From d178ff6848e54a179063c96b13308f1d2557480f Mon Sep 17 00:00:00 2001 From: purplerain Date: Sat, 2 Mar 2024 19:33:09 +0000 Subject: [PATCH] sync with OpenBSD -current --- distrib/notes/arm64/contents | 4 +- distrib/sets/lists/base/mi | 12 +- distrib/sets/lists/comp/mi | 2 - include/stdlib.h | 3 +- lib/libc/Symbols.list | 1 + lib/libc/arch/m88k/Symbols.list | 1 + lib/libc/arch/m88k/gen/fabs.S | 11 +- lib/libc/hidden/stdlib.h | 3 +- lib/libc/shlib_version | 2 +- lib/libc/stdlib/mkdtemp.c | 10 +- lib/libc/stdlib/mktemp.3 | 30 +- lib/libcrypto/Makefile | 29 +- lib/libcrypto/Symbols.list | 298 +---- lib/libcrypto/Symbols.namespace | 127 -- lib/libcrypto/asn1/a_strnid.c | 25 +- lib/libcrypto/asn1/a_time_tm.c | 15 +- lib/libcrypto/asn1/ameth_lib.c | 180 --- lib/libcrypto/asn1/asn1.h | 50 +- lib/libcrypto/asn1/asn1_local.h | 5 +- lib/libcrypto/asn1/asn_moid.c | 3 +- lib/libcrypto/asn1/p5_pbe.c | 4 +- lib/libcrypto/asn1/p5_pbev2.c | 3 +- lib/libcrypto/asn1/tasn_prn.c | 95 +- lib/libcrypto/asn1/x_algor.c | 8 +- lib/libcrypto/asn1/x_crl.c | 35 +- lib/libcrypto/bio/b_dump.c | 38 +- lib/libcrypto/bio/b_print.c | 59 +- lib/libcrypto/bio/bio.h | 27 +- lib/libcrypto/bio/bio_lib.c | 10 +- lib/libcrypto/bio/bio_local.h | 6 +- lib/libcrypto/bn/bn.h | 9 +- lib/libcrypto/bn/bn_exp.c | 5 +- lib/libcrypto/bn/bn_local.h | 11 +- lib/libcrypto/bn/bn_print.c | 3 +- lib/libcrypto/cmac/cmac.c | 17 +- lib/libcrypto/cmac/cmac.h | 3 +- lib/libcrypto/conf/conf_api.c | 4 +- lib/libcrypto/conf/conf_mall.c | 10 +- lib/libcrypto/cryptlib.c | 4 +- lib/libcrypto/crypto.h | 110 +- lib/libcrypto/crypto_local.h | 138 +++ lib/libcrypto/dsa/dsa.h | 8 +- lib/libcrypto/dsa/dsa_gen.c | 23 +- lib/libcrypto/engine/engine.h | 46 +- lib/libcrypto/err/err.c | 20 +- lib/libcrypto/err/err.h | 17 +- lib/libcrypto/err/err_all.c | 5 +- lib/libcrypto/err/err_prn.c | 3 +- lib/libcrypto/evp/e_aes_cbc_hmac_sha1.c | 604 --------- lib/libcrypto/evp/e_gost2814789.c | 312 ----- lib/libcrypto/evp/e_rc4_hmac_md5.c | 308 ----- lib/libcrypto/evp/evp.h | 196 +-- lib/libcrypto/evp/evp_cipher.c | 10 +- lib/libcrypto/evp/evp_digest.c | 122 +- lib/libcrypto/evp/evp_local.h | 14 +- lib/libcrypto/evp/evp_names.c | 94 +- lib/libcrypto/evp/evp_pbe.c | 51 +- lib/libcrypto/evp/m_gost2814789.c | 113 -- lib/libcrypto/evp/m_gostr341194.c | 100 -- lib/libcrypto/evp/m_streebog.c | 133 -- lib/libcrypto/evp/p_lib.c | 10 +- lib/libcrypto/evp/pmeth_lib.c | 166 +-- lib/libcrypto/gost/gost.h | 262 ---- lib/libcrypto/gost/gost2814789.c | 480 -------- lib/libcrypto/gost/gost89_keywrap.c | 138 --- lib/libcrypto/gost/gost89_params.c | 246 ---- lib/libcrypto/gost/gost89imit_ameth.c | 89 -- lib/libcrypto/gost/gost89imit_pmeth.c | 255 ---- lib/libcrypto/gost/gost_asn1.c | 299 ----- lib/libcrypto/gost/gost_asn1.h | 107 -- lib/libcrypto/gost/gostr341001.c | 403 ------ lib/libcrypto/gost/gostr341001_ameth.c | 727 ----------- lib/libcrypto/gost/gostr341001_key.c | 334 ----- lib/libcrypto/gost/gostr341001_params.c | 132 -- lib/libcrypto/gost/gostr341001_pmeth.c | 705 ----------- lib/libcrypto/gost/streebog.c | 1487 ----------------------- lib/libcrypto/hidden/openssl/asn1.h | 20 +- lib/libcrypto/hidden/openssl/bio.h | 8 +- lib/libcrypto/hidden/openssl/bn.h | 5 +- lib/libcrypto/hidden/openssl/cmac.h | 3 +- lib/libcrypto/hidden/openssl/crypto.h | 29 +- lib/libcrypto/hidden/openssl/dsa.h | 3 +- lib/libcrypto/hidden/openssl/err.h | 3 +- lib/libcrypto/hidden/openssl/gost.h | 71 -- lib/libcrypto/hidden/openssl/lhash.h | 9 +- lib/libcrypto/hidden/openssl/objects.h | 10 +- lib/libcrypto/hidden/openssl/pkcs12.h | 37 +- lib/libcrypto/hidden/openssl/stack.h | 3 +- lib/libcrypto/hidden/openssl/x509.h | 12 +- lib/libcrypto/hidden/openssl/x509_vfy.h | 10 +- lib/libcrypto/hidden/openssl/x509v3.h | 11 +- lib/libcrypto/lhash/lh_stats.c | 263 ---- lib/libcrypto/lhash/lhash.c | 11 +- lib/libcrypto/lhash/lhash.h | 64 +- lib/libcrypto/lhash/lhash_local.h | 105 ++ lib/libcrypto/malloc-wrapper.c | 156 +-- lib/libcrypto/man/BIO_printf.3 | 59 +- lib/libcrypto/man/CMAC_Init.3 | 26 +- lib/libcrypto/man/Makefile | 3 +- lib/libcrypto/man/lh_new.3 | 5 +- lib/libcrypto/man/lh_stats.3 | 206 ---- lib/libcrypto/mem_dbg.c | 93 +- lib/libcrypto/objects/obj_dat.c | 23 +- lib/libcrypto/objects/objects.h | 32 +- lib/libcrypto/ocsp/ocsp_cl.c | 3 +- lib/libcrypto/opensslfeatures.h | 32 +- lib/libcrypto/opensslv.h | 6 +- lib/libcrypto/pkcs12/p12_add.c | 7 +- lib/libcrypto/pkcs12/p12_asn.c | 10 +- lib/libcrypto/pkcs12/p12_decr.c | 7 +- lib/libcrypto/pkcs12/p12_key.c | 5 +- lib/libcrypto/pkcs12/p12_mutl.c | 3 +- lib/libcrypto/pkcs12/p12_p8d.c | 3 +- lib/libcrypto/pkcs12/p12_p8e.c | 3 +- lib/libcrypto/pkcs12/pkcs12.h | 71 +- lib/libcrypto/pkcs12/pkcs12_local.h | 75 +- lib/libcrypto/shlib_version | 2 +- lib/libcrypto/stack/safestack.h | 238 +--- lib/libcrypto/stack/stack.c | 14 +- lib/libcrypto/stack/stack.h | 12 +- lib/libcrypto/stack/stack_local.h | 71 ++ lib/libcrypto/util/mkstack.pl | 8 - lib/libcrypto/x509/x509.h | 94 +- lib/libcrypto/x509/x509_lib.c | 36 +- lib/libcrypto/x509/x509_local.h | 60 +- lib/libcrypto/x509/x509_lu.c | 52 +- lib/libcrypto/x509/x509_policy.c | 5 +- lib/libcrypto/x509/x509_purp.c | 52 +- lib/libcrypto/x509/x509_trs.c | 90 +- lib/libcrypto/x509/x509_vfy.c | 11 +- lib/libcrypto/x509/x509_vfy.h | 18 +- lib/libcrypto/x509/x509v3.h | 30 +- lib/libssl/Symbols.list | 5 +- lib/libssl/hidden/openssl/ssl.h | 5 +- lib/libssl/hidden/openssl/tls1.h | 4 +- lib/libssl/s3_lib.c | 10 +- lib/libssl/shlib_version | 2 +- lib/libssl/ssl.h | 9 +- lib/libssl/ssl3.h | 16 +- lib/libssl/ssl_ciph.c | 16 +- lib/libssl/ssl_lib.c | 9 +- lib/libssl/tls1.h | 16 +- lib/libtls/shlib_version | 2 +- regress/usr.bin/openssl/appstest.sh | 122 +- sbin/iked/iked.h | 7 +- sbin/iked/ikev2.c | 6 +- sbin/iked/ikev2_msg.c | 22 +- sbin/iked/ikev2_pld.c | 78 +- sbin/iked/version.h | 4 +- sys/dev/ic/qwx.c | 48 +- sys/dev/ic/qwxvar.h | 5 +- usr.bin/mktemp/mktemp.1 | 20 +- usr.bin/mktemp/mktemp.c | 31 +- 153 files changed, 982 insertions(+), 11182 deletions(-) delete mode 100644 lib/libcrypto/asn1/ameth_lib.c create mode 100644 lib/libcrypto/crypto_local.h delete mode 100644 lib/libcrypto/evp/e_aes_cbc_hmac_sha1.c delete mode 100644 lib/libcrypto/evp/e_gost2814789.c delete mode 100644 lib/libcrypto/evp/e_rc4_hmac_md5.c delete mode 100644 lib/libcrypto/evp/m_gost2814789.c delete mode 100644 lib/libcrypto/evp/m_gostr341194.c delete mode 100644 lib/libcrypto/evp/m_streebog.c delete mode 100644 lib/libcrypto/gost/gost.h delete mode 100644 lib/libcrypto/gost/gost2814789.c delete mode 100644 lib/libcrypto/gost/gost89_keywrap.c delete mode 100644 lib/libcrypto/gost/gost89_params.c delete mode 100644 lib/libcrypto/gost/gost89imit_ameth.c delete mode 100644 lib/libcrypto/gost/gost89imit_pmeth.c delete mode 100644 lib/libcrypto/gost/gost_asn1.c delete mode 100644 lib/libcrypto/gost/gost_asn1.h delete mode 100644 lib/libcrypto/gost/gostr341001.c delete mode 100644 lib/libcrypto/gost/gostr341001_ameth.c delete mode 100644 lib/libcrypto/gost/gostr341001_key.c delete mode 100644 lib/libcrypto/gost/gostr341001_params.c delete mode 100644 lib/libcrypto/gost/gostr341001_pmeth.c delete mode 100644 lib/libcrypto/gost/streebog.c delete mode 100644 lib/libcrypto/hidden/openssl/gost.h delete mode 100644 lib/libcrypto/lhash/lh_stats.c create mode 100644 lib/libcrypto/lhash/lhash_local.h delete mode 100644 lib/libcrypto/man/lh_stats.3 create mode 100644 lib/libcrypto/stack/stack_local.h diff --git a/distrib/notes/arm64/contents b/distrib/notes/arm64/contents index 7dc7e471f..7cb00cf55 100644 --- a/distrib/notes/arm64/contents +++ b/distrib/notes/arm64/contents @@ -1,4 +1,4 @@ -dnl $OpenBSD: contents,v 1.8 2023/10/26 14:29:13 deraadt Exp $ +dnl $OpenBSD: contents,v 1.9 2024/03/02 10:14:31 jsg Exp $ TopPart OpenBSDminiroot @@ -13,6 +13,8 @@ OpenBSDrd OpenBSDinstalliso +OpenBSDinstallfs + OpenBSDcd DistributionDescription(eight) diff --git a/distrib/sets/lists/base/mi b/distrib/sets/lists/base/mi index 631d24aab..e988d4567 100644 --- a/distrib/sets/lists/base/mi +++ b/distrib/sets/lists/base/mi @@ -722,9 +722,9 @@ ./usr/lib/crtendS.o ./usr/lib/gcrt0.o ./usr/lib/libagentx.so.1.1 -./usr/lib/libc.so.98.0 +./usr/lib/libc.so.99.0 ./usr/lib/libcbor.so.2.0 -./usr/lib/libcrypto.so.52.0 +./usr/lib/libcrypto.so.53.0 ./usr/lib/libcurses.so.15.0 ./usr/lib/libedit.so.6.0 ./usr/lib/libelf.so.3.0 @@ -753,10 +753,10 @@ ./usr/lib/librpcsvc.so.3.0 ./usr/lib/libskey.so.6.0 ./usr/lib/libsndio.so.7.2 -./usr/lib/libssl.so.55.0 +./usr/lib/libssl.so.56.0 ./usr/lib/libtermcap.so.15.0 ./usr/lib/libtermlib.so.15.0 -./usr/lib/libtls.so.28.0 +./usr/lib/libtls.so.29.0 ./usr/lib/libusbhid.so.7.1 ./usr/lib/libutil.so.18.0 ./usr/lib/libz.so.7.0 @@ -2955,8 +2955,8 @@ ./usr/share/relink/kernel.tgz ./usr/share/relink/usr ./usr/share/relink/usr/lib -./usr/share/relink/usr/lib/libc.so.98.0.a -./usr/share/relink/usr/lib/libcrypto.so.52.0.a +./usr/share/relink/usr/lib/libc.so.99.0.a +./usr/share/relink/usr/lib/libcrypto.so.53.0.a ./usr/share/relink/usr/libexec ./usr/share/relink/usr/libexec/ld.so.a ./usr/share/relink/usr/sbin diff --git a/distrib/sets/lists/comp/mi b/distrib/sets/lists/comp/mi index c548e1f55..03faef8f2 100644 --- a/distrib/sets/lists/comp/mi +++ b/distrib/sets/lists/comp/mi @@ -1131,7 +1131,6 @@ ./usr/include/openssl/engine.h ./usr/include/openssl/err.h ./usr/include/openssl/evp.h -./usr/include/openssl/gost.h ./usr/include/openssl/hkdf.h ./usr/include/openssl/hmac.h ./usr/include/openssl/idea.h @@ -2721,7 +2720,6 @@ ./usr/share/man/man3/legacy_coding.3 ./usr/share/man/man3/lgamma.3 ./usr/share/man/man3/lh_new.3 -./usr/share/man/man3/lh_stats.3 ./usr/share/man/man3/link_ntoa.3 ./usr/share/man/man3/lldiv.3 ./usr/share/man/man3/localeconv.3 diff --git a/include/stdlib.h b/include/stdlib.h index ab8a2ae90..d1292e6d4 100644 --- a/include/stdlib.h +++ b/include/stdlib.h @@ -1,4 +1,4 @@ -/* $OpenBSD: stdlib.h,v 1.76 2019/05/10 15:03:24 otto Exp $ */ +/* $OpenBSD: stdlib.h,v 1.77 2024/03/01 21:30:40 millert Exp $ */ /* $NetBSD: stdlib.h,v 1.25 1995/12/27 21:19:08 jtc Exp $ */ /*- @@ -289,6 +289,7 @@ void setprogname(const char *); extern char *suboptarg; /* getsubopt(3) external variable */ +char * mkdtemps(char *, int); int mkstemps(char *, int); int mkostemps(char *, int, int); diff --git a/lib/libc/Symbols.list b/lib/libc/Symbols.list index a6bc65f50..251760f81 100644 --- a/lib/libc/Symbols.list +++ b/lib/libc/Symbols.list @@ -1410,6 +1410,7 @@ getw getwc getwchar mkdtemp +mkdtemps mkostemp mkostemps mkstemp diff --git a/lib/libc/arch/m88k/Symbols.list b/lib/libc/arch/m88k/Symbols.list index b1a720460..3faaeef61 100644 --- a/lib/libc/arch/m88k/Symbols.list +++ b/lib/libc/arch/m88k/Symbols.list @@ -3,6 +3,7 @@ __mcount __modsi3 __udivsi3 __umodsi3 +fabsl frexpl ldexpl modfl diff --git a/lib/libc/arch/m88k/gen/fabs.S b/lib/libc/arch/m88k/gen/fabs.S index 6ba92a9e9..f47d31b9e 100644 --- a/lib/libc/arch/m88k/gen/fabs.S +++ b/lib/libc/arch/m88k/gen/fabs.S @@ -1,4 +1,4 @@ -/* $OpenBSD: fabs.S,v 1.11 2013/01/11 21:23:24 miod Exp $ */ +/* $OpenBSD: fabs.S,v 1.13 2024/03/02 16:51:00 miod Exp $ */ /*- * Copyright (c) 1996 Nivas Madhur * All rights reserved. @@ -35,13 +35,8 @@ * Will work only if the argument passed is in IEEE format! */ +STRONG_ALIAS(fabsl, fabs) ENTRY(fabs) - subu %r31,%r31,16 - st.d %r2,%r31,0 - ld.bu %r4,%r31,0 - mask %r4,%r4,0x7f /* set sign bit to 0 */ - st.b %r4,%r31,0 - ld.d %r2,%r31,0 jmp.n %r1 - addu %r31,%r31,16 + and.u %r2, %r2, 0x7fff /* set sign bit to 0 */ END(fabs) diff --git a/lib/libc/hidden/stdlib.h b/lib/libc/hidden/stdlib.h index c890889dd..027067eba 100644 --- a/lib/libc/hidden/stdlib.h +++ b/lib/libc/hidden/stdlib.h @@ -1,4 +1,4 @@ -/* $OpenBSD: stdlib.h,v 1.19 2024/01/19 19:45:02 millert Exp $ */ +/* $OpenBSD: stdlib.h,v 1.20 2024/03/01 21:30:40 millert Exp $ */ /* $NetBSD: stdlib.h,v 1.25 1995/12/27 21:19:08 jtc Exp $ */ /*- @@ -116,6 +116,7 @@ PROTO_STD_DEPRECATED(mbstowcs); PROTO_STD_DEPRECATED(mbtowc); PROTO_DEPRECATED(mergesort); PROTO_DEPRECATED(mkdtemp); +PROTO_DEPRECATED(mkdtemps); PROTO_NORMAL(mkostemp); PROTO_DEPRECATED(mkostemps); PROTO_NORMAL(mkstemp); diff --git a/lib/libc/shlib_version b/lib/libc/shlib_version index 211c24639..198973d46 100644 --- a/lib/libc/shlib_version +++ b/lib/libc/shlib_version @@ -1,4 +1,4 @@ -major=98 +major=99 minor=0 # note: If changes were made to include/thread_private.h or if system calls # were added/changed then librthread/shlib_version must also be updated. diff --git a/lib/libc/stdlib/mkdtemp.c b/lib/libc/stdlib/mkdtemp.c index c33c3b4e8..c11501f89 100644 --- a/lib/libc/stdlib/mkdtemp.c +++ b/lib/libc/stdlib/mkdtemp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mkdtemp.c,v 1.1 2024/01/19 19:45:02 millert Exp $ */ +/* $OpenBSD: mkdtemp.c,v 1.2 2024/03/01 21:30:40 millert Exp $ */ /* * Copyright (c) 2024 Todd C. Miller * @@ -31,3 +31,11 @@ mkdtemp(char *path) return path; return NULL; } + +char * +mkdtemps(char *path, int slen) +{ + if (__mktemp4(path, slen, 0, mkdtemp_cb) == 0) + return path; + return NULL; +} diff --git a/lib/libc/stdlib/mktemp.3 b/lib/libc/stdlib/mktemp.3 index d4bd7bdc9..83b7c9eb3 100644 --- a/lib/libc/stdlib/mktemp.3 +++ b/lib/libc/stdlib/mktemp.