openssl: Sync with upstream 1.0.2l
This commit is contained in:
parent
996f1ae29e
commit
67305d1b0a
1
thirdparty/README.md
vendored
1
thirdparty/README.md
vendored
@ -268,6 +268,7 @@ Files extracted from the upstream source:
|
|||||||
- e_os.h
|
- e_os.h
|
||||||
- Apply the Godot-specific patches in the `patches/` folder.
|
- Apply the Godot-specific patches in the `patches/` folder.
|
||||||
|
|
||||||
|
|
||||||
## opus
|
## opus
|
||||||
|
|
||||||
- Upstream: https://opus-codec.org
|
- Upstream: https://opus-codec.org
|
||||||
|
3
thirdparty/openssl/crypto/LPdir_nyi.c
vendored
3
thirdparty/openssl/crypto/LPdir_nyi.c
vendored
@ -1,6 +1,3 @@
|
|||||||
/*
|
|
||||||
* $LP: LPlib/source/LPdir_win.c,v 1.1 2004/06/14 10:07:56 _cvs_levitte Exp $
|
|
||||||
*/
|
|
||||||
/*
|
/*
|
||||||
* Copyright (c) 2004, Richard Levitte <richard@levitte.org>
|
* Copyright (c) 2004, Richard Levitte <richard@levitte.org>
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
|
4
thirdparty/openssl/crypto/LPdir_unix.c
vendored
4
thirdparty/openssl/crypto/LPdir_unix.c
vendored
@ -1,7 +1,3 @@
|
|||||||
/*
|
|
||||||
* $LP: LPlib/source/LPdir_unix.c,v 1.11 2004/09/23 22:07:22 _cvs_levitte Exp
|
|
||||||
* $
|
|
||||||
*/
|
|
||||||
/*
|
/*
|
||||||
* Copyright (c) 2004, Richard Levitte <richard@levitte.org>
|
* Copyright (c) 2004, Richard Levitte <richard@levitte.org>
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
|
4
thirdparty/openssl/crypto/LPdir_win32.c
vendored
4
thirdparty/openssl/crypto/LPdir_win32.c
vendored
@ -1,7 +1,3 @@
|
|||||||
/*
|
|
||||||
* $LP: LPlib/source/LPdir_win32.c,v 1.3 2004/08/26 13:36:05 _cvs_levitte Exp
|
|
||||||
* $
|
|
||||||
*/
|
|
||||||
/*
|
/*
|
||||||
* Copyright (c) 2004, Richard Levitte <richard@levitte.org>
|
* Copyright (c) 2004, Richard Levitte <richard@levitte.org>
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
|
4
thirdparty/openssl/crypto/LPdir_wince.c
vendored
4
thirdparty/openssl/crypto/LPdir_wince.c
vendored
@ -1,7 +1,3 @@
|
|||||||
/*
|
|
||||||
* $LP: LPlib/source/LPdir_wince.c,v 1.3 2004/08/26 13:36:05 _cvs_levitte Exp
|
|
||||||
* $
|
|
||||||
*/
|
|
||||||
/*
|
/*
|
||||||
* Copyright (c) 2004, Richard Levitte <richard@levitte.org>
|
* Copyright (c) 2004, Richard Levitte <richard@levitte.org>
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
|
3
thirdparty/openssl/crypto/asn1/a_bitstr.c
vendored
3
thirdparty/openssl/crypto/asn1/a_bitstr.c
vendored
@ -114,10 +114,11 @@ int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
|
|||||||
|
|
||||||
*(p++) = (unsigned char)bits;
|
*(p++) = (unsigned char)bits;
|
||||||
d = a->data;
|
d = a->data;
|
||||||
|
if (len > 0) {
|
||||||
memcpy(p, d, len);
|
memcpy(p, d, len);
|
||||||
p += len;
|
p += len;
|
||||||
if (len > 0)
|
|
||||||
p[-1] &= (0xff << bits);
|
p[-1] &= (0xff << bits);
|
||||||
|
}
|
||||||
*pp = p;
|
*pp = p;
|
||||||
return (ret);
|
return (ret);
|
||||||
}
|
}
|
||||||
|
58
thirdparty/openssl/crypto/asn1/a_bytes.c
vendored
58
thirdparty/openssl/crypto/asn1/a_bytes.c
vendored
@ -60,7 +60,12 @@
|
|||||||
#include "cryptlib.h"
|
#include "cryptlib.h"
|
||||||
#include <openssl/asn1.h>
|
#include <openssl/asn1.h>
|
||||||
|
|
||||||
static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c);
|
static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c,
|
||||||
|
int depth);
|
||||||
|
static ASN1_STRING *int_d2i_ASN1_bytes(ASN1_STRING **a,
|
||||||
|
const unsigned char **pp, long length,
|
||||||
|
int Ptag, int Pclass, int depth,
|
||||||
|
int *perr);
|
||||||
/*
|
/*
|
||||||
* type is a 'bitmap' of acceptable string types.
|
* type is a 'bitmap' of acceptable string types.
|
||||||
*/
|
*/
|
||||||
@ -99,7 +104,7 @@ ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp,
|
|||||||
ret = (*a);
|
ret = (*a);
|
||||||
|
|
||||||
if (len != 0) {
|
if (len != 0) {
|
||||||
s = (unsigned char *)OPENSSL_malloc((int)len + 1);
|
s = OPENSSL_malloc((int)len + 1);
|
||||||
if (s == NULL) {
|
if (s == NULL) {
|
||||||
i = ERR_R_MALLOC_FAILURE;
|
i = ERR_R_MALLOC_FAILURE;
|
||||||
goto err;
|
goto err;
|
||||||
@ -154,15 +159,38 @@ int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass)
|
|||||||
return (r);
|
return (r);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Maximum recursion depth of d2i_ASN1_bytes(): much more than should be
|
||||||
|
* encountered in pratice.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#define ASN1_BYTES_MAXDEPTH 20
|
||||||
|
|
||||||
ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
|
ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
|
||||||
long length, int Ptag, int Pclass)
|
long length, int Ptag, int Pclass)
|
||||||
|
{
|
||||||
|
int err = 0;
|
||||||
|
ASN1_STRING *s = int_d2i_ASN1_bytes(a, pp, length, Ptag, Pclass, 0, &err);
|
||||||
|
if (err != 0)
|
||||||
|
ASN1err(ASN1_F_D2I_ASN1_BYTES, err);
|
||||||
|
return s;
|
||||||
|
}
|
||||||
|
|
||||||
|
static ASN1_STRING *int_d2i_ASN1_bytes(ASN1_STRING **a,
|
||||||
|
const unsigned char **pp, long length,
|
||||||
|
int Ptag, int Pclass,
|
||||||
|
int depth, int *perr)
|
||||||
{
|
{
|
||||||
ASN1_STRING *ret = NULL;
|
ASN1_STRING *ret = NULL;
|
||||||
const unsigned char *p;
|
const unsigned char *p;
|
||||||
unsigned char *s;
|
unsigned char *s;
|
||||||
long len;
|
long len;
|
||||||
int inf, tag, xclass;
|
int inf, tag, xclass;
|
||||||
int i = 0;
|
|
||||||
|
if (depth > ASN1_BYTES_MAXDEPTH) {
|
||||||
|
*perr = ASN1_R_NESTED_ASN1_STRING;
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
if ((a == NULL) || ((*a) == NULL)) {
|
if ((a == NULL) || ((*a) == NULL)) {
|
||||||
if ((ret = ASN1_STRING_new()) == NULL)
|
if ((ret = ASN1_STRING_new()) == NULL)
|
||||||
@ -173,18 +201,19 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
|
|||||||
p = *pp;
|
p = *pp;
|
||||||
inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
|
inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
|
||||||
if (inf & 0x80) {
|
if (inf & 0x80) {
|
||||||
i = ASN1_R_BAD_OBJECT_HEADER;
|
*perr = ASN1_R_BAD_OBJECT_HEADER;
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (tag != Ptag) {
|
if (tag != Ptag) {
|
||||||
i = ASN1_R_WRONG_TAG;
|
*perr = ASN1_R_WRONG_TAG;
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (inf & V_ASN1_CONSTRUCTED) {
|
if (inf & V_ASN1_CONSTRUCTED) {
|
||||||
ASN1_const_CTX c;
|
ASN1_const_CTX c;
|
||||||
|
|
||||||
|
c.error = 0;
|
||||||
c.pp = pp;
|
c.pp = pp;
|
||||||
c.p = p;
|
c.p = p;
|
||||||
c.inf = inf;
|
c.inf = inf;
|
||||||
@ -192,17 +221,18 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
|
|||||||
c.tag = Ptag;
|
c.tag = Ptag;
|
||||||
c.xclass = Pclass;
|
c.xclass = Pclass;
|
||||||
c.max = (length == 0) ? 0 : (p + length);
|
c.max = (length == 0) ? 0 : (p + length);
|
||||||
if (!asn1_collate_primitive(ret, &c))
|
if (!asn1_collate_primitive(ret, &c, depth)) {
|
||||||
|
*perr = c.error;
|
||||||
goto err;
|
goto err;
|
||||||
else {
|
} else {
|
||||||
p = c.p;
|
p = c.p;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if (len != 0) {
|
if (len != 0) {
|
||||||
if ((ret->length < len) || (ret->data == NULL)) {
|
if ((ret->length < len) || (ret->data == NULL)) {
|
||||||
s = (unsigned char *)OPENSSL_malloc((int)len + 1);
|
s = OPENSSL_malloc((int)len + 1);
|
||||||
if (s == NULL) {
|
if (s == NULL) {
|
||||||
i = ERR_R_MALLOC_FAILURE;
|
*perr = ERR_R_MALLOC_FAILURE;
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
if (ret->data != NULL)
|
if (ret->data != NULL)
|
||||||
@ -230,7 +260,6 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
|
|||||||
err:
|
err:
|
||||||
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
|
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
|
||||||
ASN1_STRING_free(ret);
|
ASN1_STRING_free(ret);
|
||||||
ASN1err(ASN1_F_D2I_ASN1_BYTES, i);
|
|
||||||
return (NULL);
|
return (NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -242,7 +271,8 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
|
|||||||
* There have been a few bug fixes for this function from Paul Keogh
|
* There have been a few bug fixes for this function from Paul Keogh
|
||||||
* <paul.keogh@sse.ie>, many thanks to him
|
* <paul.keogh@sse.ie>, many thanks to him
|
||||||
*/
|
*/
|
||||||
static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c)
|
static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c,
|
||||||
|
int depth)
|
||||||
{
|
{
|
||||||
ASN1_STRING *os = NULL;
|
ASN1_STRING *os = NULL;
|
||||||
BUF_MEM b;
|
BUF_MEM b;
|
||||||
@ -270,9 +300,8 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c)
|
|||||||
}
|
}
|
||||||
|
|
||||||
c->q = c->p;
|
c->q = c->p;
|
||||||
if (d2i_ASN1_bytes(&os, &c->p, c->max - c->p, c->tag, c->xclass)
|
if (int_d2i_ASN1_bytes(&os, &c->p, c->max - c->p, c->tag, c->xclass,
|
||||||
== NULL) {
|
depth + 1, &c->error) == NULL) {
|
||||||
c->error = ERR_R_ASN1_LIB;
|
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -297,7 +326,6 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c)
|
|||||||
ASN1_STRING_free(os);
|
ASN1_STRING_free(os);
|
||||||
return (1);
|
return (1);
|
||||||
err:
|
err:
|
||||||
ASN1err(ASN1_F_ASN1_COLLATE_PRIMITIVE, c->error);
|
|
||||||
if (os != NULL)
|
if (os != NULL)
|
||||||
ASN1_STRING_free(os);
|
ASN1_STRING_free(os);
|
||||||
if (b.data != NULL)
|
if (b.data != NULL)
|
||||||
|
8
thirdparty/openssl/crypto/asn1/a_digest.c
vendored
8
thirdparty/openssl/crypto/asn1/a_digest.c
vendored
@ -86,8 +86,10 @@ int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
|
|||||||
p = str;
|
p = str;
|
||||||
i2d(data, &p);
|
i2d(data, &p);
|
||||||
|
|
||||||
if (!EVP_Digest(str, i, md, len, type, NULL))
|
if (!EVP_Digest(str, i, md, len, type, NULL)) {
|
||||||
|
OPENSSL_free(str);
|
||||||
return 0;
|
return 0;
|
||||||
|
}
|
||||||
OPENSSL_free(str);
|
OPENSSL_free(str);
|
||||||
return (1);
|
return (1);
|
||||||
}
|
}
|
||||||
@ -104,8 +106,10 @@ int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn,
|
|||||||
if (!str)
|
if (!str)
|
||||||
return (0);
|
return (0);
|
||||||
|
|
||||||
if (!EVP_Digest(str, i, md, len, type, NULL))
|
if (!EVP_Digest(str, i, md, len, type, NULL)) {
|
||||||
|
OPENSSL_free(str);
|
||||||
return 0;
|
return 0;
|
||||||
|
}
|
||||||
OPENSSL_free(str);
|
OPENSSL_free(str);
|
||||||
return (1);
|
return (1);
|
||||||
}
|
}
|
||||||
|
2
thirdparty/openssl/crypto/asn1/a_gentm.c
vendored
2
thirdparty/openssl/crypto/asn1/a_gentm.c
vendored
@ -202,7 +202,7 @@ int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d)
|
|||||||
if (a[o] == 'Z')
|
if (a[o] == 'Z')
|
||||||
o++;
|
o++;
|
||||||
else if ((a[o] == '+') || (a[o] == '-')) {
|
else if ((a[o] == '+') || (a[o] == '-')) {
|
||||||
int offsign = a[o] == '-' ? -1 : 1, offset = 0;
|
int offsign = a[o] == '-' ? 1 : -1, offset = 0;
|
||||||
o++;
|
o++;
|
||||||
if (o + 4 > l)
|
if (o + 4 > l)
|
||||||
goto err;
|
goto err;
|
||||||
|
10
thirdparty/openssl/crypto/asn1/a_object.c
vendored
10
thirdparty/openssl/crypto/asn1/a_object.c
vendored
@ -73,7 +73,7 @@ int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
|
|||||||
return (0);
|
return (0);
|
||||||
|
|
||||||
objsize = ASN1_object_size(0, a->length, V_ASN1_OBJECT);
|
objsize = ASN1_object_size(0, a->length, V_ASN1_OBJECT);
|
||||||
if (pp == NULL)
|
if (pp == NULL || objsize == -1)
|
||||||
return objsize;
|
return objsize;
|
||||||
|
|
||||||
p = *pp;
|
p = *pp;
|
||||||
@ -174,8 +174,12 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
|
|||||||
if (!tmp)
|
if (!tmp)
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
while (blsize--)
|
while (blsize--) {
|
||||||
tmp[i++] = (unsigned char)BN_div_word(bl, 0x80L);
|
BN_ULONG t = BN_div_word(bl, 0x80L);
|
||||||
|
if (t == (BN_ULONG)-1)
|
||||||
|
goto err;
|
||||||
|
tmp[i++] = (unsigned char)t;
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
for (;;) {
|
for (;;) {
|
||||||
|
9
thirdparty/openssl/crypto/asn1/a_set.c
vendored
9
thirdparty/openssl/crypto/asn1/a_set.c
vendored
@ -57,6 +57,7 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
|
#include <limits.h>
|
||||||
#include "cryptlib.h"
|
#include "cryptlib.h"
|
||||||
#include <openssl/asn1_mac.h>
|
#include <openssl/asn1_mac.h>
|
||||||
|
|
||||||
@ -98,10 +99,14 @@ int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp,
|
|||||||
|
|
||||||
if (a == NULL)
|
if (a == NULL)
|
||||||
return (0);
|
return (0);
|
||||||
for (i = sk_OPENSSL_BLOCK_num(a) - 1; i >= 0; i--)
|
for (i = sk_OPENSSL_BLOCK_num(a) - 1; i >= 0; i--) {
|
||||||
|
int tmplen = i2d(sk_OPENSSL_BLOCK_value(a, i), NULL);
|
||||||
|
if (tmplen > INT_MAX - ret)
|
||||||
|
return -1;
|
||||||
ret += i2d(sk_OPENSSL_BLOCK_value(a, i), NULL);
|
ret += i2d(sk_OPENSSL_BLOCK_value(a, i), NULL);
|
||||||
|
}
|
||||||
r = ASN1_object_size(1, ret, ex_tag);
|
r = ASN1_object_size(1, ret, ex_tag);
|
||||||
if (pp == NULL)
|
if (pp == NULL || r == -1)
|
||||||
return (r);
|
return (r);
|
||||||
|
|
||||||
p = *pp;
|
p = *pp;
|
||||||
|
2
thirdparty/openssl/crypto/asn1/a_strex.c
vendored
2
thirdparty/openssl/crypto/asn1/a_strex.c
vendored
@ -337,7 +337,7 @@ static const signed char tag2nbyte[] = {
|
|||||||
-1, -1, -1, -1, -1, /* 5-9 */
|
-1, -1, -1, -1, -1, /* 5-9 */
|
||||||
-1, -1, 0, -1, /* 10-13 */
|
-1, -1, 0, -1, /* 10-13 */
|
||||||
-1, -1, -1, -1, /* 15-17 */
|
-1, -1, -1, -1, /* 15-17 */
|
||||||
-1, 1, 1, /* 18-20 */
|
1, 1, 1, /* 18-20 */
|
||||||
-1, 1, 1, 1, /* 21-24 */
|
-1, 1, 1, 1, /* 21-24 */
|
||||||
-1, 1, -1, /* 25-27 */
|
-1, 1, -1, /* 25-27 */
|
||||||
4, -1, 2 /* 28-30 */
|
4, -1, 2 /* 28-30 */
|
||||||
|
4
thirdparty/openssl/crypto/asn1/a_strnid.c
vendored
4
thirdparty/openssl/crypto/asn1/a_strnid.c
vendored
@ -192,7 +192,8 @@ static const ASN1_STRING_TABLE tbl_standard[] = {
|
|||||||
{NID_name, 1, ub_name, DIRSTRING_TYPE, 0},
|
{NID_name, 1, ub_name, DIRSTRING_TYPE, 0},
|
||||||
{NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
|
{NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
|
||||||
{NID_domainComponent, 1, -1, B_ASN1_IA5STRING, STABLE_NO_MASK},
|
{NID_domainComponent, 1, -1, B_ASN1_IA5STRING, STABLE_NO_MASK},
|
||||||
{NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK}
|
{NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK},
|
||||||
|
{NID_jurisdictionCountryName, 2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}
|
||||||
};
|
};
|
||||||
|
|
||||||
static int sk_table_cmp(const ASN1_STRING_TABLE *const *a,
|
static int sk_table_cmp(const ASN1_STRING_TABLE *const *a,
|
||||||
@ -250,6 +251,7 @@ int ASN1_STRING_TABLE_add(int nid,
|
|||||||
}
|
}
|
||||||
tmp->flags = flags | STABLE_FLAGS_MALLOC;
|
tmp->flags = flags | STABLE_FLAGS_MALLOC;
|
||||||
tmp->nid = nid;
|
tmp->nid = nid;
|
||||||
|
tmp->minsize = tmp->maxsize = -1;
|
||||||
new_nid = 1;
|
new_nid = 1;
|
||||||
} else
|
} else
|
||||||
tmp->flags = (tmp->flags & STABLE_FLAGS_MALLOC) | flags;
|
tmp->flags = (tmp->flags & STABLE_FLAGS_MALLOC) | flags;
|
||||||
|
24
thirdparty/openssl/crypto/asn1/a_time.c
vendored
24
thirdparty/openssl/crypto/asn1/a_time.c
vendored
@ -137,7 +137,7 @@ int ASN1_TIME_check(ASN1_TIME *t)
|
|||||||
ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
|
ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
|
||||||
ASN1_GENERALIZEDTIME **out)
|
ASN1_GENERALIZEDTIME **out)
|
||||||
{
|
{
|
||||||
ASN1_GENERALIZEDTIME *ret;
|
ASN1_GENERALIZEDTIME *ret = NULL;
|
||||||
char *str;
|
char *str;
|
||||||
int newlen;
|
int newlen;
|
||||||
|
|
||||||
@ -146,22 +146,21 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
|
|||||||
|
|
||||||
if (!out || !*out) {
|
if (!out || !*out) {
|
||||||
if (!(ret = ASN1_GENERALIZEDTIME_new()))
|
if (!(ret = ASN1_GENERALIZEDTIME_new()))
|
||||||
return NULL;
|
goto err;
|
||||||
if (out)
|
} else {
|
||||||
*out = ret;
|
|
||||||
} else
|
|
||||||
ret = *out;
|
ret = *out;
|
||||||
|
}
|
||||||
|
|
||||||
/* If already GeneralizedTime just copy across */
|
/* If already GeneralizedTime just copy across */
|
||||||
if (t->type == V_ASN1_GENERALIZEDTIME) {
|
if (t->type == V_ASN1_GENERALIZEDTIME) {
|
||||||
if (!ASN1_STRING_set(ret, t->data, t->length))
|
if (!ASN1_STRING_set(ret, t->data, t->length))
|
||||||
return NULL;
|
goto err;
|
||||||
return ret;
|
goto done;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* grow the string */
|
/* grow the string */
|
||||||
if (!ASN1_STRING_set(ret, NULL, t->length + 2))
|
if (!ASN1_STRING_set(ret, NULL, t->length + 2))
|
||||||
return NULL;
|
goto err;
|
||||||
/* ASN1_STRING_set() allocated 'len + 1' bytes. */
|
/* ASN1_STRING_set() allocated 'len + 1' bytes. */
|
||||||
newlen = t->length + 2 + 1;
|
newlen = t->length + 2 + 1;
|
||||||
str = (char *)ret->data;
|
str = (char *)ret->data;
|
||||||
@ -173,9 +172,18 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
|
|||||||
|
|
||||||
BUF_strlcat(str, (char *)t->data, newlen);
|
BUF_strlcat(str, (char *)t->data, newlen);
|
||||||
|
|
||||||
|
done:
|
||||||
|
if (out != NULL && *out == NULL)
|
||||||
|
*out = ret;
|
||||||
return ret;
|
return ret;
|
||||||
|
|
||||||
|
err:
|
||||||
|
if (out == NULL || *out != ret)
|
||||||
|
ASN1_GENERALIZEDTIME_free(ret);
|
||||||
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
int ASN1_TIME_set_string(ASN1_TIME *s, const char *str)
|
int ASN1_TIME_set_string(ASN1_TIME *s, const char *str)
|
||||||
{
|
{
|
||||||
ASN1_TIME t;
|
ASN1_TIME t;
|
||||||
|
2
thirdparty/openssl/crypto/asn1/a_utctm.c
vendored
2
thirdparty/openssl/crypto/asn1/a_utctm.c
vendored
@ -172,7 +172,7 @@ int asn1_utctime_to_tm(struct tm *tm, const ASN1_UTCTIME *d)
|
|||||||
if (a[o] == 'Z')
|
if (a[o] == 'Z')
|
||||||
o++;
|
o++;
|
||||||
else if ((a[o] == '+') || (a[o] == '-')) {
|
else if ((a[o] == '+') || (a[o] == '-')) {
|
||||||
int offsign = a[o] == '-' ? -1 : 1, offset = 0;
|
int offsign = a[o] == '-' ? 1 : -1, offset = 0;
|
||||||
o++;
|
o++;
|
||||||
if (o + 4 > l)
|
if (o + 4 > l)
|
||||||
goto err;
|
goto err;
|
||||||
|
2
thirdparty/openssl/crypto/asn1/ameth_lib.c
vendored
2
thirdparty/openssl/crypto/asn1/ameth_lib.c
vendored
@ -93,7 +93,9 @@ static const EVP_PKEY_ASN1_METHOD *standard_methods[] = {
|
|||||||
&eckey_asn1_meth,
|
&eckey_asn1_meth,
|
||||||
#endif
|
#endif
|
||||||
&hmac_asn1_meth,
|
&hmac_asn1_meth,
|
||||||
|
#ifndef OPENSSL_NO_CMAC
|
||||||
&cmac_asn1_meth,
|
&cmac_asn1_meth,
|
||||||
|
#endif
|
||||||
#ifndef OPENSSL_NO_DH
|
#ifndef OPENSSL_NO_DH
|
||||||
&dhx_asn1_meth
|
&dhx_asn1_meth
|
||||||
#endif
|
#endif
|
||||||
|
26
thirdparty/openssl/crypto/asn1/asn1_lib.c
vendored
26
thirdparty/openssl/crypto/asn1/asn1_lib.c
vendored
@ -256,26 +256,30 @@ static void asn1_put_length(unsigned char **pp, int length)
