SecBSD/src
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sync with OpenBSD -current

Browse source
This commit is contained in:
purplerain 2024-03-27 04:10:08 +00:00
parent 56a087cff9
commit 0189975fb5
Signed by: purplerain
GPG key ID: F42C07F07E2E35B7
61 changed files with 1691 additions and 1177 deletions
Download patch file Download diff file Expand all files Collapse all files

35
lib/libcrypto/asn1/p5_pbev2.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: p5_pbev2.c,v 1.32 2024/03/02 10:17:37 tb Exp $ */
/* $OpenBSD: p5_pbev2.c,v 1.35 2024/03/26 07:03:10 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999-2004.
*/
@ -177,17 +177,17 @@ PBKDF2PARAM_free(PBKDF2PARAM *a)
ASN1_item_free((ASN1_VALUE *)a, &PBKDF2PARAM_it);
}
/* Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm:
/*
* Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm:
* yes I know this is horrible!
*
* Extended version to allow application supplied PRF NID and IV.
*/
X509_ALGOR *
PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, unsigned char *salt,
int saltlen, unsigned char *aiv, int prf_nid)
PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, unsigned char *salt,
int saltlen)
{
X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL;
int prf_nid = NID_hmacWithSHA1;
int alg_nid, keylen;
EVP_CIPHER_CTX ctx;
unsigned char iv[EVP_MAX_IV_LENGTH];
@ -212,12 +212,8 @@ PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, unsigned char *salt,
goto merr;
/* Create random IV */
if (EVP_CIPHER_iv_length(cipher)) {
if (aiv)
memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
else
arc4random_buf(iv, EVP_CIPHER_iv_length(cipher));
}
if (EVP_CIPHER_iv_length(cipher) > 0)
arc4random_buf(iv, EVP_CIPHER_iv_length(cipher));
EVP_CIPHER_CTX_legacy_clear(&ctx);
@ -229,14 +225,6 @@ PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, unsigned char *salt,
EVP_CIPHER_CTX_cleanup(&ctx);
goto err;
}
/* If prf NID unspecified see if cipher has a preference.
* An error is OK here: just means use default PRF.
*/
if ((prf_nid == -1) &&
EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_PBE_PRF_NID, 0, &prf_nid) <= 0) {
ERR_clear_error();
prf_nid = NID_hmacWithSHA1;
}
EVP_CIPHER_CTX_cleanup(&ctx);
/* If its RC2 then we'd better setup the key length */
@ -287,13 +275,6 @@ PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, unsigned char *salt,
return NULL;
}
X509_ALGOR *
PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, unsigned char *salt,
int saltlen)
{
return PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, -1);
}
X509_ALGOR *
PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, int prf_nid,
int keylen)

5
lib/libcrypto/bio/bio_lib.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bio_lib.c,v 1.52 2024/03/02 09:22:41 tb Exp $ */
/* $OpenBSD: bio_lib.c,v 1.53 2024/03/27 01:22:30 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -198,8 +198,7 @@ LCRYPTO_ALIAS(BIO_vfree);
int
BIO_up_ref(BIO *bio)
{
int refs = CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO);
return (refs > 1) ? 1 : 0;
return CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO) > 1;
}
LCRYPTO_ALIAS(BIO_up_ref);

25
lib/libcrypto/bn/arch/amd64/bn_arch.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn_arch.h,v 1.13 2023/02/16 11:13:05 jsing Exp $ */
/* $OpenBSD: bn_arch.h,v 1.14 2024/03/26 06:09:25 jsing Exp $ */
/*
* Copyright (c) 2023 Joel Sing <jsing@openbsd.org>
*
@ -42,6 +42,7 @@
#define HAVE_BN_WORD_CLZ
#if defined(__GNUC__)
#define HAVE_BN_DIV_REM_WORDS_INLINE
static inline void
@ -62,9 +63,7 @@ bn_div_rem_words_inline(BN_ULONG h, BN_ULONG l, BN_ULONG d, BN_ULONG *out_q,
*out_q = q;
*out_r = r;
}
#endif /* __GNUC__ */
#if defined(__GNUC__)
#define HAVE_BN_MULW
static inline void
@ -84,6 +83,26 @@ bn_mulw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0)
*out_r1 = r1;
*out_r0 = r0;
}
#define HAVE_BN_SUBW
static inline void
bn_subw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_borrow, BN_ULONG *out_r0)
{
BN_ULONG borrow, r0;
__asm__ (
"subq %3, %1 \n"
"setb %b0 \n"
"and $1, %0 \n"
: "=r"(borrow), "=r"(r0)
: "1"(a), "rm"(b)
: "cc");
*out_borrow = borrow;
*out_r0 = r0;
}
#endif /* __GNUC__ */
#endif

426
lib/libcrypto/bn/bn_mont.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn_mont.c,v 1.61 2023/07/08 12:21:58 beck Exp $ */
/* $OpenBSD: bn_mont.c,v 1.63 2024/03/26 04:23:04 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -299,219 +299,6 @@ BN_MONT_CTX_set_locked(BN_MONT_CTX **pmctx, int lock, const BIGNUM *mod,
}
LCRYPTO_ALIAS(BN_MONT_CTX_set_locked);
static int bn_montgomery_reduce(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mctx);
static int
bn_mod_mul_montgomery_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
BN_MONT_CTX *mctx, BN_CTX *ctx)
{
BIGNUM *tmp;
int ret = 0;
BN_CTX_start(ctx);
if ((tmp = BN_CTX_get(ctx)) == NULL)
goto err;
if (a == b) {
if (!BN_sqr(tmp, a, ctx))
goto err;
} else {
if (!BN_mul(tmp, a, b, ctx))
goto err;
}
/* Reduce from aRR to aR. */
if (!bn_montgomery_reduce(r, tmp, mctx))
goto err;
ret = 1;
err:
BN_CTX_end(ctx);
return ret;
}
static void
bn_montgomery_multiply_word(const BN_ULONG *ap, BN_ULONG b, const BN_ULONG *np,
BN_ULONG *tp, BN_ULONG w, BN_ULONG *carry_a, BN_ULONG *carry_n, int n_len)
{
BN_ULONG x3, x2, x1, x0;
*carry_a = *carry_n = 0;
while (n_len & ~3) {
bn_qwmulw_addqw_addw(ap[3], ap[2], ap[1], ap[0], b,
tp[3], tp[2], tp[1], tp[0], *carry_a, carry_a,
&x3, &x2, &x1, &x0);
bn_qwmulw_addqw_addw(np[3], np[2], np[1], np[0], w,
x3, x2, x1, x0, *carry_n, carry_n,
&tp[3], &tp[2], &tp[1], &tp[0]);
ap += 4;
np += 4;
tp += 4;
n_len -= 4;
}
while (n_len > 0) {
bn_mulw_addw_addw(ap[0], b, tp[0], *carry_a, carry_a, &x0);
bn_mulw_addw_addw(np[0], w, x0, *carry_n, carry_n, &tp[0]);
ap++;
np++;
tp++;
n_len--;
}
}
/*
* bn_montgomery_multiply_words() computes r = aR * bR * R^-1 = abR for the
* given word arrays. The caller must ensure that rp, ap, bp and np are all
* n_len words in length, while tp must be n_len * 2 + 2 words in length.
*/
void
bn_montgomery_multiply_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
const BN_ULONG *np, BN_ULONG *tp, BN_ULONG n0, int n_len)
{
BN_ULONG a0, b, carry_a, carry_n, carry, mask, w;
int i;
carry = 0;
for (i = 0; i < n_len; i++)
tp[i] = 0;
a0 = ap[0];
for (i = 0; i < n_len; i++) {
b = bp[i];
/* Compute new t[0] * n0, as we need it for this iteration. */
w = (a0 * b + tp[0]) * n0;
bn_montgomery_multiply_word(ap, b, np, tp, w, &carry_a,
&carry_n, n_len);
bn_addw_addw(carry_a, carry_n, carry, &carry, &tp[n_len]);
tp++;
}
tp[n_len] = carry;
/*
* The output is now in the range of [0, 2N). Attempt to reduce once by
* subtracting the modulus. If the reduction was necessary then the
* result is already in r, otherwise copy the value prior to reduction
* from tp.
*/
mask = bn_ct_ne_zero(tp[n_len]) - bn_sub_words(rp, tp, np, n_len);
for (i = 0; i < n_len; i++) {
*rp = (*rp & ~mask) | (*tp & mask);
rp++;
tp++;
}
}
/*
* bn_montgomery_multiply() computes r = aR * bR * R^-1 = abR for the given
* BIGNUMs. The caller must ensure that the modulus is two or more words in
* length and that a and b have the same number of words as the modulus.
*/
int
bn_montgomery_multiply(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
BN_MONT_CTX *mctx, BN_CTX *ctx)
{
BIGNUM *t;
int ret = 0;
BN_CTX_start(ctx);
if (mctx->N.top <= 1 || a->top != mctx->N.top || b->top != mctx->N.top)
goto err;
if (!bn_wexpand(r, mctx->N.top))
goto err;
if ((t = BN_CTX_get(ctx)) == NULL)
goto err;
if (!bn_wexpand(t, mctx->N.top * 2 + 2))
goto err;
bn_montgomery_multiply_words(r->d, a->d, b->d, mctx->N.d, t->d,
mctx->n0[0], mctx->N.top);
r->top = mctx->N.top;
bn_correct_top(r);
BN_set_negative(r, a->neg ^ b->neg);
ret = 1;
err:
BN_CTX_end(ctx);
return ret;
}
#ifndef OPENSSL_BN_ASM_MONT
int
bn_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
BN_MONT_CTX *mctx, BN_CTX *ctx)
{
if (mctx->N.top <= 1 || a->top != mctx->N.top || b->top != mctx->N.top)
return bn_mod_mul_montgomery_simple(r, a, b, mctx, ctx);
return bn_montgomery_multiply(r, a, b, mctx, ctx);
}
#else
int
bn_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
BN_MONT_CTX *mctx, BN_CTX *ctx)
{
if (mctx->N.top <= 1 || a->top != mctx->N.top || b->top != mctx->N.top)
return bn_mod_mul_montgomery_simple(r, a, b, mctx, ctx);
/*
* Legacy bn_mul_mont() performs stack based allocation, without
* size limitation. Allowing a large size results in the stack
* being blown.
*/
if (mctx->N.top > (8 * 1024 / sizeof(BN_ULONG)))
return bn_montgomery_multiply(r, a, b, mctx, ctx);
if (!bn_wexpand(r, mctx->N.top))
return 0;
/*
* Legacy bn_mul_mont() can indicate that we should "fallback" to
* another implementation.
*/
if (!bn_mul_mont(r->d, a->d, b->d, mctx->N.d, mctx->n0, mctx->N.top))
return bn_montgomery_multiply(r, a, b, mctx, ctx);
r->top = mctx->N.top;
bn_correct_top(r);
BN_set_negative(r, a->neg ^ b->neg);
return (1);
}
#endif
int
BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
BN_MONT_CTX *mctx, BN_CTX *ctx)
{
/* Compute r = aR * bR * R^-1 mod N = abR mod N */
return bn_mod_mul_montgomery(r, a, b, mctx, ctx);
}
LCRYPTO_ALIAS(BN_mod_mul_montgomery);
int
BN_to_montgomery(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mctx, BN_CTX *ctx)
{
/* Compute r = a * R * R * R^-1 mod N = aR mod N */
return bn_mod_mul_montgomery(r, a, &mctx->RR, mctx, ctx);
}
LCRYPTO_ALIAS(BN_to_montgomery);
/*
* bn_montgomery_reduce() performs Montgomery reduction, reducing the input
* from its Montgomery form aR to a, returning the result in r. Note that the
@ -583,6 +370,217 @@ bn_montgomery_reduce(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mctx)
return 1;
}
static int
bn_mod_mul_montgomery_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
BN_MONT_CTX *mctx, BN_CTX *ctx)
{
BIGNUM *tmp;
int ret = 0;
BN_CTX_start(ctx);
if ((tmp = BN_CTX_get(ctx)) == NULL)
goto err;
if (a == b) {
if (!BN_sqr(tmp, a, ctx))
goto err;
} else {
if (!BN_mul(tmp, a, b, ctx))
goto err;
}
/* Reduce from aRR to aR. */
if (!bn_montgomery_reduce(r, tmp, mctx))
goto err;
ret = 1;
err:
BN_CTX_end(ctx);
return ret;
}
static void
bn_montgomery_multiply_word(const BN_ULONG *ap, BN_ULONG b, const BN_ULONG *np,
BN_ULONG *tp, BN_ULONG w, BN_ULONG *carry_a, BN_ULONG *carry_n, int n_len)
{
BN_ULONG x3, x2, x1, x0;
*carry_a = *carry_n = 0;
while (n_len & ~3) {
bn_qwmulw_addqw_addw(ap[3], ap[2], ap[1], ap[0], b,
tp[3], tp[2], tp[1], tp[0], *carry_a, carry_a,
&x3, &x2, &x1, &x0);
bn_qwmulw_addqw_addw(np[3], np[2], np[1], np[0], w,
x3, x2, x1, x0, *carry_n, carry_n,
&tp[3], &tp[2], &tp[1], &tp[0]);
ap += 4;
np += 4;
tp += 4;
n_len -= 4;
}
while (n_len > 0) {
bn_mulw_addw_addw(ap[0], b, tp[0], *carry_a, carry_a, &x0);
bn_mulw_addw_addw(np[0], w, x0, *carry_n, carry_n, &tp[0]);
ap++;
np++;
tp++;
n_len--;
}
}
/*
* bn_montgomery_multiply_words() computes r = aR * bR * R^-1 = abR for the
* given word arrays. The caller must ensure that rp, ap, bp and np are all
* n_len words in length, while tp must be n_len * 2 + 2 words in length.
*/
static void
bn_montgomery_multiply_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
const BN_ULONG *np, BN_ULONG *tp, BN_ULONG n0, int n_len)
{
BN_ULONG a0, b, carry_a, carry_n, carry, mask, w;
int i;
carry = 0;
for (i = 0; i < n_len; i++)
tp[i] = 0;
a0 = ap[0];
for (i = 0; i < n_len; i++) {
b = bp[i];
/* Compute new t[0] * n0, as we need it for this iteration. */
w = (a0 * b + tp[0]) * n0;
bn_montgomery_multiply_word(ap, b, np, tp, w, &carry_a,
&carry_n, n_len);
bn_addw_addw(carry_a, carry_n, carry, &carry, &tp[n_len]);
tp++;
}
tp[n_len] = carry;
/*
* The output is now in the range of [0, 2N). Attempt to reduce once by
* subtracting the modulus. If the reduction was necessary then the
* result is already in r, otherwise copy the value prior to reduction
* from tp.
*/
mask = bn_ct_ne_zero(tp[n_len]) - bn_sub_words(rp, tp, np, n_len);
for (i = 0; i < n_len; i++) {
*rp = (*rp & ~mask) | (*tp & mask);
rp++;
tp++;
}
}
/*
* bn_montgomery_multiply() computes r = aR * bR * R^-1 = abR for the given
* BIGNUMs. The caller must ensure that the modulus is two or more words in
* length and that a and b have the same number of words as the modulus.
*/
static int
bn_montgomery_multiply(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
BN_MONT_CTX *mctx, BN_CTX *ctx)
{
BIGNUM *t;
int ret = 0;
BN_CTX_start(ctx);
if (mctx->N.top <= 1 || a->top != mctx->N.top || b->top != mctx->N.top)
goto err;
if (!bn_wexpand(r, mctx->N.top))
goto err;
if ((t = BN_CTX_get(ctx)) == NULL)
goto err;
if (!bn_wexpand(t, mctx->N.top * 2 + 2))
goto err;
bn_montgomery_multiply_words(r->d, a->d, b->d, mctx->N.d, t->d,
mctx->n0[0], mctx->N.top);
r->top = mctx->N.top;
bn_correct_top(r);
BN_set_negative(r, a->neg ^ b->neg);
ret = 1;
err:
BN_CTX_end(ctx);
return ret;
}
#ifndef OPENSSL_BN_ASM_MONT
static int
bn_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
BN_MONT_CTX *mctx, BN_CTX *ctx)
{
if (mctx->N.top <= 1 || a->top != mctx->N.top || b->top != mctx->N.top)
return bn_mod_mul_montgomery_simple(r, a, b, mctx, ctx);
return bn_montgomery_multiply(r, a, b, mctx, ctx);
}
#else
static int
bn_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
BN_MONT_CTX *mctx, BN_CTX *ctx)
{
if (mctx->N.top <= 1 || a->top != mctx->N.top || b->top != mctx->N.top)
return bn_mod_mul_montgomery_simple(r, a, b, mctx, ctx);
/*
* Legacy bn_mul_mont() performs stack based allocation, without
* size limitation. Allowing a large size results in the stack
* being blown.
*/
if (mctx->N.top > (8 * 1024 / sizeof(BN_ULONG)))
return bn_montgomery_multiply(r, a, b, mctx, ctx);
if (!bn_wexpand(r, mctx->N.top))
return 0;
/*
* Legacy bn_mul_mont() can indicate that we should "fallback" to
* another implementation.
*/
if (!bn_mul_mont(r->d, a->d, b->d, mctx->N.d, mctx->n0, mctx->N.top))
return bn_montgomery_multiply(r, a, b, mctx, ctx);
r->top = mctx->N.top;
bn_correct_top(r);
BN_set_negative(r, a->neg ^ b->neg);
return (1);
}
#endif
int
BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
BN_MONT_CTX *mctx, BN_CTX *ctx)
{
/* Compute r = aR * bR * R^-1 mod N = abR mod N */
return bn_mod_mul_montgomery(r, a, b, mctx, ctx);
}
LCRYPTO_ALIAS(BN_mod_mul_montgomery);
int
BN_to_montgomery(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mctx, BN_CTX *ctx)
{
/* Compute r = a * R * R * R^-1 mod N = aR mod N */
return bn_mod_mul_montgomery(r, a, &mctx->RR, mctx, ctx);
}
LCRYPTO_ALIAS(BN_to_montgomery);
int
BN_from_montgomery(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mctx, BN_CTX *ctx)
{

