SecBSD/src
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sync with OpenBSD -current

Browse source
This commit is contained in:
purplerain 2024-03-28 05:02:39 +00:00
parent 0189975fb5
commit cc5edceac3
Signed by: purplerain
GPG key ID: F42C07F07E2E35B7
87 changed files with 1329 additions and 4278 deletions
Download patch file Download diff file Expand all files Collapse all files

10
bin/ls/print.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: print.c,v 1.40 2023/10/07 11:51:08 schwarze Exp $ */
/* $OpenBSD: print.c,v 1.41 2024/03/27 14:44:52 millert Exp $ */
/* $NetBSD: print.c,v 1.15 1996/12/11 03:25:39 thorpej Exp $ */
/*
@ -241,6 +241,7 @@ static void
printtime(time_t ftime)
{
char f_date[DATELEN];
struct tm *tm;
static time_t now;
static int now_set = 0;
@ -252,9 +253,14 @@ printtime(time_t ftime)
/*
* convert time to string, and print
*/
if ((tm = localtime(&ftime)) == NULL) {
/* Invalid time stamp, just display the epoch. */
ftime = 0;
tm = localtime(&ftime);
}
if (strftime(f_date, sizeof(f_date), f_sectime ? "%b %e %H:%M:%S %Y" :
(ftime <= now - SIXMONTHS || ftime > now) ? "%b %e %Y" :
"%b %e %H:%M", localtime(&ftime)) == 0)
"%b %e %H:%M", tm) == 0)
f_date[0] = '\0';
printf("%s ", f_date);

63
lib/libc/arch/sh/SYS.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: SYS.h,v 1.15 2023/12/11 22:24:16 kettenis Exp $ */
/* $OpenBSD: SYS.h,v 1.16 2024/03/27 20:03:29 miod Exp $ */
/*-
* Copyright (c) 1990 The Regents of the University of California.
* All rights reserved.
@ -78,13 +78,6 @@
#define SYSENTRY_HIDDEN(x) \
ENTRY(_thread_sys_ ## x)
#define __END_HIDDEN(x) \
SET_ENTRY_SIZE(_thread_sys_ ## x); \
_HIDDEN_FALIAS(x,_thread_sys_ ## x); \
SET_ENTRY_SIZE(_HIDDEN(x))
#define __END(x) \
__END_HIDDEN(x); SET_ENTRY_SIZE(x)
#define PINSYSCALL(sysno, label) \
.pushsection .openbsd.syscalls,"",@progbits; \
.p2align 2; \
@ -95,7 +88,8 @@
#ifdef __ASSEMBLER__
/*
* If the system call number fits in a 8-bit signed value (i.e. fits in 7 bits),
* then we can use the #imm8 addressing mode.
* then we can use the #imm8 addressing mode. Otherwise, we'll load the number
* from memory at the end of the system call wrapper.
*/
.macro systrap num
@ -107,13 +101,26 @@
mov.l 903f, r0
97: trapa #0x80
PINSYSCALL(\num, 97b)
bra 904f
nop
.align 2
903: .long \num
904:
.endif
.endm
.macro systrap_data num
.iflt \num - 128
.else
.text
.align 2
903: .long \num
.endif
.endm
.macro syscall_error num
.ifeq \num - SYS_lseek
mov #-1, r1
.endif
rts
mov #-1, r0
.endm
#endif
#define SYSTRAP(x) \
@ -126,26 +133,32 @@
SYSENTRY_HIDDEN(x); \
SYSTRAP(y)
#define SET_ERRNO_AND_RETURN \
#define SET_ERRNO_AND_RETURN(y) \
stc gbr,r1; \
mov #TCB_OFFSET_ERRNO_NEG,r2; \
sub r2,r1; \
mov.l r0,@r1; \
mov #-1, r1; /* for lseek */ \
rts; \
mov #-1, r0
syscall_error SYS_ ## y
#define _SYSCALL(x,y) \
.text; \
911: SET_ERRNO_AND_RETURN; \
911: SET_ERRNO_AND_RETURN(y); \
_SYSCALL_NOERROR(x,y); \
bf 911b
#define _SYSCALL_HIDDEN(x,y) \
.text; \
911: SET_ERRNO_AND_RETURN; \
911: SET_ERRNO_AND_RETURN(y); \
_SYSCALL_HIDDEN_NOERROR(x,y); \
bf 911b
#define __END_HIDDEN(x,y) \
systrap_data SYS_ ## y; \
SET_ENTRY_SIZE(_thread_sys_ ## x); \
_HIDDEN_FALIAS(x,_thread_sys_ ## x); \
SET_ENTRY_SIZE(_HIDDEN(x))
#define __END(x,y) \
__END_HIDDEN(x,y); SET_ENTRY_SIZE(x)
#define SYSCALL_NOERROR(x) \
_SYSCALL_NOERROR(x,x)
@ -156,22 +169,22 @@
_SYSCALL_NOERROR(x,y); \
rts; \
nop; \
__END(x)
__END(x,y)
#define PSEUDO(x,y) \
_SYSCALL(x,y); \
rts; \
nop; \
__END(x)
__END(x,y)
#define PSEUDO_HIDDEN(x,y) \
_SYSCALL_HIDDEN(x,y); \
rts; \
nop; \
__END_HIDDEN(x)
__END_HIDDEN(x,y)
#define RSYSCALL_NOERROR(x) PSEUDO_NOERROR(x,x)
#define RSYSCALL(x) PSEUDO(x,x)
#define RSYSCALL_HIDDEN(x) PSEUDO_HIDDEN(x,x)
#define SYSCALL_END(x) __END(x)
#define SYSCALL_END_HIDDEN(x) __END_HIDDEN(x)
#define SYSCALL_END(x) __END(x,x)
#define SYSCALL_END_HIDDEN(x) __END_HIDDEN(x,x)

16
lib/libc/arch/sh/sys/brk.S
View file

@ -1,4 +1,4 @@
/* $OpenBSD: brk.S,v 1.9 2023/12/10 16:45:52 deraadt Exp $ */
/* $OpenBSD: brk.S,v 1.10 2024/03/27 20:03:29 miod Exp $ */
/* $NetBSD: brk.S,v 1.10 2006/01/06 03:58:31 uwe Exp $ */
/*-
@ -64,13 +64,7 @@ ENTRY(brk)
bf 1f
mov r0, r4
1:
#if SYS_break >= 128
mov.l LSYS_break, r0
#else
mov #SYS_break, r0
#endif
99: trapa #0x80
PINSYSCALL(SYS_break, 99b)
systrap SYS_break
bf 2f
#ifdef __PIC__
mov.l Lcurbrk, r0
@ -83,12 +77,10 @@ ENTRY(brk)
rts
mov.l r4, @r1
2:
SET_ERRNO_AND_RETURN
SET_ERRNO_AND_RETURN(break)
.align 2
#if SYS_break >= 128
LSYS_break: .long SYS_break
#endif
systrap_data SYS_break
#ifdef __PIC__
L_GOT: .long _GLOBAL_OFFSET_TABLE_
Lminbrk: .long __minbrk@GOT

16
lib/libc/arch/sh/sys/sbrk.S
View file

@ -1,4 +1,4 @@
/* $OpenBSD: sbrk.S,v 1.9 2023/12/10 16:45:52 deraadt Exp $ */
/* $OpenBSD: sbrk.S,v 1.10 2024/03/27 20:03:29 miod Exp $ */
/* $NetBSD: sbrk.S,v 1.9 2006/01/06 03:58:31 uwe Exp $ */
/*-
@ -64,13 +64,7 @@ ENTRY(sbrk)
#endif
mov.l @r0, r0
add r0, r4
#if SYS_break >= 128
mov.l LSYS_break, r0
#else
mov #SYS_break, r0
#endif
99: trapa #0x80
PINSYSCALL(SYS_break, 99b)
systrap SYS_break
bf 1f
#ifdef __PIC__
mov.l Lcurbrk, r0
@ -83,12 +77,10 @@ ENTRY(sbrk)
rts
mov.l r2, @r1
1:
SET_ERRNO_AND_RETURN
SET_ERRNO_AND_RETURN(break)
.align 2
#if SYS_break >= 128
LSYS_break: .long SYS_break
#endif
systrap_data SYS_break
#ifdef __PIC__
L_GOT: .long _GLOBAL_OFFSET_TABLE_
Lcurbrk: .long __curbrk@GOT

19
lib/libc/arch/sh/sys/sigprocmask.S
View file

@ -1,4 +1,4 @@
/* $OpenBSD: sigprocmask.S,v 1.7 2023/12/10 16:45:52 deraadt Exp $ */
/* $OpenBSD: sigprocmask.S,v 1.8 2024/03/27 20:03:29 miod Exp $ */
/* $NetBSD: sigprocmask.S,v 1.6 2003/08/07 16:42:21 agc Exp $ */
/*-
@ -47,13 +47,7 @@ SYSENTRY_HIDDEN(sigprocmask)
1: mov.l @r2, r2 /* fetch indirect ... */
mov r2, r5 /* to new mask arg */
2:
#if SYS_sigprocmask >= 128
mov.l LSYS_sigprocmask, r0
#else
mov #SYS_sigprocmask, r0
#endif
99: trapa #0x80
PINSYSCALL(SYS_sigprocmask, 99b)
systrap SYS_sigprocmask
bf 4f
mov r6, r2 /* fetch old mask requested */
tst r2, r2 /* test if old mask requested */
@ -64,11 +58,6 @@ SYSENTRY_HIDDEN(sigprocmask)
rts
nop
4:
SET_ERRNO_AND_RETURN
.align 2
#if SYS_sigprocmask >= 128
LSYS_sigprocmask:
.long SYS_sigprocmask
#endif
SET_ERRNO_AND_RETURN(sigprocmask)
systrap_data(SYS_sigprocmask)
SYSCALL_END_HIDDEN(sigprocmask)

19
lib/libc/arch/sh/sys/sigsuspend.S
View file

@ -1,4 +1,4 @@
/* $OpenBSD: sigsuspend.S,v 1.6 2023/12/10 16:45:52 deraadt Exp $ */
/* $OpenBSD: sigsuspend.S,v 1.7 2024/03/27 20:03:29 miod Exp $ */
/* $NetBSD: sigsuspend.S,v 1.5 2003/08/07 16:42:21 agc Exp $ */
/*-
@ -41,18 +41,7 @@ SYSENTRY_HIDDEN(sigsuspend)
mov r4, r0 /* fetch mask arg */
mov.l @r0, r0 /* indirect to mask arg */
mov r0, r4
#if SYS_sigsuspend >= 128
mov.l LSYS_sigsuspend, r0
#else
mov #SYS_sigsuspend, r0
#endif
99: trapa #0x80
PINSYSCALL(SYS_sigsuspend, 99b)
SET_ERRNO_AND_RETURN
.align 2
#if SYS_sigsuspend >= 128
LSYS_sigsuspend:
.long SYS_sigsuspend
#endif
systrap SYS_sigsuspend
SET_ERRNO_AND_RETURN(sigsuspend)
systrap_data SYS_sigsuspend
SYSCALL_END_HIDDEN(sigsuspend)

31
lib/libc/arch/sh/sys/tfork_thread.S
View file

@ -1,4 +1,4 @@
/* $OpenBSD: tfork_thread.S,v 1.5 2023/12/10 16:45:52 deraadt Exp $ */
/* $OpenBSD: tfork_thread.S,v 1.6 2024/03/27 20:03:29 miod Exp $ */
/*
* Copyright (c) 2007 Miodrag Vallat.
@ -24,13 +24,7 @@
* r4 r5 r6 r7
*/
ENTRY(__tfork_thread)
#if SYS___tfork >= 128
mov.l .LSYS___tfork, r0
#else
mov #SYS___tfork, r0
#endif
99: trapa #0x80
PINSYSCALL(SYS___tfork, 99b)
systrap SYS___tfork
bf 9f
tst r0, r0
@ -42,6 +36,8 @@ ENTRY(__tfork_thread)
rts
nop
systrap_data SYS___tfork
1:
/*
* In child process: invoke function, then exit.
@ -49,26 +45,13 @@ ENTRY(__tfork_thread)
jsr @r6
mov r7, r4
#if SYS___threxit >= 128
mov.l .LSYS___threxit, r0
#else
mov #SYS___threxit, r0
#endif
98: trapa #0x80
PINSYSCALL(SYS___threxit, 98b)
systrap SYS___threxit
systrap_data SYS___threxit
9:
/*
* System call failure.
*/
SET_ERRNO_AND_RETURN
.align 2
#if SYS___tfork >= 128
.LSYS___tfork: .long SYS___tfork
#endif
#if SYS___threxit >= 128
.LSYS___threxit: .long SYS___threxit
#endif
SET_ERRNO_AND_RETURN(__tfork)
SET_ENTRY_SIZE(__tfork_thread)

77
lib/libc/sys/pinsyscall.2
View file

@ -1,77 +0,0 @@
.\" $OpenBSD: pinsyscall.2,v 1.5 2023/02/21 19:49:50 jmc Exp $
.\"
.\" Copyright (c) 2023 Theo de Raadt <deraadt@openbsd.org>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: February 21 2023 $
.Dt PINSYSCALL 2
.Os
.Sh NAME
.Nm pinsyscall
.Nd specify the call stub for a specific system call
.Sh SYNOPSIS
.In sys/types.h
.In sys/syscall.h
.Ft int
.Fn pinsyscall "int syscall" "void *start" "size_t len"
.Sh DESCRIPTION
The
.Fn pinsyscall
system call specifies the
.Va start
to
.Va start + len
range in the address space where the call stub for the specified
.Va syscall
resides.
This range is typically under 80 bytes long, and varies by architecture.
.Pp
Only the
.Va SYS_execve
system call is currently supported.
The shared library linker
.Pa ld.so
automatically tells the kernel about
.Va SYS_execve
at startup.
For static binaries, libc initialization performs the same action.
.Pp
Once the kernel knows the specific location in the address space where
that system call must be entered from, any attempt to use a system-call
entry instruction to perform the specified
.Va syscall
from a different address range will deliver
.Dv SIGABRT .
.Sh RETURN VALUES
.Rv -std
.Sh ERRORS
.Fn pinsyscall
will fail if:
.Bl -tag -width Er
.It Bq Er EINVAL
Unsupported syscall.
.It Bq Er EFAULT
The range between
.Va start
and
.Va start + len
is not in the address space.
.It Bq Er EPERM
The range for the specified syscall has been previously set.
.El
.Sh HISTORY
The
.Fn pinsyscall
system call first appeared in
.Ox 7.3 .

23
lib/libcrypto/Makefile
View file

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.175 2024/03/19 19:27:33 tb Exp $
# $OpenBSD: Makefile,v 1.183 2024/03/28 02:09:28 jsing Exp $
LIB= crypto
LIBREBUILD=y
@ -72,12 +72,8 @@ SRCS+= o_fips.c
SRCS+= o_str.c
# aes/
SRCS+= aes_cfb.c
SRCS+= aes_ctr.c
SRCS+= aes_ecb.c
SRCS+= aes.c
SRCS+= aes_ige.c
SRCS+= aes_ofb.c
SRCS+= aes_wrap.c
# asn1/
SRCS+= a_bitstr.c
@ -142,10 +138,7 @@ SRCS+= x_x509.c
SRCS+= x_x509a.c
# bf/
SRCS+= bf_cfb64.c
SRCS+= bf_ecb.c
SRCS+= bf_ofb64.c
SRCS+= bf_skey.c
SRCS+= blowfish.c
# bio/
SRCS+= b_dump.c
@ -273,12 +266,14 @@ SRCS+= cbc_enc.c
SRCS+= cfb64ede.c
SRCS+= cfb64enc.c
SRCS+= cfb_enc.c
SRCS+= des_enc.c
SRCS+= ecb3_enc.c
SRCS+= ecb_enc.c
SRCS+= ede_cbcm_enc.c
SRCS+= enc_read.c
SRCS+= enc_writ.c
SRCS+= fcrypt.c
SRCS+= fcrypt_b.c
SRCS+= ofb64ede.c
SRCS+= ofb64enc.c
SRCS+= ofb_enc.c
@ -497,6 +492,9 @@ SRCS+= rc2_skey.c
SRCS+= rc2cfb64.c
SRCS+= rc2ofb64.c
# rc4/
SRCS+= rc4.c
# ripemd/
SRCS+= ripemd.c
@ -793,14 +791,9 @@ obj_dat.h: obj_mac.h ${SSL_OBJECTS}/obj_dat.pl
CFLAGS+=-DOPENSSL_NO_ASM
SRCS+= aes_core.c
SRCS+= aes_cbc.c
SRCS+= bf_enc.c
SRCS+= camellia.c
SRCS+= cmll_cbc.c
SRCS+= cmll_misc.c
SRCS+= des_enc.c
SRCS+= fcrypt_b.c
SRCS+= rc4_enc.c
SRCS+= rc4_skey.c
SRCS+= wp_block.c
.endif

19
lib/libcrypto/Symbols.namespace
View file

@ -2523,3 +2523,22 @@ _libre_OPENSSL_gmtime
_libre_OPENSSL_timegm
_libre_OPENSSL_posix_to_tm
_libre_OPENSSL_tm_to_posix
_libre_ENGINE_load_builtin_engines
_libre_ENGINE_load_dynamic
_libre_ENGINE_load_openssl
_libre_ENGINE_register_all_complete
_libre_ENGINE_cleanup
_libre_ENGINE_new
_libre_ENGINE_free
_libre_ENGINE_init
_libre_ENGINE_finish
_libre_ENGINE_by_id
_libre_ENGINE_get_id
_libre_ENGINE_get_name
_libre_ENGINE_set_default
_libre_ENGINE_get_default_RSA
_libre_ENGINE_set_default_RSA
_libre_ENGINE_ctrl_cmd
_libre_ENGINE_ctrl_cmd_string
_libre_ENGINE_load_private_key
_libre_ENGINE_load_public_key

