mirror of
https://git.proxmox.com/git/efi-boot-shim
synced 2025-08-13 19:11:43 +00:00
Update openssl to 1.0.2g
Signed-off-by: Gary Lin <glin@suse.com>
This commit is contained in:
parent
7b9281af14
commit
0297aa3cf3
@ -1,4 +1,4 @@
|
||||
/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/aes/aes.h */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -70,7 +70,7 @@ extern "C" {
|
||||
# endif
|
||||
|
||||
# define ASN1_MAC_H_err(f,r,line) \
|
||||
ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),__FILE__,(line))
|
||||
ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),OPENSSL_FILE,(line))
|
||||
|
||||
# define M_ASN1_D2I_vars(a,type,func) \
|
||||
ASN1_const_CTX c; \
|
||||
@ -81,7 +81,7 @@ extern "C" {
|
||||
c.error=ERR_R_NESTED_ASN1_ERROR; \
|
||||
if ((a == NULL) || ((*a) == NULL)) \
|
||||
{ if ((ret=(type)func()) == NULL) \
|
||||
{ c.line=__LINE__; goto err; } } \
|
||||
{ c.line=OPENSSL_LINE; goto err; } } \
|
||||
else ret=(*a);
|
||||
|
||||
# define M_ASN1_D2I_Init() \
|
||||
@ -90,7 +90,7 @@ extern "C" {
|
||||
|
||||
# define M_ASN1_D2I_Finish_2(a) \
|
||||
if (!asn1_const_Finish(&c)) \
|
||||
{ c.line=__LINE__; goto err; } \
|
||||
{ c.line=OPENSSL_LINE; goto err; } \
|
||||
*(const unsigned char **)pp=c.p; \
|
||||
if (a != NULL) (*a)=ret; \
|
||||
return(ret);
|
||||
@ -105,7 +105,7 @@ err:\
|
||||
|
||||
# define M_ASN1_D2I_start_sequence() \
|
||||
if (!asn1_GetSequence(&c,&length)) \
|
||||
{ c.line=__LINE__; goto err; }
|
||||
{ c.line=OPENSSL_LINE; goto err; }
|
||||
/* Begin reading ASN1 without a surrounding sequence */
|
||||
# define M_ASN1_D2I_begin() \
|
||||
c.slen = length;
|
||||
@ -129,21 +129,21 @@ err:\
|
||||
# define M_ASN1_D2I_get(b, func) \
|
||||
c.q=c.p; \
|
||||
if (func(&(b),&c.p,c.slen) == NULL) \
|
||||
{c.line=__LINE__; goto err; } \
|
||||
{c.line=OPENSSL_LINE; goto err; } \
|
||||
c.slen-=(c.p-c.q);
|
||||
|
||||
/* Don't use this with d2i_ASN1_BOOLEAN() */
|
||||
# define M_ASN1_D2I_get_x(type,b,func) \
|
||||
c.q=c.p; \
|
||||
if (((D2I_OF(type))func)(&(b),&c.p,c.slen) == NULL) \
|
||||
{c.line=__LINE__; goto err; } \
|
||||
{c.line=OPENSSL_LINE; goto err; } \
|
||||
c.slen-=(c.p-c.q);
|
||||
|
||||
/* use this instead () */
|
||||
# define M_ASN1_D2I_get_int(b,func) \
|
||||
c.q=c.p; \
|
||||
if (func(&(b),&c.p,c.slen) < 0) \
|
||||
{c.line=__LINE__; goto err; } \
|
||||
{c.line=OPENSSL_LINE; goto err; } \
|
||||
c.slen-=(c.p-c.q);
|
||||
|
||||
# define M_ASN1_D2I_get_opt(b,func,type) \
|
||||
@ -164,7 +164,7 @@ err:\
|
||||
M_ASN1_next=(_tmp& V_ASN1_CONSTRUCTED)|type; \
|
||||
c.q=c.p; \
|
||||
if (func(&(b),&c.p,c.slen) == NULL) \
|
||||
{c.line=__LINE__; M_ASN1_next_prev = _tmp; goto err; } \
|
||||
{c.line=OPENSSL_LINE; M_ASN1_next_prev = _tmp; goto err; } \
|
||||
c.slen-=(c.p-c.q);\
|
||||
M_ASN1_next_prev=_tmp;
|
||||
|
||||
@ -258,20 +258,20 @@ err:\
|
||||
c.q=c.p; \
|
||||
if (d2i_ASN1_SET(&(r),&c.p,c.slen,(char *(*)())func,\
|
||||
(void (*)())free_func,a,b) == NULL) \
|
||||
{ c.line=__LINE__; goto err; } \
|
||||
{ c.line=OPENSSL_LINE; goto err; } \
|
||||
c.slen-=(c.p-c.q);
|
||||
|
||||
# define M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,a,b) \
|
||||
c.q=c.p; \
|
||||
if (d2i_ASN1_SET_OF_##type(&(r),&c.p,c.slen,func,\
|
||||
free_func,a,b) == NULL) \
|
||||
{ c.line=__LINE__; goto err; } \
|
||||
{ c.line=OPENSSL_LINE; goto err; } \
|
||||
c.slen-=(c.p-c.q);
|
||||
|
||||
# define M_ASN1_D2I_get_set_strings(r,func,a,b) \
|
||||
c.q=c.p; \
|
||||
if (d2i_ASN1_STRING_SET(&(r),&c.p,c.slen,a,b) == NULL) \
|
||||
{ c.line=__LINE__; goto err; } \
|
||||
{ c.line=OPENSSL_LINE; goto err; } \
|
||||
c.slen-=(c.p-c.q);
|
||||
|
||||
# define M_ASN1_D2I_get_EXP_opt(r,func,tag) \
|
||||
@ -285,16 +285,16 @@ err:\
|
||||
Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
|
||||
if (Tinf & 0x80) \
|
||||
{ c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
|
||||
c.line=__LINE__; goto err; } \
|
||||
c.line=OPENSSL_LINE; goto err; } \
|
||||
if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
|
||||
Tlen = c.slen - (c.p - c.q) - 2; \
|
||||
if (func(&(r),&c.p,Tlen) == NULL) \
|
||||
{ c.line=__LINE__; goto err; } \
|
||||
{ c.line=OPENSSL_LINE; goto err; } \
|
||||
if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
|
||||
Tlen = c.slen - (c.p - c.q); \
|
||||
if(!ASN1_const_check_infinite_end(&c.p, Tlen)) \
|
||||
{ c.error=ERR_R_MISSING_ASN1_EOS; \
|
||||
c.line=__LINE__; goto err; } \
|
||||
c.line=OPENSSL_LINE; goto err; } \
|
||||
}\
|
||||
c.slen-=(c.p-c.q); \
|
||||
}
|
||||
@ -310,18 +310,18 @@ err:\
|
||||
Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
|
||||
if (Tinf & 0x80) \
|
||||
{ c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
|
||||
c.line=__LINE__; goto err; } \
|
||||
c.line=OPENSSL_LINE; goto err; } \
|
||||
if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
|
||||
Tlen = c.slen - (c.p - c.q) - 2; \
|
||||
if (d2i_ASN1_SET(&(r),&c.p,Tlen,(char *(*)())func, \
|
||||
(void (*)())free_func, \
|
||||
b,V_ASN1_UNIVERSAL) == NULL) \
|
||||
{ c.line=__LINE__; goto err; } \
|
||||
{ c.line=OPENSSL_LINE; goto err; } \
|
||||
if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
|
||||
Tlen = c.slen - (c.p - c.q); \
|
||||
if(!ASN1_check_infinite_end(&c.p, Tlen)) \
|
||||
{ c.error=ERR_R_MISSING_ASN1_EOS; \
|
||||
c.line=__LINE__; goto err; } \
|
||||
c.line=OPENSSL_LINE; goto err; } \
|
||||
}\
|
||||
c.slen-=(c.p-c.q); \
|
||||
}
|
||||
@ -337,17 +337,17 @@ err:\
|
||||
Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
|
||||
if (Tinf & 0x80) \
|
||||
{ c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
|
||||
c.line=__LINE__; goto err; } \
|
||||
c.line=OPENSSL_LINE; goto err; } \
|
||||
if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
|
||||
Tlen = c.slen - (c.p - c.q) - 2; \
|
||||
if (d2i_ASN1_SET_OF_##type(&(r),&c.p,Tlen,func, \
|
||||
free_func,b,V_ASN1_UNIVERSAL) == NULL) \
|
||||
{ c.line=__LINE__; goto err; } \
|
||||
{ c.line=OPENSSL_LINE; goto err; } \
|
||||
if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
|
||||
Tlen = c.slen - (c.p - c.q); \
|
||||
if(!ASN1_check_infinite_end(&c.p, Tlen)) \
|
||||
{ c.error=ERR_R_MISSING_ASN1_EOS; \
|
||||
c.line=__LINE__; goto err; } \
|
||||
c.line=OPENSSL_LINE; goto err; } \
|
||||
}\
|
||||
c.slen-=(c.p-c.q); \
|
||||
}
|
||||
@ -355,7 +355,7 @@ err:\
|
||||
/* New macros */
|
||||
# define M_ASN1_New_Malloc(ret,type) \
|
||||
if ((ret=(type *)OPENSSL_malloc(sizeof(type))) == NULL) \
|
||||
{ c.line=__LINE__; goto err2; }
|
||||
{ c.line=OPENSSL_LINE; goto err2; }
|
||||
|
||||
# define M_ASN1_New(arg,func) \
|
||||
if (((arg)=func()) == NULL) return(NULL)
|
||||
|
@ -479,11 +479,11 @@ struct bio_dgram_sctp_prinfo {
|
||||
# define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
|
||||
# define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
|
||||
# define BIO_get_conn_ip(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2)
|
||||
# define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3,0)
|
||||
# define BIO_get_conn_int_port(b) BIO_ctrl(b,BIO_C_GET_CONNECT,3,NULL)
|
||||
|
||||
# define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
|
||||
|
||||
/* BIO_s_accept_socket() */
|
||||
/* BIO_s_accept() */
|
||||
# define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
|
||||
# define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0)
|
||||
/* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
|
||||
@ -496,6 +496,7 @@ struct bio_dgram_sctp_prinfo {
|
||||
# define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
|
||||
# define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
|
||||
|
||||
/* BIO_s_accept() and BIO_s_connect() */
|
||||
# define BIO_do_connect(b) BIO_do_handshake(b)
|
||||
# define BIO_do_accept(b) BIO_do_handshake(b)
|
||||
# define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
|
||||
@ -515,12 +516,15 @@ struct bio_dgram_sctp_prinfo {
|
||||
# define BIO_get_url(b,url) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url))
|
||||
# define BIO_get_no_connect_return(b) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL)
|
||||
|
||||
/* BIO_s_datagram(), BIO_s_fd(), BIO_s_socket(), BIO_s_accept() and BIO_s_connect() */
|
||||
# define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
|
||||
# define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
|
||||
|
||||
/* BIO_s_file() */
|
||||
# define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp)
|
||||
# define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp)
|
||||
|
||||
/* BIO_s_fd() and BIO_s_file() */
|
||||
# define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL)
|
||||
# define BIO_tell(b) (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL)
|
||||
|
||||
@ -646,10 +650,10 @@ int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix,
|
||||
int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,
|
||||
asn1_ps_func **psuffix_free);
|
||||
|
||||
# ifndef OPENSSL_NO_FP_API
|
||||
BIO_METHOD *BIO_s_file(void);
|
||||
BIO *BIO_new_file(const char *filename, const char *mode);
|
||||
BIO *BIO_new_fp(FILE *stream, int close_flag);
|
||||
# ifndef OPENSSL_NO_FP_API
|
||||
# define BIO_s_file_internal BIO_s_file
|
||||
# endif
|
||||
BIO *BIO_new(BIO_METHOD *type);
|
||||
@ -685,7 +689,7 @@ long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
|
||||
long argl, long ret);
|
||||
|
||||
BIO_METHOD *BIO_s_mem(void);
|
||||
BIO *BIO_new_mem_buf(void *buf, int len);
|
||||
BIO *BIO_new_mem_buf(const void *buf, int len);
|
||||
BIO_METHOD *BIO_s_socket(void);
|
||||
BIO_METHOD *BIO_s_connect(void);
|
||||
BIO_METHOD *BIO_s_accept(void);
|
||||
|
@ -125,6 +125,7 @@
|
||||
#ifndef HEADER_BN_H
|
||||
# define HEADER_BN_H
|
||||
|
||||
# include <limits.h>
|
||||
# include <openssl/e_os2.h>
|
||||
# ifndef OPENSSL_NO_FP_API
|
||||
# include <stdio.h> /* FILE */
|
||||
@ -721,8 +722,17 @@ const BIGNUM *BN_get0_nist_prime_521(void);
|
||||
|
||||
/* library internal functions */
|
||||
|
||||
# define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\
|
||||
(a):bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2))
|
||||
# define bn_expand(a,bits) \
|
||||
( \
|
||||
bits > (INT_MAX - BN_BITS2 + 1) ? \
|
||||
NULL \
|
||||
: \
|
||||
(((bits+BN_BITS2-1)/BN_BITS2) <= (a)->dmax) ? \
|
||||
(a) \
|
||||
: \
|
||||
bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2) \
|
||||
)
|
||||
|
||||
# define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
|
||||
BIGNUM *bn_expand2(BIGNUM *a, int words);
|
||||
# ifndef OPENSSL_NO_DEPRECATED
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/camellia/camellia.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/camellia/camellia.h */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -118,8 +118,10 @@ typedef void conf_finish_func (CONF_IMODULE *md);
|
||||
|
||||
int CONF_set_default_method(CONF_METHOD *meth);
|
||||
void CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash);
|
||||
# ifndef OPENSSL_NO_STDIO
|
||||
LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file,
|
||||
long *eline);
|
||||
# endif
|
||||
# ifndef OPENSSL_NO_FP_API
|
||||
LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp,
|
||||
long *eline);
|
||||
@ -133,7 +135,9 @@ char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf, const char *group,
|
||||
long CONF_get_number(LHASH_OF(CONF_VALUE) *conf, const char *group,
|
||||
const char *name);
|
||||
void CONF_free(LHASH_OF(CONF_VALUE) *conf);
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out);
|
||||
#endif
|
||||
int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out);
|
||||
|
||||
void OPENSSL_config(const char *config_name);
|
||||
@ -160,7 +164,9 @@ CONF_METHOD *NCONF_XML(void);
|
||||
void NCONF_free(CONF *conf);
|
||||
void NCONF_free_data(CONF *conf);
|
||||
|
||||
# ifndef OPENSSL_NO_STDIO
|
||||
int NCONF_load(CONF *conf, const char *file, long *eline);
|
||||
# endif
|
||||
# ifndef OPENSSL_NO_FP_API
|
||||
int NCONF_load_fp(CONF *conf, FILE *fp, long *eline);
|
||||
# endif
|
||||
@ -170,7 +176,9 @@ STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,
|
||||
char *NCONF_get_string(const CONF *conf, const char *group, const char *name);
|
||||
int NCONF_get_number_e(const CONF *conf, const char *group, const char *name,
|
||||
long *result);
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
int NCONF_dump_fp(const CONF *conf, FILE *out);
|
||||
#endif
|
||||
int NCONF_dump_bio(const CONF *conf, BIO *out);
|
||||
|
||||
# if 0 /* The following function has no error
|
||||
@ -184,8 +192,10 @@ long NCONF_get_number(CONF *conf, char *group, char *name);
|
||||
|
||||
int CONF_modules_load(const CONF *cnf, const char *appname,
|
||||
unsigned long flags);
|
||||
#ifndef OPENSSL_NO_STDIO
|
||||
int CONF_modules_load_file(const char *filename, const char *appname,
|
||||
unsigned long flags);
|
||||
#endif
|
||||
void CONF_modules_unload(int all);
|
||||
void CONF_modules_finish(void);
|
||||
void CONF_modules_free(void);
|
||||
|
@ -235,15 +235,15 @@ typedef struct openssl_item_st {
|
||||
# ifndef OPENSSL_NO_LOCKING
|
||||
# ifndef CRYPTO_w_lock
|
||||
# define CRYPTO_w_lock(type) \
|
||||
CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,NULL,0)
|
||||
CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define CRYPTO_w_unlock(type) \
|
||||
CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,NULL,0)
|
||||
CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define CRYPTO_r_lock(type) \
|
||||
CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,NULL,0)
|
||||
CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define CRYPTO_r_unlock(type) \
|
||||
CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,NULL,0)
|
||||
CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define CRYPTO_add(addr,amount,type) \
|
||||
CRYPTO_add_lock(addr,amount,type,NULL,0)
|
||||
CRYPTO_add_lock(addr,amount,type,OPENSSL_FILE,OPENSSL_LINE)
|
||||
# endif
|
||||
# else
|
||||
# define CRYPTO_w_lock(a)
|
||||
@ -378,19 +378,19 @@ int CRYPTO_is_mem_check_on(void);
|
||||
# define MemCheck_off() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE)
|
||||
# define is_MemCheck_on() CRYPTO_is_mem_check_on()
|
||||
|
||||
# define OPENSSL_malloc(num) CRYPTO_malloc((int)num,NULL,0)
|
||||
# define OPENSSL_strdup(str) CRYPTO_strdup((str),NULL,0)
|
||||
# define OPENSSL_malloc(num) CRYPTO_malloc((int)num,OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define OPENSSL_strdup(str) CRYPTO_strdup((str),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define OPENSSL_realloc(addr,num) \
|
||||
CRYPTO_realloc((char *)addr,(int)num,NULL,0)
|
||||
CRYPTO_realloc((char *)addr,(int)num,OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define OPENSSL_realloc_clean(addr,old_num,num) \
|
||||
CRYPTO_realloc_clean(addr,old_num,num,NULL,0)
|
||||
CRYPTO_realloc_clean(addr,old_num,num,OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define OPENSSL_remalloc(addr,num) \
|
||||
CRYPTO_remalloc((char **)addr,(int)num,NULL,0)
|
||||
CRYPTO_remalloc((char **)addr,(int)num,OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define OPENSSL_freeFunc CRYPTO_free
|
||||
# define OPENSSL_free(addr) CRYPTO_free(addr)
|
||||
|
||||
# define OPENSSL_malloc_locked(num) \
|
||||
CRYPTO_malloc_locked((int)num,NULL,0)
|
||||
CRYPTO_malloc_locked((int)num,OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr)
|
||||
|
||||
const char *SSLeay_version(int type);
|
||||
@ -545,7 +545,7 @@ void CRYPTO_set_mem_debug_options(long bits);
|
||||
long CRYPTO_get_mem_debug_options(void);
|
||||
|
||||
# define CRYPTO_push_info(info) \
|
||||
CRYPTO_push_info_(info, NULL, 0);
|
||||
CRYPTO_push_info_(info, OPENSSL_FILE, OPENSSL_LINE);
|
||||
int CRYPTO_push_info_(const char *info, const char *file, int line);
|
||||
int CRYPTO_pop_info(void);
|
||||
int CRYPTO_remove_all_info(void);
|
||||
@ -588,7 +588,7 @@ void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb);
|
||||
|
||||
/* die if we have to */
|
||||
void OpenSSLDie(const char *file, int line, const char *assertion);
|
||||
# define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(NULL, 0, #e),1))
|
||||
# define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(OPENSSL_FILE, OPENSSL_LINE, #e),1))
|
||||
|
||||
unsigned long *OPENSSL_ia32cap_loc(void);
|
||||
# define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc()))
|
||||
@ -605,14 +605,14 @@ void OPENSSL_init(void);
|
||||
# define fips_md_init_ctx(alg, cx) \
|
||||
int alg##_Init(cx##_CTX *c) \
|
||||
{ \
|
||||
if (FIPS_mode()) OpenSSLDie(NULL, 0, \
|
||||
if (FIPS_mode()) OpenSSLDie(OPENSSL_FILE, OPENSSL_LINE, \
|
||||
"Low level API call to digest " #alg " forbidden in FIPS mode!"); \
|
||||
return private_##alg##_Init(c); \
|
||||
} \
|
||||
int private_##alg##_Init(cx##_CTX *c)
|
||||
|
||||
# define fips_cipher_abort(alg) \
|
||||
if (FIPS_mode()) OpenSSLDie(NULL, 0, \
|
||||
if (FIPS_mode()) OpenSSLDie(OPENSSL_FILE, OPENSSL_LINE, \
|
||||
"Low level API call to cipher " #alg " forbidden in FIPS mode!")
