Add BSD-ppc85xx support and avoid copying overlapping buffers in fips_dssvs.c

update CHANGES
Add support for Windows CE and C64+ to FIPS module.
2012-10-14 12:02:53 +00:00 · 2012-10-04 14:10:12 +00:00 · 2012-10-04 13:27:11 +00:00 · 2012-05-23 17:07:25 +00:00 · 2012-05-23 17:07:24 +00:00
9 changed files with 19 additions and 33 deletions
--- a/4
+++ b/4
@@ -463,8 +463,8 @@ my %table=(
 "aix64-gcc","gcc:-maix64 -O -DB_ENDIAN::-pthread:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:${ppc64_asm}:aix64:dlfcn:aix-shared::-maix64 -shared -Wl,-G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X64",
 # Below targets assume AIX 5. Idea is to effectively disregard $OBJECT_MODE
 # at build time. $OBJECT_MODE is respected at ./config stage!
-"aix-cc",   "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded -D_THREAD_SAFE:AIX::BN_LLONG RC4_CHAR:${ppc32_asm}:aix32:dlfcn:aix-shared::-q32 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32",
-"aix64-cc", "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded -D_THREAD_SAFE:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:${ppc64_asm}:aix64:dlfcn:aix-shared::-q64 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64",
+"aix-cc",   "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded:AIX::BN_LLONG RC4_CHAR:${ppc32_asm}:aix32:dlfcn:aix-shared::-q32 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32",
+"aix64-cc", "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:${ppc64_asm}:aix64:dlfcn:aix-shared::-q64 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64",

 #
 # Cray T90 and similar (SDSC)
--- a/4
+++ b/4
@@ -862,7 +862,7 @@ $multilib     =
 $cc           = cc
 $cflags       = -q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst
 $unistd       = 
-$thread_cflag = -qthreaded -D_THREAD_SAFE
+$thread_cflag = -qthreaded
 $sys_id       = AIX
 $lflags       = 
 $bn_ops       = BN_LLONG RC4_CHAR
@@ -961,7 +961,7 @@ $multilib     =
 $cc           = cc
 $cflags       = -q64 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst
 $unistd       = 
-$thread_cflag = -qthreaded -D_THREAD_SAFE
+$thread_cflag = -qthreaded
 $sys_id       = AIX
 $lflags       = 
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR
--- a/crypto/cmac/cmac.c
+++ b/crypto/cmac/cmac.c
@@ -77,17 +77,19 @@ struct CMAC_CTX_st

 /* Make temporary keys K1 and K2 */

-static void make_kn(unsigned char *k1, const unsigned char *l, int bl)
+static void make_kn(unsigned char *k1, unsigned char *l, int bl)
 	{
 	int i;
-	unsigned char c = l[0], carry = c>>7, cnext;
-
 	/* Shift block to left, including carry */
-	for (i = 0; i < bl-1; i++, c = cnext)
-		k1[i] = (c << 1) | ((cnext=l[i+1]) >> 7);
-
+	for (i = 0; i < bl; i++)
+		{
+		k1[i] = l[i] << 1;
+		if (i < bl - 1 && l[i + 1] & 0x80)
+			k1[i] |= 1;
+		}
 	/* If MSB set fixup with R */
-	k1[i] = (c << 1) ^ ((0-carry)&(bl==16?0x87:0x1b));
+	if (l[0] & 0x80)
+		k1[bl - 1] ^= bl == 16 ? 0x87 : 0x1b;
 	}

 CMAC_CTX *CMAC_CTX_new(void)
@@ -151,8 +153,6 @@ int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
 			return 0;
 		if (!M_EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, zero_iv))
 			return 0;
-		memset(ctx->tbl, 0, M_EVP_CIPHER_CTX_block_size(&ctx->cctx));	
-		ctx->nlast_block = 0;
 		return 1;
 		}
 	/* Initialiase context */
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -956,6 +956,8 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,

 	if (!gctx->iv_set)
 		return -1;
+	if (!ctx->encrypt && gctx->taglen < 0)
+		return -1;
 	if (in)
 		{
 		if (out == NULL)
@@ -997,8 +999,6 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 		{
 		if (!ctx->encrypt)
 			{
-			if (gctx->taglen < 0)
-				return -1;
 			if (CRYPTO_gcm128_finish(&gctx->gcm,
 					ctx->buf, gctx->taglen) != 0)
 				return -1;
@@ -1195,7 +1195,6 @@ static int aes_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 			vpaes_set_encrypt_key(key, ctx->key_len*8, &cctx->ks);
 			CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
 					&cctx->ks, (block128_f)vpaes_encrypt);
-			cctx->str = NULL;
 			cctx->key_set = 1;
 			break;
 			}
--- a/crypto/modes/gcm128.c
+++ b/crypto/modes/gcm128.c
@@ -1403,7 +1403,7 @@ int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx,const unsigned char *tag,
 	void (*gcm_gmult_p)(u64 Xi[2],const u128 Htable[16])	= ctx->gmult;
 #endif

