X3 X2 X1 X0 X7 X6 X5 X4 Dst[3:0]
-# Uses registers: arguments, RAX, RDX
-sub MULADD_256x512
-{
- my ($pDst, $pA, $pB, $OP, $TMP, $X)=@_;
-$code.=<<___;
- mov (+8*12)($pA), $OP
-___
- &MULSTEP_512_ADD($X, "(+8*0)($pDst)", $pB, $pA, $OP, $TMP);
- push(@$X,shift(@$X));
-
-$code.=<<___;
- mov (+8*13)($pA), $OP
-___
- &MULSTEP_512($X, "(+8*1)($pDst)", $pB, $OP, $TMP);
- push(@$X,shift(@$X));
-
-$code.=<<___;
- mov (+8*14)($pA), $OP
-___
- &MULSTEP_512($X, "(+8*2)($pDst)", $pB, $OP, $TMP);
- push(@$X,shift(@$X));
-
-$code.=<<___;
- mov (+8*15)($pA), $OP
-___
- &MULSTEP_512($X, "(+8*3)($pDst)", $pB, $OP, $TMP);
- push(@$X,shift(@$X));
-}
-
-#
-# mont_reduce(UINT64 *x, /* 1024 bits, 16 qwords */
-# UINT64 *m, /* 512 bits, 8 qwords */
-# MODF_2FOLD_MONT_512_C1_DATA *data,
-# UINT64 *r) /* 512 bits, 8 qwords */
-# Input: x (number to be reduced): tmp16 (Implicit)
-# m (modulus): [pM] (Implicit)
-# data (reduce data): [pData] (Implicit)
-# Output: r (result): Address in [red_res_addr]
-# result also in: r9, r8, r15, r14, r13, r12, r11, r10
-
-my @X=map("%r$_",(8..15));
-
-$code.=<<___;
-.type mont_reduce,\@abi-omnipotent
-.align 16
-mont_reduce:
-___
-
-my $STACK_DEPTH = 8;
- #
- # X1 = Xh * M1 + Xl
-$code.=<<___;
- lea (+$Reduce_Data_offset+$X1_offset+$STACK_DEPTH)(%rsp), %rdi # pX1 (Dst) 769 bits, 13 qwords
- mov (+$pData_offset+$STACK_DEPTH)(%rsp), %rsi # pM1 (Bsrc) 512 bits, 8 qwords
- add \$$M1, %rsi
- lea (+$tmp16_offset+$STACK_DEPTH)(%rsp), %rcx # X (Asrc) 1024 bits, 16 qwords
-
-___
-
- &MULADD_256x512("%rdi", "%rcx", "%rsi", "%rbp", "%rbx", \@X); # rotates @X 4 times
- # results in r11, r10, r9, r8, r15, r14, r13, r12, X1[3:0]
-
-$code.=<<___;
- xor %rax, %rax
- # X1 += xl
- add (+8*8)(%rcx), $X[4]
- adc (+8*9)(%rcx), $X[5]
- adc (+8*10)(%rcx), $X[6]
- adc (+8*11)(%rcx), $X[7]
- adc \$0, %rax
- # X1 is now rax, r11-r8, r15-r12, tmp16[3:0]
-
- #
- # check for carry ;; carry stored in rax
- mov $X[4], (+8*8)(%rdi) # rdi points to X1
- mov $X[5], (+8*9)(%rdi)
- mov $X[6], %rbp
- mov $X[7], (+8*11)(%rdi)
-
- mov %rax, (+$Reduce_Data_offset+$Carries_offset+$STACK_DEPTH)(%rsp)
-
- mov (+8*0)(%rdi), $X[4]
- mov (+8*1)(%rdi), $X[5]
- mov (+8*2)(%rdi), $X[6]
- mov (+8*3)(%rdi), $X[7]
-
- # X1 is now stored in: X1[11], rbp, X1[9:8], r15-r8
- # rdi -> X1
- # rsi -> M1
-
- #
- # X2 = Xh * M2 + Xl
- # do first part (X2 = Xh * M2)
- add \$8*10, %rdi # rdi -> pXh ; 128 bits, 2 qwords
- # Xh is actually { [rdi+8*1], rbp }
- add \$`$M2-$M1`, %rsi # rsi -> M2
- lea (+$Reduce_Data_offset+$X2_offset+$STACK_DEPTH)(%rsp), %rcx # rcx -> pX2 ; 641 bits, 11 qwords
-___
- unshift(@X,pop(@X)); unshift(@X,pop(@X));
-$code.=<<___;
-
- call MULADD_128x512 # args in rcx, rdi / rbp, rsi, r15-r8
- # result in r9, r8, r15, r14, r13, r12, r11, r10, X2[1:0]
- mov (+$Reduce_Data_offset+$Carries_offset+$STACK_DEPTH)(%rsp), %rax
-
- # X2 += Xl
- add (+8*8-8*10)(%rdi), $X[6] # (-8*10) is to adjust rdi -> Xh to Xl
- adc (+8*9-8*10)(%rdi), $X[7]
- mov $X[6], (+8*8)(%rcx)
- mov $X[7], (+8*9)(%rcx)
-
- adc %rax, %rax
- mov %rax, (+$Reduce_Data_offset+$Carries_offset+$STACK_DEPTH)(%rsp)
-
- lea (+$Reduce_Data_offset+$Q_offset+$STACK_DEPTH)(%rsp), %rdi # rdi -> pQ ; 128 bits, 2 qwords
- add \$`$K1-$M2`, %rsi # rsi -> pK1 ; 128 bits, 2 qwords
-
- # MUL_128x128t128 rdi, rcx, rsi ; Q = X2 * K1 (bottom half)
- # B1:B0 = rsi[1:0] = K1[1:0]
- # A1:A0 = rcx[1:0] = X2[1:0]
- # Result = rdi[1],rbp = Q[1],rbp
- mov (%rsi), %r8 # B0
- mov (+8*1)(%rsi), %rbx # B1
-
- mov (%rcx), %rax # A0
- mul %r8 # B0
- mov %rax, %rbp
- mov %rdx, %r9
-
- mov (+8*1)(%rcx), %rax # A1
- mul %r8 # B0
- add %rax, %r9
-
- mov (%rcx), %rax # A0
- mul %rbx # B1
- add %rax, %r9
-
- mov %r9, (+8*1)(%rdi)
- # end MUL_128x128t128
-
- sub \$`$K1-$M`, %rsi
-
- mov (%rcx), $X[6]
- mov (+8*1)(%rcx), $X[7] # r9:r8 = X2[1:0]
-
- call MULADD_128x512 # args in rcx, rdi / rbp, rsi, r15-r8
- # result in r9, r8, r15, r14, r13, r12, r11, r10, X2[1:0]
-
- # load first half of m to rdx, rdi, rbx, rax
- # moved this here for efficiency
- mov (+8*0)(%rsi), %rax
- mov (+8*1)(%rsi), %rbx
- mov (+8*2)(%rsi), %rdi
- mov (+8*3)(%rsi), %rdx
-
- # continue with reduction
- mov (+$Reduce_Data_offset+$Carries_offset+$STACK_DEPTH)(%rsp), %rbp
-
- add (+8*8)(%rcx), $X[6]
- adc (+8*9)(%rcx), $X[7]
-
- #accumulate the final carry to rbp
- adc %rbp, %rbp
-
- # Add in overflow corrections: R = (X2>>128) += T[overflow]
- # R = {r9, r8, r15, r14, ..., r10}
- shl \$3, %rbp
- mov (+$pData_offset+$STACK_DEPTH)(%rsp), %rcx # rsi -> Data (and points to T)
- add %rcx, %rbp # pT ; 512 bits, 8 qwords, spread out
-
- # rsi will be used to generate a mask after the addition
- xor %rsi, %rsi
-
- add (+8*8*0)(%rbp), $X[0]
- adc (+8*8*1)(%rbp), $X[1]
- adc (+8*8*2)(%rbp), $X[2]
- adc (+8*8*3)(%rbp), $X[3]
- adc (+8*8*4)(%rbp), $X[4]
- adc (+8*8*5)(%rbp), $X[5]
- adc (+8*8*6)(%rbp), $X[6]
- adc (+8*8*7)(%rbp), $X[7]
-
- # if there is a carry: rsi = 0xFFFFFFFFFFFFFFFF
- # if carry is clear: rsi = 0x0000000000000000
- sbb \$0, %rsi
-
- # if carry is clear, subtract 0. Otherwise, subtract 256 bits of m
- and %rsi, %rax
- and %rsi, %rbx
- and %rsi, %rdi
- and %rsi, %rdx
-
- mov \$1, %rbp
- sub %rax, $X[0]
- sbb %rbx, $X[1]
- sbb %rdi, $X[2]
- sbb %rdx, $X[3]
-
- # if there is a borrow: rbp = 0
- # if there is no borrow: rbp = 1
- # this is used to save the borrows in between the first half and the 2nd half of the subtraction of m
- sbb \$0, %rbp
-
- #load second half of m to rdx, rdi, rbx, rax
-
- add \$$M, %rcx
- mov (+8*4)(%rcx), %rax
- mov (+8*5)(%rcx), %rbx
- mov (+8*6)(%rcx), %rdi
- mov (+8*7)(%rcx), %rdx
-
- # use the rsi mask as before
- # if carry is clear, subtract 0. Otherwise, subtract 256 bits of m
- and %rsi, %rax
- and %rsi, %rbx
- and %rsi, %rdi
- and %rsi, %rdx
-
- # if rbp = 0, there was a borrow before, it is moved to the carry flag
- # if rbp = 1, there was not a borrow before, carry flag is cleared
- sub \$1, %rbp
-
- sbb %rax, $X[4]
- sbb %rbx, $X[5]
- sbb %rdi, $X[6]
- sbb %rdx, $X[7]
-
- # write R back to memory
-
- mov (+$red_result_addr_offset+$STACK_DEPTH)(%rsp), %rsi
- mov $X[0], (+8*0)(%rsi)
- mov $X[1], (+8*1)(%rsi)
- mov $X[2], (+8*2)(%rsi)
- mov $X[3], (+8*3)(%rsi)
- mov $X[4], (+8*4)(%rsi)
- mov $X[5], (+8*5)(%rsi)
- mov $X[6], (+8*6)(%rsi)
- mov $X[7], (+8*7)(%rsi)
-
- ret
-.size mont_reduce,.-mont_reduce
-___
-}}}
-
-{{{
-#MUL_512x512 MACRO pDst, pA, pB, x7, x6, x5, x4, x3, x2, x1, x0, tmp*2
-#
-# Inputs: pDst: Destination (1024 bits, 16 qwords)
-# pA: Multiplicand (512 bits, 8 qwords)
-# pB: Multiplicand (512 bits, 8 qwords)
-# Uses registers rax, rdx, args
-# B operand in [pB] and also in x7...x0
-sub MUL_512x512
-{
- my ($pDst, $pA, $pB, $x, $OP, $TMP, $pDst_o)=@_;
- my ($pDst, $pDst_o) = ($pDst =~ m/([^+]*)\+?(.*)?/);
- my @X=@$x; # make a copy
-
-$code.=<<___;
- mov (+8*0)($pA), $OP
-
- mov $X[0], %rax
- mul $OP # rdx:rax = %OP * [0]
- mov %rax, (+$pDst_o+8*0)($pDst)
- mov %rdx, $X[0]
-___
-for(my $i=1;$i<8;$i++) {
-$code.=<<___;
- mov $X[$i], %rax
- mul $OP # rdx:rax = %OP * [$i]
- add %rax, $X[$i-1]
- adc \$0, %rdx
- mov %rdx, $X[$i]
-___
-}
-
-for(my $i=1;$i<8;$i++) {
-$code.=<<___;
- mov (+8*$i)($pA), $OP
-___
-
- &MULSTEP_512(\@X, "(+$pDst_o+8*$i)($pDst)", $pB, $OP, $TMP);
- push(@X,shift(@X));
-}
-
-$code.=<<___;
- mov $X[0], (+$pDst_o+8*8)($pDst)
- mov $X[1], (+$pDst_o+8*9)($pDst)
- mov $X[2], (+$pDst_o+8*10)($pDst)
- mov $X[3], (+$pDst_o+8*11)($pDst)
- mov $X[4], (+$pDst_o+8*12)($pDst)
- mov $X[5], (+$pDst_o+8*13)($pDst)
- mov $X[6], (+$pDst_o+8*14)($pDst)
- mov $X[7], (+$pDst_o+8*15)($pDst)
-___
-}
-
-#
-# mont_mul_a3b : subroutine to compute (Src1 * Src2) % M (all 512-bits)
-# Input: src1: Address of source 1: rdi
-# src2: Address of source 2: rsi
-# Output: dst: Address of destination: [red_res_addr]
-# src2 and result also in: r9, r8, r15, r14, r13, r12, r11, r10
-# Temp: Clobbers [tmp16], all registers
-$code.=<<___;
-.type mont_mul_a3b,\@abi-omnipotent
-.align 16
-mont_mul_a3b:
- #
- # multiply tmp = src1 * src2
- # For multiply: dst = rcx, src1 = rdi, src2 = rsi
- # stack depth is extra 8 from call
-___
- &MUL_512x512("%rsp+$tmp16_offset+8", "%rdi", "%rsi", [map("%r$_",(10..15,8..9))], "%rbp", "%rbx");
-$code.=<<___;
- #
- # Dst = tmp % m
- # Call reduce(tmp, m, data, dst)
-
- # tail recursion optimization: jmp to mont_reduce and return from there
- jmp mont_reduce
- # call mont_reduce
- # ret
-.size mont_mul_a3b,.-mont_mul_a3b
-___
-}}}
-
-{{{
-#SQR_512 MACRO pDest, pA, x7, x6, x5, x4, x3, x2, x1, x0, tmp*4
-#
-# Input in memory [pA] and also in x7...x0
-# Uses all argument registers plus rax and rdx
-#
-# This version computes all of the off-diagonal terms into memory,
-# and then it adds in the diagonal terms
-
-sub SQR_512
-{
- my ($pDst, $pA, $x, $A, $tmp, $x7, $x6, $pDst_o)=@_;
- my ($pDst, $pDst_o) = ($pDst =~ m/([^+]*)\+?(.*)?/);
- my @X=@$x; # make a copy
-$code.=<<___;
- # ------------------
- # first pass 01...07
- # ------------------
- mov $X[0], $A
-
- mov $X[1],%rax
- mul $A
- mov %rax, (+$pDst_o+8*1)($pDst)
-___
-for(my $i=2;$i<8;$i++) {
-$code.=<<___;
- mov %rdx, $X[$i-2]
- mov $X[$i],%rax
- mul $A
- add %rax, $X[$i-2]
- adc \$0, %rdx
-___
-}
-$code.=<<___;
- mov %rdx, $x7
-
- mov $X[0], (+$pDst_o+8*2)($pDst)
-
- # ------------------
- # second pass 12...17
- # ------------------
-
- mov (+8*1)($pA), $A
-
- mov (+8*2)($pA),%rax
- mul $A
- add %rax, $X[1]
- adc \$0, %rdx
- mov $X[1], (+$pDst_o+8*3)($pDst)
-
- mov %rdx, $X[0]
- mov (+8*3)($pA),%rax
- mul $A
- add %rax, $X[2]
- adc \$0, %rdx
- add $X[0], $X[2]
- adc \$0, %rdx
- mov $X[2], (+$pDst_o+8*4)($pDst)
-
- mov %rdx, $X[0]
- mov (+8*4)($pA),%rax
- mul $A
- add %rax, $X[3]
- adc \$0, %rdx
- add $X[0], $X[3]
- adc \$0, %rdx
-
- mov %rdx, $X[0]
- mov (+8*5)($pA),%rax
- mul $A
- add %rax, $X[4]
- adc \$0, %rdx
- add $X[0], $X[4]
- adc \$0, %rdx
-
- mov %rdx, $X[0]
- mov $X[6],%rax
- mul $A
- add %rax, $X[5]
- adc \$0, %rdx
- add $X[0], $X[5]
- adc \$0, %rdx
-
- mov %rdx, $X[0]
- mov $X[7],%rax
- mul $A
- add %rax, $x7
- adc \$0, %rdx
- add $X[0], $x7
- adc \$0, %rdx
-
- mov %rdx, $X[1]
-
- # ------------------
- # third pass 23...27
- # ------------------
- mov (+8*2)($pA), $A
-
- mov (+8*3)($pA),%rax
- mul $A
- add %rax, $X[3]
- adc \$0, %rdx
- mov $X[3], (+$pDst_o+8*5)($pDst)
-
- mov %rdx, $X[0]
- mov (+8*4)($pA),%rax
- mul $A
- add %rax, $X[4]
- adc \$0, %rdx
- add $X[0], $X[4]
- adc \$0, %rdx
- mov $X[4], (+$pDst_o+8*6)($pDst)
-
- mov %rdx, $X[0]
- mov (+8*5)($pA),%rax
- mul $A
- add %rax, $X[5]
- adc \$0, %rdx
- add $X[0], $X[5]
- adc \$0, %rdx
-
- mov %rdx, $X[0]
- mov $X[6],%rax
- mul $A
- add %rax, $x7
- adc \$0, %rdx
- add $X[0], $x7
- adc \$0, %rdx
-
- mov %rdx, $X[0]
- mov $X[7],%rax
- mul $A
- add %rax, $X[1]
- adc \$0, %rdx
- add $X[0], $X[1]
- adc \$0, %rdx
-
- mov %rdx, $X[2]
-
- # ------------------
- # fourth pass 34...37
- # ------------------
-
- mov (+8*3)($pA), $A
-
- mov (+8*4)($pA),%rax
- mul $A
- add %rax, $X[5]
- adc \$0, %rdx
- mov $X[5], (+$pDst_o+8*7)($pDst)
-
- mov %rdx, $X[0]
- mov (+8*5)($pA),%rax
- mul $A
- add %rax, $x7
- adc \$0, %rdx
- add $X[0], $x7
- adc \$0, %rdx
- mov $x7, (+$pDst_o+8*8)($pDst)
-
- mov %rdx, $X[0]
- mov $X[6],%rax
- mul $A
- add %rax, $X[1]
- adc \$0, %rdx
- add $X[0], $X[1]
- adc \$0, %rdx
-
- mov %rdx, $X[0]
- mov $X[7],%rax
- mul $A
- add %rax, $X[2]
- adc \$0, %rdx
- add $X[0], $X[2]
- adc \$0, %rdx
-
- mov %rdx, $X[5]
-
- # ------------------
- # fifth pass 45...47
- # ------------------
- mov (+8*4)($pA), $A
-
- mov (+8*5)($pA),%rax
- mul $A
- add %rax, $X[1]
- adc \$0, %rdx
- mov $X[1], (+$pDst_o+8*9)($pDst)
-
- mov %rdx, $X[0]
- mov $X[6],%rax
- mul $A
- add %rax, $X[2]
- adc \$0, %rdx
- add $X[0], $X[2]
- adc \$0, %rdx
- mov $X[2], (+$pDst_o+8*10)($pDst)
-
- mov %rdx, $X[0]
- mov $X[7],%rax
- mul $A
- add %rax, $X[5]
- adc \$0, %rdx
- add $X[0], $X[5]
- adc \$0, %rdx
-
- mov %rdx, $X[1]
-
- # ------------------
- # sixth pass 56...57
- # ------------------
- mov (+8*5)($pA), $A
-
- mov $X[6],%rax
- mul $A
- add %rax, $X[5]
