This commit was manufactured by cvs2svn to create tag

'LEVITTE_before_const'.

CHANGES

@@ -4,6 +4,19 @@
 
  Changes between 0.9.7c and 0.9.8  [xx XXX xxxx]
 
+  *) BN_zero() only needs to set 'top' and 'neg' to zero for correct results,
+     and this should never fail. So the return value from the use of
+     BN_set_word() (which can fail due to needless expansion) is now deprecated;
+     if OPENSSL_NO_DEPRECATED is defined, BN_zero() is a void macro.
+     [Geoff Thorpe]
+
+  *) BN_CTX_get() should return zero-valued bignums, providing the same
+     initialised value as BN_new().
+     [Geoff Thorpe, suggested by Ulf M<>ller]
+
+  *) Support for inhibitAnyPolicy certificate extension.
+     [Steve Henson]
+
   *) An audit of the BIGNUM code is underway, for which debugging code is
      enabled when BN_DEBUG is defined. This makes stricter enforcements on what
      is considered valid when processing BIGNUMs, and causes execution to
@@ -18,7 +31,7 @@
      some point, these tighter rules will become openssl's default to improve
      maintainability, though the assert()s and other overheads will remain only
      in debugging configurations. See bn.h for more details.
-     [Geoff Thorpe]
+     [Geoff Thorpe, Nils Larsch, Ulf M<>ller]
 
   *) BN_CTX_init() has been deprecated, as BN_CTX is an opaque structure
      that can only be obtained through BN_CTX_new() (which implicitly
@@ -617,6 +630,27 @@
 
  Changes between 0.9.7c and 0.9.7d  [xx XXX XXXX]
 
+  *) X509 verify fixes. Disable broken certificate workarounds when 
+     X509_V_FLAGS_X509_STRICT is set. Check CRL issuer has cRLSign set if
+     keyUsage extension present. Don't accept CRLs with unhandled critical
+     extensions: since verify currently doesn't process CRL extensions this
+     rejects a CRL with *any* critical extensions. Add new verify error codes
+     for these cases.
+     [Steve Henson]
+
+  *) When creating an OCSP nonce use an OCTET STRING inside the extnValue.
+     A clarification of RFC2560 will require the use of OCTET STRINGs and 
+     some implementations cannot handle the current raw format. Since OpenSSL
+     copies and compares OCSP nonces as opaque blobs without any attempt at
+     parsing them this should not create any compatibility issues.
+     [Steve Henson]
+
+  *) New md flag EVP_MD_CTX_FLAG_REUSE this allows md_data to be reused when
+     calling EVP_MD_CTX_copy_ex() to avoid calling OPENSSL_malloc(). Without
+     this HMAC (and other) operations are several times slower than OpenSSL
+     < 0.9.7.
+     [Steve Henson]
+
   *) Print out GeneralizedTime and UTCTime in ASN1_STRING_print_ex().
      [Peter Sylvester <Peter.Sylvester@EdelWeb.fr>]
 

Configure

@@ -145,11 +145,11 @@ my %table=(
 "debug-ulf", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DBN_DEBUG_RAND -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations:::CYGWIN32::::win32:cygwin-shared:::.dll",
 "debug-steve",	"gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -mcpu=i486 -pedantic -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared",
 "debug-steve-linux-pseudo64",	"gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DOPENSSL_NO_ASM -g -mcpu=i486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:SIXTY_FOUR_BIT::dlfcn:linux-shared",
-"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wmissing-prototypes -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wmissing-prototypes -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-levitte-linux-elf-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wmissing-prototypes -Wconversion -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wmissing-prototypes -Wconversion -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-geoff","gcc:-DBN_DEBUG -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -g -ggdb3 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-levitte-linux-elf-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-geoff","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DBN_CTX_DEBUG -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -g -ggdb3 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "dist",		"cc:-O::(unknown)::::::",
 
 # Basic configs that should work on any (32 and less bit) box
@@ -216,13 +216,13 @@ my %table=(
 "irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR::::::::::dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 #### IRIX 6.x configs
 # Only N32 and N64 ABIs are supported. If you need O32 ABI build, invoke
-# './Configure irix-[g]cc' manually.
+# './Configure irix-cc -o32' manually.
 # -mips4 flag is added by ./config when appropriate.
-"irix-mips3-gcc","gcc:-mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix-mips3-gcc","gcc:-mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${mips3_irix_asm}:dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${mips3_irix_asm}:dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # N64 ABI builds.
-"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_irix_asm}:dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_irix_asm}:dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 #### Unified HP-UX ANSI C configs.
 # Special notes:
@@ -252,21 +252,15 @@ my %table=(
 #   crypto/sha/sha_lcl.h.
 #					<appro@fy.chalmers.se>
 #
-#!#"hpux-parisc-cc","cc:-Ae +O3 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl",
 # Since there is mention of this in shlib/hpux10-cc.sh
 "hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc2-gcc","gcc:-march=2.0 -O3 -DB_ENDIAN::-D_REENTRANT::-Wl,+s -ldld:SIXTY_FOUR_BIT RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL DES_RISC1:asm/pa-risc2.o:::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # 64bit PARISC for GCC without optimization, which seems to make problems.
 # Submitted by <ross.alexander@uk.neceur.com>
 "hpux64-parisc-gcc","gcc:-DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux64-shared:-fpic::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "hpux64-parisc2-gcc","gcc:-O3 -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux64-shared:-fpic::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
-# HP/UX IA-64 targets
-"hpux-ia64-cc","cc:-Ae +DD32 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o:::::::::dlfcn:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# Frank Geurts <frank.geurts@nl.abnamro.com> has patiently assisted with
-# with debugging of the following config.
-"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o:::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
 # More attempts at unified 10.X and 11.X targets for HP C compiler.
 #
 # Chris Ruemmler <ruemmler@cup.hp.com>
@@ -278,6 +272,16 @@ my %table=(
 # hpux-parisc1_0-cc with +DAportable flag would make more sense. <appro>
 "hpux-parisc1_1-cc","cc:+DA1.1 +DS1.1 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
+# HP/UX IA-64 targets
+"hpux-ia64-cc","cc:-Ae +DD32 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o:::::::::dlfcn:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# Frank Geurts <frank.geurts@nl.abnamro.com> has patiently assisted with
+# with debugging of the following config.
+"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o:::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# GCC builds [not tested yet]...
+# _ILP32 should have been defined by compiler driver, but it isn't...
+"hpux-ia64-gcc","gcc:-O3 -DB_ENDIAN -D_ILP32::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64.o:::::::::dlfcn:hpux-shared:-fpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux64-ia64-gcc","gcc:-mlp64 -O3 -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64.o:::::::::dlfcn:hpux-shared:-fpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 
+
 # HPUX 9.X config.
 # Don't use the bundled cc.  It is broken.  Use HP ANSI C if possible, or
 # egcs.  gcc 2.8.1 is also broken.

FAQ

@@ -116,11 +116,14 @@ OpenSSL.  Information on the OpenSSL mailing lists is available from
 
 * Where can I get a compiled version of OpenSSL?
 
+You can finder pointers to binary distributions in
+http://www.openssl.org/related/binaries.html .
+
 Some applications that use OpenSSL are distributed in binary form.
 When using such an application, you don't need to install OpenSSL
 yourself; the application will include the required parts (e.g. DLLs).
 
-If you want to install OpenSSL on a Windows system and you don't have
+If you want to build OpenSSL on a Windows system and you don't have
 a C compiler, read the "Mingw32" section of INSTALL.W32 for information
 on how to obtain and install the free GNU C compiler.
 
@@ -646,26 +649,26 @@ built OpenSSL with /MD your application must use /MD and cannot use /MDd.
 * How do I read or write a DER encoded buffer using the ASN1 functions?
 
 You have two options. You can either use a memory BIO in conjunction
-with the i2d_XXX_bio() or d2i_XXX_bio() functions or you can use the
-i2d_XXX(), d2i_XXX() functions directly. Since these are often the
+with the i2d_*_bio() or d2i_*_bio() functions or you can use the
+i2d_*(), d2i_*() functions directly. Since these are often the
 cause of grief here are some code fragments using PKCS7 as an example:
 
-unsigned char *buf, *p;
-int len;
+ unsigned char *buf, *p;
+ int len;
 
-len = i2d_PKCS7(p7, NULL);
-buf = OPENSSL_malloc(len); /* or Malloc, error checking omitted */
-p = buf;
-i2d_PKCS7(p7, &p);
+ len = i2d_PKCS7(p7, NULL);
+ buf = OPENSSL_malloc(len); /* or Malloc, error checking omitted */
+ p = buf;
+ i2d_PKCS7(p7, &p);
 
 At this point buf contains the len bytes of the DER encoding of
 p7.
 
 The opposite assumes we already have len bytes in buf:
 
-unsigned char *p;
-p = buf;
-p7 = d2i_PKCS7(NULL, &p, len);
+ unsigned char *p;
+ p = buf;
+ p7 = d2i_PKCS7(NULL, &p, len);
 
 At this point p7 contains a valid PKCS7 structure of NULL if an error
 occurred. If an error occurred ERR_print_errors(bio) should give more

MacOS/GetHTTPS.src/CPStringUtils.cpp

@@ -2750,4 +2750,4 @@ void SkipWhiteSpace(char **ioSrcCharPtr,const Boolean inStopAtEOL)
 			}
 		}
 	}
-}
+}

MacOS/GetHTTPS.src/ErrorHandling.cpp

@@ -167,4 +167,4 @@ void ThrowErrorMessageException(void)
 	ThrowDescriptiveException(gErrorMessage);
 }
 
-#endif
+#endif

Makefile.org

@@ -174,10 +174,11 @@ SHLIBDIRS= crypto ssl
 
 # dirs in crypto to build
 SDIRS=  \
+	objects \
 	md2 md4 md5 sha mdc2 hmac ripemd \
 	des rc2 rc4 rc5 idea bf cast \
 	bn ec rsa dsa ecdsa dh ecdh dso engine aes \
-	buffer bio stack lhash rand err objects \
+	buffer bio stack lhash rand err \
 	evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
 	store
 

Makefile.shared

@@ -548,8 +548,10 @@ link_o.irix:
 		SHLIB=lib$(LIBNAME).so; \
 		SHLIB_SUFFIX=; \
 		LIBDEPS="$(LIBDEPS) -lc"; \
-		ALLSYMSFLAGS='-all'; \
-		NOALLSYMSFLAGS=''; \
+		MINUSWL=""; \
+		($(CC) -v 2>&1 | grep gcc) > /dev/null && MINUSWL="-Wl,"; \
+		ALLSYMSFLAGS="$${MINUSWL}-all"; \
+		NOALLSYMSFLAGS="$${MINUSWL}-notall"; \
 		SHAREDFLAGS="-shared -Wl,-soname,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX -Wl,-rpath,$(LIBRPATH)"; \
 		SHAREDCMD='$(CC)'; \
 	fi; \
@@ -562,8 +564,10 @@ link_a.irix:
 		SHLIB=lib$(LIBNAME).so; \
 		SHLIB_SUFFIX=; \
 		LIBDEPS="$(LIBDEPS) -lc"; \
-		ALLSYMSFLAGS='-all'; \
-		NOALLSYMSFLAGS=''; \
+		MINUSWL=""; \
+		($(CC) -v 2>&1 | grep gcc) > /dev/null && MINUSWL="-Wl,"; \
+		ALLSYMSFLAGS="$${MINUSWL}-all"; \
+		NOALLSYMSFLAGS="$${MINUSWL}-notall"; \
 		SHAREDFLAGS="-shared -Wl,-soname,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX -Wl,-rpath,$(LIBRPATH)"; \
 		SHAREDCMD='$(CC)'; \
 	fi; \

TABLE

@@ -1,3 +1,4 @@
+Output of `Configure TABLE':
 
 *** BC-16
 $cc           = bcc
@@ -1676,7 +1677,7 @@ $arflags      =
 
 *** debug-geoff
 $cc           = gcc
-$cflags       = -DBN_DEBUG -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -g -ggdb3 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long
+$cflags       = -DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DBN_CTX_DEBUG -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -g -ggdb3 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@@ -1701,7 +1702,7 @@ $arflags      =
 
 *** debug-levitte-linux-elf
 $cc           = gcc
-$cflags       = -DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wmissing-prototypes -Wno-long-long -pipe
+$cflags       = -DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@@ -1726,7 +1727,7 @@ $arflags      =
 
 *** debug-levitte-linux-elf-extreme
 $cc           = gcc
-$cflags       = -DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wmissing-prototypes -Wconversion -Wno-long-long -pipe
+$cflags       = -DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@@ -1751,7 +1752,7 @@ $arflags      =
 
 *** debug-levitte-linux-noasm
 $cc           = gcc
-$cflags       = -DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wmissing-prototypes -Wno-long-long -pipe
+$cflags       = -DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@@ -1776,7 +1777,7 @@ $arflags      =
 
 *** debug-levitte-linux-noasm-extreme
 $cc           = gcc
-$cflags       = -DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wmissing-prototypes -Wconversion -Wno-long-long -pipe
+$cflags       = -DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@@ -2349,6 +2350,31 @@ $shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
 
+*** hpux-ia64-gcc
+$cc           = gcc
+$cflags       = -O3 -DB_ENDIAN -D_ILP32
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = 
+$lflags       = -ldl
+$bn_ops       = SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
+$bn_obj       = asm/ia64.o
+$des_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+$dso_scheme   = dlfcn
+$shared_target= hpux-shared
+$shared_cflag = -fpic
+$shared_ldflag = 
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib       = 
+$arflags      = 
+
 *** hpux-m68k-gcc
 $cc           = gcc
 $cflags       = -DB_ENDIAN -DBN_DIV2W -O3
@@ -2499,6 +2525,31 @@ $shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
 
+*** hpux-parisc2-gcc
+$cc           = gcc
+$cflags       = -march=2.0 -O3 -DB_ENDIAN
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = 
+$lflags       = -Wl,+s -ldld
+$bn_ops       = SIXTY_FOUR_BIT RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL DES_RISC1
+$bn_obj       = asm/pa-risc2.o
+$des_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+$dso_scheme   = dl
+$shared_target= hpux-shared
+$shared_cflag = -fPIC
+$shared_ldflag = 
+$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib       = 
+$arflags      = 
+
 *** hpux10-brokencc
 $cc           = cc
 $cflags       = -DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z
@@ -2624,6 +2675,31 @@ $shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
 
+*** hpux64-ia64-gcc
+$cc           = gcc
+$cflags       = -mlp64 -O3 -DB_ENDIAN
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = 
+$lflags       = -ldl
+$bn_ops       = SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
+$bn_obj       = asm/ia64.o
+$des_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+$dso_scheme   = dlfcn
+$shared_target= hpux-shared
+$shared_cflag = -fpic
+$shared_ldflag = 
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib       = 
+$arflags      = 
+
 *** hpux64-parisc-gcc
 $cc           = gcc
 $cflags       = -DB_ENDIAN -DMD32_XARRAY
@@ -3549,6 +3625,56 @@ $shared_extension =
 $ranlib       = 
 $arflags      = 
 
+*** netware-clib
+$cc           = mwccnlm
+$cflags       = 
+$unistd       = 
+$thread_cflag = 
+$sys_id       = 
+$lflags       = RC4_INDEX MD2_INT
+$bn_ops       = 
+$bn_obj       = 
+$des_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+$dso_scheme   = 
+$shared_target= 
+$shared_cflag = 
+$shared_ldflag = 
+$shared_extension = 
+$ranlib       = 
+$arflags      = 
+
+*** netware-libc
+$cc           = mwccnlm
+$cflags       = 
+$unistd       = 
+$thread_cflag = 
+$sys_id       = 
+$lflags       = BN_LLONG RC4_INDEX MD2_INT
+$bn_ops       = 
+$bn_obj       = 
+$des_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+$dso_scheme   = 
+$shared_target= 
+$shared_cflag = 
+$shared_ldflag = 
+$shared_extension = 
+$ranlib       = 
+$arflags      = 
+
 *** newsos4-gcc
 $cc           = gcc
 $cflags       = -O -DB_ENDIAN

apps/Makefile.ssl

@@ -129,7 +129,7 @@ tags:
 tests:
 
 links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
+	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
 
 lint:
 	lint -DLINT $(INCLUDES) $(SRC)>fluff

apps/apps.c

@@ -1396,14 +1396,16 @@ int load_config(BIO *err, CONF *cnf)
 char *make_config_name()
 	{
 	const char *t=X509_get_default_cert_area();
+	size_t len;
 	char *p;
 
-	p=OPENSSL_malloc(strlen(t)+strlen(OPENSSL_CONF)+2);
-	strcpy(p,t);
+	len=strlen(t)+strlen(OPENSSL_CONF)+2;
+	p=OPENSSL_malloc(len);
+	BUF_strlcpy(p,t,len);
 #ifndef OPENSSL_SYS_VMS
-	strcat(p,"/");
+	BUF_strlcat(p,"/",len);
 #endif
-	strcat(p,OPENSSL_CONF);
+	BUF_strlcat(p,OPENSSL_CONF,len);
 
 	return p;
 	}

apps/asn1pars.c

@@ -333,7 +333,15 @@ bad:
 		num=tmplen;
 		}
 
-	if (length == 0) length=(unsigned int)num;
+	if (offset >= num)
+		{
+		BIO_printf(bio_err, "Error: offset too large\n");
+		goto end;
+		}
+
+	num -= offset;
+
+	if ((length == 0) || ((long)length > num)) length=(unsigned int)num;
 	if(derout) {
 		if(BIO_write(derout, str + offset, length) != (int)length) {
 			BIO_printf(bio_err, "Error writing output\n");

apps/ca.c

@@ -557,16 +557,19 @@ bad:
 	if (configfile == NULL)
 		{
 		const char *s=X509_get_default_cert_area();
+		size_t len;
 
 #ifdef OPENSSL_SYS_VMS
-		tofree=OPENSSL_malloc(strlen(s)+sizeof(CONFIG_FILE));
+		len = strlen(s)+sizeof(CONFIG_FILE);
+		tofree=OPENSSL_malloc(len);
 		strcpy(tofree,s);
 #else
-		tofree=OPENSSL_malloc(strlen(s)+sizeof(CONFIG_FILE)+1);
-		strcpy(tofree,s);
-		strcat(tofree,"/");
+		len = strlen(s)+sizeof(CONFIG_FILE)+1;
+		tofree=OPENSSL_malloc(len);
+		BUF_strlcpy(tofree,s,len);
+		BUF_strlcat(tofree,"/",len);
 #endif
-		strcat(tofree,CONFIG_FILE);
+		BUF_strlcat(tofree,CONFIG_FILE,len);
 		configfile=tofree;
 		}
 
@@ -1236,7 +1239,7 @@ bad:
 		for (i=0; i<sk_X509_num(cert_sk); i++)
 			{
 			int k;
-			unsigned char *n;
+			char *n;
 
 			x=sk_X509_value(cert_sk,i);
 
@@ -1252,15 +1255,19 @@ bad:
 			strcpy(buf[2],outdir);
 
 #ifndef OPENSSL_SYS_VMS
-			strcat(buf[2],"/");
+			BUF_strlcat(buf[2],"/",sizeof(buf[2]));
 #endif
 
-			n=(unsigned char *)&(buf[2][strlen(buf[2])]);
+			n=(char *)&(buf[2][strlen(buf[2])]);
 			if (j > 0)
 				{
 				for (k=0; k<j; k++)
 					{
-					sprintf((char *)n,"%02X",(unsigned char)*(p++));
+					if (n >= &(buf[2][sizeof(buf[2])]))
+						break;
+					BIO_snprintf(n,
+						     &buf[2][0] + sizeof(buf[2]) - n,
+						     "%02X",(unsigned char)*(p++));
 					n+=2;
 					}
 				}
@@ -2127,7 +2134,7 @@ again2:
 		BIO_printf(bio_err,"Memory allocation failure\n");
 		goto err;
 		}
-	strcpy(row[DB_file],"unknown");
+	BUF_strlcpy(row[DB_file],"unknown",8);
 	row[DB_type][0]='V';
 	row[DB_type][1]='\0';
 
@@ -2428,7 +2435,7 @@ static int do_revoke(X509 *x509, CA_DB *db, int type, char *value)
 			BIO_printf(bio_err,"Memory allocation failure\n");
 			goto err;
 			}
-		strcpy(row[DB_file],"unknown");
+		BUF_strlcpy(row[DB_file],"unknown",8);
 		row[DB_type][0]='V';
 		row[DB_type][1]='\0';
 
@@ -2752,16 +2759,16 @@ char *make_revocation_str(int rev_type, char *rev_arg)
 
 	if (!str) return NULL;
 
