Compare commits

...

217 Commits

Author SHA1 Message Date
Dr. Stephen Henson
ef02492908 prepare for release 2010-11-16 13:35:09 +00:00
Dr. Stephen Henson
86d5f9ba4f fix CVE-2010-3864 2010-11-16 13:26:24 +00:00
Dr. Stephen Henson
febcec6254 If EVP_PKEY structure contains an ENGINE the key is ENGINE specific and
we should use its method instead of any generic one.
2010-11-16 12:11:15 +00:00
Dr. Stephen Henson
f07cb1ce8e make update 2010-11-15 14:44:50 +00:00
Dr. Stephen Henson
b3c17a4805 Get correct GOST private key instead of just assuming the last one is
correct: this isn't always true if we have more than one certificate.
2010-11-14 13:50:29 +00:00
Dr. Stephen Henson
7b83fe34c0 update NEWS file 2010-11-11 15:30:33 +00:00
Dr. Stephen Henson
e0b1c57ae0 Submitted By: Bogdan Harjoc <harjoc@gmail.com>
Add missing debug WIN64 targets.
2010-11-11 15:23:19 +00:00
Dr. Stephen Henson
6806b06d21 PR: 2366
Submitted by: Damien Miller <djm@mindrot.org>
Reviewed by: steve

Stop pkeyutl crashing if some arguments are missing. Also make str2fmt
tolerate NULL parameter.
2010-11-11 14:42:19 +00:00
Dr. Stephen Henson
0af0e9d747 Submitted by: Jonathan Dixon <joth@chromium.org>
Reviewed by: steve

If store is NULL set flags correctly.
2010-11-02 15:57:40 +00:00
Dr. Stephen Henson
2191b3ba44 PR: 2295
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com>
Reviewed by: steve

OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code
elimination.
2010-10-11 23:24:51 +00:00
Andy Polyakov
73020a945b x86_64-xlate.pl: fix LNK4078 and LNK4210 link warnings [from HEAD].
PR: 2356
2010-10-10 21:14:17 +00:00
Dr. Stephen Henson
9c2d0cd11c PR: 2314
Submitted by: Mounir IDRASSI <mounir.idrassi@idrix.net>
Reviewed by: steve

Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
2010-10-10 12:33:10 +00:00
Dr. Stephen Henson
0ef9b9c7bf We can't always read 6 bytes in an OCSP response: fix so error statuses
are read correctly for non-blocking I/O.
2010-10-06 18:01:23 +00:00
Dr. Stephen Henson
c14c6e996d Minor documentation fixes, PR#2345 2010-10-04 13:28:35 +00:00
Dr. Stephen Henson
51381cd4ed Minor documentation fixes, PR#2344 2010-10-04 13:24:15 +00:00
Dr. Stephen Henson
8c9ab050e5 Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(),
this means that some implementations will be used automatically, e.g. aesni,
we do this for cryptodev anyway.

Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.
2010-10-03 18:57:01 +00:00
Andy Polyakov
b6996c7849 Alpha assembler pack: adapt for Linux [from HEAD].
PR: 2335
2010-09-13 20:32:31 +00:00
Andy Polyakov
2c23b0716e VC-32.pl: default to nasm if neither nasm or nasmw is is found at the moment [from HEAD].
PR: 2338
2010-09-13 16:28:34 +00:00
Andy Polyakov
f548a0e4d5 crypto/bn/asm/s390x.S: drop redundant instructions [from HEAD]. 2010-09-10 14:55:24 +00:00
Andy Polyakov
a404f63f92 sparcv9cap.c: disengange Solaris-specific CPU detection routine in favour
of unified procedure relying on SIGILL [from HEAD].
PR: 2321
2010-09-05 19:48:01 +00:00
Ben Laurie
b54f50d277 Oops. Make depend on a standard configuration. 2010-09-05 13:47:44 +00:00
Ben Laurie
10ba241909 Make depend. 2010-09-05 13:07:40 +00:00
Dr. Stephen Henson
1f238b1c4a make no-gost work on Windows 2010-09-02 17:23:36 +00:00
Dr. Stephen Henson
ef85bf8c2b fix bug in AES_unwrap() 2010-08-30 23:59:04 +00:00
Bodo Möller
cbfccdb729 ECC library bugfixes.
Submitted by: Emilia Kasper (Google)
2010-08-26 12:10:44 +00:00
Bodo Möller
94111aa401 Harmonize with OpenSSL_0_9_8-stable version of CHANGES. 2010-08-26 11:19:45 +00:00
Andy Polyakov
eec48070a1 util/cygwin.sh: maintainer's update [from HEAD].
Submitted by: Corinna Vinschen
2010-08-24 21:52:00 +00:00
Andy Polyakov
eebe668174 engine/Makefile: harmonize engine install rule for .dylib extension on MacOS X [from HEAD].
PR: 2319
2010-08-24 21:46:34 +00:00
Andy Polyakov
8a15a4a7b4 Makefile.shared: fix brown-bag typo in link_o.darwin [from HEAD].
PR: 2319
2010-08-21 11:36:49 +00:00
Andy Polyakov
19057003f1 sha1-armv4-large.pl: reschedule instructions for dual-issue pipeline [from HEAD]. 2010-08-03 15:36:31 +00:00
Andy Polyakov
031648d4ce Make inline assembler clang-friendly [from HEAD]. 2010-08-02 21:54:23 +00:00
Andy Polyakov
02bee340a2 alphacpuid.pl: fix brown-bag bug [from HEAD]. 2010-07-28 08:18:17 +00:00
Andy Polyakov
f6f2f68a05 Replace alphacpuid.s with alphacpuid.pl to ensure it makes to release tar-balls [from HEAD].
PR: 2309
2010-07-26 22:09:59 +00:00
Dr. Stephen Henson
982d68a0c0 Add modes.h to mkdef.pl, update ordinals. 2010-07-25 16:56:06 +00:00
Dr. Stephen Henson
7585a86a76 Fix WIN32 build system to correctly link ENGINE DLLs contained in a
directory: currently the GOST ENGINE is the only case.
2010-07-24 17:57:07 +00:00
Andy Polyakov
73190f1b46 Configure: suppress $multilib with non-system $prefix [from HEAD].
PR: 2307
2010-07-16 08:14:00 +00:00
Andy Polyakov
6673ac592a Makefile.shared: update link_o.darwin rule [from HEAD].
PR: 2306
2010-07-16 08:11:32 +00:00
Andy Polyakov
59aa655b53 ARM assembler pack: reschedule instructions for dual-issue pipeline [from HEAD].
Modest improvement coefficients mean that code already had some
parallelism and there was not very much room for improvement. Special
thanks to Ted Krovetz for benchmarking the code with such patience.
2010-07-13 14:08:03 +00:00
Dr. Stephen Henson
c4c99b4961 PR: 2297
Submitted by: Antony, Benoy <bantony@ebay.com>
Approved by: steve@openssl.org

Fix bug in AES wrap code when t > 0xff.
2010-07-09 17:25:27 +00:00
Andy Polyakov
ccbbcddd5f INSTALL.W32: mention _OPENSSL_isservice() [from HEAD].
PR: 2194
2010-07-09 14:31:41 +00:00
Andy Polyakov
65d82478d8 rand_nw.c: compensate for gcc bug (using %edx instead of %eax at -O3)
[from HEAD].
PR: 2296
2010-07-08 09:15:33 +00:00
Andy Polyakov
02a6518a02 PROBLEMS: MacOS X is not necessarily a problem anymore [from HEAD]. 2010-07-08 09:01:56 +00:00
Andy Polyakov
a79053511b sparcv9cap.c: reiterate CPU detection logic [from HEAD]. 2010-07-08 07:48:42 +00:00
Dr. Stephen Henson
eb56eb2279 i variable is used on some platforms 2010-07-05 11:03:22 +00:00
Andy Polyakov
d40f6d4a02 crypto/sparc*: elininate _sparcv9_rdwrasi [from HEAD]. 2010-07-02 08:08:20 +00:00
Andy Polyakov
943ae0951a SPARCv9 assembler pack: refine CPU detection on Linux, fix for "unaligned
opcodes detected in executable segment" error [from HEAD].
2010-07-01 07:57:20 +00:00
Dr. Stephen Henson
999eeaba14 oops, fix date string 2010-06-16 13:46:59 +00:00
Dr. Stephen Henson
dfa81d9efb update README, fix opensslv.h 2010-06-16 13:37:22 +00:00
Dr. Stephen Henson
1dba06e7b0 update for next version 2010-06-16 13:34:33 +00:00
Dr. Stephen Henson
daac87be95 clarify comment 2010-06-16 13:17:22 +00:00
Dr. Stephen Henson
e97359435e Fix warnings (From HEAD, original patch by Ben). 2010-06-15 17:25:15 +00:00
Andy Polyakov
afce9bcca1 VC-32.pl: fix /Fd name generation [from HEAD].
PR: 2284
2010-06-09 15:49:09 +00:00
Dr. Stephen Henson
9c7baca820 prepare for release 2010-06-01 13:31:38 +00:00
Dr. Stephen Henson
618265e645 Fix CVE-2010-1633 and CVE-2010-0742. 2010-06-01 13:17:06 +00:00
Andy Polyakov
9728978b75 VC-32.pl: unconditionally generate symbols.pdb [from HEAD]. 2010-06-01 06:03:20 +00:00
Andy Polyakov
938c0bbae1 x86_64-xlate.pl: updates from HEAD. 2010-06-01 05:57:26 +00:00
Andy Polyakov
a0cd818831 Configure: update mingw config-lines [from HEAD]. 2010-06-01 05:53:35 +00:00
Dr. Stephen Henson
31c4ab5401 fix PR#2261 in a different way 2010-05-31 13:18:08 +00:00
Dr. Stephen Henson
1f65529824 PR: 2278
Submitted By: Mattias Ellert <mattias.ellert@fysast.uu.se>

Fix type checking macro SKM_ASN1_SET_OF_i2d
2010-05-29 12:49:48 +00:00
Dr. Stephen Henson
5b3a6eedd1 update NEWS 2010-05-27 15:05:01 +00:00
Dr. Stephen Henson
6938440d68 PR: 2262
Submitted By: Victor Wagner <vitus@cryptocom.ru>

Fix error reporting in load_key function.
2010-05-27 14:09:13 +00:00
Dr. Stephen Henson
57ec6c9bad PR: 2261
Submitted By: De Rudder, Stephen L." <s_derudder@tditx.com>

Workaround for newer Windows headers which define EADDRINUSE but not to the
same value as WSAEADDRINUSE.
2010-05-27 13:07:45 +00:00
Dr. Stephen Henson
7a09bc4068 PR: 2258
Submitted By: Ger Hobbelt <ger@hobbelt.com>

Base64 BIO fixes:

Use OPENSSL_assert() instead of assert().
Use memmove() as buffers overlap.
Fix write retry logic.
2010-05-27 12:41:20 +00:00
Dr. Stephen Henson
deb15645a8 PR: 2266
Submitted By: Jonathan Gray <jsg@goblin.cx>

Correct ioctl definitions.
2010-05-26 23:23:44 +00:00
Dr. Stephen Henson
f0b358e8b9 Avoid use of ex_data free function in Chil ENGINE so it can be safely
reloaded.
2010-05-26 16:17:06 +00:00
Dr. Stephen Henson
dce2b5a8fc PR: 2254
Submitted by: Ger Hobbelt <ger@hobbelt.com>
Approved by: steve@openssl.org

Check for <= 0 i2d return value.
2010-05-22 00:40:58 +00:00
Dr. Stephen Henson
59d100d959 PR: 2251
Submitted by: Ger Hobbelt <ger@hobbelt.com>
Approved by: steve@openssl.org

Memleak, BIO chain leak and realloc checks in v3_pci.c
2010-05-22 00:31:02 +00:00
Dr. Stephen Henson
d497b5362b oops, typo 2010-05-20 17:35:37 +00:00
Dr. Stephen Henson
369b0abdc2 Update cms-test.pl to handle some Unix like Windows environments where
calling shlib_wrap.sh doesn't work.
2010-05-20 17:28:51 +00:00
Dr. Stephen Henson
72240ab31a PR: 2259
Submitted By: Artem Chuprina <ran@cryptocom.ru>

Check return values of HMAC in tls_P_hash and tls1_generate_key_block.

Although the previous version could in theory crash that would only happen if a
digest call failed. The standard software methods can never fail and only one
ENGINE currently uses digests and it is not compiled in by default.
2010-05-17 11:26:56 +00:00
Dr. Stephen Henson
dc4e1ddc9f PR: 2253
Submitted By: Ger Hobbelt <ger@hobbelt.com>

Check callback return value when outputting errors.
2010-05-15 00:36:12 +00:00
Dr. Stephen Henson
ff656346fa PR: 2255
Submitted By: Ger Hobbelt <ger@hobbelt.com>

Place RSA dependent variable under #ifndef OPENSSL_NO_RSA
2010-05-15 00:19:57 +00:00
Dr. Stephen Henson
ca91057d50 PR: 2252
Submitted By: Ger Hobbelt <ger@hobbelt.com>

Update docs to BIO_f_buffer()
2010-05-03 15:29:51 +00:00
Dr. Stephen Henson
8c1e7de6cb PR: 2230
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fix bug in bitmask macros and stop warnings.
2010-05-03 13:01:50 +00:00
Dr. Stephen Henson
207886cd3a PR: 2244
Submitted By: "PMHager" <hager@dortmund.net>

Initialise pkey callback to 0.
2010-05-03 12:50:52 +00:00
Andy Polyakov
336d1ee733 bss_file.c: reserve for option to encode file name in UTF-8 on Windows
[from HEAD].
2010-04-28 20:04:37 +00:00
Andy Polyakov
bed2b769f5 md5-ia64.S: fix assembler warning [from HEAD]. 2010-04-20 20:41:23 +00:00
Dr. Stephen Henson
26029d9c4c PR: 2241
Submitted By: Artemy Lebedev <vagran.ast@gmail.com>

Typo.
2010-04-20 12:53:05 +00:00
Dr. Stephen Henson
c64c888929 oops, commit Configure part of PR#2234 2010-04-15 13:17:05 +00:00
Dr. Stephen Henson
8d9db41880 PR: 2234
Submitted By: Matthias Andree <matthias.andree@gmx.de>

Use correct path to openssl utility in c_rehash script.
2010-04-14 23:07:28 +00:00
Dr. Stephen Henson
4fae54a8e0 PR: 2235
Submitted By: Bruce Stephens <bruce.stephens@isode.com>

Make ts/Makefile consistent with other Makefiles.
2010-04-14 23:04:19 +00:00
Andy Polyakov
9f35928719 x86_64cpuid.pl: ml64 is allergic to db on label line [from HEAD]. 2010-04-14 19:25:09 +00:00
Dr. Stephen Henson
c5af032df5 update FAQ 2010-04-14 13:20:53 +00:00
Andy Polyakov
8a898a6fcc [co]cf128.c: fix "n=0" bug [from HEAD]. 2010-04-14 07:47:53 +00:00
Dr. Stephen Henson
9f827ded1c fix signed/unsigned comparison warnings 2010-04-14 00:41:01 +00:00
Dr. Stephen Henson
5daa9411a0 fix bug in ccgost CFB mode code 2010-04-14 00:33:22 +00:00
Dr. Stephen Henson
094d4019b8 check ASN1 type before using it 2010-04-14 00:30:12 +00:00
Dr. Stephen Henson
1507f3abba PR: 2230
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fix various DTLS fragment reassembly bugs.
2010-04-14 00:17:29 +00:00
Dr. Stephen Henson
30e8defe52 PR: 2229
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Don't drop DTLS connection if mac or decryption failed.
2010-04-14 00:09:55 +00:00
Dr. Stephen Henson
9f4dd3e3e3 PR: 2228
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fix DTLS buffer record MAC failure bug.
2010-04-14 00:03:13 +00:00
Dr. Stephen Henson
8c00014d7e make update 2010-04-13 17:08:50 +00:00
Richard Levitte
1cf12a6350 No need to look for the file if none was entered. 2010-04-13 14:39:58 +00:00
Richard Levitte
dc9461e23f A few more things that aren't built on VAX 2010-04-13 14:39:08 +00:00
Richard Levitte
72d57050df Since test modules aren't copied to the test/ directory any more on
VMS, we need to rework this script with knowledge of where they are.
2010-04-13 14:38:39 +00:00
Richard Levitte
49d1f665a4 Rework the way engines are built 2010-04-13 14:37:43 +00:00
Richard Levitte
2c25edc4c1 Too long symbols 2010-04-13 14:36:58 +00:00
Richard Levitte
d2f098b33d Spelling 2010-04-13 14:34:48 +00:00
Richard Levitte
6f4f7f35f3 Rework the configuration of avoided algorithms.
Avoid copying test modules.
2010-04-13 14:33:04 +00:00
Richard Levitte
0a4fe6c8db Undo the previous change, it was incorrect in this branch. 2010-04-13 11:10:07 +00:00
Richard Levitte
7bba401d5d Third argument to dtls1_buffer_record is by reference 2010-04-13 08:41:58 +00:00
Andy Polyakov
c73cff12f1 aes-ppc.pl: 10% performance improvement on Power6 [from HEAD]. 2010-04-10 14:54:34 +00:00
Andy Polyakov
b32d93840e cryptlib.c: allow application to override OPENSSL_isservice [from HEAD]. 2010-04-10 14:13:12 +00:00
Andy Polyakov
cb457849fd ctr129.c: fix typo, simplify ctr128_inc and fix "n=0" bug [from HEAD]. 2010-04-10 13:47:11 +00:00
Andy Polyakov
cb3c30059a darwin-ppc-cc: add -Wa,-force_cpusubtype_ALL to produce binaries not
specific to G5. This was already added to HEAD earlier.
PR: 2231
2010-04-10 13:41:58 +00:00
Andy Polyakov
20dc93e49e sparccpuid.S: some assembler is allergic to apostrophes in comments [from HEAD]. 2010-04-10 13:37:06 +00:00
Andy Polyakov
b620447dcc alpha-mont.pl: comply with stack alignment requirement [from HEAD]. 2010-04-10 13:33:46 +00:00
Dr. Stephen Henson
4ffd2ad1d3 make GOST MAC work again 2010-04-08 10:54:54 +00:00
Dr. Stephen Henson
acc9938ba5 Add SHA2 algorithms to SSL_library_init(). Although these aren't used
directly by SSL/TLS SHA2 certificates are becoming more common and
applications that only call SSL_library_init() and not
OpenSSL_add_all_alrgorithms() will fail when verifying certificates.

Update docs.
2010-04-07 13:18:30 +00:00
Dr. Stephen Henson
f6d13ac8cf Remove obsolete PRNG note. Add comment about use of SHA256 et al. 2010-04-06 15:05:47 +00:00
Dr. Stephen Henson
24cb653c6b PR: 2209
Submitted Daniel Mentz <danielml@sent.com>

Documentation typo.
2010-04-06 14:45:31 +00:00
Dr. Stephen Henson
6dfd3cf68e PR: 2218
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fixes for DTLS replay bug.
2010-04-06 12:44:55 +00:00
Dr. Stephen Henson
073775cbbb PR: 2219
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fixes for DTLS buffering bug.
2010-04-06 12:40:10 +00:00
Dr. Stephen Henson
e995d5044e PR: 2223
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fixes for DTLS timeout bug
2010-04-06 12:29:21 +00:00
Dr. Stephen Henson
5b0a79a27a PR: 2220
Fixes to make OpenSSL compile with no-rc4
2010-04-06 11:18:32 +00:00
Dr. Stephen Henson
6747de655e updates for next release 2010-03-30 00:55:00 +00:00
Dr. Stephen Henson
91bad2b09e Prepare for 1.0.0 release - finally ;-) 2010-03-29 13:11:54 +00:00
Andy Polyakov
1244d5b713 ARMv4 assembler: [unconfirmed] fix for compilation failure [from HEAD]. 2010-03-29 09:59:58 +00:00
Andy Polyakov
c0ed5cd47b dso_dlfcn.c: fix compile failure on Tru64 [from HEAD]. 2010-03-29 09:50:33 +00:00
Dr. Stephen Henson
c8281fd38e PR: 1696
Check return value if d2i_PBEPARAM().
2010-03-28 00:42:29 +00:00
Dr. Stephen Henson
fe8e6bff9b PR: 1763
Remove useless num = 0 assignment.

Remove redundant cases on sock_ctrl(): default case handles them.
2010-03-27 23:28:23 +00:00
Dr. Stephen Henson
9caf25d144 PR: 1904
Submitted by: David Woodhouse <dwmw2@infradead.org>

Pass passphrase minimum length down to UI.
2010-03-27 19:27:51 +00:00
Dr. Stephen Henson
348620c7ac PR: 1813
Submitted by: Torsten Hilbrich <torsten.hilbrich@secunet.com>

Fix memory leak when engine name cannot be loaded.
2010-03-27 18:28:13 +00:00
Dr. Stephen Henson
30fc2ab92b update FAQ 2010-03-25 12:07:45 +00:00
Bodo Möller
5b5464d525 Fix for "Record of death" vulnerability CVE-2010-0740.
Also, add missing CHANGES entry for CVE-2009-3245 (code changes submitted to this branch on 23 Feb 2010).
2010-03-25 11:22:42 +00:00
Dr. Stephen Henson
cd15a0528f initialise buf if wrong_info not used 2010-03-24 23:42:20 +00:00
Dr. Stephen Henson
7b52778eff PR: 1731 and maybe 2197
Clear error queue in a few places in SSL code where errors are expected
so they don't stay in the queue.
2010-03-24 23:16:49 +00:00
Andy Polyakov
162de2f2b5 rand_win.c: fix logical bug in readscreen [from HEAD]. 2010-03-22 22:44:35 +00:00
Andy Polyakov
f6e4af6fd7 bss_file.c: fix MSC 6.0 warning [from HEAD]. 2010-03-22 22:39:46 +00:00
Andy Polyakov
32b76dcdac e_capi.c: fix typo. 2010-03-15 22:29:20 +00:00
Andy Polyakov
bcfd252052 Fix UPLINK typo [from HEAD]. 2010-03-15 22:26:33 +00:00
Dr. Stephen Henson
32c452779e workaround for missing definition in some headers 2010-03-15 13:09:39 +00:00
Dr. Stephen Henson
118b90c59e PR: 2192
Submitted By: Jaroslav Imrich <jaroslav.imrich@disig.sk>

The prompt_info and wrong_info parameters can be empty strings which
can produce confusing prompts. Treat empty string same as NULL.
2010-03-12 12:48:46 +00:00
Dr. Stephen Henson
f6a61b140e missing goto meant signature was never printed out 2010-03-12 12:07:05 +00:00
Dr. Stephen Henson
75ece4b5cf don't leave bogus errors in the queue 2010-03-10 13:48:21 +00:00
Dr. Stephen Henson
724cca4178 make update 2010-03-09 17:23:51 +00:00
Dr. Stephen Henson
5b3fdb0181 PR: 2188
Submitted By: Jaroslav Imrich <jaroslav.imrich@disig.sk>

Add "missing" functions to get and set prompt constructor.
2010-03-09 17:18:17 +00:00
Dr. Stephen Henson
fcc3d0265d PR: 2186
Submitted By: "Joel Rabinovitch" <Joel.Rabinovitch@tecsys.com>

Detect aix64-gcc
2010-03-09 17:08:39 +00:00
Dr. Stephen Henson
5356ea7cde reserve a few more bits for future cipher modes 2010-03-08 23:47:57 +00:00
Dr. Stephen Henson
06226df1a9 The OID sanity check was incorrect. It should only disallow *leading* 0x80
values.
2010-03-07 16:40:19 +00:00
Dr. Stephen Henson
bf638ef026 don't add digest alias if signature algorithm is undefined 2010-03-06 20:47:45 +00:00
Dr. Stephen Henson
07973d5db8 Fix memory leak: free up ENGINE functional reference if digest is not
found in an ENGINE.
2010-03-05 13:33:43 +00:00
Dr. Stephen Henson
3b3f71121b PR: 2183
PR#1999 broke fork detection by assuming HAVE_FORK was set for all platforms.
Include original HAVE_FORK detection logic while allowing it to be
overridden on specific platforms with -DHAVE_FORK=1 or -DHAVE_FORK=0
2010-03-03 19:56:17 +00:00
Dr. Stephen Henson
47333a34d5 Submitted by: Tomas Hoger <thoger@redhat.com>
Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
could be crashed if the relevant tables were not present (e.g. chrooted).
2010-03-03 15:41:00 +00:00
Dr. Stephen Henson
d92138f703 don't mix definitions and code 2010-03-03 15:30:26 +00:00
Andy Polyakov
b2bf335327 Fix s390x-specific HOST_l2c|c2l [from HEAD].
Submitted by: Andreas Krebbel
2010-03-02 16:25:10 +00:00
Dr. Stephen Henson
33bec62a20 PR: 2178
Submitted by: "Kennedy, Brendan" <brendan.kennedy@intel.com>

Handle error codes correctly: cryptodev returns 0 for success whereas OpenSSL
returns 1.
2010-03-01 23:54:34 +00:00
Dr. Stephen Henson
2e630b1847 use supplied ENGINE in genrsa 2010-03-01 14:22:02 +00:00
Dr. Stephen Henson
002d3fe863 use correct prototype as in HEAD 2010-03-01 03:01:56 +00:00
Dr. Stephen Henson
fb24311e7c 'typo' 2010-03-01 01:52:47 +00:00
Dr. Stephen Henson
90278430d9 make USE_CRYPTODEV_DIGESTS work 2010-03-01 01:19:36 +00:00
Ben Laurie
bcd9d12a8d Fix warning. 2010-02-28 13:38:16 +00:00
Dr. Stephen Henson
79363339b7 algorithms field has changed in 1.0.0 and later: update 2010-02-28 00:24:24 +00:00
Dr. Stephen Henson
fbe2c6b33e Add Kerberos fix which was in 0.9.8-stable but never committed to HEAD and
1.0.0. Original fix was on 2007-Mar-09 and had the log message: "Fix kerberos
ciphersuite bugs introduced with PR:1336."
2010-02-27 23:04:10 +00:00
Dr. Stephen Henson
fc11f47229 Revert CFB block length change. Despite what SP800-38a says the input to
CFB mode does *not* have to be a multiple of the block length and several
other specifications (e.g. PKCS#11) do not require this.
2010-02-26 14:41:48 +00:00
Dr. Stephen Henson
2b23d89d14 oops, use correct date 2010-02-26 12:14:30 +00:00
Dr. Stephen Henson
9cfa3cff54 update FAQ, NEWS 2010-02-25 18:21:20 +00:00
Dr. Stephen Henson
6507653e72 The meaning of the X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY and
X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT error codes were reversed in
the verify application documentation.
2010-02-23 14:09:22 +00:00
Bodo Möller
7fe747d1eb Always check bn_wexpend() return values for failure (CVE-2009-3245).
(The CHANGES entry covers the change from PR #2111 as well, submitted by
Martin Olsson.)