- adc \$0, %rdx
- mov $X[5], (+$pDst_o+8*11)($pDst)
-
- mov %rdx, $X[0]
- mov $X[7],%rax
- mul $A
- add %rax, $X[1]
- adc \$0, %rdx
- add $X[0], $X[1]
- adc \$0, %rdx
- mov $X[1], (+$pDst_o+8*12)($pDst)
-
- mov %rdx, $X[2]
-
- # ------------------
- # seventh pass 67
- # ------------------
- mov $X[6], $A
-
- mov $X[7],%rax
- mul $A
- add %rax, $X[2]
- adc \$0, %rdx
- mov $X[2], (+$pDst_o+8*13)($pDst)
-
- mov %rdx, (+$pDst_o+8*14)($pDst)
-
- # start finalize (add in squares, and double off-terms)
- mov (+$pDst_o+8*1)($pDst), $X[0]
- mov (+$pDst_o+8*2)($pDst), $X[1]
- mov (+$pDst_o+8*3)($pDst), $X[2]
- mov (+$pDst_o+8*4)($pDst), $X[3]
- mov (+$pDst_o+8*5)($pDst), $X[4]
- mov (+$pDst_o+8*6)($pDst), $X[5]
-
- mov (+8*3)($pA), %rax
- mul %rax
- mov %rax, $x6
- mov %rdx, $X[6]
-
- add $X[0], $X[0]
- adc $X[1], $X[1]
- adc $X[2], $X[2]
- adc $X[3], $X[3]
- adc $X[4], $X[4]
- adc $X[5], $X[5]
- adc \$0, $X[6]
-
- mov (+8*0)($pA), %rax
- mul %rax
- mov %rax, (+$pDst_o+8*0)($pDst)
- mov %rdx, $A
-
- mov (+8*1)($pA), %rax
- mul %rax
-
- add $A, $X[0]
- adc %rax, $X[1]
- adc \$0, %rdx
-
- mov %rdx, $A
- mov $X[0], (+$pDst_o+8*1)($pDst)
- mov $X[1], (+$pDst_o+8*2)($pDst)
-
- mov (+8*2)($pA), %rax
- mul %rax
-
- add $A, $X[2]
- adc %rax, $X[3]
- adc \$0, %rdx
-
- mov %rdx, $A
-
- mov $X[2], (+$pDst_o+8*3)($pDst)
- mov $X[3], (+$pDst_o+8*4)($pDst)
-
- xor $tmp, $tmp
- add $A, $X[4]
- adc $x6, $X[5]
- adc \$0, $tmp
-
- mov $X[4], (+$pDst_o+8*5)($pDst)
- mov $X[5], (+$pDst_o+8*6)($pDst)
-
- # %%tmp has 0/1 in column 7
- # %%A6 has a full value in column 7
-
- mov (+$pDst_o+8*7)($pDst), $X[0]
- mov (+$pDst_o+8*8)($pDst), $X[1]
- mov (+$pDst_o+8*9)($pDst), $X[2]
- mov (+$pDst_o+8*10)($pDst), $X[3]
- mov (+$pDst_o+8*11)($pDst), $X[4]
- mov (+$pDst_o+8*12)($pDst), $X[5]
- mov (+$pDst_o+8*13)($pDst), $x6
- mov (+$pDst_o+8*14)($pDst), $x7
-
- mov $X[7], %rax
- mul %rax
- mov %rax, $X[7]
- mov %rdx, $A
-
- add $X[0], $X[0]
- adc $X[1], $X[1]
- adc $X[2], $X[2]
- adc $X[3], $X[3]
- adc $X[4], $X[4]
- adc $X[5], $X[5]
- adc $x6, $x6
- adc $x7, $x7
- adc \$0, $A
-
- add $tmp, $X[0]
-
- mov (+8*4)($pA), %rax
- mul %rax
-
- add $X[6], $X[0]
- adc %rax, $X[1]
- adc \$0, %rdx
-
- mov %rdx, $tmp
-
- mov $X[0], (+$pDst_o+8*7)($pDst)
- mov $X[1], (+$pDst_o+8*8)($pDst)
-
- mov (+8*5)($pA), %rax
- mul %rax
-
- add $tmp, $X[2]
- adc %rax, $X[3]
- adc \$0, %rdx
-
- mov %rdx, $tmp
-
- mov $X[2], (+$pDst_o+8*9)($pDst)
- mov $X[3], (+$pDst_o+8*10)($pDst)
-
- mov (+8*6)($pA), %rax
- mul %rax
-
- add $tmp, $X[4]
- adc %rax, $X[5]
- adc \$0, %rdx
-
- mov $X[4], (+$pDst_o+8*11)($pDst)
- mov $X[5], (+$pDst_o+8*12)($pDst)
-
- add %rdx, $x6
- adc $X[7], $x7
- adc \$0, $A
-
- mov $x6, (+$pDst_o+8*13)($pDst)
- mov $x7, (+$pDst_o+8*14)($pDst)
- mov $A, (+$pDst_o+8*15)($pDst)
-___
-}
-
-#
-# sqr_reduce: subroutine to compute Result = reduce(Result * Result)
-#
-# input and result also in: r9, r8, r15, r14, r13, r12, r11, r10
-#
-$code.=<<___;
-.type sqr_reduce,\@abi-omnipotent
-.align 16
-sqr_reduce:
- mov (+$pResult_offset+8)(%rsp), %rcx
-___
- &SQR_512("%rsp+$tmp16_offset+8", "%rcx", [map("%r$_",(10..15,8..9))], "%rbx", "%rbp", "%rsi", "%rdi");
-$code.=<<___;
- # tail recursion optimization: jmp to mont_reduce and return from there
- jmp mont_reduce
- # call mont_reduce
- # ret
-.size sqr_reduce,.-sqr_reduce
-___
-}}}
-
-#
-# MAIN FUNCTION
-#
-
-#mod_exp_512(UINT64 *result, /* 512 bits, 8 qwords */
-# UINT64 *g, /* 512 bits, 8 qwords */
-# UINT64 *exp, /* 512 bits, 8 qwords */
-# struct mod_ctx_512 *data)
-
-# window size = 5
-# table size = 2^5 = 32
-#table_entries equ 32
-#table_size equ table_entries * 8
-$code.=<<___;
-.globl mod_exp_512
-.type mod_exp_512,\@function,4
-mod_exp_512:
- push %rbp
- push %rbx
- push %r12
- push %r13
- push %r14
- push %r15
-
- # adjust stack down and then align it with cache boundary
- mov %rsp, %r8
- sub \$$mem_size, %rsp
- and \$-64, %rsp
-
- # store previous stack pointer and arguments
- mov %r8, (+$rsp_offset)(%rsp)
- mov %rdi, (+$pResult_offset)(%rsp)
- mov %rsi, (+$pG_offset)(%rsp)
- mov %rcx, (+$pData_offset)(%rsp)
-.Lbody:
- # transform g into montgomery space
- # GT = reduce(g * C2) = reduce(g * (2^256))
- # reduce expects to have the input in [tmp16]
- pxor %xmm4, %xmm4
- movdqu (+16*0)(%rsi), %xmm0
- movdqu (+16*1)(%rsi), %xmm1
- movdqu (+16*2)(%rsi), %xmm2
- movdqu (+16*3)(%rsi), %xmm3
- movdqa %xmm4, (+$tmp16_offset+16*0)(%rsp)
- movdqa %xmm4, (+$tmp16_offset+16*1)(%rsp)
- movdqa %xmm4, (+$tmp16_offset+16*6)(%rsp)
- movdqa %xmm4, (+$tmp16_offset+16*7)(%rsp)
- movdqa %xmm0, (+$tmp16_offset+16*2)(%rsp)
- movdqa %xmm1, (+$tmp16_offset+16*3)(%rsp)
- movdqa %xmm2, (+$tmp16_offset+16*4)(%rsp)
- movdqa %xmm3, (+$tmp16_offset+16*5)(%rsp)
-
- # load pExp before rdx gets blown away
- movdqu (+16*0)(%rdx), %xmm0
- movdqu (+16*1)(%rdx), %xmm1
- movdqu (+16*2)(%rdx), %xmm2
- movdqu (+16*3)(%rdx), %xmm3
-
- lea (+$GT_offset)(%rsp), %rbx
- mov %rbx, (+$red_result_addr_offset)(%rsp)
- call mont_reduce
-
- # Initialize tmp = C
- lea (+$tmp_offset)(%rsp), %rcx
- xor %rax, %rax
- mov %rax, (+8*0)(%rcx)
- mov %rax, (+8*1)(%rcx)
- mov %rax, (+8*3)(%rcx)
- mov %rax, (+8*4)(%rcx)
- mov %rax, (+8*5)(%rcx)
- mov %rax, (+8*6)(%rcx)
- mov %rax, (+8*7)(%rcx)
- mov %rax, (+$exp_offset+8*8)(%rsp)
- movq \$1, (+8*2)(%rcx)
-
- lea (+$garray_offset)(%rsp), %rbp
- mov %rcx, %rsi # pTmp
- mov %rbp, %rdi # Garray[][0]
-___
-
- &swizzle("%rdi", "%rcx", "%rax", "%rbx");
-
- # for (rax = 31; rax != 0; rax--) {
- # tmp = reduce(tmp * G)
- # swizzle(pg, tmp);
- # pg += 2; }
-$code.=<<___;
- mov \$31, %rax
- mov %rax, (+$i_offset)(%rsp)
- mov %rbp, (+$pg_offset)(%rsp)
- # rsi -> pTmp
- mov %rsi, (+$red_result_addr_offset)(%rsp)
- mov (+8*0)(%rsi), %r10
- mov (+8*1)(%rsi), %r11
- mov (+8*2)(%rsi), %r12
- mov (+8*3)(%rsi), %r13
- mov (+8*4)(%rsi), %r14
- mov (+8*5)(%rsi), %r15
- mov (+8*6)(%rsi), %r8
- mov (+8*7)(%rsi), %r9
-init_loop:
- lea (+$GT_offset)(%rsp), %rdi
- call mont_mul_a3b
- lea (+$tmp_offset)(%rsp), %rsi
- mov (+$pg_offset)(%rsp), %rbp
- add \$2, %rbp
- mov %rbp, (+$pg_offset)(%rsp)
- mov %rsi, %rcx # rcx = rsi = addr of tmp
-___
-
- &swizzle("%rbp", "%rcx", "%rax", "%rbx");
-$code.=<<___;
- mov (+$i_offset)(%rsp), %rax
- sub \$1, %rax
- mov %rax, (+$i_offset)(%rsp)
- jne init_loop
-
- #
- # Copy exponent onto stack
- movdqa %xmm0, (+$exp_offset+16*0)(%rsp)
- movdqa %xmm1, (+$exp_offset+16*1)(%rsp)
- movdqa %xmm2, (+$exp_offset+16*2)(%rsp)
- movdqa %xmm3, (+$exp_offset+16*3)(%rsp)
-
-
- #
- # Do exponentiation
- # Initialize result to G[exp{511:507}]
- mov (+$exp_offset+62)(%rsp), %eax
- mov %rax, %rdx
- shr \$11, %rax
- and \$0x07FF, %edx
- mov %edx, (+$exp_offset+62)(%rsp)
- lea (+$garray_offset)(%rsp,%rax,2), %rsi
- mov (+$pResult_offset)(%rsp), %rdx
-___
-
- &unswizzle("%rdx", "%rsi", "%rbp", "%rbx", "%rax");
-
- #
- # Loop variables
- # rcx = [loop_idx] = index: 510-5 to 0 by 5
-$code.=<<___;
- movq \$505, (+$loop_idx_offset)(%rsp)
-
- mov (+$pResult_offset)(%rsp), %rcx
- mov %rcx, (+$red_result_addr_offset)(%rsp)
- mov (+8*0)(%rcx), %r10
- mov (+8*1)(%rcx), %r11
- mov (+8*2)(%rcx), %r12
- mov (+8*3)(%rcx), %r13
- mov (+8*4)(%rcx), %r14
- mov (+8*5)(%rcx), %r15
- mov (+8*6)(%rcx), %r8
- mov (+8*7)(%rcx), %r9
- jmp sqr_2
-
-main_loop_a3b:
- call sqr_reduce
- call sqr_reduce
- call sqr_reduce
-sqr_2:
- call sqr_reduce
- call sqr_reduce
-
- #
- # Do multiply, first look up proper value in Garray
- mov (+$loop_idx_offset)(%rsp), %rcx # bit index
- mov %rcx, %rax
- shr \$4, %rax # rax is word pointer
- mov (+$exp_offset)(%rsp,%rax,2), %edx
- and \$15, %rcx
- shrq %cl, %rdx
- and \$0x1F, %rdx
-
- lea (+$garray_offset)(%rsp,%rdx,2), %rsi
- lea (+$tmp_offset)(%rsp), %rdx
- mov %rdx, %rdi
-___
-
- &unswizzle("%rdx", "%rsi", "%rbp", "%rbx", "%rax");
- # rdi = tmp = pG
-
- #
- # Call mod_mul_a1(pDst, pSrc1, pSrc2, pM, pData)
- # result result pG M Data
-$code.=<<___;
- mov (+$pResult_offset)(%rsp), %rsi
- call mont_mul_a3b
-
- #
- # finish loop
- mov (+$loop_idx_offset)(%rsp), %rcx
- sub \$5, %rcx
- mov %rcx, (+$loop_idx_offset)(%rsp)
- jge main_loop_a3b
-
- #
-
-end_main_loop_a3b:
- # transform result out of Montgomery space
- # result = reduce(result)
- mov (+$pResult_offset)(%rsp), %rdx
- pxor %xmm4, %xmm4
- movdqu (+16*0)(%rdx), %xmm0
- movdqu (+16*1)(%rdx), %xmm1
- movdqu (+16*2)(%rdx), %xmm2
- movdqu (+16*3)(%rdx), %xmm3
- movdqa %xmm4, (+$tmp16_offset+16*4)(%rsp)
- movdqa %xmm4, (+$tmp16_offset+16*5)(%rsp)
- movdqa %xmm4, (+$tmp16_offset+16*6)(%rsp)
- movdqa %xmm4, (+$tmp16_offset+16*7)(%rsp)
- movdqa %xmm0, (+$tmp16_offset+16*0)(%rsp)
- movdqa %xmm1, (+$tmp16_offset+16*1)(%rsp)
- movdqa %xmm2, (+$tmp16_offset+16*2)(%rsp)
- movdqa %xmm3, (+$tmp16_offset+16*3)(%rsp)
- call mont_reduce
-
- # If result > m, subract m
- # load result into r15:r8
- mov (+$pResult_offset)(%rsp), %rax
- mov (+8*0)(%rax), %r8
- mov (+8*1)(%rax), %r9
- mov (+8*2)(%rax), %r10
- mov (+8*3)(%rax), %r11
- mov (+8*4)(%rax), %r12
- mov (+8*5)(%rax), %r13
- mov (+8*6)(%rax), %r14
- mov (+8*7)(%rax), %r15
-
- # subtract m
- mov (+$pData_offset)(%rsp), %rbx
- add \$$M, %rbx
-
- sub (+8*0)(%rbx), %r8
- sbb (+8*1)(%rbx), %r9
- sbb (+8*2)(%rbx), %r10
- sbb (+8*3)(%rbx), %r11
- sbb (+8*4)(%rbx), %r12
- sbb (+8*5)(%rbx), %r13
- sbb (+8*6)(%rbx), %r14
- sbb (+8*7)(%rbx), %r15
-
- # if Carry is clear, replace result with difference
- mov (+8*0)(%rax), %rsi
- mov (+8*1)(%rax), %rdi
- mov (+8*2)(%rax), %rcx
- mov (+8*3)(%rax), %rdx
- cmovnc %r8, %rsi
- cmovnc %r9, %rdi
- cmovnc %r10, %rcx
- cmovnc %r11, %rdx
- mov %rsi, (+8*0)(%rax)
- mov %rdi, (+8*1)(%rax)
- mov %rcx, (+8*2)(%rax)
- mov %rdx, (+8*3)(%rax)
-
- mov (+8*4)(%rax), %rsi
- mov (+8*5)(%rax), %rdi
- mov (+8*6)(%rax), %rcx
- mov (+8*7)(%rax), %rdx
- cmovnc %r12, %rsi
- cmovnc %r13, %rdi
- cmovnc %r14, %rcx
- cmovnc %r15, %rdx
- mov %rsi, (+8*4)(%rax)
- mov %rdi, (+8*5)(%rax)
- mov %rcx, (+8*6)(%rax)
- mov %rdx, (+8*7)(%rax)
-
- mov (+$rsp_offset)(%rsp), %rsi
- mov 0(%rsi),%r15
- mov 8(%rsi),%r14
- mov 16(%rsi),%r13
- mov 24(%rsi),%r12
- mov 32(%rsi),%rbx
- mov 40(%rsi),%rbp
- lea 48(%rsi),%rsp
-.Lepilogue:
- ret
-.size mod_exp_512, . - mod_exp_512
-___
-
-if ($win64) {
-# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
-# CONTEXT *context,DISPATCHER_CONTEXT *disp)
-my $rec="%rcx";
-my $frame="%rdx";
-my $context="%r8";
-my $disp="%r9";
-
-$code.=<<___;
-.extern __imp_RtlVirtualUnwind
-.type mod_exp_512_se_handler,\@abi-omnipotent
-.align 16
-mod_exp_512_se_handler:
- push %rsi
- push %rdi
- push %rbx
- push %rbp
- push %r12
- push %r13
- push %r14
- push %r15
- pushfq
- sub \$64,%rsp
-
- mov 120($context),%rax # pull context->Rax
- mov 248($context),%rbx # pull context->Rip
-
- lea .Lbody(%rip),%r10
- cmp %r10,%rbx # context->Rip<prologue label
- jb .Lin_prologue
-
- mov 152($context),%rax # pull context->Rsp
-
- lea .Lepilogue(%rip),%r10
- cmp %r10,%rbx # context->Rip>=epilogue label
- jae .Lin_prologue
-
- mov $rsp_offset(%rax),%rax # pull saved Rsp
-
- mov 32(%rax),%rbx
- mov 40(%rax),%rbp
- mov 24(%rax),%r12
- mov 16(%rax),%r13
- mov 8(%rax),%r14
- mov 0(%rax),%r15
- lea 48(%rax),%rax
- mov %rbx,144($context) # restore context->Rbx
- mov %rbp,160($context) # restore context->Rbp
- mov %r12,216($context) # restore context->R12
- mov %r13,224($context) # restore context->R13
- mov %r14,232($context) # restore context->R14
- mov %r15,240($context) # restore context->R15
-
-.Lin_prologue:
- mov 8(%rax),%rdi
- mov 16(%rax),%rsi
- mov %rax,152($context) # restore context->Rsp
- mov %rsi,168($context) # restore context->Rsi
- mov %rdi,176($context) # restore context->Rdi
-
- mov 40($disp),%rdi # disp->ContextRecord
- mov $context,%rsi # context
- mov \$154,%ecx # sizeof(CONTEXT)
- .long 0xa548f3fc # cld; rep movsq
-
- mov $disp,%rsi
- xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
- mov 8(%rsi),%rdx # arg2, disp->ImageBase
- mov 0(%rsi),%r8 # arg3, disp->ControlPc
- mov 16(%rsi),%r9 # arg4, disp->FunctionEntry
- mov 40(%rsi),%r10 # disp->ContextRecord
- lea 56(%rsi),%r11 # &disp->HandlerData