-	strcpy(str, (char *)revtm->data);
+	BUF_strlcpy(str, (char *)revtm->data, i);
 	if (reason)
 		{
-		strcat(str, ",");
-		strcat(str, reason);
+		BUF_strlcat(str, ",", i);
+		BUF_strlcat(str, reason, i);
 		}
 	if (other)
 		{
-		strcat(str, ",");
-		strcat(str, other);
+		BUF_strlcat(str, ",", i);
+		BUF_strlcat(str, other, i);
 		}
 	ASN1_UTCTIME_free(revtm);
 	return str;

apps/dgst.c

@@ -347,8 +347,9 @@ int MAIN(int argc, char **argv)
 				}
 			if(!out_bin)
 				{
-				tmp=tofree=OPENSSL_malloc(strlen(name)+strlen(argv[i])+5);
-				sprintf(tmp,"%s(%s)= ",name,argv[i]);
+				size_t len = strlen(name)+strlen(argv[i])+5;
+				tmp=tofree=OPENSSL_malloc(len);
+				BIO_snprintf(tmp,len,"%s(%s)= ",name,argv[i]);
 				}
 			else
 				tmp="";

apps/ecparam.c

@@ -701,7 +701,7 @@ end:
 	OPENSSL_EXIT(ret);
 }
 
-int ecparam_print_var(BIO *out, BIGNUM *in, const char *var,
+static int ecparam_print_var(BIO *out, BIGNUM *in, const char *var,
 	int len, unsigned char *buffer)
 	{
 	BIO_printf(out, "static unsigned char %s_%d[] = {", var, len);

apps/enc.c

@@ -373,9 +373,9 @@ bad:
 			{
 			char buf[200];
 
-			sprintf(buf,"enter %s %s password:",
-				OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
-				(enc)?"encryption":"decryption");
+			BIO_snprintf(buf,sizeof buf,"enter %s %s password:",
+				     OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
+				     (enc)?"encryption":"decryption");
 			strbuf[0]='\0';
 			i=EVP_read_pw_string((char *)strbuf,SIZE,buf,enc);
 			if (i == 0)

apps/engine.c

@@ -123,8 +123,8 @@ static int append_buf(char **buf, const char *s, int *size, int step)
 		return 0;
 
 	if (**buf != '\0')
-		strcat(*buf, ", ");
-	strcat(*buf, s);
+		BUF_strlcat(*buf, ", ", *size);
+	BUF_strlcat(*buf, s, *size);
 
 	return 1;
 	}

apps/pkcs12.c

@@ -551,7 +551,7 @@ int MAIN(int argc, char **argv)
 	    	BIO_printf (bio_err, "Can't read Password\n");
 	    	goto export_end;
         	}
-	if (!twopass) strcpy(macpass, pass);
+	if (!twopass) BUF_strlcpy(macpass, pass, sizeof macpass);
 
 #ifdef CRYPTO_MDEBUG
 	CRYPTO_pop_info();
@@ -613,7 +613,7 @@ int MAIN(int argc, char **argv)
     CRYPTO_pop_info();
 #endif
 
-    if (!twopass) strcpy(macpass, pass);
+    if (!twopass) BUF_strlcpy(macpass, pass, sizeof macpass);
 
     if (options & INFO) BIO_printf (bio_err, "MAC Iteration %ld\n", p12->mac->iter ? ASN1_INTEGER_get (p12->mac->iter) : 1);
     if(macver) {

apps/pkcs7.c

@@ -102,6 +102,9 @@ int MAIN(int argc, char **argv)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
 			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
+	if (!load_config(bio_err, NULL))
+		goto end;
+
 	infile=NULL;
 	outfile=NULL;
 	informat=FORMAT_PEM;

apps/req.c

@@ -1321,34 +1321,34 @@ start:		for (;;)
 				mval = 0;
 			/* If OBJ not recognised ignore it */
 			if ((nid=OBJ_txt2nid(type)) == NID_undef) goto start;
-
-			if(strlen(v->name) > sizeof buf-9)
+			if (BIO_snprintf(buf,sizeof buf,"%s_default",v->name)
+				>= (int)sizeof(buf))
 			   {
 			   BIO_printf(bio_err,"Name '%s' too long\n",v->name);
 			   return 0;
 			   }
 
-			sprintf(buf,"%s_default",v->name);
 			if ((def=NCONF_get_string(req_conf,dn_sect,buf)) == NULL)
 				{
 				ERR_clear_error();
 				def="";
 				}
-			sprintf(buf,"%s_value",v->name);
+				
+			BIO_snprintf(buf,sizeof buf,"%s_value",v->name);
 			if ((value=NCONF_get_string(req_conf,dn_sect,buf)) == NULL)
 				{
 				ERR_clear_error();
 				value=NULL;
 				}
 
-			sprintf(buf,"%s_min",v->name);
+			BIO_snprintf(buf,sizeof buf,"%s_min",v->name);
 			if (!NCONF_get_number(req_conf,dn_sect,buf, &n_min))
 				{
 				ERR_clear_error();
 				n_min = -1;
 				}
 
-			sprintf(buf,"%s_max",v->name);
+			BIO_snprintf(buf,sizeof buf,"%s_max",v->name);
 			if (!NCONF_get_number(req_conf,dn_sect,buf, &n_max))
 				{
 				ERR_clear_error();
@@ -1386,13 +1386,13 @@ start2:			for (;;)
 				if ((nid=OBJ_txt2nid(type)) == NID_undef)
 					goto start2;
 
-				if(strlen(v->name) > sizeof buf-9)
+				if (BIO_snprintf(buf,sizeof buf,"%s_default",type)
+					>= (int)sizeof(buf))
 				   {
 				   BIO_printf(bio_err,"Name '%s' too long\n",v->name);
 				   return 0;
 				   }
 
-				sprintf(buf,"%s_default",type);
 				if ((def=NCONF_get_string(req_conf,attr_sect,buf))
 					== NULL)
 					{
@@ -1401,7 +1401,7 @@ start2:			for (;;)
 					}
 				
 				
-				sprintf(buf,"%s_value",type);
+				BIO_snprintf(buf,sizeof buf,"%s_value",type);
 				if ((value=NCONF_get_string(req_conf,attr_sect,buf))
 					== NULL)
 					{
@@ -1409,11 +1409,11 @@ start2:			for (;;)
 					value=NULL;
 					}
 
-				sprintf(buf,"%s_min",type);
+				BIO_snprintf(buf,sizeof buf,"%s_min",type);
 				if (!NCONF_get_number(req_conf,attr_sect,buf, &n_min))
 					n_min = -1;
 
-				sprintf(buf,"%s_max",type);
+				BIO_snprintf(buf,sizeof buf,"%s_max",type);
 				if (!NCONF_get_number(req_conf,attr_sect,buf, &n_max))
 					n_max = -1;
 
@@ -1507,9 +1507,8 @@ start:
 	(void)BIO_flush(bio_err);
 	if(value != NULL)
 		{
-		OPENSSL_assert(strlen(value) < sizeof buf-2);
-		strcpy(buf,value);
-		strcat(buf,"\n");
+		BUF_strlcpy(buf,value,sizeof buf);
+		BUF_strlcat(buf,"\n",sizeof buf);
 		BIO_printf(bio_err,"%s\n",value);
 		}
 	else
@@ -1531,8 +1530,8 @@ start:
 		{
 		if ((def == NULL) || (def[0] == '\0'))
 			return(1);
-		strcpy(buf,def);
-		strcat(buf,"\n");
+		BUF_strlcpy(buf,def,sizeof buf);
+		BUF_strlcat(buf,"\n",sizeof buf);
 		}
 	else if ((buf[0] == '.') && (buf[1] == '\n')) return(1);
 
@@ -1566,9 +1565,8 @@ start:
 	(void)BIO_flush(bio_err);
 	if (value != NULL)
 		{
-		OPENSSL_assert(strlen(value) < sizeof buf-2);
-		strcpy(buf,value);
-		strcat(buf,"\n");
+		BUF_strlcpy(buf,value,sizeof buf);
+		BUF_strlcat(buf,"\n",sizeof buf);
 		BIO_printf(bio_err,"%s\n",value);
 		}
 	else
@@ -1590,8 +1588,8 @@ start:
 		{
 		if ((def == NULL) || (def[0] == '\0'))
 			return(1);
-		strcpy(buf,def);
-		strcat(buf,"\n");
+		BUF_strlcpy(buf,def,sizeof buf);
+		BUF_strlcat(buf,"\n",sizeof buf);
 		}
 	else if ((buf[0] == '.') && (buf[1] == '\n')) return(1);
 

apps/s_socket.c

@@ -429,7 +429,7 @@ redoit:
 			perror("OPENSSL_malloc");
 			return(0);
 			}
-		strcpy(*host,h1->h_name);
+		BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
 
 		h2=GetHostByName(*host);
 		if (h2 == NULL)

apps/s_time.c

@@ -516,7 +516,7 @@ int MAIN(int argc, char **argv)
 
 		if (s_www_path != NULL)
 			{
-			sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
+			BIO_snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
 			SSL_write(scon,buf,strlen(buf));
 			while ((i=SSL_read(scon,buf,sizeof(buf))) > 0)
 				bytes_read+=i;
@@ -571,7 +571,7 @@ next:
 
 	if (s_www_path != NULL)
 		{
-		sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
+		BIO_snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
 		SSL_write(scon,buf,strlen(buf));
 		while (SSL_read(scon,buf,sizeof(buf)) > 0)
 			;
@@ -609,7 +609,7 @@ next:
 
 		if (s_www_path)
 			{
-			sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
+			BIO_snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
 			SSL_write(scon,buf,strlen(buf));
 			while ((i=SSL_read(scon,buf,sizeof(buf))) > 0)
 				bytes_read+=i;

apps/speed.c

@@ -976,6 +976,7 @@ int MAIN(int argc, char **argv)
 			{
 			dsa_doit[R_DSA_512]=1;
 			dsa_doit[R_DSA_1024]=1;
+			dsa_doit[R_DSA_2048]=1;
 			}
 		else
 #endif

apps/x509.c

@@ -1048,24 +1048,26 @@ static ASN1_INTEGER *x509_load_serial(char *CAfile, char *serialfile, int create
 	char *buf = NULL, *p;
 	ASN1_INTEGER *bs = NULL;
 	BIGNUM *serial = NULL;
+	size_t len;
 
-	buf=OPENSSL_malloc( ((serialfile == NULL)
-			?(strlen(CAfile)+strlen(POSTFIX)+1)
-			:(strlen(serialfile)))+1);
+	len = ((serialfile == NULL)
+		?(strlen(CAfile)+strlen(POSTFIX)+1)
+		:(strlen(serialfile)))+1;
+	buf=OPENSSL_malloc(len);
 	if (buf == NULL) { BIO_printf(bio_err,"out of mem\n"); goto end; }
 	if (serialfile == NULL)
 		{
-		strcpy(buf,CAfile);
+		BUF_strlcpy(buf,CAfile,len);
 		for (p=buf; *p; p++)
 			if (*p == '.')
 				{
 				*p='\0';
 				break;
 				}
-		strcat(buf,POSTFIX);
+		BUF_strlcat(buf,POSTFIX,len);
 		}
 	else
-		strcpy(buf,serialfile);
+		BUF_strlcpy(buf,serialfile,len);
 
 	serial = load_serial(buf, create, NULL);
 	if (serial == NULL) goto end;

certs/expired/vsign3.pem

@@ -0,0 +1,18 @@
+subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
+notBefore=Jan 29 00:00:00 1996 GMT
+notAfter=Jan  7 23:59:59 2004 GMT
+-----BEGIN CERTIFICATE-----
+MIICPTCCAaYCEQDknv3zOugOz6URPhmkJAIyMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
+BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
+c3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
+NjAxMjkwMDAwMDBaFw0wNDAxMDcyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD
+VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp
+bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB
+jQAwgYkCgYEAyVxZnvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqo
+RAWq7AMfeH+ek7maAKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4
+rCNfcCk2pMmG57GaIMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATAN
+BgkqhkiG9w0BAQIFAAOBgQBhcOwvP579K+ZoVCGwZ3kIDCCWMYoNer62Jt95LCJp
+STbjl3diYaIy13pUITa6Ask05yXaRDWw0lyAXbOU+Pms7qRgdSoflUkjsUp89LNH
+ciFbfperVKxi513srpvSybIk+4Kt6WcVS7qqpvCXoPawl1cAyAw8CaCCBLpB2veZ
+pA==
+-----END CERTIFICATE-----

certs/vsign3.pem

@@ -1,18 +1,17 @@
 subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
 notBefore=Jan 29 00:00:00 1996 GMT
-notAfter=Jan  7 23:59:59 2004 GMT
+notAfter=Aug  1 23:59:59 2028 GMT
 -----BEGIN CERTIFICATE-----
-MIICPTCCAaYCEQDknv3zOugOz6URPhmkJAIyMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
-BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
-c3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
-NjAxMjkwMDAwMDBaFw0wNDAxMDcyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD
-VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp
-bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB
-jQAwgYkCgYEAyVxZnvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqo
-RAWq7AMfeH+ek7maAKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4
-rCNfcCk2pMmG57GaIMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATAN
-BgkqhkiG9w0BAQIFAAOBgQBhcOwvP579K+ZoVCGwZ3kIDCCWMYoNer62Jt95LCJp
-STbjl3diYaIy13pUITa6Ask05yXaRDWw0lyAXbOU+Pms7qRgdSoflUkjsUp89LNH
-ciFbfperVKxi513srpvSybIk+4Kt6WcVS7qqpvCXoPawl1cAyAw8CaCCBLpB2veZ
-pA==
+MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
+cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
+MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
+BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt
+YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
+ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE
+BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is
+I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G
+CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do
+lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc
+AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k
 -----END CERTIFICATE-----

config

@@ -683,15 +683,8 @@ EOF
   RM*-siemens-sysv4) OUT="ReliantUNIX" ;;
   *-siemens-sysv4) OUT="SINIX" ;;
   *-hpux1*)
-	if [ $CC = "gcc" ];
-	then
-	  if [ $GCC_BITS = "64" ]; then
-	    OUT="hpux64-parisc-gcc"
-	  else
-	    OUT="hpux-parisc-gcc"
-	  fi
-	else
-	  OUT="hpux-parisc-$CC"
+	if [ $CC = "gcc" -a $GCC_BITS = "64" ]; then
+	    OUT="hpux64-parisc2-gcc"
 	fi
 	KERNEL_BITS=`(getconf KERNEL_BITS) 2>/dev/null`
 	KERNEL_BITS=${KERNEL_BITS:-32}
@@ -708,9 +701,7 @@ EOF
 	     fi
 	     OUT="hpux64-ia64-cc"
 	elif [ $CPU_VERSION -ge 532 ]; then	# PA-RISC 2.x CPU
-	     if [ "$CC" = "cc" ]; then
-		OUT="hpux-parisc2-cc" # can't we have hpux-parisc2-gcc?
-	     fi
+	     OUT=${OUT:-"hpux-parisc2-${CC}"}
 	     if [ $KERNEL_BITS -eq 64 -a "$CC" = "cc" ]; then
 		echo "WARNING! If you wish to build 64-bit library then you have to"
 		echo "         invoke './Configure hpux64-parisc2-cc' *manually*."
@@ -720,9 +711,9 @@ EOF
 		fi
 	     fi
 	elif [ $CPU_VERSION -ge 528 ]; then	# PA-RISC 1.1+ CPU
-	     :
+	     OUT="hpux-parisc-${CC}
 	elif [ $CPU_VERSION -ge 523 ]; then	# PA-RISC 1.0 CPU
-	     :
+	     OUT="hpux-parisc-${CC}
 	else					# Motorola(?) CPU
 	     OUT="hpux-$CC"
 	fi

crypto/Makefile.ssl

@@ -26,10 +26,11 @@ CFLAGS= $(INCLUDE) $(CFLAG)
 
 LIBS=
 
-SDIRS=	md2 md5 sha mdc2 hmac ripemd \
+SDIRS=	objects \
+	md2 md4 md5 sha mdc2 hmac ripemd \
 	des rc2 rc4 rc5 idea bf cast \
 	bn ec rsa dsa ecdsa ecdh dh dso engine aes \
-	buffer bio stack lhash rand err objects \
+	buffer bio stack lhash rand err \
 	evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
 	store
 
@@ -51,7 +52,7 @@ ALL=    $(GENERAL) $(SRC) $(HEADER)
 top:
 	@(cd ..; $(MAKE) DIRS=$(DIR) all)
 
-all: buildinf.h lib subdirs shared
+all: shared
 
 buildinf.h: ../Makefile.ssl
 	( echo "#ifndef MK1MF_BUILD"; \
@@ -82,11 +83,11 @@ files:
 	done;
 
 links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
+	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
 	@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
 	@$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
 	@$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
+	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
 	@for i in $(SDIRS); do \
 	(cd $$i && echo "making links in crypto/$$i..." && \
 	$(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PERL='${PERL}' links ); \
@@ -97,7 +98,7 @@ lib:	$(LIBOBJ)
 	$(RANLIB) $(LIB) || echo Never mind.
 	@touch lib
 
-shared:
+shared: buildinf.h lib subdirs
 	if [ -n "$(SHARED_LIBS)" ]; then \
 		(cd ..; $(MAKE) $(SHARED_LIB)); \
 	fi

crypto/aes/Makefile.ssl

@@ -52,7 +52,7 @@ files:
 	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
 
 links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
+	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
 	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
 	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
 	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

crypto/aes/aes.h

@@ -97,6 +97,15 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
 void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
 	const unsigned long length, const AES_KEY *key,
 	unsigned char *ivec, int *num, const int enc);
+void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
+	const unsigned long length, const AES_KEY *key,
+	unsigned char *ivec, int *num, const int enc);
+void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
+	const unsigned long length, const AES_KEY *key,
+	unsigned char *ivec, int *num, const int enc);
+void AES_cfbr_encrypt_block(const unsigned char *in,unsigned char *out,
+			    const int nbits,const AES_KEY *key,
+			    unsigned char *ivec,const int enc);
 void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
 	const unsigned long length, const AES_KEY *key,
 	unsigned char *ivec, int *num);

crypto/aes/aes_cfb.c

@@ -155,3 +155,96 @@ void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
 	*num=n;
 }
 
+/* This expects a single block of size nbits for both in and out. Note that
+   it corrupts any extra bits in the last byte of out */
+/* Untested, once it is working, it will be optimised */
+void AES_cfbr_encrypt_block(const unsigned char *in,unsigned char *out,
+			    const int nbits,const AES_KEY *key,
+			    unsigned char *ivec,const int enc)
+    {
+    int n;
+    unsigned char ovec[AES_BLOCK_SIZE*2];
+
+    assert(in && out && key && ivec);
+    if(enc)
+	{
+	/* construct the new IV */
+	AES_encrypt(ivec,ovec,key);
+	/* encrypt the input */
+	for(n=0 ; n < (nbits+7)/8 ; ++n)
+	    out[n]=in[n]^ovec[n];
+	/* fill in the first half of the new IV with the current IV */
+	memcpy(ovec,ivec,AES_BLOCK_SIZE);
+	/* and put the ciphertext in the second half */
+	memcpy(ovec+AES_BLOCK_SIZE,out,(nbits+7)/8);
+	/* shift ovec left most of the bits... */
+	memmove(ovec,ovec+nbits/8,AES_BLOCK_SIZE+(nbits%8 ? 1 : 0));
+	/* now the remaining bits */
+	if(nbits%8 != 0)
+	    for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
+		{
+		ovec[n]<<=nbits%8;
+		ovec[n]|=ovec[n+1]>>(8-nbits%8);
+		}
+	/* finally, move it back into place */
+	memcpy(ivec,ovec,AES_BLOCK_SIZE);
+	}
+    else
+	{
+	/* construct the new IV in the first half of ovec */
+	AES_encrypt(ivec,ovec,key);
+	/* decrypt the input */
+	for(n=0 ; n < (nbits+7)/8 ; ++n)
+	    out[n]=in[n]^ovec[n];
+	/* fill in the first half of the new IV with the current IV */
+	memcpy(ovec,ivec,AES_BLOCK_SIZE);
+	/* append the ciphertext */
+	memcpy(ovec+AES_BLOCK_SIZE,in,(nbits+7)/8);
+	/* shift ovec left most of the bits... */
+	memmove(ovec,ovec+nbits/8,AES_BLOCK_SIZE+(nbits%8 ? 1 : 0));
+	/* now the remaining bits */
+	if(nbits%8 != 0)
+	    for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
+		{
+		ovec[n]<<=nbits%8;
+		ovec[n]|=ovec[n+1]>>(8-nbits%8);
+		}
+	/* finally, move it back into place */
+	memcpy(ivec,ovec,AES_BLOCK_SIZE);
+	}
+    /* it is not necessary to cleanse ovec, since the IV is not secret */
+    }
+
+/* N.B. This expects the input to be packed, MS bit first */
+void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
+		      const unsigned long length, const AES_KEY *key,
+		      unsigned char *ivec, int *num, const int enc)
+    {
+    unsigned int n;
+    unsigned char c[1],d[1];
+
+    assert(in && out && key && ivec && num);
+    assert(*num == 0);
+
+    memset(out,0,(length+7)/8);
+    for(n=0 ; n < length ; ++n)
+	{
+	c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0;
+	AES_cfbr_encrypt_block(c,d,1,key,ivec,enc);
+	out[n/8]=(out[n/8]&~(1 << (7-n%8)))|((d[0]&0x80) >> (n%8));
+	}
+    }
+
+void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
+		      const unsigned long length, const AES_KEY *key,
+		      unsigned char *ivec, int *num, const int enc)
+    {
+    unsigned int n;
+
+    assert(in && out && key && ivec && num);
+    assert(*num == 0);
+
+    for(n=0 ; n < length ; ++n)
+	AES_cfbr_encrypt_block(&in[n],&out[n],8,key,ivec,enc);
+    }
+

crypto/asn1/Makefile.ssl

@@ -77,7 +77,7 @@ files:
 	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
 
 links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
+	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
 	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
 	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
 	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

crypto/asn1/a_gentm.c

@@ -208,6 +208,7 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
 	char *p;
 	struct tm *ts;
 	struct tm data;
+	size_t len = 20; 
 
 	if (s == NULL)
 		s=M_ASN1_GENERALIZEDTIME_new();
@@ -219,17 +220,17 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
 		return(NULL);
 
 	p=(char *)s->data;
-	if ((p == NULL) || (s->length < 16))
+	if ((p == NULL) || ((size_t)s->length < len))
 		{
-		p=OPENSSL_malloc(20);
+		p=OPENSSL_malloc(len);
 		if (p == NULL) return(NULL);
 		if (s->data != NULL)
 			OPENSSL_free(s->data);
 		s->data=(unsigned char *)p;
 		}
 
