SecBSD/src
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sync code with last fixes and improvements from OpenBSD

Browse source
This commit is contained in:
purplerain 2023-07-30 17:58:45 +00:00
parent f960599e67
commit 691f97cc10
Signed by: purplerain
GPG key ID: F42C07F07E2E35B7
215 changed files with 1520 additions and 11518 deletions
Download patch file Download diff file Expand all files Collapse all files

66
lib/libcrypto/Makefile
View file

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.139 2023/07/21 09:04:23 tb Exp $
# $OpenBSD: Makefile,v 1.153 2023/07/29 06:46:20 tb Exp $
LIB= crypto
LIBREBUILD=y
@ -22,14 +22,7 @@ CFLAGS+= -DLIBRESSL_INTERNAL
.ifdef NAMESPACE
CFLAGS+= -DLIBRESSL_NAMESPACE -DLIBRESSL_CRYPTO_NAMESPACE
.endif
.if !defined(NOPIC)
CFLAGS+= -DDSO_DLFCN -DHAVE_DLFCN_H -DHAVE_FUNOPEN
.endif
# Hardware engines
CFLAGS+= -DOPENSSL_NO_HW_PADLOCK # XXX enable this?
CFLAGS+= -DHAVE_FUNOPEN
CFLAGS+= -I${LCRYPTO_SRC}
CFLAGS+= -I${LCRYPTO_SRC}/arch/${MACHINE_CPU}
@ -78,7 +71,6 @@ SRCS+= aes_cfb.c
SRCS+= aes_ctr.c
SRCS+= aes_ecb.c
SRCS+= aes_ige.c
SRCS+= aes_misc.c
SRCS+= aes_ofb.c
SRCS+= aes_wrap.c
@ -117,7 +109,6 @@ SRCS+= p5_pbe.c
SRCS+= p5_pbev2.c
SRCS+= p8_pkey.c
SRCS+= t_crl.c
SRCS+= t_pkey.c
SRCS+= t_req.c
SRCS+= t_spki.c
SRCS+= t_x509.c
@ -205,7 +196,6 @@ SRCS+= bn_word.c
# buffer/
SRCS+= buf_err.c
SRCS+= buf_str.c
SRCS+= buffer.c
# bytestring/
@ -249,12 +239,6 @@ SRCS+= cms_pwri.c
SRCS+= cms_sd.c
SRCS+= cms_smime.c
# comp/
SRCS+= c_rle.c
SRCS+= c_zlib.c
SRCS+= comp_err.c
SRCS+= comp_lib.c
# conf/
SRCS+= conf_api.c
SRCS+= conf_def.c
@ -324,13 +308,6 @@ SRCS+= dsa_ossl.c
SRCS+= dsa_pmeth.c
SRCS+= dsa_prn.c
# dso/
SRCS+= dso_dlfcn.c
SRCS+= dso_err.c
SRCS+= dso_lib.c
SRCS+= dso_null.c
SRCS+= dso_openssl.c
# ec/
SRCS+= ec_ameth.c
SRCS+= ec_asn1.c
@ -353,40 +330,12 @@ SRCS+= ecx_methods.c
# ecdh/
SRCS+= ecdh.c
SRCS+= ech_err.c
SRCS+= ech_lib.c
# ecdsa/
SRCS+= ecs_err.c
SRCS+= ecs_lib.c
SRCS+= ecdsa.c
# engine/
SRCS+= engine_stubs.c
SRCS+= eng_all.c
SRCS+= eng_cnf.c
SRCS+= eng_ctrl.c
SRCS+= eng_dyn.c
SRCS+= eng_err.c
SRCS+= eng_fat.c
SRCS+= eng_init.c
SRCS+= eng_lib.c
SRCS+= eng_list.c
SRCS+= eng_openssl.c
SRCS+= eng_pkey.c
SRCS+= eng_table.c
SRCS+= tb_asnmth.c
SRCS+= tb_cipher.c
SRCS+= tb_dh.c
SRCS+= tb_digest.c
SRCS+= tb_dsa.c
SRCS+= tb_ecdh.c
SRCS+= tb_ecdsa.c
SRCS+= tb_eckey.c
SRCS+= tb_pkmeth.c
SRCS+= tb_rand.c
SRCS+= tb_rsa.c
SRCS+= tb_store.c
# err/
SRCS+= err.c
@ -492,12 +441,10 @@ SRCS+= lh_stats.c
SRCS+= lhash.c
# md4/
SRCS+= md4_dgst.c
SRCS+= md4_one.c
SRCS+= md4.c
# md5/
SRCS+= md5_dgst.c
SRCS+= md5_one.c
SRCS+= md5.c
# modes/
SRCS+= cbc128.c
@ -582,8 +529,7 @@ SRCS+= rc2cfb64.c
SRCS+= rc2ofb64.c
# ripemd/
SRCS+= rmd_dgst.c
SRCS+= rmd_one.c
SRCS+= ripemd.c
# rsa/
SRCS+= rsa_ameth.c
@ -725,7 +671,6 @@ SRCS+= x_all.c
${LCRYPTO_SRC}/des \
${LCRYPTO_SRC}/dh \
${LCRYPTO_SRC}/dsa \
${LCRYPTO_SRC}/dso \
${LCRYPTO_SRC}/ec \
${LCRYPTO_SRC}/ecdh \
${LCRYPTO_SRC}/ecdsa \
@ -786,7 +731,6 @@ HDRS=\
${LCRYPTO_SRC}/des/des.h \
${LCRYPTO_SRC}/dh/dh.h \
${LCRYPTO_SRC}/dsa/dsa.h \
${LCRYPTO_SRC}/dso/dso.h \
${LCRYPTO_SRC}/ec/ec.h \
${LCRYPTO_SRC}/ecdh/ecdh.h \
${LCRYPTO_SRC}/ecdsa/ecdsa.h \

246
lib/libcrypto/Symbols.list
View file

@ -11,7 +11,6 @@ AES_ecb_encrypt
AES_encrypt
AES_ige_encrypt
AES_ofb128_encrypt
AES_options
AES_set_decrypt_key
AES_set_encrypt_key
AES_unwrap_key
@ -26,15 +25,11 @@ ASIdentifiers_free
ASIdentifiers_it
ASIdentifiers_new
ASN1_ANY_it
ASN1_BIT_STRING_check
ASN1_BIT_STRING_free
ASN1_BIT_STRING_get_bit
ASN1_BIT_STRING_it
ASN1_BIT_STRING_name_print
ASN1_BIT_STRING_new
ASN1_BIT_STRING_num_asc
ASN1_BIT_STRING_set
ASN1_BIT_STRING_set_asc
ASN1_BIT_STRING_set_bit
ASN1_BMPSTRING_free
ASN1_BMPSTRING_it
@ -181,8 +176,6 @@ ASN1_VISIBLESTRING_free
ASN1_VISIBLESTRING_it
ASN1_VISIBLESTRING_new
ASN1_add_oid_module
ASN1_bn_print
ASN1_buf_print
ASN1_d2i_bio
ASN1_d2i_fp
ASN1_dup
@ -216,16 +209,10 @@ ASN1_mbstring_ncopy
ASN1_object_size
ASN1_parse
ASN1_parse_dump
ASN1_primitive_free
ASN1_primitive_new
ASN1_put_eoc
ASN1_put_object
ASN1_tag2bit
ASN1_tag2str
ASN1_template_d2i
ASN1_template_free
ASN1_template_i2d
ASN1_template_new
ASN1_time_parse
ASN1_time_tm_clamp_notafter
ASN1_time_tm_cmp
@ -247,16 +234,11 @@ BF_decrypt
BF_ecb_encrypt
BF_encrypt
BF_ofb64_encrypt
BF_options
BF_set_key
BIGNUM_it
BIO_CONNECT_free
BIO_CONNECT_new
BIO_accept
BIO_asn1_get_prefix
BIO_asn1_get_suffix
BIO_asn1_set_prefix
BIO_asn1_set_suffix
BIO_callback_ctrl
BIO_clear_flags
BIO_copy_next_retry
@ -275,7 +257,6 @@ BIO_dump_indent
BIO_dump_indent_cb
BIO_dump_indent_fp
BIO_dup_chain
BIO_f_asn1
BIO_f_base64
BIO_f_buffer
BIO_f_cipher
@ -338,12 +319,8 @@ BIO_new_fp
BIO_new_mem_buf
BIO_new_socket
BIO_next
BIO_nread
BIO_nread0
BIO_number_read
BIO_number_written
BIO_nwrite
BIO_nwrite0
BIO_pop
BIO_printf
BIO_ptr_ctrl
@ -387,17 +364,6 @@ BIO_vfree
BIO_vprintf
BIO_vsnprintf
BIO_write
BN_BLINDING_convert
BN_BLINDING_convert_ex
BN_BLINDING_create_param
BN_BLINDING_free
BN_BLINDING_get_flags
BN_BLINDING_invert
BN_BLINDING_invert_ex
BN_BLINDING_new
BN_BLINDING_set_flags
BN_BLINDING_thread_id
BN_BLINDING_update
BN_CTX_end
BN_CTX_free
BN_CTX_get
@ -492,7 +458,6 @@ BN_nnmod
BN_num_bits
BN_num_bits_word
BN_one
BN_options
BN_print
BN_print_fp
BN_pseudo_rand
@ -523,12 +488,6 @@ BUF_MEM_free
BUF_MEM_grow
BUF_MEM_grow_clean
BUF_MEM_new
BUF_memdup
BUF_reverse
BUF_strdup
BUF_strlcat
BUF_strlcpy
BUF_strndup
CAST_cbc_encrypt
CAST_cfb64_encrypt
CAST_decrypt
@ -591,6 +550,7 @@ CMS_SignerInfo_get0_md_ctx
CMS_SignerInfo_get0_pkey_ctx
CMS_SignerInfo_get0_signature
CMS_SignerInfo_get0_signer_id
CMS_SignerInfo_get_version
CMS_SignerInfo_set1_signer_cert
CMS_SignerInfo_sign
CMS_SignerInfo_verify
@ -631,6 +591,7 @@ CMS_get0_type
CMS_get1_ReceiptRequest
CMS_get1_certs
CMS_get1_crls
CMS_get_version
CMS_is_detached
CMS_set1_eContentType
CMS_set1_signers_certs
@ -661,13 +622,6 @@ CMS_unsigned_get_attr_by_OBJ
CMS_unsigned_get_attr_count
CMS_verify
CMS_verify_receipt
COMP_CTX_free
COMP_CTX_new
COMP_compress_block
COMP_expand_block
COMP_rle
COMP_zlib
COMP_zlib_cleanup
CONF_dump_bio
CONF_dump_fp
CONF_free
@ -732,7 +686,6 @@ CRYPTO_dbg_realloc
CRYPTO_dbg_set_options
CRYPTO_destroy_dynlockid
CRYPTO_dup_ex_data
CRYPTO_ex_data_new_class
CRYPTO_free
CRYPTO_free_ex_data
CRYPTO_free_locked
@ -753,7 +706,6 @@ CRYPTO_get_dynlock_destroy_callback
CRYPTO_get_dynlock_lock_callback
CRYPTO_get_dynlock_value
CRYPTO_get_ex_data
CRYPTO_get_ex_data_implementation
CRYPTO_get_ex_new_index
CRYPTO_get_id_callback
CRYPTO_get_lock_name
@ -793,7 +745,6 @@ CRYPTO_set_dynlock_create_callback
CRYPTO_set_dynlock_destroy_callback
CRYPTO_set_dynlock_lock_callback
CRYPTO_set_ex_data
CRYPTO_set_ex_data_implementation
CRYPTO_set_id_callback
CRYPTO_set_locked_mem_ex_functions
CRYPTO_set_locked_mem_functions
@ -866,7 +817,6 @@ DES_key_sched
DES_ncbc_encrypt
DES_ofb64_encrypt
DES_ofb_encrypt
DES_options
DES_pcbc_encrypt
DES_quad_cksum
DES_random_key
@ -986,40 +936,8 @@ DSAparams_dup
DSAparams_it
DSAparams_print
DSAparams_print_fp
DSO_METHOD_dlfcn
DSO_METHOD_null
DSO_METHOD_openssl
DSO_bind_func
DSO_bind_var
DSO_convert_filename
DSO_ctrl
DSO_flags
DSO_free
DSO_get_default_method
DSO_get_filename
DSO_get_loaded_filename
DSO_get_method
DSO_global_lookup
DSO_load
DSO_merge
DSO_new
DSO_new_method
DSO_pathbyaddr
DSO_set_default_method
DSO_set_filename
DSO_set_method
DSO_set_name_converter
DSO_up_ref
ECDH_OpenSSL
ECDH_compute_key
ECDH_get_default_method
ECDH_get_ex_data
ECDH_get_ex_new_index
ECDH_set_default_method
ECDH_set_ex_data
ECDH_set_method
ECDH_size
ECDSA_OpenSSL
ECDSA_SIG_free
ECDSA_SIG_get0
ECDSA_SIG_get0_r
@ -1028,17 +946,8 @@ ECDSA_SIG_it
ECDSA_SIG_new
ECDSA_SIG_set0
ECDSA_do_sign
ECDSA_do_sign_ex
ECDSA_do_verify
ECDSA_get_default_method
ECDSA_get_ex_data
ECDSA_get_ex_new_index
ECDSA_set_default_method
ECDSA_set_ex_data
ECDSA_set_method
ECDSA_sign
ECDSA_sign_ex
ECDSA_sign_setup
ECDSA_size
ECDSA_verify
ECPARAMETERS_free
@ -1177,150 +1086,25 @@ ED25519_verify
EDIPARTYNAME_free
EDIPARTYNAME_it
EDIPARTYNAME_new
ENGINE_add
ENGINE_add_conf_module
ENGINE_by_id
ENGINE_cleanup
ENGINE_cmd_is_executable
ENGINE_ctrl
ENGINE_ctrl_cmd
ENGINE_ctrl_cmd_string
ENGINE_finish
ENGINE_free
ENGINE_get_DH
ENGINE_get_DSA
ENGINE_get_EC
ENGINE_get_ECDH
ENGINE_get_ECDSA
ENGINE_get_RAND
ENGINE_get_RSA
ENGINE_get_STORE
ENGINE_get_cipher
ENGINE_get_cipher_engine
ENGINE_get_ciphers
ENGINE_get_cmd_defns
ENGINE_get_ctrl_function
ENGINE_get_default_DH
ENGINE_get_default_DSA
ENGINE_get_default_EC
ENGINE_get_default_ECDH
ENGINE_get_default_ECDSA
ENGINE_get_default_RAND
ENGINE_get_default_RSA
ENGINE_get_destroy_function
ENGINE_get_digest
ENGINE_get_digest_engine
ENGINE_get_digests
ENGINE_get_ex_data
ENGINE_get_ex_new_index
ENGINE_get_finish_function
ENGINE_get_first
ENGINE_get_flags
ENGINE_get_id
ENGINE_get_init_function
ENGINE_get_last
ENGINE_get_load_privkey_function
ENGINE_get_load_pubkey_function
ENGINE_get_name
ENGINE_get_next
ENGINE_get_pkey_asn1_meth
ENGINE_get_pkey_asn1_meth_engine
ENGINE_get_pkey_asn1_meth_str
ENGINE_get_pkey_asn1_meths
ENGINE_get_pkey_meth
ENGINE_get_pkey_meth_engine
ENGINE_get_pkey_meths
ENGINE_get_prev
ENGINE_get_ssl_client_cert_function
ENGINE_get_static_state
ENGINE_get_table_flags
ENGINE_init
ENGINE_load_builtin_engines
ENGINE_load_dynamic
ENGINE_load_openssl
ENGINE_load_private_key
ENGINE_load_public_key
ENGINE_load_ssl_client_cert
ENGINE_new
ENGINE_pkey_asn1_find_str
ENGINE_register_DH
ENGINE_register_DSA
ENGINE_register_EC
ENGINE_register_ECDH
ENGINE_register_ECDSA
ENGINE_register_RAND
ENGINE_register_RSA
ENGINE_register_STORE
ENGINE_register_all_DH
ENGINE_register_all_DSA
ENGINE_register_all_EC
ENGINE_register_all_ECDH
ENGINE_register_all_ECDSA
ENGINE_register_all_RAND
ENGINE_register_all_RSA
ENGINE_register_all_STORE
ENGINE_register_all_ciphers
ENGINE_register_all_complete
ENGINE_register_all_digests
ENGINE_register_all_pkey_asn1_meths
ENGINE_register_all_pkey_meths
ENGINE_register_ciphers
ENGINE_register_complete
ENGINE_register_digests
ENGINE_register_pkey_asn1_meths
ENGINE_register_pkey_meths
ENGINE_remove
ENGINE_set_DH
ENGINE_set_DSA
ENGINE_set_EC
ENGINE_set_ECDH
ENGINE_set_ECDSA
ENGINE_set_RAND
ENGINE_set_RSA
ENGINE_set_STORE
ENGINE_set_ciphers
ENGINE_set_cmd_defns
ENGINE_set_ctrl_function
ENGINE_set_default
ENGINE_set_default_DH
ENGINE_set_default_DSA
ENGINE_set_default_EC
ENGINE_set_default_ECDH
ENGINE_set_default_ECDSA
ENGINE_set_default_RAND
ENGINE_set_default_RSA
ENGINE_set_default_ciphers
ENGINE_set_default_digests
ENGINE_set_default_pkey_asn1_meths
ENGINE_set_default_pkey_meths
ENGINE_set_default_string
ENGINE_set_destroy_function
ENGINE_set_digests
ENGINE_set_ex_data
ENGINE_set_finish_function
ENGINE_set_flags
ENGINE_set_id
ENGINE_set_init_function
ENGINE_set_load_privkey_function
ENGINE_set_load_pubkey_function
ENGINE_set_load_ssl_client_cert_function
ENGINE_set_name
ENGINE_set_pkey_asn1_meths
ENGINE_set_pkey_meths
ENGINE_set_table_flags
ENGINE_unregister_DH
ENGINE_unregister_DSA
ENGINE_unregister_EC
ENGINE_unregister_ECDH
ENGINE_unregister_ECDSA
ENGINE_unregister_RAND
ENGINE_unregister_RSA
ENGINE_unregister_STORE
ENGINE_unregister_ciphers
ENGINE_unregister_digests
ENGINE_unregister_pkey_asn1_meths
ENGINE_unregister_pkey_meths
ENGINE_up_ref
ERR_add_error_data
ERR_add_error_vdata
ERR_asprintf_error_data
@ -1329,30 +1113,22 @@ ERR_error_string
ERR_error_string_n
ERR_free_strings
ERR_func_error_string
ERR_get_err_state_table
ERR_get_error
ERR_get_error_line
ERR_get_error_line_data
ERR_get_implementation
ERR_get_next_error_library
ERR_get_state
ERR_get_string_table
ERR_lib_error_string
ERR_load_ASN1_strings
ERR_load_BIO_strings
ERR_load_BN_strings
ERR_load_BUF_strings
ERR_load_CMS_strings
ERR_load_COMP_strings
ERR_load_CONF_strings
ERR_load_CRYPTO_strings
ERR_load_DH_strings
ERR_load_DSA_strings
ERR_load_DSO_strings
ERR_load_ECDH_strings
ERR_load_ECDSA_strings
ERR_load_EC_strings
ERR_load_ENGINE_strings
ERR_load_ERR_strings
ERR_load_EVP_strings
ERR_load_GOST_strings
@ -1381,11 +1157,9 @@ ERR_print_errors_cb
ERR_print_errors_fp
ERR_put_error
ERR_reason_error_string
ERR_release_err_state_table
ERR_remove_state
ERR_remove_thread_state
ERR_set_error_data
ERR_set_implementation
ERR_set_mark
ERR_unload_strings
ESS_CERT_ID_dup
@ -1954,7 +1728,6 @@ OBJ_NAME_init
OBJ_NAME_new_index
OBJ_NAME_remove
OBJ_add_object
OBJ_add_sigid
OBJ_bsearch_
OBJ_cleanup
OBJ_cmp
@ -1972,7 +1745,6 @@ OBJ_nid2obj
OBJ_nid2sn
OBJ_obj2nid
OBJ_obj2txt
OBJ_sigid_free
OBJ_sn2nid
OBJ_txt2nid
OBJ_txt2obj
@ -2453,7 +2225,6 @@ RAND_load_file
RAND_poll
RAND_pseudo_bytes
RAND_seed
RAND_set_rand_engine
RAND_set_rand_method
RAND_status
RAND_write_file
@ -2465,7 +2236,6 @@ RC2_encrypt
RC2_ofb64_encrypt
RC2_set_key
RC4
RC4_options
RC4_set_key
RIPEMD160
RIPEMD160_Final
@ -2569,7 +2339,6 @@ RSA_set_default_method
RSA_set_ex_data
RSA_set_flags
RSA_set_method
RSA_setup_blinding
RSA_sign
RSA_sign_ASN1_OCTET_STRING
RSA_size
@ -2672,9 +2441,7 @@ TS_CONF_load_key
TS_CONF_set_accuracy
TS_CONF_set_certs
TS_CONF_set_clock_precision_digits
TS_CONF_set_crypto_device
TS_CONF_set_def_policy
TS_CONF_set_default_engine
TS_CONF_set_digests
TS_CONF_set_ess_cert_id_chain
TS_CONF_set_ordering
@ -3641,14 +3408,6 @@ d2i_X509_SIG
d2i_X509_VAL
d2i_X509_bio
d2i_X509_fp
get_rfc2409_prime_1024
get_rfc2409_prime_768
get_rfc3526_prime_1536
get_rfc3526_prime_2048
get_rfc3526_prime_3072
get_rfc3526_prime_4096
get_rfc3526_prime_6144
get_rfc3526_prime_8192
hex_to_string
i2a_ACCESS_DESCRIPTION
i2a_ASN1_ENUMERATED
@ -3870,7 +3629,6 @@ idea_cfb64_encrypt
idea_ecb_encrypt
idea_encrypt
idea_ofb64_encrypt
idea_options
idea_set_decrypt_key
idea_set_encrypt_key
lh_delete

110
lib/libcrypto/Symbols.namespace
View file

@ -931,10 +931,6 @@ _libre_i2d_ASN1_BIT_STRING
_libre_ASN1_BIT_STRING_set
_libre_ASN1_BIT_STRING_set_bit
_libre_ASN1_BIT_STRING_get_bit
_libre_ASN1_BIT_STRING_check
_libre_ASN1_BIT_STRING_name_print
_libre_ASN1_BIT_STRING_num_asc
_libre_ASN1_BIT_STRING_set_asc
_libre_ASN1_INTEGER_new
_libre_ASN1_INTEGER_free
_libre_d2i_ASN1_INTEGER
@ -1078,8 +1074,6 @@ _libre_ASN1_GENERALIZEDTIME_print
_libre_ASN1_TIME_print
_libre_ASN1_STRING_print
_libre_ASN1_STRING_print_ex
_libre_ASN1_bn_print
_libre_ASN1_buf_print
_libre_ASN1_parse
_libre_ASN1_parse_dump
_libre_ASN1_tag2bit
@ -1120,7 +1114,6 @@ _libre_ASN1_PCTX_get_oid_flags
_libre_ASN1_PCTX_set_oid_flags
_libre_ASN1_PCTX_get_str_flags
_libre_ASN1_PCTX_set_str_flags
_libre_BIO_f_asn1
_libre_SMIME_crlf_copy
_libre_SMIME_text
_libre_ERR_load_ASN1_strings
@ -1164,10 +1157,6 @@ _libre_BIO_set_ex_data
_libre_BIO_get_ex_data
_libre_BIO_number_read
_libre_BIO_number_written
_libre_BIO_asn1_set_prefix
_libre_BIO_asn1_get_prefix
_libre_BIO_asn1_set_suffix
_libre_BIO_asn1_get_suffix
_libre_BIO_get_new_index
_libre_BIO_s_file
_libre_BIO_new_file
@ -1202,10 +1191,6 @@ _libre_BIO_get_retry_BIO
_libre_BIO_get_retry_reason
_libre_BIO_set_retry_reason
_libre_BIO_dup_chain
_libre_BIO_nread0
_libre_BIO_nread
_libre_BIO_nwrite0
_libre_BIO_nwrite
_libre_BIO_debug_callback
_libre_BIO_s_mem
_libre_BIO_new_mem_buf
@ -1253,14 +1238,8 @@ _libre_BIO_vsnprintf
_libre_ERR_load_BIO_strings
_libre_ASN1_item_ex_new
_libre_ASN1_item_ex_free
_libre_ASN1_template_new
_libre_ASN1_primitive_new
_libre_ASN1_template_free
_libre_ASN1_template_d2i
_libre_ASN1_item_ex_d2i
_libre_ASN1_item_ex_i2d
_libre_ASN1_template_i2d
_libre_ASN1_primitive_free
_libre_EC_GFp_simple_method
_libre_EC_GFp_mont_method
_libre_EC_GROUP_new
@ -1407,17 +1386,11 @@ _libre_ERR_free_strings
_libre_ERR_remove_thread_state
_libre_ERR_remove_state
_libre_ERR_get_state
_libre_ERR_get_string_table
_libre_ERR_get_err_state_table
_libre_ERR_release_err_state_table
_libre_ERR_get_next_error_library
_libre_ERR_set_mark
_libre_ERR_pop_to_mark
_libre_ERR_get_implementation
_libre_ERR_set_implementation
_libre_RAND_set_rand_method
_libre_RAND_get_rand_method
_libre_RAND_set_rand_engine
_libre_RAND_SSLeay
_libre_ERR_load_RAND_strings
_libre_ECDSA_SIG_new
@ -1429,25 +1402,14 @@ _libre_ECDSA_SIG_get0_r
_libre_ECDSA_SIG_get0_s
_libre_ECDSA_SIG_set0
_libre_ECDSA_do_sign
_libre_ECDSA_do_sign_ex
_libre_ECDSA_do_verify
_libre_ECDSA_OpenSSL
_libre_ECDSA_set_default_method
_libre_ECDSA_get_default_method
_libre_ECDSA_set_method
_libre_ECDSA_size
_libre_ECDSA_sign_setup
_libre_ECDSA_sign
_libre_ECDSA_sign_ex
_libre_ECDSA_verify
_libre_ECDSA_get_ex_new_index
_libre_ECDSA_set_ex_data
_libre_ECDSA_get_ex_data
_libre_EC_KEY_METHOD_set_sign
_libre_EC_KEY_METHOD_set_verify
_libre_EC_KEY_METHOD_get_sign
_libre_EC_KEY_METHOD_get_verify
_libre_ERR_load_ECDSA_strings
_libre_HKDF
_libre_HKDF_extract
_libre_HKDF_expand
@ -1627,8 +1589,6 @@ _libre_TS_CONF_load_certs
_libre_TS_CONF_load_key
_libre_TS_CONF_get_tsa_section
_libre_TS_CONF_set_serial
_libre_TS_CONF_set_crypto_device
_libre_TS_CONF_set_default_engine
_libre_TS_CONF_set_signer_cert
_libre_TS_CONF_set_certs
_libre_TS_CONF_set_signer_key
@ -1647,16 +1607,8 @@ _libre_SM4_encrypt
_libre_CRYPTO_poly1305_init
_libre_CRYPTO_poly1305_update
_libre_CRYPTO_poly1305_finish
_libre_ECDH_OpenSSL
_libre_ECDH_set_default_method
_libre_ECDH_get_default_method
_libre_ECDH_set_method
_libre_ECDH_size
_libre_ECDH_compute_key
_libre_ECDH_get_ex_new_index
_libre_ECDH_set_ex_data
_libre_ECDH_get_ex_data
_libre_ERR_load_ECDH_strings
_libre_PEM_get_EVP_CIPHER_INFO
_libre_PEM_do_header
_libre_PEM_read_bio
@ -1795,31 +1747,6 @@ _libre_lh_node_usage_stats_bio
_libre_SM3_Init
_libre_SM3_Update
_libre_SM3_Final
_libre_DSO_new
_libre_DSO_new_method
_libre_DSO_free
_libre_DSO_flags
_libre_DSO_up_ref
_libre_DSO_ctrl
_libre_DSO_set_name_converter
_libre_DSO_get_filename
_libre_DSO_set_filename
_libre_DSO_convert_filename
_libre_DSO_merge
_libre_DSO_get_loaded_filename
_libre_DSO_set_default_method
_libre_DSO_get_default_method
_libre_DSO_get_method
_libre_DSO_set_method
_libre_DSO_load
_libre_DSO_bind_var
_libre_DSO_bind_func
_libre_DSO_METHOD_openssl
_libre_DSO_METHOD_null
_libre_DSO_METHOD_dlfcn
_libre_DSO_pathbyaddr
_libre_DSO_global_lookup
_libre_ERR_load_DSO_strings
_libre_CT_POLICY_EVAL_CTX_new
_libre_CT_POLICY_EVAL_CTX_free
_libre_CT_POLICY_EVAL_CTX_get0_cert
@ -1883,14 +1810,6 @@ _libre__CONF_add_string
_libre__CONF_get_string
_libre__CONF_new_data
_libre__CONF_free_data
_libre_COMP_CTX_new
_libre_COMP_CTX_free
_libre_COMP_compress_block
_libre_COMP_expand_block
_libre_COMP_rle
_libre_COMP_zlib
_libre_COMP_zlib_cleanup
_libre_ERR_load_COMP_strings
_libre_CMS_ContentInfo_new
_libre_CMS_ContentInfo_free
_libre_d2i_CMS_ContentInfo
@ -1901,6 +1820,8 @@ _libre_d2i_CMS_ReceiptRequest
_libre_i2d_CMS_ReceiptRequest
_libre_CMS_ContentInfo_print_ctx
_libre_CMS_get0_type
_libre_CMS_get_version
_libre_CMS_SignerInfo_get_version
_libre_CMS_dataInit
_libre_CMS_dataFinal
_libre_CMS_is_detached
@ -2017,9 +1938,6 @@ _libre_OpenSSL_version
_libre_OpenSSL_version_num
_libre_SSLeay_version
_libre_SSLeay
_libre_CRYPTO_get_ex_data_implementation
_libre_CRYPTO_set_ex_data_implementation
_libre_CRYPTO_ex_data_new_class
_libre_CRYPTO_get_ex_new_index
_libre_CRYPTO_new_ex_data
_libre_CRYPTO_dup_ex_data
@ -2070,7 +1988,6 @@ _libre_CAST_decrypt
_libre_CAST_cbc_encrypt
_libre_CAST_cfb64_encrypt
_libre_CAST_ofb64_encrypt
_libre_idea_options
_libre_idea_ecb_encrypt
_libre_idea_set_encrypt_key
_libre_idea_set_decrypt_key
@ -2272,7 +2189,6 @@ _libre_BN_is_odd
_libre_BN_zero
_libre_BN_one
_libre_BN_value_one
_libre_BN_options
_libre_BN_CTX_new
_libre_BN_CTX_free
_libre_BN_CTX_start
@ -2361,27 +2277,8 @@ _libre_BN_MONT_CTX_free
_libre_BN_MONT_CTX_set
_libre_BN_MONT_CTX_copy
_libre_BN_MONT_CTX_set_locked
_libre_BN_BLINDING_new
_libre_BN_BLINDING_free
_libre_BN_BLINDING_update
_libre_BN_BLINDING_convert
_libre_BN_BLINDING_invert
_libre_BN_BLINDING_convert_ex
_libre_BN_BLINDING_invert_ex
_libre_BN_BLINDING_thread_id
_libre_BN_BLINDING_get_flags
_libre_BN_BLINDING_set_flags
_libre_BN_BLINDING_create_param
_libre_get_rfc2409_prime_768
_libre_get_rfc2409_prime_1024
_libre_BN_get_rfc2409_prime_768
_libre_BN_get_rfc2409_prime_1024
_libre_get_rfc3526_prime_1536
_libre_get_rfc3526_prime_2048
_libre_get_rfc3526_prime_3072
_libre_get_rfc3526_prime_4096
_libre_get_rfc3526_prime_6144
_libre_get_rfc3526_prime_8192
_libre_BN_get_rfc3526_prime_1536
_libre_BN_get_rfc3526_prime_2048
_libre_BN_get_rfc3526_prime_3072
@ -2453,7 +2350,6 @@ _libre_RSA_sign_ASN1_OCTET_STRING
_libre_RSA_verify_ASN1_OCTET_STRING
_libre_RSA_blinding_on
_libre_RSA_blinding_off
_libre_RSA_setup_blinding
_libre_RSA_padding_add_PKCS1_type_1
_libre_RSA_padding_check_PKCS1_type_1
_libre_RSA_padding_add_PKCS1_type_2
@ -2554,8 +2450,6 @@ _libre_OBJ_length
_libre_OBJ_get0_data
_libre_OBJ_find_sigid_algs
_libre_OBJ_find_sigid_by_algs
_libre_OBJ_add_sigid
_libre_OBJ_sigid_free
_libre_ERR_load_OBJ_strings
_libre_CMAC_CTX_new
_libre_CMAC_CTX_cleanup

65
lib/libcrypto/aes/aes_misc.c
View file

@ -1,65 +0,0 @@
/* $OpenBSD: aes_misc.c,v 1.11 2022/11/26 16:08:50 tb Exp $ */
/* ====================================================================
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <openssl/opensslv.h>
#include <openssl/crypto.h>
#include <openssl/aes.h>
#include "aes_local.h"
const char *
AES_options(void)
{
#ifdef FULL_UNROLL
return "aes(full)";
#else
return "aes(partial)";
#endif
}

81
lib/libcrypto/asn1/a_bitstr.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: a_bitstr.c,v 1.39 2023/07/05 21:23:36 beck Exp $ */
/* $OpenBSD: a_bitstr.c,v 1.41 2023/07/28 10:33:13 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -162,85 +162,6 @@ ASN1_BIT_STRING_get_bit(const ASN1_BIT_STRING *a, int n)
}
LCRYPTO_ALIAS(ASN1_BIT_STRING_get_bit);
/*
* Checks if the given bit string contains only bits specified by
* the flags vector. Returns 0 if there is at least one bit set in 'a'
* which is not specified in 'flags', 1 otherwise.
* 'len' is the length of 'flags'.
*/
int
ASN1_BIT_STRING_check(const ASN1_BIT_STRING *a, const unsigned char *flags,
int flags_len)
{
int i, ok;
/* Check if there is one bit set at all. */
if (!a || !a->data)
return 1;
/* Check each byte of the internal representation of the bit string. */
ok = 1;
for (i = 0; i < a->length && ok; ++i) {
unsigned char mask = i < flags_len ? ~flags[i] : 0xff;
/* We are done if there is an unneeded bit set. */
ok = (a->data[i] & mask) == 0;
}
return ok;
}
LCRYPTO_ALIAS(ASN1_BIT_STRING_check);
int
ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
BIT_STRING_BITNAME *tbl, int indent)
{
BIT_STRING_BITNAME *bnam;
char first = 1;
BIO_printf(out, "%*s", indent, "");
for (bnam = tbl; bnam->lname; bnam++) {
if (ASN1_BIT_STRING_get_bit(bs, bnam->bitnum)) {
if (!first)
BIO_puts(out, ", ");
BIO_puts(out, bnam->lname);
first = 0;
}
}
BIO_puts(out, "\n");
return 1;
}
LCRYPTO_ALIAS(ASN1_BIT_STRING_name_print);
int
ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, const char *name, int value,
BIT_STRING_BITNAME *tbl)
{
int bitnum;
bitnum = ASN1_BIT_STRING_num_asc(name, tbl);
if (bitnum < 0)
return 0;
if (bs) {
if (!ASN1_BIT_STRING_set_bit(bs, bitnum, value))
return 0;
}
return 1;
}
LCRYPTO_ALIAS(ASN1_BIT_STRING_set_asc);
int
ASN1_BIT_STRING_num_asc(const char *name, BIT_STRING_BITNAME *tbl)
{
BIT_STRING_BITNAME *bnam;
for (bnam = tbl; bnam->lname; bnam++) {
if (!strcmp(bnam->sname, name) ||
!strcmp(bnam->lname, name))
return bnam->bitnum;
}
return -1;
}
LCRYPTO_ALIAS(ASN1_BIT_STRING_num_asc);
int
i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
{

4
lib/libcrypto/asn1/a_type.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: a_type.c,v 1.26 2023/07/05 21:23:36 beck Exp $ */
/* $OpenBSD: a_type.c,v 1.27 2023/07/28 10:00:10 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -62,6 +62,8 @@
#include <openssl/err.h>
#include <openssl/objects.h>
#include "asn1_local.h"
typedef struct {
ASN1_INTEGER *num;
ASN1_OCTET_STRING *value;

17
lib/libcrypto/asn1/asn1.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: asn1.h,v 1.76 2023/04/25 19:08:30 tb Exp $ */
/* $OpenBSD: asn1.h,v 1.80 2023/07/28 10:33:13 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -576,16 +576,6 @@ extern const ASN1_ITEM ASN1_BIT_STRING_it;
int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, int length);
int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value);
int ASN1_BIT_STRING_get_bit(const ASN1_BIT_STRING *a, int n);
int ASN1_BIT_STRING_check(const ASN1_BIT_STRING *a,
const unsigned char *flags, int flags_len);
#ifndef OPENSSL_NO_BIO
int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
BIT_STRING_BITNAME *tbl, int indent);
#endif
int ASN1_BIT_STRING_num_asc(const char *name, BIT_STRING_BITNAME *tbl);
int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, const char *name, int value,
BIT_STRING_BITNAME *tbl);
ASN1_INTEGER *ASN1_INTEGER_new(void);
void ASN1_INTEGER_free(ASN1_INTEGER *a);
@ -834,9 +824,6 @@ int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a);
int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a);
int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v);
int ASN1_STRING_print_ex(BIO *out, const ASN1_STRING *str, unsigned long flags);
int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
unsigned char *buf, int off);
int ASN1_buf_print(BIO *bp, const unsigned char *buf, size_t buflen, int indent);
int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent);
int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent, int dump);
#endif
@ -922,8 +909,6 @@ void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags);
unsigned long ASN1_PCTX_get_str_flags(const ASN1_PCTX *p);
void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags);
const BIO_METHOD *BIO_f_asn1(void);
int SMIME_crlf_copy(BIO *in, BIO *out, int flags);
int SMIME_text(BIO *in, BIO *out);