- lea 24(%rsi),%r12 # &disp->EstablisherFrame
- mov %r10,32(%rsp) # arg5
- mov %r11,40(%rsp) # arg6
- mov %r12,48(%rsp) # arg7
- mov %rcx,56(%rsp) # arg8, (NULL)
- call *__imp_RtlVirtualUnwind(%rip)
-
- mov \$1,%eax # ExceptionContinueSearch
- add \$64,%rsp
- popfq
- pop %r15
- pop %r14
- pop %r13
- pop %r12
- pop %rbp
- pop %rbx
- pop %rdi
- pop %rsi
- ret
-.size mod_exp_512_se_handler,.-mod_exp_512_se_handler
-
-.section .pdata
-.align 4
- .rva .LSEH_begin_mod_exp_512
- .rva .LSEH_end_mod_exp_512
- .rva .LSEH_info_mod_exp_512
-
-.section .xdata
-.align 8
-.LSEH_info_mod_exp_512:
- .byte 9,0,0,0
- .rva mod_exp_512_se_handler
-___
-}
-
-sub reg_part {
-my ($reg,$conv)=@_;
- if ($reg =~ /%r[0-9]+/) { $reg .= $conv; }
- elsif ($conv eq "b") { $reg =~ s/%[er]([^x]+)x?/%$1l/; }
- elsif ($conv eq "w") { $reg =~ s/%[er](.+)/%$1/; }
- elsif ($conv eq "d") { $reg =~ s/%[er](.+)/%e$1/; }
- return $reg;
-}
-
-$code =~ s/(%[a-z0-9]+)#([bwd])/reg_part($1,$2)/gem;
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-$code =~ s/(\(\+[^)]+\))/eval $1/gem;
-print $code;
-close STDOUT;
diff --git a/openssl/crypto/bn/bn_exp.c b/openssl/crypto/bn/bn_exp.c
index 28a9fd53b..8c46e50bd 100644
--- a/openssl/crypto/bn/bn_exp.c
+++ b/openssl/crypto/bn/bn_exp.c
@@ -185,10 +185,10 @@ int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
goto err;
}
}
- ret = 1;
- err:
if (r != rr)
BN_copy(r, rr);
+ ret = 1;
+ err:
BN_CTX_end(ctx);
bn_check_top(r);
return (ret);
diff --git a/openssl/crypto/camellia/Makefile b/openssl/crypto/camellia/Makefile
index 88535f963..60e896054 100644
--- a/openssl/crypto/camellia/Makefile
+++ b/openssl/crypto/camellia/Makefile
@@ -48,7 +48,7 @@ cmll-x86.s: asm/cmll-x86.pl ../perlasm/x86asm.pl
$(PERL) asm/cmll-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
cmll-x86_64.s: asm/cmll-x86_64.pl
$(PERL) asm/cmll-x86_64.pl $(PERLASM_SCHEME) > $@
-cmllt4-sparcv9.s: asm/cmllt4-sparcv9.pl
+cmllt4-sparcv9.s: asm/cmllt4-sparcv9.pl ../perlasm/sparcv9_modes.pl
$(PERL) asm/cmllt4-sparcv9.pl $(CFLAGS) > $@
files:
diff --git a/openssl/crypto/cms/cms_pwri.c b/openssl/crypto/cms/cms_pwri.c
index d93b14fa2..076b54578 100644
--- a/openssl/crypto/cms/cms_pwri.c
+++ b/openssl/crypto/cms/cms_pwri.c
@@ -231,6 +231,8 @@ static int kek_unwrap_key(unsigned char *out, size_t *outlen,
return 0;
}
tmp = OPENSSL_malloc(inlen);
+ if(!tmp)
+ return 0;
/* setup IV by decrypting last two blocks */
EVP_DecryptUpdate(ctx, tmp + inlen - 2 * blocklen, &outl,
in + inlen - 2 * blocklen, blocklen * 2);
diff --git a/openssl/crypto/conf/conf_def.c b/openssl/crypto/conf/conf_def.c
index e3ffeb21e..faca9aeb5 100644
--- a/openssl/crypto/conf/conf_def.c
+++ b/openssl/crypto/conf/conf_def.c
@@ -585,7 +585,11 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from)
CONFerr(CONF_F_STR_COPY, CONF_R_VARIABLE_HAS_NO_VALUE);
goto err;
}
- BUF_MEM_grow_clean(buf, (strlen(p) + buf->length - (e - from)));
+ if (!BUF_MEM_grow_clean(buf,
+ (strlen(p) + buf->length - (e - from)))) {
+ CONFerr(CONF_F_STR_COPY, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
while (*p)
buf->data[to++] = *(p++);
diff --git a/openssl/crypto/conf/conf_sap.c b/openssl/crypto/conf/conf_sap.c
index d03de2469..544fe9738 100644
--- a/openssl/crypto/conf/conf_sap.c
+++ b/openssl/crypto/conf/conf_sap.c
@@ -86,23 +86,10 @@ void OPENSSL_config(const char *config_name)
/* Need to load ENGINEs */
ENGINE_load_builtin_engines();
#endif
- /* Add others here? */
-
ERR_clear_error();
- if (CONF_modules_load_file(NULL, config_name,
+ CONF_modules_load_file(NULL, config_name,
CONF_MFLAGS_DEFAULT_SECTION |
- CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) {
- BIO *bio_err;
- ERR_load_crypto_strings();
- if ((bio_err = BIO_new_fp(stderr, BIO_NOCLOSE)) != NULL) {
- BIO_printf(bio_err, "Auto configuration failed\n");
- ERR_print_errors(bio_err);
- BIO_free(bio_err);
- }
- exit(1);
- }
-
- return;
+ CONF_MFLAGS_IGNORE_MISSING_FILE);
}
void OPENSSL_no_config()
diff --git a/openssl/crypto/des/spr.h b/openssl/crypto/des/spr.h
index 4d946395a..e85d31005 100644
--- a/openssl/crypto/des/spr.h
+++ b/openssl/crypto/des/spr.h
@@ -58,180 +58,155 @@
OPENSSL_GLOBAL const DES_LONG DES_SPtrans[8][64] = {
{
-/* nibble 0 */
- 0x02080800L, 0x00080000L, 0x02000002L, 0x02080802L,
- 0x02000000L, 0x00080802L, 0x00080002L, 0x02000002L,
- 0x00080802L, 0x02080800L, 0x02080000L, 0x00000802L,
- 0x02000802L, 0x02000000L, 0x00000000L, 0x00080002L,
- 0x00080000L, 0x00000002L, 0x02000800L, 0x00080800L,
- 0x02080802L, 0x02080000L, 0x00000802L, 0x02000800L,
- 0x00000002L, 0x00000800L, 0x00080800L, 0x02080002L,
- 0x00000800L, 0x02000802L, 0x02080002L, 0x00000000L,
- 0x00000000L, 0x02080802L, 0x02000800L, 0x00080002L,
- 0x02080800L, 0x00080000L, 0x00000802L, 0x02000800L,
- 0x02080002L, 0x00000800L, 0x00080800L, 0x02000002L,
- 0x00080802L, 0x00000002L, 0x02000002L, 0x02080000L,
- 0x02080802L, 0x00080800L, 0x02080000L, 0x02000802L,
- 0x02000000L, 0x00000802L, 0x00080002L, 0x00000000L,
- 0x00080000L, 0x02000000L, 0x02000802L, 0x02080800L,
- 0x00000002L, 0x02080002L, 0x00000800L, 0x00080802L,
- }, {
-/* nibble 1 */
- 0x40108010L, 0x00000000L, 0x00108000L, 0x40100000L,
- 0x40000010L, 0x00008010L, 0x40008000L, 0x00108000L,
- 0x00008000L, 0x40100010L, 0x00000010L, 0x40008000L,
- 0x00100010L, 0x40108000L, 0x40100000L, 0x00000010L,
- 0x00100000L, 0x40008010L, 0x40100010L, 0x00008000L,
- 0x00108010L, 0x40000000L, 0x00000000L, 0x00100010L,
- 0x40008010L, 0x00108010L, 0x40108000L, 0x40000010L,
- 0x40000000L, 0x00100000L, 0x00008010L, 0x40108010L,
- 0x00100010L, 0x40108000L, 0x40008000L, 0x00108010L,
- 0x40108010L, 0x00100010L, 0x40000010L, 0x00000000L,
- 0x40000000L, 0x00008010L, 0x00100000L, 0x40100010L,
- 0x00008000L, 0x40000000L, 0x00108010L, 0x40008010L,
- 0x40108000L, 0x00008000L, 0x00000000L, 0x40000010L,
- 0x00000010L, 0x40108010L, 0x00108000L, 0x40100000L,
- 0x40100010L, 0x00100000L, 0x00008010L, 0x40008000L,
- 0x40008010L, 0x00000010L, 0x40100000L, 0x00108000L,
- }, {
-/* nibble 2 */
- 0x04000001L, 0x04040100L, 0x00000100L, 0x04000101L,
- 0x00040001L, 0x04000000L, 0x04000101L, 0x00040100L,
- 0x04000100L, 0x00040000L, 0x04040000L, 0x00000001L,
- 0x04040101L, 0x00000101L, 0x00000001L, 0x04040001L,
- 0x00000000L, 0x00040001L, 0x04040100L, 0x00000100L,
- 0x00000101L, 0x04040101L, 0x00040000L, 0x04000001L,
- 0x04040001L, 0x04000100L, 0x00040101L, 0x04040000L,
- 0x00040100L, 0x00000000L, 0x04000000L, 0x00040101L,
- 0x04040100L, 0x00000100L, 0x00000001L, 0x00040000L,
- 0x00000101L, 0x00040001L, 0x04040000L, 0x04000101L,
- 0x00000000L, 0x04040100L, 0x00040100L, 0x04040001L,
- 0x00040001L, 0x04000000L, 0x04040101L, 0x00000001L,
- 0x00040101L, 0x04000001L, 0x04000000L, 0x04040101L,
- 0x00040000L, 0x04000100L, 0x04000101L, 0x00040100L,
- 0x04000100L, 0x00000000L, 0x04040001L, 0x00000101L,
- 0x04000001L, 0x00040101L, 0x00000100L, 0x04040000L,
- }, {
-/* nibble 3 */
- 0x00401008L, 0x10001000L, 0x00000008L, 0x10401008L,
- 0x00000000L, 0x10400000L, 0x10001008L, 0x00400008L,
- 0x10401000L, 0x10000008L, 0x10000000L, 0x00001008L,
- 0x10000008L, 0x00401008L, 0x00400000L, 0x10000000L,
- 0x10400008L, 0x00401000L, 0x00001000L, 0x00000008L,
- 0x00401000L, 0x10001008L, 0x10400000L, 0x00001000L,
- 0x00001008L, 0x00000000L, 0x00400008L, 0x10401000L,
- 0x10001000L, 0x10400008L, 0x10401008L, 0x00400000L,
- 0x10400008L, 0x00001008L, 0x00400000L, 0x10000008L,
- 0x00401000L, 0x10001000L, 0x00000008L, 0x10400000L,
- 0x10001008L, 0x00000000L, 0x00001000L, 0x00400008L,
- 0x00000000L, 0x10400008L, 0x10401000L, 0x00001000L,
- 0x10000000L, 0x10401008L, 0x00401008L, 0x00400000L,
- 0x10401008L, 0x00000008L, 0x10001000L, 0x00401008L,
- 0x00400008L, 0x00401000L, 0x10400000L, 0x10001008L,
- 0x00001008L, 0x10000000L, 0x10000008L, 0x10401000L,
- }, {
-/* nibble 4 */
- 0x08000000L, 0x00010000L, 0x00000400L, 0x08010420L,
- 0x08010020L, 0x08000400L, 0x00010420L, 0x08010000L,
- 0x00010000L, 0x00000020L, 0x08000020L, 0x00010400L,
- 0x08000420L, 0x08010020L, 0x08010400L, 0x00000000L,
- 0x00010400L, 0x08000000L, 0x00010020L, 0x00000420L,
- 0x08000400L, 0x00010420L, 0x00000000L, 0x08000020L,
- 0x00000020L, 0x08000420L, 0x08010420L, 0x00010020L,
- 0x08010000L, 0x00000400L, 0x00000420L, 0x08010400L,
- 0x08010400L, 0x08000420L, 0x00010020L, 0x08010000L,
- 0x00010000L, 0x00000020L, 0x08000020L, 0x08000400L,
- 0x08000000L, 0x00010400L, 0x08010420L, 0x00000000L,
- 0x00010420L, 0x08000000L, 0x00000400L, 0x00010020L,
- 0x08000420L, 0x00000400L, 0x00000000L, 0x08010420L,
- 0x08010020L, 0x08010400L, 0x00000420L, 0x00010000L,
- 0x00010400L, 0x08010020L, 0x08000400L, 0x00000420L,
- 0x00000020L, 0x00010420L, 0x08010000L, 0x08000020L,
- }, {
-/* nibble 5 */
- 0x80000040L, 0x00200040L, 0x00000000L, 0x80202000L,
- 0x00200040L, 0x00002000L, 0x80002040L, 0x00200000L,
- 0x00002040L, 0x80202040L, 0x00202000L, 0x80000000L,
- 0x80002000L, 0x80000040L, 0x80200000L, 0x00202040L,
- 0x00200000L, 0x80002040L, 0x80200040L, 0x00000000L,
- 0x00002000L, 0x00000040L, 0x80202000L, 0x80200040L,
- 0x80202040L, 0x80200000L, 0x80000000L, 0x00002040L,
- 0x00000040L, 0x00202000L, 0x00202040L, 0x80002000L,
- 0x00002040L, 0x80000000L, 0x80002000L, 0x00202040L,
- 0x80202000L, 0x00200040L, 0x00000000L, 0x80002000L,
- 0x80000000L, 0x00002000L, 0x80200040L, 0x00200000L,
- 0x00200040L, 0x80202040L, 0x00202000L, 0x00000040L,
- 0x80202040L, 0x00202000L, 0x00200000L, 0x80002040L,
- 0x80000040L, 0x80200000L, 0x00202040L, 0x00000000L,
- 0x00002000L, 0x80000040L, 0x80002040L, 0x80202000L,
- 0x80200000L, 0x00002040L, 0x00000040L, 0x80200040L,
- }, {
-/* nibble 6 */
- 0x00004000L, 0x00000200L, 0x01000200L,
- 0x01000004L,
- 0x01004204L, 0x00004004L, 0x00004200L,
- 0x00000000L,
- 0x01000000L, 0x01000204L, 0x00000204L,
- 0x01004000L,
- 0x00000004L, 0x01004200L, 0x01004000L,
- 0x00000204L,
- 0x01000204L, 0x00004000L, 0x00004004L,
- 0x01004204L,
- 0x00000000L, 0x01000200L, 0x01000004L,
- 0x00004200L,
- 0x01004004L, 0x00004204L, 0x01004200L,
- 0x00000004L,
- 0x00004204L, 0x01004004L, 0x00000200L,
- 0x01000000L,
- 0x00004204L, 0x01004000L, 0x01004004L,
- 0x00000204L,
- 0x00004000L, 0x00000200L, 0x01000000L,
- 0x01004004L,
- 0x01000204L, 0x00004204L, 0x00004200L,
- 0x00000000L,
- 0x00000200L, 0x01000004L, 0x00000004L,
- 0x01000200L,
- 0x00000000L, 0x01000204L, 0x01000200L,
- 0x00004200L,
- 0x00000204L, 0x00004000L, 0x01004204L,
- 0x01000000L,
- 0x01004200L, 0x00000004L, 0x00004004L,
- 0x01004204L,
- 0x01000004L, 0x01004200L, 0x01004000L,
- 0x00004004L,
- }, {
-/* nibble 7 */
- 0x20800080L, 0x20820000L, 0x00020080L,
- 0x00000000L,
- 0x20020000L, 0x00800080L, 0x20800000L,
- 0x20820080L,
- 0x00000080L, 0x20000000L, 0x00820000L,
- 0x00020080L,
- 0x00820080L, 0x20020080L, 0x20000080L,
- 0x20800000L,
- 0x00020000L, 0x00820080L, 0x00800080L,
- 0x20020000L,
- 0x20820080L, 0x20000080L, 0x00000000L,
- 0x00820000L,
- 0x20000000L, 0x00800000L, 0x20020080L,
- 0x20800080L,
- 0x00800000L, 0x00020000L, 0x20820000L,
- 0x00000080L,
- 0x00800000L, 0x00020000L, 0x20000080L,
- 0x20820080L,
- 0x00020080L, 0x20000000L, 0x00000000L,
- 0x00820000L,
- 0x20800080L, 0x20020080L, 0x20020000L,
- 0x00800080L,
- 0x20820000L, 0x00000080L, 0x00800080L,
- 0x20020000L,
- 0x20820080L, 0x00800000L, 0x20800000L,
- 0x20000080L,
- 0x00820000L, 0x00020080L, 0x20020080L,
- 0x20800000L,
- 0x00000080L, 0x20820000L, 0x00820080L,
- 0x00000000L,
- 0x20000000L, 0x20800080L, 0x00020000L,
- 0x00820080L,
- }
+ /* nibble 0 */
+ 0x02080800L, 0x00080000L, 0x02000002L, 0x02080802L,
+ 0x02000000L, 0x00080802L, 0x00080002L, 0x02000002L,
+ 0x00080802L, 0x02080800L, 0x02080000L, 0x00000802L,
+ 0x02000802L, 0x02000000L, 0x00000000L, 0x00080002L,
+ 0x00080000L, 0x00000002L, 0x02000800L, 0x00080800L,
+ 0x02080802L, 0x02080000L, 0x00000802L, 0x02000800L,
+ 0x00000002L, 0x00000800L, 0x00080800L, 0x02080002L,
+ 0x00000800L, 0x02000802L, 0x02080002L, 0x00000000L,
+ 0x00000000L, 0x02080802L, 0x02000800L, 0x00080002L,
+ 0x02080800L, 0x00080000L, 0x00000802L, 0x02000800L,
+ 0x02080002L, 0x00000800L, 0x00080800L, 0x02000002L,
+ 0x00080802L, 0x00000002L, 0x02000002L, 0x02080000L,