-	sprintf(p,"%04d%02d%02d%02d%02d%02dZ",ts->tm_year + 1900,
-		ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);
+	BIO_snprintf(p,len,"%04d%02d%02d%02d%02d%02dZ",ts->tm_year + 1900,
+		     ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);
 	s->length=strlen(p);
 	s->type=V_ASN1_GENERALIZEDTIME;
 #ifdef CHARSET_EBCDIC_not

crypto/asn1/a_mbstr.c

@@ -145,14 +145,14 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
 
 	if((minsize > 0) && (nchar < minsize)) {
 		ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_SHORT);
-		sprintf(strbuf, "%ld", minsize);
+		BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize);
 		ERR_add_error_data(2, "minsize=", strbuf);
 		return -1;
 	}
 
 	if((maxsize > 0) && (nchar > maxsize)) {
 		ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_LONG);
-		sprintf(strbuf, "%ld", maxsize);
+		BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize);
 		ERR_add_error_data(2, "maxsize=", strbuf);
 		return -1;
 	}

crypto/asn1/a_time.c

@@ -128,6 +128,7 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZE
 	{
 	ASN1_GENERALIZEDTIME *ret;
 	char *str;
+	int newlen;
 
 	if (!ASN1_TIME_check(t)) return NULL;
 
@@ -150,12 +151,14 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZE
 	/* grow the string */
 	if (!ASN1_STRING_set(ret, NULL, t->length + 2))
 		return NULL;
+	/* ASN1_STRING_set() allocated 'len + 1' bytes. */
+	newlen = t->length + 2 + 1;
 	str = (char *)ret->data;
 	/* Work out the century and prepend */
-	if (t->data[0] >= '5') strcpy(str, "19");
-	else strcpy(str, "20");
+	if (t->data[0] >= '5') BUF_strlcpy(str, "19", newlen);
+	else BUF_strlcpy(str, "20", newlen);
 
-	BUF_strlcat(str, (char *)t->data, t->length+3);	/* Include space for a '\0' */
+	BUF_strlcat(str, (char *)t->data, newlen);
 
 	return ret;
 	}

crypto/asn1/a_utctm.c

@@ -188,6 +188,7 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
 	char *p;
 	struct tm *ts;
 	struct tm data;
+	size_t len = 20;
 
 	if (s == NULL)
 		s=M_ASN1_UTCTIME_new();
@@ -199,17 +200,17 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
 		return(NULL);
 
 	p=(char *)s->data;
-	if ((p == NULL) || (s->length < 14))
+	if ((p == NULL) || ((size_t)s->length < len))
 		{
-		p=OPENSSL_malloc(20);
+		p=OPENSSL_malloc(len);
 		if (p == NULL) return(NULL);
 		if (s->data != NULL)
 			OPENSSL_free(s->data);
 		s->data=(unsigned char *)p;
 		}
 
-	sprintf(p,"%02d%02d%02d%02d%02d%02dZ",ts->tm_year%100,
-		ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);
+	BIO_snprintf(p,len,"%02d%02d%02d%02d%02d%02dZ",ts->tm_year%100,
+		     ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);
 	s->length=strlen(p);
 	s->type=V_ASN1_UTCTIME;
 #ifdef CHARSET_EBCDIC_not

crypto/asn1/asn1_lib.c

@@ -423,8 +423,8 @@ void asn1_add_error(unsigned char *address, int offset)
 	{
 	char buf1[DECIMAL_SIZE(address)+1],buf2[DECIMAL_SIZE(offset)+1];
 
-	sprintf(buf1,"%lu",(unsigned long)address);
-	sprintf(buf2,"%d",offset);
+	BIO_snprintf(buf1,sizeof buf1,"%lu",(unsigned long)address);
+	BIO_snprintf(buf2,sizeof buf2,"%d",offset);
 	ERR_add_error_data(4,"address=",buf1," offset=",buf2);
 	}
 

crypto/asn1/asn1_par.c

@@ -83,11 +83,11 @@ static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
 
 	p=str;
 	if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
-		sprintf(str,"priv [ %d ] ",tag);
+		BIO_snprintf(str,sizeof str,"priv [ %d ] ",tag);
 	else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
-		sprintf(str,"cont [ %d ]",tag);
+		BIO_snprintf(str,sizeof str,"cont [ %d ]",tag);
 	else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
-		sprintf(str,"appl [ %d ]",tag);
+		BIO_snprintf(str,sizeof str,"appl [ %d ]",tag);
 	else p = ASN1_tag2str(tag);
 
 	if (p2 != NULL)

crypto/asn1/asn_moid.c

@@ -87,9 +87,14 @@ static int oid_module_init(CONF_IMODULE *md, const CONF *cnf)
 			}
 		}
 	return 1;
-}
+	}
+
+static void oid_module_finish(CONF_IMODULE *md)
+	{
+	OBJ_cleanup();
+	}
 
 void ASN1_add_oid_module(void)
 	{
-	CONF_module_add("oid_section", oid_module_init, 0);
+	CONF_module_add("oid_section", oid_module_init, oid_module_finish);
 	}

crypto/asn1/t_pkey.c

@@ -150,9 +150,9 @@ int RSA_print(BIO *bp, const RSA *x, int off)
 		}
 
 	if (x->d == NULL)
-		sprintf(str,"Modulus (%d bit):",BN_num_bits(x->n));
+		BIO_snprintf(str,sizeof str,"Modulus (%d bit):",BN_num_bits(x->n));
 	else
-		strcpy(str,"modulus:");
+		BUF_strlcpy(str,"modulus:",sizeof str);
 	if (!print(bp,str,x->n,m,off)) goto err;
 	s=(x->d == NULL)?"Exponent:":"publicExponent:";
 	if (!print(bp,s,x->e,m,off)) goto err;

crypto/asn1/x_long.c

@@ -104,7 +104,12 @@ static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const A
 	long ltmp;
 	unsigned long utmp;
 	int clen, pad, i;
-	ltmp = *(long *)pval;
+	/* this exists to bypass broken gcc optimization */
+	char *cp = (char *)pval;
+
+	/* use memcpy, because we may not be long aligned */
+	memcpy(&ltmp, cp, sizeof(long));
+
 	if(ltmp == it->size) return -1;
 	/* Convert the long to positive: we subtract one if negative so
 	 * we can cleanly handle the padding if only the MSB of the leading
@@ -136,6 +141,7 @@ static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype,
 	int neg, i;
 	long ltmp;
 	unsigned long utmp = 0;
+	char *cp = (char *)pval;
 	if(len > (int)sizeof(long)) {
 		ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
 		return 0;
@@ -158,6 +164,6 @@ static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype,
 		ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
 		return 0;
 	}
-	*(long *)pval = ltmp;
+	memcpy(cp, &ltmp, sizeof(long));
 	return 1;
 }

crypto/bf/Makefile.ssl

@@ -68,7 +68,7 @@ files:
 	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
 
 links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
+	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
 	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
 	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
 	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

crypto/bio/Makefile.ssl

@@ -57,7 +57,7 @@ files:
 	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
 
 links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
+	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
 	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
 	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
 	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

crypto/bio/b_dump.c

@@ -104,38 +104,41 @@ int BIO_dump_indent(BIO *bio, const char *s, int len, int indent)
 	for(i=0;i<rows;i++)
 		{
 		buf[0]='\0';	/* start with empty string */
-		strcpy(buf,str);
-		sprintf(tmp,"%04x - ",i*dump_width);
-		strcat(buf,tmp);
+		BUF_strlcpy(buf,str,sizeof buf);
+		BIO_snprintf(tmp,sizeof tmp,"%04x - ",i*dump_width);
+		BUF_strlcat(buf,tmp,sizeof buf);
 		for(j=0;j<dump_width;j++)
 			{
 			if (((i*dump_width)+j)>=len)
 				{
-				strcat(buf,"   ");
+				BUF_strlcat(buf,"   ",sizeof buf);
 				}
 			else
 				{
 				ch=((unsigned char)*(s+i*dump_width+j)) & 0xff;
-				sprintf(tmp,"%02x%c",ch,j==7?'-':' ');
-				strcat(buf,tmp);
+				BIO_snprintf(tmp,sizeof tmp,"%02x%c",ch,
+					 j==7?'-':' ');
+				BUF_strlcat(buf,tmp,sizeof buf);
 				}
 			}
-		strcat(buf,"  ");
+		BUF_strlcat(buf,"  ",sizeof buf);
 		for(j=0;j<dump_width;j++)
 			{
 			if (((i*dump_width)+j)>=len)
 				break;
 			ch=((unsigned char)*(s+i*dump_width+j)) & 0xff;
 #ifndef CHARSET_EBCDIC
-			sprintf(tmp,"%c",((ch>=' ')&&(ch<='~'))?ch:'.');
+			BIO_snprintf(tmp,sizeof tmp,"%c",
+				 ((ch>=' ')&&(ch<='~'))?ch:'.');
 #else
-			sprintf(tmp,"%c",((ch>=os_toascii[' '])&&(ch<=os_toascii['~']))
-				? os_toebcdic[ch]
-				: '.');
+			BIO_snprintf(tmp,sizeof tmp,"%c",
+				 ((ch>=os_toascii[' '])&&(ch<=os_toascii['~']))
+				 ? os_toebcdic[ch]
+				 : '.');
 #endif
-			strcat(buf,tmp);
+			BUF_strlcat(buf,tmp,sizeof buf);
 			}
-		strcat(buf,"\n");
+		BUF_strlcat(buf,"\n",sizeof buf);
 		/* if this is the last call then update the ddt_dump thing so that
 		 * we will move the selection point in the debug window 
 		 */
@@ -144,7 +147,8 @@ int BIO_dump_indent(BIO *bio, const char *s, int len, int indent)
 #ifdef TRUNCATE
 	if (trc > 0)
 		{
-		sprintf(buf,"%s%04x - <SPACES/NULS>\n",str,len+trc);
+		BIO_snprintf(buf,sizeof buf,"%s%04x - <SPACES/NULS>\n",str,
+			     len+trc);
 		ret+=BIO_write(bio,(char *)buf,strlen(buf));
 		}
 #endif

crypto/bio/b_print.c

@@ -652,8 +652,8 @@ fmtfp(
             (caps ? "0123456789ABCDEF"
               : "0123456789abcdef")[intpart % 10];
         intpart = (intpart / 10);
-    } while (intpart && (iplace < (int)sizeof(iplace)));
-    if (iplace == sizeof iplace)
+    } while (intpart && (iplace < (int)sizeof(iconvert)));
+    if (iplace == sizeof iconvert)
         iplace--;
     iconvert[iplace] = 0;
 
@@ -664,7 +664,7 @@ fmtfp(
               : "0123456789abcdef")[fracpart % 10];
         fracpart = (fracpart / 10);
     } while (fplace < max);
-    if (fplace == sizeof fplace)
+    if (fplace == sizeof fconvert)
         fplace--;
     fconvert[fplace] = 0;
 

crypto/bio/b_sock.c

@@ -740,12 +740,12 @@ int BIO_accept(int sock, char **addr)
 			}
 		*addr=p;
 		}
-	sprintf(*addr,"%d.%d.%d.%d:%d",
-		(unsigned char)(l>>24L)&0xff,
-		(unsigned char)(l>>16L)&0xff,
-		(unsigned char)(l>> 8L)&0xff,
-		(unsigned char)(l     )&0xff,
-		port);
+	BIO_snprintf(*addr,24,"%d.%d.%d.%d:%d",
+		     (unsigned char)(l>>24L)&0xff,
+		     (unsigned char)(l>>16L)&0xff,
+		     (unsigned char)(l>> 8L)&0xff,
+		     (unsigned char)(l     )&0xff,
+		     port);
 end:
 	return(ret);
 	}

crypto/bio/bio_cb.c

@@ -70,55 +70,61 @@ long MS_CALLBACK BIO_debug_callback(BIO *bio, int cmd, const char *argp,
 	MS_STATIC char buf[256];
 	char *p;
 	long r=1;
+	size_t p_maxlen;
 
 	if (BIO_CB_RETURN & cmd)
 		r=ret;
 
-	sprintf(buf,"BIO[%08lX]:",(unsigned long)bio);
+	BIO_snprintf(buf,sizeof buf,"BIO[%08lX]:",(unsigned long)bio);
 	p= &(buf[14]);
+	p_maxlen = sizeof buf - 14;
 	switch (cmd)
 		{
 	case BIO_CB_FREE:
-		sprintf(p,"Free - %s\n",bio->method->name);
+		BIO_snprintf(p,p_maxlen,"Free - %s\n",bio->method->name);
 		break;
 	case BIO_CB_READ:
 		if (bio->method->type & BIO_TYPE_DESCRIPTOR)
-			sprintf(p,"read(%d,%d) - %s fd=%d\n",bio->num,argi,bio->method->name,bio->num);
+			BIO_snprintf(p,p_maxlen,"read(%d,%d) - %s fd=%d\n",
+				 bio->num,argi,bio->method->name,bio->num);
 		else
-			sprintf(p,"read(%d,%d) - %s\n",bio->num,argi,bio->method->name);
+			BIO_snprintf(p,p_maxlen,"read(%d,%d) - %s\n",
+				 bio->num,argi,bio->method->name);
 		break;
 	case BIO_CB_WRITE:
 		if (bio->method->type & BIO_TYPE_DESCRIPTOR)
-			sprintf(p,"write(%d,%d) - %s fd=%d\n",bio->num,argi,bio->method->name,bio->num);
+			BIO_snprintf(p,p_maxlen,"write(%d,%d) - %s fd=%d\n",
+				 bio->num,argi,bio->method->name,bio->num);
 		else
-			sprintf(p,"write(%d,%d) - %s\n",bio->num,argi,bio->method->name);
+			BIO_snprintf(p,p_maxlen,"write(%d,%d) - %s\n",
+				 bio->num,argi,bio->method->name);
 		break;
 	case BIO_CB_PUTS:
-		sprintf(p,"puts() - %s\n",bio->method->name);
+		BIO_snprintf(p,p_maxlen,"puts() - %s\n",bio->method->name);
 		break;
 	case BIO_CB_GETS:
-		sprintf(p,"gets(%d) - %s\n",argi,bio->method->name);
+		BIO_snprintf(p,p_maxlen,"gets(%d) - %s\n",argi,bio->method->name);
 		break;
 	case BIO_CB_CTRL:
-		sprintf(p,"ctrl(%d) - %s\n",argi,bio->method->name);
+		BIO_snprintf(p,p_maxlen,"ctrl(%d) - %s\n",argi,bio->method->name);
 		break;
 	case BIO_CB_RETURN|BIO_CB_READ:
-		sprintf(p,"read return %ld\n",ret);
+		BIO_snprintf(p,p_maxlen,"read return %ld\n",ret);
 		break;
 	case BIO_CB_RETURN|BIO_CB_WRITE:
-		sprintf(p,"write return %ld\n",ret);
+		BIO_snprintf(p,p_maxlen,"write return %ld\n",ret);
 		break;
 	case BIO_CB_RETURN|BIO_CB_GETS:
-		sprintf(p,"gets return %ld\n",ret);
+		BIO_snprintf(p,p_maxlen,"gets return %ld\n",ret);
 		break;
 	case BIO_CB_RETURN|BIO_CB_PUTS:
-		sprintf(p,"puts return %ld\n",ret);
+		BIO_snprintf(p,p_maxlen,"puts return %ld\n",ret);
 		break;
 	case BIO_CB_RETURN|BIO_CB_CTRL:
-		sprintf(p,"ctrl return %ld\n",ret);
+		BIO_snprintf(p,p_maxlen,"ctrl return %ld\n",ret);
 		break;
 	default:
-		sprintf(p,"bio callback - unknown type (%d)\n",cmd);
+		BIO_snprintf(p,p_maxlen,"bio callback - unknown type (%d)\n",cmd);
 		break;
 		}
 

crypto/bio/bss_conn.c

@@ -521,8 +521,8 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
 				char buf[16];
 				unsigned char *p = ptr;
 
-				sprintf(buf,"%d.%d.%d.%d",
-					p[0],p[1],p[2],p[3]);
+				BIO_snprintf(buf,sizeof buf,"%d.%d.%d.%d",
+					     p[0],p[1],p[2],p[3]);
 				if (data->param_hostname != NULL)
 					OPENSSL_free(data->param_hostname);
 				data->param_hostname=BUF_strdup(buf);
@@ -532,7 +532,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
 				{
 				char buf[DECIMAL_SIZE(int)+1];
 
-				sprintf(buf,"%d",*(int *)ptr);
+				BIO_snprintf(buf,sizeof buf,"%d",*(int *)ptr);
 				if (data->param_port != NULL)
 					OPENSSL_free(data->param_port);
 				data->param_port=BUF_strdup(buf);

crypto/bio/bss_file.c

@@ -256,15 +256,15 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
 		if (num & BIO_FP_APPEND)
 			{
 			if (num & BIO_FP_READ)
-				strcpy(p,"a+");
-			else	strcpy(p,"a");
+				BUF_strlcpy(p,"a+",sizeof p);
+			else	BUF_strlcpy(p,"a",sizeof p);
 			}
 		else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE))
-			strcpy(p,"r+");
+			BUF_strlcpy(p,"r+",sizeof p);
 		else if (num & BIO_FP_WRITE)
-			strcpy(p,"w");
+			BUF_strlcpy(p,"w",sizeof p);
 		else if (num & BIO_FP_READ)
-			strcpy(p,"r");
+			BUF_strlcpy(p,"r",sizeof p);
 		else
 			{
 			BIOerr(BIO_F_FILE_CTRL,BIO_R_BAD_FOPEN_MODE);

crypto/bn/Makefile.ssl

@@ -122,11 +122,18 @@ asm/ia64-cpp.o:	asm/ia64.S
 
 asm/x86_64-gcc.o: asm/x86_64-gcc.c
 
+# GNU assembler fails to compile PA-RISC2 modules, insist on calling
+# vendor assembler...
+asm/pa-risc2W.o: asm/pa-risc2W.s
+	/usr/ccs/bin/as -o asm/pa-risc2W.o asm/pa-risc2W.s
+asm/pa-risc2.o: asm/pa-risc2.s
+	/usr/ccs/bin/as -o asm/pa-risc2.o asm/pa-risc2.s
+
 files:
 	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
 
 links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
+	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
 	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
 	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
 	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
@@ -243,8 +250,13 @@ bn_gf2m.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 bn_gf2m.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
 bn_gf2m.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 bn_gf2m.o: ../cryptlib.h bn_gf2m.c bn_lcl.h
-bn_kron.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h
-bn_kron.o: ../../include/openssl/opensslconf.h bn_kron.c bn_lcl.h
+bn_kron.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_kron.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_kron.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_kron.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_kron.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bn_kron.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_kron.o: ../cryptlib.h bn_kron.c bn_lcl.h
 bn_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
 bn_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 bn_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h

crypto/bn/asm/x86_64-gcc.c

@@ -142,7 +142,7 @@ void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n)
 BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
 {	BN_ULONG ret,waste;
 
-	asm ("divq	%3"
+	asm ("divq	%4"
 		: "=a"(ret),"=d"(waste)
 		: "a"(l),"d"(h),"g"(d)
 		: "cc");

crypto/bn/bn.h

@@ -81,6 +81,22 @@
 extern "C" {
 #endif
 
+/* These preprocessor symbols control various aspects of the bignum headers and
+ * library code. They're not defined by any "normal" configuration, as they are
+ * intended for development and testing purposes. NB: defining all three can be
+ * useful for debugging application code as well as openssl itself.
+ *
+ * BN_DEBUG - turn on various debugging alterations to the bignum code
+ * BN_DEBUG_RAND - uses random poisoning of unused words to trip up
+ * mismanagement of bignum internals. You must also define BN_DEBUG.
+ * BN_STRICT - disables anything (not already caught by BN_DEBUG) that uses the
+ * old ambiguity over zero representation. At some point, this behaviour should
+ * become standard.
+ */
+/* #define BN_DEBUG */
+/* #define BN_DEBUG_RAND */
+/* #define BN_STRICT */
+
 #ifdef OPENSSL_SYS_VMS
 #undef BN_LLONG /* experimental, so far... */
 #endif
@@ -238,7 +254,9 @@ extern "C" {
 