6
lib/libcrypto/crypto_internal.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: crypto_internal.h,v 1.7 2023/08/15 08:39:27 jsing Exp $ */
/* $OpenBSD: crypto_internal.h,v 1.8 2024/03/26 04:11:42 jsing Exp $ */
/*
* Copyright (c) 2023 Joel Sing <jsing@openbsd.org>
*
@ -92,7 +92,7 @@ crypto_store_htobe64(uint8_t *dst, uint64_t v)
* unsigned host endian value, from the specified address in memory. The memory
* address may have any alignment.
*/
#ifndef HAVE_CRYPTO_LOAD_BE32TOH
#ifndef HAVE_CRYPTO_LOAD_LE32TOH
static inline uint32_t
crypto_load_le32toh(const uint8_t *src)
{
@ -109,7 +109,7 @@ crypto_load_le32toh(const uint8_t *src)
* unsigned little endian value, at the specified address in memory. The memory
* address may have any alignment.
*/
#ifndef HAVE_CRYPTO_STORE_HTOBE32
#ifndef HAVE_CRYPTO_STORE_HTOLE32
static inline void
crypto_store_htole32(uint8_t *dst, uint32_t v)
{

52
lib/libcrypto/dh/dh_lib.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: dh_lib.c,v 1.43 2023/11/29 21:35:57 tb Exp $ */
/* $OpenBSD: dh_lib.c,v 1.45 2024/03/27 01:26:30 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -140,39 +140,35 @@ DH_new_method(ENGINE *engine)
LCRYPTO_ALIAS(DH_new_method);
void
DH_free(DH *r)
DH_free(DH *dh)
{
int i;
if (r == NULL)
return;
i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH);
if (i > 0)
if (dh == NULL)
return;
if (r->meth != NULL && r->meth->finish != NULL)
r->meth->finish(r);
if (CRYPTO_add(&dh->references, -1, CRYPTO_LOCK_DH) > 0)
return;
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data);
if (dh->meth != NULL && dh->meth->finish != NULL)
dh->meth->finish(dh);
BN_free(r->p);
BN_free(r->g);
BN_free(r->q);
BN_free(r->j);
free(r->seed);
BN_free(r->counter);
BN_free(r->pub_key);
BN_free(r->priv_key);
free(r);
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, dh, &dh->ex_data);
BN_free(dh->p);
BN_free(dh->g);
BN_free(dh->q);
BN_free(dh->j);
free(dh->seed);
BN_free(dh->counter);
BN_free(dh->pub_key);
BN_free(dh->priv_key);
free(dh);
}
LCRYPTO_ALIAS(DH_free);
int
DH_up_ref(DH *r)
DH_up_ref(DH *dh)
{
int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DH);
return i > 1 ? 1 : 0;
return CRYPTO_add(&dh->references, 1, CRYPTO_LOCK_DH) > 1;
}
LCRYPTO_ALIAS(DH_up_ref);
@ -186,16 +182,16 @@ DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
LCRYPTO_ALIAS(DH_get_ex_new_index);
int
DH_set_ex_data(DH *d, int idx, void *arg)
DH_set_ex_data(DH *dh, int idx, void *arg)
{
return CRYPTO_set_ex_data(&d->ex_data, idx, arg);
return CRYPTO_set_ex_data(&dh->ex_data, idx, arg);
}
LCRYPTO_ALIAS(DH_set_ex_data);
void *
DH_get_ex_data(DH *d, int idx)
DH_get_ex_data(DH *dh, int idx)
{
return CRYPTO_get_ex_data(&d->ex_data, idx);
return CRYPTO_get_ex_data(&dh->ex_data, idx);
}
LCRYPTO_ALIAS(DH_get_ex_data);