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: mktemp.3,v 1.1 2024/01/19 16:30:28 millert Exp $ +.\" $OpenBSD: mktemp.3,v 1.2 2024/03/01 21:30:40 millert Exp $ .\" .\" Copyright (c) 1989, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -27,7 +27,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd $Mdocdate: January 19 2024 $ +.Dd $Mdocdate: March 1 2024 $ .Dt MKTEMP 3 .Os .Sh NAME @@ -36,7 +36,8 @@ .Nm mkostemp , .Nm mkstemps , .Nm mkostemps , -.Nm mkdtemp +.Nm mkdtemp , +.Nm mkdtemps .Nd make temporary file name (unique) .Sh SYNOPSIS .In stdlib.h @@ -48,6 +49,8 @@ .Fn mkstemps "char *template" "int suffixlen" .Ft char * .Fn mkdtemp "char *template" +.Ft char * +.Fn mkdtemps "char *template" "int suffixlen" .In stdlib.h .In fcntl.h .Ft int @@ -142,11 +145,19 @@ The function makes the same replacement to the template as in .Fn mktemp and creates the template directory, mode 0700. +The +.Fn mkdtemps +function acts the same as +.Fn mkdtemp , +except that it permits a suffix to exist in the template, +similar to +.Fn mkstemps . .Sh RETURN VALUES The -.Fn mktemp +.Fn mktemp , +.Fn mkdtemp , and -.Fn mkdtemp +.Fn mkdtemps functions return a pointer to the template on success and .Dv NULL on failure. @@ -356,9 +367,10 @@ as of it is no longer a part of the standard. .Pp The -.Fn mkstemps +.Fn mkstemps , +.Fn mkostemps , and -.Fn mkostemps +.Fn mkdtemps functions are non-standard and should not be used if portability is required. .Sh HISTORY A @@ -383,6 +395,10 @@ and .Fn mkostemps functions appeared in .Ox 5.7 . +The +.Fn mkdtemps +function appeared in +.Ox 7.5 . .Sh BUGS For .Fn mktemp diff --git a/lib/libcrypto/Makefile b/lib/libcrypto/Makefile index 0ddf74246..06bb1ec6b 100644 --- a/lib/libcrypto/Makefile +++ b/lib/libcrypto/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.168 2024/02/18 16:28:37 tb Exp $ +# $OpenBSD: Makefile,v 1.174 2024/03/02 13:39:28 tb Exp $ LIB= crypto LIBREBUILD=y @@ -40,11 +40,13 @@ CFLAGS+= -I${LCRYPTO_SRC}/evp CFLAGS+= -I${LCRYPTO_SRC}/hidden CFLAGS+= -I${LCRYPTO_SRC}/hmac CFLAGS+= -I${LCRYPTO_SRC}/kdf +CFLAGS+= -I${LCRYPTO_SRC}/lhash CFLAGS+= -I${LCRYPTO_SRC}/modes CFLAGS+= -I${LCRYPTO_SRC}/ocsp CFLAGS+= -I${LCRYPTO_SRC}/pkcs12 CFLAGS+= -I${LCRYPTO_SRC}/rsa CFLAGS+= -I${LCRYPTO_SRC}/sha +CFLAGS+= -I${LCRYPTO_SRC}/stack CFLAGS+= -I${LCRYPTO_SRC}/ts CFLAGS+= -I${LCRYPTO_SRC}/x509 @@ -96,7 +98,6 @@ SRCS+= a_time_posix.c SRCS+= a_time_tm.c SRCS+= a_type.c SRCS+= a_utf8.c -SRCS+= ameth_lib.c SRCS+= asn1_err.c SRCS+= asn1_gen.c SRCS+= asn1_item.c @@ -349,7 +350,6 @@ SRCS+= bio_b64.c SRCS+= bio_enc.c SRCS+= bio_md.c SRCS+= e_aes.c -SRCS+= e_aes_cbc_hmac_sha1.c SRCS+= e_bf.c SRCS+= e_camellia.c SRCS+= e_cast.c @@ -357,12 +357,10 @@ SRCS+= e_chacha.c SRCS+= e_chacha20poly1305.c SRCS+= e_des.c SRCS+= e_des3.c -SRCS+= e_gost2814789.c SRCS+= e_idea.c SRCS+= e_null.c SRCS+= e_rc2.c SRCS+= e_rc4.c -SRCS+= e_rc4_hmac_md5.c SRCS+= e_sm4.c SRCS+= e_xcbc_d.c SRCS+= evp_aead.c @@ -374,8 +372,6 @@ SRCS+= evp_key.c SRCS+= evp_names.c SRCS+= evp_pbe.c SRCS+= evp_pkey.c -SRCS+= m_gost2814789.c -SRCS+= m_gostr341194.c SRCS+= m_md4.c SRCS+= m_md5.c SRCS+= m_md5_sha1.c @@ -385,7 +381,6 @@ SRCS+= m_sha1.c SRCS+= m_sha3.c SRCS+= m_sigver.c SRCS+= m_sm3.c -SRCS+= m_streebog.c SRCS+= m_wp.c SRCS+= p_legacy.c SRCS+= p_lib.c @@ -395,22 +390,6 @@ SRCS+= pmeth_fn.c SRCS+= pmeth_gn.c SRCS+= pmeth_lib.c -# gost/ -SRCS+= gost2814789.c -SRCS+= gost89_keywrap.c -SRCS+= gost89_params.c -SRCS+= gost89imit_ameth.c -SRCS+= gost89imit_pmeth.c -SRCS+= gost_asn1.c -SRCS+= gost_err.c -SRCS+= gostr341001.c -SRCS+= gostr341001_ameth.c -SRCS+= gostr341001_key.c -SRCS+= gostr341001_params.c -SRCS+= gostr341001_pmeth.c -SRCS+= gostr341194.c -SRCS+= streebog.c - # hkdf/ SRCS+= hkdf.c @@ -431,7 +410,6 @@ SRCS+= hkdf_evp.c SRCS+= kdf_err.c # lhash/ -SRCS+= lh_stats.c SRCS+= lhash.c # md4/ @@ -730,7 +708,6 @@ HDRS=\ ${LCRYPTO_SRC}/engine/engine.h \ ${LCRYPTO_SRC}/err/err.h \ ${LCRYPTO_SRC}/evp/evp.h \ - ${LCRYPTO_SRC}/gost/gost.h \ ${LCRYPTO_SRC}/hkdf/hkdf.h \ ${LCRYPTO_SRC}/hmac/hmac.h \ ${LCRYPTO_SRC}/idea/idea.h \ diff --git a/lib/libcrypto/Symbols.list b/lib/libcrypto/Symbols.list index bb80f34cf..846bd5ce8 100644 --- a/lib/libcrypto/Symbols.list +++ b/lib/libcrypto/Symbols.list @@ -81,18 +81,6 @@ ASN1_OCTET_STRING_free ASN1_OCTET_STRING_it ASN1_OCTET_STRING_new ASN1_OCTET_STRING_set -ASN1_PCTX_free -ASN1_PCTX_get_cert_flags -ASN1_PCTX_get_flags -ASN1_PCTX_get_nm_flags -ASN1_PCTX_get_oid_flags -ASN1_PCTX_get_str_flags -ASN1_PCTX_new -ASN1_PCTX_set_cert_flags -ASN1_PCTX_set_flags -ASN1_PCTX_set_nm_flags -ASN1_PCTX_set_oid_flags -ASN1_PCTX_set_str_flags ASN1_PRINTABLESTRING_free ASN1_PRINTABLESTRING_it ASN1_PRINTABLESTRING_new @@ -103,8 +91,6 @@ ASN1_PRINTABLE_type ASN1_SEQUENCE_ANY_it ASN1_SEQUENCE_it ASN1_SET_ANY_it -ASN1_STRING_TABLE_add -ASN1_STRING_TABLE_cleanup ASN1_STRING_TABLE_get ASN1_STRING_cmp ASN1_STRING_copy @@ -143,7 +129,6 @@ ASN1_TIME_print ASN1_TIME_set ASN1_TIME_set_string ASN1_TIME_set_string_X509 -ASN1_TIME_set_tm ASN1_TIME_to_generalizedtime ASN1_TIME_to_tm ASN1_TYPE_cmp @@ -175,7 +160,6 @@ ASN1_UTF8STRING_new ASN1_VISIBLESTRING_free ASN1_VISIBLESTRING_it ASN1_VISIBLESTRING_new -ASN1_add_oid_module ASN1_d2i_bio ASN1_d2i_fp ASN1_dup @@ -213,9 +197,7 @@ ASN1_put_eoc ASN1_put_object ASN1_tag2bit ASN1_tag2str -ASN1_time_parse ASN1_time_tm_clamp_notafter -ASN1_time_tm_cmp ASRange_free ASRange_it ASRange_new @@ -251,11 +233,7 @@ BIO_ctrl_wpending BIO_debug_callback BIO_dgram_non_fatal_error BIO_dump -BIO_dump_cb -BIO_dump_fp BIO_dump_indent -BIO_dump_indent_cb -BIO_dump_indent_fp BIO_dup_chain BIO_f_base64 BIO_f_buffer @@ -337,7 +315,6 @@ BIO_s_log BIO_s_mem BIO_s_null BIO_s_socket -BIO_set BIO_set_callback BIO_set_callback_arg BIO_set_callback_ex @@ -350,7 +327,6 @@ BIO_set_next BIO_set_retry_reason BIO_set_shutdown BIO_set_tcp_ndelay -BIO_snprintf BIO_sock_cleanup BIO_sock_error BIO_sock_init @@ -361,8 +337,6 @@ BIO_socket_nbio BIO_test_flags BIO_up_ref BIO_vfree -BIO_vprintf -BIO_vsnprintf BIO_write BN_CTX_end BN_CTX_free @@ -433,11 +407,8 @@ BN_mask_bits BN_mod_add BN_mod_add_quick BN_mod_exp -BN_mod_exp2_mont BN_mod_exp_mont BN_mod_exp_mont_consttime -BN_mod_exp_mont_word -BN_mod_exp_simple BN_mod_inverse BN_mod_lshift BN_mod_lshift1 @@ -507,7 +478,6 @@ CMAC_CTX_new CMAC_Final CMAC_Init CMAC_Update -CMAC_resume CMS_ContentInfo_free CMS_ContentInfo_it CMS_ContentInfo_new @@ -653,11 +623,7 @@ CONF_set_nconf CRL_DIST_POINTS_free CRL_DIST_POINTS_it CRL_DIST_POINTS_new -CRYPTO_THREADID_cmp -CRYPTO_THREADID_cpy -CRYPTO_THREADID_current CRYPTO_THREADID_get_callback -CRYPTO_THREADID_hash CRYPTO_THREADID_set_callback CRYPTO_THREADID_set_numeric CRYPTO_THREADID_set_pointer @@ -679,16 +645,10 @@ CRYPTO_chacha_20 CRYPTO_cleanup_all_ex_data CRYPTO_ctr128_encrypt CRYPTO_ctr128_encrypt_ctr32 -CRYPTO_dbg_free -CRYPTO_dbg_get_options -CRYPTO_dbg_malloc -CRYPTO_dbg_realloc -CRYPTO_dbg_set_options CRYPTO_destroy_dynlockid CRYPTO_dup_ex_data CRYPTO_free CRYPTO_free_ex_data -CRYPTO_free_locked CRYPTO_gcm128_aad CRYPTO_gcm128_decrypt CRYPTO_gcm128_decrypt_ctr32 @@ -709,24 +669,13 @@ CRYPTO_get_ex_data CRYPTO_get_ex_new_index CRYPTO_get_id_callback CRYPTO_get_lock_name -CRYPTO_get_locked_mem_ex_functions -CRYPTO_get_locked_mem_functions CRYPTO_get_locking_callback -CRYPTO_get_mem_debug_functions -CRYPTO_get_mem_debug_options -CRYPTO_get_mem_ex_functions -CRYPTO_get_mem_functions CRYPTO_get_new_dynlockid CRYPTO_get_new_lockid CRYPTO_hchacha_20 -CRYPTO_is_mem_check_on CRYPTO_lock CRYPTO_malloc -CRYPTO_malloc_locked CRYPTO_mem_ctrl -CRYPTO_mem_leaks -CRYPTO_mem_leaks_cb -CRYPTO_mem_leaks_fp CRYPTO_memcmp CRYPTO_new_ex_data CRYPTO_num_locks @@ -734,23 +683,13 @@ CRYPTO_ofb128_encrypt CRYPTO_poly1305_finish CRYPTO_poly1305_init CRYPTO_poly1305_update -CRYPTO_pop_info -CRYPTO_push_info_ -CRYPTO_realloc -CRYPTO_realloc_clean -CRYPTO_remalloc -CRYPTO_remove_all_info CRYPTO_set_add_lock_callback CRYPTO_set_dynlock_create_callback CRYPTO_set_dynlock_destroy_callback CRYPTO_set_dynlock_lock_callback CRYPTO_set_ex_data CRYPTO_set_id_callback -CRYPTO_set_locked_mem_ex_functions -CRYPTO_set_locked_mem_functions CRYPTO_set_locking_callback -CRYPTO_set_mem_debug_functions -CRYPTO_set_mem_debug_options CRYPTO_set_mem_ex_functions CRYPTO_set_mem_functions CRYPTO_strdup @@ -895,7 +834,6 @@ DSA_do_verify DSA_dup_DH DSA_free DSA_generate_key -DSA_generate_parameters DSA_generate_parameters_ex DSA_get0_engine DSA_get0_g @@ -1117,7 +1055,6 @@ ERR_get_error ERR_get_error_line ERR_get_error_line_data ERR_get_next_error_library -ERR_get_state ERR_lib_error_string ERR_load_ASN1_strings ERR_load_BIO_strings @@ -1131,7 +1068,6 @@ ERR_load_DSA_strings ERR_load_EC_strings ERR_load_ERR_strings ERR_load_EVP_strings -ERR_load_GOST_strings ERR_load_OBJ_strings ERR_load_OCSP_strings ERR_load_PEM_strings @@ -1212,12 +1148,10 @@ EVP_CIPHER_CTX_set_iv EVP_CIPHER_CTX_set_key_length EVP_CIPHER_CTX_set_padding EVP_CIPHER_CTX_test_flags -EVP_CIPHER_asn1_to_param EVP_CIPHER_block_size EVP_CIPHER_do_all EVP_CIPHER_do_all_sorted EVP_CIPHER_flags -EVP_CIPHER_get_asn1_iv EVP_CIPHER_iv_length EVP_CIPHER_key_length EVP_CIPHER_meth_dup @@ -1233,8 +1167,6 @@ EVP_CIPHER_meth_set_init EVP_CIPHER_meth_set_iv_length EVP_CIPHER_meth_set_set_asn1_params EVP_CIPHER_nid -EVP_CIPHER_param_to_asn1 -EVP_CIPHER_set_asn1_iv EVP_CIPHER_type EVP_Cipher EVP_CipherFinal @@ -1295,29 +1227,11 @@ EVP_MD_block_size EVP_MD_do_all EVP_MD_do_all_sorted EVP_MD_flags -EVP_MD_meth_dup -EVP_MD_meth_free -EVP_MD_meth_new -EVP_MD_meth_set_app_datasize -EVP_MD_meth_set_cleanup -EVP_MD_meth_set_copy -EVP_MD_meth_set_ctrl -EVP_MD_meth_set_final -EVP_MD_meth_set_flags -EVP_MD_meth_set_init -EVP_MD_meth_set_input_blocksize -EVP_MD_meth_set_result_size -EVP_MD_meth_set_update EVP_MD_pkey_type EVP_MD_size EVP_MD_type EVP_OpenFinal EVP_OpenInit -EVP_PBE_CipherInit -EVP_PBE_alg_add -EVP_PBE_alg_add_type -EVP_PBE_cleanup -EVP_PBE_find EVP_PKCS82PKEY EVP_PKEY2PKCS8 EVP_PKEY_CTX_ctrl @@ -1341,25 +1255,11 @@ EVP_PKEY_add1_attr EVP_PKEY_add1_attr_by_NID EVP_PKEY_add1_attr_by_OBJ EVP_PKEY_add1_attr_by_txt -EVP_PKEY_asn1_add0 -EVP_PKEY_asn1_add_alias -EVP_PKEY_asn1_copy EVP_PKEY_asn1_find EVP_PKEY_asn1_find_str -EVP_PKEY_asn1_free EVP_PKEY_asn1_get0 EVP_PKEY_asn1_get0_info EVP_PKEY_asn1_get_count -EVP_PKEY_asn1_new -EVP_PKEY_asn1_set_check -EVP_PKEY_asn1_set_ctrl -EVP_PKEY_asn1_set_free -EVP_PKEY_asn1_set_param -EVP_PKEY_asn1_set_param_check -EVP_PKEY_asn1_set_private -EVP_PKEY_asn1_set_public -EVP_PKEY_asn1_set_public_check -EVP_PKEY_asn1_set_security_bits EVP_PKEY_assign EVP_PKEY_base_id EVP_PKEY_bits @@ -1399,29 +1299,6 @@ EVP_PKEY_get_raw_public_key EVP_PKEY_id EVP_PKEY_keygen EVP_PKEY_keygen_init -EVP_PKEY_meth_add0 -EVP_PKEY_meth_copy -EVP_PKEY_meth_find -EVP_PKEY_meth_free -EVP_PKEY_meth_get0_info -EVP_PKEY_meth_new -EVP_PKEY_meth_set_check -EVP_PKEY_meth_set_cleanup -EVP_PKEY_meth_set_copy -EVP_PKEY_meth_set_ctrl -EVP_PKEY_meth_set_decrypt -EVP_PKEY_meth_set_derive -EVP_PKEY_meth_set_encrypt -EVP_PKEY_meth_set_init -EVP_PKEY_meth_set_keygen -EVP_PKEY_meth_set_param_check -EVP_PKEY_meth_set_paramgen -EVP_PKEY_meth_set_public_check -EVP_PKEY_meth_set_sign -EVP_PKEY_meth_set_signctx -EVP_PKEY_meth_set_verify -EVP_PKEY_meth_set_verify_recover -EVP_PKEY_meth_set_verifyctx EVP_PKEY_missing_parameters EVP_PKEY_new EVP_PKEY_new_CMAC_key @@ -1456,14 +1333,11 @@ EVP_SealFinal EVP_SealInit EVP_SignFinal EVP_VerifyFinal -EVP_add_cipher -EVP_add_digest EVP_aead_aes_128_gcm EVP_aead_aes_256_gcm EVP_aead_chacha20_poly1305 EVP_aead_xchacha20_poly1305 EVP_aes_128_cbc -EVP_aes_128_cbc_hmac_sha1 EVP_aes_128_ccm EVP_aes_128_cfb1 EVP_aes_128_cfb128 @@ -1485,7 +1359,6 @@ EVP_aes_192_gcm EVP_aes_192_ofb EVP_aes_192_wrap EVP_aes_256_cbc -EVP_aes_256_cbc_hmac_sha1 EVP_aes_256_ccm EVP_aes_256_cfb1 EVP_aes_256_cfb128 @@ -1548,11 +1421,6 @@ EVP_enc_null EVP_get_cipherbyname EVP_get_digestbyname EVP_get_pw_prompt -EVP_gost2814789_cfb64 -EVP_gost2814789_cnt -EVP_gost2814789_ecb -EVP_gost2814789imit -EVP_gostr341194 EVP_idea_cbc EVP_idea_cfb64 EVP_idea_ecb @@ -1569,7 +1437,6 @@ EVP_rc2_ecb EVP_rc2_ofb EVP_rc4 EVP_rc4_40 -EVP_rc4_hmac_md5 EVP_read_pw_string EVP_read_pw_string_min EVP_ripemd160 @@ -1591,8 +1458,6 @@ EVP_sm4_cfb128 EVP_sm4_ctr EVP_sm4_ecb EVP_sm4_ofb -EVP_streebog256 -EVP_streebog512 EVP_whirlpool EXTENDED_KEY_USAGE_free EXTENDED_KEY_USAGE_it @@ -1615,37 +1480,6 @@ GENERAL_NAME_set0_value GENERAL_SUBTREE_free GENERAL_SUBTREE_it GENERAL_SUBTREE_new -GOST2814789IMIT -GOST2814789IMIT_Final -GOST2814789IMIT_Init -GOST2814789IMIT_Transform -GOST2814789IMIT_Update -GOSTR341194 -GOSTR341194_Final -GOSTR341194_Init -GOSTR341194_Transform -GOSTR341194_Update -GOST_CIPHER_PARAMS_free -GOST_CIPHER_PARAMS_it -GOST_CIPHER_PARAMS_new -GOST_KEY_check_key -GOST_KEY_free -GOST_KEY_get0_group -GOST_KEY_get0_private_key -GOST_KEY_get0_public_key -GOST_KEY_get_digest -GOST_KEY_get_size -GOST_KEY_new -GOST_KEY_set_digest -GOST_KEY_set_group -GOST_KEY_set_private_key -GOST_KEY_set_public_key -GOST_KEY_set_public_key_affine_coordinates -Gost2814789_cfb64_encrypt -Gost2814789_cnt_encrypt -Gost2814789_ecb_encrypt -Gost2814789_set_key -Gost2814789_set_sbox HKDF HKDF_expand HKDF_extract @@ -1719,16 +1553,8 @@ NETSCAPE_SPKI_verify NOTICEREF_free NOTICEREF_it NOTICEREF_new -OBJ_NAME_add -OBJ_NAME_cleanup OBJ_NAME_do_all OBJ_NAME_do_all_sorted -OBJ_NAME_get -OBJ_NAME_init -OBJ_NAME_new_index -OBJ_NAME_remove -OBJ_add_object -OBJ_bsearch_ OBJ_cleanup OBJ_cmp OBJ_create @@ -1893,12 +1719,16 @@ OPENSSL_cleanup OPENSSL_config OPENSSL_cpu_caps OPENSSL_cpuid_setup +OPENSSL_gmtime OPENSSL_init OPENSSL_init_crypto OPENSSL_load_builtin_modules OPENSSL_no_config +OPENSSL_posix_to_tm OPENSSL_strcasecmp OPENSSL_strncasecmp +OPENSSL_timegm +OPENSSL_tm_to_posix OPENSSL_uni2asc OTHERNAME_cmp OTHERNAME_free @@ -1909,15 +1739,7 @@ OpenSSL_add_all_ciphers OpenSSL_add_all_digests OpenSSL_version OpenSSL_version_num -PBE2PARAM_free -PBE2PARAM_it -PBE2PARAM_new -PBEPARAM_free PBEPARAM_it -PBEPARAM_new -PBKDF2PARAM_free -PBKDF2PARAM_it -PBKDF2PARAM_new PEM_ASN1_read PEM_ASN1_read_bio PEM_ASN1_write @@ -2029,21 +1851,7 @@ PEM_write_bio_X509_AUX PEM_write_bio_X509_CRL PEM_write_bio_X509_REQ PEM_write_bio_X509_REQ_NEW -PKCS12_AUTHSAFES_it -PKCS12_BAGS_free -PKCS12_BAGS_it -PKCS12_BAGS_new -PKCS12_MAC_DATA_free -PKCS12_MAC_DATA_it -PKCS12_MAC_DATA_new PKCS12_PBE_add -PKCS12_PBE_keyivgen -PKCS12_SAFEBAGS_it -PKCS12_SAFEBAG_create0_p8inf -PKCS12_SAFEBAG_create0_pkcs8 -PKCS12_SAFEBAG_create_cert -PKCS12_SAFEBAG_create_crl -PKCS12_SAFEBAG_create_pkcs8_encrypt PKCS12_SAFEBAG_free PKCS12_SAFEBAG_get0_attr PKCS12_SAFEBAG_get0_attrs @@ -2057,53 +1865,24 @@ PKCS12_SAFEBAG_get_bag_nid PKCS12_SAFEBAG_get_nid PKCS12_SAFEBAG_it PKCS12_SAFEBAG_new -PKCS12_add_CSPName_asc -PKCS12_add_cert -PKCS12_add_friendlyname_asc -PKCS12_add_friendlyname_uni -PKCS12_add_key -PKCS12_add_localkeyid -PKCS12_add_safe -PKCS12_add_safes PKCS12_create PKCS12_decrypt_skey PKCS12_free -PKCS12_gen_mac PKCS12_get0_mac -PKCS12_get_attr_gen PKCS12_get_friendlyname -PKCS12_init PKCS12_it -PKCS12_item_decrypt_d2i -PKCS12_item_i2d_encrypt -PKCS12_item_pack_safebag -PKCS12_key_gen_asc -PKCS12_key_gen_uni PKCS12_mac_present PKCS12_new PKCS12_newpass -PKCS12_pack_authsafes -PKCS12_pack_p7data -PKCS12_pack_p7encdata PKCS12_parse -PKCS12_pbe_crypt PKCS12_set_mac -PKCS12_setup_mac PKCS12_unpack_authsafes PKCS12_unpack_p7data PKCS12_unpack_p7encdata PKCS12_verify_mac PKCS1_MGF1 -PKCS5_PBE_add -PKCS5_PBE_keyivgen PKCS5_PBKDF2_HMAC PKCS5_PBKDF2_HMAC_SHA1 -PKCS5_pbe2_set -PKCS5_pbe2_set_iv -PKCS5_pbe_set -PKCS5_pbe_set0_algor -PKCS5_pbkdf2_set -PKCS5_v2_PBE_keyivgen PKCS7_ATTR_SIGN_it PKCS7_ATTR_VERIFY_it PKCS7_DIGEST_free @@ -2413,15 +2192,6 @@ SMIME_write_CMS SMIME_write_PKCS7 SSLeay SSLeay_version -STREEBOG256 -STREEBOG256_Final -STREEBOG256_Init -STREEBOG256_Update -STREEBOG512 -STREEBOG512_Final -STREEBOG512_Init -STREEBOG512_Transform -STREEBOG512_Update TS_ACCURACY_dup TS_ACCURACY_free TS_ACCURACY_get_micros @@ -2644,13 +2414,9 @@ X509V3_EXT_CRL_add_conf X509V3_EXT_CRL_add_nconf X509V3_EXT_REQ_add_conf X509V3_EXT_REQ_add_nconf -X509V3_EXT_add -X509V3_EXT_add_alias X509V3_EXT_add_conf -X509V3_EXT_add_list X509V3_EXT_add_nconf X509V3_EXT_add_nconf_sk -X509V3_EXT_cleanup X509V3_EXT_conf X509V3_EXT_conf_nid X509V3_EXT_d2i @@ -2691,7 +2457,6 @@ X509_ALGOR_get0 X509_ALGOR_it X509_ALGOR_new X509_ALGOR_set0 -X509_ALGOR_set_md X509_ATTRIBUTE_count X509_ATTRIBUTE_create X509_ATTRIBUTE_create_by_NID @@ -2706,18 +2471,12 @@ X509_ATTRIBUTE_it X509_ATTRIBUTE_new X509_ATTRIBUTE_set1_data X509_ATTRIBUTE_set1_object -X509_CERT_AUX_free -X509_CERT_AUX_it -X509_CERT_AUX_new -X509_CERT_AUX_print X509_CINF_free X509_CINF_it X509_CINF_new X509_CRL_INFO_free X509_CRL_INFO_it X509_CRL_INFO_new -X509_CRL_METHOD_free -X509_CRL_METHOD_new X509_CRL_add0_revoked X509_CRL_add1_ext_i2d X509_CRL_add_ext @@ -2742,7 +2501,6 @@ X509_CRL_get_ext_count X509_CRL_get_ext_d2i X509_CRL_get_issuer X509_CRL_get_lastUpdate -X509_CRL_get_meth_data X509_CRL_get_nextUpdate X509_CRL_get_signature_nid X509_CRL_get_version @@ -2753,10 +2511,8 @@ X509_CRL_print X509_CRL_print_fp X509_CRL_set1_lastUpdate X509_CRL_set1_nextUpdate -X509_CRL_set_default_method X509_CRL_set_issuer_name X509_CRL_set_lastUpdate -X509_CRL_set_meth_data X509_CRL_set_nextUpdate X509_CRL_set_version X509_CRL_sign @@ -2779,18 +2535,11 @@ X509_EXTENSION_set_data X509_EXTENSION_set_object X509_INFO_free X509_INFO_new -X509_LOOKUP_by_alias -X509_LOOKUP_by_fingerprint -X509_LOOKUP_by_issuer_serial -X509_LOOKUP_by_subject X509_LOOKUP_ctrl X509_LOOKUP_file X509_LOOKUP_free X509_LOOKUP_hash_dir -X509_LOOKUP_init X509_LOOKUP_mem -X509_LOOKUP_new -X509_LOOKUP_shutdown X509_NAME_ENTRIES_it X509_NAME_ENTRY_create_by_NID X509_NAME_ENTRY_create_by_OBJ @@ -2849,17 +2598,12 @@ X509_PUBKEY_it X509_PUBKEY_new X509_PUBKEY_set X509_PUBKEY_set0_param -X509_PURPOSE_add -X509_PURPOSE_cleanup X509_PURPOSE_get0 X509_PURPOSE_get0_name X509_PURPOSE_get0_sname -X509_PURPOSE_get_by_id X509_PURPOSE_get_by_sname X509_PURPOSE_get_count X509_PURPOSE_get_id -X509_PURPOSE_get_trust -X509_PURPOSE_set X509_REQ_INFO_free X509_REQ_INFO_it X509_REQ_INFO_new @@ -2952,7 +2696,6 @@ X509_STORE_CTX_get_verify X509_STORE_CTX_get_verify_cb X509_STORE_CTX_init X509_STORE_CTX_new -X509_STORE_CTX_purpose_inherit X509_STORE_CTX_set0_crls X509_STORE_CTX_set0_param X509_STORE_CTX_set0_trusted_stack @@ -2978,6 +2721,7 @@ X509_STORE_add_crl X509_STORE_add_lookup X509_STORE_free X509_STORE_get0_objects +X509_STORE_get1_objects X509_STORE_get0_param X509_STORE_get_check_issued X509_STORE_get_ex_data @@ -2997,16 +2741,6 @@ X509_STORE_set_trust X509_STORE_set_verify X509_STORE_set_verify_cb X509_STORE_up_ref -X509_TRUST_add -X509_TRUST_cleanup -X509_TRUST_get0 -X509_TRUST_get0_name -X509_TRUST_get_by_id -X509_TRUST_get_count -X509_TRUST_get_flags -X509_TRUST_get_trust -X509_TRUST_set -X509_TRUST_set_default X509_VAL_free X509_VAL_it X509_VAL_new @@ -3290,7 +3024,6 @@ d2i_ESS_SIGNING_CERT d2i_EXTENDED_KEY_USAGE d2i_GENERAL_NAME d2i_GENERAL_NAMES -d2i_GOST_CIPHER_PARAMS d2i_IPAddressChoice d2i_IPAddressFamily d2i_IPAddressOrRange @@ -3317,12 +3050,7 @@ d2i_OCSP_SERVICELOC d2i_OCSP_SIGNATURE d2i_OCSP_SINGLERESP d2i_OTHERNAME -d2i_PBE2PARAM -d2i_PBEPARAM -d2i_PBKDF2PARAM d2i_PKCS12 -d2i_PKCS12_BAGS -d2i_PKCS12_MAC_DATA d2i_PKCS12_SAFEBAG d2i_PKCS12_bio d2i_PKCS12_fp @@ -3387,7 +3115,6 @@ d2i_X509_ALGOR d2i_X509_ALGORS d2i_X509_ATTRIBUTE d2i_X509_AUX -d2i_X509_CERT_AUX d2i_X509_CINF d2i_X509_CRL d2i_X509_CRL_INFO @@ -3487,7 +3214,6 @@ i2d_ESS_SIGNING_CERT i2d_EXTENDED_KEY_USAGE i2d_GENERAL_NAME i2d_GENERAL_NAMES -i2d_GOST_CIPHER_PARAMS i2d_IPAddressChoice i2d_IPAddressFamily i2d_IPAddressOrRange @@ -3514,12 +3240,7 @@ i2d_OCSP_SERVICELOC i2d_OCSP_SIGNATURE i2d_OCSP_SINGLERESP i2d_OTHERNAME -i2d_PBE2PARAM -i2d_PBEPARAM -i2d_PBKDF2PARAM i2d_PKCS12 -i2d_PKCS12_BAGS -i2d_PKCS12_MAC_DATA i2d_PKCS12_SAFEBAG i2d_PKCS12_bio i2d_PKCS12_fp @@ -3589,7 +3310,6 @@ i2d_X509_ALGOR i2d_X509_ALGORS i2d_X509_ATTRIBUTE i2d_X509_AUX -i2d_X509_CERT_AUX i2d_X509_CINF i2d_X509_CRL i2d_X509_CRL_INFO @@ -3633,17 +3353,12 @@ idea_set_encrypt_key lh_delete lh_doall lh_doall_arg +lh_error lh_free lh_insert lh_new -lh_node_stats -lh_node_stats_bio -lh_node_usage_stats -lh_node_usage_stats_bio lh_num_items lh_retrieve -lh_stats -lh_stats_bio lh_strhash o2i_ECPublicKey o2i_SCT @@ -3654,7 +3369,6 @@ sk_delete sk_delete_ptr sk_dup sk_find -sk_find_ex sk_free sk_insert sk_is_sorted diff --git a/lib/libcrypto/Symbols.namespace b/lib/libcrypto/Symbols.namespace index bcd5b84ba..95b2a3372 100644 --- a/lib/libcrypto/Symbols.namespace +++ b/lib/libcrypto/Symbols.namespace @@ -18,7 +18,6 @@ _libre_sk_insert _libre_sk_delete _libre_sk_delete_ptr _libre_sk_find -_libre_sk_find_ex _libre_sk_push _libre_sk_unshift _libre_sk_shift @@ -136,40 +135,18 @@ _libre_PKCS12_SAFEBAG_get1_crl _libre_PKCS8_get_attr _libre_PKCS12_mac_present _libre_PKCS12_get0_mac -_libre_PKCS12_SAFEBAG_create_cert -_libre_PKCS12_SAFEBAG_create_crl -_libre_PKCS12_SAFEBAG_create0_p8inf -_libre_PKCS12_SAFEBAG_create0_pkcs8 -_libre_PKCS12_SAFEBAG_create_pkcs8_encrypt _libre_PKCS12_SAFEBAG_get0_p8inf _libre_PKCS12_SAFEBAG_get0_pkcs8 _libre_PKCS12_SAFEBAG_get0_safes _libre_PKCS12_SAFEBAG_get0_type -_libre_PKCS12_item_pack_safebag _libre_PKCS8_decrypt _libre_PKCS12_decrypt_skey _libre_PKCS8_encrypt -_libre_PKCS12_pack_p7data _libre_PKCS12_unpack_p7data -_libre_PKCS12_pack_p7encdata _libre_PKCS12_unpack_p7encdata -_libre_PKCS12_pack_authsafes _libre_PKCS12_unpack_authsafes -_libre_PKCS12_add_localkeyid -_libre_PKCS12_add_friendlyname_asc -_libre_PKCS12_add_CSPName_asc -_libre_PKCS12_add_friendlyname_uni _libre_PKCS8_add_keyusage -_libre_PKCS12_get_attr_gen _libre_PKCS12_get_friendlyname -_libre_PKCS12_pbe_crypt -_libre_PKCS12_item_decrypt_d2i -_libre_PKCS12_item_i2d_encrypt -_libre_PKCS12_init -_libre_PKCS12_key_gen_asc -_libre_PKCS12_key_gen_uni -_libre_PKCS12_PBE_keyivgen -_libre_PKCS12_gen_mac _libre_PKCS12_verify_mac _libre_PKCS12_set_mac _libre_PKCS12_setup_mac @@ -179,25 +156,13 @@ _libre_PKCS12_new _libre_PKCS12_free _libre_d2i_PKCS12 _libre_i2d_PKCS12 -_libre_PKCS12_MAC_DATA_new -_libre_PKCS12_MAC_DATA_free -_libre_d2i_PKCS12_MAC_DATA -_libre_i2d_PKCS12_MAC_DATA _libre_PKCS12_SAFEBAG_new _libre_PKCS12_SAFEBAG_free _libre_d2i_PKCS12_SAFEBAG _libre_i2d_PKCS12_SAFEBAG -_libre_PKCS12_BAGS_new -_libre_PKCS12_BAGS_free -_libre_d2i_PKCS12_BAGS -_libre_i2d_PKCS12_BAGS _libre_PKCS12_PBE_add _libre_PKCS12_parse _libre_PKCS12_create -_libre_PKCS12_add_cert -_libre_PKCS12_add_key -_libre_PKCS12_add_safe -_libre_PKCS12_add_safes _libre_i2d_PKCS12_bio _libre_i2d_PKCS12_fp _libre_d2i_PKCS12_bio @@ -335,8 +300,6 @@ _libre_X509_get_default_private_dir _libre_X509_to_X509_REQ _libre_X509_REQ_to_X509 _libre_X509_get_pubkey_parameters -_libre_X509_TRUST_set_default -_libre_X509_TRUST_set _libre_X509_NAME_oneline _libre_X509_get0_extensions _libre_X509_get0_tbs_sigalg @@ -499,14 +462,6 @@ _libre_X509_verify_cert _libre_X509_find_by_issuer_and_serial _libre_X509_find_by_subject _libre_X509_check_trust -_libre_X509_TRUST_get_count -_libre_X509_TRUST_get0 -_libre_X509_TRUST_get_by_id -_libre_X509_TRUST_add -_libre_X509_TRUST_cleanup -_libre_X509_TRUST_get_flags -_libre_X509_TRUST_get0_name -_libre_X509_TRUST_get_trust _libre_X509_up_ref _libre_X509_chain_up_ref _libre_ERR_load_X509_strings @@ -561,14 +516,7 @@ _libre_X509_LOOKUP_ctrl _libre_X509_load_cert_file _libre_X509_load_crl_file _libre_X509_load_cert_crl_file -_libre_X509_LOOKUP_new _libre_X509_LOOKUP_free -_libre_X509_LOOKUP_init -_libre_X509_LOOKUP_by_subject -_libre_X509_LOOKUP_by_issuer_serial -_libre_X509_LOOKUP_by_fingerprint -_libre_X509_LOOKUP_by_alias -_libre_X509_LOOKUP_shutdown _libre_X509_STORE_load_locations _libre_X509_STORE_load_mem _libre_X509_STORE_set_default_paths @@ -591,7 +539,6 @@ _libre_X509_STORE_CTX_set_chain _libre_X509_STORE_CTX_set0_crls _libre_X509_STORE_CTX_set_purpose _libre_X509_STORE_CTX_set_trust -_libre_X509_STORE_CTX_purpose_inherit _libre_X509_STORE_CTX_set_flags _libre_X509_STORE_CTX_set_time _libre_X509_STORE_CTX_set0_verified_chain @@ -789,10 +736,6 @@ _libre_i2s_ASN1_INTEGER _libre_s2i_ASN1_INTEGER _libre_i2s_ASN1_ENUMERATED _libre_i2s_ASN1_ENUMERATED_TABLE -_libre_X509V3_EXT_add -_libre_X509V3_EXT_add_list -_libre_X509V3_EXT_add_alias -_libre_X509V3_EXT_cleanup _libre_X509V3_EXT_get _libre_X509V3_EXT_get_nid _libre_X509V3_add_standard_extensions @@ -810,18 +753,13 @@ _libre_X509V3_extensions_print _libre_X509_check_ca _libre_X509_check_purpose _libre_X509_supported_extension -_libre_X509_PURPOSE_set _libre_X509_check_issued _libre_X509_check_akid _libre_X509_PURPOSE_get_count _libre_X509_PURPOSE_get0 _libre_X509_PURPOSE_get_by_sname -_libre_X509_PURPOSE_get_by_id -_libre_X509_PURPOSE_add _libre_X509_PURPOSE_get0_name _libre_X509_PURPOSE_get0_sname -_libre_X509_PURPOSE_get_trust -_libre_X509_PURPOSE_cleanup _libre_X509_PURPOSE_get_id _libre_X509_get_extension_flags _libre_X509_get_key_usage @@ -1025,7 +963,6 @@ _libre_ASN1_TIME_normalize _libre_ASN1_TIME_set_string_X509 _libre_ASN1_TIME_diff _libre_ASN1_TIME_set -_libre_ASN1_TIME_set_tm _libre_ASN1_TIME_adj _libre_ASN1_TIME_check _libre_ASN1_TIME_to_generalizedtime @@ -1093,33 +1030,16 @@ _libre_ASN1_mbstring_copy _libre_ASN1_mbstring_ncopy _libre_ASN1_STRING_set_by_NID _libre_ASN1_STRING_TABLE_get -_libre_ASN1_STRING_TABLE_add -_libre_ASN1_STRING_TABLE_cleanup _libre_ASN1_item_new _libre_ASN1_item_free _libre_ASN1_item_d2i _libre_ASN1_item_i2d -_libre_ASN1_add_oid_module _libre_ASN1_generate_nconf _libre_ASN1_generate_v3 _libre_ASN1_item_print -_libre_ASN1_PCTX_new -_libre_ASN1_PCTX_free -_libre_ASN1_PCTX_get_flags -_libre_ASN1_PCTX_set_flags -_libre_ASN1_PCTX_get_nm_flags -_libre_ASN1_PCTX_set_nm_flags -_libre_ASN1_PCTX_get_cert_flags -_libre_ASN1_PCTX_set_cert_flags -_libre_ASN1_PCTX_get_oid_flags -_libre_ASN1_PCTX_set_oid_flags -_libre_ASN1_PCTX_get_str_flags -_libre_ASN1_PCTX_set_str_flags _libre_SMIME_crlf_copy _libre_SMIME_text _libre_ERR_load_ASN1_strings -_libre_ASN1_time_parse -_libre_ASN1_time_tm_cmp _libre_BIO_set_flags _libre_BIO_test_flags _libre_BIO_clear_flags @@ -1163,7 +1083,6 @@ _libre_BIO_s_file _libre_BIO_new_file _libre_BIO_new_fp _libre_BIO_new -_libre_BIO_set _libre_BIO_free _libre_BIO_up_ref _libre_BIO_get_data @@ -1213,8 +1132,6 @@ _libre_BIO_fd_should_retry _libre_BIO_fd_non_fatal_error _libre_BIO_dump _libre_BIO_dump_indent -_libre_BIO_dump_fp -_libre_BIO_dump_indent_fp _libre_BIO_gethostbyname _libre_BIO_sock_error _libre_BIO_socket_ioctl @@ -1233,9 +1150,6 @@ _libre_BIO_new_connect _libre_BIO_new_accept _libre_BIO_copy_next_retry _libre_BIO_printf -_libre_BIO_vprintf -_libre_BIO_snprintf -_libre_BIO_vsnprintf _libre_ERR_load_BIO_strings _libre_ASN1_item_ex_new _libre_ASN1_item_ex_free @@ -1386,7 +1300,6 @@ _libre_ERR_load_crypto_strings _libre_ERR_free_strings _libre_ERR_remove_thread_state _libre_ERR_remove_state -_libre_ERR_get_state _libre_ERR_get_next_error_library _libre_ERR_set_mark _libre_ERR_pop_to_mark @@ -1739,12 +1652,6 @@ _libre_lh_doall _libre_lh_doall_arg _libre_lh_strhash _libre_lh_num_items -_libre_lh_stats -_libre_lh_node_stats -_libre_lh_node_usage_stats -_libre_lh_stats_bio -_libre_lh_node_stats_bio -_libre_lh_node_usage_stats_bio _libre_SM3_Init _libre_SM3_Update _libre_SM3_Final @@ -1948,35 +1855,14 @@ _libre_CRYPTO_get_ex_data _libre_CRYPTO_cleanup_all_ex_data _libre_CRYPTO_lock _libre_CRYPTO_add_lock -_libre_CRYPTO_THREADID_current -_libre_CRYPTO_THREADID_cmp -_libre_CRYPTO_THREADID_cpy -_libre_CRYPTO_THREADID_hash _libre_CRYPTO_set_mem_functions _libre_CRYPTO_set_locked_mem_functions _libre_CRYPTO_set_mem_ex_functions _libre_CRYPTO_set_locked_mem_ex_functions _libre_CRYPTO_set_mem_debug_functions -_libre_CRYPTO_get_mem_functions -_libre_CRYPTO_get_locked_mem_functions -_libre_CRYPTO_get_mem_ex_functions -_libre_CRYPTO_get_locked_mem_ex_functions -_libre_CRYPTO_get_mem_debug_functions _libre_CRYPTO_realloc_clean _libre_CRYPTO_remalloc _libre_CRYPTO_set_mem_debug_options -_libre_CRYPTO_get_mem_debug_options -_libre_CRYPTO_push_info_ -_libre_CRYPTO_pop_info -_libre_CRYPTO_remove_all_info -_libre_CRYPTO_dbg_malloc -_libre_CRYPTO_dbg_realloc -_libre_CRYPTO_dbg_free -_libre_CRYPTO_dbg_set_options -_libre_CRYPTO_dbg_get_options -_libre_CRYPTO_mem_leaks_fp -_libre_CRYPTO_mem_leaks -_libre_CRYPTO_mem_leaks_cb _libre_OpenSSLDie _libre_OPENSSL_cpu_caps _libre_OPENSSL_init_crypto @@ -2245,9 +2131,6 @@ _libre_BN_lshift _libre_BN_lshift1 _libre_BN_exp _libre_BN_mod_exp_mont_consttime -_libre_BN_mod_exp_mont_word -_libre_BN_mod_exp2_mont -_libre_BN_mod_exp_simple _libre_BN_mask_bits _libre_BN_print_fp _libre_BN_print @@ -2422,12 +2305,6 @@ _libre_RSA_meth_set_sign _libre_RSA_meth_get_verify _libre_RSA_meth_set_verify _libre_ERR_load_RSA_strings -_libre_OBJ_NAME_init -_libre_OBJ_NAME_new_index -_libre_OBJ_NAME_get -_libre_OBJ_NAME_add -_libre_OBJ_NAME_remove -_libre_OBJ_NAME_cleanup _libre_OBJ_NAME_do_all _libre_OBJ_NAME_do_all_sorted _libre_OBJ_dup @@ -2441,9 +2318,7 @@ _libre_OBJ_txt2nid _libre_OBJ_ln2nid _libre_OBJ_sn2nid _libre_OBJ_cmp -_libre_OBJ_bsearch_ _libre_OBJ_new_nid -_libre_OBJ_add_object _libre_OBJ_create _libre_OBJ_cleanup _libre_OBJ_create_objects @@ -2460,7 +2335,6 @@ _libre_CMAC_CTX_copy _libre_CMAC_Init _libre_CMAC_Update _libre_CMAC_Final -_libre_CMAC_resume _libre_d2i_DSAparams_bio _libre_i2d_DSAparams_bio _libre_d2i_DSAparams_fp @@ -2497,7 +2371,6 @@ _libre_d2i_DSAPrivateKey _libre_i2d_DSAPrivateKey _libre_d2i_DSAparams _libre_i2d_DSAparams -_libre_DSA_generate_parameters _libre_DSA_generate_parameters_ex _libre_DSA_generate_key _libre_DSAparams_print diff --git a/lib/libcrypto/asn1/a_strnid.c b/lib/libcrypto/asn1/a_strnid.c index 58c6e5eda..5fa60b9ce 100644 --- a/lib/libcrypto/asn1/a_strnid.c +++ b/lib/libcrypto/asn1/a_strnid.c @@ -1,4 +1,4 @@ -/* $OpenBSD: a_strnid.c,v 1.29 2023/12/16 12:56:20 tb Exp $ */ +/* $OpenBSD: a_strnid.c,v 1.31 2024/03/02 08:54:02 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -141,7 +141,7 @@ ASN1_STRING * ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in, int inlen, int inform, int nid) { - ASN1_STRING_TABLE *tbl; + const ASN1_STRING_TABLE *tbl; ASN1_STRING *str = NULL; unsigned long mask; int ret; @@ -313,8 +313,7 @@ static const ASN1_STRING_TABLE tbl_standard[] = { #define N_STRING_TABLE_ENTRIES (sizeof(tbl_standard) / sizeof(tbl_standard[0])) -/* XXX - const */ -ASN1_STRING_TABLE * +const ASN1_STRING_TABLE * ASN1_STRING_TABLE_get(int nid) { size_t i; @@ -322,25 +321,9 @@ ASN1_STRING_TABLE_get(int nid) for (i = 0; i < N_STRING_TABLE_ENTRIES; i++) { const ASN1_STRING_TABLE *entry = &tbl_standard[i]; if (entry->nid == nid) - return (ASN1_STRING_TABLE *)entry; + return entry; } return NULL; } LCRYPTO_ALIAS(ASN1_STRING_TABLE_get); - -int -ASN1_STRING_TABLE_add(int nid, long minsize, long maxsize, unsigned long mask, - unsigned long flags) -{ - ASN1error(ERR_R_DISABLED); - return 0; -} -LCRYPTO_ALIAS(ASN1_STRING_TABLE_add); - -void -ASN1_STRING_TABLE_cleanup(void) -{ - ASN1error(ERR_R_DISABLED); -} -LCRYPTO_ALIAS(ASN1_STRING_TABLE_cleanup); diff --git a/lib/libcrypto/asn1/a_time_tm.c b/lib/libcrypto/asn1/a_time_tm.c index ea94d2f59..986c1e735 100644 --- a/lib/libcrypto/asn1/a_time_tm.c +++ b/lib/libcrypto/asn1/a_time_tm.c @@ -1,4 +1,4 @@ -/* $OpenBSD: a_time_tm.c,v 1.31 2023/10/01 22:14:36 tb Exp $ */ +/* $OpenBSD: a_time_tm.c,v 1.33 2024/03/02 09:10:42 tb Exp $ */ /* * Copyright (c) 2015 Bob Beck * @@ -60,7 +60,6 @@ ASN1_time_tm_cmp(struct tm *tm1, struct tm *tm2) return (1); return 0; } -LCRYPTO_ALIAS(ASN1_time_tm_cmp); int ASN1_time_tm_clamp_notafter(struct tm *tm) @@ -345,7 +344,6 @@ ASN1_time_parse(const char *bytes, size_t len, struct tm *tm, int mode) return -1; } -LCRYPTO_ALIAS(ASN1_time_parse); /* * ASN1_TIME generic functions. @@ -408,17 +406,6 @@ ASN1_TIME_set(ASN1_TIME *s, time_t t) } LCRYPTO_ALIAS(ASN1_TIME_set); -ASN1_TIME * -ASN1_TIME_set_tm(ASN1_TIME *s, struct tm *tm) -{ - time_t t; - - if (!asn1_time_tm_to_time_t(tm, &t)) - return NULL; - return (ASN1_TIME_adj(s, t, 0, 0)); -} -LCRYPTO_ALIAS(ASN1_TIME_set_tm); - ASN1_TIME * ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day, long offset_sec) { diff --git a/lib/libcrypto/asn1/ameth_lib.c b/lib/libcrypto/asn1/ameth_lib.c deleted file mode 100644 index 35fcb8ea0..000000000 --- a/lib/libcrypto/asn1/ameth_lib.c +++ /dev/null @@ -1,180 +0,0 @@ -/* $OpenBSD: ameth_lib.c,v 1.42 2024/01/04 16:50:53 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2006. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include - -#include "evp_local.h" - -/* - * XXX - remove all the API below here in the next major bump. - */ - -EVP_PKEY_ASN1_METHOD* -EVP_PKEY_asn1_new(int id, int flags, const char *pem_str, const char *info) -{ - EVPerror(ERR_R_DISABLED); - return NULL; -} - -void -EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst, const EVP_PKEY_ASN1_METHOD *src) -{ - EVPerror(ERR_R_DISABLED); -} - -void -EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth) -{ - EVPerror(ERR_R_DISABLED); -} - -void -EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth, - int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub), - int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk), - int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b), - int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx), - int (*pkey_size)(const EVP_PKEY *pk), - int (*pkey_bits)(const EVP_PKEY *pk)) -{ - EVPerror(ERR_R_DISABLED); -} - -void -EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth, - int (*priv_decode)(EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf), - int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk), - int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx)) -{ - EVPerror(ERR_R_DISABLED); -} - -void -EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth, - int (*param_decode)(EVP_PKEY *pkey, const unsigned char **pder, int derlen), - int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder), - int (*param_missing)(const EVP_PKEY *pk), - int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from), - int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b), - int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx)) -{ - EVPerror(ERR_R_DISABLED); -} - -void -EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth, - void (*pkey_free)(EVP_PKEY *pkey)) -{ - EVPerror(ERR_R_DISABLED); -} - -void -EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth, - int (*pkey_ctrl)(EVP_PKEY *pkey, int op, long arg1, void *arg2)) -{ - EVPerror(ERR_R_DISABLED); -} - -void -EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth, - int (*pkey_security_bits)(const EVP_PKEY *pkey)) -{ - EVPerror(ERR_R_DISABLED); -} - -void -EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth, - int (*pkey_check)(const EVP_PKEY *pk)) -{ - EVPerror(ERR_R_DISABLED); -} - -void -EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth, - int (*pkey_public_check)(const EVP_PKEY *pk)) -{ - EVPerror(ERR_R_DISABLED); -} - -void -EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth, - int (*pkey_param_check)(const EVP_PKEY *pk)) -{ - EVPerror(ERR_R_DISABLED); -} - -int -EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth) -{ - EVPerror(ERR_R_DISABLED); - return 0; -} - -int -EVP_PKEY_asn1_add_alias(int to, int from) -{ - EVPerror(ERR_R_DISABLED); - return 0; -} diff --git a/lib/libcrypto/asn1/asn1.h b/lib/libcrypto/asn1/asn1.h index cf288e506..63458db94 100644 --- a/lib/libcrypto/asn1/asn1.h +++ b/lib/libcrypto/asn1/asn1.h @@ -1,4 +1,4 @@ -/* $OpenBSD: asn1.h,v 1.83 2024/02/18 16:28:38 tb Exp $ */ +/* $OpenBSD: asn1.h,v 1.91 2024/03/02 09:08:41 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -217,20 +217,6 @@ typedef struct asn1_string_table_st { unsigned long flags; } ASN1_STRING_TABLE; -/* XXX - unused. Remove in next major bump. */ -DECLARE_STACK_OF(ASN1_STRING_TABLE) - -/* size limits: this stuff is taken straight from RFC2459 */ -/* XXX - unused macros. A more complete version is in a_strnid.c. Remove? */ -#define ub_name 32768 -#define ub_common_name 64 -#define ub_locality_name 128 -#define ub_state_name 128 -#define ub_organization_name 64 -#define ub_organization_unit_name 64 -#define ub_title 64 -#define ub_email_address 128 - /* Declarations for template structures: for full definitions * see asn1t.h */ @@ -519,19 +505,6 @@ typedef struct BIT_STRING_BITNAME_st { B_ASN1_BMPSTRING|\ B_ASN1_UTF8STRING -#ifndef LIBRESSL_INTERNAL -#define M_ASN1_IA5STRING_new ASN1_IA5STRING_new - -#define M_ASN1_INTEGER_free ASN1_INTEGER_free -#define M_ASN1_ENUMERATED_free ASN1_ENUMERATED_free -#define M_ASN1_OCTET_STRING_free ASN1_OCTET_STRING_free - -#define M_ASN1_OCTET_STRING_print ASN1_STRING_print - -#define M_ASN1_STRING_data ASN1_STRING_data -#define M_ASN1_STRING_length ASN1_STRING_length -#endif - ASN1_TYPE *ASN1_TYPE_new(void); void ASN1_TYPE_free(ASN1_TYPE *a); ASN1_TYPE *d2i_ASN1_TYPE(ASN1_TYPE **a, const unsigned char **in, long len); @@ -711,7 +684,6 @@ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from, extern const ASN1_ITEM ASN1_OCTET_STRING_NDEF_it; ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t); -ASN1_TIME *ASN1_TIME_set_tm(ASN1_TIME *s, struct tm *tm); ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day, long offset_sec); int ASN1_TIME_check(const ASN1_TIME *t); @@ -856,9 +828,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in, int inlen, int inform, int nid); -ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid); -int ASN1_STRING_TABLE_add(int, long, long, unsigned long, unsigned long); -void ASN1_STRING_TABLE_cleanup(void); +const ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid); /* ASN1 template functions */ @@ -869,8 +839,6 @@ ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it); int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); -void ASN1_add_oid_module(void); - ASN1_TYPE *ASN1_generate_nconf(const char *str, CONF *nconf); ASN1_TYPE *ASN1_generate_v3(const char *str, X509V3_CTX *cnf); @@ -897,18 +865,6 @@ ASN1_TYPE *ASN1_generate_v3(const char *str, X509V3_CTX *cnf); int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent, const ASN1_ITEM *it, const ASN1_PCTX *pctx); -ASN1_PCTX *ASN1_PCTX_new(void); -void ASN1_PCTX_free(ASN1_PCTX *p); -unsigned long ASN1_PCTX_get_flags(const ASN1_PCTX *p); -void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags); -unsigned long ASN1_PCTX_get_nm_flags(const ASN1_PCTX *p); -void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags); -unsigned long ASN1_PCTX_get_cert_flags(const ASN1_PCTX *p); -void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags); -unsigned long ASN1_PCTX_get_oid_flags(const ASN1_PCTX *p); -void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags); -unsigned long ASN1_PCTX_get_str_flags(const ASN1_PCTX *p); -void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags); int SMIME_crlf_copy(BIO *in, BIO *out, int flags); int SMIME_text(BIO *in, BIO *out); @@ -1168,8 +1124,6 @@ void ERR_load_ASN1_strings(void); #define ASN1_R_WRONG_TAG 168 #define ASN1_R_WRONG_TYPE 169 -int ASN1_time_parse(const char *_bytes, size_t _len, struct tm *_tm, int _mode); -int ASN1_time_tm_cmp(struct tm *_tm1, struct tm *_tm2); #ifdef __cplusplus } #endif diff --git a/lib/libcrypto/asn1/asn1_local.h b/lib/libcrypto/asn1/asn1_local.h index a5478faa0..19de97877 100644 --- a/lib/libcrypto/asn1/asn1_local.h +++ b/lib/libcrypto/asn1/asn1_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: asn1_local.h,v 1.8 2024/02/18 16:28:38 tb Exp $ */ +/* $OpenBSD: asn1_local.h,v 1.10 2024/03/02 09:10:42 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -187,4 +187,7 @@ void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it); int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); +int ASN1_time_parse(const char *_bytes, size_t _len, struct tm *_tm, int _mode); +int ASN1_time_tm_cmp(struct tm *_tm1, struct tm *_tm2); + __END_HIDDEN_DECLS diff --git a/lib/libcrypto/asn1/asn_moid.c b/lib/libcrypto/asn1/asn_moid.c index 4da35c0e0..687498046 100644 --- a/lib/libcrypto/asn1/asn_moid.c +++ b/lib/libcrypto/asn1/asn_moid.c @@ -1,4 +1,4 @@ -/* $OpenBSD: asn_moid.c,v 1.16 2023/07/05 21:23:36 beck Exp $ */ +/* $OpenBSD: asn_moid.c,v 1.17 2024/03/02 09:02:04 tb Exp $ */ /* Written by Stephen Henson (steve@openssl.org) for the OpenSSL * project 2001. */ @@ -105,7 +105,6 @@ ASN1_add_oid_module(void) { CONF_module_add("oid_section", oid_module_init, oid_module_finish); } -LCRYPTO_ALIAS(ASN1_add_oid_module); /* Create an OID based on a name value pair. Accept two formats. * shortname = 1.2.3.4 diff --git a/lib/libcrypto/asn1/p5_pbe.c b/lib/libcrypto/asn1/p5_pbe.c index 204e81828..0b628b36d 100644 --- a/lib/libcrypto/asn1/p5_pbe.c +++ b/lib/libcrypto/asn1/p5_pbe.c @@ -1,4 +1,4 @@ -/* $OpenBSD: p5_pbe.c,v 1.25 2023/07/07 19:37:52 beck Exp $ */ +/* $OpenBSD: p5_pbe.c,v 1.26 2024/03/02 10:17:37 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -64,6 +64,8 @@ #include #include +#include "x509_local.h" + /* PKCS#5 password based encryption structure */ static const ASN1_TEMPLATE PBEPARAM_seq_tt[] = { diff --git a/lib/libcrypto/asn1/p5_pbev2.c b/lib/libcrypto/asn1/p5_pbev2.c index 8ee752c02..ebb20c296 100644 --- a/lib/libcrypto/asn1/p5_pbev2.c +++ b/lib/libcrypto/asn1/p5_pbev2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: p5_pbev2.c,v 1.31 2024/02/18 15:44:10 tb Exp $ */ +/* $OpenBSD: p5_pbev2.c,v 1.32 2024/03/02 10:17:37 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999-2004. */ @@ -65,6 +65,7 @@ #include #include "evp_local.h" +#include "x509_local.h" /* PKCS#5 v2.0 password based encryption structures */ diff --git a/lib/libcrypto/asn1/tasn_prn.c b/lib/libcrypto/asn1/tasn_prn.c index d404838c6..07764fc09 100644 --- a/lib/libcrypto/asn1/tasn_prn.c +++ b/lib/libcrypto/asn1/tasn_prn.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tasn_prn.c,v 1.26 2023/12/20 14:26:47 tb Exp $ */ +/* $OpenBSD: tasn_prn.c,v 1.27 2024/03/02 09:04:07 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -76,99 +76,6 @@ static const ASN1_PCTX default_pctx = { .flags = ASN1_PCTX_FLAGS_SHOW_ABSENT, }; -ASN1_PCTX * -ASN1_PCTX_new(void) -{ - ASN1_PCTX *p; - - if ((p = calloc(1, sizeof(ASN1_PCTX))) == NULL) { - ASN1error(ERR_R_MALLOC_FAILURE); - return NULL; - } - - return p; -} -LCRYPTO_ALIAS(ASN1_PCTX_new); - -void -ASN1_PCTX_free(ASN1_PCTX *p) -{ - free(p); -} -LCRYPTO_ALIAS(ASN1_PCTX_free); - -unsigned long -ASN1_PCTX_get_flags(const ASN1_PCTX *p) -{ - return p->flags; -} -LCRYPTO_ALIAS(ASN1_PCTX_get_flags); - -void -ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags) -{ - p->flags = flags; -} -LCRYPTO_ALIAS(ASN1_PCTX_set_flags); - -unsigned long -ASN1_PCTX_get_nm_flags(const ASN1_PCTX *p) -{ - return p->nm_flags; -} -LCRYPTO_ALIAS(ASN1_PCTX_get_nm_flags); - -void -ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags) -{ - p->nm_flags = flags; -} -LCRYPTO_ALIAS(ASN1_PCTX_set_nm_flags); - -unsigned long -ASN1_PCTX_get_cert_flags(const ASN1_PCTX *p) -{ - return p->cert_flags; -} -LCRYPTO_ALIAS(ASN1_PCTX_get_cert_flags); - -void -ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags) -{ - p->cert_flags = flags; -} -LCRYPTO_ALIAS(ASN1_PCTX_set_cert_flags); - -unsigned long -ASN1_PCTX_get_oid_flags(const ASN1_PCTX *p) -{ - return p->oid_flags; -} -LCRYPTO_ALIAS(ASN1_PCTX_get_oid_flags); - -void -ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags) -{ - p->oid_flags = flags; -} -LCRYPTO_ALIAS(ASN1_PCTX_set_oid_flags); - -unsigned long -ASN1_PCTX_get_str_flags(const ASN1_PCTX *p) -{ - return p->str_flags; -} -LCRYPTO_ALIAS(ASN1_PCTX_get_str_flags); - -void -ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags) -{ - p->str_flags = flags; -} -LCRYPTO_ALIAS(ASN1_PCTX_set_str_flags); - -/* Main print routines */ - static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent, const ASN1_ITEM *it, const char *fname, const char *sname, int nohdr, const ASN1_PCTX *pctx); diff --git a/lib/libcrypto/asn1/x_algor.c b/lib/libcrypto/asn1/x_algor.c index d9a6cf9d8..939ce4b66 100644 --- a/lib/libcrypto/asn1/x_algor.c +++ b/lib/libcrypto/asn1/x_algor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x_algor.c,v 1.38 2023/11/01 20:41:12 tb Exp $ */ +/* $OpenBSD: x_algor.c,v 1.39 2024/03/02 10:33:51 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -268,12 +268,6 @@ X509_ALGOR_set_evp_md(X509_ALGOR *alg, const EVP_MD *md) return 1; } -void -X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md) -{ - (void)X509_ALGOR_set_evp_md(alg, md); -} - int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b) { diff --git a/lib/libcrypto/asn1/x_crl.c b/lib/libcrypto/asn1/x_crl.c index b58d88833..e3d16352a 100644 --- a/lib/libcrypto/asn1/x_crl.c +++ b/lib/libcrypto/asn1/x_crl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x_crl.c,v 1.42 2024/01/06 17:37:23 tb Exp $ */ +/* $OpenBSD: x_crl.c,v 1.43 2024/03/02 10:59:41 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -603,39 +603,6 @@ X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x) X509_get_issuer_name(x)); } -void -X509_CRL_set_default_method(const X509_CRL_METHOD *meth) -{ -} - -X509_CRL_METHOD * -X509_CRL_METHOD_new(int (*crl_init)(X509_CRL *crl), - int (*crl_free)(X509_CRL *crl), - int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret, - ASN1_INTEGER *ser, X509_NAME *issuer), - int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk)) -{ - X509error(ERR_R_DISABLED); - return NULL; -} - -void -X509_CRL_METHOD_free(X509_CRL_METHOD *m) -{ -} - -void -X509_CRL_set_meth_data(X509_CRL *crl, void *dat) -{ -} - -void * -X509_CRL_get_meth_data(X509_CRL *crl) -{ - X509error(ERR_R_DISABLED); - return NULL; -} - int X509_CRL_get_signature_nid(const X509_CRL *crl) { diff --git a/lib/libcrypto/bio/b_dump.c b/lib/libcrypto/bio/b_dump.c index 39cd94e76..4dcf710bb 100644 --- a/lib/libcrypto/bio/b_dump.c +++ b/lib/libcrypto/bio/b_dump.c @@ -1,4 +1,4 @@ -/* $OpenBSD: b_dump.c,v 1.29 2024/02/15 10:34:30 tb Exp $ */ +/* $OpenBSD: b_dump.c,v 1.30 2024/03/02 09:21:24 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -209,39 +209,3 @@ BIO_dump(BIO *bio, const char *s, int len) return BIO_dump_indent(bio, s, len, 0); } LCRYPTO_ALIAS(BIO_dump); - -/* - * XXX - remove the functions below in the next major bump. - */ - -int -BIO_dump_cb(int (*cb)(const void *data, size_t len, void *u), - void *u, const char *s, int len) -{ - BIOerror(ERR_R_DISABLED); - return -1; -} - -int -BIO_dump_indent_cb(int (*cb)(const void *data, size_t len, void *u), - void *u, const char *s, int len, int indent) -{ - BIOerror(ERR_R_DISABLED); - return -1; -} - -int -BIO_dump_fp(FILE *fp, const char *s, int len) -{ - BIOerror(ERR_R_DISABLED); - return -1; -} -LCRYPTO_ALIAS(BIO_dump_fp); - -int -BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent) -{ - BIOerror(ERR_R_DISABLED); - return -1; -} -LCRYPTO_ALIAS(BIO_dump_indent_fp); diff --git a/lib/libcrypto/bio/b_print.c b/lib/libcrypto/bio/b_print.c index a750ac413..f6943ea3f 100644 --- a/lib/libcrypto/bio/b_print.c +++ b/lib/libcrypto/bio/b_print.c @@ -1,21 +1,10 @@ -/* $OpenBSD: b_print.c,v 1.27 2023/07/05 21:23:37 beck Exp $ */ +/* $OpenBSD: b_print.c,v 1.28 2024/03/02 09:18:28 tb Exp $ */ /* Theo de Raadt places this file in the public domain. */ #include -int -BIO_printf(BIO *bio, const char *format, ...) -{ - va_list args; - int ret; - - va_start(args, format); - ret = BIO_vprintf(bio, format, args); - va_end(args); - return (ret); -} -LCRYPTO_ALIAS(BIO_printf); +#include "bio_local.h" #ifdef HAVE_FUNOPEN static int @@ -40,7 +29,6 @@ BIO_vprintf(BIO *bio, const char *format, va_list args) fail: return (ret); } -LCRYPTO_ALIAS(BIO_vprintf); #else /* !HAVE_FUNOPEN */ @@ -57,55 +45,18 @@ BIO_vprintf(BIO *bio, const char *format, va_list args) free(buf); return (ret); } -LCRYPTO_ALIAS(BIO_vprintf); #endif /* HAVE_FUNOPEN */ -/* - * BIO_snprintf and BIO_vsnprintf return -1 for overflow, - * due to the history of this API. Justification: - * - * Traditional snprintf surfaced in 4.4BSD, and returned - * "number of bytes wanted". Solaris and Windows opted to - * return -1. A draft standard was written which returned -1. - * Due to the large volume of code already using the first - * semantics, the draft was repaired before standardization to - * specify "number of bytes wanted" plus "-1 for character conversion - * style errors". Solaris adapted to this rule, but Windows stuck - * with -1. - * - * Original OpenSSL comment which is full of lies: - * - * "In case of truncation, return -1 like traditional snprintf. - * (Current drafts for ISO/IEC 9899 say snprintf should return - * the number of characters that would have been written, - * had the buffer been large enough.)" - */ int -BIO_snprintf(char *buf, size_t n, const char *format, ...) +BIO_printf(BIO *bio, const char *format, ...) { va_list args; int ret; va_start(args, format); - ret = vsnprintf(buf, n, format, args); + ret = BIO_vprintf(bio, format, args); va_end(args); - - if (ret >= n || ret == -1) - return (-1); return (ret); } -LCRYPTO_ALIAS(BIO_snprintf); - -int -BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args) -{ - int ret; - - ret = vsnprintf(buf, n, format, args); - - if (ret >= n || ret == -1) - return (-1); - return (ret); -} -LCRYPTO_ALIAS(BIO_vsnprintf); +LCRYPTO_ALIAS(BIO_printf); diff --git a/lib/libcrypto/bio/bio.h b/lib/libcrypto/bio/bio.h index 06456003c..a96d2b294 100644 --- a/lib/libcrypto/bio/bio.h +++ b/lib/libcrypto/bio/bio.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bio.h,v 1.60 2023/08/25 12:37:33 schwarze Exp $ */ +/* $OpenBSD: bio.h,v 1.63 2024/03/02 09:22:41 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -534,7 +534,6 @@ const BIO_METHOD *BIO_s_file(void); BIO *BIO_new_file(const char *filename, const char *mode); BIO *BIO_new_fp(FILE *stream, int close_flag); BIO *BIO_new(const BIO_METHOD *type); -int BIO_set(BIO *a, const BIO_METHOD *type); int BIO_free(BIO *a); int BIO_up_ref(BIO *bio); void *BIO_get_data(BIO *a); @@ -599,14 +598,10 @@ int BIO_dgram_non_fatal_error(int _error); int BIO_fd_should_retry(int i); int BIO_fd_non_fatal_error(int _error); -int BIO_dump_cb(int (*cb)(const void *data, size_t len, void *u), - void *u, const char *s, int len); -int BIO_dump_indent_cb(int (*cb)(const void *data, size_t len, void *u), - void *u, const char *s, int len, int indent); + int BIO_dump(BIO *b, const char *bytes, int len); int BIO_dump_indent(BIO *b, const char *bytes, int len, int indent); -int BIO_dump_fp(FILE *fp, const char *s, int len); -int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent); + struct hostent *BIO_gethostbyname(const char *name); /* We might want a thread-safe interface too: * struct hostent *BIO_gethostbyname_r(const char *name, @@ -648,25 +643,9 @@ void BIO_copy_next_retry(BIO *b); #ifndef __MINGW_PRINTF_FORMAT int BIO_printf(BIO *bio, const char *format, ...) __attribute__((__format__(__printf__, 2, 3), __nonnull__(2))); -int BIO_vprintf(BIO *bio, const char *format, va_list args) - __attribute__((__format__(__printf__, 2, 0), __nonnull__(2))); -int BIO_snprintf(char *buf, size_t n, const char *format, ...) - __attribute__((__deprecated__, __format__(__printf__, 3, 4), - __nonnull__(3))); -int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args) - __attribute__((__deprecated__, __format__(__printf__, 3, 0), - __nonnull__(3))); #else int BIO_printf(BIO *bio, const char *format, ...) __attribute__((__format__(__MINGW_PRINTF_FORMAT, 2, 3), __nonnull__(2))); -int BIO_vprintf(BIO *bio, const char *format, va_list args) - __attribute__((__format__(__MINGW_PRINTF_FORMAT, 2, 0), __nonnull__(2))); -int BIO_snprintf(char *buf, size_t n, const char *format, ...) - __attribute__((__deprecated__, __format__(__MINGW_PRINTF_FORMAT, 3, 4), - __nonnull__(3))); -int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args) - __attribute__((__deprecated__, __format__(__MINGW_PRINTF_FORMAT, 3, 0), - __nonnull__(3))); #endif void ERR_load_BIO_strings(void); diff --git a/lib/libcrypto/bio/bio_lib.c b/lib/libcrypto/bio/bio_lib.c index c90dd161f..2f490a42f 100644 --- a/lib/libcrypto/bio/bio_lib.c +++ b/lib/libcrypto/bio/bio_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bio_lib.c,v 1.51 2024/02/17 14:29:07 jsing Exp $ */ +/* $OpenBSD: bio_lib.c,v 1.52 2024/03/02 09:22:41 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -160,14 +160,6 @@ BIO_new(const BIO_METHOD *method) } LCRYPTO_ALIAS(BIO_new); -int -BIO_set(BIO *bio, const BIO_METHOD *method) -{ - BIOerror(ERR_R_DISABLED); - return 0; -} -LCRYPTO_ALIAS(BIO_set); - int BIO_free(BIO *bio) { diff --git a/lib/libcrypto/bio/bio_local.h b/lib/libcrypto/bio/bio_local.h index 4eecf7e04..f59b5756c 100644 --- a/lib/libcrypto/bio/bio_local.h +++ b/lib/libcrypto/bio/bio_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bio_local.h,v 1.5 2022/12/02 19:44:04 tb Exp $ */ +/* $OpenBSD: bio_local.h,v 1.6 2024/03/02 09:18:28 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -59,6 +59,8 @@ #ifndef HEADER_BIO_LOCAL_H #define HEADER_BIO_LOCAL_H +#include + __BEGIN_HIDDEN_DECLS struct bio_method_st { @@ -118,6 +120,8 @@ typedef struct bio_f_buffer_ctx_struct { int obuf_off; /* write/read offset */ } BIO_F_BUFFER_CTX; +int BIO_vprintf(BIO *bio, const char *format, va_list args); + __END_HIDDEN_DECLS #endif /* !HEADER_BIO_LOCAL_H */ diff --git a/lib/libcrypto/bn/bn.h b/lib/libcrypto/bn/bn.h index e00953ea2..792107529 100644 --- a/lib/libcrypto/bn/bn.h +++ b/lib/libcrypto/bn/bn.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bn.h,v 1.75 2023/07/31 05:04:06 tb Exp $ */ +/* $OpenBSD: bn.h,v 1.77 2024/03/02 09:27:31 tb Exp $ */ /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -391,13 +391,6 @@ int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, #endif int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont); -int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); -int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1, - const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *m_ctx); -int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); int BN_mask_bits(BIGNUM *a, int n); int BN_print_fp(FILE *fp, const BIGNUM *a); diff --git a/lib/libcrypto/bn/bn_exp.c b/lib/libcrypto/bn/bn_exp.c index 8293ae54f..04852424f 100644 --- a/lib/libcrypto/bn/bn_exp.c +++ b/lib/libcrypto/bn/bn_exp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_exp.c,v 1.50 2023/10/19 10:27:27 tb Exp $ */ +/* $OpenBSD: bn_exp.c,v 1.52 2024/03/02 09:27:31 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -304,7 +304,6 @@ BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, return ret; } -LCRYPTO_ALIAS(BN_mod_exp_simple); /* BN_mod_exp_mont_consttime() stores the precomputed powers in a specific layout * so that accessing any of these table values shows the same access pattern as far @@ -962,7 +961,6 @@ err: BN_CTX_end(ctx); return (ret); } -LCRYPTO_ALIAS(BN_mod_exp_mont_word); int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, @@ -1354,4 +1352,3 @@ err: BN_CTX_end(ctx); return (ret); } -LCRYPTO_ALIAS(BN_mod_exp2_mont); diff --git a/lib/libcrypto/bn/bn_local.h b/lib/libcrypto/bn/bn_local.h index a9ce466db..5acb546d0 100644 --- a/lib/libcrypto/bn/bn_local.h +++ b/lib/libcrypto/bn/bn_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_local.h,v 1.38 2023/08/09 09:23:03 tb Exp $ */ +/* $OpenBSD: bn_local.h,v 1.40 2024/03/02 09:27:31 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -308,6 +308,15 @@ int BN_div_ct(BIGNUM *q, BIGNUM *r, const BIGNUM *n, const BIGNUM *d, int BN_mod_ct(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); int BN_mod_nonct(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); +int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1, + const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m, + BN_CTX *ctx, BN_MONT_CTX *m_ctx); + +int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx); + BIGNUM *BN_mod_inverse_ct(BIGNUM *ret, const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx); BIGNUM *BN_mod_inverse_nonct(BIGNUM *ret, const BIGNUM *a, const BIGNUM *n, diff --git a/lib/libcrypto/bn/bn_print.c b/lib/libcrypto/bn/bn_print.c index e7678f7a9..cd8b66360 100644 --- a/lib/libcrypto/bn/bn_print.c +++ b/lib/libcrypto/bn/bn_print.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_print.c,v 1.46 2023/07/22 17:14:08 tb Exp $ */ +/* $OpenBSD: bn_print.c,v 1.47 2024/03/02 09:18:28 tb Exp $ */ /* * Copyright (c) 2023 Theo Buehler @@ -25,6 +25,7 @@ #include #include +#include "bio_local.h" #include "bn_local.h" #include "bytestring.h" diff --git a/lib/libcrypto/cmac/cmac.c b/lib/libcrypto/cmac/cmac.c index 81d6ffc9b..7ad343483 100644 --- a/lib/libcrypto/cmac/cmac.c +++ b/lib/libcrypto/cmac/cmac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cmac.c,v 1.22 2024/01/30 17:43:39 tb Exp $ */ +/* $OpenBSD: cmac.c,v 1.23 2024/03/02 09:30:21 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -323,18 +323,3 @@ CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen) return 1; } LCRYPTO_ALIAS(CMAC_Final); - -int -CMAC_resume(CMAC_CTX *ctx) -{ - if (ctx->nlast_block == -1) - return 0; - /* The buffer "tbl" containes the last fully encrypted block - * which is the last IV (or all zeroes if no last encrypted block). - * The last block has not been modified since CMAC_final(). - * So reinitialising using the last decrypted block will allow - * CMAC to continue after calling CMAC_Final(). - */ - return EVP_EncryptInit_ex(ctx->cipher_ctx, NULL, NULL, NULL, ctx->tbl); -} -LCRYPTO_ALIAS(CMAC_resume); diff --git a/lib/libcrypto/cmac/cmac.h b/lib/libcrypto/cmac/cmac.h index cb6d64b02..f77dae12b 100644 --- a/lib/libcrypto/cmac/cmac.h +++ b/lib/libcrypto/cmac/cmac.h @@ -1,4 +1,4 @@ -/* $OpenBSD: cmac.h,v 1.3 2014/06/21 13:42:14 jsing Exp $ */ +/* $OpenBSD: cmac.h,v 1.4 2024/03/02 09:30:21 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -74,7 +74,6 @@ int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen, const EVP_CIPHER *cipher, ENGINE *impl); int CMAC_Update(CMAC_CTX *ctx, const void *data, size_t dlen); int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen); -int CMAC_resume(CMAC_CTX *ctx); #ifdef __cplusplus } diff --git a/lib/libcrypto/conf/conf_api.c b/lib/libcrypto/conf/conf_api.c index 464edcd4f..b78bd50c2 100644 --- a/lib/libcrypto/conf/conf_api.c +++ b/lib/libcrypto/conf/conf_api.c @@ -1,4 +1,4 @@ -/* $OpenBSD: conf_api.c,v 1.17 2024/01/24 14:05:10 jsing Exp $ */ +/* $OpenBSD: conf_api.c,v 1.18 2024/03/02 11:11:11 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -69,6 +69,8 @@ #include #include +#include "lhash_local.h" + static void value_free_hash_doall_arg(CONF_VALUE *a, LHASH_OF(CONF_VALUE) *conf); static void value_free_stack_doall(CONF_VALUE *a); diff --git a/lib/libcrypto/conf/conf_mall.c b/lib/libcrypto/conf/conf_mall.c index e2a1d2db0..141c0abef 