|
||||
|
||||
# else
|
||||
@ -628,7 +628,7 @@ void OPENSSL_init(void);
|
||||
* into a defined order as the return value when a != b is undefined, other
|
||||
* than to be non-zero.
|
||||
*/
|
||||
int CRYPTO_memcmp(const void *a, const void *b, size_t len);
|
||||
int CRYPTO_memcmp(const volatile void *a, const volatile void *b, size_t len);
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/des/des_old.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/des/des_old.h */
|
||||
|
||||
/*-
|
||||
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
|
||||
|
@ -174,6 +174,7 @@ struct dh_st {
|
||||
/* DH_check_pub_key error codes */
|
||||
# define DH_CHECK_PUBKEY_TOO_SMALL 0x01
|
||||
# define DH_CHECK_PUBKEY_TOO_LARGE 0x02
|
||||
# define DH_CHECK_PUBKEY_INVALID 0x04
|
||||
|
||||
/*
|
||||
* primes p where (p-1)/2 is prime too are called "safe"; we define this for
|
||||
@ -239,11 +240,13 @@ DH *DH_get_1024_160(void);
|
||||
DH *DH_get_2048_224(void);
|
||||
DH *DH_get_2048_256(void);
|
||||
|
||||
# ifndef OPENSSL_NO_CMS
|
||||
/* RFC2631 KDF */
|
||||
int DH_KDF_X9_42(unsigned char *out, size_t outlen,
|
||||
const unsigned char *Z, size_t Zlen,
|
||||
ASN1_OBJECT *key_oid,
|
||||
const unsigned char *ukm, size_t ukmlen, const EVP_MD *md);
|
||||
# endif
|
||||
|
||||
# define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
|
||||
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
|
||||
@ -336,7 +339,9 @@ int DH_KDF_X9_42(unsigned char *out, size_t outlen,
|
||||
|
||||
/* KDF types */
|
||||
# define EVP_PKEY_DH_KDF_NONE 1
|
||||
# ifndef OPENSSL_NO_CMS
|
||||
# define EVP_PKEY_DH_KDF_X9_42 2
|
||||
# endif
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* dso.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* dso.h */
|
||||
/*
|
||||
* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
|
||||
* 2000.
|
||||
|
@ -200,39 +200,39 @@ typedef struct err_state_st {
|
||||
|
||||
# define ERR_LIB_USER 128
|
||||
|
||||
# define SYSerr(f,r) ERR_PUT_error(ERR_LIB_SYS,(f),(r),__FILE__,__LINE__)
|
||||
# define BNerr(f,r) ERR_PUT_error(ERR_LIB_BN,(f),(r),__FILE__,__LINE__)
|
||||
# define RSAerr(f,r) ERR_PUT_error(ERR_LIB_RSA,(f),(r),__FILE__,__LINE__)
|
||||
# define DHerr(f,r) ERR_PUT_error(ERR_LIB_DH,(f),(r),__FILE__,__LINE__)
|
||||
# define EVPerr(f,r) ERR_PUT_error(ERR_LIB_EVP,(f),(r),__FILE__,__LINE__)
|
||||
# define BUFerr(f,r) ERR_PUT_error(ERR_LIB_BUF,(f),(r),__FILE__,__LINE__)
|
||||
# define OBJerr(f,r) ERR_PUT_error(ERR_LIB_OBJ,(f),(r),__FILE__,__LINE__)
|
||||
# define PEMerr(f,r) ERR_PUT_error(ERR_LIB_PEM,(f),(r),__FILE__,__LINE__)
|
||||
# define DSAerr(f,r) ERR_PUT_error(ERR_LIB_DSA,(f),(r),__FILE__,__LINE__)
|
||||
# define X509err(f,r) ERR_PUT_error(ERR_LIB_X509,(f),(r),__FILE__,__LINE__)
|
||||
# define ASN1err(f,r) ERR_PUT_error(ERR_LIB_ASN1,(f),(r),__FILE__,__LINE__)
|
||||
# define CONFerr(f,r) ERR_PUT_error(ERR_LIB_CONF,(f),(r),__FILE__,__LINE__)
|
||||
# define CRYPTOerr(f,r) ERR_PUT_error(ERR_LIB_CRYPTO,(f),(r),__FILE__,__LINE__)
|
||||
# define ECerr(f,r) ERR_PUT_error(ERR_LIB_EC,(f),(r),__FILE__,__LINE__)
|
||||
# define SSLerr(f,r) ERR_PUT_error(ERR_LIB_SSL,(f),(r),__FILE__,__LINE__)
|
||||
# define BIOerr(f,r) ERR_PUT_error(ERR_LIB_BIO,(f),(r),__FILE__,__LINE__)
|
||||
# define PKCS7err(f,r) ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),__FILE__,__LINE__)
|
||||
# define X509V3err(f,r) ERR_PUT_error(ERR_LIB_X509V3,(f),(r),__FILE__,__LINE__)
|
||||
# define PKCS12err(f,r) ERR_PUT_error(ERR_LIB_PKCS12,(f),(r),__FILE__,__LINE__)
|
||||
# define RANDerr(f,r) ERR_PUT_error(ERR_LIB_RAND,(f),(r),__FILE__,__LINE__)
|
||||
# define DSOerr(f,r) ERR_PUT_error(ERR_LIB_DSO,(f),(r),__FILE__,__LINE__)
|
||||
# define ENGINEerr(f,r) ERR_PUT_error(ERR_LIB_ENGINE,(f),(r),__FILE__,__LINE__)
|
||||
# define OCSPerr(f,r) ERR_PUT_error(ERR_LIB_OCSP,(f),(r),__FILE__,__LINE__)
|
||||
# define UIerr(f,r) ERR_PUT_error(ERR_LIB_UI,(f),(r),__FILE__,__LINE__)
|
||||
# define COMPerr(f,r) ERR_PUT_error(ERR_LIB_COMP,(f),(r),__FILE__,__LINE__)
|
||||
# define ECDSAerr(f,r) ERR_PUT_error(ERR_LIB_ECDSA,(f),(r),__FILE__,__LINE__)
|
||||
# define ECDHerr(f,r) ERR_PUT_error(ERR_LIB_ECDH,(f),(r),__FILE__,__LINE__)
|
||||
# define STOREerr(f,r) ERR_PUT_error(ERR_LIB_STORE,(f),(r),__FILE__,__LINE__)
|
||||
# define FIPSerr(f,r) ERR_PUT_error(ERR_LIB_FIPS,(f),(r),__FILE__,__LINE__)
|
||||
# define CMSerr(f,r) ERR_PUT_error(ERR_LIB_CMS,(f),(r),__FILE__,__LINE__)
|
||||
# define TSerr(f,r) ERR_PUT_error(ERR_LIB_TS,(f),(r),__FILE__,__LINE__)
|
||||
# define HMACerr(f,r) ERR_PUT_error(ERR_LIB_HMAC,(f),(r),__FILE__,__LINE__)
|
||||
# define JPAKEerr(f,r) ERR_PUT_error(ERR_LIB_JPAKE,(f),(r),__FILE__,__LINE__)
|
||||
# define SYSerr(f,r) ERR_PUT_error(ERR_LIB_SYS,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define BNerr(f,r) ERR_PUT_error(ERR_LIB_BN,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define RSAerr(f,r) ERR_PUT_error(ERR_LIB_RSA,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define DHerr(f,r) ERR_PUT_error(ERR_LIB_DH,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define EVPerr(f,r) ERR_PUT_error(ERR_LIB_EVP,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define BUFerr(f,r) ERR_PUT_error(ERR_LIB_BUF,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define OBJerr(f,r) ERR_PUT_error(ERR_LIB_OBJ,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define PEMerr(f,r) ERR_PUT_error(ERR_LIB_PEM,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define DSAerr(f,r) ERR_PUT_error(ERR_LIB_DSA,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define X509err(f,r) ERR_PUT_error(ERR_LIB_X509,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define ASN1err(f,r) ERR_PUT_error(ERR_LIB_ASN1,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define CONFerr(f,r) ERR_PUT_error(ERR_LIB_CONF,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define CRYPTOerr(f,r) ERR_PUT_error(ERR_LIB_CRYPTO,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define ECerr(f,r) ERR_PUT_error(ERR_LIB_EC,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define SSLerr(f,r) ERR_PUT_error(ERR_LIB_SSL,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define BIOerr(f,r) ERR_PUT_error(ERR_LIB_BIO,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define PKCS7err(f,r) ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define X509V3err(f,r) ERR_PUT_error(ERR_LIB_X509V3,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define PKCS12err(f,r) ERR_PUT_error(ERR_LIB_PKCS12,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define RANDerr(f,r) ERR_PUT_error(ERR_LIB_RAND,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define DSOerr(f,r) ERR_PUT_error(ERR_LIB_DSO,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define ENGINEerr(f,r) ERR_PUT_error(ERR_LIB_ENGINE,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define OCSPerr(f,r) ERR_PUT_error(ERR_LIB_OCSP,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define UIerr(f,r) ERR_PUT_error(ERR_LIB_UI,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define COMPerr(f,r) ERR_PUT_error(ERR_LIB_COMP,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define ECDSAerr(f,r) ERR_PUT_error(ERR_LIB_ECDSA,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define ECDHerr(f,r) ERR_PUT_error(ERR_LIB_ECDH,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define STOREerr(f,r) ERR_PUT_error(ERR_LIB_STORE,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define FIPSerr(f,r) ERR_PUT_error(ERR_LIB_FIPS,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define CMSerr(f,r) ERR_PUT_error(ERR_LIB_CMS,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define TSerr(f,r) ERR_PUT_error(ERR_LIB_TS,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define HMACerr(f,r) ERR_PUT_error(ERR_LIB_HMAC,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
# define JPAKEerr(f,r) ERR_PUT_error(ERR_LIB_JPAKE,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
|
||||
|
||||
/*
|
||||
* Borland C seems too stupid to be able to shift and do longs in the
|
||||
|
@ -602,11 +602,13 @@ int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in);
|
||||
int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
|
||||
int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
|
||||
|
||||
#ifndef OPENSSL_NO_UI
|
||||
int EVP_read_pw_string(char *buf, int length, const char *prompt, int verify);
|
||||
int EVP_read_pw_string_min(char *buf, int minlen, int maxlen,
|
||||
const char *prompt, int verify);
|
||||
void EVP_set_pw_prompt(const char *prompt);
|
||||
char *EVP_get_pw_prompt(void);
|
||||
#endif
|
||||
|
||||
int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
|
||||
const unsigned char *salt, const unsigned char *data,
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* ssl/kssl.h -*- mode: C; c-file-style: "eay" -*- */
|
||||
/* ssl/kssl.h */
|
||||
/*
|
||||
* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project
|
||||
* 2000. project 2000.
|
||||
|
@ -1,475 +1,503 @@
|
||||
/* opensslconf.h */
|
||||
/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
/* OpenSSL was configured with the following options: */
|
||||
#ifndef OPENSSL_SYSNAME_UEFI
|
||||
# define OPENSSL_SYSNAME_UEFI
|
||||
#endif
|
||||
#ifndef OPENSSL_DOING_MAKEDEPEND
|
||||
|
||||
|
||||
#ifndef OPENSSL_NO_BF
|
||||
# define OPENSSL_NO_BF
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_CAMELLIA
|
||||
# define OPENSSL_NO_CAMELLIA
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_CAPIENG
|
||||
# define OPENSSL_NO_CAPIENG
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_CAST
|
||||
# define OPENSSL_NO_CAST
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_CMS
|
||||
# define OPENSSL_NO_CMS
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_DEPRECATED
|
||||
# define OPENSSL_NO_DEPRECATED
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_DGRAM
|
||||
# define OPENSSL_NO_DGRAM
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_DSA
|
||||
# define OPENSSL_NO_DSA
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_DYNAMIC_ENGINE
|
||||
# define OPENSSL_NO_DYNAMIC_ENGINE
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_EC
|
||||
# define OPENSSL_NO_EC
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||
# define OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_ECDH
|
||||
# define OPENSSL_NO_ECDH
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_ECDSA
|
||||
# define OPENSSL_NO_ECDSA
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_ENGINE
|
||||
# define OPENSSL_NO_ENGINE
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_ENGINES
|
||||
# define OPENSSL_NO_ENGINES
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_FILENAMES
|
||||
# define OPENSSL_NO_FILENAMES
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
# define OPENSSL_NO_FP_API
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_GMP
|
||||
# define OPENSSL_NO_GMP
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_GOST
|
||||
# define OPENSSL_NO_GOST
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_IDEA
|
||||
# define OPENSSL_NO_IDEA
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_JPAKE
|
||||
# define OPENSSL_NO_JPAKE
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_KRB5
|
||||
# define OPENSSL_NO_KRB5
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_LIBUNBOUND
|
||||
# define OPENSSL_NO_LIBUNBOUND
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_LOCKING
|
||||
# define OPENSSL_NO_LOCKING
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_MD2
|
||||
# define OPENSSL_NO_MD2
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_MDC2
|
||||
# define OPENSSL_NO_MDC2
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_POSIX_IO
|
||||
# define OPENSSL_NO_POSIX_IO
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_RC2
|
||||
# define OPENSSL_NO_RC2
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_RC5
|
||||
# define OPENSSL_NO_RC5
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_RCS
|
||||
# define OPENSSL_NO_RCS
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_RFC3779
|
||||
# define OPENSSL_NO_RFC3779
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_RIPEMD
|
||||
# define OPENSSL_NO_RIPEMD
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SCRYPT
|
||||
# define OPENSSL_NO_SCRYPT
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SCT
|
||||
# define OPENSSL_NO_SCT
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
# define OPENSSL_NO_SCTP
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SEED
|
||||
# define OPENSSL_NO_SEED
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SHA0
|
||||
# define OPENSSL_NO_SHA0
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SOCK
|
||||
# define OPENSSL_NO_SOCK
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SRP
|
||||
# define OPENSSL_NO_SRP
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SSL_TRACE
|
||||
# define OPENSSL_NO_SSL_TRACE
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SSL2
|
||||
# define OPENSSL_NO_SSL2
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SSL3
|
||||
# define OPENSSL_NO_SSL3
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_STDIO
|
||||
# define OPENSSL_NO_STDIO
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_STORE
|
||||
# define OPENSSL_NO_STORE
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_UI
|
||||
# define OPENSSL_NO_UI
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_UNIT_TEST
|
||||
# define OPENSSL_NO_UNIT_TEST
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_WHIRLPOOL
|
||||
# define OPENSSL_NO_WHIRLPOOL
|
||||
#endif
|
||||
|
||||
#endif /* OPENSSL_DOING_MAKEDEPEND */
|
||||
|
||||
#ifndef OPENSSL_NO_ASM
|
||||
# define OPENSSL_NO_ASM
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_ERR
|
||||
# define OPENSSL_NO_ERR
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_HW
|
||||
# define OPENSSL_NO_HW
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_DYNAMIC_ENGINE
|
||||
# define OPENSSL_NO_DYNAMIC_ENGINE
|
||||
#endif
|
||||
|
||||
/* The OPENSSL_NO_* macros are also defined as NO_* if the application
|
||||
asks for it. This is a transient feature that is provided for those
|
||||
who haven't had the time to do the appropriate changes in their
|
||||
applications. */
|
||||
#ifdef OPENSSL_ALGORITHM_DEFINES
|
||||
# if defined(OPENSSL_NO_BF) && !defined(NO_BF)
|
||||
# define NO_BF
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_CAMELLIA) && !defined(NO_CAMELLIA)
|
||||
# define NO_CAMELLIA
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_CAPIENG) && !defined(NO_CAPIENG)
|
||||
# define NO_CAPIENG
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_CAST) && !defined(NO_CAST)
|
||||
# define NO_CAST
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_CMS) && !defined(NO_CMS)
|
||||
# define NO_CMS
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_DEPRECATED) && !defined(NO_DEPRECATED)
|
||||
# define NO_DEPRECATED
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_DGRAM) && !defined(NO_DGRAM)
|
||||
# define NO_DGRAM
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_DSA) && !defined(NO_DSA)
|
||||
# define NO_DSA
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_DYNAMIC_ENGINE) && !defined(NO_DYNAMIC_ENGINE)
|
||||
# define NO_DYNAMIC_ENGINE
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_EC) && !defined(NO_EC)
|
||||
# define NO_EC
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_EC_NISTP_64_GCC_128) && !defined(NO_EC_NISTP_64_GCC_128)
|
||||
# define NO_EC_NISTP_64_GCC_128
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_ECDH) && !defined(NO_ECDH)
|
||||
# define NO_ECDH
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_ECDSA) && !defined(NO_ECDSA)
|
||||
# define NO_ECDSA
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_ENGINE) && !defined(NO_ENGINE)
|
||||
# define NO_ENGINE
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_ENGINES) && !defined(NO_ENGINES)
|
||||
# define NO_ENGINES
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_FILENAMES) && !defined(NO_FILENAMES)
|
||||
# define NO_FILENAMES
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_FP_API) && !defined(NO_FP_API)
|
||||
# define NO_FP_API
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_GMP) && !defined(NO_GMP)
|
||||
# define NO_GMP
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_GOST) && !defined(NO_GOST)
|
||||
# define NO_GOST
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_IDEA) && !defined(NO_IDEA)
|
||||
# define NO_IDEA
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_JPAKE) && !defined(NO_JPAKE)
|
||||
# define NO_JPAKE
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
|
||||
# define NO_KRB5
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_LIBUNBOUND) && !defined(NO_LIBUNBOUND)
|
||||
# define NO_LIBUNBOUND
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_LOCKING) && !defined(NO_LOCKING)
|
||||
# define NO_LOCKING
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_MD2) && !defined(NO_MD2)
|
||||
# define NO_MD2
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_MDC2) && !defined(NO_MDC2)
|
||||
# define NO_MDC2
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_POSIX_IO) && !defined(NO_POSIX_IO)
|
||||
# define NO_POSIX_IO
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_RC2) && !defined(NO_RC2)
|
||||
# define NO_RC2
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
|
||||
# define NO_RC5
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_RCS) && !defined(NO_RCS)
|
||||
# define NO_RCS
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
|
||||
# define NO_RFC3779
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_RIPEMD) && !defined(NO_RIPEMD)
|
||||
# define NO_RIPEMD
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_SCRYPT) && !defined(NO_SCRYPT)
|
||||
# define NO_SCRYPT
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_SCT) && !defined(NO_SCT)
|
||||
# define NO_SCT
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP)
|
||||
# define NO_SCTP
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_SEED) && !defined(NO_SEED)
|
||||
# define NO_SEED
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_SHA0) && !defined(NO_SHA0)
|
||||
# define NO_SHA0
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_SOCK) && !defined(NO_SOCK)
|
||||
# define NO_SOCK
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_SRP) && !defined(NO_SRP)
|
||||
# define NO_SRP
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_SSL_TRACE) && !defined(NO_SSL_TRACE)
|
||||
# define NO_SSL_TRACE
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2)
|
||||
# define NO_SSL2
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_SSL3) && !defined(NO_SSL3)
|
||||
# define NO_SSL3
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_STDIO) && !defined(NO_STDIO)
|
||||
# define NO_STDIO
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
|
||||
# define NO_STORE
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_UI) && !defined(NO_UI)
|
||||
# define NO_UI
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST)
|
||||
# define NO_UNIT_TEST
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL)
|
||||
# define NO_WHIRLPOOL
|
||||
# endif
|
||||
#endif
|
||||
|
||||
/* crypto/opensslconf.h.in */
|
||||
|
||||
/* Generate 80386 code? */
|
||||
#undef I386_ONLY
|
||||
|
||||
#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
|
||||
#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
|
||||
#define ENGINESDIR "/usr/local/ssl/lib/engines"
|
||||
#define OPENSSLDIR "/usr/local/ssl"
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#undef OPENSSL_UNISTD
|
||||
#define OPENSSL_UNISTD <unistd.h>
|
||||
|
||||
#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
|
||||
|
||||
#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
|
||||
#define IDEA_INT unsigned int
|
||||
#endif
|
||||
|
||||
#if defined(HEADER_MD2_H) && !defined(MD2_INT)
|
||||
#define MD2_INT unsigned int
|
||||
#endif
|
||||
|
||||
#if defined(HEADER_RC2_H) && !defined(RC2_INT)
|
||||
/* I need to put in a mod for the alpha - eay */
|
||||
#define RC2_INT unsigned int
|
||||
#endif
|
||||
|
||||
#if defined(HEADER_RC4_H)
|
||||
#if !defined(RC4_INT)
|
||||
/* using int types make the structure larger but make the code faster
|
||||
* on most boxes I have tested - up to %20 faster. */
|
||||
/*
|
||||
* I don't know what does "most" mean, but declaring "int" is a must on:
|
||||
* - Intel P6 because partial register stalls are very expensive;
|
||||
* - elder Alpha because it lacks byte load/store instructions;
|
||||
*/
|
||||
#define RC4_INT unsigned int
|
||||
#endif
|
||||
#if !defined(RC4_CHUNK)
|
||||
/*
|
||||
* This enables code handling data aligned at natural CPU word
|
||||
* boundary. See crypto/rc4/rc4_enc.c for further details.