+ 0x02080802L, 0x00080800L, 0x02080000L, 0x02000802L,
+ 0x02000000L, 0x00000802L, 0x00080002L, 0x00000000L,
+ 0x00080000L, 0x02000000L, 0x02000802L, 0x02080800L,
+ 0x00000002L, 0x02080002L, 0x00000800L, 0x00080802L,
+ },
+ {
+ /* nibble 1 */
+ 0x40108010L, 0x00000000L, 0x00108000L, 0x40100000L,
+ 0x40000010L, 0x00008010L, 0x40008000L, 0x00108000L,
+ 0x00008000L, 0x40100010L, 0x00000010L, 0x40008000L,
+ 0x00100010L, 0x40108000L, 0x40100000L, 0x00000010L,
+ 0x00100000L, 0x40008010L, 0x40100010L, 0x00008000L,
+ 0x00108010L, 0x40000000L, 0x00000000L, 0x00100010L,
+ 0x40008010L, 0x00108010L, 0x40108000L, 0x40000010L,
+ 0x40000000L, 0x00100000L, 0x00008010L, 0x40108010L,
+ 0x00100010L, 0x40108000L, 0x40008000L, 0x00108010L,
+ 0x40108010L, 0x00100010L, 0x40000010L, 0x00000000L,
+ 0x40000000L, 0x00008010L, 0x00100000L, 0x40100010L,
+ 0x00008000L, 0x40000000L, 0x00108010L, 0x40008010L,
+ 0x40108000L, 0x00008000L, 0x00000000L, 0x40000010L,
+ 0x00000010L, 0x40108010L, 0x00108000L, 0x40100000L,
+ 0x40100010L, 0x00100000L, 0x00008010L, 0x40008000L,
+ 0x40008010L, 0x00000010L, 0x40100000L, 0x00108000L,
+ },
+ {
+ /* nibble 2 */
+ 0x04000001L, 0x04040100L, 0x00000100L, 0x04000101L,
+ 0x00040001L, 0x04000000L, 0x04000101L, 0x00040100L,
+ 0x04000100L, 0x00040000L, 0x04040000L, 0x00000001L,
+ 0x04040101L, 0x00000101L, 0x00000001L, 0x04040001L,
+ 0x00000000L, 0x00040001L, 0x04040100L, 0x00000100L,
+ 0x00000101L, 0x04040101L, 0x00040000L, 0x04000001L,
+ 0x04040001L, 0x04000100L, 0x00040101L, 0x04040000L,
+ 0x00040100L, 0x00000000L, 0x04000000L, 0x00040101L,
+ 0x04040100L, 0x00000100L, 0x00000001L, 0x00040000L,
+ 0x00000101L, 0x00040001L, 0x04040000L, 0x04000101L,
+ 0x00000000L, 0x04040100L, 0x00040100L, 0x04040001L,
+ 0x00040001L, 0x04000000L, 0x04040101L, 0x00000001L,
+ 0x00040101L, 0x04000001L, 0x04000000L, 0x04040101L,
+ 0x00040000L, 0x04000100L, 0x04000101L, 0x00040100L,
+ 0x04000100L, 0x00000000L, 0x04040001L, 0x00000101L,
+ 0x04000001L, 0x00040101L, 0x00000100L, 0x04040000L,
+ },
+ {
+ /* nibble 3 */
+ 0x00401008L, 0x10001000L, 0x00000008L, 0x10401008L,
+ 0x00000000L, 0x10400000L, 0x10001008L, 0x00400008L,
+ 0x10401000L, 0x10000008L, 0x10000000L, 0x00001008L,
+ 0x10000008L, 0x00401008L, 0x00400000L, 0x10000000L,
+ 0x10400008L, 0x00401000L, 0x00001000L, 0x00000008L,
+ 0x00401000L, 0x10001008L, 0x10400000L, 0x00001000L,
+ 0x00001008L, 0x00000000L, 0x00400008L, 0x10401000L,
+ 0x10001000L, 0x10400008L, 0x10401008L, 0x00400000L,
+ 0x10400008L, 0x00001008L, 0x00400000L, 0x10000008L,
+ 0x00401000L, 0x10001000L, 0x00000008L, 0x10400000L,
+ 0x10001008L, 0x00000000L, 0x00001000L, 0x00400008L,
+ 0x00000000L, 0x10400008L, 0x10401000L, 0x00001000L,
+ 0x10000000L, 0x10401008L, 0x00401008L, 0x00400000L,
+ 0x10401008L, 0x00000008L, 0x10001000L, 0x00401008L,
+ 0x00400008L, 0x00401000L, 0x10400000L, 0x10001008L,
+ 0x00001008L, 0x10000000L, 0x10000008L, 0x10401000L,
+ },
+ {
+ /* nibble 4 */
+ 0x08000000L, 0x00010000L, 0x00000400L, 0x08010420L,
+ 0x08010020L, 0x08000400L, 0x00010420L, 0x08010000L,
+ 0x00010000L, 0x00000020L, 0x08000020L, 0x00010400L,
+ 0x08000420L, 0x08010020L, 0x08010400L, 0x00000000L,
+ 0x00010400L, 0x08000000L, 0x00010020L, 0x00000420L,
+ 0x08000400L, 0x00010420L, 0x00000000L, 0x08000020L,
+ 0x00000020L, 0x08000420L, 0x08010420L, 0x00010020L,
+ 0x08010000L, 0x00000400L, 0x00000420L, 0x08010400L,
+ 0x08010400L, 0x08000420L, 0x00010020L, 0x08010000L,
+ 0x00010000L, 0x00000020L, 0x08000020L, 0x08000400L,
+ 0x08000000L, 0x00010400L, 0x08010420L, 0x00000000L,
+ 0x00010420L, 0x08000000L, 0x00000400L, 0x00010020L,
+ 0x08000420L, 0x00000400L, 0x00000000L, 0x08010420L,
+ 0x08010020L, 0x08010400L, 0x00000420L, 0x00010000L,
+ 0x00010400L, 0x08010020L, 0x08000400L, 0x00000420L,
+ 0x00000020L, 0x00010420L, 0x08010000L, 0x08000020L,
+ },
+ {
+ /* nibble 5 */
+ 0x80000040L, 0x00200040L, 0x00000000L, 0x80202000L,
+ 0x00200040L, 0x00002000L, 0x80002040L, 0x00200000L,
+ 0x00002040L, 0x80202040L, 0x00202000L, 0x80000000L,
+ 0x80002000L, 0x80000040L, 0x80200000L, 0x00202040L,
+ 0x00200000L, 0x80002040L, 0x80200040L, 0x00000000L,
+ 0x00002000L, 0x00000040L, 0x80202000L, 0x80200040L,
+ 0x80202040L, 0x80200000L, 0x80000000L, 0x00002040L,
+ 0x00000040L, 0x00202000L, 0x00202040L, 0x80002000L,
+ 0x00002040L, 0x80000000L, 0x80002000L, 0x00202040L,
+ 0x80202000L, 0x00200040L, 0x00000000L, 0x80002000L,
+ 0x80000000L, 0x00002000L, 0x80200040L, 0x00200000L,
+ 0x00200040L, 0x80202040L, 0x00202000L, 0x00000040L,
+ 0x80202040L, 0x00202000L, 0x00200000L, 0x80002040L,
+ 0x80000040L, 0x80200000L, 0x00202040L, 0x00000000L,
+ 0x00002000L, 0x80000040L, 0x80002040L, 0x80202000L,
+ 0x80200000L, 0x00002040L, 0x00000040L, 0x80200040L,
+ },
+ {
+ /* nibble 6 */
+ 0x00004000L, 0x00000200L, 0x01000200L, 0x01000004L,
+ 0x01004204L, 0x00004004L, 0x00004200L, 0x00000000L,
+ 0x01000000L, 0x01000204L, 0x00000204L, 0x01004000L,
+ 0x00000004L, 0x01004200L, 0x01004000L, 0x00000204L,
+ 0x01000204L, 0x00004000L, 0x00004004L, 0x01004204L,
+ 0x00000000L, 0x01000200L, 0x01000004L, 0x00004200L,
+ 0x01004004L, 0x00004204L, 0x01004200L, 0x00000004L,
+ 0x00004204L, 0x01004004L, 0x00000200L, 0x01000000L,
+ 0x00004204L, 0x01004000L, 0x01004004L, 0x00000204L,
+ 0x00004000L, 0x00000200L, 0x01000000L, 0x01004004L,
+ 0x01000204L, 0x00004204L, 0x00004200L, 0x00000000L,
+ 0x00000200L, 0x01000004L, 0x00000004L, 0x01000200L,
+ 0x00000000L, 0x01000204L, 0x01000200L, 0x00004200L,
+ 0x00000204L, 0x00004000L, 0x01004204L, 0x01000000L,
+ 0x01004200L, 0x00000004L, 0x00004004L, 0x01004204L,
+ 0x01000004L, 0x01004200L, 0x01004000L, 0x00004004L,
+ },
+ {
+ /* nibble 7 */
+ 0x20800080L, 0x20820000L, 0x00020080L, 0x00000000L,
+ 0x20020000L, 0x00800080L, 0x20800000L, 0x20820080L,
+ 0x00000080L, 0x20000000L, 0x00820000L, 0x00020080L,
+ 0x00820080L, 0x20020080L, 0x20000080L, 0x20800000L,
+ 0x00020000L, 0x00820080L, 0x00800080L, 0x20020000L,
+ 0x20820080L, 0x20000080L, 0x00000000L, 0x00820000L,
+ 0x20000000L, 0x00800000L, 0x20020080L, 0x20800080L,
+ 0x00800000L, 0x00020000L, 0x20820000L, 0x00000080L,
+ 0x00800000L, 0x00020000L, 0x20000080L, 0x20820080L,
+ 0x00020080L, 0x20000000L, 0x00000000L, 0x00820000L,
+ 0x20800080L, 0x20020080L, 0x20020000L, 0x00800080L,
+ 0x20820000L, 0x00000080L, 0x00800080L, 0x20020000L,
+ 0x20820080L, 0x00800000L, 0x20800000L, 0x20000080L,
+ 0x00820000L, 0x00020080L, 0x20020080L, 0x20800000L,
+ 0x00000080L, 0x20820000L, 0x00820080L, 0x00000000L,
+ 0x20000000L, 0x20800080L, 0x00020000L, 0x00820080L,
+ }
};
diff --git a/openssl/crypto/dh/dh_ameth.c b/openssl/crypto/dh/dh_ameth.c
index a8349e737..c6bfc2d3f 100644
--- a/openssl/crypto/dh/dh_ameth.c
+++ b/openssl/crypto/dh/dh_ameth.c
@@ -151,7 +151,6 @@ static int dh_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
static int dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
{
DH *dh;
- void *pval = NULL;
int ptype;
unsigned char *penc = NULL;
int penclen;
@@ -161,12 +160,15 @@ static int dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
dh = pkey->pkey.dh;
str = ASN1_STRING_new();
+ if(!str) {
+ DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
str->length = i2d_dhp(pkey, dh, &str->data);
if (str->length <= 0) {
DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
goto err;
}
- pval = str;
ptype = V_ASN1_SEQUENCE;
pub_key = BN_to_ASN1_INTEGER(dh->pub_key, NULL);
@@ -183,14 +185,14 @@ static int dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
}
if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(pkey->ameth->pkey_id),
- ptype, pval, penc, penclen))
+ ptype, str, penc, penclen))
return 1;
err:
if (penc)
OPENSSL_free(penc);
- if (pval)
- ASN1_STRING_free(pval);
+ if (str)
+ ASN1_STRING_free(str);
return 0;
}
@@ -240,7 +242,7 @@ static int dh_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, dh);
- ASN1_INTEGER_free(privkey);
+ ASN1_STRING_clear_free(privkey);
return 1;
@@ -248,6 +250,7 @@ static int dh_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
DHerr(DH_F_DH_PRIV_DECODE, EVP_R_DECODE_ERROR);
dherr:
DH_free(dh);
+ ASN1_STRING_clear_free(privkey);
return 0;
}
@@ -282,7 +285,8 @@ static int dh_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
dplen = i2d_ASN1_INTEGER(prkey, &dp);
- ASN1_INTEGER_free(prkey);
+ ASN1_STRING_clear_free(prkey);
+ prkey = NULL;
if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(pkey->ameth->pkey_id), 0,
V_ASN1_SEQUENCE, params, dp, dplen))
@@ -296,7 +300,7 @@ static int dh_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
if (params != NULL)
ASN1_STRING_free(params);
if (prkey != NULL)
- ASN1_INTEGER_free(prkey);
+ ASN1_STRING_clear_free(prkey);
return 0;
}
diff --git a/openssl/crypto/dh/dh_pmeth.c b/openssl/crypto/dh/dh_pmeth.c
index 494a887de..b3a31472a 100644
--- a/openssl/crypto/dh/dh_pmeth.c
+++ b/openssl/crypto/dh/dh_pmeth.c
@@ -462,6 +462,9 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
ret = 0;
Zlen = DH_size(dh);
Z = OPENSSL_malloc(Zlen);
+ if(!Z) {
+ goto err;
+ }
if (DH_compute_key_padded(Z, dhpub, dh) <= 0)
goto err;
if (!DH_KDF_X9_42(key, *keylen, Z, Zlen, dctx->kdf_oid,
diff --git a/openssl/crypto/dsa/dsa_ameth.c b/openssl/crypto/dsa/dsa_ameth.c
index c142ce702..2a5cd7137 100644
--- a/openssl/crypto/dsa/dsa_ameth.c
+++ b/openssl/crypto/dsa/dsa_ameth.c
@@ -129,21 +129,23 @@ static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
{
DSA *dsa;
- void *pval = NULL;
int ptype;
unsigned char *penc = NULL;
int penclen;
+ ASN1_STRING *str = NULL;
dsa = pkey->pkey.dsa;
if (pkey->save_parameters && dsa->p && dsa->q && dsa->g) {
- ASN1_STRING *str;
str = ASN1_STRING_new();
+ if (!str) {
+ DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
str->length = i2d_DSAparams(dsa, &str->data);
if (str->length <= 0) {
DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
goto err;
}
- pval = str;
ptype = V_ASN1_SEQUENCE;
} else
ptype = V_ASN1_UNDEF;
@@ -158,14 +160,14 @@ static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
}
if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA),
- ptype, pval, penc, penclen))
+ ptype, str, penc, penclen))
return 1;
err:
if (penc)
OPENSSL_free(penc);
- if (pval)
- ASN1_STRING_free(pval);
+ if (str)
+ ASN1_STRING_free(str);
return 0;
}
@@ -226,7 +228,7 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
goto decerr;
if (privkey->type == V_ASN1_NEG_INTEGER) {
p8->broken = PKCS8_NEG_PRIVKEY;
- ASN1_INTEGER_free(privkey);
+ ASN1_STRING_clear_free(privkey);
if (!(privkey = d2i_ASN1_UINTEGER(NULL, &q, pklen)))
goto decerr;
}
@@ -264,7 +266,7 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
if (ndsa)
sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
else
- ASN1_INTEGER_free(privkey);
+ ASN1_STRING_clear_free(privkey);
return 1;
@@ -273,7 +275,7 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
dsaerr:
BN_CTX_free(ctx);
if (privkey)
- ASN1_INTEGER_free(privkey);
+ ASN1_STRING_clear_free(privkey);
sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
DSA_free(dsa);
return 0;
@@ -315,7 +317,7 @@ static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
dplen = i2d_ASN1_INTEGER(prkey, &dp);
- ASN1_INTEGER_free(prkey);
+ ASN1_STRING_clear_free(prkey);
if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0,
V_ASN1_SEQUENCE, params, dp, dplen))
@@ -329,7 +331,7 @@ static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
if (params != NULL)
ASN1_STRING_free(params);
if (prkey != NULL)
- ASN1_INTEGER_free(prkey);
+ ASN1_STRING_clear_free(prkey);
return 0;
}
diff --git a/openssl/crypto/dso/dso_dlfcn.c b/openssl/crypto/dso/dso_dlfcn.c
index c0fcbb18b..f629f0380 100644
--- a/openssl/crypto/dso/dso_dlfcn.c
+++ b/openssl/crypto/dso/dso_dlfcn.c
@@ -314,7 +314,7 @@ static char *dlfcn_merger(DSO *dso, const char *filespec1,
return (NULL);
}
strcpy(merged, filespec2);
- } else
+ } else {
/*
* This part isn't as trivial as it looks. It assumes that the
* second file specification really is a directory, and makes no
@@ -322,13 +322,12 @@ static char *dlfcn_merger(DSO *dso, const char *filespec1,
* concatenation of filespec2 followed by a slash followed by
* filespec1.