Submitted by: Neel Mehta
2010-02-23 10:36:30 +00:00
Bodo Möller
32567c9f3b Fix X509_STORE locking 2010-02-19 18:26:23 +00:00
Dr. Stephen Henson
4f3d52fedc clarify documentation 2010-02-18 12:41:50 +00:00
Dr. Stephen Henson
8321bab39c OR default SSL_OP_LEGACY_SERVER_CONNECT so existing options are preserved 2010-02-17 19:43:46 +00:00
Dr. Stephen Henson
989238802a Allow renegotiation if SSL_OP_LEGACY_SERVER_CONNECT is set as well as
initial connection to unpatched servers. There are no additional security
concerns in doing this as clients don't see renegotiation during an
attack anyway.
2010-02-17 18:38:10 +00:00
Dr. Stephen Henson
9051fc538f PR: 2100
Submitted by: James Baker <jbaker@tableausoftware.com> et al.

Workaround for slow Heap32Next on some versions of Windows.
2010-02-17 14:32:25 +00:00
Dr. Stephen Henson
03fd7f27db Submitted by: Dmitry Ivanov <vonami@gmail.com>
Don't leave dangling pointers in GOST engine if calls fail.
2010-02-16 14:30:19 +00:00
Dr. Stephen Henson
45d6a15ae9 PR: 2171
Submitted by: Tomas Mraz <tmraz@redhat.com>

Since SSLv2 doesn't support renegotiation at all don't reject it if
legacy renegotiation isn't enabled.

Also can now use SSL2 compatible client hello because RFC5746 supports it.
2010-02-16 14:20:40 +00:00
Dr. Stephen Henson
6c6ca18664 The "block length" for CFB mode was incorrectly coded as 1 all the time. It
should be the number of feedback bits expressed in bytes. For CFB1 mode set
this to 1 by rounding up to the nearest multiple of 8.
2010-02-15 19:40:30 +00:00
Dr. Stephen Henson
97fe2b40c1 Correct ECB mode EVP_CIPHER definition: IV length is 0 2010-02-15 19:25:52 +00:00
Dr. Stephen Henson
f689ab5017 add EVP_CIPH_FLAG_LENGTH_BITS from 0.9.8-stable 2010-02-15 19:17:55 +00:00
Dr. Stephen Henson
edb7cac271 PR: 2164
Submitted by: "Noszticzius, Istvan" <inoszticzius@rightnow.com>

Don't clear the output buffer: ciphers should correctly the same input
and output buffers.
2010-02-15 19:01:56 +00:00
Dr. Stephen Henson
81d87a2a28 update references to new RI RFC 2010-02-12 21:59:57 +00:00
Dr. Stephen Henson
7366f0b304 PR: 2170
Submitted by: Magnus Lilja <lilja.magnus@gmail.com>

Make -c option in dgst work again.
2010-02-12 17:07:24 +00:00
Dr. Stephen Henson
1d8fa09c80 Make assembly language versions of OPENSSL_cleanse() accept zero length
parameter. Backport from HEAD, orginal by appro.
2010-02-12 17:02:13 +00:00
Dr. Stephen Henson
e085e6c84c Fix memory leak in ENGINE autoconfig code. Improve error logging. 2010-02-09 14:17:57 +00:00
Dr. Stephen Henson
008fa4584d update year 2010-02-09 14:13:00 +00:00
Dr. Stephen Henson
c8c49133d9 oops, use new value for new flag 2010-02-07 13:54:54 +00:00
Dr. Stephen Henson
961f1dea06 make update 2010-02-07 13:47:08 +00:00
Dr. Stephen Henson
1700426256 Add missing function EVP_CIPHER_CTX_copy(). Current code uses memcpy() to copy
an EVP_CIPHER_CTX structure which may have problems with external ENGINEs
who need to duplicate internal handles etc.
2010-02-07 13:41:23 +00:00
Dr. Stephen Henson
aa7f5baad2 don't assume 0x is at start of string 2010-02-03 18:19:05 +00:00
Dr. Stephen Henson
45acdd6f6d tolerate broken CMS/PKCS7 implementations using signature OID instead of digest 2010-02-02 14:26:32 +00:00
Dr. Stephen Henson
8b354e776b PR: 2161
Submitted by: Doug Goldstein <cardoe@gentoo.org>, Steve.

Make no-dsa, no-ecdsa and no-rsa compile again.
2010-02-02 13:36:05 +00:00
Dr. Stephen Henson
868f5e44ca PR: 2160
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Make session tickets work with DTLS.
2010-02-01 16:49:42 +00:00
Dr. Stephen Henson
4e5fdd11ea PR: 2159
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Typo in PR#1949 bug, oops!
2010-02-01 12:44:11 +00:00
Richard Levitte
d552a3391a Typo. 2010-01-29 12:07:50 +00:00
Richard Levitte
d023b4e2dd The previous take went wrong, try again. 2010-01-29 12:02:54 +00:00
Richard Levitte
fa79cc9c23 Architecture specific header files need special handling. 2010-01-29 11:44:40 +00:00
Richard Levitte
06daa75fb9 If opensslconf.h and buildinf.h are to be in an architecture specific
directory, place it in the same tree as the other architecture
specific things.
2010-01-29 11:43:53 +00:00
Dr. Stephen Henson
ffa304c838 oops, revert more test code arghh! 2010-01-28 17:52:18 +00:00
Dr. Stephen Henson
df21765a3e In engine_table_select() don't clear out entire error queue: just clear
out any we added using ERR_set_mark() and ERR_pop_to_mark() otherwise
errors from other sources (e.g. SSL library) can be wiped.
2010-01-28 17:50:23 +00:00
Dr. Stephen Henson
5a6ae115f8 reword RI description 2010-01-27 18:53:49 +00:00
Dr. Stephen Henson
5e5df40b9b update documentation to reflect new renegotiation options 2010-01-27 17:50:20 +00:00
Dr. Stephen Henson
6d4943e81f Some shells print out the directory name if CDPATH is set breaking the
pod2man test. Use ./util instead to avoid this.
2010-01-27 16:06:58 +00:00
Dr. Stephen Henson
57cffe901f typo 2010-01-27 14:05:15 +00:00
Dr. Stephen Henson
a758f61793 PR: 2157
Submitted by: "Green, Paul" <Paul.Green@stratus.com>

Typo.
2010-01-27 12:55:52 +00:00
Richard Levitte
b3b35df2a2 Cosmetic changes, including changing a confusing example. 2010-01-27 09:18:05 +00:00
Richard Levitte
5ad50246fc Apparently, test/testtsa.com was only half done 2010-01-27 01:19:12 +00:00
Richard Levitte
d89b895cfd size_t doesn't compare less than zero... 2010-01-27 01:18:26 +00:00
Dr. Stephen Henson
d793c292cb add CHANGES entry 2010-01-26 19:48:10 +00:00
Dr. Stephen Henson
57749b1b9f PR: 1949
Submitted by: steve@openssl.org

More robust fix and workaround for PR#1949. Don't try to work out if there
is any write pending data as this can be unreliable: always flush.
2010-01-26 19:46:30 +00:00
Dr. Stephen Henson
1cdb7854a5 PR: 2138
Submitted by: Kevin Regan <k.regan@f5.com>

Clear stat structure if -DPURIFY is set to avoid problems on some
platforms which include unitialised fields.
2010-01-26 18:07:41 +00:00
Dr. Stephen Henson
704d33b347 Add flags functions which were added to 0.9.8 for fips but not 1.0.0 and
later.
2010-01-26 14:33:52 +00:00
Dr. Stephen Henson
b2a7515ee8 OPENSSL_isservice is now defined on all platforms not just WIN32 2010-01-26 13:58:49 +00:00
Dr. Stephen Henson
f4f2b52995 oops 2010-01-26 13:56:15 +00:00
Dr. Stephen Henson
c7d5edbf5e export OPENSSL_isservice and make update 2010-01-26 13:55:33 +00:00
Dr. Stephen Henson
d8f07f1674 Typo 2010-01-26 12:29:48 +00:00
Dr. Stephen Henson
78bfb45b07 PR: 2149
Submitted by: Douglas Stebila <douglas@stebila.ca>

Fix wap OIDs.
2010-01-25 16:07:51 +00:00
Richard Levitte
6ad4d60555 There's really no need to use $ENV::HOME 2010-01-25 00:22:52 +00:00
Richard Levitte
2fad8aa209 Forgot to correct the definition of __arch in this file.
Submitted by Steven M. Schweda <sms@antinode.info>
2010-01-25 00:21:14 +00:00
Richard Levitte
74397d45b2 It seems like sslroot: needs to be defined for some tests to work.
Submitted by Steven M. Schweda <sms@antinode.info>
2010-01-25 00:20:32 +00:00
Richard Levitte
c8ca769d3b Compile t1_reneg on VMS as well.
Submitted by Steven M. Schweda <sms@antinode.info>
2010-01-25 00:19:33 +00:00
Richard Levitte
25d42c17e3 A few more macros for long symbols.
Submitted by Steven M. Schweda <sms@antinode.info>
2010-01-25 00:18:31 +00:00
Dr. Stephen Henson
a377811f15 PR: 2153, 2125
Submitted by: steve@openssl.org

The original fix for PR#2125 broke compilation on some Unixware platforms:
revert and make conditional on VMS.
2010-01-24 16:57:38 +00:00
Dr. Stephen Henson
ef1b6b2cf2 The fix for PR#1949 unfortunately broke cases where the BIO_CTRL_WPENDING
ctrl is incorrectly implemented (e.g. some versions of Apache). As a workaround
call both BIO_CTRL_INFO and BIO_CTRL_WPENDING if it returns zero. This should
both address the original bug and retain compatibility with the old behaviour.
2010-01-24 13:54:07 +00:00
Dr. Stephen Henson
1699389a46 Tolerate PKCS#8 DSA format with negative private key. 2010-01-22 20:17:30 +00:00
Dr. Stephen Henson
ad8ee3d7d1 If legacy renegotiation is not permitted then send a fatal alert if a patched
server attempts to renegotiate with an unpatched client.
2010-01-22 18:49:19 +00:00
Dr. Stephen Henson
39f0a4d8e9 typo 2010-01-21 18:46:28 +00:00
Dr. Stephen Henson
15a9821cc2 fix comments 2010-01-21 01:17:45 +00:00
Dr. Stephen Henson
53e97e7433 update version for next beta if we have one... 2010-01-20 15:40:27 +00:00
221 changed files with 2965 additions and 1717 deletions

137
CHANGES
View File

@@ -2,12 +2,37 @@
OpenSSL CHANGES
_______________
Changes between 0.9.8m (?) and 1.0.0 [xx XXX xxxx]
Changes between 1.0.0a and 1.0.0b [16 Nov 2010]
*) Fix extension code to avoid race conditions which can result in a buffer
overrun vulnerability: resumed sessions must not be modified as they can
be shared by multiple threads. CVE-2010-3864
[Steve Henson]
*) Fix WIN32 build system to correctly link an ENGINE directory into
a DLL.
[Steve Henson]
Changes between 1.0.0 and 1.0.0a [01 Jun 2010]
*) Check return value of int_rsa_verify in pkey_rsa_verifyrecover
(CVE-2010-1633)
[Steve Henson, Peter-Michael Hager <hager@dortmund.net>]
Changes between 0.9.8n and 1.0.0 [29 Mar 2010]
*) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher
context. The operation can be customised via the ctrl mechanism in
case ENGINEs want to include additional functionality.
[Steve Henson]
*) Tolerate yet another broken PKCS#8 key format: private key value negative.
[Steve Henson]
*) Add new -subject_hash_old and -issuer_hash_old options to x509 utility to
output hashes compatible with older versions of OpenSSL.
[Willy Weisz <weisz@vcpc.univie.ac.at>]
*) Fix compression algorithm handling: if resuming a session use the
compression algorithm of the resumed session instead of determining
it from client hello again. Don't allow server to change algorithm.
@@ -834,8 +859,87 @@
*) Change 'Configure' script to enable Camellia by default.
[NTT]
Changes between 0.9.8o and 0.9.8p [xx XXX xxxx]
Changes between 0.9.8l (?) and 0.9.8m (?) [xx XXX xxxx]
*) Fix extension code to avoid race conditions which can result in a buffer
overrun vulnerability: resumed sessions must not be modified as they can
be shared by multiple threads. CVE-2010-3864
*) Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
[Steve Henson]
*) Don't reencode certificate when calculating signature: cache and use
the original encoding instead. This makes signature verification of
some broken encodings work correctly.
[Steve Henson]
*) ec2_GF2m_simple_mul bugfix: compute correct result if the output EC_POINT
is also one of the inputs.
[Emilia K<>sper <emilia.kasper@esat.kuleuven.be> (Google)]
*) Don't repeatedly append PBE algorithms to table if they already exist.
Sort table on each new add. This effectively makes the table read only
after all algorithms are added and subsequent calls to PKCS12_pbe_add
etc are non-op.
[Steve Henson]
Changes between 0.9.8n and 0.9.8o [01 Jun 2010]
[NB: OpenSSL 0.9.8o and later 0.9.8 patch levels were released after
OpenSSL 1.0.0.]
*) Correct a typo in the CMS ASN1 module which can result in invalid memory
access or freeing data twice (CVE-2010-0742)
[Steve Henson, Ronald Moesbergen <intercommit@gmail.com>]
*) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more
common in certificates and some applications which only call
SSL_library_init and not OpenSSL_add_all_algorithms() will fail.
[Steve Henson]
*) VMS fixes:
Reduce copying into .apps and .test in makevms.com
Don't try to use blank CA certificate in CA.com
Allow use of C files from original directories in maketests.com
[Steven M. Schweda" <sms@antinode.info>]
Changes between 0.9.8m and 0.9.8n [24 Mar 2010]
*) When rejecting SSL/TLS records due to an incorrect version number, never
update s->server with a new major version number. As of
- OpenSSL 0.9.8m if 'short' is a 16-bit type,
- OpenSSL 0.9.8f if 'short' is longer than 16 bits,
the previous behavior could result in a read attempt at NULL when
receiving specific incorrect SSL/TLS records once record payload
protection is active. (CVE-2010-0740)
[Bodo Moeller, Adam Langley <agl@chromium.org>]
*) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
could be crashed if the relevant tables were not present (e.g. chrooted).
[Tomas Hoger <thoger@redhat.com>]
Changes between 0.9.8l and 0.9.8m [25 Feb 2010]
*) Always check bn_wexpend() return values for failure. (CVE-2009-3245)
[Martin Olsson, Neel Mehta]
*) Fix X509_STORE locking: Every 'objs' access requires a lock (to
accommodate for stack sorting, always a write lock!).
[Bodo Moeller]
*) On some versions of WIN32 Heap32Next is very slow. This can cause
excessive delays in the RAND_poll(): over a minute. As a workaround
include a time check in the inner Heap32Next loop too.
[Steve Henson]
*) The code that handled flushing of data in SSL/TLS originally used the
BIO_CTRL_INFO ctrl to see if any data was pending first. This caused
the problem outlined in PR#1949. The fix suggested there however can
trigger problems with buggy BIO_CTRL_WPENDING (e.g. some versions
of Apache). So instead simplify the code to flush unconditionally.
This should be fine since flushing with no data to flush is a no op.
[Steve Henson]
*) Handle TLS versions 2.0 and later properly and correctly use the
highest version of TLS/SSL supported. Although TLS >= 2.0 is some way
@@ -844,7 +948,7 @@
*) Modify compression code so it frees up structures without using the
ex_data callbacks. This works around a problem where some applications
call CRYPTO_free_all_ex_data() before application exit (e.g. when
call CRYPTO_cleanup_all_ex_data() before application exit (e.g. when
restarting) then use compression (e.g. SSL with compression) later.
This results in significant per-connection memory leaks and
has caused some security issues including CVE-2008-1678 and
@@ -856,7 +960,7 @@
[Bodo Moeller]
*) Add option SSL_OP_LEGACY_SERVER_CONNECT which will allow clients to
connect (but not renegotiate) with servers which do not support RI.
connect and renegotiate with servers which do not support RI.
Until RI is more widely deployed this option is enabled by default.
[Steve Henson]
@@ -864,14 +968,14 @@
[Steve Henson]
*) If client attempts to renegotiate and doesn't support RI respond with
a no_renegotiation alert as required by draft-ietf-tls-renegotiation.
Some renegotiating TLS clients will continue a connection gracefully
when they receive the alert. Unfortunately OpenSSL mishandled
this alert and would hang waiting for a server hello which it will never
receive. Now we treat a received no_renegotiation alert as a fatal
error. This is because applications requesting a renegotiation might well
expect it to succeed and would have no code in place to handle the server
denying it so the only safe thing to do is to terminate the connection.
a no_renegotiation alert as required by RFC5746. Some renegotiating
TLS clients will continue a connection gracefully when they receive
the alert. Unfortunately OpenSSL mishandled this alert and would hang
waiting for a server hello which it will never receive. Now we treat a
received no_renegotiation alert as a fatal error. This is because
applications requesting a renegotiation might well expect it to succeed
and would have no code in place to handle the server denying it so the
only safe thing to do is to terminate the connection.
[Steve Henson]
*) Add ctrl macro SSL_get_secure_renegotiation_support() which returns 1 if
@@ -883,10 +987,9 @@
the updated NID creation version. This should correctly handle UTF8.
[Steve Henson]
*) Implement draft-ietf-tls-renegotiation-03. Re-enable
renegotiation but require the extension as needed. Unfortunately,
SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION turns out to be a
bad idea. It has been replaced by
*) Implement RFC5746. Re-enable renegotiation but require the extension
as needed. Unfortunately, SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
turns out to be a bad idea. It has been replaced by
SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION which can be set with
SSL_CTX_set_options(). This is really not recommended unless you
know what you are doing.

View File

@@ -492,6 +492,8 @@ my %table=(
# Win64 targets, WIN64I denotes IA-64 and WIN64A - AMD64
"VC-WIN64I","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:ia64cpuid.o:ia64.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o:::::::ias:win32",
"VC-WIN64A","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:x86_64cpuid.o:bn_asm.o x86_64-mont.o::aes-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o:auto:win32",
"debug-VC-WIN64I","cl:-W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:ia64cpuid.o:ia64.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o:::::::ias:win32",
"debug-VC-WIN64A","cl:-W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:x86_64cpuid.o:bn_asm.o x86_64-mont.o::aes-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o:auto:win32",
# x86 Win32 target defaults to ANSI API, if you want UNICODE, complement
# 'perl Configure VC-WIN32' with '-DUNICODE -D_UNICODE'
"VC-WIN32","cl:-W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
@@ -503,7 +505,7 @@ my %table=(
"BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN:${no_asm}:win32",
# MinGW
"mingw", "gcc:-mno-cygwin -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -fomit-frame-pointer -O3 -march=i486 -Wall:::MINGW32:-lws2_32 -lgdi32 -lcrypt32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_asm}:coff:win32:cygwin-shared:-D_WINDLL -DOPENSSL_USE_APPLINK:-mno-cygwin:.dll.a",
"mingw", "gcc:-mno-cygwin -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -fomit-frame-pointer -O3 -march=i486 -Wall::-D_MT:MINGW32:-lws2_32 -lgdi32 -lcrypt32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_asm}:coff:win32:cygwin-shared:-D_WINDLL -DOPENSSL_USE_APPLINK:-mno-cygwin:.dll.a",
# As for OPENSSL_USE_APPLINK. Applink makes it possible to use .dll
# compiled with one compiler with application compiled with another
# compiler. It's possible to engage Applink support in mingw64 build,
@@ -511,7 +513,7 @@ my %table=(
# handling, one can't seriously consider its binaries for using with
# non-mingw64 run-time environment. And as mingw64 is always consistent
# with itself, Applink is never engaged and can as well be omitted.
"mingw64", "gcc:-mno-cygwin -DL_ENDIAN -O3 -Wall -DWIN32_LEAN_AND_MEAN -DUNICODE -D_UNICODE:::MINGW64:-lws2_32 -lgdi32 -lcrypt32:SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:${x86_64_asm}:mingw64:win32:cygwin-shared:-D_WINDLL:-mno-cygwin:.dll.a",
"mingw64", "gcc:-mno-cygwin -DL_ENDIAN -O3 -Wall -DWIN32_LEAN_AND_MEAN -DUNICODE -D_UNICODE::-D_MT:MINGW64:-lws2_32 -lgdi32 -lcrypt32:SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:${x86_64_asm}:mingw64:win32:cygwin-shared:-D_WINDLL:-mno-cygwin:.dll.a",
# UWIN
"UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32",
@@ -547,7 +549,7 @@ my %table=(
##### MacOS X (a.k.a. Rhapsody or Darwin) setup
"rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX_RHAPSODY::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}::",
"darwin-ppc-cc","cc:-arch ppc -O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc32_asm}:osx32:dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
"darwin-ppc-cc","cc:-arch ppc -O3 -DB_ENDIAN -Wa,-force_cpusubtype_ALL::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc32_asm}:osx32:dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
"darwin64-ppc-cc","cc:-arch ppc64 -O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc64_asm}:osx64:dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
"darwin-i386-cc","cc:-arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR:${x86_asm}:macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
"debug-darwin-i386-cc","cc:-arch i386 -g3 -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR:${x86_asm}:macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
@@ -583,6 +585,7 @@ my %table=(
);
my @MK1MF_Builds=qw(VC-WIN64I VC-WIN64A
debug-VC-WIN64I debug-VC-WIN64A
VC-NT VC-CE VC-WIN32 debug-VC-WIN32
BC-32
netware-clib netware-clib-bsdsock
@@ -1093,6 +1096,12 @@ my $ar = $ENV{'AR'} || "ar";
my $arflags = $fields[$idx_arflags];
my $multilib = $fields[$idx_multilib];
# if $prefix/lib$multilib is not an existing directory, then
# assume that it's not searched by linker automatically, in
# which case adding $multilib suffix causes more grief than
# we're ready to tolerate, so don't...
$multilib="" if !-d "$prefix/lib$multilib";
$libdir="lib$multilib" if $libdir eq "";
$cflags = "$cflags$exp_cflags";
@@ -1789,11 +1798,11 @@ EOF
(system $make_command.$make_targets) == 0 or exit $?
if $make_targets ne "";
if ( $perl =~ m@^/@) {
&dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";');
&dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";', '^my \$prefix;$', 'my $prefix = "' . $prefix . '";');
&dofile("apps/CA.pl",$perl,'^#!/', '#!%s');
} else {
# No path for Perl known ...
&dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";');
&dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";', '^my \$prefix;$', 'my $prefix = "' . $prefix . '";');
&dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s');
}
if ($depflags ne $default_depflags && !$make_depend) {

4
FAQ
View File

@@ -79,7 +79,7 @@ OpenSSL - Frequently Asked Questions
* Which is the current version of OpenSSL?
The current version is available from <URL: http://www.openssl.org>.
OpenSSL 0.9.8k was released on Mar 25th, 2009.
OpenSSL 1.0.0b was released on Nov 16th, 2010.
In addition to the current stable release, you can also access daily
snapshots of the OpenSSL development version at <URL:
@@ -722,7 +722,7 @@ file.
Multi-threaded applications must provide two callback functions to
OpenSSL by calling CRYPTO_set_locking_callback() and
CRYPTO_set_id_callback(), for all versions of OpenSSL up to and
including 0.9.8[abc...]. As of version 0.9.9, CRYPTO_set_id_callback()
including 0.9.8[abc...]. As of version 1.0.0, CRYPTO_set_id_callback()
and associated APIs are deprecated by CRYPTO_THREADID_set_callback()
and friends. This is described in the threads(3) manpage.