|
||||
*/
|
||||
#undef RC4_CHUNK
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
|
||||
/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
|
||||
* %20 speed up (longs are 8 bytes, int's are 4). */
|
||||
#ifndef DES_LONG
|
||||
#define DES_LONG unsigned long
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) && !defined(OPENSSL_SYSNAME_UEFI)
|
||||
#define CONFIG_HEADER_BN_H
|
||||
#undef BN_LLONG
|
||||
|
||||
/* Should we define BN_DIV2W here? */
|
||||
|
||||
/* Only one for the following should be defined */
|
||||
#undef SIXTY_FOUR_BIT_LONG
|
||||
#undef SIXTY_FOUR_BIT
|
||||
#define THIRTY_TWO_BIT
|
||||
#endif
|
||||
|
||||
#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
|
||||
#define CONFIG_HEADER_RC4_LOCL_H
|
||||
/* if this is defined data[i] is used instead of *data, this is a %20
|
||||
* speedup on x86 */
|
||||
#undef RC4_INDEX
|
||||
#endif
|
||||
|
||||
#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
|
||||
#define CONFIG_HEADER_BF_LOCL_H
|
||||
#undef BF_PTR
|
||||
#endif /* HEADER_BF_LOCL_H */
|
||||
|
||||
#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
|
||||
#define CONFIG_HEADER_DES_LOCL_H
|
||||
#ifndef DES_DEFAULT_OPTIONS
|
||||
/* the following is tweaked from a config script, that is why it is a
|
||||
* protected undef/define */
|
||||
#ifndef DES_PTR
|
||||
#undef DES_PTR
|
||||
#endif
|
||||
|
||||
/* This helps C compiler generate the correct code for multiple functional
|
||||
* units. It reduces register dependancies at the expense of 2 more
|
||||
* registers */
|
||||
#ifndef DES_RISC1
|
||||
#undef DES_RISC1
|
||||
#endif
|
||||
|
||||
#ifndef DES_RISC2
|
||||
#undef DES_RISC2
|
||||
#endif
|
||||
|
||||
#if defined(DES_RISC1) && defined(DES_RISC2)
|
||||
#error YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
|
||||
#endif
|
||||
|
||||
/* Unroll the inner loop, this sometimes helps, sometimes hinders.
|
||||
* Very mucy CPU dependant */
|
||||
#ifndef DES_UNROLL
|
||||
#undef DES_UNROLL
|
||||
#endif
|
||||
|
||||
/* These default values were supplied by
|
||||
* Peter Gutman <pgut001@cs.auckland.ac.nz>
|
||||
* They are only used if nothing else has been defined */
|
||||
#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
|
||||
/* Special defines which change the way the code is built depending on the
|
||||
CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
|
||||
even newer MIPS CPU's, but at the moment one size fits all for
|
||||
optimization options. Older Sparc's work better with only UNROLL, but
|
||||
there's no way to tell at compile time what it is you're running on */
|
||||
|
||||
#if defined( __sun ) || defined ( sun ) /* Newer Sparc's */
|
||||
# define DES_PTR
|
||||
# define DES_RISC1
|
||||
# define DES_UNROLL
|
||||
#elif defined( __ultrix ) /* Older MIPS */
|
||||
# define DES_PTR
|
||||
# define DES_RISC2
|
||||
# define DES_UNROLL
|
||||
#elif defined( __osf1__ ) /* Alpha */
|
||||
# define DES_PTR
|
||||
# define DES_RISC2
|
||||
#elif defined ( _AIX ) /* RS6000 */
|
||||
/* Unknown */
|
||||
#elif defined( __hpux ) /* HP-PA */
|
||||
/* Unknown */
|
||||
#elif defined( __aux ) /* 68K */
|
||||
/* Unknown */
|
||||
#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
|
||||
# define DES_UNROLL
|
||||
#elif defined( __sgi ) /* Newer MIPS */
|
||||
# define DES_PTR
|
||||
# define DES_RISC2
|
||||
# define DES_UNROLL
|
||||
#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */
|
||||
# define DES_PTR
|
||||
# define DES_RISC1
|
||||
# define DES_UNROLL
|
||||
#endif /* Systems-specific speed defines */
|
||||
#endif
|
||||
|
||||
#endif /* DES_DEFAULT_OPTIONS */
|
||||
#endif /* HEADER_DES_LOCL_H */
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
/* opensslconf.h */
|
||||
/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
/* OpenSSL was configured with the following options: */
|
||||
#ifndef OPENSSL_SYSNAME_UEFI
|
||||
# define OPENSSL_SYSNAME_UEFI
|
||||
#endif
|
||||
#ifndef OPENSSL_DOING_MAKEDEPEND
|
||||
|
||||
|
||||
#ifndef OPENSSL_NO_BF
|
||||
# define OPENSSL_NO_BF
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_CAMELLIA
|
||||
# define OPENSSL_NO_CAMELLIA
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_CAPIENG
|
||||
# define OPENSSL_NO_CAPIENG
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_CAST
|
||||
# define OPENSSL_NO_CAST
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_CMS
|
||||
# define OPENSSL_NO_CMS
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_DEPRECATED
|
||||
# define OPENSSL_NO_DEPRECATED
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_DGRAM
|
||||
# define OPENSSL_NO_DGRAM
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_DSA
|
||||
# define OPENSSL_NO_DSA
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_DYNAMIC_ENGINE
|
||||
# define OPENSSL_NO_DYNAMIC_ENGINE
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_EC
|
||||
# define OPENSSL_NO_EC
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||
# define OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_ECDH
|
||||
# define OPENSSL_NO_ECDH
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_ECDSA
|
||||
# define OPENSSL_NO_ECDSA
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_ENGINE
|
||||
# define OPENSSL_NO_ENGINE
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_ENGINES
|
||||
# define OPENSSL_NO_ENGINES
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_FILENAMES
|
||||
# define OPENSSL_NO_FILENAMES
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
# define OPENSSL_NO_FP_API
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_GMP
|
||||
# define OPENSSL_NO_GMP
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_GOST
|
||||
# define OPENSSL_NO_GOST
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_IDEA
|
||||
# define OPENSSL_NO_IDEA
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_JPAKE
|
||||
# define OPENSSL_NO_JPAKE
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_KRB5
|
||||
# define OPENSSL_NO_KRB5
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_LIBUNBOUND
|
||||
# define OPENSSL_NO_LIBUNBOUND
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_LOCKING
|
||||
# define OPENSSL_NO_LOCKING
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_MD2
|
||||
# define OPENSSL_NO_MD2
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_MDC2
|
||||
# define OPENSSL_NO_MDC2
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_POSIX_IO
|
||||
# define OPENSSL_NO_POSIX_IO
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_PQUEUE
|
||||
# define OPENSSL_NO_PQUEUE
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_RC2
|
||||
# define OPENSSL_NO_RC2
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_RC5
|
||||
# define OPENSSL_NO_RC5
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_RCS
|
||||
# define OPENSSL_NO_RCS
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_RFC3779
|
||||
# define OPENSSL_NO_RFC3779
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_RIPEMD
|
||||
# define OPENSSL_NO_RIPEMD
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SCRYPT
|
||||
# define OPENSSL_NO_SCRYPT
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SCT
|
||||
# define OPENSSL_NO_SCT
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
# define OPENSSL_NO_SCTP
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SEED
|
||||
# define OPENSSL_NO_SEED
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SHA0
|
||||
# define OPENSSL_NO_SHA0
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SOCK
|
||||
# define OPENSSL_NO_SOCK
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SRP
|
||||
# define OPENSSL_NO_SRP
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SSL_TRACE
|
||||
# define OPENSSL_NO_SSL_TRACE
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SSL2
|
||||
# define OPENSSL_NO_SSL2
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SSL3
|
||||
# define OPENSSL_NO_SSL3
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_STDIO
|
||||
# define OPENSSL_NO_STDIO
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_STORE
|
||||
# define OPENSSL_NO_STORE
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_TS
|
||||
# define OPENSSL_NO_TS
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_UI
|
||||
# define OPENSSL_NO_UI
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_UNIT_TEST
|
||||
# define OPENSSL_NO_UNIT_TEST
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
|
||||
# define OPENSSL_NO_WEAK_SSL_CIPHERS
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_WHIRLPOOL
|
||||
# define OPENSSL_NO_WHIRLPOOL
|
||||
#endif
|
||||
|
||||
#endif /* OPENSSL_DOING_MAKEDEPEND */
|
||||
|
||||
#ifndef OPENSSL_NO_ASM
|
||||
# define OPENSSL_NO_ASM
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_ERR
|
||||
# define OPENSSL_NO_ERR
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_HW
|
||||
# define OPENSSL_NO_HW
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_DYNAMIC_ENGINE
|
||||
# define OPENSSL_NO_DYNAMIC_ENGINE
|
||||
#endif
|
||||
|
||||
/* The OPENSSL_NO_* macros are also defined as NO_* if the application
|
||||
asks for it. This is a transient feature that is provided for those
|
||||
who haven't had the time to do the appropriate changes in their
|
||||
applications. */
|
||||
#ifdef OPENSSL_ALGORITHM_DEFINES
|
||||
# if defined(OPENSSL_NO_BF) && !defined(NO_BF)
|
||||
# define NO_BF
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_CAMELLIA) && !defined(NO_CAMELLIA)
|
||||
# define NO_CAMELLIA
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_CAPIENG) && !defined(NO_CAPIENG)
|
||||
# define NO_CAPIENG
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_CAST) && !defined(NO_CAST)
|
||||
# define NO_CAST
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_CMS) && !defined(NO_CMS)
|
||||
# define NO_CMS
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_DEPRECATED) && !defined(NO_DEPRECATED)
|
||||
# define NO_DEPRECATED
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_DGRAM) && !defined(NO_DGRAM)
|
||||
# define NO_DGRAM
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_DSA) && !defined(NO_DSA)
|
||||
# define NO_DSA
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_DYNAMIC_ENGINE) && !defined(NO_DYNAMIC_ENGINE)
|
||||
# define NO_DYNAMIC_ENGINE
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_EC) && !defined(NO_EC)
|
||||
# define NO_EC
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_EC_NISTP_64_GCC_128) && !defined(NO_EC_NISTP_64_GCC_128)
|
||||
# define NO_EC_NISTP_64_GCC_128
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_ECDH) && !defined(NO_ECDH)
|
||||
# define NO_ECDH
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_ECDSA) && !defined(NO_ECDSA)
|
||||
# define NO_ECDSA
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_ENGINE) && !defined(NO_ENGINE)
|
||||
# define NO_ENGINE
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_ENGINES) && !defined(NO_ENGINES)
|
||||
# define NO_ENGINES
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_FILENAMES) && !defined(NO_FILENAMES)
|
||||
# define NO_FILENAMES
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_FP_API) && !defined(NO_FP_API)
|
||||
# define NO_FP_API
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_GMP) && !defined(NO_GMP)
|
||||
# define NO_GMP
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_GOST) && !defined(NO_GOST)
|
||||
# define NO_GOST
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_IDEA) && !defined(NO_IDEA)
|
||||
# define NO_IDEA
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_JPAKE) && !defined(NO_JPAKE)
|
||||
# define NO_JPAKE
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
|
||||
# define NO_KRB5
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_LIBUNBOUND) && !defined(NO_LIBUNBOUND)
|
||||
# define NO_LIBUNBOUND
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_LOCKING) && !defined(NO_LOCKING)
|
||||
# define NO_LOCKING
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_MD2) && !defined(NO_MD2)
|
||||
# define NO_MD2
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_MDC2) && !defined(NO_MDC2)
|
||||
# define NO_MDC2
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_POSIX_IO) && !defined(NO_POSIX_IO)
|
||||
# define NO_POSIX_IO
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_PQUEUE) && !defined(NO_PQUEUE)
|
||||
# define NO_PQUEUE
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_RC2) && !defined(NO_RC2)
|
||||
# define NO_RC2
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
|
||||
# define NO_RC5
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_RCS) && !defined(NO_RCS)
|
||||
# define NO_RCS
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
|
||||
# define NO_RFC3779
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_RIPEMD) && !defined(NO_RIPEMD)
|
||||
# define NO_RIPEMD
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_SCRYPT) && !defined(NO_SCRYPT)
|
||||
# define NO_SCRYPT
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_SCT) && !defined(NO_SCT)
|
||||
# define NO_SCT
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP)
|
||||
# define NO_SCTP
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_SEED) && !defined(NO_SEED)
|
||||
# define NO_SEED
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_SHA0) && !defined(NO_SHA0)
|
||||
# define NO_SHA0
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_SOCK) && !defined(NO_SOCK)
|
||||
# define NO_SOCK
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_SRP) && !defined(NO_SRP)
|
||||
# define NO_SRP
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_SSL_TRACE) && !defined(NO_SSL_TRACE)
|
||||
# define NO_SSL_TRACE
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2)
|
||||
# define NO_SSL2
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_SSL3) && !defined(NO_SSL3)
|
||||
# define NO_SSL3
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_STDIO) && !defined(NO_STDIO)
|
||||
# define NO_STDIO
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
|
||||
# define NO_STORE
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_TS) && !defined(NO_TS)
|
||||
# define NO_TS
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_UI) && !defined(NO_UI)
|
||||
# define NO_UI
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST)
|
||||
# define NO_UNIT_TEST
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_WEAK_SSL_CIPHERS) && !defined(NO_WEAK_SSL_CIPHERS)
|
||||
# define NO_WEAK_SSL_CIPHERS
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL)
|
||||
# define NO_WHIRLPOOL
|
||||
# endif
|
||||
#endif
|
||||
|
||||
/* crypto/opensslconf.h.in */
|
||||
|
||||
#ifndef OPENSSL_FILE
|
||||
#ifdef OPENSSL_NO_FILENAMES
|
||||
#define OPENSSL_FILE ""
|
||||
#define OPENSSL_LINE 0
|
||||
#else
|
||||
#define OPENSSL_FILE __FILE__
|
||||
#define OPENSSL_LINE __LINE__
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* Generate 80386 code? */
|
||||
#undef I386_ONLY
|
||||
|
||||
#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
|
||||
#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
|
||||
#define ENGINESDIR "/usr/local/ssl/lib/engines"
|
||||
#define OPENSSLDIR "/usr/local/ssl"
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#undef OPENSSL_UNISTD
|
||||
#define OPENSSL_UNISTD <unistd.h>
|
||||
|
||||
#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
|
||||
|
||||
#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
|
||||
#define IDEA_INT unsigned int
|
||||
#endif
|
||||
|
||||
#if defined(HEADER_MD2_H) && !defined(MD2_INT)
|
||||
#define MD2_INT unsigned int
|
||||
#endif
|
||||
|
||||
#if defined(HEADER_RC2_H) && !defined(RC2_INT)
|
||||
/* I need to put in a mod for the alpha - eay */
|
||||
#define RC2_INT unsigned int
|
||||
#endif
|
||||
|
||||
#if defined(HEADER_RC4_H)
|
||||
#if !defined(RC4_INT)
|
||||
/* using int types make the structure larger but make the code faster
|
||||
* on most boxes I have tested - up to %20 faster. */
|
||||
/*
|
||||
* I don't know what does "most" mean, but declaring "int" is a must on:
|
||||
* - Intel P6 because partial register stalls are very expensive;
|
||||
* - elder Alpha because it lacks byte load/store instructions;
|
||||
*/
|
||||
#define RC4_INT unsigned int
|
||||
#endif
|
||||
#if !defined(RC4_CHUNK)
|
||||
/*
|
||||
* This enables code handling data aligned at natural CPU word
|
||||
* boundary. See crypto/rc4/rc4_enc.c for further details.
|
||||
*/
|
||||
#undef RC4_CHUNK
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
|
||||
/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
|
||||
* %20 speed up (longs are 8 bytes, int's are 4). */
|
||||
#ifndef DES_LONG
|
||||
#define DES_LONG unsigned long
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) && !defined(OPENSSL_SYSNAME_UEFI)
|
||||
#define CONFIG_HEADER_BN_H
|
||||
#undef BN_LLONG
|
||||
|
||||
/* Should we define BN_DIV2W here? */
|
||||
|
||||
/* Only one for the following should be defined */
|
||||
#undef SIXTY_FOUR_BIT_LONG
|
||||
#undef SIXTY_FOUR_BIT
|
||||
#define THIRTY_TWO_BIT
|
||||
#endif
|
||||
|
||||
#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
|
||||
#define CONFIG_HEADER_RC4_LOCL_H
|
||||
/* if this is defined data[i] is used instead of *data, this is a %20
|
||||
* speedup on x86 */
|
||||
#undef RC4_INDEX
|
||||
#endif
|
||||
|
||||
#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
|
||||
#define CONFIG_HEADER_BF_LOCL_H
|
||||
#undef BF_PTR
|
||||
#endif /* HEADER_BF_LOCL_H */
|
||||
|
||||
#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
|
||||
#define CONFIG_HEADER_DES_LOCL_H
|
||||
#ifndef DES_DEFAULT_OPTIONS
|
||||
/* the following is tweaked from a config script, that is why it is a
|
||||
* protected undef/define */
|
||||
#ifndef DES_PTR
|
||||
#undef DES_PTR
|
||||
#endif
|
||||
|
||||
/* This helps C compiler generate the correct code for multiple functional
|
||||
* units. It reduces register dependancies at the expense of 2 more
|
||||
* registers */
|
||||
#ifndef DES_RISC1
|
||||
#undef DES_RISC1
|
||||
#endif
|
||||
|
||||
#ifndef DES_RISC2
|
||||
#undef DES_RISC2
|
||||
#endif
|
||||
|
||||
#if defined(DES_RISC1) && defined(DES_RISC2)
|
||||
#error YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
|
||||
#endif
|
||||
|
||||
/* Unroll the inner loop, this sometimes helps, sometimes hinders.