*/
- {
int spec2len, len;
spec2len = strlen(filespec2);
- len = spec2len + (filespec1 ? strlen(filespec1) : 0);
+ len = spec2len + strlen(filespec1);
- if (filespec2 && filespec2[spec2len - 1] == '/') {
+ if (spec2len && filespec2[spec2len - 1] == '/') {
spec2len--;
len--;
}
diff --git a/openssl/crypto/dso/dso_vms.c b/openssl/crypto/dso/dso_vms.c
index 14d885df1..0eff96ec2 100644
--- a/openssl/crypto/dso/dso_vms.c
+++ b/openssl/crypto/dso/dso_vms.c
@@ -172,6 +172,7 @@ static int vms_load(DSO *dso)
# endif /* __INITIAL_POINTER_SIZE == 64 */
const char *sp1, *sp2; /* Search result */
+ const char *ext = NULL; /* possible extension to add */
if (filename == NULL) {
DSOerr(DSO_F_VMS_LOAD, DSO_R_NO_FILENAME);
@@ -214,11 +215,19 @@ static int vms_load(DSO *dso)
/* Now, let's see if there's a type, and save the position in sp2 */
sp2 = strchr(sp1, '.');
/*
+ * If there is a period and the next character is a semi-colon,
+ * we need to add an extension
+ */
+ if (sp2 != NULL && sp2[1] == ';')
+ ext = ".EXE";
+ /*
* If we found it, that's where we'll cut. Otherwise, look for a version
* number and save the position in sp2
*/
- if (sp2 == NULL)
+ if (sp2 == NULL) {
sp2 = strchr(sp1, ';');
+ ext = ".EXE";
+ }
/*
* If there was still nothing to find, set sp2 to point at the end of the
* string
@@ -244,6 +253,11 @@ static int vms_load(DSO *dso)
strncpy(p->imagename, filename, sp1 - filename);
p->imagename[sp1 - filename] = '\0';
+ if (ext) {
+ strcat(p->imagename, ext);
+ if (*sp2 == '.')
+ sp2++;
+ }
strcat(p->imagename, sp2);
p->filename_dsc.dsc$w_length = strlen(p->filename);
@@ -525,7 +539,8 @@ static char *vms_name_converter(DSO *dso, const char *filename)
{
int len = strlen(filename);
char *not_translated = OPENSSL_malloc(len + 1);
- strcpy(not_translated, filename);
+ if(not_translated)
+ strcpy(not_translated, filename);
return (not_translated);
}
diff --git a/openssl/crypto/ec/ec_asn1.c b/openssl/crypto/ec/ec_asn1.c
index 292437409..b4b0e9f3b 100644
--- a/openssl/crypto/ec/ec_asn1.c
+++ b/openssl/crypto/ec/ec_asn1.c
@@ -1017,14 +1017,8 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
EC_KEY *ret = NULL;
EC_PRIVATEKEY *priv_key = NULL;
- if ((priv_key = EC_PRIVATEKEY_new()) == NULL) {
- ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
- if ((priv_key = d2i_EC_PRIVATEKEY(&priv_key, in, len)) == NULL) {
+ if ((priv_key = d2i_EC_PRIVATEKEY(NULL, in, len)) == NULL) {
ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
- EC_PRIVATEKEY_free(priv_key);
return NULL;
}
@@ -1033,8 +1027,6 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
goto err;
}
- if (a)
- *a = ret;
} else
ret = *a;
@@ -1102,10 +1094,12 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
ret->enc_flag |= EC_PKEY_NO_PUBKEY;
}
+ if (a)
+ *a = ret;
ok = 1;
err:
if (!ok) {
- if (ret)
+ if (ret && (a == NULL || *a != ret))
EC_KEY_free(ret);
ret = NULL;
}
@@ -1232,16 +1226,19 @@ EC_KEY *d2i_ECParameters(EC_KEY **a, const unsigned char **in, long len)
ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_MALLOC_FAILURE);
return NULL;
}
- if (a)
- *a = ret;
} else
ret = *a;
if (!d2i_ECPKParameters(&ret->group, in, len)) {
ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_EC_LIB);
+ if (a == NULL || *a != ret)
+ EC_KEY_free(ret);
return NULL;
}
+ if (a)
+ *a = ret;
+
return ret;
}
diff --git a/openssl/crypto/ec/ec_curve.c b/openssl/crypto/ec/ec_curve.c
index 023bd0ec6..6dbe9d825 100644
--- a/openssl/crypto/ec/ec_curve.c
+++ b/openssl/crypto/ec/ec_curve.c
@@ -69,16 +69,16 @@
*
*/
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
#include <string.h>
#include "ec_lcl.h"
#include <openssl/err.h>
#include <openssl/obj_mac.h>
#include <openssl/opensslconf.h>
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
typedef struct {
int field_type, /* either NID_X9_62_prime_field or
* NID_X9_62_characteristic_two_field */
diff --git a/openssl/crypto/ec/ec_cvt.c b/openssl/crypto/ec/ec_cvt.c
index 73cc123e8..5a832ba1c 100644
--- a/openssl/crypto/ec/ec_cvt.c
+++ b/openssl/crypto/ec/ec_cvt.c
@@ -69,13 +69,13 @@
*
*/
+#include <openssl/err.h>
+#include "ec_lcl.h"
+
#ifdef OPENSSL_FIPS
# include <openssl/fips.h>
#endif
-#include <openssl/err.h>
-#include "ec_lcl.h"
-
EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
const BIGNUM *b, BN_CTX *ctx)
{
diff --git a/openssl/crypto/ec/ecp_nistp224.c b/openssl/crypto/ec/ecp_nistp224.c
index 9a59ef0c1..ed09f97ad 100644
--- a/openssl/crypto/ec/ecp_nistp224.c
+++ b/openssl/crypto/ec/ecp_nistp224.c
@@ -321,7 +321,7 @@ static void bin28_to_felem(felem out, const u8 in[28])
out[0] = *((const uint64_t *)(in)) & 0x00ffffffffffffff;
out[1] = (*((const uint64_t *)(in + 7))) & 0x00ffffffffffffff;
out[2] = (*((const uint64_t *)(in + 14))) & 0x00ffffffffffffff;
- out[3] = (*((const uint64_t *)(in + 21))) & 0x00ffffffffffffff;
+ out[3] = (*((const uint64_t *)(in+20))) >> 8;
}
static void felem_to_bin28(u8 out[28], const felem in)
diff --git a/openssl/crypto/engine/eng_fat.c b/openssl/crypto/engine/eng_fat.c
index bcb4c446b..4279dd94b 100644
--- a/openssl/crypto/engine/eng_fat.c
+++ b/openssl/crypto/engine/eng_fat.c
@@ -103,6 +103,8 @@ int ENGINE_set_default(ENGINE *e, unsigned int flags)
static int int_def_cb(const char *alg, int len, void *arg)
{
unsigned int *pflags = arg;
+ if (alg == NULL)
+ return 0;
if (!strncmp(alg, "ALL", len))
*pflags |= ENGINE_METHOD_ALL;
else if (!strncmp(alg, "RSA", len))
diff --git a/openssl/crypto/engine/eng_rsax.c b/openssl/crypto/engine/eng_rsax.c
deleted file mode 100644
index 8362754c7..000000000
--- a/openssl/crypto/engine/eng_rsax.c
+++ /dev/null
@@ -1,701 +0,0 @@
-/* crypto/engine/eng_rsax.c */
-/* Copyright (c) 2010-2010 Intel Corp.
- * Author: Vinodh.Gopal@intel.com
- * Jim Guilford
- * Erdinc.Ozturk@intel.com
- * Maxim.Perminov@intel.com
- * Ying.Huang@intel.com
- *
- * More information about algorithm used can be found at:
- * http://www.cse.buffalo.edu/srds2009/escs2009_submission_Gopal.pdf
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- */
-
-#include <openssl/opensslconf.h>
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/buffer.h>
-#include <openssl/engine.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#include <openssl/bn.h>
-#include <openssl/err.h>
-
-/* RSAX is available **ONLY* on x86_64 CPUs */
-#undef COMPILE_RSAX
-
-#if (defined(__x86_64) || defined(__x86_64__) || \
- defined(_M_AMD64) || defined (_M_X64)) && !defined(OPENSSL_NO_ASM)
-# define COMPILE_RSAX
-static ENGINE *ENGINE_rsax(void);
-#endif
-
-void ENGINE_load_rsax(void)
-{
-/* On non-x86 CPUs it just returns. */
-#ifdef COMPILE_RSAX
- ENGINE *toadd = ENGINE_rsax();
- if (!toadd)
- return;
- ENGINE_add(toadd);
- ENGINE_free(toadd);
- ERR_clear_error();
-#endif
-}
-
-#ifdef COMPILE_RSAX
-# define E_RSAX_LIB_NAME "rsax engine"
-
-static int e_rsax_destroy(ENGINE *e);
-static int e_rsax_init(ENGINE *e);
-static int e_rsax_finish(ENGINE *e);
-static int e_rsax_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
-
-# ifndef OPENSSL_NO_RSA
-/* RSA stuff */
-static int e_rsax_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa,
- BN_CTX *ctx);
-static int e_rsax_rsa_finish(RSA *r);
-# endif
-
-static const ENGINE_CMD_DEFN e_rsax_cmd_defns[] = {
- {0, NULL, NULL, 0}
-};
-
-# ifndef OPENSSL_NO_RSA
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD e_rsax_rsa = {
- "Intel RSA-X method",
- NULL,
- NULL,
- NULL,
- NULL,
- e_rsax_rsa_mod_exp,
- NULL,
- NULL,
- e_rsax_rsa_finish,
- RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE,
- NULL,
- NULL,
- NULL
-};
-# endif
-
-/* Constants used when creating the ENGINE */
-static const char *engine_e_rsax_id = "rsax";
-static const char *engine_e_rsax_name = "RSAX engine support";
-
-/* This internal function is used by ENGINE_rsax() */
-static int bind_helper(ENGINE *e)
-{
-# ifndef OPENSSL_NO_RSA
- const RSA_METHOD *meth1;
-# endif
- if (!ENGINE_set_id(e, engine_e_rsax_id) ||
- !ENGINE_set_name(e, engine_e_rsax_name) ||
-# ifndef OPENSSL_NO_RSA
- !ENGINE_set_RSA(e, &e_rsax_rsa) ||
-# endif
- !ENGINE_set_destroy_function(e, e_rsax_destroy) ||
- !ENGINE_set_init_function(e, e_rsax_init) ||
- !ENGINE_set_finish_function(e, e_rsax_finish) ||
- !ENGINE_set_ctrl_function(e, e_rsax_ctrl) ||
- !ENGINE_set_cmd_defns(e, e_rsax_cmd_defns))
- return 0;
-
-# ifndef OPENSSL_NO_RSA
- meth1 = RSA_PKCS1_SSLeay();
- e_rsax_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
- e_rsax_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
- e_rsax_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
- e_rsax_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
- e_rsax_rsa.bn_mod_exp = meth1->bn_mod_exp;
-# endif
- return 1;
-}
-
-static ENGINE *ENGINE_rsax(void)
-{
- ENGINE *ret = ENGINE_new();
- if (!ret)
- return NULL;
- if (!bind_helper(ret)) {
- ENGINE_free(ret);
- return NULL;
- }
- return ret;
-}
-
-# ifndef OPENSSL_NO_RSA
-/* Used to attach our own key-data to an RSA structure */
-static int rsax_ex_data_idx = -1;
-# endif
-
-static int e_rsax_destroy(ENGINE *e)
-{
- return 1;
-}
-
-/* (de)initialisation functions. */
-static int e_rsax_init(ENGINE *e)
-{
-# ifndef OPENSSL_NO_RSA
- if (rsax_ex_data_idx == -1)
- rsax_ex_data_idx = RSA_get_ex_new_index(0, NULL, NULL, NULL, NULL);
-# endif
- if (rsax_ex_data_idx == -1)
- return 0;
- return 1;
-}
-
-static int e_rsax_finish(ENGINE *e)
-{
- return 1;
-}
-
-static int e_rsax_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
-{
- int to_return = 1;
-
- switch (cmd) {
- /* The command isn't understood by this engine */
- default:
- to_return = 0;
- break;
- }
-
- return to_return;
-}
-
-# ifndef OPENSSL_NO_RSA
-
-# ifdef _WIN32
-typedef unsigned __int64 UINT64;
-# else
-typedef unsigned long long UINT64;
-# endif
-typedef unsigned short UINT16;
-
-/*
- * Table t is interleaved in the following manner: The order in memory is
- * t[0][0], t[0][1], ..., t[0][7], t[1][0], ... A particular 512-bit value is
- * stored in t[][index] rather than the more normal t[index][]; i.e. the
- * qwords of a particular entry in t are not adjacent in memory
- */
-
-/* Init BIGNUM b from the interleaved UINT64 array */
-static int interleaved_array_to_bn_512(BIGNUM *b, UINT64 *array);
-
-/*
- * Extract array elements from BIGNUM b To set the whole array from b, call
- * with n=8
- */
-static int bn_extract_to_array_512(const BIGNUM *b, unsigned int n,
- UINT64 *array);
-
-struct mod_ctx_512 {
- UINT64 t[8][8];
- UINT64 m[8];
- UINT64 m1[8]; /* 2^278 % m */
- UINT64 m2[8]; /* 2^640 % m */
- UINT64 k1[2]; /* (- 1/m) % 2^128 */
-};
-
-static int mod_exp_pre_compute_data_512(UINT64 *m, struct mod_ctx_512 *data);
-
-void mod_exp_512(UINT64 *result, /* 512 bits, 8 qwords */
- UINT64 *g, /* 512 bits, 8 qwords */
- UINT64 *exp, /* 512 bits, 8 qwords */
- struct mod_ctx_512 *data);
-
-typedef struct st_e_rsax_mod_ctx {
- UINT64 type;
- union {
- struct mod_ctx_512 b512;
- } ctx;
-
-} E_RSAX_MOD_CTX;
-
-static E_RSAX_MOD_CTX *e_rsax_get_ctx(RSA *rsa, int idx, BIGNUM *m)
-{
- E_RSAX_MOD_CTX *hptr;
-
- if (idx < 0 || idx > 2)
- return NULL;
-
- hptr = RSA_get_ex_data(rsa, rsax_ex_data_idx);
- if (!hptr) {
- hptr = OPENSSL_malloc(3 * sizeof(E_RSAX_MOD_CTX));
- if (!hptr)
- return NULL;
- hptr[2].type = hptr[1].type = hptr[0].type = 0;
- RSA_set_ex_data(rsa, rsax_ex_data_idx, hptr);
- }
-
- if (hptr[idx].type == (UINT64)BN_num_bits(m))
- return hptr + idx;
-
- if (BN_num_bits(m) == 512) {
- UINT64 _m[8];
- bn_extract_to_array_512(m, 8, _m);
- memset(&hptr[idx].ctx.b512, 0, sizeof(struct mod_ctx_512));
- mod_exp_pre_compute_data_512(_m, &hptr[idx].ctx.b512);
- }
-
- hptr[idx].type = BN_num_bits(m);
- return hptr + idx;
-}
-
-static int e_rsax_rsa_finish(RSA *rsa)
-{
- E_RSAX_MOD_CTX *hptr = RSA_get_ex_data(rsa, rsax_ex_data_idx);
- if (hptr) {
- OPENSSL_free(hptr);
- RSA_set_ex_data(rsa, rsax_ex_data_idx, NULL);
- }
- if (rsa->_method_mod_n)
- BN_MONT_CTX_free(rsa->_method_mod_n);
- if (rsa->_method_mod_p)
- BN_MONT_CTX_free(rsa->_method_mod_p);
- if (rsa->_method_mod_q)
- BN_MONT_CTX_free(rsa->_method_mod_q);
- return 1;
-}
-
-static int e_rsax_bn_mod_exp(BIGNUM *r, const BIGNUM *g, const BIGNUM *e,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *in_mont,
- E_RSAX_MOD_CTX *rsax_mod_ctx)
-{
- if (rsax_mod_ctx && BN_get_flags(e, BN_FLG_CONSTTIME) != 0) {
- if (BN_num_bits(m) == 512) {
- UINT64 _r[8];
- UINT64 _g[8];
- UINT64 _e[8];
-
- /* Init the arrays from the BIGNUMs */
- bn_extract_to_array_512(g, 8, _g);
- bn_extract_to_array_512(e, 8, _e);
-
- mod_exp_512(_r, _g, _e, &rsax_mod_ctx->ctx.b512);
- /* Return the result in the BIGNUM */
- interleaved_array_to_bn_512(r, _r);
- return 1;
- }
- }
-
- return BN_mod_exp_mont(r, g, e, m, ctx, in_mont);
-}
-
-/*
- * Declares for the Intel CIAP 512-bit / CRT / 1024 bit RSA modular
- * exponentiation routine precalculations and a structure to hold the
- * necessary values. These files are meant to live in crypto/rsa/ in the
- * target openssl.