View File

@@ -297,7 +297,18 @@
desktop, which is not available to service processes. The toolkit is
designed to detect in which context it's currently executed, GUI,
console app or service, and act accordingly, namely whether or not to
actually make GUI calls.
actually make GUI calls. Additionally those who wish to
/DELAYLOAD:GDI32.DLL and /DELAYLOAD:USER32.DLL and actually keep them
off service process should consider implementing and exporting from
.exe image in question own _OPENSSL_isservice not relying on USER32.DLL.
E.g., on Windows Vista and later you could:
__declspec(dllexport) __cdecl BOOL _OPENSSL_isservice(void)
{ DWORD sess;
if (ProcessIdToSessionId(GetCurrentProcessId(),&sess))
return sess==0;
return FALSE;
}
If you link with OpenSSL .DLLs, then you're expected to include into
your application code small "shim" snippet, which provides glue between

View File

@@ -594,7 +594,7 @@ install_docs:
$(INSTALL_PREFIX)$(MANDIR)/man3 \
$(INSTALL_PREFIX)$(MANDIR)/man5 \
$(INSTALL_PREFIX)$(MANDIR)/man7
@pod2man="`cd util; ./pod2mantest $(PERL)`"; \
@pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
here="`pwd`"; \
filecase=; \
if [ "$(PLATFORM)" = "DJGPP" -o "$(PLATFORM)" = "Cygwin" -o "$(PLATFORM)" = "mingw" ]; then \

View File

@@ -135,7 +135,7 @@ LINK_SO_A_VIA_O= \
ALL=$$ALLSYMSFLAGS; ALLSYMSFLAGS=; NOALLSYMSFLAGS=; \
( $(SET_X); \
ld $(LDFLAGS) -r -o lib$(LIBNAME).o $$ALL lib$(LIBNAME).a $(LIBEXTRAS) ); \
$(LINK_SO) && rm -f $(LIBNAME).o
$(LINK_SO) && rm -f lib$(LIBNAME).o
LINK_SO_A_UNPACKED= \
UNPACKDIR=link_tmp.$$$$; rm -rf $$UNPACKDIR; mkdir $$UNPACKDIR; \
@@ -207,17 +207,29 @@ link_app.bsd:
fi; $(LINK_APP)
# For Darwin AKA Mac OS/X (dyld)
# link_o.darwin produces .so, because we let it use dso_dlfcn module,
# which has .so extension hard-coded. One can argue that one should
# develop special dso module for MacOS X. At least manual encourages
# to use native NSModule(3) API and refers to dlfcn as termporary hack.
# Originally link_o.darwin produced .so, because it was hard-coded
# in dso_dlfcn module. At later point dso_dlfcn switched to .dylib
# extension in order to allow for run-time linking with vendor-
# supplied shared libraries such as libz, so that link_o.darwin had
# to be harmonized with it. This caused minor controversy, because
# it was believed that dlopen can't be used to dynamically load
# .dylib-s, only so called bundle modules (ones linked with -bundle
# flag). The belief seems to be originating from pre-10.4 release,
# where dlfcn functionality was emulated by dlcompat add-on. In
# 10.4 dlopen was rewritten as native part of dyld and is documented
# to be capable of loading both dynamic libraries and bundles. In
# order to provide compatibility with pre-10.4 dlopen, modules are
# linked with -bundle flag, which makes .dylib extension misleading.
# It works, because dlopen is [and always was] extension-agnostic.
# Alternative to this heuristic approach is to develop specific
# MacOS X dso module relying on whichever "native" dyld interface.
link_o.darwin:
@ $(CALC_VERSIONS); \
SHLIB=lib$(LIBNAME); \
SHLIB_SUFFIX=.so; \
SHLIB_SUFFIX=.dylib; \
ALLSYMSFLAGS='-all_load'; \
NOALLSYMSFLAGS=''; \
SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS)"; \
SHAREDFLAGS="$(CFLAGS) `echo $(SHARED_LDFLAGS) | sed s/dynamiclib/bundle/`"; \
if [ -n "$(LIBVERSION)" ]; then \
SHAREDFLAGS="$$SHAREDFLAGS -current_version $(LIBVERSION)"; \
fi; \

43
NEWS
View File

@@ -5,9 +5,19 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
Major changes between OpenSSL 0.9.8l and OpenSSL 1.0:
Major changes between OpenSSL 1.0.0a and OpenSSL 1.0.0b:
o Fix for security issue CVE-2010-3864.
o Fix for CVE-2010-2939
o Fix WIN32 build system for GOST ENGINE.
Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a:
o Fix for security issue CVE-2010-1633.
o GOST MAC and CFB fixes.
Major changes between OpenSSL 0.9.8n and OpenSSL 1.0:
o Support for draft-ietf-tls-renegotiation-03.txt
o RFC3280 path validation: sufficient to process PKITS tests.
o Integrated support for PVK files and keyblobs.
o Change default private key format to PKCS#8.
@@ -29,6 +39,35 @@
o Opaque PRF Input TLS extension support.
o Updated time routines to avoid OS limitations.
Major changes between OpenSSL 0.9.8n and OpenSSL 0.9.8o:
o Fix for security issue CVE-2010-0742.
o Various DTLS fixes.
o Recognise SHA2 certificates if only SSL algorithms added.
o Fix for no-rc4 compilation.
o Chil ENGINE unload workaround.
Major changes between OpenSSL 0.9.8m and OpenSSL 0.9.8n:
o CFB cipher definition fixes.
o Fix security issues CVE-2010-0740 and CVE-2010-0433.
Major changes between OpenSSL 0.9.8l and OpenSSL 0.9.8m:
o Cipher definition fixes.
o Workaround for slow RAND_poll() on some WIN32 versions.
o Remove MD2 from algorithm tables.
o SPKAC handling fixes.
o Support for RFC5746 TLS renegotiation extension.
o Compression memory leak fixed.
o Compression session resumption fixed.
o Ticket and SNI coexistence fixes.
o Many fixes to DTLS handling.
Major changes between OpenSSL 0.9.8k and OpenSSL 0.9.8l:
o Temporary work around for CVE-2009-3555: disable renegotiation.
Major changes between OpenSSL 0.9.8j and OpenSSL 0.9.8k:
o Fix various build issues.

View File

@@ -36,7 +36,9 @@ may differ on your machine.
As long as Apple doesn't fix the problem with ld, this problem building
OpenSSL will remain as is.
OpenSSL will remain as is. Well, the problem was addressed in 0.9.8f by
passing -Wl,-search_paths_first, but it's unknown if the flag was
supported from the initial MacOS X release.
* Parallell make leads to errors

4
README
View File

@@ -1,7 +1,7 @@
OpenSSL 1.0.0-beta5 20 Jan 2010
OpenSSL 1.0.0b 16 Nov 2010
Copyright (c) 1998-2009 The OpenSSL Project
Copyright (c) 1998-2010 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
All rights reserved.

13
STATUS
View File

@@ -1,14 +1,15 @@
OpenSSL STATUS Last modified at
______________ $Date: 2010/01/20 15:00:48 $
______________ $Date: 2010/11/16 13:35:08 $
DEVELOPMENT STATE
o OpenSSL 1.0.0-beta5: Released on January 20th, 2010
o OpenSSL 1.0.0-beta4: Released on November 10th, 2009
o OpenSSL 1.0.0-beta3: Released on July 15th, 2009
o OpenSSL 1.0.0-beta2: Released on April 21st, 2009
o OpenSSL 1.0.0-beta1: Released on April 1st, 2009
o OpenSSL 1.1.0: Under development...
o OpenSSL 1.0.0b: Released on November 16th, 2010
o OpenSSL 1.0.0a: Released on June 1st, 2010
o OpenSSL 1.0.0: Released on March 29th, 2010
o OpenSSL 0.9.8n: Released on March 24th, 2010
o OpenSSL 0.9.8m: Released on February 25th, 2010
o OpenSSL 0.9.8l: Released on November 5th, 2009
o OpenSSL 0.9.8k: Released on March 25th, 2009
o OpenSSL 0.9.8j: Released on January 7th, 2009

68
TABLE
View File

@@ -1211,7 +1211,7 @@ $multilib =
*** darwin-ppc-cc
$cc = cc
$cflags = -arch ppc -O3 -DB_ENDIAN
$cflags = -arch ppc -O3 -DB_ENDIAN -Wa,-force_cpusubtype_ALL
$unistd =
$thread_cflag = -D_REENTRANT
$sys_id = MACOSX
@@ -1426,6 +1426,68 @@ $ranlib =
$arflags =
$multilib =
*** debug-VC-WIN64A
$cc = cl
$cflags = -W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE
$unistd =
$thread_cflag =
$sys_id = WIN64A
$lflags =
$bn_ops = SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN
$cpuid_obj = x86_64cpuid.o
$bn_obj = bn_asm.o x86_64-mont.o
$des_obj =
$aes_obj = aes-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
$cast_obj =
$rc4_obj = rc4-x86_64.o
$rmd160_obj =
$rc5_obj =
$wp_obj = wp-x86_64.o
$cmll_obj = cmll-x86_64.o cmll_misc.o
$perlasm_scheme = auto
$dso_scheme = win32
$shared_target=
$shared_cflag =
$shared_ldflag =
$shared_extension =
$ranlib =
$arflags =
$multilib =
*** debug-VC-WIN64I
$cc = cl
$cflags = -W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE
$unistd =
$thread_cflag =
$sys_id = WIN64I
$lflags =
$bn_ops = SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN
$cpuid_obj = ia64cpuid.o
$bn_obj = ia64.o
$des_obj =
$aes_obj = aes_core.o aes_cbc.o aes-ia64.o
$bf_obj =
$md5_obj = md5-ia64.o
$sha1_obj = sha1-ia64.o sha256-ia64.o sha512-ia64.o
$cast_obj =
$rc4_obj =
$rmd160_obj =
$rc5_obj =
$wp_obj =
$cmll_obj =
$perlasm_scheme = ias
$dso_scheme = win32
$shared_target=
$shared_cflag =
$shared_ldflag =
$shared_extension =
$ranlib =
$arflags =
$multilib =
*** debug-ben
$cc = gcc
$cflags = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DDEBUG_UNUSED -O2 -pedantic -Wall -Wshadow -Werror -pipe
@@ -3879,7 +3941,7 @@ $multilib = 64
$cc = gcc
$cflags = -mno-cygwin -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -fomit-frame-pointer -O3 -march=i486 -Wall
$unistd =
$thread_cflag =
$thread_cflag = -D_MT
$sys_id = MINGW32
$lflags = -lws2_32 -lgdi32 -lcrypt32
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT EXPORT_VAR_AS_FN
@@ -3910,7 +3972,7 @@ $multilib =
$cc = gcc
$cflags = -mno-cygwin -DL_ENDIAN -O3 -Wall -DWIN32_LEAN_AND_MEAN -DUNICODE -D_UNICODE
$unistd =
$thread_cflag =
$thread_cflag = -D_MT
$sys_id = MINGW64
$lflags = -lws2_32 -lgdi32 -lcrypt32
$bn_ops = SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN

View File

@@ -114,8 +114,8 @@ $!
$ IF F$SEARCH(CATOP+".private"+CAKEY) .EQS. ""
$ THEN
$ READ '__INPUT' FILE -
/PROMT="CA certificate filename (or enter to create)"
$ IF F$SEARCH(FILE) .NES. ""
/PROMPT="CA certificate filename (or enter to create)"
$ IF (FILE .NES. "") .AND. (F$SEARCH(FILE) .NES. "")
$ THEN
$ COPY 'FILE' 'CATOP'.private'CAKEY'
$ RET=$STATUS

View File

@@ -257,6 +257,8 @@ int args_from_file(char *file, int *argc, char **argv[])
int str2fmt(char *s)
{
if (s == NULL)
return FORMAT_UNDEF;
if ((*s == 'D') || (*s == 'd'))
return(FORMAT_ASN1);
else if ((*s == 'T') || (*s == 't'))
@@ -377,13 +379,12 @@ void program_name(char *in, char *out, int size)
int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
{
int num,len,i;
int num,i;
char *p;
*argc=0;
*argv=NULL;
len=strlen(buf);
i=0;
if (arg->count == 0)
{
@@ -875,10 +876,17 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
if (format == FORMAT_ENGINE)
{
if (!e)
BIO_printf(bio_err,"no engine specified\n");
BIO_printf(err,"no engine specified\n");
else
{
pkey = ENGINE_load_private_key(e, file,
ui_method, &cb_data);
if (!pkey)
{
BIO_printf(err,"cannot load %s from engine\n",key_descrip);
ERR_print_errors(err);
}
}
goto end;
}
#endif
@@ -923,7 +931,7 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
&pkey, NULL, NULL))
goto end;
}
#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)
#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA) && !defined (OPENSSL_NO_RC4)
else if (format == FORMAT_MSBLOB)
pkey = b2i_PrivateKey_bio(key);
else if (format == FORMAT_PVK)
@@ -937,8 +945,11 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
}
end:
if (key != NULL) BIO_free(key);
if (pkey == NULL)
if (pkey == NULL)
{
BIO_printf(err,"unable to load %s\n", key_descrip);
ERR_print_errors(err);
}
return(pkey);
}

View File

@@ -155,7 +155,7 @@ int MAIN(int argc, char **argv)
if ((*argv)[0] != '-') break;
if (strcmp(*argv,"-c") == 0)
separator=1;
if (strcmp(*argv,"-r") == 0)
else if (strcmp(*argv,"-r") == 0)
separator=2;
else if (strcmp(*argv,"-rand") == 0)
{

View File

@@ -88,9 +88,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
DH *dh=NULL;
int i,badops=0,text=0;
BIO *in=NULL,*out=NULL;
@@ -189,7 +186,7 @@ bad:
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
setup_engine(bio_err, engine, 0);
#endif
in=BIO_new(BIO_s_file());

View File

@@ -149,9 +149,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
DH *dh=NULL;
int i,badops=0,text=0;
#ifndef OPENSSL_NO_DSA
@@ -270,7 +267,7 @@ bad:
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
setup_engine(bio_err, engine, 0);
#endif
if (g && !num)

View File

@@ -334,7 +334,7 @@ bad:
i=PEM_write_bio_DSA_PUBKEY(out,dsa);
else i=PEM_write_bio_DSAPrivateKey(out,dsa,enc,
NULL,0,NULL, passout);
#ifndef OPENSSL_NO_RSA
#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_RC4)
} else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
EVP_PKEY *pk;
pk = EVP_PKEY_new();

View File

@@ -111,9 +111,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
DSA *dsa=NULL;
int i,badops=0,text=0;
BIO *in=NULL,*out=NULL;
@@ -278,7 +275,7 @@ bad:
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
setup_engine(bio_err, engine, 0);
#endif
if (need_rand)
@@ -357,12 +354,10 @@ bad:
if (C)
{
unsigned char *data;
int l,len,bits_p,bits_q,bits_g;
int l,len,bits_p;
len=BN_num_bytes(dsa->p);
bits_p=BN_num_bits(dsa->p);
bits_q=BN_num_bits(dsa->q);
bits_g=BN_num_bits(dsa->g);
data=(unsigned char *)OPENSSL_malloc(len+20);
if (data == NULL)
{

View File

@@ -85,9 +85,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
int ret = 1;
EC_KEY *eckey = NULL;
const EC_GROUP *group;
@@ -254,7 +251,7 @@ bad:
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout))

View File

@@ -129,9 +129,6 @@ int MAIN(int argc, char **argv)
char *infile = NULL, *outfile = NULL, *prog;
BIO *in = NULL, *out = NULL;
int informat, outformat, noout = 0, C = 0, ret = 1;
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
char *engine = NULL;
BIGNUM *ec_p = NULL, *ec_a = NULL, *ec_b = NULL,
@@ -340,7 +337,7 @@ bad:
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
setup_engine(bio_err, engine, 0);
#endif
if (list_curves)

View File

@@ -101,9 +101,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
static const char magic[]="Salted__";
char mbuf[sizeof magic-1];
char *strbuf=NULL;
@@ -328,7 +325,7 @@ bad:
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
setup_engine(bio_err, engine, 0);
#endif
if (md && (dgst=EVP_get_digestbyname(md)) == NULL)

View File

@@ -89,9 +89,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
BN_GENCB cb;
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
DH *dh=NULL;
int ret=1,num=DEFBITS;
int g=2;
@@ -163,7 +160,7 @@ bad:
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
setup_engine(bio_err, engine, 0);
#endif
out=BIO_new(BIO_s_file());

View File

@@ -78,9 +78,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
DSA *dsa=NULL;
int ret=1;
char *outfile=NULL;
@@ -206,7 +203,7 @@ bad:
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {

View File

@@ -265,8 +265,11 @@ bad:
BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
num);
#ifdef OPENSSL_NO_ENGINE
rsa = RSA_new();
#else
rsa = RSA_new_method(e);
#endif
if (!rsa)
goto err;

View File

@@ -25,7 +25,7 @@ $! VAXC For VAX C.
$! DECC For DEC C.
$! GNUC For GNU C.
$!
$! If you don't speficy a compiler, it will try to determine which
$! If you don't specify a compiler, it will try to determine which
$! "C" compiler to use.
$!
$! P3, if defined, sets a TCP/IP library to use, through one of the following
@@ -52,7 +52,7 @@ $ THEN
$!
$! The Architecture Is VAX.
$!
$ ARCH := VAX
$ ARCH = "VAX"
$!
$! Else...
$!
@@ -555,7 +555,7 @@ $! Time To EXIT.
$!
$ EXIT
$!
$! End The Valid Arguement Check.
$! End The Valid Argument Check.
$!
$ ENDIF
$!
@@ -770,7 +770,7 @@ $! Set up default defines
$!
$ CCDEFS = """FLAT_INC=1""," + CCDEFS
$!
$! Else The User Entered An Invalid Arguement.
$! Else The User Entered An Invalid Argument.
$!
$ ELSE
$!
@@ -875,7 +875,7 @@ $! Print info
$!
$ WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB
$!
$! Else The User Entered An Invalid Arguement.
$! Else The User Entered An Invalid Argument.
$!
$ ELSE
$!

View File

@@ -82,9 +82,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
PKCS7 *p7=NULL;
int i,badops=0;
BIO *in=NULL,*out=NULL;
@@ -182,7 +179,7 @@ bad:
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
setup_engine(bio_err, engine, 0);
#endif
in=BIO_new(BIO_s_file());

View File

@@ -403,6 +403,10 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "DSA public key include in PrivateKey\n");
break;
case PKCS8_NEG_PRIVKEY:
BIO_printf(bio_err, "DSA private key value is negative\n");
break;
default:
BIO_printf(bio_err, "Unknown broken type\n");
break;

View File

@@ -74,7 +74,6 @@ int MAIN(int argc, char **argv)
EVP_PKEY *pkey=NULL;
int badarg = 0;
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
char *engine=NULL;
#endif
int ret = 1;
@@ -141,7 +140,7 @@ int MAIN(int argc, char **argv)
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
setup_engine(bio_err, engine, 0);
#endif
if (infile)

View File

@@ -119,17 +119,17 @@ int MAIN(int argc, char **argv)
if (!strcmp(*argv,"-in"))
{
if (--argc < 1) badarg = 1;
infile= *(++argv);
else infile= *(++argv);
}
else if (!strcmp(*argv,"-out"))
{
if (--argc < 1) badarg = 1;
outfile= *(++argv);
else outfile= *(++argv);
}
else if (!strcmp(*argv,"-sigfile"))
{
if (--argc < 1) badarg = 1;
sigfile= *(++argv);
else sigfile= *(++argv);
}
else if(!strcmp(*argv, "-inkey"))
{
@@ -159,17 +159,17 @@ int MAIN(int argc, char **argv)
else if (!strcmp(*argv,"-passin"))
{
if (--argc < 1) badarg = 1;
passargin= *(++argv);
else passargin= *(++argv);
}
else if (strcmp(*argv,"-peerform") == 0)
{
if (--argc < 1) badarg = 1;
peerform=str2fmt(*(++argv));
else peerform=str2fmt(*(++argv));
}
else if (strcmp(*argv,"-keyform") == 0)
{
if (--argc < 1) badarg = 1;
keyform=str2fmt(*(++argv));
else keyform=str2fmt(*(++argv));
}
#ifndef OPENSSL_NO_ENGINE
else if(!strcmp(*argv, "-engine"))

View File

@@ -77,9 +77,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
int i, r, ret = 1;
int badopt;
char *outfile = NULL;
@@ -178,7 +175,7 @@ int MAIN(int argc, char **argv)
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
setup_engine(bio_err, engine, 0);
#endif
app_RAND_load_file(NULL, bio_err, (inrand != NULL));

View File

@@ -1336,11 +1336,17 @@ start2: for (;;)
BIO_snprintf(buf,sizeof buf,"%s_min",type);
if (!NCONF_get_number(req_conf,attr_sect,buf, &n_min))
{
ERR_clear_error();
n_min = -1;
}
BIO_snprintf(buf,sizeof buf,"%s_max",type);
if (!NCONF_get_number(req_conf,attr_sect,buf, &n_max))
{
ERR_clear_error();
n_max = -1;
}
if (!add_attribute_object(req,
v->value,def,value,nid,n_min,n_max, chtype))

View File

@@ -409,7 +409,7 @@ bad:
}
else i=PEM_write_bio_RSAPrivateKey(out,rsa,
enc,NULL,0,NULL,passout);
#ifndef OPENSSL_NO_DSA
#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
} else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
EVP_PKEY *pk;
pk = EVP_PKEY_new();

View File

@@ -2254,11 +2254,10 @@ static int www_body(char *hostname, int s, unsigned char *context)
{
char *buf=NULL;
int ret=1;
int i,j,k,blank,dot;
int i,j,k,dot;
SSL *con;
const SSL_CIPHER *c;
BIO *io,*ssl_bio,*sbio;
long total_bytes;
buf=OPENSSL_malloc(bufsize);
if (buf == NULL) return(0);
@@ -2329,7 +2328,6 @@ static int www_body(char *hostname, int s, unsigned char *context)
SSL_set_msg_callback_arg(con, bio_s_out);
}
blank=0;
for (;;)
{
if (hack)
@@ -2559,7 +2557,6 @@ static int www_body(char *hostname, int s, unsigned char *context)
BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n");
}
/* send the file */
total_bytes=0;
for (;;)
{
i=BIO_read(file,buf,bufsize);

View File

@@ -327,7 +327,7 @@ static int init_server_long(int *sock, int port, char *ip, int type)
{
int ret=0;
struct sockaddr_in server;
int s= -1,i;
int s= -1;
if (!ssl_sock_init()) return(0);
@@ -366,7 +366,6 @@ static int init_server_long(int *sock, int port, char *ip, int type)
}
/* Make it 128 for linux */
if (type==SOCK_STREAM && listen(s,128) == -1) goto err;
i=0;
*sock=s;
ret=1;
err:
@@ -384,7 +383,7 @@ static int init_server(int *sock, int port, int type)
static int do_accept(int acc_sock, int *sock, char **host)
{
int ret,i;
int ret;
struct hostent *h1,*h2;
static struct sockaddr_in from;
int len;
@@ -407,6 +406,7 @@ redoit:
if (ret == INVALID_SOCKET)
{
#if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
int i;
i=WSAGetLastError();
BIO_printf(bio_err,"accept error %d\n",i);
#else
@@ -461,7 +461,6 @@ redoit:
BIO_printf(bio_err,"gethostbyname failure\n");
return(0);
}
i=0;
if (h2->h_addrtype != AF_INET)
{
BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");