190
lib/libcrypto/aes/aes.c Normal file
View file

@ -0,0 +1,190 @@
/* $OpenBSD: aes.c,v 1.1 2024/03/28 00:57:26 jsing Exp $ */
/* ====================================================================
* Copyright (c) 2002-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <string.h>
#include <openssl/aes.h>
#include <openssl/bio.h>
#include <openssl/modes.h>
static const unsigned char aes_wrap_default_iv[] = {
0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6,
};
/*
* The input and output encrypted as though 128bit cfb mode is being
* used. The extra state information to record how much of the
* 128bit block we have used is contained in *num;
*/
void
AES_cfb128_encrypt(const unsigned char *in, unsigned char *out, size_t length,
const AES_KEY *key, unsigned char *ivec, int *num, const int enc)
{
CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc,
(block128_f)AES_encrypt);
}
/* N.B. This expects the input to be packed, MS bit first */
void
AES_cfb1_encrypt(const unsigned char *in, unsigned char *out, size_t length,
const AES_KEY *key, unsigned char *ivec, int *num, const int enc)
{
CRYPTO_cfb128_1_encrypt(in, out, length, key, ivec, num, enc,
(block128_f)AES_encrypt);
}
void
AES_cfb8_encrypt(const unsigned char *in, unsigned char *out, size_t length,
const AES_KEY *key, unsigned char *ivec, int *num, const int enc)
{
CRYPTO_cfb128_8_encrypt(in, out, length, key, ivec, num, enc,
(block128_f)AES_encrypt);
}
void
AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const AES_KEY *key, unsigned char ivec[AES_BLOCK_SIZE],
unsigned char ecount_buf[AES_BLOCK_SIZE], unsigned int *num)
{
CRYPTO_ctr128_encrypt(in, out, length, key, ivec, ecount_buf, num,
(block128_f)AES_encrypt);
}
void
AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key, const int enc)
{
if (AES_ENCRYPT == enc)
AES_encrypt(in, out, key);
else
AES_decrypt(in, out, key);
}
void
AES_ofb128_encrypt(const unsigned char *in, unsigned char *out, size_t length,
const AES_KEY *key, unsigned char *ivec, int *num)
{
CRYPTO_ofb128_encrypt(in, out, length, key, ivec, num,
(block128_f)AES_encrypt);
}
int
AES_wrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out,
const unsigned char *in, unsigned int inlen)
{
unsigned char *A, B[16], *R;
unsigned int i, j, t;
if ((inlen & 0x7) || (inlen < 16))
return -1;
A = B;
t = 1;
memmove(out + 8, in, inlen);
if (!iv)
iv = aes_wrap_default_iv;
memcpy(A, iv, 8);
for (j = 0; j < 6; j++) {
R = out + 8;
for (i = 0; i < inlen; i += 8, t++, R += 8) {
memcpy(B + 8, R, 8);
AES_encrypt(B, B, key);
A[7] ^= (unsigned char)(t & 0xff);
if (t > 0xff) {
A[6] ^= (unsigned char)((t >> 8) & 0xff);
A[5] ^= (unsigned char)((t >> 16) & 0xff);
A[4] ^= (unsigned char)((t >> 24) & 0xff);
}
memcpy(R, B + 8, 8);
}
}
memcpy(out, A, 8);
return inlen + 8;
}
int
AES_unwrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out,
const unsigned char *in, unsigned int inlen)
{
unsigned char *A, B[16], *R;
unsigned int i, j, t;
if ((inlen & 0x7) || (inlen < 24))
return -1;
inlen -= 8;
A = B;
t = 6 * (inlen >> 3);
memcpy(A, in, 8);
memmove(out, in + 8, inlen);
for (j = 0; j < 6; j++) {
R = out + inlen - 8;
for (i = 0; i < inlen; i += 8, t--, R -= 8) {
A[7] ^= (unsigned char)(t & 0xff);
if (t > 0xff) {
A[6] ^= (unsigned char)((t >> 8) & 0xff);
A[5] ^= (unsigned char)((t >> 16) & 0xff);
A[4] ^= (unsigned char)((t >> 24) & 0xff);
}
memcpy(B + 8, R, 8);
AES_decrypt(B, B, key);
memcpy(R, B + 8, 8);
}
}
if (!iv)
iv = aes_wrap_default_iv;
if (memcmp(A, iv, 8)) {
explicit_bzero(out, inlen);
return 0;
}
return inlen;
}

282
lib/libcrypto/aes/aes_core.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: aes_core.c,v 1.14 2022/11/26 16:08:50 tb Exp $ */
/* $OpenBSD: aes_core.c,v 1.19 2024/03/27 11:15:44 jsing Exp $ */
/**
* rijndael-alg-fst.c
*
@ -25,20 +25,18 @@
* EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
/* Note: rewritten a little bit to provide error control and an OpenSSL-
compatible API */
#ifndef AES_DEBUG
# ifndef NDEBUG
# define NDEBUG
# endif
#endif
/*
* Note: rewritten a little bit to provide error control and an OpenSSL-
* compatible API.
*/
#include <stdlib.h>
#include <openssl/aes.h>
#include "aes_local.h"
#ifndef AES_ASM
#include <openssl/aes.h>
#include "aes_local.h"
#include "crypto_internal.h"
/*
Te0[x] = S [x].[02, 01, 01, 03];
Te1[x] = S [x].[03, 02, 01, 01];
@ -645,10 +643,10 @@ AES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key)
else
key->rounds = 14;
rk[0] = GETU32(userKey);
rk[1] = GETU32(userKey + 4);
rk[2] = GETU32(userKey + 8);
rk[3] = GETU32(userKey + 12);
rk[0] = crypto_load_be32toh(&userKey[0 * 4]);
rk[1] = crypto_load_be32toh(&userKey[1 * 4]);
rk[2] = crypto_load_be32toh(&userKey[2 * 4]);
rk[3] = crypto_load_be32toh(&userKey[3 * 4]);
if (bits == 128) {
while (1) {
temp = rk[3];
@ -667,8 +665,8 @@ AES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key)
rk += 4;
}
}
rk[4] = GETU32(userKey + 16);
rk[5] = GETU32(userKey + 20);
rk[4] = crypto_load_be32toh(&userKey[4 * 4]);
rk[5] = crypto_load_be32toh(&userKey[5 * 4]);
if (bits == 192) {
while (1) {
temp = rk[5];
@ -689,8 +687,8 @@ AES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key)
rk += 6;
}
}
rk[6] = GETU32(userKey + 24);
rk[7] = GETU32(userKey + 28);
rk[6] = crypto_load_be32toh(&userKey[6 * 4]);
rk[7] = crypto_load_be32toh(&userKey[7 * 4]);
if (bits == 256) {
while (1) {
temp = rk[7];
@ -781,6 +779,7 @@ AES_set_decrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key)
return 0;
}
#ifndef AES_ASM
/*
* Encrypt a single block
* in and out can overlap
@ -800,10 +799,10 @@ AES_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
* map byte array block to cipher state
* and add initial round key:
*/
s0 = GETU32(in ) ^ rk[0];
s1 = GETU32(in + 4) ^ rk[1];
s2 = GETU32(in + 8) ^ rk[2];
s3 = GETU32(in + 12) ^ rk[3];
s0 = crypto_load_be32toh(&in[0 * 4]) ^ rk[0];
s1 = crypto_load_be32toh(&in[1 * 4]) ^ rk[1];
s2 = crypto_load_be32toh(&in[2 * 4]) ^ rk[2];
s3 = crypto_load_be32toh(&in[3 * 4]) ^ rk[3];
#ifdef FULL_UNROLL
/* round 1: */
t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4];
@ -947,28 +946,28 @@ AES_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
(Te0[(t2 >> 8) & 0xff] & 0x0000ff00) ^
(Te1[(t3) & 0xff] & 0x000000ff) ^
rk[0];
PUTU32(out, s0);
crypto_store_htobe32(&out[0 * 4], s0);
s1 =
(Te2[(t1 >> 24)] & 0xff000000) ^
(Te3[(t2 >> 16) & 0xff] & 0x00ff0000) ^
(Te0[(t3 >> 8) & 0xff] & 0x0000ff00) ^
(Te1[(t0) & 0xff] & 0x000000ff) ^
rk[1];
PUTU32(out + 4, s1);
crypto_store_htobe32(&out[1 * 4], s1);
s2 =
(Te2[(t2 >> 24)] & 0xff000000) ^
(Te3[(t3 >> 16) & 0xff] & 0x00ff0000) ^
(Te0[(t0 >> 8) & 0xff] & 0x0000ff00) ^
(Te1[(t1) & 0xff] & 0x000000ff) ^
rk[2];
PUTU32(out + 8, s2);
crypto_store_htobe32(&out[2 * 4], s2);
s3 =
(Te2[(t3 >> 24)] & 0xff000000) ^
(Te3[(t0 >> 16) & 0xff] & 0x00ff0000) ^
(Te0[(t1 >> 8) & 0xff] & 0x0000ff00) ^
(Te1[(t2) & 0xff] & 0x000000ff) ^
rk[3];
PUTU32(out + 12, s3);
crypto_store_htobe32(&out[3 * 4], s3);
}
/*
@ -990,10 +989,10 @@ AES_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
* map byte array block to cipher state
* and add initial round key:
*/
s0 = GETU32(in) ^ rk[0];
s1 = GETU32(in + 4) ^ rk[1];
s2 = GETU32(in + 8) ^ rk[2];
s3 = GETU32(in + 12) ^ rk[3];
s0 = crypto_load_be32toh(&in[0 * 4]) ^ rk[0];
s1 = crypto_load_be32toh(&in[1 * 4]) ^ rk[1];
s2 = crypto_load_be32toh(&in[2 * 4]) ^ rk[2];
s3 = crypto_load_be32toh(&in[3 * 4]) ^ rk[3];
#ifdef FULL_UNROLL
/* round 1: */
t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[ 4];
@ -1137,238 +1136,27 @@ AES_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
(Td4[(t2 >> 8) & 0xff] << 8) ^
(Td4[(t1) & 0xff]) ^
rk[0];
PUTU32(out, s0);
crypto_store_htobe32(&out[0 * 4], s0);
s1 =
(((uint32_t)Td4[(t1 >> 24)]) << 24) ^
(Td4[(t0 >> 16) & 0xff] << 16) ^
(Td4[(t3 >> 8) & 0xff] << 8) ^
(Td4[(t2) & 0xff]) ^
rk[1];
PUTU32(out + 4, s1);
crypto_store_htobe32(&out[1 * 4], s1);
s2 =
(((uint32_t)Td4[(t2 >> 24)]) << 24) ^
(Td4[(t1 >> 16) & 0xff] << 16) ^
(Td4[(t0 >> 8) & 0xff] << 8) ^
(Td4[(t3) & 0xff]) ^
rk[2];
PUTU32(out + 8, s2);
crypto_store_htobe32(&out[2 * 4], s2);
s3 =
(((uint32_t)Td4[(t3 >> 24)]) << 24) ^
(Td4[(t2 >> 16) & 0xff] << 16) ^
(Td4[(t1 >> 8) & 0xff] << 8) ^
(Td4[(t0) & 0xff]) ^
rk[3];
PUTU32(out + 12, s3);
crypto_store_htobe32(&out[3 * 4], s3);
}
#else /* AES_ASM */
static const u8 Te4[256] = {
0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U,
0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U,
0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U,
0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U,
0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU,
0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U,
0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU,
0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U,
0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U,
0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U,
0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU,
0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU,
0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U,
0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U,
0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U,
0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U,
0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U,
0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U,
0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U,
0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU,
0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU,
0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U,
0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U,
0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U,
0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U,
0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU,
0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU,
0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU,
0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U,
0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU,
0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U,
0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U
};
static const u32 rcon[] = {
0x01000000, 0x02000000, 0x04000000, 0x08000000,
0x10000000, 0x20000000, 0x40000000, 0x80000000,
0x1B000000, 0x36000000,
/* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
};
/**
* Expand the cipher key into the encryption key schedule.
*/
int
AES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key)
{
u32 *rk;
int i = 0;
u32 temp;
if (!userKey || !key)
return -1;
if (bits != 128 && bits != 192 && bits != 256)
return -2;
rk = key->rd_key;
if (bits == 128)
key->rounds = 10;
else if (bits == 192)
key->rounds = 12;
else
key->rounds = 14;
rk[0] = GETU32(userKey);
rk[1] = GETU32(userKey + 4);
rk[2] = GETU32(userKey + 8);
rk[3] = GETU32(userKey + 12);
if (bits == 128) {
while (1) {
temp = rk[3];
rk[4] = rk[0] ^
(Te4[(temp >> 16) & 0xff] << 24) ^
(Te4[(temp >> 8) & 0xff] << 16) ^
(Te4[(temp) & 0xff] << 8) ^
(Te4[(temp >> 24)]) ^
rcon[i];
rk[5] = rk[1] ^ rk[4];
rk[6] = rk[2] ^ rk[5];
rk[7] = rk[3] ^ rk[6];
if (++i == 10) {
return 0;
}
rk += 4;
}
}
rk[4] = GETU32(userKey + 16);
rk[5] = GETU32(userKey + 20);
if (bits == 192) {
while (1) {
temp = rk[5];
rk[6] = rk[0] ^
(Te4[(temp >> 16) & 0xff] << 24) ^
(Te4[(temp >> 8) & 0xff] << 16) ^
(Te4[(temp) & 0xff] << 8) ^
(Te4[(temp >> 24)]) ^
rcon[i];
rk[7] = rk[1] ^ rk[6];
rk[8] = rk[2] ^ rk[7];
rk[9] = rk[3] ^ rk[8];
if (++i == 8) {
return 0;
}
rk[10] = rk[4] ^ rk[9];
rk[11] = rk[5] ^ rk[10];
rk += 6;
}
}
rk[6] = GETU32(userKey + 24);
rk[7] = GETU32(userKey + 28);
if (bits == 256) {
while (1) {
temp = rk[7];
rk[8] = rk[0] ^
(Te4[(temp >> 16) & 0xff] << 24) ^
(Te4[(temp >> 8) & 0xff] << 16) ^
(Te4[(temp) & 0xff] << 8) ^
(Te4[(temp >> 24)]) ^
rcon[i];
rk[9] = rk[1] ^ rk[8];
rk[10] = rk[2] ^ rk[9];
rk[11] = rk[3] ^ rk[10];
if (++i == 7) {
return 0;
}
temp = rk[11];
rk[12] = rk[4] ^
(Te4[(temp >> 24)] << 24) ^
(Te4[(temp >> 16) & 0xff] << 16) ^
(Te4[(temp >> 8) & 0xff] << 8) ^
(Te4[(temp) & 0xff]);
rk[13] = rk[5] ^ rk[12];
rk[14] = rk[6] ^ rk[13];
rk[15] = rk[7] ^ rk[14];
rk += 8;
}
}
return 0;
}
/**
* Expand the cipher key into the decryption key schedule.
*/
int
AES_set_decrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key)
{
u32 *rk;
int i, j, status;
u32 temp;
/* first, start with an encryption schedule */
status = AES_set_encrypt_key(userKey, bits, key);
if (status < 0)
return status;
rk = key->rd_key;
/* invert the order of the round keys: */
for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
temp = rk[i];
rk[i] = rk[j];
rk[j] = temp;
temp = rk[i + 1];
rk[i + 1] = rk[j + 1];
rk[j + 1] = temp;
temp = rk[i + 2];
rk[i + 2] = rk[j + 2];
rk[j + 2] = temp;
temp = rk[i + 3];
rk[i + 3] = rk[j + 3];
rk[j + 3] = temp;
}
/* apply the inverse MixColumn transform to all round keys but the first and the last: */
for (i = 1; i < (key->rounds); i++) {
rk += 4;
for (j = 0; j < 4; j++) {
u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
tp1 = rk[j];
m = tp1 & 0x80808080;
tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
((m - (m >> 7)) & 0x1b1b1b1b);
m = tp2 & 0x80808080;
tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
((m - (m >> 7)) & 0x1b1b1b1b);
m = tp4 & 0x80808080;
tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
((m - (m >> 7)) & 0x1b1b1b1b);
tp9 = tp8 ^ tp1;
tpb = tp9 ^ tp2;
tpd = tp9 ^ tp4;
tpe = tp8 ^ tp4 ^ tp2;
#if defined(ROTATE)
rk[j] = tpe ^ ROTATE(tpd, 16) ^
ROTATE(tp9, 24) ^ ROTATE(tpb, 8);
#else
rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
(tp9 >> 8) ^ (tp9 << 24) ^
(tpb >> 24) ^ (tpb << 8);
#endif
}
}
return 0;
}
#endif /* AES_ASM */

5
lib/libcrypto/aes/aes_local.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: aes_local.h,v 1.2 2022/11/26 17:23:17 tb Exp $ */
/* $OpenBSD: aes_local.h,v 1.3 2024/03/27 11:15:44 jsing Exp $ */
/* ====================================================================
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
*
@ -64,9 +64,6 @@
__BEGIN_HIDDEN_DECLS
#define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ ((u32)(pt)[2] << 8) ^ ((u32)(pt)[3]))
#define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >> 8); (ct)[3] = (u8)(st); }
typedef unsigned int u32;
typedef unsigned short u16;
typedef unsigned char u8;

1081
lib/libcrypto/aes/aes_x86core.c
View file

File diff suppressed because it is too large Load diff

1237
lib/libcrypto/aes/asm/aesni-sha1-x86_64.pl
View file

File diff suppressed because it is too large Load diff

8
lib/libcrypto/arch/aarch64/Makefile.inc
View file

@ -1,19 +1,13 @@
# $OpenBSD: Makefile.inc,v 1.5 2023/04/05 11:07:40 kettenis Exp $
# $OpenBSD: Makefile.inc,v 1.9 2024/03/28 01:57:00 jsing Exp $
# aarch64-specific libcrypto build rules
# aes
SRCS+= aes_core.c aes_cbc.c
# bf
SRCS+= bf_enc.c
# bn
# camellia
SRCS+= camellia.c cmll_cbc.c cmll_misc.c
# des
SRCS+= des_enc.c fcrypt_b.c
# modes
# rc4
SRCS+= rc4_enc.c rc4_skey.c
# sha
# whrlpool
SRCS+= wp_block.c

10
lib/libcrypto/arch/alpha/Makefile.inc
View file

@ -1,23 +1,17 @@
# $OpenBSD: Makefile.inc,v 1.6 2023/01/31 06:17:10 jsing Exp $
# $OpenBSD: Makefile.inc,v 1.10 2024/03/28 01:57:00 jsing Exp $
# alpha-specific libcrypto build rules
# aes
SRCS+= aes_core.c aes_cbc.c
# bf
SRCS+= bf_enc.c
SRCS+= aes_core.c aes_cbc.c
# bn
SSLASM+= bn alpha-mont
CFLAGS+= -DOPENSSL_BN_ASM_MONT
# camellia
SRCS+= camellia.c cmll_cbc.c cmll_misc.c
# des
SRCS+= des_enc.c fcrypt_b.c
# modes
CFLAGS+= -DGHASH_ASM
SSLASM+= modes ghash-alpha
# rc4
SRCS+= rc4_enc.c rc4_skey.c
# sha
CFLAGS+= -DSHA1_ASM
SSLASM+= sha sha1-alpha

11
lib/libcrypto/arch/amd64/Makefile.inc
View file

@ -1,4 +1,4 @@
# $OpenBSD: Makefile.inc,v 1.13 2023/04/15 18:23:54 tb Exp $
# $OpenBSD: Makefile.inc,v 1.18 2024/03/28 01:57:00 jsing Exp $
# amd64-specific libcrypto build rules
@ -13,9 +13,6 @@ SSLASM+= aes bsaes-x86_64
CFLAGS+= -DVPAES_ASM
SSLASM+= aes vpaes-x86_64
SSLASM+= aes aesni-x86_64
SSLASM+= aes aesni-sha1-x86_64
# bf
SRCS+= bf_enc.c
# bn
CFLAGS+= -DOPENSSL_IA32_SSE2
CFLAGS+= -DRSA_ASM
@ -42,8 +39,6 @@ SRCS += word_clz.S
# camellia
SRCS+= cmll_misc.c
SSLASM+= camellia cmll-x86_64
# des
SRCS+= des_enc.c fcrypt_b.c
# md5
CFLAGS+= -DMD5_ASM
SSLASM+= md5 md5-x86_64
@ -51,9 +46,9 @@ SSLASM+= md5 md5-x86_64
CFLAGS+= -DGHASH_ASM
SSLASM+= modes ghash-x86_64
# rc4
CFLAGS+= -DRC4_MD5_ASM
CFLAGS+= -DHAVE_RC4_INTERNAL
CFLAGS+= -DHAVE_RC4_SET_KEY_INTERNAL
SSLASM+= rc4 rc4-x86_64
SSLASM+= rc4 rc4-md5-x86_64
# ripemd
# sha
CFLAGS+= -DSHA1_ASM

6
lib/libcrypto/arch/arm/Makefile.inc
View file

@ -6,20 +6,14 @@
SRCS+= aes_cbc.c
CFLAGS+= -DAES_ASM
SSLASM+= aes aes-armv4
# bf
SRCS+= bf_enc.c
# bn
CFLAGS+= -DOPENSSL_BN_ASM_MONT
SSLASM+= bn armv4-mont
# camellia
SRCS+= camellia.c cmll_cbc.c cmll_misc.c
# des
SRCS+= des_enc.c fcrypt_b.c
# modes
CFLAGS+= -DGHASH_ASM
SSLASM+= modes ghash-armv4
# rc4
SRCS+= rc4_enc.c rc4_skey.c
# sha
CFLAGS+= -DSHA1_ASM
SSLASM+= sha sha1-armv4-large