181
lib/libcrypto/dsa/dsa_lib.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: dsa_lib.c,v 1.46 2023/11/29 21:35:57 tb Exp $ */
/* $OpenBSD: dsa_lib.c,v 1.48 2024/03/27 01:49:31 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -146,49 +146,45 @@ DSA_new_method(ENGINE *engine)
LCRYPTO_ALIAS(DSA_new_method);
void
DSA_free(DSA *r)
DSA_free(DSA *dsa)
{
int i;
if (r == NULL)
if (dsa == NULL)
return;
i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DSA);
if (i > 0)
if (CRYPTO_add(&dsa->references, -1, CRYPTO_LOCK_DSA) > 0)
return;
if (r->meth != NULL && r->meth->finish != NULL)
r->meth->finish(r);
if (dsa->meth != NULL && dsa->meth->finish != NULL)
dsa->meth->finish(dsa);
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data);
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, dsa, &dsa->ex_data);
BN_free(r->p);
BN_free(r->q);
BN_free(r->g);
BN_free(r->pub_key);
BN_free(r->priv_key);
BN_free(r->kinv);
BN_free(r->r);
free(r);
BN_free(dsa->p);
BN_free(dsa->q);
BN_free(dsa->g);
BN_free(dsa->pub_key);
BN_free(dsa->priv_key);
BN_free(dsa->kinv);
BN_free(dsa->r);
free(dsa);
}
LCRYPTO_ALIAS(DSA_free);
int
DSA_up_ref(DSA *r)
DSA_up_ref(DSA *dsa)
{
int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DSA);
return i > 1 ? 1 : 0;
return CRYPTO_add(&dsa->references, 1, CRYPTO_LOCK_DSA) > 1;
}
LCRYPTO_ALIAS(DSA_up_ref);
int
DSA_size(const DSA *r)
DSA_size(const DSA *dsa)
{
DSA_SIG signature;
int ret = 0;
signature.r = r->q;
signature.s = r->q;
signature.r = dsa->q;
signature.s = dsa->q;
if ((ret = i2d_DSA_SIG(&signature, NULL)) < 0)
ret = 0;
@ -207,102 +203,107 @@ DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
LCRYPTO_ALIAS(DSA_get_ex_new_index);
int
DSA_set_ex_data(DSA *d, int idx, void *arg)
DSA_set_ex_data(DSA *dsa, int idx, void *arg)
{
return CRYPTO_set_ex_data(&d->ex_data, idx, arg);
return CRYPTO_set_ex_data(&dsa->ex_data, idx, arg);
}
LCRYPTO_ALIAS(DSA_set_ex_data);
void *
DSA_get_ex_data(DSA *d, int idx)
DSA_get_ex_data(DSA *dsa, int idx)
{
return CRYPTO_get_ex_data(&d->ex_data, idx);
return CRYPTO_get_ex_data(&dsa->ex_data, idx);
}
LCRYPTO_ALIAS(DSA_get_ex_data);
int
DSA_security_bits(const DSA *d)
DSA_security_bits(const DSA *dsa)
{
if (d->p == NULL || d->q == NULL)
if (dsa->p == NULL || dsa->q == NULL)
return -1;
return BN_security_bits(BN_num_bits(d->p), BN_num_bits(d->q));
return BN_security_bits(BN_num_bits(dsa->p), BN_num_bits(dsa->q));
}
LCRYPTO_ALIAS(DSA_security_bits);
#ifndef OPENSSL_NO_DH
DH *
DSA_dup_DH(const DSA *r)
DSA_dup_DH(const DSA *dsa)
{
/*
* DSA has p, q, g, optional pub_key, optional priv_key.
* DH has p, optional length, g, optional pub_key, optional priv_key,
* optional q.
*/
DH *ret = NULL;
DH *dh = NULL;
if (r == NULL)
if (dsa == NULL)
goto err;
ret = DH_new();
if (ret == NULL)
if ((dh = DH_new()) == NULL)
goto err;
if (r->p != NULL)
if ((ret->p = BN_dup(r->p)) == NULL)
goto err;
if (r->q != NULL) {
ret->length = BN_num_bits(r->q);
if ((ret->q = BN_dup(r->q)) == NULL)
if (dsa->p != NULL) {
if ((dh->p = BN_dup(dsa->p)) == NULL)
goto err;
}
if (r->g != NULL)
if ((ret->g = BN_dup(r->g)) == NULL)
if (dsa->q != NULL) {
dh->length = BN_num_bits(dsa->q);
if ((dh->q = BN_dup(dsa->q)) == NULL)
goto err;
if (r->pub_key != NULL)
if ((ret->pub_key = BN_dup(r->pub_key)) == NULL)
}
if (dsa->g != NULL) {
if ((dh->g = BN_dup(dsa->g)) == NULL)
goto err;
if (r->priv_key != NULL)
if ((ret->priv_key = BN_dup(r->priv_key)) == NULL)
}
if (dsa->pub_key != NULL) {
if ((dh->pub_key = BN_dup(dsa->pub_key)) == NULL)
goto err;
}
if (dsa->priv_key != NULL) {
if ((dh->priv_key = BN_dup(dsa->priv_key)) == NULL)
goto err;
}
return ret;
return dh;
err:
DH_free(ret);
err:
DH_free(dh);
return NULL;
}
LCRYPTO_ALIAS(DSA_dup_DH);
#endif
void
DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
DSA_get0_pqg(const DSA *dsa, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
{
if (p != NULL)
*p = d->p;
*p = dsa->p;
if (q != NULL)
*q = d->q;
*q = dsa->q;
if (g != NULL)
*g = d->g;
*g = dsa->g;
}
LCRYPTO_ALIAS(DSA_get0_pqg);
int
DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g)
DSA_set0_pqg(DSA *dsa, BIGNUM *p, BIGNUM *q, BIGNUM *g)
{
if ((d->p == NULL && p == NULL) || (d->q == NULL && q == NULL) ||
(d->g == NULL && g == NULL))
if ((dsa->p == NULL && p == NULL) || (dsa->q == NULL && q == NULL) ||
(dsa->g == NULL && g == NULL))
return 0;
if (p != NULL) {
BN_free(d->p);
d->p = p;
BN_free(dsa->p);
dsa->p = p;
}
if (q != NULL) {
BN_free(d->q);
d->q = q;
BN_free(dsa->q);
dsa->q = q;
}
if (g != NULL) {
BN_free(d->g);
d->g = g;
BN_free(dsa->g);
dsa->g = g;
}
return 1;
@ -310,28 +311,28 @@ DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g)
LCRYPTO_ALIAS(DSA_set0_pqg);
void
DSA_get0_key(const DSA *d, const BIGNUM **pub_key, const BIGNUM **priv_key)
DSA_get0_key(const DSA *dsa, const BIGNUM **pub_key, const BIGNUM **priv_key)
{
if (pub_key != NULL)
*pub_key = d->pub_key;
*pub_key = dsa->pub_key;
if (priv_key != NULL)
*priv_key = d->priv_key;
*priv_key = dsa->priv_key;
}
LCRYPTO_ALIAS(DSA_get0_key);
int
DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key)
DSA_set0_key(DSA *dsa, BIGNUM *pub_key, BIGNUM *priv_key)
{
if (d->pub_key == NULL && pub_key == NULL)
if (dsa->pub_key == NULL && pub_key == NULL)
return 0;
if (pub_key != NULL) {
BN_free(d->pub_key);
d->pub_key = pub_key;
BN_free(dsa->pub_key);
dsa->pub_key = pub_key;
}
if (priv_key != NULL) {
BN_free(d->priv_key);
d->priv_key = priv_key;
BN_free(dsa->priv_key);
dsa->priv_key = priv_key;
}
return 1;
@ -339,63 +340,63 @@ DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key)
LCRYPTO_ALIAS(DSA_set0_key);
const BIGNUM *
DSA_get0_p(const DSA *d)
DSA_get0_p(const DSA *dsa)
{
return d->p;
return dsa->p;
}
LCRYPTO_ALIAS(DSA_get0_p);
const BIGNUM *
DSA_get0_q(const DSA *d)
DSA_get0_q(const DSA *dsa)
{
return d->q;
return dsa->q;
}
LCRYPTO_ALIAS(DSA_get0_q);
const BIGNUM *
DSA_get0_g(const DSA *d)
DSA_get0_g(const DSA *dsa)
{
return d->g;
return dsa->g;
}
LCRYPTO_ALIAS(DSA_get0_g);
const BIGNUM *
DSA_get0_pub_key(const DSA *d)
DSA_get0_pub_key(const DSA *dsa)
{
return d->pub_key;
return dsa->pub_key;
}
LCRYPTO_ALIAS(DSA_get0_pub_key);
const BIGNUM *
DSA_get0_priv_key(const DSA *d)
DSA_get0_priv_key(const DSA *dsa)
{
return d->priv_key;
return dsa->priv_key;
}
LCRYPTO_ALIAS(DSA_get0_priv_key);
void
DSA_clear_flags(DSA *d, int flags)
DSA_clear_flags(DSA *dsa, int flags)
{
d->flags &= ~flags;
dsa->flags &= ~flags;
}
LCRYPTO_ALIAS(DSA_clear_flags);
int
DSA_test_flags(const DSA *d, int flags)
DSA_test_flags(const DSA *dsa, int flags)
{
return d->flags & flags;
return dsa->flags & flags;
}
LCRYPTO_ALIAS(DSA_test_flags);
void
DSA_set_flags(DSA *d, int flags)
DSA_set_flags(DSA *dsa, int flags)
{
d->flags |= flags;
dsa->flags |= flags;
}
LCRYPTO_ALIAS(DSA_set_flags);
ENGINE *
DSA_get0_engine(DSA *d)
DSA_get0_engine(DSA *dsa)
{
return NULL;
}

5
lib/libcrypto/ec/ec_key.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ec_key.c,v 1.39 2023/11/29 21:35:57 tb Exp $ */
/* $OpenBSD: ec_key.c,v 1.40 2024/03/27 01:22:30 tb Exp $ */
/*
* Written by Nils Larsch for the OpenSSL project.
*/
@ -204,8 +204,7 @@ LCRYPTO_ALIAS(EC_KEY_dup);
int
EC_KEY_up_ref(EC_KEY *r)
{
int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_EC);
return ((i > 1) ? 1 : 0);
return CRYPTO_add(&r->references, 1, CRYPTO_LOCK_EC) > 1;
}
LCRYPTO_ALIAS(EC_KEY_up_ref);

8
lib/libcrypto/evp/e_rc2.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: e_rc2.c,v 1.27 2024/01/07 15:42:57 tb Exp $ */
/* $OpenBSD: e_rc2.c,v 1.28 2024/03/26 06:58:21 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -397,12 +397,6 @@ rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
}
return 0;
#ifdef PBE_PRF_TEST
case EVP_CTRL_PBE_PRF_NID:
*(int *)ptr = NID_hmacWithMD5;
return 1;
#endif
default:
return -1;
}

6
lib/libcrypto/evp/evp_local.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: evp_local.h,v 1.20 2024/03/24 06:05:41 tb Exp $ */
/* $OpenBSD: evp_local.h,v 1.21 2024/03/26 01:41:06 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
@ -307,10 +307,6 @@ struct evp_pkey_method_st {
int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
EVP_MD_CTX *mctx);
int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig,
int siglen, EVP_MD_CTX *mctx);
int (*encrypt_init)(EVP_PKEY_CTX *ctx);
int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen);

87
lib/libcrypto/evp/m_sigver.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: m_sigver.c,v 1.18 2024/03/25 11:41:40 joshua Exp $ */
/* $OpenBSD: m_sigver.c,v 1.21 2024/03/27 01:55:40 joshua Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
@ -95,12 +95,7 @@ do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type,
}
if (ver) {
if (ctx->pctx->pmeth->verifyctx_init) {
if (ctx->pctx->pmeth->verifyctx_init(ctx->pctx,
ctx) <=0)
return 0;
ctx->pctx->operation = EVP_PKEY_OP_VERIFYCTX;
} else if (ctx->pctx->pmeth->digestverify != NULL) {
if (ctx->pctx->pmeth->digestverify != NULL) {
ctx->pctx->operation = EVP_PKEY_OP_VERIFY;
ctx->update = update_oneshot_only;
} else if (EVP_PKEY_verify_init(ctx->pctx) <= 0)
@ -171,43 +166,52 @@ int
EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen)
{
EVP_PKEY_CTX *pctx = ctx->pctx;
int r = 0;
EVP_MD_CTX *md_ctx = NULL;
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int mdlen = 0;
int s;
int ret = 0;
if (pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)
return evp_digestsignfinal_sigctx_custom(ctx, sigret, siglen);
if (sigret) {
EVP_MD_CTX tmp_ctx;
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int mdlen = 0;
EVP_MD_CTX_legacy_clear(&tmp_ctx);
if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
return 0;
if (sigret == NULL) {
if (ctx->pctx->pmeth->signctx != NULL) {
r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx,
sigret, siglen, &tmp_ctx);
EVP_MD_CTX_cleanup(&tmp_ctx);
return r;
}
r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);
EVP_MD_CTX_cleanup(&tmp_ctx);
if (!r)
return r;
if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)
return 0;
} else {
if (ctx->pctx->pmeth->signctx != NULL) {
if (ctx->pctx->pmeth->signctx(ctx->pctx, sigret,
if (ctx->pctx->pmeth->signctx(ctx->pctx, NULL,
siglen, ctx) <= 0)
return 0;
} else {
int s = EVP_MD_size(ctx->digest);
if (s < 0 || EVP_PKEY_sign(ctx->pctx, sigret, siglen,
NULL, s) <= 0)
return 0;
return 1;
}
if ((s = EVP_MD_size(ctx->digest)) < 0)
return 0;
if (EVP_PKEY_sign(ctx->pctx, NULL, siglen, NULL, s) <= 0)
return 0;
return 1;
}
return 1;
if ((md_ctx = EVP_MD_CTX_new()) == NULL)
goto err;
if (!EVP_MD_CTX_copy_ex(md_ctx, ctx))
goto err;
if (md_ctx->pctx->pmeth->signctx != NULL) {
if(md_ctx->pctx->pmeth->signctx(md_ctx->pctx,
sigret, siglen, md_ctx) <= 0)
goto err;
}
if (!EVP_DigestFinal_ex(md_ctx, md, &mdlen))
goto err;
if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)
goto err;
ret = 1;
err:
EVP_MD_CTX_free(md_ctx);
return ret;
}
int
@ -233,22 +237,13 @@ EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, size_t siglen)
unsigned char md[EVP_MAX_MD_SIZE];
int r;
unsigned int mdlen = 0;
int vctx;
if (ctx->pctx->pmeth->verifyctx)
vctx = 1;
else
vctx = 0;
EVP_MD_CTX_legacy_clear(&tmp_ctx);
if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
return -1;
if (vctx) {
r = tmp_ctx.pctx->pmeth->verifyctx(tmp_ctx.pctx, sig,
siglen, &tmp_ctx);
} else
r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);
r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);
EVP_MD_CTX_cleanup(&tmp_ctx);
if (vctx || !r)
if (!r)
return r;
return EVP_PKEY_verify(ctx->pctx, sig, siglen, md, mdlen);
}

