SecBSD/src
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sync

Browse source
This commit is contained in:
purplerain 2023-06-25 21:25:02 +00:00
parent 82bafdd0b3
commit ae25582c29
Signed by: purplerain
GPG key ID: F42C07F07E2E35B7
37 changed files with 421 additions and 1406 deletions
Download patch file Download diff file Expand all files Collapse all files

3
lib/libcrypto/Makefile
View file

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.131 2023/06/21 07:41:55 jsing Exp $ # $OpenBSD: Makefile,v 1.132 2023/06/25 19:29:30 tb Exp $
LIB= crypto LIB= crypto
LIBREBUILD=y LIBREBUILD=y
@ -42,7 +42,6 @@ CFLAGS+= -I${LCRYPTO_SRC}/curve25519
CFLAGS+= -I${LCRYPTO_SRC}/dh CFLAGS+= -I${LCRYPTO_SRC}/dh
CFLAGS+= -I${LCRYPTO_SRC}/dsa CFLAGS+= -I${LCRYPTO_SRC}/dsa
CFLAGS+= -I${LCRYPTO_SRC}/ec CFLAGS+= -I${LCRYPTO_SRC}/ec
CFLAGS+= -I${LCRYPTO_SRC}/ecdh
CFLAGS+= -I${LCRYPTO_SRC}/ecdsa CFLAGS+= -I${LCRYPTO_SRC}/ecdsa
CFLAGS+= -I${LCRYPTO_SRC}/evp CFLAGS+= -I${LCRYPTO_SRC}/evp
CFLAGS+= -I${LCRYPTO_SRC}/hidden CFLAGS+= -I${LCRYPTO_SRC}/hidden

6
lib/libcrypto/bn/arch/amd64/bn_arch.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn_arch.c,v 1.6 2023/02/22 05:46:37 jsing Exp $ */ /* $OpenBSD: bn_arch.c,v 1.7 2023/06/24 16:01:44 jsing Exp $ */
/* /*
* Copyright (c) 2023 Joel Sing <jsing@openbsd.org> * Copyright (c) 2023 Joel Sing <jsing@openbsd.org>
* *
@ -96,9 +96,9 @@ bn_mul_comba8(BN_ULONG *rd, BN_ULONG *ad, BN_ULONG *bd)
#ifdef HAVE_BN_SQR #ifdef HAVE_BN_SQR
int int
bn_sqr(BIGNUM *r, const BIGNUM *a, int rn, BN_CTX *ctx) bn_sqr(BIGNUM *r, const BIGNUM *a, int r_len, BN_CTX *ctx)
{ {
bignum_sqr(rn, (uint64_t *)r->d, a->top, (uint64_t *)a->d); bignum_sqr(r_len, (uint64_t *)r->d, a->top, (uint64_t *)a->d);
return 1; return 1;
} }

51
lib/libcrypto/bn/arch/arm/bn_arch.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn_arch.h,v 1.1 2023/01/20 10:04:33 jsing Exp $ */ /* $OpenBSD: bn_arch.h,v 1.2 2023/06/24 15:51:47 jsing Exp $ */
/* /*
* Copyright (c) 2023 Joel Sing <jsing@openbsd.org> * Copyright (c) 2023 Joel Sing <jsing@openbsd.org>
* *
@ -15,10 +15,59 @@
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/ */
#include <openssl/bn.h>
#ifndef HEADER_BN_ARCH_H #ifndef HEADER_BN_ARCH_H
#define HEADER_BN_ARCH_H #define HEADER_BN_ARCH_H
#ifndef OPENSSL_NO_ASM #ifndef OPENSSL_NO_ASM
#if defined(__GNUC__)
#define HAVE_BN_SUBW
static inline void
bn_subw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_borrow, BN_ULONG *out_r0)
{
BN_ULONG borrow, r0;
__asm__ (
"mov %[borrow], #0 \n"
"subs %[r0], %[a], %[b] \n"
"sbc %[borrow], %[borrow], #0 \n"
"neg %[borrow], %[borrow] \n"
: [borrow]"=&r"(borrow), [r0]"=r"(r0)
: [a]"r"(a), [b]"r"(b)
: "cc");
*out_borrow = borrow;
*out_r0 = r0;
}
#define HAVE_BN_SUBW_SUBW
static inline void
bn_subw_subw(BN_ULONG a, BN_ULONG b, BN_ULONG c, BN_ULONG *out_borrow,
BN_ULONG *out_r0)
{
BN_ULONG borrow, r0;
__asm__ (
"mov %[borrow], #0 \n"
"subs %[r0], %[a], %[b] \n"
"sbc %[borrow], %[borrow], #0 \n"
"subs %[r0], %[r0], %[c] \n"
"sbc %[borrow], %[borrow], #0 \n"
"neg %[borrow], %[borrow] \n"
: [borrow]"=&r"(borrow), [r0]"=&r"(r0)
: [a]"r"(a), [b]"r"(b), [c]"r"(c)
: "cc");
*out_borrow = borrow;
*out_r0 = r0;
}
#endif /* __GNUC__ */
#endif #endif
#endif #endif

100
lib/libcrypto/bn/bn_internal.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn_internal.h,v 1.14 2023/06/21 07:48:41 jsing Exp $ */ /* $OpenBSD: bn_internal.h,v 1.15 2023/06/25 11:42:26 jsing Exp $ */
/* /*
* Copyright (c) 2023 Joel Sing <jsing@openbsd.org> * Copyright (c) 2023 Joel Sing <jsing@openbsd.org>
* *
@ -80,12 +80,18 @@ bn_clzw(BN_ULONG w)
*/ */
/* /*
* bn_addw() computes (r1:r0) = a + b, where both inputs are single words, * Default implementations for BN_ULLONG architectures.
* producing a double word result. The value of r1 is the carry from the *
* addition. * On these platforms the C compiler is generally better at optimising without
* the use of inline assembly primitives. However, it can be difficult for the
* compiler to see through primitives in order to combine operations, due to
* type changes/narrowing. For this reason compound primitives are usually
* explicitly provided.
*/ */
#ifdef BN_ULLONG
#ifndef HAVE_BN_ADDW #ifndef HAVE_BN_ADDW
#ifdef BN_LLONG #define HAVE_BN_ADDW
static inline void static inline void
bn_addw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0) bn_addw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0)
{ {
@ -96,8 +102,75 @@ bn_addw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0)
*out_r1 = r >> BN_BITS2; *out_r1 = r >> BN_BITS2;
*out_r0 = r & BN_MASK2; *out_r0 = r & BN_MASK2;
} }
#else #endif
#ifndef HAVE_BN_ADDW_ADDW
#define HAVE_BN_ADDW_ADDW
static inline void
bn_addw_addw(BN_ULONG a, BN_ULONG b, BN_ULONG c, BN_ULONG *out_r1,
BN_ULONG *out_r0)
{
BN_ULLONG r;
r = (BN_ULLONG)a + (BN_ULLONG)b + (BN_ULLONG)c;
*out_r1 = r >> BN_BITS2;
*out_r0 = r & BN_MASK2;
}
#endif
#ifndef HAVE_BN_MULW
#define HAVE_BN_MULW
static inline void
bn_mulw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0)
{
BN_ULLONG r;
r = (BN_ULLONG)a * (BN_ULLONG)b;
*out_r1 = r >> BN_BITS2;
*out_r0 = r & BN_MASK2;
}
#endif
#ifndef HAVE_BN_MULW_ADDW
#define HAVE_BN_MULW_ADDW
static inline void
bn_mulw_addw(BN_ULONG a, BN_ULONG b, BN_ULONG c, BN_ULONG *out_r1,
BN_ULONG *out_r0)
{
BN_ULLONG r;
r = (BN_ULLONG)a * (BN_ULLONG)b + (BN_ULLONG)c;
*out_r1 = r >> BN_BITS2;
*out_r0 = r & BN_MASK2;
}
#endif
#ifndef HAVE_BN_MULW_ADDW_ADDW
#define HAVE_BN_MULW_ADDW_ADDW
static inline void
bn_mulw_addw_addw(BN_ULONG a, BN_ULONG b, BN_ULONG c, BN_ULONG d,
BN_ULONG *out_r1, BN_ULONG *out_r0)
{
BN_ULLONG r;
r = (BN_ULLONG)a * (BN_ULLONG)b + (BN_ULLONG)c + (BN_ULLONG)d;
*out_r1 = r >> BN_BITS2;
*out_r0 = r & BN_MASK2;
}
#endif
#endif /* !BN_ULLONG */
/*
* bn_addw() computes (r1:r0) = a + b, where both inputs are single words,
* producing a double word result. The value of r1 is the carry from the
* addition.
*/
#ifndef HAVE_BN_ADDW
static inline void static inline void
bn_addw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0) bn_addw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0)
{ {
@ -112,7 +185,6 @@ bn_addw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0)
*out_r0 = r0; *out_r0 = r0;
} }
#endif #endif
#endif
/* /*
* bn_addw_addw() computes (r1:r0) = a + b + c, where all inputs are single * bn_addw_addw() computes (r1:r0) = a + b + c, where all inputs are single
@ -230,19 +302,6 @@ bn_qwsubqw(BN_ULONG a3, BN_ULONG a2, BN_ULONG a1, BN_ULONG a0, BN_ULONG b3,
* producing a double word result. * producing a double word result.
*/ */
#ifndef HAVE_BN_MULW #ifndef HAVE_BN_MULW
#ifdef BN_LLONG
static inline void
bn_mulw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0)
{
BN_ULLONG r;
r = (BN_ULLONG)a * (BN_ULLONG)b;
*out_r1 = r >> BN_BITS2;
*out_r0 = r & BN_MASK2;
}
#else /* !BN_LLONG */
/* /*
* Multiply two words (a * b) producing a double word result (h:l). * Multiply two words (a * b) producing a double word result (h:l).
* *
@ -339,7 +398,6 @@ bn_mulw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0)
*out_r0 = (acc1 << BN_BITS4) | acc0; *out_r0 = (acc1 << BN_BITS4) | acc0;
} }
#endif #endif
#endif /* !BN_LLONG */
#endif #endif
#ifndef HAVE_BN_MULW_LO #ifndef HAVE_BN_MULW_LO

3
lib/libcrypto/bn/bn_local.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn_local.h,v 1.23 2023/06/21 07:41:55 jsing Exp $ */ /* $OpenBSD: bn_local.h,v 1.24 2023/06/24 16:01:43 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved. * All rights reserved.
* *
@ -252,7 +252,6 @@ void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb);
void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b); void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b);
void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b); void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b);
void bn_sqr_normal(BN_ULONG *r, const BN_ULONG *a, int n, BN_ULONG *tmp);
void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a); void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a);
void bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a); void bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a);

79
lib/libcrypto/bn/bn_sqr.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn_sqr.c,v 1.30 2023/04/19 10:51:22 jsing Exp $ */ /* $OpenBSD: bn_sqr.c,v 1.34 2023/06/24 17:06:54 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved. * All rights reserved.
* *
@ -191,52 +191,60 @@ bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n)
} }
#endif #endif
/* tmp must have 2*n words */ #ifndef HAVE_BN_SQR
void static void
bn_sqr_normal(BN_ULONG *r, const BN_ULONG *a, int n, BN_ULONG *tmp) bn_sqr_normal(BN_ULONG *r, int r_len, const BN_ULONG *a, int a_len,
BN_ULONG *tmp)
{ {
int i, j, max;
const BN_ULONG *ap; const BN_ULONG *ap;
BN_ULONG *rp; BN_ULONG *rp;
BN_ULONG w;
int n;
if (a_len <= 0)
return;
max = n * 2;
ap = a; ap = a;
w = ap[0];
ap++;
rp = r; rp = r;
rp[0] = rp[max - 1] = 0; rp[0] = rp[r_len - 1] = 0;
rp++; rp++;
j = n;
if (--j > 0) { /* Compute initial product - r[n:1] = a[n:1] * a[0] */
n = a_len - 1;
if (n > 0) {
rp[n] = bn_mul_words(rp, ap, n, w);
}
rp += 2;
n--;
/* Compute and sum remaining products. */
while (n > 0) {
w = ap[0];
ap++; ap++;
rp[j] = bn_mul_words(rp, ap, j, ap[-1]);
rp[n] = bn_mul_add_words(rp, ap, n, w);
rp += 2; rp += 2;
n--;
} }
for (i = n - 2; i > 0; i--) { /* Double the sum of products. */
j--; bn_add_words(r, r, r, r_len);
ap++;
rp[j] = bn_mul_add_words(rp, ap, j, ap[-1]);
rp += 2;
}
bn_add_words(r, r, r, max); /* Add squares. */
bn_sqr_words(tmp, a, a_len);
/* There will not be a carry */ bn_add_words(r, r, tmp, r_len);
bn_sqr_words(tmp, a, n);
bn_add_words(r, r, tmp, max);
} }
/* /*
* bn_sqr() computes a * a, storing the result in r. The caller must ensure that * bn_sqr() computes a * a, storing the result in r. The caller must ensure that
* r is not the same BIGNUM as a and that r has been expanded to rn = a->top * 2 * r is not the same BIGNUM as a and that r has been expanded to rn = a->top * 2
* words. * words.
*/ */
#ifndef HAVE_BN_SQR
int int
bn_sqr(BIGNUM *r, const BIGNUM *a, int rn, BN_CTX *ctx) bn_sqr(BIGNUM *r, const BIGNUM *a, int r_len, BN_CTX *ctx)
{ {
BIGNUM *tmp; BIGNUM *tmp;
int ret = 0; int ret = 0;
@ -245,10 +253,10 @@ bn_sqr(BIGNUM *r, const BIGNUM *a, int rn, BN_CTX *ctx)
if ((tmp = BN_CTX_get(ctx)) == NULL) if ((tmp = BN_CTX_get(ctx)) == NULL)
goto err; goto err;
if (!bn_wexpand(tmp, r_len))
if (!bn_wexpand(tmp, rn))
goto err; goto err;
bn_sqr_normal(r->d, a->d, a->top, tmp->d);
bn_sqr_normal(r->d, r_len, a->d, a->top, tmp->d);
ret = 1; ret = 1;
@ -263,12 +271,12 @@ int
BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
{ {
BIGNUM *rr; BIGNUM *rr;
int rn; int r_len;
int ret = 1; int ret = 1;
BN_CTX_start(ctx); BN_CTX_start(ctx);
if (BN_is_zero(a)) { if (a->top < 1) {
BN_zero(r); BN_zero(r);
goto done; goto done;
} }
@ -278,10 +286,9 @@ BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
if (rr == NULL) if (rr == NULL)
goto err; goto err;
rn = a->top * 2; if ((r_len = a->top * 2) < a->top)
if (rn < a->top)
goto err; goto err;
if (!bn_wexpand(rr, rn)) if (!bn_wexpand(rr, r_len))
goto err; goto err;
if (a->top == 4) { if (a->top == 4) {
@ -289,11 +296,11 @@ BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
} else if (a->top == 8) { } else if (a->top == 8) {
bn_sqr_comba8(rr->d, a->d); bn_sqr_comba8(rr->d, a->d);
} else { } else {
if (!bn_sqr(rr, a, rn, ctx)) if (!bn_sqr(rr, a, r_len, ctx))
goto err; goto err;
} }
rr->top = rn; rr->top = r_len;
bn_correct_top(rr); bn_correct_top(rr);
rr->neg = 0; rr->neg = 0;