12
lib/libcrypto/arch/hppa/Makefile.inc
View file

@ -1,4 +1,4 @@
# $OpenBSD: Makefile.inc,v 1.14 2023/01/31 06:17:10 jsing Exp $
# $OpenBSD: Makefile.inc,v 1.19 2024/03/28 01:57:00 jsing Exp $
# hppa-specific libcrypto build rules
@ -6,24 +6,14 @@
SRCS+= aes_core.c aes_cbc.c
CFLAGS+= -DAES_ASM
SSLASM+= aes aes-parisc aes-parisc
# bf
SRCS+= bf_enc.c
# bn
SSLASM+= bn parisc-mont parisc-mont
CFLAGS+= -DOPENSSL_BN_ASM_MONT -DBN_DIV2W
# camellia
SRCS+= camellia.c cmll_cbc.c cmll_misc.c
# des
SRCS+= des_enc.c fcrypt_b.c
# modes
CFLAGS+= -DGHASH_ASM
SSLASM+= modes ghash-parisc ghash-parisc
# rc4
.if 0 # about 35% slower than C code
SSLASM+= rc4 rc4-parisc rc4-parisc
.else
SRCS+= rc4_enc.c rc4_skey.c
.endif
# sha
CFLAGS+= -DSHA1_ASM
SSLASM+= sha sha1-parisc sha1-parisc

13
lib/libcrypto/arch/i386/Makefile.inc
View file

@ -1,4 +1,4 @@
# $OpenBSD: Makefile.inc,v 1.9 2023/04/15 18:23:54 tb Exp $
# $OpenBSD: Makefile.inc,v 1.15 2024/03/28 01:57:00 jsing Exp $
# i386-specific libcrypto build rules
@ -11,9 +11,6 @@ SSLASM+= aes aes-586
CFLAGS+= -DVPAES_ASM
SSLASM+= aes vpaes-x86
SSLASM+= aes aesni-x86
# bf
SRCS+= bf_cbc.c
SSLASM+= bf bf-586
# bn
CFLAGS+= -DOPENSSL_IA32_SSE2
SSLASM+= bn bn-586
@ -22,9 +19,6 @@ CFLAGS+= -DOPENSSL_BN_ASM_MONT
SSLASM+= bn x86-mont
# camellia
SSLASM+= camellia cmll-x86
# des
SRCS+= fcrypt_b.c
SSLASM+= des des-586
# md5
CFLAGS+= -DMD5_ASM
SSLASM+= md5 md5-586
@ -32,10 +26,9 @@ SSLASM+= md5 md5-586
CFLAGS+= -DGHASH_ASM
SSLASM+= modes ghash-x86
# rc4
CFLAGS+= -DHAVE_RC4_INTERNAL
CFLAGS+= -DHAVE_RC4_SET_KEY_INTERNAL
SSLASM+= rc4 rc4-586
# ripemd
CFLAGS+= -DRMD160_ASM
SSLASM+= ripemd rmd-586
# sha
CFLAGS+= -DSHA1_ASM
SSLASM+= sha sha1-586

8
lib/libcrypto/arch/mips64/Makefile.inc
View file

@ -1,4 +1,4 @@
# $OpenBSD: Makefile.inc,v 1.7 2023/01/20 10:07:52 jsing Exp $
# $OpenBSD: Makefile.inc,v 1.11 2024/03/28 01:57:00 jsing Exp $
# mips64-specific libcrypto build rules
@ -6,18 +6,12 @@
SRCS+= aes_cbc.c
CFLAGS+= -DAES_ASM
SSLASM+= aes aes-mips aes-mips
# bf
SRCS+= bf_enc.c
# bn
SSLASM+= bn mips bn-mips
SSLASM+= bn mips-mont mips-mont
CFLAGS+= -DOPENSSL_BN_ASM_MONT
# camellia
SRCS+= camellia.c cmll_cbc.c cmll_misc.c
# des
SRCS+= des_enc.c fcrypt_b.c
# rc4
SRCS+= rc4_enc.c rc4_skey.c
# sha
SSLASM+= sha sha1-mips sha1-mips
CFLAGS+= -DSHA1_ASM

8
lib/libcrypto/arch/powerpc/Makefile.inc
View file

@ -1,4 +1,4 @@
# $OpenBSD: Makefile.inc,v 1.4 2023/01/17 15:04:27 miod Exp $
# $OpenBSD: Makefile.inc,v 1.8 2024/03/28 01:57:00 jsing Exp $
# powerpc-specific libcrypto build rules
@ -7,8 +7,6 @@ SRCS+= aes_core.c aes_cbc.c
# slower than C code
#CFLAGS+= -DAES_ASM
#SSLASM+= aes aes-ppc aes-ppc
# bf
SRCS+= bf_enc.c
# bn
SSLASM+= bn ppc bn-ppc
SSLASM+= bn ppc-mont ppc-mont # bn_mul_mont_int
@ -16,10 +14,6 @@ SSLASM+= bn ppc-mont ppc-mont # bn_mul_mont_int
CFLAGS+= -DOPENSSL_BN_ASM_MONT
# camellia
SRCS+= camellia.c cmll_cbc.c cmll_misc.c
# des
SRCS+= des_enc.c fcrypt_b.c
# rc4
SRCS+= rc4_enc.c rc4_skey.c
# sha
CFLAGS+= -DSHA1_ASM
SSLASM+= sha sha1-ppc sha1-ppc

8
lib/libcrypto/arch/powerpc64/Makefile.inc
View file

@ -1,4 +1,4 @@
# $OpenBSD: Makefile.inc,v 1.6 2023/01/31 06:17:10 jsing Exp $
# $OpenBSD: Makefile.inc,v 1.10 2024/03/28 01:57:00 jsing Exp $
# powerpc-specific libcrypto build rules
@ -7,8 +7,6 @@ SRCS+= aes_core.c aes_cbc.c
# slower than C code
#CFLAGS+= -DAES_ASM
#SSLASM+= aes aes-ppc aes-ppc
# bf
SRCS+= bf_enc.c
# bn
#SSLASM+= bn ppc bn-ppc
#SSLASM+= bn ppc-mont ppc-mont # bn_mul_mont_int
@ -16,10 +14,6 @@ SRCS+= bf_enc.c
#CFLAGS+= -DOPENSSL_BN_ASM_MONT
# camellia
SRCS+= camellia.c cmll_cbc.c cmll_misc.c
# des
SRCS+= des_enc.c fcrypt_b.c
# rc4
SRCS+= rc4_enc.c rc4_skey.c
# sha
#CFLAGS+= -DSHA1_ASM
#SSLASM+= sha sha1-ppc sha1-ppc

13
lib/libcrypto/arch/riscv64/Makefile.inc
View file

@ -1,4 +1,4 @@
# $OpenBSD: Makefile.inc,v 1.2 2023/08/25 02:17:41 tb Exp $
# $OpenBSD: Makefile.inc,v 1.6 2024/03/28 01:57:00 jsing Exp $
# riscv64 libcrypto build rules
@ -6,21 +6,10 @@
SRCS+= aes_core.c
SRCS+= aes_cbc.c
# bf
SRCS+= bf_enc.c
# camellia
SRCS+= camellia.c
SRCS+= cmll_cbc.c
SRCS+= cmll_misc.c
# des
SRCS+= des_enc.c
SRCS+= fcrypt_b.c
# rc4
SRCS+= rc4_enc.c
SRCS+= rc4_skey.c
# whrlpool
SRCS+= wp_block.c

12
lib/libcrypto/arch/sparc64/Makefile.inc
View file

@ -1,4 +1,4 @@
# $OpenBSD: Makefile.inc,v 1.8 2023/01/31 06:17:10 jsing Exp $
# $OpenBSD: Makefile.inc,v 1.13 2024/03/28 01:57:00 jsing Exp $
# sparc64-specific libcrypto build rules
@ -6,22 +6,12 @@
SRCS+= aes_core.c aes_cbc.c
CFLAGS+= -DAES_ASM
SSLASM+= aes aes-sparcv9 aes-sparcv9
# bf
SRCS+= bf_enc.c
# bn
# camellia
SRCS+= camellia.c cmll_cbc.c cmll_misc.c
# des
SRCS+= fcrypt_b.c
SRCS+= des_enc-sparc.S
GENERATED+= des_enc-sparc.S
des_enc-sparc.S: ${LCRYPTO_SRC}/des/asm/des_enc.m4
m4 ${LCRYPTO_SRC}/des/asm/des_enc.m4 > ${.TARGET}
# modes
CFLAGS+= -DGHASH_ASM
SSLASM+= modes ghash-sparcv9 ghash-sparcv9
# rc4
SRCS+= rc4_enc.c rc4_skey.c
# sha
SSLASM+= sha sha1-sparcv9 sha1-sparcv9
CFLAGS+= -DSHA1_ASM

5
lib/libcrypto/asn1/p5_pbe.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: p5_pbe.c,v 1.26 2024/03/02 10:17:37 tb Exp $ */
/* $OpenBSD: p5_pbe.c,v 1.27 2024/03/28 00:44:26 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
@ -127,8 +127,7 @@ PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
ASN1_STRING *pbe_str = NULL;
unsigned char *sstr;
pbe = PBEPARAM_new();
if (!pbe) {
if ((pbe = PBEPARAM_new()) == NULL) {
ASN1error(ERR_R_MALLOC_FAILURE);
goto err;
}

137
lib/libcrypto/bf/asm/bf-586.pl
View file

@ -1,137 +0,0 @@
#!/usr/local/bin/perl
$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
push(@INC,"${dir}","${dir}../../perlasm");
require "x86asm.pl";
require "cbc.pl";
&asm_init($ARGV[0],"bf-586.pl",$ARGV[$#ARGV] eq "386");
$BF_ROUNDS=16;
$BF_OFF=($BF_ROUNDS+2)*4;
$L="edi";
$R="esi";
$P="ebp";
$tmp1="eax";
$tmp2="ebx";
$tmp3="ecx";
$tmp4="edx";
&BF_encrypt("BF_encrypt",1);
&BF_encrypt("BF_decrypt",0);
&cbc("BF_cbc_encrypt","BF_encrypt","BF_decrypt",1,4,5,3,-1,-1) unless $main'openbsd;
&asm_finish();
sub BF_encrypt
{
local($name,$enc)=@_;
&function_begin_B($name,"");
&comment("");
&push("ebp");
&push("ebx");
&mov($tmp2,&wparam(0));
&mov($P,&wparam(1));
&push("esi");
&push("edi");
&comment("Load the 2 words");
&mov($L,&DWP(0,$tmp2,"",0));
&mov($R,&DWP(4,$tmp2,"",0));
&xor( $tmp1, $tmp1);
# encrypting part
if ($enc)
{
&mov($tmp2,&DWP(0,$P,"",0));
&xor( $tmp3, $tmp3);
&xor($L,$tmp2);
for ($i=0; $i<$BF_ROUNDS; $i+=2)
{
&comment("");
&comment("Round $i");
&BF_ENCRYPT($i+1,$R,$L,$P,$tmp1,$tmp2,$tmp3,$tmp4,1);
&comment("");
&comment("Round ".sprintf("%d",$i+1));
&BF_ENCRYPT($i+2,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,1);
}
# &mov($tmp1,&wparam(0)); In last loop
&mov($tmp4,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
}
else
{
&mov($tmp2,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
&xor( $tmp3, $tmp3);
&xor($L,$tmp2);
for ($i=$BF_ROUNDS; $i>0; $i-=2)
{
&comment("");
&comment("Round $i");
&BF_ENCRYPT($i,$R,$L,$P,$tmp1,$tmp2,$tmp3,$tmp4,0);
&comment("");
&comment("Round ".sprintf("%d",$i-1));
&BF_ENCRYPT($i-1,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,0);
}
# &mov($tmp1,&wparam(0)); In last loop
&mov($tmp4,&DWP(0,$P,"",0));
}
&xor($R,$tmp4);
&mov(&DWP(4,$tmp1,"",0),$L);
&mov(&DWP(0,$tmp1,"",0),$R);
&function_end($name);
}
sub BF_ENCRYPT
{
local($i,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,$enc)=@_;
&mov( $tmp4, &DWP(&n2a($i*4),$P,"",0)); # for next round
&mov( $tmp2, $R);
&xor( $L, $tmp4);
&shr( $tmp2, 16);
&mov( $tmp4, $R);
&movb( &LB($tmp1), &HB($tmp2)); # A
&and( $tmp2, 0xff); # B
&movb( &LB($tmp3), &HB($tmp4)); # C
&and( $tmp4, 0xff); # D
&mov( $tmp1, &DWP(&n2a($BF_OFF+0x0000),$P,$tmp1,4));
&mov( $tmp2, &DWP(&n2a($BF_OFF+0x0400),$P,$tmp2,4));
&add( $tmp2, $tmp1);
&mov( $tmp1, &DWP(&n2a($BF_OFF+0x0800),$P,$tmp3,4));
&xor( $tmp2, $tmp1);
&mov( $tmp4, &DWP(&n2a($BF_OFF+0x0C00),$P,$tmp4,4));
&add( $tmp2, $tmp4);
if (($enc && ($i != 16)) || ((!$enc) && ($i != 1)))
{ &xor( $tmp1, $tmp1); }
else
{
&comment("Load parameter 0 ($i) enc=$enc");
&mov($tmp1,&wparam(0));
} # In last loop
&xor( $L, $tmp2);
# delay
}
sub n2a
{
sprintf("%d",$_[0]);
}

137
lib/libcrypto/bf/bf_cbc.c
View file

@ -1,137 +0,0 @@
/* $OpenBSD: bf_cbc.c,v 1.8 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <openssl/blowfish.h>
#include "bf_local.h"
void
BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
const BF_KEY *schedule, unsigned char *ivec, int encrypt)
{
BF_LONG tin0, tin1;
BF_LONG tout0, tout1, xor0, xor1;
long l = length;
BF_LONG tin[2];
if (encrypt) {
n2l(ivec, tout0);
n2l(ivec, tout1);
ivec -= 8;
for (l -= 8; l >= 0; l -= 8) {
n2l(in, tin0);
n2l(in, tin1);
tin0 ^= tout0;
tin1 ^= tout1;
tin[0] = tin0;
tin[1] = tin1;
BF_encrypt(tin, schedule);
tout0 = tin[0];
tout1 = tin[1];
l2n(tout0, out);
l2n(tout1, out);
}
if (l != -8) {
n2ln(in, tin0, tin1, l + 8);
tin0 ^= tout0;
tin1 ^= tout1;
tin[0] = tin0;
tin[1] = tin1;
BF_encrypt(tin, schedule);
tout0 = tin[0];
tout1 = tin[1];
l2n(tout0, out);
l2n(tout1, out);
}
l2n(tout0, ivec);
l2n(tout1, ivec);
} else {
n2l(ivec, xor0);
n2l(ivec, xor1);
ivec -= 8;
for (l -= 8; l >= 0; l -= 8) {
n2l(in, tin0);
n2l(in, tin1);
tin[0] = tin0;
tin[1] = tin1;
BF_decrypt(tin, schedule);
tout0 = tin[0]^xor0;
tout1 = tin[1]^xor1;
l2n(tout0, out);
l2n(tout1, out);
xor0 = tin0;
xor1 = tin1;
}
if (l != -8) {
n2l(in, tin0);
n2l(in, tin1);
tin[0] = tin0;
tin[1] = tin1;
BF_decrypt(tin, schedule);
tout0 = tin[0]^xor0;
tout1 = tin[1]^xor1;
l2nn(tout0, tout1, out, l + 8);
xor0 = tin0;
xor1 = tin1;
}
l2n(xor0, ivec);
l2n(xor1, ivec);
}
tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
tin[0] = tin[1] = 0;
}

124
lib/libcrypto/bf/bf_cfb64.c
View file

@ -1,124 +0,0 @@
/* $OpenBSD: bf_cfb64.c,v 1.8 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <openssl/blowfish.h>
#include "bf_local.h"
/*
* The input and output encrypted as though 64bit cfb mode is being
* used. The extra state information to record how much of the
* 64bit block we have used is contained in *num;
*/
void
BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length,
const BF_KEY *schedule, unsigned char *ivec, int *num, int encrypt)
{
BF_LONG v0, v1, t;
int n= *num;
long l = length;
BF_LONG ti[2];
unsigned char *iv, c, cc;
iv = (unsigned char *)ivec;
if (encrypt) {
while (l--) {
if (n == 0) {
n2l(iv, v0);
ti[0] = v0;
n2l(iv, v1);
ti[1] = v1;
BF_encrypt((BF_LONG *)ti, schedule);
iv = (unsigned char *)ivec;
t = ti[0];
l2n(t, iv);
t = ti[1];
l2n(t, iv);
iv = (unsigned char *)ivec;
}
c= *(in++)^iv[n];
*(out++) = c;
iv[n] = c;
n = (n + 1)&0x07;
}
} else {
while (l--) {
if (n == 0) {
n2l(iv, v0);
ti[0] = v0;
n2l(iv, v1);
ti[1] = v1;
BF_encrypt((BF_LONG *)ti, schedule);
iv = (unsigned char *)ivec;
t = ti[0];
l2n(t, iv);
t = ti[1];
l2n(t, iv);
iv = (unsigned char *)ivec;
}
cc= *(in++);
c = iv[n];
iv[n] = cc;
*(out++) = c^cc;
n = (n + 1)&0x07;
}
}
v0 = v1 = ti[0] = ti[1] = t=c = cc = 0;
*num = n;
}

89
lib/libcrypto/bf/bf_ecb.c
View file

@ -1,89 +0,0 @@
/* $OpenBSD: bf_ecb.c,v 1.10 2023/07/28 10:35:14 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <openssl/blowfish.h>
#include <openssl/opensslv.h>
#include "bf_local.h"
/*
* Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
* (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
* CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
*/
void
BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
const BF_KEY *key, int encrypt)
{
BF_LONG l, d[2];
n2l(in, l);
d[0] = l;
n2l(in, l);
d[1] = l;
if (encrypt)
BF_encrypt(d, key);
else
BF_decrypt(d, key);
l = d[0];
l2n(l, out);
l = d[1];
l2n(l, out);
l = d[0] = d[1] = 0;
}