|
|||||||
|
|
||||||
int ASN1_object_size(int constructed, int length, int tag)
|
int ASN1_object_size(int constructed, int length, int tag)
|
||||||
{
|
{
|
||||||
int ret;
|
int ret = 1;
|
||||||
|
if (length < 0)
|
||||||
ret = length;
|
return -1;
|
||||||
ret++;
|
|
||||||
if (tag >= 31) {
|
if (tag >= 31) {
|
||||||
while (tag > 0) {
|
while (tag > 0) {
|
||||||
tag >>= 7;
|
tag >>= 7;
|
||||||
ret++;
|
ret++;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (constructed == 2)
|
if (constructed == 2) {
|
||||||
return ret + 3;
|
ret += 3;
|
||||||
|
} else {
|
||||||
ret++;
|
ret++;
|
||||||
if (length > 127) {
|
if (length > 127) {
|
||||||
while (length > 0) {
|
int tmplen = length;
|
||||||
length >>= 8;
|
while (tmplen > 0) {
|
||||||
|
tmplen >>= 8;
|
||||||
ret++;
|
ret++;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return (ret);
|
}
|
||||||
|
if (ret >= INT_MAX - length)
|
||||||
|
return -1;
|
||||||
|
return ret + length;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int _asn1_Finish(ASN1_const_CTX *c)
|
static int _asn1_Finish(ASN1_const_CTX *c)
|
||||||
@ -324,7 +328,7 @@ int asn1_GetSequence(ASN1_const_CTX *c, long *length)
|
|||||||
return (0);
|
return (0);
|
||||||
}
|
}
|
||||||
if (c->inf == (1 | V_ASN1_CONSTRUCTED))
|
if (c->inf == (1 | V_ASN1_CONSTRUCTED))
|
||||||
c->slen = *length + *(c->pp) - c->p;
|
c->slen = *length;
|
||||||
c->eos = 0;
|
c->eos = 0;
|
||||||
return (1);
|
return (1);
|
||||||
}
|
}
|
||||||
@ -366,7 +370,7 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
|
|||||||
else
|
else
|
||||||
len = strlen(data);
|
len = strlen(data);
|
||||||
}
|
}
|
||||||
if ((str->length < len) || (str->data == NULL)) {
|
if ((str->length <= len) || (str->data == NULL)) {
|
||||||
c = str->data;
|
c = str->data;
|
||||||
if (c == NULL)
|
if (c == NULL)
|
||||||
str->data = OPENSSL_malloc(len + 1);
|
str->data = OPENSSL_malloc(len + 1);
|
||||||
|
4
thirdparty/openssl/crypto/asn1/asn_mime.c
vendored
4
thirdparty/openssl/crypto/asn1/asn_mime.c
vendored
@ -289,7 +289,7 @@ int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
|
|||||||
if ((flags & SMIME_DETACHED) && data) {
|
if ((flags & SMIME_DETACHED) && data) {
|
||||||
/* We want multipart/signed */
|
/* We want multipart/signed */
|
||||||
/* Generate a random boundary */
|
/* Generate a random boundary */
|
||||||
if (RAND_pseudo_bytes((unsigned char *)bound, 32) < 0)
|
if (RAND_bytes((unsigned char *)bound, 32) <= 0)
|
||||||
return 0;
|
return 0;
|
||||||
for (i = 0; i < 32; i++) {
|
for (i = 0; i < 32; i++) {
|
||||||
c = bound[i] & 0xf;
|
c = bound[i] & 0xf;
|
||||||
@ -623,6 +623,8 @@ static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret)
|
|||||||
if (bpart)
|
if (bpart)
|
||||||
sk_BIO_push(parts, bpart);
|
sk_BIO_push(parts, bpart);
|
||||||
bpart = BIO_new(BIO_s_mem());
|
bpart = BIO_new(BIO_s_mem());
|
||||||
|
if (bpart == NULL)
|
||||||
|
return 1;
|
||||||
BIO_set_mem_eof_return(bpart, 0);
|
BIO_set_mem_eof_return(bpart, 0);
|
||||||
} else if (eol)
|
} else if (eol)
|
||||||
BIO_write(bpart, "\r\n", 2);
|
BIO_write(bpart, "\r\n", 2);
|
||||||
|
6
thirdparty/openssl/crypto/asn1/bio_asn1.c
vendored
6
thirdparty/openssl/crypto/asn1/bio_asn1.c
vendored
@ -170,10 +170,12 @@ static int asn1_bio_init(BIO_ASN1_BUF_CTX *ctx, int size)
|
|||||||
ctx->copylen = 0;
|
ctx->copylen = 0;
|
||||||
ctx->asn1_class = V_ASN1_UNIVERSAL;
|
ctx->asn1_class = V_ASN1_UNIVERSAL;
|
||||||
ctx->asn1_tag = V_ASN1_OCTET_STRING;
|
ctx->asn1_tag = V_ASN1_OCTET_STRING;
|
||||||
ctx->ex_buf = 0;
|
ctx->ex_buf = NULL;
|
||||||
ctx->ex_pos = 0;
|
|
||||||
ctx->ex_len = 0;
|
ctx->ex_len = 0;
|
||||||
|
ctx->ex_pos = 0;
|
||||||
ctx->state = ASN1_STATE_START;
|
ctx->state = ASN1_STATE_START;
|
||||||
|
ctx->prefix = ctx->prefix_free = ctx->suffix = ctx->suffix_free = NULL;
|
||||||
|
ctx->ex_arg = NULL;
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
1
thirdparty/openssl/crypto/asn1/bio_ndef.c
vendored
1
thirdparty/openssl/crypto/asn1/bio_ndef.c
vendored
@ -136,6 +136,7 @@ BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it)
|
|||||||
ndef_aux->ndef_bio = sarg.ndef_bio;
|
ndef_aux->ndef_bio = sarg.ndef_bio;
|
||||||
ndef_aux->boundary = sarg.boundary;
|
ndef_aux->boundary = sarg.boundary;
|
||||||
ndef_aux->out = out;
|
ndef_aux->out = out;
|
||||||
|
ndef_aux->derbuf = NULL;
|
||||||
|
|
||||||
BIO_ctrl(asn_bio, BIO_C_SET_EX_ARG, 0, ndef_aux);
|
BIO_ctrl(asn_bio, BIO_C_SET_EX_ARG, 0, ndef_aux);
|
||||||
|
|
||||||
|
8
thirdparty/openssl/crypto/asn1/d2i_pr.c
vendored
8
thirdparty/openssl/crypto/asn1/d2i_pr.c
vendored
@ -97,15 +97,17 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
|
|||||||
if (!ret->ameth->old_priv_decode ||
|
if (!ret->ameth->old_priv_decode ||
|
||||||
!ret->ameth->old_priv_decode(ret, &p, length)) {
|
!ret->ameth->old_priv_decode(ret, &p, length)) {
|
||||||
if (ret->ameth->priv_decode) {
|
if (ret->ameth->priv_decode) {
|
||||||
|
EVP_PKEY *tmp;
|
||||||
PKCS8_PRIV_KEY_INFO *p8 = NULL;
|
PKCS8_PRIV_KEY_INFO *p8 = NULL;
|
||||||
p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
|
p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
|
||||||
if (!p8)
|
if (!p8)
|
||||||
goto err;
|
goto err;
|
||||||
EVP_PKEY_free(ret);
|
tmp = EVP_PKCS82PKEY(p8);
|
||||||
ret = EVP_PKCS82PKEY(p8);
|
|
||||||
PKCS8_PRIV_KEY_INFO_free(p8);
|
PKCS8_PRIV_KEY_INFO_free(p8);
|
||||||
if (ret == NULL)
|
if (tmp == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
EVP_PKEY_free(ret);
|
||||||
|
ret = tmp;
|
||||||
} else {
|
} else {
|
||||||
ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
|
ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
|
||||||
goto err;
|
goto err;
|
||||||
|
6
thirdparty/openssl/crypto/asn1/f_enum.c
vendored
6
thirdparty/openssl/crypto/asn1/f_enum.c
vendored
@ -138,7 +138,7 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
|
|||||||
bufp = (unsigned char *)buf;
|
bufp = (unsigned char *)buf;
|
||||||
if (first) {
|
if (first) {
|
||||||
first = 0;
|
first = 0;
|
||||||
if ((bufp[0] == '0') && (buf[1] == '0')) {
|
if ((bufp[0] == '0') && (bufp[1] == '0')) {
|
||||||
bufp += 2;
|
bufp += 2;
|
||||||
i -= 2;
|
i -= 2;
|
||||||
}
|
}
|
||||||
@ -160,8 +160,6 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
|
|||||||
i * 2);
|
i * 2);
|
||||||
if (sp == NULL) {
|
if (sp == NULL) {
|
||||||
ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE);
|
ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE);
|
||||||
if (s != NULL)
|
|
||||||
OPENSSL_free(s);
|
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
s = sp;
|
s = sp;
|
||||||
@ -199,5 +197,7 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
|
|||||||
err_sl:
|
err_sl:
|
||||||
ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ASN1_R_SHORT_LINE);
|
ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ASN1_R_SHORT_LINE);
|
||||||
}
|
}
|
||||||
|
if (ret != 1)
|
||||||
|
OPENSSL_free(s);
|
||||||
return (ret);
|
return (ret);
|
||||||
}
|
}
|
||||||
|
6
thirdparty/openssl/crypto/asn1/f_int.c
vendored
6
thirdparty/openssl/crypto/asn1/f_int.c
vendored
@ -152,7 +152,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
|
|||||||
bufp = (unsigned char *)buf;
|
bufp = (unsigned char *)buf;
|
||||||
if (first) {
|
if (first) {
|
||||||
first = 0;
|
first = 0;
|
||||||
if ((bufp[0] == '0') && (buf[1] == '0')) {
|
if ((bufp[0] == '0') && (bufp[1] == '0')) {
|
||||||
bufp += 2;
|
bufp += 2;
|
||||||
i -= 2;
|
i -= 2;
|
||||||
}
|
}
|
||||||
@ -172,8 +172,6 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
|
|||||||
sp = OPENSSL_realloc_clean(s, slen, num + i * 2);
|
sp = OPENSSL_realloc_clean(s, slen, num + i * 2);
|
||||||
if (sp == NULL) {
|
if (sp == NULL) {
|
||||||
ASN1err(ASN1_F_A2I_ASN1_INTEGER, ERR_R_MALLOC_FAILURE);
|
ASN1err(ASN1_F_A2I_ASN1_INTEGER, ERR_R_MALLOC_FAILURE);
|
||||||
if (s != NULL)
|
|
||||||
OPENSSL_free(s);
|
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
s = sp;
|
s = sp;
|
||||||
@ -211,5 +209,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
|
|||||||
err_sl:
|
err_sl:
|
||||||
ASN1err(ASN1_F_A2I_ASN1_INTEGER, ASN1_R_SHORT_LINE);
|
ASN1err(ASN1_F_A2I_ASN1_INTEGER, ASN1_R_SHORT_LINE);
|
||||||
}
|
}
|
||||||
|
if (ret != 1)
|
||||||
|
OPENSSL_free(s);
|
||||||
return (ret);
|
return (ret);
|
||||||
}
|
}
|
||||||
|
4
thirdparty/openssl/crypto/asn1/f_string.c
vendored
4
thirdparty/openssl/crypto/asn1/f_string.c
vendored
@ -166,8 +166,6 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
|
|||||||
i * 2);
|
i * 2);
|
||||||
if (sp == NULL) {
|
if (sp == NULL) {
|
||||||
ASN1err(ASN1_F_A2I_ASN1_STRING, ERR_R_MALLOC_FAILURE);
|
ASN1err(ASN1_F_A2I_ASN1_STRING, ERR_R_MALLOC_FAILURE);
|
||||||
if (s != NULL)
|
|
||||||
OPENSSL_free(s);
|
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
s = sp;
|
s = sp;
|
||||||
@ -205,5 +203,7 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
|
|||||||
err_sl:
|
err_sl:
|
||||||
ASN1err(ASN1_F_A2I_ASN1_STRING, ASN1_R_SHORT_LINE);
|
ASN1err(ASN1_F_A2I_ASN1_STRING, ASN1_R_SHORT_LINE);
|
||||||
}
|
}
|
||||||
|
if (ret != 1)
|
||||||
|
OPENSSL_free(s);
|
||||||
return (ret);
|
return (ret);
|
||||||
}
|
}
|
||||||
|
7
thirdparty/openssl/crypto/asn1/i2d_pr.c
vendored
7
thirdparty/openssl/crypto/asn1/i2d_pr.c
vendored
@ -69,10 +69,13 @@ int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
|
|||||||
}
|
}
|
||||||
if (a->ameth && a->ameth->priv_encode) {
|
if (a->ameth && a->ameth->priv_encode) {
|
||||||
PKCS8_PRIV_KEY_INFO *p8 = EVP_PKEY2PKCS8(a);
|
PKCS8_PRIV_KEY_INFO *p8 = EVP_PKEY2PKCS8(a);
|
||||||
int ret = i2d_PKCS8_PRIV_KEY_INFO(p8, pp);
|
int ret = 0;
|
||||||
|
if (p8 != NULL) {
|
||||||
|
ret = i2d_PKCS8_PRIV_KEY_INFO(p8, pp);
|
||||||
PKCS8_PRIV_KEY_INFO_free(p8);
|
PKCS8_PRIV_KEY_INFO_free(p8);
|
||||||
|
}
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
ASN1err(ASN1_F_I2D_PRIVATEKEY, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
|
ASN1err(ASN1_F_I2D_PRIVATEKEY, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
|
||||||
return (-1);
|
return -1;
|
||||||
}
|
}
|
||||||
|
2
thirdparty/openssl/crypto/asn1/p5_pbe.c
vendored
2
thirdparty/openssl/crypto/asn1/p5_pbe.c
vendored
@ -101,7 +101,7 @@ int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
|
|||||||
sstr = ASN1_STRING_data(pbe->salt);
|
sstr = ASN1_STRING_data(pbe->salt);
|
||||||
if (salt)
|
if (salt)
|
||||||
memcpy(sstr, salt, saltlen);
|
memcpy(sstr, salt, saltlen);
|
||||||
else if (RAND_pseudo_bytes(sstr, saltlen) < 0)
|
else if (RAND_bytes(sstr, saltlen) <= 0)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
if (!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) {
|
if (!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) {
|
||||||
|
12
thirdparty/openssl/crypto/asn1/p5_pbev2.c
vendored
12
thirdparty/openssl/crypto/asn1/p5_pbev2.c
vendored
@ -91,12 +91,11 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
|
|||||||
unsigned char *salt, int saltlen,
|
unsigned char *salt, int saltlen,
|
||||||
unsigned char *aiv, int prf_nid)
|
unsigned char *aiv, int prf_nid)
|
||||||
{
|
{
|
||||||
X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL;
|
X509_ALGOR *scheme = NULL, *ret = NULL;
|
||||||
int alg_nid, keylen;
|
int alg_nid, keylen;
|
||||||
EVP_CIPHER_CTX ctx;
|
EVP_CIPHER_CTX ctx;
|
||||||
unsigned char iv[EVP_MAX_IV_LENGTH];
|
unsigned char iv[EVP_MAX_IV_LENGTH];
|
||||||
PBE2PARAM *pbe2 = NULL;
|
PBE2PARAM *pbe2 = NULL;
|
||||||
ASN1_OBJECT *obj;
|
|
||||||
|
|
||||||
alg_nid = EVP_CIPHER_type(cipher);
|
alg_nid = EVP_CIPHER_type(cipher);
|
||||||
if (alg_nid == NID_undef) {
|
if (alg_nid == NID_undef) {
|
||||||
@ -104,7 +103,6 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
|
|||||||
ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
|
ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
obj = OBJ_nid2obj(alg_nid);
|
|
||||||
|
|
||||||
if (!(pbe2 = PBE2PARAM_new()))
|
if (!(pbe2 = PBE2PARAM_new()))
|
||||||
goto merr;
|
goto merr;
|
||||||
@ -112,7 +110,7 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
|
|||||||
/* Setup the AlgorithmIdentifier for the encryption scheme */
|
/* Setup the AlgorithmIdentifier for the encryption scheme */
|
||||||
scheme = pbe2->encryption;
|
scheme = pbe2->encryption;
|
||||||
|
|
||||||
scheme->algorithm = obj;
|
scheme->algorithm = OBJ_nid2obj(alg_nid);
|
||||||
if (!(scheme->parameter = ASN1_TYPE_new()))
|
if (!(scheme->parameter = ASN1_TYPE_new()))
|
||||||
goto merr;
|
goto merr;
|
||||||
|
|
||||||
@ -120,7 +118,7 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
|
|||||||
if (EVP_CIPHER_iv_length(cipher)) {
|
if (EVP_CIPHER_iv_length(cipher)) {
|
||||||
if (aiv)
|
if (aiv)
|
||||||
memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
|
memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
|
||||||
else if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
|
else if (RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)) <= 0)
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -188,11 +186,9 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
|
|||||||
err:
|
err:
|
||||||
PBE2PARAM_free(pbe2);
|
PBE2PARAM_free(pbe2);
|
||||||
/* Note 'scheme' is freed as part of pbe2 */
|
/* Note 'scheme' is freed as part of pbe2 */
|
||||||
X509_ALGOR_free(kalg);
|
|
||||||
X509_ALGOR_free(ret);
|
X509_ALGOR_free(ret);
|
||||||
|
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
|
X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
|
||||||
@ -225,7 +221,7 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
|
|||||||
|
|
||||||
if (salt)
|
if (salt)
|
||||||
memcpy(osalt->data, salt, saltlen);
|
memcpy(osalt->data, salt, saltlen);
|
||||||
else if (RAND_pseudo_bytes(osalt->data, saltlen) < 0)
|
else if (RAND_bytes(osalt->data, saltlen) <= 0)
|
||||||
goto merr;
|
goto merr;
|
||||||
|
|
||||||
if (iter <= 0)
|
if (iter <= 0)
|
||||||
|
1
thirdparty/openssl/crypto/asn1/t_req.c
vendored
1
thirdparty/openssl/crypto/asn1/t_req.c
vendored
@ -196,6 +196,7 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags,
|
|||||||
if (BIO_puts(bp, ":") <= 0)
|
if (BIO_puts(bp, ":") <= 0)
|
||||||
goto err;
|
goto err;
|
||||||
if ((type == V_ASN1_PRINTABLESTRING) ||
|
if ((type == V_ASN1_PRINTABLESTRING) ||
|
||||||
|
(type == V_ASN1_UTF8STRING) ||
|
||||||
(type == V_ASN1_T61STRING) ||
|
(type == V_ASN1_T61STRING) ||
|
||||||
(type == V_ASN1_IA5STRING)) {
|
(type == V_ASN1_IA5STRING)) {
|
||||||
if (BIO_write(bp, (char *)bs->data, bs->length)
|
if (BIO_write(bp, (char *)bs->data, bs->length)
|
||||||
|
9
thirdparty/openssl/crypto/asn1/tasn_dec.c
vendored
9
thirdparty/openssl/crypto/asn1/tasn_dec.c
vendored
@ -400,7 +400,9 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
|||||||
if (tt->flags & ASN1_TFLG_ADB_MASK) {
|
if (tt->flags & ASN1_TFLG_ADB_MASK) {
|
||||||
const ASN1_TEMPLATE *seqtt;
|
const ASN1_TEMPLATE *seqtt;
|
||||||
ASN1_VALUE **pseqval;
|
ASN1_VALUE **pseqval;
|
||||||
seqtt = asn1_do_adb(pval, tt, 1);
|
seqtt = asn1_do_adb(pval, tt, 0);
|
||||||
|
if (seqtt == NULL)
|
||||||
|
continue;
|
||||||
pseqval = asn1_get_field_ptr(pval, seqtt);
|
pseqval = asn1_get_field_ptr(pval, seqtt);
|
||||||
ASN1_template_free(pseqval, seqtt);
|
ASN1_template_free(pseqval, seqtt);
|
||||||
}
|
}
|
||||||
@ -411,7 +413,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
|||||||
const ASN1_TEMPLATE *seqtt;
|
const ASN1_TEMPLATE *seqtt;
|
||||||
ASN1_VALUE **pseqval;
|
ASN1_VALUE **pseqval;
|
||||||
seqtt = asn1_do_adb(pval, tt, 1);
|
seqtt = asn1_do_adb(pval, tt, 1);
|
||||||
if (!seqtt)
|
if (seqtt == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
pseqval = asn1_get_field_ptr(pval, seqtt);
|
pseqval = asn1_get_field_ptr(pval, seqtt);
|
||||||
/* Have we ran out of data? */
|
/* Have we ran out of data? */
|
||||||
@ -476,7 +478,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
|||||||
for (; i < it->tcount; tt++, i++) {
|
for (; i < it->tcount; tt++, i++) {
|
||||||
const ASN1_TEMPLATE *seqtt;
|
const ASN1_TEMPLATE *seqtt;
|
||||||
seqtt = asn1_do_adb(pval, tt, 1);
|
seqtt = asn1_do_adb(pval, tt, 1);
|
||||||
if (!seqtt)
|
if (seqtt == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (seqtt->flags & ASN1_TFLG_OPTIONAL) {
|
if (seqtt->flags & ASN1_TFLG_OPTIONAL) {
|
||||||
ASN1_VALUE **pseqval;
|
ASN1_VALUE **pseqval;
|
||||||
@ -671,6 +673,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
|
|||||||
}
|
}
|
||||||
len -= p - q;
|
len -= p - q;
|
||||||
if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val, skfield)) {
|
if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val, skfield)) {
|
||||||
|
ASN1_item_ex_free(&skfield, ASN1_ITEM_ptr(tt->item));
|
||||||
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_MALLOC_FAILURE);
|
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
24
thirdparty/openssl/crypto/asn1/tasn_enc.c
vendored
24
thirdparty/openssl/crypto/asn1/tasn_enc.c
vendored
@ -59,6 +59,7 @@
|
|||||||
|
|
||||||
#include <stddef.h>
|
#include <stddef.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
#include <limits.h>
|
||||||
#include "cryptlib.h"
|
#include "cryptlib.h"
|
||||||
#include <openssl/asn1.h>
|
#include <openssl/asn1.h>
|
||||||
#include <openssl/asn1t.h>
|
#include <openssl/asn1t.h>
|
||||||
@ -216,17 +217,19 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
|
|||||||
for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
|
for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
|
||||||
const ASN1_TEMPLATE *seqtt;
|
const ASN1_TEMPLATE *seqtt;
|
||||||
ASN1_VALUE **pseqval;
|
ASN1_VALUE **pseqval;
|
||||||
|
int tmplen;
|
||||||
seqtt = asn1_do_adb(pval, tt, 1);
|
seqtt = asn1_do_adb(pval, tt, 1);
|
||||||
if (!seqtt)
|
if (!seqtt)
|
||||||
return 0;
|
return 0;
|
||||||
pseqval = asn1_get_field_ptr(pval, seqtt);
|
pseqval = asn1_get_field_ptr(pval, seqtt);
|
||||||
/* FIXME: check for errors in enhanced version */
|
tmplen = asn1_template_ex_i2d(pseqval, NULL, seqtt, -1, aclass);
|
||||||
seqcontlen += asn1_template_ex_i2d(pseqval, NULL, seqtt,
|
if (tmplen == -1 || (tmplen > INT_MAX - seqcontlen))
|
||||||
-1, aclass);
|
return -1;
|
||||||
|
seqcontlen += tmplen;
|
||||||
}
|
}
|
||||||
|
|
||||||
seqlen = ASN1_object_size(ndef, seqcontlen, tag);
|
seqlen = ASN1_object_size(ndef, seqcontlen, tag);
|
||||||
if (!out)
|
if (!out || seqlen == -1)
|
||||||
return seqlen;
|
return seqlen;
|
||||||
/* Output SEQUENCE header */
|
/* Output SEQUENCE header */
|
||||||
ASN1_put_object(out, ndef, seqcontlen, tag, aclass);
|
ASN1_put_object(out, ndef, seqcontlen, tag, aclass);
|
||||||