10
lib/libcrypto/asn1/asn1_local.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: asn1_local.h,v 1.2 2023/04/25 19:08:30 tb Exp $ */
/* $OpenBSD: asn1_local.h,v 1.4 2023/07/28 10:00:10 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
@ -250,6 +250,8 @@ int asn1_time_tm_to_time_t(const struct tm *tm, time_t *out);
int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
const BIO_METHOD *BIO_f_asn1(void);
BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it);
int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
@ -261,4 +263,10 @@ int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
const ASN1_ITEM *it);
ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it);
int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
__END_HIDDEN_DECLS

9
lib/libcrypto/asn1/asn1t.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: asn1t.h,v 1.22 2022/09/03 16:01:23 jsing Exp $ */
/* $OpenBSD: asn1t.h,v 1.23 2023/07/28 10:00:10 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
@ -896,17 +896,10 @@ DECLARE_STACK_OF(ASN1_VALUE)
int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_TEMPLATE *tt);
int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it,
int tag, int aclass, char opt, ASN1_TLC *ctx);
int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt);
void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
#ifdef __cplusplus
}

50
lib/libcrypto/asn1/bio_asn1.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bio_asn1.c,v 1.22 2023/07/05 21:23:36 beck Exp $ */
/* $OpenBSD: bio_asn1.c,v 1.23 2023/07/28 09:58:30 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
@ -69,6 +69,9 @@
#include "bio_local.h"
#define BIO_C_SET_PREFIX 149
#define BIO_C_SET_SUFFIX 151
/* Must be large enough for biggest tag+length */
#define DEFAULT_ASN1_BUF_SIZE 20
@ -144,7 +147,6 @@ BIO_f_asn1(void)
{
return (&methods_asn1);
}
LCRYPTO_ALIAS(BIO_f_asn1);
static int
asn1_bio_new(BIO *b)
@ -376,24 +378,12 @@ asn1_bio_ctrl(BIO *b, int cmd, long arg1, void *arg2)
ctx->prefix_free = ex_func->ex_free_func;
break;
case BIO_C_GET_PREFIX:
ex_func = arg2;
ex_func->ex_func = ctx->prefix;
ex_func->ex_free_func = ctx->prefix_free;
break;
case BIO_C_SET_SUFFIX:
ex_func = arg2;
ctx->suffix = ex_func->ex_func;
ctx->suffix_free = ex_func->ex_free_func;
break;
case BIO_C_GET_SUFFIX:
ex_func = arg2;
ex_func->ex_func = ctx->suffix;
ex_func->ex_free_func = ctx->suffix_free;
break;
case BIO_C_SET_EX_ARG:
ctx->ex_arg = arg2;
break;
@ -450,46 +440,14 @@ asn1_bio_set_ex(BIO *b, int cmd, asn1_ps_func *ex_func, asn1_ps_func
return BIO_ctrl(b, cmd, 0, &extmp);
}
static int
asn1_bio_get_ex(BIO *b, int cmd, asn1_ps_func **ex_func,
asn1_ps_func **ex_free_func)
{
BIO_ASN1_EX_FUNCS extmp;
int ret;
if ((ret = BIO_ctrl(b, cmd, 0, &extmp)) <= 0)
return ret;
*ex_func = extmp.ex_func;
*ex_free_func = extmp.ex_free_func;
return ret;
}
int
BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix, asn1_ps_func *prefix_free)
{
return asn1_bio_set_ex(b, BIO_C_SET_PREFIX, prefix, prefix_free);
}
LCRYPTO_ALIAS(BIO_asn1_set_prefix);
int
BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix, asn1_ps_func **pprefix_free)
{
return asn1_bio_get_ex(b, BIO_C_GET_PREFIX, pprefix, pprefix_free);
}
LCRYPTO_ALIAS(BIO_asn1_get_prefix);
int
BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix, asn1_ps_func *suffix_free)
{
return asn1_bio_set_ex(b, BIO_C_SET_SUFFIX, suffix, suffix_free);
}
LCRYPTO_ALIAS(BIO_asn1_set_suffix);
int
BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix, asn1_ps_func **psuffix_free)
{
return asn1_bio_get_ex(b, BIO_C_GET_SUFFIX, psuffix, psuffix_free);
}
LCRYPTO_ALIAS(BIO_asn1_get_suffix);

5
lib/libcrypto/asn1/bio_ndef.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bio_ndef.c,v 1.23 2023/07/09 19:22:43 tb Exp $ */
/* $OpenBSD: bio_ndef.c,v 1.24 2023/07/28 09:58:30 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
@ -61,6 +61,9 @@
#include "asn1_local.h"
int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix, asn1_ps_func *prefix_free);
int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix, asn1_ps_func *suffix_free);
/* Experimental NDEF ASN1 BIO support routines */
/* The usage is quite simple, initialize an ASN1 structure,

147
lib/libcrypto/asn1/t_pkey.c
View file

@ -1,147 +0,0 @@
/* $OpenBSD: t_pkey.c,v 1.20 2023/07/05 21:23:36 beck Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include <openssl/bn.h>
#include <openssl/buffer.h>
#include <openssl/objects.h>
#include "bn_local.h"
int
ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
unsigned char *buf, int off)
{
int n, i;
const char *neg;
if (num == NULL)
return (1);
neg = (BN_is_negative(num)) ? "-" : "";
if (!BIO_indent(bp, off, 128))
return 0;
if (BN_is_zero(num)) {
if (BIO_printf(bp, "%s 0\n", number) <= 0)
return 0;
return 1;
}
if (BN_num_bytes(num) <= BN_BYTES) {
if (BIO_printf(bp, "%s %s%lu (%s0x%lx)\n", number, neg,
(unsigned long)num->d[0], neg,
(unsigned long)num->d[0]) <= 0)
return (0);
} else {
buf[0] = 0;
if (BIO_printf(bp, "%s%s", number,
(neg[0] == '-') ? " (Negative)" : "") <= 0)
return (0);
n = BN_bn2bin(num, &buf[1]);
if (buf[1] & 0x80)
n++;
else
buf++;
for (i = 0; i < n; i++) {
if ((i % 15) == 0) {
if (BIO_puts(bp, "\n") <= 0 ||
!BIO_indent(bp, off + 4, 128))
return 0;
}
if (BIO_printf(bp, "%02x%s", buf[i],
((i + 1) == n) ? "" : ":") <= 0)
return (0);
}
if (BIO_write(bp, "\n", 1) <= 0)
return (0);
}
return (1);
}
LCRYPTO_ALIAS(ASN1_bn_print);
#define ASN1_BUF_PRINT_WIDTH 15
#define ASN1_BUF_PRINT_MAX_INDENT 64
int
ASN1_buf_print(BIO *bp, const unsigned char *buf, size_t buflen, int indent)
{
size_t i;
for (i = 0; i < buflen; i++) {
if ((i % ASN1_BUF_PRINT_WIDTH) == 0) {
if (i > 0 && BIO_puts(bp, "\n") <= 0)
return 0;
if (!BIO_indent(bp, indent, ASN1_BUF_PRINT_MAX_INDENT))
return 0;
}
/*
* Use colon separators for each octet for compatibility as
* this function is used to print out key components.
*/
if (BIO_printf(bp, "%02x%s", buf[i],
(i == buflen - 1) ? "" : ":") <= 0)
return 0;
}
if (BIO_write(bp, "\n", 1) <= 0)
return 0;
return 1;
}
LCRYPTO_ALIAS(ASN1_buf_print);

20
lib/libcrypto/asn1/tasn_dec.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: tasn_dec.c,v 1.87 2023/07/05 21:23:36 beck Exp $ */
/* $OpenBSD: tasn_dec.c,v 1.88 2023/07/28 10:00:10 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
@ -1258,21 +1258,3 @@ ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long inlen,
return ret;
}
LCRYPTO_ALIAS(ASN1_item_ex_d2i);
int
ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
const ASN1_TEMPLATE *at)
{
CBS cbs;
int ret;
if (len < 0)
return 0;
CBS_init(&cbs, *in, len);
if ((ret = asn1_template_d2i(pval, &cbs, at, 0, 0)) == 1)
*in = CBS_data(&cbs);
return ret;
}
LCRYPTO_ALIAS(ASN1_template_d2i);

10
lib/libcrypto/asn1/tasn_enc.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: tasn_enc.c,v 1.32 2023/07/05 21:23:36 beck Exp $ */
/* $OpenBSD: tasn_enc.c,v 1.33 2023/07/28 10:00:10 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
@ -271,14 +271,6 @@ ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it,
}
LCRYPTO_ALIAS(ASN1_item_ex_i2d);
int
ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out,
const ASN1_TEMPLATE *tt)
{
return asn1_template_ex_i2d(pval, out, tt, -1, 0);
}
LCRYPTO_ALIAS(ASN1_template_i2d);
static int
asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
const ASN1_TEMPLATE *tt, int tag, int iclass)

4
lib/libcrypto/asn1/tasn_fre.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: tasn_fre.c,v 1.22 2023/07/05 21:23:36 beck Exp $ */
/* $OpenBSD: tasn_fre.c,v 1.23 2023/07/28 10:00:10 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
@ -185,7 +185,6 @@ ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
} else
asn1_item_free(pval, tt->item);
}
LCRYPTO_ALIAS(ASN1_template_free);
void
ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
@ -242,4 +241,3 @@ ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
}
*pval = NULL;
}
LCRYPTO_ALIAS(ASN1_primitive_free);

4
lib/libcrypto/asn1/tasn_new.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: tasn_new.c,v 1.24 2023/07/05 21:23:36 beck Exp $ */
/* $OpenBSD: tasn_new.c,v 1.25 2023/07/28 10:00:10 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
@ -248,7 +248,6 @@ ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
done:
return ret;
}
LCRYPTO_ALIAS(ASN1_template_new);
static void
asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
@ -318,7 +317,6 @@ ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
return 1;
return 0;
}
LCRYPTO_ALIAS(ASN1_primitive_new);
static void
asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)

15
lib/libcrypto/asn1/x_attrib.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: x_attrib.c,v 1.20 2023/07/07 19:37:52 beck Exp $ */
/* $OpenBSD: x_attrib.c,v 1.21 2023/07/28 13:30:07 jsg Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -64,19 +64,6 @@
#include "x509_local.h"
/*
* XXX - remove X509_ATTRIBUTE_SET_it with next major bump.
*/
const ASN1_ITEM X509_ATTRIBUTE_SET_it = {
.itype = ASN1_ITYPE_CHOICE,
.utype = 0,
.templates = NULL,
.tcount = 0,
.funcs = NULL,
.size = sizeof(X509_ATTRIBUTE),
.sname = "X509_ATTRIBUTE",
};
static const ASN1_TEMPLATE X509_ATTRIBUTE_seq_tt[] = {
{
.flags = 0,

14
lib/libcrypto/bf/bf_ecb.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bf_ecb.c,v 1.9 2022/11/26 16:08:51 tb Exp $ */
/* $OpenBSD: bf_ecb.c,v 1.10 2023/07/28 10:35:14 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -67,18 +67,6 @@
* CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
*/
const char *
BF_options(void)
{
#ifdef BF_PTR
return("blowfish(ptr)");
#elif defined(BF_PTR2)
return("blowfish(ptr2)");
#else
return("blowfish(idx)");
#endif
}
void
BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
const BF_KEY *key, int encrypt)

4
lib/libcrypto/bio/b_dump.c
View file

@ -1,10 +1,10 @@
/* $OpenBSD: b_dump.c,v 1.25 2023/07/07 19:37:53 beck Exp $ */
/* $OpenBSD: b_dump.c,v 1.26 2023/07/29 02:32:00 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions

17
lib/libcrypto/bio/bio.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bio.h,v 1.58 2023/07/05 19:25:01 tb Exp $ */
/* $OpenBSD: bio.h,v 1.59 2023/07/28 09:58:30 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -371,11 +371,6 @@ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
#define BIO_C_RESET_READ_REQUEST 147
#define BIO_C_SET_MD_CTX 148
#define BIO_C_SET_PREFIX 149
#define BIO_C_GET_PREFIX 150
#define BIO_C_SET_SUFFIX 151
#define BIO_C_GET_SUFFIX 152
#define BIO_C_SET_EX_ARG 153
#define BIO_C_GET_EX_ARG 154
@ -535,16 +530,6 @@ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
unsigned long BIO_number_read(BIO *bio);
unsigned long BIO_number_written(BIO *bio);
/* For BIO_f_asn1() */
int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix,
asn1_ps_func *prefix_free);
int BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix,
asn1_ps_func **pprefix_free);
int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix,
asn1_ps_func *suffix_free);
int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,
asn1_ps_func **psuffix_free);
int BIO_get_new_index(void);
const BIO_METHOD *BIO_s_file(void);
BIO *BIO_new_file(const char *filename, const char *mode);

257
lib/libcrypto/bio/bss_bio.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bss_bio.c,v 1.27 2023/07/07 19:37:53 beck Exp $ */
/* $OpenBSD: bss_bio.c,v 1.28 2023/07/28 10:13:50 tb Exp $ */
/* ====================================================================
* Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
*
@ -251,85 +251,6 @@ bio_read(BIO *bio, char *buf, int size_)
return size;
}
/* non-copying interface: provide pointer to available data in buffer
* bio_nread0: return number of available bytes
* bio_nread: also advance index
* (example usage: bio_nread0(), read from buffer, bio_nread()
* or just bio_nread(), read from buffer)
*/
/* WARNING: The non-copying interface is largely untested as of yet
* and may contain bugs. */
static ssize_t
bio_nread0(BIO *bio, char **buf)
{
struct bio_bio_st *b, *peer_b;
ssize_t num;
BIO_clear_retry_flags(bio);
if (!bio->init)
return 0;
b = bio->ptr;
assert(b != NULL);
assert(b->peer != NULL);
peer_b = b->peer->ptr;
assert(peer_b != NULL);
assert(peer_b->buf != NULL);
peer_b->request = 0;
if (peer_b->len == 0) {
char dummy;
/* avoid code duplication -- nothing available for reading */
return bio_read(bio, &dummy, 1); /* returns 0 or -1 */
}
num = peer_b->len;
if (peer_b->size < peer_b->offset + num)
/* no ring buffer wrap-around for non-copying interface */
num = peer_b->size - peer_b->offset;
assert(num > 0);
if (buf != NULL)
*buf = peer_b->buf + peer_b->offset;
return num;
}
static ssize_t
bio_nread(BIO *bio, char **buf, size_t num_)
{
struct bio_bio_st *b, *peer_b;
ssize_t num, available;
if (num_ > SSIZE_MAX)
num = SSIZE_MAX;
else
num = (ssize_t)num_;
available = bio_nread0(bio, buf);
if (num > available)
num = available;
if (num <= 0)
return num;
b = bio->ptr;
peer_b = b->peer->ptr;
peer_b->len -= num;
if (peer_b->len) {
peer_b->offset += num;
assert(peer_b->offset <= peer_b->size);
if (peer_b->offset == peer_b->size)
peer_b->offset = 0;
} else
peer_b->offset = 0;
return num;
}
static int
bio_write(BIO *bio, const char *buf, int num_)
{
@ -402,85 +323,6 @@ bio_write(BIO *bio, const char *buf, int num_)
return num;
}
/* non-copying interface: provide pointer to region to write to
* bio_nwrite0: check how much space is available
* bio_nwrite: also increase length
* (example usage: bio_nwrite0(), write to buffer, bio_nwrite()
* or just bio_nwrite(), write to buffer)
*/
static ssize_t
bio_nwrite0(BIO *bio, char **buf)
{
struct bio_bio_st *b;
size_t num;
size_t write_offset;
BIO_clear_retry_flags(bio);
if (!bio->init)
return 0;
b = bio->ptr;
assert(b != NULL);
assert(b->peer != NULL);
assert(b->buf != NULL);
b->request = 0;
if (b->closed) {
BIOerror(BIO_R_BROKEN_PIPE);
return -1;
}
assert(b->len <= b->size);
if (b->len == b->size) {
BIO_set_retry_write(bio);
return -1;
}
num = b->size - b->len;
write_offset = b->offset + b->len;
if (write_offset >= b->size)
write_offset -= b->size;
if (write_offset + num > b->size)
/* no ring buffer wrap-around for non-copying interface
* (to fulfil the promise by BIO_ctrl_get_write_guarantee,
* BIO_nwrite may have to be called twice) */
num = b->size - write_offset;
if (buf != NULL)
*buf = b->buf + write_offset;
assert(write_offset + num <= b->size);
return num;
}
static ssize_t
bio_nwrite(BIO *bio, char **buf, size_t num_)
{
struct bio_bio_st *b;
ssize_t num, space;
if (num_ > SSIZE_MAX)
num = SSIZE_MAX;
else
num = (ssize_t)num_;
space = bio_nwrite0(bio, buf);
if (num > space)
num = space;
if (num <= 0)
return num;
b = bio->ptr;
assert(b != NULL);
b->len += num;
assert(b->len <= b->size);
return num;
}
static long
bio_ctrl(BIO *bio, int cmd, long num, void *ptr)
{
@ -564,28 +406,7 @@ bio_ctrl(BIO *bio, int cmd, long num, void *ptr)
ret = 1;
break;
case BIO_C_NREAD0:
/* prepare for non-copying read */
ret = (long) bio_nread0(bio, ptr);
break;
case BIO_C_NREAD:
/* non-copying read */
ret = (long) bio_nread(bio, ptr, (size_t) num);
break;
case BIO_C_NWRITE0:
/* prepare for non-copying write */
ret = (long) bio_nwrite0(bio, ptr);
break;
case BIO_C_NWRITE:
/* non-copying write */
ret = (long) bio_nwrite(bio, ptr, (size_t) num);
break;
/* standard CTRL codes follow */
/* standard CTRL codes follow */
case BIO_CTRL_RESET:
if (b->buf != NULL) {
@ -817,77 +638,3 @@ BIO_ctrl_reset_read_request(BIO *bio)
return (BIO_ctrl(bio, BIO_C_RESET_READ_REQUEST, 0, NULL) != 0);
}
LCRYPTO_ALIAS(BIO_ctrl_reset_read_request);
/* BIO_nread0/nread/nwrite0/nwrite are available only for BIO pairs for now
* (conceivably some other BIOs could allow non-copying reads and writes too.)
*/
int
BIO_nread0(BIO *bio, char **buf)
{
long ret;
if (!bio->init) {
BIOerror(BIO_R_UNINITIALIZED);
return -2;
}
ret = BIO_ctrl(bio, BIO_C_NREAD0, 0, buf);
if (ret > INT_MAX)
return INT_MAX;
else
return (int) ret;
}
LCRYPTO_ALIAS(BIO_nread0);
int
BIO_nread(BIO *bio, char **buf, int num)
{
int ret;
if (!bio->init) {
BIOerror(BIO_R_UNINITIALIZED);
return -2;
}
ret = (int) BIO_ctrl(bio, BIO_C_NREAD, num, buf);
if (ret > 0)
bio->num_read += ret;
return ret;
}
LCRYPTO_ALIAS(BIO_nread);
int
BIO_nwrite0(BIO *bio, char **buf)
{
long ret;
if (!bio->init) {
BIOerror(BIO_R_UNINITIALIZED);
return -2;
}
ret = BIO_ctrl(bio, BIO_C_NWRITE0, 0, buf);
if (ret > INT_MAX)
return INT_MAX;
else
return (int) ret;
}
LCRYPTO_ALIAS(BIO_nwrite0);
int
BIO_nwrite(BIO *bio, char **buf, int num)
{
int ret;
if (!bio->init) {
BIOerror(BIO_R_UNINITIALIZED);
return -2;
}
ret = BIO_ctrl(bio, BIO_C_NWRITE, num, buf);
if (ret > 0)
bio->num_write += ret;
return ret;
}
LCRYPTO_ALIAS(BIO_nwrite);

31
lib/libcrypto/bn/bn.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn.h,v 1.72 2023/06/13 09:12:22 tb Exp $ */
/* $OpenBSD: bn.h,v 1.74 2023/07/28 10:07:30 tb Exp $ */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -449,40 +449,11 @@ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
const BIGNUM *mod, BN_CTX *ctx);
/* BN_BLINDING flags */
#define BN_BLINDING_NO_UPDATE 0x00000001
#define BN_BLINDING_NO_RECREATE 0x00000002
BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod);
void BN_BLINDING_free(BN_BLINDING *b);
int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);
int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *);
CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);
unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
BN_MONT_CTX *m_ctx);
/* Primes from RFC 2409 */
BIGNUM *get_rfc2409_prime_768(BIGNUM *bn);
BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn);
BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn);
BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn);
/* Primes from RFC 3526 */
BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn);
BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn);
BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn);
BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn);
BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn);
BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn);
BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn);
BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn);
BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn);

13
lib/libcrypto/bn/bn_blind.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn_blind.c,v 1.23 2023/07/08 12:21:58 beck Exp $ */
/* $OpenBSD: bn_blind.c,v 1.24 2023/07/28 10:05:16 tb Exp $ */
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
@ -169,7 +169,6 @@ err:
BN_BLINDING_free(ret);
return (NULL);
}
LCRYPTO_ALIAS(BN_BLINDING_new);
void
BN_BLINDING_free(BN_BLINDING *r)
@ -183,7 +182,6 @@ BN_BLINDING_free(BN_BLINDING *r)
BN_free(r->mod);
free(r);
}
LCRYPTO_ALIAS(BN_BLINDING_free);
int
BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx)
@ -217,14 +215,12 @@ err:
b->counter = 0;
return (ret);
}
LCRYPTO_ALIAS(BN_BLINDING_update);
int
BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
{
return BN_BLINDING_convert_ex(n, NULL, b, ctx);
}
LCRYPTO_ALIAS(BN_BLINDING_convert);
int
BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx)
@ -253,14 +249,12 @@ BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx)
return ret;
}
LCRYPTO_ALIAS(BN_BLINDING_convert_ex);
int
BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
{
return BN_BLINDING_invert_ex(n, NULL, b, ctx);
}
LCRYPTO_ALIAS(BN_BLINDING_invert);
int
BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx)
@ -280,28 +274,24 @@ BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx)
return (ret);
}
LCRYPTO_ALIAS(BN_BLINDING_invert_ex);
CRYPTO_THREADID *
BN_BLINDING_thread_id(BN_BLINDING *b)
{
return &b->tid;
}
LCRYPTO_ALIAS(BN_BLINDING_thread_id);
unsigned long
BN_BLINDING_get_flags(const BN_BLINDING *b)
{
return b->flags;
}
LCRYPTO_ALIAS(BN_BLINDING_get_flags);
void
BN_BLINDING_set_flags(BN_BLINDING *b, unsigned long flags)
{
b->flags = flags;
}
LCRYPTO_ALIAS(BN_BLINDING_set_flags);
BN_BLINDING *
BN_BLINDING_create_param(BN_BLINDING *b, const BIGNUM *e, BIGNUM *m,
@ -373,4 +363,3 @@ err:
return ret;
}
LCRYPTO_ALIAS(BN_BLINDING_create_param);

58
lib/libcrypto/bn/bn_const.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn_const.c,v 1.7 2023/07/10 03:26:30 tb Exp $ */
/* $OpenBSD: bn_const.c,v 1.8 2023/07/28 10:07:30 tb Exp $ */
/* Insert boilerplate */
#include <openssl/bn.h>
@ -23,13 +23,6 @@ static const unsigned char RFC2409_PRIME_768[] = {
0xA6, 0x3A, 0x36, 0x20, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
};
BIGNUM *
get_rfc2409_prime_768(BIGNUM *bn)
{
return BN_bin2bn(RFC2409_PRIME_768, sizeof(RFC2409_PRIME_768), bn);
}
LCRYPTO_ALIAS(get_rfc2409_prime_768);
BIGNUM *
BN_get_rfc2409_prime_768(BIGNUM *bn)
{
@ -60,13 +53,6 @@ static const unsigned char RFC2409_PRIME_1024[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
};
BIGNUM *
get_rfc2409_prime_1024(BIGNUM *bn)
{
return BN_bin2bn(RFC2409_PRIME_1024, sizeof(RFC2409_PRIME_1024), bn);
}
LCRYPTO_ALIAS(get_rfc2409_prime_1024);
BIGNUM *
BN_get_rfc2409_prime_1024(BIGNUM *bn)
{
@ -102,13 +88,6 @@ static const unsigned char RFC3526_PRIME_1536[] = {
0xCA, 0x23, 0x73, 0x27, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
};
BIGNUM *
get_rfc3526_prime_1536(BIGNUM *bn)
{
return BN_bin2bn(RFC3526_PRIME_1536, sizeof(RFC3526_PRIME_1536), bn);
}
LCRYPTO_ALIAS(get_rfc3526_prime_1536);
BIGNUM *
BN_get_rfc3526_prime_1536(BIGNUM *bn)
{
@ -149,13 +128,6 @@ static const unsigned char RFC3526_PRIME_2048[] = {
0xFF, 0xFF, 0xFF, 0xFF,
};
BIGNUM *
get_rfc3526_prime_2048(BIGNUM *bn)
{
return BN_bin2bn(RFC3526_PRIME_2048, sizeof(RFC3526_PRIME_2048), bn);
}
LCRYPTO_ALIAS(get_rfc3526_prime_2048);
BIGNUM *
BN_get_rfc3526_prime_2048(BIGNUM *bn)
{
@ -206,13 +178,6 @@ static const unsigned char RFC3526_PRIME_3072[] = {
0xA9, 0x3A, 0xD2, 0xCA, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
};
BIGNUM *
get_rfc3526_prime_3072(BIGNUM *bn)
{
return BN_bin2bn(RFC3526_PRIME_3072, sizeof(RFC3526_PRIME_3072), bn);
}
LCRYPTO_ALIAS(get_rfc3526_prime_3072);
BIGNUM *
BN_get_rfc3526_prime_3072(BIGNUM *bn)
{
@ -274,13 +239,6 @@ static const unsigned char RFC3526_PRIME_4096[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
};
BIGNUM *
get_rfc3526_prime_4096(BIGNUM *bn)
{
return BN_bin2bn(RFC3526_PRIME_4096, sizeof(RFC3526_PRIME_4096), bn);
}
LCRYPTO_ALIAS(get_rfc3526_prime_4096);
BIGNUM *
BN_get_rfc3526_prime_4096(BIGNUM *bn)
{
@ -363,13 +321,6 @@ static const unsigned char RFC3526_PRIME_6144[] = {
0x6D, 0xCC, 0x40, 0x24, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
};
BIGNUM *
get_rfc3526_prime_6144(BIGNUM *bn)
{
return BN_bin2bn(RFC3526_PRIME_6144, sizeof(RFC3526_PRIME_6144), bn);
}
LCRYPTO_ALIAS(get_rfc3526_prime_6144);
BIGNUM *
BN_get_rfc3526_prime_6144(BIGNUM *bn)
{
@ -474,13 +425,6 @@ static const unsigned char RFC3526_PRIME_8192[] = {
0xFF, 0xFF, 0xFF, 0xFF,
};
BIGNUM *
get_rfc3526_prime_8192(BIGNUM *bn)
{
return BN_bin2bn(RFC3526_PRIME_8192, sizeof(RFC3526_PRIME_8192), bn);
}
LCRYPTO_ALIAS(get_rfc3526_prime_8192);
BIGNUM *
BN_get_rfc3526_prime_8192(BIGNUM *bn)
{

22
lib/libcrypto/bn/bn_lib.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn_lib.c,v 1.89 2023/07/08 12:21:58 beck Exp $ */
/* $OpenBSD: bn_lib.c,v 1.90 2023/07/28 10:35:14 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -655,26 +655,6 @@ BN_is_negative(const BIGNUM *a)
}
LCRYPTO_ALIAS(BN_is_negative);
char *
BN_options(void)
{
static int init = 0;
static char data[16];
if (!init) {
init++;
#ifdef BN_LLONG
snprintf(data,sizeof data, "bn(%d,%d)",
(int)sizeof(BN_ULLONG) * 8, (int)sizeof(BN_ULONG) * 8);
#else
snprintf(data,sizeof data, "bn(%d,%d)",
(int)sizeof(BN_ULONG) * 8, (int)sizeof(BN_ULONG) * 8);
#endif
}
return (data);
}
LCRYPTO_ALIAS(BN_options);
/*
* Bits of security, see SP800-57, section 5.6.11, table 2.
*/

23
lib/libcrypto/bn/bn_local.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn_local.h,v 1.26 2023/07/09 18:27:22 tb Exp $ */
/* $OpenBSD: bn_local.h,v 1.27 2023/07/28 10:05:16 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -291,6 +291,27 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
BN_RECP_CTX *recp, BN_CTX *ctx);
/* BN_BLINDING flags */
#define BN_BLINDING_NO_UPDATE 0x00000001
#define BN_BLINDING_NO_RECREATE 0x00000002
BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod);
void BN_BLINDING_free(BN_BLINDING *b);
int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);
int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *);
CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);
unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
BN_MONT_CTX *m_ctx);
/* Explicitly const time / non-const time versions for internal use */
int BN_mod_exp_ct(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx);

79
lib/libcrypto/buffer/buf_str.c
View file

@ -1,79 +0,0 @@
/* $OpenBSD: buf_str.c,v 1.11 2017/04/09 14:33:21 jsing Exp $ */
/*
* Copyright (c) 2014 Bob Beck
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <openssl/buffer.h>
#include <openssl/err.h>
/*
* XXX these functions accept a NULL arg and return NULL
* when the standard ones do not. we should at an appropriate
* time change these to find the bad callers
*/
char *
BUF_strdup(const char *str)
{
char *ret = NULL;
if (str != NULL) {
if ((ret = strdup(str)) == NULL)
BUFerror(ERR_R_MALLOC_FAILURE);
}
return ret;
}
char *
BUF_strndup(const char *str, size_t siz)
{
char *ret = NULL;
if (str != NULL) {
if ((ret = strndup(str, siz)) == NULL)
BUFerror(ERR_R_MALLOC_FAILURE);
}
return ret;
}
void *
BUF_memdup(const void *data, size_t siz)
{
void *ret = NULL;
if (data != NULL) {
if ((ret = malloc(siz)) == NULL)
BUFerror(ERR_R_MALLOC_FAILURE);
else
(void) memcpy(ret, data, siz);
}
return ret;
}
size_t
BUF_strlcpy(char *dst, const char *src, size_t size)
{
return strlcpy(dst, src, size);
}
size_t
BUF_strlcat(char *dst, const char *src, size_t size)
{
return strlcat(dst, src, size);
}

18
lib/libcrypto/buffer/buffer.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: buffer.h,v 1.16 2022/07/12 14:42:48 kn Exp $ */
/* $OpenBSD: buffer.h,v 1.17 2023/07/28 10:17:21 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -58,9 +58,6 @@
#ifndef HEADER_BUFFER_H
#define HEADER_BUFFER_H
#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__OpenBSD__)
#define __bounded__(x, y, z)
#endif
#include <openssl/ossl_typ.h>
@ -85,19 +82,6 @@ void BUF_MEM_free(BUF_MEM *a);
int BUF_MEM_grow(BUF_MEM *str, size_t len);
int BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
#ifndef LIBRESSL_INTERNAL
char * BUF_strdup(const char *str);
char * BUF_strndup(const char *str, size_t siz);
void * BUF_memdup(const void *data, size_t siz);
void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz);
/* safe string functions */
size_t BUF_strlcpy(char *dst, const char *src, size_t siz)
__attribute__ ((__bounded__(__string__,1,3)));
size_t BUF_strlcat(char *dst, const char *src, size_t siz)
__attribute__ ((__bounded__(__string__,1,3)));
#endif
void ERR_load_BUF_strings(void);
/* Error codes for the BUF functions. */

5
lib/libcrypto/cms/cms.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: cms.h,v 1.15 2019/08/11 10:15:30 jsing Exp $ */
/* $OpenBSD: cms.h,v 1.16 2023/07/28 10:28:02 tb Exp $ */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
@ -128,6 +128,9 @@ int CMS_ContentInfo_print_ctx(BIO *out, CMS_ContentInfo *x, int indent, const AS
const ASN1_OBJECT *CMS_get0_type(const CMS_ContentInfo *cms);
int CMS_get_version(const CMS_ContentInfo *cms, long *version);
int CMS_SignerInfo_get_version(const CMS_SignerInfo *si, long *version);
BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont);
int CMS_dataFinal(CMS_ContentInfo *cms, BIO *bio);

45
lib/libcrypto/cms/cms_lib.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: cms_lib.c,v 1.18 2023/07/08 08:26:26 beck Exp $ */
/* $OpenBSD: cms_lib.c,v 1.19 2023/07/28 10:28:02 tb Exp $ */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
@ -237,6 +237,49 @@ CMS_dataFinal(CMS_ContentInfo *cms, BIO *cmsbio)
}
LCRYPTO_ALIAS(CMS_dataFinal);
int
CMS_get_version(const CMS_ContentInfo *cms, long *version)
{
switch (OBJ_obj2nid(cms->contentType)) {
case NID_pkcs7_signed:
*version = cms->d.signedData->version;
return 1;
case NID_pkcs7_enveloped:
*version = cms->d.envelopedData->version;
return 1;
case NID_pkcs7_digest:
*version = cms->d.digestedData->version;
return 1;
case NID_pkcs7_encrypted:
*version = cms->d.encryptedData->version;
return 1;
case NID_id_smime_ct_authData:
*version = cms->d.authenticatedData->version;
return 1;
case NID_id_smime_ct_compressedData:
*version = cms->d.compressedData->version;
return 1;
default:
CMSerror(CMS_R_UNSUPPORTED_TYPE);
return 0;
}
}
LCRYPTO_ALIAS(CMS_get_version);
int
CMS_SignerInfo_get_version(const CMS_SignerInfo *si, long *version)
{
*version = si->version;
return 1;
}
LCRYPTO_ALIAS(CMS_SignerInfo_get_version);
/*
* Return an OCTET STRING pointer to content. This allows it to be accessed
* or set later.