304
lib/libcrypto/bf/bf_enc.c
View file

@ -1,304 +0,0 @@
/* $OpenBSD: bf_enc.c,v 1.9 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <openssl/blowfish.h>
#include "bf_local.h"
/*
* Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
* (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
* CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
*/
#if (BF_ROUNDS != 16) && (BF_ROUNDS != 20)
#error If you set BF_ROUNDS to some value other than 16 or 20, you will have \
to modify the code.
#endif
void
BF_encrypt(BF_LONG *data, const BF_KEY *key)
{
#ifndef BF_PTR2
BF_LONG l, r;
const BF_LONG *p, *s;
p = key->P;
s = &(key->S[0]);
l = data[0];
r = data[1];
l ^= p[0];
BF_ENC(r, l,s, p[1]);
BF_ENC(l, r,s, p[2]);
BF_ENC(r, l,s, p[3]);
BF_ENC(l, r,s, p[4]);
BF_ENC(r, l,s, p[5]);
BF_ENC(l, r,s, p[6]);
BF_ENC(r, l,s, p[7]);
BF_ENC(l, r,s, p[8]);
BF_ENC(r, l,s, p[9]);
BF_ENC(l, r,s, p[10]);
BF_ENC(r, l,s, p[11]);
BF_ENC(l, r,s, p[12]);
BF_ENC(r, l,s, p[13]);
BF_ENC(l, r,s, p[14]);
BF_ENC(r, l,s, p[15]);
BF_ENC(l, r,s, p[16]);
#if BF_ROUNDS == 20
BF_ENC(r, l,s, p[17]);
BF_ENC(l, r,s, p[18]);
BF_ENC(r, l,s, p[19]);
BF_ENC(l, r,s, p[20]);
#endif
r ^= p[BF_ROUNDS + 1];
data[1] = l&0xffffffffL;
data[0] = r&0xffffffffL;
#else
BF_LONG l, r,t, *k;
l = data[0];
r = data[1];
k = (BF_LONG*)key;
l ^= k[0];
BF_ENC(r, l, k, 1);
BF_ENC(l, r, k, 2);
BF_ENC(r, l, k, 3);
BF_ENC(l, r, k, 4);
BF_ENC(r, l, k, 5);
BF_ENC(l, r, k, 6);
BF_ENC(r, l, k, 7);
BF_ENC(l, r, k, 8);
BF_ENC(r, l, k, 9);
BF_ENC(l, r,k, 10);
BF_ENC(r, l,k, 11);
BF_ENC(l, r,k, 12);
BF_ENC(r, l,k, 13);
BF_ENC(l, r,k, 14);
BF_ENC(r, l,k, 15);
BF_ENC(l, r,k, 16);
#if BF_ROUNDS == 20
BF_ENC(r, l,k, 17);
BF_ENC(l, r,k, 18);
BF_ENC(r, l,k, 19);
BF_ENC(l, r,k, 20);
#endif
r ^= k[BF_ROUNDS + 1];
data[1] = l&0xffffffffL;
data[0] = r&0xffffffffL;
#endif
}
#ifndef BF_DEFAULT_OPTIONS
void
BF_decrypt(BF_LONG *data, const BF_KEY *key)
{
#ifndef BF_PTR2
BF_LONG l, r;
const BF_LONG *p, *s;
p = key->P;
s = &(key->S[0]);
l = data[0];
r = data[1];
l ^= p[BF_ROUNDS + 1];
#if BF_ROUNDS == 20
BF_ENC(r, l,s, p[20]);
BF_ENC(l, r,s, p[19]);
BF_ENC(r, l,s, p[18]);
BF_ENC(l, r,s, p[17]);
#endif
BF_ENC(r, l,s, p[16]);
BF_ENC(l, r,s, p[15]);
BF_ENC(r, l,s, p[14]);
BF_ENC(l, r,s, p[13]);
BF_ENC(r, l,s, p[12]);
BF_ENC(l, r,s, p[11]);
BF_ENC(r, l,s, p[10]);
BF_ENC(l, r,s, p[9]);
BF_ENC(r, l,s, p[8]);
BF_ENC(l, r,s, p[7]);
BF_ENC(r, l,s, p[6]);
BF_ENC(l, r,s, p[5]);
BF_ENC(r, l,s, p[4]);
BF_ENC(l, r,s, p[3]);
BF_ENC(r, l,s, p[2]);
BF_ENC(l, r,s, p[1]);
r ^= p[0];
data[1] = l&0xffffffffL;
data[0] = r&0xffffffffL;
#else
BF_LONG l, r,t, *k;
l = data[0];
r = data[1];
k = (BF_LONG *)key;
l ^= k[BF_ROUNDS + 1];
#if BF_ROUNDS == 20
BF_ENC(r, l,k, 20);
BF_ENC(l, r,k, 19);
BF_ENC(r, l,k, 18);
BF_ENC(l, r,k, 17);
#endif
BF_ENC(r, l,k, 16);
BF_ENC(l, r,k, 15);
BF_ENC(r, l,k, 14);
BF_ENC(l, r,k, 13);
BF_ENC(r, l,k, 12);
BF_ENC(l, r,k, 11);
BF_ENC(r, l,k, 10);
BF_ENC(l, r, k, 9);
BF_ENC(r, l, k, 8);
BF_ENC(l, r, k, 7);
BF_ENC(r, l, k, 6);
BF_ENC(l, r, k, 5);
BF_ENC(r, l, k, 4);
BF_ENC(l, r, k, 3);
BF_ENC(r, l, k, 2);
BF_ENC(l, r, k, 1);
r ^= k[0];
data[1] = l&0xffffffffL;
data[0] = r&0xffffffffL;
#endif
}
void
BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
const BF_KEY *schedule, unsigned char *ivec, int encrypt)
{
BF_LONG tin0, tin1;
BF_LONG tout0, tout1, xor0, xor1;
long l = length;
BF_LONG tin[2];
if (encrypt) {
n2l(ivec, tout0);
n2l(ivec, tout1);
ivec -= 8;
for (l -= 8; l >= 0; l -= 8) {
n2l(in, tin0);
n2l(in, tin1);
tin0 ^= tout0;
tin1 ^= tout1;
tin[0] = tin0;
tin[1] = tin1;
BF_encrypt(tin, schedule);
tout0 = tin[0];
tout1 = tin[1];
l2n(tout0, out);
l2n(tout1, out);
}
if (l != -8) {
n2ln(in, tin0, tin1, l + 8);
tin0 ^= tout0;
tin1 ^= tout1;
tin[0] = tin0;
tin[1] = tin1;
BF_encrypt(tin, schedule);
tout0 = tin[0];
tout1 = tin[1];
l2n(tout0, out);
l2n(tout1, out);
}
l2n(tout0, ivec);
l2n(tout1, ivec);
} else {
n2l(ivec, xor0);
n2l(ivec, xor1);
ivec -= 8;
for (l -= 8; l >= 0; l -= 8) {
n2l(in, tin0);
n2l(in, tin1);
tin[0] = tin0;
tin[1] = tin1;
BF_decrypt(tin, schedule);
tout0 = tin[0]^xor0;
tout1 = tin[1]^xor1;
l2n(tout0, out);
l2n(tout1, out);
xor0 = tin0;
xor1 = tin1;
}
if (l != -8) {
n2l(in, tin0);
n2l(in, tin1);
tin[0] = tin0;
tin[1] = tin1;
BF_decrypt(tin, schedule);
tout0 = tin[0]^xor0;
tout1 = tin[1]^xor1;
l2nn(tout0, tout1, out, l + 8);
xor0 = tin0;
xor1 = tin1;
}
l2n(xor0, ivec);
l2n(xor1, ivec);
}
tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
tin[0] = tin[1] = 0;
}
#endif

71
lib/libcrypto/bf/bf_local.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bf_local.h,v 1.1 2022/11/26 16:08:51 tb Exp $ */
/* $OpenBSD: bf_local.h,v 1.3 2024/03/27 11:54:29 jsing Exp $ */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -56,54 +56,10 @@
* [including the GNU Public Licence.]
*/
#include <openssl/opensslconf.h> /* BF_PTR */
#ifndef HEADER_BF_LOCL_H
#define HEADER_BF_LOCL_H
#include <openssl/opensslconf.h> /* BF_PTR, BF_PTR2 */
#undef c2l
#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
l|=((unsigned long)(*((c)++)))<< 8L, \
l|=((unsigned long)(*((c)++)))<<16L, \
l|=((unsigned long)(*((c)++)))<<24L)
/* NOTE - c is not incremented as per c2l */
#undef c2ln
#define c2ln(c,l1,l2,n) { \
c+=n; \
l1=l2=0; \
switch (n) { \
case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
case 5: l2|=((unsigned long)(*(--(c)))); \
case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
case 1: l1|=((unsigned long)(*(--(c)))); \
} \
}
#undef l2c
#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
*((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
*((c)++)=(unsigned char)(((l)>>16L)&0xff), \
*((c)++)=(unsigned char)(((l)>>24L)&0xff))
/* NOTE - c is not incremented as per l2c */
#undef l2cn
#define l2cn(l1,l2,c,n) { \
c+=n; \
switch (n) { \
case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
} \
}
/* NOTE - c is not incremented as per n2l */
#define n2ln(c,l1,l2,n) { \
@ -151,26 +107,7 @@
/* This is actually a big endian algorithm, the most significant byte
* is used to lookup array 0 */
#if defined(BF_PTR2)
/*
* This is basically a special Intel version. Point is that Intel
* doesn't have many registers, but offers a reach choice of addressing
* modes. So we spare some registers by directly traversing BF_KEY
* structure and hiring the most decorated addressing mode. The code
* generated by EGCS is *perfectly* competitive with assembler
* implementation!
*/
#define BF_ENC(LL,R,KEY,Pi) (\
LL^=KEY[Pi], \
t= KEY[BF_ROUNDS+2 + 0 + ((R>>24)&0xFF)], \
t+= KEY[BF_ROUNDS+2 + 256 + ((R>>16)&0xFF)], \
t^= KEY[BF_ROUNDS+2 + 512 + ((R>>8 )&0xFF)], \
t+= KEY[BF_ROUNDS+2 + 768 + ((R )&0xFF)], \
LL^=t \
)
#elif defined(BF_PTR)
#if defined(BF_PTR)
#ifndef BF_LONG_LOG2
#define BF_LONG_LOG2 2 /* default to BF_LONG being 32 bits */

111
lib/libcrypto/bf/bf_ofb64.c
View file

@ -1,111 +0,0 @@
/* $OpenBSD: bf_ofb64.c,v 1.8 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <openssl/blowfish.h>
#include "bf_local.h"
/*
* The input and output encrypted as though 64bit ofb mode is being
* used. The extra state information to record how much of the
* 64bit block we have used is contained in *num;
*/
void
BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length,
const BF_KEY *schedule, unsigned char *ivec, int *num)
{
BF_LONG v0, v1, t;
int n= *num;
long l = length;
unsigned char d[8];
char *dp;
BF_LONG ti[2];
unsigned char *iv;
int save = 0;
iv = (unsigned char *)ivec;
n2l(iv, v0);
n2l(iv, v1);
ti[0] = v0;
ti[1] = v1;
dp = (char *)d;
l2n(v0, dp);
l2n(v1, dp);
while (l--) {
if (n == 0) {
BF_encrypt((BF_LONG *)ti, schedule);
dp = (char *)d;
t = ti[0];
l2n(t, dp);
t = ti[1];
l2n(t, dp);
save++;
}
*(out++)= *(in++)^d[n];
n = (n + 1)&0x07;
}
if (save) {
v0 = ti[0];
v1 = ti[1];
iv = (unsigned char *)ivec;
l2n(v0, iv);
l2n(v1, iv);
}
t = v0 = v1 = ti[0] = ti[1] = 0;
*num = n;
}

312
lib/libcrypto/bf/bf_skey.c → lib/libcrypto/bf/blowfish.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bf_skey.c,v 1.17 2022/11/26 16:08:51 tb Exp $ */
/* $OpenBSD: blowfish.c,v 1.2 2024/03/27 11:54:29 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -56,14 +56,23 @@
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include <string.h>
#include <openssl/crypto.h>
#include <openssl/blowfish.h>
#include <string.h>
#include "bf_local.h"
/*
* Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
* (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
* CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
*/
#if (BF_ROUNDS != 16) && (BF_ROUNDS != 20)
#error If you set BF_ROUNDS to some value other than 16 or 20, you will have \
to modify the code.
#endif
static const BF_KEY bf_init = {
.P = {
0x243f6a88L, 0x85a308d3L, 0x13198a2eL, 0x03707344L,
@ -332,6 +341,298 @@ static const BF_KEY bf_init = {
}
};
void
BF_encrypt(BF_LONG *data, const BF_KEY *key)
{
BF_LONG l, r;
const BF_LONG *p, *s;
p = key->P;
s = &(key->S[0]);
l = data[0];
r = data[1];
l ^= p[0];
BF_ENC(r, l,s, p[1]);
BF_ENC(l, r,s, p[2]);
BF_ENC(r, l,s, p[3]);
BF_ENC(l, r,s, p[4]);
BF_ENC(r, l,s, p[5]);
BF_ENC(l, r,s, p[6]);
BF_ENC(r, l,s, p[7]);
BF_ENC(l, r,s, p[8]);
BF_ENC(r, l,s, p[9]);
BF_ENC(l, r,s, p[10]);
BF_ENC(r, l,s, p[11]);
BF_ENC(l, r,s, p[12]);
BF_ENC(r, l,s, p[13]);
BF_ENC(l, r,s, p[14]);
BF_ENC(r, l,s, p[15]);
BF_ENC(l, r,s, p[16]);
#if BF_ROUNDS == 20
BF_ENC(r, l,s, p[17]);
BF_ENC(l, r,s, p[18]);
BF_ENC(r, l,s, p[19]);
BF_ENC(l, r,s, p[20]);
#endif
r ^= p[BF_ROUNDS + 1];
data[1] = l&0xffffffffL;
data[0] = r&0xffffffffL;
}
#ifndef BF_DEFAULT_OPTIONS
void
BF_decrypt(BF_LONG *data, const BF_KEY *key)
{
BF_LONG l, r;
const BF_LONG *p, *s;
p = key->P;
s = &(key->S[0]);
l = data[0];
r = data[1];
l ^= p[BF_ROUNDS + 1];
#if BF_ROUNDS == 20
BF_ENC(r, l,s, p[20]);
BF_ENC(l, r,s, p[19]);
BF_ENC(r, l,s, p[18]);
BF_ENC(l, r,s, p[17]);
#endif
BF_ENC(r, l,s, p[16]);
BF_ENC(l, r,s, p[15]);
BF_ENC(r, l,s, p[14]);
BF_ENC(l, r,s, p[13]);
BF_ENC(r, l,s, p[12]);
BF_ENC(l, r,s, p[11]);
BF_ENC(r, l,s, p[10]);
BF_ENC(l, r,s, p[9]);
BF_ENC(r, l,s, p[8]);
BF_ENC(l, r,s, p[7]);
BF_ENC(r, l,s, p[6]);
BF_ENC(l, r,s, p[5]);
BF_ENC(r, l,s, p[4]);
BF_ENC(l, r,s, p[3]);
BF_ENC(r, l,s, p[2]);
BF_ENC(l, r,s, p[1]);
r ^= p[0];
data[1] = l&0xffffffffL;
data[0] = r&0xffffffffL;
}
void
BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
const BF_KEY *schedule, unsigned char *ivec, int encrypt)
{
BF_LONG tin0, tin1;
BF_LONG tout0, tout1, xor0, xor1;
long l = length;
BF_LONG tin[2];
if (encrypt) {
n2l(ivec, tout0);
n2l(ivec, tout1);
ivec -= 8;
for (l -= 8; l >= 0; l -= 8) {
n2l(in, tin0);
n2l(in, tin1);
tin0 ^= tout0;
tin1 ^= tout1;
tin[0] = tin0;
tin[1] = tin1;
BF_encrypt(tin, schedule);
tout0 = tin[0];
tout1 = tin[1];
l2n(tout0, out);
l2n(tout1, out);
}
if (l != -8) {
n2ln(in, tin0, tin1, l + 8);
tin0 ^= tout0;
tin1 ^= tout1;
tin[0] = tin0;
tin[1] = tin1;
BF_encrypt(tin, schedule);
tout0 = tin[0];
tout1 = tin[1];
l2n(tout0, out);
l2n(tout1, out);
}
l2n(tout0, ivec);
l2n(tout1, ivec);
} else {
n2l(ivec, xor0);
n2l(ivec, xor1);
ivec -= 8;
for (l -= 8; l >= 0; l -= 8) {
n2l(in, tin0);
n2l(in, tin1);
tin[0] = tin0;
tin[1] = tin1;
BF_decrypt(tin, schedule);
tout0 = tin[0]^xor0;
tout1 = tin[1]^xor1;
l2n(tout0, out);
l2n(tout1, out);
xor0 = tin0;
xor1 = tin1;
}
if (l != -8) {
n2l(in, tin0);
n2l(in, tin1);
tin[0] = tin0;
tin[1] = tin1;
BF_decrypt(tin, schedule);
tout0 = tin[0]^xor0;
tout1 = tin[1]^xor1;
l2nn(tout0, tout1, out, l + 8);
xor0 = tin0;
xor1 = tin1;
}
l2n(xor0, ivec);
l2n(xor1, ivec);
}
tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
tin[0] = tin[1] = 0;
}
/*
* The input and output encrypted as though 64bit cfb mode is being
* used. The extra state information to record how much of the
* 64bit block we have used is contained in *num;
*/
void
BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length,
const BF_KEY *schedule, unsigned char *ivec, int *num, int encrypt)
{
BF_LONG v0, v1, t;
int n= *num;
long l = length;
BF_LONG ti[2];
unsigned char *iv, c, cc;
iv = (unsigned char *)ivec;
if (encrypt) {
while (l--) {
if (n == 0) {
n2l(iv, v0);
ti[0] = v0;
n2l(iv, v1);
ti[1] = v1;
BF_encrypt((BF_LONG *)ti, schedule);
iv = (unsigned char *)ivec;
t = ti[0];
l2n(t, iv);
t = ti[1];
l2n(t, iv);
iv = (unsigned char *)ivec;
}
c= *(in++)^iv[n];
*(out++) = c;
iv[n] = c;
n = (n + 1)&0x07;
}
} else {
while (l--) {
if (n == 0) {
n2l(iv, v0);
ti[0] = v0;
n2l(iv, v1);
ti[1] = v1;
BF_encrypt((BF_LONG *)ti, schedule);
iv = (unsigned char *)ivec;
t = ti[0];
l2n(t, iv);
t = ti[1];
l2n(t, iv);
iv = (unsigned char *)ivec;
}
cc= *(in++);
c = iv[n];
iv[n] = cc;
*(out++) = c^cc;
n = (n + 1)&0x07;
}
}
v0 = v1 = ti[0] = ti[1] = t=c = cc = 0;
*num = n;
}
void
BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
const BF_KEY *key, int encrypt)
{
BF_LONG l, d[2];
n2l(in, l);
d[0] = l;
n2l(in, l);
d[1] = l;
if (encrypt)
BF_encrypt(d, key);
else
BF_decrypt(d, key);
l = d[0];
l2n(l, out);
l = d[1];
l2n(l, out);
l = d[0] = d[1] = 0;
}
/*
* The input and output encrypted as though 64bit ofb mode is being
* used. The extra state information to record how much of the
* 64bit block we have used is contained in *num;
*/
void
BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length,
const BF_KEY *schedule, unsigned char *ivec, int *num)
{
BF_LONG v0, v1, t;
int n= *num;
long l = length;
unsigned char d[8];
char *dp;
BF_LONG ti[2];
unsigned char *iv;
int save = 0;
iv = (unsigned char *)ivec;
n2l(iv, v0);
n2l(iv, v1);
ti[0] = v0;
ti[1] = v1;
dp = (char *)d;
l2n(v0, dp);
l2n(v1, dp);
while (l--) {
if (n == 0) {
BF_encrypt((BF_LONG *)ti, schedule);
dp = (char *)d;
t = ti[0];
l2n(t, dp);
t = ti[1];
l2n(t, dp);
save++;
}
*(out++)= *(in++)^d[n];
n = (n + 1)&0x07;
}
if (save) {
v0 = ti[0];
v1 = ti[1];
iv = (unsigned char *)ivec;
l2n(v0, iv);
l2n(v1, iv);
}
t = v0 = v1 = ti[0] = ti[1] = 0;
*num = n;
}
void
BF_set_key(BF_KEY *key, int len, const unsigned char *data)
{
@ -385,3 +686,4 @@ BF_set_key(BF_KEY *key, int len, const unsigned char *data)
p[i + 1] = in[1];
}
}
#endif