@ -339,19 +342,24 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
|
|||||||
/* Determine total length of items */
|
/* Determine total length of items */
|
||||||
skcontlen = 0;
|
skcontlen = 0;
|
||||||
for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
|
for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
|
||||||
|
int tmplen;
|
||||||
skitem = sk_ASN1_VALUE_value(sk, i);
|
skitem = sk_ASN1_VALUE_value(sk, i);
|
||||||
skcontlen += ASN1_item_ex_i2d(&skitem, NULL,
|
tmplen = ASN1_item_ex_i2d(&skitem, NULL, ASN1_ITEM_ptr(tt->item),
|
||||||
ASN1_ITEM_ptr(tt->item),
|
|
||||||
-1, iclass);
|
-1, iclass);
|
||||||
|
if (tmplen == -1 || (skcontlen > INT_MAX - tmplen))
|
||||||
|
return -1;
|
||||||
|
skcontlen += tmplen;
|
||||||
}
|
}
|
||||||
sklen = ASN1_object_size(ndef, skcontlen, sktag);
|
sklen = ASN1_object_size(ndef, skcontlen, sktag);
|
||||||
|
if (sklen == -1)
|
||||||
|
return -1;
|
||||||
/* If EXPLICIT need length of surrounding tag */
|
/* If EXPLICIT need length of surrounding tag */
|
||||||
if (flags & ASN1_TFLG_EXPTAG)
|
if (flags & ASN1_TFLG_EXPTAG)
|
||||||
ret = ASN1_object_size(ndef, sklen, ttag);
|
ret = ASN1_object_size(ndef, sklen, ttag);
|
||||||
else
|
else
|
||||||
ret = sklen;
|
ret = sklen;
|
||||||
|
|
||||||
if (!out)
|
if (!out || ret == -1)
|
||||||
return ret;
|
return ret;
|
||||||
|
|
||||||
/* Now encode this lot... */
|
/* Now encode this lot... */
|
||||||
@ -380,7 +388,7 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
|
|||||||
return 0;
|
return 0;
|
||||||
/* Find length of EXPLICIT tag */
|
/* Find length of EXPLICIT tag */
|
||||||
ret = ASN1_object_size(ndef, i, ttag);
|
ret = ASN1_object_size(ndef, i, ttag);
|
||||||
if (out) {
|
if (out && ret != -1) {
|
||||||
/* Output tag and item */
|
/* Output tag and item */
|
||||||
ASN1_put_object(out, ndef, i, ttag, tclass);
|
ASN1_put_object(out, ndef, i, ttag, tclass);
|
||||||
ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), -1, iclass);
|
ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), -1, iclass);
|
||||||
|
11
thirdparty/openssl/crypto/asn1/tasn_new.c
vendored
11
thirdparty/openssl/crypto/asn1/tasn_new.c
vendored
@ -158,7 +158,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
|
|||||||
}
|
}
|
||||||
asn1_set_choice_selector(pval, -1, it);
|
asn1_set_choice_selector(pval, -1, it);
|
||||||
if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL))
|
if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL))
|
||||||
goto auxerr;
|
goto auxerr2;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case ASN1_ITYPE_NDEF_SEQUENCE:
|
case ASN1_ITYPE_NDEF_SEQUENCE:
|
||||||
@ -186,10 +186,10 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
|
|||||||
for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
|
for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
|
||||||
pseqval = asn1_get_field_ptr(pval, tt);
|
pseqval = asn1_get_field_ptr(pval, tt);
|
||||||
if (!ASN1_template_new(pseqval, tt))
|
if (!ASN1_template_new(pseqval, tt))
|
||||||
goto memerr;
|
goto memerr2;
|
||||||
}
|
}
|
||||||
if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL))
|
if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL))
|
||||||
goto auxerr;
|
goto auxerr2;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
#ifdef CRYPTO_MDEBUG
|
#ifdef CRYPTO_MDEBUG
|
||||||
@ -198,6 +198,8 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
|
|||||||
#endif
|
#endif
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
|
memerr2:
|
||||||
|
ASN1_item_ex_free(pval, it);
|
||||||
memerr:
|
memerr:
|
||||||
ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ERR_R_MALLOC_FAILURE);
|
ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ERR_R_MALLOC_FAILURE);
|
||||||
#ifdef CRYPTO_MDEBUG
|
#ifdef CRYPTO_MDEBUG
|
||||||
@ -206,9 +208,10 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
|
|||||||
#endif
|
#endif
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
auxerr2:
|
||||||
|
ASN1_item_ex_free(pval, it);
|
||||||
auxerr:
|
auxerr:
|
||||||
ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ASN1_R_AUX_ERROR);
|
ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ASN1_R_AUX_ERROR);
|
||||||
ASN1_item_ex_free(pval, it);
|
|
||||||
#ifdef CRYPTO_MDEBUG
|
#ifdef CRYPTO_MDEBUG
|
||||||
if (it->sname)
|
if (it->sname)
|
||||||
CRYPTO_pop_info();
|
CRYPTO_pop_info();
|
||||||
|
14
thirdparty/openssl/crypto/asn1/tasn_prn.c
vendored
14
thirdparty/openssl/crypto/asn1/tasn_prn.c
vendored
@ -204,7 +204,8 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
|
|||||||
} else
|
} else
|
||||||
asn1_cb = 0;
|
asn1_cb = 0;
|
||||||
|
|
||||||
if (*fld == NULL) {
|
if (((it->itype != ASN1_ITYPE_PRIMITIVE)
|
||||||
|
|| (it->utype != V_ASN1_BOOLEAN)) && *fld == NULL) {
|
||||||
if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_ABSENT) {
|
if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_ABSENT) {
|
||||||
if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
|
if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
|
||||||
return 0;
|
return 0;
|
||||||
@ -446,6 +447,8 @@ static int asn1_print_integer_ctx(BIO *out, ASN1_INTEGER *str,
|
|||||||
char *s;
|
char *s;
|
||||||
int ret = 1;
|
int ret = 1;
|
||||||
s = i2s_ASN1_INTEGER(NULL, str);
|
s = i2s_ASN1_INTEGER(NULL, str);
|
||||||
|
if (s == NULL)
|
||||||
|
return 0;
|
||||||
if (BIO_puts(out, s) <= 0)
|
if (BIO_puts(out, s) <= 0)
|
||||||
ret = 0;
|
ret = 0;
|
||||||
OPENSSL_free(s);
|
OPENSSL_free(s);
|
||||||
@ -496,11 +499,16 @@ static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
|
|||||||
return 0;
|
return 0;
|
||||||
if (pf && pf->prim_print)
|
if (pf && pf->prim_print)
|
||||||
return pf->prim_print(out, fld, it, indent, pctx);
|
return pf->prim_print(out, fld, it, indent, pctx);
|
||||||
|
if (it->itype == ASN1_ITYPE_MSTRING) {
|
||||||
str = (ASN1_STRING *)*fld;
|
str = (ASN1_STRING *)*fld;
|
||||||
if (it->itype == ASN1_ITYPE_MSTRING)
|
|
||||||
utype = str->type & ~V_ASN1_NEG;
|
utype = str->type & ~V_ASN1_NEG;
|
||||||
else
|
} else {
|
||||||
utype = it->utype;
|
utype = it->utype;
|
||||||
|
if (utype == V_ASN1_BOOLEAN)
|
||||||
|
str = NULL;
|
||||||
|
else
|
||||||
|
str = (ASN1_STRING *)*fld;
|
||||||
|
}
|
||||||
if (utype == V_ASN1_ANY) {
|
if (utype == V_ASN1_ANY) {
|
||||||
ASN1_TYPE *atype = (ASN1_TYPE *)*fld;
|
ASN1_TYPE *atype = (ASN1_TYPE *)*fld;
|
||||||
utype = atype->type;
|
utype = atype->type;
|
||||||
|
2
thirdparty/openssl/crypto/asn1/tasn_utl.c
vendored
2
thirdparty/openssl/crypto/asn1/tasn_utl.c
vendored
@ -234,7 +234,7 @@ const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt,
|
|||||||
sfld = offset2ptr(*pval, adb->offset);
|
sfld = offset2ptr(*pval, adb->offset);
|
||||||
|
|
||||||
/* Check if NULL */
|
/* Check if NULL */
|
||||||
if (!sfld) {
|
if (*sfld == NULL) {
|
||||||
if (!adb->null_tt)
|
if (!adb->null_tt)
|
||||||
goto err;
|
goto err;
|
||||||
return adb->null_tt;
|
return adb->null_tt;
|
||||||
|
15
thirdparty/openssl/crypto/asn1/x_bignum.c
vendored
15
thirdparty/openssl/crypto/asn1/x_bignum.c
vendored
@ -78,6 +78,8 @@ static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
|
|||||||
const ASN1_ITEM *it);
|
const ASN1_ITEM *it);
|
||||||
static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
|
static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
|
||||||
int utype, char *free_cont, const ASN1_ITEM *it);
|
int utype, char *free_cont, const ASN1_ITEM *it);
|
||||||
|
static int bn_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it,
|
||||||
|
int indent, const ASN1_PCTX *pctx);
|
||||||
|
|
||||||
static ASN1_PRIMITIVE_FUNCS bignum_pf = {
|
static ASN1_PRIMITIVE_FUNCS bignum_pf = {
|
||||||
NULL, 0,
|
NULL, 0,
|
||||||
@ -85,7 +87,8 @@ static ASN1_PRIMITIVE_FUNCS bignum_pf = {
|
|||||||
bn_free,
|
bn_free,
|
||||||
0,
|
0,
|
||||||
bn_c2i,
|
bn_c2i,
|
||||||
bn_i2c
|
bn_i2c,
|
||||||
|
bn_print
|
||||||
};
|
};
|
||||||
|
|
||||||
ASN1_ITEM_start(BIGNUM)
|
ASN1_ITEM_start(BIGNUM)
|
||||||
@ -151,3 +154,13 @@ static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
|
|||||||
}
|
}
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int bn_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it,
|
||||||
|
int indent, const ASN1_PCTX *pctx)
|
||||||
|
{
|
||||||
|
if (!BN_print(out, *(BIGNUM **)pval))
|
||||||
|
return 0;
|
||||||
|
if (BIO_puts(out, "\n") <= 0)
|
||||||
|
return 0;
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
3
thirdparty/openssl/crypto/asn1/x_crl.c
vendored
3
thirdparty/openssl/crypto/asn1/x_crl.c
vendored
@ -254,6 +254,7 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
|
|||||||
|
|
||||||
for (idx = 0; idx < sk_X509_EXTENSION_num(exts); idx++) {
|
for (idx = 0; idx < sk_X509_EXTENSION_num(exts); idx++) {
|
||||||
int nid;
|
int nid;
|
||||||
|
|
||||||
ext = sk_X509_EXTENSION_value(exts, idx);
|
ext = sk_X509_EXTENSION_value(exts, idx);
|
||||||
nid = OBJ_obj2nid(ext->object);
|
nid = OBJ_obj2nid(ext->object);
|
||||||
if (nid == NID_freshest_crl)
|
if (nid == NID_freshest_crl)
|
||||||
@ -263,7 +264,7 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
|
|||||||
if ((nid == NID_issuing_distribution_point)
|
if ((nid == NID_issuing_distribution_point)
|
||||||
|| (nid == NID_authority_key_identifier)
|
|| (nid == NID_authority_key_identifier)
|
||||||
|| (nid == NID_delta_crl))
|
|| (nid == NID_delta_crl))
|
||||||
break;;
|
continue;
|
||||||
crl->flags |= EXFLAG_CRITICAL;
|
crl->flags |= EXFLAG_CRITICAL;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
28
thirdparty/openssl/crypto/asn1/x_long.c
vendored
28
thirdparty/openssl/crypto/asn1/x_long.c
vendored
@ -126,7 +126,7 @@ static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
|
|||||||
* set.
|
* set.
|
||||||
*/
|
*/
|
||||||
if (ltmp < 0)
|
if (ltmp < 0)
|
||||||
utmp = -ltmp - 1;
|
utmp = 0 - (unsigned long)ltmp - 1;
|
||||||
else
|
else
|
||||||
utmp = ltmp;
|
utmp = ltmp;
|
||||||
clen = BN_num_bits_word(utmp);
|
clen = BN_num_bits_word(utmp);
|
||||||
@ -155,19 +155,41 @@ static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
|
|||||||
static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
|
static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
|
||||||
int utype, char *free_cont, const ASN1_ITEM *it)
|
int utype, char *free_cont, const ASN1_ITEM *it)
|
||||||
{
|
{
|
||||||
int neg, i;
|
int neg = -1, i;
|
||||||
long ltmp;
|
long ltmp;
|
||||||
unsigned long utmp = 0;
|
unsigned long utmp = 0;
|
||||||
char *cp = (char *)pval;
|
char *cp = (char *)pval;
|
||||||
|
|
||||||
|
if (len) {
|
||||||
|
/*
|
||||||
|
* Check possible pad byte. Worst case, we're skipping past actual
|
||||||
|
* content, but since that's only with 0x00 and 0xff and we set neg
|
||||||
|
* accordingly, the result will be correct in the end anyway.
|
||||||
|
*/
|
||||||
|
switch (cont[0]) {
|
||||||
|
case 0xff:
|
||||||
|
cont++;
|
||||||
|
len--;
|
||||||
|
neg = 1;
|
||||||
|
break;
|
||||||
|
case 0:
|
||||||
|
cont++;
|
||||||
|
len--;
|
||||||
|
neg = 0;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
if (len > (int)sizeof(long)) {
|
if (len > (int)sizeof(long)) {
|
||||||
ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
|
ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
if (neg == -1) {
|
||||||
/* Is it negative? */
|
/* Is it negative? */
|
||||||
if (len && (cont[0] & 0x80))
|
if (len && (cont[0] & 0x80))
|
||||||
neg = 1;
|
neg = 1;
|
||||||
else
|
else
|
||||||
neg = 0;
|
neg = 0;
|
||||||
|
}
|
||||||
utmp = 0;
|
utmp = 0;
|
||||||
for (i = 0; i < len; i++) {
|
for (i = 0; i < len; i++) {
|
||||||
utmp <<= 8;
|
utmp <<= 8;
|
||||||
@ -178,8 +200,8 @@ static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
|
|||||||
}
|
}
|
||||||
ltmp = (long)utmp;
|
ltmp = (long)utmp;
|
||||||
if (neg) {
|
if (neg) {
|
||||||
ltmp++;
|
|
||||||
ltmp = -ltmp;
|
ltmp = -ltmp;
|
||||||
|
ltmp--;
|
||||||
}
|
}
|
||||||
if (ltmp == it->size) {
|
if (ltmp == it->size) {
|
||||||
ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
|
ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
|
||||||
|
41
thirdparty/openssl/crypto/asn1/x_name.c
vendored
41
thirdparty/openssl/crypto/asn1/x_name.c
vendored
@ -178,6 +178,16 @@ static void x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
|
|||||||
*pval = NULL;
|
*pval = NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static void local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne)
|
||||||
|
{
|
||||||
|
sk_X509_NAME_ENTRY_free(ne);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne)
|
||||||
|
{
|
||||||
|
sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free);
|
||||||
|
}
|
||||||
|
|
||||||
static int x509_name_ex_d2i(ASN1_VALUE **val,
|
static int x509_name_ex_d2i(ASN1_VALUE **val,
|
||||||
const unsigned char **in, long len,
|
const unsigned char **in, long len,
|
||||||
const ASN1_ITEM *it, int tag, int aclass,
|
const ASN1_ITEM *it, int tag, int aclass,
|
||||||
@ -199,10 +209,8 @@ static int x509_name_ex_d2i(ASN1_VALUE **val,
|
|||||||
int i, j, ret;
|
int i, j, ret;
|
||||||
STACK_OF(X509_NAME_ENTRY) *entries;
|
STACK_OF(X509_NAME_ENTRY) *entries;
|
||||||
X509_NAME_ENTRY *entry;
|
X509_NAME_ENTRY *entry;
|
||||||
if (len > X509_NAME_MAX) {
|
if (len > X509_NAME_MAX)
|
||||||
ASN1err(ASN1_F_X509_NAME_EX_D2I, ASN1_R_TOO_LONG);
|
len = X509_NAME_MAX;
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
q = p;
|
q = p;
|
||||||
|
|
||||||
/* Get internal representation of Name */
|
/* Get internal representation of Name */
|
||||||
@ -230,13 +238,14 @@ static int x509_name_ex_d2i(ASN1_VALUE **val,
|
|||||||
entry->set = i;
|
entry->set = i;
|
||||||
if (!sk_X509_NAME_ENTRY_push(nm.x->entries, entry))
|
if (!sk_X509_NAME_ENTRY_push(nm.x->entries, entry))
|
||||||
goto err;
|
goto err;
|
||||||
|
sk_X509_NAME_ENTRY_set(entries, j, NULL);
|
||||||
}
|
}
|
||||||
sk_X509_NAME_ENTRY_free(entries);
|
|
||||||
}
|
}
|
||||||
sk_STACK_OF_X509_NAME_ENTRY_free(intname.s);
|
|
||||||
ret = x509_name_canon(nm.x);
|
ret = x509_name_canon(nm.x);
|
||||||
if (!ret)
|
if (!ret)
|
||||||
goto err;
|
goto err;
|
||||||
|
sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
|
||||||
|
local_sk_X509_NAME_ENTRY_free);
|
||||||
nm.x->modified = 0;
|
nm.x->modified = 0;
|
||||||
*val = nm.a;
|
*val = nm.a;
|
||||||
*in = p;
|
*in = p;
|
||||||
@ -244,6 +253,8 @@ static int x509_name_ex_d2i(ASN1_VALUE **val,
|
|||||||
err:
|
err:
|
||||||
if (nm.x != NULL)
|
if (nm.x != NULL)
|
||||||
X509_NAME_free(nm.x);
|
X509_NAME_free(nm.x);
|
||||||
|
sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
|
||||||
|
local_sk_X509_NAME_ENTRY_pop_free);
|
||||||
ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
|
ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -269,16 +280,6 @@ static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out,
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
static void local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne)
|
|
||||||
{
|
|
||||||
sk_X509_NAME_ENTRY_free(ne);
|
|
||||||
}
|
|
||||||
|
|
||||||
static void local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne)
|
|
||||||
{
|
|
||||||
sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free);
|
|
||||||
}
|
|
||||||
|
|
||||||
static int x509_name_encode(X509_NAME *a)
|
static int x509_name_encode(X509_NAME *a)
|
||||||
{
|
{
|
||||||
union {
|
union {
|
||||||
@ -301,8 +302,10 @@ static int x509_name_encode(X509_NAME *a)
|
|||||||
entries = sk_X509_NAME_ENTRY_new_null();
|
entries = sk_X509_NAME_ENTRY_new_null();
|
||||||
if (!entries)
|
if (!entries)
|
||||||
goto memerr;
|
goto memerr;
|
||||||
if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s, entries))
|
if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s, entries)) {
|
||||||
|
sk_X509_NAME_ENTRY_free(entries);
|
||||||
goto memerr;
|
goto memerr;
|
||||||
|
}
|
||||||
set = entry->set;
|
set = entry->set;
|
||||||
}
|
}
|
||||||
if (!sk_X509_NAME_ENTRY_push(entries, entry))
|
if (!sk_X509_NAME_ENTRY_push(entries, entry))
|
||||||
@ -372,8 +375,10 @@ static int x509_name_canon(X509_NAME *a)
|
|||||||
entries = sk_X509_NAME_ENTRY_new_null();
|
entries = sk_X509_NAME_ENTRY_new_null();
|
||||||
if (!entries)
|
if (!entries)
|
||||||
goto err;
|
goto err;
|
||||||
if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries))
|
if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries)) {
|
||||||
|
sk_X509_NAME_ENTRY_free(entries);
|
||||||
goto err;
|
goto err;
|
||||||
|
}
|
||||||
set = entry->set;
|
set = entry->set;
|
||||||
}
|
}
|
||||||
tmpentry = X509_NAME_ENTRY_new();
|
tmpentry = X509_NAME_ENTRY_new();
|
||||||
|
54
thirdparty/openssl/crypto/asn1/x_x509.c
vendored
54
thirdparty/openssl/crypto/asn1/x_x509.c
vendored
@ -199,12 +199,26 @@ X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
int i2d_X509_AUX(X509 *a, unsigned char **pp)
|
/*
|
||||||
|
* Serialize trusted certificate to *pp or just return the required buffer
|
||||||
|
* length if pp == NULL. We ultimately want to avoid modifying *pp in the
|
||||||
|
* error path, but that depends on similar hygiene in lower-level functions.
|
||||||
|
* Here we avoid compounding the problem.
|
||||||
|
*/
|
||||||
|
static int i2d_x509_aux_internal(X509 *a, unsigned char **pp)
|
||||||
{
|
{
|
||||||
int length, tmplen;
|
int length, tmplen;
|
||||||
unsigned char *start = pp != NULL ? *pp : NULL;
|
unsigned char *start = pp != NULL ? *pp : NULL;
|
||||||
|
|
||||||
|
OPENSSL_assert(pp == NULL || *pp != NULL);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This might perturb *pp on error, but fixing that belongs in i2d_X509()
|
||||||
|
* not here. It should be that if a == NULL length is zero, but we check
|
||||||
|
* both just in case.
|
||||||
|
*/
|
||||||
length = i2d_X509(a, pp);
|
length = i2d_X509(a, pp);
|
||||||
if (length < 0 || a == NULL)
|
if (length <= 0 || a == NULL)
|
||||||
return length;
|
return length;
|
||||||
|
|
||||||
tmplen = i2d_X509_CERT_AUX(a->aux, pp);
|
tmplen = i2d_X509_CERT_AUX(a->aux, pp);
|
||||||
@ -218,6 +232,42 @@ int i2d_X509_AUX(X509 *a, unsigned char **pp)
|
|||||||
return length;
|
return length;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Serialize trusted certificate to *pp, or just return the required buffer
|
||||||
|
* length if pp == NULL.
|
||||||
|
*
|
||||||
|
* When pp is not NULL, but *pp == NULL, we allocate the buffer, but since
|
||||||
|
* we're writing two ASN.1 objects back to back, we can't have i2d_X509() do
|
||||||
|
* the allocation, nor can we allow i2d_X509_CERT_AUX() to increment the
|
||||||
|
* allocated buffer.