 #define BN_FLG_MALLOCED		0x01
 #define BN_FLG_STATIC_DATA	0x02
+#ifndef OPENSSL_NO_DEPRECATED
 #define BN_FLG_FREE		0x8000	/* used for debuging */
+#endif
 #define BN_set_flags(b,n)	((b)->flags|=(n))
 #define BN_get_flags(b,n)	((b)->flags&(n))
 
@@ -341,16 +359,30 @@ int BN_GENCB_call(BN_GENCB *cb, int a, int b);
 
 #define BN_num_bytes(a)	((BN_num_bits(a)+7)/8)
 
-/* Note that BN_abs_is_word does not work reliably for w == 0 */
-#define BN_abs_is_word(a,w) (((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w)))
-#define BN_is_zero(a)       (((a)->top == 0) || BN_abs_is_word(a,0))
+/* Note that BN_abs_is_word didn't work reliably for w == 0 until 0.9.8 */
+#define BN_abs_is_word(a,w) ((((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) || \
+				(((w) == 0) && ((a)->top == 0)))
+#ifdef BN_STRICT
+#define BN_is_zero(a)       ((a)->top == 0)
+#else
+#define BN_is_zero(a)       BN_abs_is_word(a,0)
+#endif
 #define BN_is_one(a)        (BN_abs_is_word((a),1) && !(a)->neg)
-#define BN_is_word(a,w)     ((w) ? BN_abs_is_word((a),(w)) && !(a)->neg : \
-                                   BN_is_zero((a)))
+#define BN_is_word(a,w)     (BN_abs_is_word((a),(w)) && (!(w) || !(a)->neg))
 #define BN_is_odd(a)	    (((a)->top > 0) && ((a)->d[0] & 1))
 
 #define BN_one(a)	(BN_set_word((a),1))
+#define BN_zero_ex(a) \
+	do { \
+		BIGNUM *_tmp_bn = (a); \
+		_tmp_bn->top = 0; \
+		_tmp_bn->neg = 0; \
+	} while(0)
+#ifdef OPENSSL_NO_DEPRECATED
+#define BN_zero(a)	BN_zero_ex(a)
+#else
 #define BN_zero(a)	(BN_set_word((a),0))
+#endif
 /* BN_set_sign(BIGNUM *, int) sets the sign of a BIGNUM
  * (0 for a non-negative value, 1 for negative) */
 #define BN_set_sign(a,b) ((a)->neg = (b))
@@ -618,8 +650,6 @@ BIGNUM *bn_dup_expand(const BIGNUM *a, int words);
  * coverage for openssl's own code.
  */
 
-/* #define BN_DEBUG_RAND */
-
 #ifdef BN_DEBUG
 
 /* We only need assert() when debugging */
@@ -635,12 +665,14 @@ int RAND_pseudo_bytes(unsigned char *buf,int num);
 	do { \
 		const BIGNUM *_bnum1 = (a); \
 		if(_bnum1->top < _bnum1->dmax) { \
+			unsigned char _tmp_char; \
 			/* We cast away const without the compiler knowing, any \
 			 * *genuinely* constant variables that aren't mutable \
 			 * wouldn't be constructed with top!=dmax. */ \
 			BN_ULONG *_not_const; \
 			memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \
-			RAND_pseudo_bytes((unsigned char *)(_not_const + _bnum1->top), \
+			RAND_pseudo_bytes(&_tmp_char, 1); \
+			memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \
 				(_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \
 		} \
 	} while(0)

crypto/bn/bn_add.c

@@ -64,7 +64,7 @@
 int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
 	{
 	const BIGNUM *tmp;
-	int a_neg = a->neg;
+	int a_neg = a->neg, ret;
 
 	bn_check_top(a);
 	bn_check_top(b);
@@ -95,21 +95,17 @@ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
 		return(1);
 		}
 
-	if (!BN_uadd(r,a,b)) return(0);
-	if (a_neg) /* both are neg */
-		r->neg=1;
-	else
-		r->neg=0;
+	ret = BN_uadd(r,a,b);
+	r->neg = a_neg;
 	bn_check_top(r);
-	return(1);
+	return ret;
 	}
 
-/* unsigned add of b to a, r must be large enough */
+/* unsigned add of b to a */
 int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
 	{
-	register int i;
-	int max,min;
-	BN_ULONG *ap,*bp,*rp,carry,t1;
+	int max,min,dif;
+	BN_ULONG *ap,*bp,*rp,carry,t1,t2;
 	const BIGNUM *tmp;
 
 	bn_check_top(a);
@@ -117,11 +113,12 @@ int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
 
 	if (a->top < b->top)
 		{ tmp=a; a=b; b=tmp; }
-	max=a->top;
-	min=b->top;
+	max = a->top;
+	min = b->top;
+	dif = max - min;
 
 	if (bn_wexpand(r,max+1) == NULL)
-		return(0);
+		return 0;
 
 	r->top=max;
 
@@ -129,47 +126,46 @@ int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
 	ap=a->d;
 	bp=b->d;
 	rp=r->d;
-	carry=0;
 
 	carry=bn_add_words(rp,ap,bp,min);
 	rp+=min;
 	ap+=min;
 	bp+=min;
-	i=min;
 
 	if (carry)
 		{
-		while (i < max)
+		while (dif)
 			{
-			i++;
-			t1= *(ap++);
-			if ((*(rp++)=(t1+1)&BN_MASK2) >= t1)
+			dif--;
+			t1 = *(ap++);
+			t2 = (t1+1) & BN_MASK2;
+			*(rp++) = t2;
+			if (t2)
 				{
 				carry=0;
 				break;
 				}
 			}
-		if ((i >= max) && carry)
+		if (carry)
 			{
-			*(rp++)=1;
+			/* carry != 0 => dif == 0 */
+			*rp = 1;
 			r->top++;
 			}
 		}
-	if (rp != ap)
-		{
-		for (; i<max; i++)
-			*(rp++)= *(ap++);
-		}
-	/* memcpy(rp,ap,sizeof(*ap)*(max-i));*/
+	if (dif && rp != ap)
+		while (dif--)
+			/* copy remaining words if ap != rp */
+			*(rp++) = *(ap++);
 	r->neg = 0;
 	bn_check_top(r);
-	return(1);
+	return 1;
 	}
 
 /* unsigned subtraction of b from a, a must be larger than b. */
 int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
 	{
-	int max,min;
+	int max,min,dif;
 	register BN_ULONG t1,t2,*ap,*bp,*rp;
 	int i,carry;
 #if defined(IRIX_CC_BUG) && !defined(LINT)
@@ -179,14 +175,16 @@ int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
 	bn_check_top(a);
 	bn_check_top(b);
 
-	if (a->top < b->top) /* hmm... should not be happening */
+	max = a->top;
+	min = b->top;
+	dif = max - min;
+
+	if (dif < 0)	/* hmm... should not be happening */
 		{
 		BNerr(BN_F_BN_USUB,BN_R_ARG2_LT_ARG3);
 		return(0);
 		}
 
-	max=a->top;
-	min=b->top;
 	if (bn_wexpand(r,max) == NULL) return(0);
 
 	ap=a->d;
@@ -195,7 +193,7 @@ int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
 
 #if 1
 	carry=0;
-	for (i=0; i<min; i++)
+	for (i = min; i != 0; i--)
 		{
 		t1= *(ap++);
 		t2= *(bp++);
@@ -219,17 +217,20 @@ int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
 	ap+=min;
 	bp+=min;
 	rp+=min;
-	i=min;
 #endif
 	if (carry) /* subtracted */
 		{
-		while (i < max)
+		if (!dif)
+			/* error: a < b */
+			return 0;
+		while (dif)
 			{
-			i++;
-			t1= *(ap++);
-			t2=(t1-1)&BN_MASK2;
-			*(rp++)=t2;
-			if (t1 > t2) break;
+			dif--;
+			t1 = *(ap++);
+			t2 = (t1-1)&BN_MASK2;
+			*(rp++) = t2;
+			if (t1)
+				break;
 			}
 		}
 #if 0
@@ -239,13 +240,13 @@ int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
 		{
 		for (;;)
 			{
-			if (i++ >= max) break;
+			if (!dif--) break;
 			rp[0]=ap[0];
-			if (i++ >= max) break;
+			if (!dif--) break;
 			rp[1]=ap[1];
-			if (i++ >= max) break;
+			if (!dif--) break;
 			rp[2]=ap[2];
-			if (i++ >= max) break;
+			if (!dif--) break;
 			rp[3]=ap[3];
 			rp+=4;
 			ap+=4;

crypto/bn/bn_ctx.c

@@ -123,7 +123,8 @@ void BN_CTX_free(BN_CTX *ctx)
 
 	for (i=0; i < BN_CTX_NUM; i++) {
 		bn_check_top(&(ctx->bn[i]));
-		BN_clear_free(&(ctx->bn[i]));
+		if (ctx->bn[i].d)
+			BN_clear_free(&(ctx->bn[i]));
 	}
 	if (ctx->flags & BN_FLG_MALLOCED)
 		OPENSSL_free(ctx);
@@ -139,6 +140,7 @@ void BN_CTX_start(BN_CTX *ctx)
 
 BIGNUM *BN_CTX_get(BN_CTX *ctx)
 	{
+	BIGNUM *ret;
 	/* Note: If BN_CTX_get is ever changed to allocate BIGNUMs dynamically,
 	 * make sure that if BN_CTX_get fails once it will return NULL again
 	 * until BN_CTX_end is called.  (This is so that callers have to check
@@ -154,8 +156,10 @@ BIGNUM *BN_CTX_get(BN_CTX *ctx)
 			}
 		return NULL;
 		}
-	bn_check_top(&(ctx->bn[ctx->tos]));
-	return (&(ctx->bn[ctx->tos++]));
+	ret = ctx->bn + (ctx->tos++);
+	/* always return a 'zeroed' bignum */
+	BN_zero(ret);
+	return ret;
 	}
 
 void BN_CTX_end(BN_CTX *ctx)
@@ -170,19 +174,11 @@ void BN_CTX_end(BN_CTX *ctx)
 
 	ctx->too_many = 0;
 	ctx->depth--;
-	/* It appears some "scrapbook" uses of BN_CTX result in BIGNUMs being
-	 * left in an inconsistent state when they are released (eg. BN_div).
-	 * These can trip us up when they get reused, so the safest fix is to
-	 * make sure the BIGNUMs are made sane when the context usage is
-	 * releasing them. */
 	if (ctx->depth < BN_CTX_NUM_POS)
-#if 0
+#ifndef BN_DEBUG
 		ctx->tos = ctx->pos[ctx->depth];
 #else
-		{
 		while(ctx->tos > ctx->pos[ctx->depth])
-			/* This ensures the BIGNUM is sane(r) for reuse. */
-			ctx->bn[--(ctx->tos)].top = 0;
-		}
+			bn_check_top(&ctx->bn[--(ctx->tos)]);
 #endif
 	}

crypto/bn/bn_div.c

@@ -214,7 +214,6 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
 		res=BN_CTX_get(ctx);
 	else	res=dv;
 	if (sdiv == NULL || res == NULL) goto err;
-	tmp->neg=0;
 
 	/* First we normalise the numbers */
 	norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2);
@@ -232,10 +231,8 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
 	wnum.neg   = 0;
 	wnum.d     = &(snum->d[loop]);
 	wnum.top   = div_n;
-#ifdef BN_DEBUG_RAND
 	/* only needed when BN_ucmp messes up the values between top and max */
 	wnum.dmax  = snum->dmax - loop; /* so we don't step out of bounds */
-#endif
 
 	/* Get the top 2 words of sdiv */
 	/* div_n=sdiv->top; */
@@ -256,12 +253,10 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
 
 	if (BN_ucmp(&wnum,sdiv) >= 0)
 		{
-#ifdef BN_DEBUG_RAND
 		/* If BN_DEBUG_RAND is defined BN_ucmp changes (via
 		 * bn_pollute) the const bignum arguments =>
 		 * clean the values between top and max again */
 		bn_clear_top2max(&wnum);
-#endif
 		bn_sub_words(wnum.d, wnum.d, sdiv->d, div_n);
 		*resp=1;
 		}
@@ -384,13 +379,13 @@ X) -> 0x%08X\n",
 		/* store part of the result */
 		*resp = q;
 		}
+	bn_correct_top(snum);
 	if (rm != NULL)
 		{
 		/* Keep a copy of the neg flag in num because if rm==num
 		 * BN_rshift() will overwrite it.
 		 */
 		int neg = num->neg;
-		bn_correct_top(snum);
 		BN_rshift(rm,snum,norm_shift);
 		if (!BN_is_zero(rm))
 			rm->neg = neg;

crypto/bn/bn_exp.c

@@ -266,7 +266,8 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	if (!BN_nnmod(&(val[0]),a,m,ctx)) goto err;		/* 1 */
 	if (BN_is_zero(&(val[0])))
 		{
-		ret = BN_zero(r);
+		BN_zero(r);
+		ret = 1;
 		goto err;
 		}
 
@@ -361,6 +362,7 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
 	int start=1,ts=0;
 	BIGNUM *d,*r;
 	const BIGNUM *aa;
+	/* TODO: BN_CTX??? */
 	BIGNUM val[TABLE_SIZE];
 	BN_MONT_CTX *mont=NULL;
 
@@ -368,7 +370,7 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
 	bn_check_top(p);
 	bn_check_top(m);
 
-	if (!(m->d[0] & 1))
+	if (!BN_is_odd(m))
 		{
 		BNerr(BN_F_BN_MOD_EXP_MONT,BN_R_CALLED_WITH_EVEN_MODULUS);
 		return(0);
@@ -408,7 +410,8 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
 		aa=a;
 	if (BN_is_zero(aa))
 		{
-		ret = BN_zero(rr);
+		BN_zero(rr);
+		ret = 1;
 		goto err;
 		}
 	if (!BN_to_montgomery(&(val[0]),aa,mont,ctx)) goto err; /* 1 */
@@ -524,7 +527,7 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
 	bn_check_top(p);
 	bn_check_top(m);
 
-	if (m->top == 0 || !(m->d[0] & 1))
+	if (!BN_is_odd(m))
 		{
 		BNerr(BN_F_BN_MOD_EXP_MONT_WORD,BN_R_CALLED_WITH_EVEN_MODULUS);
 		return(0);
@@ -540,7 +543,8 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
 		}
 	if (a == 0)
 		{
-		ret = BN_zero(rr);
+		BN_zero(rr);
+		ret = 1;
 		return ret;
 		}
 
@@ -640,13 +644,13 @@ err:
 
 
 /* The old fallback, simple version :-) */
-int BN_mod_exp_simple(BIGNUM *r,
-	const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
-	BN_CTX *ctx)
+int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+		const BIGNUM *m, BN_CTX *ctx)
 	{
 	int i,j,bits,ret=0,wstart,wend,window,wvalue,ts=0;
 	int start=1;
 	BIGNUM *d;
+	/* TODO: BN_CTX?? */
 	BIGNUM val[TABLE_SIZE];
 
 	bits=BN_num_bits(p);
@@ -665,7 +669,8 @@ int BN_mod_exp_simple(BIGNUM *r,
 	if (!BN_nnmod(&(val[0]),a,m,ctx)) goto err;		/* 1 */
 	if (BN_is_zero(&(val[0])))
 		{
-		ret = BN_zero(r);
+		BN_zero(r);
+		ret = 1;
 		goto err;
 		}
 

crypto/bn/bn_exp2.c

@@ -123,6 +123,7 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1,
 	int r_is_one=1,ts1=0,ts2=0;
 	BIGNUM *d,*r;
 	const BIGNUM *a_mod_m;
+	/* TODO: BN_CTX??? */
 	BIGNUM val1[TABLE_SIZE], val2[TABLE_SIZE];
 	BN_MONT_CTX *mont=NULL;
 
@@ -178,7 +179,8 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1,
 		a_mod_m = a1;
 	if (BN_is_zero(a_mod_m))
 		{
-		ret = BN_zero(rr);
+		BN_zero(rr);
+		ret = 1;
 		goto err;
 		}
 
@@ -213,7 +215,8 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1,
 		a_mod_m = a2;
 	if (BN_is_zero(a_mod_m))
 		{
-		ret = BN_zero(rr);
+		BN_zero(rr);
+		ret = 1;
 		goto err;
 		}
 	if (!BN_to_montgomery(&(val2[0]),a_mod_m,mont,ctx)) goto err;

crypto/bn/bn_gcd.c

@@ -488,6 +488,7 @@ BIGNUM *BN_mod_inverse(BIGNUM *in,
 err:
 	if ((ret == NULL) && (in == NULL)) BN_free(R);
 	BN_CTX_end(ctx);
-	bn_check_top(ret);
+	if (ret)
+		bn_check_top(ret);
 	return(ret);
 	}

crypto/bn/bn_gf2m.c

@@ -228,7 +228,7 @@ static void bn_GF2m_mul_1x1(BN_ULONG *r1, BN_ULONG *r0, const BN_ULONG a, const
 	BN_ULONG tab[16], top3b = a >> 61;
 	register BN_ULONG a1, a2, a4, a8;
 
-	a1 = a & (0x1FFFFFFFFFFFFFFF); a2 = a1 << 1; a4 = a2 << 1; a8 = a4 << 1;
+	a1 = a & (0x1FFFFFFFFFFFFFFFULL); a2 = a1 << 1; a4 = a2 << 1; a8 = a4 << 1;
 
 	tab[ 0] = 0;     tab[ 1] = a1;       tab[ 2] = a2;       tab[ 3] = a1^a2;
 	tab[ 4] = a4;    tab[ 5] = a1^a4;    tab[ 6] = a2^a4;    tab[ 7] = a1^a2^a4;
@@ -288,6 +288,9 @@ int	BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
 	int i;
 	const BIGNUM *at, *bt;
 
+	bn_check_top(a);
+	bn_check_top(b);
+
 	if (a->top < b->top) { at = b; bt = a; }
 	else { at = a; bt = b; }
 
@@ -322,10 +325,15 @@ int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[])
 	int j, k;
 	int n, dN, d0, d1;
 	BN_ULONG zz, *z;
-	
+
+	bn_check_top(a);
+
 	if (!p[0])
+		{
 		/* reduction mod 1 => return 0 */
-		return BN_zero(r);
+		BN_zero(r);
+		return 1;
+		}
 
 	/* Since the algorithm does reduction in the r value, if a != r, copy
 	 * the contents of a into r so we can do reduction in r. 
@@ -397,7 +405,6 @@ int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[])
 		}
 
 	bn_correct_top(r);
-	
 	return 1;
 	}
 
@@ -409,8 +416,11 @@ int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[])
  */
 int	BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p)
 	{
+	int ret = 0;
 	const int max = BN_num_bits(p);
-	unsigned int *arr=NULL, ret = 0;
+	unsigned int *arr=NULL;
+	bn_check_top(a);
+	bn_check_top(p);
 	if ((arr = (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) * max)) == NULL) goto err;
 	ret = BN_GF2m_poly2arr(p, arr, max);
 	if (!ret || ret > max)
@@ -420,7 +430,7 @@ int	BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p)
 		}
 	ret = BN_GF2m_mod_arr(r, a, arr);
 	bn_check_top(r);
-  err:
+err:
 	if (arr) OPENSSL_free(arr);
 	return ret;
 	}
@@ -434,12 +444,14 @@ int	BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const unsig
 	int zlen, i, j, k, ret = 0;
 	BIGNUM *s;
 	BN_ULONG x1, x0, y1, y0, zz[4];
-	
+
+	bn_check_top(a);
+	bn_check_top(b);
+
 	if (a == b)
 		{
 		return BN_GF2m_mod_sqr_arr(r, a, p, ctx);
 		}
-	
 
 	BN_CTX_start(ctx);
 	if ((s = BN_CTX_get(ctx)) == NULL) goto err;
@@ -468,10 +480,9 @@ int	BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const unsig
 		ret = 1;
 	bn_check_top(r);
 