6
lib/libcrypto/evp/p_legacy.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: p_legacy.c,v 1.3 2024/02/18 15:44:10 tb Exp $ */
/* $OpenBSD: p_legacy.c,v 1.4 2024/03/26 05:22:50 joshua Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -99,7 +99,7 @@ EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
int i, size = 0, ret = 0;
if (type) {
EVP_CIPHER_CTX_legacy_clear(ctx);
EVP_CIPHER_CTX_reset(ctx);
if (!EVP_DecryptInit_ex(ctx, type, NULL, NULL, NULL))
return 0;
}
@ -154,7 +154,7 @@ EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek,
int i, iv_len;
if (type) {
EVP_CIPHER_CTX_legacy_clear(ctx);
EVP_CIPHER_CTX_reset(ctx);
if (!EVP_EncryptInit_ex(ctx, type, NULL, NULL, NULL))
return 0;
}

14
lib/libcrypto/evp/p_sign.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: p_sign.c,v 1.20 2024/02/18 15:45:42 tb Exp $ */
/* $OpenBSD: p_sign.c,v 1.21 2024/03/26 06:08:51 joshua Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -71,18 +71,19 @@ EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
{
unsigned char m[EVP_MAX_MD_SIZE];
unsigned int m_len;
EVP_MD_CTX tmp_ctx;
EVP_MD_CTX *md_ctx;
EVP_PKEY_CTX *pkctx = NULL;
size_t sltmp;
int ret = 0;
*siglen = 0;
EVP_MD_CTX_legacy_clear(&tmp_ctx);
if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
if ((md_ctx = EVP_MD_CTX_new()) == NULL)
goto err;
if (!EVP_DigestFinal_ex(&tmp_ctx, &(m[0]), &m_len))
if (!EVP_MD_CTX_copy_ex(md_ctx, ctx))
goto err;
if (!EVP_DigestFinal_ex(md_ctx, &(m[0]), &m_len))
goto err;
EVP_MD_CTX_cleanup(&tmp_ctx);
sltmp = (size_t)EVP_PKEY_size(pkey);
@ -99,6 +100,7 @@ EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
ret = 1;
err:
EVP_MD_CTX_free(md_ctx);
EVP_PKEY_CTX_free(pkctx);
return ret;
}

13
lib/libcrypto/evp/p_verify.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: p_verify.c,v 1.19 2024/02/18 15:45:42 tb Exp $ */
/* $OpenBSD: p_verify.c,v 1.20 2024/03/26 05:50:49 joshua Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -71,16 +71,16 @@ EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
{
unsigned char m[EVP_MAX_MD_SIZE];
unsigned int m_len;
EVP_MD_CTX tmp_ctx;
EVP_MD_CTX *md_ctx;
EVP_PKEY_CTX *pkctx = NULL;
int ret = 0;
EVP_MD_CTX_legacy_clear(&tmp_ctx);
if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
if ((md_ctx = EVP_MD_CTX_new()) == NULL)
goto err;
if (!EVP_DigestFinal_ex(&tmp_ctx, &(m[0]), &m_len))
if (!EVP_MD_CTX_copy_ex(md_ctx, ctx))
goto err;
if (!EVP_DigestFinal_ex(md_ctx, &(m[0]), &m_len))
goto err;
EVP_MD_CTX_cleanup(&tmp_ctx);
ret = -1;
if ((pkctx = EVP_PKEY_CTX_new(pkey, NULL)) == NULL)
@ -92,6 +92,7 @@ EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
ret = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
err:
EVP_MD_CTX_free(md_ctx);
EVP_PKEY_CTX_free(pkctx);
return ret;
}

11
lib/libcrypto/hmac/hmac.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: hmac.c,v 1.32 2024/02/18 15:45:42 tb Exp $ */
/* $OpenBSD: hmac.c,v 1.33 2024/03/26 12:10:50 joshua Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -180,14 +180,7 @@ LCRYPTO_ALIAS(HMAC_Final);
HMAC_CTX *
HMAC_CTX_new(void)
{
HMAC_CTX *ctx;
if ((ctx = calloc(1, sizeof(*ctx))) == NULL)
return NULL;
HMAC_CTX_init(ctx);
return ctx;
return calloc(1, sizeof(HMAC_CTX));
}
LCRYPTO_ALIAS(HMAC_CTX_new);

230
lib/libcrypto/md4/md4.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: md4.c,v 1.7 2023/08/10 13:41:56 jsing Exp $ */
/* $OpenBSD: md4.c,v 1.15 2024/03/26 12:23:02 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -61,8 +61,14 @@
#include <string.h>
#include <openssl/opensslconf.h>
#include <openssl/md4.h>
#include "crypto_internal.h"
/* Ensure that MD4_LONG and uint32_t are equivalent size. */
CTASSERT(sizeof(MD4_LONG) == sizeof(uint32_t));
__BEGIN_HIDDEN_DECLS
void md4_block_data_order (MD4_CTX *c, const void *p, size_t num);
@ -77,19 +83,13 @@ __END_HIDDEN_DECLS
#define HASH_UPDATE MD4_Update
#define HASH_TRANSFORM MD4_Transform
#define HASH_FINAL MD4_Final
#define HASH_MAKE_STRING(c,s) do { \
unsigned long ll; \
ll=(c)->A; HOST_l2c(ll,(s)); \
ll=(c)->B; HOST_l2c(ll,(s)); \
ll=(c)->C; HOST_l2c(ll,(s)); \
ll=(c)->D; HOST_l2c(ll,(s)); \
} while (0)
#define HASH_BLOCK_DATA_ORDER md4_block_data_order
#define HASH_NO_UPDATE
#define HASH_NO_TRANSFORM
#define HASH_NO_FINAL
#include "md32_common.h"
LCRYPTO_ALIAS(MD4_Update);
LCRYPTO_ALIAS(MD4_Final);
LCRYPTO_ALIAS(MD4_Transform);
/*
#define F(x,y,z) (((x) & (y)) | ((~(x)) & (z)))
@ -119,32 +119,16 @@ LCRYPTO_ALIAS(MD4_Transform);
/* Implemented from RFC1186 The MD4 Message-Digest Algorithm
*/
#define INIT_DATA_A (unsigned long)0x67452301L
#define INIT_DATA_B (unsigned long)0xefcdab89L
#define INIT_DATA_C (unsigned long)0x98badcfeL
#define INIT_DATA_D (unsigned long)0x10325476L
int
MD4_Init(MD4_CTX *c)
{
memset (c, 0, sizeof(*c));
c->A = INIT_DATA_A;
c->B = INIT_DATA_B;
c->C = INIT_DATA_C;
c->D = INIT_DATA_D;
return 1;
}
LCRYPTO_ALIAS(MD4_Init);
#ifndef md4_block_data_order
#ifdef X
#undef X
#endif
void
md4_block_data_order(MD4_CTX *c, const void *data_, size_t num)
md4_block_data_order(MD4_CTX *c, const void *_in, size_t num)
{
const unsigned char *data = data_;
unsigned int A, B, C, D, l;
const uint8_t *in = _in;
const MD4_LONG *in32;
unsigned int A, B, C, D;
unsigned int X0, X1, X2, X3, X4, X5, X6, X7,
X8, X9, X10, X11, X12, X13, X14, X15;
@ -153,56 +137,65 @@ md4_block_data_order(MD4_CTX *c, const void *data_, size_t num)
C = c->C;
D = c->D;
for (; num--; ) {
HOST_c2l(data, l);
X0 = l;
HOST_c2l(data, l);
X1 = l;
while (num-- > 0) {
if ((uintptr_t)in % 4 == 0) {
/* Input is 32 bit aligned. */
in32 = (const MD4_LONG *)in;
X0 = le32toh(in32[0]);
X1 = le32toh(in32[1]);
X2 = le32toh(in32[2]);
X3 = le32toh(in32[3]);
X4 = le32toh(in32[4]);
X5 = le32toh(in32[5]);
X6 = le32toh(in32[6]);
X7 = le32toh(in32[7]);
X8 = le32toh(in32[8]);
X9 = le32toh(in32[9]);
X10 = le32toh(in32[10]);
X11 = le32toh(in32[11]);
X12 = le32toh(in32[12]);
X13 = le32toh(in32[13]);
X14 = le32toh(in32[14]);
X15 = le32toh(in32[15]);
} else {
/* Input is not 32 bit aligned. */
X0 = crypto_load_le32toh(&in[0 * 4]);
X1 = crypto_load_le32toh(&in[1 * 4]);
X2 = crypto_load_le32toh(&in[2 * 4]);
X3 = crypto_load_le32toh(&in[3 * 4]);
X4 = crypto_load_le32toh(&in[4 * 4]);
X5 = crypto_load_le32toh(&in[5 * 4]);
X6 = crypto_load_le32toh(&in[6 * 4]);
X7 = crypto_load_le32toh(&in[7 * 4]);
X8 = crypto_load_le32toh(&in[8 * 4]);
X9 = crypto_load_le32toh(&in[9 * 4]);
X10 = crypto_load_le32toh(&in[10 * 4]);
X11 = crypto_load_le32toh(&in[11 * 4]);
X12 = crypto_load_le32toh(&in[12 * 4]);
X13 = crypto_load_le32toh(&in[13 * 4]);
X14 = crypto_load_le32toh(&in[14 * 4]);
X15 = crypto_load_le32toh(&in[15 * 4]);
}
in += MD4_CBLOCK;
/* Round 0 */
R0(A, B, C, D, X0, 3, 0);
HOST_c2l(data, l);
X2 = l;
R0(D, A, B, C, X1, 7, 0);
HOST_c2l(data, l);
X3 = l;
R0(C, D, A, B, X2, 11, 0);
HOST_c2l(data, l);
X4 = l;
R0(B, C, D, A, X3, 19, 0);
HOST_c2l(data, l);
X5 = l;
R0(A, B, C, D, X4, 3, 0);
HOST_c2l(data, l);
X6 = l;
R0(D, A, B, C, X5, 7, 0);
HOST_c2l(data, l);
X7 = l;
R0(C, D, A, B, X6, 11, 0);
HOST_c2l(data, l);
X8 = l;
R0(B, C, D, A, X7, 19, 0);
HOST_c2l(data, l);
X9 = l;
R0(A, B, C, D, X8, 3, 0);
HOST_c2l(data, l);
X10 = l;
R0(D, A,B, C,X9, 7, 0);
HOST_c2l(data, l);
X11 = l;
R0(C, D,A, B,X10, 11, 0);
HOST_c2l(data, l);
X12 = l;
R0(B, C,D, A,X11, 19, 0);
HOST_c2l(data, l);
X13 = l;
R0(A, B,C, D,X12, 3, 0);
HOST_c2l(data, l);
X14 = l;
R0(D, A,B, C,X13, 7, 0);
HOST_c2l(data, l);
X15 = l;
R0(C, D,A, B,X14, 11, 0);
R0(B, C,D, A,X15, 19, 0);
/* Round 1 */
R1(A, B, C, D, X0, 3, 0x5A827999L);
R1(D, A, B, C, X4, 5, 0x5A827999L);
@ -220,6 +213,7 @@ md4_block_data_order(MD4_CTX *c, const void *data_, size_t num)
R1(D, A, B, C, X7, 5, 0x5A827999L);
R1(C, D, A, B, X11, 9, 0x5A827999L);
R1(B, C, D, A, X15, 13, 0x5A827999L);
/* Round 2 */
R2(A, B, C, D, X0, 3, 0x6ED9EBA1L);
R2(D, A, B, C, X8, 9, 0x6ED9EBA1L);
@ -246,6 +240,114 @@ md4_block_data_order(MD4_CTX *c, const void *data_, size_t num)
}
#endif
int
MD4_Init(MD4_CTX *c)
{
memset(c, 0, sizeof(*c));
c->A = 0x67452301UL;
c->B = 0xefcdab89UL;
c->C = 0x98badcfeUL;
c->D = 0x10325476UL;
return 1;
}
LCRYPTO_ALIAS(MD4_Init);
int
MD4_Update(MD4_CTX *c, const void *data_, size_t len)
{
const unsigned char *data = data_;
unsigned char *p;
MD4_LONG l;
size_t n;
if (len == 0)
return 1;
l = (c->Nl + (((MD4_LONG)len) << 3))&0xffffffffUL;
/* 95-05-24 eay Fixed a bug with the overflow handling, thanks to
* Wei Dai <weidai@eskimo.com> for pointing it out. */
if (l < c->Nl) /* overflow */
c->Nh++;
c->Nh+=(MD4_LONG)(len>>29); /* might cause compiler warning on 16-bit */
c->Nl = l;
n = c->num;
if (n != 0) {
p = (unsigned char *)c->data;
if (len >= MD4_CBLOCK || len + n >= MD4_CBLOCK) {
memcpy (p + n, data, MD4_CBLOCK - n);
md4_block_data_order (c, p, 1);
n = MD4_CBLOCK - n;
data += n;
len -= n;
c->num = 0;
memset(p, 0, MD4_CBLOCK); /* keep it zeroed */
} else {
memcpy(p + n, data, len);
c->num += (unsigned int)len;
return 1;
}
}
n = len / MD4_CBLOCK;
if (n > 0) {
md4_block_data_order(c, data, n);
n *= MD4_CBLOCK;
data += n;
len -= n;
}
if (len != 0) {
p = (unsigned char *)c->data;
c->num = (unsigned int)len;
memcpy(p, data, len);
}
return 1;
}
LCRYPTO_ALIAS(MD4_Update);
void
MD4_Transform(MD4_CTX *c, const unsigned char *data)
{
md4_block_data_order(c, data, 1);
}
LCRYPTO_ALIAS(MD4_Transform);
int
MD4_Final(unsigned char *md, MD4_CTX *c)
{
unsigned char *p = (unsigned char *)c->data;
size_t n = c->num;
p[n] = 0x80; /* there is always room for one */
n++;
if (n > (MD4_CBLOCK - 8)) {
memset(p + n, 0, MD4_CBLOCK - n);
n = 0;
md4_block_data_order(c, p, 1);
}
memset(p + n, 0, MD4_CBLOCK - 8 - n);
c->data[MD4_LBLOCK - 2] = htole32(c->Nl);
c->data[MD4_LBLOCK - 1] = htole32(c->Nh);
md4_block_data_order(c, p, 1);
c->num = 0;
memset(p, 0, MD4_CBLOCK);
crypto_store_htole32(&md[0 * 4], c->A);
crypto_store_htole32(&md[1 * 4], c->B);
crypto_store_htole32(&md[2 * 4], c->C);
crypto_store_htole32(&md[3 * 4], c->D);
return 1;
}
LCRYPTO_ALIAS(MD4_Final);
unsigned char *
MD4(const unsigned char *d, size_t n, unsigned char *md)
{