172
lib/libcrypto/comp/c_rle.c
View file

@ -1,172 +0,0 @@
/* $OpenBSD: c_rle.c,v 1.12 2023/07/08 08:26:26 beck Exp $ */
/*
* ---------------------------------------------------------------------------
* Patches to this file were contributed by
* Ulf Moeller <ulf@openssl.org> and Bodo Moeller <bodo@openssl.org>.
* ---------------------------------------------------------------------------
* Copyright (c) 1999, 2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
* ---------------------------------------------------------------------------
* Parts of this file are derived from SSLeay code
* which is covered by the following Copyright and license:
* ---------------------------------------------------------------------------
* Copyright (c) 1998 Eric Young <eay@cryptsoft.com>
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young <eay@cryptsoft.com>.
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson <tjh@cryptsoft.com>.
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given
* attribution as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young <eay@cryptsoft.com>"
* The word 'cryptographic' can be left out if the rouines from the
* library being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof)
* from the apps directory (application code) you must include an
* acknowledgement: "This product includes software written
* by Tim Hudson <tjh@cryptsoft.com>"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version
* or derivative of this code cannot be changed. i.e. this code cannot
* simply be copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/objects.h>
#include <openssl/comp.h>
#include "comp_local.h"
static int rle_compress_block(COMP_CTX *ctx, unsigned char *out,
unsigned int olen, unsigned char *in, unsigned int ilen);
static int rle_expand_block(COMP_CTX *ctx, unsigned char *out,
unsigned int olen, unsigned char *in, unsigned int ilen);
static COMP_METHOD rle_method = {
.type = NID_rle_compression,
.name = LN_rle_compression,
.compress = rle_compress_block,
.expand = rle_expand_block
};
COMP_METHOD *
COMP_rle(void)
{
return (&rle_method);
}
LCRYPTO_ALIAS(COMP_rle);
static int
rle_compress_block(COMP_CTX *ctx, unsigned char *out, unsigned int olen,
unsigned char *in, unsigned int ilen)
{
if (ilen == 0 || olen < (ilen - 1)) {
return (-1);
}
*(out++) = 0;
memcpy(out, in, ilen);
return (ilen + 1);
}
static int
rle_expand_block(COMP_CTX *ctx, unsigned char *out, unsigned int olen,
unsigned char *in, unsigned int ilen)
{
int i;
if (olen < (ilen - 1)) {
return (-1);
}
i= *(in++);
if (i == 0) {
memcpy(out, in, ilen - 1);
}
return (ilen - 1);
}

146
lib/libcrypto/comp/c_zlib.c
View file

@ -1,146 +0,0 @@
/* $OpenBSD: c_zlib.c,v 1.28 2023/07/08 08:26:26 beck Exp $ */
/*
* ---------------------------------------------------------------------------
* Major patches to this file were contributed by
* Richard Levitte <levitte@openssl.org>, Nils Larsch <nils@openssl.org>,
* and Dr. Stephen Henson <steve@openssl.org>.
* ---------------------------------------------------------------------------
* Copyright (c) 2002, 2003, 2007, 2008, 2010 The OpenSSL Project.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
* ---------------------------------------------------------------------------
* Parts of this file are derived from SSLeay code
* which is covered by the following Copyright and license:
* ---------------------------------------------------------------------------
* Copyright (c) 1998 Eric Young <eay@cryptsoft.com>
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young <eay@cryptsoft.com>.
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson <tjh@cryptsoft.com>.
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given
* attribution as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young <eay@cryptsoft.com>"
* The word 'cryptographic' can be left out if the rouines from the
* library being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof)
* from the apps directory (application code) you must include an
* acknowledgement: "This product includes software written
* by Tim Hudson <tjh@cryptsoft.com>"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version
* or derivative of this code cannot be changed. i.e. this code cannot
* simply be copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/objects.h>
#include <openssl/comp.h>
#include <openssl/err.h>
#include "bio_local.h"
#include "comp_local.h"
COMP_METHOD *COMP_zlib(void );
static COMP_METHOD zlib_method_nozlib = {
.type = NID_undef,
.name = "(undef)"
};
COMP_METHOD *
COMP_zlib(void)
{
return &zlib_method_nozlib;
}
LCRYPTO_ALIAS(COMP_zlib);
void
COMP_zlib_cleanup(void)
{
}
LCRYPTO_ALIAS(COMP_zlib_cleanup);

153
lib/libcrypto/comp/comp.h
View file

@ -1,152 +1,7 @@
/* $OpenBSD: comp.h,v 1.12 2023/06/11 05:35:43 tb Exp $ */
/* $OpenBSD: comp.h,v 1.13 2023/07/28 09:42:44 tb Exp $ */
/*
* ---------------------------------------------------------------------------
* Patches to this file were contributed by
* Dr. Stephen Henson <steve@openssl.org>.
* ---------------------------------------------------------------------------
* Copyright (c) 1999, 2002, 2008 The OpenSSL Project. All rights reserved.
* Public domain.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
* ---------------------------------------------------------------------------
* Parts of this file are derived from SSLeay code
* which is covered by the following Copyright and license:
* ---------------------------------------------------------------------------
* Copyright (c) 1998 Eric Young <eay@cryptsoft.com>
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young <eay@cryptsoft.com>.
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson <tjh@cryptsoft.com>.
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given
* attribution as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young <eay@cryptsoft.com>"
* The word 'cryptographic' can be left out if the rouines from the
* library being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof)
* from the apps directory (application code) you must include an
* acknowledgement: "This product includes software written
* by Tim Hudson <tjh@cryptsoft.com>"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version
* or derivative of this code cannot be changed. i.e. this code cannot
* simply be copied and put under another distribution licence
* [including the GNU Public Licence.]
* This header is intentionally left empty. Some software uses it unnecessarily.
*/
#ifndef HEADER_COMP_H
#define HEADER_COMP_H
#include <openssl/crypto.h>
#ifdef __cplusplus
extern "C" {
#endif
COMP_CTX *COMP_CTX_new(COMP_METHOD *meth);
void COMP_CTX_free(COMP_CTX *ctx);
int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
unsigned char *in, int ilen);
int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
unsigned char *in, int ilen);
COMP_METHOD *COMP_rle(void );
COMP_METHOD *COMP_zlib(void );
void COMP_zlib_cleanup(void);
void ERR_load_COMP_strings(void);
/* Error codes for the COMP functions. */
/* Function codes. */
#define COMP_F_BIO_ZLIB_FLUSH 99
#define COMP_F_BIO_ZLIB_NEW 100
#define COMP_F_BIO_ZLIB_READ 101
#define COMP_F_BIO_ZLIB_WRITE 102
/* Reason codes. */
#define COMP_R_ZLIB_DEFLATE_ERROR 99
#define COMP_R_ZLIB_INFLATE_ERROR 100
#define COMP_R_ZLIB_NOT_SUPPORTED 101
#ifdef __cplusplus
}
#endif
#endif

95
lib/libcrypto/comp/comp_err.c
View file

@ -1,95 +0,0 @@
/* $OpenBSD: comp_err.c,v 1.14 2023/07/08 08:26:26 beck Exp $ */
/* ====================================================================
* This file was written by Dr. Stephen Henson <steve@openssl.org>.
* Copyright (c) 1999, 2005, 2008 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <stdio.h>
#include <openssl/opensslconf.h>
#include <openssl/comp.h>
#include <openssl/err.h>
#include "comp_local.h"
#ifndef OPENSSL_NO_ERR
#define ERR_FUNC(func) ERR_PACK(ERR_LIB_COMP,func,0)
#define ERR_REASON(reason) ERR_PACK(ERR_LIB_COMP,0,reason)
static ERR_STRING_DATA COMP_str_functs[] = {
{ERR_FUNC(0xfff), "CRYPTO_internal"},
{0, NULL}
};
static ERR_STRING_DATA COMP_str_reasons[] = {
{ERR_REASON(COMP_R_ZLIB_DEFLATE_ERROR) , "zlib deflate error"},
{ERR_REASON(COMP_R_ZLIB_INFLATE_ERROR) , "zlib inflate error"},
{ERR_REASON(COMP_R_ZLIB_NOT_SUPPORTED) , "zlib not supported"},
{0, NULL}
};
#endif
void
ERR_load_COMP_strings(void)
{
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(COMP_str_functs[0].error) == NULL) {
ERR_load_strings(0, COMP_str_functs);
ERR_load_strings(0, COMP_str_reasons);
}
#endif
}
LCRYPTO_ALIAS(ERR_load_COMP_strings);

188
lib/libcrypto/comp/comp_lib.c
View file

@ -1,188 +0,0 @@
/* $OpenBSD: comp_lib.c,v 1.12 2023/07/08 08:26:26 beck Exp $ */
/*
* ---------------------------------------------------------------------------
* Patches to this file were contributed by
* Ben Laurie <ben@openssl.org> and Ulf Moeller <ulf@openssl.org>.
* ---------------------------------------------------------------------------
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
* ---------------------------------------------------------------------------
* Parts of this file are derived from SSLeay code
* which is covered by the following Copyright and license:
* ---------------------------------------------------------------------------
* Copyright (c) 1998 Eric Young <eay@cryptsoft.com>
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young <eay@cryptsoft.com>.
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson <tjh@cryptsoft.com>.
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given
* attribution as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young <eay@cryptsoft.com>"
* The word 'cryptographic' can be left out if the rouines from the
* library being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof)
* from the apps directory (application code) you must include an
* acknowledgement: "This product includes software written
* by Tim Hudson <tjh@cryptsoft.com>"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version
* or derivative of this code cannot be changed. i.e. this code cannot
* simply be copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/objects.h>
#include <openssl/comp.h>
#include "comp_local.h"
COMP_CTX *
COMP_CTX_new(COMP_METHOD *meth)
{
COMP_CTX *ret;
if ((ret = calloc(1, sizeof(COMP_CTX))) == NULL) {
return (NULL);
}
ret->meth = meth;
if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
free(ret);
ret = NULL;
}
return (ret);
}
LCRYPTO_ALIAS(COMP_CTX_new);
void
COMP_CTX_free(COMP_CTX *ctx)
{
if (ctx == NULL)
return;
if (ctx->meth->finish != NULL)
ctx->meth->finish(ctx);
free(ctx);
}
LCRYPTO_ALIAS(COMP_CTX_free);
int
COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
unsigned char *in, int ilen)
{
int ret;
if (ctx->meth->compress == NULL) {
return (-1);
}
ret = ctx->meth->compress(ctx, out, olen, in, ilen);
if (ret > 0) {
ctx->compress_in += ilen;
ctx->compress_out += ret;
}
return (ret);
}
LCRYPTO_ALIAS(COMP_compress_block);
int
COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
unsigned char *in, int ilen)
{
int ret;
if (ctx->meth->expand == NULL) {
return (-1);
}
ret = ctx->meth->expand(ctx, out, olen, in, ilen);
if (ret > 0) {
ctx->expand_in += ilen;
ctx->expand_out += ret;
}
return (ret);
}
LCRYPTO_ALIAS(COMP_expand_block);

148
lib/libcrypto/comp/comp_local.h
View file

@ -1,148 +0,0 @@
/* $OpenBSD: comp_local.h,v 1.4 2022/12/24 07:12:09 tb Exp $ */
/*
* ---------------------------------------------------------------------------
* Patches to this file were contributed by
* Richard Levitte <levitte@openssl.org>.
* ---------------------------------------------------------------------------
* Copyright (c) 1999, 2000, 2003 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
* ---------------------------------------------------------------------------
* Parts of this file are derived from SSLeay code
* which is covered by the following Copyright and license:
* ---------------------------------------------------------------------------
* Copyright (c) 1998 Eric Young <eay@cryptsoft.com>
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young <eay@cryptsoft.com>.
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson <tjh@cryptsoft.com>.
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given
* attribution as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young <eay@cryptsoft.com>"
* The word 'cryptographic' can be left out if the rouines from the
* library being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof)
* from the apps directory (application code) you must include an
* acknowledgement: "This product includes software written
* by Tim Hudson <tjh@cryptsoft.com>"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version
* or derivative of this code cannot be changed. i.e. this code cannot
* simply be copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#ifndef HEADER_COMP_LOCAL_H
#define HEADER_COMP_LOCAL_H
__BEGIN_HIDDEN_DECLS
struct CMP_CTX;
struct comp_method_st {
int type; /* NID for compression library */
const char *name; /* A text string to identify the library */
int (*init)(COMP_CTX *ctx);
void (*finish)(COMP_CTX *ctx);
int (*compress)(COMP_CTX *ctx, unsigned char *out, unsigned int olen,
unsigned char *in, unsigned int ilen);
int (*expand)(COMP_CTX *ctx, unsigned char *out, unsigned int olen,
unsigned char *in, unsigned int ilen);
/* The following two do NOTHING, but are kept for backward compatibility */
long (*ctrl)(void);
long (*callback_ctrl)(void);
} /* COMP_METHOD */;
struct comp_ctx_st {
COMP_METHOD *meth;
unsigned long compress_in;
unsigned long compress_out;
unsigned long expand_in;
unsigned long expand_out;
CRYPTO_EX_DATA ex_data;
} /* COMP_CTX */;
__END_HIDDEN_DECLS
#endif /* !HEADER_COMP_LOCAL_H */

64
lib/libcrypto/crypto.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: crypto.h,v 1.62 2023/07/05 13:06:06 bcook Exp $ */
/* $OpenBSD: crypto.h,v 1.63 2023/07/28 10:19:20 tb Exp $ */
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
@ -244,44 +244,22 @@ struct crypto_ex_data_st {
};
DECLARE_STACK_OF(void)
/* This stuff is basically class callback functions
* The current classes are SSL_CTX, SSL, SSL_SESSION, and a few more */
typedef struct crypto_ex_data_func_st {
long argl; /* Arbitrary long */
void *argp; /* Arbitrary void * */
CRYPTO_EX_new *new_func;
CRYPTO_EX_free *free_func;
CRYPTO_EX_dup *dup_func;
} CRYPTO_EX_DATA_FUNCS;
DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS)
/* Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA
* entry.
*/
#define CRYPTO_EX_INDEX_BIO 0
#define CRYPTO_EX_INDEX_SSL 1
#define CRYPTO_EX_INDEX_SSL_CTX 2
#define CRYPTO_EX_INDEX_SSL_SESSION 3
#define CRYPTO_EX_INDEX_X509_STORE 4
#define CRYPTO_EX_INDEX_X509_STORE_CTX 5
#define CRYPTO_EX_INDEX_RSA 6
#define CRYPTO_EX_INDEX_DSA 7
#define CRYPTO_EX_INDEX_DH 8
#define CRYPTO_EX_INDEX_ENGINE 9
#define CRYPTO_EX_INDEX_X509 10
#define CRYPTO_EX_INDEX_UI 11
#define CRYPTO_EX_INDEX_ECDSA 12
#define CRYPTO_EX_INDEX_ECDH 13
#define CRYPTO_EX_INDEX_COMP 14
#define CRYPTO_EX_INDEX_STORE 15
#define CRYPTO_EX_INDEX_EC_KEY 16
/* Dynamically assigned indexes start from this value (don't use directly, use
* via CRYPTO_ex_data_new_class). */
#define CRYPTO_EX_INDEX_USER 100
#define CRYPTO_EX_INDEX_SSL 0
#define CRYPTO_EX_INDEX_SSL_CTX 1
#define CRYPTO_EX_INDEX_SSL_SESSION 2
#define CRYPTO_EX_INDEX_APP 3
#define CRYPTO_EX_INDEX_BIO 4
#define CRYPTO_EX_INDEX_DH 5
#define CRYPTO_EX_INDEX_DSA 6
#define CRYPTO_EX_INDEX_EC_KEY 7
#define CRYPTO_EX_INDEX_ENGINE 8
#define CRYPTO_EX_INDEX_RSA 9
#define CRYPTO_EX_INDEX_UI 10
#define CRYPTO_EX_INDEX_UI_METHOD 11
#define CRYPTO_EX_INDEX_X509 12
#define CRYPTO_EX_INDEX_X509_STORE 13
#define CRYPTO_EX_INDEX_X509_STORE_CTX 14
#define CRYPTO_EX_INDEX__COUNT 15
#ifndef LIBRESSL_INTERNAL
#define CRYPTO_malloc_init() (0)
@ -328,14 +306,6 @@ unsigned long OpenSSL_version_num(void);
const char *SSLeay_version(int type);
unsigned long SSLeay(void);
/* An opaque type representing an implementation of "ex_data" support */
typedef struct st_CRYPTO_EX_DATA_IMPL CRYPTO_EX_DATA_IMPL;
/* Return an opaque pointer to the current "ex_data" implementation */
const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void);
/* Sets the "ex_data" implementation to be used (if it's not too late) */
int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i);
/* Get a new "ex_data" class, and return the corresponding "class_index" */
int CRYPTO_ex_data_new_class(void);
/* Within a given class, get/register a new index */
int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,

382
lib/libcrypto/dso/dso.h
View file

@ -1,382 +0,0 @@
/* $OpenBSD: dso.h,v 1.14 2022/12/26 07:18:51 jmc Exp $ */
/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
* project 2000.
*/
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#ifndef HEADER_DSO_H
#define HEADER_DSO_H
#include <openssl/crypto.h>
#ifdef __cplusplus
extern "C" {
#endif
/* These values are used as commands to DSO_ctrl() */
#define DSO_CTRL_GET_FLAGS 1
#define DSO_CTRL_SET_FLAGS 2
#define DSO_CTRL_OR_FLAGS 3
/* By default, DSO_load() will translate the provided filename into a form
* typical for the platform (more specifically the DSO_METHOD) using the
* dso_name_converter function of the method. Eg. win32 will transform "blah"
* into "blah.dll", and dlfcn will transform it into "libblah.so". The
* behaviour can be overridden by setting the name_converter callback in the DSO
* object (using DSO_set_name_converter()). This callback could even utilise
* the DSO_METHOD's converter too if it only wants to override behaviour for
* one or two possible DSO methods. However, the following flag can be set in a
* DSO to prevent *any* native name-translation at all - eg. if the caller has
* prompted the user for a path to a driver library so the filename should be
* interpreted as-is. */
#define DSO_FLAG_NO_NAME_TRANSLATION 0x01
/* An extra flag to give if only the extension should be added as
* translation. This is obviously only of importance on Unix and
* other operating systems where the translation also may prefix
* the name with something, like 'lib', and ignored everywhere else.
* This flag is also ignored if DSO_FLAG_NO_NAME_TRANSLATION is used
* at the same time. */
#define DSO_FLAG_NAME_TRANSLATION_EXT_ONLY 0x02
/* The following flag controls the translation of symbol names to upper
* case. This is currently only being implemented for OpenVMS.
*/
#define DSO_FLAG_UPCASE_SYMBOL 0x10
/* This flag loads the library with public symbols.
* Meaning: The exported symbols of this library are public
* to all libraries loaded after this library.
* At the moment only implemented in unix.
*/
#define DSO_FLAG_GLOBAL_SYMBOLS 0x20
typedef void (*DSO_FUNC_TYPE)(void);
typedef struct dso_st DSO;
/* The function prototype used for method functions (or caller-provided
* callbacks) that transform filenames. They are passed a DSO structure pointer
* (or NULL if they are to be used independently of a DSO object) and a
* filename to transform. They should either return NULL (if there is an error
* condition) or a newly allocated string containing the transformed form that
* the caller will need to free with free() when done. */
typedef char* (*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *);
/* The function prototype used for method functions (or caller-provided
* callbacks) that merge two file specifications. They are passed a
* DSO structure pointer (or NULL if they are to be used independently of
* a DSO object) and two file specifications to merge. They should
* either return NULL (if there is an error condition) or a newly allocated
* string containing the result of merging that the caller will need
* to free with free() when done.
* Here, merging means that bits and pieces are taken from each of the
* file specifications and added together in whatever fashion that is
* sensible for the DSO method in question. The only rule that really
* applies is that if the two specification contain pieces of the same
* type, the copy from the first string takes priority. One could see
* it as the first specification is the one given by the user and the
* second being a bunch of defaults to add on if they're missing in the
* first. */
typedef char* (*DSO_MERGER_FUNC)(DSO *, const char *, const char *);
typedef struct dso_meth_st {
const char *name;
/* Loads a shared library, NB: new DSO_METHODs must ensure that a
* successful load populates the loaded_filename field, and likewise a
* successful unload frees and NULLs it out. */
int (*dso_load)(DSO *dso);
/* Unloads a shared library */
int (*dso_unload)(DSO *dso);
/* Binds a variable */
void *(*dso_bind_var)(DSO *dso, const char *symname);
/* Binds a function - assumes a return type of DSO_FUNC_TYPE.
* This should be cast to the real function prototype by the
* caller. Platforms that don't have compatible representations
* for different prototypes (this is possible within ANSI C)
* are highly unlikely to have shared libraries at all, let
* alone a DSO_METHOD implemented for them. */
DSO_FUNC_TYPE (*dso_bind_func)(DSO *dso, const char *symname);
/* The generic (yuck) "ctrl()" function. NB: Negative return
* values (rather than zero) indicate errors. */
long (*dso_ctrl)(DSO *dso, int cmd, long larg, void *parg);
/* The default DSO_METHOD-specific function for converting filenames to
* a canonical native form. */
DSO_NAME_CONVERTER_FUNC dso_name_converter;
/* The default DSO_METHOD-specific function for converting filenames to
* a canonical native form. */
DSO_MERGER_FUNC dso_merger;
/* [De]Initialisation handlers. */
int (*init)(DSO *dso);
int (*finish)(DSO *dso);
/* Return pathname of the module containing location */
int (*pathbyaddr)(void *addr, char *path, int sz);
/* Perform global symbol lookup, i.e. among *all* modules */
void *(*globallookup)(const char *symname);
} DSO_METHOD;
/**********************************************************************/
/* The low-level handle type used to refer to a loaded shared library */
struct dso_st {
DSO_METHOD *meth;
/* Standard dlopen uses a (void *). Win32 uses a HANDLE. VMS
* doesn't use anything but will need to cache the filename
* for use in the dso_bind handler. All in all, let each
* method control its own destiny. "Handles" and such go in
* a STACK. */
STACK_OF(void) *meth_data;
int references;
int flags;
/* For use by applications etc ... use this for your bits'n'pieces,
* don't touch meth_data! */
CRYPTO_EX_DATA ex_data;
/* If this callback function pointer is set to non-NULL, then it will
* be used in DSO_load() in place of meth->dso_name_converter. NB: This
* should normally set using DSO_set_name_converter(). */
DSO_NAME_CONVERTER_FUNC name_converter;
/* If this callback function pointer is set to non-NULL, then it will
* be used in DSO_load() in place of meth->dso_merger. NB: This
* should normally set using DSO_set_merger(). */
DSO_MERGER_FUNC merger;
/* This is populated with (a copy of) the platform-independant
* filename used for this DSO. */
char *filename;
/* This is populated with (a copy of) the translated filename by which
* the DSO was actually loaded. It is NULL iff the DSO is not currently
* loaded. NB: This is here because the filename translation process
* may involve a callback being invoked more than once not only to
* convert to a platform-specific form, but also to try different
* filenames in the process of trying to perform a load. As such, this
* variable can be used to indicate (a) whether this DSO structure
* corresponds to a loaded library or not, and (b) the filename with
* which it was actually loaded. */
char *loaded_filename;
};
DSO * DSO_new(void);
DSO * DSO_new_method(DSO_METHOD *method);
int DSO_free(DSO *dso);
int DSO_flags(DSO *dso);
int DSO_up_ref(DSO *dso);
long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg);
/* This function sets the DSO's name_converter callback. If it is non-NULL,
* then it will be used instead of the associated DSO_METHOD's function. If
* oldcb is non-NULL then it is set to the function pointer value being
* replaced. Return value is non-zero for success. */
int DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb,
DSO_NAME_CONVERTER_FUNC *oldcb);
/* These functions can be used to get/set the platform-independant filename
* used for a DSO. NB: set will fail if the DSO is already loaded. */
const char *DSO_get_filename(DSO *dso);
int DSO_set_filename(DSO *dso, const char *filename);
/* This function will invoke the DSO's name_converter callback to translate a
* filename, or if the callback isn't set it will instead use the DSO_METHOD's
* converter. If "filename" is NULL, the "filename" in the DSO itself will be
* used. If the DSO_FLAG_NO_NAME_TRANSLATION flag is set, then the filename is
* simply duplicated. NB: This function is usually called from within a
* DSO_METHOD during the processing of a DSO_load() call, and is exposed so that
* caller-created DSO_METHODs can do the same thing. A non-NULL return value
* will need to be free()'d. */
char *DSO_convert_filename(DSO *dso, const char *filename);
/* This function will invoke the DSO's merger callback to merge two file
* specifications, or if the callback isn't set it will instead use the
* DSO_METHOD's merger. A non-NULL return value will need to be
* free()'d. */
char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2);
/* If the DSO is currently loaded, this returns the filename that it was loaded
* under, otherwise it returns NULL. So it is also useful as a test as to
* whether the DSO is currently loaded. NB: This will not necessarily return
* the same value as DSO_convert_filename(dso, dso->filename), because the
* DSO_METHOD's load function may have tried a variety of filenames (with
* and/or without the aid of the converters) before settling on the one it
* actually loaded. */
const char *DSO_get_loaded_filename(DSO *dso);
void DSO_set_default_method(DSO_METHOD *meth);
DSO_METHOD *DSO_get_default_method(void);
DSO_METHOD *DSO_get_method(DSO *dso);
DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth);
/* The all-singing all-dancing load function, you normally pass NULL
* for the first and third parameters. Use DSO_up and DSO_free for
* subsequent reference count handling. Any flags passed in will be set
* in the constructed DSO after its init() function but before the
* load operation. If 'dso' is non-NULL, 'flags' is ignored. */
DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags);
/* This function binds to a variable inside a shared library. */
void *DSO_bind_var(DSO *dso, const char *symname);
/* This function binds to a function inside a shared library. */
DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname);
/* This method is the default, but will beg, borrow, or steal whatever
* method should be the default on any particular platform (including
* DSO_METH_null() if necessary). */
DSO_METHOD *DSO_METHOD_openssl(void);
/* This method is defined for all platforms - if a platform has no
* DSO support then this will be the only method! */
DSO_METHOD *DSO_METHOD_null(void);
/* If DSO_DLFCN is defined, the standard dlfcn.h-style functions
* (dlopen, dlclose, dlsym, etc) will be used and incorporated into
* this method. If not, this method will return NULL. */
DSO_METHOD *DSO_METHOD_dlfcn(void);
/* This function writes null-terminated pathname of DSO module
* containing 'addr' into 'sz' large caller-provided 'path' and
* returns the number of characters [including trailing zero]
* written to it. If 'sz' is 0 or negative, 'path' is ignored and
* required amount of characters [including trailing zero] to
* accommodate pathname is returned. If 'addr' is NULL, then
* pathname of cryptolib itself is returned. Negative or zero
* return value denotes error.
*/
int DSO_pathbyaddr(void *addr, char *path, int sz);
/* This function should be used with caution! It looks up symbols in
* *all* loaded modules and if module gets unloaded by somebody else
* attempt to dereference the pointer is doomed to have fatal
* consequences. Primary usage for this function is to probe *core*
* system functionality, e.g. check if getnameinfo(3) is available
* at run-time without bothering about OS-specific details such as
* libc.so.versioning or where does it actually reside: in libc
* itself or libsocket. */
void *DSO_global_lookup(const char *name);
void ERR_load_DSO_strings(void);
/* Error codes for the DSO functions. */
/* Function codes. */
#define DSO_F_BEOS_BIND_FUNC 144
#define DSO_F_BEOS_BIND_VAR 145
#define DSO_F_BEOS_LOAD 146
#define DSO_F_BEOS_NAME_CONVERTER 147
#define DSO_F_BEOS_UNLOAD 148
#define DSO_F_DLFCN_BIND_FUNC 100
#define DSO_F_DLFCN_BIND_VAR 101
#define DSO_F_DLFCN_LOAD 102
#define DSO_F_DLFCN_MERGER 130
#define DSO_F_DLFCN_NAME_CONVERTER 123
#define DSO_F_DLFCN_UNLOAD 103
#define DSO_F_DL_BIND_FUNC 104
#define DSO_F_DL_BIND_VAR 105
#define DSO_F_DL_LOAD 106
#define DSO_F_DL_MERGER 131
#define DSO_F_DL_NAME_CONVERTER 124
#define DSO_F_DL_UNLOAD 107
#define DSO_F_DSO_BIND_FUNC 108
#define DSO_F_DSO_BIND_VAR 109
#define DSO_F_DSO_CONVERT_FILENAME 126
#define DSO_F_DSO_CTRL 110
#define DSO_F_DSO_FREE 111
#define DSO_F_DSO_GET_FILENAME 127
#define DSO_F_DSO_GET_LOADED_FILENAME 128
#define DSO_F_DSO_GLOBAL_LOOKUP 139
#define DSO_F_DSO_LOAD 112
#define DSO_F_DSO_MERGE 132
#define DSO_F_DSO_NEW_METHOD 113
#define DSO_F_DSO_PATHBYADDR 140
#define DSO_F_DSO_SET_FILENAME 129
#define DSO_F_DSO_SET_NAME_CONVERTER 122
#define DSO_F_DSO_UP_REF 114
#define DSO_F_GLOBAL_LOOKUP_FUNC 138
#define DSO_F_PATHBYADDR 137
#define DSO_F_VMS_BIND_SYM 115
#define DSO_F_VMS_LOAD 116
#define DSO_F_VMS_MERGER 133
#define DSO_F_VMS_UNLOAD 117
#define DSO_F_WIN32_BIND_FUNC 118
#define DSO_F_WIN32_BIND_VAR 119
#define DSO_F_WIN32_GLOBALLOOKUP 142
#define DSO_F_WIN32_GLOBALLOOKUP_FUNC 143
#define DSO_F_WIN32_JOINER 135
#define DSO_F_WIN32_LOAD 120
#define DSO_F_WIN32_MERGER 134
#define DSO_F_WIN32_NAME_CONVERTER 125
#define DSO_F_WIN32_PATHBYADDR 141
#define DSO_F_WIN32_SPLITTER 136
#define DSO_F_WIN32_UNLOAD 121
/* Reason codes. */
#define DSO_R_CTRL_FAILED 100
#define DSO_R_DSO_ALREADY_LOADED 110
#define DSO_R_EMPTY_FILE_STRUCTURE 113
#define DSO_R_FAILURE 114
#define DSO_R_FILENAME_TOO_BIG 101
#define DSO_R_FINISH_FAILED 102
#define DSO_R_INCORRECT_FILE_SYNTAX 115
#define DSO_R_LOAD_FAILED 103
#define DSO_R_NAME_TRANSLATION_FAILED 109
#define DSO_R_NO_FILENAME 111
#define DSO_R_NO_FILE_SPECIFICATION 116
#define DSO_R_NULL_HANDLE 104
#define DSO_R_SET_FILENAME_FAILED 112
#define DSO_R_STACK_ERROR 105
#define DSO_R_SYM_FAILURE 106
#define DSO_R_UNLOAD_FAILED 107
#define DSO_R_UNSUPPORTED 108
#ifdef __cplusplus
}
#endif
#endif

355
lib/libcrypto/dso/dso_dlfcn.c
View file

@ -1,355 +0,0 @@
/* $OpenBSD: dso_dlfcn.c,v 1.30 2023/07/08 07:22:58 beck Exp $ */
/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
* project 2000.
*/
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <stdio.h>
#include <string.h>
#include <openssl/dso.h>
#include <openssl/err.h>
#ifndef DSO_DLFCN
DSO_METHOD *
DSO_METHOD_dlfcn(void)
{
return NULL;
}
LCRYPTO_ALIAS(DSO_METHOD_dlfcn);
#else
#ifdef HAVE_DLFCN_H
# include <dlfcn.h>
# define HAVE_DLINFO 1
#endif
/* Part of the hack in "dlfcn_load" ... */
#define DSO_MAX_TRANSLATED_SIZE 256
static int dlfcn_load(DSO *dso);
static int dlfcn_unload(DSO *dso);
static void *dlfcn_bind_var(DSO *dso, const char *symname);
static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname);
static char *dlfcn_name_converter(DSO *dso, const char *filename);
static char *dlfcn_merger(DSO *dso, const char *filespec1,
const char *filespec2);
static int dlfcn_pathbyaddr(void *addr, char *path, int sz);
static void *dlfcn_globallookup(const char *name);
static DSO_METHOD dso_meth_dlfcn = {
.name = "OpenSSL 'dlfcn' shared library method",
.dso_load = dlfcn_load,
.dso_unload = dlfcn_unload,
.dso_bind_var = dlfcn_bind_var,
.dso_bind_func = dlfcn_bind_func,
.dso_name_converter = dlfcn_name_converter,
.dso_merger = dlfcn_merger,
.pathbyaddr = dlfcn_pathbyaddr,
.globallookup = dlfcn_globallookup
};
DSO_METHOD *
DSO_METHOD_dlfcn(void)
{
return (&dso_meth_dlfcn);
}
LCRYPTO_ALIAS(DSO_METHOD_dlfcn);
/* For this DSO_METHOD, our meth_data STACK will contain;
* (i) the handle (void*) returned from dlopen().
*/
static int
dlfcn_load(DSO *dso)
{
void *ptr = NULL;
/* See applicable comments in dso_dl.c */
char *filename = DSO_convert_filename(dso, NULL);
int flags = RTLD_LAZY;
if (filename == NULL) {
DSOerror(DSO_R_NO_FILENAME);
goto err;
}
if (dso->flags & DSO_FLAG_GLOBAL_SYMBOLS)
flags |= RTLD_GLOBAL;
ptr = dlopen(filename, flags);
if (ptr == NULL) {
DSOerror(DSO_R_LOAD_FAILED);
ERR_asprintf_error_data("filename(%s): %s", filename,
dlerror());
goto err;
}
if (!sk_void_push(dso->meth_data, (char *)ptr)) {
DSOerror(DSO_R_STACK_ERROR);
goto err;
}
/* Success */
dso->loaded_filename = filename;
return (1);
err:
/* Cleanup! */
free(filename);
if (ptr != NULL)
dlclose(ptr);
return (0);
}
static int
dlfcn_unload(DSO *dso)
{
void *ptr;
if (dso == NULL) {
DSOerror(ERR_R_PASSED_NULL_PARAMETER);
return (0);
}
if (sk_void_num(dso->meth_data) < 1)
return (1);
ptr = sk_void_pop(dso->meth_data);
if (ptr == NULL) {
DSOerror(DSO_R_NULL_HANDLE);
/* Should push the value back onto the stack in
* case of a retry. */
sk_void_push(dso->meth_data, ptr);
return (0);
}
/* For now I'm not aware of any errors associated with dlclose() */
dlclose(ptr);
return (1);
}
static void *
dlfcn_bind_var(DSO *dso, const char *symname)
{
void *ptr, *sym;
if ((dso == NULL) || (symname == NULL)) {
DSOerror(ERR_R_PASSED_NULL_PARAMETER);
return (NULL);
}
if (sk_void_num(dso->meth_data) < 1) {
DSOerror(DSO_R_STACK_ERROR);
return (NULL);
}
ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
if (ptr == NULL) {
DSOerror(DSO_R_NULL_HANDLE);
return (NULL);
}
sym = dlsym(ptr, symname);
if (sym == NULL) {
DSOerror(DSO_R_SYM_FAILURE);
ERR_asprintf_error_data("symname(%s): %s", symname, dlerror());
return (NULL);
}
return (sym);
}
static DSO_FUNC_TYPE
dlfcn_bind_func(DSO *dso, const char *symname)
{
void *ptr;
union {
DSO_FUNC_TYPE sym;
void *dlret;
} u;
if ((dso == NULL) || (symname == NULL)) {
DSOerror(ERR_R_PASSED_NULL_PARAMETER);
return (NULL);
}
if (sk_void_num(dso->meth_data) < 1) {
DSOerror(DSO_R_STACK_ERROR);
return (NULL);
}
ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
if (ptr == NULL) {
DSOerror(DSO_R_NULL_HANDLE);
return (NULL);
}
u.dlret = dlsym(ptr, symname);
if (u.dlret == NULL) {
DSOerror(DSO_R_SYM_FAILURE);
ERR_asprintf_error_data("symname(%s): %s", symname, dlerror());
return (NULL);
}
return u.sym;
}
static char *
dlfcn_merger(DSO *dso, const char *filespec1, const char *filespec2)
{
char *merged;
if (!filespec1 && !filespec2) {
DSOerror(ERR_R_PASSED_NULL_PARAMETER);
return (NULL);
}
/* If the first file specification is a rooted path, it rules.
same goes if the second file specification is missing. */
if (!filespec2 || (filespec1 != NULL && filespec1[0] == '/')) {
merged = strdup(filespec1);
if (!merged) {
DSOerror(ERR_R_MALLOC_FAILURE);
return (NULL);
}
}
/* If the first file specification is missing, the second one rules. */
else if (!filespec1) {
merged = strdup(filespec2);
if (!merged) {
DSOerror(ERR_R_MALLOC_FAILURE);
return (NULL);
}
} else
/* This part isn't as trivial as it looks. It assumes that
the second file specification really is a directory, and
makes no checks whatsoever. Therefore, the result becomes
the concatenation of filespec2 followed by a slash followed
by filespec1. */
{
size_t spec2len, len;
spec2len = strlen(filespec2);
len = spec2len + (filespec1 ? strlen(filespec1) : 0);
if (filespec2 && filespec2[spec2len - 1] == '/') {
spec2len--;
len--;
}
merged = malloc(len + 2);
if (!merged) {
DSOerror(ERR_R_MALLOC_FAILURE);
return (NULL);
}
strlcpy(merged, filespec2, len + 2);
merged[spec2len] = '/';
strlcpy(&merged[spec2len + 1], filespec1, len + 1 - spec2len);
}
return (merged);
}
#define DSO_ext ".so"
#define DSO_extlen 3
static char *
dlfcn_name_converter(DSO *dso, const char *filename)
{
char *translated;
int ret;
if (strchr(filename, '/') == NULL) {
/* Bare name, so convert to "%s.so" or "lib%s.so" */
if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
ret = asprintf(&translated, "lib%s" DSO_ext, filename);
else
ret = asprintf(&translated, "%s" DSO_ext, filename);
if (ret == -1)
translated = NULL;
} else {
/* Full path, so just duplicate it */
translated = strdup(filename);
}
if (translated == NULL)
DSOerror(DSO_R_NAME_TRANSLATION_FAILED);
return (translated);
}
static int
dlfcn_pathbyaddr(void *addr, char *path, int sz)
{
Dl_info dli;
int len;
if (addr == NULL) {
union{
int(*f)(void*, char*, int);
void *p;
} t = { dlfcn_pathbyaddr };
addr = t.p;
}
if (dladdr(addr, &dli)) {
len = (int)strlen(dli.dli_fname);
if (sz <= 0)
return len + 1;
if (len >= sz)
len = sz - 1;
memcpy(path, dli.dli_fname, len);
path[len++] = 0;
return len;
}
ERR_asprintf_error_data("dlfcn_pathbyaddr(): %s", dlerror());
return -1;
}
static void *
dlfcn_globallookup(const char *name)
{
void *ret = NULL, *handle = dlopen(NULL, RTLD_LAZY);
if (handle) {
ret = dlsym(handle, name);
dlclose(handle);
}
return ret;
}
#endif /* DSO_DLFCN */

106
lib/libcrypto/dso/dso_err.c
View file

@ -1,106 +0,0 @@
/* $OpenBSD: dso_err.c,v 1.11 2023/07/08 07:22:58 beck Exp $ */
/* ====================================================================
* Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <stdio.h>
#include <openssl/opensslconf.h>
#include <openssl/err.h>
#include <openssl/dso.h>
#ifndef OPENSSL_NO_ERR
#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DSO,func,0)
#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DSO,0,reason)
static ERR_STRING_DATA DSO_str_functs[]= {
{ERR_FUNC(0xfff), "CRYPTO_internal"},
{0, NULL}
};
static ERR_STRING_DATA DSO_str_reasons[]= {
{ERR_REASON(DSO_R_CTRL_FAILED) , "control command failed"},
{ERR_REASON(DSO_R_DSO_ALREADY_LOADED) , "dso already loaded"},
{ERR_REASON(DSO_R_EMPTY_FILE_STRUCTURE) , "empty file structure"},
{ERR_REASON(DSO_R_FAILURE) , "failure"},
{ERR_REASON(DSO_R_FILENAME_TOO_BIG) , "filename too big"},
{ERR_REASON(DSO_R_FINISH_FAILED) , "cleanup method function failed"},
{ERR_REASON(DSO_R_INCORRECT_FILE_SYNTAX) , "incorrect file syntax"},
{ERR_REASON(DSO_R_LOAD_FAILED) , "could not load the shared library"},
{ERR_REASON(DSO_R_NAME_TRANSLATION_FAILED), "name translation failed"},
{ERR_REASON(DSO_R_NO_FILENAME) , "no filename"},
{ERR_REASON(DSO_R_NO_FILE_SPECIFICATION) , "no file specification"},
{ERR_REASON(DSO_R_NULL_HANDLE) , "a null shared library handle was used"},
{ERR_REASON(DSO_R_SET_FILENAME_FAILED) , "set filename failed"},
{ERR_REASON(DSO_R_STACK_ERROR) , "the meth_data stack is corrupt"},
{ERR_REASON(DSO_R_SYM_FAILURE) , "could not bind to the requested symbol name"},
{ERR_REASON(DSO_R_UNLOAD_FAILED) , "could not unload the shared library"},
{ERR_REASON(DSO_R_UNSUPPORTED) , "functionality not supported"},
{0, NULL}
};
#endif
void
ERR_load_DSO_strings(void)
{
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(DSO_str_functs[0].error) == NULL) {
ERR_load_strings(0, DSO_str_functs);
ERR_load_strings(0, DSO_str_reasons);
}
#endif
}
LCRYPTO_ALIAS(ERR_load_DSO_strings);