|
||||||
|
*/
|
||||||
|
int i2d_X509_AUX(X509 *a, unsigned char **pp)
|
||||||
|
{
|
||||||
|
int length;
|
||||||
|
unsigned char *tmp;
|
||||||
|
|
||||||
|
/* Buffer provided by caller */
|
||||||
|
if (pp == NULL || *pp != NULL)
|
||||||
|
return i2d_x509_aux_internal(a, pp);
|
||||||
|
|
||||||
|
/* Obtain the combined length */
|
||||||
|
if ((length = i2d_x509_aux_internal(a, NULL)) <= 0)
|
||||||
|
return length;
|
||||||
|
|
||||||
|
/* Allocate requisite combined storage */
|
||||||
|
*pp = tmp = OPENSSL_malloc(length);
|
||||||
|
if (tmp == NULL)
|
||||||
|
return -1; /* Push error onto error stack? */
|
||||||
|
|
||||||
|
/* Encode, but keep *pp at the originally malloced pointer */
|
||||||
|
length = i2d_x509_aux_internal(a, &tmp);
|
||||||
|
if (length <= 0) {
|
||||||
|
OPENSSL_free(*pp);
|
||||||
|
*pp = NULL;
|
||||||
|
}
|
||||||
|
return length;
|
||||||
|
}
|
||||||
|
|
||||||
int i2d_re_X509_tbs(X509 *x, unsigned char **pp)
|
int i2d_re_X509_tbs(X509 *x, unsigned char **pp)
|
||||||
{
|
{
|
||||||
x->cert_info->enc.modified = 1;
|
x->cert_info->enc.modified = 1;
|
||||||
|
8
thirdparty/openssl/crypto/bio/b_print.c
vendored
8
thirdparty/openssl/crypto/bio/b_print.c
vendored
@ -423,9 +423,15 @@ _dopr(char **sbuffer,
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
/*
|
||||||
|
* We have to truncate if there is no dynamic buffer and we have filled the
|
||||||
|
* static buffer.
|
||||||
|
*/
|
||||||
|
if (buffer == NULL) {
|
||||||
*truncated = (currlen > *maxlen - 1);
|
*truncated = (currlen > *maxlen - 1);
|
||||||
if (*truncated)
|
if (*truncated)
|
||||||
currlen = *maxlen - 1;
|
currlen = *maxlen - 1;
|
||||||
|
}
|
||||||
if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0'))
|
if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0'))
|
||||||
return 0;
|
return 0;
|
||||||
*retlen = currlen - 1;
|
*retlen = currlen - 1;
|
||||||
@ -496,7 +502,7 @@ fmtint(char **sbuffer,
|
|||||||
if (!(flags & DP_F_UNSIGNED)) {
|
if (!(flags & DP_F_UNSIGNED)) {
|
||||||
if (value < 0) {
|
if (value < 0) {
|
||||||
signvalue = '-';
|
signvalue = '-';
|
||||||
uvalue = -value;
|
uvalue = -(unsigned LLONG)value;
|
||||||
} else if (flags & DP_F_PLUS)
|
} else if (flags & DP_F_PLUS)
|
||||||
signvalue = '+';
|
signvalue = '+';
|
||||||
else if (flags & DP_F_SPACE)
|
else if (flags & DP_F_SPACE)
|
||||||
|
4
thirdparty/openssl/crypto/bio/bf_nbio.c
vendored
4
thirdparty/openssl/crypto/bio/bf_nbio.c
vendored
@ -139,7 +139,7 @@ static int nbiof_read(BIO *b, char *out, int outl)
|
|||||||
|
|
||||||
BIO_clear_retry_flags(b);
|
BIO_clear_retry_flags(b);
|
||||||
#if 1
|
#if 1
|
||||||
if (RAND_pseudo_bytes(&n, 1) < 0)
|
if (RAND_bytes(&n, 1) <= 0)
|
||||||
return -1;
|
return -1;
|
||||||
num = (n & 0x07);
|
num = (n & 0x07);
|
||||||
|
|
||||||
@ -179,7 +179,7 @@ static int nbiof_write(BIO *b, const char *in, int inl)
|
|||||||
num = nt->lwn;
|
num = nt->lwn;
|
||||||
nt->lwn = 0;
|
nt->lwn = 0;
|
||||||
} else {
|
} else {
|
||||||
if (RAND_pseudo_bytes(&n, 1) < 0)
|
if (RAND_bytes(&n, 1) <= 0)
|
||||||
return -1;
|
return -1;
|
||||||
num = (n & 7);
|
num = (n & 7);
|
||||||
}
|
}
|
||||||
|
3
thirdparty/openssl/crypto/bio/bio_cb.c
vendored
3
thirdparty/openssl/crypto/bio/bio_cb.c
vendored
@ -78,6 +78,9 @@ long MS_CALLBACK BIO_debug_callback(BIO *bio, int cmd, const char *argp,
|
|||||||
|
|
||||||
len = BIO_snprintf(buf,sizeof buf,"BIO[%p]: ",(void *)bio);
|
len = BIO_snprintf(buf,sizeof buf,"BIO[%p]: ",(void *)bio);
|
||||||
|
|
||||||
|
/* Ignore errors and continue printing the other information. */
|
||||||
|
if (len < 0)
|
||||||
|
len = 0;
|
||||||
p = buf + len;
|
p = buf + len;
|
||||||
p_maxlen = sizeof(buf) - len;
|
p_maxlen = sizeof(buf) - len;
|
||||||
|
|
||||||
|
19
thirdparty/openssl/crypto/bio/bss_bio.c
vendored
19
thirdparty/openssl/crypto/bio/bss_bio.c
vendored
@ -149,9 +149,13 @@ static int bio_new(BIO *bio)
|
|||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
b->peer = NULL;
|
b->peer = NULL;
|
||||||
|
b->closed = 0;
|
||||||
|
b->len = 0;
|
||||||
|
b->offset = 0;
|
||||||
/* enough for one TLS record (just a default) */
|
/* enough for one TLS record (just a default) */
|
||||||
b->size = 17 * 1024;
|
b->size = 17 * 1024;
|
||||||
b->buf = NULL;
|
b->buf = NULL;
|
||||||
|
b->request = 0;
|
||||||
|
|
||||||
bio->ptr = b;
|
bio->ptr = b;
|
||||||
return 1;
|
return 1;
|
||||||
@ -655,15 +659,14 @@ static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr)
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case BIO_CTRL_EOF:
|
case BIO_CTRL_EOF:
|
||||||
{
|
if (b->peer != NULL) {
|
||||||
BIO *other_bio = ptr;
|
struct bio_bio_st *peer_b = b->peer->ptr;
|
||||||
|
|
||||||
if (other_bio) {
|
if (peer_b->len == 0 && peer_b->closed)
|
||||||
struct bio_bio_st *other_b = other_bio->ptr;
|
ret = 1;
|
||||||
|
else
|
||||||
assert(other_b != NULL);
|
ret = 0;
|
||||||
ret = other_b->len == 0 && other_b->closed;
|
} else {
|
||||||
} else
|
|
||||||
ret = 1;
|
ret = 1;
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
24
thirdparty/openssl/crypto/bio/bss_file.c
vendored
24
thirdparty/openssl/crypto/bio/bss_file.c
vendored
@ -174,7 +174,11 @@ BIO *BIO_new_file(const char *filename, const char *mode)
|
|||||||
if (file == NULL) {
|
if (file == NULL) {
|
||||||
SYSerr(SYS_F_FOPEN, get_last_sys_error());
|
SYSerr(SYS_F_FOPEN, get_last_sys_error());
|
||||||
ERR_add_error_data(5, "fopen('", filename, "','", mode, "')");
|
ERR_add_error_data(5, "fopen('", filename, "','", mode, "')");
|
||||||
if (errno == ENOENT)
|
if (errno == ENOENT
|
||||||
|
# ifdef ENXIO
|
||||||
|
|| errno == ENXIO
|
||||||
|
# endif
|
||||||
|
)
|
||||||
BIOerr(BIO_F_BIO_NEW_FILE, BIO_R_NO_SUCH_FILE);
|
BIOerr(BIO_F_BIO_NEW_FILE, BIO_R_NO_SUCH_FILE);
|
||||||
else
|
else
|
||||||
BIOerr(BIO_F_BIO_NEW_FILE, ERR_R_SYS_LIB);
|
BIOerr(BIO_F_BIO_NEW_FILE, ERR_R_SYS_LIB);
|
||||||
@ -283,6 +287,7 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
|
|||||||
FILE *fp = (FILE *)b->ptr;
|
FILE *fp = (FILE *)b->ptr;
|
||||||
FILE **fpp;
|
FILE **fpp;
|
||||||
char p[4];
|
char p[4];
|
||||||
|
int st;
|
||||||
|
|
||||||
switch (cmd) {
|
switch (cmd) {
|
||||||
case BIO_C_FILE_SEEK:
|
case BIO_C_FILE_SEEK:
|
||||||
@ -314,8 +319,11 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
|
|||||||
# if defined(__MINGW32__) && defined(__MSVCRT__) && !defined(_IOB_ENTRIES)
|
# if defined(__MINGW32__) && defined(__MSVCRT__) && !defined(_IOB_ENTRIES)
|
||||||
# define _IOB_ENTRIES 20
|
# define _IOB_ENTRIES 20
|
||||||
# endif
|
# endif
|
||||||
# if defined(_IOB_ENTRIES)
|
|
||||||
/* Safety net to catch purely internal BIO_set_fp calls */
|
/* Safety net to catch purely internal BIO_set_fp calls */
|
||||||
|
# if defined(_MSC_VER) && _MSC_VER>=1900
|
||||||
|
if (ptr == stdin || ptr == stdout || ptr == stderr)
|
||||||
|
BIO_clear_flags(b, BIO_FLAGS_UPLINK);
|
||||||
|
# elif defined(_IOB_ENTRIES)
|
||||||
if ((size_t)ptr >= (size_t)stdin &&
|
if ((size_t)ptr >= (size_t)stdin &&
|
||||||
(size_t)ptr < (size_t)(stdin + _IOB_ENTRIES))
|
(size_t)ptr < (size_t)(stdin + _IOB_ENTRIES))
|
||||||
BIO_clear_flags(b, BIO_FLAGS_UPLINK);
|
BIO_clear_flags(b, BIO_FLAGS_UPLINK);
|
||||||
@ -420,10 +428,14 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
|
|||||||
b->shutdown = (int)num;
|
b->shutdown = (int)num;
|
||||||
break;
|
break;
|
||||||
case BIO_CTRL_FLUSH:
|
case BIO_CTRL_FLUSH:
|
||||||
if (b->flags & BIO_FLAGS_UPLINK)
|
st = b->flags & BIO_FLAGS_UPLINK
|
||||||
UP_fflush(b->ptr);
|
? UP_fflush(b->ptr) : fflush((FILE *)b->ptr);
|
||||||
else
|
if (st == EOF) {
|
||||||
fflush((FILE *)b->ptr);
|
SYSerr(SYS_F_FFLUSH, get_last_sys_error());
|
||||||
|
ERR_add_error_data(1, "fflush()");
|
||||||
|
BIOerr(BIO_F_FILE_CTRL, ERR_R_SYS_LIB);
|
||||||
|
ret = 0;
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case BIO_CTRL_DUP:
|
case BIO_CTRL_DUP:
|
||||||
ret = 1;
|
ret = 1;
|
||||||
|
2
thirdparty/openssl/crypto/bio/bss_rtcp.c
vendored
2
thirdparty/openssl/crypto/bio/bss_rtcp.c
vendored
@ -170,6 +170,8 @@ static int rtcp_new(BIO *bi)
|
|||||||
bi->num = 0;
|
bi->num = 0;
|
||||||
bi->flags = 0;
|
bi->flags = 0;
|
||||||
bi->ptr = OPENSSL_malloc(sizeof(struct rpc_ctx));
|
bi->ptr = OPENSSL_malloc(sizeof(struct rpc_ctx));
|
||||||
|
if (bi->ptr == NULL)
|
||||||
|
return (0);
|
||||||
ctx = (struct rpc_ctx *)bi->ptr;
|
ctx = (struct rpc_ctx *)bi->ptr;
|
||||||
ctx->filled = 0;
|
ctx->filled = 0;
|
||||||
ctx->pos = 0;
|
ctx->pos = 0;
|
||||||
|
@ -194,7 +194,7 @@ BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
|
|||||||
BN_ULONG ret, waste;
|
BN_ULONG ret, waste;
|
||||||
|
|
||||||
asm("divq %4":"=a"(ret), "=d"(waste)
|
asm("divq %4":"=a"(ret), "=d"(waste)
|
||||||
: "a"(l), "d"(h), "g"(d)
|
: "a"(l), "d"(h), "r"(d)
|
||||||
: "cc");
|
: "cc");
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
|
4
thirdparty/openssl/crypto/bn/bn_div.c
vendored
4
thirdparty/openssl/crypto/bn/bn_div.c
vendored
@ -155,7 +155,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
|
|||||||
({ asm volatile ( \
|
({ asm volatile ( \
|
||||||
"divl %4" \
|
"divl %4" \
|
||||||
: "=a"(q), "=d"(rem) \
|
: "=a"(q), "=d"(rem) \
|
||||||
: "a"(n1), "d"(n0), "g"(d0) \
|
: "a"(n1), "d"(n0), "r"(d0) \
|
||||||
: "cc"); \
|
: "cc"); \
|
||||||
q; \
|
q; \
|
||||||
})
|
})
|
||||||
@ -170,7 +170,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
|
|||||||
({ asm volatile ( \
|
({ asm volatile ( \
|
||||||
"divq %4" \
|
"divq %4" \
|
||||||
: "=a"(q), "=d"(rem) \
|
: "=a"(q), "=d"(rem) \
|
||||||
: "a"(n1), "d"(n0), "g"(d0) \
|
: "a"(n1), "d"(n0), "r"(d0) \
|
||||||
: "cc"); \
|
: "cc"); \
|
||||||
q; \
|
q; \
|
||||||
})
|
})
|
||||||
|
5
thirdparty/openssl/crypto/bn/bn_exp.c
vendored
5
thirdparty/openssl/crypto/bn/bn_exp.c
vendored
@ -180,8 +180,9 @@ int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (r != rr)
|
if (r != rr && BN_copy(r, rr) == NULL)
|
||||||
BN_copy(r, rr);
|
goto err;
|
||||||
|
|
||||||
ret = 1;
|
ret = 1;
|
||||||
err:
|
err:
|
||||||
BN_CTX_end(ctx);
|
BN_CTX_end(ctx);
|
||||||
|
2
thirdparty/openssl/crypto/bn/bn_lib.c
vendored
2
thirdparty/openssl/crypto/bn/bn_lib.c
vendored
@ -569,7 +569,7 @@ void BN_clear(BIGNUM *a)
|
|||||||
{
|
{
|
||||||
bn_check_top(a);
|
bn_check_top(a);
|
||||||
if (a->d != NULL)
|
if (a->d != NULL)
|
||||||
memset(a->d, 0, a->dmax * sizeof(a->d[0]));
|
OPENSSL_cleanse(a->d, a->dmax * sizeof(a->d[0]));
|
||||||
a->top = 0;
|
a->top = 0;
|
||||||
a->neg = 0;
|
a->neg = 0;
|
||||||
}
|
}
|
||||||
|
5
thirdparty/openssl/crypto/bn/bn_mul.c
vendored
5
thirdparty/openssl/crypto/bn/bn_mul.c
vendored
@ -1083,8 +1083,9 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
|
|||||||
end:
|
end:
|
||||||
#endif
|
#endif
|
||||||
bn_correct_top(rr);
|
bn_correct_top(rr);
|
||||||
if (r != rr)
|
if (r != rr && BN_copy(r, rr) == NULL)
|
||||||
BN_copy(r, rr);
|
goto err;
|
||||||
|
|
||||||
ret = 1;
|
ret = 1;
|
||||||
err:
|
err:
|
||||||
bn_check_top(r);
|
bn_check_top(r);
|
||||||
|
23
thirdparty/openssl/crypto/bn/bn_prime.c
vendored
23
thirdparty/openssl/crypto/bn/bn_prime.c
vendored
@ -252,7 +252,6 @@ int BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed,
|
|||||||
BN_CTX *ctx = NULL;
|
BN_CTX *ctx = NULL;
|
||||||
BIGNUM *A1, *A1_odd, *check; /* taken from ctx */
|
BIGNUM *A1, *A1_odd, *check; /* taken from ctx */
|
||||||
BN_MONT_CTX *mont = NULL;
|
BN_MONT_CTX *mont = NULL;
|
||||||
const BIGNUM *A = NULL;
|
|
||||||
|
|
||||||
if (BN_cmp(a, BN_value_one()) <= 0)
|
if (BN_cmp(a, BN_value_one()) <= 0)
|
||||||
return 0;
|
return 0;
|
||||||
@ -278,24 +277,14 @@ int BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed,
|
|||||||
goto err;
|
goto err;
|
||||||
BN_CTX_start(ctx);
|
BN_CTX_start(ctx);
|
||||||
|
|
||||||
/* A := abs(a) */
|
|
||||||
if (a->neg) {
|
|
||||||
BIGNUM *t;
|
|
||||||
if ((t = BN_CTX_get(ctx)) == NULL)
|
|
||||||
goto err;
|
|
||||||
BN_copy(t, a);
|
|
||||||
t->neg = 0;
|
|
||||||
A = t;
|
|
||||||
} else
|
|
||||||
A = a;
|
|
||||||
A1 = BN_CTX_get(ctx);
|
A1 = BN_CTX_get(ctx);
|
||||||
A1_odd = BN_CTX_get(ctx);
|
A1_odd = BN_CTX_get(ctx);
|
||||||
check = BN_CTX_get(ctx);
|
check = BN_CTX_get(ctx);
|
||||||
if (check == NULL)
|
if (check == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
/* compute A1 := A - 1 */
|
/* compute A1 := a - 1 */
|
||||||
if (!BN_copy(A1, A))
|
if (!BN_copy(A1, a))
|
||||||
goto err;
|
goto err;
|
||||||
if (!BN_sub_word(A1, 1))
|
if (!BN_sub_word(A1, 1))
|
||||||
goto err;
|
goto err;
|
||||||
@ -311,11 +300,11 @@ int BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed,
|
|||||||
if (!BN_rshift(A1_odd, A1, k))
|
if (!BN_rshift(A1_odd, A1, k))
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
/* Montgomery setup for computations mod A */
|
/* Montgomery setup for computations mod a */
|
||||||
mont = BN_MONT_CTX_new();
|
mont = BN_MONT_CTX_new();
|
||||||
if (mont == NULL)
|
if (mont == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
if (!BN_MONT_CTX_set(mont, A, ctx))
|
if (!BN_MONT_CTX_set(mont, a, ctx))
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
for (i = 0; i < checks; i++) {
|
for (i = 0; i < checks; i++) {
|
||||||
@ -323,9 +312,9 @@ int BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed,
|
|||||||
goto err;
|
goto err;
|
||||||
if (!BN_add_word(check, 1))
|
if (!BN_add_word(check, 1))
|
||||||
goto err;
|
goto err;
|
||||||
/* now 1 <= check < A */
|
/* now 1 <= check < a */
|
||||||
|
|
||||||
j = witness(check, A, A1, A1_odd, k, ctx, mont);
|
j = witness(check, a, A1, A1_odd, k, ctx, mont);
|
||||||
if (j == -1)
|
if (j == -1)
|
||||||
goto err;
|
goto err;
|
||||||
if (j) {
|
if (j) {
|
||||||
|
35
thirdparty/openssl/crypto/bn/bn_print.c
vendored
35
thirdparty/openssl/crypto/bn/bn_print.c
vendored
@ -72,12 +72,9 @@ char *BN_bn2hex(const BIGNUM *a)
|
|||||||
char *buf;
|
char *buf;
|
||||||
char *p;
|
char *p;
|
||||||
|
|
||||||
if (a->neg && BN_is_zero(a)) {
|
if (BN_is_zero(a))
|
||||||
/* "-0" == 3 bytes including NULL terminator */
|
return OPENSSL_strdup("0");
|
||||||
buf = OPENSSL_malloc(3);
|
|
||||||
} else {
|
|
||||||
buf = OPENSSL_malloc(a->top * BN_BYTES * 2 + 2);
|
buf = OPENSSL_malloc(a->top * BN_BYTES * 2 + 2);
|
||||||
}
|
|
||||||
if (buf == NULL) {
|
if (buf == NULL) {
|
||||||
BNerr(BN_F_BN_BN2HEX, ERR_R_MALLOC_FAILURE);
|
BNerr(BN_F_BN_BN2HEX, ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
@ -85,8 +82,6 @@ char *BN_bn2hex(const BIGNUM *a)
|
|||||||
p = buf;
|
p = buf;
|
||||||
if (a->neg)
|
if (a->neg)
|
||||||
*(p++) = '-';
|
*(p++) = '-';
|
||||||
if (BN_is_zero(a))
|
|
||||||
*(p++) = '0';
|
|
||||||
for (i = a->top - 1; i >= 0; i--) {
|
for (i = a->top - 1; i >= 0; i--) {
|
||||||
for (j = BN_BITS2 - 8; j >= 0; j -= 8) {
|
for (j = BN_BITS2 - 8; j >= 0; j -= 8) {
|
||||||
/* strip leading zeros */
|
/* strip leading zeros */
|
||||||
@ -111,6 +106,7 @@ char *BN_bn2dec(const BIGNUM *a)
|
|||||||
char *p;
|
char *p;
|
||||||
BIGNUM *t = NULL;
|
BIGNUM *t = NULL;
|
||||||
BN_ULONG *bn_data = NULL, *lp;
|
BN_ULONG *bn_data = NULL, *lp;
|
||||||
|
int bn_data_num;
|
||||||
|
|
||||||
/*-
|
/*-
|
||||||
* get an upper bound for the length of the decimal integer
|
* get an upper bound for the length of the decimal integer
|
||||||
@ -120,9 +116,9 @@ char *BN_bn2dec(const BIGNUM *a)
|
|||||||
*/
|
*/
|
||||||
i = BN_num_bits(a) * 3;
|
i = BN_num_bits(a) * 3;
|
||||||
num = (i / 10 + i / 1000 + 1) + 1;
|
num = (i / 10 + i / 1000 + 1) + 1;
|
||||||
bn_data =
|
bn_data_num = num / BN_DEC_NUM + 1;
|
||||||
(BN_ULONG *)OPENSSL_malloc((num / BN_DEC_NUM + 1) * sizeof(BN_ULONG));
|
bn_data = OPENSSL_malloc(bn_data_num * sizeof(BN_ULONG));
|
||||||
buf = (char *)OPENSSL_malloc(num + 3);
|
buf = OPENSSL_malloc(num + 3);
|
||||||
if ((buf == NULL) || (bn_data == NULL)) {
|
if ((buf == NULL) || (bn_data == NULL)) {
|
||||||
BNerr(BN_F_BN_BN2DEC, ERR_R_MALLOC_FAILURE);
|
BNerr(BN_F_BN_BN2DEC, ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
@ -140,9 +136,12 @@ char *BN_bn2dec(const BIGNUM *a)
|
|||||||
if (BN_is_negative(t))
|
if (BN_is_negative(t))
|
||||||
*p++ = '-';
|
*p++ = '-';
|
||||||
|
|
||||||
i = 0;
|
|
||||||
while (!BN_is_zero(t)) {
|
while (!BN_is_zero(t)) {
|
||||||
|
if (lp - bn_data >= bn_data_num)
|
||||||
|
goto err;
|
||||||
*lp = BN_div_word(t, BN_DEC_CONV);
|
*lp = BN_div_word(t, BN_DEC_CONV);
|
||||||
|
if (*lp == (BN_ULONG)-1)
|
||||||
|
goto err;
|
||||||
lp++;
|
lp++;
|
||||||
}
|
}
|
||||||
lp--;
|
lp--;
|
||||||
@ -240,10 +239,12 @@ int BN_hex2bn(BIGNUM **bn, const char *a)
|
|||||||
}
|
}
|
||||||
ret->top = h;
|
ret->top = h;
|
||||||
bn_correct_top(ret);
|
bn_correct_top(ret);
|
||||||
ret->neg = neg;
|
|
||||||
|
|
||||||
*bn = ret;
|
*bn = ret;
|
||||||
bn_check_top(ret);
|
bn_check_top(ret);
|
||||||
|
/* Don't set the negative flag if it's zero. */
|
||||||
|
if (ret->top != 0)
|
||||||
|
ret->neg = neg;
|
||||||
return (num);
|
return (num);
|
||||||
err:
|
err:
|
||||||
if (*bn == NULL)
|
if (*bn == NULL)
|
||||||
@ -295,7 +296,7 @@ int BN_dec2bn(BIGNUM **bn, const char *a)
|
|||||||
if (j == BN_DEC_NUM)
|
if (j == BN_DEC_NUM)
|
||||||
j = 0;
|
j = 0;
|
||||||
l = 0;
|
l = 0;
|
||||||
while (*a) {
|
while (--i >= 0) {
|
||||||
l *= 10;
|
l *= 10;
|
||||||
l += *a - '0';
|
l += *a - '0';
|
||||||
a++;
|
a++;
|
||||||
@ -306,11 +307,13 @@ int BN_dec2bn(BIGNUM **bn, const char *a)
|
|||||||
j = 0;
|
j = 0;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
ret->neg = neg;
|
|
||||||
|
|
||||||
bn_correct_top(ret);
|
bn_correct_top(ret);
|
||||||
*bn = ret;
|
*bn = ret;
|
||||||
bn_check_top(ret);
|
bn_check_top(ret);
|
||||||
|
/* Don't set the negative flag if it's zero. */
|
||||||
|
if (ret->top != 0)
|
||||||
|
ret->neg = neg;
|
||||||
return (num);
|
return (num);
|
||||||
err:
|
err:
|
||||||
if (*bn == NULL)
|
if (*bn == NULL)
|
||||||
@ -321,6 +324,7 @@ int BN_dec2bn(BIGNUM **bn, const char *a)
|
|||||||
int BN_asc2bn(BIGNUM **bn, const char *a)
|
int BN_asc2bn(BIGNUM **bn, const char *a)
|
||||||
{
|
{
|
||||||
const char *p = a;
|
const char *p = a;
|
||||||
|
|
||||||
if (*p == '-')
|
if (*p == '-')
|
||||||
p++;
|
p++;
|
||||||
|
|
||||||
@ -331,7 +335,8 @@ int BN_asc2bn(BIGNUM **bn, const char *a)
|
|||||||
if (!BN_dec2bn(bn, p))
|
if (!BN_dec2bn(bn, p))
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
if (*a == '-')
|
/* Don't set the negative flag if it's zero. */
|
||||||
|
if (*a == '-' && (*bn)->top != 0)
|
||||||
(*bn)->neg = 1;
|
(*bn)->neg = 1;
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
19
thirdparty/openssl/crypto/bn/bn_rand.c
vendored
19
thirdparty/openssl/crypto/bn/bn_rand.c
vendored