299
lib/libcrypto/md5/md5.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: md5.c,v 1.18 2023/08/15 08:39:27 jsing Exp $ */
/* $OpenBSD: md5.c,v 1.21 2024/03/26 05:55:15 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -57,6 +57,7 @@
*/
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
@ -74,63 +75,64 @@ void md5_block_asm_data_order(MD5_CTX *c, const void *p, size_t num);
#define md5_block_data_order md5_block_asm_data_order
#endif
#define DATA_ORDER_IS_LITTLE_ENDIAN
#define HASH_LONG MD5_LONG
#define HASH_CTX MD5_CTX
#define HASH_CBLOCK MD5_CBLOCK
#define HASH_UPDATE MD5_Update
#define HASH_TRANSFORM MD5_Transform
#define HASH_FINAL MD5_Final
#define HASH_BLOCK_DATA_ORDER md5_block_data_order
#define HASH_NO_UPDATE
#define HASH_NO_TRANSFORM
#define HASH_NO_FINAL
#include "md32_common.h"
/*
#define F(x,y,z) (((x) & (y)) | ((~(x)) & (z)))
#define G(x,y,z) (((x) & (z)) | ((y) & (~(z))))
*/
/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
* simplified to the code below. Wei attributes these optimizations
* to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
*/
#define F(b,c,d) ((((c) ^ (d)) & (b)) ^ (d))
#define G(b,c,d) ((((b) ^ (c)) & (d)) ^ (c))
#define H(b,c,d) ((b) ^ (c) ^ (d))
#define I(b,c,d) (((~(d)) | (b)) ^ (c))
#define R0(a,b,c,d,k,s,t) { \
a+=((k)+(t)+F((b),(c),(d))); \
a=ROTATE(a,s); \
a+=b; };\
#define R1(a,b,c,d,k,s,t) { \
a+=((k)+(t)+G((b),(c),(d))); \
a=ROTATE(a,s); \
a+=b; };
#define R2(a,b,c,d,k,s,t) { \
a+=((k)+(t)+H((b),(c),(d))); \
a=ROTATE(a,s); \
a+=b; };
#define R3(a,b,c,d,k,s,t) { \
a+=((k)+(t)+I((b),(c),(d))); \
a=ROTATE(a,s); \
a+=b; };
/* Implemented from RFC1321 The MD5 Message-Digest Algorithm. */
#ifndef MD5_ASM
static inline uint32_t
md5_F(uint32_t x, uint32_t y, uint32_t z)
{
return (x & y) | (~x & z);
}
static inline uint32_t
md5_G(uint32_t x, uint32_t y, uint32_t z)
{
return (x & z) | (y & ~z);
}
static inline uint32_t
md5_H(uint32_t x, uint32_t y, uint32_t z)
{
return x ^ y ^ z;
}
static inline uint32_t
md5_I(uint32_t x, uint32_t y, uint32_t z)
{
return y ^ (x | ~z);
}
static inline void
md5_round1(uint32_t *a, uint32_t b, uint32_t c, uint32_t d, uint32_t x,
uint32_t t, uint32_t s)
{
*a = b + crypto_rol_u32(*a + md5_F(b, c, d) + x + t, s);
}
static inline void
md5_round2(uint32_t *a, uint32_t b, uint32_t c, uint32_t d, uint32_t x,
uint32_t t, uint32_t s)
{
*a = b + crypto_rol_u32(*a + md5_G(b, c, d) + x + t, s);
}
static inline void
md5_round3(uint32_t *a, uint32_t b, uint32_t c, uint32_t d, uint32_t x,
uint32_t t, uint32_t s)
{
*a = b + crypto_rol_u32(*a + md5_H(b, c, d) + x + t, s);
}
static inline void
md5_round4(uint32_t *a, uint32_t b, uint32_t c, uint32_t d, uint32_t x,
uint32_t t, uint32_t s)
{
*a = b + crypto_rol_u32(*a + md5_I(b, c, d) + x + t, s);
}
static void
md5_block_data_order(MD5_CTX *c, const void *_in, size_t num)
{
const uint8_t *in = _in;
const MD5_LONG *in32;
MD5_LONG A, B, C, D;
MD5_LONG X0, X1, X2, X3, X4, X5, X6, X7,
X8, X9, X10, X11, X12, X13, X14, X15;
@ -140,93 +142,114 @@ md5_block_data_order(MD5_CTX *c, const void *_in, size_t num)
C = c->C;
D = c->D;
for (; num--; ) {
X0 = crypto_load_le32toh(&in[0 * 4]);
X1 = crypto_load_le32toh(&in[1 * 4]);
X2 = crypto_load_le32toh(&in[2 * 4]);
X3 = crypto_load_le32toh(&in[3 * 4]);
X4 = crypto_load_le32toh(&in[4 * 4]);
X5 = crypto_load_le32toh(&in[5 * 4]);
X6 = crypto_load_le32toh(&in[6 * 4]);
X7 = crypto_load_le32toh(&in[7 * 4]);
X8 = crypto_load_le32toh(&in[8 * 4]);
X9 = crypto_load_le32toh(&in[9 * 4]);
X10 = crypto_load_le32toh(&in[10 * 4]);
X11 = crypto_load_le32toh(&in[11 * 4]);
X12 = crypto_load_le32toh(&in[12 * 4]);
X13 = crypto_load_le32toh(&in[13 * 4]);
X14 = crypto_load_le32toh(&in[14 * 4]);
X15 = crypto_load_le32toh(&in[15 * 4]);
while (num-- > 0) {
if ((uintptr_t)in % 4 == 0) {
/* Input is 32 bit aligned. */
in32 = (const MD5_LONG *)in;
X0 = le32toh(in32[0]);
X1 = le32toh(in32[1]);
X2 = le32toh(in32[2]);
X3 = le32toh(in32[3]);
X4 = le32toh(in32[4]);
X5 = le32toh(in32[5]);
X6 = le32toh(in32[6]);
X7 = le32toh(in32[7]);
X8 = le32toh(in32[8]);
X9 = le32toh(in32[9]);
X10 = le32toh(in32[10]);
X11 = le32toh(in32[11]);
X12 = le32toh(in32[12]);
X13 = le32toh(in32[13]);
X14 = le32toh(in32[14]);
X15 = le32toh(in32[15]);
} else {
/* Input is not 32 bit aligned. */
X0 = crypto_load_le32toh(&in[0 * 4]);
X1 = crypto_load_le32toh(&in[1 * 4]);
X2 = crypto_load_le32toh(&in[2 * 4]);
X3 = crypto_load_le32toh(&in[3 * 4]);
X4 = crypto_load_le32toh(&in[4 * 4]);
X5 = crypto_load_le32toh(&in[5 * 4]);
X6 = crypto_load_le32toh(&in[6 * 4]);
X7 = crypto_load_le32toh(&in[7 * 4]);
X8 = crypto_load_le32toh(&in[8 * 4]);
X9 = crypto_load_le32toh(&in[9 * 4]);
X10 = crypto_load_le32toh(&in[10 * 4]);
X11 = crypto_load_le32toh(&in[11 * 4]);
X12 = crypto_load_le32toh(&in[12 * 4]);
X13 = crypto_load_le32toh(&in[13 * 4]);
X14 = crypto_load_le32toh(&in[14 * 4]);
X15 = crypto_load_le32toh(&in[15 * 4]);
}
in += MD5_CBLOCK;
/* Round 0 */
R0(A, B, C, D, X0, 7, 0xd76aa478L);
R0(D, A, B, C, X1, 12, 0xe8c7b756L);
R0(C, D, A, B, X2, 17, 0x242070dbL);
R0(B, C, D, A, X3, 22, 0xc1bdceeeL);
R0(A, B, C, D, X4, 7, 0xf57c0fafL);
R0(D, A, B, C, X5, 12, 0x4787c62aL);
R0(C, D, A, B, X6, 17, 0xa8304613L);
R0(B, C, D, A, X7, 22, 0xfd469501L);
R0(A, B, C, D, X8, 7, 0x698098d8L);
R0(D, A, B, C, X9, 12, 0x8b44f7afL);
R0(C, D, A, B, X10, 17, 0xffff5bb1L);
R0(B, C, D, A, X11, 22, 0x895cd7beL);
R0(A, B, C, D, X12, 7, 0x6b901122L);
R0(D, A, B, C, X13, 12, 0xfd987193L);
R0(C, D, A, B, X14, 17, 0xa679438eL);
R0(B, C, D, A, X15, 22, 0x49b40821L);
/* Round 1 */
R1(A, B, C, D, X1, 5, 0xf61e2562L);
R1(D, A, B, C, X6, 9, 0xc040b340L);
R1(C, D, A, B, X11, 14, 0x265e5a51L);
R1(B, C, D, A, X0, 20, 0xe9b6c7aaL);
R1(A, B, C, D, X5, 5, 0xd62f105dL);
R1(D, A, B, C, X10, 9, 0x02441453L);
R1(C, D, A, B, X15, 14, 0xd8a1e681L);
R1(B, C, D, A, X4, 20, 0xe7d3fbc8L);
R1(A, B, C, D, X9, 5, 0x21e1cde6L);
R1(D, A, B, C, X14, 9, 0xc33707d6L);
R1(C, D, A, B, X3, 14, 0xf4d50d87L);
R1(B, C, D, A, X8, 20, 0x455a14edL);
R1(A, B, C, D, X13, 5, 0xa9e3e905L);
R1(D, A, B, C, X2, 9, 0xfcefa3f8L);
R1(C, D, A, B, X7, 14, 0x676f02d9L);
R1(B, C, D, A, X12, 20, 0x8d2a4c8aL);
/* Round 2 */
R2(A, B, C, D, X5, 4, 0xfffa3942L);
R2(D, A, B, C, X8, 11, 0x8771f681L);
R2(C, D, A, B, X11, 16, 0x6d9d6122L);
R2(B, C, D, A, X14, 23, 0xfde5380cL);
R2(A, B, C, D, X1, 4, 0xa4beea44L);
R2(D, A, B, C, X4, 11, 0x4bdecfa9L);
R2(C, D, A, B, X7, 16, 0xf6bb4b60L);
R2(B, C, D, A, X10, 23, 0xbebfbc70L);
R2(A, B, C, D, X13, 4, 0x289b7ec6L);
R2(D, A, B, C, X0, 11, 0xeaa127faL);
R2(C, D, A, B, X3, 16, 0xd4ef3085L);
R2(B, C, D, A, X6, 23, 0x04881d05L);
R2(A, B, C, D, X9, 4, 0xd9d4d039L);
R2(D, A, B, C, X12, 11, 0xe6db99e5L);
R2(C, D, A, B, X15, 16, 0x1fa27cf8L);
R2(B, C, D, A, X2, 23, 0xc4ac5665L);
/* Round 3 */
R3(A, B, C, D, X0, 6, 0xf4292244L);
R3(D, A, B, C, X7, 10, 0x432aff97L);
R3(C, D, A, B, X14, 15, 0xab9423a7L);
R3(B, C, D, A, X5, 21, 0xfc93a039L);
R3(A, B, C, D, X12, 6, 0x655b59c3L);
R3(D, A, B, C, X3, 10, 0x8f0ccc92L);
R3(C, D, A, B, X10, 15, 0xffeff47dL);
R3(B, C, D, A, X1, 21, 0x85845dd1L);
R3(A, B, C, D, X8, 6, 0x6fa87e4fL);
R3(D, A, B, C, X15, 10, 0xfe2ce6e0L);
R3(C, D, A, B, X6, 15, 0xa3014314L);
R3(B, C, D, A, X13, 21, 0x4e0811a1L);
R3(A, B, C, D, X4, 6, 0xf7537e82L);
R3(D, A, B, C, X11, 10, 0xbd3af235L);
R3(C, D, A, B, X2, 15, 0x2ad7d2bbL);
R3(B, C, D, A, X9, 21, 0xeb86d391L);
md5_round1(&A, B, C, D, X0, 0xd76aa478L, 7);
md5_round1(&D, A, B, C, X1, 0xe8c7b756L, 12);
md5_round1(&C, D, A, B, X2, 0x242070dbL, 17);
md5_round1(&B, C, D, A, X3, 0xc1bdceeeL, 22);
md5_round1(&A, B, C, D, X4, 0xf57c0fafL, 7);
md5_round1(&D, A, B, C, X5, 0x4787c62aL, 12);
md5_round1(&C, D, A, B, X6, 0xa8304613L, 17);
md5_round1(&B, C, D, A, X7, 0xfd469501L, 22);
md5_round1(&A, B, C, D, X8, 0x698098d8L, 7);
md5_round1(&D, A, B, C, X9, 0x8b44f7afL, 12);
md5_round1(&C, D, A, B, X10, 0xffff5bb1L, 17);
md5_round1(&B, C, D, A, X11, 0x895cd7beL, 22);
md5_round1(&A, B, C, D, X12, 0x6b901122L, 7);
md5_round1(&D, A, B, C, X13, 0xfd987193L, 12);
md5_round1(&C, D, A, B, X14, 0xa679438eL, 17);
md5_round1(&B, C, D, A, X15, 0x49b40821L, 22);
md5_round2(&A, B, C, D, X1, 0xf61e2562L, 5);
md5_round2(&D, A, B, C, X6, 0xc040b340L, 9);
md5_round2(&C, D, A, B, X11, 0x265e5a51L, 14);
md5_round2(&B, C, D, A, X0, 0xe9b6c7aaL, 20);
md5_round2(&A, B, C, D, X5, 0xd62f105dL, 5);
md5_round2(&D, A, B, C, X10, 0x02441453L, 9);
md5_round2(&C, D, A, B, X15, 0xd8a1e681L, 14);
md5_round2(&B, C, D, A, X4, 0xe7d3fbc8L, 20);
md5_round2(&A, B, C, D, X9, 0x21e1cde6L, 5);
md5_round2(&D, A, B, C, X14, 0xc33707d6L, 9);
md5_round2(&C, D, A, B, X3, 0xf4d50d87L, 14);
md5_round2(&B, C, D, A, X8, 0x455a14edL, 20);
md5_round2(&A, B, C, D, X13, 0xa9e3e905L, 5);
md5_round2(&D, A, B, C, X2, 0xfcefa3f8L, 9);
md5_round2(&C, D, A, B, X7, 0x676f02d9L, 14);
md5_round2(&B, C, D, A, X12, 0x8d2a4c8aL, 20);
md5_round3(&A, B, C, D, X5, 0xfffa3942L, 4);
md5_round3(&D, A, B, C, X8, 0x8771f681L, 11);
md5_round3(&C, D, A, B, X11, 0x6d9d6122L, 16);
md5_round3(&B, C, D, A, X14, 0xfde5380cL, 23);
md5_round3(&A, B, C, D, X1, 0xa4beea44L, 4);
md5_round3(&D, A, B, C, X4, 0x4bdecfa9L, 11);
md5_round3(&C, D, A, B, X7, 0xf6bb4b60L, 16);
md5_round3(&B, C, D, A, X10, 0xbebfbc70L, 23);
md5_round3(&A, B, C, D, X13, 0x289b7ec6L, 4);
md5_round3(&D, A, B, C, X0, 0xeaa127faL, 11);
md5_round3(&C, D, A, B, X3, 0xd4ef3085L, 16);
md5_round3(&B, C, D, A, X6, 0x04881d05L, 23);
md5_round3(&A, B, C, D, X9, 0xd9d4d039L, 4);
md5_round3(&D, A, B, C, X12, 0xe6db99e5L, 11);
md5_round3(&C, D, A, B, X15, 0x1fa27cf8L, 16);
md5_round3(&B, C, D, A, X2, 0xc4ac5665L, 23);
md5_round4(&A, B, C, D, X0, 0xf4292244L, 6);
md5_round4(&D, A, B, C, X7, 0x432aff97L, 10);
md5_round4(&C, D, A, B, X14, 0xab9423a7L, 15);
md5_round4(&B, C, D, A, X5, 0xfc93a039L, 21);
md5_round4(&A, B, C, D, X12, 0x655b59c3L, 6);
md5_round4(&D, A, B, C, X3, 0x8f0ccc92L, 10);
md5_round4(&C, D, A, B, X10, 0xffeff47dL, 15);
md5_round4(&B, C, D, A, X1, 0x85845dd1L, 21);
md5_round4(&A, B, C, D, X8, 0x6fa87e4fL, 6);
md5_round4(&D, A, B, C, X15, 0xfe2ce6e0L, 10);
md5_round4(&C, D, A, B, X6, 0xa3014314L, 15);
md5_round4(&B, C, D, A, X13, 0x4e0811a1L, 21);
md5_round4(&A, B, C, D, X4, 0xf7537e82L, 6);
md5_round4(&D, A, B, C, X11, 0xbd3af235L, 10);
md5_round4(&C, D, A, B, X2, 0x2ad7d2bbL, 15);
md5_round4(&B, C, D, A, X9, 0xeb86d391L, 21);
A = c->A += A;
B = c->B += B;