50
lib/libcrypto/ec/ec_key.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ec_key.c,v 1.32 2023/03/27 10:25:02 tb Exp $ */ /* $OpenBSD: ec_key.c,v 1.33 2023/06/25 18:52:27 tb Exp $ */
/* /*
* Written by Nils Larsch for the OpenSSL project. * Written by Nils Larsch for the OpenSSL project.
*/ */
@ -122,16 +122,12 @@ EC_KEY_free(EC_KEY *r)
EC_POINT_free(r->pub_key); EC_POINT_free(r->pub_key);
BN_free(r->priv_key); BN_free(r->priv_key);
EC_EX_DATA_free_all_data(&r->method_data);
freezero(r, sizeof(EC_KEY)); freezero(r, sizeof(EC_KEY));
} }
EC_KEY * EC_KEY *
EC_KEY_copy(EC_KEY *dest, const EC_KEY *src) EC_KEY_copy(EC_KEY *dest, const EC_KEY *src)
{ {
EC_EXTRA_DATA *d;
if (dest == NULL || src == NULL) { if (dest == NULL || src == NULL) {
ECerror(ERR_R_PASSED_NULL_PARAMETER); ECerror(ERR_R_PASSED_NULL_PARAMETER);
return NULL; return NULL;
@ -175,18 +171,6 @@ EC_KEY_copy(EC_KEY *dest, const EC_KEY *src)
if (!bn_copy(dest->priv_key, src->priv_key)) if (!bn_copy(dest->priv_key, src->priv_key))
return NULL; return NULL;
} }
/* copy method/extra data */
EC_EX_DATA_free_all_data(&dest->method_data);
for (d = src->method_data; d != NULL; d = d->next) {
void *t = d->dup_func(d->data);
if (t == NULL)
return 0;
if (!EC_EX_DATA_set_data(&dest->method_data, t, d->dup_func,
d->free_func, d->clear_free_func))
return 0;
}
/* copy the rest */ /* copy the rest */
dest->enc_flag = src->enc_flag; dest->enc_flag = src->enc_flag;
@ -526,38 +510,6 @@ EC_KEY_set_conv_form(EC_KEY *key, point_conversion_form_t cform)
EC_GROUP_set_point_conversion_form(key->group, cform); EC_GROUP_set_point_conversion_form(key->group, cform);
} }
void *
EC_KEY_get_key_method_data(EC_KEY *key,
void *(*dup_func) (void *),
void (*free_func) (void *),
void (*clear_free_func) (void *))
{
void *ret;
CRYPTO_r_lock(CRYPTO_LOCK_EC);
ret = EC_EX_DATA_get_data(key->method_data, dup_func, free_func, clear_free_func);
CRYPTO_r_unlock(CRYPTO_LOCK_EC);
return ret;
}
void *
EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
void *(*dup_func) (void *),
void (*free_func) (void *),
void (*clear_free_func) (void *))
{
EC_EXTRA_DATA *ex_data;
CRYPTO_w_lock(CRYPTO_LOCK_EC);
ex_data = EC_EX_DATA_get_data(key->method_data, dup_func, free_func, clear_free_func);
if (ex_data == NULL)
EC_EX_DATA_set_data(&key->method_data, data, dup_func, free_func, clear_free_func);
CRYPTO_w_unlock(CRYPTO_LOCK_EC);
return ex_data;
}
void void
EC_KEY_set_asn1_flag(EC_KEY *key, int flag) EC_KEY_set_asn1_flag(EC_KEY *key, int flag)
{ {

3
lib/libcrypto/ec/ec_kmeth.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ec_kmeth.c,v 1.7 2022/11/26 16:08:52 tb Exp $ */ /* $OpenBSD: ec_kmeth.c,v 1.8 2023/06/25 18:52:27 tb Exp $ */
/* /*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project. * project.
@ -168,7 +168,6 @@ EC_KEY_new_method(ENGINE *engine)
ret->enc_flag = 0; ret->enc_flag = 0;
ret->conv_form = POINT_CONVERSION_UNCOMPRESSED; ret->conv_form = POINT_CONVERSION_UNCOMPRESSED;
ret->references = 1; ret->references = 1;
ret->method_data = NULL;
if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data))
goto err; goto err;

196
lib/libcrypto/ec/ec_lib.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ec_lib.c,v 1.58 2023/06/20 14:37:15 tb Exp $ */ /* $OpenBSD: ec_lib.c,v 1.61 2023/06/25 18:52:27 tb Exp $ */
/* /*
* Originally written by Bodo Moeller for the OpenSSL project. * Originally written by Bodo Moeller for the OpenSSL project.
*/ */
@ -93,8 +93,6 @@ EC_GROUP_new(const EC_METHOD *meth)
} }
ret->meth = meth; ret->meth = meth;
ret->extra_data = NULL;
ret->generator = NULL; ret->generator = NULL;
BN_init(&ret->order); BN_init(&ret->order);
BN_init(&ret->cofactor); BN_init(&ret->cofactor);
@ -123,8 +121,6 @@ EC_GROUP_free(EC_GROUP *group)
if (group->meth->group_finish != NULL) if (group->meth->group_finish != NULL)
group->meth->group_finish(group); group->meth->group_finish(group);
EC_EX_DATA_clear_free_all_data(&group->extra_data);
EC_POINT_free(group->generator); EC_POINT_free(group->generator);
BN_free(&group->order); BN_free(&group->order);
BN_free(&group->cofactor); BN_free(&group->cofactor);
@ -142,8 +138,6 @@ EC_GROUP_clear_free(EC_GROUP *group)
int int
EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src) EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src)
{ {
EC_EXTRA_DATA *d;
if (dest->meth->group_copy == NULL) { if (dest->meth->group_copy == NULL) {
ECerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); ECerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0; return 0;
@ -155,18 +149,6 @@ EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src)
if (dest == src) if (dest == src)
return 1; return 1;
EC_EX_DATA_free_all_data(&dest->extra_data);
for (d = src->extra_data; d != NULL; d = d->next) {
void *t = d->dup_func(d->data);
if (t == NULL)
return 0;
if (!EC_EX_DATA_set_data(&dest->extra_data, t, d->dup_func,
d->free_func, d->clear_free_func))
return 0;
}
if (src->generator != NULL) { if (src->generator != NULL) {
if (dest->generator == NULL) { if (dest->generator == NULL) {
dest->generator = EC_POINT_new(dest); dest->generator = EC_POINT_new(dest);
@ -669,158 +651,6 @@ ec_point_blind_coordinates(const EC_GROUP *group, EC_POINT *p, BN_CTX *ctx)
return group->meth->blind_coordinates(group, p, ctx); return group->meth->blind_coordinates(group, p, ctx);
} }
/* this has 'package' visibility */
int
EC_EX_DATA_set_data(EC_EXTRA_DATA ** ex_data, void *data,
void *(*dup_func) (void *),
void (*free_func) (void *),
void (*clear_free_func) (void *))
{
EC_EXTRA_DATA *d;
if (ex_data == NULL)
return 0;
for (d = *ex_data; d != NULL; d = d->next) {
if (d->dup_func == dup_func && d->free_func == free_func &&
d->clear_free_func == clear_free_func) {
ECerror(EC_R_SLOT_FULL);
return 0;
}
}
if (data == NULL)
/* no explicit entry needed */
return 1;
d = malloc(sizeof *d);
if (d == NULL)
return 0;
d->data = data;
d->dup_func = dup_func;
d->free_func = free_func;
d->clear_free_func = clear_free_func;
d->next = *ex_data;
*ex_data = d;
return 1;
}
/* this has 'package' visibility */
void *
EC_EX_DATA_get_data(const EC_EXTRA_DATA *ex_data,
void *(*dup_func) (void *),
void (*free_func) (void *),
void (*clear_free_func) (void *))
{
const EC_EXTRA_DATA *d;
for (d = ex_data; d != NULL; d = d->next) {
if (d->dup_func == dup_func && d->free_func == free_func && d->clear_free_func == clear_free_func)
return d->data;
}
return NULL;
}
/* this has 'package' visibility */
void
EC_EX_DATA_free_data(EC_EXTRA_DATA ** ex_data,
void *(*dup_func) (void *),
void (*free_func) (void *),
void (*clear_free_func) (void *))
{
EC_EXTRA_DATA **p;
if (ex_data == NULL)
return;
for (p = ex_data; *p != NULL; p = &((*p)->next)) {
if ((*p)->dup_func == dup_func &&
(*p)->free_func == free_func &&
(*p)->clear_free_func == clear_free_func) {
EC_EXTRA_DATA *next = (*p)->next;
(*p)->free_func((*p)->data);
free(*p);
*p = next;
return;
}
}
}
/* this has 'package' visibility */
void
EC_EX_DATA_clear_free_data(EC_EXTRA_DATA ** ex_data,
void *(*dup_func) (void *),
void (*free_func) (void *),
void (*clear_free_func) (void *))
{
EC_EXTRA_DATA **p;
if (ex_data == NULL)
return;
for (p = ex_data; *p != NULL; p = &((*p)->next)) {
if ((*p)->dup_func == dup_func &&
(*p)->free_func == free_func &&
(*p)->clear_free_func == clear_free_func) {
EC_EXTRA_DATA *next = (*p)->next;
(*p)->clear_free_func((*p)->data);
free(*p);
*p = next;
return;
}
}
}
/* this has 'package' visibility */
void
EC_EX_DATA_free_all_data(EC_EXTRA_DATA ** ex_data)
{
EC_EXTRA_DATA *d;
if (ex_data == NULL)
return;
d = *ex_data;
while (d) {
EC_EXTRA_DATA *next = d->next;
d->free_func(d->data);
free(d);
d = next;
}
*ex_data = NULL;
}
/* this has 'package' visibility */
void
EC_EX_DATA_clear_free_all_data(EC_EXTRA_DATA ** ex_data)
{
EC_EXTRA_DATA *d;
if (ex_data == NULL)
return;
d = *ex_data;
while (d) {
EC_EXTRA_DATA *next = d->next;
d->clear_free_func(d->data);
free(d);
d = next;
}
*ex_data = NULL;
}
EC_POINT * EC_POINT *
EC_POINT_new(const EC_GROUP *group) EC_POINT_new(const EC_GROUP *group)
{ {
@ -1408,33 +1238,13 @@ EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar,
int int
EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx_in) EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx_in)
{ {
BN_CTX *ctx; return 1;
int ret = 0;
if (group->meth->precompute_mult == NULL)
return 1;
if ((ctx = ctx_in) == NULL)
ctx = BN_CTX_new();
if (ctx == NULL)
goto err;
ret = group->meth->precompute_mult(group, ctx);
err:
if (ctx != ctx_in)
BN_CTX_free(ctx);
return ret;
} }
int int
EC_GROUP_have_precompute_mult(const EC_GROUP *group) EC_GROUP_have_precompute_mult(const EC_GROUP *group)
{ {
if (group->meth->have_precompute_mult == NULL) return 0;
return 0;
return group->meth->have_precompute_mult(group);
} }
int int