- */
-
-/*
- * Local method: extracts a piece from a BIGNUM, to fit it into
- * an array. Call with n=8 to extract an entire 512-bit BIGNUM
- */
-static int bn_extract_to_array_512(const BIGNUM *b, unsigned int n,
- UINT64 *array)
-{
- int i;
- UINT64 tmp;
- unsigned char bn_buff[64];
- memset(bn_buff, 0, 64);
- if (BN_num_bytes(b) > 64) {
- printf("Can't support this byte size\n");
- return 0;
- }
- if (BN_num_bytes(b) != 0) {
- if (!BN_bn2bin(b, bn_buff + (64 - BN_num_bytes(b)))) {
- printf("Error's in bn2bin\n");
- /* We have to error, here */
- return 0;
- }
- }
- while (n-- > 0) {
- array[n] = 0;
- for (i = 7; i >= 0; i--) {
- tmp = bn_buff[63 - (n * 8 + i)];
- array[n] |= tmp << (8 * i);
- }
- }
- return 1;
-}
-
-/* Init a 512-bit BIGNUM from the UINT64*_ (8 * 64) interleaved array */
-static int interleaved_array_to_bn_512(BIGNUM *b, UINT64 *array)
-{
- unsigned char tmp[64];
- int n = 8;
- int i;
- while (n-- > 0) {
- for (i = 7; i >= 0; i--) {
- tmp[63 - (n * 8 + i)] = (unsigned char)(array[n] >> (8 * i));
- }}
- BN_bin2bn(tmp, 64, b);
- return 0;
-}
-
-/* The main 512bit precompute call */
-static int mod_exp_pre_compute_data_512(UINT64 *m, struct mod_ctx_512 *data)
-{
- BIGNUM two_768, two_640, two_128, two_512, tmp, _m, tmp2;
-
- /* We need a BN_CTX for the modulo functions */
- BN_CTX *ctx;
- /* Some tmps */
- UINT64 _t[8];
- int i, j, ret = 0;
-
- /* Init _m with m */
- BN_init(&_m);
- interleaved_array_to_bn_512(&_m, m);
- memset(_t, 0, 64);
-
- /* Inits */
- BN_init(&two_768);
- BN_init(&two_640);
- BN_init(&two_128);
- BN_init(&two_512);
- BN_init(&tmp);
- BN_init(&tmp2);
-
- /* Create our context */
- if ((ctx = BN_CTX_new()) == NULL) {
- goto err;
- }
- BN_CTX_start(ctx);
-
- /*
- * For production, if you care, these only need to be set once,
- * and may be made constants.
- */
- BN_lshift(&two_768, BN_value_one(), 768);
- BN_lshift(&two_640, BN_value_one(), 640);
- BN_lshift(&two_128, BN_value_one(), 128);
- BN_lshift(&two_512, BN_value_one(), 512);
-
- if (0 == (m[7] & 0x8000000000000000)) {
- exit(1);
- }
- if (0 == (m[0] & 0x1)) { /* Odd modulus required for Mont */
- exit(1);
- }
-
- /* Precompute m1 */
- BN_mod(&tmp, &two_768, &_m, ctx);
- if (!bn_extract_to_array_512(&tmp, 8, &data->m1[0])) {
- goto err;
- }
-
- /* Precompute m2 */
- BN_mod(&tmp, &two_640, &_m, ctx);
- if (!bn_extract_to_array_512(&tmp, 8, &data->m2[0])) {
- goto err;
- }
-
- /*
- * Precompute k1, a 128b number = ((-1)* m-1 ) mod 2128; k1 should
- * be non-negative.
- */
- BN_mod_inverse(&tmp, &_m, &two_128, ctx);
- if (!BN_is_zero(&tmp)) {
- BN_sub(&tmp, &two_128, &tmp);
- }
- if (!bn_extract_to_array_512(&tmp, 2, &data->k1[0])) {
- goto err;
- }
-
- /* Precompute t */
- for (i = 0; i < 8; i++) {
- BN_zero(&tmp);
- if (i & 1) {
- BN_add(&tmp, &two_512, &tmp);
- }
- if (i & 2) {
- BN_add(&tmp, &two_512, &tmp);
- }
- if (i & 4) {
- BN_add(&tmp, &two_640, &tmp);
- }
-
- BN_nnmod(&tmp2, &tmp, &_m, ctx);
- if (!bn_extract_to_array_512(&tmp2, 8, _t)) {
- goto err;
- }
- for (j = 0; j < 8; j++)
- data->t[j][i] = _t[j];
- }
-
- /* Precompute m */
- for (i = 0; i < 8; i++) {
- data->m[i] = m[i];
- }
-
- ret = 1;
-
- err:
- /* Cleanup */
- if (ctx != NULL) {
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- }
- BN_free(&two_768);
- BN_free(&two_640);
- BN_free(&two_128);
- BN_free(&two_512);
- BN_free(&tmp);
- BN_free(&tmp2);
- BN_free(&_m);
-
- return ret;
-}
-
-static int e_rsax_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
- BN_CTX *ctx)
-{
- BIGNUM *r1, *m1, *vrfy;
- BIGNUM local_dmp1, local_dmq1, local_c, local_r1;
- BIGNUM *dmp1, *dmq1, *c, *pr1;
- int ret = 0;
-
- BN_CTX_start(ctx);
- r1 = BN_CTX_get(ctx);
- m1 = BN_CTX_get(ctx);
- vrfy = BN_CTX_get(ctx);
-
- {
- BIGNUM local_p, local_q;
- BIGNUM *p = NULL, *q = NULL;
- int error = 0;
-
- /*
- * Make sure BN_mod_inverse in Montgomery intialization uses the
- * BN_FLG_CONSTTIME flag (unless RSA_FLAG_NO_CONSTTIME is set)
- */
- if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
- BN_init(&local_p);
- p = &local_p;
- BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME);
-
- BN_init(&local_q);
- q = &local_q;
- BN_with_flags(q, rsa->q, BN_FLG_CONSTTIME);
- } else {
- p = rsa->p;
- q = rsa->q;
- }
-
- if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) {
- if (!BN_MONT_CTX_set_locked
- (&rsa->_method_mod_p, CRYPTO_LOCK_RSA, p, ctx))
- error = 1;
- if (!BN_MONT_CTX_set_locked
- (&rsa->_method_mod_q, CRYPTO_LOCK_RSA, q, ctx))
- error = 1;
- }
-
- /* clean up */
- if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
- BN_free(&local_p);
- BN_free(&local_q);
- }
- if (error)
- goto err;
- }
-
- if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
- if (!BN_MONT_CTX_set_locked
- (&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
- goto err;
-
- /* compute I mod q */
- if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
- c = &local_c;
- BN_with_flags(c, I, BN_FLG_CONSTTIME);
- if (!BN_mod(r1, c, rsa->q, ctx))
- goto err;
- } else {
- if (!BN_mod(r1, I, rsa->q, ctx))
- goto err;
- }
-
- /* compute r1^dmq1 mod q */
- if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
- dmq1 = &local_dmq1;
- BN_with_flags(dmq1, rsa->dmq1, BN_FLG_CONSTTIME);
- } else
- dmq1 = rsa->dmq1;
-
- if (!e_rsax_bn_mod_exp(m1, r1, dmq1, rsa->q, ctx,
- rsa->_method_mod_q, e_rsax_get_ctx(rsa, 0,
- rsa->q)))
- goto err;
-
- /* compute I mod p */
- if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
- c = &local_c;
- BN_with_flags(c, I, BN_FLG_CONSTTIME);
- if (!BN_mod(r1, c, rsa->p, ctx))
- goto err;
- } else {
- if (!BN_mod(r1, I, rsa->p, ctx))
- goto err;
- }
-
- /* compute r1^dmp1 mod p */
- if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
- dmp1 = &local_dmp1;
- BN_with_flags(dmp1, rsa->dmp1, BN_FLG_CONSTTIME);
- } else
- dmp1 = rsa->dmp1;
-
- if (!e_rsax_bn_mod_exp(r0, r1, dmp1, rsa->p, ctx,
- rsa->_method_mod_p, e_rsax_get_ctx(rsa, 1,
- rsa->p)))
- goto err;
-
- if (!BN_sub(r0, r0, m1))
- goto err;
- /*
- * This will help stop the size of r0 increasing, which does affect the
- * multiply if it optimised for a power of 2 size
- */
- if (BN_is_negative(r0))
- if (!BN_add(r0, r0, rsa->p))
- goto err;
-
- if (!BN_mul(r1, r0, rsa->iqmp, ctx))
- goto err;
-
- /* Turn BN_FLG_CONSTTIME flag on before division operation */
- if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
- pr1 = &local_r1;
- BN_with_flags(pr1, r1, BN_FLG_CONSTTIME);
- } else
- pr1 = r1;
- if (!BN_mod(r0, pr1, rsa->p, ctx))
- goto err;
-
- /*
- * If p < q it is occasionally possible for the correction of adding 'p'
- * if r0 is negative above to leave the result still negative. This can
- * break the private key operations: the following second correction
- * should *always* correct this rare occurrence. This will *never* happen
- * with OpenSSL generated keys because they ensure p > q [steve]
- */
- if (BN_is_negative(r0))
- if (!BN_add(r0, r0, rsa->p))
- goto err;
- if (!BN_mul(r1, r0, rsa->q, ctx))
- goto err;
- if (!BN_add(r0, r1, m1))
- goto err;
-
- if (rsa->e && rsa->n) {
- if (!e_rsax_bn_mod_exp
- (vrfy, r0, rsa->e, rsa->n, ctx, rsa->_method_mod_n,
- e_rsax_get_ctx(rsa, 2, rsa->n)))
- goto err;
-
- /*
- * If 'I' was greater than (or equal to) rsa->n, the operation will
- * be equivalent to using 'I mod n'. However, the result of the
- * verify will *always* be less than 'n' so we don't check for
- * absolute equality, just congruency.
- */
- if (!BN_sub(vrfy, vrfy, I))
- goto err;
- if (!BN_mod(vrfy, vrfy, rsa->n, ctx))
- goto err;
- if (BN_is_negative(vrfy))
- if (!BN_add(vrfy, vrfy, rsa->n))
- goto err;
- if (!BN_is_zero(vrfy)) {
- /*
- * 'I' and 'vrfy' aren't congruent mod n. Don't leak
- * miscalculated CRT output, just do a raw (slower) mod_exp and
- * return that instead.
- */
-
- BIGNUM local_d;
- BIGNUM *d = NULL;
-
- if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
- d = &local_d;
- BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
- } else
- d = rsa->d;
- if (!e_rsax_bn_mod_exp(r0, I, d, rsa->n, ctx,
- rsa->_method_mod_n, e_rsax_get_ctx(rsa, 2,
- rsa->n)))
- goto err;
- }
- }
- ret = 1;
-
- err:
- BN_CTX_end(ctx);
-
- return ret;
-}
-# endif /* !OPENSSL_NO_RSA */
-#endif /* !COMPILE_RSAX */
diff --git a/openssl/crypto/evp/Makefile b/openssl/crypto/evp/Makefile
index 30590d56b..c9afca7cb 100644
--- a/openssl/crypto/evp/Makefile
+++ b/openssl/crypto/evp/Makefile
@@ -13,7 +13,7 @@ AR= ar r
CFLAGS= $(INCLUDES) $(CFLAG)
GENERAL=Makefile
-TEST=evp_test.c
+TEST=evp_test.c evp_extra_test.c
TESTDATA=evptests.txt
APPS=
diff --git a/openssl/crypto/evp/digest.c b/openssl/crypto/evp/digest.c
index bd7760d0c..f2643f324 100644
--- a/openssl/crypto/evp/digest.c
+++ b/openssl/crypto/evp/digest.c
@@ -203,9 +203,12 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
ctx->engine = impl;
} else
ctx->engine = NULL;
- } else if (!ctx->digest) {
- EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_NO_DIGEST_SET);
- return 0;
+ } else {
+ if (!ctx->digest) {
+ EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_NO_DIGEST_SET);
+ return 0;
+ }
+ type = ctx->digest;
}
#endif
if (ctx->digest != type) {
diff --git a/openssl/crypto/evp/e_aes.c b/openssl/crypto/evp/e_aes.c
index 41844bcab..8161b2632 100644
--- a/openssl/crypto/evp/e_aes.c
+++ b/openssl/crypto/evp/e_aes.c
@@ -790,6 +790,8 @@ static int aes_t4_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
default:
return 0;
}
+# else
+ cctx->str = NULL;
# endif
cctx->key_set = 1;
}
diff --git a/openssl/crypto/evp/evp_extra_test.c b/openssl/crypto/evp/evp_extra_test.c
new file mode 100644
index 000000000..0f7b011ce
--- /dev/null
+++ b/openssl/crypto/evp/evp_extra_test.c
@@ -0,0 +1,489 @@
+/* Copyright (c) 2014, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/bio.h>
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/rsa.h>
+#include <openssl/x509.h>
+
+/*
+ * kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you
+ * should never use this key anywhere but in an example.
+ */
+static const unsigned char kExampleRSAKeyDER[] = {
+ 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xf8,
+ 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5, 0xb4, 0x59,
+ 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e, 0xd3, 0x37,
+ 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34, 0x75, 0x71,
+ 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde, 0x97, 0x8a,
+ 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8, 0x50, 0xe4,
+ 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b, 0xdc, 0xec,
+ 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83, 0x58, 0x76,
+ 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48, 0x1a, 0xd8,
+ 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a, 0x5c, 0xd7,
+ 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2, 0xa7, 0x2c,
+ 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01, 0x00, 0x01,
+ 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a, 0x6d, 0xc7,
+ 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5, 0x32, 0x85,
+ 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6, 0x5f, 0xee,
+ 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8, 0x66, 0x85,
+ 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6, 0xa4, 0x0a,
+ 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f, 0xc2, 0x15,
+ 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c, 0x5b, 0x83,
+ 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78, 0x80, 0x1b,
+ 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71, 0x99, 0x73,
+ 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60, 0x1f, 0x99,
+ 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d, 0xb1, 0x02,
+ 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3, 0x40, 0x41,
+ 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d, 0x3d, 0x59,
+ 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18, 0xc6, 0xd9,
+ 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d, 0x9f, 0xef,
+ 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32, 0x46, 0x87,
+ 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc, 0x2c, 0xdf,
+ 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63, 0x55, 0xf5,
+ 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05, 0xcd, 0xb5,
+ 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16, 0xb3, 0x62,
+ 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3, 0x9b, 0x64,
+ 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85, 0xfa, 0xb8,
+ 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97, 0xe8, 0xba,
+ 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7, 0xe7, 0xfe,
+ 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99, 0x75, 0xe7,
+ 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4, 0x9d, 0xfe,
+ 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d, 0xf1, 0xdb,
+ 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40, 0x5a, 0x34,
+ 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26, 0x84, 0x27,
+ 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1, 0xe9, 0xc0,
+ 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c, 0xb9, 0xba,
+ 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30, 0x10, 0x06,
+ 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea, 0x52, 0x2c,
+ 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b, 0xc4, 0x1e,
+ 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e, 0x49, 0xaf,
+ 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9, 0xd1, 0x8a,
+ 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae, 0x17, 0x17,
+ 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d, 0x08, 0xf1,
+ 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
+};
+
+static const unsigned char kMsg[] = { 1, 2, 3, 4 };
+
+static const unsigned char kSignature[] = {
+ 0xa5, 0xf0, 0x8a, 0x47, 0x5d, 0x3c, 0xb3, 0xcc, 0xa9, 0x79, 0xaf, 0x4d,
+ 0x8c, 0xae, 0x4c, 0x14, 0xef, 0xc2, 0x0b, 0x34, 0x36, 0xde, 0xf4, 0x3e,
+ 0x3d, 0xbb, 0x4a, 0x60, 0x5c, 0xc8, 0x91, 0x28, 0xda, 0xfb, 0x7e, 0x04,
+ 0x96, 0x7e, 0x63, 0x13, 0x90, 0xce, 0xb9, 0xb4, 0x62, 0x7a, 0xfd, 0x09,
+ 0x3d, 0xc7, 0x67, 0x78, 0x54, 0x04, 0xeb, 0x52, 0x62, 0x6e, 0x24, 0x67,
+ 0xb4, 0x40, 0xfc, 0x57, 0x62, 0xc6, 0xf1, 0x67, 0xc1, 0x97, 0x8f, 0x6a,
+ 0xa8, 0xae, 0x44, 0x46, 0x5e, 0xab, 0x67, 0x17, 0x53, 0x19, 0x3a, 0xda,
+ 0x5a, 0xc8, 0x16, 0x3e, 0x86, 0xd5, 0xc5, 0x71, 0x2f, 0xfc, 0x23, 0x48,
+ 0xd9, 0x0b, 0x13, 0xdd, 0x7b, 0x5a, 0x25, 0x79, 0xef, 0xa5, 0x7b, 0x04,
+ 0xed, 0x44, 0xf6, 0x18, 0x55, 0xe4, 0x0a, 0xe9, 0x57, 0x79, 0x5d, 0xd7,
+ 0x55, 0xa7, 0xab, 0x45, 0x02, 0x97, 0x60, 0x42,
+};
+
+/*
+ * kExampleRSAKeyPKCS8 is kExampleRSAKeyDER encoded in a PKCS #8
+ * PrivateKeyInfo.
+ */
+static const unsigned char kExampleRSAKeyPKCS8[] = {
+ 0x30, 0x82, 0x02, 0x76, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a,
+ 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
+ 0x02, 0x60, 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81,
+ 0x00, 0xf8, 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5,
+ 0xb4, 0x59, 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e,
+ 0xd3, 0x37, 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34,
+ 0x75, 0x71, 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde,
+ 0x97, 0x8a, 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8,
+ 0x50, 0xe4, 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b,
+ 0xdc, 0xec, 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83,
+ 0x58, 0x76, 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48,
+ 0x1a, 0xd8, 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a,
+ 0x5c, 0xd7, 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2,
+ 0xa7, 0x2c, 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01,
+ 0x00, 0x01, 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a,
+ 0x6d, 0xc7, 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5,
+ 0x32, 0x85, 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6,
+ 0x5f, 0xee, 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8,
+ 0x66, 0x85, 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6,
+ 0xa4, 0x0a, 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f,
+ 0xc2, 0x15, 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c,
+ 0x5b, 0x83, 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78,
+ 0x80, 0x1b, 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71,
+ 0x99, 0x73, 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60,
+ 0x1f, 0x99, 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d,
+ 0xb1, 0x02, 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3,
+ 0x40, 0x41, 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d,
+ 0x3d, 0x59, 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18,
+ 0xc6, 0xd9, 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d,
+ 0x9f, 0xef, 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32,
+ 0x46, 0x87, 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc,
+ 0x2c, 0xdf, 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63,
+ 0x55, 0xf5, 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05,
+ 0xcd, 0xb5, 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16,
+ 0xb3, 0x62, 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3,
+ 0x9b, 0x64, 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85,
+ 0xfa, 0xb8, 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97,
+ 0xe8, 0xba, 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7,
+ 0xe7, 0xfe, 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99,
+ 0x75, 0xe7, 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4,
+ 0x9d, 0xfe, 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d,
+ 0xf1, 0xdb, 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40,
+ 0x5a, 0x34, 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26,
+ 0x84, 0x27, 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1,
+ 0xe9, 0xc0, 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c,
+ 0xb9, 0xba, 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30,
+ 0x10, 0x06, 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea,
+ 0x52, 0x2c, 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b,
+ 0xc4, 0x1e, 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e,
+ 0x49, 0xaf, 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9,
+ 0xd1, 0x8a, 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae,
+ 0x17, 0x17, 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d,
+ 0x08, 0xf1, 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
+};
+
+#ifndef OPENSSL_NO_EC
+/*
+ * kExampleECKeyDER is a sample EC private key encoded as an ECPrivateKey
+ * structure.