View File

@@ -184,12 +184,18 @@
#include <openssl/ecdh.h>
#endif
#if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_NETWARE)
# define NO_FORK 1
#elif HAVE_FORK
# undef NO_FORK
#ifndef HAVE_FORK
# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_NETWARE)
# define HAVE_FORK 0
# else
# define HAVE_FORK 1
# endif
#endif
#if HAVE_FORK
#undef NO_FORK
#else
# define NO_FORK 1
#define NO_FORK
#endif
#undef BUFSIZE
@@ -226,8 +232,12 @@ static const char *names[ALGOR_NUM]={
"aes-128 ige","aes-192 ige","aes-256 ige"};
static double results[ALGOR_NUM][SIZE_NUM];
static int lengths[SIZE_NUM]={16,64,256,1024,8*1024};
#ifndef OPENSSL_NO_RSA
static double rsa_results[RSA_NUM][2];
#endif
#ifndef OPENSSL_NO_DSA
static double dsa_results[DSA_NUM][2];
#endif
#ifndef OPENSSL_NO_ECDSA
static double ecdsa_results[EC_NUM][2];
#endif
@@ -324,9 +334,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
unsigned char *buf=NULL,*buf2=NULL;
int mret=1;
long count=0,save_count=0;
@@ -420,7 +427,6 @@ int MAIN(int argc, char **argv)
unsigned char DES_iv[8];
unsigned char iv[2*MAX_BLOCK_SIZE/8];
#ifndef OPENSSL_NO_DES
DES_cblock *buf_as_des_cblock = NULL;
static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
static DES_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
static DES_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
@@ -634,9 +640,6 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err,"out of memory\n");
goto end;
}
#ifndef OPENSSL_NO_DES
buf_as_des_cblock = (DES_cblock *)buf;
#endif
if ((buf2=(unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL)
{
BIO_printf(bio_err,"out of memory\n");
@@ -711,7 +714,7 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err,"no engine given\n");
goto end;
}
e = setup_engine(bio_err, *argv, 0);
setup_engine(bio_err, *argv, 0);
/* j will be increased again further down. We just
don't want speed to confuse an engine with an
algorithm, especially when none is given (which

View File

@@ -556,7 +556,6 @@ bad:
if (reqfile)
{
EVP_PKEY *pkey;
X509_CINF *ci;
BIO *in;
if (!sign_flag && !CA_flag)
@@ -624,7 +623,6 @@ bad:
print_name(bio_err, "subject=", X509_REQ_get_subject_name(req), nmflag);
if ((x=X509_new()) == NULL) goto end;
ci=x->cert_info;
if (sno == NULL)
{

4
config
View File

@@ -775,6 +775,10 @@ case "$GUESSOS" in
OBJECT_MODE=${OBJECT_MODE:-32}
if [ "$CC" = "gcc" ]; then
OUT="aix-gcc"
if [ $OBJECT_MODE -eq 64 ]; then
echo 'Your $OBJECT_MODE was found to be set to 64'
OUT="aix64-gcc"
fi
elif [ $OBJECT_MODE -eq 64 ]; then
echo 'Your $OBJECT_MODE was found to be set to 64'
OUT="aix64-cc"

View File

@@ -74,7 +74,9 @@ x86_64cpuid.s: x86_64cpuid.pl
$(PERL) x86_64cpuid.pl $(PERLASM_SCHEME) > $@
ia64cpuid.s: ia64cpuid.S
$(CC) $(CFLAGS) -E ia64cpuid.S > $@
ppccpuid.s: ppccpuid.pl; $(PERL) ppccpuid.pl $(PERLASM_SCHEME) $@
ppccpuid.s: ppccpuid.pl; $(PERL) ppccpuid.pl $(PERLASM_SCHEME) $@
alphacpuid.s: alphacpuid.pl
$(PERL) $< | $(CC) -E - | tee $@ > /dev/null
testapps:
[ -z "$(THIS)" ] || ( if echo $(SDIRS) | fgrep ' des '; \

View File

@@ -85,9 +85,9 @@ int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
A[7] ^= (unsigned char)(t & 0xff);
if (t > 0xff)
{
A[6] ^= (unsigned char)((t & 0xff) >> 8);
A[5] ^= (unsigned char)((t & 0xff) >> 16);
A[4] ^= (unsigned char)((t & 0xff) >> 24);
A[6] ^= (unsigned char)((t >> 8) & 0xff);
A[5] ^= (unsigned char)((t >> 16) & 0xff);
A[4] ^= (unsigned char)((t >> 24) & 0xff);
}
memcpy(R, B + 8, 8);
}
@@ -119,9 +119,9 @@ int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
A[7] ^= (unsigned char)(t & 0xff);
if (t > 0xff)
{
A[6] ^= (unsigned char)((t & 0xff) >> 8);
A[5] ^= (unsigned char)((t & 0xff) >> 16);
A[4] ^= (unsigned char)((t & 0xff) >> 24);
A[6] ^= (unsigned char)((t >> 8) & 0xff);
A[5] ^= (unsigned char)((t >> 16) & 0xff);
A[4] ^= (unsigned char)((t >> 24) & 0xff);
}
memcpy(B + 8, R, 8);
AES_decrypt(B, B, key);

View File

@@ -16,12 +16,20 @@
# allows to merge logical or arithmetic operation with shift or rotate
# in one instruction and emit combined result every cycle. The module
# is endian-neutral. The performance is ~42 cycles/byte for 128-bit
# key.
# key [on single-issue Xscale PXA250 core].
# May 2007.
#
# AES_set_[en|de]crypt_key is added.
# July 2010.
#
# Rescheduling for dual-issue pipeline resulted in 12% improvement on
# Cortex A8 core and ~25 cycles per byte processed with 128-bit key.
while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
open STDOUT,">$output";
$s0="r0";
$s1="r1";
$s2="r2";
@@ -164,24 +172,24 @@ AES_encrypt:
ldrb $t2,[$rounds,#1]
ldrb $t3,[$rounds,#0]
orr $s0,$s0,$t1,lsl#8
orr $s0,$s0,$t2,lsl#16
orr $s0,$s0,$t3,lsl#24
ldrb $s1,[$rounds,#7]
orr $s0,$s0,$t2,lsl#16
ldrb $t1,[$rounds,#6]
orr $s0,$s0,$t3,lsl#24
ldrb $t2,[$rounds,#5]
ldrb $t3,[$rounds,#4]
orr $s1,$s1,$t1,lsl#8
orr $s1,$s1,$t2,lsl#16
orr $s1,$s1,$t3,lsl#24
ldrb $s2,[$rounds,#11]
orr $s1,$s1,$t2,lsl#16
ldrb $t1,[$rounds,#10]
orr $s1,$s1,$t3,lsl#24
ldrb $t2,[$rounds,#9]
ldrb $t3,[$rounds,#8]
orr $s2,$s2,$t1,lsl#8
orr $s2,$s2,$t2,lsl#16
orr $s2,$s2,$t3,lsl#24
ldrb $s3,[$rounds,#15]
orr $s2,$s2,$t2,lsl#16
ldrb $t1,[$rounds,#14]
orr $s2,$s2,$t3,lsl#24
ldrb $t2,[$rounds,#13]
ldrb $t3,[$rounds,#12]
orr $s3,$s3,$t1,lsl#8
@@ -196,24 +204,24 @@ AES_encrypt:
mov $t3,$s0,lsr#8
strb $t1,[$rounds,#0]
strb $t2,[$rounds,#1]
strb $t3,[$rounds,#2]
strb $s0,[$rounds,#3]
mov $t1,$s1,lsr#24
strb $t3,[$rounds,#2]
mov $t2,$s1,lsr#16
strb $s0,[$rounds,#3]
mov $t3,$s1,lsr#8
strb $t1,[$rounds,#4]
strb $t2,[$rounds,#5]
strb $t3,[$rounds,#6]
strb $s1,[$rounds,#7]
mov $t1,$s2,lsr#24
strb $t3,[$rounds,#6]
mov $t2,$s2,lsr#16
strb $s1,[$rounds,#7]
mov $t3,$s2,lsr#8
strb $t1,[$rounds,#8]
strb $t2,[$rounds,#9]
strb $t3,[$rounds,#10]
strb $s2,[$rounds,#11]
mov $t1,$s3,lsr#24
strb $t3,[$rounds,#10]
mov $t2,$s3,lsr#16
strb $s2,[$rounds,#11]
mov $t3,$s3,lsr#8
strb $t1,[$rounds,#12]
strb $t2,[$rounds,#13]
@@ -230,141 +238,137 @@ AES_encrypt:
.align 2
_armv4_AES_encrypt:
str lr,[sp,#-4]! @ push lr
ldr $t1,[$key],#16
ldr $t2,[$key,#-12]
ldr $t3,[$key,#-8]
ldr $i1,[$key,#-4]
ldr $rounds,[$key,#240-16]
ldmia $key!,{$t1-$i1}
eor $s0,$s0,$t1
ldr $rounds,[$key,#240-16]
eor $s1,$s1,$t2
eor $s2,$s2,$t3
eor $s3,$s3,$i1
sub $rounds,$rounds,#1
mov lr,#255
.Lenc_loop:
and $i1,lr,$s0
and $i2,lr,$s0,lsr#8
and $i3,lr,$s0,lsr#16
and $i1,lr,$s0
mov $s0,$s0,lsr#24
.Lenc_loop:
ldr $t1,[$tbl,$i1,lsl#2] @ Te3[s0>>0]
ldr $s0,[$tbl,$s0,lsl#2] @ Te0[s0>>24]
ldr $t2,[$tbl,$i2,lsl#2] @ Te2[s0>>8]
ldr $t3,[$tbl,$i3,lsl#2] @ Te1[s0>>16]
and $i1,lr,$s1,lsr#16 @ i0
ldr $t2,[$tbl,$i2,lsl#2] @ Te2[s0>>8]
and $i2,lr,$s1
ldr $t3,[$tbl,$i3,lsl#2] @ Te1[s0>>16]
and $i3,lr,$s1,lsr#8
ldr $s0,[$tbl,$s0,lsl#2] @ Te0[s0>>24]
mov $s1,$s1,lsr#24
ldr $i1,[$tbl,$i1,lsl#2] @ Te1[s1>>16]
ldr $s1,[$tbl,$s1,lsl#2] @ Te0[s1>>24]
ldr $i2,[$tbl,$i2,lsl#2] @ Te3[s1>>0]
ldr $i3,[$tbl,$i3,lsl#2] @ Te2[s1>>8]
eor $s0,$s0,$i1,ror#8
eor $s1,$s1,$t1,ror#24
eor $t2,$t2,$i2,ror#8
eor $t3,$t3,$i3,ror#8
ldr $s1,[$tbl,$s1,lsl#2] @ Te0[s1>>24]
and $i1,lr,$s2,lsr#8 @ i0
eor $t2,$t2,$i2,ror#8
and $i2,lr,$s2,lsr#16 @ i1
eor $t3,$t3,$i3,ror#8
and $i3,lr,$s2
mov $s2,$s2,lsr#24
eor $s1,$s1,$t1,ror#24
ldr $i1,[$tbl,$i1,lsl#2] @ Te2[s2>>8]
mov $s2,$s2,lsr#24
ldr $i2,[$tbl,$i2,lsl#2] @ Te1[s2>>16]
ldr $s2,[$tbl,$s2,lsl#2] @ Te0[s2>>24]
ldr $i3,[$tbl,$i3,lsl#2] @ Te3[s2>>0]
eor $s0,$s0,$i1,ror#16
eor $s1,$s1,$i2,ror#8
eor $s2,$s2,$t2,ror#16
eor $t3,$t3,$i3,ror#16
ldr $s2,[$tbl,$s2,lsl#2] @ Te0[s2>>24]
and $i1,lr,$s3 @ i0
eor $s1,$s1,$i2,ror#8
and $i2,lr,$s3,lsr#8 @ i1
eor $t3,$t3,$i3,ror#16
and $i3,lr,$s3,lsr#16 @ i2
mov $s3,$s3,lsr#24
eor $s2,$s2,$t2,ror#16
ldr $i1,[$tbl,$i1,lsl#2] @ Te3[s3>>0]
mov $s3,$s3,lsr#24
ldr $i2,[$tbl,$i2,lsl#2] @ Te2[s3>>8]
ldr $i3,[$tbl,$i3,lsl#2] @ Te1[s3>>16]
ldr $s3,[$tbl,$s3,lsl#2] @ Te0[s3>>24]
eor $s0,$s0,$i1,ror#24
ldr $s3,[$tbl,$s3,lsl#2] @ Te0[s3>>24]
eor $s1,$s1,$i2,ror#16
ldr $i1,[$key],#16
eor $s2,$s2,$i3,ror#8
ldr $t1,[$key,#-12]
eor $s3,$s3,$t3,ror#8
ldr $t1,[$key],#16
ldr $t2,[$key,#-12]
ldr $t3,[$key,#-8]
ldr $i1,[$key,#-4]
eor $s0,$s0,$t1
eor $s1,$s1,$t2
eor $s2,$s2,$t3
eor $s3,$s3,$i1
ldr $t2,[$key,#-8]
eor $s0,$s0,$i1
ldr $t3,[$key,#-4]
and $i1,lr,$s0
eor $s1,$s1,$t1
and $i2,lr,$s0,lsr#8
eor $s2,$s2,$t2
and $i3,lr,$s0,lsr#16
eor $s3,$s3,$t3
mov $s0,$s0,lsr#24
subs $rounds,$rounds,#1
bne .Lenc_loop
add $tbl,$tbl,#2
and $i1,lr,$s0
and $i2,lr,$s0,lsr#8
and $i3,lr,$s0,lsr#16
mov $s0,$s0,lsr#24
ldrb $t1,[$tbl,$i1,lsl#2] @ Te4[s0>>0]
ldrb $s0,[$tbl,$s0,lsl#2] @ Te4[s0>>24]
ldrb $t2,[$tbl,$i2,lsl#2] @ Te4[s0>>8]
ldrb $t3,[$tbl,$i3,lsl#2] @ Te4[s0>>16]
and $i1,lr,$s1,lsr#16 @ i0
ldrb $t2,[$tbl,$i2,lsl#2] @ Te4[s0>>8]
and $i2,lr,$s1
ldrb $t3,[$tbl,$i3,lsl#2] @ Te4[s0>>16]
and $i3,lr,$s1,lsr#8
ldrb $s0,[$tbl,$s0,lsl#2] @ Te4[s0>>24]
mov $s1,$s1,lsr#24
ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s1>>16]
ldrb $s1,[$tbl,$s1,lsl#2] @ Te4[s1>>24]
ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s1>>0]
ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s1>>8]
eor $s0,$i1,$s0,lsl#8
eor $s1,$t1,$s1,lsl#24
eor $t2,$i2,$t2,lsl#8
eor $t3,$i3,$t3,lsl#8
ldrb $s1,[$tbl,$s1,lsl#2] @ Te4[s1>>24]
and $i1,lr,$s2,lsr#8 @ i0
eor $t2,$i2,$t2,lsl#8
and $i2,lr,$s2,lsr#16 @ i1
eor $t3,$i3,$t3,lsl#8
and $i3,lr,$s2
mov $s2,$s2,lsr#24
eor $s1,$t1,$s1,lsl#24
ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s2>>8]
mov $s2,$s2,lsr#24
ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s2>>16]
ldrb $s2,[$tbl,$s2,lsl#2] @ Te4[s2>>24]
ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s2>>0]
eor $s0,$i1,$s0,lsl#8
eor $s1,$s1,$i2,lsl#16
eor $s2,$t2,$s2,lsl#24
eor $t3,$i3,$t3,lsl#8
ldrb $s2,[$tbl,$s2,lsl#2] @ Te4[s2>>24]
and $i1,lr,$s3 @ i0
eor $s1,$s1,$i2,lsl#16
and $i2,lr,$s3,lsr#8 @ i1
eor $t3,$i3,$t3,lsl#8
and $i3,lr,$s3,lsr#16 @ i2
mov $s3,$s3,lsr#24
eor $s2,$t2,$s2,lsl#24
ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s3>>0]
mov $s3,$s3,lsr#24
ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s3>>8]
ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s3>>16]
ldrb $s3,[$tbl,$s3,lsl#2] @ Te4[s3>>24]
eor $s0,$i1,$s0,lsl#8
ldrb $s3,[$tbl,$s3,lsl#2] @ Te4[s3>>24]
ldr $i1,[$key,#0]
eor $s1,$s1,$i2,lsl#8
ldr $t1,[$key,#4]
eor $s2,$s2,$i3,lsl#16
ldr $t2,[$key,#8]
eor $s3,$t3,$s3,lsl#24
ldr $t3,[$key,#12]
ldr lr,[sp],#4 @ pop lr
ldr $t1,[$key,#0]
ldr $t2,[$key,#4]
ldr $t3,[$key,#8]
ldr $i1,[$key,#12]
eor $s0,$s0,$t1
eor $s1,$s1,$t2
eor $s2,$s2,$t3
eor $s3,$s3,$i1
eor $s0,$s0,$i1
eor $s1,$s1,$t1
eor $s2,$s2,$t2
eor $s3,$s3,$t3
sub $tbl,$tbl,#2
mov pc,lr @ return
ldr pc,[sp],#4 @ pop and return
.size _armv4_AES_encrypt,.-_armv4_AES_encrypt
.global AES_set_encrypt_key
@@ -399,31 +403,31 @@ AES_set_encrypt_key:
ldrb $t2,[$rounds,#1]
ldrb $t3,[$rounds,#0]
orr $s0,$s0,$t1,lsl#8
orr $s0,$s0,$t2,lsl#16
orr $s0,$s0,$t3,lsl#24
ldrb $s1,[$rounds,#7]
orr $s0,$s0,$t2,lsl#16
ldrb $t1,[$rounds,#6]
orr $s0,$s0,$t3,lsl#24
ldrb $t2,[$rounds,#5]
ldrb $t3,[$rounds,#4]
orr $s1,$s1,$t1,lsl#8
orr $s1,$s1,$t2,lsl#16
orr $s1,$s1,$t3,lsl#24
ldrb $s2,[$rounds,#11]
orr $s1,$s1,$t2,lsl#16
ldrb $t1,[$rounds,#10]
orr $s1,$s1,$t3,lsl#24
ldrb $t2,[$rounds,#9]
ldrb $t3,[$rounds,#8]
orr $s2,$s2,$t1,lsl#8
orr $s2,$s2,$t2,lsl#16
orr $s2,$s2,$t3,lsl#24
ldrb $s3,[$rounds,#15]
orr $s2,$s2,$t2,lsl#16
ldrb $t1,[$rounds,#14]
orr $s2,$s2,$t3,lsl#24
ldrb $t2,[$rounds,#13]
ldrb $t3,[$rounds,#12]
orr $s3,$s3,$t1,lsl#8
orr $s3,$s3,$t2,lsl#16
orr $s3,$s3,$t3,lsl#24
str $s0,[$key],#16
orr $s3,$s3,$t2,lsl#16
str $s1,[$key,#-12]
orr $s3,$s3,$t3,lsl#24
str $s2,[$key,#-8]
str $s3,[$key,#-4]
@@ -437,27 +441,26 @@ AES_set_encrypt_key:
.L128_loop:
and $t2,lr,$s3,lsr#24
and $i1,lr,$s3,lsr#16
and $i2,lr,$s3,lsr#8
and $i3,lr,$s3
ldrb $t2,[$tbl,$t2]
and $i2,lr,$s3,lsr#8
ldrb $i1,[$tbl,$i1]
and $i3,lr,$s3
ldrb $i2,[$tbl,$i2]
ldrb $i3,[$tbl,$i3]
ldr $t1,[$t3],#4 @ rcon[i++]
orr $t2,$t2,$i1,lsl#24
ldrb $i3,[$tbl,$i3]
orr $t2,$t2,$i2,lsl#16
ldr $t1,[$t3],#4 @ rcon[i++]
orr $t2,$t2,$i3,lsl#8
eor $t2,$t2,$t1
eor $s0,$s0,$t2 @ rk[4]=rk[0]^...
eor $s1,$s1,$s0 @ rk[5]=rk[1]^rk[4]
eor $s2,$s2,$s1 @ rk[6]=rk[2]^rk[5]
eor $s3,$s3,$s2 @ rk[7]=rk[3]^rk[6]
str $s0,[$key],#16
eor $s2,$s2,$s1 @ rk[6]=rk[2]^rk[5]
str $s1,[$key,#-12]
eor $s3,$s3,$s2 @ rk[7]=rk[3]^rk[6]
str $s2,[$key,#-8]
str $s3,[$key,#-4]
subs $rounds,$rounds,#1
str $s3,[$key,#-4]
bne .L128_loop
sub r2,$key,#176
b .Ldone
@@ -468,16 +471,16 @@ AES_set_encrypt_key:
ldrb $t2,[$rounds,#17]
ldrb $t3,[$rounds,#16]
orr $i2,$i2,$t1,lsl#8
orr $i2,$i2,$t2,lsl#16
orr $i2,$i2,$t3,lsl#24
ldrb $i3,[$rounds,#23]
orr $i2,$i2,$t2,lsl#16
ldrb $t1,[$rounds,#22]
orr $i2,$i2,$t3,lsl#24
ldrb $t2,[$rounds,#21]
ldrb $t3,[$rounds,#20]
orr $i3,$i3,$t1,lsl#8
orr $i3,$i3,$t2,lsl#16
orr $i3,$i3,$t3,lsl#24
str $i2,[$key],#8
orr $i3,$i3,$t3,lsl#24
str $i3,[$key,#-4]
teq lr,#192
@@ -491,27 +494,26 @@ AES_set_encrypt_key:
.L192_loop:
and $t2,lr,$i3,lsr#24
and $i1,lr,$i3,lsr#16
and $i2,lr,$i3,lsr#8
and $i3,lr,$i3
ldrb $t2,[$tbl,$t2]
and $i2,lr,$i3,lsr#8
ldrb $i1,[$tbl,$i1]
and $i3,lr,$i3
ldrb $i2,[$tbl,$i2]
ldrb $i3,[$tbl,$i3]
ldr $t1,[$t3],#4 @ rcon[i++]
orr $t2,$t2,$i1,lsl#24
ldrb $i3,[$tbl,$i3]
orr $t2,$t2,$i2,lsl#16
ldr $t1,[$t3],#4 @ rcon[i++]
orr $t2,$t2,$i3,lsl#8
eor $i3,$t2,$t1
eor $s0,$s0,$i3 @ rk[6]=rk[0]^...
eor $s1,$s1,$s0 @ rk[7]=rk[1]^rk[6]
eor $s2,$s2,$s1 @ rk[8]=rk[2]^rk[7]
eor $s3,$s3,$s2 @ rk[9]=rk[3]^rk[8]
str $s0,[$key],#24
eor $s2,$s2,$s1 @ rk[8]=rk[2]^rk[7]
str $s1,[$key,#-20]
eor $s3,$s3,$s2 @ rk[9]=rk[3]^rk[8]
str $s2,[$key,#-16]
str $s3,[$key,#-12]
subs $rounds,$rounds,#1
str $s3,[$key,#-12]
subeq r2,$key,#216
beq .Ldone
@@ -529,16 +531,16 @@ AES_set_encrypt_key:
ldrb $t2,[$rounds,#25]
ldrb $t3,[$rounds,#24]
orr $i2,$i2,$t1,lsl#8
orr $i2,$i2,$t2,lsl#16
orr $i2,$i2,$t3,lsl#24
ldrb $i3,[$rounds,#31]
orr $i2,$i2,$t2,lsl#16
ldrb $t1,[$rounds,#30]
orr $i2,$i2,$t3,lsl#24
ldrb $t2,[$rounds,#29]
ldrb $t3,[$rounds,#28]
orr $i3,$i3,$t1,lsl#8
orr $i3,$i3,$t2,lsl#16
orr $i3,$i3,$t3,lsl#24
str $i2,[$key],#8
orr $i3,$i3,$t3,lsl#24
str $i3,[$key,#-4]
mov $rounds,#14
@@ -550,52 +552,51 @@ AES_set_encrypt_key:
.L256_loop:
and $t2,lr,$i3,lsr#24
and $i1,lr,$i3,lsr#16
and $i2,lr,$i3,lsr#8
and $i3,lr,$i3
ldrb $t2,[$tbl,$t2]
and $i2,lr,$i3,lsr#8
ldrb $i1,[$tbl,$i1]
and $i3,lr,$i3
ldrb $i2,[$tbl,$i2]
ldrb $i3,[$tbl,$i3]
ldr $t1,[$t3],#4 @ rcon[i++]
orr $t2,$t2,$i1,lsl#24
ldrb $i3,[$tbl,$i3]
orr $t2,$t2,$i2,lsl#16
ldr $t1,[$t3],#4 @ rcon[i++]
orr $t2,$t2,$i3,lsl#8
eor $i3,$t2,$t1
eor $s0,$s0,$i3 @ rk[8]=rk[0]^...
eor $s1,$s1,$s0 @ rk[9]=rk[1]^rk[8]
eor $s2,$s2,$s1 @ rk[10]=rk[2]^rk[9]
eor $s3,$s3,$s2 @ rk[11]=rk[3]^rk[10]
str $s0,[$key],#32
eor $s2,$s2,$s1 @ rk[10]=rk[2]^rk[9]
str $s1,[$key,#-28]
eor $s3,$s3,$s2 @ rk[11]=rk[3]^rk[10]
str $s2,[$key,#-24]
str $s3,[$key,#-20]
subs $rounds,$rounds,#1
str $s3,[$key,#-20]
subeq r2,$key,#256
beq .Ldone
and $t2,lr,$s3
and $i1,lr,$s3,lsr#8
and $i2,lr,$s3,lsr#16
and $i3,lr,$s3,lsr#24
ldrb $t2,[$tbl,$t2]
and $i2,lr,$s3,lsr#16
ldrb $i1,[$tbl,$i1]
and $i3,lr,$s3,lsr#24
ldrb $i2,[$tbl,$i2]
ldrb $i3,[$tbl,$i3]
orr $t2,$t2,$i1,lsl#8
ldrb $i3,[$tbl,$i3]
orr $t2,$t2,$i2,lsl#16
ldr $t1,[$key,#-48]
orr $t2,$t2,$i3,lsl#24
ldr $t1,[$key,#-48]
ldr $i1,[$key,#-44]
ldr $i2,[$key,#-40]
ldr $i3,[$key,#-36]
eor $t1,$t1,$t2 @ rk[12]=rk[4]^...
ldr $i3,[$key,#-36]
eor $i1,$i1,$t1 @ rk[13]=rk[5]^rk[12]
eor $i2,$i2,$i1 @ rk[14]=rk[6]^rk[13]
eor $i3,$i3,$i2 @ rk[15]=rk[7]^rk[14]
str $t1,[$key,#-16]
eor $i2,$i2,$i1 @ rk[14]=rk[6]^rk[13]
str $i1,[$key,#-12]
eor $i3,$i3,$i2 @ rk[15]=rk[7]^rk[14]
str $i2,[$key,#-8]
str $i3,[$key,#-4]
b .L256_loop
@@ -816,24 +817,24 @@ AES_decrypt:
ldrb $t2,[$rounds,#1]
ldrb $t3,[$rounds,#0]
orr $s0,$s0,$t1,lsl#8
orr $s0,$s0,$t2,lsl#16
orr $s0,$s0,$t3,lsl#24
ldrb $s1,[$rounds,#7]
orr $s0,$s0,$t2,lsl#16
ldrb $t1,[$rounds,#6]
orr $s0,$s0,$t3,lsl#24
ldrb $t2,[$rounds,#5]
ldrb $t3,[$rounds,#4]
orr $s1,$s1,$t1,lsl#8
orr $s1,$s1,$t2,lsl#16
orr $s1,$s1,$t3,lsl#24
ldrb $s2,[$rounds,#11]
orr $s1,$s1,$t2,lsl#16
ldrb $t1,[$rounds,#10]
orr $s1,$s1,$t3,lsl#24
ldrb $t2,[$rounds,#9]
ldrb $t3,[$rounds,#8]
orr $s2,$s2,$t1,lsl#8
orr $s2,$s2,$t2,lsl#16
orr $s2,$s2,$t3,lsl#24
ldrb $s3,[$rounds,#15]
orr $s2,$s2,$t2,lsl#16
ldrb $t1,[$rounds,#14]
orr $s2,$s2,$t3,lsl#24
ldrb $t2,[$rounds,#13]
ldrb $t3,[$rounds,#12]
orr $s3,$s3,$t1,lsl#8
@@ -848,24 +849,24 @@ AES_decrypt:
mov $t3,$s0,lsr#8
strb $t1,[$rounds,#0]
strb $t2,[$rounds,#1]
strb $t3,[$rounds,#2]
strb $s0,[$rounds,#3]
mov $t1,$s1,lsr#24
strb $t3,[$rounds,#2]
mov $t2,$s1,lsr#16
strb $s0,[$rounds,#3]
mov $t3,$s1,lsr#8
strb $t1,[$rounds,#4]
strb $t2,[$rounds,#5]
strb $t3,[$rounds,#6]
strb $s1,[$rounds,#7]
mov $t1,$s2,lsr#24
strb $t3,[$rounds,#6]
mov $t2,$s2,lsr#16
strb $s1,[$rounds,#7]
mov $t3,$s2,lsr#8
strb $t1,[$rounds,#8]
strb $t2,[$rounds,#9]
strb $t3,[$rounds,#10]
strb $s2,[$rounds,#11]
mov $t1,$s3,lsr#24
strb $t3,[$rounds,#10]
mov $t2,$s3,lsr#16
strb $s2,[$rounds,#11]
mov $t3,$s3,lsr#8
strb $t1,[$rounds,#12]
strb $t2,[$rounds,#13]
@@ -882,149 +883,148 @@ AES_decrypt:
.align 2
_armv4_AES_decrypt:
str lr,[sp,#-4]! @ push lr
ldr $t1,[$key],#16
ldr $t2,[$key,#-12]
ldr $t3,[$key,#-8]
ldr $i1,[$key,#-4]
ldr $rounds,[$key,#240-16]
ldmia $key!,{$t1-$i1}
eor $s0,$s0,$t1
ldr $rounds,[$key,#240-16]
eor $s1,$s1,$t2
eor $s2,$s2,$t3
eor $s3,$s3,$i1
sub $rounds,$rounds,#1
mov lr,#255
.Ldec_loop:
and $i1,lr,$s0,lsr#16
and $i2,lr,$s0,lsr#8
and $i3,lr,$s0
mov $s0,$s0,lsr#24
.Ldec_loop:
ldr $t1,[$tbl,$i1,lsl#2] @ Td1[s0>>16]
ldr $s0,[$tbl,$s0,lsl#2] @ Td0[s0>>24]
ldr $t2,[$tbl,$i2,lsl#2] @ Td2[s0>>8]
ldr $t3,[$tbl,$i3,lsl#2] @ Td3[s0>>0]
and $i1,lr,$s1 @ i0
ldr $t2,[$tbl,$i2,lsl#2] @ Td2[s0>>8]
and $i2,lr,$s1,lsr#16
ldr $t3,[$tbl,$i3,lsl#2] @ Td3[s0>>0]
and $i3,lr,$s1,lsr#8
ldr $s0,[$tbl,$s0,lsl#2] @ Td0[s0>>24]
mov $s1,$s1,lsr#24
ldr $i1,[$tbl,$i1,lsl#2] @ Td3[s1>>0]
ldr $s1,[$tbl,$s1,lsl#2] @ Td0[s1>>24]
ldr $i2,[$tbl,$i2,lsl#2] @ Td1[s1>>16]
ldr $i3,[$tbl,$i3,lsl#2] @ Td2[s1>>8]
eor $s0,$s0,$i1,ror#24
eor $s1,$s1,$t1,ror#8
eor $t2,$i2,$t2,ror#8
eor $t3,$i3,$t3,ror#8
ldr $s1,[$tbl,$s1,lsl#2] @ Td0[s1>>24]
and $i1,lr,$s2,lsr#8 @ i0
eor $t2,$i2,$t2,ror#8
and $i2,lr,$s2 @ i1
eor $t3,$i3,$t3,ror#8
and $i3,lr,$s2,lsr#16
mov $s2,$s2,lsr#24
eor $s1,$s1,$t1,ror#8
ldr $i1,[$tbl,$i1,lsl#2] @ Td2[s2>>8]
mov $s2,$s2,lsr#24
ldr $i2,[$tbl,$i2,lsl#2] @ Td3[s2>>0]
ldr $s2,[$tbl,$s2,lsl#2] @ Td0[s2>>24]
ldr $i3,[$tbl,$i3,lsl#2] @ Td1[s2>>16]
eor $s0,$s0,$i1,ror#16
eor $s1,$s1,$i2,ror#24
eor $s2,$s2,$t2,ror#8
eor $t3,$i3,$t3,ror#8
ldr $s2,[$tbl,$s2,lsl#2] @ Td0[s2>>24]
and $i1,lr,$s3,lsr#16 @ i0
eor $s1,$s1,$i2,ror#24
and $i2,lr,$s3,lsr#8 @ i1
eor $t3,$i3,$t3,ror#8
and $i3,lr,$s3 @ i2
mov $s3,$s3,lsr#24
eor $s2,$s2,$t2,ror#8
ldr $i1,[$tbl,$i1,lsl#2] @ Td1[s3>>16]
mov $s3,$s3,lsr#24
ldr $i2,[$tbl,$i2,lsl#2] @ Td2[s3>>8]
ldr $i3,[$tbl,$i3,lsl#2] @ Td3[s3>>0]
ldr $s3,[$tbl,$s3,lsl#2] @ Td0[s3>>24]
eor $s0,$s0,$i1,ror#8
ldr $s3,[$tbl,$s3,lsl#2] @ Td0[s3>>24]
eor $s1,$s1,$i2,ror#16
eor $s2,$s2,$i3,ror#24
ldr $i1,[$key],#16
eor $s3,$s3,$t3,ror#8
ldr $t1,[$key],#16
ldr $t2,[$key,#-12]
ldr $t3,[$key,#-8]
ldr $i1,[$key,#-4]
eor $s0,$s0,$t1
eor $s1,$s1,$t2
eor $s2,$s2,$t3
eor $s3,$s3,$i1
ldr $t1,[$key,#-12]
ldr $t2,[$key,#-8]
eor $s0,$s0,$i1
ldr $t3,[$key,#-4]
and $i1,lr,$s0,lsr#16
eor $s1,$s1,$t1
and $i2,lr,$s0,lsr#8
eor $s2,$s2,$t2
and $i3,lr,$s0
eor $s3,$s3,$t3
mov $s0,$s0,lsr#24
subs $rounds,$rounds,#1
bne .Ldec_loop
add $tbl,$tbl,#1024
ldr $t1,[$tbl,#0] @ prefetch Td4
ldr $t2,[$tbl,#32]
ldr $t3,[$tbl,#64]
ldr $i1,[$tbl,#96]
ldr $i2,[$tbl,#128]
ldr $i3,[$tbl,#160]
ldr $t1,[$tbl,#192]
ldr $t2,[$tbl,#224]
ldr $t2,[$tbl,#0] @ prefetch Td4
ldr $t3,[$tbl,#32]
ldr $t1,[$tbl,#64]
ldr $t2,[$tbl,#96]
ldr $t3,[$tbl,#128]
ldr $t1,[$tbl,#160]
ldr $t2,[$tbl,#192]
ldr $t3,[$tbl,#224]
and $i1,lr,$s0,lsr#16
and $i2,lr,$s0,lsr#8
and $i3,lr,$s0
ldrb $s0,[$tbl,$s0,lsr#24] @ Td4[s0>>24]
ldrb $s0,[$tbl,$s0] @ Td4[s0>>24]
ldrb $t1,[$tbl,$i1] @ Td4[s0>>16]
ldrb $t2,[$tbl,$i2] @ Td4[s0>>8]
ldrb $t3,[$tbl,$i3] @ Td4[s0>>0]
and $i1,lr,$s1 @ i0
ldrb $t2,[$tbl,$i2] @ Td4[s0>>8]
and $i2,lr,$s1,lsr#16
ldrb $t3,[$tbl,$i3] @ Td4[s0>>0]
and $i3,lr,$s1,lsr#8
ldrb $i1,[$tbl,$i1] @ Td4[s1>>0]
ldrb $s1,[$tbl,$s1,lsr#24] @ Td4[s1>>24]
ldrb $i2,[$tbl,$i2] @ Td4[s1>>16]
ldrb $i3,[$tbl,$i3] @ Td4[s1>>8]
eor $s0,$i1,$s0,lsl#24
ldrb $i3,[$tbl,$i3] @ Td4[s1>>8]
eor $s1,$t1,$s1,lsl#8
eor $t2,$t2,$i2,lsl#8
eor $t3,$t3,$i3,lsl#8
and $i1,lr,$s2,lsr#8 @ i0
eor $t2,$t2,$i2,lsl#8
and $i2,lr,$s2 @ i1
and $i3,lr,$s2,lsr#16
eor $t3,$t3,$i3,lsl#8
ldrb $i1,[$tbl,$i1] @ Td4[s2>>8]
and $i3,lr,$s2,lsr#16
ldrb $i2,[$tbl,$i2] @ Td4[s2>>0]
ldrb $s2,[$tbl,$s2,lsr#24] @ Td4[s2>>24]
ldrb $i3,[$tbl,$i3] @ Td4[s2>>16]
eor $s0,$s0,$i1,lsl#8
ldrb $i3,[$tbl,$i3] @ Td4[s2>>16]
eor $s1,$i2,$s1,lsl#16
eor $s2,$t2,$s2,lsl#16
eor $t3,$t3,$i3,lsl#16
and $i1,lr,$s3,lsr#16 @ i0
eor $s2,$t2,$s2,lsl#16
and $i2,lr,$s3,lsr#8 @ i1
and $i3,lr,$s3 @ i2
eor $t3,$t3,$i3,lsl#16
ldrb $i1,[$tbl,$i1] @ Td4[s3>>16]
and $i3,lr,$s3 @ i2
ldrb $i2,[$tbl,$i2] @ Td4[s3>>8]
ldrb $i3,[$tbl,$i3] @ Td4[s3>>0]
ldrb $s3,[$tbl,$s3,lsr#24] @ Td4[s3>>24]
eor $s0,$s0,$i1,lsl#16
ldr $i1,[$key,#0]
eor $s1,$s1,$i2,lsl#8
ldr $t1,[$key,#4]
eor $s2,$i3,$s2,lsl#8
ldr $t2,[$key,#8]
eor $s3,$t3,$s3,lsl#24
ldr $t3,[$key,#12]
ldr lr,[sp],#4 @ pop lr
ldr $t1,[$key,#0]
ldr $t2,[$key,#4]
ldr $t3,[$key,#8]
ldr $i1,[$key,#12]
eor $s0,$s0,$t1
eor $s1,$s1,$t2
eor $s2,$s2,$t3
eor $s3,$s3,$i1
eor $s0,$s0,$i1
eor $s1,$s1,$t1
eor $s2,$s2,$t2
eor $s3,$s3,$t3
sub $tbl,$tbl,#1024
mov pc,lr @ return
ldr pc,[sp],#4 @ pop and return
.size _armv4_AES_decrypt,.-_armv4_AES_decrypt
.asciz "AES for ARMv4, CRYPTOGAMS by <appro\@openssl.org>"
.align 2
___
$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm; # make it possible to compile with -march=armv4
print $code;
close STDOUT; # enforce flush