|
||||
* Very mucy CPU dependant */
|
||||
#ifndef DES_UNROLL
|
||||
#undef DES_UNROLL
|
||||
#endif
|
||||
|
||||
/* These default values were supplied by
|
||||
* Peter Gutman <pgut001@cs.auckland.ac.nz>
|
||||
* They are only used if nothing else has been defined */
|
||||
#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
|
||||
/* Special defines which change the way the code is built depending on the
|
||||
CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
|
||||
even newer MIPS CPU's, but at the moment one size fits all for
|
||||
optimization options. Older Sparc's work better with only UNROLL, but
|
||||
there's no way to tell at compile time what it is you're running on */
|
||||
|
||||
#if defined( __sun ) || defined ( sun ) /* Newer Sparc's */
|
||||
# define DES_PTR
|
||||
# define DES_RISC1
|
||||
# define DES_UNROLL
|
||||
#elif defined( __ultrix ) /* Older MIPS */
|
||||
# define DES_PTR
|
||||
# define DES_RISC2
|
||||
# define DES_UNROLL
|
||||
#elif defined( __osf1__ ) /* Alpha */
|
||||
# define DES_PTR
|
||||
# define DES_RISC2
|
||||
#elif defined ( _AIX ) /* RS6000 */
|
||||
/* Unknown */
|
||||
#elif defined( __hpux ) /* HP-PA */
|
||||
/* Unknown */
|
||||
#elif defined( __aux ) /* 68K */
|
||||
/* Unknown */
|
||||
#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
|
||||
# define DES_UNROLL
|
||||
#elif defined( __sgi ) /* Newer MIPS */
|
||||
# define DES_PTR
|
||||
# define DES_RISC2
|
||||
# define DES_UNROLL
|
||||
#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */
|
||||
# define DES_PTR
|
||||
# define DES_RISC1
|
||||
# define DES_UNROLL
|
||||
#endif /* Systems-specific speed defines */
|
||||
#endif
|
||||
|
||||
#endif /* DES_DEFAULT_OPTIONS */
|
||||
#endif /* HEADER_DES_LOCL_H */
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
@ -30,11 +30,11 @@ extern "C" {
|
||||
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
|
||||
* major minor fix final patch/beta)
|
||||
*/
|
||||
# define OPENSSL_VERSION_NUMBER 0x1000205fL
|
||||
# define OPENSSL_VERSION_NUMBER 0x1000207fL
|
||||
# ifdef OPENSSL_FIPS
|
||||
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2e-fips 3 Dec 2015"
|
||||
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2g-fips 1 Mar 2016"
|
||||
# else
|
||||
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2e 3 Dec 2015"
|
||||
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2g 1 Mar 2016"
|
||||
# endif
|
||||
# define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
|
||||
|
||||
|
@ -418,6 +418,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
|
||||
pem_password_cb *cd, void *u);
|
||||
# endif
|
||||
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
int PEM_read(FILE *fp, char **name, char **header,
|
||||
unsigned char **data, long *len);
|
||||
int PEM_write(FILE *fp, const char *name, const char *hdr,
|
||||
@ -429,6 +430,7 @@ int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
|
||||
int klen, pem_password_cb *callback, void *u);
|
||||
STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
|
||||
pem_password_cb *cb, void *u);
|
||||
#endif
|
||||
|
||||
int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
|
||||
EVP_MD *md_type, unsigned char **ek, int *ekl,
|
||||
@ -495,6 +497,7 @@ int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
|
||||
EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
|
||||
void *u);
|
||||
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
|
||||
char *kstr, int klen,
|
||||
pem_password_cb *cb, void *u);
|
||||
@ -511,7 +514,7 @@ EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
|
||||
int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
|
||||
char *kstr, int klen, pem_password_cb *cd,
|
||||
void *u);
|
||||
|
||||
#endif
|
||||
EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x);
|
||||
int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x);
|
||||
|
||||
|
@ -82,16 +82,21 @@ typedef struct SRP_gN_cache_st {
|
||||
DECLARE_STACK_OF(SRP_gN_cache)
|
||||
|
||||
typedef struct SRP_user_pwd_st {
|
||||
/* Owned by us. */
|
||||
char *id;
|
||||
BIGNUM *s;
|
||||
BIGNUM *v;
|
||||
/* Not owned by us. */
|
||||
const BIGNUM *g;
|
||||
const BIGNUM *N;
|
||||
/* Owned by us. */
|
||||
char *info;
|
||||
} SRP_user_pwd;
|
||||
|
||||
DECLARE_STACK_OF(SRP_user_pwd)
|
||||
|
||||
void SRP_user_pwd_free(SRP_user_pwd *user_pwd);
|
||||
|
||||
typedef struct SRP_VBASE_st {
|
||||
STACK_OF(SRP_user_pwd) *users_pwd;
|
||||
STACK_OF(SRP_gN_cache) *gN_cache;
|
||||
@ -114,8 +119,14 @@ DECLARE_STACK_OF(SRP_gN)
|
||||
|
||||
SRP_VBASE *SRP_VBASE_new(char *seed_key);
|
||||
int SRP_VBASE_free(SRP_VBASE *vb);
|
||||
#ifndef OPENSSL_NO_STDIO
|
||||
int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file);
|
||||
#endif
|
||||
/* This method ignores the configured seed and fails for an unknown user. */
|
||||
SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username);
|
||||
/* NOTE: unlike in SRP_VBASE_get_by_user, caller owns the returned pointer.*/
|
||||
SRP_user_pwd *SRP_VBASE_get1_by_user(SRP_VBASE *vb, char *username);
|
||||
|
||||
char *SRP_create_verifier(const char *user, const char *pass, char **salt,
|
||||
char **verifier, const char *N, const char *g);
|
||||
int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
|
||||
|
@ -625,7 +625,7 @@ struct ssl_session_st {
|
||||
# define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L
|
||||
/* If set, always create a new key when using tmp_ecdh parameters */
|
||||
# define SSL_OP_SINGLE_ECDH_USE 0x00080000L
|
||||
/* If set, always create a new key when using tmp_dh parameters */
|
||||
/* Does nothing: retained for compatibility */
|
||||
# define SSL_OP_SINGLE_DH_USE 0x00100000L
|
||||
/* Does nothing: retained for compatibiity */
|
||||
# define SSL_OP_EPHEMERAL_RSA 0x0
|
||||
@ -2092,7 +2092,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
|
||||
# define SSL_CTX_set1_sigalgs_list(ctx, s) \
|
||||
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)s)
|
||||
# define SSL_set1_sigalgs(ctx, slist, slistlen) \
|
||||
SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS,clistlen,(int *)slist)
|
||||
SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS,slistlen,(int *)slist)
|
||||
# define SSL_set1_sigalgs_list(ctx, s) \
|
||||
SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)s)
|
||||
# define SSL_CTX_set1_client_sigalgs(ctx, slist, slistlen) \
|
||||
@ -3056,6 +3056,7 @@ void ERR_load_SSL_strings(void);
|
||||
# define SSL_R_SERVERHELLO_TLSEXT 275
|
||||
# define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
|
||||
# define SSL_R_SHORT_READ 219
|
||||
# define SSL_R_SHUTDOWN_WHILE_IN_INIT 407
|
||||
# define SSL_R_SIGNATURE_ALGORITHMS_ERROR 360
|
||||
# define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
|
||||
# define SSL_R_SRP_A_CALC 361
|
||||
|
@ -281,8 +281,10 @@ TS_REQ *d2i_TS_REQ(TS_REQ **a, const unsigned char **pp, long length);
|
||||
|
||||
TS_REQ *TS_REQ_dup(TS_REQ *a);
|
||||
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
TS_REQ *d2i_TS_REQ_fp(FILE *fp, TS_REQ **a);
|
||||
int i2d_TS_REQ_fp(FILE *fp, TS_REQ *a);
|
||||
#endif
|
||||
TS_REQ *d2i_TS_REQ_bio(BIO *fp, TS_REQ **a);
|
||||
int i2d_TS_REQ_bio(BIO *fp, TS_REQ *a);
|
||||
|
||||
@ -294,10 +296,12 @@ TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT **a,
|
||||
|
||||
TS_MSG_IMPRINT *TS_MSG_IMPRINT_dup(TS_MSG_IMPRINT *a);
|
||||
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a);
|
||||
int i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a);
|
||||
TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT **a);
|
||||
int i2d_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT *a);
|
||||
#endif
|
||||
TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_bio(BIO *bio, TS_MSG_IMPRINT **a);
|
||||
int i2d_TS_MSG_IMPRINT_bio(BIO *bio, TS_MSG_IMPRINT *a);
|
||||
|
||||
TS_RESP *TS_RESP_new(void);
|
||||
void TS_RESP_free(TS_RESP *a);
|
||||
@ -306,10 +310,12 @@ TS_RESP *d2i_TS_RESP(TS_RESP **a, const unsigned char **pp, long length);
|
||||
TS_TST_INFO *PKCS7_to_TS_TST_INFO(PKCS7 *token);
|
||||
TS_RESP *TS_RESP_dup(TS_RESP *a);
|
||||
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
TS_RESP *d2i_TS_RESP_fp(FILE *fp, TS_RESP **a);
|
||||
int i2d_TS_RESP_fp(FILE *fp, TS_RESP *a);
|
||||
TS_RESP *d2i_TS_RESP_bio(BIO *fp, TS_RESP **a);
|
||||
int i2d_TS_RESP_bio(BIO *fp, TS_RESP *a);
|
||||
#endif
|
||||
TS_RESP *d2i_TS_RESP_bio(BIO *bio, TS_RESP **a);
|
||||
int i2d_TS_RESP_bio(BIO *bio, TS_RESP *a);
|
||||
|
||||
TS_STATUS_INFO *TS_STATUS_INFO_new(void);
|
||||
void TS_STATUS_INFO_free(TS_STATUS_INFO *a);
|
||||
@ -325,10 +331,12 @@ TS_TST_INFO *d2i_TS_TST_INFO(TS_TST_INFO **a, const unsigned char **pp,
|
||||
long length);
|
||||
TS_TST_INFO *TS_TST_INFO_dup(TS_TST_INFO *a);
|
||||
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
TS_TST_INFO *d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a);
|
||||
int i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a);
|
||||
TS_TST_INFO *d2i_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO **a);
|
||||
int i2d_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO *a);
|
||||
#endif
|
||||
TS_TST_INFO *d2i_TS_TST_INFO_bio(BIO *bio, TS_TST_INFO **a);
|
||||
int i2d_TS_TST_INFO_bio(BIO *bio, TS_TST_INFO *a);
|
||||
|
||||
TS_ACCURACY *TS_ACCURACY_new(void);
|
||||
void TS_ACCURACY_free(TS_ACCURACY *a);
|
||||
@ -728,15 +736,18 @@ int TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *msg);
|
||||
* ts/ts_conf.c
|
||||
*/
|
||||
|
||||
#ifndef OPENSSL_NO_STDIO
|
||||
X509 *TS_CONF_load_cert(const char *file);
|
||||
STACK_OF(X509) *TS_CONF_load_certs(const char *file);
|
||||
EVP_PKEY *TS_CONF_load_key(const char *file, const char *pass);
|
||||
#endif
|
||||
const char *TS_CONF_get_tsa_section(CONF *conf, const char *section);
|
||||
int TS_CONF_set_serial(CONF *conf, const char *section, TS_serial_cb cb,
|
||||
TS_RESP_CTX *ctx);
|
||||
int TS_CONF_set_crypto_device(CONF *conf, const char *section,
|
||||
const char *device);
|
||||
int TS_CONF_set_default_engine(const char *name);
|
||||
#ifndef OPENSSL_NO_STDIO
|
||||
int TS_CONF_set_signer_cert(CONF *conf, const char *section,
|
||||
const char *cert, TS_RESP_CTX *ctx);
|
||||
int TS_CONF_set_certs(CONF *conf, const char *section, const char *certs,
|
||||
@ -744,6 +755,7 @@ int TS_CONF_set_certs(CONF *conf, const char *section, const char *certs,
|
||||
int TS_CONF_set_signer_key(CONF *conf, const char *section,
|
||||
const char *key, const char *pass,
|
||||
TS_RESP_CTX *ctx);
|
||||
#endif
|
||||
int TS_CONF_set_def_policy(CONF *conf, const char *section,
|
||||
const char *policy, TS_RESP_CTX *ctx);
|
||||
int TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx);
|
||||
@ -784,6 +796,11 @@ void ERR_load_TS_strings(void);
|
||||
# define TS_F_TS_CHECK_SIGNING_CERTS 103
|
||||
# define TS_F_TS_CHECK_STATUS_INFO 104
|
||||
# define TS_F_TS_COMPUTE_IMPRINT 145
|
||||
# define TS_F_TS_CONF_INVALID 151
|
||||
# define TS_F_TS_CONF_LOAD_CERT 153
|
||||
# define TS_F_TS_CONF_LOAD_CERTS 154
|
||||
# define TS_F_TS_CONF_LOAD_KEY 155
|
||||
# define TS_F_TS_CONF_LOOKUP_FAIL 152
|
||||
# define TS_F_TS_CONF_SET_DEFAULT_ENGINE 146
|
||||
# define TS_F_TS_GET_STATUS_TEXT 105
|
||||
# define TS_F_TS_MSG_IMPRINT_SET_ALGO 118
|
||||
@ -822,6 +839,8 @@ void ERR_load_TS_strings(void);
|
||||
/* Reason codes. */
|
||||
# define TS_R_BAD_PKCS7_TYPE 132
|
||||
# define TS_R_BAD_TYPE 133
|
||||
# define TS_R_CANNOT_LOAD_CERT 137
|
||||
# define TS_R_CANNOT_LOAD_KEY 138
|
||||
# define TS_R_CERTIFICATE_VERIFY_ERROR 100
|
||||
# define TS_R_COULD_NOT_SET_ENGINE 127
|
||||
# define TS_R_COULD_NOT_SET_TIME 115
|
||||
@ -854,6 +873,8 @@ void ERR_load_TS_strings(void);
|
||||
# define TS_R_UNACCEPTABLE_POLICY 125
|
||||
# define TS_R_UNSUPPORTED_MD_ALGORITHM 126
|
||||
# define TS_R_UNSUPPORTED_VERSION 113
|
||||
# define TS_R_VAR_BAD_VALUE 135
|
||||
# define TS_R_VAR_LOOKUP_FAILURE 136
|
||||
# define TS_R_WRONG_CONTENT_TYPE 114
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/ui/ui.h */
|
||||
/*
|
||||
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
|
||||
* 2001.
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/ui/ui.h */
|
||||
/*
|
||||
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
|
||||
* 2001.
|
||||
|
@ -313,7 +313,7 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
|
||||
X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL)
|
||||
|
||||
# define X509_V_OK 0
|
||||
/* illegal error (for uninitialized values, to avoid X509_V_OK): 1 */
|
||||
# define X509_V_ERR_UNSPECIFIED 1
|
||||
|
||||
# define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2
|
||||
# define X509_V_ERR_UNABLE_TO_GET_CRL 3
|
||||
@ -492,9 +492,10 @@ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
|
||||
X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *ctx);
|
||||
|
||||
X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
|
||||
|
||||
#ifndef OPENSSL_NO_STDIO
|
||||
X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
|
||||
X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
|
||||
#endif
|
||||
|
||||
int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
|
||||
int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
|
||||
|
@ -688,8 +688,9 @@ void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent,
|
||||
int ml);
|
||||
int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag,
|
||||
int indent);
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
|
||||
|
||||
#endif
|
||||
int X509V3_extensions_print(BIO *out, char *title,
|
||||
STACK_OF(X509_EXTENSION) *exts,
|
||||
unsigned long flag, int indent);
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/aes/aes_cbc.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/aes/aes_cbc.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/aes/aes_cfb.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/aes/aes_cfb.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2002-2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/aes/aes_core.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/aes/aes_core.c */
|
||||
/**
|
||||
* rijndael-alg-fst.c
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/aes/aes_ctr.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/aes/aes_ctr.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/aes/aes_ecb.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/aes/aes_ecb.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/aes/aes_ige.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/aes/aes_ige.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/aes/aes.h */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/aes/aes_misc.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/aes/aes_misc.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/aes/aes_ofb.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/aes/aes_ofb.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2002-2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -104,6 +104,7 @@ static int send_bio_chars(void *arg, const void *buf, int len)
|
||||
return 1;
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
static int send_fp_chars(void *arg, const void *buf, int len)
|
||||
{
|
||||
if (!arg)
|
||||
@ -112,6 +113,7 @@ static int send_fp_chars(void *arg, const void *buf, int len)
|
||||
return 0;
|
||||
return 1;
|
||||
}
|
||||
#endif
|
||||
|
||||
typedef int char_io (void *arg, const void *buf, int len);
|
||||
|
||||
|
@ -193,7 +193,12 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp,
|
||||
OPENSSL_cleanse(pkey->private_key->data, rsalen);
|
||||
|
||||
if (cb == NULL)
|
||||
#ifndef OPENSSL_NO_UI
|
||||
cb = EVP_read_pw_string;
|
||||
#else
|
||||
i = 1;
|
||||
else
|
||||
#endif
|
||||
i = cb((char *)buf, 256, "Enter Private Key password:", 1);
|
||||
if (i != 0) {
|
||||
ASN1err(ASN1_F_I2D_RSA_NET, ASN1_R_BAD_PASSWORD_READ);
|
||||
@ -264,7 +269,11 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
|
||||
goto err;
|
||||
}
|
||||
if (cb == NULL)
|
||||
#ifndef OPENSSL_NO_UI
|
||||
cb = EVP_read_pw_string;
|
||||
#else
|
||||
goto err;
|
||||
#endif
|
||||
if ((ret = d2i_RSA_NET_2(a, enckey->enckey->digest, cb, sgckey)) == NULL)
|
||||
goto err;
|
||||
|
||||
|
@ -717,7 +717,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
|
||||
long plen;
|
||||
char cst, inf, free_cont = 0;
|
||||
const unsigned char *p;
|
||||
BUF_MEM buf;
|
||||
BUF_MEM buf = { 0, NULL, 0 };
|
||||
const unsigned char *cont = NULL;
|
||||
long len;
|
||||
if (!pval) {
|
||||
@ -793,7 +793,6 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
|
||||
} else {
|
||||
len = p - cont + plen;
|
||||
p += plen;
|
||||
buf.data = NULL;
|
||||
}
|
||||
} else if (cst) {
|
||||
if (utype == V_ASN1_NULL || utype == V_ASN1_BOOLEAN
|
||||
@ -802,9 +801,9 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
|
||||
ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_TYPE_NOT_PRIMITIVE);
|
||||
return 0;
|
||||
}
|
||||
buf.length = 0;
|
||||
buf.max = 0;
|
||||
buf.data = NULL;
|
||||
|
||||
/* Free any returned 'buf' content */
|
||||
free_cont = 1;
|
||||
/*
|
||||
* Should really check the internal tags are correct but some things
|
||||
* may get this wrong. The relevant specs say that constructed string
|
||||
@ -812,18 +811,16 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
|
||||
* So instead just check for UNIVERSAL class and ignore the tag.