474
lib/libcrypto/dso/dso_lib.c
View file

@ -1,474 +0,0 @@
/* $OpenBSD: dso_lib.c,v 1.21 2023/07/08 07:22:58 beck Exp $ */
/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
* project 2000.
*/
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <stdio.h>
#include <string.h>
#include <openssl/crypto.h>
#include <openssl/dso.h>
#include <openssl/err.h>
static DSO_METHOD *default_DSO_meth = NULL;
DSO *
DSO_new(void)
{
return (DSO_new_method(NULL));
}
LCRYPTO_ALIAS(DSO_new);
void
DSO_set_default_method(DSO_METHOD *meth)
{
default_DSO_meth = meth;
}
LCRYPTO_ALIAS(DSO_set_default_method);
DSO_METHOD *
DSO_get_default_method(void)
{
return (default_DSO_meth);
}
LCRYPTO_ALIAS(DSO_get_default_method);
DSO_METHOD *
DSO_get_method(DSO *dso)
{
return (dso->meth);
}
LCRYPTO_ALIAS(DSO_get_method);
DSO_METHOD *
DSO_set_method(DSO *dso, DSO_METHOD *meth)
{
DSO_METHOD *mtmp;
mtmp = dso->meth;
dso->meth = meth;
return (mtmp);
}
LCRYPTO_ALIAS(DSO_set_method);
DSO *
DSO_new_method(DSO_METHOD *meth)
{
DSO *ret;
if (default_DSO_meth == NULL)
/* We default to DSO_METH_openssl() which in turn defaults
* to stealing the "best available" method. Will fallback
* to DSO_METH_null() in the worst case. */
default_DSO_meth = DSO_METHOD_openssl();
ret = calloc(1, sizeof(DSO));
if (ret == NULL) {
DSOerror(ERR_R_MALLOC_FAILURE);
return (NULL);
}
ret->meth_data = sk_void_new_null();
if (ret->meth_data == NULL) {
/* sk_new doesn't generate any errors so we do */
DSOerror(ERR_R_MALLOC_FAILURE);
free(ret);
return (NULL);
}
if (meth == NULL)
ret->meth = default_DSO_meth;
else
ret->meth = meth;
ret->references = 1;
if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
free(ret);
ret = NULL;
}
return (ret);
}
LCRYPTO_ALIAS(DSO_new_method);
int
DSO_free(DSO *dso)
{
int i;
if (dso == NULL) {
DSOerror(ERR_R_PASSED_NULL_PARAMETER);
return (0);
}
i = CRYPTO_add(&dso->references, -1, CRYPTO_LOCK_DSO);
if (i > 0)
return (1);
if ((dso->meth->dso_unload != NULL) && !dso->meth->dso_unload(dso)) {
DSOerror(DSO_R_UNLOAD_FAILED);
return (0);
}
if ((dso->meth->finish != NULL) && !dso->meth->finish(dso)) {
DSOerror(DSO_R_FINISH_FAILED);
return (0);
}
sk_void_free(dso->meth_data);
free(dso->filename);
free(dso->loaded_filename);
free(dso);
return (1);
}
LCRYPTO_ALIAS(DSO_free);
int
DSO_flags(DSO *dso)
{
return ((dso == NULL) ? 0 : dso->flags);
}
LCRYPTO_ALIAS(DSO_flags);
int
DSO_up_ref(DSO *dso)
{
int refs;
if (dso == NULL) {
DSOerror(ERR_R_PASSED_NULL_PARAMETER);
return (0);
}
refs = CRYPTO_add(&dso->references, 1, CRYPTO_LOCK_DSO);
return ((refs > 1) ? 1 : 0);
}
LCRYPTO_ALIAS(DSO_up_ref);
DSO *
DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags)
{
DSO *ret;
int allocated = 0;
if (dso == NULL) {
ret = DSO_new_method(meth);
if (ret == NULL) {
DSOerror(ERR_R_MALLOC_FAILURE);
goto err;
}
allocated = 1;
/* Pass the provided flags to the new DSO object */
if (DSO_ctrl(ret, DSO_CTRL_SET_FLAGS, flags, NULL) < 0) {
DSOerror(DSO_R_CTRL_FAILED);
goto err;
}
} else
ret = dso;
/* Don't load if we're currently already loaded */
if (ret->filename != NULL) {
DSOerror(DSO_R_DSO_ALREADY_LOADED);
goto err;
}
/* filename can only be NULL if we were passed a dso that already has
* one set. */
if (filename != NULL)
if (!DSO_set_filename(ret, filename)) {
DSOerror(DSO_R_SET_FILENAME_FAILED);
goto err;
}
filename = ret->filename;
if (filename == NULL) {
DSOerror(DSO_R_NO_FILENAME);
goto err;
}
if (ret->meth->dso_load == NULL) {
DSOerror(DSO_R_UNSUPPORTED);
goto err;
}
if (!ret->meth->dso_load(ret)) {
DSOerror(DSO_R_LOAD_FAILED);
goto err;
}
/* Load succeeded */
return (ret);
err:
if (allocated)
DSO_free(ret);
return (NULL);
}
LCRYPTO_ALIAS(DSO_load);
void *
DSO_bind_var(DSO *dso, const char *symname)
{
void *ret = NULL;
if ((dso == NULL) || (symname == NULL)) {
DSOerror(ERR_R_PASSED_NULL_PARAMETER);
return (NULL);
}
if (dso->meth->dso_bind_var == NULL) {
DSOerror(DSO_R_UNSUPPORTED);
return (NULL);
}
if ((ret = dso->meth->dso_bind_var(dso, symname)) == NULL) {
DSOerror(DSO_R_SYM_FAILURE);
return (NULL);
}
/* Success */
return (ret);
}
LCRYPTO_ALIAS(DSO_bind_var);
DSO_FUNC_TYPE
DSO_bind_func(DSO *dso, const char *symname)
{
DSO_FUNC_TYPE ret = NULL;
if ((dso == NULL) || (symname == NULL)) {
DSOerror(ERR_R_PASSED_NULL_PARAMETER);
return (NULL);
}
if (dso->meth->dso_bind_func == NULL) {
DSOerror(DSO_R_UNSUPPORTED);
return (NULL);
}
if ((ret = dso->meth->dso_bind_func(dso, symname)) == NULL) {
DSOerror(DSO_R_SYM_FAILURE);
return (NULL);
}
/* Success */
return (ret);
}
LCRYPTO_ALIAS(DSO_bind_func);
/* I don't really like these *_ctrl functions very much to be perfectly
* honest. For one thing, I think I have to return a negative value for
* any error because possible DSO_ctrl() commands may return values
* such as "size"s that can legitimately be zero (making the standard
* "if(DSO_cmd(...))" form that works almost everywhere else fail at
* odd times. I'd prefer "output" values to be passed by reference and
* the return value as success/failure like usual ... but we conform
* when we must... :-) */
long
DSO_ctrl(DSO *dso, int cmd, long larg, void *parg)
{
if (dso == NULL) {
DSOerror(ERR_R_PASSED_NULL_PARAMETER);
return (-1);
}
/* We should intercept certain generic commands and only pass control
* to the method-specific ctrl() function if it's something we don't
* handle. */
switch (cmd) {
case DSO_CTRL_GET_FLAGS:
return dso->flags;
case DSO_CTRL_SET_FLAGS:
dso->flags = (int)larg;
return (0);
case DSO_CTRL_OR_FLAGS:
dso->flags |= (int)larg;
return (0);
default:
break;
}
if ((dso->meth == NULL) || (dso->meth->dso_ctrl == NULL)) {
DSOerror(DSO_R_UNSUPPORTED);
return (-1);
}
return (dso->meth->dso_ctrl(dso, cmd, larg, parg));
}
LCRYPTO_ALIAS(DSO_ctrl);
int
DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb,
DSO_NAME_CONVERTER_FUNC *oldcb)
{
if (dso == NULL) {
DSOerror(ERR_R_PASSED_NULL_PARAMETER);
return (0);
}
if (oldcb)
*oldcb = dso->name_converter;
dso->name_converter = cb;
return (1);
}
LCRYPTO_ALIAS(DSO_set_name_converter);
const char *
DSO_get_filename(DSO *dso)
{
if (dso == NULL) {
DSOerror(ERR_R_PASSED_NULL_PARAMETER);
return (NULL);
}
return (dso->filename);
}
LCRYPTO_ALIAS(DSO_get_filename);
int
DSO_set_filename(DSO *dso, const char *filename)
{
char *copied;
if ((dso == NULL) || (filename == NULL)) {
DSOerror(ERR_R_PASSED_NULL_PARAMETER);
return (0);
}
if (dso->loaded_filename) {
DSOerror(DSO_R_DSO_ALREADY_LOADED);
return (0);
}
/* We'll duplicate filename */
copied = strdup(filename);
if (copied == NULL) {
DSOerror(ERR_R_MALLOC_FAILURE);
return (0);
}
free(dso->filename);
dso->filename = copied;
return (1);
}
LCRYPTO_ALIAS(DSO_set_filename);
char *
DSO_merge(DSO *dso, const char *filespec1, const char *filespec2)
{
char *result = NULL;
if (dso == NULL || filespec1 == NULL) {
DSOerror(ERR_R_PASSED_NULL_PARAMETER);
return (NULL);
}
if ((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0) {
if (dso->merger != NULL)
result = dso->merger(dso, filespec1, filespec2);
else if (dso->meth->dso_merger != NULL)
result = dso->meth->dso_merger(dso,
filespec1, filespec2);
}
return (result);
}
LCRYPTO_ALIAS(DSO_merge);
char *
DSO_convert_filename(DSO *dso, const char *filename)
{
char *result = NULL;
if (dso == NULL) {
DSOerror(ERR_R_PASSED_NULL_PARAMETER);
return (NULL);
}
if (filename == NULL)
filename = dso->filename;
if (filename == NULL) {
DSOerror(DSO_R_NO_FILENAME);
return (NULL);
}
if ((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0) {
if (dso->name_converter != NULL)
result = dso->name_converter(dso, filename);
else if (dso->meth->dso_name_converter != NULL)
result = dso->meth->dso_name_converter(dso, filename);
}
if (result == NULL) {
result = strdup(filename);
if (result == NULL) {
DSOerror(ERR_R_MALLOC_FAILURE);
return (NULL);
}
}
return (result);
}
LCRYPTO_ALIAS(DSO_convert_filename);
const char *
DSO_get_loaded_filename(DSO *dso)
{
if (dso == NULL) {
DSOerror(ERR_R_PASSED_NULL_PARAMETER);
return (NULL);
}
return (dso->loaded_filename);
}
LCRYPTO_ALIAS(DSO_get_loaded_filename);
int
DSO_pathbyaddr(void *addr, char *path, int sz)
{
DSO_METHOD *meth = default_DSO_meth;
if (meth == NULL)
meth = DSO_METHOD_openssl();
if (meth->pathbyaddr == NULL) {
DSOerror(DSO_R_UNSUPPORTED);
return -1;
}
return (*meth->pathbyaddr)(addr, path, sz);
}
LCRYPTO_ALIAS(DSO_pathbyaddr);
void *
DSO_global_lookup(const char *name)
{
DSO_METHOD *meth = default_DSO_meth;
if (meth == NULL)
meth = DSO_METHOD_openssl();
if (meth->globallookup == NULL) {
DSOerror(DSO_R_UNSUPPORTED);
return NULL;
}
return (*meth->globallookup)(name);
}
LCRYPTO_ALIAS(DSO_global_lookup);

75
lib/libcrypto/dso/dso_null.c
View file

@ -1,75 +0,0 @@
/* $OpenBSD: dso_null.c,v 1.8 2023/07/08 07:22:58 beck Exp $ */
/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
* project 2000.
*/
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/* This "NULL" method is provided as the fallback for systems that have
* no appropriate support for "shared-libraries". */
#include <stdio.h>
#include <openssl/dso.h>
static DSO_METHOD dso_meth_null = {
.name = "NULL shared library method"
};
DSO_METHOD *
DSO_METHOD_null(void)
{
return (&dso_meth_null);
}
LCRYPTO_ALIAS(DSO_METHOD_null);

76
lib/libcrypto/dso/dso_openssl.c
View file

@ -1,76 +0,0 @@
/* $OpenBSD: dso_openssl.c,v 1.7 2023/07/08 07:22:58 beck Exp $ */
/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
* project 2000.
*/
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <stdio.h>
#include <openssl/dso.h>
/* We just pinch the method from an appropriate "default" method. */
DSO_METHOD *
DSO_METHOD_openssl(void)
{
#ifdef DEF_DSO_METHOD
return (DEF_DSO_METHOD());
#elif defined(DSO_DLFCN)
return (DSO_METHOD_dlfcn());
#else
return (DSO_METHOD_null());
#endif
}
LCRYPTO_ALIAS(DSO_METHOD_openssl);

65
lib/libcrypto/ec/ec.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ec.h,v 1.42 2023/07/05 17:10:10 tb Exp $ */
/* $OpenBSD: ec.h,v 1.45 2023/07/28 09:28:37 tb Exp $ */
/*
* Originally written by Bodo Moeller for the OpenSSL project.
*/
@ -326,6 +326,36 @@ void EC_KEY_set_default_method(const EC_KEY_METHOD *meth);
const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
EC_KEY *EC_KEY_new_method(ENGINE *engine);
int ECDH_size(const EC_KEY *ecdh);
int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
EC_KEY *ecdh,
void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
typedef struct ECDSA_SIG_st ECDSA_SIG;
ECDSA_SIG *ECDSA_SIG_new(void);
void ECDSA_SIG_free(ECDSA_SIG *sig);
int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig);
const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig);
void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
int ECDSA_size(const EC_KEY *eckey);
ECDSA_SIG *ECDSA_do_sign(const unsigned char *digest, int digest_len,
EC_KEY *eckey);
int ECDSA_do_verify(const unsigned char *digest, int digest_len,
const ECDSA_SIG *sig, EC_KEY *eckey);
int ECDSA_sign(int type, const unsigned char *digest, int digest_len,
unsigned char *signature, unsigned int *signature_len, EC_KEY *eckey);
int ECDSA_verify(int type, const unsigned char *digest, int digest_len,
const unsigned char *signature, int signature_len, EC_KEY *eckey);
EC_KEY_METHOD *EC_KEY_METHOD_new(const EC_KEY_METHOD *meth);
void EC_KEY_METHOD_free(EC_KEY_METHOD *meth);
void EC_KEY_METHOD_set_init(EC_KEY_METHOD *meth,
@ -338,8 +368,20 @@ void EC_KEY_METHOD_set_init(EC_KEY_METHOD *meth,
void EC_KEY_METHOD_set_keygen(EC_KEY_METHOD *meth,
int (*keygen)(EC_KEY *key));
void EC_KEY_METHOD_set_compute_key(EC_KEY_METHOD *meth,
int (*ckey)(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen)));
int (*ckey)(unsigned char **out, size_t *out_len, const EC_POINT *pub_key,
const EC_KEY *ecdh));
void EC_KEY_METHOD_set_sign(EC_KEY_METHOD *meth,
int (*sign)(int type, const unsigned char *digest, int digest_len,
unsigned char *signature, unsigned int *signature_len,
const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey),
int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp),
ECDSA_SIG *(*sign_sig)(const unsigned char *digest, int digest_len,
const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey));
void EC_KEY_METHOD_set_verify(EC_KEY_METHOD *meth,
int (*verify)(int type, const unsigned char *digest, int digest_len,
const unsigned char *signature, int signature_len, EC_KEY *eckey),
int (*verify_sig)(const unsigned char *digest, int digest_len,
const ECDSA_SIG *sig, EC_KEY *eckey));
void EC_KEY_METHOD_get_init(const EC_KEY_METHOD *meth,
int (**pinit)(EC_KEY *key),
void (**pfinish)(EC_KEY *key),
@ -350,8 +392,20 @@ void EC_KEY_METHOD_get_init(const EC_KEY_METHOD *meth,
void EC_KEY_METHOD_get_keygen(const EC_KEY_METHOD *meth,
int (**pkeygen)(EC_KEY *key));
void EC_KEY_METHOD_get_compute_key(const EC_KEY_METHOD *meth,
int (**pck)(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen)));
int (**pck)(unsigned char **out, size_t *out_len, const EC_POINT *pub_key,
const EC_KEY *ecdh));
void EC_KEY_METHOD_get_sign(const EC_KEY_METHOD *meth,
int (**psign)(int type, const unsigned char *digest, int digest_len,
unsigned char *signature, unsigned int *signature_len,
const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey),
int (**psign_setup)(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp),
ECDSA_SIG *(**psign_sig)(const unsigned char *digest, int digest_len,
const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey));
void EC_KEY_METHOD_get_verify(const EC_KEY_METHOD *meth,
int (**pverify)(int type, const unsigned char *digest, int digest_len,
const unsigned char *signature, int signature_len, EC_KEY *eckey),
int (**pverify_sig)(const unsigned char *digest, int digest_len,
const ECDSA_SIG *sig, EC_KEY *eckey));
EC_KEY *ECParameters_dup(EC_KEY *key);
@ -630,6 +684,7 @@ void ERR_load_EC_strings(void);
#define EC_R_INVALID_FORM 104
#define EC_R_INVALID_GROUP_ORDER 122
#define EC_R_INVALID_KEY 165
#define EC_R_INVALID_OUTPUT_LENGTH 171
#define EC_R_INVALID_PEER_KEY 152
#define EC_R_INVALID_PENTANOMIAL_BASIS 132
#define EC_R_INVALID_PRIVATE_KEY 123

3
lib/libcrypto/ec/ec_err.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ec_err.c,v 1.17 2023/07/07 13:54:45 beck Exp $ */
/* $OpenBSD: ec_err.c,v 1.18 2023/07/28 09:28:37 tb Exp $ */
/* ====================================================================
* Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
@ -98,6 +98,7 @@ static ERR_STRING_DATA EC_str_reasons[] =
{ERR_REASON(EC_R_INVALID_FORM), "invalid form"},
{ERR_REASON(EC_R_INVALID_GROUP_ORDER), "invalid group order"},
{ERR_REASON(EC_R_INVALID_KEY), "invalid key"},
{ERR_REASON(EC_R_INVALID_OUTPUT_LENGTH), "invalid output length"},
{ERR_REASON(EC_R_INVALID_PEER_KEY), "invalid peer key"},
{ERR_REASON(EC_R_INVALID_PENTANOMIAL_BASIS), "invalid pentanomial basis"},
{ERR_REASON(EC_R_INVALID_PRIVATE_KEY), "invalid private key"},

10
lib/libcrypto/ec/ec_kmeth.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ec_kmeth.c,v 1.11 2023/07/07 13:54:45 beck Exp $ */
/* $OpenBSD: ec_kmeth.c,v 1.12 2023/07/28 09:28:37 tb Exp $ */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
@ -238,8 +238,8 @@ LCRYPTO_ALIAS(EC_KEY_METHOD_set_keygen);
void
EC_KEY_METHOD_set_compute_key(EC_KEY_METHOD *meth,
int (*ckey)(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen)))
int (*ckey)(unsigned char **out, size_t *out_len, const EC_POINT *pub_key,
const EC_KEY *ecdh))
{
meth->compute_key = ckey;
}
@ -310,8 +310,8 @@ LCRYPTO_ALIAS(EC_KEY_METHOD_get_keygen);
void
EC_KEY_METHOD_get_compute_key(const EC_KEY_METHOD *meth,
int (**pck)(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen)))
int (**pck)(unsigned char **out, size_t *out_len, const EC_POINT *pub_key,
const EC_KEY *ecdh))
{
if (pck != NULL)
*pck = meth->compute_key;

11
lib/libcrypto/ec/ec_local.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ec_local.h,v 1.24 2023/07/05 08:39:40 tb Exp $ */
/* $OpenBSD: ec_local.h,v 1.26 2023/07/28 15:50:33 tb Exp $ */
/*
* Originally written by Bodo Moeller for the OpenSSL project.
*/
@ -73,7 +73,6 @@
#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/ecdsa.h>
#include <openssl/objects.h>
#include "bn_local.h"
@ -323,8 +322,8 @@ struct ec_key_method_st {
int (*set_private)(EC_KEY *key, const BIGNUM *priv_key);
int (*set_public)(EC_KEY *key, const EC_POINT *pub_key);
int (*keygen)(EC_KEY *key);
int (*compute_key)(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen));
int (*compute_key)(unsigned char **out, size_t *out_len,
const EC_POINT *pub_key, const EC_KEY *ecdh);
int (*sign)(int type, const unsigned char *dgst, int dlen, unsigned char
*sig, unsigned int *siglen, const BIGNUM *kinv,
const BIGNUM *r, EC_KEY *eckey);
@ -342,8 +341,8 @@ struct ec_key_method_st {
#define EC_KEY_METHOD_DYNAMIC 1
int ec_key_gen(EC_KEY *eckey);
int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen));
int ecdh_compute_key(unsigned char **out, size_t *out_len,
const EC_POINT *pub_key, const EC_KEY *ecdh);
int ecdsa_verify(int type, const unsigned char *dgst, int dgst_len,
const unsigned char *sigbuf, int sig_len, EC_KEY *eckey);
int ecdsa_verify_sig(const unsigned char *dgst, int dgst_len,

3
lib/libcrypto/ec/ec_pmeth.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ec_pmeth.c,v 1.18 2023/06/25 19:26:04 tb Exp $ */
/* $OpenBSD: ec_pmeth.c,v 1.19 2023/07/28 15:50:33 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
@ -61,7 +61,6 @@
#include <openssl/asn1t.h>
#include <openssl/ec.h>
#include <openssl/ecdsa.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/x509.h>

99
lib/libcrypto/ecdh/ecdh.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ecdh.c,v 1.6 2023/07/24 17:08:53 tb Exp $ */
/* $OpenBSD: ecdh.c,v 1.10 2023/07/28 09:31:21 tb Exp $ */
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
@ -71,11 +71,8 @@
#include <stdlib.h>
#include <string.h>
#include <openssl/opensslconf.h>
#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/ecdh.h>
#include <openssl/err.h>
#include <openssl/evp.h>
@ -145,10 +142,9 @@ ecdh_KDF_X9_63(unsigned char *out, size_t outlen, const unsigned char *Z,
/*
* Based on the ECKAS-DH1 and ECSVDP-DH primitives in the IEEE 1363 standard.
*/
/* XXX - KDF handling moved to ECDH_compute_key(). See OpenSSL e2285d87. */
int
ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen))
ecdh_compute_key(unsigned char **out, size_t *out_len, const EC_POINT *pub_key,
const EC_KEY *ecdh)
{
BN_CTX *ctx;
BIGNUM *x;
@ -156,14 +152,11 @@ ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh
const EC_GROUP *group;
EC_POINT *point = NULL;
unsigned char *buf = NULL;
int buflen;
int ret = -1;
int buf_len = 0;
int ret = 0;
if (outlen > INT_MAX) {
/* Sort of, anyway. */
ECerror(ERR_R_MALLOC_FAILURE);
return -1;
}
*out = NULL;
*out_len = 0;
if ((ctx = BN_CTX_new()) == NULL)
goto err;
@ -199,56 +192,84 @@ ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh
goto err;
}
if ((buflen = ECDH_size(ecdh)) < BN_num_bytes(x)) {
if ((buf_len = ECDH_size(ecdh)) < BN_num_bytes(x)) {
ECerror(ERR_R_INTERNAL_ERROR);
goto err;
}
if (KDF == NULL && outlen < buflen) {
/* The resulting key would be truncated. */
ECerror(EC_R_KEY_TRUNCATION);
goto err;
}
if ((buf = malloc(buflen)) == NULL) {
if ((buf = calloc(1, buf_len)) == NULL) {
ECerror(ERR_R_MALLOC_FAILURE);
goto err;
}
if (BN_bn2binpad(x, buf, buflen) != buflen) {
if (BN_bn2binpad(x, buf, buf_len) != buf_len) {
ECerror(ERR_R_BN_LIB);
goto err;
}
if (KDF != NULL) {
if (KDF(buf, buflen, out, &outlen) == NULL) {
ECerror(EC_R_KDF_FAILED);
goto err;
}
} else {
memset(out, 0, outlen);
if (outlen > buflen)
outlen = buflen;
memcpy(out, buf, outlen);
}
*out = buf;
*out_len = buf_len;
buf = NULL;
buf_len = 0;
ret = 1;
ret = outlen;
err:
EC_POINT_free(point);
BN_CTX_end(ctx);
BN_CTX_free(ctx);
free(buf);
freezero(buf, buf_len);
return ret;
}
int
ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
ECDH_compute_key(void *out, size_t out_len, const EC_POINT *pub_key,
EC_KEY *eckey,
void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen))
void *(*KDF)(const void *in, size_t inlen, void *out, size_t *out_len))
{
unsigned char *secret = NULL;
size_t secret_len = 0;
int ret = 0;
if (eckey->meth->compute_key == NULL) {
ECerror(EC_R_NOT_IMPLEMENTED);
return 0;
goto err;
}
return eckey->meth->compute_key(out, outlen, pub_key, eckey, KDF);
if (out_len > INT_MAX) {
ECerror(EC_R_INVALID_OUTPUT_LENGTH);
goto err;
}
if (!eckey->meth->compute_key(&secret, &secret_len, pub_key, eckey))
goto err;
memset(out, 0, out_len);
if (KDF != NULL) {
if (KDF(secret, secret_len, out, &out_len) == NULL) {
ECerror(EC_R_KDF_FAILED);
goto err;
}
} else {
if (out_len < secret_len) {
/* The resulting key would be truncated. */
ECerror(EC_R_KEY_TRUNCATION);
goto err;
}
out_len = secret_len;
memcpy(out, secret, out_len);
}
if (out_len > INT_MAX) {
ECerror(EC_R_INVALID_OUTPUT_LENGTH);
goto err;
}
ret = out_len;
err:
freezero(secret, secret_len);
return ret;
}
LCRYPTO_ALIAS(ECDH_compute_key);

122
lib/libcrypto/ecdh/ecdh.h
View file

@ -1,122 +1,6 @@
/* $OpenBSD: ecdh.h,v 1.7 2023/04/18 08:33:43 tb Exp $ */
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
* The Elliptic Curve Public-Key Crypto Library (ECC Code) included
* herein is developed by SUN MICROSYSTEMS, INC., and is contributed
* to the OpenSSL project.
*
* The ECC Code is licensed pursuant to the OpenSSL open source
* license provided below.
*
* The ECDH software is originally written by Douglas Stebila of
* Sun Microsystems Laboratories.
*
/* $OpenBSD: ecdh.h,v 1.10 2023/07/28 09:25:12 tb Exp $ */
/*
* Public domain.
*/
/* ====================================================================
* Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#ifndef HEADER_ECDH_H
#define HEADER_ECDH_H
#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_ECDH
#error ECDH is disabled.
#endif
#include <openssl/ec.h>
#include <openssl/ossl_typ.h>
#include <openssl/bn.h>
#ifdef __cplusplus
extern "C" {
#endif
const ECDH_METHOD *ECDH_OpenSSL(void);
void ECDH_set_default_method(const ECDH_METHOD *);
const ECDH_METHOD *ECDH_get_default_method(void);
int ECDH_set_method(EC_KEY *, const ECDH_METHOD *);
int ECDH_size(const EC_KEY *ecdh);
int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
EC_KEY *ecdh,
void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
*new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg);
void *ECDH_get_ex_data(EC_KEY *d, int idx);
void ERR_load_ECDH_strings(void);
/* Error codes for the ECDH functions. */
/* Function codes. */
#define ECDH_F_ECDH_CHECK 102
#define ECDH_F_ECDH_COMPUTE_KEY 100
#define ECDH_F_ECDH_DATA_NEW_METHOD 101
/* Reason codes. */
#define ECDH_R_KDF_FAILED 102
#define ECDH_R_KEY_TRUNCATION 104
#define ECDH_R_NON_FIPS_METHOD 103
#define ECDH_R_NO_PRIVATE_VALUE 100
#define ECDH_R_POINT_ARITHMETIC_FAILURE 101
#ifdef __cplusplus
}
#endif
#endif

94
lib/libcrypto/ecdh/ech_err.c
View file

@ -1,94 +0,0 @@
/* $OpenBSD: ech_err.c,v 1.8 2023/07/07 13:54:45 beck Exp $ */
/* ====================================================================
* Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <stdio.h>
#include <openssl/opensslconf.h>
#include <openssl/err.h>
#include <openssl/ecdh.h>
#ifndef OPENSSL_NO_ERR
#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ECDH,func,0)
#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ECDH,0,reason)
static ERR_STRING_DATA ECDH_str_functs[]= {
{ERR_FUNC(0xfff), "CRYPTO_internal"},
{0, NULL}
};
static ERR_STRING_DATA ECDH_str_reasons[]= {
{ERR_REASON(ECDH_R_KDF_FAILED) , "KDF failed"},
{ERR_REASON(ECDH_R_KEY_TRUNCATION), "key would be truncated"},
{ERR_REASON(ECDH_R_NON_FIPS_METHOD) , "non fips method"},
{ERR_REASON(ECDH_R_NO_PRIVATE_VALUE) , "no private value"},
{ERR_REASON(ECDH_R_POINT_ARITHMETIC_FAILURE), "point arithmetic failure"},
{0, NULL}
};
#endif
void
ERR_load_ECDH_strings(void)
{
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(ECDH_str_functs[0].error) == NULL) {
ERR_load_strings(0, ECDH_str_functs);
ERR_load_strings(0, ECDH_str_reasons);
}
#endif
}
LCRYPTO_ALIAS(ERR_load_ECDH_strings);

147
lib/libcrypto/ecdh/ech_lib.c
View file

@ -1,147 +0,0 @@
/* $OpenBSD: ech_lib.c,v 1.24 2023/07/07 13:54:45 beck Exp $ */
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
* The Elliptic Curve Public-Key Crypto Library (ECC Code) included
* herein is developed by SUN MICROSYSTEMS, INC., and is contributed
* to the OpenSSL project.
*
* The ECC Code is licensed pursuant to the OpenSSL open source
* license provided below.
*
* The ECDH software is originally written by Douglas Stebila of
* Sun Microsystems Laboratories.
*
*/
/* ====================================================================
* Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <string.h>
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#include <openssl/err.h>
#include "ec_local.h"
struct ecdh_method {
const char *name;
int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
int flags;
char *app_data;
};
static const ECDH_METHOD *default_ECDH_method = NULL;
static const ECDH_METHOD openssl_ecdh_meth = {
.name = "OpenSSL ECDH method",
.compute_key = ecdh_compute_key,
};
const ECDH_METHOD *
ECDH_OpenSSL(void)
{
return &openssl_ecdh_meth;
}
LCRYPTO_ALIAS(ECDH_OpenSSL);
void
ECDH_set_default_method(const ECDH_METHOD *meth)
{
default_ECDH_method = meth;
}
LCRYPTO_ALIAS(ECDH_set_default_method);
const ECDH_METHOD *
ECDH_get_default_method(void)
{
if (!default_ECDH_method) {
default_ECDH_method = ECDH_OpenSSL();
}
return default_ECDH_method;
}
LCRYPTO_ALIAS(ECDH_get_default_method);
int
ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
{
return 0;
}
LCRYPTO_ALIAS(ECDH_set_method);
int
ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
return -1;
}
LCRYPTO_ALIAS(ECDH_get_ex_new_index);
int
ECDH_set_ex_data(EC_KEY *d, int idx, void *arg)
{
return 0;
}
LCRYPTO_ALIAS(ECDH_set_ex_data);
void *
ECDH_get_ex_data(EC_KEY *d, int idx)
{
return NULL;
}
LCRYPTO_ALIAS(ECDH_get_ex_data);

165
lib/libcrypto/ecdsa/ecdsa.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ecdsa.c,v 1.12 2023/07/10 19:10:51 tb Exp $ */
/* $OpenBSD: ecdsa.c,v 1.16 2023/07/28 09:18:10 tb Exp $ */
/* ====================================================================
* Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved.
*
@ -57,15 +57,11 @@
#include <stdlib.h>
#include <string.h>
#include <openssl/opensslconf.h>
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/bn.h>
#include <openssl/ecdsa.h>
#include <openssl/ec.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include "bn_local.h"
#include "ec_local.h"
@ -225,11 +221,16 @@ ecdsa_sign(int type, const unsigned char *digest, int digest_len,
unsigned char *signature, unsigned int *signature_len, const BIGNUM *kinv,
const BIGNUM *r, EC_KEY *key)
{
ECDSA_SIG *sig;
ECDSA_SIG *sig = NULL;
int out_len = 0;
int ret = 0;
if ((sig = ECDSA_do_sign_ex(digest, digest_len, kinv, r, key)) == NULL)
if (kinv != NULL || r != NULL) {
ECerror(EC_R_NOT_IMPLEMENTED);
goto err;
}
if ((sig = ECDSA_do_sign(digest, digest_len, key)) == NULL)
goto err;
if ((out_len = i2d_ECDSA_SIG(sig, &signature)) < 0) {
@ -246,6 +247,19 @@ ecdsa_sign(int type, const unsigned char *digest, int digest_len,
return ret;
}
int
ECDSA_sign(int type, const unsigned char *digest, int digest_len,
unsigned char *signature, unsigned int *signature_len, EC_KEY *key)
{
if (key->meth->sign == NULL) {
ECerror(EC_R_NOT_IMPLEMENTED);
return 0;
}
return key->meth->sign(type, digest, digest_len, signature,
signature_len, NULL, NULL, key);
}
LCRYPTO_ALIAS(ECDSA_sign);
/*
* FIPS 186-5, section 6.4.1, steps 3-8 and 11: Generate k, calculate r and
* kinv. If r == 0, try again with a new random k.
@ -391,6 +405,17 @@ ecdsa_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv, BIGNUM **out_r)
return ret;
}
static int
ECDSA_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv,
BIGNUM **out_r)
{
if (key->meth->sign_setup == NULL) {
ECerror(EC_R_NOT_IMPLEMENTED);
return 0;
}
return key->meth->sign_setup(key, in_ctx, out_kinv, out_r);
}
/*
* FIPS 186-5, section 6.4.1, step 9: compute s = inv(k)(e + xr) mod order.
* In order to reduce the possibility of a side-channel attack, the following
@ -519,10 +544,14 @@ ecdsa_sign_sig(const unsigned char *digest, int digest_len,
BN_CTX *ctx = NULL;
BIGNUM *kinv = NULL, *r = NULL, *s = NULL;
BIGNUM *e;
int caller_supplied_values = 0;
int attempts = 0;
ECDSA_SIG *sig = NULL;
if (in_kinv != NULL || in_r != NULL) {
ECerror(EC_R_NOT_IMPLEMENTED);
goto err;
}
if ((ctx = BN_CTX_new()) == NULL) {
ECerror(ERR_R_MALLOC_FAILURE);
goto err;
@ -537,31 +566,11 @@ ecdsa_sign_sig(const unsigned char *digest, int digest_len,
if (!ecdsa_prepare_digest(digest, digest_len, key, e))
goto err;
if (in_kinv != NULL && in_r != NULL) {
/*
* Use the caller's kinv and r. Don't call ECDSA_sign_setup().
* If we're unable to compute a valid signature, the caller
* must provide new values.
*/
caller_supplied_values = 1;
if ((kinv = BN_dup(in_kinv)) == NULL) {
ECerror(ERR_R_MALLOC_FAILURE);
goto err;
}
if ((r = BN_dup(in_r)) == NULL) {
ECerror(ERR_R_MALLOC_FAILURE);
goto err;
}
}
do {
/* Steps 3-8: calculate kinv and r. */
if (!caller_supplied_values) {
if (!ECDSA_sign_setup(key, ctx, &kinv, &r)) {
ECerror(ERR_R_EC_LIB);
goto err;
}
if (!ECDSA_sign_setup(key, ctx, &kinv, &r)) {
ECerror(ERR_R_EC_LIB);
goto err;
}
/*
@ -572,11 +581,6 @@ ecdsa_sign_sig(const unsigned char *digest, int digest_len,
if (s != NULL)
break;
if (caller_supplied_values) {
ECerror(EC_R_NEED_NEW_SETUP_VALUES);
goto err;
}
if (++attempts > ECDSA_MAX_SIGN_ITERATIONS) {
ECerror(EC_R_WRONG_CURVE_PARAMETERS);
goto err;
@ -605,6 +609,17 @@ ecdsa_sign_sig(const unsigned char *digest, int digest_len,
return sig;
}
ECDSA_SIG *
ECDSA_do_sign(const unsigned char *digest, int digest_len, EC_KEY *key)
{
if (key->meth->sign_sig == NULL) {
ECerror(EC_R_NOT_IMPLEMENTED);
return 0;
}
return key->meth->sign_sig(digest, digest_len, NULL, NULL, key);
}
LCRYPTO_ALIAS(ECDSA_do_sign);
int
ecdsa_verify(int type, const unsigned char *digest, int digest_len,
const unsigned char *sigbuf, int sig_len, EC_KEY *key)
@ -637,6 +652,18 @@ ecdsa_verify(int type, const unsigned char *digest, int digest_len,
return ret;
}
int
ECDSA_verify(int type, const unsigned char *digest, int digest_len,
const unsigned char *sigbuf, int sig_len, EC_KEY *key)
{
if (key->meth->verify == NULL) {
ECerror(EC_R_NOT_IMPLEMENTED);
return 0;
}
return key->meth->verify(type, digest, digest_len, sigbuf, sig_len, key);
}
LCRYPTO_ALIAS(ECDSA_verify);
/*
* FIPS 186-5, section 6.4.2: ECDSA signature verification.
* The caller provides us with the hash of the message, so has performed step 2.
@ -755,60 +782,6 @@ ecdsa_verify_sig(const unsigned char *digest, int digest_len,
return ret;
}
ECDSA_SIG *
ECDSA_do_sign(const unsigned char *digest, int digest_len, EC_KEY *key)
{
return ECDSA_do_sign_ex(digest, digest_len, NULL, NULL, key);
}
LCRYPTO_ALIAS(ECDSA_do_sign);
ECDSA_SIG *
ECDSA_do_sign_ex(const unsigned char *digest, int digest_len,
const BIGNUM *kinv, const BIGNUM *out_r, EC_KEY *key)
{
if (key->meth->sign_sig == NULL) {
ECerror(EC_R_NOT_IMPLEMENTED);
return 0;
}
return key->meth->sign_sig(digest, digest_len, kinv, out_r, key);
}
LCRYPTO_ALIAS(ECDSA_do_sign_ex);
int
ECDSA_sign(int type, const unsigned char *digest, int digest_len,
unsigned char *signature, unsigned int *signature_len, EC_KEY *key)
{
return ECDSA_sign_ex(type, digest, digest_len, signature, signature_len,
NULL, NULL, key);
}
LCRYPTO_ALIAS(ECDSA_sign);
int
ECDSA_sign_ex(int type, const unsigned char *digest, int digest_len,
unsigned char *signature, unsigned int *signature_len, const BIGNUM *kinv,
const BIGNUM *r, EC_KEY *key)
{
if (key->meth->sign == NULL) {
ECerror(EC_R_NOT_IMPLEMENTED);
return 0;
}
return key->meth->sign(type, digest, digest_len, signature,
signature_len, kinv, r, key);
}
LCRYPTO_ALIAS(ECDSA_sign_ex);
int
ECDSA_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv,
BIGNUM **out_r)
{
if (key->meth->sign_setup == NULL) {
ECerror(EC_R_NOT_IMPLEMENTED);
return 0;
}
return key->meth->sign_setup(key, in_ctx, out_kinv, out_r);
}
LCRYPTO_ALIAS(ECDSA_sign_setup);
int
ECDSA_do_verify(const unsigned char *digest, int digest_len,
const ECDSA_SIG *sig, EC_KEY *key)
@ -820,15 +793,3 @@ ECDSA_do_verify(const unsigned char *digest, int digest_len,
return key->meth->verify_sig(digest, digest_len, sig, key);
}
LCRYPTO_ALIAS(ECDSA_do_verify);
int
ECDSA_verify(int type, const unsigned char *digest, int digest_len,
const unsigned char *sigbuf, int sig_len, EC_KEY *key)
{
if (key->meth->verify == NULL) {
ECerror(EC_R_NOT_IMPLEMENTED);
return 0;
}
return key->meth->verify(type, digest, digest_len, sigbuf, sig_len, key);
}
LCRYPTO_ALIAS(ECDSA_verify);