48
lib/libcrypto/ec/ec_local.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ec_local.h,v 1.14 2023/06/12 18:17:18 jsing Exp $ */ /* $OpenBSD: ec_local.h,v 1.21 2023/06/25 19:22:21 tb Exp $ */
/* /*
* Originally written by Bodo Moeller for the OpenSSL project. * Originally written by Bodo Moeller for the OpenSSL project.
*/ */
@ -145,8 +145,6 @@ struct ec_method_st {
int (*mul_double_nonct)(const EC_GROUP *group, EC_POINT *r, int (*mul_double_nonct)(const EC_GROUP *group, EC_POINT *r,
const BIGNUM *g_scalar, const BIGNUM *p_scalar, const BIGNUM *g_scalar, const BIGNUM *p_scalar,
const EC_POINT *point, BN_CTX *); const EC_POINT *point, BN_CTX *);
int (*precompute_mult)(EC_GROUP *group, BN_CTX *);
int (*have_precompute_mult)(const EC_GROUP *group);
/* /*
* Internal methods. * Internal methods.
@ -175,14 +173,6 @@ struct ec_method_st {
BN_CTX *ctx); BN_CTX *ctx);
} /* EC_METHOD */; } /* EC_METHOD */;
typedef struct ec_extra_data_st {
struct ec_extra_data_st *next;
void *data;
void *(*dup_func)(void *);
void (*free_func)(void *);
void (*clear_free_func)(void *);
} EC_EXTRA_DATA; /* used in EC_GROUP */
struct ec_group_st { struct ec_group_st {
/* /*
* Methods and members exposed via the public API. * Methods and members exposed via the public API.
@ -209,8 +199,6 @@ struct ec_group_st {
* if they appear to be generic. * if they appear to be generic.
*/ */
EC_EXTRA_DATA *extra_data;
/* /*
* Field specification. For GF(p) this is the modulus; for GF(2^m), * Field specification. For GF(p) this is the modulus; for GF(2^m),
* this is the irreducible polynomial defining the field. * this is the irreducible polynomial defining the field.
@ -264,28 +252,9 @@ struct ec_key_st {
int references; int references;
int flags; int flags;
EC_EXTRA_DATA *method_data;
CRYPTO_EX_DATA ex_data; CRYPTO_EX_DATA ex_data;
} /* EC_KEY */; } /* EC_KEY */;
/* Basically a 'mixin' for extra data, but available for EC_GROUPs/EC_KEYs only
* (with visibility limited to 'package' level for now).
* We use the function pointers as index for retrieval; this obviates
* global ex_data-style index tables.
*/
int EC_EX_DATA_set_data(EC_EXTRA_DATA **, void *data,
void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
void *EC_EX_DATA_get_data(const EC_EXTRA_DATA *,
void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
void EC_EX_DATA_free_data(EC_EXTRA_DATA **,
void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
void EC_EX_DATA_clear_free_data(EC_EXTRA_DATA **,
void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
void EC_EX_DATA_free_all_data(EC_EXTRA_DATA **);
void EC_EX_DATA_clear_free_all_data(EC_EXTRA_DATA **);
int ec_group_simple_order_bits(const EC_GROUP *group);
struct ec_point_st { struct ec_point_st {
const EC_METHOD *meth; const EC_METHOD *meth;
@ -308,9 +277,6 @@ struct ec_point_st {
* (ec_lib.c uses these as defaults if group->method->mul is 0) */ * (ec_lib.c uses these as defaults if group->method->mul is 0) */
int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *); size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *);
int ec_wNAF_have_precompute_mult(const EC_GROUP *group);
/* method functions in ecp_smpl.c */ /* method functions in ecp_smpl.c */
int ec_GFp_simple_group_init(EC_GROUP *); int ec_GFp_simple_group_init(EC_GROUP *);
@ -355,6 +321,7 @@ int ec_GFp_simple_mul_single_ct(const EC_GROUP *, EC_POINT *r, const BIGNUM *sca
int ec_GFp_simple_mul_double_nonct(const EC_GROUP *, EC_POINT *r, const BIGNUM *g_scalar, int ec_GFp_simple_mul_double_nonct(const EC_GROUP *, EC_POINT *r, const BIGNUM *g_scalar,
const BIGNUM *p_scalar, const EC_POINT *point, BN_CTX *); const BIGNUM *p_scalar, const EC_POINT *point, BN_CTX *);
int ec_group_simple_order_bits(const EC_GROUP *group);
int ec_point_blind_coordinates(const EC_GROUP *group, EC_POINT *p, BN_CTX *ctx); int ec_point_blind_coordinates(const EC_GROUP *group, EC_POINT *p, BN_CTX *ctx);
/* EC_METHOD definitions */ /* EC_METHOD definitions */
@ -395,12 +362,11 @@ int ossl_ecdsa_verify(int type, const unsigned char *dgst, int dgst_len,
int ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, int ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len,
const ECDSA_SIG *sig, EC_KEY *eckey); const ECDSA_SIG *sig, EC_KEY *eckey);
void *EC_KEY_get_key_method_data(EC_KEY *key, /*
void *(*dup_func)(void *), void (*free_func)(void *), * ECDH Key Derivation Function as defined in ANSI X9.63.
void (*clear_free_func)(void *)); */
void *EC_KEY_insert_key_method_data(EC_KEY *key, void *data, int ecdh_KDF_X9_63(unsigned char *out, size_t outlen, const unsigned char *Z,
void *(*dup_func)(void *), void (*free_func)(void *), size_t Zlen, const unsigned char *sinfo, size_t sinfolen, const EVP_MD *md);
void (*clear_free_func)(void *));
int EC_POINT_set_Jprojective_coordinates(const EC_GROUP *group, EC_POINT *p, int EC_POINT_set_Jprojective_coordinates(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx); const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx);

439
lib/libcrypto/ec/ec_mult.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ec_mult.c,v 1.29 2023/04/11 18:58:20 jsing Exp $ */ /* $OpenBSD: ec_mult.c,v 1.31 2023/06/24 17:49:44 jsing Exp $ */
/* /*
* Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project. * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project.
*/ */
@ -67,7 +67,6 @@
#include "ec_local.h" #include "ec_local.h"
/* /*
* This file implements the wNAF-based interleaving multi-exponentation method * This file implements the wNAF-based interleaving multi-exponentation method
* (<URL:http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller.html#multiexp>); * (<URL:http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller.html#multiexp>);
@ -75,114 +74,6 @@
* (<URL:http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller.html#fastexp>). * (<URL:http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller.html#fastexp>).
*/ */
/* structure for precomputed multiples of the generator */
typedef struct ec_pre_comp_st {
const EC_GROUP *group; /* parent EC_GROUP object */
size_t blocksize; /* block size for wNAF splitting */
size_t numblocks; /* max. number of blocks for which we have
* precomputation */
size_t w; /* window size */
EC_POINT **points; /* array with pre-calculated multiples of
* generator: 'num' pointers to EC_POINT
* objects followed by a NULL */
size_t num; /* numblocks * 2^(w-1) */
int references;
} EC_PRE_COMP;
/* functions to manage EC_PRE_COMP within the EC_GROUP extra_data framework */
static void *ec_pre_comp_dup(void *);
static void ec_pre_comp_free(void *);
static void ec_pre_comp_clear_free(void *);
static EC_PRE_COMP *
ec_pre_comp_new(const EC_GROUP *group)
{
EC_PRE_COMP *ret = NULL;
if (!group)
return NULL;
ret = malloc(sizeof(EC_PRE_COMP));
if (!ret) {
ECerror(ERR_R_MALLOC_FAILURE);
return ret;
}
ret->group = group;
ret->blocksize = 8; /* default */
ret->numblocks = 0;
ret->w = 4; /* default */
ret->points = NULL;
ret->num = 0;
ret->references = 1;
return ret;
}
static void *
ec_pre_comp_dup(void *src_)
{
EC_PRE_COMP *src = src_;
/* no need to actually copy, these objects never change! */
CRYPTO_add(&src->references, 1, CRYPTO_LOCK_EC_PRE_COMP);
return src_;
}
static void
ec_pre_comp_free(void *pre_)
{
int i;
EC_PRE_COMP *pre = pre_;
if (!pre)
return;
i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
if (i > 0)
return;
if (pre->points) {
EC_POINT **p;
for (p = pre->points; *p != NULL; p++)
EC_POINT_free(*p);
free(pre->points);
}
free(pre);
}
static void
ec_pre_comp_clear_free(void *pre_)
{
int i;
EC_PRE_COMP *pre = pre_;
if (!pre)
return;
i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
if (i > 0)
return;
if (pre->points) {
EC_POINT **p;
for (p = pre->points; *p != NULL; p++) {
EC_POINT_free(*p);
explicit_bzero(p, sizeof *p);
}
free(pre->points);
}
freezero(pre, sizeof *pre);
}
/* Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'. /* Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'.
* This is an array r[] of values that are either zero or odd with an * This is an array r[] of values that are either zero or odd with an
* absolute value less than 2^w satisfying * absolute value less than 2^w satisfying
@ -338,8 +229,7 @@ ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
const EC_POINT *generator = NULL; const EC_POINT *generator = NULL;
EC_POINT *tmp = NULL; EC_POINT *tmp = NULL;
size_t totalnum; size_t totalnum;
size_t blocksize = 0, numblocks = 0; /* for wNAF splitting */ size_t numblocks = 0; /* for wNAF splitting */
size_t pre_points_per_block = 0;
size_t i, j; size_t i, j;
int k; int k;
int r_is_inverted = 0; int r_is_inverted = 0;
@ -354,7 +244,6 @@ ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
EC_POINT **v; EC_POINT **v;
EC_POINT ***val_sub = NULL; /* pointers to sub-arrays of 'val' or EC_POINT ***val_sub = NULL; /* pointers to sub-arrays of 'val' or
* 'pre_comp->points' */ * 'pre_comp->points' */
const EC_PRE_COMP *pre_comp = NULL;
int num_scalar = 0; /* flag: will be set to 1 if 'scalar' must be int num_scalar = 0; /* flag: will be set to 1 if 'scalar' must be
* treated like other scalars, i.e. * treated like other scalars, i.e.
* precomputation is not available */ * precomputation is not available */
@ -380,42 +269,10 @@ ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
ECerror(EC_R_UNDEFINED_GENERATOR); ECerror(EC_R_UNDEFINED_GENERATOR);
goto err; goto err;
} }
/* look if we can use precomputed multiples of generator */
pre_comp = EC_EX_DATA_get_data(group->extra_data, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free); numblocks = 1;
num_scalar = 1; /* treat 'scalar' like 'num'-th
if (pre_comp && pre_comp->numblocks && * element of 'scalars' */
(EC_POINT_cmp(group, generator, pre_comp->points[0], ctx) == 0)) {
blocksize = pre_comp->blocksize;
/*
* determine maximum number of blocks that wNAF
* splitting may yield (NB: maximum wNAF length is
* bit length plus one)
*/
numblocks = (BN_num_bits(scalar) / blocksize) + 1;
/*
* we cannot use more blocks than we have
* precomputation for
*/
if (numblocks > pre_comp->numblocks)
numblocks = pre_comp->numblocks;
pre_points_per_block = (size_t) 1 << (pre_comp->w - 1);
/* check that pre_comp looks sane */
if (pre_comp->num != (pre_comp->numblocks * pre_points_per_block)) {
ECerror(ERR_R_INTERNAL_ERROR);
goto err;
}
} else {
/* can't use precomputation */
pre_comp = NULL;
numblocks = 1;
num_scalar = 1; /* treat 'scalar' like 'num'-th
* element of 'scalars' */
}
} }
totalnum = num + numblocks; totalnum = num + numblocks;
@ -457,111 +314,9 @@ ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
if (numblocks) { if (numblocks) {
/* we go here iff scalar != NULL */ /* we go here iff scalar != NULL */
if (pre_comp == NULL) { if (num_scalar != 1) {
if (num_scalar != 1) { ECerror(ERR_R_INTERNAL_ERROR);
ECerror(ERR_R_INTERNAL_ERROR); goto err;
goto err;
}
/* we have already generated a wNAF for 'scalar' */
} else {
size_t tmp_len = 0;
if (num_scalar != 0) {
ECerror(ERR_R_INTERNAL_ERROR);
goto err;
}
/*
* use the window size for which we have
* precomputation
*/
wsize[num] = pre_comp->w;
tmp_wNAF = compute_wNAF(scalar, wsize[num], &tmp_len);
if (tmp_wNAF == NULL)
goto err;
if (tmp_len <= max_len) {
/*
* One of the other wNAFs is at least as long
* as the wNAF belonging to the generator, so
* wNAF splitting will not buy us anything.
*/
numblocks = 1;
totalnum = num + 1; /* don't use wNAF
* splitting */
wNAF[num] = tmp_wNAF;
tmp_wNAF = NULL;
wNAF[num + 1] = NULL;
wNAF_len[num] = tmp_len;
if (tmp_len > max_len)
max_len = tmp_len;
/*
* pre_comp->points starts with the points
* that we need here:
*/
val_sub[num] = pre_comp->points;
} else {
/*
* don't include tmp_wNAF directly into wNAF
* array - use wNAF splitting and include the
* blocks
*/
signed char *pp;
EC_POINT **tmp_points;
if (tmp_len < numblocks * blocksize) {
/*
* possibly we can do with fewer
* blocks than estimated
*/
numblocks = (tmp_len + blocksize - 1) / blocksize;
if (numblocks > pre_comp->numblocks) {
ECerror(ERR_R_INTERNAL_ERROR);
goto err;
}
totalnum = num + numblocks;
}
/* split wNAF in 'numblocks' parts */
pp = tmp_wNAF;
tmp_points = pre_comp->points;
for (i = num; i < totalnum; i++) {
if (i < totalnum - 1) {
wNAF_len[i] = blocksize;
if (tmp_len < blocksize) {
ECerror(ERR_R_INTERNAL_ERROR);
goto err;
}
tmp_len -= blocksize;
} else
/*
* last block gets whatever
* is left (this could be
* more or less than
* 'blocksize'!)
*/
wNAF_len[i] = tmp_len;
wNAF[i + 1] = NULL;
wNAF[i] = malloc(wNAF_len[i]);
if (wNAF[i] == NULL) {
ECerror(ERR_R_MALLOC_FAILURE);
goto err;
}
memcpy(wNAF[i], pp, wNAF_len[i]);
if (wNAF_len[i] > max_len)
max_len = wNAF_len[i];
if (*tmp_points == NULL) {
ECerror(ERR_R_INTERNAL_ERROR);
goto err;
}
val_sub[i] = tmp_points;
tmp_points += pre_points_per_block;
pp += blocksize;
}
}
} }
} }
/* /*
@ -693,181 +448,3 @@ ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
free(val_sub); free(val_sub);
return ret; return ret;
} }
/* ec_wNAF_precompute_mult()
* creates an EC_PRE_COMP object with preprecomputed multiples of the generator
* for use with wNAF splitting as implemented in ec_wNAF_mul().
*
* 'pre_comp->points' is an array of multiples of the generator
* of the following form:
* points[0] = generator;
* points[1] = 3 * generator;
* ...
* points[2^(w-1)-1] = (2^(w-1)-1) * generator;
* points[2^(w-1)] = 2^blocksize * generator;
* points[2^(w-1)+1] = 3 * 2^blocksize * generator;
* ...
* points[2^(w-1)*(numblocks-1)-1] = (2^(w-1)) * 2^(blocksize*(numblocks-2)) * generator
* points[2^(w-1)*(numblocks-1)] = 2^(blocksize*(numblocks-1)) * generator
* ...
* points[2^(w-1)*numblocks-1] = (2^(w-1)) * 2^(blocksize*(numblocks-1)) * generator
* points[2^(w-1)*numblocks] = NULL
*/
int
ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
{
const EC_POINT *generator;
EC_POINT *tmp_point = NULL, *base = NULL, **var;
BIGNUM *order;
size_t i, bits, w, pre_points_per_block, blocksize, numblocks,
num;
EC_POINT **points = NULL;
EC_PRE_COMP *pre_comp;
int ret = 0;
/* if there is an old EC_PRE_COMP object, throw it away */
EC_EX_DATA_free_data(&group->extra_data, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free);
if ((pre_comp = ec_pre_comp_new(group)) == NULL)
return 0;
generator = EC_GROUP_get0_generator(group);
if (generator == NULL) {
ECerror(EC_R_UNDEFINED_GENERATOR);
goto err;
}
BN_CTX_start(ctx);
if ((order = BN_CTX_get(ctx)) == NULL)
goto err;
if (!EC_GROUP_get_order(group, order, ctx))
goto err;
if (BN_is_zero(order)) {
ECerror(EC_R_UNKNOWN_ORDER);
goto err;
}
bits = BN_num_bits(order);
/*
* The following parameters mean we precompute (approximately) one
* point per bit.
*
* TBD: The combination 8, 4 is perfect for 160 bits; for other bit
* lengths, other parameter combinations might provide better
* efficiency.
*/
blocksize = 8;
w = 4;
if (EC_window_bits_for_scalar_size(bits) > w) {
/* let's not make the window too small ... */
w = EC_window_bits_for_scalar_size(bits);
}
numblocks = (bits + blocksize - 1) / blocksize; /* max. number of blocks
* to use for wNAF
* splitting */
pre_points_per_block = (size_t) 1 << (w - 1);
num = pre_points_per_block * numblocks; /* number of points to
* compute and store */
points = reallocarray(NULL, (num + 1), sizeof(EC_POINT *));
if (!points) {
ECerror(ERR_R_MALLOC_FAILURE);
goto err;
}
var = points;
var[num] = NULL; /* pivot */
for (i = 0; i < num; i++) {
if ((var[i] = EC_POINT_new(group)) == NULL) {
ECerror(ERR_R_MALLOC_FAILURE);
goto err;
}
}
if (!(tmp_point = EC_POINT_new(group)) || !(base = EC_POINT_new(group))) {
ECerror(ERR_R_MALLOC_FAILURE);
goto err;
}
if (!EC_POINT_copy(base, generator))
goto err;
/* do the precomputation */
for (i = 0; i < numblocks; i++) {
size_t j;
if (!EC_POINT_dbl(group, tmp_point, base, ctx))
goto err;
if (!EC_POINT_copy(*var++, base))
goto err;
for (j = 1; j < pre_points_per_block; j++, var++) {
/* calculate odd multiples of the current base point */
if (!EC_POINT_add(group, *var, tmp_point, *(var - 1), ctx))
goto err;
}
if (i < numblocks - 1) {
/*
* get the next base (multiply current one by
* 2^blocksize)
*/
size_t k;
if (blocksize <= 2) {
ECerror(ERR_R_INTERNAL_ERROR);
goto err;
}
if (!EC_POINT_dbl(group, base, tmp_point, ctx))
goto err;
for (k = 2; k < blocksize; k++) {
if (!EC_POINT_dbl(group, base, base, ctx))
goto err;
}
}
}
if (!EC_POINTs_make_affine(group, num, points, ctx))
goto err;
pre_comp->group = group;
pre_comp->blocksize = blocksize;
pre_comp->numblocks = numblocks;
pre_comp->w = w;
pre_comp->points = points;
points = NULL;
pre_comp->num = num;
if (!EC_EX_DATA_set_data(&group->extra_data, pre_comp,
ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free))
goto err;
pre_comp = NULL;
ret = 1;
err:
BN_CTX_end(ctx);
ec_pre_comp_free(pre_comp);
if (points) {
EC_POINT **p;
for (p = points; *p != NULL; p++)
EC_POINT_free(*p);
free(points);
}
EC_POINT_free(tmp_point);
EC_POINT_free(base);
return ret;
}
int
ec_wNAF_have_precompute_mult(const EC_GROUP *group)
{
if (EC_EX_DATA_get_data(group->extra_data, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free) != NULL)
return 1;
else
return 0;
}