|
||||
*/
|
||||
if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL, 0)) {
|
||||
free_cont = 1;
|
||||
goto err;
|
||||
}
|
||||
len = buf.length;
|
||||
/* Append a final null to string */
|
||||
if (!BUF_MEM_grow_clean(&buf, len + 1)) {
|
||||
ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE);
|
||||
return 0;
|
||||
goto err;
|
||||
}
|
||||
buf.data[len] = 0;
|
||||
cont = (const unsigned char *)buf.data;
|
||||
free_cont = 1;
|
||||
} else {
|
||||
cont = p;
|
||||
len = plen;
|
||||
@ -831,6 +828,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
|
||||
}
|
||||
|
||||
/* We now have content length and type: translate into a structure */
|
||||
/* asn1_ex_c2i may reuse allocated buffer, and so sets free_cont to 0 */
|
||||
if (!asn1_ex_c2i(pval, cont, len, utype, &free_cont, it))
|
||||
goto err;
|
||||
|
||||
|
@ -125,18 +125,18 @@
|
||||
# define LLONG long
|
||||
#endif
|
||||
|
||||
static void fmtstr(char **, char **, size_t *, size_t *,
|
||||
const char *, int, int, int);
|
||||
static void fmtint(char **, char **, size_t *, size_t *,
|
||||
LLONG, int, int, int, int);
|
||||
static int fmtstr(char **, char **, size_t *, size_t *,
|
||||
const char *, int, int, int);
|
||||
static int fmtint(char **, char **, size_t *, size_t *,
|
||||
LLONG, int, int, int, int);
|
||||
#ifndef OPENSSL_SYS_UEFI
|
||||
static void fmtfp(char **, char **, size_t *, size_t *,
|
||||
LDOUBLE, int, int, int);
|
||||
static int fmtfp(char **, char **, size_t *, size_t *,
|
||||
LDOUBLE, int, int, int);
|
||||
#endif
|
||||
static void doapr_outch(char **, char **, size_t *, size_t *, int);
|
||||
static void _dopr(char **sbuffer, char **buffer,
|
||||
size_t *maxlen, size_t *retlen, int *truncated,
|
||||
const char *format, va_list args);
|
||||
static int doapr_outch(char **, char **, size_t *, size_t *, int);
|
||||
static int _dopr(char **sbuffer, char **buffer,
|
||||
size_t *maxlen, size_t *retlen, int *truncated,
|
||||
const char *format, va_list args);
|
||||
|
||||
/* format read states */
|
||||
#define DP_S_DEFAULT 0
|
||||
@ -167,7 +167,7 @@ static void _dopr(char **sbuffer, char **buffer,
|
||||
#define char_to_int(p) (p - '0')
|
||||
#define OSSL_MAX(p,q) ((p >= q) ? p : q)
|
||||
|
||||
static void
|
||||
static int
|
||||
_dopr(char **sbuffer,
|
||||
char **buffer,
|
||||
size_t *maxlen,
|
||||
@ -200,7 +200,8 @@ _dopr(char **sbuffer,
|
||||
if (ch == '%')
|
||||
state = DP_S_FLAGS;
|
||||
else
|
||||
doapr_outch(sbuffer, buffer, &currlen, maxlen, ch);
|
||||
if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, ch))
|
||||
return 0;
|
||||
ch = *format++;
|
||||
break;
|
||||
case DP_S_FLAGS:
|
||||
@ -308,8 +309,9 @@ _dopr(char **sbuffer,
|
||||
value = va_arg(args, int);
|
||||
break;
|
||||
}
|
||||
fmtint(sbuffer, buffer, &currlen, maxlen,
|
||||
value, 10, min, max, flags);
|
||||
if (!fmtint(sbuffer, buffer, &currlen, maxlen, value, 10, min,
|
||||
max, flags))
|
||||
return 0;
|
||||
break;
|
||||
case 'X':
|
||||
flags |= DP_F_UP;
|
||||
@ -332,9 +334,10 @@ _dopr(char **sbuffer,
|
||||
value = (LLONG) va_arg(args, unsigned int);
|
||||
break;
|
||||
}
|
||||
fmtint(sbuffer, buffer, &currlen, maxlen, value,
|
||||
ch == 'o' ? 8 : (ch == 'u' ? 10 : 16),
|
||||
min, max, flags);
|
||||
if (!fmtint(sbuffer, buffer, &currlen, maxlen, value,
|
||||
ch == 'o' ? 8 : (ch == 'u' ? 10 : 16),
|
||||
min, max, flags))
|
||||
return 0;
|
||||
break;
|
||||
#ifndef OPENSSL_SYS_UEFI
|
||||
case 'f':
|
||||
@ -342,8 +345,9 @@ _dopr(char **sbuffer,
|
||||
fvalue = va_arg(args, LDOUBLE);
|
||||
else
|
||||
fvalue = va_arg(args, double);
|
||||
fmtfp(sbuffer, buffer, &currlen, maxlen,
|
||||
fvalue, min, max, flags);
|
||||
if (!fmtfp(sbuffer, buffer, &currlen, maxlen, fvalue, min, max,
|
||||
flags))
|
||||
return 0;
|
||||
break;
|
||||
case 'E':
|
||||
flags |= DP_F_UP;
|
||||
@ -363,8 +367,9 @@ _dopr(char **sbuffer,
|
||||
break;
|
||||
#endif
|
||||
case 'c':
|
||||
doapr_outch(sbuffer, buffer, &currlen, maxlen,
|
||||
va_arg(args, int));
|
||||
if(!doapr_outch(sbuffer, buffer, &currlen, maxlen,
|
||||
va_arg(args, int)))
|
||||
return 0;
|
||||
break;
|
||||
case 's':
|
||||
strvalue = va_arg(args, char *);
|
||||
@ -374,13 +379,15 @@ _dopr(char **sbuffer,
|
||||
else
|
||||
max = *maxlen;
|
||||
}
|
||||
fmtstr(sbuffer, buffer, &currlen, maxlen, strvalue,
|
||||
flags, min, max);
|
||||
if (!fmtstr(sbuffer, buffer, &currlen, maxlen, strvalue,
|
||||
flags, min, max))
|
||||
return 0;
|
||||
break;
|
||||
case 'p':
|
||||
value = (long)va_arg(args, void *);
|
||||
fmtint(sbuffer, buffer, &currlen, maxlen,
|
||||
value, 16, min, max, flags | DP_F_NUM);
|
||||
if (!fmtint(sbuffer, buffer, &currlen, maxlen,
|
||||
value, 16, min, max, flags | DP_F_NUM))
|
||||
return 0;
|
||||
break;
|
||||
case 'n': /* XXX */
|
||||
if (cflags == DP_C_SHORT) {
|
||||
@ -402,7 +409,8 @@ _dopr(char **sbuffer,
|
||||
}
|
||||
break;
|
||||
case '%':
|
||||
doapr_outch(sbuffer, buffer, &currlen, maxlen, ch);
|
||||
if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, ch))
|
||||
return 0;
|
||||
break;
|
||||
case 'w':
|
||||
/* not supported yet, treat as next char */
|
||||
@ -426,46 +434,56 @@ _dopr(char **sbuffer,
|
||||
*truncated = (currlen > *maxlen - 1);
|
||||
if (*truncated)
|
||||
currlen = *maxlen - 1;
|
||||
doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0');
|
||||
if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0'))
|
||||
return 0;
|
||||
*retlen = currlen - 1;
|
||||
return;
|
||||
return 1;
|
||||
}
|
||||
|
||||
static void
|
||||
static int
|
||||
fmtstr(char **sbuffer,
|
||||
char **buffer,
|
||||
size_t *currlen,
|
||||
size_t *maxlen, const char *value, int flags, int min, int max)
|
||||
{
|
||||
int padlen, strln;
|
||||
int padlen;
|
||||
size_t strln;
|
||||
int cnt = 0;
|
||||
|
||||
if (value == 0)
|
||||
value = "<NULL>";
|
||||
for (strln = 0; value[strln]; ++strln) ;
|
||||
|
||||
strln = strlen(value);
|
||||
if (strln > INT_MAX)
|
||||
strln = INT_MAX;
|
||||
|
||||
padlen = min - strln;
|
||||
if (padlen < 0)
|
||||
if (min < 0 || padlen < 0)
|
||||
padlen = 0;
|
||||
if (flags & DP_F_MINUS)
|
||||
padlen = -padlen;
|
||||
|
||||
while ((padlen > 0) && (cnt < max)) {
|
||||
doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
|
||||
if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
|
||||
return 0;
|
||||
--padlen;
|
||||
++cnt;
|
||||
}
|
||||
while (*value && (cnt < max)) {
|
||||
doapr_outch(sbuffer, buffer, currlen, maxlen, *value++);
|
||||
if(!doapr_outch(sbuffer, buffer, currlen, maxlen, *value++))
|
||||
return 0;
|
||||
++cnt;
|
||||
}
|
||||
while ((padlen < 0) && (cnt < max)) {
|
||||
doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
|
||||
if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
|
||||
return 0;
|
||||
++padlen;
|
||||
++cnt;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
static void
|
||||
static int
|
||||
fmtint(char **sbuffer,
|
||||
char **buffer,
|
||||
size_t *currlen,
|
||||
@ -525,37 +543,44 @@ fmtint(char **sbuffer,
|
||||
|
||||
/* spaces */
|
||||
while (spadlen > 0) {
|
||||
doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
|
||||
if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
|
||||
return 0;
|
||||
--spadlen;
|
||||
}
|
||||
|
||||
/* sign */
|
||||
if (signvalue)
|
||||
doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
|
||||
if(!doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue))
|
||||
return 0;
|
||||
|
||||
/* prefix */
|
||||
while (*prefix) {
|
||||
doapr_outch(sbuffer, buffer, currlen, maxlen, *prefix);
|
||||
if(!doapr_outch(sbuffer, buffer, currlen, maxlen, *prefix))
|
||||
return 0;
|
||||
prefix++;
|
||||
}
|
||||
|
||||
/* zeros */
|
||||
if (zpadlen > 0) {
|
||||
while (zpadlen > 0) {
|
||||
doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
|
||||
if(!doapr_outch(sbuffer, buffer, currlen, maxlen, '0'))
|
||||
return 0;
|
||||
--zpadlen;
|
||||
}
|
||||
}
|
||||
/* digits */
|
||||
while (place > 0)
|
||||
doapr_outch(sbuffer, buffer, currlen, maxlen, convert[--place]);
|
||||
while (place > 0) {
|
||||
if (!doapr_outch(sbuffer, buffer, currlen, maxlen, convert[--place]))
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* left justified spaces */
|
||||
while (spadlen < 0) {
|
||||
doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
|
||||
if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
|
||||
return 0;
|
||||
++spadlen;
|
||||
}
|
||||
return;
|
||||
return 1;
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_SYS_UEFI
|
||||
@ -587,7 +612,7 @@ static long roundv(LDOUBLE value)
|
||||
return intpart;
|
||||
}
|
||||
|
||||
static void
|
||||
static int
|
||||
fmtfp(char **sbuffer,
|
||||
char **buffer,
|
||||
size_t *currlen,
|
||||
@ -666,48 +691,62 @@ fmtfp(char **sbuffer,
|
||||
|
||||
if ((flags & DP_F_ZERO) && (padlen > 0)) {
|
||||
if (signvalue) {
|
||||
doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
|
||||
if (!doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue))
|
||||
return 0;
|
||||
--padlen;
|
||||
signvalue = 0;
|
||||
}
|
||||
while (padlen > 0) {
|
||||
doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
|
||||
if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '0'))
|
||||
return 0;
|
||||
--padlen;
|
||||
}
|
||||
}
|
||||
while (padlen > 0) {
|
||||
doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
|
||||
if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
|
||||
return 0;
|
||||
--padlen;
|
||||
}
|
||||
if (signvalue)
|
||||
doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
|
||||
if (signvalue && !doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue))
|
||||
return 0;
|
||||
|
||||
while (iplace > 0)
|
||||
doapr_outch(sbuffer, buffer, currlen, maxlen, iconvert[--iplace]);
|
||||
while (iplace > 0) {
|
||||
if (!doapr_outch(sbuffer, buffer, currlen, maxlen, iconvert[--iplace]))
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* Decimal point. This should probably use locale to find the correct
|
||||
* char to print out.
|
||||
*/
|
||||
if (max > 0 || (flags & DP_F_NUM)) {
|
||||
doapr_outch(sbuffer, buffer, currlen, maxlen, '.');
|
||||
if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '.'))
|
||||
return 0;
|
||||
|
||||
while (fplace > 0)
|
||||
doapr_outch(sbuffer, buffer, currlen, maxlen, fconvert[--fplace]);
|
||||
while (fplace > 0) {
|
||||
if(!doapr_outch(sbuffer, buffer, currlen, maxlen,
|
||||
fconvert[--fplace]))
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
while (zpadlen > 0) {
|
||||
doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
|
||||
if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '0'))
|
||||
return 0;
|
||||
--zpadlen;
|
||||
}
|
||||
|
||||
while (padlen < 0) {
|
||||
doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
|
||||
if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
|
||||
return 0;
|
||||
++padlen;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
#endif
|
||||
|
||||
static void
|
||||
#define BUFFER_INC 1024
|
||||
|
||||
static int
|
||||
doapr_outch(char **sbuffer,
|
||||
char **buffer, size_t *currlen, size_t *maxlen, int c)
|
||||
{
|
||||
@ -718,24 +757,25 @@ doapr_outch(char **sbuffer,
|
||||
assert(*currlen <= *maxlen);
|
||||
|
||||
if (buffer && *currlen == *maxlen) {
|
||||
*maxlen += 1024;
|
||||
if (*maxlen > INT_MAX - BUFFER_INC)
|
||||
return 0;
|
||||
|
||||
*maxlen += BUFFER_INC;
|
||||
if (*buffer == NULL) {
|
||||
*buffer = OPENSSL_malloc(*maxlen);
|
||||
if (!*buffer) {
|
||||
/* Panic! Can't really do anything sensible. Just return */
|
||||
return;
|
||||
}
|
||||
if (*buffer == NULL)
|
||||
return 0;
|
||||
if (*currlen > 0) {
|
||||
assert(*sbuffer != NULL);
|
||||
memcpy(*buffer, *sbuffer, *currlen);
|
||||
}
|
||||
*sbuffer = NULL;
|
||||
} else {
|
||||
*buffer = OPENSSL_realloc(*buffer, *maxlen);
|
||||
if (!*buffer) {
|
||||
/* Panic! Can't really do anything sensible. Just return */
|
||||
return;
|
||||
}
|
||||
char *tmpbuf;
|
||||
tmpbuf = OPENSSL_realloc(*buffer, *maxlen);
|
||||
if (tmpbuf == NULL)
|
||||
return 0;
|
||||
*buffer = tmpbuf;
|
||||
}
|
||||
}
|
||||
|
||||
@ -746,7 +786,7 @@ doapr_outch(char **sbuffer,
|
||||
(*buffer)[(*currlen)++] = (char)c;
|
||||
}
|
||||
|
||||
return;
|
||||
return 1;
|
||||
}
|
||||
|
||||
/***************************************************************************/
|
||||
@ -778,7 +818,11 @@ int BIO_vprintf(BIO *bio, const char *format, va_list args)
|
||||
|
||||
dynbuf = NULL;
|
||||
CRYPTO_push_info("doapr()");
|
||||
_dopr(&hugebufp, &dynbuf, &hugebufsize, &retlen, &ignored, format, args);
|
||||
if (!_dopr(&hugebufp, &dynbuf, &hugebufsize, &retlen, &ignored, format,
|
||||
args)) {
|
||||
OPENSSL_free(dynbuf);
|
||||
return -1;
|
||||
}
|
||||
if (dynbuf) {
|
||||
ret = BIO_write(bio, dynbuf, (int)retlen);
|
||||
OPENSSL_free(dynbuf);
|
||||
@ -813,7 +857,8 @@ int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
|
||||
size_t retlen;
|
||||
int truncated;
|
||||
|
||||
_dopr(&buf, NULL, &n, &retlen, &truncated, format, args);
|
||||
if(!_dopr(&buf, NULL, &n, &retlen, &truncated, format, args))
|
||||
return -1;
|
||||
|
||||
if (truncated)
|
||||
/*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/bio/bss_bio.c -*- Mode: C; c-file-style: "eay" -*- */
|
||||
/* crypto/bio/bss_bio.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -419,7 +419,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
|
||||
{
|
||||
BIO *dbio;
|
||||
int *ip;
|
||||
const char **pptr;
|
||||
const char **pptr = NULL;
|
||||
long ret = 1;
|
||||
BIO_CONNECT *data;
|
||||
|
||||
@ -442,19 +442,28 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
|
||||
case BIO_C_GET_CONNECT:
|
||||
if (ptr != NULL) {
|
||||
pptr = (const char **)ptr;
|
||||
if (num == 0) {
|
||||
*pptr = data->param_hostname;
|
||||
}
|
||||
|
||||
} else if (num == 1) {
|
||||
*pptr = data->param_port;
|
||||
} else if (num == 2) {
|
||||
*pptr = (char *)&(data->ip[0]);
|
||||
} else if (num == 3) {
|
||||
*((int *)ptr) = data->port;
|
||||
if (b->init) {
|
||||
if (pptr != NULL) {
|
||||
ret = 1;
|
||||
if (num == 0) {
|
||||
*pptr = data->param_hostname;
|
||||
} else if (num == 1) {
|
||||
*pptr = data->param_port;
|
||||
} else if (num == 2) {
|
||||
*pptr = (char *)&(data->ip[0]);
|
||||
} else {
|
||||
ret = 0;
|
||||
}
|
||||
}
|
||||
if ((!b->init) || (ptr == NULL))
|
||||
if (num == 3) {
|
||||
ret = data->port;
|
||||
}
|
||||
} else {
|
||||
if (pptr != NULL)
|
||||
*pptr = "not initialized";
|
||||
ret = 1;
|
||||
ret = 0;
|
||||
}
|
||||
break;
|
||||
case BIO_C_SET_CONNECT:
|
||||
|
@ -519,10 +519,8 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
|
||||
switch (cmd) {
|
||||
case BIO_CTRL_RESET:
|
||||
num = 0;
|
||||
case BIO_C_FILE_SEEK:
|
||||
ret = 0;
|
||||
break;
|
||||
case BIO_C_FILE_TELL:
|
||||
case BIO_CTRL_INFO:
|
||||
ret = 0;
|
||||
break;
|
||||
|
@ -467,23 +467,6 @@ static int MS_CALLBACK file_puts(BIO *bp, const char *str)
|
||||
return (ret);
|
||||
}
|
||||
|
||||
# else
|
||||
|
||||
BIO_METHOD *BIO_s_file(void)
|
||||
{
|
||||
return NULL;
|
||||
}
|
||||
|
||||
BIO *BIO_new_file(const char *filename, const char *mode)
|
||||
{
|
||||
return NULL;
|
||||
}
|
||||
|
||||
BIO *BIO_new_fp(FILE *stream, int close_flag)
|
||||
{
|
||||
return NULL;
|
||||
}
|
||||
|
||||
# endif /* OPENSSL_NO_STDIO */
|
||||
|
||||
#endif /* HEADER_BSS_FILE_C */
|
||||
|
@ -91,7 +91,8 @@ BIO_METHOD *BIO_s_mem(void)
|
||||
return (&mem_method);
|
||||
}
|
||||
|
||||
BIO *BIO_new_mem_buf(void *buf, int len)
|
||||
|
||||
BIO *BIO_new_mem_buf(const void *buf, int len)
|
||||
{
|
||||
BIO *ret;
|
||||
BUF_MEM *b;
|
||||
@ -105,7 +106,8 @@ BIO *BIO_new_mem_buf(void *buf, int len)
|
||||
if (!(ret = BIO_new(BIO_s_mem())))
|
||||
return NULL;
|
||||
b = (BUF_MEM *)ret->ptr;
|
||||
b->data = buf;
|
||||
/* Cast away const and trust in the MEM_RDONLY flag. */
|
||||
b->data = (void *)buf;
|
||||
b->length = sz;
|
||||
b->max = sz;
|
||||
ret->flags |= BIO_FLAGS_MEM_RDONLY;
|
||||
|
@ -125,6 +125,7 @@
|
||||
#ifndef HEADER_BN_H
|
||||
# define HEADER_BN_H
|
||||
|
||||
# include <limits.h>
|
||||
# include <openssl/e_os2.h>
|
||||
# ifndef OPENSSL_NO_FP_API
|
||||
# include <stdio.h> /* FILE */
|
||||
@ -721,8 +722,17 @@ const BIGNUM *BN_get0_nist_prime_521(void);
|
||||
|
||||
/* library internal functions */
|
||||
|
||||
# define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\
|
||||
(a):bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2))
|
||||
# define bn_expand(a,bits) \
|
||||
( \
|
||||
bits > (INT_MAX - BN_BITS2 + 1) ? \
|
||||
NULL \
|
||||
: \
|
||||
(((bits+BN_BITS2-1)/BN_BITS2) <= (a)->dmax) ? \
|
||||
(a) \
|
||||
: \
|
||||
bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2) \
|
||||
)
|
||||
|
||||
# define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
|
||||
BIGNUM *bn_expand2(BIGNUM *a, int words);
|
||||
# ifndef OPENSSL_NO_DEPRECATED
|
||||
|
@ -110,6 +110,7 @@
|
||||
*/
|
||||
|
||||
#include "cryptlib.h"
|
||||
#include "constant_time_locl.h"
|
||||
#include "bn_lcl.h"
|
||||
|
||||
#include <stdlib.h>
|
||||
@ -282,9 +283,14 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
||||
}
|
||||
|
||||
bits = BN_num_bits(p);
|
||||
|
||||
if (bits == 0) {
|
||||
ret = BN_one(r);
|
||||
/* x**0 mod 1 is still zero. */
|
||||
if (BN_is_one(m)) {
|
||||
ret = 1;
|
||||
BN_zero(r);
|
||||
} else {
|
||||
ret = BN_one(r);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
@ -418,7 +424,13 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
||||
}
|
||||
bits = BN_num_bits(p);
|