@ -121,15 +121,14 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
|
|||||||
int ret = 0, bit, bytes, mask;
|
int ret = 0, bit, bytes, mask;
|
||||||
time_t tim;
|
time_t tim;
|
||||||
|
|
||||||
if (bits < 0 || (bits == 1 && top > 0)) {
|
|
||||||
BNerr(BN_F_BNRAND, BN_R_BITS_TOO_SMALL);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (bits == 0) {
|
if (bits == 0) {
|
||||||
|
if (top != -1 || bottom != 0)
|
||||||
|
goto toosmall;
|
||||||
BN_zero(rnd);
|
BN_zero(rnd);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
if (bits < 0 || (bits == 1 && top > 0))
|
||||||
|
goto toosmall;
|
||||||
|
|
||||||
bytes = (bits + 7) / 8;
|
bytes = (bits + 7) / 8;
|
||||||
bit = (bits - 1) % 8;
|
bit = (bits - 1) % 8;
|
||||||
@ -145,13 +144,9 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
|
|||||||
time(&tim);
|
time(&tim);
|
||||||
RAND_add(&tim, sizeof(tim), 0.0);
|
RAND_add(&tim, sizeof(tim), 0.0);
|
||||||
|
|
||||||
if (pseudorand) {
|
/* We ignore the value of pseudorand and always call RAND_bytes */
|
||||||
if (RAND_pseudo_bytes(buf, bytes) == -1)
|
|
||||||
goto err;
|
|
||||||
} else {
|
|
||||||
if (RAND_bytes(buf, bytes) <= 0)
|
if (RAND_bytes(buf, bytes) <= 0)
|
||||||
goto err;
|
goto err;
|
||||||
}
|
|
||||||
|
|
||||||
#if 1
|
#if 1
|
||||||
if (pseudorand == 2) {
|
if (pseudorand == 2) {
|
||||||
@ -199,6 +194,10 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
|
|||||||
}
|
}
|
||||||
bn_check_top(rnd);
|
bn_check_top(rnd);
|
||||||
return (ret);
|
return (ret);
|
||||||
|
|
||||||
|
toosmall:
|
||||||
|
BNerr(BN_F_BNRAND, BN_R_BITS_TOO_SMALL);
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int BN_rand(BIGNUM *rnd, int bits, int top, int bottom)
|
int BN_rand(BIGNUM *rnd, int bits, int top, int bottom)
|
||||||
|
5
thirdparty/openssl/crypto/bn/bn_sqr.c
vendored
5
thirdparty/openssl/crypto/bn/bn_sqr.c
vendored
@ -143,8 +143,9 @@ int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
|
|||||||
rr->top = max - 1;
|
rr->top = max - 1;
|
||||||
else
|
else
|
||||||
rr->top = max;
|
rr->top = max;
|
||||||
if (rr != r)
|
if (r != rr && BN_copy(r, rr) == NULL)
|
||||||
BN_copy(r, rr);
|
goto err;
|
||||||
|
|
||||||
ret = 1;
|
ret = 1;
|
||||||
err:
|
err:
|
||||||
bn_check_top(rr);
|
bn_check_top(rr);
|
||||||
|
22
thirdparty/openssl/crypto/bn/bn_word.c
vendored
22
thirdparty/openssl/crypto/bn/bn_word.c
vendored
@ -72,10 +72,32 @@ BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w)
|
|||||||
if (w == 0)
|
if (w == 0)
|
||||||
return (BN_ULONG)-1;
|
return (BN_ULONG)-1;
|
||||||
|
|
||||||
|
#ifndef BN_LLONG
|
||||||
|
/*
|
||||||
|
* If |w| is too long and we don't have BN_ULLONG then we need to fall
|
||||||
|
* back to using BN_div_word
|
||||||
|
*/
|
||||||
|
if (w > ((BN_ULONG)1 << BN_BITS4)) {
|
||||||
|
BIGNUM *tmp = BN_dup(a);
|
||||||
|
if (tmp == NULL)
|
||||||
|
return (BN_ULONG)-1;
|
||||||
|
|
||||||
|
ret = BN_div_word(tmp, w);
|
||||||
|
BN_free(tmp);
|
||||||
|
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
bn_check_top(a);
|
bn_check_top(a);
|
||||||
w &= BN_MASK2;
|
w &= BN_MASK2;
|
||||||
for (i = a->top - 1; i >= 0; i--) {
|
for (i = a->top - 1; i >= 0; i--) {
|
||||||
#ifndef BN_LLONG
|
#ifndef BN_LLONG
|
||||||
|
/*
|
||||||
|
* We can assume here that | w <= ((BN_ULONG)1 << BN_BITS4) | and so
|
||||||
|
* | ret < ((BN_ULONG)1 << BN_BITS4) | and therefore the shifts here are
|
||||||
|
* safe and will not overflow
|
||||||
|
*/
|
||||||
ret = ((ret << BN_BITS4) | ((a->d[i] >> BN_BITS4) & BN_MASK2l)) % w;
|
ret = ((ret << BN_BITS4) | ((a->d[i] >> BN_BITS4) & BN_MASK2l)) % w;
|
||||||
ret = ((ret << BN_BITS4) | (a->d[i] & BN_MASK2l)) % w;
|
ret = ((ret << BN_BITS4) | (a->d[i] & BN_MASK2l)) % w;
|
||||||
#else
|
#else
|
||||||
|
12
thirdparty/openssl/crypto/cms/cms_enc.c
vendored
12
thirdparty/openssl/crypto/cms/cms_enc.c
vendored
@ -119,7 +119,7 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
|
|||||||
/* Generate a random IV if we need one */
|
/* Generate a random IV if we need one */
|
||||||
ivlen = EVP_CIPHER_CTX_iv_length(ctx);
|
ivlen = EVP_CIPHER_CTX_iv_length(ctx);
|
||||||
if (ivlen > 0) {
|
if (ivlen > 0) {
|
||||||
if (RAND_pseudo_bytes(iv, ivlen) <= 0)
|
if (RAND_bytes(iv, ivlen) <= 0)
|
||||||
goto err;
|
goto err;
|
||||||
piv = iv;
|
piv = iv;
|
||||||
}
|
}
|
||||||
@ -179,10 +179,9 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
|
|||||||
CMS_R_CIPHER_INITIALISATION_ERROR);
|
CMS_R_CIPHER_INITIALISATION_ERROR);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
if (enc) {
|
||||||
if (piv) {
|
|
||||||
calg->parameter = ASN1_TYPE_new();
|
calg->parameter = ASN1_TYPE_new();
|
||||||
if (!calg->parameter) {
|
if (calg->parameter == NULL) {
|
||||||
CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
|
CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -191,6 +190,11 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
|
|||||||
CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
|
CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
/* If parameter type not set omit parameter */
|
||||||
|
if (calg->parameter->type == V_ASN1_UNDEF) {
|
||||||
|
ASN1_TYPE_free(calg->parameter);
|
||||||
|
calg->parameter = NULL;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
ok = 1;
|
ok = 1;
|
||||||
|
|
||||||
|
3
thirdparty/openssl/crypto/cms/cms_ess.c
vendored
3
thirdparty/openssl/crypto/cms/cms_ess.c
vendored
@ -107,8 +107,7 @@ CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
|
|||||||
else {
|
else {
|
||||||
if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32))
|
if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32))
|
||||||
goto merr;
|
goto merr;
|
||||||
if (RAND_pseudo_bytes(rr->signedContentIdentifier->data, 32)
|
if (RAND_bytes(rr->signedContentIdentifier->data, 32) <= 0)
|
||||||
<= 0)
|
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
5
thirdparty/openssl/crypto/cms/cms_kari.c
vendored
5
thirdparty/openssl/crypto/cms/cms_kari.c
vendored
@ -401,9 +401,12 @@ static int cms_wrap_init(CMS_KeyAgreeRecipientInfo *kari,
|
|||||||
* Pick a cipher based on content encryption cipher. If it is DES3 use
|
* Pick a cipher based on content encryption cipher. If it is DES3 use
|
||||||
* DES3 wrap otherwise use AES wrap similar to key size.
|
* DES3 wrap otherwise use AES wrap similar to key size.
|
||||||
*/
|
*/
|
||||||
|
#ifndef OPENSSL_NO_DES
|
||||||
if (EVP_CIPHER_type(cipher) == NID_des_ede3_cbc)
|
if (EVP_CIPHER_type(cipher) == NID_des_ede3_cbc)
|
||||||
kekcipher = EVP_des_ede3_wrap();
|
kekcipher = EVP_des_ede3_wrap();
|
||||||
else if (keylen <= 16)
|
else
|
||||||
|
#endif
|
||||||
|
if (keylen <= 16)
|
||||||
kekcipher = EVP_aes_128_wrap();
|
kekcipher = EVP_aes_128_wrap();
|
||||||
else if (keylen <= 24)
|
else if (keylen <= 24)
|
||||||
kekcipher = EVP_aes_192_wrap();
|
kekcipher = EVP_aes_192_wrap();
|
||||||
|
4
thirdparty/openssl/crypto/cms/cms_lib.c
vendored
4
thirdparty/openssl/crypto/cms/cms_lib.c
vendored
@ -413,6 +413,8 @@ static STACK_OF(CMS_CertificateChoices)
|
|||||||
return &cms->d.signedData->certificates;
|
return &cms->d.signedData->certificates;
|
||||||
|
|
||||||
case NID_pkcs7_enveloped:
|
case NID_pkcs7_enveloped:
|
||||||
|
if (cms->d.envelopedData->originatorInfo == NULL)
|
||||||
|
return NULL;
|
||||||
return &cms->d.envelopedData->originatorInfo->certificates;
|
return &cms->d.envelopedData->originatorInfo->certificates;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
@ -488,6 +490,8 @@ static STACK_OF(CMS_RevocationInfoChoice)
|
|||||||
return &cms->d.signedData->crls;
|
return &cms->d.signedData->crls;
|
||||||
|
|
||||||
case NID_pkcs7_enveloped:
|
case NID_pkcs7_enveloped:
|
||||||
|
if (cms->d.envelopedData->originatorInfo == NULL)
|
||||||
|
return NULL;
|
||||||
return &cms->d.envelopedData->originatorInfo->crls;
|
return &cms->d.envelopedData->originatorInfo->crls;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
|
4
thirdparty/openssl/crypto/cms/cms_pwri.c
vendored
4
thirdparty/openssl/crypto/cms/cms_pwri.c
vendored
@ -134,7 +134,7 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
|
|||||||
ivlen = EVP_CIPHER_CTX_iv_length(&ctx);
|
ivlen = EVP_CIPHER_CTX_iv_length(&ctx);
|
||||||
|
|
||||||
if (ivlen > 0) {
|
if (ivlen > 0) {
|
||||||
if (RAND_pseudo_bytes(iv, ivlen) <= 0)
|
if (RAND_bytes(iv, ivlen) <= 0)
|
||||||
goto err;
|
goto err;
|
||||||
if (EVP_EncryptInit_ex(&ctx, NULL, NULL, NULL, iv) <= 0) {
|
if (EVP_EncryptInit_ex(&ctx, NULL, NULL, NULL, iv) <= 0) {
|
||||||
CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_EVP_LIB);
|
CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_EVP_LIB);
|
||||||
@ -301,7 +301,7 @@ static int kek_wrap_key(unsigned char *out, size_t *outlen,
|
|||||||
memcpy(out + 4, in, inlen);
|
memcpy(out + 4, in, inlen);
|
||||||
/* Add random padding to end */
|
/* Add random padding to end */
|
||||||
if (olen > inlen + 4
|
if (olen > inlen + 4
|
||||||
&& RAND_pseudo_bytes(out + 4 + inlen, olen - 4 - inlen) < 0)
|
&& RAND_bytes(out + 4 + inlen, olen - 4 - inlen) <= 0)
|
||||||
return 0;
|
return 0;
|
||||||
/* Encrypt twice */
|
/* Encrypt twice */
|
||||||
EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
|
EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
|
||||||
|
23
thirdparty/openssl/crypto/comp/c_rle.c
vendored
23
thirdparty/openssl/crypto/comp/c_rle.c
vendored
@ -31,12 +31,11 @@ static int rle_compress_block(COMP_CTX *ctx, unsigned char *out,
|
|||||||
unsigned int olen, unsigned char *in,
|
unsigned int olen, unsigned char *in,
|
||||||
unsigned int ilen)
|
unsigned int ilen)
|
||||||
{
|
{
|
||||||
/* int i; */
|
if (ilen == 0)
|
||||||
|
return 0;
|
||||||
|
|
||||||
if (ilen == 0 || olen < (ilen - 1)) {
|
if (olen <= ilen)
|
||||||
/* ZZZZZZZZZZZZZZZZZZZZZZ */
|
return -1;
|
||||||
return (-1);
|
|
||||||
}
|
|
||||||
|
|
||||||
*(out++) = 0;
|
*(out++) = 0;
|
||||||
memcpy(out, in, ilen);
|
memcpy(out, in, ilen);
|
||||||
@ -49,14 +48,16 @@ static int rle_expand_block(COMP_CTX *ctx, unsigned char *out,
|
|||||||
{
|
{
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
if (olen < (ilen - 1)) {
|
if (ilen == 0)
|
||||||
/* ZZZZZZZZZZZZZZZZZZZZZZ */
|
return 0;
|
||||||
return (-1);
|
|
||||||
}
|
if (olen < (ilen - 1))
|
||||||
|
return -1;
|
||||||
|
|
||||||
i = *(in++);
|
i = *(in++);
|
||||||
if (i == 0) {
|
if (i != 0)
|
||||||
|
return -1;
|
||||||
|
|
||||||
memcpy(out, in, ilen - 1);
|
memcpy(out, in, ilen - 1);
|
||||||
}
|
|
||||||
return (ilen - 1);
|
return (ilen - 1);
|
||||||
}
|
}
|
||||||
|
16
thirdparty/openssl/crypto/conf/conf_def.c
vendored
16
thirdparty/openssl/crypto/conf/conf_def.c
vendored
@ -69,6 +69,12 @@
|
|||||||
#include <openssl/buffer.h>
|
#include <openssl/buffer.h>
|
||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The maximum length we can grow a value to after variable expansion. 64k
|
||||||
|
* should be more than enough for all reasonable uses.
|
||||||
|
*/
|
||||||
|
#define MAX_CONF_VALUE_LENGTH 65536
|
||||||
|
|
||||||
static char *eat_ws(CONF *conf, char *p);
|
static char *eat_ws(CONF *conf, char *p);
|
||||||
static char *eat_alpha_numeric(CONF *conf, char *p);
|
static char *eat_alpha_numeric(CONF *conf, char *p);
|
||||||
static void clear_comments(CONF *conf, char *p);
|
static void clear_comments(CONF *conf, char *p);
|
||||||
@ -530,6 +536,8 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from)
|
|||||||
} else if (IS_EOF(conf, *from))
|
} else if (IS_EOF(conf, *from))
|
||||||
break;
|
break;
|
||||||
else if (*from == '$') {
|
else if (*from == '$') {
|
||||||
|
size_t newsize;
|
||||||
|
|
||||||
/* try to expand it */
|
/* try to expand it */
|
||||||
rrp = NULL;
|
rrp = NULL;
|
||||||
s = &(from[1]);
|
s = &(from[1]);
|
||||||
@ -584,8 +592,12 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from)
|
|||||||
CONFerr(CONF_F_STR_COPY, CONF_R_VARIABLE_HAS_NO_VALUE);
|
CONFerr(CONF_F_STR_COPY, CONF_R_VARIABLE_HAS_NO_VALUE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
if (!BUF_MEM_grow_clean(buf,
|
newsize = strlen(p) + buf->length - (e - from);
|
||||||
(strlen(p) + buf->length - (e - from)))) {
|
if (newsize > MAX_CONF_VALUE_LENGTH) {
|
||||||
|
CONFerr(CONF_F_STR_COPY, CONF_R_VARIABLE_EXPANSION_TOO_LONG);
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
if (!BUF_MEM_grow_clean(buf, newsize)) {
|
||||||
CONFerr(CONF_F_STR_COPY, ERR_R_MALLOC_FAILURE);
|
CONFerr(CONF_F_STR_COPY, ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
4
thirdparty/openssl/crypto/conf/conf_def.h
vendored
4
thirdparty/openssl/crypto/conf/conf_def.h
vendored
@ -94,7 +94,7 @@
|
|||||||
# define IS_DQUOTE(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_DQUOTE)
|
# define IS_DQUOTE(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_DQUOTE)
|
||||||
# define IS_HIGHBIT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_HIGHBIT)
|
# define IS_HIGHBIT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_HIGHBIT)
|
||||||
|
|
||||||
#else /* CHARSET_EBCDIC */
|
#else /*CHARSET_EBCDIC*/
|
||||||
|
|
||||||
# define IS_COMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_COMMENT)
|
# define IS_COMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_COMMENT)
|
||||||
# define IS_FCOMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_FCOMMENT)
|
# define IS_FCOMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_FCOMMENT)
|
||||||
@ -108,7 +108,7 @@
|
|||||||
# define IS_QUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_QUOTE)
|
# define IS_QUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_QUOTE)
|
||||||
# define IS_DQUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_DQUOTE)
|
# define IS_DQUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_DQUOTE)
|
||||||
# define IS_HIGHBIT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_HIGHBIT)
|
# define IS_HIGHBIT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_HIGHBIT)
|
||||||
#endif /* CHARSET_EBCDIC */
|
#endif /*CHARSET_EBCDIC*/
|
||||||
|
|
||||||
static unsigned short CONF_type_default[256] = {
|
static unsigned short CONF_type_default[256] = {
|
||||||
0x0008, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
|
0x0008, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
|
||||||
|
2
thirdparty/openssl/crypto/conf/conf_err.c
vendored
2
thirdparty/openssl/crypto/conf/conf_err.c
vendored
@ -115,6 +115,8 @@ static ERR_STRING_DATA CONF_str_reasons[] = {
|
|||||||
{ERR_REASON(CONF_R_UNABLE_TO_CREATE_NEW_SECTION),
|
{ERR_REASON(CONF_R_UNABLE_TO_CREATE_NEW_SECTION),
|
||||||
"unable to create new section"},
|
"unable to create new section"},
|
||||||
{ERR_REASON(CONF_R_UNKNOWN_MODULE_NAME), "unknown module name"},
|
{ERR_REASON(CONF_R_UNKNOWN_MODULE_NAME), "unknown module name"},
|
||||||
|
{ERR_REASON(CONF_R_VARIABLE_EXPANSION_TOO_LONG),
|
||||||
|
"variable expansion too long"},
|
||||||
{ERR_REASON(CONF_R_VARIABLE_HAS_NO_VALUE), "variable has no value"},
|
{ERR_REASON(CONF_R_VARIABLE_HAS_NO_VALUE), "variable has no value"},
|
||||||
{0, NULL}
|
{0, NULL}
|
||||||
};
|
};
|
||||||
|
4
thirdparty/openssl/crypto/conf/conf_mod.c
vendored
4
thirdparty/openssl/crypto/conf/conf_mod.c
vendored
@ -288,6 +288,10 @@ static CONF_MODULE *module_add(DSO *dso, const char *name,
|
|||||||
|
|
||||||
tmod->dso = dso;
|
tmod->dso = dso;
|
||||||
tmod->name = BUF_strdup(name);
|
tmod->name = BUF_strdup(name);
|
||||||
|
if (tmod->name == NULL) {
|
||||||
|
OPENSSL_free(tmod);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
tmod->init = ifunc;
|
tmod->init = ifunc;
|
||||||
tmod->finish = ffunc;
|
tmod->finish = ffunc;
|
||||||
tmod->links = 0;
|
tmod->links = 0;
|
||||||
|
2
thirdparty/openssl/crypto/des/des.c
vendored
2
thirdparty/openssl/crypto/des/des.c
vendored
@ -456,7 +456,7 @@ void doencryption(void)
|
|||||||
len = l - rem;
|
len = l - rem;
|
||||||
if (feof(DES_IN)) {
|
if (feof(DES_IN)) {
|
||||||
for (i = 7 - rem; i > 0; i--) {
|
for (i = 7 - rem; i > 0; i--) {
|
||||||
if (RAND_pseudo_bytes(buf + l++, 1) < 0)
|
if (RAND_bytes(buf + l++, 1) <= 0)
|
||||||
goto problems;
|
goto problems;
|
||||||
}
|
}
|
||||||
buf[l++] = rem;
|
buf[l++] = rem;
|
||||||
|
2
thirdparty/openssl/crypto/des/enc_writ.c
vendored
2
thirdparty/openssl/crypto/des/enc_writ.c
vendored
@ -135,7 +135,7 @@ int DES_enc_write(int fd, const void *_buf, int len,
|
|||||||
if (len < 8) {
|
if (len < 8) {
|
||||||
cp = shortbuf;
|
cp = shortbuf;
|
||||||
memcpy(shortbuf, buf, len);
|
memcpy(shortbuf, buf, len);
|
||||||
if (RAND_pseudo_bytes(shortbuf + len, 8 - len) < 0) {
|
if (RAND_bytes(shortbuf + len, 8 - len) <= 0) {
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
rnum = 8;
|
rnum = 8;
|
||||||
|
2
thirdparty/openssl/crypto/des/set_key.c
vendored
2
thirdparty/openssl/crypto/des/set_key.c
vendored
@ -120,7 +120,7 @@ int DES_check_key_parity(const_DES_cblock *key)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/*-
|
/*-
|
||||||
* Weak and semi week keys as take from
|
* Weak and semi weak keys as taken from
|
||||||
* %A D.W. Davies
|
* %A D.W. Davies
|
||||||
* %A W.L. Price
|
* %A W.L. Price
|
||||||
* %T Security for Computer Networks
|
* %T Security for Computer Networks
|
||||||
|
2
thirdparty/openssl/crypto/dh/dh_ameth.c
vendored
2
thirdparty/openssl/crypto/dh/dh_ameth.c
vendored
@ -519,7 +519,7 @@ static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
|
|||||||
|
|
||||||
static int dh_missing_parameters(const EVP_PKEY *a)
|
static int dh_missing_parameters(const EVP_PKEY *a)
|
||||||
{
|
{
|
||||||
if (!a->pkey.dh->p || !a->pkey.dh->g)
|
if (a->pkey.dh == NULL || a->pkey.dh->p == NULL || a->pkey.dh->g == NULL)
|
||||||
return 1;
|
return 1;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
2
thirdparty/openssl/crypto/dh/dh_key.c
vendored
2
thirdparty/openssl/crypto/dh/dh_key.c
vendored
@ -223,6 +223,8 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
|
|||||||
goto err;
|
goto err;
|
||||||
BN_CTX_start(ctx);
|
BN_CTX_start(ctx);
|
||||||
tmp = BN_CTX_get(ctx);
|
tmp = BN_CTX_get(ctx);
|
||||||
|
if (tmp == NULL)
|
||||||
|
goto err;
|
||||||
|
|
||||||
if (dh->priv_key == NULL) {
|
if (dh->priv_key == NULL) {
|
||||||
DHerr(DH_F_COMPUTE_KEY, DH_R_NO_PRIVATE_VALUE);
|
DHerr(DH_F_COMPUTE_KEY, DH_R_NO_PRIVATE_VALUE);
|
||||||
|
2
thirdparty/openssl/crypto/dsa/dsa_ameth.c
vendored
2
thirdparty/openssl/crypto/dsa/dsa_ameth.c
vendored
@ -350,7 +350,7 @@ static int dsa_missing_parameters(const EVP_PKEY *pkey)
|
|||||||
{
|
{
|
||||||
DSA *dsa;
|
DSA *dsa;
|
||||||
dsa = pkey->pkey.dsa;
|
dsa = pkey->pkey.dsa;
|
||||||
if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
|
if (dsa == NULL || dsa->p == NULL || dsa->q == NULL || dsa->g == NULL)
|
||||||
return 1;
|