View File

@@ -16,6 +16,19 @@
# at 1/2 of ppc_AES_encrypt speed, while ppc_AES_decrypt_compact -
# at 1/3 of ppc_AES_decrypt.
# February 2010
#
# Rescheduling instructions to favour Power6 pipeline gives 10%
# performance improvement on the platfrom in question (and marginal
# improvement even on others). It should be noted that Power6 fails
# to process byte in 18 cycles, only in 23, because it fails to issue
# 4 load instructions in two cycles, only in 3. As result non-compact
# block subroutines are 25% slower than one would expect. Compact
# functions scale better, because they have pure computational part,
# which scales perfectly with clock frequency. To be specific
# ppc_AES_encrypt_compact operates at 42 cycles per byte, while
# ppc_AES_decrypt_compact - at 55 (in 64-bit build).
$flavour = shift;
if ($flavour =~ /64/) {
@@ -376,7 +389,7 @@ $code.=<<___;
addi $sp,$sp,$FRAME
blr
.align 4
.align 5
Lppc_AES_encrypt:
lwz $acc00,240($key)
lwz $t0,0($key)
@@ -397,46 +410,46 @@ Lppc_AES_encrypt:
Lenc_loop:
rlwinm $acc00,$s0,`32-24+3`,21,28
rlwinm $acc01,$s1,`32-24+3`,21,28
lwz $t0,0($key)
lwz $t1,4($key)
rlwinm $acc02,$s2,`32-24+3`,21,28
rlwinm $acc03,$s3,`32-24+3`,21,28
lwz $t2,8($key)
lwz $t3,12($key)
lwz $t0,0($key)
lwz $t1,4($key)
rlwinm $acc04,$s1,`32-16+3`,21,28
rlwinm $acc05,$s2,`32-16+3`,21,28
lwzx $acc00,$Tbl0,$acc00
lwzx $acc01,$Tbl0,$acc01
lwz $t2,8($key)
lwz $t3,12($key)
rlwinm $acc06,$s3,`32-16+3`,21,28
rlwinm $acc07,$s0,`32-16+3`,21,28
lwzx $acc02,$Tbl0,$acc02
lwzx $acc03,$Tbl0,$acc03
lwzx $acc00,$Tbl0,$acc00
lwzx $acc01,$Tbl0,$acc01
rlwinm $acc08,$s2,`32-8+3`,21,28
rlwinm $acc09,$s3,`32-8+3`,21,28
lwzx $acc04,$Tbl1,$acc04
lwzx $acc05,$Tbl1,$acc05
lwzx $acc02,$Tbl0,$acc02
lwzx $acc03,$Tbl0,$acc03
rlwinm $acc10,$s0,`32-8+3`,21,28
rlwinm $acc11,$s1,`32-8+3`,21,28
lwzx $acc06,$Tbl1,$acc06
lwzx $acc07,$Tbl1,$acc07
lwzx $acc04,$Tbl1,$acc04
lwzx $acc05,$Tbl1,$acc05
rlwinm $acc12,$s3,`0+3`,21,28
rlwinm $acc13,$s0,`0+3`,21,28
lwzx $acc08,$Tbl2,$acc08
lwzx $acc09,$Tbl2,$acc09
lwzx $acc06,$Tbl1,$acc06
lwzx $acc07,$Tbl1,$acc07
rlwinm $acc14,$s1,`0+3`,21,28
rlwinm $acc15,$s2,`0+3`,21,28
lwzx $acc10,$Tbl2,$acc10
lwzx $acc11,$Tbl2,$acc11
lwzx $acc08,$Tbl2,$acc08
lwzx $acc09,$Tbl2,$acc09
xor $t0,$t0,$acc00
xor $t1,$t1,$acc01
lwzx $acc12,$Tbl3,$acc12
lwzx $acc13,$Tbl3,$acc13
lwzx $acc10,$Tbl2,$acc10
lwzx $acc11,$Tbl2,$acc11
xor $t2,$t2,$acc02
xor $t3,$t3,$acc03
lwzx $acc14,$Tbl3,$acc14
lwzx $acc15,$Tbl3,$acc15
lwzx $acc12,$Tbl3,$acc12
lwzx $acc13,$Tbl3,$acc13
xor $t0,$t0,$acc04
xor $t1,$t1,$acc05
lwzx $acc14,$Tbl3,$acc14
lwzx $acc15,$Tbl3,$acc15
xor $t2,$t2,$acc06
xor $t3,$t3,$acc07
xor $t0,$t0,$acc08
@@ -452,60 +465,60 @@ Lenc_loop:
addi $Tbl2,$Tbl0,2048
nop
lwz $acc08,`2048+0`($Tbl0) ! prefetch Te4
lwz $acc09,`2048+32`($Tbl0)
lwz $acc10,`2048+64`($Tbl0)
lwz $acc11,`2048+96`($Tbl0)
lwz $acc08,`2048+128`($Tbl0)
lwz $acc09,`2048+160`($Tbl0)
lwz $acc10,`2048+192`($Tbl0)
lwz $acc11,`2048+224`($Tbl0)
rlwinm $acc00,$s0,`32-24`,24,31
rlwinm $acc01,$s1,`32-24`,24,31
lwz $t0,0($key)
lwz $t1,4($key)
rlwinm $acc02,$s2,`32-24`,24,31
rlwinm $acc03,$s3,`32-24`,24,31
rlwinm $acc00,$s0,`32-24`,24,31
rlwinm $acc01,$s1,`32-24`,24,31
lwz $t2,8($key)
lwz $t3,12($key)
rlwinm $acc02,$s2,`32-24`,24,31
rlwinm $acc03,$s3,`32-24`,24,31
lwz $acc08,`2048+0`($Tbl0) ! prefetch Te4
lwz $acc09,`2048+32`($Tbl0)
rlwinm $acc04,$s1,`32-16`,24,31
rlwinm $acc05,$s2,`32-16`,24,31
lbzx $acc00,$Tbl2,$acc00
lbzx $acc01,$Tbl2,$acc01
lwz $acc10,`2048+64`($Tbl0)
lwz $acc11,`2048+96`($Tbl0)
rlwinm $acc06,$s3,`32-16`,24,31
rlwinm $acc07,$s0,`32-16`,24,31
lbzx $acc02,$Tbl2,$acc02
lbzx $acc03,$Tbl2,$acc03
lwz $acc12,`2048+128`($Tbl0)
lwz $acc13,`2048+160`($Tbl0)
rlwinm $acc08,$s2,`32-8`,24,31
rlwinm $acc09,$s3,`32-8`,24,31
lbzx $acc04,$Tbl2,$acc04
lbzx $acc05,$Tbl2,$acc05
lwz $acc14,`2048+192`($Tbl0)
lwz $acc15,`2048+224`($Tbl0)
rlwinm $acc10,$s0,`32-8`,24,31
rlwinm $acc11,$s1,`32-8`,24,31
lbzx $acc06,$Tbl2,$acc06
lbzx $acc07,$Tbl2,$acc07
lbzx $acc00,$Tbl2,$acc00
lbzx $acc01,$Tbl2,$acc01
rlwinm $acc12,$s3,`0`,24,31
rlwinm $acc13,$s0,`0`,24,31
lbzx $acc08,$Tbl2,$acc08
lbzx $acc09,$Tbl2,$acc09
lbzx $acc02,$Tbl2,$acc02
lbzx $acc03,$Tbl2,$acc03
rlwinm $acc14,$s1,`0`,24,31
rlwinm $acc15,$s2,`0`,24,31
lbzx $acc10,$Tbl2,$acc10
lbzx $acc11,$Tbl2,$acc11
lbzx $acc04,$Tbl2,$acc04
lbzx $acc05,$Tbl2,$acc05
rlwinm $s0,$acc00,24,0,7
rlwinm $s1,$acc01,24,0,7
lbzx $acc12,$Tbl2,$acc12
lbzx $acc13,$Tbl2,$acc13
lbzx $acc06,$Tbl2,$acc06
lbzx $acc07,$Tbl2,$acc07
rlwinm $s2,$acc02,24,0,7
rlwinm $s3,$acc03,24,0,7
lbzx $acc14,$Tbl2,$acc14
lbzx $acc15,$Tbl2,$acc15
lbzx $acc08,$Tbl2,$acc08
lbzx $acc09,$Tbl2,$acc09
rlwimi $s0,$acc04,16,8,15
rlwimi $s1,$acc05,16,8,15
lbzx $acc10,$Tbl2,$acc10
lbzx $acc11,$Tbl2,$acc11
rlwimi $s2,$acc06,16,8,15
rlwimi $s3,$acc07,16,8,15
lbzx $acc12,$Tbl2,$acc12
lbzx $acc13,$Tbl2,$acc13
rlwimi $s0,$acc08,8,16,23
rlwimi $s1,$acc09,8,16,23
lbzx $acc14,$Tbl2,$acc14
lbzx $acc15,$Tbl2,$acc15
rlwimi $s2,$acc10,8,16,23
rlwimi $s3,$acc11,8,16,23
or $s0,$s0,$acc12
@@ -542,40 +555,40 @@ Lenc_compact_loop:
rlwinm $acc01,$s1,`32-24`,24,31
rlwinm $acc02,$s2,`32-24`,24,31
rlwinm $acc03,$s3,`32-24`,24,31
lbzx $acc00,$Tbl1,$acc00
lbzx $acc01,$Tbl1,$acc01
rlwinm $acc04,$s1,`32-16`,24,31
rlwinm $acc05,$s2,`32-16`,24,31
lbzx $acc02,$Tbl1,$acc02
lbzx $acc03,$Tbl1,$acc03
rlwinm $acc06,$s3,`32-16`,24,31
rlwinm $acc07,$s0,`32-16`,24,31
lbzx $acc04,$Tbl1,$acc04
lbzx $acc05,$Tbl1,$acc05
lbzx $acc00,$Tbl1,$acc00
lbzx $acc01,$Tbl1,$acc01
rlwinm $acc08,$s2,`32-8`,24,31
rlwinm $acc09,$s3,`32-8`,24,31
lbzx $acc06,$Tbl1,$acc06
lbzx $acc07,$Tbl1,$acc07
lbzx $acc02,$Tbl1,$acc02
lbzx $acc03,$Tbl1,$acc03
rlwinm $acc10,$s0,`32-8`,24,31
rlwinm $acc11,$s1,`32-8`,24,31
lbzx $acc08,$Tbl1,$acc08
lbzx $acc09,$Tbl1,$acc09
lbzx $acc04,$Tbl1,$acc04
lbzx $acc05,$Tbl1,$acc05
rlwinm $acc12,$s3,`0`,24,31
rlwinm $acc13,$s0,`0`,24,31
lbzx $acc10,$Tbl1,$acc10
lbzx $acc11,$Tbl1,$acc11
lbzx $acc06,$Tbl1,$acc06
lbzx $acc07,$Tbl1,$acc07
rlwinm $acc14,$s1,`0`,24,31
rlwinm $acc15,$s2,`0`,24,31
lbzx $acc12,$Tbl1,$acc12
lbzx $acc13,$Tbl1,$acc13
lbzx $acc08,$Tbl1,$acc08
lbzx $acc09,$Tbl1,$acc09
rlwinm $s0,$acc00,24,0,7
rlwinm $s1,$acc01,24,0,7
lbzx $acc14,$Tbl1,$acc14
lbzx $acc15,$Tbl1,$acc15
lbzx $acc10,$Tbl1,$acc10
lbzx $acc11,$Tbl1,$acc11
rlwinm $s2,$acc02,24,0,7
rlwinm $s3,$acc03,24,0,7
lbzx $acc12,$Tbl1,$acc12
lbzx $acc13,$Tbl1,$acc13
rlwimi $s0,$acc04,16,8,15
rlwimi $s1,$acc05,16,8,15
lbzx $acc14,$Tbl1,$acc14
lbzx $acc15,$Tbl1,$acc15
rlwimi $s2,$acc06,16,8,15
rlwimi $s3,$acc07,16,8,15
rlwimi $s0,$acc08,8,16,23
@@ -725,7 +738,7 @@ Lenc_compact_done:
addi $sp,$sp,$FRAME
blr
.align 4
.align 5
Lppc_AES_decrypt:
lwz $acc00,240($key)
lwz $t0,0($key)
@@ -746,46 +759,46 @@ Lppc_AES_decrypt:
Ldec_loop:
rlwinm $acc00,$s0,`32-24+3`,21,28
rlwinm $acc01,$s1,`32-24+3`,21,28
lwz $t0,0($key)
lwz $t1,4($key)
rlwinm $acc02,$s2,`32-24+3`,21,28
rlwinm $acc03,$s3,`32-24+3`,21,28
lwz $t2,8($key)
lwz $t3,12($key)
lwz $t0,0($key)
lwz $t1,4($key)
rlwinm $acc04,$s3,`32-16+3`,21,28
rlwinm $acc05,$s0,`32-16+3`,21,28
lwzx $acc00,$Tbl0,$acc00
lwzx $acc01,$Tbl0,$acc01
lwz $t2,8($key)
lwz $t3,12($key)
rlwinm $acc06,$s1,`32-16+3`,21,28
rlwinm $acc07,$s2,`32-16+3`,21,28
lwzx $acc02,$Tbl0,$acc02
lwzx $acc03,$Tbl0,$acc03
lwzx $acc00,$Tbl0,$acc00
lwzx $acc01,$Tbl0,$acc01
rlwinm $acc08,$s2,`32-8+3`,21,28
rlwinm $acc09,$s3,`32-8+3`,21,28
lwzx $acc04,$Tbl1,$acc04
lwzx $acc05,$Tbl1,$acc05
lwzx $acc02,$Tbl0,$acc02
lwzx $acc03,$Tbl0,$acc03
rlwinm $acc10,$s0,`32-8+3`,21,28
rlwinm $acc11,$s1,`32-8+3`,21,28
lwzx $acc06,$Tbl1,$acc06
lwzx $acc07,$Tbl1,$acc07
lwzx $acc04,$Tbl1,$acc04
lwzx $acc05,$Tbl1,$acc05
rlwinm $acc12,$s1,`0+3`,21,28
rlwinm $acc13,$s2,`0+3`,21,28
lwzx $acc08,$Tbl2,$acc08
lwzx $acc09,$Tbl2,$acc09
lwzx $acc06,$Tbl1,$acc06
lwzx $acc07,$Tbl1,$acc07
rlwinm $acc14,$s3,`0+3`,21,28
rlwinm $acc15,$s0,`0+3`,21,28
lwzx $acc10,$Tbl2,$acc10
lwzx $acc11,$Tbl2,$acc11
lwzx $acc08,$Tbl2,$acc08
lwzx $acc09,$Tbl2,$acc09
xor $t0,$t0,$acc00
xor $t1,$t1,$acc01
lwzx $acc12,$Tbl3,$acc12
lwzx $acc13,$Tbl3,$acc13
lwzx $acc10,$Tbl2,$acc10
lwzx $acc11,$Tbl2,$acc11
xor $t2,$t2,$acc02
xor $t3,$t3,$acc03
lwzx $acc14,$Tbl3,$acc14
lwzx $acc15,$Tbl3,$acc15
lwzx $acc12,$Tbl3,$acc12
lwzx $acc13,$Tbl3,$acc13
xor $t0,$t0,$acc04
xor $t1,$t1,$acc05
lwzx $acc14,$Tbl3,$acc14
lwzx $acc15,$Tbl3,$acc15
xor $t2,$t2,$acc06
xor $t3,$t3,$acc07
xor $t0,$t0,$acc08
@@ -801,56 +814,56 @@ Ldec_loop:
addi $Tbl2,$Tbl0,2048
nop
lwz $acc08,`2048+0`($Tbl0) ! prefetch Td4
lwz $acc09,`2048+32`($Tbl0)
lwz $acc10,`2048+64`($Tbl0)
lwz $acc11,`2048+96`($Tbl0)
lwz $acc08,`2048+128`($Tbl0)
lwz $acc09,`2048+160`($Tbl0)
lwz $acc10,`2048+192`($Tbl0)
lwz $acc11,`2048+224`($Tbl0)
rlwinm $acc00,$s0,`32-24`,24,31
rlwinm $acc01,$s1,`32-24`,24,31
lwz $t0,0($key)
lwz $t1,4($key)
rlwinm $acc02,$s2,`32-24`,24,31
rlwinm $acc03,$s3,`32-24`,24,31
rlwinm $acc00,$s0,`32-24`,24,31
rlwinm $acc01,$s1,`32-24`,24,31
lwz $t2,8($key)
lwz $t3,12($key)
rlwinm $acc02,$s2,`32-24`,24,31
rlwinm $acc03,$s3,`32-24`,24,31
lwz $acc08,`2048+0`($Tbl0) ! prefetch Td4
lwz $acc09,`2048+32`($Tbl0)
rlwinm $acc04,$s3,`32-16`,24,31
rlwinm $acc05,$s0,`32-16`,24,31
lwz $acc10,`2048+64`($Tbl0)
lwz $acc11,`2048+96`($Tbl0)
lbzx $acc00,$Tbl2,$acc00
lbzx $acc01,$Tbl2,$acc01
lwz $acc12,`2048+128`($Tbl0)
lwz $acc13,`2048+160`($Tbl0)
rlwinm $acc06,$s1,`32-16`,24,31
rlwinm $acc07,$s2,`32-16`,24,31
lbzx $acc02,$Tbl2,$acc02
lbzx $acc03,$Tbl2,$acc03
lwz $acc14,`2048+192`($Tbl0)
lwz $acc15,`2048+224`($Tbl0)
rlwinm $acc08,$s2,`32-8`,24,31
rlwinm $acc09,$s3,`32-8`,24,31
lbzx $acc04,$Tbl2,$acc04
lbzx $acc05,$Tbl2,$acc05
lbzx $acc02,$Tbl2,$acc02
lbzx $acc03,$Tbl2,$acc03
rlwinm $acc10,$s0,`32-8`,24,31
rlwinm $acc11,$s1,`32-8`,24,31
lbzx $acc06,$Tbl2,$acc06
lbzx $acc07,$Tbl2,$acc07
lbzx $acc04,$Tbl2,$acc04
lbzx $acc05,$Tbl2,$acc05
rlwinm $acc12,$s1,`0`,24,31
rlwinm $acc13,$s2,`0`,24,31
lbzx $acc08,$Tbl2,$acc08
lbzx $acc09,$Tbl2,$acc09
lbzx $acc06,$Tbl2,$acc06
lbzx $acc07,$Tbl2,$acc07
rlwinm $acc14,$s3,`0`,24,31
rlwinm $acc15,$s0,`0`,24,31
lbzx $acc10,$Tbl2,$acc10
lbzx $acc11,$Tbl2,$acc11
lbzx $acc08,$Tbl2,$acc08
lbzx $acc09,$Tbl2,$acc09
rlwinm $s0,$acc00,24,0,7
rlwinm $s1,$acc01,24,0,7
lbzx $acc12,$Tbl2,$acc12
lbzx $acc13,$Tbl2,$acc13
lbzx $acc10,$Tbl2,$acc10
lbzx $acc11,$Tbl2,$acc11
rlwinm $s2,$acc02,24,0,7
rlwinm $s3,$acc03,24,0,7
lbzx $acc14,$Tbl2,$acc14
lbzx $acc15,$Tbl2,$acc15
lbzx $acc12,$Tbl2,$acc12
lbzx $acc13,$Tbl2,$acc13
rlwimi $s0,$acc04,16,8,15
rlwimi $s1,$acc05,16,8,15
lbzx $acc14,$Tbl2,$acc14
lbzx $acc15,$Tbl2,$acc15
rlwimi $s2,$acc06,16,8,15
rlwimi $s3,$acc07,16,8,15
rlwimi $s0,$acc08,8,16,23
@@ -897,40 +910,40 @@ Ldec_compact_loop:
rlwinm $acc01,$s1,`32-24`,24,31
rlwinm $acc02,$s2,`32-24`,24,31
rlwinm $acc03,$s3,`32-24`,24,31
lbzx $acc00,$Tbl1,$acc00
lbzx $acc01,$Tbl1,$acc01
rlwinm $acc04,$s3,`32-16`,24,31
rlwinm $acc05,$s0,`32-16`,24,31
lbzx $acc02,$Tbl1,$acc02
lbzx $acc03,$Tbl1,$acc03
rlwinm $acc06,$s1,`32-16`,24,31
rlwinm $acc07,$s2,`32-16`,24,31
lbzx $acc04,$Tbl1,$acc04
lbzx $acc05,$Tbl1,$acc05
lbzx $acc00,$Tbl1,$acc00
lbzx $acc01,$Tbl1,$acc01
rlwinm $acc08,$s2,`32-8`,24,31
rlwinm $acc09,$s3,`32-8`,24,31
lbzx $acc06,$Tbl1,$acc06
lbzx $acc07,$Tbl1,$acc07
lbzx $acc02,$Tbl1,$acc02
lbzx $acc03,$Tbl1,$acc03
rlwinm $acc10,$s0,`32-8`,24,31
rlwinm $acc11,$s1,`32-8`,24,31
lbzx $acc08,$Tbl1,$acc08
lbzx $acc09,$Tbl1,$acc09
lbzx $acc04,$Tbl1,$acc04
lbzx $acc05,$Tbl1,$acc05
rlwinm $acc12,$s1,`0`,24,31
rlwinm $acc13,$s2,`0`,24,31
lbzx $acc10,$Tbl1,$acc10
lbzx $acc11,$Tbl1,$acc11
lbzx $acc06,$Tbl1,$acc06
lbzx $acc07,$Tbl1,$acc07
rlwinm $acc14,$s3,`0`,24,31
rlwinm $acc15,$s0,`0`,24,31
lbzx $acc12,$Tbl1,$acc12
lbzx $acc13,$Tbl1,$acc13
lbzx $acc08,$Tbl1,$acc08
lbzx $acc09,$Tbl1,$acc09
rlwinm $s0,$acc00,24,0,7
rlwinm $s1,$acc01,24,0,7
lbzx $acc14,$Tbl1,$acc14
lbzx $acc15,$Tbl1,$acc15
lbzx $acc10,$Tbl1,$acc10
lbzx $acc11,$Tbl1,$acc11
rlwinm $s2,$acc02,24,0,7
rlwinm $s3,$acc03,24,0,7
lbzx $acc12,$Tbl1,$acc12
lbzx $acc13,$Tbl1,$acc13
rlwimi $s0,$acc04,16,8,15
rlwimi $s1,$acc05,16,8,15
lbzx $acc14,$Tbl1,$acc14
lbzx $acc15,$Tbl1,$acc15
rlwimi $s2,$acc06,16,8,15
rlwimi $s3,$acc07,16,8,15
rlwimi $s0,$acc08,8,16,23