||||
if (bits == 0) {
|
||||
ret = BN_one(rr);
|
||||
/* x**0 mod 1 is still zero. */
|
||||
if (BN_is_one(m)) {
|
||||
ret = 1;
|
||||
BN_zero(rr);
|
||||
} else {
|
||||
ret = BN_one(rr);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
@ -595,15 +607,17 @@ static BN_ULONG bn_get_bits(const BIGNUM *a, int bitpos)
|
||||
|
||||
static int MOD_EXP_CTIME_COPY_TO_PREBUF(const BIGNUM *b, int top,
|
||||
unsigned char *buf, int idx,
|
||||
int width)
|
||||
int window)
|
||||
{
|
||||
size_t i, j;
|
||||
int i, j;
|
||||
int width = 1 << window;
|
||||
BN_ULONG *table = (BN_ULONG *)buf;
|
||||
|
||||
if (top > b->top)
|
||||
top = b->top; /* this works because 'buf' is explicitly
|
||||
* zeroed */
|
||||
for (i = 0, j = idx; i < top * sizeof b->d[0]; i++, j += width) {
|
||||
buf[j] = ((unsigned char *)b->d)[i];
|
||||
for (i = 0, j = idx; i < top; i++, j += width) {
|
||||
table[j] = b->d[i];
|
||||
}
|
||||
|
||||
return 1;
|
||||
@ -611,15 +625,51 @@ static int MOD_EXP_CTIME_COPY_TO_PREBUF(const BIGNUM *b, int top,
|
||||
|
||||
static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top,
|
||||
unsigned char *buf, int idx,
|
||||
int width)
|
||||
int window)
|
||||
{
|
||||
size_t i, j;
|
||||
int i, j;
|
||||
int width = 1 << window;
|
||||
volatile BN_ULONG *table = (volatile BN_ULONG *)buf;
|
||||
|
||||
if (bn_wexpand(b, top) == NULL)
|
||||
return 0;
|
||||
|
||||
for (i = 0, j = idx; i < top * sizeof b->d[0]; i++, j += width) {
|
||||
((unsigned char *)b->d)[i] = buf[j];
|
||||
if (window <= 3) {
|
||||
for (i = 0; i < top; i++, table += width) {
|
||||
BN_ULONG acc = 0;
|
||||
|
||||
for (j = 0; j < width; j++) {
|
||||
acc |= table[j] &
|
||||
((BN_ULONG)0 - (constant_time_eq_int(j,idx)&1));
|
||||
}
|
||||
|
||||
b->d[i] = acc;
|
||||
}
|
||||
} else {
|
||||
int xstride = 1 << (window - 2);
|
||||
BN_ULONG y0, y1, y2, y3;
|
||||
|
||||
i = idx >> (window - 2); /* equivalent of idx / xstride */
|
||||
idx &= xstride - 1; /* equivalent of idx % xstride */
|
||||
|
||||
y0 = (BN_ULONG)0 - (constant_time_eq_int(i,0)&1);
|
||||
y1 = (BN_ULONG)0 - (constant_time_eq_int(i,1)&1);
|
||||
y2 = (BN_ULONG)0 - (constant_time_eq_int(i,2)&1);
|
||||
y3 = (BN_ULONG)0 - (constant_time_eq_int(i,3)&1);
|
||||
|
||||
for (i = 0; i < top; i++, table += width) {
|
||||
BN_ULONG acc = 0;
|
||||
|
||||
for (j = 0; j < xstride; j++) {
|
||||
acc |= ( (table[j + 0 * xstride] & y0) |
|
||||
(table[j + 1 * xstride] & y1) |
|
||||
(table[j + 2 * xstride] & y2) |
|
||||
(table[j + 3 * xstride] & y3) )
|
||||
& ((BN_ULONG)0 - (constant_time_eq_int(j,idx)&1));
|
||||
}
|
||||
|
||||
b->d[i] = acc;
|
||||
}
|
||||
}
|
||||
|
||||
b->top = top;
|
||||
@ -639,7 +689,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top,
|
||||
* precomputation memory layout to limit data-dependency to a minimum to
|
||||
* protect secret exponents (cf. the hyper-threading timing attacks pointed
|
||||
* out by Colin Percival,
|
||||
* http://www.daemong-consideredperthreading-considered-harmful/)
|
||||
* http://www.daemonology.net/hyperthreading-considered-harmful/)
|
||||
*/
|
||||
int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
||||
const BIGNUM *m, BN_CTX *ctx,
|
||||
@ -671,7 +721,13 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
||||
|
||||
bits = BN_num_bits(p);
|
||||
if (bits == 0) {
|
||||
ret = BN_one(rr);
|
||||
/* x**0 mod 1 is still zero. */
|
||||
if (BN_is_one(m)) {
|
||||
ret = 1;
|
||||
BN_zero(rr);
|
||||
} else {
|
||||
ret = BN_one(rr);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
@ -732,8 +788,8 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
||||
if (window >= 5) {
|
||||
window = 5; /* ~5% improvement for RSA2048 sign, and even
|
||||
* for RSA4096 */
|
||||
if ((top & 7) == 0)
|
||||
powerbufLen += 2 * top * sizeof(m->d[0]);
|
||||
/* reserve space for mont->N.d[] copy */
|
||||
powerbufLen += top * sizeof(mont->N.d[0]);
|
||||
}
|
||||
#endif
|
||||
(void)0;
|
||||
@ -954,7 +1010,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
||||
const BN_ULONG *not_used, const BN_ULONG *np,
|
||||
const BN_ULONG *n0, int num);
|
||||
|
||||
BN_ULONG *np = mont->N.d, *n0 = mont->n0, *np2;
|
||||
BN_ULONG *n0 = mont->n0, *np;
|
||||
|
||||
/*
|
||||
* BN_to_montgomery can contaminate words above .top [in
|
||||
@ -965,11 +1021,11 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
||||
for (i = tmp.top; i < top; i++)
|
||||
tmp.d[i] = 0;
|
||||
|
||||
if (top & 7)
|
||||
np2 = np;
|
||||
else
|
||||
for (np2 = am.d + top, i = 0; i < top; i++)
|
||||
np2[2 * i] = np[i];
|
||||
/*
|
||||
* copy mont->N.d[] to improve cache locality
|
||||
*/
|
||||
for (np = am.d + top, i = 0; i < top; i++)
|
||||
np[i] = mont->N.d[i];
|
||||
|
||||
bn_scatter5(tmp.d, top, powerbuf, 0);
|
||||
bn_scatter5(am.d, am.top, powerbuf, 1);
|
||||
@ -979,7 +1035,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
||||
# if 0
|
||||
for (i = 3; i < 32; i++) {
|
||||
/* Calculate a^i = a^(i-1) * a */
|
||||
bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np2, n0, top, i - 1);
|
||||
bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np, n0, top, i - 1);
|
||||
bn_scatter5(tmp.d, top, powerbuf, i);
|
||||
}
|
||||
# else
|
||||
@ -990,7 +1046,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
||||
}
|
||||
for (i = 3; i < 8; i += 2) {
|
||||
int j;
|
||||
bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np2, n0, top, i - 1);
|
||||
bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np, n0, top, i - 1);
|
||||
bn_scatter5(tmp.d, top, powerbuf, i);
|
||||
for (j = 2 * i; j < 32; j *= 2) {
|
||||
bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
|
||||
@ -998,13 +1054,13 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
||||
}
|
||||
}
|
||||
for (; i < 16; i += 2) {
|
||||
bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np2, n0, top, i - 1);
|
||||
bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np, n0, top, i - 1);
|
||||
bn_scatter5(tmp.d, top, powerbuf, i);
|
||||
bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
|
||||
bn_scatter5(tmp.d, top, powerbuf, 2 * i);
|
||||
}
|
||||
for (; i < 32; i += 2) {
|
||||
bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np2, n0, top, i - 1);
|
||||
bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np, n0, top, i - 1);
|
||||
bn_scatter5(tmp.d, top, powerbuf, i);
|
||||
}
|
||||
# endif
|
||||
@ -1033,11 +1089,11 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
||||
while (bits >= 0) {
|
||||
wvalue = bn_get_bits5(p->d, bits - 4);
|
||||
bits -= 5;
|
||||
bn_power5(tmp.d, tmp.d, powerbuf, np2, n0, top, wvalue);
|
||||
bn_power5(tmp.d, tmp.d, powerbuf, np, n0, top, wvalue);
|
||||
}
|
||||
}
|
||||
|
||||
ret = bn_from_montgomery(tmp.d, tmp.d, NULL, np2, n0, top);
|
||||
ret = bn_from_montgomery(tmp.d, tmp.d, NULL, np, n0, top);
|
||||
tmp.top = top;
|
||||
bn_correct_top(&tmp);
|
||||
if (ret) {
|
||||
@ -1048,9 +1104,9 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
||||
} else
|
||||
#endif
|
||||
{
|
||||
if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, powerbuf, 0, numPowers))
|
||||
if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, powerbuf, 0, window))
|
||||
goto err;
|
||||
if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&am, top, powerbuf, 1, numPowers))
|
||||
if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&am, top, powerbuf, 1, window))
|
||||
goto err;
|
||||
|
||||
/*
|
||||
@ -1062,15 +1118,15 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
||||
if (window > 1) {
|
||||
if (!BN_mod_mul_montgomery(&tmp, &am, &am, mont, ctx))
|
||||
goto err;
|
||||
if (!MOD_EXP_CTIME_COPY_TO_PREBUF
|
||||
(&tmp, top, powerbuf, 2, numPowers))
|
||||
if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, powerbuf, 2,
|
||||
window))
|
||||
goto err;
|
||||
for (i = 3; i < numPowers; i++) {
|
||||
/* Calculate a^i = a^(i-1) * a */
|
||||
if (!BN_mod_mul_montgomery(&tmp, &am, &tmp, mont, ctx))
|
||||
goto err;
|
||||
if (!MOD_EXP_CTIME_COPY_TO_PREBUF
|
||||
(&tmp, top, powerbuf, i, numPowers))
|
||||
if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, powerbuf, i,
|
||||
window))
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
@ -1078,8 +1134,8 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
||||
bits--;
|
||||
for (wvalue = 0, i = bits % window; i >= 0; i--, bits--)
|
||||
wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
|
||||
if (!MOD_EXP_CTIME_COPY_FROM_PREBUF
|
||||
(&tmp, top, powerbuf, wvalue, numPowers))
|
||||
if (!MOD_EXP_CTIME_COPY_FROM_PREBUF(&tmp, top, powerbuf, wvalue,
|
||||
window))
|
||||
goto err;
|
||||
|
||||
/*
|
||||
@ -1099,8 +1155,8 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
||||
/*
|
||||
* Fetch the appropriate pre-computed value from the pre-buf
|
||||
*/
|
||||
if (!MOD_EXP_CTIME_COPY_FROM_PREBUF
|
||||
(&am, top, powerbuf, wvalue, numPowers))
|
||||
if (!MOD_EXP_CTIME_COPY_FROM_PREBUF(&am, top, powerbuf, wvalue,
|
||||
window))
|
||||
goto err;
|
||||
|
||||
/* Multiply the result into the intermediate result */
|
||||
@ -1182,8 +1238,9 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
|
||||
if (BN_is_one(m)) {
|
||||
ret = 1;
|
||||
BN_zero(rr);
|
||||
} else
|
||||
} else {
|
||||
ret = BN_one(rr);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
if (a == 0) {
|
||||
@ -1297,9 +1354,14 @@ int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
||||
}
|
||||
|
||||
bits = BN_num_bits(p);
|
||||
|
||||
if (bits == 0) {
|
||||
ret = BN_one(r);
|
||||
if (bits == 0) {
|
||||
/* x**0 mod 1 is still zero. */
|
||||
if (BN_is_one(m)) {
|
||||
ret = 1;
|
||||
BN_zero(r);
|
||||
} else {
|
||||
ret = BN_one(r);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
@ -131,7 +131,7 @@
|
||||
static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1,
|
||||
const BIGNUM *a1_odd, int k, BN_CTX *ctx,
|
||||
BN_MONT_CTX *mont);
|
||||
static int probable_prime(BIGNUM *rnd, int bits);
|
||||
static int probable_prime(BIGNUM *rnd, int bits, prime_t *mods);
|
||||
static int probable_prime_dh(BIGNUM *rnd, int bits,
|
||||
const BIGNUM *add, const BIGNUM *rem,
|
||||
BN_CTX *ctx);
|
||||
@ -166,9 +166,13 @@ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe,
|
||||
BIGNUM *t;
|
||||
int found = 0;
|
||||
int i, j, c1 = 0;
|
||||
BN_CTX *ctx;
|
||||
BN_CTX *ctx = NULL;
|
||||
prime_t *mods = NULL;
|
||||
int checks = BN_prime_checks_for_size(bits);
|
||||
|
||||
mods = OPENSSL_malloc(sizeof(*mods) * NUMPRIMES);
|
||||
if (mods == NULL)
|
||||
goto err;
|
||||
ctx = BN_CTX_new();
|
||||
if (ctx == NULL)
|
||||
goto err;
|
||||
@ -179,7 +183,7 @@ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe,
|
||||
loop:
|
||||
/* make a random number and set the top and bottom bits */
|
||||
if (add == NULL) {
|
||||
if (!probable_prime(ret, bits))
|
||||
if (!probable_prime(ret, bits, mods))
|
||||
goto err;
|
||||
} else {
|
||||
if (safe) {
|
||||
@ -230,6 +234,7 @@ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe,
|
||||
/* we have a prime :-) */
|
||||
found = 1;
|
||||
err:
|
||||
OPENSSL_free(mods);
|
||||
if (ctx != NULL) {
|
||||
BN_CTX_end(ctx);
|
||||
BN_CTX_free(ctx);
|
||||
@ -375,10 +380,9 @@ static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1,
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int probable_prime(BIGNUM *rnd, int bits)
|
||||
static int probable_prime(BIGNUM *rnd, int bits, prime_t *mods)
|
||||
{
|
||||
int i;
|
||||
prime_t mods[NUMPRIMES];
|
||||
BN_ULONG delta, maxdelta;
|
||||
|
||||
again:
|
||||
|
@ -58,6 +58,7 @@
|
||||
|
||||
#include <stdio.h>
|
||||
#include <ctype.h>
|
||||
#include <limits.h>
|
||||
#include "cryptlib.h"
|
||||
#include <openssl/buffer.h>
|
||||
#include "bn_lcl.h"
|
||||
@ -189,7 +190,11 @@ int BN_hex2bn(BIGNUM **bn, const char *a)
|
||||
a++;
|
||||
}
|
||||
|
||||
for (i = 0; isxdigit((unsigned char)a[i]); i++) ;
|
||||
for (i = 0; i <= (INT_MAX/4) && isxdigit((unsigned char)a[i]); i++)
|
||||
continue;
|
||||
|
||||
if (i > INT_MAX/4)
|
||||
goto err;
|
||||
|
||||
num = i + neg;
|
||||
if (bn == NULL)
|
||||
@ -204,7 +209,7 @@ int BN_hex2bn(BIGNUM **bn, const char *a)
|
||||
BN_zero(ret);
|
||||
}
|
||||
|
||||
/* i is the number of hex digests; */
|
||||
/* i is the number of hex digits */
|
||||
if (bn_expand(ret, i * 4) == NULL)
|
||||
goto err;
|
||||
|
||||
@ -260,7 +265,11 @@ int BN_dec2bn(BIGNUM **bn, const char *a)
|
||||
a++;
|
||||
}
|
||||
|
||||
for (i = 0; isdigit((unsigned char)a[i]); i++) ;
|
||||
for (i = 0; i <= (INT_MAX/4) && isdigit((unsigned char)a[i]); i++)
|
||||
continue;
|
||||
|
||||
if (i > INT_MAX/4)
|
||||
goto err;
|
||||
|
||||
num = i + neg;
|
||||
if (bn == NULL)
|
||||
@ -278,7 +287,7 @@ int BN_dec2bn(BIGNUM **bn, const char *a)
|
||||
BN_zero(ret);
|
||||
}
|
||||
|
||||
/* i is the number of digests, a bit of an over expand; */
|
||||
/* i is the number of digits, a bit of an over expand */
|
||||
if (bn_expand(ret, i * 4) == NULL)
|
||||
goto err;
|
||||
|
||||
|
@ -65,6 +65,7 @@ void BN_RECP_CTX_init(BN_RECP_CTX *recp)
|
||||
BN_init(&(recp->N));
|
||||
BN_init(&(recp->Nr));
|
||||
recp->num_bits = 0;
|
||||
recp->shift = 0;
|
||||
recp->flags = 0;
|
||||
}
|
||||
|
||||
|
@ -160,6 +160,14 @@ int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
|
||||
EVPerr(EVP_F_CMAC_INIT, EVP_R_DISABLED_FOR_FIPS);
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* Switch to FIPS cipher implementation if possible */
|
||||
if (cipher != NULL) {
|
||||
const EVP_CIPHER *fcipher;
|
||||
fcipher = FIPS_get_cipherbynid(EVP_CIPHER_nid(cipher));
|
||||
if (fcipher != NULL)
|
||||
cipher = fcipher;
|
||||
}
|
||||
/*
|
||||
* Other algorithm blocking will be done in FIPS_cmac_init, via
|
||||
* FIPS_cipherinit().
|
||||
|
@ -182,6 +182,10 @@ static int def_destroy_data(CONF *conf)
|
||||
|
||||
static int def_load(CONF *conf, const char *name, long *line)
|
||||
{
|
||||
#ifdef OPENSSL_NO_STDIO
|
||||
CONFerr(CONF_F_DEF_LOAD, ERR_R_SYS_LIB);
|
||||
return 0;
|
||||
#else
|
||||
int ret;
|
||||
BIO *in = NULL;
|
||||
|
||||
@ -202,6 +206,7 @@ static int def_load(CONF *conf, const char *name, long *line)
|
||||
BIO_free(in);
|
||||
|
||||
return ret;
|
||||
#endif
|
||||
}
|
||||
|
||||
static int def_load_bio(CONF *conf, BIO *in, long *line)
|
||||
|
@ -90,6 +90,7 @@ int CONF_set_default_method(CONF_METHOD *meth)
|
||||
return 1;
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_NO_STDIO
|
||||
LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file,
|
||||
long *eline)
|
||||
{
|
||||
@ -111,6 +112,7 @@ LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file,
|
||||
|
||||
return ltmp;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp,
|
||||
@ -255,6 +257,7 @@ void NCONF_free_data(CONF *conf)
|
||||
conf->meth->destroy_data(conf);
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_NO_STDIO
|
||||
int NCONF_load(CONF *conf, const char *file, long *eline)
|
||||
{
|
||||
if (conf == NULL) {
|
||||
@ -264,6 +267,7 @@ int NCONF_load(CONF *conf, const char *file, long *eline)
|
||||
|
||||
return conf->meth->load(conf, file, eline);
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
int NCONF_load_fp(CONF *conf, FILE *fp, long *eline)
|
||||
|
@ -159,6 +159,7 @@ int CONF_modules_load(const CONF *cnf, const char *appname,
|
||||
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_NO_STDIO
|
||||
int CONF_modules_load_file(const char *filename, const char *appname,
|
||||
unsigned long flags)
|
||||
{
|
||||
@ -194,6 +195,7 @@ int CONF_modules_load_file(const char *filename, const char *appname,
|
||||
|
||||
return ret;
|
||||
}
|
||||
#endif
|
||||
|
||||
static int module_run(const CONF *cnf, char *name, char *value,
|
||||
unsigned long flags)
|
||||
|
@ -87,9 +87,11 @@ void OPENSSL_config(const char *config_name)
|
||||
ENGINE_load_builtin_engines();
|
||||
#endif
|
||||
ERR_clear_error();
|
||||
#ifndef OPENSSL_NO_STDIO
|
||||
CONF_modules_load_file(NULL, config_name,
|
||||
CONF_MFLAGS_DEFAULT_SECTION |
|
||||
CONF_MFLAGS_IGNORE_MISSING_FILE);
|
||||
#endif
|
||||
openssl_configured = 1;
|
||||
}
|
||||
|
||||
|
@ -263,7 +263,7 @@ int CRYPTO_get_new_dynlockid(void)
|
||||
return (0);
|
||||
}
|
||||
pointer->references = 1;
|
||||
pointer->data = dynlock_create_callback(__FILE__, __LINE__);
|
||||
pointer->data = dynlock_create_callback(OPENSSL_FILE, OPENSSL_LINE);
|
||||
if (pointer->data == NULL) {
|
||||
OPENSSL_free(pointer);
|
||||
CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID, ERR_R_MALLOC_FAILURE);
|
||||
@ -289,7 +289,7 @@ int CRYPTO_get_new_dynlockid(void)
|
||||
CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
|
||||
|
||||
if (i == -1) {
|
||||
dynlock_destroy_callback(pointer->data, __FILE__, __LINE__);
|
||||
dynlock_destroy_callback(pointer->data, OPENSSL_FILE, OPENSSL_LINE);
|
||||
OPENSSL_free(pointer);
|
||||
} else
|
||||
i += 1; /* to avoid 0 */
|
||||
@ -328,7 +328,7 @@ void CRYPTO_destroy_dynlockid(int i)
|
||||
CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
|
||||
|
||||
if (pointer) {
|
||||
dynlock_destroy_callback(pointer->data, __FILE__, __LINE__);
|
||||
dynlock_destroy_callback(pointer->data, OPENSSL_FILE, OPENSSL_LINE);
|
||||
OPENSSL_free(pointer);
|
||||
}
|
||||
}
|
||||
@ -670,6 +670,7 @@ unsigned long *OPENSSL_ia32cap_loc(void)
|
||||
}
|
||||
|
||||
# if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM) && !defined(I386_ONLY)
|
||||
#include <stdio.h>
|
||||
# define OPENSSL_CPUID_SETUP
|
||||
# if defined(_WIN32)
|
||||
typedef unsigned __int64 IA32CAP;
|
||||
@ -980,11 +981,13 @@ void OPENSSL_showfatal(const char *fmta, ...)