21
lib/libcrypto/engine/engine_stubs.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: engine_stubs.c,v 1.3 2023/11/19 15:47:40 tb Exp $ */
/* $OpenBSD: engine_stubs.c,v 1.4 2024/03/27 06:08:45 tb Exp $ */
/*
* Written by Theo Buehler. Public domain.
@ -10,87 +10,102 @@ void
ENGINE_load_builtin_engines(void)
{
}
LCRYPTO_ALIAS(ENGINE_load_builtin_engines);
void
ENGINE_load_dynamic(void)
{
}
LCRYPTO_ALIAS(ENGINE_load_dynamic);
void
ENGINE_load_openssl(void)
{
}
LCRYPTO_ALIAS(ENGINE_load_openssl);
int
ENGINE_register_all_complete(void)
{
return 0;
}
LCRYPTO_ALIAS(ENGINE_register_all_complete);
void
ENGINE_cleanup(void)
{
}
LCRYPTO_ALIAS(ENGINE_cleanup);
ENGINE *
ENGINE_new(void)
{
return NULL;
}
LCRYPTO_ALIAS(ENGINE_new);
int
ENGINE_free(ENGINE *engine)
{
return 0;
}
LCRYPTO_ALIAS(ENGINE_free);
int
ENGINE_init(ENGINE *engine)
{
return 0;
}
LCRYPTO_ALIAS(ENGINE_init);
int
ENGINE_finish(ENGINE *engine)
{
return 0;
}
LCRYPTO_ALIAS(ENGINE_finish);
ENGINE *
ENGINE_by_id(const char *id)
{
return NULL;
}
LCRYPTO_ALIAS(ENGINE_by_id);
const char *
ENGINE_get_id(const ENGINE *engine)
{
return "";
}
LCRYPTO_ALIAS(ENGINE_get_id);
const char *
ENGINE_get_name(const ENGINE *engine)
{
return "";
}
LCRYPTO_ALIAS(ENGINE_get_name);
int
ENGINE_set_default(ENGINE *engine, unsigned int flags)
{
return 0;
}
LCRYPTO_ALIAS(ENGINE_set_default);
ENGINE *
ENGINE_get_default_RSA(void)
{
return NULL;
}
LCRYPTO_ALIAS(ENGINE_get_default_RSA);
int
ENGINE_set_default_RSA(ENGINE *engine)
{
return 0;
}
LCRYPTO_ALIAS(ENGINE_set_default_RSA);
int
ENGINE_ctrl_cmd(ENGINE *engine, const char *cmd_name, long i, void *p,
@ -98,6 +113,7 @@ ENGINE_ctrl_cmd(ENGINE *engine, const char *cmd_name, long i, void *p,
{
return 0;
}
LCRYPTO_ALIAS(ENGINE_ctrl_cmd);
int
ENGINE_ctrl_cmd_string(ENGINE *engine, const char *cmd, const char *arg,
@ -105,6 +121,7 @@ ENGINE_ctrl_cmd_string(ENGINE *engine, const char *cmd, const char *arg,
{
return 0;
}
LCRYPTO_ALIAS(ENGINE_ctrl_cmd_string);
EVP_PKEY *
ENGINE_load_private_key(ENGINE *engine, const char *key_id,
@ -112,6 +129,7 @@ ENGINE_load_private_key(ENGINE *engine, const char *key_id,
{
return NULL;
}
LCRYPTO_ALIAS(ENGINE_load_private_key);
EVP_PKEY *
ENGINE_load_public_key(ENGINE *engine, const char *key_id,
@ -119,3 +137,4 @@ ENGINE_load_public_key(ENGINE *engine, const char *key_id,
{
return NULL;
}
LCRYPTO_ALIAS(ENGINE_load_public_key);

18
lib/libcrypto/evp/m_sigver.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: m_sigver.c,v 1.21 2024/03/27 01:55:40 joshua Exp $ */
/* $OpenBSD: m_sigver.c,v 1.26 2024/03/27 07:36:59 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
@ -186,25 +186,27 @@ EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen)
if ((s = EVP_MD_size(ctx->digest)) < 0)
return 0;
if (EVP_PKEY_sign(ctx->pctx, NULL, siglen, NULL, s) <= 0)
return 0;
return 0;
return 1;
}
/* Use a copy since EVP_DigestFinal_ex() clears secrets. */
if ((md_ctx = EVP_MD_CTX_new()) == NULL)
goto err;
if (!EVP_MD_CTX_copy_ex(md_ctx, ctx))
goto err;
if (md_ctx->pctx->pmeth->signctx != NULL) {
if(md_ctx->pctx->pmeth->signctx(md_ctx->pctx,
if (md_ctx->pctx->pmeth->signctx(md_ctx->pctx,
sigret, siglen, md_ctx) <= 0)
goto err;
} else {
if (!EVP_DigestFinal_ex(md_ctx, md, &mdlen))
goto err;
/* Use the original ctx since secrets were cleared. */
if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)
goto err;
}
if (!EVP_DigestFinal_ex(md_ctx, md, &mdlen))
goto err;
if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)
goto err;
ret = 1;

8
lib/libcrypto/evp/p_legacy.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: p_legacy.c,v 1.4 2024/03/26 05:22:50 joshua Exp $ */
/* $OpenBSD: p_legacy.c,v 1.5 2024/03/28 01:42:02 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -99,7 +99,8 @@ EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
int i, size = 0, ret = 0;
if (type) {
EVP_CIPHER_CTX_reset(ctx);
if (!EVP_CIPHER_CTX_reset(ctx))
return 0;
if (!EVP_DecryptInit_ex(ctx, type, NULL, NULL, NULL))
return 0;
}
@ -154,7 +155,8 @@ EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek,
int i, iv_len;
if (type) {
EVP_CIPHER_CTX_reset(ctx);
if (!EVP_CIPHER_CTX_reset(ctx))
return 0;
if (!EVP_EncryptInit_ex(ctx, type, NULL, NULL, NULL))
return 0;
}

48
lib/libcrypto/hidden/openssl/engine.h Normal file
View file

@ -0,0 +1,48 @@
/* $OpenBSD: engine.h,v 1.1 2024/03/27 06:08:45 tb Exp $ */
/*
* Copyright (c) 2024 Theo Buehler <tb@openbsd.org>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#ifndef _LIBCRYPTO_ENGINE_H
#define _LIBCRYPTO_ENGINE_H
#ifndef _MSC_VER
#include_next <openssl/engine.h>
#else
#include "../include/openssl/engine.h"
#endif
#include "crypto_namespace.h"
LCRYPTO_USED(ENGINE_load_builtin_engines);
LCRYPTO_USED(ENGINE_load_dynamic);
LCRYPTO_USED(ENGINE_load_openssl);
LCRYPTO_USED(ENGINE_register_all_complete);
LCRYPTO_USED(ENGINE_cleanup);
LCRYPTO_USED(ENGINE_new);
LCRYPTO_USED(ENGINE_free);
LCRYPTO_USED(ENGINE_init);
LCRYPTO_USED(ENGINE_finish);
LCRYPTO_USED(ENGINE_by_id);
LCRYPTO_USED(ENGINE_get_id);
LCRYPTO_USED(ENGINE_get_name);
LCRYPTO_USED(ENGINE_set_default);
LCRYPTO_USED(ENGINE_get_default_RSA);
LCRYPTO_USED(ENGINE_set_default_RSA);
LCRYPTO_USED(ENGINE_ctrl_cmd);
LCRYPTO_USED(ENGINE_ctrl_cmd_string);
LCRYPTO_USED(ENGINE_load_private_key);
LCRYPTO_USED(ENGINE_load_public_key);
#endif /* _LIBCRYPTO_ENGINE_H */

184
lib/libcrypto/md4/md4.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: md4.c,v 1.15 2024/03/26 12:23:02 jsing Exp $ */
/* $OpenBSD: md4.c,v 1.16 2024/03/27 06:15:18 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -57,6 +57,7 @@
*/
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
@ -69,61 +70,46 @@
/* Ensure that MD4_LONG and uint32_t are equivalent size. */
CTASSERT(sizeof(MD4_LONG) == sizeof(uint32_t));
__BEGIN_HIDDEN_DECLS
static inline uint32_t
md4_f(uint32_t x, uint32_t y, uint32_t z)
{
return (x & y) | (~x & z);
}
void md4_block_data_order (MD4_CTX *c, const void *p, size_t num);
static inline uint32_t
md4_g(uint32_t x, uint32_t y, uint32_t z)
{
return (x & y) | (x & z) | (y & z);
}
__END_HIDDEN_DECLS
static inline uint32_t
md4_h(uint32_t x, uint32_t y, uint32_t z)
{
return x ^ y ^ z;
}
#define DATA_ORDER_IS_LITTLE_ENDIAN
static inline void
md4_round1(uint32_t *a, uint32_t b, uint32_t c, uint32_t d, uint32_t x,
uint32_t s)
{
*a = crypto_rol_u32(*a + md4_f(b, c, d) + x, s);
}
#define HASH_LONG MD4_LONG
#define HASH_CTX MD4_CTX
#define HASH_CBLOCK MD4_CBLOCK
#define HASH_UPDATE MD4_Update
#define HASH_TRANSFORM MD4_Transform
#define HASH_FINAL MD4_Final
#define HASH_BLOCK_DATA_ORDER md4_block_data_order
static inline void
md4_round2(uint32_t *a, uint32_t b, uint32_t c, uint32_t d, uint32_t x,
uint32_t s)
{
*a = crypto_rol_u32(*a + md4_g(b, c, d) + x + 0x5a827999UL, s);
}
#define HASH_NO_UPDATE
#define HASH_NO_TRANSFORM
#define HASH_NO_FINAL
static inline void
md4_round3(uint32_t *a, uint32_t b, uint32_t c, uint32_t d, uint32_t x,
uint32_t s)
{
*a = crypto_rol_u32(*a + md4_h(b, c, d) + x + 0x6ed9eba1UL, s);
}
#include "md32_common.h"
/*
#define F(x,y,z) (((x) & (y)) | ((~(x)) & (z)))
#define G(x,y,z) (((x) & (y)) | ((x) & ((z))) | ((y) & ((z))))
*/
/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
* simplified to the code below. Wei attributes these optimizations
* to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
*/
#define F(b,c,d) ((((c) ^ (d)) & (b)) ^ (d))
#define G(b,c,d) (((b) & (c)) | ((b) & (d)) | ((c) & (d)))
#define H(b,c,d) ((b) ^ (c) ^ (d))
#define R0(a,b,c,d,k,s,t) { \
a+=((k)+(t)+F((b),(c),(d))); \
a=ROTATE(a,s); };
#define R1(a,b,c,d,k,s,t) { \
a+=((k)+(t)+G((b),(c),(d))); \
a=ROTATE(a,s); };\
#define R2(a,b,c,d,k,s,t) { \
a+=((k)+(t)+H((b),(c),(d))); \
a=ROTATE(a,s); };
/* Implemented from RFC1186 The MD4 Message-Digest Algorithm
*/
#ifndef md4_block_data_order
#ifdef X
#undef X
#endif
void
static void
md4_block_data_order(MD4_CTX *c, const void *_in, size_t num)
{
const uint8_t *in = _in;
@ -178,59 +164,58 @@ md4_block_data_order(MD4_CTX *c, const void *_in, size_t num)
}
in += MD4_CBLOCK;
/* Round 0 */
R0(A, B, C, D, X0, 3, 0);
R0(D, A, B, C, X1, 7, 0);
R0(C, D, A, B, X2, 11, 0);
R0(B, C, D, A, X3, 19, 0);
R0(A, B, C, D, X4, 3, 0);
R0(D, A, B, C, X5, 7, 0);
R0(C, D, A, B, X6, 11, 0);
R0(B, C, D, A, X7, 19, 0);
R0(A, B, C, D, X8, 3, 0);
R0(D, A,B, C,X9, 7, 0);
R0(C, D,A, B,X10, 11, 0);
R0(B, C,D, A,X11, 19, 0);
R0(A, B,C, D,X12, 3, 0);
R0(D, A,B, C,X13, 7, 0);
R0(C, D,A, B,X14, 11, 0);
R0(B, C,D, A,X15, 19, 0);
md4_round1(&A, B, C, D, X0, 3);
md4_round1(&D, A, B, C, X1, 7);
md4_round1(&C, D, A, B, X2, 11);
md4_round1(&B, C, D, A, X3, 19);
md4_round1(&A, B, C, D, X4, 3);
md4_round1(&D, A, B, C, X5, 7);
md4_round1(&C, D, A, B, X6, 11);
md4_round1(&B, C, D, A, X7, 19);
md4_round1(&A, B, C, D, X8, 3);
md4_round1(&D, A, B, C, X9, 7);
md4_round1(&C, D, A, B, X10, 11);
md4_round1(&B, C, D, A, X11, 19);
md4_round1(&A, B, C, D, X12, 3);
md4_round1(&D, A, B, C, X13, 7);
md4_round1(&C, D, A, B, X14, 11);
md4_round1(&B, C, D, A, X15, 19);
/* Round 1 */
R1(A, B, C, D, X0, 3, 0x5A827999L);
R1(D, A, B, C, X4, 5, 0x5A827999L);
R1(C, D, A, B, X8, 9, 0x5A827999L);
R1(B, C, D, A, X12, 13, 0x5A827999L);
R1(A, B, C, D, X1, 3, 0x5A827999L);
R1(D, A, B, C, X5, 5, 0x5A827999L);
R1(C, D, A, B, X9, 9, 0x5A827999L);
R1(B, C, D, A, X13, 13, 0x5A827999L);
R1(A, B, C, D, X2, 3, 0x5A827999L);
R1(D, A, B, C, X6, 5, 0x5A827999L);
R1(C, D, A, B, X10, 9, 0x5A827999L);
R1(B, C, D, A, X14, 13, 0x5A827999L);
R1(A, B, C, D, X3, 3, 0x5A827999L);
R1(D, A, B, C, X7, 5, 0x5A827999L);
R1(C, D, A, B, X11, 9, 0x5A827999L);
R1(B, C, D, A, X15, 13, 0x5A827999L);
md4_round2(&A, B, C, D, X0, 3);
md4_round2(&D, A, B, C, X4, 5);
md4_round2(&C, D, A, B, X8, 9);
md4_round2(&B, C, D, A, X12, 13);
md4_round2(&A, B, C, D, X1, 3);
md4_round2(&D, A, B, C, X5, 5);
md4_round2(&C, D, A, B, X9, 9);
md4_round2(&B, C, D, A, X13, 13);
md4_round2(&A, B, C, D, X2, 3);
md4_round2(&D, A, B, C, X6, 5);
md4_round2(&C, D, A, B, X10, 9);
md4_round2(&B, C, D, A, X14, 13);
md4_round2(&A, B, C, D, X3, 3);
md4_round2(&D, A, B, C, X7, 5);
md4_round2(&C, D, A, B, X11, 9);
md4_round2(&B, C, D, A, X15, 13);
/* Round 2 */
R2(A, B, C, D, X0, 3, 0x6ED9EBA1L);
R2(D, A, B, C, X8, 9, 0x6ED9EBA1L);
R2(C, D, A, B, X4, 11, 0x6ED9EBA1L);
R2(B, C, D, A, X12, 15, 0x6ED9EBA1L);
R2(A, B, C, D, X2, 3, 0x6ED9EBA1L);
R2(D, A, B, C, X10, 9, 0x6ED9EBA1L);
R2(C, D, A, B, X6, 11, 0x6ED9EBA1L);
R2(B, C, D, A, X14, 15, 0x6ED9EBA1L);
R2(A, B, C, D, X1, 3, 0x6ED9EBA1L);
R2(D, A, B, C, X9, 9, 0x6ED9EBA1L);
R2(C, D, A, B, X5, 11, 0x6ED9EBA1L);
R2(B, C, D, A, X13, 15, 0x6ED9EBA1L);
R2(A, B, C, D, X3, 3, 0x6ED9EBA1L);
R2(D, A, B, C, X11, 9, 0x6ED9EBA1L);
R2(C, D, A, B, X7, 11, 0x6ED9EBA1L);
R2(B, C, D, A, X15, 15, 0x6ED9EBA1L);
md4_round3(&A, B, C, D, X0, 3);
md4_round3(&D, A, B, C, X8, 9);
md4_round3(&C, D, A, B, X4, 11);
md4_round3(&B, C, D, A, X12, 15);
md4_round3(&A, B, C, D, X2, 3);
md4_round3(&D, A, B, C, X10, 9);
md4_round3(&C, D, A, B, X6, 11);
md4_round3(&B, C, D, A, X14, 15);
md4_round3(&A, B, C, D, X1, 3);
md4_round3(&D, A, B, C, X9, 9);
md4_round3(&C, D, A, B, X5, 11);
md4_round3(&B, C, D, A, X13, 15);
md4_round3(&A, B, C, D, X3, 3);
md4_round3(&D, A, B, C, X11, 9);
md4_round3(&C, D, A, B, X7, 11);
md4_round3(&B, C, D, A, X15, 15);
A = c->A += A;
B = c->B += B;
@ -238,7 +223,6 @@ md4_block_data_order(MD4_CTX *c, const void *_in, size_t num)
D = c->D += D;
}
}
#endif
int
MD4_Init(MD4_CTX *c)

13
lib/libcrypto/rc4/asm/rc4-586.pl
View file

@ -152,8 +152,9 @@ if ($alt=0) {
&external_label("OPENSSL_ia32cap_P");
# void RC4(RC4_KEY *key,size_t len,const unsigned char *inp,unsigned char *out);
&function_begin("RC4");
# void rc4_internal(RC4_KEY *key, size_t len, const unsigned char *inp,
# unsigned char *out);
&function_begin("rc4_internal");
&mov ($dat,&wparam(0)); # load key schedule pointer
&mov ($ty, &wparam(1)); # load len
&mov ($inp,&wparam(2)); # load inp
@ -291,7 +292,7 @@ if ($alt=0) {
&mov (&DWP(-4,$dat),$yy); # save key->y
&mov (&BP(-8,$dat),&LB($xx)); # save key->x
&set_label("abort");
&function_end("RC4");
&function_end("rc4_internal");
########################################################################
@ -301,8 +302,8 @@ $idi="ebp";
$ido="ecx";
$idx="edx";
# void RC4_set_key(RC4_KEY *key,int len,const unsigned char *data);
&function_begin("RC4_set_key");
# void rc4_set_key_internal(RC4_KEY *key,int len,const unsigned char *data);
&function_begin("rc4_set_key_internal");
&mov ($out,&wparam(0)); # load key
&mov ($idi,&wparam(1)); # load len
&mov ($inp,&wparam(2)); # load data
@ -382,6 +383,6 @@ $idx="edx";
&xor ("eax","eax");
&mov (&DWP(-8,$out),"eax"); # key->x=0;
&mov (&DWP(-4,$out),"eax"); # key->y=0;
&function_end("RC4_set_key");
&function_end("rc4_set_key_internal");
&asm_finish();

16
lib/libcrypto/rc4/asm/rc4-x86_64.pl
View file

@ -124,10 +124,10 @@ $code=<<___;
.extern OPENSSL_ia32cap_P
.hidden OPENSSL_ia32cap_P
.globl RC4
.type RC4,\@function,4
.globl rc4_internal
.type rc4_internal,\@function,4
.align 16
RC4:
rc4_internal:
_CET_ENDBR
or $len,$len
jne .Lentry
@ -423,7 +423,7 @@ $code.=<<___;
add \$24,%rsp
.Lepilogue:
ret
.size RC4,.-RC4
.size rc4_internal,.-rc4_internal
___
}
@ -431,10 +431,10 @@ $idx="%r8";
$ido="%r9";
$code.=<<___;
.globl RC4_set_key
.type RC4_set_key,\@function,3
.globl rc4_set_key_internal
.type rc4_set_key_internal,\@function,3
.align 16
RC4_set_key:
rc4_set_key_internal:
_CET_ENDBR
lea 8($dat),$dat
lea ($inp,$len),$inp
@ -502,7 +502,7 @@ RC4_set_key:
mov %eax,-8($dat)
mov %eax,-4($dat)
ret
.size RC4_set_key,.-RC4_set_key
.size rc4_set_key_internal,.-rc4_set_key_internal
___
sub reg_part {