View File

@@ -1,3 +1,5 @@
#!/usr/bin/env perl
print <<'___';
.text
.set noat
@@ -68,9 +70,9 @@ OPENSSL_wipe_cpu:
OPENSSL_atomic_add:
.frame $30,0,$26
.prologue 0
1: ldl_l $0,($16)
1: ldl_l $0,0($16)
addl $0,$17,$1
stl_c $1,($16)
stl_c $1,0($16)
beq $1,1b
addl $0,$17,$0
ret ($26)
@@ -90,6 +92,7 @@ OPENSSL_rdtsc:
OPENSSL_cleanse:
.frame $30,0,$26
.prologue 0
beq $17,.Ldone
and $16,7,$0
bic $17,7,$at
beq $at,.Little
@@ -122,3 +125,4 @@ OPENSSL_cleanse:
br .Little
.Ldone: ret ($26)
.end OPENSSL_cleanse
___

View File

@@ -273,7 +273,7 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
{
ASN1_INTEGER *ret=NULL;
const unsigned char *p;
unsigned char *to,*s;
unsigned char *s;
long len;
int inf,tag,xclass;
int i;
@@ -308,7 +308,6 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
i=ERR_R_MALLOC_FAILURE;
goto err;
}
to=s;
ret->type=V_ASN1_INTEGER;
if(len) {
if ((*p == 0) && (len != 1))

View File

@@ -290,12 +290,12 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
const unsigned char *p;
unsigned char *data;
int i;
/* Sanity check OID encoding: can't have 0x80 in subidentifiers, see:
* X.690 8.19.2
/* Sanity check OID encoding: can't have leading 0x80 in
* subidentifiers, see: X.690 8.19.2
*/
for (i = 0, p = *pp + 1; i < len - 1; i++, p++)
{
if (*p == 0x80)
if (*p == 0x80 && (!i || !(p[-1] & 0x80)))
{
ASN1err(ASN1_F_C2I_ASN1_OBJECT,ASN1_R_INVALID_OBJECT_ENCODING);
return NULL;

View File

@@ -242,7 +242,7 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
int sgckey)
{
RSA *ret=NULL;
const unsigned char *p, *kp;
const unsigned char *p;
NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
p = *pp;
@@ -265,7 +265,6 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
goto err;
}
kp = enckey->enckey->digest->data;
if (cb == NULL)
cb=EVP_read_pw_string;
if ((ret=d2i_RSA_NET_2(a, enckey->enckey->digest,cb, sgckey)) == NULL) goto err;

View File

@@ -87,7 +87,7 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
STACK_OF(X509_REVOKED) *rev;
X509_REVOKED *r;
long l;
int i, n;
int i;
char *p;
BIO_printf(out, "Certificate Revocation List (CRL):\n");
@@ -107,7 +107,6 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
else BIO_printf(out,"NONE");
BIO_printf(out,"\n");
n=X509_CRL_get_ext_count(x);
X509V3_extensions_print(out, "CRL extensions",
x->crl->extensions, 0, 8);

View File

@@ -168,7 +168,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
int i;
int otag;
int ret = 0;
ASN1_VALUE *pchval, **pchptr, *ptmpval;
ASN1_VALUE **pchptr, *ptmpval;
if (!pval)
return 0;
if (aux && aux->asn1_cb)
@@ -319,7 +319,6 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
goto err;
}
/* CHOICE type, try each possibility in turn */
pchval = NULL;
p = *in;
for (i = 0, tt=it->templates; i < it->tcount; i++, tt++)
{

View File

@@ -63,7 +63,7 @@
#include <openssl/x509.h>
#include <openssl/x509v3.h>
ASN1_SEQUENCE(X509_CINF) = {
ASN1_SEQUENCE_enc(X509_CINF, enc, 0) = {
ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0),
ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER),
ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR),
@@ -74,7 +74,7 @@ ASN1_SEQUENCE(X509_CINF) = {
ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1),
ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2),
ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3)
} ASN1_SEQUENCE_END(X509_CINF)
} ASN1_SEQUENCE_END_enc(X509_CINF, X509_CINF)
IMPLEMENT_ASN1_FUNCTIONS(X509_CINF)
/* X509 top level structure needs a bit of customisation */

View File

@@ -731,7 +731,14 @@ again:
#ifdef SO_REUSEADDR
err_num=get_last_socket_error();
if ((bind_mode == BIO_BIND_REUSEADDR_IF_UNUSED) &&
#ifdef OPENSSL_SYS_WINDOWS
/* Some versions of Windows define EADDRINUSE to
* a dummy value.
*/
(err_num == WSAEADDRINUSE))
#else
(err_num == EADDRINUSE))
#endif
{
client = server;
if (h == NULL || strcmp(h,"*") == 0)

View File

@@ -125,7 +125,6 @@ static int nbiof_free(BIO *a)
static int nbiof_read(BIO *b, char *out, int outl)
{
NBIO_TEST *nt;
int ret=0;
#if 1
int num;
@@ -134,7 +133,6 @@ static int nbiof_read(BIO *b, char *out, int outl)
if (out == NULL) return(0);
if (b->next_bio == NULL) return(0);
nt=(NBIO_TEST *)b->ptr;
BIO_clear_retry_flags(b);
#if 1

View File

@@ -110,7 +110,7 @@ int BIO_set(BIO *bio, BIO_METHOD *method)
int BIO_free(BIO *a)
{
int ret=0,i;
int i;
if (a == NULL) return(0);
@@ -133,7 +133,7 @@ int BIO_free(BIO *a)
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, a, &a->ex_data);
if ((a->method == NULL) || (a->method->destroy == NULL)) return(1);
ret=a->method->destroy(a);
a->method->destroy(a);
OPENSSL_free(a);
return(1);
}

View File

@@ -340,7 +340,6 @@ static int acpt_write(BIO *b, const char *in, int inl)
static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
{
BIO *dbio;
int *ip;
long ret=1;
BIO_ACCEPT *data;
@@ -437,8 +436,8 @@ static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
ret=(long)data->bind_mode;
break;
case BIO_CTRL_DUP:
dbio=(BIO *)ptr;
/* if (data->param_port) EAY EAY
/* dbio=(BIO *)ptr;
if (data->param_port) EAY EAY
BIO_set_port(dbio,data->param_port);
if (data->param_hostname)
BIO_set_hostname(dbio,data->param_hostname);

View File

@@ -118,10 +118,47 @@ static BIO_METHOD methods_filep=
BIO *BIO_new_file(const char *filename, const char *mode)
{
BIO *ret;
FILE *file;
BIO *ret;
FILE *file=NULL;
if ((file=fopen(filename,mode)) == NULL)
#if defined(_WIN32) && defined(CP_UTF8)
int sz, len_0 = (int)strlen(filename)+1;
/*
* Basically there are three cases to cover: a) filename is
* pure ASCII string; b) actual UTF-8 encoded string and
* c) locale-ized string, i.e. one containing 8-bit
* characters that are meaningful in current system locale.
* If filename is pure ASCII or real UTF-8 encoded string,
* MultiByteToWideChar succeeds and _wfopen works. If
* filename is locale-ized string, chances are that
* MultiByteToWideChar fails reporting
* ERROR_NO_UNICODE_TRANSLATION, in which case we fall
* back to fopen...
*/
if ((sz=MultiByteToWideChar(CP_UTF8,MB_ERR_INVALID_CHARS,
filename,len_0,NULL,0))>0)
{
WCHAR wmode[8];
WCHAR *wfilename = _alloca(sz*sizeof(WCHAR));
if (MultiByteToWideChar(CP_UTF8,MB_ERR_INVALID_CHARS,
filename,len_0,wfilename,sz) &&
MultiByteToWideChar(CP_UTF8,0,mode,strlen(mode)+1,
wmode,sizeof(wmode)/sizeof(wmode[0])) &&
(file=_wfopen(wfilename,wmode))==NULL && errno==ENOENT
) /* UTF-8 decode succeeded, but no file, filename
* could still have been locale-ized... */
file = fopen(filename,mode);
}
else if (GetLastError()==ERROR_NO_UNICODE_TRANSLATION)
{
file = fopen(filename,mode);
}
#else
file=fopen(filename,mode);
#endif
if (file == NULL)
{
SYSerr(SYS_F_FOPEN,get_last_sys_error());
ERR_add_error_data(5,"fopen('",filename,"','",mode,"')");
@@ -272,9 +309,9 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
BIO_clear_flags(b,BIO_FLAGS_UPLINK);
#endif
#endif
#ifdef UP_fsetmode
#ifdef UP_fsetmod
if (b->flags&BIO_FLAGS_UPLINK)
UP_fsetmode(b->ptr,num&BIO_FP_TEXT?'t':'b');
UP_fsetmod(b->ptr,(char)((num&BIO_FP_TEXT)?'t':'b'));
else
#endif
{

View File

@@ -172,15 +172,6 @@ static long sock_ctrl(BIO *b, int cmd, long num, void *ptr)
switch (cmd)
{
case BIO_CTRL_RESET:
num=0;
case BIO_C_FILE_SEEK:
ret=0;
break;
case BIO_C_FILE_TELL:
case BIO_CTRL_INFO:
ret=0;
break;
case BIO_C_SET_FD:
sock_free(b);
b->num= *((int *)ptr);
@@ -203,10 +194,6 @@ static long sock_ctrl(BIO *b, int cmd, long num, void *ptr)
case BIO_CTRL_SET_CLOSE:
b->shutdown=(int)num;
break;
case BIO_CTRL_PENDING:
case BIO_CTRL_WPENDING:
ret=0;
break;
case BIO_CTRL_DUP:
case BIO_CTRL_FLUSH:
ret=1;

View File

@@ -41,8 +41,12 @@ $j="s4";
$m1="s5";
$code=<<___;
#indef __linux__
#include <asm/regdef.h>
#else
#include <asm.h>
#include <regdef.h>
#endif
.text
@@ -53,15 +57,15 @@ $code=<<___;
.align 5
.ent bn_mul_mont
bn_mul_mont:
lda sp,-40(sp)
lda sp,-48(sp)
stq ra,0(sp)
stq s3,8(sp)
stq s4,16(sp)
stq s5,24(sp)
stq fp,32(sp)
mov sp,fp
.mask 0x0400f000,-40
.frame fp,40,ra
.mask 0x0400f000,-48
.frame fp,48,ra
.prologue 0
.align 4
@@ -76,7 +80,7 @@ bn_mul_mont:
ldq $aj,8($ap)
subq sp,AT,sp
ldq $bi,0($bp) # bp[0]
mov -4096,AT
lda AT,-4096(zero) # mov -4096,AT
ldq $n0,0($n0)
and sp,AT,sp
@@ -106,9 +110,9 @@ bn_mul_mont:
.align 4
.L1st:
.set noreorder
ldq $aj,($aj)
ldq $aj,0($aj)
addl $j,1,$j
ldq $nj,($nj)
ldq $nj,0($nj)
lda $tp,8($tp)
addq $alo,$hi0,$lo0
@@ -159,12 +163,12 @@ bn_mul_mont:
.align 4
.Louter:
s8addq $i,$bp,$bi
ldq $hi0,($ap)
ldq $hi0,0($ap)
ldq $aj,8($ap)
ldq $bi,($bi)
ldq $hi1,($np)
ldq $bi,0($bi)
ldq $hi1,0($np)
ldq $nj,8($np)
ldq $tj,(sp)
ldq $tj,0(sp)
mulq $hi0,$bi,$lo0
umulh $hi0,$bi,$hi0
@@ -195,10 +199,10 @@ bn_mul_mont:
.set noreorder
ldq $tj,8($tp) #L0
nop #U1
ldq $aj,($aj) #L1
ldq $aj,0($aj) #L1
s8addq $j,$np,$nj #U0
ldq $nj,($nj) #L0
ldq $nj,0($nj) #L0
nop #U1
addq $alo,$hi0,$lo0 #L1
lda $tp,8($tp)
@@ -247,7 +251,7 @@ bn_mul_mont:
addq $hi1,v0,$hi1
addq $hi1,$hi0,$lo1
stq $j,($tp)
stq $j,0($tp)
cmpult $lo1,$hi0,$hi1
addq $lo1,$tj,$lo1
cmpult $lo1,$tj,AT
@@ -265,8 +269,8 @@ bn_mul_mont:
mov 0,$hi0 # clear borrow bit
.align 4
.Lsub: ldq $lo0,($tp)
ldq $lo1,($np)
.Lsub: ldq $lo0,0($tp)
ldq $lo1,0($np)
lda $tp,8($tp)
lda $np,8($np)
subq $lo0,$lo1,$lo1 # tp[i]-np[i]
@@ -274,7 +278,7 @@ bn_mul_mont:
subq $lo1,$hi0,$lo0
cmpult $lo1,$lo0,$hi0
or $hi0,AT,$hi0
stq $lo0,($rp)
stq $lo0,0($rp)
cmpult $tp,$tj,v0
lda $rp,8($rp)
bne v0,.Lsub
@@ -288,7 +292,7 @@ bn_mul_mont:
bis $bp,$ap,$ap # ap=borrow?tp:rp
.align 4
.Lcopy: ldq $aj,($ap) # copy or in-place refresh
.Lcopy: ldq $aj,0($ap) # copy or in-place refresh
lda $tp,8($tp)
lda $rp,8($rp)
lda $ap,8($ap)
@@ -306,11 +310,11 @@ bn_mul_mont:
ldq s4,16(sp)
ldq s5,24(sp)
ldq fp,32(sp)
lda sp,40(sp)
lda sp,48(sp)
ret (ra)
.end bn_mul_mont
.rdata
.asciiz "Montgomery Multiplication for Alpha, CRYPTOGAMS by <appro\@openssl.org>"
.ascii "Montgomery Multiplication for Alpha, CRYPTOGAMS by <appro\@openssl.org>"
.align 2
___
print $code;