|
||||
#else
|
||||
void OPENSSL_showfatal(const char *fmta, ...)
|
||||
{
|
||||
#ifndef OPENSSL_NO_STDIO
|
||||
va_list ap;
|
||||
|
||||
va_start(ap, fmta);
|
||||
vfprintf(stderr, fmta, ap);
|
||||
va_end(ap);
|
||||
#endif
|
||||
}
|
||||
|
||||
int OPENSSL_isservice(void)
|
||||
@ -1011,16 +1014,18 @@ void OpenSSLDie(const char *file, int line, const char *assertion)
|
||||
#endif
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_NO_STDIO
|
||||
void *OPENSSL_stderr(void)
|
||||
{
|
||||
return stderr;
|
||||
}
|
||||
#endif
|
||||
|
||||
int CRYPTO_memcmp(const void *in_a, const void *in_b, size_t len)
|
||||
int CRYPTO_memcmp(const volatile void *in_a, const volatile void *in_b, size_t len)
|
||||
{
|
||||
size_t i;
|
||||
const unsigned char *a = in_a;
|
||||
const unsigned char *b = in_b;
|
||||
const volatile unsigned char *a = in_a;
|
||||
const volatile unsigned char *b = in_b;
|
||||
unsigned char x = 0;
|
||||
|
||||
for (i = 0; i < len; i++)
|
||||
|
@ -101,7 +101,9 @@ extern "C" {
|
||||
void OPENSSL_cpuid_setup(void);
|
||||
extern unsigned int OPENSSL_ia32cap_P[];
|
||||
void OPENSSL_showfatal(const char *fmta, ...);
|
||||
#ifndef OPENSSL_NO_STDIO
|
||||
void *OPENSSL_stderr(void);
|
||||
#endif
|
||||
extern int OPENSSL_NONPIC_relocated;
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/des/des_old.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/des/des_old.c */
|
||||
|
||||
/*-
|
||||
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/des/des_old.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/des/des_old.c */
|
||||
|
||||
/*
|
||||
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING The
|
||||
|
@ -114,6 +114,10 @@
|
||||
#include <openssl/ui.h>
|
||||
#include <openssl/crypto.h>
|
||||
|
||||
#ifndef BUFSIZ
|
||||
#define BUFSIZ 256
|
||||
#endif
|
||||
|
||||
int DES_read_password(DES_cblock *key, const char *prompt, int verify)
|
||||
{
|
||||
int ok;
|
||||
|
@ -151,23 +151,37 @@ int DH_check(const DH *dh, int *ret)
|
||||
int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret)
|
||||
{
|
||||
int ok = 0;
|
||||
BIGNUM *q = NULL;
|
||||
BIGNUM *tmp = NULL;
|
||||
BN_CTX *ctx = NULL;
|
||||
|
||||
*ret = 0;
|
||||
q = BN_new();
|
||||
if (q == NULL)
|
||||
ctx = BN_CTX_new();
|
||||
if (ctx == NULL)
|
||||
goto err;
|
||||
BN_set_word(q, 1);
|
||||
if (BN_cmp(pub_key, q) <= 0)
|
||||
BN_CTX_start(ctx);
|
||||
tmp = BN_CTX_get(ctx);
|
||||
if (tmp == NULL || !BN_set_word(tmp, 1))
|
||||
goto err;
|
||||
if (BN_cmp(pub_key, tmp) <= 0)
|
||||
*ret |= DH_CHECK_PUBKEY_TOO_SMALL;
|
||||
BN_copy(q, dh->p);
|
||||
BN_sub_word(q, 1);
|
||||
if (BN_cmp(pub_key, q) >= 0)
|
||||
if (BN_copy(tmp, dh->p) == NULL || !BN_sub_word(tmp, 1))
|
||||
goto err;
|
||||
if (BN_cmp(pub_key, tmp) >= 0)
|
||||
*ret |= DH_CHECK_PUBKEY_TOO_LARGE;
|
||||
|
||||
if (dh->q != NULL) {
|
||||
/* Check pub_key^q == 1 mod p */
|
||||
if (!BN_mod_exp(tmp, pub_key, dh->q, dh->p, ctx))
|
||||
goto err;
|
||||
if (!BN_is_one(tmp))
|
||||
*ret |= DH_CHECK_PUBKEY_INVALID;
|
||||
}
|
||||
|
||||
ok = 1;
|
||||
err:
|
||||
if (q != NULL)
|
||||
BN_free(q);
|
||||
if (ctx != NULL) {
|
||||
BN_CTX_end(ctx);
|
||||
BN_CTX_free(ctx);
|
||||
}
|
||||
return (ok);
|
||||
}
|
||||
|
@ -207,7 +207,11 @@ static int pkey_dh_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
|
||||
case EVP_PKEY_CTRL_DH_KDF_TYPE:
|
||||
if (p1 == -2)
|
||||
return dctx->kdf_type;
|
||||
#ifdef OPENSSL_NO_CMS
|
||||
if (p1 != EVP_PKEY_DH_KDF_NONE)
|
||||
#else
|
||||
if (p1 != EVP_PKEY_DH_KDF_NONE && p1 != EVP_PKEY_DH_KDF_X9_42)
|
||||
#endif
|
||||
return -2;
|
||||
dctx->kdf_type = p1;
|
||||
return 1;
|
||||
@ -448,10 +452,10 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
|
||||
return ret;
|
||||
*keylen = ret;
|
||||
return 1;
|
||||
} else if (dctx->kdf_type == EVP_PKEY_DH_KDF_X9_42) {
|
||||
#ifdef OPENSSL_NO_CMS
|
||||
return 0;
|
||||
#else
|
||||
}
|
||||
#ifndef OPENSSL_NO_CMS
|
||||
else if (dctx->kdf_type == EVP_PKEY_DH_KDF_X9_42) {
|
||||
|
||||
unsigned char *Z = NULL;
|
||||
size_t Zlen = 0;
|
||||
if (!dctx->kdf_outlen || !dctx->kdf_oid)
|
||||
@ -481,9 +485,9 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
|
||||
OPENSSL_free(Z);
|
||||
}
|
||||
return ret;
|
||||
#endif
|
||||
}
|
||||
return 1;
|
||||
#endif
|
||||
return 0;
|
||||
}
|
||||
|
||||
const EVP_PKEY_METHOD dh_pkey_meth = {
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* dso_dl.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* dso_dl.c */
|
||||
/*
|
||||
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
|
||||
* 2000.
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* dso_dlfcn.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* dso_dlfcn.c */
|
||||
/*
|
||||
* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
|
||||
* 2000.
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* dso_lib.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* dso_lib.c */
|
||||
/*
|
||||
* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
|
||||
* 2000.
|
||||
@ -122,6 +122,7 @@ DSO *DSO_new_method(DSO_METHOD *meth)
|
||||
ret->meth = meth;
|
||||
ret->references = 1;
|
||||
if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
|
||||
sk_void_free(ret->meth_data);
|
||||
OPENSSL_free(ret);
|
||||
ret = NULL;
|
||||
}
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* dso_vms.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* dso_vms.c */
|
||||
/*
|
||||
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
|
||||
* 2000.
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* dso_win32.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* dso_win32.c */
|
||||
/*
|
||||
* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
|
||||
* 2000.
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/evp/e_camellia.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/evp/e_camellia.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -71,12 +71,13 @@ typedef struct {
|
||||
DES_key_schedule ks;
|
||||
} ks;
|
||||
union {
|
||||
void (*cbc) (const void *, void *, size_t, const void *, void *);
|
||||
void (*cbc) (const void *, void *, size_t,
|
||||
const DES_key_schedule *, unsigned char *);
|
||||
} stream;
|
||||
} EVP_DES_KEY;
|
||||
|
||||
# if defined(AES_ASM) && (defined(__sparc) || defined(__sparc__))
|
||||
/* ---------^^^ this is not a typo, just a way to detect that
|
||||
/* ----------^^^ this is not a typo, just a way to detect that
|
||||
* assembler support was in general requested... */
|
||||
# include "sparc_arch.h"
|
||||
|
||||
@ -86,9 +87,9 @@ extern unsigned int OPENSSL_sparcv9cap_P[];
|
||||
|
||||
void des_t4_key_expand(const void *key, DES_key_schedule *ks);
|
||||
void des_t4_cbc_encrypt(const void *inp, void *out, size_t len,
|
||||
DES_key_schedule *ks, unsigned char iv[8]);
|
||||
const DES_key_schedule *ks, unsigned char iv[8]);
|
||||
void des_t4_cbc_decrypt(const void *inp, void *out, size_t len,
|
||||
DES_key_schedule *ks, unsigned char iv[8]);
|
||||
const DES_key_schedule *ks, unsigned char iv[8]);
|
||||
# endif
|
||||
|
||||
static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
||||
@ -130,7 +131,7 @@ static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
{
|
||||
EVP_DES_KEY *dat = (EVP_DES_KEY *) ctx->cipher_data;
|
||||
|
||||
if (dat->stream.cbc) {
|
||||
if (dat->stream.cbc != NULL) {
|
||||
(*dat->stream.cbc) (in, out, inl, &dat->ks.ks, ctx->iv);
|
||||
return 1;
|
||||
}
|
||||
|
@ -75,7 +75,8 @@ typedef struct {
|
||||
DES_key_schedule ks[3];
|
||||
} ks;
|
||||
union {
|
||||
void (*cbc) (const void *, void *, size_t, const void *, void *);
|
||||
void (*cbc) (const void *, void *, size_t,
|
||||
const DES_key_schedule *, unsigned char *);
|
||||
} stream;
|
||||
} DES_EDE_KEY;
|
||||
# define ks1 ks.ks[0]
|
||||
@ -93,9 +94,9 @@ extern unsigned int OPENSSL_sparcv9cap_P[];
|
||||
|
||||
void des_t4_key_expand(const void *key, DES_key_schedule *ks);
|
||||
void des_t4_ede3_cbc_encrypt(const void *inp, void *out, size_t len,
|
||||
DES_key_schedule *ks, unsigned char iv[8]);
|
||||
const DES_key_schedule ks[3], unsigned char iv[8]);
|
||||
void des_t4_ede3_cbc_decrypt(const void *inp, void *out, size_t len,
|
||||
DES_key_schedule *ks, unsigned char iv[8]);
|
||||
const DES_key_schedule ks[3], unsigned char iv[8]);
|
||||
# endif
|
||||
|
||||
static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
||||
@ -162,7 +163,7 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
}
|
||||
# endif /* KSSL_DEBUG */
|
||||
if (dat->stream.cbc) {
|
||||
(*dat->stream.cbc) (in, out, inl, &dat->ks, ctx->iv);
|
||||
(*dat->stream.cbc) (in, out, inl, dat->ks.ks, ctx->iv);
|
||||
return 1;
|
||||
}
|
||||
|
||||
@ -395,7 +396,7 @@ static int des_ede3_unwrap(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
int rv = -1;
|
||||
if (inl < 24)
|
||||
return -1;
|
||||
if (!out)
|
||||
if (out == NULL)
|
||||
return inl - 16;
|
||||
memcpy(ctx->iv, wrap_iv, 8);
|
||||
/* Decrypt first block which will end up as icv */
|
||||
@ -438,7 +439,7 @@ static int des_ede3_wrap(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, size_t inl)
|
||||
{
|
||||
unsigned char sha1tmp[SHA_DIGEST_LENGTH];
|
||||
if (!out)
|
||||
if (out == NULL)
|
||||
return inl + 16;
|
||||
/* Copy input to output buffer + 8 so we have space for IV */
|
||||
memmove(out + 8, in, inl);
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/evp/e_old.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/evp/e_old.c */
|
||||
/*
|
||||
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
|
||||
* 2004.
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/evp/e_seed.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/evp/e_seed.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2007 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -63,6 +63,7 @@
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/ui.h>
|
||||
|
||||
#ifndef OPENSSL_NO_UI
|
||||
/* should be init to zeros. */
|
||||
static char prompt_string[80];
|
||||
|
||||
@ -117,6 +118,7 @@ int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt,
|
||||
OPENSSL_cleanse(buff, BUFSIZ);
|
||||
return ret;
|
||||
}
|
||||
#endif /* OPENSSL_NO_UI */
|
||||
|
||||
int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
|
||||
const unsigned char *salt, const unsigned char *data,
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/mem_clr.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/mem_clr.c */
|
||||
/*
|
||||
* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
|
||||
* 2002.
|
||||
|
@ -67,23 +67,20 @@
|
||||
/* increment counter (128-bit int) by 1 */
|
||||
static void ctr128_inc(unsigned char *counter)
|
||||
{
|
||||
u32 n = 16;
|
||||
u8 c;
|
||||
u32 n = 16, c = 1;
|
||||
|
||||
do {
|
||||
--n;
|
||||
c = counter[n];
|
||||
++c;
|
||||
counter[n] = c;
|
||||
if (c)
|
||||
return;
|
||||
c += counter[n];
|
||||
counter[n] = (u8)c;
|
||||
c >>= 8;
|
||||
} while (n);
|
||||
}
|
||||
|
||||
#if !defined(OPENSSL_SMALL_FOOTPRINT)
|
||||
static void ctr128_inc_aligned(unsigned char *counter)
|
||||
{
|
||||
size_t *data, c, n;
|
||||
size_t *data, c, d, n;
|
||||
const union {
|
||||
long one;
|
||||
char little;
|
||||
@ -91,20 +88,19 @@ static void ctr128_inc_aligned(unsigned char *counter)
|
||||
1
|
||||
};
|
||||
|
||||
if (is_endian.little) {
|
||||
if (is_endian.little || ((size_t)counter % sizeof(size_t)) != 0) {
|
||||
ctr128_inc(counter);
|
||||
return;
|
||||
}
|
||||
|
||||
data = (size_t *)counter;
|
||||
c = 1;
|
||||
n = 16 / sizeof(size_t);
|
||||
do {
|
||||
--n;
|
||||
c = data[n];
|
||||
++c;
|
||||
data[n] = c;
|
||||
if (c)
|
||||
return;
|
||||
d = data[n] += c;
|
||||
/* did addition carry? */
|
||||
c = ((d - c) ^ d) >> (sizeof(size_t) * 8 - 1);
|
||||
} while (n);
|
||||
}
|
||||
#endif
|
||||
@ -144,14 +140,14 @@ void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
}
|
||||
|
||||
# if defined(STRICT_ALIGNMENT)
|
||||
if (((size_t)in | (size_t)out | (size_t)ivec) % sizeof(size_t) !=
|
||||
0)
|
||||
if (((size_t)in | (size_t)out | (size_t)ecount_buf)
|
||||
% sizeof(size_t) != 0)
|
||||
break;
|
||||
# endif
|
||||
while (len >= 16) {
|
||||
(*block) (ivec, ecount_buf, key);
|
||||
ctr128_inc_aligned(ivec);
|
||||
for (; n < 16; n += sizeof(size_t))
|
||||
for (n = 0; n < 16; n += sizeof(size_t))
|
||||
*(size_t *)(out + n) =
|
||||
*(size_t *)(in + n) ^ *(size_t *)(ecount_buf + n);
|
||||
len -= 16;
|
||||
@ -189,16 +185,13 @@ void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
/* increment upper 96 bits of 128-bit counter by 1 */
|
||||
static void ctr96_inc(unsigned char *counter)
|
||||
{
|
||||
u32 n = 12;
|
||||
u8 c;
|
||||
u32 n = 12, c = 1;
|
||||
|
||||
do {
|
||||
--n;
|
||||
c = counter[n];
|
||||
++c;
|
||||
counter[n] = c;
|
||||
if (c)
|
||||
return;
|
||||
c += counter[n];
|
||||
counter[n] = (u8)c;
|
||||
c >>= 8;
|
||||
} while (n);
|
||||
}
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/o_dir.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/o_dir.c */
|
||||
/*
|
||||
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
|
||||
* 2004.
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/o_dir.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/o_dir.h */
|
||||
/*
|
||||
* Copied from Richard Levitte's (richard@levitte.org) LP library. All
|
||||
* symbol names have been changed, with permission from the author.
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/o_str.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/o_str.c */
|
||||
/*
|
||||
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
|
||||
* 2003.
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/o_str.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/o_str.h */
|
||||
/*
|
||||
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
|
||||
* 2003.
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/o_time.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/o_time.c */
|
||||
/*
|
||||
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
|
||||
* 2001.