5
lib/libcrypto/rsa/rsa_lib.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: rsa_lib.c,v 1.49 2023/11/19 15:46:10 tb Exp $ */
/* $OpenBSD: rsa_lib.c,v 1.50 2024/03/27 01:22:30 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -192,8 +192,7 @@ LCRYPTO_ALIAS(RSA_free);
int
RSA_up_ref(RSA *r)
{
int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_RSA);
return i > 1 ? 1 : 0;
return CRYPTO_add(&r->references, 1, CRYPTO_LOCK_RSA) > 1;
}
LCRYPTO_ALIAS(RSA_up_ref);

23
lib/libcrypto/rsa/rsa_oaep.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: rsa_oaep.c,v 1.38 2024/02/18 15:45:42 tb Exp $ */
/* $OpenBSD: rsa_oaep.c,v 1.39 2024/03/26 05:37:28 joshua Exp $ */
/*
* Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
*
@ -326,12 +326,14 @@ PKCS1_MGF1(unsigned char *mask, long len, const unsigned char *seed,
{
long i, outlen = 0;
unsigned char cnt[4];
EVP_MD_CTX c;
EVP_MD_CTX *md_ctx;
unsigned char md[EVP_MAX_MD_SIZE];
int mdlen;
int rv = -1;
EVP_MD_CTX_legacy_clear(&c);
if ((md_ctx = EVP_MD_CTX_new()) == NULL)
goto err;
mdlen = EVP_MD_size(dgst);
if (mdlen < 0)
goto err;
@ -340,24 +342,27 @@ PKCS1_MGF1(unsigned char *mask, long len, const unsigned char *seed,
cnt[1] = (unsigned char)((i >> 16) & 255);
cnt[2] = (unsigned char)((i >> 8)) & 255;
cnt[3] = (unsigned char)(i & 255);
if (!EVP_DigestInit_ex(&c, dgst, NULL) ||
!EVP_DigestUpdate(&c, seed, seedlen) ||
!EVP_DigestUpdate(&c, cnt, 4))
if (!EVP_DigestInit_ex(md_ctx, dgst, NULL) ||
!EVP_DigestUpdate(md_ctx, seed, seedlen) ||
!EVP_DigestUpdate(md_ctx, cnt, 4))
goto err;
if (outlen + mdlen <= len) {
if (!EVP_DigestFinal_ex(&c, mask + outlen, NULL))
if (!EVP_DigestFinal_ex(md_ctx, mask + outlen, NULL))
goto err;
outlen += mdlen;
} else {
if (!EVP_DigestFinal_ex(&c, md, NULL))
if (!EVP_DigestFinal_ex(md_ctx, md, NULL))
goto err;
memcpy(mask + outlen, md, len - outlen);
outlen = len;
}
}
rv = 0;
err:
EVP_MD_CTX_cleanup(&c);
EVP_MD_CTX_free(md_ctx);
return rv;
}
LCRYPTO_ALIAS(PKCS1_MGF1);