View File

@@ -193,6 +193,7 @@ bn_mul_mont:
bx lr @ interoperable with Thumb ISA:-)
.size bn_mul_mont,.-bn_mul_mont
.asciz "Montgomery multiplication for ARMv4, CRYPTOGAMS by <appro\@openssl.org>"
.align 2
___
$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm; # make it possible to compile with -march=armv4

View File

@@ -1,4 +1,4 @@
.ident "s390x.S, version 1.0"
.ident "s390x.S, version 1.1"
// ====================================================================
// Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
// project.
@@ -24,67 +24,67 @@ bn_mul_add_words:
bler %r14 // if (len<=0) return 0;
stmg %r6,%r10,48(%r15)
lghi %r10,3
lghi %r8,0 // carry = 0
srag %r10,%r4,2 // cnt=len/4
jz .Loop1_madd
nr %r10,%r4 // len%4
sra %r4,2 // cnt=len/4
jz .Loop1_madd // carry is incidentally cleared if branch taken
algr zero,zero // clear carry
.Loop4_madd:
lg %r7,0(%r2,%r3) // ap[i]
mlgr %r6,%r5 // *=w
algr %r7,%r8 // +=carry
alcgr %r7,%r8 // +=carry
alcgr %r6,zero
alg %r7,0(%r2,%r1) // +=rp[i]
alcgr %r6,zero
stg %r7,0(%r2,%r1) // rp[i]=
lg %r9,8(%r2,%r3)
mlgr %r8,%r5
algr %r9,%r6
alcgr %r9,%r6
alcgr %r8,zero
alg %r9,8(%r2,%r1)
alcgr %r8,zero
stg %r9,8(%r2,%r1)
lg %r7,16(%r2,%r3)
mlgr %r6,%r5
algr %r7,%r8
alcgr %r7,%r8
alcgr %r6,zero
alg %r7,16(%r2,%r1)
alcgr %r6,zero
stg %r7,16(%r2,%r1)
lg %r9,24(%r2,%r3)
mlgr %r8,%r5
algr %r9,%r6
alcgr %r9,%r6
alcgr %r8,zero
alg %r9,24(%r2,%r1)
alcgr %r8,zero
stg %r9,24(%r2,%r1)
la %r2,32(%r2) // i+=4
brct %r10,.Loop4_madd
brct %r4,.Loop4_madd
lghi %r10,3
nr %r4,%r10 // cnt=len%4
jz .Lend_madd
la %r10,1(%r10) // see if len%4 is zero ...
brct %r10,.Loop1_madd // without touching condition code:-)
.Lend_madd:
alcgr %r8,zero // collect carry bit
lgr %r2,%r8
lmg %r6,%r10,48(%r15)
br %r14
.Loop1_madd:
lg %r7,0(%r2,%r3) // ap[i]
mlgr %r6,%r5 // *=w
algr %r7,%r8 // +=carry
alcgr %r7,%r8 // +=carry
alcgr %r6,zero
alg %r7,0(%r2,%r1) // +=rp[i]
alcgr %r6,zero
stg %r7,0(%r2,%r1) // rp[i]=
lgr %r8,%r6
la %r2,8(%r2) // i++
brct %r4,.Loop1_madd
brct %r10,.Loop1_madd
.Lend_madd:
lgr %r2,%r8
lmg %r6,%r10,48(%r15)
br %r14
j .Lend_madd
.size bn_mul_add_words,.-bn_mul_add_words
// BN_ULONG bn_mul_words(BN_ULONG *r2,BN_ULONG *r3,int r4,BN_ULONG r5);
@@ -99,57 +99,57 @@ bn_mul_words:
bler %r14 // if (len<=0) return 0;
stmg %r6,%r10,48(%r15)
lghi %r10,3
lghi %r8,0 // carry = 0
srag %r10,%r4,2 // cnt=len/4
jz .Loop1_mul
nr %r10,%r4 // len%4
sra %r4,2 // cnt=len/4
jz .Loop1_mul // carry is incidentally cleared if branch taken
algr zero,zero // clear carry
.Loop4_mul:
lg %r7,0(%r2,%r3) // ap[i]
mlgr %r6,%r5 // *=w
algr %r7,%r8 // +=carry
alcgr %r6,zero
alcgr %r7,%r8 // +=carry
stg %r7,0(%r2,%r1) // rp[i]=
lg %r9,8(%r2,%r3)
mlgr %r8,%r5
algr %r9,%r6
alcgr %r8,zero
alcgr %r9,%r6
stg %r9,8(%r2,%r1)
lg %r7,16(%r2,%r3)
mlgr %r6,%r5
algr %r7,%r8
alcgr %r6,zero
alcgr %r7,%r8
stg %r7,16(%r2,%r1)
lg %r9,24(%r2,%r3)
mlgr %r8,%r5
algr %r9,%r6
alcgr %r8,zero
alcgr %r9,%r6
stg %r9,24(%r2,%r1)
la %r2,32(%r2) // i+=4
brct %r10,.Loop4_mul
brct %r4,.Loop4_mul
lghi %r10,3
nr %r4,%r10 // cnt=len%4
jz .Lend_mul
la %r10,1(%r10) // see if len%4 is zero ...
brct %r10,.Loop1_madd // without touching condition code:-)
.Lend_mul:
alcgr %r8,zero // collect carry bit
lgr %r2,%r8
lmg %r6,%r10,48(%r15)
br %r14
.Loop1_mul:
lg %r7,0(%r2,%r3) // ap[i]
mlgr %r6,%r5 // *=w
algr %r7,%r8 // +=carry
alcgr %r6,zero
alcgr %r7,%r8 // +=carry
stg %r7,0(%r2,%r1) // rp[i]=
lgr %r8,%r6
la %r2,8(%r2) // i++
brct %r4,.Loop1_mul
brct %r10,.Loop1_mul
.Lend_mul:
lgr %r2,%r8
lmg %r6,%r10,48(%r15)
br %r14
j .Lend_mul
.size bn_mul_words,.-bn_mul_words
// void bn_sqr_words(BN_ULONG *r2,BN_ULONG *r2,int r4)

View File

@@ -63,6 +63,7 @@
#undef mul
#undef mul_add
#undef sqr
/*
* "m"(a), "+m"(r) is the way to favor DirectPath <20>-code;

View File

@@ -102,7 +102,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
/* The next 2 are needed so we can do a dv->d[0]|=1 later
* since BN_lshift1 will only work once there is a value :-) */
BN_zero(dv);
bn_wexpand(dv,1);
if(bn_wexpand(dv,1) == NULL) goto end;
dv->top=1;
if (!BN_lshift(D,D,nm-nd)) goto end;

View File

@@ -301,7 +301,8 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1,
r_is_one = 0;
}
}
BN_from_montgomery(rr,r,mont,ctx);
if (!BN_from_montgomery(rr,r,mont,ctx))
goto err;
ret=1;
err:
if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);

View File

@@ -232,7 +232,8 @@ int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
if (a->top < b->top) { at = b; bt = a; }
else { at = a; bt = b; }
bn_wexpand(r, at->top);
if(bn_wexpand(r, at->top) == NULL)
return 0;
for (i = 0; i < bt->top; i++)
{

View File

@@ -551,7 +551,7 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
int tna, int tnb, BN_ULONG *t)
{
int i,j,n2=n*2;
int c1,c2,neg,zero;
int c1,c2,neg;
BN_ULONG ln,lo,*p;
# ifdef BN_COUNT
@@ -567,7 +567,7 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
/* r=(a[0]-a[1])*(b[1]-b[0]) */
c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna);
c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n);
zero=neg=0;
neg=0;
switch (c1*3+c2)
{
case -4:
@@ -575,7 +575,6 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */
break;
case -3:
zero=1;
/* break; */
case -2:
bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */
@@ -585,7 +584,6 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
case -1:
case 0:
case 1:
zero=1;
/* break; */
case 2:
bn_sub_part_words(t, a, &(a[n]),tna,n-tna); /* + */
@@ -593,7 +591,6 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
neg=1;
break;
case 3:
zero=1;
/* break; */
case 4:
bn_sub_part_words(t, a, &(a[n]),tna,n-tna);
@@ -1012,7 +1009,6 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
{
if (i >= -1 && i <= 1)
{
int sav_j =0;
/* Find out the power of two lower or equal
to the longest of the two numbers */
if (i >= 0)
@@ -1023,7 +1019,6 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
{
j = BN_num_bits_word((BN_ULONG)bl);
}
sav_j = j;
j = 1<<(j-1);
assert(j <= al || j <= bl);
k = j+j;

View File

@@ -131,8 +131,8 @@ ASN1_NDEF_SEQUENCE(CMS_SignedData) = {
} ASN1_NDEF_SEQUENCE_END(CMS_SignedData)
ASN1_SEQUENCE(CMS_OriginatorInfo) = {
ASN1_IMP_SET_OF_OPT(CMS_SignedData, certificates, CMS_CertificateChoices, 0),
ASN1_IMP_SET_OF_OPT(CMS_SignedData, crls, CMS_RevocationInfoChoice, 1)
ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, certificates, CMS_CertificateChoices, 0),
ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, crls, CMS_RevocationInfoChoice, 1)
} ASN1_SEQUENCE_END(CMS_OriginatorInfo)
ASN1_NDEF_SEQUENCE(CMS_EncryptedContentInfo) = {

View File

@@ -406,7 +406,11 @@ int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
return 0;
}
BIO_get_md_ctx(chain, &mtmp);
if (EVP_MD_CTX_type(mtmp) == nid)
if (EVP_MD_CTX_type(mtmp) == nid
/* Workaround for broken implementations that use signature
* algorithm OID instead of digest.
*/
|| EVP_MD_pkey_type(EVP_MD_CTX_md(mtmp)) == nid)
{
EVP_MD_CTX_copy_ex(mctx, mtmp);
return 1;

View File

@@ -86,13 +86,12 @@ c_rle.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
c_rle.o: ../../include/openssl/symhacks.h c_rle.c
c_zlib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
c_zlib.o: ../../include/openssl/comp.h ../../include/openssl/crypto.h
c_zlib.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
c_zlib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
c_zlib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
c_zlib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
c_zlib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
c_zlib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
c_zlib.o: c_zlib.c
c_zlib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
c_zlib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
c_zlib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
c_zlib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
c_zlib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
c_zlib.o: ../../include/openssl/symhacks.h c_zlib.c
comp_err.o: ../../include/openssl/bio.h ../../include/openssl/comp.h
comp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
comp_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h

View File

@@ -285,7 +285,7 @@ CONF_VALUE *_CONF_new_section(CONF *conf, const char *section)
v->value=(char *)sk;
vv=lh_CONF_VALUE_insert(conf->data,v);
assert(vv == NULL);
OPENSSL_assert(vv == NULL);
ok=1;
err:
if (!ok)

View File

@@ -213,13 +213,12 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
int bufnum=0,i,ii;
BUF_MEM *buff=NULL;
char *s,*p,*end;
int again,n;
int again;
long eline=0;
char btmp[DECIMAL_SIZE(eline)+1];
CONF_VALUE *v=NULL,*tv;
CONF_VALUE *sv=NULL;
char *section=NULL,*buf;
STACK_OF(CONF_VALUE) *section_sk=NULL,*ts;
char *start,*psection,*pname;
void *h = (void *)(conf->data);
@@ -250,7 +249,6 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
goto err;
}
section_sk=(STACK_OF(CONF_VALUE) *)sv->value;
bufnum=0;
again=0;
@@ -309,7 +307,6 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
buf=buff->data;
clear_comments(conf, buf);
n=strlen(buf);
s=eat_ws(conf, buf);
if (IS_EOF(conf,*s)) continue; /* blank line */
if (*s == '[')
@@ -343,7 +340,6 @@ again:
CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
goto err;
}
section_sk=(STACK_OF(CONF_VALUE) *)sv->value;
continue;
}
else
@@ -406,13 +402,9 @@ again:
CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
goto err;
}
ts=(STACK_OF(CONF_VALUE) *)tv->value;
}
else
{
tv=sv;
ts=section_sk;
}
#if 1
if (_CONF_add_string(conf, tv, v) == 0)
{
@@ -465,9 +457,6 @@ err:
static void clear_comments(CONF *conf, char *p)
{
char *to;
to=p;
for (;;)
{
if (IS_FCOMMENT(conf,*p))

View File

@@ -749,6 +749,18 @@ int OPENSSL_isservice(void)
{ HWINSTA h;
DWORD len;
WCHAR *name;
static union { void *p; int (*f)(void); } _OPENSSL_isservice = { NULL };
if (_OPENSSL_isservice.p == NULL) {
HANDLE h = GetModuleHandle(NULL);
if (h != NULL)
_OPENSSL_isservice.p = GetProcAddress(h,"_OPENSSL_isservice");
if (_OPENSSL_isservice.p == NULL)
_OPENSSL_isservice.p = (void *)-1;
}
if (_OPENSSL_isservice.p != (void *)-1)
return (*_OPENSSL_isservice.f)();
(void)GetDesktopWindow(); /* return value is ignored */

View File

@@ -103,7 +103,6 @@ extern unsigned long OPENSSL_ia32cap_P;
void OPENSSL_showfatal(const char *,...);
void *OPENSSL_stderr(void);
extern int OPENSSL_NONPIC_relocated;
int OPENSSL_isservice(void);
#ifdef __cplusplus
}

View File

@@ -60,7 +60,7 @@ $ THEN
$!
$! The Architecture Is VAX
$!
$ ARCH := VAX
$ ARCH = "VAX"
$!
$! Else...
$!
@@ -80,9 +80,11 @@ $! NOTE: Some might think this list ugly. However, it's made this way to
$! reflect the SDIRS variable in [-]Makefile.org as closely as possible,
$! thereby making it fairly easy to verify that the lists are the same.
$!
$ ET_WHIRLPOOL = "WHRLPOOL"
$ IF ARCH .EQS. "VAX" THEN ET_WHIRLPOOL = ""
$ ENCRYPT_TYPES = "Basic,"+ -
"OBJECTS,"+ -
"MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,WHRLPOOL,"+ -
"MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,"+ET_WHIRLPOOL+","+ -
"DES,AES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,MODES,"+ -
"BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,"+ -
"BUFFER,BIO,STACK,LHASH,RAND,ERR,"+ -
@@ -367,7 +369,7 @@ $!
$ IF F$TYPE('LIB_MODULE') .EQS. ""
$ THEN
$ WRITE SYS$ERROR ""
$ WRITE SYS$ERROR "The module ",MODULE_NAME," does not exist. Continuing..."
$ WRITE SYS$ERROR "The module ",MODULE_NAME1," does not exist. Continuing..."
$ WRITE SYS$ERROR ""
$ GOTO MODULE_NEXT
$ ENDIF
@@ -777,12 +779,12 @@ $! Else...
$!
$ ELSE
$!
$! Else, Check To See If P1 Has A Valid Arguement.
$! Else, Check To See If P1 Has A Valid Argument.
$!
$ IF (P1.EQS."LIBRARY").OR.(P1.EQS."APPS")
$ THEN
$!
$! A Valid Arguement.
$! A Valid Argument.
$!
$ BUILDALL = P1
$!
@@ -810,7 +812,7 @@ $! Time To EXIT.
$!
$ EXIT
$!
$! End The Valid Arguement Check.
$! End The Valid Argument Check.
$!
$ ENDIF
$!
@@ -863,7 +865,7 @@ $! Time To EXIT.
$!
$ EXIT
$!
$! End The Valid Arguement Check.
$! End The Valid Argument Check.
$!
$ ENDIF
$!
@@ -1034,7 +1036,7 @@ $ IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
THEN CC = "CC/DECC"
$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + -
"/NOLIST/PREFIX=ALL" + -
"/INCLUDE=(SYS$DISK:[],SYS$DISK:[.''ARCH'],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS],SYS$DISK:[.EVP],SYS$DISK:[.ASN1])" + -
"/INCLUDE=(SYS$DISK:[],SYS$DISK:[._''ARCH'],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS],SYS$DISK:[.EVP],SYS$DISK:[.ASN1])" + -
CCEXTRAFLAGS
$!
$! Define The Linker Options File Name.
@@ -1068,7 +1070,7 @@ $ EXIT
$ ENDIF
$ IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
"/INCLUDE=(SYS$DISK:[],SYS$DISK:[.''ARCH'],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS],SYS$DISK:[.EVP],SYS$DISK:[.ASN1])" + -
"/INCLUDE=(SYS$DISK:[],SYS$DISK:[._''ARCH'],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS],SYS$DISK:[.EVP],SYS$DISK:[.ASN1])" + -
CCEXTRAFLAGS
$ CCDEFS = """VAXC""," + CCDEFS
$!
@@ -1100,7 +1102,7 @@ $!
$! Use GNU C...
$!
$ CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
"/INCLUDE=(SYS$DISK:[],SYS$DISK:[.''ARCH'],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS],SYS$DISK:[.EVP],SYS$DISK:[.ASN1])" + -
"/INCLUDE=(SYS$DISK:[],SYS$DISK:[._''ARCH'],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS],SYS$DISK:[.EVP],SYS$DISK:[.ASN1])" + -
CCEXTRAFLAGS
$!
$! Define The Linker Options File Name.
@@ -1150,7 +1152,7 @@ $! Show user the result
$!
$ WRITE/SYMBOL SYS$OUTPUT "Main C Compiling Command: ",CC
$!
$! Else The User Entered An Invalid Arguement.
$! Else The User Entered An Invalid Argument.
$!
$ ELSE
$!
@@ -1168,7 +1170,7 @@ $! Time To EXIT.
$!
$ EXIT
$!
$! End The Valid Arguement Check.
$! End The Valid Argument Check.
$!
$ ENDIF
$!
@@ -1263,7 +1265,7 @@ $! Print info
$!
$ WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB
$!
$! Else The User Entered An Invalid Arguement.
$! Else The User Entered An Invalid Argument.
$!
$ ELSE
$!

View File

@@ -545,6 +545,7 @@ void OpenSSLDie(const char *file,int line,const char *assertion);
unsigned long *OPENSSL_ia32cap_loc(void);
#define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc()))
int OPENSSL_isservice(void);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes

View File

@@ -659,13 +659,13 @@ $! Else...
$!
$ ELSE
$!
$! Else, Check To See If P1 Has A Valid Arguement.
$! Else, Check To See If P1 Has A Valid Argument.
$!
$ IF (P1.EQS."LIBRARY").OR.(P1.EQS."DESTEST").OR.(P1.EQS."SPEED") -
.OR.(P1.EQS."RPW").OR.(P1.EQS."DES").OR.(P1.EQS."DES_OPTS")
$ THEN
$!
$! A Valid Arguement.
$! A Valid Argument.
$!
$ BUILDALL = P1
$!
@@ -678,7 +678,7 @@ $!
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "The Option ",P1," Is Invalid. The Valid Options Are:"
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT " ALL : Just Build Everything.
$ WRITE SYS$OUTPUT " ALL : Just Build Everything."
$ WRITE SYS$OUTPUT " LIBRARY : To Compile Just The [.xxx.EXE.CRYPTO.DES]LIBDES.OLB Library."
$ WRITE SYS$OUTPUT " DESTEST : To Compile Just The [.xxx.EXE.CRYPTO.DES]DESTEST.EXE Program."
$ WRITE SYS$OUTPUT " SPEED : To Compile Just The [.xxx.EXE.CRYPTO.DES]SPEED.EXE Program."
@@ -697,7 +697,7 @@ $! Time To EXIT.
$!
$ EXIT
$!
$! End The Valid Arguement Check.
$! End The Valid Argument Check.
$!
$ ENDIF
$!
@@ -754,7 +754,7 @@ $! Time To EXIT.
$!
$ EXIT
$!
$! End The Valid Arguement Check.
$! End The Valid Argument Check.
$!
$ ENDIF
$!
@@ -978,7 +978,7 @@ $! Show user the result
$!
$ WRITE SYS$OUTPUT "Main Compiling Command: ",CC
$!
$! Else The User Entered An Invalid Arguement.
$! Else The User Entered An Invalid Argument.
$!
$ ELSE
$!

View File

@@ -122,10 +122,10 @@ struct desparams {
/*
* Encrypt an arbitrary sized buffer
*/
#define DESIOCBLOCK _IOWR(d, 6, struct desparams)
#define DESIOCBLOCK _IOWR('d', 6, struct desparams)
/*
* Encrypt of small amount of data, quickly
*/
#define DESIOCQUICK _IOWR(d, 7, struct desparams)
#define DESIOCQUICK _IOWR('d', 7, struct desparams)

View File

@@ -209,7 +209,7 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
if (*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED))
{
ASN1_TYPE *t1, *t2;
if(!(ndsa = d2i_ASN1_SEQUENCE_ANY(NULL, &p, pklen)));
if(!(ndsa = d2i_ASN1_SEQUENCE_ANY(NULL, &p, pklen)))
goto decerr;
if (sk_ASN1_TYPE_num(ndsa) != 2)
goto decerr;
@@ -237,8 +237,16 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
}
else
{
const unsigned char *q = p;
if (!(privkey=d2i_ASN1_INTEGER(NULL, &p, pklen)))
goto decerr;
if (privkey->type == V_ASN1_NEG_INTEGER)
{
p8->broken = PKCS8_NEG_PRIVKEY;
ASN1_INTEGER_free(privkey);
if (!(privkey=d2i_ASN1_UINTEGER(NULL, &q, pklen)))
goto decerr;
}
if (ptype != V_ASN1_SEQUENCE)
goto decerr;
}

View File

@@ -120,7 +120,7 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
BIGNUM *r0,*W,*X,*c,*test;
BIGNUM *g=NULL,*q=NULL,*p=NULL;
BN_MONT_CTX *mont=NULL;
int i, k,n=0,b,m=0, qsize = qbits >> 3;
int i, k, n=0, m=0, qsize = qbits >> 3;
int counter=0;
int r=0;
BN_CTX *ctx=NULL;
@@ -232,7 +232,6 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
/* "offset = 2" */
n=(bits-1)/160;
b=(bits-1)-n*160;
for (;;)
{

View File

@@ -185,7 +185,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */
if (!BN_add(s, &xr, &m)) goto err; /* s = m + xr */
if (BN_cmp(s,dsa->q) > 0)
BN_sub(s,s,dsa->q);
if (!BN_sub(s,s,dsa->q)) goto err;
if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err;
ret=DSA_SIG_new();

View File

@@ -78,6 +78,9 @@ DSO_METHOD *DSO_METHOD_dlfcn(void)
#else
#ifdef HAVE_DLFCN_H
# ifdef __osf__
# define __EXTENSIONS__
# endif
# include <dlfcn.h>
# define HAVE_DLINFO 1
# if defined(_AIX) || defined(__CYGWIN__) || \

View File

@@ -319,6 +319,7 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
int ret = 0;
size_t i;
EC_POINT *p=NULL;
EC_POINT *acc = NULL;
if (ctx == NULL)
{
@@ -338,15 +339,16 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
}
if ((p = EC_POINT_new(group)) == NULL) goto err;
if ((acc = EC_POINT_new(group)) == NULL) goto err;
if (!EC_POINT_set_to_infinity(group, r)) goto err;
if (!EC_POINT_set_to_infinity(group, acc)) goto err;
if (scalar)
{
if (!ec_GF2m_montgomery_point_multiply(group, p, scalar, group->generator, ctx)) goto err;
if (BN_is_negative(scalar))
if (BN_is_negative(scalar))
if (!group->meth->invert(group, p, ctx)) goto err;
if (!group->meth->add(group, r, r, p, ctx)) goto err;
if (!group->meth->add(group, acc, acc, p, ctx)) goto err;
}
for (i = 0; i < num; i++)
@@ -354,13 +356,16 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
if (!ec_GF2m_montgomery_point_multiply(group, p, scalars[i], points[i], ctx)) goto err;
if (BN_is_negative(scalars[i]))
if (!group->meth->invert(group, p, ctx)) goto err;
if (!group->meth->add(group, r, r, p, ctx)) goto err;
if (!group->meth->add(group, acc, acc, p, ctx)) goto err;
}
if (!EC_POINT_copy(r, acc)) goto err;
ret = 1;
err:
if (p) EC_POINT_free(p);
if (acc) EC_POINT_free(acc);
if (new_ctx != NULL)
BN_CTX_free(new_ctx);
return ret;