189
lib/libcrypto/ecdsa/ecdsa.h
View file

@ -1,191 +1,6 @@
/* $OpenBSD: ecdsa.h,v 1.16 2023/06/19 09:12:41 tb Exp $ */
/* $OpenBSD: ecdsa.h,v 1.20 2023/07/28 09:16:17 tb Exp $ */
/*
* Written by Nils Larsch for the OpenSSL project
* Public domain.
*/
/* ====================================================================
* Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#ifndef HEADER_ECDSA_H
#define HEADER_ECDSA_H
#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_ECDSA
#error ECDSA is disabled.
#endif
#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/ossl_typ.h>
#ifdef __cplusplus
extern "C" {
#endif
typedef struct ECDSA_SIG_st ECDSA_SIG;
struct ecdsa_method {
const char *name;
ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len,
const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey);
int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
BIGNUM **r);
int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len,
const ECDSA_SIG *sig, EC_KEY *eckey);
int flags;
char *app_data;
};
/*
* If this flag is set, the ECDSA method is FIPS compliant and can be used
* in FIPS mode. This is set in the validated module method. If an
* application sets this flag in its own methods it is its responsibility
* to ensure the result is compliant.
*/
#define ECDSA_FLAG_FIPS_METHOD 0x1
ECDSA_SIG *ECDSA_SIG_new(void);
void ECDSA_SIG_free(ECDSA_SIG *sig);
int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig);
const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig);
int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
EC_KEY *eckey);
ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);
int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
const ECDSA_SIG *sig, EC_KEY* eckey);
const ECDSA_METHOD *ECDSA_OpenSSL(void);
void ECDSA_set_default_method(const ECDSA_METHOD *meth);
const ECDSA_METHOD *ECDSA_get_default_method(void);
int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth);
int ECDSA_size(const EC_KEY *eckey);
int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
BIGNUM **rp);
int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv,
const BIGNUM *rp, EC_KEY *eckey);
int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
const unsigned char *sig, int siglen, EC_KEY *eckey);
int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg);
void *ECDSA_get_ex_data(EC_KEY *d, int idx);
/* XXX should be in ec.h, but needs ECDSA_SIG */
void EC_KEY_METHOD_set_sign(EC_KEY_METHOD *meth,
int (*sign)(int type, const unsigned char *dgst,
int dlen, unsigned char *sig, unsigned int *siglen,
const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey),
int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
BIGNUM **kinvp, BIGNUM **rp),
ECDSA_SIG *(*sign_sig)(const unsigned char *dgst,
int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r,
EC_KEY *eckey));
void EC_KEY_METHOD_set_verify(EC_KEY_METHOD *meth,
int (*verify)(int type, const unsigned char *dgst, int dgst_len,
const unsigned char *sigbuf, int sig_len, EC_KEY *eckey),
int (*verify_sig)(const unsigned char *dgst, int dgst_len,
const ECDSA_SIG *sig, EC_KEY *eckey));
void EC_KEY_METHOD_get_sign(const EC_KEY_METHOD *meth,
int (**psign)(int type, const unsigned char *dgst,
int dlen, unsigned char *sig, unsigned int *siglen,
const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey),
int (**psign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
BIGNUM **kinvp, BIGNUM **rp),
ECDSA_SIG *(**psign_sig)(const unsigned char *dgst,
int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r,
EC_KEY *eckey));
void EC_KEY_METHOD_get_verify(const EC_KEY_METHOD *meth,
int (**pverify)(int type, const unsigned char *dgst, int dgst_len,
const unsigned char *sigbuf, int sig_len, EC_KEY *eckey),
int (**pverify_sig)(const unsigned char *dgst, int dgst_len,
const ECDSA_SIG *sig, EC_KEY *eckey));
void ERR_load_ECDSA_strings(void);
/* Error codes for the ECDSA functions. */
/* Function codes. */
#define ECDSA_F_ECDSA_CHECK 104
#define ECDSA_F_ECDSA_DATA_NEW_METHOD 100
#define ECDSA_F_ECDSA_DO_SIGN 101
#define ECDSA_F_ECDSA_DO_VERIFY 102
#define ECDSA_F_ECDSA_SIGN_SETUP 103
/* Reason codes. */
#define ECDSA_R_BAD_SIGNATURE 100
#define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 101
#define ECDSA_R_ERR_EC_LIB 102
#define ECDSA_R_MISSING_PARAMETERS 103
#define ECDSA_R_NEED_NEW_SETUP_VALUES 106
#define ECDSA_R_NON_FIPS_METHOD 107
#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104
#define ECDSA_R_SIGNATURE_MALLOC_FAILED 105
#ifdef __cplusplus
}
#endif
#endif

4
lib/libcrypto/ecdsa/ecdsa_local.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ecdsa_local.h,v 1.1 2023/07/05 11:37:46 tb Exp $ */
/* $OpenBSD: ecdsa_local.h,v 1.2 2023/07/28 15:50:33 tb Exp $ */
/*
* Written by Nils Larsch for the OpenSSL project
*/
@ -59,7 +59,7 @@
#ifndef HEADER_ECS_LOCAL_H
#define HEADER_ECS_LOCAL_H
#include <openssl/ecdsa.h>
#include <openssl/ec.h>
__BEGIN_HIDDEN_DECLS

97
lib/libcrypto/ecdsa/ecs_err.c
View file

@ -1,97 +0,0 @@
/* $OpenBSD: ecs_err.c,v 1.8 2023/07/07 13:54:45 beck Exp $ */
/* ====================================================================
* Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <stdio.h>
#include <openssl/opensslconf.h>
#include <openssl/ecdsa.h>
#include <openssl/err.h>
#ifndef OPENSSL_NO_ERR
#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ECDSA,func,0)
#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ECDSA,0,reason)
static ERR_STRING_DATA ECDSA_str_functs[]= {
{ERR_FUNC(0xfff), "CRYPTO_internal"},
{0, NULL}
};
static ERR_STRING_DATA ECDSA_str_reasons[]= {
{ERR_REASON(ECDSA_R_BAD_SIGNATURE) , "bad signature"},
{ERR_REASON(ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE), "data too large for key size"},
{ERR_REASON(ECDSA_R_ERR_EC_LIB) , "err ec lib"},
{ERR_REASON(ECDSA_R_MISSING_PARAMETERS) , "missing parameters"},
{ERR_REASON(ECDSA_R_NEED_NEW_SETUP_VALUES), "need new setup values"},
{ERR_REASON(ECDSA_R_NON_FIPS_METHOD) , "non fips method"},
{ERR_REASON(ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED), "random number generation failed"},
{ERR_REASON(ECDSA_R_SIGNATURE_MALLOC_FAILED), "signature malloc failed"},
{0, NULL}
};
#endif
void
ERR_load_ECDSA_strings(void)
{
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(ECDSA_str_functs[0].error) == NULL) {
ERR_load_strings(0, ECDSA_str_functs);
ERR_load_strings(0, ECDSA_str_reasons);
}
#endif
}
LCRYPTO_ALIAS(ERR_load_ECDSA_strings);

129
lib/libcrypto/ecdsa/ecs_lib.c
View file

@ -1,129 +0,0 @@
/* $OpenBSD: ecs_lib.c,v 1.25 2023/07/07 13:54:45 beck Exp $ */
/* ====================================================================
* Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <string.h>
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#include <openssl/err.h>
#include <openssl/bn.h>
#include "ec_local.h"
#include "ecdsa_local.h"
static const ECDSA_METHOD *default_ECDSA_method = NULL;
static const ECDSA_METHOD openssl_ecdsa_meth = {
.name = "OpenSSL ECDSA method",
.ecdsa_do_sign = ecdsa_sign_sig,
.ecdsa_sign_setup = ecdsa_sign_setup,
.ecdsa_do_verify = ecdsa_verify_sig,
};
const ECDSA_METHOD *
ECDSA_OpenSSL(void)
{
return &openssl_ecdsa_meth;
}
LCRYPTO_ALIAS(ECDSA_OpenSSL);
void
ECDSA_set_default_method(const ECDSA_METHOD *meth)
{
default_ECDSA_method = meth;
}
LCRYPTO_ALIAS(ECDSA_set_default_method);
const ECDSA_METHOD *
ECDSA_get_default_method(void)
{
if (!default_ECDSA_method) {
default_ECDSA_method = ECDSA_OpenSSL();
}
return default_ECDSA_method;
}
LCRYPTO_ALIAS(ECDSA_get_default_method);
int
ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
{
return 0;
}
LCRYPTO_ALIAS(ECDSA_set_method);
int
ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
return -1;
}
LCRYPTO_ALIAS(ECDSA_get_ex_new_index);
int
ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg)
{
return 0;
}
LCRYPTO_ALIAS(ECDSA_set_ex_data);
void *
ECDSA_get_ex_data(EC_KEY *d, int idx)
{
return NULL;
}
LCRYPTO_ALIAS(ECDSA_get_ex_data);

211
lib/libcrypto/engine/README
View file

@ -1,211 +0,0 @@
Notes: 2001-09-24
-----------------
This "description" (if one chooses to call it that) needed some major updating
so here goes. This update addresses a change being made at the same time to
OpenSSL, and it pretty much completely restructures the underlying mechanics of
the "ENGINE" code. So it serves a double purpose of being a "ENGINE internals
for masochists" document *and* a rather extensive commit log message. (I'd get
lynched for sticking all this in CHANGES or the commit mails :-).
ENGINE_TABLE underlies this restructuring, as described in the internal header
"eng_int.h", implemented in eng_table.c, and used in each of the "class" files;
tb_rsa.c, tb_dsa.c, etc.
However, "EVP_CIPHER" underlies the motivation and design of ENGINE_TABLE so
I'll mention a bit about that first. EVP_CIPHER (and most of this applies
equally to EVP_MD for digests) is both a "method" and a algorithm/mode
identifier that, in the current API, "lingers". These cipher description +
implementation structures can be defined or obtained directly by applications,
or can be loaded "en masse" into EVP storage so that they can be catalogued and
searched in various ways, ie. two ways of encrypting with the "des_cbc"
algorithm/mode pair are;
(i) directly;
const EVP_CIPHER *cipher = EVP_des_cbc();
EVP_EncryptInit(&ctx, cipher, key, iv);
[ ... use EVP_EncryptUpdate() and EVP_EncryptFinal() ...]
(ii) indirectly;
OpenSSL_add_all_ciphers();
cipher = EVP_get_cipherbyname("des_cbc");
EVP_EncryptInit(&ctx, cipher, key, iv);
[ ... etc ... ]
The latter is more generally used because it also allows ciphers/digests to be
looked up based on other identifiers which can be useful for automatic cipher
selection, eg. in SSL/TLS, or by user-controllable configuration.
The important point about this is that EVP_CIPHER definitions and structures are
passed around with impunity and there is no safe way, without requiring massive
rewrites of many applications, to assume that EVP_CIPHERs can be reference
counted. One an EVP_CIPHER is exposed to the caller, neither it nor anything it
comes from can "safely" be destroyed. Unless of course the way of getting to
such ciphers is via entirely distinct API calls that didn't exist before.
However existing API usage cannot be made to understand when an EVP_CIPHER
pointer, that has been passed to the caller, is no longer being used.
The other problem with the existing API w.r.t. to hooking EVP_CIPHER support
into ENGINE is storage - the OBJ_NAME-based storage used by EVP to register
ciphers simultaneously registers cipher *types* and cipher *implementations* -
they are effectively the same thing, an "EVP_CIPHER" pointer. The problem with
hooking in ENGINEs is that multiple ENGINEs may implement the same ciphers. The
solution is necessarily that ENGINE-provided ciphers simply are not registered,
stored, or exposed to the caller in the same manner as existing ciphers. This is
especially necessary considering the fact ENGINE uses reference counts to allow
for cleanup, modularity, and DSO support - yet EVP_CIPHERs, as exposed to
callers in the current API, support no such controls.
Another sticking point for integrating cipher support into ENGINE is linkage.
Already there is a problem with the way ENGINE supports RSA, DSA, etc whereby
they are available *because* they're part of a giant ENGINE called "openssl".
Ie. all implementations *have* to come from an ENGINE, but we get round that by
having a giant ENGINE with all the software support encapsulated. This creates
linker hassles if nothing else - linking a 1-line application that calls 2 basic
RSA functions (eg. "RSA_free(RSA_new());") will result in large quantities of
ENGINE code being linked in *and* because of that DSA, DH, and RAND also. If we
continue with this approach for EVP_CIPHER support (even if it *was* possible)
we would lose our ability to link selectively by selectively loading certain
implementations of certain functionality. Touching any part of any kind of
crypto would result in massive static linkage of everything else. So the
solution is to change the way ENGINE feeds existing "classes", ie. how the
hooking to ENGINE works from RSA, DSA, DH, RAND, as well as adding new hooking
for EVP_CIPHER, and EVP_MD.
The way this is now being done is by mostly reverting back to how things used to
work prior to ENGINE :-). Ie. RSA now has a "RSA_METHOD" pointer again - this
was previously replaced by an "ENGINE" pointer and all RSA code that required
the RSA_METHOD would call ENGINE_get_RSA() each time on its ENGINE handle to
temporarily get and use the ENGINE's RSA implementation. Apart from being more
efficient, switching back to each RSA having an RSA_METHOD pointer also allows
us to conceivably operate with *no* ENGINE. As we'll see, this removes any need
for a fallback ENGINE that encapsulates default implementations - we can simply
have our RSA structure pointing its RSA_METHOD pointer to the software
implementation and have its ENGINE pointer set to NULL.
A look at the EVP_CIPHER hooking is most explanatory, the RSA, DSA (etc) cases
turn out to be degenerate forms of the same thing. The EVP storage of ciphers,
and the existing EVP API functions that return "software" implementations and
descriptions remain untouched. However, the storage takes more meaning in terms
of "cipher description" and less meaning in terms of "implementation". When an
EVP_CIPHER_CTX is actually initialised with an EVP_CIPHER method and is about to
begin en/decryption, the hooking to ENGINE comes into play. What happens is that
cipher-specific ENGINE code is asked for an ENGINE pointer (a functional
reference) for any ENGINE that is registered to perform the algo/mode that the
provided EVP_CIPHER structure represents. Under normal circumstances, that
ENGINE code will return NULL because no ENGINEs will have had any cipher
implementations *registered*. As such, a NULL ENGINE pointer is stored in the
EVP_CIPHER_CTX context, and the EVP_CIPHER structure is left hooked into the
context and so is used as the implementation. Pretty much how things work now
except we'd have a redundant ENGINE pointer set to NULL and doing nothing.
Conversely, if an ENGINE *has* been registered to perform the algorithm/mode
combination represented by the provided EVP_CIPHER, then a functional reference
to that ENGINE will be returned to the EVP_CIPHER_CTX during initialisation.
That functional reference will be stored in the context (and released on
cleanup) - and having that reference provides a *safe* way to use an EVP_CIPHER
definition that is private to the ENGINE. Ie. the EVP_CIPHER provided by the
application will actually be replaced by an EVP_CIPHER from the registered
ENGINE - it will support the same algorithm/mode as the original but will be a
completely different implementation. Because this EVP_CIPHER isn't stored in the
EVP storage, nor is it returned to applications from traditional API functions,
there is no associated problem with it not having reference counts. And of
course, when one of these "private" cipher implementations is hooked into
EVP_CIPHER_CTX, it is done whilst the EVP_CIPHER_CTX holds a functional
reference to the ENGINE that owns it, thus the use of the ENGINE's EVP_CIPHER is
safe.
The "cipher-specific ENGINE code" I mentioned is implemented in tb_cipher.c but
in essence it is simply an instantiation of "ENGINE_TABLE" code for use by
EVP_CIPHER code. tb_digest.c is virtually identical but, of course, it is for
use by EVP_MD code. Ditto for tb_rsa.c, tb_dsa.c, etc. These instantiations of
ENGINE_TABLE essentially provide linker-separation of the classes so that even
if ENGINEs implement *all* possible algorithms, an application using only
EVP_CIPHER code will link at most code relating to EVP_CIPHER, tb_cipher.c, core
ENGINE code that is independent of class, and of course the ENGINE
implementation that the application loaded. It will *not* however link any
class-specific ENGINE code for digests, RSA, etc nor will it bleed over into
other APIs, such as the RSA/DSA/etc library code.
ENGINE_TABLE is a little more complicated than may seem necessary but this is
mostly to avoid a lot of "init()"-thrashing on ENGINEs (that may have to load
DSOs, and other expensive setup that shouldn't be thrashed unnecessarily) *and*
to duplicate "default" behaviour. Basically an ENGINE_TABLE instantiation, for
example tb_cipher.c, implements a hash-table keyed by integer "nid" values.
These nids provide the uniquenness of an algorithm/mode - and each nid will hash
to a potentially NULL "ENGINE_PILE". An ENGINE_PILE is essentially a list of
pointers to ENGINEs that implement that particular 'nid'. Each "pile" uses some
caching tricks such that requests on that 'nid' will be cached and all future
requests will return immediately (well, at least with minimal operation) unless
a change is made to the pile, eg. perhaps an ENGINE was unloaded. The reason is
that an application could have support for 10 ENGINEs statically linked
in, and the machine in question may not have any of the hardware those 10
ENGINEs support. If each of those ENGINEs has a "des_cbc" implementation, we
want to avoid every EVP_CIPHER_CTX setup from trying (and failing) to initialise
each of those 10 ENGINEs. Instead, the first such request will try to do that
and will either return (and cache) a NULL ENGINE pointer or will return a
functional reference to the first that successfully initialised. In the latter
case it will also cache an extra functional reference to the ENGINE as a
"default" for that 'nid'. The caching is acknowledged by a 'uptodate' variable
that is unset only if un/registration takes place on that pile. Ie. if
implementations of "des_cbc" are added or removed. This behaviour can be
tweaked; the ENGINE_TABLE_FLAG_NOINIT value can be passed to
ENGINE_set_table_flags(), in which case the only ENGINEs that tb_cipher.c will
try to initialise from the "pile" will be those that are already initialised
(ie. it's simply an increment of the functional reference count, and no real
"initialisation" will take place).
RSA, DSA, DH, and RAND all have their own ENGINE_TABLE code as well, and the
difference is that they all use an implicit 'nid' of 1. Whereas EVP_CIPHERs are
actually qualitatively different depending on 'nid' (the "des_cbc" EVP_CIPHER is
not an interoperable implementation of "aes_256_cbc"), RSA_METHODs are
necessarily interoperable and don't have different flavours, only different
implementations. In other words, the ENGINE_TABLE for RSA will either be empty,
or will have a single ENGING_PILE hashed to by the 'nid' 1 and that pile
represents ENGINEs that implement the single "type" of RSA there is.
Cleanup - the registration and unregistration may pose questions about how
cleanup works with the ENGINE_PILE doing all this caching nonsense (ie. when the
application or EVP_CIPHER code releases its last reference to an ENGINE, the
ENGINE_PILE code may still have references and thus those ENGINEs will stay
hooked in forever). The way this is handled is via "unregistration". With these
new ENGINE changes, an abstract ENGINE can be loaded and initialised, but that
is an algorithm-agnostic process. Even if initialised, it will not have
registered any of its implementations (to do so would link all class "table"
code despite the fact the application may use only ciphers, for example). This
is deliberately a distinct step. Moreover, registration and unregistration has
nothing to do with whether an ENGINE is *functional* or not (ie. you can even
register an ENGINE and its implementations without it being operational, you may
not even have the drivers to make it operate). What actually happens with
respect to cleanup is managed inside eng_lib.c with the "engine_cleanup_***"
functions. These functions are internal-only and each part of ENGINE code that
could require cleanup will, upon performing its first allocation, register a
callback with the "engine_cleanup" code. The other part of this that makes it
tick is that the ENGINE_TABLE instantiations (tb_***.c) use NULL as their
initialised state. So if RSA code asks for an ENGINE and no ENGINE has
registered an implementation, the code will simply return NULL and the tb_rsa.c
state will be unchanged. Thus, no cleanup is required unless registration takes
place. ENGINE_cleanup() will simply iterate across a list of registered cleanup
callbacks calling each in turn, and will then internally delete its own storage
(a STACK). When a cleanup callback is next registered (eg. if the cleanup() is
part of a graceful restart and the application wants to cleanup all state then
start again), the internal STACK storage will be freshly allocated. This is much
the same as the situation in the ENGINE_TABLE instantiations ... NULL is the
initialised state, so only modification operations (not queries) will cause that
code to have to register a cleanup.
What else? The bignum callbacks and associated ENGINE functions have been
removed for two obvious reasons; (i) there was no way to generalise them to the
mechanism now used by RSA/DSA/..., because there's no such thing as a BIGNUM
method, and (ii) because of (i), there was no meaningful way for library or
application code to automatically hook and use ENGINE supplied bignum functions
anyway. Also, ENGINE_cpy() has been removed (although an internal-only version
exists) - the idea of providing an ENGINE_cpy() function probably wasn't a good
one and now certainly doesn't make sense in any generalised way. Some of the
RSA, DSA, DH, and RAND functions that were fiddled during the original ENGINE
changes have now, as a consequence, been reverted back. This is because the
hooking of ENGINE is now automatic (and passive, it can interally use a NULL
ENGINE pointer to simply ignore ENGINE from then on).
Hell, that should be enough for now ... comments welcome: geoff@openssl.org

88
lib/libcrypto/engine/eng_all.c
View file

@ -1,88 +0,0 @@
/* $OpenBSD: eng_all.c,v 1.30 2018/03/17 16:20:01 beck Exp $ */
/* Written by Richard Levitte <richard@levitte.org> for the OpenSSL
* project 2000.
*/
/* ====================================================================
* Copyright (c) 2000-2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <pthread.h>
#include <openssl/opensslconf.h>
#include "cryptlib.h"
#include "eng_int.h"
void
ENGINE_load_builtin_engines_internal(void)
{
#ifndef OPENSSL_NO_STATIC_ENGINE
#ifndef OPENSSL_NO_HW
#ifndef OPENSSL_NO_HW_PADLOCK
ENGINE_load_padlock();
#endif
#endif
#endif
ENGINE_register_all_complete();
}
void
ENGINE_load_builtin_engines(void)
{
static pthread_once_t once = PTHREAD_ONCE_INIT;
/* Prayer and clean living lets you ignore errors, OpenSSL style */
(void) OPENSSL_init_crypto(0, NULL);
(void) pthread_once(&once, ENGINE_load_builtin_engines_internal);
}

252
lib/libcrypto/engine/eng_cnf.c
View file

@ -1,252 +0,0 @@
/* $OpenBSD: eng_cnf.c,v 1.15 2018/04/14 07:18:37 tb Exp $ */
/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
* project 2001.
*/
/* ====================================================================
* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <string.h>
#include <openssl/err.h>
#include "eng_int.h"
#include <openssl/conf.h>
/* #define ENGINE_CONF_DEBUG */
/* ENGINE config module */
static char *
skip_dot(char *name)
{
char *p;
p = strchr(name, '.');
if (p)
return p + 1;
return name;
}
static STACK_OF(ENGINE) *initialized_engines = NULL;
static int
int_engine_init(ENGINE *e)
{
if (!ENGINE_init(e))
return 0;
if (!initialized_engines)
initialized_engines = sk_ENGINE_new_null();
if (!initialized_engines || !sk_ENGINE_push(initialized_engines, e)) {
ENGINE_finish(e);
return 0;
}
return 1;
}
static int
int_engine_configure(char *name, char *value, const CONF *cnf)
{
int i;
int ret = 0;
long do_init = -1;
STACK_OF(CONF_VALUE) *ecmds;
CONF_VALUE *ecmd = NULL;
char *ctrlname, *ctrlvalue;
ENGINE *e = NULL;
int soft = 0;
name = skip_dot(name);
#ifdef ENGINE_CONF_DEBUG
fprintf(stderr, "Configuring engine %s\n", name);
#endif
/* Value is a section containing ENGINE commands */
ecmds = NCONF_get_section(cnf, value);
if (!ecmds) {
ENGINEerror(ENGINE_R_ENGINE_SECTION_ERROR);
return 0;
}
for (i = 0; i < sk_CONF_VALUE_num(ecmds); i++) {
ecmd = sk_CONF_VALUE_value(ecmds, i);
ctrlname = skip_dot(ecmd->name);
ctrlvalue = ecmd->value;
#ifdef ENGINE_CONF_DEBUG
fprintf(stderr, "ENGINE conf: doing ctrl(%s,%s)\n",
ctrlname, ctrlvalue);
#endif
/* First handle some special pseudo ctrls */
/* Override engine name to use */
if (!strcmp(ctrlname, "engine_id"))
name = ctrlvalue;
else if (!strcmp(ctrlname, "soft_load"))
soft = 1;
/* Load a dynamic ENGINE */
else if (!strcmp(ctrlname, "dynamic_path")) {
e = ENGINE_by_id("dynamic");
if (!e)
goto err;
if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", ctrlvalue, 0))
goto err;
if (!ENGINE_ctrl_cmd_string(e, "LIST_ADD", "2", 0))
goto err;
if (!ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0))
goto err;
}
/* ... add other pseudos here ... */
else {
/* At this point we need an ENGINE structural reference
* if we don't already have one.
*/
if (!e) {
e = ENGINE_by_id(name);
if (!e && soft) {
ERR_clear_error();
return 1;
}
if (!e)
goto err;
}
/* Allow "EMPTY" to mean no value: this allows a valid
* "value" to be passed to ctrls of type NO_INPUT
*/
if (!strcmp(ctrlvalue, "EMPTY"))
ctrlvalue = NULL;
if (!strcmp(ctrlname, "init")) {
if (!NCONF_get_number_e(cnf, value, "init",
&do_init))
goto err;
if (do_init == 1) {
if (!int_engine_init(e))
goto err;
} else if (do_init != 0) {
ENGINEerror(ENGINE_R_INVALID_INIT_VALUE);
goto err;
}
}
else if (!strcmp(ctrlname, "default_algorithms")) {
if (!ENGINE_set_default_string(e, ctrlvalue))
goto err;
} else if (!ENGINE_ctrl_cmd_string(e,
ctrlname, ctrlvalue, 0))
goto err;
}
}
if (e && (do_init == -1) && !int_engine_init(e)) {
ecmd = NULL;
goto err;
}
ret = 1;
err:
if (ret != 1) {
ENGINEerror(ENGINE_R_ENGINE_CONFIGURATION_ERROR);
if (ecmd)
ERR_asprintf_error_data(
"section=%s, name=%s, value=%s",
ecmd->section, ecmd->name, ecmd->value);
}
ENGINE_free(e);
return ret;
}
static int
int_engine_module_init(CONF_IMODULE *md, const CONF *cnf)
{
STACK_OF(CONF_VALUE) *elist;
CONF_VALUE *cval;
int i;
#ifdef ENGINE_CONF_DEBUG
fprintf(stderr, "Called engine module: name %s, value %s\n",
CONF_imodule_get_name(md), CONF_imodule_get_value(md));
#endif
/* Value is a section containing ENGINEs to configure */
elist = NCONF_get_section(cnf, CONF_imodule_get_value(md));
if (!elist) {
ENGINEerror(ENGINE_R_ENGINES_SECTION_ERROR);
return 0;
}
for (i = 0; i < sk_CONF_VALUE_num(elist); i++) {
cval = sk_CONF_VALUE_value(elist, i);
if (!int_engine_configure(cval->name, cval->value, cnf))
return 0;
}
return 1;
}
static void
int_engine_module_finish(CONF_IMODULE *md)
{
ENGINE *e;
while ((e = sk_ENGINE_pop(initialized_engines)))
ENGINE_finish(e);
sk_ENGINE_free(initialized_engines);
initialized_engines = NULL;
}
void
ENGINE_add_conf_module(void)
{
CONF_module_add("engines", int_engine_module_init,
int_engine_module_finish);
}

379
lib/libcrypto/engine/eng_ctrl.c
View file

@ -1,379 +0,0 @@
/* $OpenBSD: eng_ctrl.c,v 1.11 2017/01/29 17:49:23 beck Exp $ */
/* ====================================================================
* Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <string.h>
#include <openssl/err.h>
#include "eng_int.h"
/* When querying a ENGINE-specific control command's 'description', this string
* is used if the ENGINE_CMD_DEFN has cmd_desc set to NULL. */
static const char *int_no_description = "";
/* These internal functions handle 'CMD'-related control commands when the
* ENGINE in question has asked us to take care of it (ie. the ENGINE did not
* set the ENGINE_FLAGS_MANUAL_CMD_CTRL flag. */
static int
int_ctrl_cmd_is_null(const ENGINE_CMD_DEFN *defn)
{
if ((defn->cmd_num == 0) || (defn->cmd_name == NULL))
return 1;
return 0;
}
static int
int_ctrl_cmd_by_name(const ENGINE_CMD_DEFN *defn, const char *s)
{
int idx = 0;
while (!int_ctrl_cmd_is_null(defn) &&
(strcmp(defn->cmd_name, s) != 0)) {
idx++;
defn++;
}
if (int_ctrl_cmd_is_null(defn))
/* The given name wasn't found */
return -1;
return idx;
}
static int
int_ctrl_cmd_by_num(const ENGINE_CMD_DEFN *defn, unsigned int num)
{
int idx = 0;
/* NB: It is stipulated that 'cmd_defn' lists are ordered by cmd_num. So
* our searches don't need to take any longer than necessary. */
while (!int_ctrl_cmd_is_null(defn) && (defn->cmd_num < num)) {
idx++;
defn++;
}
if (defn->cmd_num == num)
return idx;
/* The given cmd_num wasn't found */
return -1;
}
static int
int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
{
int idx;
int ret;
char *s = (char *)p;
/* Take care of the easy one first (eg. it requires no searches) */
if (cmd == ENGINE_CTRL_GET_FIRST_CMD_TYPE) {
if ((e->cmd_defns == NULL) ||
int_ctrl_cmd_is_null(e->cmd_defns))
return 0;
return e->cmd_defns->cmd_num;
}
/* One or two commands require that "p" be a valid string buffer */
if ((cmd == ENGINE_CTRL_GET_CMD_FROM_NAME) ||
(cmd == ENGINE_CTRL_GET_NAME_FROM_CMD) ||
(cmd == ENGINE_CTRL_GET_DESC_FROM_CMD)) {
if (s == NULL) {
ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
return -1;
}
}
/* Now handle cmd_name -> cmd_num conversion */
if (cmd == ENGINE_CTRL_GET_CMD_FROM_NAME) {
if ((e->cmd_defns == NULL) ||
((idx = int_ctrl_cmd_by_name(e->cmd_defns, s)) < 0)) {
ENGINEerror(ENGINE_R_INVALID_CMD_NAME);
return -1;
}
return e->cmd_defns[idx].cmd_num;
}
/* For the rest of the commands, the 'long' argument must specify a
* valie command number - so we need to conduct a search. */
if ((e->cmd_defns == NULL) ||
((idx = int_ctrl_cmd_by_num(e->cmd_defns, (unsigned int)i)) < 0)) {
ENGINEerror(ENGINE_R_INVALID_CMD_NUMBER);
return -1;
}
/* Now the logic splits depending on command type */
switch (cmd) {
case ENGINE_CTRL_GET_NEXT_CMD_TYPE:
idx++;
if (int_ctrl_cmd_is_null(e->cmd_defns + idx))
/* end-of-list */
return 0;
else
return e->cmd_defns[idx].cmd_num;
case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD:
return strlen(e->cmd_defns[idx].cmd_name);
case ENGINE_CTRL_GET_NAME_FROM_CMD:
ret = snprintf(s, strlen(e->cmd_defns[idx].cmd_name) + 1,
"%s", e->cmd_defns[idx].cmd_name);
if (ret >= (strlen(e->cmd_defns[idx].cmd_name) + 1))
ret = -1;
return ret;
case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD:
if (e->cmd_defns[idx].cmd_desc)
return strlen(e->cmd_defns[idx].cmd_desc);
return strlen(int_no_description);
case ENGINE_CTRL_GET_DESC_FROM_CMD:
if (e->cmd_defns[idx].cmd_desc) {
ret = snprintf(s,
strlen(e->cmd_defns[idx].cmd_desc) + 1,
"%s", e->cmd_defns[idx].cmd_desc);
if (ret >= strlen(e->cmd_defns[idx].cmd_desc) + 1)
ret = -1;
return ret;
}
ret = snprintf(s, strlen(int_no_description) + 1, "%s",
int_no_description);
if (ret >= strlen(int_no_description) + 1)
ret = -1;
return ret;
case ENGINE_CTRL_GET_CMD_FLAGS:
return e->cmd_defns[idx].cmd_flags;
}
/* Shouldn't really be here ... */
ENGINEerror(ENGINE_R_INTERNAL_LIST_ERROR);
return -1;
}
int
ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
{
int ctrl_exists, ref_exists;
if (e == NULL) {
ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
ref_exists = ((e->struct_ref > 0) ? 1 : 0);
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
ctrl_exists = ((e->ctrl == NULL) ? 0 : 1);
if (!ref_exists) {
ENGINEerror(ENGINE_R_NO_REFERENCE);
return 0;
}
/* Intercept any "root-level" commands before trying to hand them on to
* ctrl() handlers. */
switch (cmd) {
case ENGINE_CTRL_HAS_CTRL_FUNCTION:
return ctrl_exists;
case ENGINE_CTRL_GET_FIRST_CMD_TYPE:
case ENGINE_CTRL_GET_NEXT_CMD_TYPE:
case ENGINE_CTRL_GET_CMD_FROM_NAME:
case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD:
case ENGINE_CTRL_GET_NAME_FROM_CMD:
case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD:
case ENGINE_CTRL_GET_DESC_FROM_CMD:
case ENGINE_CTRL_GET_CMD_FLAGS:
if (ctrl_exists && !(e->flags & ENGINE_FLAGS_MANUAL_CMD_CTRL))
return int_ctrl_helper(e, cmd, i, p, f);
if (!ctrl_exists) {
ENGINEerror(ENGINE_R_NO_CONTROL_FUNCTION);
/* For these cmd-related functions, failure is indicated
* by a -1 return value (because 0 is used as a valid
* return in some places). */
return -1;
}
default:
break;
}
/* Anything else requires a ctrl() handler to exist. */
if (!ctrl_exists) {
ENGINEerror(ENGINE_R_NO_CONTROL_FUNCTION);
return 0;
}
return e->ctrl(e, cmd, i, p, f);
}
int
ENGINE_cmd_is_executable(ENGINE *e, int cmd)
{
int flags;
if ((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, cmd,
NULL, NULL)) < 0) {
ENGINEerror(ENGINE_R_INVALID_CMD_NUMBER);
return 0;
}
if (!(flags & ENGINE_CMD_FLAG_NO_INPUT) &&
!(flags & ENGINE_CMD_FLAG_NUMERIC) &&
!(flags & ENGINE_CMD_FLAG_STRING))
return 0;
return 1;
}
int
ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name, long i, void *p,
void (*f)(void), int cmd_optional)
{
int num;
if ((e == NULL) || (cmd_name == NULL)) {
ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if ((e->ctrl == NULL) ||
((num = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FROM_NAME,
0, (void *)cmd_name, NULL)) <= 0)) {
/* If the command didn't *have* to be supported, we fake
* success. This allows certain settings to be specified for
* multiple ENGINEs and only require a change of ENGINE id
* (without having to selectively apply settings). Eg. changing
* from a hardware device back to the regular software ENGINE
* without editing the config file, etc. */
if (cmd_optional) {
ERR_clear_error();
return 1;
}
ENGINEerror(ENGINE_R_INVALID_CMD_NAME);
return 0;
}
/* Force the result of the control command to 0 or 1, for the reasons
* mentioned before. */
if (ENGINE_ctrl(e, num, i, p, f) > 0)
return 1;
return 0;
}
int
ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
int cmd_optional)
{
int num, flags;
long l;
char *ptr;
if ((e == NULL) || (cmd_name == NULL)) {
ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if ((e->ctrl == NULL) ||
((num = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FROM_NAME, 0,
(void *)cmd_name, NULL)) <= 0)) {
/* If the command didn't *have* to be supported, we fake
* success. This allows certain settings to be specified for
* multiple ENGINEs and only require a change of ENGINE id
* (without having to selectively apply settings). Eg. changing
* from a hardware device back to the regular software ENGINE
* without editing the config file, etc. */
if (cmd_optional) {
ERR_clear_error();
return 1;
}
ENGINEerror(ENGINE_R_INVALID_CMD_NAME);
return 0;
}
if (!ENGINE_cmd_is_executable(e, num)) {
ENGINEerror(ENGINE_R_CMD_NOT_EXECUTABLE);
return 0;
}
if ((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, num,
NULL, NULL)) < 0) {
/* Shouldn't happen, given that ENGINE_cmd_is_executable()
* returned success. */
ENGINEerror(ENGINE_R_INTERNAL_LIST_ERROR);
return 0;
}
/* If the command takes no input, there must be no input. And vice
* versa. */
if (flags & ENGINE_CMD_FLAG_NO_INPUT) {
if (arg != NULL) {
ENGINEerror(ENGINE_R_COMMAND_TAKES_NO_INPUT);
return 0;
}
/* We deliberately force the result of ENGINE_ctrl() to 0 or 1
* rather than returning it as "return data". This is to ensure
* usage of these commands is consistent across applications and
* that certain applications don't understand it one way, and
* others another. */
if (ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0)
return 1;
return 0;
}
/* So, we require input */
if (arg == NULL) {
ENGINEerror(ENGINE_R_COMMAND_TAKES_INPUT);
return 0;
}
/* If it takes string input, that's easy */
if (flags & ENGINE_CMD_FLAG_STRING) {
/* Same explanation as above */
if (ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0)
return 1;
return 0;
}
/* If it doesn't take numeric either, then it is unsupported for use in
* a config-setting situation, which is what this function is for. This
* should never happen though, because ENGINE_cmd_is_executable() was
* used. */
if (!(flags & ENGINE_CMD_FLAG_NUMERIC)) {
ENGINEerror(ENGINE_R_INTERNAL_LIST_ERROR);
return 0;
}
l = strtol(arg, &ptr, 10);
if ((arg == ptr) || (*ptr != '\0')) {
ENGINEerror(ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER);
return 0;
}
/* Force the result of the control command to 0 or 1, for the reasons
* mentioned before. */
if (ENGINE_ctrl(e, num, l, NULL, NULL) > 0)
return 1;
return 0;
}