3
lib/libcrypto/ec/ec_pmeth.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ec_pmeth.c,v 1.17 2023/04/25 15:48:48 tb Exp $ */ /* $OpenBSD: ec_pmeth.c,v 1.18 2023/06/25 19:26:04 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006. * project 2006.
*/ */
@ -68,7 +68,6 @@
#include "bn_local.h" #include "bn_local.h"
#include "ec_local.h" #include "ec_local.h"
#include "ech_local.h"
#include "evp_local.h" #include "evp_local.h"
/* EC pkey context structure */ /* EC pkey context structure */

4
lib/libcrypto/ecdh/ecdh_kdf.c
View file

@ -1,3 +1,4 @@
/* $OpenBSD: ecdh_kdf.c,v 1.9 2023/06/25 19:43:28 tb Exp $ */
/* /*
* Written by Stephen Henson for the OpenSSL project. * Written by Stephen Henson for the OpenSSL project.
*/ */
@ -52,10 +53,11 @@
#include <string.h> #include <string.h>
#include <openssl/ecdh.h>
#include <openssl/ec.h> #include <openssl/ec.h>
#include <openssl/evp.h> #include <openssl/evp.h>
#include "ech_local.h" #include "ec_local.h"
/* /*
* Key derivation function from X9.63/SECG. * Key derivation function from X9.63/SECG.

48
lib/libcrypto/ecdh/ech_key.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ech_key.c,v 1.14 2022/11/26 16:08:52 tb Exp $ */ /* $OpenBSD: ech_key.c,v 1.19 2023/06/25 19:35:56 tb Exp $ */
/* ==================================================================== /* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
* *
@ -73,18 +73,13 @@
#include <openssl/opensslconf.h> #include <openssl/opensslconf.h>
#include <openssl/bn.h> #include <openssl/bn.h>
#include <openssl/ecdh.h>
#include <openssl/err.h> #include <openssl/err.h>
#include <openssl/objects.h> #include <openssl/objects.h>
#include <openssl/sha.h> #include <openssl/sha.h>
#include "bn_local.h"
#include "ech_local.h"
#include "ec_local.h" #include "ec_local.h"
static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key,
EC_KEY *ecdh,
void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
/* /*
* This implementation is based on the following primitives in the IEEE 1363 * This implementation is based on the following primitives in the IEEE 1363
* standard: * standard:
@ -92,8 +87,8 @@ static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key,
* - ECSVDP-DH * - ECSVDP-DH
* Finally an optional KDF is applied. * Finally an optional KDF is applied.
*/ */
static int int
ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, ossl_ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
EC_KEY *ecdh, EC_KEY *ecdh,
void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)) void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen))
{ {
@ -184,39 +179,14 @@ ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
ret = outlen; ret = outlen;
} }
err: err:
EC_POINT_free(tmp); EC_POINT_free(tmp);
if (ctx) BN_CTX_end(ctx);
BN_CTX_end(ctx);
BN_CTX_free(ctx); BN_CTX_free(ctx);
free(buf); free(buf);
return (ret); return (ret);
} }
static ECDH_METHOD openssl_ecdh_meth = {
.name = "OpenSSL ECDH method",
.compute_key = ecdh_compute_key
};
const ECDH_METHOD *
ECDH_OpenSSL(void)
{
return &openssl_ecdh_meth;
}
/* replace w/ ecdh_compute_key() when ECDH_METHOD gets removed */
int
ossl_ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
EC_KEY *eckey,
void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen))
{
ECDH_DATA *ecdh;
if ((ecdh = ecdh_check(eckey)) == NULL)
return 0;
return ecdh->meth->compute_key(out, outlen, pub_key, eckey, KDF);
}
int int
ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
EC_KEY *eckey, EC_KEY *eckey,
@ -227,3 +197,9 @@ ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
ECerror(EC_R_NOT_IMPLEMENTED); ECerror(EC_R_NOT_IMPLEMENTED);
return 0; return 0;
} }
int
ECDH_size(const EC_KEY *d)
{
return ((EC_GROUP_get_degree(EC_KEY_get0_group(d)) + 7) / 8);
}

150
lib/libcrypto/ecdh/ech_lib.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ech_lib.c,v 1.16 2023/04/25 19:26:45 tb Exp $ */ /* $OpenBSD: ech_lib.c,v 1.22 2023/06/25 19:17:43 tb Exp $ */
/* ==================================================================== /* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
* *
@ -77,13 +77,27 @@
#include <openssl/err.h> #include <openssl/err.h>
#include "ec_local.h" #include "ec_local.h"
#include "ech_local.h"
struct ecdh_method {
const char *name;
int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
int flags;
char *app_data;
};
static const ECDH_METHOD *default_ECDH_method = NULL; static const ECDH_METHOD *default_ECDH_method = NULL;
static void *ecdh_data_new(void); static const ECDH_METHOD openssl_ecdh_meth = {
static void *ecdh_data_dup(void *); .name = "OpenSSL ECDH method",
static void ecdh_data_free(void *); .compute_key = ossl_ecdh_compute_key,
};
const ECDH_METHOD *
ECDH_OpenSSL(void)
{
return &openssl_ecdh_meth;
}
void void
ECDH_set_default_method(const ECDH_METHOD *meth) ECDH_set_default_method(const ECDH_METHOD *meth)
@ -103,142 +117,24 @@ ECDH_get_default_method(void)
int int
ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth) ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
{ {
ECDH_DATA *ecdh; return 0;
ecdh = ecdh_check(eckey);
if (ecdh == NULL)
return 0;
#ifndef OPENSSL_NO_ENGINE
ENGINE_finish(ecdh->engine);
ecdh->engine = NULL;
#endif
ecdh->meth = meth;
return 1;
}
static ECDH_DATA *
ECDH_DATA_new_method(ENGINE *engine)
{
ECDH_DATA *ret;
ret = malloc(sizeof(ECDH_DATA));
if (ret == NULL) {
ECDHerror(ERR_R_MALLOC_FAILURE);
return (NULL);
}
ret->init = NULL;
ret->meth = ECDH_get_default_method();
ret->engine = engine;
#ifndef OPENSSL_NO_ENGINE
if (!ret->engine)
ret->engine = ENGINE_get_default_ECDH();
if (ret->engine) {
ret->meth = ENGINE_get_ECDH(ret->engine);
if (ret->meth == NULL) {
ECDHerror(ERR_R_ENGINE_LIB);
ENGINE_finish(ret->engine);
free(ret);
return NULL;
}
}
#endif
ret->flags = ret->meth->flags;
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data);
return (ret);
}
static void *
ecdh_data_new(void)
{
return (void *)ECDH_DATA_new_method(NULL);
}
static void *
ecdh_data_dup(void *data)
{
ECDH_DATA *r = (ECDH_DATA *)data;
/* XXX: dummy operation */
if (r == NULL)
return NULL;
return (void *)ecdh_data_new();
}
void
ecdh_data_free(void *data)
{
ECDH_DATA *r = (ECDH_DATA *)data;
#ifndef OPENSSL_NO_ENGINE
ENGINE_finish(r->engine);
#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, r, &r->ex_data);
freezero(r, sizeof(ECDH_DATA));
}
ECDH_DATA *
ecdh_check(EC_KEY *key)
{
ECDH_DATA *ecdh_data;
void *data = EC_KEY_get_key_method_data(key, ecdh_data_dup,
ecdh_data_free, ecdh_data_free);
if (data == NULL) {
ecdh_data = (ECDH_DATA *)ecdh_data_new();
if (ecdh_data == NULL)
return NULL;
data = EC_KEY_insert_key_method_data(key, (void *)ecdh_data,
ecdh_data_dup, ecdh_data_free, ecdh_data_free);
if (data != NULL) {
/* Another thread raced us to install the key_method
* data and won. */
ecdh_data_free(ecdh_data);
ecdh_data = (ECDH_DATA *)data;
}
} else
ecdh_data = (ECDH_DATA *)data;
return ecdh_data;
} }
int int
ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{ {
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ECDH, argl, argp, return -1;
new_func, dup_func, free_func);
} }
int int
ECDH_set_ex_data(EC_KEY *d, int idx, void *arg) ECDH_set_ex_data(EC_KEY *d, int idx, void *arg)
{ {
ECDH_DATA *ecdh; return 0;
ecdh = ecdh_check(d);
if (ecdh == NULL)
return 0;
return (CRYPTO_set_ex_data(&ecdh->ex_data, idx, arg));
} }
void * void *
ECDH_get_ex_data(EC_KEY *d, int idx) ECDH_get_ex_data(EC_KEY *d, int idx)
{ {
ECDH_DATA *ecdh; return NULL;
ecdh = ecdh_check(d);
if (ecdh == NULL)
return NULL;
return (CRYPTO_get_ex_data(&ecdh->ex_data, idx));
}
int
ECDH_size(const EC_KEY *d)
{
return ((EC_GROUP_get_degree(EC_KEY_get0_group(d)) + 7) / 8);
} }