View File

@@ -176,8 +176,8 @@ int ec_GF2m_simple_group_copy(EC_GROUP *dest, const EC_GROUP *src)
dest->poly[3] = src->poly[3];
dest->poly[4] = src->poly[4];
dest->poly[5] = src->poly[5];
bn_wexpand(&dest->a, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2);
bn_wexpand(&dest->b, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2);
if (bn_wexpand(&dest->a, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) return 0;
if (bn_wexpand(&dest->b, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) return 0;
for (i = dest->a.top; i < dest->a.dmax; i++) dest->a.d[i] = 0;
for (i = dest->b.top; i < dest->b.dmax; i++) dest->b.d[i] = 0;
return 1;
@@ -201,12 +201,12 @@ int ec_GF2m_simple_group_set_curve(EC_GROUP *group,
/* group->a */
if (!BN_GF2m_mod_arr(&group->a, a, group->poly)) goto err;
bn_wexpand(&group->a, (int)(group->poly[0] + BN_BITS2 - 1) / BN_BITS2);
if(bn_wexpand(&group->a, (int)(group->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) goto err;
for (i = group->a.top; i < group->a.dmax; i++) group->a.d[i] = 0;
/* group->b */
if (!BN_GF2m_mod_arr(&group->b, b, group->poly)) goto err;
bn_wexpand(&group->b, (int)(group->poly[0] + BN_BITS2 - 1) / BN_BITS2);
if(bn_wexpand(&group->b, (int)(group->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) goto err;
for (i = group->b.top; i < group->b.dmax; i++) group->b.d[i] = 0;
ret = 1;

View File

@@ -169,11 +169,13 @@ static void ec_pre_comp_clear_free(void *pre_)
EC_POINT **p;
for (p = pre->points; *p != NULL; p++)
{
EC_POINT_clear_free(*p);
OPENSSL_cleanse(pre->points, sizeof pre->points);
OPENSSL_cleanse(p, sizeof *p);
}
OPENSSL_free(pre->points);
}
OPENSSL_cleanse(pre, sizeof pre);
OPENSSL_cleanse(pre, sizeof *pre);
OPENSSL_free(pre);
}

View File

@@ -96,7 +96,6 @@ const ECDH_METHOD *ECDH_get_default_method(void)
int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
{
const ECDH_METHOD *mtmp;
ECDH_DATA *ecdh;
ecdh = ecdh_check(eckey);
@@ -104,8 +103,8 @@ int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
if (ecdh == NULL)
return 0;
mtmp = ecdh->meth;
#if 0
mtmp = ecdh->meth;
if (mtmp->finish)
mtmp->finish(eckey);
#endif

View File

@@ -83,7 +83,6 @@ const ECDSA_METHOD *ECDSA_get_default_method(void)
int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
{
const ECDSA_METHOD *mtmp;
ECDSA_DATA *ecdsa;
ecdsa = ecdsa_check(eckey);
@@ -91,7 +90,6 @@ int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
if (ecdsa == NULL)
return 0;
mtmp = ecdsa->meth;
#ifndef OPENSSL_NO_ENGINE
if (ecdsa->engine)
{

View File

@@ -95,7 +95,7 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf)
int ret = 0;
long do_init = -1;
STACK_OF(CONF_VALUE) *ecmds;
CONF_VALUE *ecmd;
CONF_VALUE *ecmd = NULL;
char *ctrlname, *ctrlvalue;
ENGINE *e = NULL;
int soft = 0;
@@ -157,7 +157,7 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf)
return 1;
}
if (!e)
return 0;
goto err;
}
/* Allow "EMPTY" to mean no value: this allows a valid
* "value" to be passed to ctrls of type NO_INPUT
@@ -186,16 +186,27 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf)
}
else if (!ENGINE_ctrl_cmd_string(e,
ctrlname, ctrlvalue, 0))
return 0;
goto err;
}
}
if (e && (do_init == -1) && !int_engine_init(e))
{
ecmd = NULL;
goto err;
}
ret = 1;
err:
if (ret != 1)
{
ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, ENGINE_R_ENGINE_CONFIGURATION_ERROR);
if (ecmd)
ERR_add_error_data(6, "section=", ecmd->section,
", name=", ecmd->name,
", value=", ecmd->value);
}
if (e)
ENGINE_free(e);
return ret;

View File

@@ -90,7 +90,9 @@ static int get_asym_dev_crypto(void);
static int open_dev_crypto(void);
static int get_dev_crypto(void);
static int get_cryptodev_ciphers(const int **cnids);
/*static int get_cryptodev_digests(const int **cnids);*/
#ifdef USE_CRYPTODEV_DIGESTS
static int get_cryptodev_digests(const int **cnids);
#endif
static int cryptodev_usable_ciphers(const int **nids);
static int cryptodev_usable_digests(const int **nids);
static int cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
@@ -128,7 +130,7 @@ static int cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
static int cryptodev_dh_compute_key(unsigned char *key,
const BIGNUM *pub_key, DH *dh);
static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p,
void (*f)());
void (*f)(void));
void ENGINE_load_cryptodev(void);
static const ENGINE_CMD_DEFN cryptodev_defns[] = {
@@ -153,7 +155,7 @@ static struct {
{ 0, NID_undef, 0, 0, },
};
#if 0
#ifdef USE_CRYPTODEV_DIGESTS
static struct {
int id;
int nid;
@@ -259,13 +261,13 @@ get_cryptodev_ciphers(const int **cnids)
return (count);
}
#ifdef USE_CRYPTODEV_DIGESTS
/*
* Find out what digests /dev/crypto will let us have a session for.
* XXX note, that some of these openssl doesn't deal with yet!
* returning them here is harmless, as long as we return NULL
* when asked for a handler in the cryptodev_engine_digests routine
*/
#if 0 /* not (yet?) used */
static int
get_cryptodev_digests(const int **cnids)
{
@@ -1015,10 +1017,18 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
goto err;
kop.crk_iparams = 3;
if (cryptodev_asym(&kop, BN_num_bytes(m), r, 0, NULL) == -1) {
if (cryptodev_asym(&kop, BN_num_bytes(m), r, 0, NULL)) {
const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
printf("OCF asym process failed, Running in software\n");
ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont);
} else if (ECANCELED == kop.crk_status) {
const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
printf("OCF hardware operation cancelled. Running in Software\n");
ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont);
}
/* else cryptodev operation worked ok ==> ret = 1*/
err:
zapparams(&kop);
return (ret);
@@ -1062,10 +1072,18 @@ cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
goto err;
kop.crk_iparams = 6;
if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL) == -1) {
if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL)) {
const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
printf("OCF asym process failed, running in Software\n");
ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx);
} else if (ECANCELED == kop.crk_status) {
const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
printf("OCF hardware operation cancelled. Running in Software\n");
ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx);
}
/* else cryptodev operation worked ok ==> ret = 1*/
err:
zapparams(&kop);
return (ret);
@@ -1201,7 +1219,8 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
kop.crk_iparams = 7;
if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) {
dsaret = kop.crk_status;
/*OCF success value is 0, if not zero, change dsaret to fail*/
if(0 != kop.crk_status) dsaret = 0;
} else {
const DSA_METHOD *meth = DSA_OpenSSL();
@@ -1292,7 +1311,7 @@ static DH_METHOD cryptodev_dh = {
* but I expect we'll want some options soon.
*/
static int
cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
{
#ifdef HAVE_SYSLOG_R
struct syslog_data sd = SYSLOG_DATA_INIT;

View File

@@ -1,6 +1,6 @@
/* crypto/engine/eng_err.c */
/* ====================================================================
* Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
* Copyright (c) 1999-2010 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -126,6 +126,7 @@ static ERR_STRING_DATA ENGINE_str_reasons[]=
{ERR_REASON(ENGINE_R_DSO_FAILURE) ,"DSO failure"},
{ERR_REASON(ENGINE_R_DSO_NOT_FOUND) ,"dso not found"},
{ERR_REASON(ENGINE_R_ENGINES_SECTION_ERROR),"engines section error"},
{ERR_REASON(ENGINE_R_ENGINE_CONFIGURATION_ERROR),"engine configuration error"},
{ERR_REASON(ENGINE_R_ENGINE_IS_NOT_IN_LIST),"engine is not in the list"},
{ERR_REASON(ENGINE_R_ENGINE_SECTION_ERROR),"engine section error"},
{ERR_REASON(ENGINE_R_FAILED_LOADING_PRIVATE_KEY),"failed loading private key"},

View File

@@ -413,6 +413,7 @@ ENGINE *ENGINE_by_id(const char *id)
return iterator;
}
notfound:
ENGINE_free(iterator);
ENGINEerr(ENGINE_F_ENGINE_BY_ID,ENGINE_R_NO_SUCH_ENGINE);
ERR_add_error_data(2, "id=", id);
return NULL;

View File

@@ -254,6 +254,7 @@ ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, in
#endif
return NULL;
}
ERR_set_mark();
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
/* Check again inside the lock otherwise we could race against cleanup
* operations. But don't worry about a fprintf(stderr). */
@@ -327,7 +328,7 @@ end:
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
/* Whatever happened, any failed init()s are not failures in this
* context, so clear our error state. */
ERR_clear_error();
ERR_pop_to_mark();
return ret;
}

View File

@@ -794,6 +794,7 @@ void ERR_load_ENGINE_strings(void);
#define ENGINE_R_DSO_FAILURE 104
#define ENGINE_R_DSO_NOT_FOUND 132
#define ENGINE_R_ENGINES_SECTION_ERROR 148
#define ENGINE_R_ENGINE_CONFIGURATION_ERROR 102
#define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105
#define ENGINE_R_ENGINE_SECTION_ERROR 149
#define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128

View File

@@ -81,7 +81,8 @@ void ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u),
ERR_error_string_n(l, buf, sizeof buf);
BIO_snprintf(buf2, sizeof(buf2), "%lu:%s:%s:%d:%s\n", es, buf,
file, line, (flags & ERR_TXT_STRING) ? data : "");
cb(buf2, strlen(buf2), u);
if (cb(buf2, strlen(buf2), u) <= 0)
break; /* abort outputting the error report */
}
}

View File

@@ -64,7 +64,7 @@
static int b64_write(BIO *h, const char *buf, int num);
static int b64_read(BIO *h, char *buf, int size);
/*static int b64_puts(BIO *h, const char *str); */
static int b64_puts(BIO *h, const char *str);
/*static int b64_gets(BIO *h, char *str, int size); */
static long b64_ctrl(BIO *h, int cmd, long arg1, void *arg2);
static int b64_new(BIO *h);
@@ -96,7 +96,7 @@ static BIO_METHOD methods_b64=
BIO_TYPE_BASE64,"base64 encoding",
b64_write,
b64_read,
NULL, /* b64_puts, */
b64_puts,
NULL, /* b64_gets, */
b64_ctrl,
b64_new,
@@ -127,6 +127,7 @@ static int b64_new(BIO *bi)
bi->init=1;
bi->ptr=(char *)ctx;
bi->flags=0;
bi->num = 0;
return(1);
}
@@ -151,6 +152,8 @@ static int b64_read(BIO *b, char *out, int outl)
if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
BIO_clear_retry_flags(b);
if (ctx->encode != B64_DECODE)
{
ctx->encode=B64_DECODE;
@@ -163,6 +166,7 @@ static int b64_read(BIO *b, char *out, int outl)
/* First check if there are bytes decoded/encoded */
if (ctx->buf_len > 0)
{
OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
i=ctx->buf_len-ctx->buf_off;
if (i > outl) i=outl;
OPENSSL_assert(ctx->buf_off+i < (int)sizeof(ctx->buf));
@@ -184,7 +188,6 @@ static int b64_read(BIO *b, char *out, int outl)
ret_code=0;
while (outl > 0)
{
if (ctx->cont <= 0)
break;
@@ -195,7 +198,7 @@ static int b64_read(BIO *b, char *out, int outl)
{
ret_code=i;
/* Should be continue next time we are called? */
/* Should we continue next time we are called? */
if (!BIO_should_retry(b->next_bio))
{
ctx->cont=i;
@@ -285,19 +288,27 @@ static int b64_read(BIO *b, char *out, int outl)
continue;
}
else
{
ctx->tmp_len=0;
}
/* If buffer isn't full and we can retry then
* restart to read in more data.
*/
}
else if ((i < B64_BLOCK_SIZE) && (ctx->cont > 0))
{
/* If buffer isn't full and we can retry then
* restart to read in more data.
*/
continue;
}
if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)
{
int z,jj;
#if 0
jj=(i>>2)<<2;
#else
jj = i & ~3; /* process per 4 */
#endif
z=EVP_DecodeBlock((unsigned char *)ctx->buf,
(unsigned char *)ctx->tmp,jj);
if (jj > 2)
@@ -313,18 +324,15 @@ static int b64_read(BIO *b, char *out, int outl)
* number consumed */
if (jj != i)
{
memcpy((unsigned char *)ctx->tmp,
(unsigned char *)&(ctx->tmp[jj]),i-jj);
memmove(ctx->tmp, &ctx->tmp[jj], i-jj);
ctx->tmp_len=i-jj;
}
ctx->buf_len=0;
if (z > 0)
{
ctx->buf_len=z;
i=1;
}
else
i=z;
i=z;
}
else
{
@@ -357,14 +365,16 @@ static int b64_read(BIO *b, char *out, int outl)
outl-=i;
out+=i;
}
BIO_clear_retry_flags(b);
/* BIO_clear_retry_flags(b); */
BIO_copy_next_retry(b);
return((ret == 0)?ret_code:ret);
}
static int b64_write(BIO *b, const char *in, int inl)
{
int ret=inl,n,i;
int ret=0;
int n;
int i;
BIO_B64_CTX *ctx;
ctx=(BIO_B64_CTX *)b->ptr;
@@ -379,6 +389,9 @@ static int b64_write(BIO *b, const char *in, int inl)
EVP_EncodeInit(&(ctx->base64));
}
OPENSSL_assert(ctx->buf_off < (int)sizeof(ctx->buf));
OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
n=ctx->buf_len-ctx->buf_off;
while (n > 0)
{
@@ -388,7 +401,10 @@ static int b64_write(BIO *b, const char *in, int inl)
BIO_copy_next_retry(b);
return(i);
}
OPENSSL_assert(i <= n);
ctx->buf_off+=i;
OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf));
OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
n-=i;
}
/* at this point all pending data has been written */
@@ -405,18 +421,19 @@ static int b64_write(BIO *b, const char *in, int inl)
{
if (ctx->tmp_len > 0)
{
OPENSSL_assert(ctx->tmp_len <= 3);
n=3-ctx->tmp_len;
/* There's a teoretical possibility for this */
/* There's a theoretical possibility for this */
if (n > inl)
n=inl;
memcpy(&(ctx->tmp[ctx->tmp_len]),in,n);
ctx->tmp_len+=n;
ret += n;
if (ctx->tmp_len < 3)
break;
ctx->buf_len=EVP_EncodeBlock(
(unsigned char *)ctx->buf,
(unsigned char *)ctx->tmp,
ctx->tmp_len);
ctx->buf_len=EVP_EncodeBlock((unsigned char *)ctx->buf,(unsigned char *)ctx->tmp,ctx->tmp_len);
OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
/* Since we're now done using the temporary
buffer, the length should be 0'd */
ctx->tmp_len=0;
@@ -425,14 +442,16 @@ static int b64_write(BIO *b, const char *in, int inl)
{
if (n < 3)
{
memcpy(&(ctx->tmp[0]),in,n);
memcpy(ctx->tmp,in,n);
ctx->tmp_len=n;
ret += n;
break;
}
n-=n%3;
ctx->buf_len=EVP_EncodeBlock(
(unsigned char *)ctx->buf,
(unsigned char *)in,n);
ctx->buf_len=EVP_EncodeBlock((unsigned char *)ctx->buf,(const unsigned char *)in,n);
OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
ret += n;
}
}
else
@@ -440,6 +459,9 @@ static int b64_write(BIO *b, const char *in, int inl)
EVP_EncodeUpdate(&(ctx->base64),
(unsigned char *)ctx->buf,&ctx->buf_len,
(unsigned char *)in,n);
OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
ret += n;
}
inl-=n;
in+=n;
@@ -454,8 +476,11 @@ static int b64_write(BIO *b, const char *in, int inl)
BIO_copy_next_retry(b);
return((ret == 0)?i:ret);
}
OPENSSL_assert(i <= n);
n-=i;
ctx->buf_off+=i;
OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf));
OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
}
ctx->buf_len=0;
ctx->buf_off=0;
@@ -486,6 +511,7 @@ static long b64_ctrl(BIO *b, int cmd, long num, void *ptr)
ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
break;
case BIO_CTRL_WPENDING: /* More to write in buffer */
OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
ret=ctx->buf_len-ctx->buf_off;
if ((ret == 0) && (ctx->encode != B64_NONE)
&& (ctx->base64.num != 0))
@@ -494,6 +520,7 @@ static long b64_ctrl(BIO *b, int cmd, long num, void *ptr)
ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
break;
case BIO_CTRL_PENDING: /* More to read in buffer */
OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
ret=ctx->buf_len-ctx->buf_off;
if (ret <= 0)
ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
@@ -565,3 +592,7 @@ static long b64_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
return(ret);
}
static int b64_puts(BIO *b, const char *str)
{
return b64_write(b,str,strlen(str));
}

View File

@@ -361,8 +361,10 @@ again:
case BIO_CTRL_DUP:
dbio=(BIO *)ptr;
dctx=(BIO_ENC_CTX *)dbio->ptr;
memcpy(&(dctx->cipher),&(ctx->cipher),sizeof(ctx->cipher));
dbio->init=1;
EVP_CIPHER_CTX_init(&dctx->cipher);
ret = EVP_CIPHER_CTX_copy(&dctx->cipher,&ctx->cipher);
if (ret)
dbio->init=1;
break;
default:
ret=BIO_ctrl(b->next_bio,cmd,num,ptr);

View File

@@ -175,6 +175,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
{
/* Same comment from evp_enc.c */
EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_INITIALIZATION_ERROR);
ENGINE_finish(impl);
return 0;
}
/* We'll use the ENGINE's private digest definition */

View File

@@ -235,7 +235,7 @@ void EVP_DecodeInit(EVP_ENCODE_CTX *ctx)
int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
const unsigned char *in, int inl)
{
int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,tmp2,exp_nl;
int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,exp_nl;
unsigned char *d;
n=ctx->num;
@@ -319,7 +319,6 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
* lines. We process the line and then need to
* accept the '\n' */
if ((v != B64_EOF) && (n >= 64)) exp_nl=1;
tmp2=v;
if (n > 0)
{
v=EVP_DecodeBlock(out,d,n);

View File

@@ -325,7 +325,7 @@ struct evp_cipher_st
#define EVP_CIPH_CBC_MODE 0x2
#define EVP_CIPH_CFB_MODE 0x3
#define EVP_CIPH_OFB_MODE 0x4
#define EVP_CIPH_MODE 0x7
#define EVP_CIPH_MODE 0xF0007
/* Set if variable length cipher */
#define EVP_CIPH_VARIABLE_LENGTH 0x8
/* Set if the iv handling should be done by the cipher itself */
@@ -340,6 +340,12 @@ struct evp_cipher_st
#define EVP_CIPH_NO_PADDING 0x100
/* cipher handles random key generation */
#define EVP_CIPH_RAND_KEY 0x200
/* cipher has its own additional copying logic */
#define EVP_CIPH_CUSTOM_COPY 0x400
/* Allow use default ASN1 get/set iv */
#define EVP_CIPH_FLAG_DEFAULT_ASN1 0x1000
/* Buffer length in bits not bytes: CFB1 mode only */
#define EVP_CIPH_FLAG_LENGTH_BITS 0x2000
/* ctrl() values */
@@ -351,6 +357,7 @@ struct evp_cipher_st
#define EVP_CTRL_SET_RC5_ROUNDS 0x5
#define EVP_CTRL_RAND_KEY 0x6
#define EVP_CTRL_PBE_PRF_NID 0x7
#define EVP_CTRL_COPY 0x8
typedef struct evp_cipher_info_st
{
@@ -449,6 +456,7 @@ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in);
void * EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data);
#define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
@@ -514,6 +522,7 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
int EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
int EVP_read_pw_string(char *buf,int length,const char *prompt,int verify);
int EVP_read_pw_string_min(char *buf,int minlen,int maxlen,const char *prompt,int verify);
void EVP_set_pw_prompt(const char *prompt);
char * EVP_get_pw_prompt(void);
@@ -521,6 +530,10 @@ int EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md,
const unsigned char *salt, const unsigned char *data,
int datal, int count, unsigned char *key,unsigned char *iv);
void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags);
void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags);
int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx,int flags);
int EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
const unsigned char *key, const unsigned char *iv);
int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
@@ -1186,6 +1199,7 @@ void ERR_load_EVP_strings(void);
#define EVP_F_ECDSA_PKEY2PKCS8 129
#define EVP_F_ECKEY_PKEY2PKCS8 132
#define EVP_F_EVP_CIPHERINIT_EX 123
#define EVP_F_EVP_CIPHER_CTX_COPY 163
#define EVP_F_EVP_CIPHER_CTX_CTRL 124
#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122
#define EVP_F_EVP_DECRYPTFINAL_EX 101

View File

@@ -204,6 +204,7 @@ skip_to_init:
case EVP_CIPH_OFB_MODE:
ctx->num = 0;
/* fall-through */
case EVP_CIPH_CBC_MODE:
@@ -566,3 +567,38 @@ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
return 1;
}
int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
{
if ((in == NULL) || (in->cipher == NULL))
{
EVPerr(EVP_F_EVP_CIPHER_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED);
return 0;
}
#ifndef OPENSSL_NO_ENGINE
/* Make sure it's safe to copy a cipher context using an ENGINE */
if (in->engine && !ENGINE_init(in->engine))
{
EVPerr(EVP_F_EVP_CIPHER_CTX_COPY,ERR_R_ENGINE_LIB);
return 0;
}
#endif
EVP_CIPHER_CTX_cleanup(out);
memcpy(out,in,sizeof *out);
if (in->cipher_data && in->cipher->ctx_size)
{
out->cipher_data=OPENSSL_malloc(in->cipher->ctx_size);
if (!out->cipher_data)
{
EVPerr(EVP_F_EVP_CIPHER_CTX_COPY,ERR_R_MALLOC_FAILURE);
return 0;
}
memcpy(out->cipher_data,in->cipher_data,in->cipher->ctx_size);
}
if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY)
return in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out);
return 1;
}

View File

@@ -79,6 +79,7 @@ static ERR_STRING_DATA EVP_str_functs[]=
{ERR_FUNC(EVP_F_ECDSA_PKEY2PKCS8), "ECDSA_PKEY2PKCS8"},
{ERR_FUNC(EVP_F_ECKEY_PKEY2PKCS8), "ECKEY_PKEY2PKCS8"},
{ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"},
{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_COPY), "EVP_CIPHER_CTX_copy"},
{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"},
{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH), "EVP_CIPHER_CTX_set_key_length"},
{ERR_FUNC(EVP_F_EVP_DECRYPTFINAL_EX), "EVP_DecryptFinal_ex"},

View File

@@ -89,6 +89,11 @@ char *EVP_get_pw_prompt(void)
* in the DES library -- if someone ever wants to disable DES,
* this function will fail */
int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
{
return EVP_read_pw_string_min(buf, 0, len, prompt, verify);
}
int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt, int verify)
{
int ret;
char buff[BUFSIZ];
@@ -97,10 +102,10 @@ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
if ((prompt == NULL) && (prompt_string[0] != '\0'))
prompt=prompt_string;
ui = UI_new();
UI_add_input_string(ui,prompt,0,buf,0,(len>=BUFSIZ)?BUFSIZ-1:len);
UI_add_input_string(ui,prompt,0,buf,min,(len>=BUFSIZ)?BUFSIZ-1:len);
if (verify)
UI_add_verify_string(ui,prompt,0,
buff,0,(len>=BUFSIZ)?BUFSIZ-1:len,buf);
buff,min,(len>=BUFSIZ)?BUFSIZ-1:len,buf);
ret = UI_process(ui);
UI_free(ui);
OPENSSL_cleanse(buff,BUFSIZ);

View File

@@ -295,3 +295,18 @@ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags)
{
return (ctx->flags & flags);
}
void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags)
{
ctx->flags |= flags;
}
void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags)
{
ctx->flags &= ~flags;
}
int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags)
{
return (ctx->flags & flags);
}

View File

@@ -115,7 +115,7 @@ static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
if (inl<chunk) chunk=inl;\
while(inl && inl>=chunk)\
{\
cprefix##_cfb##cbits##_encrypt(in, out, (long)(cbits==1?chunk*8:chunk), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
inl-=chunk;\
in +=chunk;\
out+=chunk;\
@@ -167,10 +167,10 @@ BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, 1, \
get_asn1, ctrl)
#define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \
iv_len, flags, init_key, cleanup, set_asn1, \
flags, init_key, cleanup, set_asn1, \
get_asn1, ctrl) \
BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \
iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
0, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
#define BLOCK_CIPHER_defs(cname, kstruct, \
nid, block_size, key_len, iv_len, cbits, flags, \
@@ -181,7 +181,7 @@ BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, iv_len, cbits, \
flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, iv_len, cbits, \
flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \
init_key, cleanup, set_asn1, get_asn1, ctrl)

View File

@@ -65,7 +65,9 @@
#include <openssl/objects.h>
#include <openssl/x509.h>
#include <openssl/mdc2.h>
#ifndef OPENSSL_NO_RSA
#include <openssl/rsa.h>
#endif
static int init(EVP_MD_CTX *ctx)
{ return MDC2_Init(ctx->md_data); }

Some files were not shown because too many files have changed in this diff Show More