64
lib/libcrypto/engine/eng_dyn.c
View file

@ -1,64 +0,0 @@
/* $OpenBSD: eng_dyn.c,v 1.14 2015/06/19 06:05:11 bcook Exp $ */
/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
* project 2001.
*/
/* ====================================================================
* Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <openssl/engine.h>
void
ENGINE_load_dynamic(void)
{
}

129
lib/libcrypto/engine/eng_err.c
View file

@ -1,129 +0,0 @@
/* $OpenBSD: eng_err.c,v 1.12 2022/07/12 14:42:49 kn Exp $ */
/* ====================================================================
* Copyright (c) 1999-2010 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <stdio.h>
#include <openssl/opensslconf.h>
#include <openssl/err.h>
#include <openssl/engine.h>
#ifndef OPENSSL_NO_ERR
#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ENGINE,func,0)
#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ENGINE,0,reason)
static ERR_STRING_DATA ENGINE_str_functs[] = {
{ERR_FUNC(0xfff), "CRYPTO_internal"},
{0, NULL}
};
static ERR_STRING_DATA ENGINE_str_reasons[] = {
{ERR_REASON(ENGINE_R_ALREADY_LOADED) , "already loaded"},
{ERR_REASON(ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER), "argument is not a number"},
{ERR_REASON(ENGINE_R_CMD_NOT_EXECUTABLE) , "cmd not executable"},
{ERR_REASON(ENGINE_R_COMMAND_TAKES_INPUT), "command takes input"},
{ERR_REASON(ENGINE_R_COMMAND_TAKES_NO_INPUT), "command takes no input"},
{ERR_REASON(ENGINE_R_CONFLICTING_ENGINE_ID), "conflicting engine id"},
{ERR_REASON(ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED), "ctrl command not implemented"},
{ERR_REASON(ENGINE_R_DH_NOT_IMPLEMENTED) , "dh not implemented"},
{ERR_REASON(ENGINE_R_DSA_NOT_IMPLEMENTED), "dsa not implemented"},
{ERR_REASON(ENGINE_R_DSO_FAILURE) , "DSO failure"},
{ERR_REASON(ENGINE_R_DSO_NOT_FOUND) , "dso not found"},
{ERR_REASON(ENGINE_R_ENGINES_SECTION_ERROR), "engines section error"},
{ERR_REASON(ENGINE_R_ENGINE_CONFIGURATION_ERROR), "engine configuration error"},
{ERR_REASON(ENGINE_R_ENGINE_IS_NOT_IN_LIST), "engine is not in the list"},
{ERR_REASON(ENGINE_R_ENGINE_SECTION_ERROR), "engine section error"},
{ERR_REASON(ENGINE_R_FAILED_LOADING_PRIVATE_KEY), "failed loading private key"},
{ERR_REASON(ENGINE_R_FAILED_LOADING_PUBLIC_KEY), "failed loading public key"},
{ERR_REASON(ENGINE_R_FINISH_FAILED) , "finish failed"},
{ERR_REASON(ENGINE_R_GET_HANDLE_FAILED) , "could not obtain hardware handle"},
{ERR_REASON(ENGINE_R_ID_OR_NAME_MISSING) , "'id' or 'name' missing"},
{ERR_REASON(ENGINE_R_INIT_FAILED) , "init failed"},
{ERR_REASON(ENGINE_R_INTERNAL_LIST_ERROR), "internal list error"},
{ERR_REASON(ENGINE_R_INVALID_ARGUMENT) , "invalid argument"},
{ERR_REASON(ENGINE_R_INVALID_CMD_NAME) , "invalid cmd name"},
{ERR_REASON(ENGINE_R_INVALID_CMD_NUMBER) , "invalid cmd number"},
{ERR_REASON(ENGINE_R_INVALID_INIT_VALUE) , "invalid init value"},
{ERR_REASON(ENGINE_R_INVALID_STRING) , "invalid string"},
{ERR_REASON(ENGINE_R_NOT_INITIALISED) , "not initialised"},
{ERR_REASON(ENGINE_R_NOT_LOADED) , "not loaded"},
{ERR_REASON(ENGINE_R_NO_CONTROL_FUNCTION), "no control function"},
{ERR_REASON(ENGINE_R_NO_INDEX) , "no index"},
{ERR_REASON(ENGINE_R_NO_LOAD_FUNCTION) , "no load function"},
{ERR_REASON(ENGINE_R_NO_REFERENCE) , "no reference"},
{ERR_REASON(ENGINE_R_NO_SUCH_ENGINE) , "no such engine"},
{ERR_REASON(ENGINE_R_NO_UNLOAD_FUNCTION) , "no unload function"},
{ERR_REASON(ENGINE_R_PROVIDE_PARAMETERS) , "provide parameters"},
{ERR_REASON(ENGINE_R_RSA_NOT_IMPLEMENTED), "rsa not implemented"},
{ERR_REASON(ENGINE_R_UNIMPLEMENTED_CIPHER), "unimplemented cipher"},
{ERR_REASON(ENGINE_R_UNIMPLEMENTED_DIGEST), "unimplemented digest"},
{ERR_REASON(ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD), "unimplemented public key method"},
{ERR_REASON(ENGINE_R_VERSION_INCOMPATIBILITY), "version incompatibility"},
{0, NULL}
};
#endif
void
ERR_load_ENGINE_strings(void)
{
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(ENGINE_str_functs[0].error) == NULL) {
ERR_load_strings(0, ENGINE_str_functs);
ERR_load_strings(0, ENGINE_str_reasons);
}
#endif
}

200
lib/libcrypto/engine/eng_fat.c
View file

@ -1,200 +0,0 @@
/* $OpenBSD: eng_fat.c,v 1.17 2019/01/19 01:07:00 tb Exp $ */
/* ====================================================================
* Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
* ECDH support in OpenSSL originally developed by
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
*/
#include <string.h>
#include <openssl/opensslconf.h>
#include <openssl/err.h>
#include "eng_int.h"
#include <openssl/conf.h>
int
ENGINE_set_default(ENGINE *e, unsigned int flags)
{
if ((flags & ENGINE_METHOD_CIPHERS) && !ENGINE_set_default_ciphers(e))
return 0;
if ((flags & ENGINE_METHOD_DIGESTS) && !ENGINE_set_default_digests(e))
return 0;
#ifndef OPENSSL_NO_RSA
if ((flags & ENGINE_METHOD_RSA) && !ENGINE_set_default_RSA(e))
return 0;
#endif
#ifndef OPENSSL_NO_DSA
if ((flags & ENGINE_METHOD_DSA) && !ENGINE_set_default_DSA(e))
return 0;
#endif
#ifndef OPENSSL_NO_DH
if ((flags & ENGINE_METHOD_DH) && !ENGINE_set_default_DH(e))
return 0;
#endif
#ifndef OPENSSL_NO_ECDH
if ((flags & ENGINE_METHOD_ECDH) && !ENGINE_set_default_ECDH(e))
return 0;
#endif
#ifndef OPENSSL_NO_ECDSA
if ((flags & ENGINE_METHOD_ECDSA) && !ENGINE_set_default_ECDSA(e))
return 0;
#endif
#ifndef OPENSSL_NO_EC
if ((flags & ENGINE_METHOD_EC) && !ENGINE_set_default_EC(e))
return 0;
#endif
if ((flags & ENGINE_METHOD_RAND) && !ENGINE_set_default_RAND(e))
return 0;
if ((flags & ENGINE_METHOD_PKEY_METHS) &&
!ENGINE_set_default_pkey_meths(e))
return 0;
if ((flags & ENGINE_METHOD_PKEY_ASN1_METHS) &&
!ENGINE_set_default_pkey_asn1_meths(e))
return 0;
return 1;
}
/* Set default algorithms using a string */
static int
int_def_cb(const char *alg, int len, void *arg)
{
unsigned int *pflags = arg;
if (!strncmp(alg, "ALL", len))
*pflags |= ENGINE_METHOD_ALL;
else if (!strncmp(alg, "RSA", len))
*pflags |= ENGINE_METHOD_RSA;
else if (!strncmp(alg, "DSA", len))
*pflags |= ENGINE_METHOD_DSA;
else if (!strncmp(alg, "ECDH", len))
*pflags |= ENGINE_METHOD_ECDH;
else if (!strncmp(alg, "ECDSA", len))
*pflags |= ENGINE_METHOD_ECDSA;
else if (!strncmp(alg, "DH", len))
*pflags |= ENGINE_METHOD_DH;
else if (strncmp(alg, "EC", len) == 0)
*pflags |= ENGINE_METHOD_EC;
else if (!strncmp(alg, "RAND", len))
*pflags |= ENGINE_METHOD_RAND;
else if (!strncmp(alg, "CIPHERS", len))
*pflags |= ENGINE_METHOD_CIPHERS;
else if (!strncmp(alg, "DIGESTS", len))
*pflags |= ENGINE_METHOD_DIGESTS;
else if (!strncmp(alg, "PKEY", len))
*pflags |= ENGINE_METHOD_PKEY_METHS |
ENGINE_METHOD_PKEY_ASN1_METHS;
else if (!strncmp(alg, "PKEY_CRYPTO", len))
*pflags |= ENGINE_METHOD_PKEY_METHS;
else if (!strncmp(alg, "PKEY_ASN1", len))
*pflags |= ENGINE_METHOD_PKEY_ASN1_METHS;
else
return 0;
return 1;
}
int
ENGINE_set_default_string(ENGINE *e, const char *def_list)
{
unsigned int flags = 0;
if (!CONF_parse_list(def_list, ',', 1, int_def_cb, &flags)) {
ENGINEerror(ENGINE_R_INVALID_STRING);
ERR_asprintf_error_data("str=%s",def_list);
return 0;
}
return ENGINE_set_default(e, flags);
}
int
ENGINE_register_complete(ENGINE *e)
{
ENGINE_register_ciphers(e);
ENGINE_register_digests(e);
#ifndef OPENSSL_NO_RSA
ENGINE_register_RSA(e);
#endif
#ifndef OPENSSL_NO_DSA
ENGINE_register_DSA(e);
#endif
#ifndef OPENSSL_NO_DH
ENGINE_register_DH(e);
#endif
#ifndef OPENSSL_NO_ECDH
ENGINE_register_ECDH(e);
#endif
#ifndef OPENSSL_NO_ECDSA
ENGINE_register_ECDSA(e);
#endif
#ifndef OPENSSL_NO_EC
ENGINE_register_EC(e);
#endif
ENGINE_register_RAND(e);
ENGINE_register_pkey_meths(e);
return 1;
}
int
ENGINE_register_all_complete(void)
{
ENGINE *e;
for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
if (!(e->flags & ENGINE_FLAGS_NO_REGISTER_ALL))
ENGINE_register_complete(e);
return 1;
}

147
lib/libcrypto/engine/eng_init.c
View file

@ -1,147 +0,0 @@
/* $OpenBSD: eng_init.c,v 1.9 2018/04/14 07:09:21 tb Exp $ */
/* ====================================================================
* Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <openssl/err.h>
#include "eng_int.h"
/* Initialise a engine type for use (or up its functional reference count
* if it's already in use). This version is only used internally. */
int
engine_unlocked_init(ENGINE *e)
{
int to_return = 1;
if ((e->funct_ref == 0) && e->init)
/* This is the first functional reference and the engine
* requires initialisation so we do it now. */
to_return = e->init(e);
if (to_return) {
/* OK, we return a functional reference which is also a
* structural reference. */
e->struct_ref++;
e->funct_ref++;
engine_ref_debug(e, 0, 1)
engine_ref_debug(e, 1, 1)
}
return to_return;
}
/* Free a functional reference to a engine type. This version is only used
* internally. */
int
engine_unlocked_finish(ENGINE *e, int unlock_for_handlers)
{
int to_return = 1;
/* Reduce the functional reference count here so if it's the terminating
* case, we can release the lock safely and call the finish() handler
* without risk of a race. We get a race if we leave the count until
* after and something else is calling "finish" at the same time -
* there's a chance that both threads will together take the count from
* 2 to 0 without either calling finish(). */
e->funct_ref--;
engine_ref_debug(e, 1, -1);
if ((e->funct_ref == 0) && e->finish) {
if (unlock_for_handlers)
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
to_return = e->finish(e);
if (unlock_for_handlers)
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
if (!to_return)
return 0;
}
/* Release the structural reference too */
if (!engine_free_util(e, 0)) {
ENGINEerror(ENGINE_R_FINISH_FAILED);
return 0;
}
return to_return;
}
/* The API (locked) version of "init" */
int
ENGINE_init(ENGINE *e)
{
int ret;
if (e == NULL) {
ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
ret = engine_unlocked_init(e);
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
return ret;
}
/* The API (locked) version of "finish" */
int
ENGINE_finish(ENGINE *e)
{
int to_return = 1;
if (e == NULL)
return 1;
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
to_return = engine_unlocked_finish(e, 1);
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
if (!to_return) {
ENGINEerror(ENGINE_R_FINISH_FAILED);
return 0;
}
return to_return;
}

203
lib/libcrypto/engine/eng_int.h
View file

@ -1,203 +0,0 @@
/* $OpenBSD: eng_int.h,v 1.10 2019/01/19 01:07:00 tb Exp $ */
/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
* project 2000.
*/
/* ====================================================================
* Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
* ECDH support in OpenSSL originally developed by
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
*/
#ifndef HEADER_ENGINE_INT_H
#define HEADER_ENGINE_INT_H
/* Take public definitions from engine.h */
#include <openssl/engine.h>
__BEGIN_HIDDEN_DECLS
/* If we compile with this symbol defined, then both reference counts in the
* ENGINE structure will be monitored with a line of output on stderr for each
* change. This prints the engine's pointer address (truncated to unsigned int),
* "struct" or "funct" to indicate the reference type, the before and after
* reference count, and the file:line-number pair. The "engine_ref_debug"
* statements must come *after* the change. */
#ifdef ENGINE_REF_COUNT_DEBUG
#define engine_ref_debug(e, isfunct, diff) \
fprintf(stderr, "engine: %08x %s from %d to %d (%s:%d)\n", \
(unsigned int)(e), (isfunct ? "funct" : "struct"), \
((isfunct) ? ((e)->funct_ref - (diff)) : ((e)->struct_ref - (diff))), \
((isfunct) ? (e)->funct_ref : (e)->struct_ref), \
(__FILE__), (__LINE__));
#else
#define engine_ref_debug(e, isfunct, diff)
#endif
/* Any code that will need cleanup operations should use these functions to
* register callbacks. ENGINE_cleanup() will call all registered callbacks in
* order. NB: both the "add" functions assume CRYPTO_LOCK_ENGINE to already be
* held (in "write" mode). */
typedef void (ENGINE_CLEANUP_CB)(void);
typedef struct st_engine_cleanup_item {
ENGINE_CLEANUP_CB *cb;
} ENGINE_CLEANUP_ITEM;
DECLARE_STACK_OF(ENGINE_CLEANUP_ITEM)
void engine_cleanup_add_first(ENGINE_CLEANUP_CB *cb);
void engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb);
/* We need stacks of ENGINEs for use in eng_table.c */
DECLARE_STACK_OF(ENGINE)
/* If this symbol is defined then engine_table_select(), the function that is
* used by RSA, DSA (etc) code to select registered ENGINEs, cache defaults and
* functional references (etc), will display debugging summaries to stderr. */
/* #define ENGINE_TABLE_DEBUG */
/* This represents an implementation table. Dependent code should instantiate it
* as a (ENGINE_TABLE *) pointer value set initially to NULL. */
typedef struct st_engine_table ENGINE_TABLE;
int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
ENGINE *e, const int *nids, int num_nids, int setdefault);
void engine_table_unregister(ENGINE_TABLE **table, ENGINE *e);
void engine_table_cleanup(ENGINE_TABLE **table);
#ifndef ENGINE_TABLE_DEBUG
ENGINE *engine_table_select(ENGINE_TABLE **table, int nid);
#else
ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f,
int l);
#define engine_table_select(t,n) engine_table_select_tmp(t,n,__FILE__,__LINE__)
#endif
typedef void (engine_table_doall_cb)(int nid, STACK_OF(ENGINE) *sk,
ENGINE *def, void *arg);
void engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb,
void *arg);
/* Internal versions of API functions that have control over locking. These are
* used between C files when functionality needs to be shared but the caller may
* already be controlling of the CRYPTO_LOCK_ENGINE lock. */
int engine_unlocked_init(ENGINE *e);
int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers);
int engine_free_util(ENGINE *e, int locked);
/* This function will reset all "set"able values in an ENGINE to NULL. This
* won't touch reference counts or ex_data, but is equivalent to calling all the
* ENGINE_set_***() functions with a NULL value. */
void engine_set_all_null(ENGINE *e);
/* NB: Bitwise OR-able values for the "flags" variable in ENGINE are now exposed
* in engine.h. */
/* Free up dynamically allocated public key methods associated with ENGINE */
void engine_pkey_meths_free(ENGINE *e);
void engine_pkey_asn1_meths_free(ENGINE *e);
/* This is a structure for storing implementations of various crypto
* algorithms and functions. */
struct engine_st {
const char *id;
const char *name;
const RSA_METHOD *rsa_meth;
const DSA_METHOD *dsa_meth;
const DH_METHOD *dh_meth;
const ECDH_METHOD *ecdh_meth;
const ECDSA_METHOD *ecdsa_meth;
const EC_KEY_METHOD *ec_meth;
const RAND_METHOD *rand_meth;
const STORE_METHOD *store_meth;
/* Cipher handling is via this callback */
ENGINE_CIPHERS_PTR ciphers;
/* Digest handling is via this callback */
ENGINE_DIGESTS_PTR digests;
/* Public key handling via this callback */
ENGINE_PKEY_METHS_PTR pkey_meths;
/* ASN1 public key handling via this callback */
ENGINE_PKEY_ASN1_METHS_PTR pkey_asn1_meths;
ENGINE_GEN_INT_FUNC_PTR destroy;
ENGINE_GEN_INT_FUNC_PTR init;
ENGINE_GEN_INT_FUNC_PTR finish;
ENGINE_CTRL_FUNC_PTR ctrl;
ENGINE_LOAD_KEY_PTR load_privkey;
ENGINE_LOAD_KEY_PTR load_pubkey;
ENGINE_SSL_CLIENT_CERT_PTR load_ssl_client_cert;
const ENGINE_CMD_DEFN *cmd_defns;
int flags;
/* reference count on the structure itself */
int struct_ref;
/* reference count on usability of the engine type. NB: This
* controls the loading and initialisation of any functionlity
* required by this engine, whereas the previous count is
* simply to cope with (de)allocation of this structure. Hence,
* running_ref <= struct_ref at all times. */
int funct_ref;
/* A place to store per-ENGINE data */
CRYPTO_EX_DATA ex_data;
/* Used to maintain the linked-list of engines. */
struct engine_st *prev;
struct engine_st *next;
};
__END_HIDDEN_DECLS
#endif /* HEADER_ENGINE_INT_H */

365
lib/libcrypto/engine/eng_lib.c
View file

@ -1,365 +0,0 @@
/* $OpenBSD: eng_lib.c,v 1.14 2018/04/14 07:18:37 tb Exp $ */
/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
* project 2000.
*/
/* ====================================================================
* Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <string.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include "eng_int.h"
/* The "new"/"free" stuff first */
ENGINE *
ENGINE_new(void)
{
ENGINE *ret;
if (!OPENSSL_init_crypto(0, NULL))
return NULL;
ret = malloc(sizeof(ENGINE));
if (ret == NULL) {
ENGINEerror(ERR_R_MALLOC_FAILURE);
return NULL;
}
memset(ret, 0, sizeof(ENGINE));
ret->struct_ref = 1;
engine_ref_debug(ret, 0, 1)
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ENGINE, ret, &ret->ex_data);
return ret;
}
/* Placed here (close proximity to ENGINE_new) so that modifications to the
* elements of the ENGINE structure are more likely to be caught and changed
* here. */
void
engine_set_all_null(ENGINE *e)
{
e->id = NULL;
e->name = NULL;
e->rsa_meth = NULL;
e->dsa_meth = NULL;
e->dh_meth = NULL;
e->rand_meth = NULL;
e->store_meth = NULL;
e->ciphers = NULL;
e->digests = NULL;
e->destroy = NULL;
e->init = NULL;
e->finish = NULL;
e->ctrl = NULL;
e->load_privkey = NULL;
e->load_pubkey = NULL;
e->cmd_defns = NULL;
e->flags = 0;
}
int
engine_free_util(ENGINE *e, int locked)
{
int i;
if (e == NULL)
return 1;
if (locked)
i = CRYPTO_add(&e->struct_ref, -1, CRYPTO_LOCK_ENGINE);
else
i = --e->struct_ref;
engine_ref_debug(e, 0, -1)
if (i > 0)
return 1;
/* Free up any dynamically allocated public key methods */
engine_pkey_meths_free(e);
engine_pkey_asn1_meths_free(e);
/* Give the ENGINE a chance to do any structural cleanup corresponding
* to allocation it did in its constructor (eg. unload error strings) */
if (e->destroy)
e->destroy(e);
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ENGINE, e, &e->ex_data);
free(e);
return 1;
}
int
ENGINE_free(ENGINE *e)
{
return engine_free_util(e, 1);
}
/* Cleanup stuff */
/* ENGINE_cleanup() is coded such that anything that does work that will need
* cleanup can register a "cleanup" callback here. That way we don't get linker
* bloat by referring to all *possible* cleanups, but any linker bloat into code
* "X" will cause X's cleanup function to end up here. */
static STACK_OF(ENGINE_CLEANUP_ITEM) *cleanup_stack = NULL;
static int
int_cleanup_check(int create)
{
if (cleanup_stack)
return 1;
if (!create)
return 0;
cleanup_stack = sk_ENGINE_CLEANUP_ITEM_new_null();
return (cleanup_stack ? 1 : 0);
}
static ENGINE_CLEANUP_ITEM *
int_cleanup_item(ENGINE_CLEANUP_CB *cb)
{
ENGINE_CLEANUP_ITEM *item = malloc(sizeof(ENGINE_CLEANUP_ITEM));
if (!item)
return NULL;
item->cb = cb;
return item;
}
void
engine_cleanup_add_first(ENGINE_CLEANUP_CB *cb)
{
ENGINE_CLEANUP_ITEM *item;
if (!int_cleanup_check(1))
return;
item = int_cleanup_item(cb);
if (item)
sk_ENGINE_CLEANUP_ITEM_insert(cleanup_stack, item, 0);
}
void
engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb)
{
ENGINE_CLEANUP_ITEM *item;
if (!int_cleanup_check(1))
return;
item = int_cleanup_item(cb);
if (item)
sk_ENGINE_CLEANUP_ITEM_push(cleanup_stack, item);
}
/* The API function that performs all cleanup */
static void
engine_cleanup_cb_free(ENGINE_CLEANUP_ITEM *item)
{
(*(item->cb))();
free(item);
}
void
ENGINE_cleanup(void)
{
if (int_cleanup_check(0)) {
sk_ENGINE_CLEANUP_ITEM_pop_free(cleanup_stack,
engine_cleanup_cb_free);
cleanup_stack = NULL;
}
/* FIXME: This should be handled (somehow) through RAND, eg. by it
* registering a cleanup callback. */
RAND_set_rand_method(NULL);
}
/* Now the "ex_data" support */
int
ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE, argl, argp,
new_func, dup_func, free_func);
}
int
ENGINE_set_ex_data(ENGINE *e, int idx, void *arg)
{
return (CRYPTO_set_ex_data(&e->ex_data, idx, arg));
}
void *
ENGINE_get_ex_data(const ENGINE *e, int idx)
{
return (CRYPTO_get_ex_data(&e->ex_data, idx));
}
/* Functions to get/set an ENGINE's elements - mainly to avoid exposing the
* ENGINE structure itself. */
int
ENGINE_set_id(ENGINE *e, const char *id)
{
if (id == NULL) {
ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
e->id = id;
return 1;
}
int
ENGINE_set_name(ENGINE *e, const char *name)
{
if (name == NULL) {
ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
e->name = name;
return 1;
}
int
ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f)
{
e->destroy = destroy_f;
return 1;
}
int
ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f)
{
e->init = init_f;
return 1;
}
int
ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f)
{
e->finish = finish_f;
return 1;
}
int
ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f)
{
e->ctrl = ctrl_f;
return 1;
}
int
ENGINE_set_flags(ENGINE *e, int flags)
{
e->flags = flags;
return 1;
}
int
ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns)
{
e->cmd_defns = defns;
return 1;
}
const char *
ENGINE_get_id(const ENGINE *e)
{
return e->id;
}
const char *
ENGINE_get_name(const ENGINE *e)
{
return e->name;
}
ENGINE_GEN_INT_FUNC_PTR
ENGINE_get_destroy_function(const ENGINE *e)
{
return e->destroy;
}
ENGINE_GEN_INT_FUNC_PTR
ENGINE_get_init_function(const ENGINE *e)
{
return e->init;
}
ENGINE_GEN_INT_FUNC_PTR
ENGINE_get_finish_function(const ENGINE *e)
{
return e->finish;
}
ENGINE_CTRL_FUNC_PTR
ENGINE_get_ctrl_function(const ENGINE *e)
{
return e->ctrl;
}
int
ENGINE_get_flags(const ENGINE *e)
{
return e->flags;
}
const ENGINE_CMD_DEFN *
ENGINE_get_cmd_defns(const ENGINE *e)
{
return e->cmd_defns;
}
/* eng_lib.o is pretty much linked into anything that touches ENGINE already, so
* put the "static_state" hack here. */
static int internal_static_hack = 0;
void *
ENGINE_get_static_state(void)
{
return &internal_static_hack;
}

387
lib/libcrypto/engine/eng_list.c
View file

@ -1,387 +0,0 @@
/* $OpenBSD: eng_list.c,v 1.25 2022/12/26 07:18:51 jmc Exp $ */
/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
* project 2000.
*/
/* ====================================================================
* Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
* ECDH support in OpenSSL originally developed by
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
*/
#include <string.h>
#include <unistd.h>
#include <openssl/opensslconf.h>
#include <openssl/err.h>
#include "cryptlib.h"
#include "eng_int.h"
/* The linked-list of pointers to engine types. engine_list_head
* incorporates an implicit structural reference but engine_list_tail
* does not - the latter is a computational niceity and only points
* to something that is already pointed to by its predecessor in the
* list (or engine_list_head itself). In the same way, the use of the
* "prev" pointer in each ENGINE is to save excessive list iteration,
* it doesn't correspond to an extra structural reference. Hence,
* engine_list_head, and each non-null "next" pointer account for
* the list itself assuming exactly 1 structural reference on each
* list member. */
static ENGINE *engine_list_head = NULL;
static ENGINE *engine_list_tail = NULL;
/* This cleanup function is only needed internally. If it should be called, we
* register it with the "ENGINE_cleanup()" stack to be called during cleanup. */
static void
engine_list_cleanup(void)
{
ENGINE *iterator = engine_list_head;
while (iterator != NULL && ENGINE_remove(iterator))
iterator = engine_list_head;
}
/* These static functions starting with a lower case "engine_" always
* take place when CRYPTO_LOCK_ENGINE has been locked up. */
static int
engine_list_add(ENGINE *e)
{
int conflict = 0;
ENGINE *iterator = NULL;
if (e == NULL) {
ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
iterator = engine_list_head;
while (iterator && !conflict) {
conflict = (strcmp(iterator->id, e->id) == 0);
iterator = iterator->next;
}
if (conflict) {
ENGINEerror(ENGINE_R_CONFLICTING_ENGINE_ID);
return 0;
}
if (engine_list_head == NULL) {
/* We are adding to an empty list. */
if (engine_list_tail) {
ENGINEerror(ENGINE_R_INTERNAL_LIST_ERROR);
return 0;
}
engine_list_head = e;
e->prev = NULL;
/* The first time the list allocates, we should register the
* cleanup. */
engine_cleanup_add_last(engine_list_cleanup);
} else {
/* We are adding to the tail of an existing list. */
if ((engine_list_tail == NULL) ||
(engine_list_tail->next != NULL)) {
ENGINEerror(ENGINE_R_INTERNAL_LIST_ERROR);
return 0;
}
engine_list_tail->next = e;
e->prev = engine_list_tail;
}
/* Having the engine in the list assumes a structural
* reference. */
e->struct_ref++;
engine_ref_debug(e, 0, 1)
/* However it came to be, e is the last item in the list. */
engine_list_tail = e;
e->next = NULL;
return 1;
}
static int
engine_list_remove(ENGINE *e)
{
ENGINE *iterator;
if (e == NULL) {
ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
/* We need to check that e is in our linked list! */
iterator = engine_list_head;
while (iterator && (iterator != e))
iterator = iterator->next;
if (iterator == NULL) {
ENGINEerror(ENGINE_R_ENGINE_IS_NOT_IN_LIST);
return 0;
}
/* un-link e from the chain. */
if (e->next)
e->next->prev = e->prev;
if (e->prev)
e->prev->next = e->next;
/* Correct our head/tail if necessary. */
if (engine_list_head == e)
engine_list_head = e->next;
if (engine_list_tail == e)
engine_list_tail = e->prev;
engine_free_util(e, 0);
return 1;
}
/* Get the first/last "ENGINE" type available. */
ENGINE *
ENGINE_get_first(void)
{
ENGINE *ret;
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
ret = engine_list_head;
if (ret) {
ret->struct_ref++;
engine_ref_debug(ret, 0, 1)
}
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
return ret;
}
ENGINE *
ENGINE_get_last(void)
{
ENGINE *ret;
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
ret = engine_list_tail;
if (ret) {
ret->struct_ref++;
engine_ref_debug(ret, 0, 1)
}
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
return ret;
}
/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */
ENGINE *
ENGINE_get_next(ENGINE *e)
{
ENGINE *ret = NULL;
if (e == NULL) {
ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
ret = e->next;
if (ret) {
/* Return a valid structural reference to the next ENGINE */
ret->struct_ref++;
engine_ref_debug(ret, 0, 1)
}
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
/* Release the structural reference to the previous ENGINE */
ENGINE_free(e);
return ret;
}
ENGINE *
ENGINE_get_prev(ENGINE *e)
{
ENGINE *ret = NULL;
if (e == NULL) {
ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
ret = e->prev;
if (ret) {
/* Return a valid structural reference to the next ENGINE */
ret->struct_ref++;
engine_ref_debug(ret, 0, 1)
}
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
/* Release the structural reference to the previous ENGINE */
ENGINE_free(e);
return ret;
}
/* Add another "ENGINE" type into the list. */
int
ENGINE_add(ENGINE *e)
{
int to_return = 1;
if (e == NULL) {
ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if ((e->id == NULL) || (e->name == NULL)) {
ENGINEerror(ENGINE_R_ID_OR_NAME_MISSING);
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
if (!engine_list_add(e)) {
ENGINEerror(ENGINE_R_INTERNAL_LIST_ERROR);
to_return = 0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
return to_return;
}
/* Remove an existing "ENGINE" type from the array. */
int
ENGINE_remove(ENGINE *e)
{
int to_return = 1;
if (e == NULL) {
ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
if (!engine_list_remove(e)) {
ENGINEerror(ENGINE_R_INTERNAL_LIST_ERROR);
to_return = 0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
return to_return;
}
static void
engine_cpy(ENGINE *dest, const ENGINE *src)
{
dest->id = src->id;
dest->name = src->name;
#ifndef OPENSSL_NO_RSA
dest->rsa_meth = src->rsa_meth;
#endif
#ifndef OPENSSL_NO_DSA
dest->dsa_meth = src->dsa_meth;
#endif
#ifndef OPENSSL_NO_DH
dest->dh_meth = src->dh_meth;
#endif
#ifndef OPENSSL_NO_ECDH
dest->ecdh_meth = src->ecdh_meth;
#endif
#ifndef OPENSSL_NO_ECDSA
dest->ecdsa_meth = src->ecdsa_meth;
#endif
#ifndef OPENSSL_NO_EC
dest->ec_meth = src->ec_meth;
#endif
dest->rand_meth = src->rand_meth;
dest->store_meth = src->store_meth;
dest->ciphers = src->ciphers;
dest->digests = src->digests;
dest->pkey_meths = src->pkey_meths;
dest->destroy = src->destroy;
dest->init = src->init;
dest->finish = src->finish;
dest->ctrl = src->ctrl;
dest->load_privkey = src->load_privkey;
dest->load_pubkey = src->load_pubkey;
dest->cmd_defns = src->cmd_defns;
dest->flags = src->flags;
}
ENGINE *
ENGINE_by_id(const char *id)
{
ENGINE *iterator;
if (id == NULL) {
ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
iterator = engine_list_head;
while (iterator && (strcmp(id, iterator->id) != 0))
iterator = iterator->next;
if (iterator) {
/* We need to return a structural reference. If this is an
* ENGINE type that returns copies, make a duplicate - otherwise
* increment the existing ENGINE's reference count. */
if (iterator->flags & ENGINE_FLAGS_BY_ID_COPY) {
ENGINE *cp = ENGINE_new();
if (!cp)
iterator = NULL;
else {
engine_cpy(cp, iterator);
iterator = cp;
}
} else {
iterator->struct_ref++;
engine_ref_debug(iterator, 0, 1)
}
}
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
if (iterator == NULL) {
ENGINEerror(ENGINE_R_NO_SUCH_ENGINE);
ERR_asprintf_error_data("id=%s", id);
}
return iterator;
}
int
ENGINE_up_ref(ENGINE *e)
{
int refs;
if (e == NULL) {
ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
refs = CRYPTO_add(&e->struct_ref, 1, CRYPTO_LOCK_ENGINE);
return refs > 1 ? 1 : 0;
}