99
lib/libcrypto/ecdh/ech_local.h
View file

@ -1,99 +0,0 @@
/* $OpenBSD: ech_local.h,v 1.2 2022/11/26 17:23:17 tb Exp $ */
/* ====================================================================
* Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#ifndef HEADER_ECH_LOCAL_H
#define HEADER_ECH_LOCAL_H
#include <openssl/ecdh.h>
__BEGIN_HIDDEN_DECLS
struct ecdh_method {
const char *name;
int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
int flags;
char *app_data;
};
/* If this flag is set the ECDH method is FIPS compliant and can be used
* in FIPS mode. This is set in the validated module method. If an
* application sets this flag in its own methods it is its responsibility
* to ensure the result is compliant.
*/
#define ECDH_FLAG_FIPS_METHOD 0x1
typedef struct ecdh_data_st {
/* EC_KEY_METH_DATA part */
int (*init)(EC_KEY *);
/* method specific part */
ENGINE *engine;
int flags;
const ECDH_METHOD *meth;
CRYPTO_EX_DATA ex_data;
} ECDH_DATA;
ECDH_DATA *ecdh_check(EC_KEY *);
/*
* ECDH Key Derivation Function as defined in ANSI X9.63.
*/
int ecdh_KDF_X9_63(unsigned char *out, size_t outlen, const unsigned char *Z,
size_t Zlen, const unsigned char *sinfo, size_t sinfolen, const EVP_MD *md);
__END_HIDDEN_DECLS
#endif /* !HEADER_ECH_LOCAL_H */

169
lib/libcrypto/ecdsa/ecs_lib.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ecs_lib.c,v 1.17 2023/04/25 19:26:45 tb Exp $ */ /* $OpenBSD: ecs_lib.c,v 1.22 2023/06/25 19:33:39 tb Exp $ */
/* ==================================================================== /* ====================================================================
* Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
* *
@ -68,9 +68,18 @@
static const ECDSA_METHOD *default_ECDSA_method = NULL; static const ECDSA_METHOD *default_ECDSA_method = NULL;
static void *ecdsa_data_new(void); static const ECDSA_METHOD openssl_ecdsa_meth = {
static void *ecdsa_data_dup(void *); .name = "OpenSSL ECDSA method",
static void ecdsa_data_free(void *); .ecdsa_do_sign = ossl_ecdsa_sign_sig,
.ecdsa_sign_setup = ossl_ecdsa_sign_setup,
.ecdsa_do_verify = ossl_ecdsa_verify_sig,
};
const ECDSA_METHOD *
ECDSA_OpenSSL(void)
{
return &openssl_ecdsa_meth;
}
void void
ECDSA_set_default_method(const ECDSA_METHOD *meth) ECDSA_set_default_method(const ECDSA_METHOD *meth)
@ -90,168 +99,24 @@ ECDSA_get_default_method(void)
int int
ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth) ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
{ {
ECDSA_DATA *ecdsa; return 0;
ecdsa = ecdsa_check(eckey);
if (ecdsa == NULL)
return 0;
#ifndef OPENSSL_NO_ENGINE
ENGINE_finish(ecdsa->engine);
ecdsa->engine = NULL;
#endif
ecdsa->meth = meth;
return 1;
}
static ECDSA_DATA *
ECDSA_DATA_new_method(ENGINE *engine)
{
ECDSA_DATA *ret;
ret = malloc(sizeof(ECDSA_DATA));
if (ret == NULL) {
ECDSAerror(ERR_R_MALLOC_FAILURE);
return (NULL);
}
ret->init = NULL;
ret->meth = ECDSA_get_default_method();
ret->engine = engine;
#ifndef OPENSSL_NO_ENGINE
if (!ret->engine)
ret->engine = ENGINE_get_default_ECDSA();
if (ret->engine) {
ret->meth = ENGINE_get_ECDSA(ret->engine);
if (ret->meth == NULL) {
ECDSAerror(ERR_R_ENGINE_LIB);
ENGINE_finish(ret->engine);
free(ret);
return NULL;
}
}
#endif
ret->flags = ret->meth->flags;
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDSA, ret, &ret->ex_data);
return (ret);
}
static void *
ecdsa_data_new(void)
{
return (void *)ECDSA_DATA_new_method(NULL);
}
static void *
ecdsa_data_dup(void *data)
{
ECDSA_DATA *r = (ECDSA_DATA *)data;
/* XXX: dummy operation */
if (r == NULL)
return NULL;
return ecdsa_data_new();
}
static void
ecdsa_data_free(void *data)
{
ECDSA_DATA *r = (ECDSA_DATA *)data;
#ifndef OPENSSL_NO_ENGINE
ENGINE_finish(r->engine);
#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, r, &r->ex_data);
freezero(r, sizeof(ECDSA_DATA));
}
ECDSA_DATA *
ecdsa_check(EC_KEY *key)
{
ECDSA_DATA *ecdsa_data;
void *data = EC_KEY_get_key_method_data(key, ecdsa_data_dup,
ecdsa_data_free, ecdsa_data_free);
if (data == NULL) {
ecdsa_data = (ECDSA_DATA *)ecdsa_data_new();
if (ecdsa_data == NULL)
return NULL;
data = EC_KEY_insert_key_method_data(key, (void *)ecdsa_data,
ecdsa_data_dup, ecdsa_data_free, ecdsa_data_free);
if (data != NULL) {
/* Another thread raced us to install the key_method
* data and won. */
ecdsa_data_free(ecdsa_data);
ecdsa_data = (ECDSA_DATA *)data;
}
} else
ecdsa_data = (ECDSA_DATA *)data;
return ecdsa_data;
}
int
ECDSA_size(const EC_KEY *r)
{
BIGNUM *order = NULL;
const EC_GROUP *group;
ECDSA_SIG signature;
int ret = 0;
if (r == NULL)
goto err;
if ((group = EC_KEY_get0_group(r)) == NULL)
goto err;
if ((order = BN_new()) == NULL)
goto err;
if (!EC_GROUP_get_order(group, order, NULL))
goto err;
signature.r = order;
signature.s = order;
if ((ret = i2d_ECDSA_SIG(&signature, NULL)) < 0)
ret = 0;
err:
BN_free(order);
return ret;
} }
int int
ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{ {
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ECDSA, argl, argp, return -1;
new_func, dup_func, free_func);
} }
int int
ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg) ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg)
{ {
ECDSA_DATA *ecdsa; return 0;
ecdsa = ecdsa_check(d);
if (ecdsa == NULL)
return 0;
return (CRYPTO_set_ex_data(&ecdsa->ex_data, idx, arg));
} }
void * void *
ECDSA_get_ex_data(EC_KEY *d, int idx) ECDSA_get_ex_data(EC_KEY *d, int idx)
{ {
ECDSA_DATA *ecdsa; return NULL;
ecdsa = ecdsa_check(d);
if (ecdsa == NULL)
return NULL;
return (CRYPTO_get_ex_data(&ecdsa->ex_data, idx));
} }

20
lib/libcrypto/ecdsa/ecs_local.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ecs_local.h,v 1.2 2022/11/26 17:23:17 tb Exp $ */ /* $OpenBSD: ecs_local.h,v 1.3 2023/06/25 18:45:56 tb Exp $ */
/* /*
* Written by Nils Larsch for the OpenSSL project * Written by Nils Larsch for the OpenSSL project
*/ */
@ -63,29 +63,11 @@
__BEGIN_HIDDEN_DECLS __BEGIN_HIDDEN_DECLS
typedef struct ecdsa_data_st {
/* EC_KEY_METH_DATA part */
int (*init)(EC_KEY *);
/* method (ECDSA) specific part */
ENGINE *engine;
int flags;
const ECDSA_METHOD *meth;
CRYPTO_EX_DATA ex_data;
} ECDSA_DATA;
struct ECDSA_SIG_st { struct ECDSA_SIG_st {
BIGNUM *r; BIGNUM *r;
BIGNUM *s; BIGNUM *s;
}; };
/** ecdsa_check
* checks whether ECKEY->meth_data is a pointer to a ECDSA_DATA structure
* and if not it removes the old meth_data and creates a ECDSA_DATA structure.
* \param eckey pointer to a EC_KEY object
* \return pointer to a ECDSA_DATA structure
*/
ECDSA_DATA *ecdsa_check(EC_KEY *eckey);
int ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, int ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
BIGNUM **rp); BIGNUM **rp);
int ossl_ecdsa_sign(int type, const unsigned char *dgst, int dlen, int ossl_ecdsa_sign(int type, const unsigned char *dgst, int dlen,

105
lib/libcrypto/ecdsa/ecs_ossl.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ecs_ossl.c,v 1.33 2023/04/13 15:00:24 tb Exp $ */ /* $OpenBSD: ecs_ossl.c,v 1.37 2023/06/25 19:33:39 tb Exp $ */
/* /*
* Written by Nils Larsch for the OpenSSL project * Written by Nils Larsch for the OpenSSL project
*/ */
@ -71,25 +71,6 @@
static int ecdsa_prepare_digest(const unsigned char *dgst, int dgst_len, static int ecdsa_prepare_digest(const unsigned char *dgst, int dgst_len,
BIGNUM *order, BIGNUM *ret); BIGNUM *order, BIGNUM *ret);
static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
const BIGNUM *, const BIGNUM *, EC_KEY *eckey);
static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
BIGNUM **rp);
static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
const ECDSA_SIG *sig, EC_KEY *eckey);
static ECDSA_METHOD openssl_ecdsa_meth = {
.name = "OpenSSL ECDSA method",
.ecdsa_do_sign = ecdsa_do_sign,
.ecdsa_sign_setup = ecdsa_sign_setup,
.ecdsa_do_verify = ecdsa_do_verify
};
const ECDSA_METHOD *
ECDSA_OpenSSL(void)
{
return &openssl_ecdsa_meth;
}
static int static int
ecdsa_prepare_digest(const unsigned char *dgst, int dgst_len, BIGNUM *order, ecdsa_prepare_digest(const unsigned char *dgst, int dgst_len, BIGNUM *order,
@ -139,8 +120,8 @@ ossl_ecdsa_sign(int type, const unsigned char *dgst, int dlen, unsigned char *si
return ret; return ret;
} }
static int int
ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
{ {
BN_CTX *ctx = ctx_in; BN_CTX *ctx = ctx_in;
BIGNUM *k = NULL, *r = NULL, *order = NULL, *X = NULL; BIGNUM *k = NULL, *r = NULL, *order = NULL, *X = NULL;
@ -260,18 +241,6 @@ ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
return (ret); return (ret);
} }
/* replace w/ ecdsa_sign_setup() when ECDSA_METHOD gets removed */
int
ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
{
ECDSA_DATA *ecdsa;
if ((ecdsa = ecdsa_check(eckey)) == NULL)
return 0;
return ecdsa->meth->ecdsa_sign_setup(eckey, ctx_in, kinvp, rp);
}
/* /*
* It is too expensive to check curve parameters on every sign operation. * It is too expensive to check curve parameters on every sign operation.
* Instead, cap the number of retries. A single retry is very unlikely, so * Instead, cap the number of retries. A single retry is very unlikely, so
@ -279,8 +248,8 @@ ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp
*/ */
#define ECDSA_MAX_SIGN_ITERATIONS 32 #define ECDSA_MAX_SIGN_ITERATIONS 32
static ECDSA_SIG * ECDSA_SIG *
ecdsa_do_sign(const unsigned char *dgst, int dgst_len, ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len,
const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey)
{ {
BIGNUM *b = NULL, *binv = NULL, *bm = NULL, *bxr = NULL; BIGNUM *b = NULL, *binv = NULL, *bm = NULL, *bxr = NULL;
@ -289,15 +258,13 @@ ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
BN_CTX *ctx = NULL; BN_CTX *ctx = NULL;
const EC_GROUP *group; const EC_GROUP *group;
ECDSA_SIG *ret; ECDSA_SIG *ret;
ECDSA_DATA *ecdsa;
int attempts = 0; int attempts = 0;
int ok = 0; int ok = 0;
ecdsa = ecdsa_check(eckey);
group = EC_KEY_get0_group(eckey); group = EC_KEY_get0_group(eckey);
priv_key = EC_KEY_get0_private_key(eckey); priv_key = EC_KEY_get0_private_key(eckey);
if (group == NULL || priv_key == NULL || ecdsa == NULL) { if (group == NULL || priv_key == NULL) {
ECDSAerror(ERR_R_PASSED_NULL_PARAMETER); ECDSAerror(ERR_R_PASSED_NULL_PARAMETER);
return NULL; return NULL;
} }
@ -434,18 +401,6 @@ ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
return ret; return ret;
} }
/* replace w/ ecdsa_do_sign() when ECDSA_METHOD gets removed */
ECDSA_SIG *
ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len,
const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey)
{
ECDSA_DATA *ecdsa;
if ((ecdsa = ecdsa_check(eckey)) == NULL)
return NULL;
return ecdsa->meth->ecdsa_do_sign(dgst, dgst_len, in_kinv, in_r, eckey);
}
int int
ossl_ecdsa_verify(int type, const unsigned char *dgst, int dgst_len, ossl_ecdsa_verify(int type, const unsigned char *dgst, int dgst_len,
const unsigned char *sigbuf, int sig_len, EC_KEY *eckey) const unsigned char *sigbuf, int sig_len, EC_KEY *eckey)
@ -472,8 +427,8 @@ ossl_ecdsa_verify(int type, const unsigned char *dgst, int dgst_len,
return (ret); return (ret);
} }
static int int
ecdsa_do_verify(const unsigned char *dgst, int dgst_len, const ECDSA_SIG *sig, ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, const ECDSA_SIG *sig,
EC_KEY *eckey) EC_KEY *eckey)
{ {
BN_CTX *ctx; BN_CTX *ctx;
@ -563,18 +518,6 @@ ecdsa_do_verify(const unsigned char *dgst, int dgst_len, const ECDSA_SIG *sig,
return ret; return ret;
} }
/* replace w/ ecdsa_do_verify() when ECDSA_METHOD gets removed */
int
ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len,
const ECDSA_SIG *sig, EC_KEY *eckey)
{
ECDSA_DATA *ecdsa;
if ((ecdsa = ecdsa_check(eckey)) == NULL)
return 0;
return ecdsa->meth->ecdsa_do_verify(dgst, dgst_len, sig, eckey);
}
ECDSA_SIG * ECDSA_SIG *
ECDSA_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey) ECDSA_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey)
{ {
@ -637,3 +580,35 @@ ECDSA_verify(int type, const unsigned char *dgst, int dgst_len,
ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED); ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED);
return 0; return 0;
} }
int
ECDSA_size(const EC_KEY *r)
{
BIGNUM *order = NULL;
const EC_GROUP *group;
ECDSA_SIG signature;
int ret = 0;
if (r == NULL)
goto err;
if ((group = EC_KEY_get0_group(r)) == NULL)
goto err;
if ((order = BN_new()) == NULL)
goto err;
if (!EC_GROUP_get_order(group, order, NULL))
goto err;
signature.r = order;
signature.s = order;
if ((ret = i2d_ECDSA_SIG(&signature, NULL)) < 0)
ret = 0;
err:
BN_free(order);
return ret;
}