61
lib/libcrypto/rc4/rc4_enc.c → lib/libcrypto/rc4/rc4.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: rc4_enc.c,v 1.18 2022/11/26 16:08:54 tb Exp $ */
/* $OpenBSD: rc4.c,v 1.9 2024/03/28 01:49:29 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -59,7 +59,6 @@
#include <endian.h>
#include <openssl/rc4.h>
#include "rc4_local.h"
/* RC4 as implemented from a posting from
* Newsgroups: sci.crypt
@ -69,8 +68,13 @@
* Date: Wed, 14 Sep 1994 06:35:31 GMT
*/
void
RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
#ifdef HAVE_RC4_INTERNAL
void rc4_internal(RC4_KEY *key, size_t len, const unsigned char *indata,
unsigned char *outdata);
#else
static void
rc4_internal(RC4_KEY *key, size_t len, const unsigned char *indata,
unsigned char *outdata)
{
RC4_INT *d;
@ -252,3 +256,52 @@ RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
key->x = x;
key->y = y;
}
#endif
#ifdef HAVE_RC4_SET_KEY_INTERNAL
void rc4_set_key_internal(RC4_KEY *key, int len, const unsigned char *data);
#else
static void
rc4_set_key_internal(RC4_KEY *key, int len, const unsigned char *data)
{
RC4_INT tmp;
int id1, id2;
RC4_INT *d;
unsigned int i;
d = &(key->data[0]);
key->x = 0;
key->y = 0;
id1 = id2 = 0;
#define SK_LOOP(d,n) { \
tmp=d[(n)]; \
id2 = (data[id1] + tmp + id2) & 0xff; \
if (++id1 == len) id1=0; \
d[(n)]=d[id2]; \
d[id2]=tmp; }
for (i = 0; i < 256; i++)
d[i] = i;
for (i = 0; i < 256; i += 4) {
SK_LOOP(d, i + 0);
SK_LOOP(d, i + 1);
SK_LOOP(d, i + 2);
SK_LOOP(d, i + 3);
}
}
#endif
void
RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
unsigned char *outdata)
{
rc4_internal(key, len, indata, outdata);
}
void
RC4_set_key(RC4_KEY *key, int len, const unsigned char *data)
{
rc4_set_key_internal(key, len, data);
}

3
lib/libcrypto/rc4/rc4.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: rc4.h,v 1.14 2023/07/28 10:35:14 tb Exp $ */
/* $OpenBSD: rc4.h,v 1.15 2024/03/27 12:13:08 jsing Exp $ */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -77,7 +77,6 @@ typedef struct rc4_key_st {
} RC4_KEY;
void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
void RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
unsigned char *outdata);

5
lib/libcrypto/rc4/rc4_local.h
View file

@ -1,5 +0,0 @@
/* $OpenBSD: rc4_local.h,v 1.1 2022/11/26 16:08:54 tb Exp $ */
#ifndef HEADER_RC4_LOCL_H
#define HEADER_RC4_LOCL_H
#endif

99
lib/libcrypto/rc4/rc4_skey.c
View file

@ -1,99 +0,0 @@
/* $OpenBSD: rc4_skey.c,v 1.16 2023/07/28 10:35:14 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <openssl/rc4.h>
#include "rc4_local.h"
/* RC4 as implemented from a posting from
* Newsgroups: sci.crypt
* From: sterndark@netcom.com (David Sterndark)
* Subject: RC4 Algorithm revealed.
* Message-ID: <sternCvKL4B.Hyy@netcom.com>
* Date: Wed, 14 Sep 1994 06:35:31 GMT
*/
void
RC4_set_key(RC4_KEY *key, int len, const unsigned char *data)
{
RC4_INT tmp;
int id1, id2;
RC4_INT *d;
unsigned int i;
d = &(key->data[0]);
key->x = 0;
key->y = 0;
id1 = id2 = 0;
#define SK_LOOP(d,n) { \
tmp=d[(n)]; \
id2 = (data[id1] + tmp + id2) & 0xff; \
if (++id1 == len) id1=0; \
d[(n)]=d[id2]; \
d[id2]=tmp; }
for (i = 0; i < 256; i++)
d[i] = i;
for (i = 0; i < 256; i += 4) {
SK_LOOP(d, i + 0);
SK_LOOP(d, i + 1);
SK_LOOP(d, i + 2);
SK_LOOP(d, i + 3);
}
}

8
lib/libssl/ssl_lib.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ssl_lib.c,v 1.321 2024/03/02 11:48:55 tb Exp $ */
/* $OpenBSD: ssl_lib.c,v 1.322 2024/03/27 06:47:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -605,8 +605,7 @@ LSSL_ALIAS(SSL_free);
int
SSL_up_ref(SSL *s)
{
int refs = CRYPTO_add(&s->references, 1, CRYPTO_LOCK_SSL);
return (refs > 1) ? 1 : 0;
return CRYPTO_add(&s->references, 1, CRYPTO_LOCK_SSL) > 1;
}
LSSL_ALIAS(SSL_up_ref);
@ -2217,8 +2216,7 @@ LSSL_ALIAS(SSL_CTX_free);
int
SSL_CTX_up_ref(SSL_CTX *ctx)
{
int refs = CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
return ((refs > 1) ? 1 : 0);
return CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX) > 1;
}
LSSL_ALIAS(SSL_CTX_up_ref);

5
lib/libssl/ssl_sess.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ssl_sess.c,v 1.124 2024/01/24 14:05:10 jsing Exp $ */
/* $OpenBSD: ssl_sess.c,v 1.125 2024/03/27 06:47:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -897,8 +897,7 @@ LSSL_ALIAS(SSL_SESSION_free);
int
SSL_SESSION_up_ref(SSL_SESSION *ss)
{
int refs = CRYPTO_add(&ss->references, 1, CRYPTO_LOCK_SSL_SESSION);
return (refs > 1) ? 1 : 0;
return CRYPTO_add(&ss->references, 1, CRYPTO_LOCK_SSL_SESSION) > 1;
}
LSSL_ALIAS(SSL_SESSION_up_ref);

158
lib/libssl/ssl_tlsext.c
View file

@ -1,8 +1,8 @@
/* $OpenBSD: ssl_tlsext.c,v 1.143 2024/03/26 03:44:11 beck Exp $ */
/* $OpenBSD: ssl_tlsext.c,v 1.146 2024/03/28 00:22:35 beck Exp $ */
/*
* Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org>
* Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
* Copyright (c) 2018-2019 Bob Beck <beck@openbsd.org>
* Copyright (c) 2018-2019, 2024 Bob Beck <beck@openbsd.org>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@ -33,6 +33,7 @@
#include "ssl_tlsext.h"
#define TLSEXT_TYPE_alpn TLSEXT_TYPE_application_layer_protocol_negotiation
#define TLSEXT_MAX_SUPPORTED_GROUPS 64
/*
* Supported Application-Layer Protocol Negotiation - RFC 7301
@ -230,21 +231,25 @@ static int
tlsext_supportedgroups_server_process(SSL *s, uint16_t msg_type, CBS *cbs,
int *alert)
{
CBS grouplist;
uint16_t *groups;
uint16_t *groups = NULL;
size_t groups_len;
int i;
CBS grouplist;
int i, j;
int ret = 0;
if (!CBS_get_u16_length_prefixed(cbs, &grouplist))
return 0;
goto err;
groups_len = CBS_len(&grouplist);
if (groups_len == 0 || groups_len % 2 != 0)
return 0;
goto err;
groups_len /= 2;
if (groups_len > TLSEXT_MAX_SUPPORTED_GROUPS)
goto err;
if (s->hit)
return 1;
goto done;
if (s->s3->hs.tls13.hrr) {
if (s->session->tlsext_supportedgroups == NULL) {
@ -257,33 +262,49 @@ tlsext_supportedgroups_server_process(SSL *s, uint16_t msg_type, CBS *cbs,
* did not change its list of supported groups.
*/
return 1;
goto done;
}
if (s->session->tlsext_supportedgroups != NULL)
return 0; /* XXX internal error? */
goto err; /* XXX internal error? */
if ((groups = reallocarray(NULL, groups_len, sizeof(uint16_t))) == NULL) {
*alert = SSL_AD_INTERNAL_ERROR;
return 0;
goto err;
}
for (i = 0; i < groups_len; i++) {
if (!CBS_get_u16(&grouplist, &groups[i])) {
free(groups);
return 0;
if (!CBS_get_u16(&grouplist, &groups[i]))
goto err;
/*
* Do not allow duplicate groups to be sent. This is not
* currently specified in RFC 8446 or earlier, but there is no
* legitimate justification for this to occur in TLS 1.2 or TLS
* 1.3.
*/
for (j = 0; j < i; j++) {
if (groups[i] == groups[j]) {
*alert = SSL_AD_ILLEGAL_PARAMETER;
goto err;
}
}
}
if (CBS_len(&grouplist) != 0) {
free(groups);
return 0;
}
if (CBS_len(&grouplist) != 0)
goto err;
s->session->tlsext_supportedgroups = groups;
s->session->tlsext_supportedgroups_length = groups_len;
groups = NULL;
return 1;
done:
ret = 1;
err:
free(groups);
return ret;
}
/* This extension is never used by the server. */
@ -303,22 +324,8 @@ static int
tlsext_supportedgroups_client_process(SSL *s, uint16_t msg_type, CBS *cbs,
int *alert)
{
/*
* Servers should not send this extension per the RFC.
*
* However, certain F5 BIG-IP systems incorrectly send it. This bug is
* from at least 2014 but as of 2017, there are still large sites with
* this unpatched in production. As a result, we need to currently skip
* over the extension and ignore its content:
*
* https://support.f5.com/csp/article/K37345003
*/
if (!CBS_skip(cbs, CBS_len(cbs))) {
*alert = SSL_AD_INTERNAL_ERROR;
return 0;
}
return 1;
/* Servers should not send this extension per the RFC. */
return 0;
}
/*
@ -1443,14 +1450,65 @@ tlsext_keyshare_client_build(SSL *s, uint16_t msg_type, CBB *cbb)
static int
tlsext_keyshare_server_process(SSL *s, uint16_t msg_type, CBS *cbs, int *alert)
{
CBS client_shares, key_exchange;
const uint16_t *client_groups = NULL, *server_groups = NULL;
size_t client_groups_len = 0, server_groups_len = 0;
size_t i, j, client_groups_index;
int preferred_group_found = 0;
int decode_error;
uint16_t group;
uint16_t group, client_preferred_group;
CBS client_shares, key_exchange;
/*
* RFC 8446 section 4.2.8:
*
* Each KeyShareEntry value MUST correspond to a group offered in the
* "supported_groups" extension and MUST appear in the same order.
* However, the values MAY be a non-contiguous subset of the
* "supported_groups".
*/
if (!tlsext_extension_seen(s, TLSEXT_TYPE_supported_groups)) {
*alert = SSL_AD_ILLEGAL_PARAMETER;
return 0;
}
if (!tlsext_extension_processed(s, TLSEXT_TYPE_supported_groups)) {
*alert = SSL_AD_INTERNAL_ERROR;
return 0;
}
/*
* XXX similar to tls1_get_supported_group, but client pref
* only - consider deduping later.
*/
/*
* We are now assured of at least one client group.
* Get the client and server group preference orders.
*/
tls1_get_group_list(s, 0, &server_groups, &server_groups_len);
tls1_get_group_list(s, 1, &client_groups, &client_groups_len);
/*
* Find the group that is most preferred by the client that
* we also support.
*/
for (i = 0; i < client_groups_len && !preferred_group_found; i++) {
if (!ssl_security_supported_group(s, client_groups[i]))
continue;
for (j = 0; j < server_groups_len; j++) {
if (server_groups[j] == client_groups[i]) {
client_preferred_group = client_groups[i];
preferred_group_found = 1;
break;
}
}
}
if (!CBS_get_u16_length_prefixed(cbs, &client_shares))
return 0;
client_groups_index = 0;
while (CBS_len(&client_shares) > 0) {
int client_sent_group;
/* Unpack client share. */
if (!CBS_get_u16(&client_shares, &group))
@ -1459,9 +1517,21 @@ tlsext_keyshare_server_process(SSL *s, uint16_t msg_type, CBS *cbs, int *alert)
return 0;
/*
* XXX - check key exchange against supported groups from client.
* XXX - check that groups only appear once.
* Ensure the client share group was sent in supported groups,
* and was sent in the same order as supported groups. The
* supported groups has already been checked for duplicates.
*/
client_sent_group = 0;
while (client_groups_index < client_groups_len) {
if (group == client_groups[client_groups_index++]) {
client_sent_group = 1;
break;
}
}
if (!client_sent_group) {
*alert = SSL_AD_ILLEGAL_PARAMETER;
return 0;
}
/*
* Ignore this client share if we're using earlier than TLSv1.3
@ -1472,8 +1542,14 @@ tlsext_keyshare_server_process(SSL *s, uint16_t msg_type, CBS *cbs, int *alert)
if (s->s3->hs.key_share != NULL)
continue;
/* XXX - consider implementing server preference. */
if (!tls1_check_group(s, group))
/*
* Ignore this client share if it is not for the most client
* preferred supported group. This avoids a potential downgrade
* situation where the client sends a client share for something
* less preferred, and we choose to to use it instead of
* requesting the more preferred group.
*/
if (!preferred_group_found || group != client_preferred_group)
continue;
/* Decode and store the selected key share. */

18
lib/libtls/tls.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: tls.c,v 1.102 2024/03/26 08:54:48 joshua Exp $ */
/* $OpenBSD: tls.c,v 1.103 2024/03/27 07:35:30 joshua Exp $ */
/*
* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
*
@ -359,9 +359,9 @@ tls_keypair_to_pkey(struct tls *ctx, struct tls_keypair *keypair, EVP_PKEY **pke
return (0);
if (len > INT_MAX) {
tls_set_errorx(ctx, TLS_ERROR_UNKNOWN,
tls_set_errorx(ctx, TLS_ERROR_INVALID_ARGUMENT,
ctx->config->use_fake_private_key ?
"cert too long" : "key too long");
"certificate too long" : "key too long");
goto err;
}
@ -491,7 +491,7 @@ tls_configure_ssl_keypair(struct tls *ctx, SSL_CTX *ssl_ctx,
if (keypair->cert_mem != NULL) {
if (keypair->cert_len > INT_MAX) {
tls_set_errorx(ctx, TLS_ERROR_UNKNOWN,
tls_set_errorx(ctx, TLS_ERROR_INVALID_ARGUMENT,
"certificate too long");
goto err;
}
@ -647,7 +647,8 @@ tls_configure_ssl_verify(struct tls *ctx, SSL_CTX *ssl_ctx, int verify)
if (ca_mem != NULL) {
if (ca_len > INT_MAX) {
tls_set_errorx(ctx, TLS_ERROR_UNKNOWN, "ca too long");
tls_set_errorx(ctx, TLS_ERROR_INVALID_ARGUMENT,
"ca too long");
goto err;
}
if (SSL_CTX_load_verify_mem(ssl_ctx, ca_mem, ca_len) != 1) {
@ -664,7 +665,8 @@ tls_configure_ssl_verify(struct tls *ctx, SSL_CTX *ssl_ctx, int verify)
if (crl_mem != NULL) {
if (crl_len > INT_MAX) {
tls_set_errorx(ctx, TLS_ERROR_UNKNOWN, "crl too long");
tls_set_errorx(ctx, TLS_ERROR_INVALID_ARGUMENT,
"crl too long");
goto err;
}
if ((bio = BIO_new_mem_buf(crl_mem, crl_len)) == NULL) {
@ -865,7 +867,7 @@ tls_read(struct tls *ctx, void *buf, size_t buflen)
}
if (buflen > INT_MAX) {
tls_set_errorx(ctx, TLS_ERROR_UNKNOWN,
tls_set_errorx(ctx, TLS_ERROR_INVALID_ARGUMENT,
"buflen too long");
goto out;
}
@ -897,7 +899,7 @@ tls_write(struct tls *ctx, const void *buf, size_t buflen)
}
if (buflen > INT_MAX) {
tls_set_errorx(ctx, TLS_ERROR_UNKNOWN,
tls_set_errorx(ctx, TLS_ERROR_INVALID_ARGUMENT,
"buflen too long");
goto out;
}

3
lib/libtls/tls.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: tls.h,v 1.65 2024/03/26 08:54:48 joshua Exp $ */
/* $OpenBSD: tls.h,v 1.66 2024/03/27 07:35:30 joshua Exp $ */
/*
* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
*
@ -81,6 +81,7 @@ extern "C" {
#define TLS_ERROR_UNKNOWN 0x0000
#define TLS_ERROR_OUT_OF_MEMORY 0x1000
#define TLS_ERROR_INVALID_CONTEXT 0x2000
#define TLS_ERROR_INVALID_ARGUMENT 0x2001
#endif
struct tls;

6
lib/libtls/tls_config.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: tls_config.c,v 1.68 2024/03/26 06:24:52 joshua Exp $ */
/* $OpenBSD: tls_config.c,v 1.69 2024/03/27 07:35:30 joshua Exp $ */
/*
* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
*
@ -321,12 +321,12 @@ tls_config_parse_alpn(struct tls_config *config, const char *alpn,
q = s;
while ((p = strsep(&q, ",")) != NULL) {
if ((len = strlen(p)) == 0) {
tls_config_set_errorx(config, TLS_ERROR_UNKNOWN,
tls_config_set_errorx(config, TLS_ERROR_INVALID_ARGUMENT,
"alpn protocol with zero length");
goto err;
}
if (len > 255) {
tls_config_set_errorx(config, TLS_ERROR_UNKNOWN,
tls_config_set_errorx(config, TLS_ERROR_INVALID_ARGUMENT,
"alpn protocol too long");
goto err;
}

13
lib/libtls/tls_signer.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: tls_signer.c,v 1.10 2024/03/26 06:24:52 joshua Exp $ */
/* $OpenBSD: tls_signer.c,v 1.11 2024/03/28 02:08:24 joshua Exp $ */
/*
* Copyright (c) 2021 Eric Faurot <eric@openbsd.org>
*
@ -128,8 +128,8 @@ tls_signer_add_keypair_mem(struct tls_signer *signer, const uint8_t *cert,
}
if ((skey = calloc(1, sizeof(*skey))) == NULL) {
tls_error_set(&signer->error, TLS_ERROR_UNKNOWN,
"failed to create key entry");
tls_error_set(&signer->error, TLS_ERROR_OUT_OF_MEMORY,
"out of memory");
goto err;
}
skey->hash = hash;
@ -214,7 +214,8 @@ tls_sign_rsa(struct tls_signer *signer, struct tls_signer_key *skey,
return (-1);
}
if ((signature = calloc(1, rsa_size)) == NULL) {
tls_error_set(&signer->error, TLS_ERROR_UNKNOWN, "RSA signature");
tls_error_set(&signer->error, TLS_ERROR_OUT_OF_MEMORY,
"out of memory");
return (-1);
}
@ -261,8 +262,8 @@ tls_sign_ecdsa(struct tls_signer *signer, struct tls_signer_key *skey,
return (-1);
}
if ((signature = calloc(1, signature_len)) == NULL) {
tls_error_set(&signer->error, TLS_ERROR_UNKNOWN,
"ECDSA signature");
tls_error_set(&signer->error, TLS_ERROR_OUT_OF_MEMORY,
"out of memory");
return (-1);
}