406
lib/libcrypto/engine/eng_openssl.c
View file

@ -1,406 +0,0 @@
/* $OpenBSD: eng_openssl.c,v 1.17 2023/07/20 15:08:12 tb Exp $ */
/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
* project 2000.
*/
/* ====================================================================
* Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
* ECDH support in OpenSSL originally developed by
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
*/
#include <stdio.h>
#include <string.h>
#include <openssl/opensslconf.h>
#include <openssl/crypto.h>
#include <openssl/engine.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/pem.h>
#include <openssl/rand.h>
#ifndef OPENSSL_NO_DH
#include <openssl/dh.h>
#endif
#ifndef OPENSSL_NO_DSA
#include <openssl/dsa.h>
#endif
#ifndef OPENSSL_NO_RSA
#include <openssl/rsa.h>
#endif
#include "evp_local.h"
/* This testing gunk is implemented (and explained) lower down. It also assumes
* the application explicitly calls "ENGINE_load_openssl()" because this is no
* longer automatic in ENGINE_load_builtin_engines(). */
#define TEST_ENG_OPENSSL_RC4
#define TEST_ENG_OPENSSL_PKEY
/* #define TEST_ENG_OPENSSL_RC4_OTHERS */
#define TEST_ENG_OPENSSL_RC4_P_INIT
/* #define TEST_ENG_OPENSSL_RC4_P_CIPHER */
#define TEST_ENG_OPENSSL_SHA
/* #define TEST_ENG_OPENSSL_SHA_OTHERS */
/* #define TEST_ENG_OPENSSL_SHA_P_INIT */
/* #define TEST_ENG_OPENSSL_SHA_P_UPDATE */
/* #define TEST_ENG_OPENSSL_SHA_P_FINAL */
/* Now check what of those algorithms are actually enabled */
#ifdef OPENSSL_NO_RC4
#undef TEST_ENG_OPENSSL_RC4
#undef TEST_ENG_OPENSSL_RC4_OTHERS
#undef TEST_ENG_OPENSSL_RC4_P_INIT
#undef TEST_ENG_OPENSSL_RC4_P_CIPHER
#endif
#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA1)
#undef TEST_ENG_OPENSSL_SHA
#undef TEST_ENG_OPENSSL_SHA_OTHERS
#undef TEST_ENG_OPENSSL_SHA_P_INIT
#undef TEST_ENG_OPENSSL_SHA_P_UPDATE
#undef TEST_ENG_OPENSSL_SHA_P_FINAL
#endif
#ifdef TEST_ENG_OPENSSL_RC4
static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
const int **nids, int nid);
#endif
#ifdef TEST_ENG_OPENSSL_SHA
static int openssl_digests(ENGINE *e, const EVP_MD **digest,
const int **nids, int nid);
#endif
#ifdef TEST_ENG_OPENSSL_PKEY
static EVP_PKEY *openssl_load_privkey(ENGINE *eng, const char *key_id,
UI_METHOD *ui_method, void *callback_data);
#endif
/* The constants used when creating the ENGINE */
static const char *engine_openssl_id = "openssl";
static const char *engine_openssl_name = "Software engine support";
/* This internal function is used by ENGINE_openssl() and possibly by the
* "dynamic" ENGINE support too */
static int
bind_helper(ENGINE *e)
{
if (!ENGINE_set_id(e, engine_openssl_id) ||
!ENGINE_set_name(e, engine_openssl_name)
#ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS
#ifndef OPENSSL_NO_RSA
|| !ENGINE_set_RSA(e, RSA_get_default_method())
#endif
#ifndef OPENSSL_NO_DSA
|| !ENGINE_set_DSA(e, DSA_get_default_method())
#endif
#ifndef OPENSSL_NO_ECDH
|| !ENGINE_set_ECDH(e, ECDH_OpenSSL())
#endif
#ifndef OPENSSL_NO_ECDSA
|| !ENGINE_set_ECDSA(e, ECDSA_OpenSSL())
#endif
#ifndef OPENSSL_NO_DH
|| !ENGINE_set_DH(e, DH_get_default_method())
#endif
|| !ENGINE_set_RAND(e, RAND_SSLeay())
#ifdef TEST_ENG_OPENSSL_RC4
|| !ENGINE_set_ciphers(e, openssl_ciphers)
#endif
#ifdef TEST_ENG_OPENSSL_SHA
|| !ENGINE_set_digests(e, openssl_digests)
#endif
#endif
#ifdef TEST_ENG_OPENSSL_PKEY
|| !ENGINE_set_load_privkey_function(e, openssl_load_privkey)
#endif
)
return 0;
/* If we add errors to this ENGINE, ensure the error handling is setup here */
/* openssl_load_error_strings(); */
return 1;
}
static ENGINE *
engine_openssl(void)
{
ENGINE *ret = ENGINE_new();
if (ret == NULL)
return NULL;
if (!bind_helper(ret)) {
ENGINE_free(ret);
return NULL;
}
return ret;
}
void
ENGINE_load_openssl(void)
{
ENGINE *toadd = engine_openssl();
if (toadd == NULL)
return;
(void) ENGINE_add(toadd);
/* If the "add" worked, it gets a structural reference. So either way,
* we release our just-created reference. */
ENGINE_free(toadd);
ERR_clear_error();
}
/* This stuff is needed if this ENGINE is being compiled into a self-contained
* shared-library. */
#ifdef ENGINE_DYNAMIC_SUPPORT
static int
bind_fn(ENGINE *e, const char *id)
{
if (id && (strcmp(id, engine_openssl_id) != 0))
return 0;
if (!bind_helper(e))
return 0;
return 1;
}
IMPLEMENT_DYNAMIC_CHECK_FN()
IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
#endif /* ENGINE_DYNAMIC_SUPPORT */
#ifdef TEST_ENG_OPENSSL_RC4
/* This section of code compiles an "alternative implementation" of two modes of
* RC4 into this ENGINE. The result is that EVP_CIPHER operation for "rc4"
* should under normal circumstances go via this support rather than the default
* EVP support. There are other symbols to tweak the testing;
* TEST_ENC_OPENSSL_RC4_OTHERS - print a one line message to stderr each time
* we're asked for a cipher we don't support (should not happen).
* TEST_ENG_OPENSSL_RC4_P_INIT - print a one line message to stderr each time
* the "init_key" handler is called.
* TEST_ENG_OPENSSL_RC4_P_CIPHER - ditto for the "cipher" handler.
*/
#include <openssl/rc4.h>
#define TEST_RC4_KEY_SIZE 16
static int test_cipher_nids[] = {NID_rc4, NID_rc4_40};
static int test_cipher_nids_number = 2;
typedef struct {
unsigned char key[TEST_RC4_KEY_SIZE];
RC4_KEY ks;
} TEST_RC4_KEY;
#define test(ctx) ((TEST_RC4_KEY *)(ctx)->cipher_data)
static int
test_rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
#ifdef TEST_ENG_OPENSSL_RC4_P_INIT
fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_init_key() called\n");
#endif
memcpy(&test(ctx)->key[0], key, EVP_CIPHER_CTX_key_length(ctx));
RC4_set_key(&test(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx),
test(ctx)->key);
return 1;
}
static int
test_rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t inl)
{
#ifdef TEST_ENG_OPENSSL_RC4_P_CIPHER
fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_cipher() called\n");
#endif
RC4(&test(ctx)->ks, inl, in, out);
return 1;
}
static const EVP_CIPHER test_r4_cipher = {
NID_rc4,
1, TEST_RC4_KEY_SIZE, 0,
EVP_CIPH_VARIABLE_LENGTH,
test_rc4_init_key,
test_rc4_cipher,
NULL,
sizeof(TEST_RC4_KEY),
NULL,
NULL,
NULL,
NULL
};
static const EVP_CIPHER test_r4_40_cipher = {
NID_rc4_40,
1,5 /* 40 bit */,0,
EVP_CIPH_VARIABLE_LENGTH,
test_rc4_init_key,
test_rc4_cipher,
NULL,
sizeof(TEST_RC4_KEY),
NULL,
NULL,
NULL,
NULL
};
static int
openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid)
{
if (!cipher) {
/* We are returning a list of supported nids */
*nids = test_cipher_nids;
return test_cipher_nids_number;
}
/* We are being asked for a specific cipher */
if (nid == NID_rc4)
*cipher = &test_r4_cipher;
else if (nid == NID_rc4_40)
*cipher = &test_r4_40_cipher;
else {
#ifdef TEST_ENG_OPENSSL_RC4_OTHERS
fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) returning NULL for "
"nid %d\n", nid);
#endif
*cipher = NULL;
return 0;
}
return 1;
}
#endif
#ifdef TEST_ENG_OPENSSL_SHA
/* Much the same sort of comment as for TEST_ENG_OPENSSL_RC4 */
#include <openssl/sha.h>
static int test_digest_nids[] = {NID_sha1};
static int test_digest_nids_number = 1;
static int
test_sha1_init(EVP_MD_CTX *ctx)
{
#ifdef TEST_ENG_OPENSSL_SHA_P_INIT
fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_init() called\n");
#endif
return SHA1_Init(ctx->md_data);
}
static int
test_sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
#ifdef TEST_ENG_OPENSSL_SHA_P_UPDATE
fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_update() called\n");
#endif
return SHA1_Update(ctx->md_data, data, count);
}
static int
test_sha1_final(EVP_MD_CTX *ctx, unsigned char *md)
{
#ifdef TEST_ENG_OPENSSL_SHA_P_FINAL
fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_final() called\n");
#endif
return SHA1_Final(md, ctx->md_data);
}
static const EVP_MD test_sha_md = {
.type = NID_sha1,
.pkey_type = NID_sha1WithRSAEncryption,
.md_size = SHA_DIGEST_LENGTH,
.flags = 0,
.init = test_sha1_init,
.update = test_sha1_update,
.final = test_sha1_final,
.copy = NULL,
.cleanup = NULL,
.block_size = SHA_CBLOCK,
.ctx_size = sizeof(EVP_MD *) + sizeof(SHA_CTX),
};
static int
openssl_digests(ENGINE *e, const EVP_MD **digest, const int **nids, int nid)
{
if (!digest) {
/* We are returning a list of supported nids */
*nids = test_digest_nids;
return test_digest_nids_number;
}
/* We are being asked for a specific digest */
if (nid == NID_sha1)
*digest = &test_sha_md;
else {
#ifdef TEST_ENG_OPENSSL_SHA_OTHERS
fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) returning NULL for "
"nid %d\n", nid);
#endif
*digest = NULL;
return 0;
}
return 1;
}
#endif
#ifdef TEST_ENG_OPENSSL_PKEY
static EVP_PKEY *
openssl_load_privkey(ENGINE *eng, const char *key_id, UI_METHOD *ui_method,
void *callback_data)
{
BIO *in;
EVP_PKEY *key;
fprintf(stderr, "(TEST_ENG_OPENSSL_PKEY)Loading Private key %s\n",
key_id);
in = BIO_new_file(key_id, "r");
if (!in)
return NULL;
key = PEM_read_bio_PrivateKey(in, NULL, 0, NULL);
BIO_free(in);
return key;
}
#endif

184
lib/libcrypto/engine/eng_pkey.c
View file

@ -1,184 +0,0 @@
/* $OpenBSD: eng_pkey.c,v 1.7 2017/01/29 17:49:23 beck Exp $ */
/* ====================================================================
* Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <openssl/err.h>
#include "eng_int.h"
/* Basic get/set stuff */
int
ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f)
{
e->load_privkey = loadpriv_f;
return 1;
}
int
ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f)
{
e->load_pubkey = loadpub_f;
return 1;
}
int
ENGINE_set_load_ssl_client_cert_function(ENGINE *e,
ENGINE_SSL_CLIENT_CERT_PTR loadssl_f)
{
e->load_ssl_client_cert = loadssl_f;
return 1;
}
ENGINE_LOAD_KEY_PTR
ENGINE_get_load_privkey_function(const ENGINE *e)
{
return e->load_privkey;
}
ENGINE_LOAD_KEY_PTR
ENGINE_get_load_pubkey_function(const ENGINE *e)
{
return e->load_pubkey;
}
ENGINE_SSL_CLIENT_CERT_PTR
ENGINE_get_ssl_client_cert_function(const ENGINE *e)
{
return e->load_ssl_client_cert;
}
/* API functions to load public/private keys */
EVP_PKEY *
ENGINE_load_private_key(ENGINE *e, const char *key_id, UI_METHOD *ui_method,
void *callback_data)
{
EVP_PKEY *pkey;
if (e == NULL) {
ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
if (e->funct_ref == 0) {
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
ENGINEerror(ENGINE_R_NOT_INITIALISED);
return 0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
if (!e->load_privkey) {
ENGINEerror(ENGINE_R_NO_LOAD_FUNCTION);
return 0;
}
pkey = e->load_privkey(e, key_id, ui_method, callback_data);
if (!pkey) {
ENGINEerror(ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
return 0;
}
return pkey;
}
EVP_PKEY *
ENGINE_load_public_key(ENGINE *e, const char *key_id, UI_METHOD *ui_method,
void *callback_data)
{
EVP_PKEY *pkey;
if (e == NULL) {
ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
if (e->funct_ref == 0) {
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
ENGINEerror(ENGINE_R_NOT_INITIALISED);
return 0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
if (!e->load_pubkey) {
ENGINEerror(ENGINE_R_NO_LOAD_FUNCTION);
return 0;
}
pkey = e->load_pubkey(e, key_id, ui_method, callback_data);
if (!pkey) {
ENGINEerror(ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
return 0;
}
return pkey;
}
int
ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s, STACK_OF(X509_NAME) *ca_dn,
X509 **pcert, EVP_PKEY **ppkey, STACK_OF(X509) **pother,
UI_METHOD *ui_method, void *callback_data)
{
if (e == NULL) {
ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
if (e->funct_ref == 0) {
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
ENGINEerror(ENGINE_R_NOT_INITIALISED);
return 0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
if (!e->load_ssl_client_cert) {
ENGINEerror(ENGINE_R_NO_LOAD_FUNCTION);
return 0;
}
return e->load_ssl_client_cert(e, s, ca_dn, pcert, ppkey, pother,
ui_method, callback_data);
}

354
lib/libcrypto/engine/eng_table.c
View file

@ -1,354 +0,0 @@
/* $OpenBSD: eng_table.c,v 1.10 2022/12/26 07:18:52 jmc Exp $ */
/* ====================================================================
* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/lhash.h>
#include "eng_int.h"
/* The type of the items in the table */
typedef struct st_engine_pile {
/* The 'nid' of this algorithm/mode */
int nid;
/* ENGINEs that implement this algorithm/mode. */
STACK_OF(ENGINE) *sk;
/* The default ENGINE to perform this algorithm/mode. */
ENGINE *funct;
/* Zero if 'sk' is newer than the cached 'funct', non-zero otherwise */
int uptodate;
} ENGINE_PILE;
DECLARE_LHASH_OF(ENGINE_PILE);
/* The type exposed in eng_int.h */
struct st_engine_table {
LHASH_OF(ENGINE_PILE) piles;
}; /* ENGINE_TABLE */
typedef struct st_engine_pile_doall {
engine_table_doall_cb *cb;
void *arg;
} ENGINE_PILE_DOALL;
/* Global flags (ENGINE_TABLE_FLAG_***). */
static unsigned int table_flags = 0;
/* API function manipulating 'table_flags' */
unsigned int
ENGINE_get_table_flags(void)
{
return table_flags;
}
void
ENGINE_set_table_flags(unsigned int flags)
{
table_flags = flags;
}
/* Internal functions for the "piles" hash table */
static unsigned long
engine_pile_hash(const ENGINE_PILE *c)
{
return c->nid;
}
static int
engine_pile_cmp(const ENGINE_PILE *a, const ENGINE_PILE *b)
{
return a->nid - b->nid;
}
static IMPLEMENT_LHASH_HASH_FN(engine_pile, ENGINE_PILE)
static IMPLEMENT_LHASH_COMP_FN(engine_pile, ENGINE_PILE)
static int
int_table_check(ENGINE_TABLE **t, int create)
{
LHASH_OF(ENGINE_PILE) *lh;
if (*t)
return 1;
if (!create)
return 0;
if ((lh = lh_ENGINE_PILE_new()) == NULL)
return 0;
*t = (ENGINE_TABLE *)lh;
return 1;
}
/* Privately exposed (via eng_int.h) functions for adding and/or removing
* ENGINEs from the implementation table */
int
engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
ENGINE *e, const int *nids, int num_nids, int setdefault)
{
int ret = 0, added = 0;
ENGINE_PILE tmplate, *fnd;
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
if (!(*table))
added = 1;
if (!int_table_check(table, 1))
goto end;
if (added)
/* The cleanup callback needs to be added */
engine_cleanup_add_first(cleanup);
while (num_nids--) {
tmplate.nid = *nids;
fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate);
if (!fnd) {
fnd = malloc(sizeof(ENGINE_PILE));
if (!fnd)
goto end;
fnd->uptodate = 1;
fnd->nid = *nids;
fnd->sk = sk_ENGINE_new_null();
if (!fnd->sk) {
free(fnd);
goto end;
}
fnd->funct = NULL;
(void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd);
}
/* A registration shouldn't add duplicate entries */
(void)sk_ENGINE_delete_ptr(fnd->sk, e);
/* if 'setdefault', this ENGINE goes to the head of the list */
if (!sk_ENGINE_push(fnd->sk, e))
goto end;
/* "touch" this ENGINE_PILE */
fnd->uptodate = 0;
if (setdefault) {
if (!engine_unlocked_init(e)) {
ENGINEerror(ENGINE_R_INIT_FAILED);
goto end;
}
if (fnd->funct)
engine_unlocked_finish(fnd->funct, 0);
fnd->funct = e;
fnd->uptodate = 1;
}
nids++;
}
ret = 1;
end:
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
return ret;
}
static void
int_unregister_cb_doall_arg(ENGINE_PILE *pile, ENGINE *e)
{
int n;
/* Iterate the 'c->sk' stack removing any occurrence of 'e' */
while ((n = sk_ENGINE_find(pile->sk, e)) >= 0) {
(void)sk_ENGINE_delete(pile->sk, n);
pile->uptodate = 0;
}
if (pile->funct == e) {
engine_unlocked_finish(e, 0);
pile->funct = NULL;
}
}
static IMPLEMENT_LHASH_DOALL_ARG_FN(int_unregister_cb, ENGINE_PILE, ENGINE)
void
engine_table_unregister(ENGINE_TABLE **table, ENGINE *e)
{
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
if (int_table_check(table, 0))
lh_ENGINE_PILE_doall_arg(&(*table)->piles,
LHASH_DOALL_ARG_FN(int_unregister_cb), ENGINE, e);
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
}
static void
int_cleanup_cb_doall(ENGINE_PILE *p)
{
sk_ENGINE_free(p->sk);
if (p->funct)
engine_unlocked_finish(p->funct, 0);
free(p);
}
static IMPLEMENT_LHASH_DOALL_FN(int_cleanup_cb, ENGINE_PILE)
void
engine_table_cleanup(ENGINE_TABLE **table)
{
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
if (*table) {
lh_ENGINE_PILE_doall(&(*table)->piles,
LHASH_DOALL_FN(int_cleanup_cb));
lh_ENGINE_PILE_free(&(*table)->piles);
*table = NULL;
}
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
}
/* return a functional reference for a given 'nid' */
#ifndef ENGINE_TABLE_DEBUG
ENGINE *
engine_table_select(ENGINE_TABLE **table, int nid)
#else
ENGINE *
engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, int l)
#endif
{
ENGINE *ret = NULL;
ENGINE_PILE tmplate, *fnd = NULL;
int initres, loop = 0;
if (!(*table)) {
#ifdef ENGINE_TABLE_DEBUG
fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, nothing "
"registered!\n", f, l, nid);
#endif
return NULL;
}
ERR_set_mark();
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
/* Check again inside the lock otherwise we could race against cleanup
* operations. But don't worry about a fprintf(stderr). */
if (!int_table_check(table, 0))
goto end;
tmplate.nid = nid;
fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate);
if (!fnd)
goto end;
if (fnd->funct && engine_unlocked_init(fnd->funct)) {
#ifdef ENGINE_TABLE_DEBUG
fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using "
"ENGINE '%s' cached\n", f, l, nid, fnd->funct->id);
#endif
ret = fnd->funct;
goto end;
}
if (fnd->uptodate) {
ret = fnd->funct;
goto end;
}
trynext:
ret = sk_ENGINE_value(fnd->sk, loop++);
if (!ret) {
#ifdef ENGINE_TABLE_DEBUG
fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, no "
"registered implementations would initialise\n", f, l, nid);
#endif
goto end;
}
/* Try to initialise the ENGINE? */
if ((ret->funct_ref > 0) || !(table_flags & ENGINE_TABLE_FLAG_NOINIT))
initres = engine_unlocked_init(ret);
else
initres = 0;
if (initres) {
/* Update 'funct' */
if ((fnd->funct != ret) && engine_unlocked_init(ret)) {
/* If there was a previous default we release it. */
if (fnd->funct)
engine_unlocked_finish(fnd->funct, 0);
fnd->funct = ret;
#ifdef ENGINE_TABLE_DEBUG
fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, "
"setting default to '%s'\n", f, l, nid, ret->id);
#endif
}
#ifdef ENGINE_TABLE_DEBUG
fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using "
"newly initialised '%s'\n", f, l, nid, ret->id);
#endif
goto end;
}
goto trynext;
end:
/* If it failed, it is unlikely to succeed again until some future
* registrations have taken place. In all cases, we cache. */
if (fnd)
fnd->uptodate = 1;
#ifdef ENGINE_TABLE_DEBUG
if (ret)
fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching "
"ENGINE '%s'\n", f, l, nid, ret->id);
else
fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching "
"'no matching ENGINE'\n", f, l, nid);
#endif
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
/* Whatever happened, any failed init()s are not failures in this
* context, so clear our error state. */
ERR_pop_to_mark();
return ret;
}
/* Table enumeration */
static void
int_cb_doall_arg(ENGINE_PILE *pile, ENGINE_PILE_DOALL *dall)
{
dall->cb(pile->nid, pile->sk, pile->funct, dall->arg);
}
static IMPLEMENT_LHASH_DOALL_ARG_FN(int_cb, ENGINE_PILE, ENGINE_PILE_DOALL)
void
engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb, void *arg)
{
ENGINE_PILE_DOALL dall;
dall.cb = cb;
dall.arg = arg;
lh_ENGINE_PILE_doall_arg(&table->piles, LHASH_DOALL_ARG_FN(int_cb),
ENGINE_PILE_DOALL, &dall);
}

26
lib/libcrypto/engine/engine.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: engine.h,v 1.39 2023/07/21 09:04:23 tb Exp $ */
/* $OpenBSD: engine.h,v 1.41 2023/07/28 09:22:26 tb Exp $ */
/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
* project 2000.
*/
@ -76,12 +76,6 @@
#ifndef OPENSSL_NO_EC
#include <openssl/ec.h>
#endif
#ifndef OPENSSL_NO_ECDH
#include <openssl/ecdh.h>
#endif
#ifndef OPENSSL_NO_ECDSA
#include <openssl/ecdsa.h>
#endif
#include <openssl/err.h>
#ifndef OPENSSL_NO_RSA
#include <openssl/rsa.h>
@ -101,8 +95,6 @@ extern "C" {
#define ENGINE_METHOD_DSA (unsigned int)0x0002
#define ENGINE_METHOD_DH (unsigned int)0x0004
#define ENGINE_METHOD_RAND (unsigned int)0x0008
#define ENGINE_METHOD_ECDH (unsigned int)0x0010
#define ENGINE_METHOD_ECDSA (unsigned int)0x0020
#define ENGINE_METHOD_CIPHERS (unsigned int)0x0040
#define ENGINE_METHOD_DIGESTS (unsigned int)0x0080
#define ENGINE_METHOD_STORE (unsigned int)0x0100
@ -379,14 +371,6 @@ int ENGINE_register_DSA(ENGINE *e);
void ENGINE_unregister_DSA(ENGINE *e);
void ENGINE_register_all_DSA(void);
int ENGINE_register_ECDH(ENGINE *e);
void ENGINE_unregister_ECDH(ENGINE *e);
void ENGINE_register_all_ECDH(void);
int ENGINE_register_ECDSA(ENGINE *e);
void ENGINE_unregister_ECDSA(ENGINE *e);
void ENGINE_register_all_ECDSA(void);
int ENGINE_register_EC(ENGINE *e);
void ENGINE_unregister_EC(ENGINE *e);
void ENGINE_register_all_EC(void);
@ -483,8 +467,6 @@ int ENGINE_set_id(ENGINE *e, const char *id);
int ENGINE_set_name(ENGINE *e, const char *name);
int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth);
int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth);
int ENGINE_set_EC(ENGINE *e, const EC_KEY_METHOD *ec_meth);
int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
@ -523,8 +505,6 @@ const char *ENGINE_get_id(const ENGINE *e);
const char *ENGINE_get_name(const ENGINE *e);
const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e);
const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e);
const EC_KEY_METHOD *ENGINE_get_EC(const ENGINE *e);
const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
@ -591,8 +571,6 @@ int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s,
ENGINE *ENGINE_get_default_RSA(void);
/* Same for the other "methods" */
ENGINE *ENGINE_get_default_DSA(void);
ENGINE *ENGINE_get_default_ECDH(void);
ENGINE *ENGINE_get_default_ECDSA(void);
ENGINE *ENGINE_get_default_EC(void);
ENGINE *ENGINE_get_default_DH(void);
ENGINE *ENGINE_get_default_RAND(void);
@ -611,8 +589,6 @@ int ENGINE_set_default_RSA(ENGINE *e);
int ENGINE_set_default_string(ENGINE *e, const char *def_list);
/* Same for the other "methods" */
int ENGINE_set_default_DSA(ENGINE *e);
int ENGINE_set_default_ECDH(ENGINE *e);
int ENGINE_set_default_ECDSA(ENGINE *e);
int ENGINE_set_default_EC(ENGINE *e);
int ENGINE_set_default_DH(ENGINE *e);
int ENGINE_set_default_RAND(ENGINE *e);

255
lib/libcrypto/engine/tb_asnmth.c
View file

@ -1,255 +0,0 @@
/* $OpenBSD: tb_asnmth.c,v 1.7 2022/11/26 16:08:52 tb Exp $ */
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <string.h>
#include <openssl/err.h>
#include "eng_int.h"
#include "asn1_local.h"
#include <openssl/evp.h>
/* If this symbol is defined then ENGINE_get_pkey_asn1_meth_engine(), the
* function that is used by EVP to hook in pkey_asn1_meth code and cache
* defaults (etc), will display brief debugging summaries to stderr with the
* 'nid'. */
/* #define ENGINE_PKEY_ASN1_METH_DEBUG */
static ENGINE_TABLE *pkey_asn1_meth_table = NULL;
void
ENGINE_unregister_pkey_asn1_meths(ENGINE *e)
{
engine_table_unregister(&pkey_asn1_meth_table, e);
}
static void
engine_unregister_all_pkey_asn1_meths(void)
{
engine_table_cleanup(&pkey_asn1_meth_table);
}
int
ENGINE_register_pkey_asn1_meths(ENGINE *e)
{
if (e->pkey_asn1_meths) {
const int *nids;
int num_nids = e->pkey_asn1_meths(e, NULL, &nids, 0);
if (num_nids > 0)
return engine_table_register(&pkey_asn1_meth_table,
engine_unregister_all_pkey_asn1_meths, e, nids,
num_nids, 0);
}
return 1;
}
void
ENGINE_register_all_pkey_asn1_meths(void)
{
ENGINE *e;
for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
ENGINE_register_pkey_asn1_meths(e);
}
int
ENGINE_set_default_pkey_asn1_meths(ENGINE *e)
{
if (e->pkey_asn1_meths) {
const int *nids;
int num_nids = e->pkey_asn1_meths(e, NULL, &nids, 0);
if (num_nids > 0)
return engine_table_register(&pkey_asn1_meth_table,
engine_unregister_all_pkey_asn1_meths, e, nids,
num_nids, 1);
}
return 1;
}
/* Exposed API function to get a functional reference from the implementation
* table (ie. try to get a functional reference from the tabled structural
* references) for a given pkey_asn1_meth 'nid' */
ENGINE *
ENGINE_get_pkey_asn1_meth_engine(int nid)
{
return engine_table_select(&pkey_asn1_meth_table, nid);
}
/* Obtains a pkey_asn1_meth implementation from an ENGINE functional reference */
const EVP_PKEY_ASN1_METHOD *
ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid)
{
EVP_PKEY_ASN1_METHOD *ret;
ENGINE_PKEY_ASN1_METHS_PTR fn = ENGINE_get_pkey_asn1_meths(e);
if (!fn || !fn(e, &ret, NULL, nid)) {
ENGINEerror(ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD);
return NULL;
}
return ret;
}
/* Gets the pkey_asn1_meth callback from an ENGINE structure */
ENGINE_PKEY_ASN1_METHS_PTR
ENGINE_get_pkey_asn1_meths(const ENGINE *e)
{
return e->pkey_asn1_meths;
}
/* Sets the pkey_asn1_meth callback in an ENGINE structure */
int
ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f)
{
e->pkey_asn1_meths = f;
return 1;
}
/* Internal function to free up EVP_PKEY_ASN1_METHOD structures before an
* ENGINE is destroyed
*/
void
engine_pkey_asn1_meths_free(ENGINE *e)
{
int i;
EVP_PKEY_ASN1_METHOD *pkm;
if (e->pkey_asn1_meths) {
const int *pknids;
int npknids;
npknids = e->pkey_asn1_meths(e, NULL, &pknids, 0);
for (i = 0; i < npknids; i++) {
if (e->pkey_asn1_meths(e, &pkm, NULL, pknids[i])) {
EVP_PKEY_asn1_free(pkm);
}
}
}
}
/* Find a method based on a string. This does a linear search through
* all implemented algorithms. This is OK in practice because only
* a small number of algorithms are likely to be implemented in an engine
* and it is not used for speed critical operations.
*/
const EVP_PKEY_ASN1_METHOD *
ENGINE_get_pkey_asn1_meth_str(ENGINE *e, const char *str, int len)
{
int i, nidcount;
const int *nids;
EVP_PKEY_ASN1_METHOD *ameth;
if (!e->pkey_asn1_meths)
return NULL;
if (len == -1)
len = strlen(str);
nidcount = e->pkey_asn1_meths(e, NULL, &nids, 0);
for (i = 0; i < nidcount; i++) {
e->pkey_asn1_meths(e, &ameth, NULL, nids[i]);
if (((int)strlen(ameth->pem_str) == len) &&
!strncasecmp(ameth->pem_str, str, len))
return ameth;
}
return NULL;
}
typedef struct {
ENGINE *e;
const EVP_PKEY_ASN1_METHOD *ameth;
const char *str;
int len;
} ENGINE_FIND_STR;
static void
look_str_cb(int nid, STACK_OF(ENGINE) *sk, ENGINE *def, void *arg)
{
ENGINE_FIND_STR *lk = arg;
int i;
if (lk->ameth)
return;
for (i = 0; i < sk_ENGINE_num(sk); i++) {
ENGINE *e = sk_ENGINE_value(sk, i);
EVP_PKEY_ASN1_METHOD *ameth;
e->pkey_asn1_meths(e, &ameth, NULL, nid);
if (((int)strlen(ameth->pem_str) == lk->len) &&
!strncasecmp(ameth->pem_str, lk->str, lk->len)) {
lk->e = e;
lk->ameth = ameth;
return;
}
}
}
const EVP_PKEY_ASN1_METHOD *
ENGINE_pkey_asn1_find_str(ENGINE **pe, const char *str, int len)
{
ENGINE_FIND_STR fstr;
fstr.e = NULL;
fstr.ameth = NULL;
fstr.str = str;
fstr.len = len;
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
engine_table_doall(pkey_asn1_meth_table, look_str_cb, &fstr);
/* If found obtain a structural reference to engine */
if (fstr.e) {
fstr.e->struct_ref++;
engine_ref_debug(fstr.e, 0, 1)
}
*pe = fstr.e;
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
return fstr.ameth;
}

152
lib/libcrypto/engine/tb_cipher.c
View file

@ -1,152 +0,0 @@
/* $OpenBSD: tb_cipher.c,v 1.8 2017/01/29 17:49:23 beck Exp $ */
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <openssl/err.h>
#include "eng_int.h"
/* If this symbol is defined then ENGINE_get_cipher_engine(), the function that
* is used by EVP to hook in cipher code and cache defaults (etc), will display
* brief debugging summaries to stderr with the 'nid'. */
/* #define ENGINE_CIPHER_DEBUG */
static ENGINE_TABLE *cipher_table = NULL;
void
ENGINE_unregister_ciphers(ENGINE *e)
{
engine_table_unregister(&cipher_table, e);
}
static void
engine_unregister_all_ciphers(void)
{
engine_table_cleanup(&cipher_table);
}
int
ENGINE_register_ciphers(ENGINE *e)
{
if (e->ciphers) {
const int *nids;
int num_nids = e->ciphers(e, NULL, &nids, 0);
if (num_nids > 0)
return engine_table_register(&cipher_table,
engine_unregister_all_ciphers, e, nids,
num_nids, 0);
}
return 1;
}
void
ENGINE_register_all_ciphers(void)
{
ENGINE *e;
for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
ENGINE_register_ciphers(e);
}
int
ENGINE_set_default_ciphers(ENGINE *e)
{
if (e->ciphers) {
const int *nids;
int num_nids = e->ciphers(e, NULL, &nids, 0);
if (num_nids > 0)
return engine_table_register(&cipher_table,
engine_unregister_all_ciphers, e, nids,
num_nids, 1);
}
return 1;
}
/* Exposed API function to get a functional reference from the implementation
* table (ie. try to get a functional reference from the tabled structural
* references) for a given cipher 'nid' */
ENGINE *
ENGINE_get_cipher_engine(int nid)
{
return engine_table_select(&cipher_table, nid);
}
/* Obtains a cipher implementation from an ENGINE functional reference */
const EVP_CIPHER *
ENGINE_get_cipher(ENGINE *e, int nid)
{
const EVP_CIPHER *ret;
ENGINE_CIPHERS_PTR fn = ENGINE_get_ciphers(e);
if (!fn || !fn(e, &ret, NULL, nid)) {
ENGINEerror(ENGINE_R_UNIMPLEMENTED_CIPHER);
return NULL;
}
return ret;
}
/* Gets the cipher callback from an ENGINE structure */
ENGINE_CIPHERS_PTR
ENGINE_get_ciphers(const ENGINE *e)
{
return e->ciphers;
}
/* Sets the cipher callback in an ENGINE structure */
int
ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f)
{
e->ciphers = f;
return 1;
}

127
lib/libcrypto/engine/tb_dh.c
View file

@ -1,127 +0,0 @@
/* $OpenBSD: tb_dh.c,v 1.6 2014/06/12 15:49:29 deraadt Exp $ */
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include "eng_int.h"
/* If this symbol is defined then ENGINE_get_default_DH(), the function that is
* used by DH to hook in implementation code and cache defaults (etc), will
* display brief debugging summaries to stderr with the 'nid'. */
/* #define ENGINE_DH_DEBUG */
static ENGINE_TABLE *dh_table = NULL;
static const int dummy_nid = 1;
void
ENGINE_unregister_DH(ENGINE *e)
{
engine_table_unregister(&dh_table, e);
}
static void
engine_unregister_all_DH(void)
{
engine_table_cleanup(&dh_table);
}
int
ENGINE_register_DH(ENGINE *e)
{
if (e->dh_meth)
return engine_table_register(&dh_table,
engine_unregister_all_DH, e, &dummy_nid, 1, 0);
return 1;
}
void
ENGINE_register_all_DH(void)
{
ENGINE *e;
for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
ENGINE_register_DH(e);
}
int
ENGINE_set_default_DH(ENGINE *e)
{
if (e->dh_meth)
return engine_table_register(&dh_table,
engine_unregister_all_DH, e, &dummy_nid, 1, 1);
return 1;
}
/* Exposed API function to get a functional reference from the implementation
* table (ie. try to get a functional reference from the tabled structural
* references). */
ENGINE *
ENGINE_get_default_DH(void)
{
return engine_table_select(&dh_table, dummy_nid);
}
/* Obtains an DH implementation from an ENGINE functional reference */
const DH_METHOD *
ENGINE_get_DH(const ENGINE *e)
{
return e->dh_meth;
}
/* Sets an DH implementation in an ENGINE structure */
int
ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth)
{
e->dh_meth = dh_meth;
return 1;
}

152
lib/libcrypto/engine/tb_digest.c
View file

@ -1,152 +0,0 @@
/* $OpenBSD: tb_digest.c,v 1.8 2017/01/29 17:49:23 beck Exp $ */
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <openssl/err.h>
#include "eng_int.h"
/* If this symbol is defined then ENGINE_get_digest_engine(), the function that
* is used by EVP to hook in digest code and cache defaults (etc), will display
* brief debugging summaries to stderr with the 'nid'. */
/* #define ENGINE_DIGEST_DEBUG */
static ENGINE_TABLE *digest_table = NULL;
void
ENGINE_unregister_digests(ENGINE *e)
{
engine_table_unregister(&digest_table, e);
}
static void
engine_unregister_all_digests(void)
{
engine_table_cleanup(&digest_table);
}
int
ENGINE_register_digests(ENGINE *e)
{
if (e->digests) {
const int *nids;
int num_nids = e->digests(e, NULL, &nids, 0);
if (num_nids > 0)
return engine_table_register(&digest_table,
engine_unregister_all_digests, e, nids,
num_nids, 0);
}
return 1;
}
void
ENGINE_register_all_digests(void)
{
ENGINE *e;
for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
ENGINE_register_digests(e);
}
int
ENGINE_set_default_digests(ENGINE *e)
{
if (e->digests) {
const int *nids;
int num_nids = e->digests(e, NULL, &nids, 0);
if (num_nids > 0)
return engine_table_register(&digest_table,
engine_unregister_all_digests, e, nids,
num_nids, 1);
}
return 1;
}
/* Exposed API function to get a functional reference from the implementation
* table (ie. try to get a functional reference from the tabled structural
* references) for a given digest 'nid' */
ENGINE *
ENGINE_get_digest_engine(int nid)
{
return engine_table_select(&digest_table, nid);
}
/* Obtains a digest implementation from an ENGINE functional reference */
const EVP_MD *
ENGINE_get_digest(ENGINE *e, int nid)
{
const EVP_MD *ret;
ENGINE_DIGESTS_PTR fn = ENGINE_get_digests(e);
if (!fn || !fn(e, &ret, NULL, nid)) {
ENGINEerror(ENGINE_R_UNIMPLEMENTED_DIGEST);
return NULL;
}
return ret;
}
/* Gets the digest callback from an ENGINE structure */
ENGINE_DIGESTS_PTR
ENGINE_get_digests(const ENGINE *e)
{
return e->digests;
}
/* Sets the digest callback in an ENGINE structure */
int
ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f)
{
e->digests = f;
return 1;
}

127
lib/libcrypto/engine/tb_dsa.c
View file

@ -1,127 +0,0 @@
/* $OpenBSD: tb_dsa.c,v 1.7 2014/06/12 15:49:29 deraadt Exp $ */
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include "eng_int.h"
/* If this symbol is defined then ENGINE_get_default_DSA(), the function that is
* used by DSA to hook in implementation code and cache defaults (etc), will
* display brief debugging summaries to stderr with the 'nid'. */
/* #define ENGINE_DSA_DEBUG */
static ENGINE_TABLE *dsa_table = NULL;
static const int dummy_nid = 1;
void
ENGINE_unregister_DSA(ENGINE *e)
{
engine_table_unregister(&dsa_table, e);
}
static void
engine_unregister_all_DSA(void)
{
engine_table_cleanup(&dsa_table);
}
int
ENGINE_register_DSA(ENGINE *e)
{
if (e->dsa_meth)
return engine_table_register(&dsa_table,
engine_unregister_all_DSA, e, &dummy_nid, 1, 0);
return 1;
}
void
ENGINE_register_all_DSA(void)
{
ENGINE *e;
for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
ENGINE_register_DSA(e);
}
int
ENGINE_set_default_DSA(ENGINE *e)
{
if (e->dsa_meth)
return engine_table_register(&dsa_table,
engine_unregister_all_DSA, e, &dummy_nid, 1, 1);
return 1;
}
/* Exposed API function to get a functional reference from the implementation
* table (ie. try to get a functional reference from the tabled structural
* references). */
ENGINE *
ENGINE_get_default_DSA(void)
{
return engine_table_select(&dsa_table, dummy_nid);
}
/* Obtains an DSA implementation from an ENGINE functional reference */
const DSA_METHOD *
ENGINE_get_DSA(const ENGINE *e)
{
return e->dsa_meth;
}
/* Sets an DSA implementation in an ENGINE structure */
int
ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth)
{
e->dsa_meth = dsa_meth;
return 1;
}