6
lib/libcrypto/man/X509_check_purpose.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: X509_check_purpose.3,v 1.10 2023/04/30 14:49:47 tb Exp $ .\" $OpenBSD: X509_check_purpose.3,v 1.11 2023/06/25 13:54:58 tb Exp $
.\" .\"
.\" Copyright (c) 2019, 2021 Ingo Schwarze <schwarze@openbsd.org> .\" Copyright (c) 2019, 2021 Ingo Schwarze <schwarze@openbsd.org>
.\" .\"
@ -14,7 +14,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\" .\"
.Dd $Mdocdate: April 30 2023 $ .Dd $Mdocdate: June 25 2023 $
.Dt X509_CHECK_PURPOSE 3 .Dt X509_CHECK_PURPOSE 3
.Os .Os
.Sh NAME .Sh NAME
@ -38,7 +38,7 @@ ignores the
argument and checks that all the extensions of the argument and checks that all the extensions of the
.Fa certificate .Fa certificate
can be parsed and pass minimal sanity checks, ensuring that can be parsed and pass minimal sanity checks, ensuring that
extensions that must not occur more than once do not. no extension occurs more than once.
It also makes sure that all extensions are cached in the It also makes sure that all extensions are cached in the
.Vt X509 .Vt X509
object. object.

46
lib/libcrypto/x509/x509_purp.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: x509_purp.c,v 1.26 2023/06/20 14:21:19 tb Exp $ */ /* $OpenBSD: x509_purp.c,v 1.27 2023/06/25 13:52:27 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2001. * project 2001.
*/ */
@ -441,6 +441,47 @@ setup_crldp(X509 *x)
setup_dp(x, sk_DIST_POINT_value(x->crldp, i)); setup_dp(x, sk_DIST_POINT_value(x->crldp, i));
} }
static int
x509_extension_oid_cmp(const X509_EXTENSION *const *a,
const X509_EXTENSION *const *b)
{
return OBJ_cmp((*a)->object, (*b)->object);
}
static int
x509_extension_oids_are_unique(X509 *x509)
{
STACK_OF(X509_EXTENSION) *exts = NULL;
const X509_EXTENSION *prev_ext, *curr_ext;
int i;
int ret = 0;
if (X509_get_ext_count(x509) <= 1)
goto done;
if ((exts = sk_X509_EXTENSION_dup(x509->cert_info->extensions)) == NULL)
goto err;
(void)sk_X509_EXTENSION_set_cmp_func(exts, x509_extension_oid_cmp);
sk_X509_EXTENSION_sort(exts);
prev_ext = sk_X509_EXTENSION_value(exts, 0);
for (i = 1; i < sk_X509_EXTENSION_num(exts); i++) {
curr_ext = sk_X509_EXTENSION_value(exts, i);
if (x509_extension_oid_cmp(&prev_ext, &curr_ext) == 0)
goto err;
prev_ext = curr_ext;
}
done:
ret = 1;
err:
sk_X509_EXTENSION_free(exts);
return ret;
}
static void static void
x509v3_cache_extensions_internal(X509 *x) x509v3_cache_extensions_internal(X509 *x)
{ {
@ -612,6 +653,9 @@ x509v3_cache_extensions_internal(X509 *x)
} }
} }
if (!x509_extension_oids_are_unique(x))
x->ex_flags |= EXFLAG_INVALID;
x509_verify_cert_info_populate(x); x509_verify_cert_info_populate(x);
x->ex_flags |= EXFLAG_SET; x->ex_flags |= EXFLAG_SET;

5
lib/libcrypto/x509/x509v3.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: x509v3.h,v 1.24 2023/04/25 19:01:01 tb Exp $ */ /* $OpenBSD: x509v3.h,v 1.25 2023/06/25 18:15:21 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999. * project 1999.
*/ */
@ -426,8 +426,7 @@ typedef struct x509_purpose_st {
int purpose; int purpose;
int trust; /* Default trust ID */ int trust; /* Default trust ID */
int flags; int flags;
int (*check_purpose)(const struct x509_purpose_st *, int (*check_purpose)(const struct x509_purpose_st *, const X509 *, int);
const X509 *, int);
char *name; char *name;
char *sname; char *sname;
void *usr_data; void *usr_data;

3
regress/usr.sbin/rpki-client/test-rrdp.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: test-rrdp.c,v 1.7 2023/06/20 12:52:32 job Exp $ */ /* $OpenBSD: test-rrdp.c,v 1.8 2023/06/24 07:07:36 claudio Exp $ */
/* /*
* Copyright (c) 2020 Nils Fisher <nils_fisher@hotmail.com> * Copyright (c) 2020 Nils Fisher <nils_fisher@hotmail.com>
* Copyright (c) 2021 Claudio Jeker <claudio@openbsd.org> * Copyright (c) 2021 Claudio Jeker <claudio@openbsd.org>
@ -203,6 +203,7 @@ rrdp_finished(struct rrdp *s)
switch (s->task) { switch (s->task) {
case NOTIFICATION: case NOTIFICATION:
notification_done(s->nxml, NULL);
log_notification_xml(s->nxml); log_notification_xml(s->nxml);
break; break;
case SNAPSHOT: case SNAPSHOT:

14
sbin/iked/ca.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ca.c,v 1.93 2023/06/17 22:33:34 tobhe Exp $ */ /* $OpenBSD: ca.c,v 1.94 2023/06/25 08:07:04 op Exp $ */
/* /*
* Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org>
@ -33,7 +33,6 @@
#include <openssl/bio.h> #include <openssl/bio.h>
#include <openssl/err.h> #include <openssl/err.h>
#include <openssl/engine.h>
#include <openssl/ssl.h> #include <openssl/ssl.h>
#include <openssl/x509.h> #include <openssl/x509.h>
#include <openssl/x509v3.h> #include <openssl/x509v3.h>
@ -1958,17 +1957,6 @@ ca_x509_subjectaltname_get(X509 *cert, struct iked_id *retid)
return ca_x509_subjectaltname_do(cert, MODE_ALT_GET, NULL, NULL, retid); return ca_x509_subjectaltname_do(cert, MODE_ALT_GET, NULL, NULL, retid);
} }
void
ca_sslinit(void)
{
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
/* Init hardware crypto engines. */
ENGINE_load_builtin_engines();
ENGINE_register_all_complete();
}
void void
ca_sslerror(const char *caller) ca_sslerror(const char *caller)
{ {

3
sbin/iked/iked.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: iked.c,v 1.64 2023/03/05 22:17:22 tobhe Exp $ */ /* $OpenBSD: iked.c,v 1.65 2023/06/25 08:07:04 op Exp $ */
/* /*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de> * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@ -175,7 +175,6 @@ main(int argc, char *argv[])
if (strlcpy(env->sc_conffile, conffile, PATH_MAX) >= PATH_MAX) if (strlcpy(env->sc_conffile, conffile, PATH_MAX) >= PATH_MAX)
errx(1, "config file exceeds PATH_MAX"); errx(1, "config file exceeds PATH_MAX");
ca_sslinit();
group_init(); group_init();
policy_init(env); policy_init(env);

3
sbin/iked/iked.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: iked.h,v 1.218 2023/06/19 17:19:50 claudio Exp $ */ /* $OpenBSD: iked.h,v 1.219 2023/06/25 08:07:04 op Exp $ */
/* /*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de> * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@ -1178,7 +1178,6 @@ int ca_setauth(struct iked *, struct iked_sa *,
void ca_getkey(struct privsep *, struct iked_id *, enum imsg_type); void ca_getkey(struct privsep *, struct iked_id *, enum imsg_type);
int ca_privkey_serialize(EVP_PKEY *, struct iked_id *); int ca_privkey_serialize(EVP_PKEY *, struct iked_id *);
int ca_pubkey_serialize(EVP_PKEY *, struct iked_id *); int ca_pubkey_serialize(EVP_PKEY *, struct iked_id *);
void ca_sslinit(void);
void ca_sslerror(const char *); void ca_sslerror(const char *);
char *ca_asn1_name(uint8_t *, size_t); char *ca_asn1_name(uint8_t *, size_t);
void *ca_x509_name_parse(char *); void *ca_x509_name_parse(char *);