2
lib/libz/inflate.h
View file

@ -100,7 +100,7 @@ struct inflate_state {
unsigned char FAR *window; /* allocated sliding window, if needed */
/* bit accumulator */
unsigned long hold; /* input bit accumulator */
unsigned bits; /* number of bits in "in" */
unsigned bits; /* number of bits in hold */
/* for string and stored block copying */
unsigned length; /* literal or length of data to copy */
unsigned offset; /* distance back to copy string from */

2
lib/libz/zconf.h
View file

@ -509,6 +509,8 @@ typedef uLong FAR uLongf;
#if !defined(_WIN32) && defined(Z_LARGE64)
# define z_off64_t off64_t
#elif defined(__MINGW32__)
# define z_off64_t long long
#elif defined(_WIN32) && !defined(__GNUC__)
# define z_off64_t __int64
#elif defined(__GO32__)

106
regress/lib/libssl/tlsext/tlsexttest.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: tlsexttest.c,v 1.86 2024/03/26 02:43:56 beck Exp $ */
/* $OpenBSD: tlsexttest.c,v 1.89 2024/03/28 01:45:18 beck Exp $ */
/*
* Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
* Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@ -1109,7 +1109,6 @@ test_tlsext_ecpf_client(void)
goto err;
}
failure = 0;
err:
@ -3648,6 +3647,7 @@ test_tlsext_keyshare_client(void)
const struct tls_extension_funcs *server_funcs;
int failure;
size_t dlen;
size_t idx;
int alert;
CBB cbb;
CBS cbs;
@ -3701,18 +3701,112 @@ test_tlsext_keyshare_client(void)
goto done;
}
(ssl)->version = TLS1_3_VERSION;
CBS_init(&cbs, data, dlen);
ssl->version = TLS1_3_VERSION;
if (!server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
FAIL("failed to parse client keyshare\n");
/* Fake up the ssl enough so the key share can process */
tls_key_share_free(ssl->s3->hs.key_share);
ssl->session = SSL_SESSION_new();
if (ssl->session == NULL) {
FAIL("malloc");
goto done;
}
memset(ssl->s3, 0, sizeof(*ssl->s3));
ssl->session->tlsext_supportedgroups = calloc(4,
sizeof(unsigned short));
if (ssl->session->tlsext_supportedgroups == NULL) {
FAIL("malloc");
goto done;
}
ssl->session->tlsext_supportedgroups[0] = 29;
ssl->session->tlsext_supportedgroups[1] = 23;
ssl->session->tlsext_supportedgroups[2] = 24;
ssl->session->tlsext_supportedgroups[3] = 25;
ssl->session->tlsext_supportedgroups_length = 4;
tls_extension_find(TLSEXT_TYPE_supported_groups, &idx);
ssl->s3->hs.extensions_processed |= (1 << idx);
ssl->s3->hs.extensions_seen |= (1 << idx);
ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
/*
* We should select the key share for group 29, when group 29
* is the most preferred group
*/
CBS_init(&cbs, data, dlen);
if (!server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
FAIL("failed to process client keyshare\n");
goto done;
}
if (CBS_len(&cbs) != 0) {
FAIL("extension data remaining\n");
goto done;
}
if (ssl->s3->hs.key_share == NULL) {
FAIL("Did not select a key share");
goto done;
}
/*
* Pretend the client did not send the supported groups extension. We
* should fail to process.
*/
ssl->s3->hs.extensions_seen = 0;
tls_key_share_free(ssl->s3->hs.key_share);
ssl->s3->hs.key_share = NULL;
CBS_init(&cbs, data, dlen);
if (server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
FAIL("Processed key share when supported groups not provided");
goto done;
}
ssl->s3->hs.extensions_seen |= (1 << idx);
/*
* Pretend supported groups did not get processed. We should fail to
* process
*/
ssl->s3->hs.extensions_processed = 0;
ssl->s3->hs.key_share = NULL;
CBS_init(&cbs, data, dlen);
if (server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
FAIL("Processed key share when supported groups unprocesed");
goto done;
}
ssl->s3->hs.extensions_processed |= (1 << idx);
/*
* Remove group 29 by making it 0xbeef, meaning 29 has not been sent in
* supported groups. This should fail to process.
*/
ssl->session->tlsext_supportedgroups[0] = 0xbeef;
ssl->s3->hs.key_share = NULL;
CBS_init(&cbs, data, dlen);
if (server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
FAIL("Processed key share with invalid group!");
goto done;
}
/*
* Make 29 least preferred, while server supports both 29 and 25.
* Client key share is for 29 but it prefers 25. We should successfully
* process, but should not select this key share.
*/
ssl->session->tlsext_supportedgroups[0] = 25;
ssl->session->tlsext_supportedgroups[3] = 29;
ssl->s3->hs.key_share = NULL;
CBS_init(&cbs, data, dlen);
if (!server_funcs->process(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
FAIL("failed to process client keyshare\n");
goto done;
}
if (CBS_len(&cbs) != 0) {
FAIL("extension data remaining\n");
goto done;
}
if (ssl->s3->hs.key_share != NULL) {
FAIL("Selected a key share when I should not have!");
goto done;
}
ssl->session->tlsext_supportedgroups[0] = 29;
ssl->session->tlsext_supportedgroups[3] = 25;
failure = 0;

3
sys/arch/arm64/arm64/pmap.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: pmap.c,v 1.101 2024/01/26 19:23:03 kettenis Exp $ */
/* $OpenBSD: pmap.c,v 1.102 2024/03/27 15:40:50 kurt Exp $ */
/*
* Copyright (c) 2008-2009,2014-2016 Dale Rahn <drahn@dalerahn.com>
*
@ -1223,6 +1223,7 @@ pmap_bootstrap(long kvo, paddr_t lpt1, long kernelstart, long kernelend,
pmap_kernel()->pm_guarded = ATTR_GP;
pmap_kernel()->pm_asid = 0;
mtx_init(&pmap_tramp.pm_mtx, IPL_VM);
pmap_tramp.pm_vp.l1 = (struct pmapvp1 *)va + 1;
pmap_tramp.pm_privileged = 1;
pmap_tramp.pm_guarded = ATTR_GP;

28
sys/dev/fdt/bcm2711_pcie.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bcm2711_pcie.c,v 1.12 2024/02/03 10:37:26 kettenis Exp $ */
/* $OpenBSD: bcm2711_pcie.c,v 1.13 2024/03/27 15:15:00 patrick Exp $ */
/*
* Copyright (c) 2020 Mark Kettenis <kettenis@openbsd.org>
*
@ -24,6 +24,7 @@
#include <machine/intr.h>
#include <machine/bus.h>
#include <machine/fdt.h>
#include <machine/simplebusvar.h>
#include <dev/pci/pcidevs.h>
#include <dev/pci/pcireg.h>
@ -57,7 +58,7 @@ struct bcmpcie_range {
};
struct bcmpcie_softc {
struct device sc_dev;
struct simplebus_softc sc_sbus;
bus_space_tag_t sc_iot;
bus_space_handle_t sc_ioh;
bus_dma_tag_t sc_dmat;
@ -97,9 +98,11 @@ bcmpcie_match(struct device *parent, void *match, void *aux)
{
struct fdt_attach_args *faa = aux;
return OF_is_compatible(faa->fa_node, "brcm,bcm2711-pcie");
return OF_is_compatible(faa->fa_node, "brcm,bcm2711-pcie") ||
OF_is_compatible(faa->fa_node, "brcm,bcm2712-pcie");
}
int bcmpcie_submatch(struct device *, void *, void *);
void bcmpcie_attach_hook(struct device *, struct device *,
struct pcibus_attach_args *);
int bcmpcie_bus_maxdevs(void *, int);
@ -272,8 +275,6 @@ bcmpcie_attach(struct device *parent, struct device *self, void *aux)
}
}
printf("\n");
memcpy(&sc->sc_bus_iot, sc->sc_iot, sizeof(sc->sc_bus_iot));
sc->sc_bus_iot.bus_private = sc;
sc->sc_bus_iot._space_map = bcmpcie_bs_iomap;
@ -314,7 +315,22 @@ bcmpcie_attach(struct device *parent, struct device *self, void *aux)
pba.pba_domain = pci_ndomains++;
pba.pba_bus = 0;
config_found(self, &pba, NULL);
/* Attach device tree nodes enumerating PCIe bus */
simplebus_attach(parent, &sc->sc_sbus.sc_dev, faa);
config_found_sm(self, &pba, NULL, bcmpcie_submatch);
}
int
bcmpcie_submatch(struct device *self, void *match, void *aux)
{
struct cfdata *cf = match;
struct pcibus_attach_args *pba = aux;
if (strcmp(pba->pba_busname, cf->cf_driver->cd_name) != 0)
return 0;
return (*cf->cf_attach->ca_match)(self, match, aux);
}
void

4
sys/dev/fdt/files.fdt
View file

@ -1,4 +1,4 @@
# $OpenBSD: files.fdt,v 1.201 2024/03/02 19:52:41 kettenis Exp $
# $OpenBSD: files.fdt,v 1.202 2024/03/27 15:15:00 patrick Exp $
#
# Config file and device description for machine-independent FDT code.
# Included by ports that need it.
@ -132,7 +132,7 @@ device bcmmbox
attach bcmmbox at fdt
file dev/fdt/bcm2835_mbox.c bcmmbox
device bcmpcie: pcibus
device bcmpcie: pcibus, fdt
attach bcmpcie at fdt
file dev/fdt/bcm2711_pcie.c bcmpcie

30
sys/dev/ofw/fdt.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: fdt.c,v 1.34 2023/04/26 14:39:42 kettenis Exp $ */
/* $OpenBSD: fdt.c,v 1.35 2024/03/27 23:05:27 kettenis Exp $ */
/*
* Copyright (c) 2009 Dariusz Swiderski <sfires@sfires.net>
@ -501,6 +501,7 @@ fdt_find_node(char *name)
while (*p) {
void *child;
const char *q;
const char *s;
while (*p == '/')
p++;
@ -510,18 +511,33 @@ fdt_find_node(char *name)
if (q == NULL)
q = p + strlen(p);
/* Check for a complete match. */
for (child = fdt_child_node(node); child;
child = fdt_next_node(child)) {
if (strncmp(p, fdt_node_name(child), q - p) == 0) {
node = child;
s = fdt_node_name(child);
if (strncmp(p, s, q - p) == 0 && s[q - p] == '\0')
break;
}
}
if (child) {
node = child;
p = q;
continue;
}
if (child == NULL)
return NULL; /* No match found. */
/* Check for a match without the unit name. */
for (child = fdt_child_node(node); child;
child = fdt_next_node(child)) {
s = fdt_node_name(child);
if (strncmp(p, s, q - p) == 0 && s[q - p] == '@')
break;
}
if (child) {
node = child;
p = q;
continue;
}
p = q;
return NULL; /* No match found. */
}
return node;

2
sys/dev/pci/drm/amd/amdgpu/amdgpu_atom.c
View file

@ -317,7 +317,7 @@ static uint32_t atom_get_src_int(atom_exec_context *ctx, uint8_t attr,
DEBUG("IMM 0x%02X\n", val);
return val;
}
return 0;
break;
case ATOM_ARG_PLL:
idx = U8(*ptr);
(*ptr)++;

6
sys/dev/pci/drm/amd/amdgpu/amdgpu_discovery.c
View file

@ -1287,11 +1287,10 @@ static int amdgpu_discovery_reg_base_init(struct amdgpu_device *adev)
* 0b10 : encode is disabled
* 0b01 : decode is disabled
*/
adev->vcn.vcn_config[adev->vcn.num_vcn_inst] =
ip->revision & 0xc0;
ip->revision &= ~0xc0;
if (adev->vcn.num_vcn_inst <
AMDGPU_MAX_VCN_INSTANCES) {
adev->vcn.vcn_config[adev->vcn.num_vcn_inst] =
ip->revision & 0xc0;
adev->vcn.num_vcn_inst++;
adev->vcn.inst_mask |=
(1U << ip->instance_number);
@ -1302,6 +1301,7 @@ static int amdgpu_discovery_reg_base_init(struct amdgpu_device *adev)
adev->vcn.num_vcn_inst + 1,
AMDGPU_MAX_VCN_INSTANCES);
}
ip->revision &= ~0xc0;
}
if (le16_to_cpu(ip->hw_id) == SDMA0_HWID ||
le16_to_cpu(ip->hw_id) == SDMA1_HWID ||

45
sys/dev/pci/drm/amd/amdgpu/soc15.c
View file

@ -574,11 +574,34 @@ soc15_asic_reset_method(struct amdgpu_device *adev)
return AMD_RESET_METHOD_MODE1;
}
static bool soc15_need_reset_on_resume(struct amdgpu_device *adev)
{
u32 sol_reg;
sol_reg = RREG32_SOC15(MP0, 0, mmMP0_SMN_C2PMSG_81);
/* Will reset for the following suspend abort cases.
* 1) Only reset limit on APU side, dGPU hasn't checked yet.
* 2) S3 suspend abort and TOS already launched.
*/
if (adev->flags & AMD_IS_APU && adev->in_s3 &&
!adev->suspend_complete &&
sol_reg)
return true;
return false;
}
static int soc15_asic_reset(struct amdgpu_device *adev)
{
/* original raven doesn't have full asic reset */
if ((adev->apu_flags & AMD_APU_IS_RAVEN) ||
(adev->apu_flags & AMD_APU_IS_RAVEN2))
/* On the latest Raven, the GPU reset can be performed
* successfully. So now, temporarily enable it for the
* S3 suspend abort case.
*/
if (((adev->apu_flags & AMD_APU_IS_RAVEN) ||
(adev->apu_flags & AMD_APU_IS_RAVEN2)) &&
!soc15_need_reset_on_resume(adev))
return 0;
switch (soc15_asic_reset_method(adev)) {
@ -1296,24 +1319,6 @@ static int soc15_common_suspend(void *handle)
return soc15_common_hw_fini(adev);
}
static bool soc15_need_reset_on_resume(struct amdgpu_device *adev)
{
u32 sol_reg;
sol_reg = RREG32_SOC15(MP0, 0, mmMP0_SMN_C2PMSG_81);
/* Will reset for the following suspend abort cases.
* 1) Only reset limit on APU side, dGPU hasn't checked yet.
* 2) S3 suspend abort and TOS already launched.
*/
if (adev->flags & AMD_IS_APU && adev->in_s3 &&
!adev->suspend_complete &&
sol_reg)
return true;
return false;
}
static int soc15_common_resume(void *handle)
{
struct amdgpu_device *adev = (struct amdgpu_device *)handle;

16
sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm.c
View file

@ -1906,17 +1906,15 @@ static void amdgpu_dm_fini(struct amdgpu_device *adev)
adev->dm.hdcp_workqueue = NULL;
}
if (adev->dm.dc)
if (adev->dm.dc) {
dc_deinit_callbacks(adev->dm.dc);
if (adev->dm.dc)
dc_dmub_srv_destroy(&adev->dm.dc->ctx->dmub_srv);
if (dc_enable_dmub_notifications(adev->dm.dc)) {
kfree(adev->dm.dmub_notify);
adev->dm.dmub_notify = NULL;
destroy_workqueue(adev->dm.delayed_hpd_wq);
adev->dm.delayed_hpd_wq = NULL;
if (dc_enable_dmub_notifications(adev->dm.dc)) {
kfree(adev->dm.dmub_notify);
adev->dm.dmub_notify = NULL;
destroy_workqueue(adev->dm.delayed_hpd_wq);
adev->dm.delayed_hpd_wq = NULL;
}
}
if (adev->dm.dmub_bo)

2
sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c
View file

@ -1453,7 +1453,7 @@ static ssize_t dp_dsc_clock_en_read(struct file *f, char __user *buf,
const uint32_t rd_buf_size = 10;
struct pipe_ctx *pipe_ctx;
ssize_t result = 0;
int i, r, str_len = 30;
int i, r, str_len = 10;
rd_buf = kcalloc(rd_buf_size, sizeof(char), GFP_KERNEL);

7
sys/dev/pci/drm/amd/display/dc/dcn10/dcn10_hw_sequencer.c
View file

@ -1832,6 +1832,9 @@ bool dcn10_set_output_transfer_func(struct dc *dc, struct pipe_ctx *pipe_ctx,
{
struct dpp *dpp = pipe_ctx->plane_res.dpp;
if (!stream)
return false;
if (dpp == NULL)
return false;
@ -1854,8 +1857,8 @@ bool dcn10_set_output_transfer_func(struct dc *dc, struct pipe_ctx *pipe_ctx,
} else
dpp->funcs->dpp_program_regamma_pwl(dpp, NULL, OPP_REGAMMA_BYPASS);
if (stream != NULL && stream->ctx != NULL &&
stream->out_transfer_func != NULL) {
if (stream->ctx &&
stream->out_transfer_func) {
log_tf(stream->ctx,
stream->out_transfer_func,
dpp->regamma_params.hw_points_num);

3
sys/dev/pci/drm/amd/display/dc/link/protocols/link_edp_panel_control.c
View file

@ -882,7 +882,8 @@ bool edp_set_replay_allow_active(struct dc_link *link, const bool *allow_active,
/* Set power optimization flag */
if (power_opts && link->replay_settings.replay_power_opt_active != *power_opts) {
if (link->replay_settings.replay_feature_enabled && replay->funcs->replay_set_power_opt) {
if (replay != NULL && link->replay_settings.replay_feature_enabled &&
replay->funcs->replay_set_power_opt) {
replay->funcs->replay_set_power_opt(replay, *power_opts, panel_inst);
link->replay_settings.replay_power_opt_active = *power_opts;
}

4
sys/dev/pci/drm/amd/pm/swsmu/smu11/arcturus_ppt.c
View file

@ -2358,8 +2358,8 @@ static uint16_t arcturus_get_current_pcie_link_speed(struct smu_context *smu)
/* TODO: confirm this on real target */
esm_ctrl = RREG32_PCIE(smnPCIE_ESM_CTRL);
if ((esm_ctrl >> 15) & 0x1FFFF)
return (uint16_t)(((esm_ctrl >> 8) & 0x3F) + 128);
if ((esm_ctrl >> 15) & 0x1)
return (uint16_t)(((esm_ctrl >> 8) & 0x7F) + 128);
return smu_v11_0_get_current_pcie_link_speed(smu);
}

4
sys/dev/pci/drm/amd/pm/swsmu/smu13/aldebaran_ppt.c
View file

@ -1722,8 +1722,8 @@ static int aldebaran_get_current_pcie_link_speed(struct smu_context *smu)
/* TODO: confirm this on real target */
esm_ctrl = RREG32_PCIE(smnPCIE_ESM_CTRL);
if ((esm_ctrl >> 15) & 0x1FFFF)
return (((esm_ctrl >> 8) & 0x3F) + 128);
if ((esm_ctrl >> 15) & 0x1)
return (((esm_ctrl >> 8) & 0x7F) + 128);
return smu_v13_0_get_current_pcie_link_speed(smu);
}

4
sys/dev/pci/drm/amd/pm/swsmu/smu13/smu_v13_0_6_ppt.c
View file

@ -1943,8 +1943,8 @@ static int smu_v13_0_6_get_current_pcie_link_speed(struct smu_context *smu)
/* TODO: confirm this on real target */
esm_ctrl = RREG32_PCIE(smnPCIE_ESM_CTRL);
if ((esm_ctrl >> 15) & 0x1FFFF)
return (((esm_ctrl >> 8) & 0x3F) + 128);
if ((esm_ctrl >> 15) & 0x1)
return (((esm_ctrl >> 8) & 0x7F) + 128);
speed_level = (RREG32_PCIE(smnPCIE_LC_SPEED_CNTL) &
PCIE_LC_SPEED_CNTL__LC_CURRENT_DATA_RATE_MASK)