return 1;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
7
thirdparty/openssl/crypto/dsa/dsa_gen.c
vendored
7
thirdparty/openssl/crypto/dsa/dsa_gen.c
vendored
@ -185,6 +185,9 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
|
|||||||
p = BN_CTX_get(ctx);
|
p = BN_CTX_get(ctx);
|
||||||
test = BN_CTX_get(ctx);
|
test = BN_CTX_get(ctx);
|
||||||
|
|
||||||
|
if (test == NULL)
|
||||||
|
goto err;
|
||||||
|
|
||||||
if (!BN_lshift(test, BN_value_one(), bits - 1))
|
if (!BN_lshift(test, BN_value_one(), bits - 1))
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
@ -197,7 +200,7 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
|
|||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
if (!seed_len || !seed_in) {
|
if (!seed_len || !seed_in) {
|
||||||
if (RAND_pseudo_bytes(seed, qsize) < 0)
|
if (RAND_bytes(seed, qsize) <= 0)
|
||||||
goto err;
|
goto err;
|
||||||
seed_is_random = 1;
|
seed_is_random = 1;
|
||||||
} else {
|
} else {
|
||||||
@ -491,7 +494,7 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
|
|||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
if (!seed_in) {
|
if (!seed_in) {
|
||||||
if (RAND_pseudo_bytes(seed, seed_len) < 0)
|
if (RAND_bytes(seed, seed_len) <= 0)
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
/* step 2 */
|
/* step 2 */
|
||||||
|
7
thirdparty/openssl/crypto/dsa/dsa_ossl.c
vendored
7
thirdparty/openssl/crypto/dsa/dsa_ossl.c
vendored
@ -247,11 +247,13 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
|
|||||||
do
|
do
|
||||||
if (!BN_rand_range(&k, dsa->q))
|
if (!BN_rand_range(&k, dsa->q))
|
||||||
goto err;
|
goto err;
|
||||||
while (BN_is_zero(&k)) ;
|
while (BN_is_zero(&k));
|
||||||
|
|
||||||
if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
|
if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
|
||||||
BN_set_flags(&k, BN_FLG_CONSTTIME);
|
BN_set_flags(&k, BN_FLG_CONSTTIME);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
|
if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
|
||||||
if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,
|
if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,
|
||||||
CRYPTO_LOCK_DSA, dsa->p, ctx))
|
CRYPTO_LOCK_DSA, dsa->p, ctx))
|
||||||
@ -264,6 +266,8 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
|
|||||||
if (!BN_copy(&kq, &k))
|
if (!BN_copy(&kq, &k))
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
|
BN_set_flags(&kq, BN_FLG_CONSTTIME);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* We do not want timing information to leak the length of k, so we
|
* We do not want timing information to leak the length of k, so we
|
||||||
* compute g^k using an equivalent exponent of fixed length. (This
|
* compute g^k using an equivalent exponent of fixed length. (This
|
||||||
@ -282,6 +286,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
|
|||||||
} else {
|
} else {
|
||||||
K = &k;
|
K = &k;
|
||||||
}
|
}
|
||||||
|
|
||||||
DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx,
|
DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx,
|
||||||
dsa->method_mont_p);
|
dsa->method_mont_p);
|
||||||
if (!BN_mod(r, r, dsa->q, ctx))
|
if (!BN_mod(r, r, dsa->q, ctx))
|
||||||
|
2
thirdparty/openssl/crypto/dsa/dsa_pmeth.c
vendored
2
thirdparty/openssl/crypto/dsa/dsa_pmeth.c
vendored
@ -180,7 +180,7 @@ static int pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
|
|||||||
DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE);
|
DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
dctx->md = p2;
|
dctx->pmd = p2;
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
case EVP_PKEY_CTRL_MD:
|
case EVP_PKEY_CTRL_MD:
|
||||||
|
20
thirdparty/openssl/crypto/ec/ec2_mult.c
vendored
20
thirdparty/openssl/crypto/ec/ec2_mult.c
vendored
@ -267,7 +267,7 @@ static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group,
|
|||||||
BN_CTX *ctx)
|
BN_CTX *ctx)
|
||||||
{
|
{
|
||||||
BIGNUM *x1, *x2, *z1, *z2;
|
BIGNUM *x1, *x2, *z1, *z2;
|
||||||
int ret = 0, i;
|
int ret = 0, i, group_top;
|
||||||
BN_ULONG mask, word;
|
BN_ULONG mask, word;
|
||||||
|
|
||||||
if (r == point) {
|
if (r == point) {
|
||||||
@ -297,10 +297,12 @@ static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group,
|
|||||||
x2 = &r->X;
|
x2 = &r->X;
|
||||||
z2 = &r->Y;
|
z2 = &r->Y;
|
||||||
|
|
||||||
bn_wexpand(x1, group->field.top);
|
group_top = group->field.top;
|
||||||
bn_wexpand(z1, group->field.top);
|
if (bn_wexpand(x1, group_top) == NULL
|
||||||
bn_wexpand(x2, group->field.top);
|
|| bn_wexpand(z1, group_top) == NULL
|
||||||
bn_wexpand(z2, group->field.top);
|
|| bn_wexpand(x2, group_top) == NULL
|
||||||
|
|| bn_wexpand(z2, group_top) == NULL)
|
||||||
|
goto err;
|
||||||
|
|
||||||
if (!BN_GF2m_mod_arr(x1, &point->X, group->poly))
|
if (!BN_GF2m_mod_arr(x1, &point->X, group->poly))
|
||||||
goto err; /* x1 = x */
|
goto err; /* x1 = x */
|
||||||
@ -329,14 +331,14 @@ static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group,
|
|||||||
for (; i >= 0; i--) {
|
for (; i >= 0; i--) {
|
||||||
word = scalar->d[i];
|
word = scalar->d[i];
|
||||||
while (mask) {
|
while (mask) {
|
||||||
BN_consttime_swap(word & mask, x1, x2, group->field.top);
|
BN_consttime_swap(word & mask, x1, x2, group_top);
|
||||||
BN_consttime_swap(word & mask, z1, z2, group->field.top);
|
BN_consttime_swap(word & mask, z1, z2, group_top);
|
||||||
if (!gf2m_Madd(group, &point->X, x2, z2, x1, z1, ctx))
|
if (!gf2m_Madd(group, &point->X, x2, z2, x1, z1, ctx))
|
||||||
goto err;
|
goto err;
|
||||||
if (!gf2m_Mdouble(group, x1, z1, ctx))
|
if (!gf2m_Mdouble(group, x1, z1, ctx))
|
||||||
goto err;
|
goto err;
|
||||||
BN_consttime_swap(word & mask, x1, x2, group->field.top);
|
BN_consttime_swap(word & mask, x1, x2, group_top);
|
||||||
BN_consttime_swap(word & mask, z1, z2, group->field.top);
|
BN_consttime_swap(word & mask, z1, z2, group_top);
|
||||||
mask >>= 1;
|
mask >>= 1;
|
||||||
}
|
}
|
||||||
mask = BN_TBIT;
|
mask = BN_TBIT;
|
||||||
|
36
thirdparty/openssl/crypto/ec/ec_ameth.c
vendored
36
thirdparty/openssl/crypto/ec/ec_ameth.c
vendored
@ -66,9 +66,12 @@
|
|||||||
#endif
|
#endif
|
||||||
#include <openssl/asn1t.h>
|
#include <openssl/asn1t.h>
|
||||||
#include "asn1_locl.h"
|
#include "asn1_locl.h"
|
||||||
|
#include "ec_lcl.h"
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_CMS
|
||||||
static int ecdh_cms_decrypt(CMS_RecipientInfo *ri);
|
static int ecdh_cms_decrypt(CMS_RecipientInfo *ri);
|
||||||
static int ecdh_cms_encrypt(CMS_RecipientInfo *ri);
|
static int ecdh_cms_encrypt(CMS_RecipientInfo *ri);
|
||||||
|
#endif
|
||||||
|
|
||||||
static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key)
|
static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key)
|
||||||
{
|
{
|
||||||
@ -221,6 +224,8 @@ static int eckey_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
|
|||||||
const EC_GROUP *group = EC_KEY_get0_group(b->pkey.ec);
|
const EC_GROUP *group = EC_KEY_get0_group(b->pkey.ec);
|
||||||
const EC_POINT *pa = EC_KEY_get0_public_key(a->pkey.ec),
|
const EC_POINT *pa = EC_KEY_get0_public_key(a->pkey.ec),
|
||||||
*pb = EC_KEY_get0_public_key(b->pkey.ec);
|
*pb = EC_KEY_get0_public_key(b->pkey.ec);
|
||||||
|
if (group == NULL || pa == NULL || pb == NULL)
|
||||||
|
return -2;
|
||||||
r = EC_POINT_cmp(group, pa, pb, NULL);
|
r = EC_POINT_cmp(group, pa, pb, NULL);
|
||||||
if (r == 0)
|
if (r == 0)
|
||||||
return 1;
|
return 1;
|
||||||
@ -299,15 +304,13 @@ static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
|
|||||||
|
|
||||||
static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
|
static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
|
||||||
{
|
{
|
||||||
EC_KEY *ec_key;
|
EC_KEY ec_key = *(pkey->pkey.ec);
|
||||||
unsigned char *ep, *p;
|
unsigned char *ep, *p;
|
||||||
int eplen, ptype;
|
int eplen, ptype;
|
||||||
void *pval;
|
void *pval;
|
||||||
unsigned int tmp_flags, old_flags;
|
unsigned int old_flags;
|
||||||
|
|
||||||
ec_key = pkey->pkey.ec;
|
if (!eckey_param2type(&ptype, &pval, &ec_key)) {
|
||||||
|
|
||||||
if (!eckey_param2type(&ptype, &pval, ec_key)) {
|
|
||||||
ECerr(EC_F_ECKEY_PRIV_ENCODE, EC_R_DECODE_ERROR);
|
ECerr(EC_F_ECKEY_PRIV_ENCODE, EC_R_DECODE_ERROR);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -318,34 +321,31 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
|
|||||||
* do not include the parameters in the SEC1 private key see PKCS#11
|
* do not include the parameters in the SEC1 private key see PKCS#11
|
||||||
* 12.11
|
* 12.11
|
||||||
*/
|
*/
|
||||||
old_flags = EC_KEY_get_enc_flags(ec_key);
|
old_flags = EC_KEY_get_enc_flags(&ec_key);
|
||||||
tmp_flags = old_flags | EC_PKEY_NO_PARAMETERS;
|
EC_KEY_set_enc_flags(&ec_key, old_flags | EC_PKEY_NO_PARAMETERS);
|
||||||
EC_KEY_set_enc_flags(ec_key, tmp_flags);
|
|
||||||
eplen = i2d_ECPrivateKey(ec_key, NULL);
|
eplen = i2d_ECPrivateKey(&ec_key, NULL);
|
||||||
if (!eplen) {
|
if (!eplen) {
|
||||||
EC_KEY_set_enc_flags(ec_key, old_flags);
|
|
||||||
ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
|
ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
ep = (unsigned char *)OPENSSL_malloc(eplen);
|
ep = (unsigned char *)OPENSSL_malloc(eplen);
|
||||||
if (!ep) {
|
if (!ep) {
|
||||||
EC_KEY_set_enc_flags(ec_key, old_flags);
|
|
||||||
ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
|
ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
p = ep;
|
p = ep;
|
||||||
if (!i2d_ECPrivateKey(ec_key, &p)) {
|
if (!i2d_ECPrivateKey(&ec_key, &p)) {
|
||||||
EC_KEY_set_enc_flags(ec_key, old_flags);
|
|
||||||
OPENSSL_free(ep);
|
OPENSSL_free(ep);
|
||||||
ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
|
ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
/* restore old encoding flags */
|
|
||||||
EC_KEY_set_enc_flags(ec_key, old_flags);
|
|
||||||
|
|
||||||
if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_X9_62_id_ecPublicKey), 0,
|
if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_X9_62_id_ecPublicKey), 0,
|
||||||
ptype, pval, ep, eplen))
|
ptype, pval, ep, eplen)) {
|
||||||
|
OPENSSL_free(ep);
|
||||||
return 0;
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -378,7 +378,7 @@ static int ec_bits(const EVP_PKEY *pkey)
|
|||||||
|
|
||||||
static int ec_missing_parameters(const EVP_PKEY *pkey)
|
static int ec_missing_parameters(const EVP_PKEY *pkey)
|
||||||
{
|
{
|
||||||
if (EC_KEY_get0_group(pkey->pkey.ec) == NULL)
|
if (pkey->pkey.ec == NULL || EC_KEY_get0_group(pkey->pkey.ec) == NULL)
|
||||||
return 1;
|
return 1;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -398,6 +398,8 @@ static int ec_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
|
|||||||
{
|
{
|
||||||
const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec),
|
const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec),
|
||||||
*group_b = EC_KEY_get0_group(b->pkey.ec);
|
*group_b = EC_KEY_get0_group(b->pkey.ec);
|
||||||
|
if (group_a == NULL || group_b == NULL)
|
||||||
|
return -2;
|
||||||
if (EC_GROUP_cmp(group_a, group_b, NULL))
|
if (EC_GROUP_cmp(group_a, group_b, NULL))
|
||||||
return 0;
|
return 0;
|
||||||
else
|
else
|
||||||
|
11
thirdparty/openssl/crypto/ec/ec_asn1.c
vendored
11
thirdparty/openssl/crypto/ec/ec_asn1.c
vendored
@ -62,17 +62,22 @@
|
|||||||
#include <openssl/asn1t.h>
|
#include <openssl/asn1t.h>
|
||||||
#include <openssl/objects.h>
|
#include <openssl/objects.h>
|
||||||
|
|
||||||
|
#define OSSL_NELEM(x) (sizeof(x)/sizeof(x[0]))
|
||||||
|
|
||||||
int EC_GROUP_get_basis_type(const EC_GROUP *group)
|
int EC_GROUP_get_basis_type(const EC_GROUP *group)
|
||||||
{
|
{
|
||||||
int i = 0;
|
int i;
|
||||||
|
|
||||||
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
|
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
|
||||||
NID_X9_62_characteristic_two_field)
|
NID_X9_62_characteristic_two_field)
|
||||||
/* everything else is currently not supported */
|
/* everything else is currently not supported */
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
while (group->poly[i] != 0)
|
/* Find the last non-zero element of group->poly[] */
|
||||||
i++;
|
for (i = 0;
|
||||||
|
i < (int)OSSL_NELEM(group->poly) && group->poly[i] != 0;
|
||||||
|
i++)
|
||||||
|
continue;
|
||||||
|
|
||||||
if (i == 4)
|
if (i == 4)
|
||||||
return NID_X9_62_ppBasis;
|
return NID_X9_62_ppBasis;
|
||||||
|
9
thirdparty/openssl/crypto/ec/ec_key.c
vendored
9
thirdparty/openssl/crypto/ec/ec_key.c
vendored
@ -377,9 +377,9 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
ctx = BN_CTX_new();
|
ctx = BN_CTX_new();
|
||||||
if (!ctx)
|
if (ctx == NULL)
|
||||||
goto err;
|
return 0;
|
||||||
|
BN_CTX_start(ctx);
|
||||||
point = EC_POINT_new(key->group);
|
point = EC_POINT_new(key->group);
|
||||||
|
|
||||||
if (!point)
|
if (!point)
|
||||||
@ -432,9 +432,8 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
|
|||||||
ok = 1;
|
ok = 1;
|
||||||
|
|
||||||
err:
|
err:
|
||||||
if (ctx)
|
BN_CTX_end(ctx);
|
||||||
BN_CTX_free(ctx);
|
BN_CTX_free(ctx);
|
||||||
if (point)
|
|
||||||
EC_POINT_free(point);
|
EC_POINT_free(point);
|
||||||
return ok;
|
return ok;
|
||||||
|
|
||||||
|
12
thirdparty/openssl/crypto/ec/ec_mult.c
vendored
12
thirdparty/openssl/crypto/ec/ec_mult.c
vendored
@ -68,10 +68,14 @@
|
|||||||
#include "ec_lcl.h"
|
#include "ec_lcl.h"
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* This file implements the wNAF-based interleaving multi-exponentation method
|
* This file implements the wNAF-based interleaving multi-exponentiation method
|
||||||
* (<URL:http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller.html#multiexp>);
|
* Formerly at:
|
||||||
* for multiplication with precomputation, we use wNAF splitting
|
* http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller.html#multiexp
|
||||||
* (<URL:http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller.html#fastexp>).
|
* You might now find it here:
|
||||||
|
* http://link.springer.com/chapter/10.1007%2F3-540-45537-X_13
|
||||||
|
* http://www.bmoeller.de/pdf/TI-01-08.multiexp.pdf
|
||||||
|
* For multiplication with precomputation, we use wNAF splitting, formerly at:
|
||||||
|
* http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller.html#fastexp
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* structure for precomputed multiples of the generator */
|
/* structure for precomputed multiples of the generator */
|
||||||
|
2
thirdparty/openssl/crypto/ec/eck_prn.c
vendored
2
thirdparty/openssl/crypto/ec/eck_prn.c
vendored
@ -342,7 +342,7 @@ static int print_bin(BIO *fp, const char *name, const unsigned char *buf,
|
|||||||
size_t len, int off)
|
size_t len, int off)
|
||||||
{
|
{
|
||||||
size_t i;
|
size_t i;
|
||||||
char str[128];
|
char str[128 + 1 + 4];
|
||||||
|
|
||||||
if (buf == NULL)
|
if (buf == NULL)
|
||||||
return 1;
|
return 1;
|
||||||
|
111
thirdparty/openssl/crypto/ec/ecp_nistz256.c
vendored
111
thirdparty/openssl/crypto/ec/ecp_nistz256.c
vendored
@ -82,19 +82,36 @@ typedef struct ec_pre_comp_st {
|
|||||||
} EC_PRE_COMP;
|
} EC_PRE_COMP;
|
||||||
|
|
||||||
/* Functions implemented in assembly */
|
/* Functions implemented in assembly */
|
||||||
/* Modular mul by 2: res = 2*a mod P */
|
/*
|
||||||
void ecp_nistz256_mul_by_2(BN_ULONG res[P256_LIMBS],
|
* Most of below mentioned functions *preserve* the property of inputs
|
||||||
const BN_ULONG a[P256_LIMBS]);
|
* being fully reduced, i.e. being in [0, modulus) range. Simply put if
|
||||||
/* Modular div by 2: res = a/2 mod P */
|
* inputs are fully reduced, then output is too. Note that reverse is
|
||||||
void ecp_nistz256_div_by_2(BN_ULONG res[P256_LIMBS],
|
* not true, in sense that given partially reduced inputs output can be
|
||||||
const BN_ULONG a[P256_LIMBS]);
|
* either, not unlikely reduced. And "most" in first sentence refers to
|
||||||
/* Modular mul by 3: res = 3*a mod P */
|
* the fact that given the calculations flow one can tolerate that
|
||||||
void ecp_nistz256_mul_by_3(BN_ULONG res[P256_LIMBS],
|
* addition, 1st function below, produces partially reduced result *if*
|
||||||
const BN_ULONG a[P256_LIMBS]);
|
* multiplications by 2 and 3, which customarily use addition, fully
|
||||||
|
* reduce it. This effectively gives two options: a) addition produces
|
||||||
|
* fully reduced result [as long as inputs are, just like remaining
|
||||||
|
* functions]; b) addition is allowed to produce partially reduced
|
||||||
|
* result, but multiplications by 2 and 3 perform additional reduction
|
||||||
|
* step. Choice between the two can be platform-specific, but it was a)
|
||||||
|
* in all cases so far...
|
||||||
|
*/
|
||||||
/* Modular add: res = a+b mod P */
|
/* Modular add: res = a+b mod P */
|
||||||
void ecp_nistz256_add(BN_ULONG res[P256_LIMBS],
|
void ecp_nistz256_add(BN_ULONG res[P256_LIMBS],
|
||||||
const BN_ULONG a[P256_LIMBS],
|
const BN_ULONG a[P256_LIMBS],
|
||||||
const BN_ULONG b[P256_LIMBS]);
|
const BN_ULONG b[P256_LIMBS]);
|
||||||
|
/* Modular mul by 2: res = 2*a mod P */
|
||||||
|
void ecp_nistz256_mul_by_2(BN_ULONG res[P256_LIMBS],
|
||||||
|
const BN_ULONG a[P256_LIMBS]);
|
||||||
|
/* Modular mul by 3: res = 3*a mod P */
|
||||||
|
void ecp_nistz256_mul_by_3(BN_ULONG res[P256_LIMBS],
|
||||||
|
const BN_ULONG a[P256_LIMBS]);
|
||||||
|
|
||||||
|
/* Modular div by 2: res = a/2 mod P */
|
||||||
|
void ecp_nistz256_div_by_2(BN_ULONG res[P256_LIMBS],
|
||||||
|
const BN_ULONG a[P256_LIMBS]);
|
||||||
/* Modular sub: res = a-b mod P */
|
/* Modular sub: res = a-b mod P */
|
||||||
void ecp_nistz256_sub(BN_ULONG res[P256_LIMBS],
|
void ecp_nistz256_sub(BN_ULONG res[P256_LIMBS],
|
||||||
const BN_ULONG a[P256_LIMBS],
|
const BN_ULONG a[P256_LIMBS],
|
||||||
@ -205,10 +222,12 @@ static BN_ULONG is_equal(const BN_ULONG a[P256_LIMBS],
|
|||||||
return is_zero(res);
|
return is_zero(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
static BN_ULONG is_one(const BN_ULONG a[P256_LIMBS])
|
static BN_ULONG is_one(const BIGNUM *z)
|
||||||
{
|
{
|
||||||
BN_ULONG res;
|
BN_ULONG res = 0;
|
||||||
|
BN_ULONG *a = z->d;
|
||||||
|
|
||||||
|
if (z->top == (P256_LIMBS - P256_LIMBS / 8)) {
|
||||||
res = a[0] ^ ONE[0];
|
res = a[0] ^ ONE[0];
|
||||||
res |= a[1] ^ ONE[1];
|
res |= a[1] ^ ONE[1];
|
||||||
res |= a[2] ^ ONE[2];
|
res |= a[2] ^ ONE[2];
|
||||||
@ -217,9 +236,15 @@ static BN_ULONG is_one(const BN_ULONG a[P256_LIMBS])
|
|||||||
res |= a[4] ^ ONE[4];
|
res |= a[4] ^ ONE[4];
|
||||||
res |= a[5] ^ ONE[5];
|
res |= a[5] ^ ONE[5];
|
||||||
res |= a[6] ^ ONE[6];
|
res |= a[6] ^ ONE[6];
|
||||||
|
/*
|
||||||
|
* no check for a[7] (being zero) on 32-bit platforms,
|
||||||
|
* because value of "one" takes only 7 limbs.