+ */
+static const unsigned char kExampleECKeyDER[] = {
+ 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x07, 0x0f, 0x08, 0x72, 0x7a,
+ 0xd4, 0xa0, 0x4a, 0x9c, 0xdd, 0x59, 0xc9, 0x4d, 0x89, 0x68, 0x77, 0x08,
+ 0xb5, 0x6f, 0xc9, 0x5d, 0x30, 0x77, 0x0e, 0xe8, 0xd1, 0xc9, 0xce, 0x0a,
+ 0x8b, 0xb4, 0x6a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
+ 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xe6, 0x2b, 0x69,
+ 0xe2, 0xbf, 0x65, 0x9f, 0x97, 0xbe, 0x2f, 0x1e, 0x0d, 0x94, 0x8a, 0x4c,
+ 0xd5, 0x97, 0x6b, 0xb7, 0xa9, 0x1e, 0x0d, 0x46, 0xfb, 0xdd, 0xa9, 0xa9,
+ 0x1e, 0x9d, 0xdc, 0xba, 0x5a, 0x01, 0xe7, 0xd6, 0x97, 0xa8, 0x0a, 0x18,
+ 0xf9, 0xc3, 0xc4, 0xa3, 0x1e, 0x56, 0xe2, 0x7c, 0x83, 0x48, 0xdb, 0x16,
+ 0x1a, 0x1c, 0xf5, 0x1d, 0x7e, 0xf1, 0x94, 0x2d, 0x4b, 0xcf, 0x72, 0x22,
+ 0xc1,
+};
+
+/*
+ * kExampleBadECKeyDER is a sample EC private key encoded as an ECPrivateKey
+ * structure. The private key is equal to the order and will fail to import
+ */
+static const unsigned char kExampleBadECKeyDER[] = {
+ 0x30, 0x66, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48,
+ 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03,
+ 0x01, 0x07, 0x04, 0x4C, 0x30, 0x4A, 0x02, 0x01, 0x01, 0x04, 0x20, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 0xF3,
+ 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51, 0xA1, 0x23, 0x03, 0x21, 0x00,
+ 0x00, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
+ 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
+};
+#endif
+
+static EVP_PKEY *load_example_rsa_key(void)
+{
+ EVP_PKEY *ret = NULL;
+ const unsigned char *derp = kExampleRSAKeyDER;
+ EVP_PKEY *pkey = NULL;
+ RSA *rsa = NULL;
+
+ if (!d2i_RSAPrivateKey(&rsa, &derp, sizeof(kExampleRSAKeyDER))) {
+ return NULL;
+ }
+
+ pkey = EVP_PKEY_new();
+ if (pkey == NULL || !EVP_PKEY_set1_RSA(pkey, rsa)) {
+ goto out;
+ }
+
+ ret = pkey;
+ pkey = NULL;
+
+ out:
+ if (pkey) {
+ EVP_PKEY_free(pkey);
+ }
+ if (rsa) {
+ RSA_free(rsa);
+ }
+
+ return ret;
+}
+
+static int test_EVP_DigestSignInit(void)
+{
+ int ret = 0;
+ EVP_PKEY *pkey = NULL;
+ unsigned char *sig = NULL;
+ size_t sig_len = 0;
+ EVP_MD_CTX md_ctx, md_ctx_verify;
+
+ EVP_MD_CTX_init(&md_ctx);
+ EVP_MD_CTX_init(&md_ctx_verify);
+
+ pkey = load_example_rsa_key();
+ if (pkey == NULL ||
+ !EVP_DigestSignInit(&md_ctx, NULL, EVP_sha256(), NULL, pkey) ||
+ !EVP_DigestSignUpdate(&md_ctx, kMsg, sizeof(kMsg))) {
+ goto out;
+ }
+ /* Determine the size of the signature. */
+ if (!EVP_DigestSignFinal(&md_ctx, NULL, &sig_len)) {
+ goto out;
+ }
+ /* Sanity check for testing. */
+ if (sig_len != (size_t)EVP_PKEY_size(pkey)) {
+ fprintf(stderr, "sig_len mismatch\n");
+ goto out;
+ }
+
+ sig = OPENSSL_malloc(sig_len);
+ if (sig == NULL || !EVP_DigestSignFinal(&md_ctx, sig, &sig_len)) {
+ goto out;
+ }
+
+ /* Ensure that the signature round-trips. */
+ if (!EVP_DigestVerifyInit(&md_ctx_verify, NULL, EVP_sha256(), NULL, pkey)
+ || !EVP_DigestVerifyUpdate(&md_ctx_verify, kMsg, sizeof(kMsg))
+ || !EVP_DigestVerifyFinal(&md_ctx_verify, sig, sig_len)) {
+ goto out;
+ }
+
+ ret = 1;
+
+ out:
+ if (!ret) {
+ ERR_print_errors_fp(stderr);
+ }
+
+ EVP_MD_CTX_cleanup(&md_ctx);
+ EVP_MD_CTX_cleanup(&md_ctx_verify);
+ if (pkey) {
+ EVP_PKEY_free(pkey);
+ }
+ if (sig) {
+ OPENSSL_free(sig);
+ }
+
+ return ret;
+}
+
+static int test_EVP_DigestVerifyInit(void)
+{
+ int ret = 0;
+ EVP_PKEY *pkey = NULL;
+ EVP_MD_CTX md_ctx;
+
+ EVP_MD_CTX_init(&md_ctx);
+
+ pkey = load_example_rsa_key();
+ if (pkey == NULL ||
+ !EVP_DigestVerifyInit(&md_ctx, NULL, EVP_sha256(), NULL, pkey) ||
+ !EVP_DigestVerifyUpdate(&md_ctx, kMsg, sizeof(kMsg)) ||
+ !EVP_DigestVerifyFinal(&md_ctx, kSignature, sizeof(kSignature))) {
+ goto out;
+ }
+ ret = 1;
+
+ out:
+ if (!ret) {
+ ERR_print_errors_fp(stderr);
+ }
+
+ EVP_MD_CTX_cleanup(&md_ctx);
+ if (pkey) {
+ EVP_PKEY_free(pkey);
+ }
+
+ return ret;
+}
+
+static int test_d2i_AutoPrivateKey(const unsigned char *input,
+ size_t input_len, int expected_id)
+{
+ int ret = 0;
+ const unsigned char *p;
+ EVP_PKEY *pkey = NULL;
+
+ p = input;
+ pkey = d2i_AutoPrivateKey(NULL, &p, input_len);
+ if (pkey == NULL || p != input + input_len) {
+ fprintf(stderr, "d2i_AutoPrivateKey failed\n");
+ goto done;
+ }
+
+ if (EVP_PKEY_id(pkey) != expected_id) {
+ fprintf(stderr, "Did not decode expected type\n");
+ goto done;
+ }
+
+ ret = 1;
+
+ done:
+ if (!ret) {
+ ERR_print_errors_fp(stderr);
+ }
+
+ if (pkey != NULL) {
+ EVP_PKEY_free(pkey);
+ }
+ return ret;
+}
+
+#ifndef OPENSSL_NO_EC
+/* Tests loading a bad key in PKCS8 format */
+static int test_EVP_PKCS82PKEY(void)
+{
+ int ret = 0;
+ const unsigned char *derp = kExampleBadECKeyDER;
+ PKCS8_PRIV_KEY_INFO *p8inf = NULL;
+ EVP_PKEY *pkey = NULL;
+
+ p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp, sizeof(kExampleBadECKeyDER));
+
+ if (!p8inf || derp != kExampleBadECKeyDER + sizeof(kExampleBadECKeyDER)) {
+ fprintf(stderr, "Failed to parse key\n");
+ goto done;
+ }
+
+ pkey = EVP_PKCS82PKEY(p8inf);
+ if (pkey) {
+ fprintf(stderr, "Imported invalid EC key\n");
+ goto done;
+ }
+
+ ret = 1;
+
+ done:
+ if (p8inf != NULL) {
+ PKCS8_PRIV_KEY_INFO_free(p8inf);
+ }
+
+ if (pkey != NULL) {
+ EVP_PKEY_free(pkey);
+ }
+
+ return ret;
+}
+#endif
+
+int main(void)
+{
+ CRYPTO_malloc_debug_init();
+ CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+ ERR_load_crypto_strings();
+ /* Load up the software EVP_CIPHER and EVP_MD definitions */
+ OpenSSL_add_all_ciphers();
+ OpenSSL_add_all_digests();
+
+ if (!test_EVP_DigestSignInit()) {
+ fprintf(stderr, "EVP_DigestSignInit failed\n");
+ return 1;
+ }
+
+ if (!test_EVP_DigestVerifyInit()) {
+ fprintf(stderr, "EVP_DigestVerifyInit failed\n");
+ return 1;
+ }
+
+ if (!test_d2i_AutoPrivateKey(kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER),
+ EVP_PKEY_RSA)) {
+ fprintf(stderr, "d2i_AutoPrivateKey(kExampleRSAKeyDER) failed\n");
+ return 1;
+ }
+
+ if (!test_d2i_AutoPrivateKey
+ (kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), EVP_PKEY_RSA)) {
+ fprintf(stderr, "d2i_AutoPrivateKey(kExampleRSAKeyPKCS8) failed\n");
+ return 1;
+ }
+
+#ifndef OPENSSL_NO_EC
+ if (!test_d2i_AutoPrivateKey(kExampleECKeyDER, sizeof(kExampleECKeyDER),
+ EVP_PKEY_EC)) {
+ fprintf(stderr, "d2i_AutoPrivateKey(kExampleECKeyDER) failed\n");
+ return 1;
+ }
+
+ if (!test_EVP_PKCS82PKEY()) {
+ fprintf(stderr, "test_EVP_PKCS82PKEY failed\n");
+ return 1;
+ }
+#endif
+
+ EVP_cleanup();
+ CRYPTO_cleanup_all_ex_data();
+ ERR_remove_thread_state(NULL);
+ ERR_free_strings();
+ CRYPTO_mem_leaks_fp(stderr);
+
+ printf("PASS\n");
+ return 0;
+}
diff --git a/openssl/crypto/ex_data.c b/openssl/crypto/ex_data.c
index 5a3546a2d..f96a51781 100644
--- a/openssl/crypto/ex_data.c
+++ b/openssl/crypto/ex_data.c
@@ -500,6 +500,8 @@ static void int_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
EX_CLASS_ITEM *item;
void *ptr;
CRYPTO_EX_DATA_FUNCS **storage = NULL;
+ if (ex_data == NULL)
+ return;
if ((item = def_get_class(class_index)) == NULL)
return;
CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA);
diff --git a/openssl/crypto/modes/gcm128.c b/openssl/crypto/modes/gcm128.c
index 4debf537f..24a84a7ae 100644
--- a/openssl/crypto/modes/gcm128.c
+++ b/openssl/crypto/modes/gcm128.c
@@ -852,7 +852,11 @@ void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block)
{
gcm_init_4bit(ctx->Htable, ctx->H.u);
ctx->gmult = gcm_gmult_4bit;
+# if defined(GHASH)
ctx->ghash = gcm_ghash_4bit;
+# else
+ ctx->ghash = NULL;
+# endif
}
# elif defined(GHASH_ASM_SPARC)
if (OPENSSL_sparcv9cap_P[0] & SPARCV9_VIS3) {
@@ -872,7 +876,11 @@ void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block)
} else {
gcm_init_4bit(ctx->Htable, ctx->H.u);
ctx->gmult = gcm_gmult_4bit;
+# if defined(GHASH)
ctx->ghash = gcm_ghash_4bit;
+# else
+ ctx->ghash = NULL;
+# endif
}
# else
gcm_init_4bit(ctx->Htable, ctx->H.u);
diff --git a/openssl/crypto/objects/o_names.c b/openssl/crypto/objects/o_names.c
index e1e13a613..c6774f457 100644
--- a/openssl/crypto/objects/o_names.c
+++ b/openssl/crypto/objects/o_names.c
@@ -312,15 +312,18 @@ void OBJ_NAME_do_all_sorted(int type,
d.type = type;
d.names =
OPENSSL_malloc(lh_OBJ_NAME_num_items(names_lh) * sizeof *d.names);
- d.n = 0;
- OBJ_NAME_do_all(type, do_all_sorted_fn, &d);
+ /* Really should return an error if !d.names...but its a void function! */
+ if(d.names) {
+ d.n = 0;
+ OBJ_NAME_do_all(type, do_all_sorted_fn, &d);
- qsort((void *)d.names, d.n, sizeof *d.names, do_all_sorted_cmp);
+ qsort((void *)d.names, d.n, sizeof *d.names, do_all_sorted_cmp);
- for (n = 0; n < d.n; ++n)
- fn(d.names[n], arg);
+ for (n = 0; n < d.n; ++n)
+ fn(d.names[n], arg);
- OPENSSL_free((void *)d.names);
+ OPENSSL_free((void *)d.names);
+ }
}
static int free_type;
diff --git a/openssl/crypto/objects/objects.pl b/openssl/crypto/objects/objects.pl
index 15c00bbd5..d0ed459d3 100644
--- a/openssl/crypto/objects/objects.pl
+++ b/openssl/crypto/objects/objects.pl
@@ -121,9 +121,9 @@ open (OUT,">$ARGV[2]") || die "Can't open output file $ARGV[2]";
print OUT <<'EOF';
/* crypto/objects/obj_mac.h */
-/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the
- * following command:
- * perl objects.pl objects.txt obj_mac.num obj_mac.h
+/*
+ * THIS FILE IS GENERATED FROM objects.txt by objects.pl via the following
+ * command: perl objects.pl objects.txt obj_mac.num obj_mac.h
*/
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
@@ -132,21 +132,21 @@ print OUT <<'EOF';
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -161,10 +161,10 @@ print OUT <<'EOF';
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -176,28 +176,36 @@ print OUT <<'EOF';
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
-#define SN_undef "UNDEF"
-#define LN_undef "undefined"
-#define NID_undef 0
-#define OBJ_undef 0L
-
+#define SN_undef "UNDEF"
+#define LN_undef "undefined"
+#define NID_undef 0
+#define OBJ_undef 0L
EOF
+sub expand
+ {
+ my $string = shift;
+
+ 1 while $string =~ s/\t+/' ' x (length($&) * 8 - length($`) % 8)/e;
+
+ return $string;
+ }
+
foreach (sort { $a <=> $b } keys %ordern)
{
$Cname=$ordern{$_};
- print OUT "#define SN_",$Cname,"\t\t\"",$sn{$Cname},"\"\n" if $sn{$Cname} ne "";
- print OUT "#define LN_",$Cname,"\t\t\"",$ln{$Cname},"\"\n" if $ln{$Cname} ne "";
- print OUT "#define NID_",$Cname,"\t\t",$nid{$Cname},"\n" if $nid{$Cname} ne "";
- print OUT "#define OBJ_",$Cname,"\t\t",$obj{$Cname},"\n" if $obj{$Cname} ne "";
print OUT "\n";
+ print OUT expand("#define SN_$Cname\t\t\"$sn{$Cname}\"\n") if $sn{$Cname} ne "";
+ print OUT expand("#define LN_$Cname\t\t\"$ln{$Cname}\"\n") if $ln{$Cname} ne "";
+ print OUT expand("#define NID_$Cname\t\t$nid{$Cname}\n") if $nid{$Cname} ne "";
+ print OUT expand("#define OBJ_$Cname\t\t$obj{$Cname}\n") if $obj{$Cname} ne "";
}
close OUT;
diff --git a/openssl/crypto/objects/objxref.pl b/openssl/crypto/objects/objxref.pl
index 833f4ab88..1913b9d13 100644
--- a/openssl/crypto/objects/objxref.pl
+++ b/openssl/crypto/objects/objxref.pl
@@ -63,30 +63,36 @@ $pname =~ s|^.[^/]/||;
print <<EOF;
/* AUTOGENERATED BY $pname, DO NOT EDIT */
-typedef struct
- {
- int sign_id;
- int hash_id;
- int pkey_id;
- } nid_triple;
+typedef struct {
+ int sign_id;
+ int hash_id;
+ int pkey_id;
+} nid_triple;
-static const nid_triple sigoid_srt[] =
- {
+static const nid_triple sigoid_srt[] = {
EOF
foreach (@srt1)
{
my $xr = $_;
my ($p1, $p2) = @{$xref_tbl{$_}};
- print "\t{NID_$xr, NID_$p1, NID_$p2},\n";
- }
+ my $o1 = " {NID_$xr, NID_$p1,";
+ my $o2 = "NID_$p2},";
+ if (length("$o1 $o2") < 78)
+ {
+ print "$o1 $o2\n";
+ }
+ else
+ {
+ print "$o1\n $o2\n";
+ }
+ }
-print "\t};";
+print "};";
print <<EOF;
-static const nid_triple * const sigoid_srt_xref[] =
- {
+static const nid_triple *const sigoid_srt_xref[] = {
EOF
foreach (@srt2)
@@ -95,10 +101,10 @@ foreach (@srt2)
# If digest or signature algorithm is "undef" then the algorithm
# needs special handling and is excluded from the cross reference table.
next if $p1 eq "undef" || $p2 eq "undef";
- print "\t\&sigoid_srt\[$x\],\n";
+ print " \&sigoid_srt\[$x\],\n";
}
-print "\t};\n\n";
+print "};\n";
sub check_oid
{
@@ -108,4 +114,3 @@ sub check_oid
die "Not Found \"$chk\"\n";
}
}
-
diff --git a/openssl/crypto/opensslv.h b/openssl/crypto/opensslv.h
index e277caee8..4f20b97a8 100644
--- a/openssl/crypto/opensslv.h
+++ b/openssl/crypto/opensslv.h
@@ -30,11 +30,11 @@ extern "C" {
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
-# define OPENSSL_VERSION_NUMBER 0x1000200fL
+# define OPENSSL_VERSION_NUMBER 0x1000201fL
# ifdef OPENSSL_FIPS
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2-fips 22 Jan 2015"
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2a-fips 19 Mar 2015"
# else
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2 22 Jan 2015"
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2a 19 Mar 2015"
# endif
# define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
diff --git a/openssl/crypto/perlasm/sparcv9_modes.pl b/openssl/crypto/perlasm/sparcv9_modes.pl
index dc55b34e4..eb267a57e 100755
--- a/openssl/crypto/perlasm/sparcv9_modes.pl
+++ b/openssl/crypto/perlasm/sparcv9_modes.pl
@@ -1249,6 +1249,7 @@ $code.=<<___;
fxor %f8, %f4, %f4
fxor %f10, %f6, %f6
+ subcc $len, 2, $len
stda %f0, [$out]0xe2 ! ASI_BLK_INIT, T4-specific
add $out, 8, $out
stda %f2, [$out]0xe2 ! ASI_BLK_INIT, T4-specific
diff --git a/openssl/crypto/pkcs7/pk7_doit.c b/openssl/crypto/pkcs7/pk7_doit.c
index dd6f6756b..31a1b983f 100644
--- a/openssl/crypto/pkcs7/pk7_doit.c
+++ b/openssl/crypto/pkcs7/pk7_doit.c
@@ -261,6 +261,25 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
PKCS7_RECIP_INFO *ri = NULL;
ASN1_OCTET_STRING *os = NULL;
+ if (p7 == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_INVALID_NULL_POINTER);
+ return NULL;
+ }
+ /*
+ * The content field in the PKCS7 ContentInfo is optional, but that really
+ * only applies to inner content (precisely, detached signatures).