8
sys/dev/pci/drm/i915/gt/uc/intel_huc.c
View file

@ -136,7 +136,7 @@ static void huc_delayed_load_timer_callback(void *arg)
static void huc_delayed_load_start(struct intel_huc *huc)
{
int delay;
ktime_t delay;
GEM_BUG_ON(intel_huc_is_authenticated(huc, INTEL_HUC_AUTH_BY_GSC));
@ -146,10 +146,10 @@ static void huc_delayed_load_start(struct intel_huc *huc)
*/
switch (huc->delayed_load.status) {
case INTEL_HUC_WAITING_ON_GSC:
delay = GSC_INIT_TIMEOUT_MS;
delay = ms_to_ktime(GSC_INIT_TIMEOUT_MS);
break;
case INTEL_HUC_WAITING_ON_PXP:
delay = PXP_INIT_TIMEOUT_MS;
delay = ms_to_ktime(PXP_INIT_TIMEOUT_MS);
break;
default:
gsc_init_error(huc);
@ -171,7 +171,7 @@ static void huc_delayed_load_start(struct intel_huc *huc)
#ifdef __linux__
hrtimer_start(&huc->delayed_load.timer, delay, HRTIMER_MODE_REL);
#else
timeout_add_msec(&huc->delayed_load.timer, delay);
timeout_add_nsec(&huc->delayed_load.timer, ktime_to_ns(delay));
#endif
}

5
sys/dev/pci/drm/include/drm/drm_fixed.h
View file

@ -71,7 +71,6 @@ static inline u32 dfixed_div(fixed20_12 A, fixed20_12 B)
}
#define DRM_FIXED_POINT 32
#define DRM_FIXED_POINT_HALF 16
#define DRM_FIXED_ONE (1ULL << DRM_FIXED_POINT)
#define DRM_FIXED_DECIMAL_MASK (DRM_FIXED_ONE - 1)
#define DRM_FIXED_DIGITS_MASK (~DRM_FIXED_DECIMAL_MASK)
@ -90,12 +89,12 @@ static inline int drm_fixp2int(s64 a)
static inline int drm_fixp2int_round(s64 a)
{
return drm_fixp2int(a + (1 << (DRM_FIXED_POINT_HALF - 1)));
return drm_fixp2int(a + DRM_FIXED_ONE / 2);
}
static inline int drm_fixp2int_ceil(s64 a)
{
if (a > 0)
if (a >= 0)
return drm_fixp2int(a + DRM_FIXED_ALMOST_ONE);
else
return drm_fixp2int(a - DRM_FIXED_ALMOST_ONE);

8
sys/dev/pci/drm/include/linux/ktime.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ktime.h,v 1.7 2023/01/01 01:34:58 jsg Exp $ */
/* $OpenBSD: ktime.h,v 1.8 2024/03/28 02:36:38 jsg Exp $ */
/*
* Copyright (c) 2013, 2014, 2015 Mark Kettenis
*
@ -150,6 +150,12 @@ ns_to_ktime(uint64_t ns)
return ns;
}
static inline ktime_t
ms_to_ktime(uint64_t ms)
{
return ms * NSEC_PER_MSEC;
}
static inline int64_t
ktime_divns(ktime_t a, int64_t ns)
{

2
sys/dev/pci/drm/radeon/ni.c
View file

@ -813,7 +813,7 @@ int ni_init_microcode(struct radeon_device *rdev)
err = 0;
} else if (rdev->smc_fw->size != smc_req_size) {
pr_err("ni_mc: Bogus length %zu in firmware \"%s\"\n",
rdev->mc_fw->size, fw_name);
rdev->smc_fw->size, fw_name);
err = -EINVAL;
}
}

8
sys/kern/init_sysent.c
View file

@ -1,10 +1,10 @@
/* $OpenBSD: init_sysent.c,v 1.275 2024/03/25 17:43:10 mvs Exp $ */
/* $OpenBSD: init_sysent.c,v 1.276 2024/03/28 02:23:31 deraadt Exp $ */
/*
* System call switch table.
*
* DO NOT EDIT-- this file is automatically generated.
* created from; OpenBSD: syscalls.master,v 1.258 2024/03/25 17:42:34 mvs Exp
* created from; OpenBSD: syscalls.master,v 1.259 2024/03/28 02:19:57 deraadt Exp
*/
#include <sys/param.h>
@ -324,8 +324,8 @@ const struct sysent sysent[] = {
sys_nosys }, /* 144 = obsolete ogetrlimit */
{ 0, 0, 0,
sys_nosys }, /* 145 = obsolete osetrlimit */
{ 3, s(struct sys_pinsyscall_args), SY_NOLOCK | 0,
sys_pinsyscall }, /* 146 = pinsyscall */
{ 0, 0, 0,
sys_nosys }, /* 146 = obsolete pinsyscall */
{ 0, 0, 0,
sys_setsid }, /* 147 = setsid */
{ 4, s(struct sys_quotactl_args), 0,

3
sys/kern/kern_pledge.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: kern_pledge.c,v 1.311 2024/03/22 05:54:25 ratchov Exp $ */
/* $OpenBSD: kern_pledge.c,v 1.312 2024/03/28 02:19:57 deraadt Exp $ */
/*
* Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@ -112,7 +112,6 @@ const uint64_t pledge_syscalls[SYS_MAXSYSCALL] = {
[SYS_sendsyslog] = PLEDGE_ALWAYS, /* stack protector reporting */
[SYS_thrkill] = PLEDGE_ALWAYS, /* raise, abort, stack pro */
[SYS_utrace] = PLEDGE_ALWAYS, /* ltrace(1) from ld.so */
[SYS_pinsyscall] = PLEDGE_ALWAYS,
[SYS_pinsyscalls] = PLEDGE_ALWAYS,
/* "getting" information about self is considered safe */

6
sys/kern/syscalls.c
View file

@ -1,10 +1,10 @@
/* $OpenBSD: syscalls.c,v 1.273 2024/03/25 17:43:10 mvs Exp $ */
/* $OpenBSD: syscalls.c,v 1.274 2024/03/28 02:23:31 deraadt Exp $ */
/*
* System call names.
*
* DO NOT EDIT-- this file is automatically generated.
* created from; OpenBSD: syscalls.master,v 1.258 2024/03/25 17:42:34 mvs Exp
* created from; OpenBSD: syscalls.master,v 1.259 2024/03/28 02:19:57 deraadt Exp
*/
const char *const syscallnames[] = {
@ -166,7 +166,7 @@ const char *const syscallnames[] = {
"setthrname", /* 143 = setthrname */
"#144 (obsolete ogetrlimit)", /* 144 = obsolete ogetrlimit */
"#145 (obsolete osetrlimit)", /* 145 = obsolete osetrlimit */
"pinsyscall", /* 146 = pinsyscall */
"#146 (obsolete pinsyscall)", /* 146 = obsolete pinsyscall */
"setsid", /* 147 = setsid */
"quotactl", /* 148 = quotactl */
"#149 (obsolete oquota)", /* 149 = obsolete oquota */

4
sys/kern/syscalls.master
View file

@ -1,4 +1,4 @@
; $OpenBSD: syscalls.master,v 1.258 2024/03/25 17:42:34 mvs Exp $
; $OpenBSD: syscalls.master,v 1.259 2024/03/28 02:19:57 deraadt Exp $
; $NetBSD: syscalls.master,v 1.32 1996/04/23 10:24:21 mycroft Exp $
; @(#)syscalls.master 8.2 (Berkeley) 1/13/94
@ -282,7 +282,7 @@
143 STD { int sys_setthrname(pid_t tid, const char *name); }
144 OBSOL ogetrlimit
145 OBSOL osetrlimit
146 STD NOLOCK { int sys_pinsyscall(int syscall, void *addr, size_t len); }
146 OBSOL pinsyscall
147 STD { int sys_setsid(void); }
148 STD { int sys_quotactl(const char *path, int cmd, \
int uid, char *arg); }

25
sys/kern/uipc_socket.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: uipc_socket.c,v 1.322 2024/03/26 09:46:47 mvs Exp $ */
/* $OpenBSD: uipc_socket.c,v 1.323 2024/03/27 22:47:53 mvs Exp $ */
/* $NetBSD: uipc_socket.c,v 1.21 1996/02/04 02:17:52 christos Exp $ */
/*
@ -161,7 +161,7 @@ soalloc(const struct protosw *prp, int wait)
}
break;
case AF_UNIX:
so->so_rcv.sb_flags |= SB_MTXLOCK;
so->so_rcv.sb_flags |= SB_MTXLOCK | SB_OWNLOCK;
break;
}
@ -903,12 +903,23 @@ restart:
}
SBLASTRECORDCHK(&so->so_rcv, "soreceive sbwait 1");
SBLASTMBUFCHK(&so->so_rcv, "soreceive sbwait 1");
sb_mtx_unlock(&so->so_rcv);
sbunlock(so, &so->so_rcv);
error = sbwait(so, &so->so_rcv);
if (error) {
if (so->so_rcv.sb_flags & SB_OWNLOCK) {
sbunlock_locked(so, &so->so_rcv);
sounlock_shared(so);
return (error);
error = sbwait_locked(so, &so->so_rcv);
sb_mtx_unlock(&so->so_rcv);
if (error)
return (error);
solock_shared(so);
} else {
sb_mtx_unlock(&so->so_rcv);
sbunlock(so, &so->so_rcv);
error = sbwait(so, &so->so_rcv);
if (error) {
sounlock_shared(so);
return (error);
}
}
goto restart;
}

33
sys/kern/uipc_socket2.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: uipc_socket2.c,v 1.145 2024/03/26 09:46:47 mvs Exp $ */
/* $OpenBSD: uipc_socket2.c,v 1.146 2024/03/27 22:47:53 mvs Exp $ */
/* $NetBSD: uipc_socket2.c,v 1.11 1996/02/04 02:17:55 christos Exp $ */
/*
@ -522,6 +522,18 @@ sbmtxassertlocked(struct socket *so, struct sockbuf *sb)
/*
* Wait for data to arrive at/drain from a socket buffer.
*/
int
sbwait_locked(struct socket *so, struct sockbuf *sb)
{
int prio = (sb->sb_flags & SB_NOINTR) ? PSOCK : PSOCK | PCATCH;
MUTEX_ASSERT_LOCKED(&sb->sb_mtx);
sb->sb_flags |= SB_WAIT;
return msleep_nsec(&sb->sb_cc, &sb->sb_mtx, prio, "sbwait",
sb->sb_timeo_nsecs);
}
int
sbwait(struct socket *so, struct sockbuf *sb)
{
@ -573,20 +585,23 @@ out:
}
void
sbunlock(struct socket *so, struct sockbuf *sb)
sbunlock_locked(struct socket *so, struct sockbuf *sb)
{
int dowakeup = 0;
MUTEX_ASSERT_LOCKED(&sb->sb_mtx);
mtx_enter(&sb->sb_mtx);
sb->sb_flags &= ~SB_LOCK;
if (sb->sb_flags & SB_WANT) {
sb->sb_flags &= ~SB_WANT;
dowakeup = 1;
}
mtx_leave(&sb->sb_mtx);
if (dowakeup)
wakeup(&sb->sb_flags);
}
}
void
sbunlock(struct socket *so, struct sockbuf *sb)
{
mtx_enter(&sb->sb_mtx);
sbunlock_locked(so, sb);
mtx_leave(&sb->sb_mtx);
}
/*

2
sys/lib/libz/inflate.h
View file

@ -100,7 +100,7 @@ struct inflate_state {
unsigned char FAR *window; /* allocated sliding window, if needed */
/* bit accumulator */
unsigned long hold; /* input bit accumulator */
unsigned bits; /* number of bits in "in" */
unsigned bits; /* number of bits in hold */
/* for string and stored block copying */
unsigned length; /* literal or length of data to copy */
unsigned offset; /* distance back to copy string from */

2
sys/lib/libz/zconf.h
View file

@ -513,6 +513,8 @@ typedef uLong FAR uLongf;
#if !defined(_WIN32) && defined(Z_LARGE64)
# define z_off64_t off64_t
#elif defined(__MINGW32__)
# define z_off64_t long long
#elif defined(_WIN32) && !defined(__GNUC__)
# define z_off64_t __int64
#elif defined(__GO32__)

21
sys/sys/socketvar.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: socketvar.h,v 1.126 2024/03/26 09:46:47 mvs Exp $ */
/* $OpenBSD: socketvar.h,v 1.127 2024/03/27 22:47:53 mvs Exp $ */
/* $NetBSD: socketvar.h,v 1.18 1996/02/09 18:25:38 christos Exp $ */
/*-
@ -127,14 +127,15 @@ struct socket {
uint64_t sb_timeo_nsecs;/* timeout for read/write */
struct klist sb_klist; /* process selecting read/write */
} so_rcv, so_snd;
#define SB_MAX (2*1024*1024) /* default for max chars in sockbuf */
#define SB_LOCK 0x01 /* lock on data queue */
#define SB_WANT 0x02 /* someone is waiting to lock */
#define SB_WAIT 0x04 /* someone is waiting for data/space */
#define SB_ASYNC 0x10 /* ASYNC I/O, need signals */
#define SB_SPLICE 0x20 /* buffer is splice source or drain */
#define SB_NOINTR 0x40 /* operations not interruptible */
#define SB_MTXLOCK 0x80 /* use sb_mtx for sockbuf protection */
#define SB_MAX (2*1024*1024) /* default for max chars in sockbuf */
#define SB_LOCK 0x0001 /* lock on data queue */
#define SB_WANT 0x0002 /* someone is waiting to lock */
#define SB_WAIT 0x0004 /* someone is waiting for data/space */
#define SB_ASYNC 0x0010 /* ASYNC I/O, need signals */
#define SB_SPLICE 0x0020 /* buffer is splice source or drain */
#define SB_NOINTR 0x0040 /* operations not interruptible */
#define SB_MTXLOCK 0x0080 /* use sb_mtx for sockbuf protection */
#define SB_OWNLOCK 0x0100 /* sb_mtx used standalone */
void (*so_upcall)(struct socket *so, caddr_t arg, int waitf);
caddr_t so_upcallarg; /* Arg for above */
@ -320,6 +321,7 @@ int sblock(struct socket *, struct sockbuf *, int);
/* release lock on sockbuf sb */
void sbunlock(struct socket *, struct sockbuf *);
void sbunlock_locked(struct socket *, struct sockbuf *);
#define SB_EMPTY_FIXUP(sb) do { \
if ((sb)->sb_mb == NULL) { \
@ -367,6 +369,7 @@ int sbcheckreserve(u_long, u_long);
int sbchecklowmem(void);
int sbreserve(struct socket *, struct sockbuf *, u_long);
int sbwait(struct socket *, struct sockbuf *);
int sbwait_locked(struct socket *, struct sockbuf *);
void soinit(void);
void soabort(struct socket *);
int soaccept(struct socket *, struct mbuf *);

8
sys/sys/syscall.h
View file

@ -1,10 +1,10 @@
/* $OpenBSD: syscall.h,v 1.272 2024/03/25 17:43:10 mvs Exp $ */
/* $OpenBSD: syscall.h,v 1.273 2024/03/28 02:27:14 deraadt Exp $ */
/*
* System call numbers.
*
* DO NOT EDIT-- this file is automatically generated.
* created from; OpenBSD: syscalls.master,v 1.258 2024/03/25 17:42:34 mvs Exp
* created from; OpenBSD: syscalls.master,v 1.259 2024/03/28 02:19:57 deraadt Exp
*/
/* syscall: "exit" ret: "void" args: "int" */
@ -425,9 +425,7 @@
/* 144 is obsolete ogetrlimit */
/* 145 is obsolete osetrlimit */
/* syscall: "pinsyscall" ret: "int" args: "int" "void *" "size_t" */
#define SYS_pinsyscall 146
/* 146 is obsolete pinsyscall */
/* syscall: "setsid" ret: "int" args: */
#define SYS_setsid 147

11
sys/sys/syscallargs.h
View file

@ -1,10 +1,10 @@
/* $OpenBSD: syscallargs.h,v 1.275 2024/03/25 17:43:10 mvs Exp $ */
/* $OpenBSD: syscallargs.h,v 1.276 2024/03/28 02:27:14 deraadt Exp $ */
/*
* System call argument lists.
*
* DO NOT EDIT-- this file is automatically generated.
* created from; OpenBSD: syscalls.master,v 1.258 2024/03/25 17:42:34 mvs Exp
* created from; OpenBSD: syscalls.master,v 1.259 2024/03/28 02:19:57 deraadt Exp
*/
#ifdef syscallarg
@ -728,12 +728,6 @@ struct sys_setthrname_args {
syscallarg(const char *) name;
};
struct sys_pinsyscall_args {
syscallarg(int) syscall;
syscallarg(void *) addr;
syscallarg(size_t) len;
};
struct sys_quotactl_args {
syscallarg(const char *) path;
syscallarg(int) cmd;
@ -1309,7 +1303,6 @@ int sys_adjtime(struct proc *, void *, register_t *);
int sys_getlogin_r(struct proc *, void *, register_t *);
int sys_getthrname(struct proc *, void *, register_t *);
int sys_setthrname(struct proc *, void *, register_t *);
int sys_pinsyscall(struct proc *, void *, register_t *);
int sys_setsid(struct proc *, void *, register_t *);
int sys_quotactl(struct proc *, void *, register_t *);
int sys_ypconnect(struct proc *, void *, register_t *);

8
sys/uvm/uvm_km.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: uvm_km.c,v 1.151 2022/08/01 14:15:46 mpi Exp $ */
/* $OpenBSD: uvm_km.c,v 1.152 2024/03/27 15:41:40 kurt Exp $ */
/* $NetBSD: uvm_km.c,v 1.42 2001/01/14 02:10:01 thorpej Exp $ */
/*
@ -183,6 +183,11 @@ uvm_km_init(vaddr_t base, vaddr_t start, vaddr_t end)
panic("uvm_km_init: could not reserve space for kernel");
kernel_map = &kernel_map_store;
#ifndef __HAVE_PMAP_DIRECT
/* allow km_alloc calls before uvm_km_thread starts */
mtx_init(&uvm_km_pages.mtx, IPL_VM);
#endif
}
/*
@ -558,7 +563,6 @@ uvm_km_page_init(void)
int len, bulk;
vaddr_t addr;
mtx_init(&uvm_km_pages.mtx, IPL_VM);
if (!uvm_km_pages.lowat) {
/* based on physmem, calculate a good value here */
uvm_km_pages.lowat = physmem / 256;

11
sys/uvm/uvm_mmap.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: uvm_mmap.c,v 1.185 2024/01/19 21:20:35 deraadt Exp $ */
/* $OpenBSD: uvm_mmap.c,v 1.186 2024/03/28 02:19:57 deraadt Exp $ */
/* $NetBSD: uvm_mmap.c,v 1.49 2001/02/18 21:19:08 chs Exp $ */
/*
@ -612,15 +612,6 @@ sys_msyscall(struct proc *p, void *v, register_t *retval)
return uvm_map_syscall(&p->p_vmspace->vm_map, addr, addr+size);
}
/*
* sys_pinsyscall
*/
int
sys_pinsyscall(struct proc *p, void *v, register_t *retval)
{
return (0);
}
/*
* sys_pinsyscalls. The caller is required to normalize base,len
* to the minimum .text region, and adjust pintable offsets relative