|
||||||
|
*/
|
||||||
|
}
|
||||||
|
res = is_zero(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
return is_zero(res);
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int ecp_nistz256_set_words(BIGNUM *a, BN_ULONG words[P256_LIMBS])
|
static int ecp_nistz256_set_words(BIGNUM *a, BN_ULONG words[P256_LIMBS])
|
||||||
@ -315,19 +340,16 @@ static void ecp_nistz256_point_add(P256_POINT *r,
|
|||||||
const BN_ULONG *in2_y = b->Y;
|
const BN_ULONG *in2_y = b->Y;
|
||||||
const BN_ULONG *in2_z = b->Z;
|
const BN_ULONG *in2_z = b->Z;
|
||||||
|
|
||||||
/* We encode infinity as (0,0), which is not on the curve,
|
/*
|
||||||
* so it is OK. */
|
* Infinity in encoded as (,,0)
|
||||||
in1infty = (in1_x[0] | in1_x[1] | in1_x[2] | in1_x[3] |
|
*/
|
||||||
in1_y[0] | in1_y[1] | in1_y[2] | in1_y[3]);
|
in1infty = (in1_z[0] | in1_z[1] | in1_z[2] | in1_z[3]);
|
||||||
if (P256_LIMBS == 8)
|
if (P256_LIMBS == 8)
|
||||||
in1infty |= (in1_x[4] | in1_x[5] | in1_x[6] | in1_x[7] |
|
in1infty |= (in1_z[4] | in1_z[5] | in1_z[6] | in1_z[7]);
|
||||||
in1_y[4] | in1_y[5] | in1_y[6] | in1_y[7]);
|
|
||||||
|
|
||||||
in2infty = (in2_x[0] | in2_x[1] | in2_x[2] | in2_x[3] |
|
in2infty = (in2_z[0] | in2_z[1] | in2_z[2] | in2_z[3]);
|
||||||
in2_y[0] | in2_y[1] | in2_y[2] | in2_y[3]);
|
|
||||||
if (P256_LIMBS == 8)
|
if (P256_LIMBS == 8)
|
||||||
in2infty |= (in2_x[4] | in2_x[5] | in2_x[6] | in2_x[7] |
|
in2infty |= (in2_z[4] | in2_z[5] | in2_z[6] | in2_z[7]);
|
||||||
in2_y[4] | in2_y[5] | in2_y[6] | in2_y[7]);
|
|
||||||
|
|
||||||
in1infty = is_zero(in1infty);
|
in1infty = is_zero(in1infty);
|
||||||
in2infty = is_zero(in2infty);
|
in2infty = is_zero(in2infty);
|
||||||
@ -416,15 +438,16 @@ static void ecp_nistz256_point_add_affine(P256_POINT *r,
|
|||||||
const BN_ULONG *in2_y = b->Y;
|
const BN_ULONG *in2_y = b->Y;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* In affine representation we encode infty as (0,0), which is not on the
|
* Infinity in encoded as (,,0)
|
||||||
* curve, so it is OK
|
|
||||||
*/
|
*/
|
||||||
in1infty = (in1_x[0] | in1_x[1] | in1_x[2] | in1_x[3] |
|
in1infty = (in1_z[0] | in1_z[1] | in1_z[2] | in1_z[3]);
|
||||||
in1_y[0] | in1_y[1] | in1_y[2] | in1_y[3]);
|
|
||||||
if (P256_LIMBS == 8)
|
if (P256_LIMBS == 8)
|
||||||
in1infty |= (in1_x[4] | in1_x[5] | in1_x[6] | in1_x[7] |
|
in1infty |= (in1_z[4] | in1_z[5] | in1_z[6] | in1_z[7]);
|
||||||
in1_y[4] | in1_y[5] | in1_y[6] | in1_y[7]);
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* In affine representation we encode infinity as (0,0), which is
|
||||||
|
* not on the curve, so it is OK
|
||||||
|
*/
|
||||||
in2infty = (in2_x[0] | in2_x[1] | in2_x[2] | in2_x[3] |
|
in2infty = (in2_x[0] | in2_x[1] | in2_x[2] | in2_x[3] |
|
||||||
in2_y[0] | in2_y[1] | in2_y[2] | in2_y[3]);
|
in2_y[0] | in2_y[1] | in2_y[2] | in2_y[3]);
|
||||||
if (P256_LIMBS == 8)
|
if (P256_LIMBS == 8)
|
||||||
@ -741,9 +764,8 @@ static int ecp_nistz256_is_affine_G(const EC_POINT *generator)
|
|||||||
{
|
{
|
||||||
return (generator->X.top == P256_LIMBS) &&
|
return (generator->X.top == P256_LIMBS) &&
|
||||||
(generator->Y.top == P256_LIMBS) &&
|
(generator->Y.top == P256_LIMBS) &&
|
||||||
(generator->Z.top == (P256_LIMBS - P256_LIMBS / 8)) &&
|
|
||||||
is_equal(generator->X.d, def_xG) &&
|
is_equal(generator->X.d, def_xG) &&
|
||||||
is_equal(generator->Y.d, def_yG) && is_one(generator->Z.d);
|
is_equal(generator->Y.d, def_yG) && is_one(&generator->Z);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int ecp_nistz256_mult_precompute(EC_GROUP *group, BN_CTX *ctx)
|
static int ecp_nistz256_mult_precompute(EC_GROUP *group, BN_CTX *ctx)
|
||||||
@ -1249,6 +1271,8 @@ static int ecp_nistz256_points_mul(const EC_GROUP *group,
|
|||||||
} else
|
} else
|
||||||
#endif
|
#endif
|
||||||
{
|
{
|
||||||
|
BN_ULONG infty;
|
||||||
|
|
||||||
/* First window */
|
/* First window */
|
||||||
wvalue = (p_str[0] << 1) & mask;
|
wvalue = (p_str[0] << 1) & mask;
|
||||||
index += window_size;
|
index += window_size;
|
||||||
@ -1260,7 +1284,30 @@ static int ecp_nistz256_points_mul(const EC_GROUP *group,
|
|||||||
ecp_nistz256_neg(p.p.Z, p.p.Y);
|
ecp_nistz256_neg(p.p.Z, p.p.Y);
|
||||||
copy_conditional(p.p.Y, p.p.Z, wvalue & 1);
|
copy_conditional(p.p.Y, p.p.Z, wvalue & 1);
|
||||||
|
|
||||||
memcpy(p.p.Z, ONE, sizeof(ONE));
|
/*
|
||||||
|
* Since affine infinity is encoded as (0,0) and
|
||||||
|
* Jacobian ias (,,0), we need to harmonize them
|
||||||
|
* by assigning "one" or zero to Z.
|
||||||
|
*/
|
||||||
|
infty = (p.p.X[0] | p.p.X[1] | p.p.X[2] | p.p.X[3] |
|
||||||
|
p.p.Y[0] | p.p.Y[1] | p.p.Y[2] | p.p.Y[3]);
|
||||||
|
if (P256_LIMBS == 8)
|
||||||
|
infty |= (p.p.X[4] | p.p.X[5] | p.p.X[6] | p.p.X[7] |
|
||||||
|
p.p.Y[4] | p.p.Y[5] | p.p.Y[6] | p.p.Y[7]);
|
||||||
|
|
||||||
|
infty = 0 - is_zero(infty);
|
||||||
|
infty = ~infty;
|
||||||
|
|
||||||
|
p.p.Z[0] = ONE[0] & infty;
|
||||||
|
p.p.Z[1] = ONE[1] & infty;
|
||||||
|
p.p.Z[2] = ONE[2] & infty;
|
||||||
|
p.p.Z[3] = ONE[3] & infty;
|
||||||
|
if (P256_LIMBS == 8) {
|
||||||
|
p.p.Z[4] = ONE[4] & infty;
|
||||||
|
p.p.Z[5] = ONE[5] & infty;
|
||||||
|
p.p.Z[6] = ONE[6] & infty;
|
||||||
|
p.p.Z[7] = ONE[7] & infty;
|
||||||
|
}
|
||||||
|
|
||||||
for (i = 1; i < 37; i++) {
|
for (i = 1; i < 37; i++) {
|
||||||
unsigned int off = (index - 1) / 8;
|
unsigned int off = (index - 1) / 8;
|
||||||
@ -1331,7 +1378,7 @@ static int ecp_nistz256_points_mul(const EC_GROUP *group,
|
|||||||
!ecp_nistz256_set_words(&r->Z, p.p.Z)) {
|
!ecp_nistz256_set_words(&r->Z, p.p.Z)) {
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
r->Z_is_one = is_one(p.p.Z) & 1;
|
r->Z_is_one = is_one(&r->Z) & 1;
|
||||||
|
|
||||||
ret = 1;
|
ret = 1;
|
||||||
|
|
||||||
|
4
thirdparty/openssl/crypto/ecdh/ech_ossl.c
vendored
4
thirdparty/openssl/crypto/ecdh/ech_ossl.c
vendored
@ -212,7 +212,9 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
|
|||||||
BN_CTX_end(ctx);
|
BN_CTX_end(ctx);
|
||||||
if (ctx)
|
if (ctx)
|
||||||
BN_CTX_free(ctx);
|
BN_CTX_free(ctx);
|
||||||
if (buf)
|
if (buf) {
|
||||||
|
OPENSSL_cleanse(buf, buflen);
|
||||||
OPENSSL_free(buf);
|
OPENSSL_free(buf);
|
||||||
|
}
|
||||||
return (ret);
|
return (ret);
|
||||||
}
|
}
|
||||||
|
34
thirdparty/openssl/crypto/engine/eng_cryptodev.c
vendored
34
thirdparty/openssl/crypto/engine/eng_cryptodev.c
vendored
@ -26,6 +26,7 @@
|
|||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
#include <string.h>
|
||||||
#include <openssl/objects.h>
|
#include <openssl/objects.h>
|
||||||
#include <openssl/engine.h>
|
#include <openssl/engine.h>
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
@ -809,14 +810,15 @@ static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data,
|
|||||||
|
|
||||||
if (!(ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)) {
|
if (!(ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)) {
|
||||||
/* if application doesn't support one buffer */
|
/* if application doesn't support one buffer */
|
||||||
state->mac_data =
|
char *mac_data =
|
||||||
OPENSSL_realloc(state->mac_data, state->mac_len + count);
|
OPENSSL_realloc(state->mac_data, state->mac_len + count);
|
||||||
|
|
||||||
if (!state->mac_data) {
|
if (mac_data == NULL) {
|
||||||
printf("cryptodev_digest_update: realloc failed\n");
|
printf("cryptodev_digest_update: realloc failed\n");
|
||||||
return (0);
|
return (0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
state->mac_data = mac_data;
|
||||||
memcpy(state->mac_data + state->mac_len, data, count);
|
memcpy(state->mac_data + state->mac_len, data, count);
|
||||||
state->mac_len += count;
|
state->mac_len += count;
|
||||||
|
|
||||||
@ -934,11 +936,15 @@ static int cryptodev_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
|
|||||||
return (0);
|
return (0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
dstate->mac_len = fstate->mac_len;
|
||||||
if (fstate->mac_len != 0) {
|
if (fstate->mac_len != 0) {
|
||||||
if (fstate->mac_data != NULL) {
|
if (fstate->mac_data != NULL) {
|
||||||
dstate->mac_data = OPENSSL_malloc(fstate->mac_len);
|
dstate->mac_data = OPENSSL_malloc(fstate->mac_len);
|
||||||
|
if (dstate->mac_data == NULL) {
|
||||||
|
printf("cryptodev_digest_init: malloc failed\n");
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
memcpy(dstate->mac_data, fstate->mac_data, fstate->mac_len);
|
memcpy(dstate->mac_data, fstate->mac_data, fstate->mac_len);
|
||||||
dstate->mac_len = fstate->mac_len;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1064,8 +1070,7 @@ static void zapparams(struct crypt_kop *kop)
|
|||||||
int i;
|
int i;
|
||||||
|
|
||||||
for (i = 0; i < kop->crk_iparams + kop->crk_oparams; i++) {
|
for (i = 0; i < kop->crk_iparams + kop->crk_oparams; i++) {
|
||||||
if (kop->crk_param[i].crp_p)
|
OPENSSL_free(kop->crk_param[i].crp_p);
|
||||||
free(kop->crk_param[i].crp_p);
|
|
||||||
kop->crk_param[i].crp_p = NULL;
|
kop->crk_param[i].crp_p = NULL;
|
||||||
kop->crk_param[i].crp_nbits = 0;
|
kop->crk_param[i].crp_nbits = 0;
|
||||||
}
|
}
|
||||||
@ -1078,16 +1083,25 @@ cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen,
|
|||||||
int fd, ret = -1;
|
int fd, ret = -1;
|
||||||
|
|
||||||
if ((fd = get_asym_dev_crypto()) < 0)
|
if ((fd = get_asym_dev_crypto()) < 0)
|
||||||
return (ret);
|
return ret;
|
||||||
|
|
||||||
if (r) {
|
if (r) {
|
||||||
kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char));
|
kop->crk_param[kop->crk_iparams].crp_p = OPENSSL_malloc(rlen);
|
||||||
|
if (kop->crk_param[kop->crk_iparams].crp_p == NULL)
|
||||||
|
return ret;
|
||||||
|
memset(kop->crk_param[kop->crk_iparams].crp_p, 0, (size_t)rlen);
|
||||||
kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8;
|
kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8;
|
||||||
kop->crk_oparams++;
|
kop->crk_oparams++;
|
||||||
}
|
}
|
||||||
if (s) {
|
if (s) {
|
||||||
kop->crk_param[kop->crk_iparams + 1].crp_p =
|
kop->crk_param[kop->crk_iparams + 1].crp_p = OPENSSL_malloc(slen);
|
||||||
calloc(slen, sizeof(char));
|
/* No need to free the kop->crk_iparams parameter if it was allocated,
|
||||||
|
* callers of this routine have to free allocated parameters through
|
||||||
|
* zapparams both in case of success and failure
|
||||||
|
*/
|
||||||
|
if (kop->crk_param[kop->crk_iparams+1].crp_p == NULL)
|
||||||
|
return ret;
|
||||||
|
memset(kop->crk_param[kop->crk_iparams + 1].crp_p, 0, (size_t)slen);
|
||||||
kop->crk_param[kop->crk_iparams + 1].crp_nbits = slen * 8;
|
kop->crk_param[kop->crk_iparams + 1].crp_nbits = slen * 8;
|
||||||
kop->crk_oparams++;
|
kop->crk_oparams++;
|
||||||
}
|
}
|
||||||
@ -1100,7 +1114,7 @@ cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen,
|
|||||||
ret = 0;
|
ret = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
return (ret);
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
|
4
thirdparty/openssl/crypto/err/err.c
vendored
4
thirdparty/openssl/crypto/err/err.c
vendored
@ -172,6 +172,7 @@ static ERR_STRING_DATA ERR_str_functs[] = {
|
|||||||
# endif
|
# endif
|
||||||
{ERR_PACK(0, SYS_F_OPENDIR, 0), "opendir"},
|
{ERR_PACK(0, SYS_F_OPENDIR, 0), "opendir"},
|
||||||
{ERR_PACK(0, SYS_F_FREAD, 0), "fread"},
|
{ERR_PACK(0, SYS_F_FREAD, 0), "fread"},
|
||||||
|
{ERR_PACK(0, SYS_F_FFLUSH, 0), "fflush"},
|
||||||
{0, NULL},
|
{0, NULL},
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -868,6 +869,9 @@ void ERR_error_string_n(unsigned long e, char *buf, size_t len)
|
|||||||
const char *ls, *fs, *rs;
|
const char *ls, *fs, *rs;
|
||||||
unsigned long l, f, r;
|
unsigned long l, f, r;
|
||||||
|
|
||||||
|
if (len == 0)
|
||||||
|
return;
|
||||||
|
|
||||||
l = ERR_GET_LIB(e);
|
l = ERR_GET_LIB(e);
|
||||||
f = ERR_GET_FUNC(e);
|
f = ERR_GET_FUNC(e);
|
||||||
r = ERR_GET_REASON(e);
|
r = ERR_GET_REASON(e);
|
||||||
|
17
thirdparty/openssl/crypto/evp/bio_enc.c
vendored
17
thirdparty/openssl/crypto/evp/bio_enc.c
vendored
@ -201,9 +201,14 @@ static int enc_read(BIO *b, char *out, int outl)
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
EVP_CipherUpdate(&(ctx->cipher),
|
if (!EVP_CipherUpdate(&ctx->cipher,
|
||||||
(unsigned char *)ctx->buf, &ctx->buf_len,
|
(unsigned char *)ctx->buf, &ctx->buf_len,
|
||||||
(unsigned char *)&(ctx->buf[BUF_OFFSET]), i);
|
(unsigned char *)&(ctx->buf[BUF_OFFSET]),
|
||||||
|
i)) {
|
||||||
|
BIO_clear_retry_flags(b);
|
||||||
|
ctx->ok = 0;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
ctx->cont = 1;
|
ctx->cont = 1;
|
||||||
/*
|
/*
|
||||||
* Note: it is possible for EVP_CipherUpdate to decrypt zero
|
* Note: it is possible for EVP_CipherUpdate to decrypt zero
|
||||||
@ -260,9 +265,13 @@ static int enc_write(BIO *b, const char *in, int inl)
|
|||||||
ctx->buf_off = 0;
|
ctx->buf_off = 0;
|
||||||
while (inl > 0) {
|
while (inl > 0) {
|
||||||
n = (inl > ENC_BLOCK_SIZE) ? ENC_BLOCK_SIZE : inl;
|
n = (inl > ENC_BLOCK_SIZE) ? ENC_BLOCK_SIZE : inl;
|
||||||
EVP_CipherUpdate(&(ctx->cipher),
|
if (!EVP_CipherUpdate(&ctx->cipher,
|
||||||
(unsigned char *)ctx->buf, &ctx->buf_len,
|
(unsigned char *)ctx->buf, &ctx->buf_len,
|
||||||
(unsigned char *)in, n);
|
(unsigned char *)in, n)) {
|
||||||
|
BIO_clear_retry_flags(b);
|
||||||
|
ctx->ok = 0;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
inl -= n;
|
inl -= n;
|
||||||
in += n;
|
in += n;
|
||||||
|
|
||||||
|
2
thirdparty/openssl/crypto/evp/bio_ok.c
vendored
2
thirdparty/openssl/crypto/evp/bio_ok.c
vendored
@ -491,7 +491,7 @@ static int sig_out(BIO *b)
|
|||||||
* FIXME: there's absolutely no guarantee this makes any sense at all,
|
* FIXME: there's absolutely no guarantee this makes any sense at all,
|
||||||
* particularly now EVP_MD_CTX has been restructured.
|
* particularly now EVP_MD_CTX has been restructured.