58
sys/netinet/in_pcb.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: in_pcb.c,v 1.276 2022/10/03 16:43:52 bluhm Exp $ */ /* $OpenBSD: in_pcb.c,v 1.277 2023/06/24 20:54:46 bluhm Exp $ */
/* $NetBSD: in_pcb.c,v 1.25 1996/02/13 23:41:53 christos Exp $ */ /* $NetBSD: in_pcb.c,v 1.25 1996/02/13 23:41:53 christos Exp $ */
/* /*
@ -121,15 +121,15 @@ struct baddynamicports rootonlyports;
struct pool inpcb_pool; struct pool inpcb_pool;
void in_pcbhash_insert(struct inpcb *); void in_pcbhash_insert(struct inpcb *);
struct inpcb *in_pcbhash_lookup(struct inpcbtable *, u_int, struct inpcb *in_pcbhash_lookup(struct inpcbtable *, uint64_t, u_int,
const struct in_addr *, u_short, const struct in_addr *, u_short); const struct in_addr *, u_short, const struct in_addr *, u_short);
int in_pcbresize(struct inpcbtable *, int); int in_pcbresize(struct inpcbtable *, int);
#define INPCBHASH_LOADFACTOR(_x) (((_x) * 3) / 4) #define INPCBHASH_LOADFACTOR(_x) (((_x) * 3) / 4)
struct inpcbhead *in_pcbhash(struct inpcbtable *, u_int, uint64_t in_pcbhash(struct inpcbtable *, u_int,
const struct in_addr *, u_short, const struct in_addr *, u_short); const struct in_addr *, u_short, const struct in_addr *, u_short);
struct inpcbhead *in_pcblhash(struct inpcbtable *, u_int, u_short); uint64_t in_pcblhash(struct inpcbtable *, u_int, u_short);
/* /*
* in_pcb is used for inet and inet6. in6_pcb only contains special * in_pcb is used for inet and inet6. in6_pcb only contains special
@ -142,7 +142,7 @@ in_init(void)
IPL_SOFTNET, 0, "inpcb", NULL); IPL_SOFTNET, 0, "inpcb", NULL);
} }
struct inpcbhead * uint64_t
in_pcbhash(struct inpcbtable *table, u_int rdomain, in_pcbhash(struct inpcbtable *table, u_int rdomain,
const struct in_addr *faddr, u_short fport, const struct in_addr *faddr, u_short fport,
const struct in_addr *laddr, u_short lport) const struct in_addr *laddr, u_short lport)
@ -156,11 +156,10 @@ in_pcbhash(struct inpcbtable *table, u_int rdomain,
SipHash24_Update(&ctx, &fport, sizeof(fport)); SipHash24_Update(&ctx, &fport, sizeof(fport));
SipHash24_Update(&ctx, laddr, sizeof(*laddr)); SipHash24_Update(&ctx, laddr, sizeof(*laddr));
SipHash24_Update(&ctx, &lport, sizeof(lport)); SipHash24_Update(&ctx, &lport, sizeof(lport));
return SipHash24_End(&ctx);
return (&table->inpt_hashtbl[SipHash24_End(&ctx) & table->inpt_mask]);
} }
struct inpcbhead * uint64_t
in_pcblhash(struct inpcbtable *table, u_int rdomain, u_short lport) in_pcblhash(struct inpcbtable *table, u_int rdomain, u_short lport)
{ {
SIPHASH_CTX ctx; SIPHASH_CTX ctx;
@ -169,8 +168,7 @@ in_pcblhash(struct inpcbtable *table, u_int rdomain, u_short lport)
SipHash24_Init(&ctx, &table->inpt_lkey); SipHash24_Init(&ctx, &table->inpt_lkey);
SipHash24_Update(&ctx, &nrdom, sizeof(nrdom)); SipHash24_Update(&ctx, &nrdom, sizeof(nrdom));
SipHash24_Update(&ctx, &lport, sizeof(lport)); SipHash24_Update(&ctx, &lport, sizeof(lport));
return SipHash24_End(&ctx);
return (&table->inpt_lhashtbl[SipHash24_End(&ctx) & table->inpt_lmask]);
} }
void void
@ -816,11 +814,14 @@ in_pcblookup_local(struct inpcbtable *table, void *laddrp, u_int lport_arg,
struct in6_addr *laddr6 = (struct in6_addr *)laddrp; struct in6_addr *laddr6 = (struct in6_addr *)laddrp;
#endif #endif
struct inpcbhead *head; struct inpcbhead *head;
uint64_t lhash;
u_int rdomain; u_int rdomain;
rdomain = rtable_l2(rtable); rdomain = rtable_l2(rtable);
lhash = in_pcblhash(table, rdomain, lport);
mtx_enter(&table->inpt_mtx); mtx_enter(&table->inpt_mtx);
head = in_pcblhash(table, rdomain, lport); head = &table->inpt_lhashtbl[lhash & table->inpt_lmask];
LIST_FOREACH(inp, head, inp_lhash) { LIST_FOREACH(inp, head, inp_lhash) {
if (rtable_l2(inp->inp_rtableid) != rdomain) if (rtable_l2(inp->inp_rtableid) != rdomain)
continue; continue;
@ -1056,37 +1057,38 @@ in_pcbhash_insert(struct inpcb *inp)
{ {
struct inpcbtable *table = inp->inp_table; struct inpcbtable *table = inp->inp_table;
struct inpcbhead *head; struct inpcbhead *head;
uint64_t hash, lhash;
NET_ASSERT_LOCKED();
MUTEX_ASSERT_LOCKED(&table->inpt_mtx); MUTEX_ASSERT_LOCKED(&table->inpt_mtx);
head = in_pcblhash(table, inp->inp_rtableid, inp->inp_lport); lhash = in_pcblhash(table, inp->inp_rtableid, inp->inp_lport);
head = &table->inpt_lhashtbl[lhash & table->inpt_lmask];
LIST_INSERT_HEAD(head, inp, inp_lhash); LIST_INSERT_HEAD(head, inp, inp_lhash);
#ifdef INET6 #ifdef INET6
if (inp->inp_flags & INP_IPV6) if (inp->inp_flags & INP_IPV6)
head = in6_pcbhash(table, rtable_l2(inp->inp_rtableid), hash = in6_pcbhash(table, rtable_l2(inp->inp_rtableid),
&inp->inp_faddr6, inp->inp_fport, &inp->inp_faddr6, inp->inp_fport,
&inp->inp_laddr6, inp->inp_lport); &inp->inp_laddr6, inp->inp_lport);
else else
#endif /* INET6 */ #endif /* INET6 */
head = in_pcbhash(table, rtable_l2(inp->inp_rtableid), hash = in_pcbhash(table, rtable_l2(inp->inp_rtableid),
&inp->inp_faddr, inp->inp_fport, &inp->inp_faddr, inp->inp_fport,
&inp->inp_laddr, inp->inp_lport); &inp->inp_laddr, inp->inp_lport);
head = &table->inpt_hashtbl[hash & table->inpt_mask];
LIST_INSERT_HEAD(head, inp, inp_hash); LIST_INSERT_HEAD(head, inp, inp_hash);
} }
struct inpcb * struct inpcb *
in_pcbhash_lookup(struct inpcbtable *table, u_int rdomain, in_pcbhash_lookup(struct inpcbtable *table, uint64_t hash, u_int rdomain,
const struct in_addr *faddr, u_short fport, const struct in_addr *faddr, u_short fport,
const struct in_addr *laddr, u_short lport) const struct in_addr *laddr, u_short lport)
{ {
struct inpcbhead *head; struct inpcbhead *head;
struct inpcb *inp; struct inpcb *inp;
NET_ASSERT_LOCKED();
MUTEX_ASSERT_LOCKED(&table->inpt_mtx); MUTEX_ASSERT_LOCKED(&table->inpt_mtx);
head = in_pcbhash(table, rdomain, faddr, fport, laddr, lport); head = &table->inpt_hashtbl[hash & table->inpt_mask];
LIST_FOREACH(inp, head, inp_hash) { LIST_FOREACH(inp, head, inp_hash) {
#ifdef INET6 #ifdef INET6
if (ISSET(inp->inp_flags, INP_IPV6)) if (ISSET(inp->inp_flags, INP_IPV6))
@ -1140,8 +1142,6 @@ in_pcbresize(struct inpcbtable *table, int hashsize)
table->inpt_mask = nmask; table->inpt_mask = nmask;
table->inpt_lmask = nlmask; table->inpt_lmask = nlmask;
table->inpt_size = hashsize; table->inpt_size = hashsize;
arc4random_buf(&table->inpt_key, sizeof(table->inpt_key));
arc4random_buf(&table->inpt_lkey, sizeof(table->inpt_lkey));
TAILQ_FOREACH(inp, &table->inpt_queue, inp_queue) { TAILQ_FOREACH(inp, &table->inpt_queue, inp_queue) {
LIST_REMOVE(inp, inp_lhash); LIST_REMOVE(inp, inp_lhash);
@ -1172,13 +1172,18 @@ in_pcblookup(struct inpcbtable *table, struct in_addr faddr,
u_int fport, struct in_addr laddr, u_int lport, u_int rtable) u_int fport, struct in_addr laddr, u_int lport, u_int rtable)
{ {
struct inpcb *inp; struct inpcb *inp;
uint64_t hash;
u_int rdomain; u_int rdomain;
rdomain = rtable_l2(rtable); rdomain = rtable_l2(rtable);
hash = in_pcbhash(table, rdomain, &faddr, fport, &laddr, lport);
mtx_enter(&table->inpt_mtx); mtx_enter(&table->inpt_mtx);
inp = in_pcbhash_lookup(table, rdomain, &faddr, fport, &laddr, lport); inp = in_pcbhash_lookup(table, hash, rdomain,
&faddr, fport, &laddr, lport);
in_pcbref(inp); in_pcbref(inp);
mtx_leave(&table->inpt_mtx); mtx_leave(&table->inpt_mtx);
#ifdef DIAGNOSTIC #ifdef DIAGNOSTIC
if (inp == NULL && in_pcbnotifymiss) { if (inp == NULL && in_pcbnotifymiss) {
printf("%s: faddr=%08x fport=%d laddr=%08x lport=%d rdom=%u\n", printf("%s: faddr=%08x fport=%d laddr=%08x lport=%d rdom=%u\n",
@ -1202,6 +1207,7 @@ in_pcblookup_listen(struct inpcbtable *table, struct in_addr laddr,
{ {
const struct in_addr *key1, *key2; const struct in_addr *key1, *key2;
struct inpcb *inp; struct inpcb *inp;
uint64_t hash;
u_int16_t lport = lport_arg; u_int16_t lport = lport_arg;
u_int rdomain; u_int rdomain;
@ -1239,14 +1245,20 @@ in_pcblookup_listen(struct inpcbtable *table, struct in_addr laddr,
#endif #endif
rdomain = rtable_l2(rtable); rdomain = rtable_l2(rtable);
hash = in_pcbhash(table, rdomain, &zeroin_addr, 0, key1, lport);
mtx_enter(&table->inpt_mtx); mtx_enter(&table->inpt_mtx);
inp = in_pcbhash_lookup(table, rdomain, &zeroin_addr, 0, key1, lport); inp = in_pcbhash_lookup(table, hash, rdomain,
&zeroin_addr, 0, key1, lport);
if (inp == NULL && key1->s_addr != key2->s_addr) { if (inp == NULL && key1->s_addr != key2->s_addr) {
inp = in_pcbhash_lookup(table, rdomain, hash = in_pcbhash(table, rdomain,
&zeroin_addr, 0, key2, lport);
inp = in_pcbhash_lookup(table, hash, rdomain,
&zeroin_addr, 0, key2, lport); &zeroin_addr, 0, key2, lport);
} }
in_pcbref(inp); in_pcbref(inp);
mtx_leave(&table->inpt_mtx); mtx_leave(&table->inpt_mtx);
#ifdef DIAGNOSTIC #ifdef DIAGNOSTIC
if (inp == NULL && in_pcbnotifymiss) { if (inp == NULL && in_pcbnotifymiss) {
printf("%s: laddr=%08x lport=%d rdom=%u\n", printf("%s: laddr=%08x lport=%d rdom=%u\n",

7
sys/netinet/in_pcb.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: in_pcb.h,v 1.135 2022/10/03 16:43:52 bluhm Exp $ */ /* $OpenBSD: in_pcb.h,v 1.136 2023/06/24 20:54:46 bluhm Exp $ */
/* $NetBSD: in_pcb.h,v 1.14 1996/02/13 23:42:00 christos Exp $ */ /* $NetBSD: in_pcb.h,v 1.14 1996/02/13 23:42:00 christos Exp $ */
/* /*
@ -172,7 +172,7 @@ struct inpcbtable {
TAILQ_HEAD(inpthead, inpcb) inpt_queue; /* [t] inet PCB queue */ TAILQ_HEAD(inpthead, inpcb) inpt_queue; /* [t] inet PCB queue */
struct inpcbhead *inpt_hashtbl; /* [t] local and foreign hash */ struct inpcbhead *inpt_hashtbl; /* [t] local and foreign hash */
struct inpcbhead *inpt_lhashtbl; /* [t] local port hash */ struct inpcbhead *inpt_lhashtbl; /* [t] local port hash */
SIPHASH_KEY inpt_key, inpt_lkey; /* [t] secrets for hashes */ SIPHASH_KEY inpt_key, inpt_lkey; /* [I] secrets for hashes */
u_long inpt_mask, inpt_lmask; /* [t] hash masks */ u_long inpt_mask, inpt_lmask; /* [t] hash masks */
int inpt_count, inpt_size; /* [t] queue count, hash size */ int inpt_count, inpt_size; /* [t] queue count, hash size */
}; };
@ -294,8 +294,7 @@ struct inpcb *
in_pcblookup_listen(struct inpcbtable *, struct in_addr, u_int, in_pcblookup_listen(struct inpcbtable *, struct in_addr, u_int,
struct mbuf *, u_int); struct mbuf *, u_int);
#ifdef INET6 #ifdef INET6
struct inpcbhead * uint64_t in6_pcbhash(struct inpcbtable *, u_int, const struct in6_addr *,
in6_pcbhash(struct inpcbtable *, u_int, const struct in6_addr *,
u_short, const struct in6_addr *, u_short); u_short, const struct in6_addr *, u_short);
struct inpcb * struct inpcb *
in6_pcblookup(struct inpcbtable *, const struct in6_addr *, in6_pcblookup(struct inpcbtable *, const struct in6_addr *,