41
lib/libcrypto/rsa/rsa_pss.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: rsa_pss.c,v 1.18 2024/02/18 15:45:42 tb Exp $ */
/* $OpenBSD: rsa_pss.c,v 1.19 2024/03/26 05:26:27 joshua Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2005.
*/
@ -89,10 +89,11 @@ RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
int hLen, maskedDBLen, MSBits, emLen;
const unsigned char *H;
unsigned char *DB = NULL;
EVP_MD_CTX ctx;
EVP_MD_CTX *md_ctx;
unsigned char H_[EVP_MAX_MD_SIZE];
EVP_MD_CTX_legacy_clear(&ctx);
if ((md_ctx = EVP_MD_CTX_new()) == NULL)
goto err;
if (mgf1Hash == NULL)
mgf1Hash = Hash;
@ -157,25 +158,26 @@ RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
RSAerror(RSA_R_SLEN_CHECK_FAILED);
goto err;
}
if (!EVP_DigestInit_ex(&ctx, Hash, NULL) ||
!EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes) ||
!EVP_DigestUpdate(&ctx, mHash, hLen))
if (!EVP_DigestInit_ex(md_ctx, Hash, NULL) ||
!EVP_DigestUpdate(md_ctx, zeroes, sizeof zeroes) ||
!EVP_DigestUpdate(md_ctx, mHash, hLen))
goto err;
if (maskedDBLen - i) {
if (!EVP_DigestUpdate(&ctx, DB + i, maskedDBLen - i))
if (!EVP_DigestUpdate(md_ctx, DB + i, maskedDBLen - i))
goto err;
}
if (!EVP_DigestFinal_ex(&ctx, H_, NULL))
if (!EVP_DigestFinal_ex(md_ctx, H_, NULL))
goto err;
if (timingsafe_bcmp(H_, H, hLen)) {
RSAerror(RSA_R_BAD_SIGNATURE);
ret = 0;
} else
} else {
ret = 1;
}
err:
err:
free(DB);
EVP_MD_CTX_cleanup(&ctx);
EVP_MD_CTX_free(md_ctx);
return ret;
}
@ -198,9 +200,10 @@ RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
int ret = 0;
int hLen, maskedDBLen, MSBits, emLen;
unsigned char *H, *salt = NULL, *p;
EVP_MD_CTX ctx;
EVP_MD_CTX *md_ctx;
EVP_MD_CTX_legacy_clear(&ctx);
if ((md_ctx = EVP_MD_CTX_new()) == NULL)
goto err;
if (mgf1Hash == NULL)
mgf1Hash = Hash;
@ -245,13 +248,13 @@ RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
}
maskedDBLen = emLen - hLen - 1;
H = EM + maskedDBLen;
if (!EVP_DigestInit_ex(&ctx, Hash, NULL) ||
!EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes) ||
!EVP_DigestUpdate(&ctx, mHash, hLen))
if (!EVP_DigestInit_ex(md_ctx, Hash, NULL) ||
!EVP_DigestUpdate(md_ctx, zeroes, sizeof zeroes) ||
!EVP_DigestUpdate(md_ctx, mHash, hLen))
goto err;
if (sLen && !EVP_DigestUpdate(&ctx, salt, sLen))
if (sLen && !EVP_DigestUpdate(md_ctx, salt, sLen))
goto err;
if (!EVP_DigestFinal_ex(&ctx, H, NULL))
if (!EVP_DigestFinal_ex(md_ctx, H, NULL))
goto err;
/* Generate dbMask in place then perform XOR on it */
@ -281,7 +284,7 @@ RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
err:
free(salt);
EVP_MD_CTX_cleanup(&ctx);
EVP_MD_CTX_free(md_ctx);
return ret;
}

207
lib/libcrypto/sha/sha1.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: sha1.c,v 1.12 2023/08/10 07:15:23 jsing Exp $ */
/* $OpenBSD: sha1.c,v 1.13 2024/03/26 12:54:22 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -64,8 +64,13 @@
#include <openssl/crypto.h>
#include <openssl/sha.h>
#include "crypto_internal.h"
#if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_SHA)
/* Ensure that SHA_LONG and uint32_t are equivalent sizes. */
CTASSERT(sizeof(SHA_LONG) == sizeof(uint32_t));
#define DATA_ORDER_IS_BIG_ENDIAN
#define HASH_LONG SHA_LONG
@ -138,109 +143,77 @@ void sha1_block_data_order(SHA_CTX *c, const void *p, size_t num);
#if !defined(SHA1_ASM)
#include <endian.h>
static void
sha1_block_data_order(SHA_CTX *c, const void *p, size_t num)
sha1_block_data_order(SHA_CTX *c, const void *_in, size_t num)
{
const unsigned char *data = p;
unsigned int A, B, C, D, E, T, l;
const uint8_t *in = _in;
const SHA_LONG *in32;
unsigned int A, B, C, D, E, T;
unsigned int X0, X1, X2, X3, X4, X5, X6, X7,
X8, X9, X10, X11, X12, X13, X14, X15;
A = c->h0;
B = c->h1;
C = c->h2;
D = c->h3;
E = c->h4;
while (num--) {
A = c->h0;
B = c->h1;
C = c->h2;
D = c->h3;
E = c->h4;
for (;;) {
if (BYTE_ORDER != LITTLE_ENDIAN &&
sizeof(SHA_LONG) == 4 && ((size_t)p % 4) == 0) {
const SHA_LONG *W = (const SHA_LONG *)data;
X0 = W[0];
X1 = W[1];
BODY_00_15( 0, A, B, C, D, E, T, X0);
X2 = W[2];
BODY_00_15( 1, T, A, B, C, D, E, X1);
X3 = W[3];
BODY_00_15( 2, E, T, A, B, C, D, X2);
X4 = W[4];
BODY_00_15( 3, D, E, T, A, B, C, X3);
X5 = W[5];
BODY_00_15( 4, C, D, E, T, A, B, X4);
X6 = W[6];
BODY_00_15( 5, B, C, D, E, T, A, X5);
X7 = W[7];
BODY_00_15( 6, A, B, C, D, E, T, X6);
X8 = W[8];
BODY_00_15( 7, T, A, B, C, D, E, X7);
X9 = W[9];
BODY_00_15( 8, E, T, A, B, C, D, X8);
X10 = W[10];
BODY_00_15( 9, D, E, T, A, B, C, X9);
X11 = W[11];
BODY_00_15(10, C, D, E, T, A, B, X10);
X12 = W[12];
BODY_00_15(11, B, C, D, E, T, A, X11);
X13 = W[13];
BODY_00_15(12, A, B, C, D, E, T, X12);
X14 = W[14];
BODY_00_15(13, T, A, B, C, D, E, X13);
X15 = W[15];
BODY_00_15(14, E, T, A, B, C, D, X14);
BODY_00_15(15, D, E, T, A, B, C, X15);
data += SHA_CBLOCK;
if ((size_t)in % 4 == 0) {
/* Input is 32 bit aligned. */
in32 = (const SHA_LONG *)in;
X0 = be32toh(in32[0]);
X1 = be32toh(in32[1]);
X2 = be32toh(in32[2]);
X3 = be32toh(in32[3]);
X4 = be32toh(in32[4]);
X5 = be32toh(in32[5]);
X6 = be32toh(in32[6]);
X7 = be32toh(in32[7]);
X8 = be32toh(in32[8]);
X9 = be32toh(in32[9]);
X10 = be32toh(in32[10]);
X11 = be32toh(in32[11]);
X12 = be32toh(in32[12]);
X13 = be32toh(in32[13]);
X14 = be32toh(in32[14]);
X15 = be32toh(in32[15]);
} else {
HOST_c2l(data, l);
X0 = l;
HOST_c2l(data, l);
X1 = l;
BODY_00_15( 0, A, B, C, D, E, T, X0);
HOST_c2l(data, l);
X2 = l;
BODY_00_15( 1, T, A, B, C, D, E, X1);
HOST_c2l(data, l);
X3 = l;
BODY_00_15( 2, E, T, A, B, C, D, X2);
HOST_c2l(data, l);
X4 = l;
BODY_00_15( 3, D, E, T, A, B, C, X3);
HOST_c2l(data, l);
X5 = l;
BODY_00_15( 4, C, D, E, T, A, B, X4);
HOST_c2l(data, l);
X6 = l;
BODY_00_15( 5, B, C, D, E, T, A, X5);
HOST_c2l(data, l);
X7 = l;
BODY_00_15( 6, A, B, C, D, E, T, X6);
HOST_c2l(data, l);
X8 = l;
BODY_00_15( 7, T, A, B, C, D, E, X7);
HOST_c2l(data, l);
X9 = l;
BODY_00_15( 8, E, T, A, B, C, D, X8);
HOST_c2l(data, l);
X10 = l;
BODY_00_15( 9, D, E, T, A, B, C, X9);
HOST_c2l(data, l);
X11 = l;
BODY_00_15(10, C, D, E, T, A, B, X10);
HOST_c2l(data, l);
X12 = l;
BODY_00_15(11, B, C, D, E, T, A, X11);
HOST_c2l(data, l);
X13 = l;
BODY_00_15(12, A, B, C, D, E, T, X12);
HOST_c2l(data, l);
X14 = l;
BODY_00_15(13, T, A, B, C, D, E, X13);
HOST_c2l(data, l);
X15 = l;
BODY_00_15(14, E, T, A, B, C, D, X14);
BODY_00_15(15, D, E, T, A, B, C, X15);
/* Input is not 32 bit aligned. */
X0 = crypto_load_be32toh(&in[0 * 4]);
X1 = crypto_load_be32toh(&in[1 * 4]);
X2 = crypto_load_be32toh(&in[2 * 4]);
X3 = crypto_load_be32toh(&in[3 * 4]);
X4 = crypto_load_be32toh(&in[4 * 4]);
X5 = crypto_load_be32toh(&in[5 * 4]);
X6 = crypto_load_be32toh(&in[6 * 4]);
X7 = crypto_load_be32toh(&in[7 * 4]);
X8 = crypto_load_be32toh(&in[8 * 4]);
X9 = crypto_load_be32toh(&in[9 * 4]);
X10 = crypto_load_be32toh(&in[10 * 4]);
X11 = crypto_load_be32toh(&in[11 * 4]);
X12 = crypto_load_be32toh(&in[12 * 4]);
X13 = crypto_load_be32toh(&in[13 * 4]);
X14 = crypto_load_be32toh(&in[14 * 4]);
X15 = crypto_load_be32toh(&in[15 * 4]);
}
in += SHA_CBLOCK;
BODY_00_15( 0, A, B, C, D, E, T, X0);
BODY_00_15( 1, T, A, B, C, D, E, X1);
BODY_00_15( 2, E, T, A, B, C, D, X2);
BODY_00_15( 3, D, E, T, A, B, C, X3);
BODY_00_15( 4, C, D, E, T, A, B, X4);
BODY_00_15( 5, B, C, D, E, T, A, X5);
BODY_00_15( 6, A, B, C, D, E, T, X6);
BODY_00_15( 7, T, A, B, C, D, E, X7);
BODY_00_15( 8, E, T, A, B, C, D, X8);
BODY_00_15( 9, D, E, T, A, B, C, X9);
BODY_00_15(10, C, D, E, T, A, B, X10);
BODY_00_15(11, B, C, D, E, T, A, X11);
BODY_00_15(12, A, B, C, D, E, T, X12);
BODY_00_15(13, T, A, B, C, D, E, X13);
BODY_00_15(14, E, T, A, B, C, D, X14);
BODY_00_15(15, D, E, T, A, B, C, X15);
BODY_16_19(16, C, D, E, T, A, B, X0, X0, X2, X8, X13);
BODY_16_19(17, B, C, D, E, T, A, X1, X1, X3, X9, X14);
@ -316,16 +289,6 @@ sha1_block_data_order(SHA_CTX *c, const void *p, size_t num)
c->h2 = (c->h2 + A)&0xffffffffL;
c->h3 = (c->h3 + B)&0xffffffffL;
c->h4 = (c->h4 + C)&0xffffffffL;
if (--num == 0)
break;
A = c->h0;
B = c->h1;
C = c->h2;
D = c->h3;
E = c->h4;
}
}
#endif
@ -412,7 +375,6 @@ int
SHA1_Final(unsigned char *md, SHA_CTX *c)
{
unsigned char *p = (unsigned char *)c->data;
unsigned long ll;
size_t n = c->num;
p[n] = 0x80; /* there is always room for one */
@ -423,31 +385,20 @@ SHA1_Final(unsigned char *md, SHA_CTX *c)
n = 0;
sha1_block_data_order(c, p, 1);
}
memset(p + n, 0, SHA_CBLOCK - 8 - n);
p += SHA_CBLOCK - 8;
#if defined(DATA_ORDER_IS_BIG_ENDIAN)
HOST_l2c(c->Nh, p);
HOST_l2c(c->Nl, p);
#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
HOST_l2c(c->Nl, p);
HOST_l2c(c->Nh, p);
#endif
p -= SHA_CBLOCK;
memset(p + n, 0, SHA_CBLOCK - 8 - n);
c->data[SHA_LBLOCK - 2] = htobe32(c->Nh);
c->data[SHA_LBLOCK - 1] = htobe32(c->Nl);
sha1_block_data_order(c, p, 1);
c->num = 0;
memset(p, 0, SHA_CBLOCK);
ll = c->h0;
HOST_l2c(ll, md);
ll = c->h1;
HOST_l2c(ll, md);
ll = c->h2;
HOST_l2c(ll, md);
ll = c->h3;
HOST_l2c(ll, md);
ll = c->h4;
HOST_l2c(ll, md);
crypto_store_htobe32(&md[0 * 4], c->h0);
crypto_store_htobe32(&md[1 * 4], c->h1);
crypto_store_htobe32(&md[2 * 4], c->h2);
crypto_store_htobe32(&md[3 * 4], c->h3);
crypto_store_htobe32(&md[4 * 4], c->h4);
return 1;
}