|
||||||
*/
|
*/
|
||||||
if (RAND_pseudo_bytes(md->md_data, md->digest->md_size) < 0)
|
if (RAND_bytes(md->md_data, md->digest->md_size) <= 0)
|
||||||
goto berr;
|
goto berr;
|
||||||
memcpy(&(ctx->buf[ctx->buf_len]), md->md_data, md->digest->md_size);
|
memcpy(&(ctx->buf[ctx->buf_len]), md->md_data, md->digest->md_size);
|
||||||
longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size);
|
longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size);
|
||||||
|
5
thirdparty/openssl/crypto/evp/c_all.c
vendored
5
thirdparty/openssl/crypto/evp/c_all.c
vendored
@ -82,9 +82,4 @@ void OPENSSL_add_all_algorithms_noconf(void)
|
|||||||
OPENSSL_cpuid_setup();
|
OPENSSL_cpuid_setup();
|
||||||
OpenSSL_add_all_ciphers();
|
OpenSSL_add_all_ciphers();
|
||||||
OpenSSL_add_all_digests();
|
OpenSSL_add_all_digests();
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
|
||||||
# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
|
|
||||||
ENGINE_setup_bsd_cryptodev();
|
|
||||||
# endif
|
|
||||||
#endif
|
|
||||||
}
|
}
|
||||||
|
14
thirdparty/openssl/crypto/evp/digest.c
vendored
14
thirdparty/openssl/crypto/evp/digest.c
vendored
@ -253,10 +253,10 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
|
|||||||
int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
|
int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
|
||||||
{
|
{
|
||||||
#ifdef OPENSSL_FIPS
|
#ifdef OPENSSL_FIPS
|
||||||
|
if (FIPS_mode())
|
||||||
return FIPS_digestupdate(ctx, data, count);
|
return FIPS_digestupdate(ctx, data, count);
|
||||||
#else
|
|
||||||
return ctx->update(ctx, data, count);
|
|
||||||
#endif
|
#endif
|
||||||
|
return ctx->update(ctx, data, count);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* The caller can assume that this removes any secret data from the context */
|
/* The caller can assume that this removes any secret data from the context */
|
||||||
@ -271,10 +271,11 @@ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
|
|||||||
/* The caller can assume that this removes any secret data from the context */
|
/* The caller can assume that this removes any secret data from the context */
|
||||||
int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
|
int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
|
||||||
{
|
{
|
||||||
#ifdef OPENSSL_FIPS
|
|
||||||
return FIPS_digestfinal(ctx, md, size);
|
|
||||||
#else
|
|
||||||
int ret;
|
int ret;
|
||||||
|
#ifdef OPENSSL_FIPS
|
||||||
|
if (FIPS_mode())
|
||||||
|
return FIPS_digestfinal(ctx, md, size);
|
||||||
|
#endif
|
||||||
|
|
||||||
OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
|
OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
|
||||||
ret = ctx->digest->final(ctx, md);
|
ret = ctx->digest->final(ctx, md);
|
||||||
@ -284,9 +285,8 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
|
|||||||
ctx->digest->cleanup(ctx);
|
ctx->digest->cleanup(ctx);
|
||||||
EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
|
EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
|
||||||
}
|
}
|
||||||
memset(ctx->md_data, 0, ctx->digest->ctx_size);
|
OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size);
|
||||||
return ret;
|
return ret;
|
||||||
#endif
|
|
||||||
}
|
}
|
||||||
|
|
||||||
int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
|
int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
|
||||||
|
13
thirdparty/openssl/crypto/evp/e_aes.c
vendored
13
thirdparty/openssl/crypto/evp/e_aes.c
vendored
@ -155,10 +155,10 @@ void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out,
|
|||||||
const unsigned char ivec[AES_BLOCK_SIZE]);
|
const unsigned char ivec[AES_BLOCK_SIZE]);
|
||||||
# endif
|
# endif
|
||||||
# ifdef AES_XTS_ASM
|
# ifdef AES_XTS_ASM
|
||||||
void AES_xts_encrypt(const char *inp, char *out, size_t len,
|
void AES_xts_encrypt(const unsigned char *inp, unsigned char *out, size_t len,
|
||||||
const AES_KEY *key1, const AES_KEY *key2,
|
const AES_KEY *key1, const AES_KEY *key2,
|
||||||
const unsigned char iv[16]);
|
const unsigned char iv[16]);
|
||||||
void AES_xts_decrypt(const char *inp, char *out, size_t len,
|
void AES_xts_decrypt(const unsigned char *inp, unsigned char *out, size_t len,
|
||||||
const AES_KEY *key1, const AES_KEY *key2,
|
const AES_KEY *key1, const AES_KEY *key2,
|
||||||
const unsigned char iv[16]);
|
const unsigned char iv[16]);
|
||||||
# endif
|
# endif
|
||||||
@ -1120,6 +1120,8 @@ BLOCK_CIPHER_generic_pack(NID_aes, 128, EVP_CIPH_FLAG_FIPS)
|
|||||||
static int aes_gcm_cleanup(EVP_CIPHER_CTX *c)
|
static int aes_gcm_cleanup(EVP_CIPHER_CTX *c)
|
||||||
{
|
{
|
||||||
EVP_AES_GCM_CTX *gctx = c->cipher_data;
|
EVP_AES_GCM_CTX *gctx = c->cipher_data;
|
||||||
|
if (gctx == NULL)
|
||||||
|
return 0;
|
||||||
OPENSSL_cleanse(&gctx->gcm, sizeof(gctx->gcm));
|
OPENSSL_cleanse(&gctx->gcm, sizeof(gctx->gcm));
|
||||||
if (gctx->iv != c->iv)
|
if (gctx->iv != c->iv)
|
||||||
OPENSSL_free(gctx->iv);
|
OPENSSL_free(gctx->iv);
|
||||||
@ -1235,10 +1237,15 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
|
|||||||
{
|
{
|
||||||
unsigned int len = c->buf[arg - 2] << 8 | c->buf[arg - 1];
|
unsigned int len = c->buf[arg - 2] << 8 | c->buf[arg - 1];
|
||||||
/* Correct length for explicit IV */
|
/* Correct length for explicit IV */
|
||||||
|
if (len < EVP_GCM_TLS_EXPLICIT_IV_LEN)
|
||||||
|
return 0;
|
||||||
len -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
|
len -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
|
||||||
/* If decrypting correct for tag too */
|
/* If decrypting correct for tag too */
|
||||||
if (!c->encrypt)
|
if (!c->encrypt) {
|
||||||
|
if (len < EVP_GCM_TLS_TAG_LEN)
|
||||||
|
return 0;
|
||||||
len -= EVP_GCM_TLS_TAG_LEN;
|
len -= EVP_GCM_TLS_TAG_LEN;
|
||||||
|
}
|
||||||
c->buf[arg - 2] = len >> 8;
|
c->buf[arg - 2] = len >> 8;
|
||||||
c->buf[arg - 1] = len & 0xff;
|
c->buf[arg - 1] = len & 0xff;
|
||||||
}
|
}
|
||||||
|
@ -859,6 +859,8 @@ static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
|
|||||||
key->payload_length = len;
|
key->payload_length = len;
|
||||||
if ((key->aux.tls_ver =
|
if ((key->aux.tls_ver =
|
||||||
p[arg - 4] << 8 | p[arg - 3]) >= TLS1_1_VERSION) {
|
p[arg - 4] << 8 | p[arg - 3]) >= TLS1_1_VERSION) {
|
||||||
|
if (len < AES_BLOCK_SIZE)
|
||||||
|
return 0;
|
||||||
len -= AES_BLOCK_SIZE;
|
len -= AES_BLOCK_SIZE;
|
||||||
p[arg - 2] = len >> 8;
|
p[arg - 2] = len >> 8;
|
||||||
p[arg - 1] = len;
|
p[arg - 1] = len;
|
||||||
|
@ -825,15 +825,19 @@ static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
|
|||||||
case EVP_CTRL_AEAD_TLS1_AAD:
|
case EVP_CTRL_AEAD_TLS1_AAD:
|
||||||
{
|
{
|
||||||
unsigned char *p = ptr;
|
unsigned char *p = ptr;
|
||||||
unsigned int len = p[arg - 2] << 8 | p[arg - 1];
|
unsigned int len;
|
||||||
|
|
||||||
if (arg != EVP_AEAD_TLS1_AAD_LEN)
|
if (arg != EVP_AEAD_TLS1_AAD_LEN)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
|
len = p[arg - 2] << 8 | p[arg - 1];
|
||||||
|
|
||||||
if (ctx->encrypt) {
|
if (ctx->encrypt) {
|
||||||
key->payload_length = len;
|
key->payload_length = len;
|
||||||
if ((key->aux.tls_ver =
|
if ((key->aux.tls_ver =
|
||||||
p[arg - 4] << 8 | p[arg - 3]) >= TLS1_1_VERSION) {
|
p[arg - 4] << 8 | p[arg - 3]) >= TLS1_1_VERSION) {
|
||||||
|
if (len < AES_BLOCK_SIZE)
|
||||||
|
return 0;
|
||||||
len -= AES_BLOCK_SIZE;
|
len -= AES_BLOCK_SIZE;
|
||||||
p[arg - 2] = len >> 8;
|
p[arg - 2] = len >> 8;
|
||||||
p[arg - 1] = len;
|
p[arg - 1] = len;
|
||||||
|
2
thirdparty/openssl/crypto/evp/e_des3.c
vendored
2
thirdparty/openssl/crypto/evp/e_des3.c
vendored
@ -212,6 +212,8 @@ static int des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
|||||||
size_t n;
|
size_t n;
|
||||||
unsigned char c[1], d[1];
|
unsigned char c[1], d[1];
|
||||||
|
|
||||||
|
if (!EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS))
|
||||||
|
inl *= 8;
|
||||||
for (n = 0; n < inl; ++n) {
|
for (n = 0; n < inl; ++n) {
|
||||||
c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
|
c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
|
||||||
DES_ede3_cfb_encrypt(c, d, 1, 1,
|
DES_ede3_cfb_encrypt(c, d, 1, 1,
|
||||||
|
@ -99,7 +99,7 @@ static int rc4_hmac_md5_init_key(EVP_CIPHER_CTX *ctx,
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
# if !defined(OPENSSL_NO_ASM) && ( \
|
# if defined(RC4_ASM) && defined(MD5_ASM) && ( \
|
||||||
defined(__x86_64) || defined(__x86_64__) || \
|
defined(__x86_64) || defined(__x86_64__) || \
|
||||||
defined(_M_AMD64) || defined(_M_X64) || \
|
defined(_M_AMD64) || defined(_M_X64) || \
|
||||||
defined(__INTEL__) ) && \
|
defined(__INTEL__) ) && \
|
||||||
@ -254,6 +254,8 @@ static int rc4_hmac_md5_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
|
|||||||
MD5_Init(&key->tail);
|
MD5_Init(&key->tail);
|
||||||
MD5_Update(&key->tail, hmac_key, sizeof(hmac_key));
|
MD5_Update(&key->tail, hmac_key, sizeof(hmac_key));
|
||||||
|
|
||||||
|
OPENSSL_cleanse(hmac_key, sizeof(hmac_key));
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
case EVP_CTRL_AEAD_TLS1_AAD:
|
case EVP_CTRL_AEAD_TLS1_AAD:
|
||||||
@ -267,6 +269,8 @@ static int rc4_hmac_md5_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
|
|||||||
len = p[arg - 2] << 8 | p[arg - 1];
|
len = p[arg - 2] << 8 | p[arg - 1];
|
||||||
|
|
||||||
if (!ctx->encrypt) {
|
if (!ctx->encrypt) {
|
||||||
|
if (len < MD5_DIGEST_LENGTH)
|
||||||
|
return -1;
|
||||||
len -= MD5_DIGEST_LENGTH;
|
len -= MD5_DIGEST_LENGTH;
|
||||||
p[arg - 2] = len >> 8;
|
p[arg - 2] = len >> 8;
|
||||||
p[arg - 1] = len;
|
p[arg - 1] = len;
|
||||||
|
3
thirdparty/openssl/crypto/evp/e_seed.c
vendored
3
thirdparty/openssl/crypto/evp/e_seed.c
vendored
@ -70,7 +70,8 @@ typedef struct {
|
|||||||
} EVP_SEED_KEY;
|
} EVP_SEED_KEY;
|
||||||
|
|
||||||
IMPLEMENT_BLOCK_CIPHER(seed, ks, SEED, EVP_SEED_KEY, NID_seed,
|
IMPLEMENT_BLOCK_CIPHER(seed, ks, SEED, EVP_SEED_KEY, NID_seed,
|
||||||
16, 16, 16, 128, 0, seed_init_key, 0, 0, 0, 0)
|
16, 16, 16, 128, EVP_CIPH_FLAG_DEFAULT_ASN1,
|
||||||
|
seed_init_key, 0, 0, 0, 0)
|
||||||
|
|
||||||
static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
||||||
const unsigned char *iv, int enc)
|
const unsigned char *iv, int enc)
|
||||||
|
11
thirdparty/openssl/crypto/evp/evp_enc.c
vendored
11
thirdparty/openssl/crypto/evp/evp_enc.c
vendored
@ -170,7 +170,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
|
|||||||
|
|
||||||
#ifdef OPENSSL_FIPS
|
#ifdef OPENSSL_FIPS
|
||||||
if (FIPS_mode()) {
|
if (FIPS_mode()) {
|
||||||
const EVP_CIPHER *fcipher;
|
const EVP_CIPHER *fcipher = NULL;
|
||||||
if (cipher)
|
if (cipher)
|
||||||
fcipher = evp_get_fips_cipher(cipher);
|
fcipher = evp_get_fips_cipher(cipher);
|
||||||
if (fcipher)
|
if (fcipher)
|
||||||
@ -182,6 +182,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
|
|||||||
if (ctx->cipher->ctx_size) {
|
if (ctx->cipher->ctx_size) {
|
||||||
ctx->cipher_data = OPENSSL_malloc(ctx->cipher->ctx_size);
|
ctx->cipher_data = OPENSSL_malloc(ctx->cipher->ctx_size);
|
||||||
if (!ctx->cipher_data) {
|
if (!ctx->cipher_data) {
|
||||||
|
ctx->cipher = NULL;
|
||||||
EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE);
|
EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -193,6 +194,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
|
|||||||
ctx->flags &= EVP_CIPHER_CTX_FLAG_WRAP_ALLOW;
|
ctx->flags &= EVP_CIPHER_CTX_FLAG_WRAP_ALLOW;
|
||||||
if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) {
|
if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) {
|
||||||
if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) {
|
if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) {
|
||||||
|
ctx->cipher = NULL;
|
||||||
EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
|
EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -654,6 +656,7 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
|
|||||||
if (in->cipher_data && in->cipher->ctx_size) {
|
if (in->cipher_data && in->cipher->ctx_size) {
|
||||||
out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size);
|
out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size);
|
||||||
if (!out->cipher_data) {
|
if (!out->cipher_data) {
|
||||||
|
out->cipher = NULL;
|
||||||
EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_MALLOC_FAILURE);
|
EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -661,6 +664,10 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY)
|
if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY)
|
||||||
return in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out);
|
if (!in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out)) {
|
||||||
|
out->cipher = NULL;
|
||||||
|
EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, EVP_R_INITIALIZATION_ERROR);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
3
thirdparty/openssl/crypto/evp/evp_err.c
vendored
3
thirdparty/openssl/crypto/evp/evp_err.c
vendored
@ -1,6 +1,6 @@
|
|||||||
/* crypto/evp/evp_err.c */
|
/* crypto/evp/evp_err.c */
|
||||||
/* ====================================================================
|
/* ====================================================================
|
||||||
* Copyright (c) 1999-2013 The OpenSSL Project. All rights reserved.
|
* Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved.
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* Redistribution and use in source and binary forms, with or without
|
||||||
* modification, are permitted provided that the following conditions
|
* modification, are permitted provided that the following conditions
|
||||||
@ -192,6 +192,7 @@ static ERR_STRING_DATA EVP_str_reasons[] = {
|
|||||||
{ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED), "input not initialized"},
|
{ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED), "input not initialized"},
|
||||||
{ERR_REASON(EVP_R_INVALID_DIGEST), "invalid digest"},
|
{ERR_REASON(EVP_R_INVALID_DIGEST), "invalid digest"},
|
||||||
{ERR_REASON(EVP_R_INVALID_FIPS_MODE), "invalid fips mode"},
|
{ERR_REASON(EVP_R_INVALID_FIPS_MODE), "invalid fips mode"},
|
||||||
|
{ERR_REASON(EVP_R_INVALID_KEY), "invalid key"},
|
||||||
{ERR_REASON(EVP_R_INVALID_KEY_LENGTH), "invalid key length"},
|
{ERR_REASON(EVP_R_INVALID_KEY_LENGTH), "invalid key length"},
|
||||||
{ERR_REASON(EVP_R_INVALID_OPERATION), "invalid operation"},
|
{ERR_REASON(EVP_R_INVALID_OPERATION), "invalid operation"},
|
||||||
{ERR_REASON(EVP_R_IV_TOO_LARGE), "iv too large"},
|
{ERR_REASON(EVP_R_IV_TOO_LARGE), "iv too large"},
|
||||||
|
22
thirdparty/openssl/crypto/evp/openbsd_hw.c
vendored
22
thirdparty/openssl/crypto/evp/openbsd_hw.c
vendored
@ -133,6 +133,10 @@ static int dev_crypto_init_key(EVP_CIPHER_CTX *ctx, int cipher,
|
|||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
CDATA(ctx)->key = OPENSSL_malloc(MAX_HW_KEY);
|
CDATA(ctx)->key = OPENSSL_malloc(MAX_HW_KEY);
|
||||||
|
if (CDATA(ctx)->key == NULL {
|
||||||
|
err("CDATA(ctx)->key memory allocation failed");
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
assert(ctx->cipher->iv_len <= MAX_HW_IV);
|
assert(ctx->cipher->iv_len <= MAX_HW_IV);
|
||||||
|
|
||||||
@ -186,6 +190,11 @@ static int dev_crypto_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
|||||||
|
|
||||||
if (((unsigned long)in & 3) || cinl != inl) {
|
if (((unsigned long)in & 3) || cinl != inl) {
|
||||||
cin = OPENSSL_malloc(cinl);
|
cin = OPENSSL_malloc(cinl);
|
||||||
|
if (cin == NULL) {
|
||||||
|
err("cin - memory allocation failed");
|
||||||
|
abort();
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
memcpy(cin, in, inl);
|
memcpy(cin, in, inl);
|
||||||
cryp.src = cin;
|
cryp.src = cin;
|
||||||
}
|
}
|
||||||
@ -334,6 +343,11 @@ static int do_digest(int ses, unsigned char *md, const void *data, int len)
|
|||||||
char *dcopy;
|
char *dcopy;
|
||||||
|
|
||||||
dcopy = OPENSSL_malloc(len);
|
dcopy = OPENSSL_malloc(len);
|
||||||
|
if (dcopy == NULL) {
|
||||||
|
err("dcopy - memory allocation failed");
|
||||||
|
abort();
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
memcpy(dcopy, data, len);
|
memcpy(dcopy, data, len);
|
||||||
cryp.src = dcopy;
|
cryp.src = dcopy;
|
||||||
cryp.dst = cryp.src; // FIXME!!!
|
cryp.dst = cryp.src; // FIXME!!!
|
||||||
@ -364,6 +378,10 @@ static int dev_crypto_md5_update(EVP_MD_CTX *ctx, const void *data,
|
|||||||
return do_digest(md_data->sess.ses, md_data->md, data, len);
|
return do_digest(md_data->sess.ses, md_data->md, data, len);
|
||||||
|
|
||||||
md_data->data = OPENSSL_realloc(md_data->data, md_data->len + len);
|
md_data->data = OPENSSL_realloc(md_data->data, md_data->len + len);
|
||||||
|
if (md_data->data == NULL) {
|
||||||
|
err("DEV_CRYPTO_MD5_UPDATE: unable to allocate memory");
|
||||||
|
abort();
|
||||||
|
}
|
||||||
memcpy(md_data->data + md_data->len, data, len);
|
memcpy(md_data->data + md_data->len, data, len);
|
||||||
md_data->len += len;
|
md_data->len += len;
|
||||||
|
|
||||||
@ -397,6 +415,10 @@ static int dev_crypto_md5_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
|
|||||||
assert(from->digest->flags & EVP_MD_FLAG_ONESHOT);
|
assert(from->digest->flags & EVP_MD_FLAG_ONESHOT);
|
||||||
|
|
||||||
to_md->data = OPENSSL_malloc(from_md->len);
|
to_md->data = OPENSSL_malloc(from_md->len);
|
||||||
|
if (to_md->data == NULL) {
|
||||||
|
err("DEV_CRYPTO_MD5_COPY: unable to allocate memory");
|
||||||
|
abort();
|
||||||
|
}
|
||||||
memcpy(to_md->data, from_md->data, from_md->len);
|
memcpy(to_md->data, from_md->data, from_md->len);
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
|
8
thirdparty/openssl/crypto/evp/p_lib.c
vendored
8
thirdparty/openssl/crypto/evp/p_lib.c
vendored
@ -130,6 +130,14 @@ int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
|
|||||||
EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_MISSING_PARAMETERS);
|
EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_MISSING_PARAMETERS);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!EVP_PKEY_missing_parameters(to)) {
|
||||||
|
if (EVP_PKEY_cmp_parameters(to, from) == 1)
|
||||||
|
return 1;
|
||||||
|
EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_DIFFERENT_PARAMETERS);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
if (from->ameth && from->ameth->param_copy)
|
if (from->ameth && from->ameth->param_copy)
|
||||||
return from->ameth->param_copy(to, from);
|
return from->ameth->param_copy(to, from);
|
||||||
err:
|
err:
|
||||||
|
16
thirdparty/openssl/crypto/evp/pmeth_fn.c
vendored
16
thirdparty/openssl/crypto/evp/pmeth_fn.c
vendored
@ -65,17 +65,19 @@
|
|||||||
#include "evp_locl.h"
|
#include "evp_locl.h"
|
||||||
|
|
||||||
#define M_check_autoarg(ctx, arg, arglen, err) \
|
#define M_check_autoarg(ctx, arg, arglen, err) \
|
||||||
if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) \
|
if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) { \
|
||||||
{ \
|
|
||||||
size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \
|
size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \
|
||||||
if (!arg) \
|
\
|
||||||
{ \
|
if (pksize == 0) { \
|
||||||
|
EVPerr(err, EVP_R_INVALID_KEY); /*ckerr_ignore*/ \
|
||||||
|
return 0; \
|
||||||
|
} \
|
||||||
|
if (!arg) { \
|
||||||
*arglen = pksize; \
|
*arglen = pksize; \
|
||||||
return 1; \
|
return 1; \
|
||||||
} \
|
} \
|
||||||
else if (*arglen < pksize) \
|
if (*arglen < pksize) { \
|
||||||
{ \
|
EVPerr(err, EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/ \
|
||||||
EVPerr(err, EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/\
|
|
||||||
return 0; \
|
return 0; \
|
||||||
} \
|
} \
|
||||||
}
|
}
|
||||||
|
4
thirdparty/openssl/crypto/evp/pmeth_gn.c
vendored
4
thirdparty/openssl/crypto/evp/pmeth_gn.c
vendored
@ -149,8 +149,10 @@ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
|
|||||||
if (!ppkey)
|
if (!ppkey)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
if (!*ppkey)
|
if (*ppkey == NULL)
|
||||||
*ppkey = EVP_PKEY_new();
|
*ppkey = EVP_PKEY_new();
|
||||||
|
if (*ppkey == NULL)
|
||||||
|
return -1;
|
||||||
|
|
||||||
ret = ctx->pmeth->keygen(ctx, *ppkey);
|
ret = ctx->pmeth->keygen(ctx, *ppkey);
|
||||||
if (ret <= 0) {
|
if (ret <= 0) {
|
||||||
|
32
thirdparty/openssl/crypto/evp/pmeth_lib.c
vendored
32
thirdparty/openssl/crypto/evp/pmeth_lib.c
vendored
@ -91,7 +91,9 @@ static const EVP_PKEY_METHOD *standard_methods[] = {
|
|||||||
&ec_pkey_meth,
|
&ec_pkey_meth,
|
||||||
#endif
|
#endif
|
||||||
&hmac_pkey_meth,
|
&hmac_pkey_meth,
|
||||||
|
#ifndef OPENSSL_NO_CMAC
|
||||||
&cmac_pkey_meth,
|
&cmac_pkey_meth,
|
||||||
|
#endif
|
||||||
#ifndef OPENSSL_NO_DH
|
#ifndef OPENSSL_NO_DH
|
||||||
&dhx_pkey_meth
|
&dhx_pkey_meth
|
||||||
#endif
|
#endif
|
||||||
@ -186,6 +188,7 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
|
|||||||
|
|
||||||
if (pmeth->init) {
|
if (pmeth->init) {
|
||||||
if (pmeth->init(ret) <= 0) {
|
if (pmeth->init(ret) <= 0) {
|
||||||
|
ret->pmeth = NULL;
|
||||||
EVP_PKEY_CTX_free(ret);
|
EVP_PKEY_CTX_free(ret);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -197,6 +200,7 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
|
|||||||
EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags)
|
EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags)
|
||||||
{
|
{
|
||||||
EVP_PKEY_METHOD *pmeth;
|
EVP_PKEY_METHOD *pmeth;
|
||||||
|
|
||||||
pmeth = OPENSSL_malloc(sizeof(EVP_PKEY_METHOD));
|
pmeth = OPENSSL_malloc(sizeof(EVP_PKEY_METHOD));
|
||||||
if (!pmeth)
|
if (!pmeth)
|
||||||
return NULL;
|
return NULL;
|
||||||
@ -205,33 +209,6 @@ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags)
|
|||||||
|
|
||||||
pmeth->pkey_id = id;
|
pmeth->pkey_id = id;
|
||||||
pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;
|
pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;
|
||||||
|
|
||||||
pmeth->init = 0;
|
|
||||||
pmeth->copy = 0;
|
|
||||||
pmeth->cleanup = 0;
|
|
||||||
pmeth->paramgen_init = 0;
|
|
||||||
pmeth->paramgen = 0;
|
|
||||||
pmeth->keygen_init = 0;
|
|
||||||
pmeth->keygen = 0;
|
|
||||||
pmeth->sign_init = 0;
|
|
||||||
pmeth->sign = 0;
|
|
||||||
pmeth->verify_init = 0;
|
|
||||||
pmeth->verify = 0;
|
|
||||||
pmeth->verify_recover_init = 0;
|
|
||||||
pmeth->verify_recover = 0;
|
|
||||||
pmeth->signctx_init = 0;
|
|
||||||
pmeth->signctx = 0;
|
|
||||||
pmeth->verifyctx_init = 0;
|
|
||||||
pmeth->verifyctx = 0;
|
|
||||||
pmeth->encrypt_init = 0;
|
|
||||||
pmeth->encrypt = 0;
|
|
||||||
pmeth->decrypt_init = 0;
|
|
||||||
pmeth->decrypt = 0;
|
|
||||||
pmeth->derive_init = 0;
|
|
||||||
pmeth->derive = 0;
|
|
||||||
pmeth->ctrl = 0;
|
|
||||||
pmeth->ctrl_str = 0;
|
|
||||||
|
|
||||||
return pmeth;
|
return pmeth;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -339,6 +316,7 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
|
|||||||
if (pctx->pmeth->copy(rctx, pctx) > 0)
|
if (pctx->pmeth->copy(rctx, pctx) > 0)
|
||||||
return rctx;
|
return rctx;
|
||||||
|
|
||||||
|
rctx->pmeth = NULL;
|
||||||
EVP_PKEY_CTX_free(rctx);
|
EVP_PKEY_CTX_free(rctx);
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user