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/o_time.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/o_time.h */
|
||||
/*
|
||||
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
|
||||
* 2001.
|
||||
|
@ -84,7 +84,7 @@ int pem_check_suffix(const char *pem_str, const char *suffix);
|
||||
|
||||
int PEM_def_callback(char *buf, int num, int w, void *key)
|
||||
{
|
||||
#ifdef OPENSSL_NO_FP_API
|
||||
#if defined(OPENSSL_NO_FP_API) || defined(OPENSSL_NO_UI)
|
||||
/*
|
||||
* We should not ever call the default callback routine from windows.
|
||||
*/
|
||||
|
@ -69,10 +69,12 @@
|
||||
static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder,
|
||||
int nid, const EVP_CIPHER *enc,
|
||||
char *kstr, int klen, pem_password_cb *cb, void *u);
|
||||
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
static int do_pk8pkey_fp(FILE *bp, EVP_PKEY *x, int isder,
|
||||
int nid, const EVP_CIPHER *enc,
|
||||
char *kstr, int klen, pem_password_cb *cb, void *u);
|
||||
|
||||
#endif
|
||||
/*
|
||||
* These functions write a private key in PKCS#8 format: it is a "drop in"
|
||||
* replacement for PEM_write_bio_PrivateKey() and friends. As usual if 'enc'
|
||||
|
@ -64,6 +64,9 @@
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/x509v3.h>
|
||||
|
||||
|
||||
#define BUFFERSIZE 4096
|
||||
|
||||
static int pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
|
||||
|
||||
PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
|
||||
@ -255,7 +258,6 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
|
||||
PKCS7_SIGNER_INFO *si;
|
||||
X509_STORE_CTX cert_ctx;
|
||||
char *buf = NULL;
|
||||
int bufsiz;
|
||||
int i, j = 0, k, ret = 0;
|
||||
BIO *p7bio = NULL;
|
||||
BIO *tmpin = NULL, *tmpout = NULL;
|
||||
@ -275,6 +277,29 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
|
||||
PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_NO_CONTENT);
|
||||
return 0;
|
||||
}
|
||||
#if 0
|
||||
/*
|
||||
* NB: this test commented out because some versions of Netscape
|
||||
* illegally include zero length content when signing data. Also
|
||||
* Microsoft Authenticode includes a SpcIndirectDataContent data
|
||||
* structure which describes the content to be protected by the
|
||||
* signature, rather than directly embedding that content. So
|
||||
* Authenticode implementations are also expected to use
|
||||
* PKCS7_verify() with explicit external data, on non-detached
|
||||
* PKCS#7 signatures.
|
||||
*
|
||||
* In OpenSSL 1.1 a new flag PKCS7_NO_DUAL_CONTENT has been
|
||||
* introduced to disable this sanity check. For the 1.0.2 branch
|
||||
* this change is not acceptable, so the check remains completely
|
||||
* commented out (as it has been for a long time).
|
||||
*/
|
||||
|
||||
/* Check for data and content: two sets of data */
|
||||
if (!PKCS7_get_detached(p7) && indata) {
|
||||
PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_CONTENT_AND_DATA_PRESENT);
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
sinfos = PKCS7_get_signer_info(p7);
|
||||
|
||||
@ -350,14 +375,13 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
|
||||
} else
|
||||
tmpout = out;
|
||||
|
||||
bufsiz = 4096;
|
||||
buf = OPENSSL_malloc(bufsiz);
|
||||
if (buf == NULL) {
|
||||
/* We now have to 'read' from p7bio to calculate digests etc. */
|
||||
if ((buf = OPENSSL_malloc(BUFFERSIZE)) == NULL) {
|
||||
PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_MALLOC_FAILURE);
|
||||
goto err;
|
||||
}
|
||||
/* We now have to 'read' from p7bio to calculate digests etc. */
|
||||
for (;;) {
|
||||
i = BIO_read(p7bio, buf, bufsiz);
|
||||
i = BIO_read(p7bio, buf, BUFFERSIZE);
|
||||
if (i <= 0)
|
||||
break;
|
||||
if (tmpout)
|
||||
@ -388,16 +412,13 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
|
||||
ret = 1;
|
||||
|
||||
err:
|
||||
OPENSSL_free(buf);
|
||||
if (tmpin == indata) {
|
||||
if (indata)
|
||||
BIO_pop(p7bio);
|
||||
}
|
||||
BIO_free_all(p7bio);
|
||||
sk_X509_free(signers);
|
||||
|
||||
if (buf != NULL) {
|
||||
OPENSSL_free(buf);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
@ -510,7 +531,7 @@ int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags)
|
||||
{
|
||||
BIO *tmpmem;
|
||||
int ret, i;
|
||||
char buf[4096];
|
||||
char *buf = NULL;
|
||||
|
||||
if (!p7) {
|
||||
PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_INVALID_NULL_POINTER);
|
||||
@ -554,24 +575,29 @@ int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags)
|
||||
}
|
||||
BIO_free_all(bread);
|
||||
return ret;
|
||||
} else {
|
||||
for (;;) {
|
||||
i = BIO_read(tmpmem, buf, sizeof(buf));
|
||||
if (i <= 0) {
|
||||
ret = 1;
|
||||
if (BIO_method_type(tmpmem) == BIO_TYPE_CIPHER) {
|
||||
if (!BIO_get_cipher_status(tmpmem))
|
||||
ret = 0;
|
||||
}
|
||||
|
||||
break;
|
||||
}
|
||||
if (BIO_write(data, buf, i) != i) {
|
||||
ret = 0;
|
||||
break;
|
||||
}
|
||||
}
|
||||
BIO_free_all(tmpmem);
|
||||
return ret;
|
||||
}
|
||||
if ((buf = OPENSSL_malloc(BUFFERSIZE)) == NULL) {
|
||||
PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE);
|
||||
goto err;
|
||||
}
|
||||
for (;;) {
|
||||
i = BIO_read(tmpmem, buf, BUFFERSIZE);
|
||||
if (i <= 0) {
|
||||
ret = 1;
|
||||
if (BIO_method_type(tmpmem) == BIO_TYPE_CIPHER) {
|
||||
if (!BIO_get_cipher_status(tmpmem))
|
||||
ret = 0;
|
||||
}
|
||||
|
||||
break;
|
||||
}
|
||||
if (BIO_write(data, buf, i) != i) {
|
||||
ret = 0;
|
||||
break;
|
||||
}
|
||||
}
|
||||
err:
|
||||
OPENSSL_free(buf);
|
||||
BIO_free_all(tmpmem);
|
||||
return ret;
|
||||
}
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/rc4/rc4_utl.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/rc4/rc4_utl.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2011 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -768,6 +768,7 @@ static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
|
||||
return 2;
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_NO_CMS
|
||||
static RSA_OAEP_PARAMS *rsa_oaep_decode(const X509_ALGOR *alg,
|
||||
X509_ALGOR **pmaskHash)
|
||||
{
|
||||
@ -791,7 +792,6 @@ static RSA_OAEP_PARAMS *rsa_oaep_decode(const X509_ALGOR *alg,
|
||||
return pss;
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_NO_CMS
|
||||
static int rsa_cms_decrypt(CMS_RecipientInfo *ri)
|
||||
{
|
||||
EVP_PKEY_CTX *pkctx;
|
||||
@ -864,9 +864,7 @@ static int rsa_cms_decrypt(CMS_RecipientInfo *ri)
|
||||
X509_ALGOR_free(maskHash);
|
||||
return rv;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_CMS
|
||||
static int rsa_cms_encrypt(CMS_RecipientInfo *ri)
|
||||
{
|
||||
const EVP_MD *md, *mgf1md;
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/rsa/rsa_chk.c -*- Mode: C; c-file-style: "eay" -*- */
|
||||
/* crypto/rsa/rsa_chk.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -360,7 +360,7 @@ void *sk_set(_STACK *st, int i, void *value)
|
||||
|
||||
void sk_sort(_STACK *st)
|
||||
{
|
||||
if (st && !st->sorted) {
|
||||
if (st && !st->sorted && st->comp != NULL) {
|
||||
int (*comp_func) (const void *, const void *);
|
||||
|
||||
/*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/ui/ui_compat.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/ui/ui_compat.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2001-2002 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/ui/ui_lib.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/ui/ui_lib.c */
|
||||
/*
|
||||
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
|
||||
* 2001.
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/ui/ui.h */
|
||||
/*
|
||||
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
|
||||
* 2001.
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* crypto/ui/ui_util.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* crypto/ui/ui_util.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2001-2002 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
@ -56,6 +56,10 @@
|
||||
#include <string.h>
|
||||
#include "ui_locl.h"
|
||||
|
||||
#ifndef BUFSIZ
|
||||
#define BUFSIZ 256
|
||||
#endif
|
||||
|
||||
int UI_UTIL_read_pw_string(char *buf, int length, const char *prompt,
|
||||
int verify)
|
||||
{
|
||||
|
@ -194,6 +194,9 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
|
||||
int num, j, retry;
|
||||
int (*cb) (int xok, X509_STORE_CTX *xctx);
|
||||
STACK_OF(X509) *sktmp = NULL;
|
||||
int trust = X509_TRUST_UNTRUSTED;
|
||||
int err;
|
||||
|
||||
if (ctx->cert == NULL) {
|
||||
X509err(X509_F_X509_VERIFY_CERT, X509_R_NO_CERT_SET_FOR_US_TO_VERIFY);
|
||||
return -1;
|
||||
@ -216,7 +219,8 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
|
||||
if (((ctx->chain = sk_X509_new_null()) == NULL) ||
|
||||
(!sk_X509_push(ctx->chain, ctx->cert))) {
|
||||
X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
|
||||
goto end;
|
||||
ok = -1;
|
||||
goto err;
|
||||
}
|
||||
CRYPTO_add(&ctx->cert->references, 1, CRYPTO_LOCK_X509);
|
||||
ctx->last_untrusted = 1;
|
||||
@ -225,7 +229,8 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
|
||||
if (ctx->untrusted != NULL
|
||||
&& (sktmp = sk_X509_dup(ctx->untrusted)) == NULL) {
|
||||
X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
|
||||
goto end;
|
||||
ok = -1;
|
||||
goto err;
|
||||
}
|
||||
|
||||
num = sk_X509_num(ctx->chain);
|
||||
@ -249,7 +254,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
|
||||
if (ctx->param->flags & X509_V_FLAG_TRUSTED_FIRST) {
|
||||
ok = ctx->get_issuer(&xtmp, ctx, x);
|
||||
if (ok < 0)
|
||||
goto end;
|
||||
goto err;
|
||||
/*
|
||||
* If successful for now free up cert so it will be picked up
|
||||
* again later.
|
||||
@ -266,7 +271,8 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
|
||||
if (xtmp != NULL) {
|
||||
if (!sk_X509_push(ctx->chain, xtmp)) {
|
||||
X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
|
||||
goto end;
|
||||
ok = -1;
|
||||
goto err;
|
||||
}
|
||||
CRYPTO_add(&xtmp->references, 1, CRYPTO_LOCK_X509);
|
||||
(void)sk_X509_delete_ptr(sktmp, xtmp);
|
||||
@ -314,7 +320,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
|
||||
bad_chain = 1;
|
||||
ok = cb(0, ctx);
|
||||
if (!ok)
|
||||
goto end;
|
||||
goto err;
|
||||
} else {
|
||||
/*
|
||||
* We have a match: replace certificate with store
|
||||
@ -347,25 +353,26 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
|
||||
ok = ctx->get_issuer(&xtmp, ctx, x);
|
||||
|
||||
if (ok < 0)
|
||||
goto end;
|
||||
goto err;
|
||||
if (ok == 0)
|
||||
break;
|
||||
x = xtmp;
|
||||
if (!sk_X509_push(ctx->chain, x)) {
|
||||
X509_free(xtmp);
|
||||
X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
|
||||
ok = 0;
|
||||
goto end;
|
||||
ok = -1;
|
||||
goto err;
|
||||
}
|
||||
num++;
|
||||
}
|
||||
|
||||
/* we now have our chain, lets check it... */
|
||||
i = check_trust(ctx);
|
||||
if ((trust = check_trust(ctx)) == X509_TRUST_REJECTED) {
|
||||
/* Callback already issued */
|
||||
ok = 0;
|
||||
goto err;
|
||||
}
|
||||
|
||||
/* If explicitly rejected error */
|
||||
if (i == X509_TRUST_REJECTED)
|
||||
goto end;
|
||||
/*
|
||||
* If it's not explicitly trusted then check if there is an alternative
|
||||
* chain that could be used. We only do this if we haven't already
|
||||
@ -373,14 +380,14 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
|
||||
* chain checking
|
||||
*/
|
||||
retry = 0;
|
||||
if (i != X509_TRUST_TRUSTED
|
||||
if (trust != X509_TRUST_TRUSTED
|
||||
&& !(ctx->param->flags & X509_V_FLAG_TRUSTED_FIRST)
|
||||
&& !(ctx->param->flags & X509_V_FLAG_NO_ALT_CHAINS)) {
|
||||
while (j-- > 1) {
|
||||
xtmp2 = sk_X509_value(ctx->chain, j - 1);
|
||||
ok = ctx->get_issuer(&xtmp, ctx, xtmp2);
|
||||
if (ok < 0)
|
||||
goto end;
|
||||
goto err;
|
||||
/* Check if we found an alternate chain */
|
||||
if (ok > 0) {
|
||||
/*
|
||||
@ -410,7 +417,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
|
||||
* self signed certificate in which case we've indicated an error already
|
||||
* and set bad_chain == 1
|
||||
*/
|
||||
if (i != X509_TRUST_TRUSTED && !bad_chain) {
|
||||
if (trust != X509_TRUST_TRUSTED && !bad_chain) {
|
||||
if ((chain_ss == NULL) || !ctx->check_issued(ctx, x, chain_ss)) {
|
||||
if (ctx->last_untrusted >= num)
|
||||
ctx->error = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY;
|
||||
@ -431,26 +438,26 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
|
||||
bad_chain = 1;
|
||||
ok = cb(0, ctx);
|
||||
if (!ok)
|
||||
goto end;
|
||||
goto err;
|
||||
}
|
||||
|
||||
/* We have the chain complete: now we need to check its purpose */
|
||||
ok = check_chain_extensions(ctx);
|
||||
|
||||
if (!ok)
|
||||
goto end;
|
||||
goto err;
|
||||
|
||||
/* Check name constraints */
|
||||
|
||||
ok = check_name_constraints(ctx);
|
||||
|
||||
if (!ok)
|
||||
goto end;
|
||||
goto err;
|
||||
|
||||
ok = check_id(ctx);
|
||||
|
||||
if (!ok)
|
||||
goto end;
|
||||
goto err;
|
||||
|
||||
/* We may as well copy down any DSA parameters that are required */
|
||||
X509_get_pubkey_parameters(NULL, ctx->chain);
|
||||
@ -462,16 +469,16 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
|
||||
|
||||
ok = ctx->check_revocation(ctx);
|
||||
if (!ok)
|
||||
goto end;
|
||||
goto err;
|
||||
|
||||
i = X509_chain_check_suiteb(&ctx->error_depth, NULL, ctx->chain,
|
||||
ctx->param->flags);
|
||||
if (i != X509_V_OK) {
|
||||
ctx->error = i;
|
||||
err = X509_chain_check_suiteb(&ctx->error_depth, NULL, ctx->chain,
|
||||
ctx->param->flags);
|
||||
if (err != X509_V_OK) {
|
||||
ctx->error = err;
|
||||
ctx->current_cert = sk_X509_value(ctx->chain, ctx->error_depth);
|
||||
ok = cb(0, ctx);
|
||||
if (!ok)
|
||||
goto end;
|
||||
goto err;
|
||||
}
|
||||
|
||||
/* At this point, we have a chain and need to verify it */
|
||||
@ -480,25 +487,28 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
|
||||
else
|
||||
ok = internal_verify(ctx);
|
||||
if (!ok)
|
||||
goto end;
|
||||
goto err;
|
||||
|
||||
#ifndef OPENSSL_NO_RFC3779
|
||||
/* RFC 3779 path validation, now that CRL check has been done */
|
||||
ok = v3_asid_validate_path(ctx);
|
||||
if (!ok)
|
||||
goto end;
|
||||
goto err;
|
||||
ok = v3_addr_validate_path(ctx);
|
||||
if (!ok)
|
||||
goto end;
|
||||
goto err;
|
||||
#endif
|
||||
|
||||
/* If we get this far evaluate policies */
|
||||
if (!bad_chain && (ctx->param->flags & X509_V_FLAG_POLICY_CHECK))
|
||||
ok = ctx->check_policy(ctx);
|
||||
if (!ok)
|
||||
goto end;
|
||||
goto err;
|
||||
if (0) {
|
||||
end:
|
||||
err:
|
||||
/* Ensure we return an error */
|
||||
if (ok > 0)
|
||||
ok = 0;
|
||||
X509_get_pubkey_parameters(NULL, ctx->chain);
|
||||
}
|
||||
if (sktmp != NULL)
|
||||
@ -2287,9 +2297,10 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
|
||||
ctx->current_reasons = 0;
|
||||
ctx->tree = NULL;
|
||||
ctx->parent = NULL;
|
||||
/* Zero ex_data to make sure we're cleanup-safe */
|
||||
memset(&ctx->ex_data, 0, sizeof(ctx->ex_data));
|
||||
|
||||
ctx->param = X509_VERIFY_PARAM_new();
|
||||
|
||||
if (!ctx->param) {
|
||||
X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE);
|
||||
return 0;
|
||||
@ -2298,7 +2309,6 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
|
||||
/*
|
||||
* Inherit callbacks and flags from X509_STORE if not set use defaults.
|
||||
*/
|
||||
|
||||
if (store)
|
||||
ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param);
|
||||
else
|
||||
@ -2306,6 +2316,7 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
|
||||
|
||||
if (store) {
|
||||
ctx->verify_cb = store->verify_cb;
|
||||
/* Seems to always be 0 in OpenSSL, else must be idempotent */
|
||||
ctx->cleanup = store->cleanup;
|
||||
} else
|
||||
ctx->cleanup = 0;
|
||||
@ -2316,7 +2327,7 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
|
||||
|
||||
if (ret == 0) {
|
||||
X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE);
|
||||
return 0;
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (store && store->check_issued)
|
||||
@ -2371,19 +2382,18 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
|
||||
|
||||
ctx->check_policy = check_policy;
|
||||
|
||||
if (CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx,
|
||||
&ctx->ex_data))
|
||||
return 1;
|
||||
X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE);
|
||||
|
||||
err:
|
||||
/*
|
||||
* This memset() can't make any sense anyway, so it's removed. As
|
||||
* X509_STORE_CTX_cleanup does a proper "free" on the ex_data, we put a
|
||||
* corresponding "new" here and remove this bogus initialisation.
|
||||
* On error clean up allocated storage, if the store context was not
|
||||
* allocated with X509_STORE_CTX_new() this is our last chance to do so.
|
||||
*/
|
||||
/* memset(&(ctx->ex_data),0,sizeof(CRYPTO_EX_DATA)); */
|
||||
if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx,
|
||||
&(ctx->ex_data))) {
|
||||
OPENSSL_free(ctx);
|
||||
X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE);
|
||||
return 0;
|
||||
}
|
||||
return 1;
|
||||
X509_STORE_CTX_cleanup(ctx);
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
@ -2399,8 +2409,17 @@ void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
|
||||
|
||||
void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
|
||||
{
|
||||
if (ctx->cleanup)
|
||||
/*
|
||||
* We need to be idempotent because, unfortunately, free() also calls
|
||||
* cleanup(), so the natural call sequence new(), init(), cleanup(), free()
|
||||
* calls cleanup() for the same object twice! Thus we must zero the
|
||||
* pointers below after they're freed!
|
||||
*/
|
||||
/* Seems to always be 0 in OpenSSL, do this at most once. */
|
||||
if (ctx->cleanup != NULL) {
|
||||
ctx->cleanup(ctx);
|
||||
ctx->cleanup = NULL;
|
||||
}
|
||||
if (ctx->param != NULL) {
|
||||
if (ctx->parent == NULL)
|
||||
X509_VERIFY_PARAM_free(ctx->param);
|
||||
|
@ -94,11 +94,11 @@ static int int_x509_param_set_hosts(X509_VERIFY_PARAM_ID *id, int mode,
|
||||
* Refuse names with embedded NUL bytes, except perhaps as final byte.
|
||||
* XXX: Do we need to push an error onto the error stack?
|
||||
*/
|
||||
if (namelen == 0)
|
||||
if (namelen == 0 || name == NULL)
|
||||
namelen = name ? strlen(name) : 0;
|
||||
else if (name && memchr(name, '\0', namelen > 1 ? namelen - 1 : namelen))
|
||||
return 0;
|
||||
if (name && name[namelen - 1] == '\0')
|
||||
if (namelen > 0 && name[namelen - 1] == '\0')
|
||||
--namelen;
|
||||
|
||||
if (mode == SET_HOST && id->hosts) {
|
||||
|
@ -127,7 +127,7 @@ static const X509V3_EXT_METHOD *standard_exts[] = {
|
||||
&v3_idp,
|
||||
&v3_alt[2],
|
||||
&v3_freshest_crl,
|
||||
#ifndef OPENSSL_SYS_UEFI
|
||||
#ifndef OPENSSL_NO_SCT
|
||||
&v3_ct_scts[0],
|
||||
&v3_ct_scts[1],
|
||||
#endif
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* v3_pci.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* v3_pci.c */
|
||||
/*
|
||||
* Contributed to the OpenSSL Project 2004 by Richard Levitte
|
||||
* (richard@levitte.org)
|
||||
@ -149,6 +149,7 @@ static int process_pci_value(CONF_VALUE *val,
|
||||
goto err;
|
||||
}
|
||||
OPENSSL_free(tmp_data2);
|
||||
#ifndef OPENSSL_NO_STDIO
|
||||
} else if (strncmp(val->value, "file:", 5) == 0) {
|
||||
unsigned char buf[2048];
|
||||
int n;
|
||||
@ -181,6 +182,7 @@ static int process_pci_value(CONF_VALUE *val,
|
||||
X509V3_conf_err(val);
|
||||
goto err;
|
||||
}
|
||||
#endif /* !OPENSSL_NO_STDIO */
|
||||
} else if (strncmp(val->value, "text:", 5) == 0) {
|
||||
val_len = strlen(val->value + 5);
|
||||
tmp_data = OPENSSL_realloc((*policy)->data,
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* v3_pcia.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* v3_pcia.c */
|
||||
/*
|
||||
* Contributed to the OpenSSL Project 2004 by Richard Levitte
|
||||
* (richard@levitte.org)
|
||||
|
@ -841,7 +841,8 @@ static const unsigned char *valid_star(const unsigned char *p, size_t len,
|
||||
state = LABEL_START;
|
||||
++dots;
|
||||
} else if (p[i] == '-') {
|
||||
if ((state & LABEL_HYPHEN) != 0)
|
||||
/* no domain/subdomain starts with '-' */
|
||||
if ((state & LABEL_START) != 0)
|
||||
return NULL;
|
||||
state |= LABEL_HYPHEN;
|
||||
} else
|
||||
|
Loading…
Reference in New Issue
Block a user