-  err:
+err:
 	BN_CTX_end(ctx);
 	return ret;
-	
 	}
 
 /* Compute the product of two polynomials a and b, reduce modulo p, and store
@@ -483,8 +494,12 @@ int	BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const unsig
  */
 int	BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx)
 	{
+	int ret = 0;
 	const int max = BN_num_bits(p);
-	unsigned int *arr=NULL, ret = 0;
+	unsigned int *arr=NULL;
+	bn_check_top(a);
+	bn_check_top(b);
+	bn_check_top(p);
 	if ((arr = (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) * max)) == NULL) goto err;
 	ret = BN_GF2m_poly2arr(p, arr, max);
 	if (!ret || ret > max)
@@ -494,7 +509,7 @@ int	BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p
 		}
 	ret = BN_GF2m_mod_mul_arr(r, a, b, arr, ctx);
 	bn_check_top(r);
-  err:
+err:
 	if (arr) OPENSSL_free(arr);
 	return ret;
 	}
@@ -505,7 +520,8 @@ int	BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[], BN_C
 	{
 	int i, ret = 0;
 	BIGNUM *s;
-	
+
+	bn_check_top(a);
 	BN_CTX_start(ctx);
 	if ((s = BN_CTX_get(ctx)) == NULL) return 0;
 	if (!bn_wexpand(s, 2 * a->top)) goto err;
@@ -521,7 +537,7 @@ int	BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[], BN_C
 	if (!BN_GF2m_mod_arr(r, s, p)) goto err;
 	bn_check_top(r);
 	ret = 1;
-  err:
+err:
 	BN_CTX_end(ctx);
 	return ret;
 	}
@@ -534,8 +550,12 @@ int	BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[], BN_C
  */
 int	BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 	{
+	int ret = 0;
 	const int max = BN_num_bits(p);
-	unsigned int *arr=NULL, ret = 0;
+	unsigned int *arr=NULL;
+
+	bn_check_top(a);
+	bn_check_top(p);
 	if ((arr = (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) * max)) == NULL) goto err;
 	ret = BN_GF2m_poly2arr(p, arr, max);
 	if (!ret || ret > max)
@@ -545,7 +565,7 @@ int	BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 		}
 	ret = BN_GF2m_mod_sqr_arr(r, a, arr, ctx);
 	bn_check_top(r);
-  err:
+err:
 	if (arr) OPENSSL_free(arr);
 	return ret;
 	}
@@ -561,6 +581,9 @@ int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 	BIGNUM *b, *c, *u, *v, *tmp;
 	int ret = 0;
 
+	bn_check_top(a);
+	bn_check_top(p);
+
 	BN_CTX_start(ctx);
 	
 	b = BN_CTX_get(ctx);
@@ -570,7 +593,6 @@ int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 	if (v == NULL) goto err;
 
 	if (!BN_one(b)) goto err;
-	if (!BN_zero(c)) goto err;
 	if (!BN_GF2m_mod(u, a, p)) goto err;
 	if (!BN_copy(v, p)) goto err;
 
@@ -605,7 +627,7 @@ int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 	bn_check_top(r);
 	ret = 1;
 
-  err:
+err:
   	BN_CTX_end(ctx);
 	return ret;
 	}
@@ -621,6 +643,7 @@ int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *xx, const unsigned int p[], BN_
 	BIGNUM *field;
 	int ret = 0;
 
+	bn_check_top(xx);
 	BN_CTX_start(ctx);
 	if ((field = BN_CTX_get(ctx)) == NULL) goto err;
 	if (!BN_GF2m_arr2poly(p, field)) goto err;
@@ -628,7 +651,7 @@ int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *xx, const unsigned int p[], BN_
 	ret = BN_GF2m_mod_inv(r, xx, field, ctx);
 	bn_check_top(r);
 
-  err:
+err:
 	BN_CTX_end(ctx);
 	return ret;
 	}
@@ -642,7 +665,11 @@ int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x, const BIGNUM *p
 	{
 	BIGNUM *xinv = NULL;
 	int ret = 0;
-	
+
+	bn_check_top(y);
+	bn_check_top(x);
+	bn_check_top(p);
+
 	BN_CTX_start(ctx);
 	xinv = BN_CTX_get(ctx);
 	if (xinv == NULL) goto err;
@@ -652,7 +679,7 @@ int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x, const BIGNUM *p
 	bn_check_top(r);
 	ret = 1;
 
-  err:
+err:
 	BN_CTX_end(ctx);
 	return ret;
 	}
@@ -668,6 +695,10 @@ int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x, const BIGNUM *p
 	BIGNUM *a, *b, *u, *v;
 	int ret = 0;
 
+	bn_check_top(y);
+	bn_check_top(x);
+	bn_check_top(p);
+
 	BN_CTX_start(ctx);
 	
 	a = BN_CTX_get(ctx);
@@ -680,7 +711,6 @@ int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x, const BIGNUM *p
 	if (!BN_GF2m_mod(u, y, p)) goto err;
 	if (!BN_GF2m_mod(a, x, p)) goto err;
 	if (!BN_copy(b, p)) goto err;
-	if (!BN_zero(v)) goto err;
 	
 	while (!BN_is_odd(a))
 		{
@@ -721,7 +751,7 @@ int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x, const BIGNUM *p
 	bn_check_top(r);
 	ret = 1;
 
-  err:
+err:
   	BN_CTX_end(ctx);
 	return ret;
 	}
@@ -739,6 +769,9 @@ int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *yy, const BIGNUM *xx, const uns
 	BIGNUM *field;
 	int ret = 0;
 
+	bn_check_top(yy);
+	bn_check_top(xx);
+
 	BN_CTX_start(ctx);
 	if ((field = BN_CTX_get(ctx)) == NULL) goto err;
 	if (!BN_GF2m_arr2poly(p, field)) goto err;
@@ -746,7 +779,7 @@ int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *yy, const BIGNUM *xx, const uns
 	ret = BN_GF2m_mod_div(r, yy, xx, field, ctx);
 	bn_check_top(r);
 
-  err:
+err:
 	BN_CTX_end(ctx);
 	return ret;
 	}
@@ -760,13 +793,15 @@ int	BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const unsig
 	{
 	int ret = 0, i, n;
 	BIGNUM *u;
-	
+
+	bn_check_top(a);
+	bn_check_top(b);
+
 	if (BN_is_zero(b))
 		return(BN_one(r));
 
 	if (BN_abs_is_word(b, 1))
 		return (BN_copy(r, a) != NULL);
-	
 
 	BN_CTX_start(ctx);
 	if ((u = BN_CTX_get(ctx)) == NULL) goto err;
@@ -784,10 +819,8 @@ int	BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const unsig
 		}
 	if (!BN_copy(r, u)) goto err;
 	bn_check_top(r);
-
 	ret = 1;
-
-  err:
+err:
 	BN_CTX_end(ctx);
 	return ret;
 	}
@@ -801,8 +834,12 @@ int	BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const unsig
  */
 int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx)
 	{
+	int ret = 0;
 	const int max = BN_num_bits(p);
-	unsigned int *arr=NULL, ret = 0;
+	unsigned int *arr=NULL;
+	bn_check_top(a);
+	bn_check_top(b);
+	bn_check_top(p);
 	if ((arr = (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) * max)) == NULL) goto err;
 	ret = BN_GF2m_poly2arr(p, arr, max);
 	if (!ret || ret > max)
@@ -812,7 +849,7 @@ int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p
 		}
 	ret = BN_GF2m_mod_exp_arr(r, a, b, arr, ctx);
 	bn_check_top(r);
-  err:
+err:
 	if (arr) OPENSSL_free(arr);
 	return ret;
 	}
@@ -826,19 +863,23 @@ int	BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[], BN_
 	int ret = 0;
 	BIGNUM *u;
 
+	bn_check_top(a);
+
 	if (!p[0])
+		{
 		/* reduction mod 1 => return 0 */
-		return BN_zero(r);
-	
+		BN_zero(r);
+		return 1;
+		}
+
 	BN_CTX_start(ctx);
 	if ((u = BN_CTX_get(ctx)) == NULL) goto err;
 	
-	if (!BN_zero(u)) goto err;
 	if (!BN_set_bit(u, p[0] - 1)) goto err;
 	ret = BN_GF2m_mod_exp_arr(r, a, u, p, ctx);
 	bn_check_top(r);
 
-  err:
+err:
 	BN_CTX_end(ctx);
 	return ret;
 	}
@@ -852,8 +893,11 @@ int	BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[], BN_
  */
 int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 	{
+	int ret = 0;
 	const int max = BN_num_bits(p);
-	unsigned int *arr=NULL, ret = 0;
+	unsigned int *arr=NULL;
+	bn_check_top(a);
+	bn_check_top(p);
 	if ((arr = (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) * max)) == NULL) goto err;
 	ret = BN_GF2m_poly2arr(p, arr, max);
 	if (!ret || ret > max)
@@ -863,7 +907,7 @@ int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 		}
 	ret = BN_GF2m_mod_sqrt_arr(r, a, arr, ctx);
 	bn_check_top(r);
-  err:
+err:
 	if (arr) OPENSSL_free(arr);
 	return ret;
 	}
@@ -877,9 +921,14 @@ int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const unsigned int p
 	unsigned int j;
 	BIGNUM *a, *z, *rho, *w, *w2, *tmp;
 
+	bn_check_top(a_);
+
 	if (!p[0])
+		{
 		/* reduction mod 1 => return 0 */
-		return BN_zero(r);
+		BN_zero(r);
+		return 1;
+		}
 
 	BN_CTX_start(ctx);
 	a = BN_CTX_get(ctx);
@@ -891,7 +940,8 @@ int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const unsigned int p
 	
 	if (BN_is_zero(a))
 		{
-		ret = BN_zero(r);
+		BN_zero(r);
+		ret = 1;
 		goto err;
 		}
 
@@ -917,7 +967,7 @@ int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const unsigned int p
 			{
 			if (!BN_rand(rho, p[0], 0, 0)) goto err;
 			if (!BN_GF2m_mod_arr(rho, rho, p)) goto err;
-			if (!BN_zero(z)) goto err;
+			BN_zero(z);
 			if (!BN_copy(w, rho)) goto err;
 			for (j = 1; j <= p[0] - 1; j++)
 				{
@@ -945,7 +995,7 @@ int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const unsigned int p
 
 	ret = 1;
 
-  err:
+err:
 	BN_CTX_end(ctx);
 	return ret;
 	}
@@ -958,9 +1008,13 @@ int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const unsigned int p
  */
 int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 	{
+	int ret = 0;
 	const int max = BN_num_bits(p);
-	unsigned int *arr=NULL, ret = 0;
-	if ((arr = (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) * max)) == NULL) goto err;
+	unsigned int *arr=NULL;
+	bn_check_top(a);
+	bn_check_top(p);
+	if ((arr = (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) *
+						max)) == NULL) goto err;
 	ret = BN_GF2m_poly2arr(p, arr, max);
 	if (!ret || ret > max)
 		{
@@ -969,7 +1023,7 @@ int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *
 		}
 	ret = BN_GF2m_mod_solve_quad_arr(r, a, arr, ctx);
 	bn_check_top(r);
-  err:
+err:
 	if (arr) OPENSSL_free(arr);
 	return ret;
 	}
@@ -1018,6 +1072,7 @@ int BN_GF2m_arr2poly(const unsigned int p[], BIGNUM *a)
 	{
 	int i;
 
+	bn_check_top(a);
 	BN_zero(a);
 	for (i = 0; p[i] != 0; i++)
 		{
@@ -1025,7 +1080,7 @@ int BN_GF2m_arr2poly(const unsigned int p[], BIGNUM *a)
 		}
 	BN_set_bit(a, 0);
 	bn_check_top(a);
-	
+
 	return 1;
 	}
 

crypto/bn/bn_kron.c

@@ -53,9 +53,9 @@
  *
  */
 
+#include "cryptlib.h"
 #include "bn_lcl.h"
 
-
 /* least significant word */
 #define BN_lsw(n) (((n)->top == 0) ? (BN_ULONG) 0 : (n)->d[0])
 
@@ -74,6 +74,9 @@ int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
 	 */
 	static const int tab[8] = {0, 1, 0, -1, 0, -1, 0, 1};
 
+	bn_check_top(a);
+	bn_check_top(b);
+
 	BN_CTX_start(ctx);
 	A = BN_CTX_get(ctx);
 	B = BN_CTX_get(ctx);
@@ -172,8 +175,7 @@ int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
 		tmp = A; A = B; B = tmp;
 		tmp->neg = 0;
 		}
-	
- end:
+end:
 	BN_CTX_end(ctx);
 	if (err)
 		return -2;

crypto/bn/bn_lcl.h

@@ -240,7 +240,7 @@ extern "C" {
 #define Lw(t)    (((BN_ULONG)(t))&BN_MASK2)
 #define Hw(t)    (((BN_ULONG)((t)>>BN_BITS2))&BN_MASK2)
 
-
+#ifdef BN_DEBUG_RAND
 #define bn_clear_top2max(a) \
 	{ \
 	int      ind = (a)->dmax - (a)->top; \
@@ -248,39 +248,10 @@ extern "C" {
 	for (; ind != 0; ind--) \
 		*(++ftl) = 0x0; \
 	}
-
-
-/* This macro is to add extra stuff for development checking */
-#ifdef BN_DEBUG
-#define	bn_set_max(r) ((r)->max=(r)->top,BN_set_flags((r),BN_FLG_STATIC_DATA))
 #else
-#define	bn_set_max(r)
+#define bn_clear_top2max(a)
 #endif
 
-/* These macros are used to 'take' a section of a bignum for read only use */
-#define bn_set_low(r,a,n) \
-	{ \
-	(r)->top=((a)->top > (n))?(n):(a)->top; \
-	(r)->d=(a)->d; \
-	(r)->neg=(a)->neg; \
-	(r)->flags|=BN_FLG_STATIC_DATA; \
-	bn_set_max(r); \
-	}
-
-#define bn_set_high(r,a,n) \
-	{ \
-	if ((a)->top > (n)) \
-		{ \
-		(r)->top=(a)->top-n; \
-		(r)->d= &((a)->d[n]); \
-		} \
-	else \
-		(r)->top=0; \
-	(r)->neg=(a)->neg; \
-	(r)->flags|=BN_FLG_STATIC_DATA; \
-	bn_set_max(r); \
-	}
-
 #ifdef BN_LLONG
 #define mul_add(r,a,w,c) { \
 	BN_ULLONG t; \

crypto/bn/bn_lib.c

@@ -131,7 +131,7 @@ int BN_get_params(int which)
 const BIGNUM *BN_value_one(void)
 	{
 	static BN_ULONG data_one=1L;
-	static BIGNUM const_one={&data_one,1,1,0};
+	static BIGNUM const_one={&data_one,1,1,0,BN_FLG_STATIC_DATA};
 
 	return(&const_one);
 	}
@@ -145,11 +145,11 @@ char *BN_options(void)
 		{
 		init++;
 #ifdef BN_LLONG
-		sprintf(data,"bn(%d,%d)",(int)sizeof(BN_ULLONG)*8,
-			(int)sizeof(BN_ULONG)*8);
+		BIO_snprintf(data,sizeof data,"bn(%d,%d)",
+			     (int)sizeof(BN_ULLONG)*8,(int)sizeof(BN_ULONG)*8);
 #else
-		sprintf(data,"bn(%d,%d)",(int)sizeof(BN_ULONG)*8,
-			(int)sizeof(BN_ULONG)*8);
+		BIO_snprintf(data,sizeof data,"bn(%d,%d)",
+			     (int)sizeof(BN_ULONG)*8,(int)sizeof(BN_ULONG)*8);
 #endif
 		}
 	return(data);
@@ -244,16 +244,11 @@ int BN_num_bits_word(BN_ULONG l)
 
 int BN_num_bits(const BIGNUM *a)
 	{
-	BN_ULONG l;
-	int i;
-
+	int i = a->top - 1;
 	bn_check_top(a);
 
-	if (a->top == 0) return(0);
-	l=a->d[a->top-1];
-	assert(l != 0);
-	i=(a->top-1)*BN_BITS2;
-	return(i+BN_num_bits_word(l));
+	if (BN_is_zero(a)) return 0;
+	return ((i*BN_BITS2) + BN_num_bits_word(a->d[i]));
 	}
 
 void BN_clear_free(BIGNUM *a)
@@ -261,6 +256,7 @@ void BN_clear_free(BIGNUM *a)
 	int i;
 
 	if (a == NULL) return;
+	bn_check_top(a);
 	if (a->d != NULL)
 		{
 		OPENSSL_cleanse(a->d,a->dmax*sizeof(a->d[0]));
@@ -276,11 +272,18 @@ void BN_clear_free(BIGNUM *a)
 void BN_free(BIGNUM *a)
 	{
 	if (a == NULL) return;
+	bn_check_top(a);
 	if ((a->d != NULL) && !(BN_get_flags(a,BN_FLG_STATIC_DATA)))
 		OPENSSL_free(a->d);
-	a->flags|=BN_FLG_FREE; /* REMOVE? */
 	if (a->flags & BN_FLG_MALLOCED)
 		OPENSSL_free(a);
+	else
+		{
+#ifndef OPENSSL_NO_DEPRECATED
+		a->flags|=BN_FLG_FREE;
+#endif
+		a->d = NULL;
+		}
 	}
 
 void BN_init(BIGNUM *a)
@@ -315,13 +318,13 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
 	const BN_ULONG *B;
 	int i;
 
+	bn_check_top(b);
+
 	if (words > (INT_MAX/(4*BN_BITS2)))
 		{
 		BNerr(BN_F_BN_EXPAND_INTERNAL,BN_R_BIGNUM_TOO_LONG);
 		return NULL;
 		}
-
-	bn_check_top(b);	
 	if (BN_get_flags(b,BN_FLG_STATIC_DATA))
 		{
 		BNerr(BN_F_BN_EXPAND_INTERNAL,BN_R_EXPAND_ON_STATIC_BIGNUM_DATA);
@@ -388,12 +391,14 @@ BIGNUM *bn_dup_expand(const BIGNUM *b, int words)
 	{
 	BIGNUM *r = NULL;
 
+	bn_check_top(b);
+
 	/* This function does not work if
 	 *      words <= b->dmax && top < words
 	 * because BN_dup() does not preserve 'dmax'!
 	 * (But bn_dup_expand() is not used anywhere yet.)
 	 */
-	
+
 	if (words > b->dmax)
 		{
 		BN_ULONG *a = bn_expand_internal(b, words);
@@ -437,23 +442,19 @@ BIGNUM *bn_expand2(BIGNUM *b, int words)
 	BN_ULONG *A;
 	int i;
 
+	bn_check_top(b);
+
 	if (words > b->dmax)
 		{
 		BN_ULONG *a = bn_expand_internal(b, words);
-
-		if (a)
-			{
-			if (b->d)
-				OPENSSL_free(b->d);
-			b->d=a;
-			b->dmax=words;
-			}
-		else
-			b = NULL;
+		if(!a) return NULL;
+		if(b->d) OPENSSL_free(b->d);
+		b->d=a;
+		b->dmax=words;
 		}
-	
+
 	/* NB: bn_wexpand() calls this only if the BIGNUM really has to grow */
-	if ((b != NULL) && (b->top < b->dmax))
+	if (b->top < b->dmax)
 		{
 		A = &(b->d[b->top]);
 		for (i=(b->dmax - b->top)>>3; i>0; i--,A+=8)
@@ -465,26 +466,26 @@ BIGNUM *bn_expand2(BIGNUM *b, int words)
 			A[0]=0;
 		assert(A == &(b->d[b->dmax]));
 		}
-	else if(b) bn_check_top(b);
+	bn_check_top(b);
 	return b;
 	}
 
 BIGNUM *BN_dup(const BIGNUM *a)
 	{
-	BIGNUM *r, *t;
+	BIGNUM *t;
 
 	if (a == NULL) return NULL;
-
 	bn_check_top(a);
 
 	t = BN_new();
-	if (t == NULL) return(NULL);
-	r = BN_copy(t, a);
-	/* now  r == t || r == NULL */
-	if (r == NULL)
+	if (t == NULL) return NULL;
+	if(!BN_copy(t, a))
+		{
 		BN_free(t);
-	bn_check_top(r);
-	return r;
+		return NULL;
+		}
+	bn_check_top(t);
+	return t;
 	}
 
 BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b)
@@ -518,10 +519,11 @@ BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b)
 	memcpy(a->d,b->d,sizeof(b->d[0])*b->top);
 #endif
 
-/*	memset(&(a->d[b->top]),0,sizeof(a->d[0])*(a->max-b->top));*/
 	a->top=b->top;
+#ifndef BN_STRICT
 	if ((a->top == 0) && (a->d != NULL))
 		a->d[0]=0;
+#endif
 	a->neg=b->neg;
 	bn_check_top(a);
 	return(a);
@@ -534,18 +536,15 @@ BIGNUM *BN_ncopy(BIGNUM *a, const BIGNUM *b, size_t n)
 	const BN_ULONG *B;
 
 	bn_check_top(b);
-
 	if (a == b)
 		return a;
 
 	min = (b->top < (int)n)? b->top: (int)n;
-
 	if (!min)
 		{
 		BN_zero(a);
 		return a;
 		}
-
 	if (bn_wexpand(a, min) == NULL)
 		return NULL;
 
@@ -565,11 +564,8 @@ BIGNUM *BN_ncopy(BIGNUM *a, const BIGNUM *b, size_t n)
 		case 0: ;
 		}
 	a->top = min;
-
 	a->neg = b->neg;
 	bn_correct_top(a);
-
-	bn_check_top(a);
 	return(a);
 	}
 
@@ -579,6 +575,9 @@ void BN_swap(BIGNUM *a, BIGNUM *b)
 	BN_ULONG *tmp_d;
 	int tmp_top, tmp_dmax, tmp_neg;
 	
+	bn_check_top(a);
+	bn_check_top(b);
+
 	flags_old_a = a->flags;
 	flags_old_b = b->flags;
 
@@ -603,14 +602,13 @@ void BN_swap(BIGNUM *a, BIGNUM *b)
 	bn_check_top(b);
 	}
 
-
 void BN_clear(BIGNUM *a)
 	{
+	bn_check_top(a);
 	if (a->d != NULL)
 		memset(a->d,0,a->dmax*sizeof(a->d[0]));
 	a->top=0;
 	a->neg=0;
-	bn_check_top(a);
 	}
 