100644 --- a/lib/libcrypto/conf/conf_mall.c +++ b/lib/libcrypto/conf/conf_mall.c @@ -1,4 +1,4 @@ -/* $OpenBSD: conf_mall.c,v 1.10 2023/11/19 15:46:09 tb Exp $ */ +/* $OpenBSD: conf_mall.c,v 1.11 2024/03/02 09:02:04 tb Exp $ */ /* Written by Stephen Henson (steve@openssl.org) for the OpenSSL * project 2001. */ @@ -56,16 +56,10 @@ * */ -#include - -#include - -#include #include -#include -#include /* Load all OpenSSL builtin modules */ +void ASN1_add_oid_module(void); void OPENSSL_load_builtin_modules(void) diff --git a/lib/libcrypto/cryptlib.c b/lib/libcrypto/cryptlib.c index 28b50c2c1..abf115940 100644 --- a/lib/libcrypto/cryptlib.c +++ b/lib/libcrypto/cryptlib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cryptlib.c,v 1.47 2023/12/14 15:31:22 tb Exp $ */ +/* $OpenBSD: cryptlib.c,v 1.48 2024/03/02 11:37:13 tb Exp $ */ /* ==================================================================== * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * @@ -124,6 +124,8 @@ #include #include +#include "crypto_local.h" + static void (*locking_callback)(int mode, int type, const char *file, int line) = NULL; static int (*add_lock_callback)(int *pointer, int amount, diff --git a/lib/libcrypto/crypto.h b/lib/libcrypto/crypto.h index 47e7eff37..d6ea7771c 100644 --- a/lib/libcrypto/crypto.h +++ b/lib/libcrypto/crypto.h @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto.h,v 1.64 2024/02/18 16:28:37 tb Exp $ */ +/* $OpenBSD: crypto.h,v 1.72 2024/03/02 15:40:05 tb Exp $ */ /* ==================================================================== * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * @@ -117,6 +117,7 @@ #include #include #include +#include #ifndef HEADER_CRYPTO_H #define HEADER_CRYPTO_H @@ -240,7 +241,7 @@ typedef struct { typedef struct bio_st BIO_dummy; struct crypto_ex_data_st { - STACK_OF(void) *sk; + void *sk; }; DECLARE_STACK_OF(void) @@ -272,26 +273,10 @@ DECLARE_STACK_OF(void) #endif int CRYPTO_mem_ctrl(int mode); -int CRYPTO_is_mem_check_on(void); -/* for applications */ -#define MemCheck_start() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON) -#define MemCheck_stop() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF) - -#define OPENSSL_malloc(num) CRYPTO_malloc((int)num,NULL,0) +#define OPENSSL_malloc(num) CRYPTO_malloc((num),NULL,0) #define OPENSSL_strdup(str) CRYPTO_strdup((str),NULL,0) -#define OPENSSL_realloc(addr,num) \ - CRYPTO_realloc((char *)addr,(int)num,NULL,0) -#define OPENSSL_realloc_clean(addr,old_num,num) \ - CRYPTO_realloc_clean(addr,old_num,num,NULL,0) -#define OPENSSL_remalloc(addr,num) \ - CRYPTO_remalloc((char **)addr,(int)num,NULL,0) -#define OPENSSL_freeFunc CRYPTO_free -#define OPENSSL_free(addr) CRYPTO_free(addr) - -#define OPENSSL_malloc_locked(num) \ - CRYPTO_malloc_locked((int)num,NULL,0) -#define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr) +#define OPENSSL_free(addr) CRYPTO_free((addr),NULL,0) #endif const char *OpenSSL_version(int type); @@ -329,14 +314,7 @@ int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file, int line); /* Don't use this structure directly. */ -typedef struct crypto_threadid_st { - void *ptr; - unsigned long val; -} CRYPTO_THREADID; -void CRYPTO_THREADID_current(CRYPTO_THREADID *id); -int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b); -void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src); -unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id); +typedef struct crypto_threadid_st CRYPTO_THREADID; #ifndef LIBRESSL_INTERNAL /* These functions are deprecated no-op stubs */ @@ -376,87 +354,19 @@ void (*CRYPTO_get_dynlock_destroy_callback(void))(struct CRYPTO_dynlock_value *l /* CRYPTO_set_mem_functions includes CRYPTO_set_locked_mem_functions -- * call the latter last if you need different functions */ int CRYPTO_set_mem_functions(void *(*m)(size_t), void *(*r)(void *, size_t), void (*f)(void *)); -int CRYPTO_set_locked_mem_functions(void *(*m)(size_t), void (*free_func)(void *)); int CRYPTO_set_mem_ex_functions(void *(*m)(size_t, const char *, int), void *(*r)(void *, size_t, const char *, int), void (*f)(void *)); -int CRYPTO_set_locked_mem_ex_functions(void *(*m)(size_t, const char *, int), - void (*free_func)(void *)); -int CRYPTO_set_mem_debug_functions( - void (*m)(void *, int, const char *, int, int), - void (*r)(void *, void *, int, const char *, int, int), - void (*f)(void *, int), void (*so)(long), long (*go)(void)); -void CRYPTO_get_mem_functions(void *(**m)(size_t), void *(**r)(void *, size_t), - void (**f)(void *)); -void CRYPTO_get_locked_mem_functions(void *(**m)(size_t), void (**f)(void *)); -void CRYPTO_get_mem_ex_functions(void *(**m)(size_t, const char *, int), - void *(**r)(void *, size_t, const char *, int), void (**f)(void *)); -void CRYPTO_get_locked_mem_ex_functions(void *(**m)(size_t, const char *, int), - void (**f)(void *)); -void CRYPTO_get_mem_debug_functions( - void (**m)(void *, int, const char *, int, int), - void (**r)(void *, void *, int, const char *, int, int), - void (**f)(void *, int), void (**so)(long), long (**go)(void)); #ifndef LIBRESSL_INTERNAL -void *CRYPTO_malloc_locked(int num, const char *file, int line); -void CRYPTO_free_locked(void *ptr); -void *CRYPTO_malloc(int num, const char *file, int line); +void *CRYPTO_malloc(size_t num, const char *file, int line); char *CRYPTO_strdup(const char *str, const char *file, int line); -void CRYPTO_free(void *ptr); -void *CRYPTO_realloc(void *addr, int num, const char *file, int line); +void CRYPTO_free(void *ptr, const char *file, int line); #endif -void *CRYPTO_realloc_clean(void *addr, int old_num, int num, - const char *file, int line); -void *CRYPTO_remalloc(void *addr, int num, const char *file, int line); - #ifndef LIBRESSL_INTERNAL void OPENSSL_cleanse(void *ptr, size_t len); #endif -void CRYPTO_set_mem_debug_options(long bits); -long CRYPTO_get_mem_debug_options(void); - -#define CRYPTO_push_info(info) \ - CRYPTO_push_info_(info, NULL, 0); -int CRYPTO_push_info_(const char *info, const char *file, int line); -int CRYPTO_pop_info(void); -int CRYPTO_remove_all_info(void); - - -/* Default debugging functions (enabled by CRYPTO_malloc_debug_init() macro; - * used as default in CRYPTO_MDEBUG compilations): */ -/* The last argument has the following significance: - * - * 0: called before the actual memory allocation has taken place - * 1: called after the actual memory allocation has taken place - */ -void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line, int before_p) - __attribute__ ((deprecated)); -void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num, const char *file, int line, int before_p) - __attribute__ ((deprecated)); -void CRYPTO_dbg_free(void *addr, int before_p) - __attribute__ ((deprecated)); -/* Tell the debugging code about options. By default, the following values - * apply: - * - * 0: Clear all options. - * V_CRYPTO_MDEBUG_TIME (1): Set the "Show Time" option. - * V_CRYPTO_MDEBUG_THREAD (2): Set the "Show Thread Number" option. - * V_CRYPTO_MDEBUG_ALL (3): 1 + 2 - */ -void CRYPTO_dbg_set_options(long bits) - __attribute__ ((deprecated)); -long CRYPTO_dbg_get_options(void) - __attribute__ ((deprecated)); - - -int CRYPTO_mem_leaks_fp(FILE *); -int CRYPTO_mem_leaks(struct bio_st *bio); -/* unsigned long order, char *file, int line, int num_bytes, char *addr */ -typedef int *CRYPTO_MEM_LEAK_CB(unsigned long, const char *, int, int, void *); -int CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb); - /* * Because this is a public header, use a portable method of indicating the * function does not return, rather than __dead. @@ -471,8 +381,6 @@ void OpenSSLDie(const char *file, int line, const char *assertion); uint64_t OPENSSL_cpu_caps(void); -int OPENSSL_isservice(void); - #ifndef LIBRESSL_INTERNAL int FIPS_mode(void); int FIPS_mode_set(int r); @@ -526,9 +434,7 @@ void OPENSSL_cleanup(void); * OpenSSL helpfully put OPENSSL_gmtime() here because all other time related * functions are in asn1.h. */ -#if defined(LIBRESSL_INTERNAL) || defined(LIBRESSL_NEXT_API) struct tm *OPENSSL_gmtime(const time_t *time, struct tm *out_tm); -#endif void ERR_load_CRYPTO_strings(void); diff --git a/lib/libcrypto/crypto_local.h b/lib/libcrypto/crypto_local.h new file mode 100644 index 000000000..970a78466 --- /dev/null +++ b/lib/libcrypto/crypto_local.h @@ -0,0 +1,138 @@ +/* $OpenBSD: crypto_local.h,v 1.1 2024/03/02 11:37:13 tb Exp $ */ +/* ==================================================================== + * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * ECDH support in OpenSSL originally developed by + * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. + */ + +#include +#include +#include + +#ifndef HEADER_CRYPTO_LOCAL_H +#define HEADER_CRYPTO_LOCAL_H + +__BEGIN_HIDDEN_DECLS + +struct crypto_threadid_st { + void *ptr; + unsigned long val; +} /* CRYPTO_THREADID */; + +void CRYPTO_THREADID_current(CRYPTO_THREADID *id); +int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b); +void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src); +unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id); + +__END_HIDDEN_DECLS + +#endif diff --git a/lib/libcrypto/dsa/dsa.h b/lib/libcrypto/dsa/dsa.h index 73b92d59e..67df08f9d 100644 --- a/lib/libcrypto/dsa/dsa.h +++ b/lib/libcrypto/dsa/dsa.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa.h,v 1.43 2023/04/18 08:47:28 tb Exp $ */ +/* $OpenBSD: dsa.h,v 1.44 2024/03/02 09:33:14 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -163,12 +163,6 @@ DSA *d2i_DSAparams(DSA **a, const unsigned char **pp, long length); int i2d_DSAparams(const DSA *a,unsigned char **pp); extern const ASN1_ITEM DSAparams_it; -/* Wrapped in OPENSSL_NO_DEPRECATED in 0.9.8. Still used in 2023. */ -DSA * DSA_generate_parameters(int bits, - unsigned char *seed,int seed_len, - int *counter_ret, unsigned long *h_ret,void - (*callback)(int, int, void *),void *cb_arg); - /* New version */ int DSA_generate_parameters_ex(DSA *dsa, int bits, const unsigned char *seed,int seed_len, diff --git a/lib/libcrypto/dsa/dsa_gen.c b/lib/libcrypto/dsa/dsa_gen.c index 490c7e51b..8b966871b 100644 --- a/lib/libcrypto/dsa/dsa_gen.c +++ b/lib/libcrypto/dsa/dsa_gen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa_gen.c,v 1.30 2023/07/08 14:28:15 beck Exp $ */ +/* $OpenBSD: dsa_gen.c,v 1.31 2024/03/02 09:33:14 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -357,25 +357,4 @@ err: return ok; } -DSA * -DSA_generate_parameters(int bits, unsigned char *seed_in, int seed_len, - int *counter_ret, unsigned long *h_ret, void (*callback)(int, int, void *), - void *cb_arg) -{ - BN_GENCB cb; - DSA *ret; - - if ((ret = DSA_new()) == NULL) - return NULL; - - BN_GENCB_set_old(&cb, callback, cb_arg); - - if (DSA_generate_parameters_ex(ret, bits, seed_in, seed_len, - counter_ret, h_ret, &cb)) - return ret; - DSA_free(ret); - return NULL; -} -LCRYPTO_ALIAS(DSA_generate_parameters); - #endif diff --git a/lib/libcrypto/engine/engine.h b/lib/libcrypto/engine/engine.h index bb5112a02..20398f8d7 100644 --- a/lib/libcrypto/engine/engine.h +++ b/lib/libcrypto/engine/engine.h @@ -1,4 +1,4 @@ -/* $OpenBSD: engine.h,v 1.43 2023/11/19 15:41:46 tb Exp $ */ +/* $OpenBSD: engine.h,v 1.44 2024/03/02 10:22:07 tb Exp $ */ /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL * project 2000. */ @@ -66,22 +66,8 @@ #include -#include -#ifndef OPENSSL_NO_DH -#include -#endif -#ifndef OPENSSL_NO_DSA -#include -#endif -#ifndef OPENSSL_NO_EC -#include -#endif #include -#ifndef OPENSSL_NO_RSA -#include -#endif #include -#include #include @@ -102,36 +88,6 @@ extern "C" { #define ENGINE_METHOD_ALL (unsigned int)0xFFFF #define ENGINE_METHOD_NONE (unsigned int)0x0000 -#define ENGINE_TABLE_FLAG_NOINIT (unsigned int)0x0001 - -#define ENGINE_FLAGS_MANUAL_CMD_CTRL (int)0x0002 -#define ENGINE_FLAGS_BY_ID_COPY (int)0x0004 -#define ENGINE_FLAGS_NO_REGISTER_ALL (int)0x0008 -#define ENGINE_CMD_FLAG_NUMERIC (unsigned int)0x0001 -#define ENGINE_CMD_FLAG_STRING (unsigned int)0x0002 -#define