+ *
+ * When reading content, missing outer content is therefore treated as an
+ * error.
+ *
+ * When creating content, PKCS7_content_new() must be called before
+ * calling this method, so a NULL p7->d is always an error.
+ */
+ if (p7->d.ptr == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_NO_CONTENT);
+ return NULL;
+ }
+
i = OBJ_obj2nid(p7->type);
p7->state = PKCS7_S_HEADER;
@@ -411,6 +430,16 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
unsigned char *ek = NULL, *tkey = NULL;
int eklen = 0, tkeylen = 0;
+ if (p7 == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_INVALID_NULL_POINTER);
+ return NULL;
+ }
+
+ if (p7->d.ptr == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT);
+ return NULL;
+ }
+
i = OBJ_obj2nid(p7->type);
p7->state = PKCS7_S_HEADER;
@@ -707,6 +736,16 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
STACK_OF(PKCS7_SIGNER_INFO) *si_sk = NULL;
ASN1_OCTET_STRING *os = NULL;
+ if (p7 == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_INVALID_NULL_POINTER);
+ return 0;
+ }
+
+ if (p7->d.ptr == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_NO_CONTENT);
+ return 0;
+ }
+
EVP_MD_CTX_init(&ctx_tmp);
i = OBJ_obj2nid(p7->type);
p7->state = PKCS7_S_HEADER;
@@ -746,6 +785,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
/* If detached data then the content is excluded */
if (PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) {
M_ASN1_OCTET_STRING_free(os);
+ os = NULL;
p7->d.sign->contents->d.data = NULL;
}
break;
@@ -755,6 +795,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
/* If detached data then the content is excluded */
if (PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) {
M_ASN1_OCTET_STRING_free(os);
+ os = NULL;
p7->d.digest->contents->d.data = NULL;
}
break;
@@ -820,22 +861,30 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len);
}
- if (!PKCS7_is_detached(p7) && !(os->flags & ASN1_STRING_FLAG_NDEF)) {
- char *cont;
- long contlen;
- btmp = BIO_find_type(bio, BIO_TYPE_MEM);
- if (btmp == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
- goto err;
- }
- contlen = BIO_get_mem_data(btmp, &cont);
+ if (!PKCS7_is_detached(p7)) {
/*
- * Mark the BIO read only then we can use its copy of the data
- * instead of making an extra copy.
+ * NOTE(emilia): I think we only reach os == NULL here because detached
+ * digested data support is broken.
*/
- BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY);
- BIO_set_mem_eof_return(btmp, 0);
- ASN1_STRING_set0(os, (unsigned char *)cont, contlen);
+ if (os == NULL)
+ goto err;
+ if (!(os->flags & ASN1_STRING_FLAG_NDEF)) {
+ char *cont;
+ long contlen;
+ btmp = BIO_find_type(bio, BIO_TYPE_MEM);
+ if (btmp == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
+ goto err;
+ }
+ contlen = BIO_get_mem_data(btmp, &cont);
+ /*
+ * Mark the BIO read only then we can use its copy of the data
+ * instead of making an extra copy.
+ */
+ BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY);
+ BIO_set_mem_eof_return(btmp, 0);
+ ASN1_STRING_set0(os, (unsigned char *)cont, contlen);
+ }
}
ret = 1;
err:
@@ -910,6 +959,16 @@ int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio,
STACK_OF(X509) *cert;
X509 *x509;
+ if (p7 == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_INVALID_NULL_POINTER);
+ return 0;
+ }
+
+ if (p7->d.ptr == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_NO_CONTENT);
+ return 0;
+ }
+
if (PKCS7_type_is_signed(p7)) {
cert = p7->d.sign->cert;
} else if (PKCS7_type_is_signedAndEnveloped(p7)) {
diff --git a/openssl/crypto/pkcs7/pk7_lib.c b/openssl/crypto/pkcs7/pk7_lib.c
index c77381275..0c5fcaa6a 100644
--- a/openssl/crypto/pkcs7/pk7_lib.c
+++ b/openssl/crypto/pkcs7/pk7_lib.c
@@ -70,6 +70,7 @@ long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg)
nid = OBJ_obj2nid(p7->type);
switch (cmd) {
+ /* NOTE(emilia): does not support detached digested data. */
case PKCS7_OP_SET_DETACHED_SIGNATURE:
if (nid == NID_pkcs7_signed) {
ret = p7->detached = (int)larg;
@@ -444,6 +445,8 @@ int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md)
STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7)
{
+ if (p7 == NULL || p7->d.ptr == NULL)
+ return NULL;
if (PKCS7_type_is_signed(p7)) {
return (p7->d.sign->signer_info);
} else if (PKCS7_type_is_signedAndEnveloped(p7)) {
diff --git a/openssl/crypto/rand/rand_egd.c b/openssl/crypto/rand/rand_egd.c
index 1b6e501b7..737aebfa2 100644
--- a/openssl/crypto/rand/rand_egd.c
+++ b/openssl/crypto/rand/rand_egd.c
@@ -113,6 +113,7 @@ int RAND_egd_bytes(const char *path, int bytes)
#else
# include <openssl/opensslconf.h>
# include OPENSSL_UNISTD
+# include <stddef.h>
# include <sys/types.h>
# include <sys/socket.h>
# ifndef NO_SYS_UN_H
diff --git a/openssl/crypto/rand/rand_os2.c b/openssl/crypto/rand/rand_os2.c
index 9c4a137bb..02148d5bf 100644
--- a/openssl/crypto/rand/rand_os2.c
+++ b/openssl/crypto/rand/rand_os2.c
@@ -149,6 +149,9 @@ int RAND_poll(void)
if (DosQuerySysState) {
char *buffer = OPENSSL_malloc(256 * 1024);
+ if(!buffer)
+ return 0;
+
if (DosQuerySysState(0x1F, 0, 0, 0, buffer, 256 * 1024) == 0) {
/*
* First 4 bytes in buffer is a pointer to the thread count there
diff --git a/openssl/crypto/rsa/rsa_ameth.c b/openssl/crypto/rsa/rsa_ameth.c
index c7106a313..ca3922e6c 100644
--- a/openssl/crypto/rsa/rsa_ameth.c
+++ b/openssl/crypto/rsa/rsa_ameth.c
@@ -698,9 +698,10 @@ static int rsa_item_verify(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNSUPPORTED_SIGNATURE_TYPE);
return -1;
}
- if (rsa_pss_to_ctx(ctx, NULL, sigalg, pkey))
+ if (rsa_pss_to_ctx(ctx, NULL, sigalg, pkey) > 0) {
/* Carry on */
return 2;
+ }
return -1;
}
diff --git a/openssl/crypto/rsa/rsa_sign.c b/openssl/crypto/rsa/rsa_sign.c
index bc91da2c1..19461c636 100644
--- a/openssl/crypto/rsa/rsa_sign.c
+++ b/openssl/crypto/rsa/rsa_sign.c
@@ -261,19 +261,8 @@ int int_rsa_verify(int dtype, const unsigned char *m,
OBJ_nid2ln(dtype));
#endif
if (sigtype != dtype) {
- if (((dtype == NID_md5) &&
- (sigtype == NID_md5WithRSAEncryption)) ||
- ((dtype == NID_md2) &&
- (sigtype == NID_md2WithRSAEncryption))) {
- /* ok, we will let it through */
-#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16)
- fprintf(stderr,
- "signature has problems, re-make with post SSLeay045\n");
-#endif
- } else {
- RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_ALGORITHM_MISMATCH);
- goto err;
- }
+ RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_ALGORITHM_MISMATCH);
+ goto err;
}
if (rm) {
const EVP_MD *md;
diff --git a/openssl/crypto/sha/asm/sha1-586.pl b/openssl/crypto/sha/asm/sha1-586.pl
index 8377299b1..4895eb3dd 100644
--- a/openssl/crypto/sha/asm/sha1-586.pl
+++ b/openssl/crypto/sha/asm/sha1-586.pl
@@ -450,7 +450,7 @@ sub sha1msg2 { sha1op38(0xca,@_); }
&sub ("esp",32);
&movdqu ($ABCD,&QWP(0,$ctx));
- &movd ($E,&QWP(16,$ctx));
+ &movd ($E,&DWP(16,$ctx));
&and ("esp",-32);
&movdqa ($BSWAP,&QWP(0x50,$tmp1)); # byte-n-word swap
diff --git a/openssl/crypto/stack/stack.c b/openssl/crypto/stack/stack.c
index 47457c722..de437acf6 100644
--- a/openssl/crypto/stack/stack.c
+++ b/openssl/crypto/stack/stack.c
@@ -312,7 +312,7 @@ void sk_zero(_STACK *st)
return;
if (st->num <= 0)
return;
- memset((char *)st->data, 0, sizeof(st->data) * st->num);
+ memset((char *)st->data, 0, sizeof(*st->data) * st->num);
st->num = 0;
}
diff --git a/openssl/crypto/threads/th-lock.c b/openssl/crypto/threads/th-lock.c
index 1b5765948..28884c2d4 100644
--- a/openssl/crypto/threads/th-lock.c
+++ b/openssl/crypto/threads/th-lock.c
@@ -117,6 +117,10 @@ void CRYPTO_thread_setup(void)
int i;
lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(HANDLE));
+ if(!lock_cs) {
+ /* Nothing we can do about this...void function! */
+ return;
+ }
for (i = 0; i < CRYPTO_num_locks(); i++) {
lock_cs[i] = CreateMutex(NULL, FALSE, NULL);
}
@@ -168,6 +172,10 @@ void CRYPTO_thread_setup(void)
# else
lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(rwlock_t));
# endif
+ if(!lock_cs) {
+ /* Nothing we can do about this...void function! */
+ return;
+ }
lock_count = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long));
for (i = 0; i < CRYPTO_num_locks(); i++) {
lock_count[i] = 0;
@@ -251,6 +259,12 @@ void CRYPTO_thread_setup(void)
int i;
char filename[20];
+ lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(usema_t *));
+ if(!lock_cs) {
+ /* Nothing we can do about this...void function! */
+ return;
+ }
+
strcpy(filename, "/tmp/mttest.XXXXXX");
mktemp(filename);
@@ -261,7 +275,6 @@ void CRYPTO_thread_setup(void)
arena = usinit(filename);
unlink(filename);
- lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(usema_t *));
for (i = 0; i < CRYPTO_num_locks(); i++) {
lock_cs[i] = usnewsema(arena, 1);
}
@@ -315,6 +328,14 @@ void CRYPTO_thread_setup(void)
lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t));
lock_count = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long));
+ if(!lock_cs || !lock_count) {
+ /* Nothing we can do about this...void function! */
+ if(lock_cs)
+ OPENSSL_free(lock_cs);
+ if(lock_count)
+ OPENSSL_free(lock_count);
+ return;
+ }
for (i = 0; i < CRYPTO_num_locks(); i++) {
lock_count[i] = 0;
pthread_mutex_init(&(lock_cs[i]), NULL);
diff --git a/openssl/crypto/ui/ui_openssl.c b/openssl/crypto/ui/ui_openssl.c
index 8bda83cbc..5d6627641 100644
--- a/openssl/crypto/ui/ui_openssl.c
+++ b/openssl/crypto/ui/ui_openssl.c
@@ -185,43 +185,37 @@
/*
* There are 5 types of terminal interface supported, TERMIO, TERMIOS, VMS,
- * MSDOS and SGTTY
+ * MSDOS and SGTTY.
+ *
+ * If someone defines one of the macros TERMIO, TERMIOS or SGTTY, it will
+ * remain respected. Otherwise, we default to TERMIOS except for a few
+ * systems that require something different.
+ *
+ * Note: we do not use SGTTY unless it's defined by the configuration. We
+ * may eventually opt to remove it's use entirely.
*/
-#if defined(__sgi) && !defined(TERMIOS)
-# define TERMIOS
-# undef TERMIO
-# undef SGTTY
-#endif
-
-#if defined(linux) && !defined(TERMIO)
-# undef TERMIOS
-# define TERMIO
-# undef SGTTY
-#endif
-
-#ifdef _LIBC
-# undef TERMIOS
-# define TERMIO
-# undef SGTTY
-#endif
+#if !defined(TERMIOS) && !defined(TERMIO) && !defined(SGTTY)
-#if !defined(TERMIO) && !defined(TERMIOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && !defined(MAC_OS_GUSI_SOURCE)
-# undef TERMIOS
-# undef TERMIO
-# define SGTTY
-#endif
-
-#if defined(OPENSSL_SYS_VXWORKS)
-# undef TERMIOS
-# undef TERMIO
-# undef SGTTY
-#endif
+# if defined(_LIBC)
+# undef TERMIOS
+# define TERMIO
+# undef SGTTY
+/*
+ * We know that VMS, MSDOS, VXWORKS, NETWARE use entirely other mechanisms.
+ * MAC_OS_GUSI_SOURCE should probably go away, but that needs to be confirmed.
+ */
+# elif !defined(OPENSSL_SYS_VMS) \
+ && !defined(OPENSSL_SYS_MSDOS) \
+ && !defined(OPENSSL_SYS_MACINTOSH_CLASSIC) \
+ && !defined(MAC_OS_GUSI_SOURCE) \
+ && !defined(OPENSSL_SYS_VXWORKS) \
+ && !defined(OPENSSL_SYS_NETWARE)
+# define TERMIOS
+# undef TERMIO
+# undef SGTTY
+# endif
-#if defined(OPENSSL_SYS_NETWARE)
-# undef TERMIOS
-# undef TERMIO
-# undef SGTTY
#endif
#ifdef TERMIOS
diff --git a/openssl/crypto/x509/x509_req.c b/openssl/crypto/x509/x509_req.c
index bc6e566c9..01795f4b3 100644
--- a/openssl/crypto/x509/x509_req.c
+++ b/openssl/crypto/x509/x509_req.c
@@ -92,6 +92,8 @@ X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
goto err;
pktmp = X509_get_pubkey(x);
+ if (pktmp == NULL)
+ goto err;
i = X509_REQ_set_pubkey(ret, pktmp);
EVP_PKEY_free(pktmp);
if (!i)
diff --git a/openssl/crypto/x509v3/v3_cpols.c b/openssl/crypto/x509v3/v3_cpols.c
index 476d51c0b..dca6ab2ec 100644
--- a/openssl/crypto/x509v3/v3_cpols.c
+++ b/openssl/crypto/x509v3/v3_cpols.c
@@ -230,8 +230,12 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx,
goto merr;
if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual))
goto merr;
- qual->pqualid = OBJ_nid2obj(NID_id_qt_cps);
- qual->d.cpsuri = M_ASN1_IA5STRING_new();
+ if(!(qual->pqualid = OBJ_nid2obj(NID_id_qt_cps))) {
+ X509V3err(X509V3_F_POLICY_SECTION, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ if(!(qual->d.cpsuri = M_ASN1_IA5STRING_new()))
+ goto merr;
if (!ASN1_STRING_set(qual->d.cpsuri, cnf->value,
strlen(cnf->value)))
goto merr;
@@ -290,14 +294,18 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
POLICYQUALINFO *qual;
if (!(qual = POLICYQUALINFO_new()))
goto merr;
- qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice);
+ if(!(qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice))) {
+ X509V3err(X509V3_F_NOTICE_SECTION, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
if (!(not = USERNOTICE_new()))
goto merr;
qual->d.usernotice = not;
for (i = 0; i < sk_CONF_VALUE_num(unot); i++) {
cnf = sk_CONF_VALUE_value(unot, i);
if (!strcmp(cnf->name, "explicitText")) {
- not->exptext = M_ASN1_VISIBLESTRING_new();
+ if(!(not->exptext = M_ASN1_VISIBLESTRING_new()))
+ goto merr;
if (!ASN1_STRING_set(not->exptext, cnf->value,
strlen(cnf->value)))
goto merr;
diff --git a/openssl/crypto/x509v3/v3_utl.c b/openssl/crypto/x509v3/v3_utl.c
index f65323be0..ed6099e12 100644
--- a/openssl/crypto/x509v3/v3_utl.c
+++ b/openssl/crypto/x509v3/v3_utl.c
@@ -901,8 +901,13 @@ static int do_check_string(ASN1_STRING *a, int cmp_type, equal_fn equal,
int astrlen;
unsigned char *astr;
astrlen = ASN1_STRING_to_UTF8(&astr, a);
- if (astrlen < 0)
+ if (astrlen < 0) {
+ /*
+ * -1 could be an internal malloc failure or a decoding error from
+ * malformed input; we can't distinguish.
+ */
return -1;
+ }
rv = equal(astr, astrlen, (unsigned char *)b, blen, flags);
if (rv > 0 && peername)
*peername = BUF_strndup((char *)astr, astrlen);