 BN_ULONG BN_get_word(const BIGNUM *a)
@@ -637,6 +635,7 @@ BN_ULONG BN_get_word(const BIGNUM *a)
 int BN_set_word(BIGNUM *a, BN_ULONG w)
 	{
 	int i,n;
+	bn_check_top(a);
 	if (bn_expand(a,(int)sizeof(BN_ULONG)*8) == NULL) return(0);
 
 	n=sizeof(BN_ULONG)/BN_BYTES;
@@ -670,6 +669,7 @@ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
 
 	if (ret == NULL) ret=BN_new();
 	if (ret == NULL) return(NULL);
+	bn_check_top(ret);
 	l=0;
 	n=len;
 	if (n == 0)
@@ -705,13 +705,13 @@ int BN_bn2bin(const BIGNUM *a, unsigned char *to)
 	int n,i;
 	BN_ULONG l;
 
+	bn_check_top(a);
 	n=i=BN_num_bytes(a);
 	while (i-- > 0)
 		{
 		l=a->d[i/BN_BYTES];
 		*(to++)=(unsigned char)(l>>(8*(i%BN_BYTES)))&0xff;
 		}
-	bn_check_top(a);
 	return(n);
 	}
 
@@ -732,7 +732,7 @@ int BN_ucmp(const BIGNUM *a, const BIGNUM *b)
 		t1= ap[i];
 		t2= bp[i];
 		if (t1 != t2)
-			return(t1 > t2?1:-1);
+			return((t1 > t2) ? 1 : -1);
 		}
 	return(0);
 	}
@@ -804,8 +804,8 @@ int BN_clear_bit(BIGNUM *a, int n)
 	{
 	int i,j;
 
-	if (n < 0)
-		return 0;
+	bn_check_top(a);
+	if (n < 0) return 0;
 
 	i=n/BN_BITS2;
 	j=n%BN_BITS2;
@@ -820,10 +820,11 @@ int BN_is_bit_set(const BIGNUM *a, int n)
 	{
 	int i,j;
 
-	if (n < 0) return(0);
+	bn_check_top(a);
+	if (n < 0) return 0;
 	i=n/BN_BITS2;
 	j=n%BN_BITS2;
-	if (a->top <= i) return(0);
+	if (a->top <= i) return 0;
 	return((a->d[i]&(((BN_ULONG)1)<<j))?1:0);
 	}
 
@@ -831,12 +832,12 @@ int BN_mask_bits(BIGNUM *a, int n)
 	{
 	int b,w;
 
-	if (n < 0)
-		return 0;
+	bn_check_top(a);
+	if (n < 0) return 0;
 
 	w=n/BN_BITS2;
 	b=n%BN_BITS2;
-	if (w >= a->top) return(0);
+	if (w >= a->top) return 0;
 	if (b == 0)
 		a->top=w;
 	else

crypto/bn/bn_mod.c

@@ -149,7 +149,7 @@ int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_
  * and less than  m */
 int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m)
 	{
-	if (!BN_add(r, a, b)) return 0;
+	if (!BN_uadd(r, a, b)) return 0;
 	if (BN_ucmp(r, m) >= 0)
 		return BN_usub(r, r, m);
 	return 1;

crypto/bn/bn_mont.c

@@ -284,7 +284,7 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
 		BN_ULONG buf[2];
 
 		mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2;
-		if (!(BN_zero(R))) goto err;
+		BN_zero(R);
 		if (!(BN_set_bit(R,BN_BITS2))) goto err;	/* R */
 
 		buf[0]=mod->d[0]; /* tmod = N mod word size */
@@ -314,7 +314,7 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
 #else /* !MONT_WORD */
 		{ /* bignum version */
 		mont->ri=BN_num_bits(&mont->N);
-		if (!BN_zero(R)) goto err;
+		BN_zero(R);
 		if (!BN_set_bit(R,mont->ri)) goto err;  /* R = 2^ri */
 		                                        /* Ri = R^-1 mod N*/
 		if ((BN_mod_inverse(&Ri,R,&mont->N,ctx)) == NULL)
@@ -328,7 +328,7 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
 #endif
 
 	/* setup RR for conversions */
-	if (!BN_zero(&(mont->RR))) goto err;
+	BN_zero(&(mont->RR));
 	if (!BN_set_bit(&(mont->RR),mont->ri*2)) goto err;
 	if (!BN_mod(&(mont->RR),&(mont->RR),&(mont->N),ctx)) goto err;
 

crypto/bn/bn_mul.c

@@ -964,7 +964,7 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
 
 	if ((al == 0) || (bl == 0))
 		{
-		if (!BN_zero(r)) goto err;
+		BN_zero(r);
 		return(1);
 		}
 	top=al+bl;
@@ -1094,8 +1094,8 @@ end:
 	if (r != rr) BN_copy(r,rr);
 	ret=1;
 err:
-	BN_CTX_end(ctx);
 	bn_check_top(r);
+	BN_CTX_end(ctx);
 	return(ret);
 	}
 

crypto/bn/bn_nist.c

@@ -63,19 +63,25 @@
 #define BN_NIST_521_TOP	(521+BN_BITS2-1)/BN_BITS2
 
 #if BN_BITS2 == 64
-const static BN_ULONG _nist_p_192[] = {0xFFFFFFFFFFFFFFFF,0xFFFFFFFFFFFFFFFE,
-	0xFFFFFFFFFFFFFFFF};
-const static BN_ULONG _nist_p_224[] = {0x0000000000000001,0xFFFFFFFF00000000,
-	0xFFFFFFFFFFFFFFFF,0x00000000FFFFFFFF};
-const static BN_ULONG _nist_p_256[] = {0xFFFFFFFFFFFFFFFF,0x00000000FFFFFFFF,
-	0x0000000000000000,0xFFFFFFFF00000001};
-const static BN_ULONG _nist_p_384[] = {0x00000000FFFFFFFF,0xFFFFFFFF00000000,
-	0xFFFFFFFFFFFFFFFE,0xFFFFFFFFFFFFFFFF,0xFFFFFFFFFFFFFFFF,
-	0xFFFFFFFFFFFFFFFF};
-const static BN_ULONG _nist_p_521[] = {0xFFFFFFFFFFFFFFFF,0xFFFFFFFFFFFFFFFF,
-	0xFFFFFFFFFFFFFFFF,0xFFFFFFFFFFFFFFFF,0xFFFFFFFFFFFFFFFF,
-	0xFFFFFFFFFFFFFFFF,0xFFFFFFFFFFFFFFFF,0xFFFFFFFFFFFFFFFF,
-	0x00000000000001FF};
+const static BN_ULONG _nist_p_192[] =
+	{0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFEULL,
+	0xFFFFFFFFFFFFFFFFULL};
+const static BN_ULONG _nist_p_224[] =
+	{0x0000000000000001ULL,0xFFFFFFFF00000000ULL,
+	0xFFFFFFFFFFFFFFFFULL,0x00000000FFFFFFFFULL};
+const static BN_ULONG _nist_p_256[] =
+	{0xFFFFFFFFFFFFFFFFULL,0x00000000FFFFFFFFULL,
+	0x0000000000000000ULL,0xFFFFFFFF00000001ULL};
+const static BN_ULONG _nist_p_384[] =
+	{0x00000000FFFFFFFFULL,0xFFFFFFFF00000000ULL,
+	0xFFFFFFFFFFFFFFFEULL,0xFFFFFFFFFFFFFFFFULL,
+	0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL};
+const static BN_ULONG _nist_p_521[] =
+	{0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL,
+	0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL,
+	0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL,
+	0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL,
+	0x00000000000001FFULL};
 #elif BN_BITS2 == 32
 const static BN_ULONG _nist_p_192[] = {0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFE,
 	0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF};
@@ -313,7 +319,10 @@ int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 
 	top = BN_ucmp(field, a);
 	if (top == 0)
-		return BN_zero(r);
+		{
+		BN_zero(r);
+		return 1;
+		}
 	else if (top > 0)
 		return (r == a)? 1 : (BN_copy(r ,a) != NULL);
 
@@ -353,12 +362,7 @@ int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 			--carry; 
 		}
 	r->top = BN_NIST_192_TOP;
-
-#if 1
-	bn_clear_top2max(r);
-#endif
 	bn_correct_top(r);
-
 	if (BN_ucmp(r, field) >= 0)
 		{
 		bn_sub_words(r_d, r_d, _nist_p_192, BN_NIST_192_TOP);
@@ -393,7 +397,10 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 
 	tmp_int = BN_ucmp(field, a);
 	if (tmp_int == 0)
-		return BN_zero(r);
+		{
+		BN_zero(r);
+		return 1;
+		}
 	else if (tmp_int > 0)
 		return (r == a)? 1 : (BN_copy(r ,a) != NULL);
 
@@ -447,11 +454,7 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 			}
 
 	r->top = BN_NIST_224_TOP;
-#if 1
-	bn_clear_top2max(r);
-#endif
 	bn_correct_top(r);
-
 	if (BN_ucmp(r, field) >= 0)
 		{
 		bn_sub_words(r_d, r_d, _nist_p_224, BN_NIST_224_TOP);
@@ -517,7 +520,10 @@ int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 	
 	tmp_int = BN_ucmp(field, a);
 	if (tmp_int == 0)
-		return BN_zero(r);
+		{
+		BN_zero(r);
+		return 1;
+		}
 	else if (tmp_int > 0)
 		return (r == a)? 1 : (BN_copy(r ,a) != NULL);
 
@@ -606,11 +612,7 @@ int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 		}
 
 	r->top = BN_NIST_256_TOP;
-#if 1
-	bn_clear_top2max(r);
-#endif
 	bn_correct_top(r);
-
 	if (BN_ucmp(r, field) >= 0)
 		{
 		bn_sub_words(r_d, r_d, _nist_p_256, BN_NIST_256_TOP);
@@ -679,7 +681,10 @@ int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 
 	tmp_int = BN_ucmp(field, a);
 	if (tmp_int == 0)
-		return BN_zero(r);
+		{
+		BN_zero(r);
+		return 1;
+		}
 	else if (tmp_int > 0)
 		return (r == a)? 1 : (BN_copy(r ,a) != NULL);
 
@@ -775,11 +780,7 @@ int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 		}
 
 	r->top = BN_NIST_384_TOP;
-#if 1
-	bn_clear_top2max(r);
-#endif
 	bn_correct_top(r);
-
 	if (BN_ucmp(r, field) >= 0)
 		{
 		bn_sub_words(r_d, r_d, _nist_p_384, BN_NIST_384_TOP);

crypto/bn/bn_print.c

@@ -119,6 +119,7 @@ char *BN_bn2dec(const BIGNUM *a)
 		}
 	if ((t=BN_dup(a)) == NULL) goto err;
 
+#define BUF_REMAIN (num+3 - (size_t)(p - buf))
 	p=buf;
 	lp=bn_data;
 	if (t->neg) *(p++)='-';
@@ -139,12 +140,12 @@ char *BN_bn2dec(const BIGNUM *a)
 		/* We now have a series of blocks, BN_DEC_NUM chars
 		 * in length, where the last one needs truncation.
 		 * The blocks need to be reversed in order. */
-		sprintf(p,BN_DEC_FMT1,*lp);
+		BIO_snprintf(p,BUF_REMAIN,BN_DEC_FMT1,*lp);
 		while (*p) p++;
 		while (lp != bn_data)
 			{
 			lp--;
-			sprintf(p,BN_DEC_FMT2,*lp);
+			BIO_snprintf(p,BUF_REMAIN,BN_DEC_FMT2,*lp);
 			while (*p) p++;
 			}
 		}

crypto/bn/bn_rand.c

@@ -244,9 +244,7 @@ static int bn_rand_range(int pseudo, BIGNUM *r, BIGNUM *range)
 	/* BN_is_bit_set(range, n - 1) always holds */
 
 	if (n == 1)
-		{
-		if (!BN_zero(r)) return 0;
-		}
+		BN_zero(r);
 	else if (!BN_is_bit_set(range, n - 2) && !BN_is_bit_set(range, n - 3))
 		{
 		/* range = 100..._2,

crypto/bn/bn_recp.c

@@ -94,7 +94,7 @@ void BN_RECP_CTX_free(BN_RECP_CTX *recp)
 int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *d, BN_CTX *ctx)
 	{
 	if (!BN_copy(&(recp->N),d)) return 0;
-	if (!BN_zero(&(recp->Nr))) return 0;
+	BN_zero(&(recp->Nr));
 	recp->num_bits=BN_num_bits(d);
 	recp->shift=0;
 	return(1);
@@ -148,7 +148,7 @@ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
 
 	if (BN_ucmp(m,&(recp->N)) < 0)
 		{
-		if (!BN_zero(d)) return 0;
+		BN_zero(d);
 		if (!BN_copy(r,m)) return 0;
 		BN_CTX_end(ctx);
 		return(1);
@@ -204,8 +204,8 @@ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
 	ret=1;
 err:
 	BN_CTX_end(ctx);
-	if(dv) bn_fix_top(dv);
-	if(rem) bn_fix_top(rem);
+	if(dv) bn_check_top(dv);
+	if(rem) bn_check_top(rem);
 	return(ret);
 	} 
 
@@ -221,7 +221,6 @@ int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx)
 
 	BN_init(&t);
 
-	if (!BN_zero(&t)) goto err;
 	if (!BN_set_bit(&t,len)) goto err;
 
 	if (!BN_div(r,NULL,&t,m,ctx)) goto err;

crypto/bn/bn_sqr.c

@@ -77,15 +77,15 @@ int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
 	if (al <= 0)
 		{
 		r->top=0;
-		return(1);
+		return 1;
 		}
 
 	BN_CTX_start(ctx);
 	rr=(a != r) ? r : BN_CTX_get(ctx);
 	tmp=BN_CTX_get(ctx);
-	if (tmp == NULL) goto err;
+	if (!rr || !tmp) goto err;
 
-	max=(al+al);
+	max = 2 * al; /* Non-zero (from above) */
 	if (bn_wexpand(rr,max+1) == NULL) goto err;
 
 	if (al == 4)
@@ -138,14 +138,19 @@ int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
 #endif
 		}
 
-	rr->top=max;
 	rr->neg=0;
-	if ((max > 0) && (rr->d[max-1] == 0)) rr->top--;
+	/* If the most-significant half of the top word of 'a' is zero, then
+	 * the square of 'a' will max-1 words. */
+	if(a->d[al - 1] == (a->d[al - 1] & BN_MASK2l))
+		rr->top = max - 1;
+	else
+		rr->top = max;
 	if (rr != r) BN_copy(r,rr);
 	ret = 1;
  err:
+	if(rr) bn_check_top(rr);
+	if(tmp) bn_check_top(tmp);
 	BN_CTX_end(ctx);
-	bn_check_top(r);
 	return(ret);
 	}
 

crypto/bn/bn_sqrt.c

@@ -288,7 +288,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 		if (BN_is_zero(t))
 			{
 			/* special case: a == 0  (mod p) */
-			if (!BN_zero(ret)) goto end;
+			BN_zero(ret);
 			err = 0;
 			goto end;
 			}
@@ -301,7 +301,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 		if (BN_is_zero(x))
 			{
 			/* special case: a == 0  (mod p) */
-			if (!BN_zero(ret)) goto end;
+			BN_zero(ret);
 			err = 0;
 			goto end;
 			}

crypto/buffer/Makefile.ssl

@@ -47,7 +47,7 @@ files:
 	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
 
 links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
+	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
 	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
 	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
 	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

crypto/cast/Makefile.ssl

@@ -25,6 +25,7 @@ CAST_ENC=c_enc.o
 #CAST_ENC=asm/cx86bdsi.o
 
 CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
 
 GENERAL=Makefile
 TEST=casttest.c
@@ -70,7 +71,7 @@ files:
 	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
 
 links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
+	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
 	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
 	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
 	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

crypto/comp/Makefile.ssl

@@ -50,7 +50,7 @@ files:
 	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
 
 links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
+	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
 	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
 	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
 	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

crypto/conf/Makefile.ssl

@@ -50,7 +50,7 @@ files:
 	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
 
 links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
+	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
 	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
 	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
 	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

crypto/conf/conf_def.c

@@ -235,7 +235,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
 		CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
-	strcpy(section,"default");
+	BUF_strlcpy(section,"default",10);
 
 	if (_CONF_new_data(conf) == 0)
 		{
@@ -392,7 +392,7 @@ again:
 							ERR_R_MALLOC_FAILURE);
 				goto err;
 				}
-			strcpy(v->name,pname);
+			BUF_strlcpy(v->name,pname,strlen(pname)+1);
 			if (!str_copy(conf,psection,&(v->value),start)) goto err;
 
 			if (strcmp(psection,section) != 0)
@@ -447,7 +447,7 @@ err:
 	if (buff != NULL) BUF_MEM_free(buff);
 	if (section != NULL) OPENSSL_free(section);
 	if (line != NULL) *line=eline;
-	sprintf(btmp,"%ld",eline);
+	BIO_snprintf(btmp,sizeof btmp,"%ld",eline);
 	ERR_add_error_data(2,"line ",btmp);
 	if ((h != conf->data) && (conf->data != NULL))
 		{

crypto/conf/conf_mod.c

@@ -232,7 +232,7 @@ static int module_run(const CONF *cnf, char *name, char *value,
 			{
 			char rcode[DECIMAL_SIZE(ret)+1];
 			CONFerr(CONF_F_CONF_MODULES_LOAD, CONF_R_MODULE_INITIALIZATION_ERROR);
-			sprintf(rcode, "%-8d", ret);
+			BIO_snprintf(rcode, sizeof rcode, "%-8d", ret);
 			ERR_add_error_data(6, "module=", name, ", value=", value, ", retcode=", rcode);
 			}
 		}
@@ -561,11 +561,11 @@ char *CONF_get1_default_config_file(void)
 
 	if (!file)
 		return NULL;
-	strcpy(file,X509_get_default_cert_area());
+	BUF_strlcpy(file,X509_get_default_cert_area(),len + 1);
 #ifndef OPENSSL_SYS_VMS
-	strcat(file,"/");
+	BUF_strlcat(file,"/",len + 1);
 #endif
-	strcat(file,OPENSSL_CONF);
+	BUF_strlcat(file,OPENSSL_CONF,len + 1);
 
 	return file;
 	}
@@ -576,12 +576,12 @@ char *CONF_get1_default_config_file(void)
  * be used to parse comma separated lists for example.
  */
 
-int CONF_parse_list(const char *list, int sep, int nospc,
+int CONF_parse_list(const char *list_, int sep, int nospc,
 	int (*list_cb)(const char *elem, int len, void *usr), void *arg)
 	{
 	int ret;
 	const char *lstart, *tmpend, *p;
-	lstart = list;
+	lstart = list_;
 
 	for(;;)
 		{

crypto/crypto-lib.com

@@ -75,10 +75,12 @@ $ ENDIF
 $!
 $! Define The Different Encryption Types.
 $!
-$ ENCRYPT_TYPES = "Basic,MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,"+ -
+$ ENCRYPT_TYPES = "Basic,"+ -
+		  "OBJECTS,"+ -
+		  "MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,"+ -
 		  "DES,RC2,RC4,RC5,IDEA,BF,CAST,"+ -
 		  "BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,AES,"+ -
-		  "BUFFER,BIO,STACK,LHASH,RAND,ERR,OBJECTS,"+ -
+		  "BUFFER,BIO,STACK,LHASH,RAND,ERR,"+ -
 		  "EVP,EVP_2,ASN1,ASN1_2,PEM,X509,X509V3,"+ -
 		  "CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5,"+ -
 		  "STORE"

crypto/cversion.c

@@ -61,7 +61,9 @@
 #include "cryptlib.h"
 #include <openssl/crypto.h>
 
+#ifndef NO_WINDOWS_BRAINDEATH
 #include "buildinf.h"
+#endif
 
 const char *SSLeay_version(int t)
 	{
@@ -72,7 +74,7 @@ const char *SSLeay_version(int t)
 #ifdef DATE
 		static char buf[sizeof(DATE)+11];
 
-		sprintf(buf,"built on: %s",DATE);
+		BIO_snprintf(buf,sizeof buf,"built on: %s",DATE);
 		return(buf);
 #else
 		return("built on: date not available");
@@ -83,7 +85,7 @@ const char *SSLeay_version(int t)
 #ifdef CFLAGS
 		static char buf[sizeof(CFLAGS)+11];
 
-		sprintf(buf,"compiler: %s",CFLAGS);
+		BIO_snprintf(buf,sizeof buf,"compiler: %s",CFLAGS);
 		return(buf);
 #else
 		return("compiler: information not available");
@@ -94,7 +96,7 @@ const char *SSLeay_version(int t)
 #ifdef PLATFORM
 		static char buf[sizeof(PLATFORM)+11];
 