-	if (ctx->mres || ctx->ares)
+	if (ctx->mres)
 		GCM_MUL(ctx,Xi);

 	if (is_endian.little) {
--- a/crypto/sha/asm/sha1-armv4-large.pl
+++ b/crypto/sha/asm/sha1-armv4-large.pl
@@ -177,7 +177,6 @@ for($i=0;$i<5;$i++) {
 $code.=<<___;
 	teq	$Xi,sp
 	bne	.L_00_15		@ [((11+4)*5+2)*3]
-	sub	sp,sp,#25*4
 ___
 	&BODY_00_15(@V);	unshift(@V,pop(@V));
 	&BODY_16_19(@V);	unshift(@V,pop(@V));
@@ -187,6 +186,7 @@ ___
 $code.=<<___;

 	ldr	$K,.LK_20_39		@ [+15+16*4]
+	sub	sp,sp,#25*4
 	cmn	sp,#0			@ [+3], clear carry to denote 20_39
 .L_20_39_or_60_79:
 ___
--- a/fips/aes/fips_gcmtest.c
+++ b/fips/aes/fips_gcmtest.c
@@ -208,8 +208,6 @@ static void gcmtest(FILE *in, FILE *out, int encrypt)
 				ct = OPENSSL_malloc(ptlen);
 				rv = FIPS_cipher(&ctx, ct, pt, ptlen);
 				}
-			else
-				FIPS_cipher(&ctx, iv, iv, 0);
 			FIPS_cipher(&ctx, NULL, NULL, 0);
 			FIPS_cipher_ctx_ctrl(&ctx, EVP_CTRL_GCM_GET_TAG,
 								taglen, tag);	
@@ -244,8 +242,6 @@ static void gcmtest(FILE *in, FILE *out, int encrypt)
 				pt = OPENSSL_malloc(ptlen);
 				rv = FIPS_cipher(&ctx, pt, ct, ptlen);
 				}
-			else
-				FIPS_cipher(&ctx, iv, iv, 0);
 			rv = FIPS_cipher(&ctx, NULL, NULL, 0);
 			if (rv < 0)
 				fprintf(out, "FAIL" RESP_EOL);
--- a/fips/rand/fips_drbgvs.c
+++ b/fips/rand/fips_drbgvs.c
@@ -182,7 +182,7 @@ int main(int argc,char **argv)
 	int r, nid = 0;
 	int pr = 0;
 	char buf[2048], lbuf[2048];
-	unsigned char *randout = NULL;
+	unsigned char randout[2048];
 	char *keyword = NULL, *value = NULL;

 	unsigned char *ent = NULL, *nonce = NULL, *pers = NULL, *adin = NULL;
@@ -298,8 +298,6 @@ int main(int argc,char **argv)
 			else
 				exit(1);
 			}
-		if (!strcmp(keyword, "[ReturnedBitsLen"))
-			randoutlen = atoi(value) / 8;

 		if (!strcmp(keyword, "EntropyInput"))
 			{
@@ -329,11 +327,7 @@ int main(int argc,char **argv)
 			FIPS_drbg_set_callbacks(dctx, test_entropy, 0, 0,
 							test_nonce, 0);
 			FIPS_drbg_set_app_data(dctx, &t);
-			if (randoutlen == 0)
-				randoutlen = (int)FIPS_drbg_get_blocklength(dctx);
-			if (randout)
-				OPENSSL_free(randout);
-			randout = OPENSSL_malloc(randoutlen);
+			randoutlen = (int)FIPS_drbg_get_blocklength(dctx);
 			r = FIPS_drbg_instantiate(dctx, pers, perslen);
 			if (!r)
 				{
@@ -412,8 +406,6 @@ int main(int argc,char **argv)
 			}

 		}
-	if (randout)
-		OPENSSL_free(randout);
 	if (in && in != stdin)
 		fclose(in);
 	if (out && out != stdout)
--- a/fips/utl/fips_enc.c
+++ b/fips/utl/fips_enc.c
@@ -208,7 +208,6 @@ int FIPS_cipherinit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
 			break;

 			case EVP_CIPH_CTR_MODE:
-			ctx->num = 0;
 			/* Don't reuse IV for CTR mode */
 			if(iv)
 				memcpy(ctx->iv, iv, M_EVP_CIPHER_CTX_iv_length(ctx));
Author	SHA1	Message	Date
Dr. Stephen Henson	2d183e4c44	Add BSD-ppc85xx support and avoid copying overlapping buffers in fips_dssvs.c	2012-10-14 12:02:53 +00:00
Dr. Stephen Henson	7049d13c5f	update CHANGES	2012-10-04 14:10:12 +00:00
Dr. Stephen Henson	c616200172	Add support for Windows CE and C64+ to FIPS module.	2012-10-04 13:27:11 +00:00
Dr. Stephen Henson	7b899c10cd	file msincore was added on branch OpenSSL-fips-2_0-stable on 2012-10-04 13:27:10 +0000	2012-05-23 17:07:25 +00:00
Dr. Stephen Henson	6b2e340bdd	file hmac_sha1.pl was added on branch OpenSSL-fips-2_0-stable on 2012-10-04 13:27:10 +0000	2012-05-23 17:07:24 +00:00