4
lib/libcrypto/x509/x509_local.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: x509_local.h,v 1.22 2024/03/02 10:52:24 tb Exp $ */
/* $OpenBSD: x509_local.h,v 1.23 2024/03/26 05:39:47 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2013.
*/
@ -404,8 +404,6 @@ int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
const unsigned char *salt, int saltlen);
X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
unsigned char *salt, int saltlen);
X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
unsigned char *salt, int saltlen, unsigned char *aiv, int prf_nid);
X509_ALGOR *PKCS5_pbe_set(int alg, int iter, const unsigned char *salt,
int saltlen);
X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,

26
lib/libcrypto/x509/x509_set.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: x509_set.c,v 1.26 2023/06/23 08:00:28 tb Exp $ */
/* $OpenBSD: x509_set.c,v 1.29 2024/03/26 23:21:36 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -83,13 +83,19 @@ int
X509_set_version(X509 *x, long version)
{
if (x == NULL)
return (0);
return 0;
/*
* RFC 5280, 4.1: versions 1 - 3 are specified as follows.
* Version ::= INTEGER { v1(0), v2(1), v3(2) }
*/
if (version < 0 || version > 2)
return 0;
if (x->cert_info->version == NULL) {
if ((x->cert_info->version = ASN1_INTEGER_new()) == NULL)
return (0);
return 0;
}
x->cert_info->enc.modified = 1;
return (ASN1_INTEGER_set(x->cert_info->version, version));
return ASN1_INTEGER_set(x->cert_info->version, version);
}
LCRYPTO_ALIAS(X509_set_version);
@ -251,12 +257,12 @@ X509_get_X509_PUBKEY(const X509 *x)
LCRYPTO_ALIAS(X509_get_X509_PUBKEY);
void
X509_get0_uids(const X509 *x, const ASN1_BIT_STRING **piuid,
const ASN1_BIT_STRING **psuid)
X509_get0_uids(const X509 *x, const ASN1_BIT_STRING **issuerUID,
const ASN1_BIT_STRING **subjectUID)
{
if (piuid != NULL)
*piuid = x->cert_info->issuerUID;
if (psuid != NULL)
*psuid = x->cert_info->subjectUID;
if (issuerUID != NULL)
*issuerUID = x->cert_info->issuerUID;
if (subjectUID != NULL)
*subjectUID = x->cert_info->subjectUID;
}
LCRYPTO_ALIAS(X509_get0_uids);

4
lib/libcrypto/x509/x509_trs.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: x509_trs.c,v 1.54 2024/03/25 04:03:26 tb Exp $ */
/* $OpenBSD: x509_trs.c,v 1.55 2024/03/26 22:43:42 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
@ -59,12 +59,10 @@
#include <stdio.h>
#include <openssl/asn1.h>
#include <openssl/err.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include "crypto_internal.h"
#include "x509_internal.h"
#include "x509_local.h"

45
lib/libcrypto/x509/x509cset.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: x509cset.c,v 1.19 2023/02/16 08:38:17 tb Exp $ */
/* $OpenBSD: x509cset.c,v 1.22 2024/03/26 23:41:45 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2001.
*/
@ -68,8 +68,7 @@
int
X509_CRL_up_ref(X509_CRL *x)
{
int refs = CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509_CRL);
return (refs > 1) ? 1 : 0;
return CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509_CRL) > 1;
}
LCRYPTO_ALIAS(X509_CRL_up_ref);
@ -77,21 +76,28 @@ int
X509_CRL_set_version(X509_CRL *x, long version)
{
if (x == NULL)
return (0);
return 0;
/*
* RFC 5280, 4.1: versions 1 - 3 are specified as follows.
* Version ::= INTEGER { v1(0), v2(1), v3(2) }
* The only specified versions for CRLs are 1 and 2.
*/
if (version < 0 || version > 1)
return 0;
if (x->crl->version == NULL) {
if ((x->crl->version = ASN1_INTEGER_new()) == NULL)
return (0);
return 0;
}
return (ASN1_INTEGER_set(x->crl->version, version));
return ASN1_INTEGER_set(x->crl->version, version);
}
LCRYPTO_ALIAS(X509_CRL_set_version);
int
X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name)
{
if ((x == NULL) || (x->crl == NULL))
return (0);
return (X509_NAME_set(&x->crl->issuer, name));
if (x == NULL || x->crl == NULL)
return 0;
return X509_NAME_set(&x->crl->issuer, name);
}
LCRYPTO_ALIAS(X509_CRL_set_issuer_name);
@ -101,7 +107,7 @@ X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm)
ASN1_TIME *in;
if (x == NULL)
return (0);
return 0;
in = x->crl->lastUpdate;
if (in != tm) {
in = ASN1_STRING_dup(tm);
@ -110,7 +116,7 @@ X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm)
x->crl->lastUpdate = in;
}
}
return (in != NULL);
return in != NULL;
}
LCRYPTO_ALIAS(X509_CRL_set_lastUpdate);
@ -127,7 +133,7 @@ X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm)
ASN1_TIME *in;
if (x == NULL)
return (0);
return 0;
in = x->crl->nextUpdate;
if (in != tm) {
in = ASN1_STRING_dup(tm);
@ -136,7 +142,7 @@ X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm)
x->crl->nextUpdate = in;
}
}
return (in != NULL);
return in != NULL;
}
LCRYPTO_ALIAS(X509_CRL_set_nextUpdate);
@ -150,11 +156,10 @@ LCRYPTO_ALIAS(X509_CRL_set1_nextUpdate);
int
X509_CRL_sort(X509_CRL *c)
{
int i;
X509_REVOKED *r;
int i;
/* sort the data so it will be written in serial
* number order */
/* Sort the data so it will be written in serial number order */
sk_X509_REVOKED_sort(c->crl->revoked);
for (i = 0; i < sk_X509_REVOKED_num(c->crl->revoked); i++) {
r = sk_X509_REVOKED_value(c->crl->revoked, i);
@ -192,7 +197,7 @@ X509_REVOKED_set_revocationDate(X509_REVOKED *x, ASN1_TIME *tm)
ASN1_TIME *in;
if (x == NULL)
return (0);
return 0;
in = x->revocationDate;
if (in != tm) {
in = ASN1_STRING_dup(tm);
@ -201,7 +206,7 @@ X509_REVOKED_set_revocationDate(X509_REVOKED *x, ASN1_TIME *tm)
x->revocationDate = in;
}
}
return (in != NULL);
return in != NULL;
}
LCRYPTO_ALIAS(X509_REVOKED_set_revocationDate);
@ -211,7 +216,7 @@ X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial)
ASN1_INTEGER *in;
if (x == NULL)
return (0);
return 0;
in = x->serialNumber;
if (in != serial) {
in = ASN1_INTEGER_dup(serial);
@ -220,7 +225,7 @@ X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial)
x->serialNumber = in;
}
}
return (in != NULL);
return in != NULL;
}
LCRYPTO_ALIAS(X509_REVOKED_set_serialNumber);

21
lib/libcrypto/x509/x509rset.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: x509rset.c,v 1.14 2024/03/25 12:10:57 jsing Exp $ */
/* $OpenBSD: x509rset.c,v 1.16 2024/03/26 23:45:05 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -69,9 +69,12 @@ int
X509_REQ_set_version(X509_REQ *x, long version)
{
if (x == NULL)
return (0);
return 0;
/* RFC 2986 section 4.1 only specifies version 1, encoded as a 0. */
if (version != 0)
return 0;
x->req_info->enc.modified = 1;
return (ASN1_INTEGER_set(x->req_info->version, version));
return ASN1_INTEGER_set(x->req_info->version, version);
}
LCRYPTO_ALIAS(X509_REQ_set_version);
@ -85,10 +88,10 @@ LCRYPTO_ALIAS(X509_REQ_get_version);
int
X509_REQ_set_subject_name(X509_REQ *x, X509_NAME *name)
{
if ((x == NULL) || (x->req_info == NULL))
return (0);
if (x == NULL || x->req_info == NULL)
return 0;
x->req_info->enc.modified = 1;
return (X509_NAME_set(&x->req_info->subject, name));
return X509_NAME_set(&x->req_info->subject, name);
}
LCRYPTO_ALIAS(X509_REQ_set_subject_name);
@ -102,9 +105,9 @@ LCRYPTO_ALIAS(X509_REQ_get_subject_name);
int
X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey)
{
if ((x == NULL) || (x->req_info == NULL))
return (0);
if (x == NULL || x->req_info == NULL)
return 0;
x->req_info->enc.modified = 1;
return (X509_PUBKEY_set(&x->req_info->pubkey, pkey));
return X509_PUBKEY_set(&x->req_info->pubkey, pkey);
}
LCRYPTO_ALIAS(X509_REQ_set_pubkey);

5
lib/libcrypto/x509/x_all.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: x_all.c,v 1.30 2023/02/16 08:38:17 tb Exp $ */
/* $OpenBSD: x_all.c,v 1.31 2024/03/27 01:22:30 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -535,7 +535,6 @@ LCRYPTO_ALIAS(X509_NAME_digest);
int
X509_up_ref(X509 *x)
{
int i = CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
return i > 1 ? 1 : 0;
return CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509) > 1;
}
LCRYPTO_ALIAS(X509_up_ref);