From ee914bf036b78dcbde9bf694794c15482d721028 Mon Sep 17 00:00:00 2001
From: Mike DePaulo <mikedep333@gmail.com>
Date: Sat, 10 Jan 2015 12:26:41 -0500
Subject: Update openssl to version openssl-1.0.1k

Conflicts:
	openssl/Makefile
---
 openssl/crypto/evp/Makefile  |  2 +-
 openssl/crypto/evp/e_des3.c  | 22 +++++++++--------
 openssl/crypto/evp/evp_enc.c | 58 +++++++++++++++++++++-----------------------
 3 files changed, 41 insertions(+), 41 deletions(-)

(limited to 'openssl/crypto/evp')

diff --git a/openssl/crypto/evp/Makefile b/openssl/crypto/evp/Makefile
index fa25bff6b..5d0c6b7db 100644
--- a/openssl/crypto/evp/Makefile
+++ b/openssl/crypto/evp/Makefile
@@ -383,7 +383,7 @@ evp_enc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
 evp_enc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 evp_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 evp_enc.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-evp_enc.o: ../constant_time_locl.h ../cryptlib.h evp_enc.c evp_locl.h
+evp_enc.o: ../cryptlib.h evp_enc.c evp_locl.h
 evp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 evp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 evp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
diff --git a/openssl/crypto/evp/e_des3.c b/openssl/crypto/evp/e_des3.c
index 8d7b7de29..7e1e8b309 100644
--- a/openssl/crypto/evp/e_des3.c
+++ b/openssl/crypto/evp/e_des3.c
@@ -124,12 +124,11 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 #ifdef KSSL_DEBUG
 	{
         int i;
-        char *cp;
-	printf("des_ede_cbc_cipher(ctx=%lx, buflen=%d)\n", ctx, ctx->buf_len);
-	printf("\t iv= ");
+	fprintf(stderr,"des_ede_cbc_cipher(ctx=%p, buflen=%d)\n", ctx, ctx->buf_len);
+	fprintf(stderr,"\t iv= ");
         for(i=0;i<8;i++)
-                printf("%02X",ctx->iv[i]);
-	printf("\n");
+                fprintf(stderr,"%02X",ctx->iv[i]);
+	fprintf(stderr,"\n");
 	}
 #endif    /* KSSL_DEBUG */
 	while (inl>=EVP_MAXCHUNK)
@@ -260,11 +259,14 @@ static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 #ifdef KSSL_DEBUG
 	{
         int i;
-        printf("des_ede3_init_key(ctx=%lx)\n", ctx);
-	printf("\tKEY= ");
-        for(i=0;i<24;i++) printf("%02X",key[i]); printf("\n");
-	printf("\t IV= ");
-        for(i=0;i<8;i++) printf("%02X",iv[i]); printf("\n");
+        fprintf(stderr,"des_ede3_init_key(ctx=%p)\n", ctx);
+	fprintf(stderr,"\tKEY= ");
+        for(i=0;i<24;i++) fprintf(stderr,"%02X",key[i]); fprintf(stderr,"\n");
+	if (iv) 
+		{
+		fprintf(stderr,"\t IV= ");
+		for(i=0;i<8;i++) fprintf(stderr,"%02X",iv[i]); fprintf(stderr,"\n");
+		}
 	}
 #endif	/* KSSL_DEBUG */
 
diff --git a/openssl/crypto/evp/evp_enc.c b/openssl/crypto/evp/evp_enc.c
index 7b1842a52..2e863ac54 100644
--- a/openssl/crypto/evp/evp_enc.c
+++ b/openssl/crypto/evp/evp_enc.c
@@ -67,7 +67,6 @@
 #ifdef OPENSSL_FIPS
 #include <openssl/fips.h>
 #endif
-#include "constant_time_locl.h"
 #include "evp_locl.h"
 
 #ifdef OPENSSL_FIPS
@@ -501,21 +500,21 @@ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 
 int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 	{
-	unsigned int i, b;
-        unsigned char pad, padding_good;
+	int i,n;
+	unsigned int b;
 	*outl=0;
 
 	if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER)
 		{
-		int ret = M_do_cipher(ctx, out, NULL, 0);
-		if (ret < 0)
+		i = M_do_cipher(ctx, out, NULL, 0);
+		if (i < 0)
 			return 0;
 		else
-			*outl = ret;
+			*outl = i;
 		return 1;
 		}
 
-	b=(unsigned int)(ctx->cipher->block_size);
+	b=ctx->cipher->block_size;
 	if (ctx->flags & EVP_CIPH_NO_PADDING)
 		{
 		if(ctx->buf_len)
@@ -534,34 +533,33 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 			return(0);
 			}
 		OPENSSL_assert(b <= sizeof ctx->final);
-		pad=ctx->final[b-1];
-
-		padding_good = (unsigned char)(~constant_time_is_zero_8(pad));
-		padding_good &= constant_time_ge_8(b, pad);
-
-                for (i = 1; i < b; ++i)
-			{
-			unsigned char is_pad_index = constant_time_lt_8(i, pad);
-			unsigned char pad_byte_good = constant_time_eq_8(ctx->final[b-i-1], pad);
-			padding_good &= constant_time_select_8(is_pad_index, pad_byte_good, 0xff);
-			}
 
 		/*
-		 * At least 1 byte is always padding, so we always write b - 1
-		 * bytes to avoid a timing leak. The caller is required to have |b|
-		 * bytes space in |out| by the API contract.
+		 * The following assumes that the ciphertext has been authenticated.
+		 * Otherwise it provides a padding oracle.
 		 */
-		for (i = 0; i < b - 1; ++i)
-			out[i] = ctx->final[i] & padding_good;
-		/* Safe cast: for a good padding, EVP_MAX_IV_LENGTH >= b >= pad */
-		*outl = padding_good & ((unsigned char)(b - pad));
-		return padding_good & 1;
+		n=ctx->final[b-1];
+		if (n == 0 || n > (int)b)
+			{
+			EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT);
+			return(0);
+			}
+		for (i=0; i<n; i++)
+			{
+			if (ctx->final[--b] != n)
+				{
+				EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT);
+				return(0);
+				}
+			}
+		n=ctx->cipher->block_size-n;
+		for (i=0; i<n; i++)
+			out[i]=ctx->final[i];
+		*outl=n;
 		}
 	else
-		{
-		*outl = 0;
-		return 1;
-		}
+		*outl=0;
+	return(1);
 	}
 
 void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
-- 
cgit v1.2.3