141
lib/libcrypto/engine/tb_ecdh.c
View file

@ -1,141 +0,0 @@
/* $OpenBSD: tb_ecdh.c,v 1.4 2014/06/12 15:49:29 deraadt Exp $ */
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
* The Elliptic Curve Public-Key Crypto Library (ECC Code) included
* herein is developed by SUN MICROSYSTEMS, INC., and is contributed
* to the OpenSSL project.
*
* The ECC Code is licensed pursuant to the OpenSSL open source
* license provided below.
*
* The ECDH engine software is originally written by Nils Gura and
* Douglas Stebila of Sun Microsystems Laboratories.
*
*/
/* ====================================================================
* Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include "eng_int.h"
/* If this symbol is defined then ENGINE_get_default_ECDH(), the function that is
* used by ECDH to hook in implementation code and cache defaults (etc), will
* display brief debugging summaries to stderr with the 'nid'. */
/* #define ENGINE_ECDH_DEBUG */
static ENGINE_TABLE *ecdh_table = NULL;
static const int dummy_nid = 1;
void
ENGINE_unregister_ECDH(ENGINE *e)
{
engine_table_unregister(&ecdh_table, e);
}
static void
engine_unregister_all_ECDH(void)
{
engine_table_cleanup(&ecdh_table);
}
int
ENGINE_register_ECDH(ENGINE *e)
{
if (e->ecdh_meth)
return engine_table_register(&ecdh_table,
engine_unregister_all_ECDH, e, &dummy_nid, 1, 0);
return 1;
}
void
ENGINE_register_all_ECDH(void)
{
ENGINE *e;
for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
ENGINE_register_ECDH(e);
}
int
ENGINE_set_default_ECDH(ENGINE *e)
{
if (e->ecdh_meth)
return engine_table_register(&ecdh_table,
engine_unregister_all_ECDH, e, &dummy_nid, 1, 1);
return 1;
}
/* Exposed API function to get a functional reference from the implementation
* table (ie. try to get a functional reference from the tabled structural
* references). */
ENGINE *
ENGINE_get_default_ECDH(void)
{
return engine_table_select(&ecdh_table, dummy_nid);
}
/* Obtains an ECDH implementation from an ENGINE functional reference */
const ECDH_METHOD *
ENGINE_get_ECDH(const ENGINE *e)
{
return e->ecdh_meth;
}
/* Sets an ECDH implementation in an ENGINE structure */
int
ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth)
{
e->ecdh_meth = ecdh_meth;
return 1;
}

127
lib/libcrypto/engine/tb_ecdsa.c
View file

@ -1,127 +0,0 @@
/* $OpenBSD: tb_ecdsa.c,v 1.4 2014/06/12 15:49:29 deraadt Exp $ */
/* ====================================================================
* Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include "eng_int.h"
/* If this symbol is defined then ENGINE_get_default_ECDSA(), the function that is
* used by ECDSA to hook in implementation code and cache defaults (etc), will
* display brief debugging summaries to stderr with the 'nid'. */
/* #define ENGINE_ECDSA_DEBUG */
static ENGINE_TABLE *ecdsa_table = NULL;
static const int dummy_nid = 1;
void
ENGINE_unregister_ECDSA(ENGINE *e)
{
engine_table_unregister(&ecdsa_table, e);
}
static void
engine_unregister_all_ECDSA(void)
{
engine_table_cleanup(&ecdsa_table);
}
int
ENGINE_register_ECDSA(ENGINE *e)
{
if (e->ecdsa_meth)
return engine_table_register(&ecdsa_table,
engine_unregister_all_ECDSA, e, &dummy_nid, 1, 0);
return 1;
}
void
ENGINE_register_all_ECDSA(void)
{
ENGINE *e;
for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
ENGINE_register_ECDSA(e);
}
int
ENGINE_set_default_ECDSA(ENGINE *e)
{
if (e->ecdsa_meth)
return engine_table_register(&ecdsa_table,
engine_unregister_all_ECDSA, e, &dummy_nid, 1, 1);
return 1;
}
/* Exposed API function to get a functional reference from the implementation
* table (ie. try to get a functional reference from the tabled structural
* references). */
ENGINE *
ENGINE_get_default_ECDSA(void)
{
return engine_table_select(&ecdsa_table, dummy_nid);
}
/* Obtains an ECDSA implementation from an ENGINE functional reference */
const ECDSA_METHOD *
ENGINE_get_ECDSA(const ENGINE *e)
{
return e->ecdsa_meth;
}
/* Sets an ECDSA implementation in an ENGINE structure */
int
ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth)
{
e->ecdsa_meth = ecdsa_meth;
return 1;
}

124
lib/libcrypto/engine/tb_eckey.c
View file

@ -1,124 +0,0 @@
/* $OpenBSD: tb_eckey.c,v 1.2 2019/01/19 01:18:56 tb Exp $ */
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include "eng_int.h"
static ENGINE_TABLE *ec_table = NULL;
static const int dummy_nid = 1;
void
ENGINE_unregister_EC(ENGINE *e)
{
engine_table_unregister(&ec_table, e);
}
static void
engine_unregister_all_EC(void)
{
engine_table_cleanup(&ec_table);
}
int
ENGINE_register_EC(ENGINE *e)
{
if (e->ec_meth)
return engine_table_register(&ec_table,
engine_unregister_all_EC, e, &dummy_nid, 1, 0);
return 1;
}
void
ENGINE_register_all_EC(void)
{
ENGINE *e;
for (e = ENGINE_get_first(); e != NULL; e = ENGINE_get_next(e))
ENGINE_register_EC(e);
}
int
ENGINE_set_default_EC(ENGINE *e)
{
if (e->ec_meth != NULL)
return engine_table_register(&ec_table,
engine_unregister_all_EC, e, &dummy_nid, 1, 1);
return 1;
}
/*
* Exposed API function to get a functional reference from the implementation
* table (ie. try to get a functional reference from the tabled structural
* references).
*/
ENGINE *
ENGINE_get_default_EC(void)
{
return engine_table_select(&ec_table, dummy_nid);
}
/* Obtains an EC_KEY implementation from an ENGINE functional reference */
const EC_KEY_METHOD *
ENGINE_get_EC(const ENGINE *e)
{
return e->ec_meth;
}
/* Sets an EC_KEY implementation in an ENGINE structure */
int
ENGINE_set_EC(ENGINE *e, const EC_KEY_METHOD *ec_meth)
{
e->ec_meth = ec_meth;
return 1;
}

175
lib/libcrypto/engine/tb_pkmeth.c
View file

@ -1,175 +0,0 @@
/* $OpenBSD: tb_pkmeth.c,v 1.6 2017/01/29 17:49:23 beck Exp $ */
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <openssl/err.h>
#include "eng_int.h"
#include <openssl/evp.h>
/* If this symbol is defined then ENGINE_get_pkey_meth_engine(), the function
* that is used by EVP to hook in pkey_meth code and cache defaults (etc), will
* display brief debugging summaries to stderr with the 'nid'. */
/* #define ENGINE_PKEY_METH_DEBUG */
static ENGINE_TABLE *pkey_meth_table = NULL;
void
ENGINE_unregister_pkey_meths(ENGINE *e)
{
engine_table_unregister(&pkey_meth_table, e);
}
static void
engine_unregister_all_pkey_meths(void)
{
engine_table_cleanup(&pkey_meth_table);
}
int
ENGINE_register_pkey_meths(ENGINE *e)
{
if (e->pkey_meths) {
const int *nids;
int num_nids = e->pkey_meths(e, NULL, &nids, 0);
if (num_nids > 0)
return engine_table_register(&pkey_meth_table,
engine_unregister_all_pkey_meths, e, nids,
num_nids, 0);
}
return 1;
}
void
ENGINE_register_all_pkey_meths(void)
{
ENGINE *e;
for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
ENGINE_register_pkey_meths(e);
}
int
ENGINE_set_default_pkey_meths(ENGINE *e)
{
if (e->pkey_meths) {
const int *nids;
int num_nids = e->pkey_meths(e, NULL, &nids, 0);
if (num_nids > 0)
return engine_table_register(&pkey_meth_table,
engine_unregister_all_pkey_meths, e, nids,
num_nids, 1);
}
return 1;
}
/* Exposed API function to get a functional reference from the implementation
* table (ie. try to get a functional reference from the tabled structural
* references) for a given pkey_meth 'nid' */
ENGINE *
ENGINE_get_pkey_meth_engine(int nid)
{
return engine_table_select(&pkey_meth_table, nid);
}
/* Obtains a pkey_meth implementation from an ENGINE functional reference */
const EVP_PKEY_METHOD *
ENGINE_get_pkey_meth(ENGINE *e, int nid)
{
EVP_PKEY_METHOD *ret;
ENGINE_PKEY_METHS_PTR fn = ENGINE_get_pkey_meths(e);
if (!fn || !fn(e, &ret, NULL, nid)) {
ENGINEerror(ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD);
return NULL;
}
return ret;
}
/* Gets the pkey_meth callback from an ENGINE structure */
ENGINE_PKEY_METHS_PTR
ENGINE_get_pkey_meths(const ENGINE *e)
{
return e->pkey_meths;
}
/* Sets the pkey_meth callback in an ENGINE structure */
int
ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f)
{
e->pkey_meths = f;
return 1;
}
/* Internal function to free up EVP_PKEY_METHOD structures before an
* ENGINE is destroyed
*/
void
engine_pkey_meths_free(ENGINE *e)
{
int i;
EVP_PKEY_METHOD *pkm;
if (e->pkey_meths) {
const int *pknids;
int npknids;
npknids = e->pkey_meths(e, NULL, &pknids, 0);
for (i = 0; i < npknids; i++) {
if (e->pkey_meths(e, &pkm, NULL, pknids[i])) {
EVP_PKEY_meth_free(pkm);
}
}
}
}

127
lib/libcrypto/engine/tb_rand.c
View file

@ -1,127 +0,0 @@
/* $OpenBSD: tb_rand.c,v 1.6 2014/06/12 15:49:29 deraadt Exp $ */
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include "eng_int.h"
/* If this symbol is defined then ENGINE_get_default_RAND(), the function that is
* used by RAND to hook in implementation code and cache defaults (etc), will
* display brief debugging summaries to stderr with the 'nid'. */
/* #define ENGINE_RAND_DEBUG */
static ENGINE_TABLE *rand_table = NULL;
static const int dummy_nid = 1;
void
ENGINE_unregister_RAND(ENGINE *e)
{
engine_table_unregister(&rand_table, e);
}
static void
engine_unregister_all_RAND(void)
{
engine_table_cleanup(&rand_table);
}
int
ENGINE_register_RAND(ENGINE *e)
{
if (e->rand_meth)
return engine_table_register(&rand_table,
engine_unregister_all_RAND, e, &dummy_nid, 1, 0);
return 1;
}
void
ENGINE_register_all_RAND(void)
{
ENGINE *e;
for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
ENGINE_register_RAND(e);
}
int
ENGINE_set_default_RAND(ENGINE *e)
{
if (e->rand_meth)
return engine_table_register(&rand_table,
engine_unregister_all_RAND, e, &dummy_nid, 1, 1);
return 1;
}
/* Exposed API function to get a functional reference from the implementation
* table (ie. try to get a functional reference from the tabled structural
* references). */
ENGINE *
ENGINE_get_default_RAND(void)
{
return engine_table_select(&rand_table, dummy_nid);
}
/* Obtains an RAND implementation from an ENGINE functional reference */
const RAND_METHOD *
ENGINE_get_RAND(const ENGINE *e)
{
return e->rand_meth;
}
/* Sets an RAND implementation in an ENGINE structure */
int
ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth)
{
e->rand_meth = rand_meth;
return 1;
}

127
lib/libcrypto/engine/tb_rsa.c
View file

@ -1,127 +0,0 @@
/* $OpenBSD: tb_rsa.c,v 1.6 2014/06/12 15:49:29 deraadt Exp $ */
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include "eng_int.h"
/* If this symbol is defined then ENGINE_get_default_RSA(), the function that is
* used by RSA to hook in implementation code and cache defaults (etc), will
* display brief debugging summaries to stderr with the 'nid'. */
/* #define ENGINE_RSA_DEBUG */
static ENGINE_TABLE *rsa_table = NULL;
static const int dummy_nid = 1;
void
ENGINE_unregister_RSA(ENGINE *e)
{
engine_table_unregister(&rsa_table, e);
}
static void
engine_unregister_all_RSA(void)
{
engine_table_cleanup(&rsa_table);
}
int
ENGINE_register_RSA(ENGINE *e)
{
if (e->rsa_meth)
return engine_table_register(&rsa_table,
engine_unregister_all_RSA, e, &dummy_nid, 1, 0);
return 1;
}
void
ENGINE_register_all_RSA(void)
{
ENGINE *e;
for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
ENGINE_register_RSA(e);
}
int
ENGINE_set_default_RSA(ENGINE *e)
{
if (e->rsa_meth)
return engine_table_register(&rsa_table,
engine_unregister_all_RSA, e, &dummy_nid, 1, 1);
return 1;
}
/* Exposed API function to get a functional reference from the implementation
* table (ie. try to get a functional reference from the tabled structural
* references). */
ENGINE *
ENGINE_get_default_RSA(void)
{
return engine_table_select(&rsa_table, dummy_nid);
}
/* Obtains an RSA implementation from an ENGINE functional reference */
const RSA_METHOD *
ENGINE_get_RSA(const ENGINE *e)
{
return e->rsa_meth;
}
/* Sets an RSA implementation in an ENGINE structure */
int
ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth)
{
e->rsa_meth = rsa_meth;
return 1;
}

109
lib/libcrypto/engine/tb_store.c
View file

@ -1,109 +0,0 @@
/* $OpenBSD: tb_store.c,v 1.5 2015/02/07 13:19:15 doug Exp $ */
/* ====================================================================
* Copyright (c) 2003 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include "eng_int.h"
/* If this symbol is defined then ENGINE_get_default_STORE(), the function that is
* used by STORE to hook in implementation code and cache defaults (etc), will
* display brief debugging summaries to stderr with the 'nid'. */
/* #define ENGINE_STORE_DEBUG */
static ENGINE_TABLE *store_table = NULL;
static const int dummy_nid = 1;
void
ENGINE_unregister_STORE(ENGINE *e)
{
engine_table_unregister(&store_table, e);
}
static void
engine_unregister_all_STORE(void)
{
engine_table_cleanup(&store_table);
}
int
ENGINE_register_STORE(ENGINE *e)
{
if (e->store_meth)
return engine_table_register(&store_table,
engine_unregister_all_STORE, e, &dummy_nid, 1, 0);
return 1;
}
void
ENGINE_register_all_STORE(void)
{
ENGINE *e;
for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
ENGINE_register_STORE(e);
}
/* Obtains an STORE implementation from an ENGINE functional reference */
const STORE_METHOD *
ENGINE_get_STORE(const ENGINE *e)
{
return e->store_meth;
}
/* Sets an STORE implementation in an ENGINE structure */
int
ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *store_meth)
{
e->store_meth = store_meth;
return 1;
}

53
lib/libcrypto/err/err.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: err.c,v 1.54 2023/07/07 19:37:53 beck Exp $ */
/* $OpenBSD: err.c,v 1.56 2023/07/28 10:23:19 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -125,6 +125,8 @@
DECLARE_LHASH_OF(ERR_STRING_DATA);
DECLARE_LHASH_OF(ERR_STATE);
typedef struct st_ERR_FNS ERR_FNS;
static void err_load_strings(int lib, ERR_STRING_DATA *str);
static void ERR_STATE_free(ERR_STATE *s);
@ -300,33 +302,6 @@ err_fns_check(void)
CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
}
/* API functions to get or set the underlying ERR functions. */
const ERR_FNS *
ERR_get_implementation(void)
{
err_fns_check();
return err_fns;
}
LCRYPTO_ALIAS(ERR_get_implementation);
int
ERR_set_implementation(const ERR_FNS *fns)
{
int ret = 0;
CRYPTO_w_lock(CRYPTO_LOCK_ERR);
/* It's too late if 'err_fns' is non-NULL. BTW: not much point setting
* an error is there?! */
if (!err_fns) {
err_fns = fns;
ret = 1;
}
CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
return ret;
}
LCRYPTO_ALIAS(ERR_set_implementation);
/* These are the callbacks provided to "lh_new()" when creating the LHASH tables
* internal to the "err_defaults" implementation. */
@ -977,28 +952,6 @@ ERR_error_string(unsigned long e, char *ret)
}
LCRYPTO_ALIAS(ERR_error_string);
LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void)
{
err_fns_check();
return ERRFN(err_get)(0);
}
LCRYPTO_ALIAS(ERR_get_string_table);
LHASH_OF(ERR_STATE) *ERR_get_err_state_table(void)
{
err_fns_check();
return ERRFN(thread_get)(0);
}
LCRYPTO_ALIAS(ERR_get_err_state_table);
void
ERR_release_err_state_table(LHASH_OF(ERR_STATE) **hash)
{
err_fns_check();
ERRFN(thread_release)(hash);
}
LCRYPTO_ALIAS(ERR_release_err_state_table);
const char *
ERR_lib_error_string(unsigned long e)
{

17
lib/libcrypto/err/err.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: err.h,v 1.29 2023/04/09 19:10:23 tb Exp $ */
/* $OpenBSD: err.h,v 1.31 2023/07/28 10:23:19 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -399,26 +399,11 @@ void ERR_remove_thread_state(const CRYPTO_THREADID *tid);
void ERR_remove_state(unsigned long pid);
ERR_STATE *ERR_get_state(void);
#ifndef OPENSSL_NO_LHASH
LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void);
LHASH_OF(ERR_STATE) *ERR_get_err_state_table(void);
void ERR_release_err_state_table(LHASH_OF(ERR_STATE) **hash);
#endif
int ERR_get_next_error_library(void);
int ERR_set_mark(void);
int ERR_pop_to_mark(void);
/* Already defined in ossl_typ.h */
/* typedef struct st_ERR_FNS ERR_FNS; */
/* An application can use this function and provide the return value to loaded
* modules that should use the application's ERR state/functionality */
const ERR_FNS *ERR_get_implementation(void);
/* A loaded module should call this function prior to any ERR operations using
* the application's "ERR_FNS". */
int ERR_set_implementation(const ERR_FNS *fns);
#ifdef __cplusplus
}
#endif

16
lib/libcrypto/err/err_all.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: err_all.c,v 1.29 2023/07/07 13:54:45 beck Exp $ */
/* $OpenBSD: err_all.c,v 1.32 2023/07/28 09:46:36 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -69,7 +69,6 @@
#include <openssl/comp.h>
#include <openssl/conf.h>
#include <openssl/ct.h>
#include <openssl/dso.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/kdf.h>
@ -92,12 +91,6 @@
#ifndef OPENSSL_NO_EC
#include <openssl/ec.h>
#endif
#ifndef OPENSSL_NO_ECDH
#include <openssl/ecdh.h>
#endif
#ifndef OPENSSL_NO_ECDSA
#include <openssl/ecdsa.h>
#endif
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
@ -133,13 +126,6 @@ ERR_load_crypto_strings_internal(void)
#endif
#ifndef OPENSSL_NO_DSA
ERR_load_DSA_strings();
#endif
ERR_load_DSO_strings();
#ifndef OPENSSL_NO_ECDH
ERR_load_ECDH_strings();
#endif
#ifndef OPENSSL_NO_ECDSA
ERR_load_ECDSA_strings();
#endif
#ifndef OPENSSL_NO_EC
ERR_load_EC_strings();

56
lib/libcrypto/ex_data.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ex_data.c,v 1.22 2023/07/08 08:28:23 beck Exp $ */
/* $OpenBSD: ex_data.c,v 1.23 2023/07/28 10:19:20 tb Exp $ */
/*
* Overhaul notes;
@ -141,6 +141,26 @@
#include <openssl/err.h>
#include <openssl/lhash.h>
typedef struct crypto_ex_data_func_st {
long argl; /* Arbitrary long */
void *argp; /* Arbitrary void * */
CRYPTO_EX_new *new_func;
CRYPTO_EX_free *free_func;
CRYPTO_EX_dup *dup_func;
} CRYPTO_EX_DATA_FUNCS;
DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS)
#define sk_CRYPTO_EX_DATA_FUNCS_new_null() SKM_sk_new_null(CRYPTO_EX_DATA_FUNCS)
#define sk_CRYPTO_EX_DATA_FUNCS_num(st) SKM_sk_num(CRYPTO_EX_DATA_FUNCS, (st))
#define sk_CRYPTO_EX_DATA_FUNCS_value(st, i) SKM_sk_value(CRYPTO_EX_DATA_FUNCS, (st), (i))
#define sk_CRYPTO_EX_DATA_FUNCS_set(st, i, val) SKM_sk_set(CRYPTO_EX_DATA_FUNCS, (st), (i), (val))
#define sk_CRYPTO_EX_DATA_FUNCS_push(st, val) SKM_sk_push(CRYPTO_EX_DATA_FUNCS, (st), (val))
#define sk_CRYPTO_EX_DATA_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_EX_DATA_FUNCS, (st), (free_func))
/* An opaque type representing an implementation of "ex_data" support */
typedef struct st_CRYPTO_EX_DATA_IMPL CRYPTO_EX_DATA_IMPL;
/* What an "implementation of ex_data functionality" looks like */
struct st_CRYPTO_EX_DATA_IMPL {
/*********************/
@ -210,29 +230,6 @@ impl_check(void)
* invoking the function (which checks again inside a lock). */
#define IMPL_CHECK if(!impl) impl_check();
/* API functions to get/set the "ex_data" implementation */
const CRYPTO_EX_DATA_IMPL *
CRYPTO_get_ex_data_implementation(void)
{
IMPL_CHECK
return impl;
}
LCRYPTO_ALIAS(CRYPTO_get_ex_data_implementation);
int
CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i)
{
int toret = 0;
CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
if (!impl) {
impl = i;
toret = 1;
}
CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
return toret;
}
LCRYPTO_ALIAS(CRYPTO_set_ex_data_implementation);
/****************************************************************************/
/* Interal (default) implementation of "ex_data" support. API functions are
* further down. */
@ -247,6 +244,7 @@ typedef struct st_ex_class_item {
} EX_CLASS_ITEM;
/* When assigning new class indexes, this is our counter */
#define CRYPTO_EX_INDEX_USER 100
static int ex_class = CRYPTO_EX_INDEX_USER;
/* The global hash table of EX_CLASS_ITEM items */
@ -541,16 +539,6 @@ skip:
/* API functions that defer all "state" operations to the "ex_data"
* implementation we have set. */
/* Obtain an index for a new class (not the same as getting a new index within
* an existing class - this is actually getting a new *class*) */
int
CRYPTO_ex_data_new_class(void)
{
IMPL_CHECK
return EX_IMPL(new_class)();
}
LCRYPTO_ALIAS(CRYPTO_ex_data_new_class);
/* Release all "ex_data" state to prevent memory leaks. This can't be made
* thread-safe without overhauling a lot of stuff, and shouldn't really be
* called under potential race-conditions anyway (it's for program shutdown

3
lib/libcrypto/gost/gost_local.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: gost_local.h,v 1.2 2022/11/26 17:23:18 tb Exp $ */
/* $OpenBSD: gost_local.h,v 1.3 2023/07/28 15:50:33 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
@ -53,7 +53,6 @@
#define HEADER_GOST_LOCAL_H
#include <openssl/ec.h>
#include <openssl/ecdsa.h>
__BEGIN_HIDDEN_DECLS

3
lib/libcrypto/gost/gostr341001_pmeth.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: gostr341001_pmeth.c,v 1.18 2023/07/05 11:37:45 tb Exp $ */
/* $OpenBSD: gostr341001_pmeth.c,v 1.19 2023/07/28 15:50:33 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
@ -59,7 +59,6 @@
#include <openssl/err.h>
#include <openssl/gost.h>
#include <openssl/ec.h>
#include <openssl/ecdsa.h>
#include <openssl/x509.h>
#include "ecdsa_local.h"

9
lib/libcrypto/hidden/openssl/asn1.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: asn1.h,v 1.2 2023/07/07 19:37:54 beck Exp $ */
/* $OpenBSD: asn1.h,v 1.6 2023/07/28 10:33:13 tb Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
@ -61,10 +61,6 @@ LCRYPTO_USED(i2d_ASN1_BIT_STRING);
LCRYPTO_USED(ASN1_BIT_STRING_set);
LCRYPTO_USED(ASN1_BIT_STRING_set_bit);
LCRYPTO_USED(ASN1_BIT_STRING_get_bit);
LCRYPTO_USED(ASN1_BIT_STRING_check);
LCRYPTO_USED(ASN1_BIT_STRING_name_print);
LCRYPTO_USED(ASN1_BIT_STRING_num_asc);
LCRYPTO_USED(ASN1_BIT_STRING_set_asc);
LCRYPTO_USED(ASN1_INTEGER_new);
LCRYPTO_USED(ASN1_INTEGER_free);
LCRYPTO_USED(d2i_ASN1_INTEGER);
@ -208,8 +204,6 @@ LCRYPTO_USED(ASN1_GENERALIZEDTIME_print);
LCRYPTO_USED(ASN1_TIME_print);
LCRYPTO_USED(ASN1_STRING_print);
LCRYPTO_USED(ASN1_STRING_print_ex);
LCRYPTO_USED(ASN1_bn_print);
LCRYPTO_USED(ASN1_buf_print);
LCRYPTO_USED(ASN1_parse);
LCRYPTO_USED(ASN1_parse_dump);
LCRYPTO_USED(ASN1_tag2bit);
@ -250,7 +244,6 @@ LCRYPTO_USED(ASN1_PCTX_get_oid_flags);
LCRYPTO_USED(ASN1_PCTX_set_oid_flags);
LCRYPTO_USED(ASN1_PCTX_get_str_flags);
LCRYPTO_USED(ASN1_PCTX_set_str_flags);
LCRYPTO_USED(BIO_f_asn1);
LCRYPTO_USED(SMIME_crlf_copy);
LCRYPTO_USED(SMIME_text);
LCRYPTO_USED(ERR_load_ASN1_strings);

8
lib/libcrypto/hidden/openssl/asn1t.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: asn1t.h,v 1.2 2023/07/07 19:37:54 beck Exp $ */
/* $OpenBSD: asn1t.h,v 1.3 2023/07/28 10:00:10 tb Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
@ -27,13 +27,7 @@
LCRYPTO_USED(ASN1_item_ex_new);
LCRYPTO_USED(ASN1_item_ex_free);
LCRYPTO_USED(ASN1_template_new);
LCRYPTO_USED(ASN1_primitive_new);
LCRYPTO_USED(ASN1_template_free);
LCRYPTO_USED(ASN1_template_d2i);
LCRYPTO_USED(ASN1_item_ex_d2i);
LCRYPTO_USED(ASN1_item_ex_i2d);
LCRYPTO_USED(ASN1_template_i2d);
LCRYPTO_USED(ASN1_primitive_free);
#endif /* _LIBCRYPTO_ASN1T_H */

10
lib/libcrypto/hidden/openssl/bio.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bio.h,v 1.2 2023/07/07 19:37:54 beck Exp $ */
/* $OpenBSD: bio.h,v 1.4 2023/07/28 10:13:50 tb Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
@ -63,10 +63,6 @@ LCRYPTO_USED(BIO_set_ex_data);
LCRYPTO_USED(BIO_get_ex_data);
LCRYPTO_USED(BIO_number_read);
LCRYPTO_USED(BIO_number_written);
LCRYPTO_USED(BIO_asn1_set_prefix);
LCRYPTO_USED(BIO_asn1_get_prefix);
LCRYPTO_USED(BIO_asn1_set_suffix);
LCRYPTO_USED(BIO_asn1_get_suffix);
LCRYPTO_USED(BIO_get_new_index);
LCRYPTO_USED(BIO_s_file);
LCRYPTO_USED(BIO_new_file);
@ -101,10 +97,6 @@ LCRYPTO_USED(BIO_get_retry_BIO);
LCRYPTO_USED(BIO_get_retry_reason);
LCRYPTO_USED(BIO_set_retry_reason);
LCRYPTO_USED(BIO_dup_chain);
LCRYPTO_USED(BIO_nread0);
LCRYPTO_USED(BIO_nread);
LCRYPTO_USED(BIO_nwrite0);
LCRYPTO_USED(BIO_nwrite);
LCRYPTO_USED(BIO_debug_callback);
LCRYPTO_USED(BIO_s_mem);
LCRYPTO_USED(BIO_new_mem_buf);

22
lib/libcrypto/hidden/openssl/bn.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn.h,v 1.1 2023/07/08 12:21:58 beck Exp $ */
/* $OpenBSD: bn.h,v 1.4 2023/07/29 03:13:38 tb Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
@ -42,7 +42,6 @@ LCRYPTO_USED(BN_is_odd);
LCRYPTO_USED(BN_zero);
LCRYPTO_USED(BN_one);
LCRYPTO_USED(BN_value_one);
LCRYPTO_USED(BN_options);
LCRYPTO_USED(BN_CTX_new);
LCRYPTO_USED(BN_CTX_free);
LCRYPTO_USED(BN_CTX_start);
@ -131,27 +130,8 @@ LCRYPTO_USED(BN_MONT_CTX_free);
LCRYPTO_USED(BN_MONT_CTX_set);
LCRYPTO_USED(BN_MONT_CTX_copy);
LCRYPTO_USED(BN_MONT_CTX_set_locked);
LCRYPTO_USED(BN_BLINDING_new);
LCRYPTO_USED(BN_BLINDING_free);
LCRYPTO_USED(BN_BLINDING_update);
LCRYPTO_USED(BN_BLINDING_convert);
LCRYPTO_USED(BN_BLINDING_invert);
LCRYPTO_USED(BN_BLINDING_convert_ex);
LCRYPTO_USED(BN_BLINDING_invert_ex);
LCRYPTO_USED(BN_BLINDING_thread_id);
LCRYPTO_USED(BN_BLINDING_get_flags);
LCRYPTO_USED(BN_BLINDING_set_flags);
LCRYPTO_USED(BN_BLINDING_create_param);
LCRYPTO_USED(get_rfc2409_prime_768);
LCRYPTO_USED(get_rfc2409_prime_1024);
LCRYPTO_USED(BN_get_rfc2409_prime_768);
LCRYPTO_USED(BN_get_rfc2409_prime_1024);
LCRYPTO_USED(get_rfc3526_prime_1536);
LCRYPTO_USED(get_rfc3526_prime_2048);
LCRYPTO_USED(get_rfc3526_prime_3072);
LCRYPTO_USED(get_rfc3526_prime_4096);
LCRYPTO_USED(get_rfc3526_prime_6144);
LCRYPTO_USED(get_rfc3526_prime_8192);
LCRYPTO_USED(BN_get_rfc3526_prime_1536);
LCRYPTO_USED(BN_get_rfc3526_prime_2048);
LCRYPTO_USED(BN_get_rfc3526_prime_3072);

4
lib/libcrypto/hidden/openssl/cms.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: cms.h,v 1.1 2023/07/08 08:26:26 beck Exp $ */
/* $OpenBSD: cms.h,v 1.2 2023/07/28 10:28:02 tb Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
@ -35,6 +35,8 @@ LCRYPTO_USED(d2i_CMS_ReceiptRequest);
LCRYPTO_USED(i2d_CMS_ReceiptRequest);
LCRYPTO_USED(CMS_ContentInfo_print_ctx);
LCRYPTO_USED(CMS_get0_type);
LCRYPTO_USED(CMS_get_version);
LCRYPTO_USED(CMS_SignerInfo_get_version);
LCRYPTO_USED(CMS_dataInit);
LCRYPTO_USED(CMS_dataFinal);
LCRYPTO_USED(CMS_is_detached);

37
lib/libcrypto/hidden/openssl/comp.h
View file

@ -1,37 +0,0 @@
/* $OpenBSD: comp.h,v 1.1 2023/07/08 08:26:26 beck Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#ifndef _LIBCRYPTO_COMP_H
#define _LIBCRYPTO_COMP_H
#ifndef _MSC_VER
#include_next <openssl/comp.h>
#else
#include "../include/openssl/comp.h"
#endif
#include "crypto_namespace.h"
LCRYPTO_USED(COMP_CTX_new);
LCRYPTO_USED(COMP_CTX_free);
LCRYPTO_USED(COMP_compress_block);
LCRYPTO_USED(COMP_expand_block);
LCRYPTO_USED(COMP_rle);
LCRYPTO_USED(COMP_zlib);
LCRYPTO_USED(COMP_zlib_cleanup);
LCRYPTO_USED(ERR_load_COMP_strings);
#endif /* _LIBCRYPTO_COMP_H */

5
lib/libcrypto/hidden/openssl/crypto.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: crypto.h,v 1.1 2023/07/08 08:28:23 beck Exp $ */
/* $OpenBSD: crypto.h,v 1.2 2023/07/28 10:19:20 tb Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
@ -29,9 +29,6 @@ LCRYPTO_USED(OpenSSL_version);
LCRYPTO_USED(OpenSSL_version_num);
LCRYPTO_USED(SSLeay_version);
LCRYPTO_USED(SSLeay);
LCRYPTO_USED(CRYPTO_get_ex_data_implementation);
LCRYPTO_USED(CRYPTO_set_ex_data_implementation);
LCRYPTO_USED(CRYPTO_ex_data_new_class);
LCRYPTO_USED(CRYPTO_get_ex_new_index);
LCRYPTO_USED(CRYPTO_new_ex_data);
LCRYPTO_USED(CRYPTO_dup_ex_data);

54
lib/libcrypto/hidden/openssl/dso.h
View file

@ -1,54 +0,0 @@
/* $OpenBSD: dso.h,v 1.1 2023/07/08 07:22:58 beck Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#ifndef _LIBCRYPTO_DSO_H
#define _LIBCRYPTO_DSO_H
#ifndef _MSC_VER
#include_next <openssl/dso.h>
#else
#include "../include/openssl/dso.h"
#endif
#include "crypto_namespace.h"
LCRYPTO_USED(DSO_new);
LCRYPTO_USED(DSO_new_method);
LCRYPTO_USED(DSO_free);
LCRYPTO_USED(DSO_flags);
LCRYPTO_USED(DSO_up_ref);
LCRYPTO_USED(DSO_ctrl);
LCRYPTO_USED(DSO_set_name_converter);
LCRYPTO_USED(DSO_get_filename);
LCRYPTO_USED(DSO_set_filename);
LCRYPTO_USED(DSO_convert_filename);
LCRYPTO_USED(DSO_merge);
LCRYPTO_USED(DSO_get_loaded_filename);
LCRYPTO_USED(DSO_set_default_method);
LCRYPTO_USED(DSO_get_default_method);
LCRYPTO_USED(DSO_get_method);
LCRYPTO_USED(DSO_set_method);
LCRYPTO_USED(DSO_load);
LCRYPTO_USED(DSO_bind_var);
LCRYPTO_USED(DSO_bind_func);
LCRYPTO_USED(DSO_METHOD_openssl);
LCRYPTO_USED(DSO_METHOD_null);
LCRYPTO_USED(DSO_METHOD_dlfcn);
LCRYPTO_USED(DSO_pathbyaddr);
LCRYPTO_USED(DSO_global_lookup);
LCRYPTO_USED(ERR_load_DSO_strings);
#endif /* _LIBCRYPTO_DSO_H */

21
lib/libcrypto/hidden/openssl/ec.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ec.h,v 1.2 2023/07/07 19:37:54 beck Exp $ */
/* $OpenBSD: ec.h,v 1.4 2023/07/28 09:25:12 tb Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
@ -132,14 +132,33 @@ LCRYPTO_USED(EC_KEY_set_default_method);
LCRYPTO_USED(EC_KEY_get_method);
LCRYPTO_USED(EC_KEY_set_method);
LCRYPTO_USED(EC_KEY_new_method);
LCRYPTO_USED(ECDH_size);
LCRYPTO_USED(ECDH_compute_key);
LCRYPTO_USED(ECDSA_SIG_new);
LCRYPTO_USED(ECDSA_SIG_free);
LCRYPTO_USED(i2d_ECDSA_SIG);
LCRYPTO_USED(d2i_ECDSA_SIG);
LCRYPTO_USED(ECDSA_SIG_get0_r);
LCRYPTO_USED(ECDSA_SIG_get0_s);
LCRYPTO_USED(ECDSA_SIG_get0);
LCRYPTO_USED(ECDSA_SIG_set0);
LCRYPTO_USED(ECDSA_size);
LCRYPTO_USED(ECDSA_do_sign);
LCRYPTO_USED(ECDSA_do_verify);
LCRYPTO_USED(ECDSA_sign);
LCRYPTO_USED(ECDSA_verify);
LCRYPTO_USED(EC_KEY_METHOD_new);
LCRYPTO_USED(EC_KEY_METHOD_free);
LCRYPTO_USED(EC_KEY_METHOD_set_init);
LCRYPTO_USED(EC_KEY_METHOD_set_keygen);
LCRYPTO_USED(EC_KEY_METHOD_set_compute_key);
LCRYPTO_USED(EC_KEY_METHOD_set_sign);
LCRYPTO_USED(EC_KEY_METHOD_set_verify);
LCRYPTO_USED(EC_KEY_METHOD_get_init);
LCRYPTO_USED(EC_KEY_METHOD_get_keygen);
LCRYPTO_USED(EC_KEY_METHOD_get_compute_key);
LCRYPTO_USED(EC_KEY_METHOD_get_sign);
LCRYPTO_USED(EC_KEY_METHOD_get_verify);
LCRYPTO_USED(ECParameters_dup);
LCRYPTO_USED(ERR_load_EC_strings);

39
lib/libcrypto/hidden/openssl/ecdh.h
View file

@ -1,39 +0,0 @@
/* $OpenBSD: ecdh.h,v 1.1 2023/07/08 06:04:33 beck Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#ifndef _LIBCRYPTO_ECDH_H
#define _LIBCRYPTO_ECDH_H
#ifndef _MSC_VER
#include_next <openssl/ecdh.h>
#else
#include "../include/openssl/ecdh.h"
#endif
#include "crypto_namespace.h"
LCRYPTO_USED(ECDH_OpenSSL);
LCRYPTO_USED(ECDH_set_default_method);
LCRYPTO_USED(ECDH_get_default_method);
LCRYPTO_USED(ECDH_set_method);
LCRYPTO_USED(ECDH_size);
LCRYPTO_USED(ECDH_compute_key);
LCRYPTO_USED(ECDH_get_ex_new_index);
LCRYPTO_USED(ECDH_set_ex_data);
LCRYPTO_USED(ECDH_get_ex_data);
LCRYPTO_USED(ERR_load_ECDH_strings);
#endif /* _LIBCRYPTO_ECDH_H */

Some files were not shown because too many files have changed in this diff Show more