-		sprintf(buf,"platform: %s", PLATFORM);
+		BIO_snprintf(buf,sizeof buf,"platform: %s", PLATFORM);
 		return(buf);
 #else
 		return("platform: information not available");

crypto/des/Makefile.ssl

@@ -100,7 +100,7 @@ files:
 	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
 
 links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
+	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
 	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
 	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
 	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
@@ -196,13 +196,13 @@ ecb3_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
 ecb3_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 ecb3_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
 ecb3_enc.o: des_locl.h ecb3_enc.c
-ecb_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-ecb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-ecb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-ecb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ecb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-ecb_enc.o: ../../include/openssl/ui_compat.h des_locl.h des_ver.h ecb_enc.c
-ecb_enc.o: spr.h
+ecb_enc.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+ecb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ecb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ecb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ecb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ecb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ecb_enc.o: des_locl.h des_ver.h ecb_enc.c spr.h
 ede_cbcm_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
 ede_cbcm_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
 ede_cbcm_enc.o: ../../include/openssl/opensslconf.h

crypto/des/cfb64ede.c

@@ -140,3 +140,114 @@ void DES_ede2_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
 	DES_ede3_cfb64_encrypt(in,out,length,ks1,ks2,ks1,ivec,num,enc);
 	}
 #endif
+
+/* This is compatible with the single key CFB-r for DES, even thought that's
+ * not what EVP needs.
+ */
+
+void DES_ede3_cfb_encrypt(const unsigned char *in,unsigned char *out,
+			  int numbits,long length,DES_key_schedule *ks1,
+			  DES_key_schedule *ks2,DES_key_schedule *ks3,
+			  DES_cblock *ivec,int enc)
+	{
+	register DES_LONG d0,d1,v0,v1;
+	register unsigned long l=length,n=((unsigned int)numbits+7)/8;
+	register int num=numbits,i;
+	DES_LONG ti[2];
+	unsigned char *iv;
+	unsigned char ovec[16];
+
+	if (num > 64) return;
+	iv = &(*ivec)[0];
+	c2l(iv,v0);
+	c2l(iv,v1);
+	if (enc)
+		{
+		while (l >= n)
+			{
+			l-=n;
+			ti[0]=v0;
+			ti[1]=v1;
+			DES_encrypt3(ti,ks1,ks2,ks3);
+			c2ln(in,d0,d1,n);
+			in+=n;
+			d0^=ti[0];
+			d1^=ti[1];
+			l2cn(d0,d1,out,n);
+			out+=n;
+			/* 30-08-94 - eay - changed because l>>32 and
+			 * l<<32 are bad under gcc :-( */
+			if (num == 32)
+				{ v0=v1; v1=d0; }
+			else if (num == 64)
+				{ v0=d0; v1=d1; }
+			else
+				{
+				iv=&ovec[0];
+				l2c(v0,iv);
+				l2c(v1,iv);
+				l2c(d0,iv);
+				l2c(d1,iv);
+				/* shift ovec left most of the bits... */
+				memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0));
+				/* now the remaining bits */
+				if(num%8 != 0)
+					for(i=0 ; i < 8 ; ++i)
+						{
+						ovec[i]<<=num%8;
+						ovec[i]|=ovec[i+1]>>(8-num%8);
+						}
+				iv=&ovec[0];
+				c2l(iv,v0);
+				c2l(iv,v1);
+				}
+			}
+		}
+	else
+		{
+		while (l >= n)
+			{
+			l-=n;
+			ti[0]=v0;
+			ti[1]=v1;
+			DES_encrypt3(ti,ks1,ks2,ks3);
+			c2ln(in,d0,d1,n);
+			in+=n;
+			/* 30-08-94 - eay - changed because l>>32 and
+			 * l<<32 are bad under gcc :-( */
+			if (num == 32)
+				{ v0=v1; v1=d0; }
+			else if (num == 64)
+				{ v0=d0; v1=d1; }
+			else
+				{
+				iv=&ovec[0];
+				l2c(v0,iv);
+				l2c(v1,iv);
+				l2c(d0,iv);
+				l2c(d1,iv);
+				/* shift ovec left most of the bits... */
+				memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0));
+				/* now the remaining bits */
+				if(num%8 != 0)
+					for(i=0 ; i < 8 ; ++i)
+						{
+						ovec[i]<<=num%8;
+						ovec[i]|=ovec[i+1]>>(8-num%8);
+						}
+				iv=&ovec[0];
+				c2l(iv,v0);
+				c2l(iv,v1);
+				}
+			d0^=ti[0];
+			d1^=ti[1];
+			l2cn(d0,d1,out,n);
+			out+=n;
+			}
+		}
+	iv = &(*ivec)[0];
+	l2c(v0,iv);
+	l2c(v1,iv);
+	v0=v1=d0=d1=ti[0]=ti[1]=0;
+	}
+

crypto/des/cfb_enc.c

@@ -65,38 +65,26 @@
  * the second.  The second 12 bits will come from the 3rd and half the 4th
  * byte.
  */
+/* Until Aug 1 2003 this function did not correctly implement CFB-r, so it
+ * will not be compatible with any encryption prior to that date. Ben. */
 void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
-		     long length, DES_key_schedule *schedule, DES_cblock *ivec, int enc)
+		     long length, DES_key_schedule *schedule, DES_cblock *ivec,
+		     int enc)
 	{
-	register DES_LONG d0,d1,v0,v1,n=(numbits+7)/8;
-	register DES_LONG mask0,mask1;
+	register DES_LONG d0,d1,v0,v1;
 	register unsigned long l=length;
-	register int num=numbits;
+	register int num=numbits,n=(numbits+7)/8,i;
 	DES_LONG ti[2];
 	unsigned char *iv;
+	unsigned char ovec[16];
 
 	if (num > 64) return;
-	if (num > 32)
-		{
-		mask0=0xffffffffL;
-		if (num == 64)
-			mask1=mask0;
-		else	mask1=(1L<<(num-32))-1;
-		}
-	else
-		{
-		if (num == 32)
-			mask0=0xffffffffL;
-		else	mask0=(1L<<num)-1;
-		mask1=0x00000000L;
-		}
-
 	iv = &(*ivec)[0];
 	c2l(iv,v0);
 	c2l(iv,v1);
 	if (enc)
 		{
-		while (l >= n)
+		while (l >= (unsigned long)n)
 			{
 			l-=n;
 			ti[0]=v0;
@@ -104,8 +92,8 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
 			DES_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT);
 			c2ln(in,d0,d1,n);
 			in+=n;
-			d0=(d0^ti[0])&mask0;
-			d1=(d1^ti[1])&mask1;
+			d0^=ti[0];
+			d1^=ti[1];
 			l2cn(d0,d1,out,n);
 			out+=n;
 			/* 30-08-94 - eay - changed because l>>32 and
@@ -114,21 +102,31 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
 				{ v0=v1; v1=d0; }
 			else if (num == 64)
 				{ v0=d0; v1=d1; }
-			else if (num > 32) /* && num != 64 */
+			else
 				{
-				v0=((v1>>(num-32))|(d0<<(64-num)))&0xffffffffL;
-				v1=((d0>>(num-32))|(d1<<(64-num)))&0xffffffffL;
-				}
-			else /* num < 32 */
-				{
-				v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL;
-				v1=((v1>>num)|(d0<<(32-num)))&0xffffffffL;
+				iv=&ovec[0];
+				l2c(v0,iv);
+				l2c(v1,iv);
+				l2c(d0,iv);
+				l2c(d1,iv);
+				/* shift ovec left most of the bits... */
+				memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0));
+				/* now the remaining bits */
+				if(num%8 != 0)
+					for(i=0 ; i < 8 ; ++i)
+						{
+						ovec[i]<<=num%8;
+						ovec[i]|=ovec[i+1]>>(8-num%8);
+						}
+				iv=&ovec[0];
+				c2l(iv,v0);
+				c2l(iv,v1);
 				}
 			}
 		}
 	else
 		{
-		while (l >= n)
+		while (l >= (unsigned long)n)
 			{
 			l-=n;
 			ti[0]=v0;
@@ -142,18 +140,28 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
 				{ v0=v1; v1=d0; }
 			else if (num == 64)
 				{ v0=d0; v1=d1; }
-			else if (num > 32) /* && num != 64 */
+			else
 				{
-				v0=((v1>>(num-32))|(d0<<(64-num)))&0xffffffffL;
-				v1=((d0>>(num-32))|(d1<<(64-num)))&0xffffffffL;
+				iv=&ovec[0];
+				l2c(v0,iv);
+				l2c(v1,iv);
+				l2c(d0,iv);
+				l2c(d1,iv);
+				/* shift ovec left most of the bits... */
+				memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0));
+				/* now the remaining bits */
+				if(num%8 != 0)
+					for(i=0 ; i < 8 ; ++i)
+						{
+						ovec[i]<<=num%8;
+						ovec[i]|=ovec[i+1]>>(8-num%8);
+						}
+				iv=&ovec[0];
+				c2l(iv,v0);
+				c2l(iv,v1);
 				}
-			else /* num < 32 */
-				{
-				v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL;
-				v1=((v1>>num)|(d0<<(32-num)))&0xffffffffL;
-				}
-			d0=(d0^ti[0])&mask0;
-			d1=(d1^ti[1])&mask1;
+			d0^=ti[0];
+			d1^=ti[1];
 			l2cn(d0,d1,out,n);
 			out+=n;
 			}

crypto/des/des.h

@@ -187,6 +187,10 @@ void DES_ede3_cfb64_encrypt(const unsigned char *in,unsigned char *out,
 			    long length,DES_key_schedule *ks1,
 			    DES_key_schedule *ks2,DES_key_schedule *ks3,
 			    DES_cblock *ivec,int *num,int enc);
+void DES_ede3_cfb_encrypt(const unsigned char *in,unsigned char *out,
+			  int numbits,long length,DES_key_schedule *ks1,
+			  DES_key_schedule *ks2,DES_key_schedule *ks3,
+			  DES_cblock *ivec,int enc);
 void DES_ede3_ofb64_encrypt(const unsigned char *in,unsigned char *out,
 			    long length,DES_key_schedule *ks1,
 			    DES_key_schedule *ks2,DES_key_schedule *ks3,

crypto/des/ecb_enc.c

@@ -60,6 +60,7 @@
 #include "des_ver.h"
 #include "spr.h"
 #include <openssl/opensslv.h>
+#include <openssl/bio.h>
 
 OPENSSL_GLOBAL const char *libdes_version="libdes" OPENSSL_VERSION_PTEXT;
 OPENSSL_GLOBAL const char *DES_version="DES" OPENSSL_VERSION_PTEXT;
@@ -97,7 +98,8 @@ const char *DES_options(void)
 			size="int";
 		else
 			size="long";
-		sprintf(buf,"des(%s,%s,%s,%s)",ptr,risc,unroll,size);
+		BIO_snprintf(buf,sizeof buf,"des(%s,%s,%s,%s)",ptr,risc,unroll,
+			     size);
 		init=0;
 		}
 	return(buf);

crypto/dh/Makefile.ssl

@@ -47,7 +47,7 @@ files:
 	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
 
 links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
+	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
 	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
 	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
 	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

crypto/dsa/Makefile.ssl

@@ -49,7 +49,7 @@ files:
 	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
 
 links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
+	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
 	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
 	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
 	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

crypto/dso/Makefile.ssl

@@ -49,7 +49,7 @@ files:
 	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
 
 links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
+	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
 	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
 	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
 	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

crypto/dso/dso_lib.c

@@ -383,7 +383,7 @@ int DSO_set_filename(DSO *dso, const char *filename)
 		DSOerr(DSO_F_DSO_SET_FILENAME,ERR_R_MALLOC_FAILURE);
 		return(0);
 		}
-	strcpy(copied, filename);
+	BUF_strlcpy(copied, filename, strlen(filename) + 1);
 	if(dso->filename)
 		OPENSSL_free(dso->filename);
 	dso->filename = copied;
@@ -449,7 +449,7 @@ char *DSO_convert_filename(DSO *dso, const char *filename)
 					ERR_R_MALLOC_FAILURE);
 			return(NULL);
 			}
-		strcpy(result, filename);
+		BUF_strlcpy(result, filename, strlen(filename) + 1);
 		}
 	return(result);
 	}

crypto/ec/Makefile.ssl

@@ -52,7 +52,7 @@ files:
 	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
 
 links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
+	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
 	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
 	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
 	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

crypto/ec/ec.h

@@ -84,6 +84,10 @@
 
 #ifdef  __cplusplus
 extern "C" {
+#elif defined(__SUNPRO_C)
+# if __SUNPRO_C >= 0x520
+# pragma error_messages (off,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
+# endif
 #endif
 
 
@@ -501,5 +505,9 @@ void ERR_load_EC_strings(void);
 
 #ifdef  __cplusplus
 }
+#elif defined(__SUNPRO_C)
+# if __SUNPRO_C >= 0x520
+# pragma error_messages (default,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
+# endif
 #endif
 #endif

crypto/ec/ec2_mult.c

@@ -155,8 +155,8 @@ static int gf2m_Mxy(const EC_GROUP *group, const BIGNUM *x, const BIGNUM *y, BIG
 	
 	if (BN_is_zero(z1))
 		{
-		if (!BN_zero(x2)) return 0;
-		if (!BN_zero(z2)) return 0;
+		BN_zero(x2);
+		BN_zero(z2);
 		return 1;
 		}
 	

crypto/ec/ec2_smpl.c

@@ -335,7 +335,8 @@ int ec_GF2m_simple_point_copy(EC_POINT *dest, const EC_POINT *src)
 int ec_GF2m_simple_point_set_to_infinity(const EC_GROUP *group, EC_POINT *point)
 	{
 	point->Z_is_one = 0;
-	return (BN_zero(&point->Z));
+	BN_zero(&point->Z);
+	return 1;
 	}
 
 
@@ -574,7 +575,7 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
 		}
 	form = buf[0];
 	y_bit = form & 1;
-	form = form & ~1;
+	form = form & ~1U;
 	if ((form != 0)	&& (form != POINT_CONVERSION_COMPRESSED)
 		&& (form != POINT_CONVERSION_UNCOMPRESSED)
 		&& (form != POINT_CONVERSION_HYBRID))

crypto/ec/ec_curve.c

@@ -981,6 +981,31 @@ static const EC_CURVE_DATA _EC_WTLS_1 = {
 	"113 bit binary curve from the WTLS standard"
 	};
 
+/* IPSec curves */
+static const EC_CURVE_DATA _EC_IPSEC_155_ID3 = {
+	NID_X9_62_characteristic_two_field,
+	"0800000000000000000000004000000000000001",
+	"0",
+	"07338f",
+	"7b",
+	"1c8",
+	"2AAAAAAAAAAAAAAAAAAC7F3C7881BD0868FA86C",3,
+	NULL, 0,
+	"IPSec/IKE/Oakley curve #3 over a 155 bit binary field"
+	};
+
+static const EC_CURVE_DATA _EC_IPSEC_185_ID4 = {
+	NID_X9_62_characteristic_two_field,
+	"020000000000000000000000000000200000000000000001",
+	"0",
+	"1ee9",
+	"18",
+	"0d",
+	"FFFFFFFFFFFFFFFFFFFFFFEDF97C44DB9F2420BAFCA75E",2,
+	NULL, 0,
+	"IPSec/IKE/Oakley curve #4 over a 185 bit binary field"
+	};
+
 typedef struct _ec_list_element_st {
 	int	nid;
 	const EC_CURVE_DATA *data;
@@ -1061,6 +1086,9 @@ static const ec_list_element curve_list[] = {
 	{ NID_wap_wsg_idm_ecid_wtls10, &_EC_SECG_CHAR2_233K1},
 	{ NID_wap_wsg_idm_ecid_wtls11, &_EC_SECG_CHAR2_233R1},
 	{ NID_wap_wsg_idm_ecid_wtls12, &_EC_WTLS_12},
+	/* IPSec curves */
+	{ NID_ipsec3, &_EC_IPSEC_155_ID3},
+	{ NID_ipsec4, &_EC_IPSEC_185_ID4},
 };
 
 static size_t curve_list_length = sizeof(curve_list)/sizeof(ec_list_element);

crypto/ec/ec_lcl.h

@@ -75,6 +75,11 @@
 #include <openssl/obj_mac.h>
 #include <openssl/ec.h>
 
+#if defined(__SUNPRO_C)
+# if __SUNPRO_C >= 0x520
+# pragma error_messages (off,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
+# endif
+#endif
 
 /* Structure details are not part of the exported interface,
  * so all this may change in future versions. */

crypto/ec/ec_lib.c

@@ -299,12 +299,12 @@ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIG
 	if (order != NULL)
 		{ if (!BN_copy(&group->order, order)) return 0; }	
 	else
-		{ if (!BN_zero(&group->order)) return 0; }	
+		BN_zero(&group->order);
 
 	if (cofactor != NULL)
 		{ if (!BN_copy(&group->cofactor, cofactor)) return 0; }	
 	else
-		{ if (!BN_zero(&group->cofactor)) return 0; }	
+		BN_zero(&group->cofactor);
 
 	return 1;
 	}

crypto/ec/ecp_smpl.c

@@ -385,7 +385,8 @@ int ec_GFp_simple_point_copy(EC_POINT *dest, const EC_POINT *src)
 int ec_GFp_simple_point_set_to_infinity(const EC_GROUP *group, EC_POINT *point)
 	{
 	point->Z_is_one = 0;
-	return (BN_zero(&point->Z));
+	BN_zero(&point->Z);
+	return 1;
 	}
 
 
@@ -901,7 +902,7 @@ int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
 		}
 	form = buf[0];
 	y_bit = form & 1;
-	form = form & ~1;
+	form = form & ~1U;
 	if ((form != 0)	&& (form != POINT_CONVERSION_COMPRESSED)
 		&& (form != POINT_CONVERSION_UNCOMPRESSED)
 		&& (form != POINT_CONVERSION_HYBRID))
@@ -1093,7 +1094,7 @@ int ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, con
 		else
 			{
 			/* a is the inverse of b */
-			if (!BN_zero(&r->Z)) goto end;
+			BN_zero(&r->Z);
 			r->Z_is_one = 0;
 			ret = 1;
 			goto end;
@@ -1169,7 +1170,7 @@ int ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_
 	
 	if (EC_POINT_is_at_infinity(group, a))
 		{
-		if (!BN_zero(&r->Z)) return 0;
+		BN_zero(&r->Z);
 		r->Z_is_one = 0;
 		return 1;
 		}

crypto/ecdsa/ecdsa.h

@@ -1,6 +1,10 @@
 /* crypto/ecdsa/ecdsa.h */
+/**
+ * \file   crypto/ecdsa/ecdsa.h Include file for the OpenSSL ECDSA functions
+ * \author Written by Nils Larsch for the OpenSSL project
+ */
 /* ====================================================================
- * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2000-2003 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -96,7 +100,7 @@ typedef struct ecdsa_data_st {
 	/* EC_KEY_METH_DATA part */
 	int (*init)(EC_KEY *);
 	void (*finish)(EC_KEY *);
-	/* method specific part */
+	/* method (ECDSA) specific part */
 	BIGNUM	*kinv;	/* signing pre-calc */
 	BIGNUM	*r;	/* signing pre-calc */
 	ENGINE	*engine;
@@ -105,38 +109,157 @@ typedef struct ecdsa_data_st {
 	CRYPTO_EX_DATA ex_data;
 } ECDSA_DATA; 
 
-/* signature functions */
+/** ECDSA_SIG *ECDSA_SIG_new(void)
+ * allocates and initialize a ECDSA_SIG structure
+ * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
+ */
 ECDSA_SIG *ECDSA_SIG_new(void);
+
+/** ECDSA_SIG_free
+ * frees a ECDSA_SIG structure
+ * \param a pointer to the ECDSA_SIG structure
+ */
 void	  ECDSA_SIG_free(ECDSA_SIG *a);
+
+/** i2d_ECDSA_SIG
+ * DER encode content of ECDSA_SIG object (note: this function modifies *pp
+ * (*pp += length of the DER encoded signature)).
+ * \param a  pointer to the ECDSA_SIG object
+ * \param pp pointer to a unsigned char pointer for the output or NULL
+ * \return the length of the DER encoded ECDSA_SIG object or 0 
+ */
 int	  i2d_ECDSA_SIG(const ECDSA_SIG *a, unsigned char **pp);
-ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **v, const unsigned char **pp, long length);
 
-/* ECDSA_DATA functions */
+/** d2i_ECDSA_SIG
+ * decodes a DER encoded ECDSA signature (note: this function changes *pp
+ * (*pp += len)). 
+ * \param v pointer to ECDSA_SIG pointer (may be NULL)
+ * \param pp buffer with the DER encoded signature
+ * \param len bufferlength
+ * \return pointer to the decoded ECDSA_SIG structure (or NULL)
+ */
+ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **v, const unsigned char **pp, long len);
+
+/** ECDSA_DATA_new
+ * creates a new ECDSA_DATA object
+ * \return pointer to a newly allocated (and initialized) ECDSA_DATA object
+ */
 ECDSA_DATA *ECDSA_DATA_new(void);
-ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *);
-void ECDSA_DATA_free(ECDSA_DATA *);
 
-ECDSA_DATA *ecdsa_check(EC_KEY *);
+/** ECDSA_DATA_new_method
+ * creates a new ECDSA_DATA object using a specified ENGINE
+ * \param eng pointer to a ENGINE structure
+ * \return pointer to a newly allocated (and initialized) ECDSA_DATA object
+ */
+ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *eng);
 
-ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len, EC_KEY *);
+/** ECDSA_DATA_free
+ * frees ECDSA_DATA structure
+ * \param data pointer to a ECDSA_DATA structure
+ */
+void ECDSA_DATA_free(ECDSA_DATA *data);
+
+/** ecdsa_check
+ * checks whether ECKEY->meth_data is a pointer to a ECDSA_DATA structure
+ * and if not it removes the old meth_data and creates a ECDSA_DATA structure.
+ * \param  eckey pointer to a EC_KEY object
+ * \return pointer to a ECDSA_DATA structure
+ */
+ECDSA_DATA *ecdsa_check(EC_KEY *eckey);
+
+/** ECDSA_do_sign
+ * computes the ECDSA signature of the given hash value using
+ * the supplied private key and returns the created signature.
+ * \param dgst pointer to the hash value
+ * \param dgst_len length of the hash value
+ * \param eckey pointer to the EC_KEY object containing a private EC key
+ * \return pointer to a ECDSA_SIG structure or NULL
+ */
+ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst,int dgst_len,EC_KEY *eckey);
+
+/** ECDSA_do_verify
+ * verifies that the supplied signature is a valid ECDSA
+ * signature of the supplied hash value using the supplied public key.
+ * \param dgst pointer to the hash value
+ * \param dgst_len length of the hash value
+ * \param sig  pointer to the ECDSA_SIG structure
+ * \param eckey pointer to the EC_KEY object containing a public EC key
+ * \return 1 if the signature is valid, 0 if the signature is invalid and -1 on error
+ */
 int	  ECDSA_do_verify(const unsigned char *dgst, int dgst_len, ECDSA_SIG 
 		*sig, EC_KEY* eckey);
 
 const ECDSA_METHOD *ECDSA_OpenSSL(void);
 
-void	  ECDSA_set_default_method(const ECDSA_METHOD *);
-const ECDSA_METHOD *ECDSA_get_default_method(void);
-int 	  ECDSA_set_method(EC_KEY *, const ECDSA_METHOD *);
+/** ECDSA_set_default_method
+ * sets the default ECDSA method
+ * \param meth the new default ECDSA_METHOD
+ */
+void	  ECDSA_set_default_method(const ECDSA_METHOD *meth);
 
-int	  ECDSA_size(const EC_KEY *);
+/** ECDSA_get_default_method
+ * returns the default ECDSA method
+ * \return pointer to ECDSA_METHOD structure containing the default method
+ */
+const ECDSA_METHOD *ECDSA_get_default_method(void);
+
+/** ECDSA_set_method
+ * sets method to be used for the ECDSA operations
+ * \param eckey pointer to the EC_KEY object
+ * \param meth  pointer to the new method
+ * \return 1 on success and 0 otherwise 
+ */
+int 	  ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth);
+
+/** ECDSA_size
+ * returns the maximum length of the DER encoded signature
+ * \param  eckey pointer to a EC_KEY object
+ * \return numbers of bytes required for the DER encoded signature
+ */
+int	  ECDSA_size(const EC_KEY *eckey);
+
+/** ECDSA_sign_setup
+ * precompute parts of the signing operation (the computed values may be
+ * passed to ECDSA_DATA->kinv and ECDSA_DATA->r for a later signature
+ * computation).
+ * \param eckey pointer to the EC_KEY object containing a private EC key
+ * \param ctx  pointer to a BN_CTX object (may be NULL)
+ * \param kinv pointer to a BIGNUM pointer for the inverse of k
+ * \param rp   pointer to a BIGNUM pointer for x coordinate of k * generator
+ * \return 1 on success and 0 otherwise
+ */
 int 	  ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, 
 		BIGNUM **rp);
-int	  ECDSA_sign(int type, const unsigned char *dgst, int dgst_len, 
+
+/** ECDSA_sign
+ * computes ECDSA signature of a given hash value using the supplied
+ * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
+ * \param type this parameter is ignored
+ * \param dgst pointer to the hash value to sign
+ * \param dgstlen length of the hash value
+ * \param sig buffer to hold the DER encoded signature
+ * \param siglen pointer to the length of the returned signature
+ * \param eckey pointer to the EC_KEY object containing a private EC key
+ * \return 1 on success and 0 otherwise
+ */
+int	  ECDSA_sign(int type, const unsigned char *dgst, int dgstlen, 
 		unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
-int 	  ECDSA_verify(int type, const unsigned char *dgst, int dgst_len, 
-		const unsigned char *sig, int sig_len, EC_KEY *eckey);
 
+/** ECDSA_verify
+ * verifies that the given signature is valid ECDSA signature
+ * of the supplied hash value using the specified public key.
+ * \param type this parameter is ignored
+ * \param dgst pointer to the hash value 
+ * \param dgstlen length of the hash value
+ * \param sig  pointer to the DER encoded signature
+ * \param siglen length of the DER encoded signature
+ * \param eckey pointer to the EC_KEY object containing a public EC key
+ * \return 1 if the signature is valid, 0 if the signature is invalid and -1 on error
+ */
+int 	  ECDSA_verify(int type, const unsigned char *dgst, int dgstlen, 
+		const unsigned char *sig, int siglen, EC_KEY *eckey);
 
+/* the standard ex_data functions */
 int 	  ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new 
 		*new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
 int 	  ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg);

crypto/ecdsa/ecdsatest.c

@@ -331,6 +331,8 @@ int test_builtin(BIO *out)
 		unsigned char dirt, offset;
 
 		nid = curves[n].nid;
+		if (nid == NID_ipsec4)
+			continue;
 		/* create new ecdsa key (== EC_KEY) */
 		if ((eckey = EC_KEY_new()) == NULL)
 			goto builtin_err;

crypto/ecdsa/ecs_ossl.c

@@ -1,6 +1,9 @@
 /* crypto/ecdsa/ecs_ossl.c */
+/*
+ * Written by Nils Larsch for the OpenSSL project
+ */
 /* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2004 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -86,49 +89,43 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
 		BIGNUM **rp)
 {
 	BN_CTX   *ctx = NULL;
-	BIGNUM	 k,*kinv=NULL,*r=NULL,*order=NULL,*X=NULL;
+	BIGNUM	 *k = NULL, *r = NULL, *order = NULL, *X = NULL;
 	EC_POINT *tmp_point=NULL;
+	EC_GROUP *group;
 	int 	 ret = 0;
 	if (!eckey  || !eckey->group || !eckey->pub_key || !eckey->priv_key)
 	{
 		ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_PASSED_NULL_PARAMETER);
 		return 0;
 	}
-
-	BN_init(&k);
+	group = eckey->group;
 
 	if (ctx_in == NULL) 
 	{
-		if ((ctx=BN_CTX_new()) == NULL)
+		if ((ctx = BN_CTX_new()) == NULL)
 		{
-		ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_MALLOC_FAILURE);
-		goto err;
+			ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,ERR_R_MALLOC_FAILURE);
+			return 0;
 		}
 	}
 	else
-		ctx=ctx_in;
+		ctx = ctx_in;
 
-	if ((r = BN_new()) == NULL)
+	k     = BN_new();	/* this value is later returned in *kinvp */
+	r     = BN_new();	/* this value is later returned in *rp    */
+	order = BN_new();
+	X     = BN_new();
+	if (!k || !r || !order || !X)
 	{
-		ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
-		goto err;	
+		ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_MALLOC_FAILURE);
+		goto err;
 	}
-	if ((order = BN_new()) == NULL)
-	{
-		ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
-		goto err;	
-	}
-	if ((X = BN_new()) == NULL)
-	{
-		ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
-		goto err;	
-	}
-	if ((tmp_point = EC_POINT_new(eckey->group)) == NULL)
+	if ((tmp_point = EC_POINT_new(group)) == NULL)
 	{
 		ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
 		goto err;
 	}
-	if (!EC_GROUP_get_order(eckey->group,order,ctx))
+	if (!EC_GROUP_get_order(group, order, ctx))
 	{
 		ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
 		goto err;
@@ -138,42 +135,39 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
 	{
 		/* get random k */	
 		do
-			if (!BN_rand_range(&k,order))
+			if (!BN_rand_range(k, order))
 			{
 				ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,
 				 ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED);	
 				goto err;
 			}
-		while (BN_is_zero(&k));
+		while (BN_is_zero(k));
 
 		/* compute r the x-coordinate of generator * k */
-		if (!EC_POINT_mul(eckey->group, tmp_point, &k, NULL, NULL, ctx))
+		if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx))
 		{
 			ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
 			goto err;
 		}
-		if (EC_METHOD_get_field_type(EC_GROUP_method_of(eckey->group))
-			== NID_X9_62_prime_field)
+		if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field)
 		{
-			if (!EC_POINT_get_affine_coordinates_GFp(eckey->group,
+			if (!EC_POINT_get_affine_coordinates_GFp(group,
 				tmp_point, X, NULL, ctx))
 			{
-				ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,
-					ERR_R_EC_LIB);
+				ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,ERR_R_EC_LIB);
 				goto err;
 			}
 		}
 		else /* NID_X9_62_characteristic_two_field */
 		{
-			if (!EC_POINT_get_affine_coordinates_GF2m(eckey->group,
+			if (!EC_POINT_get_affine_coordinates_GF2m(group,
 				tmp_point, X, NULL, ctx))
 			{
-				ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,
-					ERR_R_EC_LIB);
+				ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,ERR_R_EC_LIB);
 				goto err;
 			}
 		}
-		if (!BN_nnmod(r,X,order,ctx))
+		if (!BN_nnmod(r, X, order, ctx))
 		{
 			ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
 			goto err;
@@ -182,36 +176,34 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
 	while (BN_is_zero(r));
 
 	/* compute the inverse of k */
-	if ((kinv = BN_mod_inverse(NULL,&k,order,ctx)) == NULL)
+	if (!BN_mod_inverse(k, k, order, ctx))
 	{
 		ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
 		goto err;	
 	}
-
-	if (*rp == NULL)
+	/* clear old values if necessary */
+	if (*rp != NULL)
 		BN_clear_free(*rp);
-	*rp = r;
-	if (*kinvp == NULL) 
+	if (*kinvp != NULL) 
 		BN_clear_free(*kinvp);
-	*kinvp = kinv;
-	kinv = NULL;
+	/* save the pre-computed values  */
+	*rp    = r;
+	*kinvp = k;
 	ret = 1;
 err:
 	if (!ret)
 	{
-		if (kinv != NULL) BN_clear_free(kinv);
+		if (k != NULL) BN_clear_free(k);
 		if (r != NULL) BN_clear_free(r);
 	}
 	if (ctx_in == NULL) 
 		BN_CTX_free(ctx);
-	if (kinv != NULL)
-		BN_clear_free(kinv);
 	if (order != NULL)
-		BN_clear_free(order);
+		BN_free(order);
 	if (tmp_point != NULL) 
 		EC_POINT_free(tmp_point);
-	if (X)	BN_clear_free(X);
-	BN_clear_free(&k);
+	if (X)
+		BN_clear_free(X);
 	return(ret);
 }
 
@@ -219,32 +211,38 @@ err:
 static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len, 
 		EC_KEY *eckey)
 {
-	BIGNUM *kinv=NULL,*r=NULL,*s=NULL,*m=NULL,*tmp=NULL,*order=NULL;
-	BIGNUM xr;
-	BN_CTX *ctx=NULL;
-	ECDSA_SIG *ret=NULL;
+	int     ok = 0;
+	BIGNUM *kinv=NULL, *r, *s, *m=NULL,*tmp=NULL,*order=NULL;
+	BN_CTX     *ctx = NULL;
+	EC_GROUP   *group;
+	ECDSA_SIG  *ret;
 	ECDSA_DATA *ecdsa;
 
-	BN_init(&xr);
-
 	ecdsa = ecdsa_check(eckey);
 
-	if (!eckey || !eckey->group || !eckey->pub_key || !eckey->priv_key 
-		|| !ecdsa)
+	if (!eckey->group || !eckey->pub_key || !eckey->priv_key || !ecdsa)
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER);
-		goto err;
+		return NULL;
 	}
 
+	group = eckey->group;
+	ret = ECDSA_SIG_new();
+	if (!ret)
+	{
+		ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
+		return NULL;
+	}
+	s = ret->s;
+
 	if ((ctx = BN_CTX_new()) == NULL || (order = BN_new()) == NULL ||
-		(tmp = BN_new()) == NULL || (m = BN_new()) == NULL ||
-		(s = BN_new()) == NULL )
+		(tmp = BN_new()) == NULL || (m = BN_new()) == NULL)
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
 		goto err;
 	}
 
-	if (!EC_GROUP_get_order(eckey->group,order,ctx))
+	if (!EC_GROUP_get_order(group, order, ctx))
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB);
 		goto err;
@@ -256,7 +254,7 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
 		goto err;
 	}
 
-	if (BN_bin2bn(dgst,dgst_len,m) == NULL)
+	if (!BN_bin2bn(dgst, dgst_len, m))
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
 		goto err;
@@ -265,34 +263,34 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
 	{
 		if (ecdsa->kinv == NULL || ecdsa->r == NULL)
 		{
-			if (!ECDSA_sign_setup(eckey,ctx,&kinv,&r))
+			if (!ECDSA_sign_setup(eckey, ctx, &kinv, &ret->r))
 			{
-				ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,
-					ERR_R_ECDSA_LIB);
+				ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,ERR_R_ECDSA_LIB);
 				goto err;
 			}
+			r = ret->r;
 		}
 		else
 		{
-			kinv = ecdsa->kinv;
+			BN_free(ret->r);
+			kinv   = ecdsa->kinv;
+			r      = ecdsa->r;
+			ret->r = r;
 			ecdsa->kinv = NULL;
-			r = ecdsa->r;
-			ecdsa->r = NULL;
+			ecdsa->r    = NULL;
 		}
 
-		if (!BN_mod_mul(tmp,eckey->priv_key,r,order,ctx))
+		if (!BN_mod_mul(tmp, eckey->priv_key, r, order, ctx))
 		{
 			ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
 			goto err;
 		}
-		if (!BN_add(s,tmp,m))
+		if (!BN_mod_add_quick(s, tmp, m, order))
 		{
 			ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
 			goto err;
 		}
-		if (BN_cmp(s,order) > 0)
-			BN_sub(s,s,order);
-		if (!BN_mod_mul(s,s,kinv,order,ctx))
+		if (!BN_mod_mul(s, s, kinv, order, ctx))
 		{
 			ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
 			goto err;
@@ -300,23 +298,13 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
 	}
 	while (BN_is_zero(s));
 
-	if ((ret = ECDSA_SIG_new()) == NULL)
-	{
-		ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	if (BN_copy(ret->r, r) == NULL || BN_copy(ret->s, s) == NULL)
+	ok = 1;
+err:
+	if (!ok)
 	{
 		ECDSA_SIG_free(ret);
 		ret = NULL;
-		ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
 	}
-	
-err:
-	if (r)
-		BN_clear_free(r);
-	if (s)
-		BN_clear_free(s);
 	if (ctx)
 		BN_CTX_free(ctx);
 	if (m)
@@ -324,92 +312,99 @@ err:
 	if (tmp)
 		BN_clear_free(tmp);
 	if (order)
-		BN_clear_free(order);
+		BN_free(order);
 	if (kinv)
 		BN_clear_free(kinv);
-	return(ret);
+	return ret;
 }
 
 static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
 		ECDSA_SIG *sig, EC_KEY *eckey)
 {
-	BN_CTX *ctx;
-	BIGNUM *order=NULL,*u1=NULL,*u2=NULL,*m=NULL,*X=NULL;
-	EC_POINT *point=NULL;
 	int ret = -1;
+	BN_CTX   *ctx;
+	BIGNUM   *order, *u1, *u2, *m, *X;
+	EC_POINT *point = NULL;
+	EC_GROUP *group;
+	/* check input values */
 	if (!eckey || !eckey->group || !eckey->pub_key || !sig)
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_MISSING_PARAMETERS);
 		return -1;
 	}
 
-	if ((ctx = BN_CTX_new()) == NULL || (order = BN_new()) == NULL ||
-		(u1 = BN_new()) == NULL || (u2 = BN_new()) == NULL ||
-		(m  = BN_new()) == NULL || (X  = BN_new()) == NULL)
+	group = eckey->group;
+
+	ctx = BN_CTX_new();
+	if (!ctx)
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
-		goto err;
+		return -1;
 	}
-	if (!EC_GROUP_get_order(eckey->group, order, ctx))
+	BN_CTX_start(ctx);
+	order = BN_CTX_get(ctx);	
+	u1    = BN_CTX_get(ctx);
+	u2    = BN_CTX_get(ctx);
+	m     = BN_CTX_get(ctx);
+	X     = BN_CTX_get(ctx);
+	if (!X)
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
 		goto err;
 	}
-
-	if (BN_is_zero(sig->r) || BN_get_sign(sig->r) ||
-	    BN_ucmp(sig->r, order) >= 0)
+	
+	if (!EC_GROUP_get_order(group, order, ctx))
 	{
-		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_BAD_SIGNATURE);
-		ret = 0;
-		goto err;
-	}
-	if (BN_is_zero(sig->s) || BN_get_sign(sig->s) ||
-	    BN_ucmp(sig->s, order) >= 0)
-	{
-		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_BAD_SIGNATURE);
-		ret = 0;
+		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
 		goto err;
 	}
 
+	if (BN_is_zero(sig->r)          || BN_get_sign(sig->r) || 
+	    BN_ucmp(sig->r, order) >= 0 || BN_is_zero(sig->s)  ||
+	    BN_get_sign(sig->s)         || BN_ucmp(sig->s, order) >= 0)
+	{
+		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_BAD_SIGNATURE);
+		ret = 0;	/* signature is invalid */
+		goto err;
+	}
 	/* calculate tmp1 = inv(S) mod order */
-	if ((BN_mod_inverse(u2,sig->s,order,ctx)) == NULL)
+	if (!BN_mod_inverse(u2, sig->s, order, ctx))
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
 		goto err;
 	}
 	/* digest -> m */
-	if (BN_bin2bn(dgst,dgst_len,m) == NULL)
+	if (!BN_bin2bn(dgst, dgst_len, m))
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
 		goto err;
 	}
 	/* u1 = m * tmp mod order */
-	if (!BN_mod_mul(u1,m,u2,order,ctx))
+	if (!BN_mod_mul(u1, m, u2, order, ctx))
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
 		goto err;
 	}
 	/* u2 = r * w mod q */
-	if (!BN_mod_mul(u2,sig->r,u2,order,ctx))
+	if (!BN_mod_mul(u2, sig->r, u2, order, ctx))
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
 		goto err;
 	}
 
-	if ((point = EC_POINT_new(eckey->group)) == NULL)
+	if ((point = EC_POINT_new(group)) == NULL)
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
 		goto err;
 	}
-	if (!EC_POINT_mul(eckey->group, point, u1, eckey->pub_key, u2, ctx))
+	if (!EC_POINT_mul(group, point, u1, eckey->pub_key, u2, ctx))
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
 		goto err;
 	}
-	if (EC_METHOD_get_field_type(EC_GROUP_method_of(eckey->group))
-		== NID_X9_62_prime_field) 
+	if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field)
 	{
-		if (!EC_POINT_get_affine_coordinates_GFp(eckey->group,
+		if (!EC_POINT_get_affine_coordinates_GFp(group,
 			point, X, NULL, ctx))
 		{
 			ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
@@ -418,7 +413,7 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
 	}
 	else /* NID_X9_62_characteristic_two_field */
 	{
-		if (!EC_POINT_get_affine_coordinates_GF2m(eckey->group,
+		if (!EC_POINT_get_affine_coordinates_GF2m(group,
 			point, X, NULL, ctx))
 		{
 			ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
@@ -426,30 +421,17 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
 		}
 	}
 	
-	if (!BN_nnmod(u1,X,order,ctx))
+	if (!BN_nnmod(u1, X, order, ctx))
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
 		goto err;
 	}
-
-	/*  is now in u1.  If the signature is correct, it will be
-	 * equal to R. */
-	ret = (BN_ucmp(u1,sig->r) == 0);
-
-	err:
-	if (ctx)
-		BN_CTX_free(ctx);
-	if (u1)
-		BN_clear_free(u1);
-	if (u2)
-		BN_clear_free(u2);
-	if (m)
-		BN_clear_free(m);
-	if (X)
-		BN_clear_free(X);
-	if (order)
-		BN_clear_free(order);
+	/*  if the signature is correct u1 is equal to sig->r */
+	ret = (BN_ucmp(u1, sig->r) == 0);
+err:
+	BN_CTX_end(ctx);
+	BN_CTX_free(ctx);
 	if (point)
 		EC_POINT_free(point);
-	return(ret);
+	return ret;
 }

crypto/engine/Makefile.ssl

@@ -55,7 +55,7 @@ files:
 	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
 
 links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
+	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
 	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
 	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
 	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

crypto/engine/eng_cryptodev.c

@@ -12,9 +12,6 @@
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the author nor the names of contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
  *
  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY
  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
@@ -875,7 +872,6 @@ cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 		goto err;
 	}
 
-	printf("bar\n");
 	memset(&kop, 0, sizeof kop);
 	kop.crk_op = CRK_DSA_SIGN;