31
sys/netinet6/in6_pcb.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: in6_pcb.c,v 1.123 2022/09/03 22:43:38 mvs Exp $ */ /* $OpenBSD: in6_pcb.c,v 1.124 2023/06/24 20:54:46 bluhm Exp $ */
/* /*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -126,10 +126,10 @@
const struct in6_addr zeroin6_addr; const struct in6_addr zeroin6_addr;
struct inpcb *in6_pcbhash_lookup(struct inpcbtable *, u_int, struct inpcb *in6_pcbhash_lookup(struct inpcbtable *, uint64_t, u_int,
const struct in6_addr *, u_short, const struct in6_addr *, u_short); const struct in6_addr *, u_short, const struct in6_addr *, u_short);
struct inpcbhead * uint64_t
in6_pcbhash(struct inpcbtable *table, u_int rdomain, in6_pcbhash(struct inpcbtable *table, u_int rdomain,
const struct in6_addr *faddr, u_short fport, const struct in6_addr *faddr, u_short fport,
const struct in6_addr *laddr, u_short lport) const struct in6_addr *laddr, u_short lport)
@ -143,8 +143,7 @@ in6_pcbhash(struct inpcbtable *table, u_int rdomain,
SipHash24_Update(&ctx, &fport, sizeof(fport)); SipHash24_Update(&ctx, &fport, sizeof(fport));
SipHash24_Update(&ctx, laddr, sizeof(*laddr)); SipHash24_Update(&ctx, laddr, sizeof(*laddr));
SipHash24_Update(&ctx, &lport, sizeof(lport)); SipHash24_Update(&ctx, &lport, sizeof(lport));
return SipHash24_End(&ctx);
return (&table->inpt_hashtbl[SipHash24_End(&ctx) & table->inpt_mask]);
} }
int int
@ -541,7 +540,7 @@ in6_pcbnotify(struct inpcbtable *table, struct sockaddr_in6 *dst,
} }
struct inpcb * struct inpcb *
in6_pcbhash_lookup(struct inpcbtable *table, u_int rdomain, in6_pcbhash_lookup(struct inpcbtable *table, uint64_t hash, u_int rdomain,
const struct in6_addr *faddr, u_short fport, const struct in6_addr *faddr, u_short fport,
const struct in6_addr *laddr, u_short lport) const struct in6_addr *laddr, u_short lport)
{ {
@ -551,7 +550,7 @@ in6_pcbhash_lookup(struct inpcbtable *table, u_int rdomain,
NET_ASSERT_LOCKED(); NET_ASSERT_LOCKED();
MUTEX_ASSERT_LOCKED(&table->inpt_mtx); MUTEX_ASSERT_LOCKED(&table->inpt_mtx);
head = in6_pcbhash(table, rdomain, faddr, fport, laddr, lport); head = &table->inpt_hashtbl[hash & table->inpt_mask];
LIST_FOREACH(inp, head, inp_hash) { LIST_FOREACH(inp, head, inp_hash) {
if (!ISSET(inp->inp_flags, INP_IPV6)) if (!ISSET(inp->inp_flags, INP_IPV6))
continue; continue;
@ -581,13 +580,18 @@ in6_pcblookup(struct inpcbtable *table, const struct in6_addr *faddr,
u_int fport, const struct in6_addr *laddr, u_int lport, u_int rtable) u_int fport, const struct in6_addr *laddr, u_int lport, u_int rtable)
{ {
struct inpcb *inp; struct inpcb *inp;
uint64_t hash;
u_int rdomain; u_int rdomain;
rdomain = rtable_l2(rtable); rdomain = rtable_l2(rtable);
hash = in6_pcbhash(table, rdomain, faddr, fport, laddr, lport);
mtx_enter(&table->inpt_mtx); mtx_enter(&table->inpt_mtx);
inp = in6_pcbhash_lookup(table, rdomain, faddr, fport, laddr, lport); inp = in6_pcbhash_lookup(table, hash, rdomain,
faddr, fport, laddr, lport);
in_pcbref(inp); in_pcbref(inp);
mtx_leave(&table->inpt_mtx); mtx_leave(&table->inpt_mtx);
#ifdef DIAGNOSTIC #ifdef DIAGNOSTIC
if (inp == NULL && in_pcbnotifymiss) { if (inp == NULL && in_pcbnotifymiss) {
printf("%s: faddr= fport=%d laddr= lport=%d rdom=%u\n", printf("%s: faddr= fport=%d laddr= lport=%d rdom=%u\n",
@ -603,6 +607,7 @@ in6_pcblookup_listen(struct inpcbtable *table, struct in6_addr *laddr,
{ {
const struct in6_addr *key1, *key2; const struct in6_addr *key1, *key2;
struct inpcb *inp; struct inpcb *inp;
uint64_t hash;
u_int rdomain; u_int rdomain;
key1 = laddr; key1 = laddr;
@ -636,14 +641,20 @@ in6_pcblookup_listen(struct inpcbtable *table, struct in6_addr *laddr,
#endif #endif
rdomain = rtable_l2(rtable); rdomain = rtable_l2(rtable);
hash = in6_pcbhash(table, rdomain, &zeroin6_addr, 0, key1, lport);
mtx_enter(&table->inpt_mtx); mtx_enter(&table->inpt_mtx);
inp = in6_pcbhash_lookup(table, rdomain, &zeroin6_addr, 0, key1, lport); inp = in6_pcbhash_lookup(table, hash, rdomain,
&zeroin6_addr, 0, key1, lport);
if (inp == NULL && ! IN6_ARE_ADDR_EQUAL(key1, key2)) { if (inp == NULL && ! IN6_ARE_ADDR_EQUAL(key1, key2)) {
inp = in6_pcbhash_lookup(table, rdomain, hash = in6_pcbhash(table, rdomain,
&zeroin6_addr, 0, key2, lport);
inp = in6_pcbhash_lookup(table, hash, rdomain,
&zeroin6_addr, 0, key2, lport); &zeroin6_addr, 0, key2, lport);
} }
in_pcbref(inp); in_pcbref(inp);
mtx_leave(&table->inpt_mtx); mtx_leave(&table->inpt_mtx);
#ifdef DIAGNOSTIC #ifdef DIAGNOSTIC
if (inp == NULL && in_pcbnotifymiss) { if (inp == NULL && in_pcbnotifymiss) {
printf("%s: laddr= lport=%d rdom=%u\n", printf("%s: laddr= lport=%d rdom=%u\n",

6
usr.bin/tmux/input.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: input.c,v 1.214 2023/03/27 08:47:57 nicm Exp $ */ /* $OpenBSD: input.c,v 1.215 2023/06/25 15:53:07 nicm Exp $ */
/* /*
* Copyright (c) 2007 Nicholas Marriott <nicholas.marriott@gmail.com> * Copyright (c) 2007 Nicholas Marriott <nicholas.marriott@gmail.com>
@ -2065,7 +2065,7 @@ static void
input_csi_dispatch_sgr(struct input_ctx *ictx) input_csi_dispatch_sgr(struct input_ctx *ictx)
{ {
struct grid_cell *gc = &ictx->cell.cell; struct grid_cell *gc = &ictx->cell.cell;
u_int i; u_int i, link;
int n; int n;
if (ictx->param_list_len == 0) { if (ictx->param_list_len == 0) {
@ -2097,7 +2097,9 @@ input_csi_dispatch_sgr(struct input_ctx *ictx)
switch (n) { switch (n) {
case 0: case 0:
link = gc->link;
memcpy(gc, &grid_default_cell, sizeof *gc); memcpy(gc, &grid_default_cell, sizeof *gc);
gc->link = link;
break; break;
case 1: case 1:
gc->attr |= GRID_ATTR_BRIGHT; gc->attr |= GRID_ATTR_BRIGHT;

3
usr.sbin/relayd/config.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: config.c,v 1.43 2021/12/05 13:48:14 jsg Exp $ */ /* $OpenBSD: config.c,v 1.44 2023/06/25 08:07:38 op Exp $ */
/* /*
* Copyright (c) 2011 - 2014 Reyk Floeter <reyk@openbsd.org> * Copyright (c) 2011 - 2014 Reyk Floeter <reyk@openbsd.org>
@ -293,7 +293,6 @@ config_getcfg(struct relayd *env, struct imsg *imsg)
} }
if (env->sc_conf.flags & (F_TLS|F_TLSCLIENT)) { if (env->sc_conf.flags & (F_TLS|F_TLSCLIENT)) {
ssl_init(env);
if (what & CONFIG_CA_ENGINE) if (what & CONFIG_CA_ENGINE)
ca_engine_init(env); ca_engine_init(env);
} }

5
usr.sbin/relayd/relayd.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: relayd.c,v 1.190 2022/11/10 00:00:11 mbuhl Exp $ */ /* $OpenBSD: relayd.c,v 1.191 2023/06/25 08:07:38 op Exp $ */
/* /*
* Copyright (c) 2007 - 2016 Reyk Floeter <reyk@openbsd.org> * Copyright (c) 2007 - 2016 Reyk Floeter <reyk@openbsd.org>
@ -255,9 +255,6 @@ main(int argc, char *argv[])
exit(0); exit(0);
} }
if (env->sc_conf.flags & (F_TLS|F_TLSCLIENT))
ssl_init(env);
/* rekey the TLS tickets before pushing the config */ /* rekey the TLS tickets before pushing the config */
parent_tls_ticket_rekey(0, 0, env); parent_tls_ticket_rekey(0, 0, env);
if (parent_configure(env) == -1) if (parent_configure(env) == -1)

3
usr.sbin/relayd/relayd.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: relayd.h,v 1.270 2023/06/21 07:54:54 claudio Exp $ */ /* $OpenBSD: relayd.h,v 1.271 2023/06/25 08:07:39 op Exp $ */
/* /*
* Copyright (c) 2006 - 2016 Reyk Floeter <reyk@openbsd.org> * Copyright (c) 2006 - 2016 Reyk Floeter <reyk@openbsd.org>
@ -1293,7 +1293,6 @@ void script_done(struct relayd *, struct ctl_script *);
int script_exec(struct relayd *, struct ctl_script *); int script_exec(struct relayd *, struct ctl_script *);
/* ssl.c */ /* ssl.c */
void ssl_init(struct relayd *);
char *ssl_load_key(struct relayd *, const char *, off_t *, char *); char *ssl_load_key(struct relayd *, const char *, off_t *, char *);
uint8_t *ssl_update_certificate(const uint8_t *, size_t, EVP_PKEY *, uint8_t *ssl_update_certificate(const uint8_t *, size_t, EVP_PKEY *,
EVP_PKEY *, X509 *, size_t *); EVP_PKEY *, X509 *, size_t *);

24
usr.sbin/relayd/ssl.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ssl.c,v 1.36 2021/12/08 19:25:04 tb Exp $ */ /* $OpenBSD: ssl.c,v 1.37 2023/06/25 08:07:39 op Exp $ */
/* /*
* Copyright (c) 2007 - 2014 Reyk Floeter <reyk@openbsd.org> * Copyright (c) 2007 - 2014 Reyk Floeter <reyk@openbsd.org>
@ -27,30 +27,11 @@
#include <openssl/ssl.h> #include <openssl/ssl.h>
#include <openssl/err.h> #include <openssl/err.h>
#include <openssl/engine.h>
#include "relayd.h" #include "relayd.h"
int ssl_password_cb(char *, int, int, void *); int ssl_password_cb(char *, int, int, void *);
void
ssl_init(struct relayd *env)
{
static int initialized = 0;
if (initialized)
return;
SSL_library_init();
SSL_load_error_strings();
/* Init hardware crypto engines. */
ENGINE_load_builtin_engines();
ENGINE_register_all_complete();
initialized = 1;
}
int int
ssl_password_cb(char *buf, int size, int rwflag, void *u) ssl_password_cb(char *buf, int size, int rwflag, void *u)
{ {
@ -73,9 +54,6 @@ ssl_load_key(struct relayd *env, const char *name, off_t *len, char *pass)
long size; long size;
char *data, *buf = NULL; char *data, *buf = NULL;
/* Initialize SSL library once */
ssl_init(env);
/* /*
* Read (possibly) encrypted key from file * Read (possibly) encrypted key from file
*/ */

6
usr.sbin/rpki-client/cert.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: cert.c,v 1.112 2023/06/23 20:05:30 tb Exp $ */ /* $OpenBSD: cert.c,v 1.113 2023/06/24 04:15:14 tb Exp $ */
/* /*
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org> * Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
* Copyright (c) 2021 Job Snijders <job@openbsd.org> * Copyright (c) 2021 Job Snijders <job@openbsd.org>
@ -738,9 +738,9 @@ cert_parse_pre(const char *fn, const unsigned char *der, size_t len)
obj = X509_EXTENSION_get_object(ext); obj = X509_EXTENSION_get_object(ext);
assert(obj != NULL); assert(obj != NULL);
switch ((nid = OBJ_obj2nid(obj))) { switch (nid = OBJ_obj2nid(obj)) {
case NID_sbgp_ipAddrBlock: case NID_sbgp_ipAddrBlock:
if (ip++ >= 1) if (ip++ > 0)
goto dup; goto dup;
if (!sbgp_ipaddrblk(&p, ext)) if (!sbgp_ipaddrblk(&p, ext))
goto out; goto out;

25
usr.sbin/smtpd/ssl.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ssl.c,v 1.99 2023/06/11 10:30:10 op Exp $ */ /* $OpenBSD: ssl.c,v 1.100 2023/06/25 08:08:03 op Exp $ */
/* /*
* Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org> * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org>
@ -22,7 +22,6 @@
#include <fcntl.h> #include <fcntl.h>
#include <limits.h> #include <limits.h>
#include <openssl/engine.h>
#include <openssl/err.h> #include <openssl/err.h>
#include <openssl/ssl.h> #include <openssl/ssl.h>
#include <string.h> #include <string.h>
@ -31,25 +30,6 @@
#include "log.h" #include "log.h"
#include "ssl.h" #include "ssl.h"
void
ssl_init(void)
{
static int inited = 0;
if (inited)
return;
SSL_library_init();
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
/* Init hardware crypto engines. */
ENGINE_load_builtin_engines();
ENGINE_register_all_complete();
inited = 1;
}
static char * static char *
ssl_load_file(const char *name, off_t *len, mode_t perm) ssl_load_file(const char *name, off_t *len, mode_t perm)
{ {
@ -140,9 +120,6 @@ ssl_load_key(const char *name, off_t *len, char *pass, mode_t perm, const char *
char mode[12]; char mode[12];
char prompt[2048]; char prompt[2048];
/* Initialize SSL library once */
ssl_init();
/* /*
* Read (possibly) encrypted key from file * Read (possibly) encrypted key from file
*/ */

3
usr.sbin/smtpd/ssl.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ssl.h,v 1.26 2022/02/18 16:57:36 millert Exp $ */ /* $OpenBSD: ssl.h,v 1.27 2023/06/25 08:08:03 op Exp $ */
/* /*
* Copyright (c) 2013 Gilles Chehade <gilles@poolp.org> * Copyright (c) 2013 Gilles Chehade <gilles@poolp.org>
* *
@ -39,7 +39,6 @@ struct ca {
/* ssl.c */ /* ssl.c */
void ssl_init(void);
void ssl_error(const char *); void ssl_error(const char *);
int ssl_load_certificate(struct pki *, const char *); int ssl_load_certificate(struct pki *, const char *);
int ssl_load_keyfile(struct pki *, const char *, const char *); int ssl_load_keyfile(struct pki *, const char *, const char *);