ENGINE_CMD_FLAG_NO_INPUT (unsigned int)0x0004 -#define ENGINE_CMD_FLAG_INTERNAL (unsigned int)0x0008 - -#define ENGINE_CTRL_SET_LOGSTREAM 1 -#define ENGINE_CTRL_SET_PASSWORD_CALLBACK 2 -#define ENGINE_CTRL_HUP 3 -#define ENGINE_CTRL_SET_USER_INTERFACE 4 -#define ENGINE_CTRL_SET_CALLBACK_DATA 5 -#define ENGINE_CTRL_LOAD_CONFIGURATION 6 -#define ENGINE_CTRL_LOAD_SECTION 7 - -#define ENGINE_CTRL_HAS_CTRL_FUNCTION 10 -#define ENGINE_CTRL_GET_FIRST_CMD_TYPE 11 -#define ENGINE_CTRL_GET_NEXT_CMD_TYPE 12 -#define ENGINE_CTRL_GET_CMD_FROM_NAME 13 -#define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD 14 -#define ENGINE_CTRL_GET_NAME_FROM_CMD 15 -#define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD 16 -#define ENGINE_CTRL_GET_DESC_FROM_CMD 17 -#define ENGINE_CTRL_GET_CMD_FLAGS 18 - -#define ENGINE_CMD_BASE 200 - /* * Prototypes for the stub functions in engine_stubs.c. They are provided to * build M2Crypto, Dovecot, apr-utils without patching. diff --git a/lib/libcrypto/err/err.c b/lib/libcrypto/err/err.c index 036396bc1..a7b13a540 100644 --- a/lib/libcrypto/err/err.c +++ b/lib/libcrypto/err/err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: err.c,v 1.58 2024/02/24 07:53:01 tb Exp $ */ +/* $OpenBSD: err.c,v 1.60 2024/03/02 11:37:13 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -122,14 +122,29 @@ #include #include +#include "crypto_local.h" + DECLARE_LHASH_OF(ERR_STRING_DATA); DECLARE_LHASH_OF(ERR_STATE); typedef struct st_ERR_FNS ERR_FNS; +typedef struct err_state_st { + CRYPTO_THREADID tid; + int err_flags[ERR_NUM_ERRORS]; + unsigned long err_buffer[ERR_NUM_ERRORS]; + char *err_data[ERR_NUM_ERRORS]; + int err_data_flags[ERR_NUM_ERRORS]; + const char *err_file[ERR_NUM_ERRORS]; + int err_line[ERR_NUM_ERRORS]; + int top, bottom; +} ERR_STATE; + static void err_load_strings(int lib, ERR_STRING_DATA *str); +static ERR_STATE *ERR_get_state(void); static void ERR_STATE_free(ERR_STATE *s); + #ifndef OPENSSL_NO_ERR static ERR_STRING_DATA ERR_str_libraries[] = { {ERR_PACK(ERR_LIB_NONE,0,0), "unknown library"}, @@ -1020,7 +1035,7 @@ ERR_remove_state(unsigned long pid) } LCRYPTO_ALIAS(ERR_remove_state); -ERR_STATE * +static ERR_STATE * ERR_get_state(void) { static ERR_STATE fallback; @@ -1058,7 +1073,6 @@ ERR_get_state(void) } return ret; } -LCRYPTO_ALIAS(ERR_get_state); int ERR_get_next_error_library(void) diff --git a/lib/libcrypto/err/err.h b/lib/libcrypto/err/err.h index d85de24cb..8beab1487 100644 --- a/lib/libcrypto/err/err.h +++ b/lib/libcrypto/err/err.h @@ -1,4 +1,4 @@ -/* $OpenBSD: err.h,v 1.31 2023/07/28 10:23:19 tb Exp $ */ +/* $OpenBSD: err.h,v 1.33 2024/03/02 10:32:26 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -143,16 +143,6 @@ extern "C" { #define ERR_FLAG_MARK 0x01 #define ERR_NUM_ERRORS 16 -typedef struct err_state_st { - CRYPTO_THREADID tid; - int err_flags[ERR_NUM_ERRORS]; - unsigned long err_buffer[ERR_NUM_ERRORS]; - char *err_data[ERR_NUM_ERRORS]; - int err_data_flags[ERR_NUM_ERRORS]; - const char *err_file[ERR_NUM_ERRORS]; - int err_line[ERR_NUM_ERRORS]; - int top, bottom; -} ERR_STATE; /* library */ #define ERR_LIB_NONE 1 @@ -388,8 +378,8 @@ void ERR_asprintf_error_data(char * format, ...); void ERR_add_error_data(int num, ...); void ERR_add_error_vdata(int num, va_list args); #endif -void ERR_load_strings(int lib, ERR_STRING_DATA str[]); -void ERR_unload_strings(int lib, ERR_STRING_DATA str[]); +void ERR_load_strings(int lib, ERR_STRING_DATA *str); +void ERR_unload_strings(int lib, ERR_STRING_DATA *str); void ERR_load_ERR_strings(void); void ERR_load_crypto_strings(void); void ERR_free_strings(void); @@ -397,7 +387,6 @@ void ERR_free_strings(void); void ERR_remove_thread_state(const CRYPTO_THREADID *tid); /* Wrapped in OPENSSL_NO_DEPRECATED in 0.9.8. Still used in 2023. */ void ERR_remove_state(unsigned long pid); -ERR_STATE *ERR_get_state(void); int ERR_get_next_error_library(void); diff --git a/lib/libcrypto/err/err_all.c b/lib/libcrypto/err/err_all.c index 4829e46a1..56276abb0 100644 --- a/lib/libcrypto/err/err_all.c +++ b/lib/libcrypto/err/err_all.c @@ -1,4 +1,4 @@ -/* $OpenBSD: err_all.c,v 1.33 2023/11/19 15:46:09 tb Exp $ */ +/* $OpenBSD: err_all.c,v 1.34 2024/03/02 13:39:28 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -94,9 +94,6 @@ #ifndef OPENSSL_NO_RSA #include #endif -#ifndef OPENSSL_NO_GOST -#include -#endif void ERR_load_ERR_strings_internal(void); diff --git a/lib/libcrypto/err/err_prn.c b/lib/libcrypto/err/err_prn.c index 61f4dad57..fb6e19c54 100644 --- a/lib/libcrypto/err/err_prn.c +++ b/lib/libcrypto/err/err_prn.c @@ -1,4 +1,4 @@ -/* $OpenBSD: err_prn.c,v 1.22 2024/01/10 14:23:37 tb Exp $ */ +/* $OpenBSD: err_prn.c,v 1.23 2024/03/02 11:37:13 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -66,6 +66,7 @@ #include #include "bio_local.h" +#include "crypto_local.h" void ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u), void *u) diff --git a/lib/libcrypto/evp/e_aes_cbc_hmac_sha1.c b/lib/libcrypto/evp/e_aes_cbc_hmac_sha1.c deleted file mode 100644 index 424143645..000000000 --- a/lib/libcrypto/evp/e_aes_cbc_hmac_sha1.c +++ /dev/null @@ -1,604 +0,0 @@ -/* $OpenBSD: e_aes_cbc_hmac_sha1.c,v 1.20 2024/01/08 09:31:09 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 2011-2013 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include - -#include - -#if !defined(OPENSSL_NO_AES) && !defined(OPENSSL_NO_SHA1) - -#include -#include -#include -#include - -#include "constant_time.h" -#include "evp_local.h" - -#define TLS1_1_VERSION 0x0302 - -typedef struct { - AES_KEY ks; - SHA_CTX head, tail, md; - size_t payload_length; /* AAD length in decrypt case */ - union { - unsigned int tls_ver; - unsigned char tls_aad[16]; /* 13 used */ - } aux; -} EVP_AES_HMAC_SHA1; - -#define NO_PAYLOAD_LENGTH ((size_t)-1) - -#if defined(AES_ASM) && ( \ - defined(__x86_64) || defined(__x86_64__) || \ - defined(_M_AMD64) || defined(_M_X64) || \ - defined(__INTEL__) ) - -#include "x86_arch.h" - -#if defined(__GNUC__) && __GNUC__>=2 -# define BSWAP(x) ({ unsigned int r=(x); asm ("bswapl %0":"=r"(r):"0"(r)); r; }) -#endif - -int aesni_set_encrypt_key(const unsigned char *userKey, int bits, AES_KEY *key); -int aesni_set_decrypt_key(const unsigned char *userKey, int bits, AES_KEY *key); - -void aesni_cbc_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const AES_KEY *key, unsigned char *ivec, int enc); - -void aesni_cbc_sha1_enc (const void *inp, void *out, size_t blocks, - const AES_KEY *key, unsigned char iv[16], SHA_CTX *ctx, const void *in0); - -#define data(ctx) ((EVP_AES_HMAC_SHA1 *)(ctx)->cipher_data) - -static int -aesni_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *inkey, - const unsigned char *iv, int enc) -{ - EVP_AES_HMAC_SHA1 *key = data(ctx); - int ret; - - if (enc) - ret = aesni_set_encrypt_key(inkey, ctx->key_len * 8, &key->ks); - else - ret = aesni_set_decrypt_key(inkey, ctx->key_len * 8, &key->ks); - - SHA1_Init(&key->head); /* handy when benchmarking */ - key->tail = key->head; - key->md = key->head; - - key->payload_length = NO_PAYLOAD_LENGTH; - - return ret < 0 ? 0 : 1; -} - -#define STITCHED_CALL - -#if !defined(STITCHED_CALL) -#define aes_off 0 -#endif - -void sha1_block_data_order (void *c, const void *p, size_t len); - -static void -sha1_update(SHA_CTX *c, const void *data, size_t len) -{ - const unsigned char *ptr = data; - size_t res; - - if ((res = c->num)) { - res = SHA_CBLOCK - res; - if (len < res) - res = len; - SHA1_Update(c, ptr, res); - ptr += res; - len -= res; - } - - res = len % SHA_CBLOCK; - len -= res; - - if (len) { - sha1_block_data_order(c, ptr, len / SHA_CBLOCK); - - ptr += len; - c->Nh += len >> 29; - c->Nl += len <<= 3; - if (c->Nl < (unsigned int)len) - c->Nh++; - } - - if (res) - SHA1_Update(c, ptr, res); -} - -#ifdef SHA1_Update -#undef SHA1_Update -#endif -#define SHA1_Update sha1_update - -static int -aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_AES_HMAC_SHA1 *key = data(ctx); - unsigned int l; - size_t plen = key->payload_length, - iv = 0, /* explicit IV in TLS 1.1 and later */ - sha_off = 0; -#if defined(STITCHED_CALL) - size_t aes_off = 0, blocks; - - sha_off = SHA_CBLOCK - key->md.num; -#endif - - key->payload_length = NO_PAYLOAD_LENGTH; - - if (len % AES_BLOCK_SIZE) - return 0; - - if (ctx->encrypt) { - if (plen == NO_PAYLOAD_LENGTH) - plen = len; - else if (len != ((plen + SHA_DIGEST_LENGTH + AES_BLOCK_SIZE) & - -AES_BLOCK_SIZE)) - return 0; - else if (key->aux.tls_ver >= TLS1_1_VERSION) - iv = AES_BLOCK_SIZE; - -#if defined(STITCHED_CALL) - if (plen > (sha_off + iv) && - (blocks = (plen - (sha_off + iv)) / SHA_CBLOCK)) { - SHA1_Update(&key->md, in + iv, sha_off); - - aesni_cbc_sha1_enc(in, out, blocks, &key->ks, - ctx->iv, &key->md, in + iv + sha_off); - blocks *= SHA_CBLOCK; - aes_off += blocks; - sha_off += blocks; - key->md.Nh += blocks >> 29; - key->md.Nl += blocks <<= 3; - if (key->md.Nl < (unsigned int)blocks) - key->md.Nh++; - } else { - sha_off = 0; - } -#endif - sha_off += iv; - SHA1_Update(&key->md, in + sha_off, plen - sha_off); - - if (plen != len) { /* "TLS" mode of operation */ - if (in != out) - memcpy(out + aes_off, in + aes_off, - plen - aes_off); - - /* calculate HMAC and append it to payload */ - SHA1_Final(out + plen, &key->md); - key->md = key->tail; - SHA1_Update(&key->md, out + plen, SHA_DIGEST_LENGTH); - SHA1_Final(out + plen, &key->md); - - /* pad the payload|hmac */ - plen += SHA_DIGEST_LENGTH; - for (l = len - plen - 1; plen < len; plen++) - out[plen] = l; - - /* encrypt HMAC|padding at once */ - aesni_cbc_encrypt(out + aes_off, out + aes_off, - len - aes_off, &key->ks, ctx->iv, 1); - } else { - aesni_cbc_encrypt(in + aes_off, out + aes_off, - len - aes_off, &key->ks, ctx->iv, 1); - } - } else { - union { - unsigned int u[SHA_DIGEST_LENGTH/sizeof(unsigned int)]; - unsigned char c[32 + SHA_DIGEST_LENGTH]; - } mac, *pmac; - - /* arrange cache line alignment */ - pmac = (void *)(((size_t)mac.c + 31) & ((size_t)0 - 32)); - - /* decrypt HMAC|padding at once */ - aesni_cbc_encrypt(in, out, len, &key->ks, ctx->iv, 0); - - if (plen == 0 || plen == NO_PAYLOAD_LENGTH) { - SHA1_Update(&key->md, out, len); - } else if (plen < 4) { - return 0; - } else { /* "TLS" mode of operation */ - size_t inp_len, mask, j, i; - unsigned int res, maxpad, pad, bitlen; - int ret = 1; - union { - unsigned int u[SHA_LBLOCK]; - unsigned char c[SHA_CBLOCK]; - } - *data = (void *)key->md.data; - - if ((key->aux.tls_aad[plen - 4] << 8 | - key->aux.tls_aad[plen - 3]) >= TLS1_1_VERSION) - iv = AES_BLOCK_SIZE; - - if (len < (iv + SHA_DIGEST_LENGTH + 1)) - return 0; - - /* omit explicit iv */ - out += iv; - len -= iv; - - /* figure out payload length */ - pad = out[len - 1]; - maxpad = len - (SHA_DIGEST_LENGTH + 1); - maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8); - maxpad &= 255; - - ret &= constant_time_ge(maxpad, pad); - - inp_len = len - (SHA_DIGEST_LENGTH + pad + 1); - mask = (0 - ((inp_len - len) >> - (sizeof(inp_len) * 8 - 1))); - inp_len &= mask; - ret &= (int)mask; - - key->aux.tls_aad[plen - 2] = inp_len >> 8; - key->aux.tls_aad[plen - 1] = inp_len; - - /* calculate HMAC */ - key->md = key->head; - SHA1_Update(&key->md, key->aux.tls_aad, plen); - -#if 1 - len -= SHA_DIGEST_LENGTH; /* amend mac */ - if (len >= (256 + SHA_CBLOCK)) { - j = (len - (256 + SHA_CBLOCK)) & - (0 - SHA_CBLOCK); - j += SHA_CBLOCK - key->md.num; - SHA1_Update(&key->md, out, j); - out += j; - len -= j; - inp_len -= j; - } - - /* but pretend as if we hashed padded payload */ - bitlen = key->md.Nl + (inp_len << 3); /* at most 18 bits */ -#ifdef BSWAP - bitlen = BSWAP(bitlen); -#else - mac.c[0] = 0; - mac.c[1] = (unsigned char)(bitlen >> 16); - mac.c[2] = (unsigned char)(bitlen >> 8); - mac.c[3] = (unsigned char)bitlen; - bitlen = mac.u[0]; -#endif - - pmac->u[0] = 0; - pmac->u[1] = 0; - pmac->u[2] = 0; - pmac->u[3] = 0; - pmac->u[4] = 0; - - for (res = key->md.num, j = 0; j < len; j++) { - size_t c = out[j]; - mask = (j - inp_len) >> (sizeof(j) * 8 - 8); - c &= mask; - c |= 0x80 & ~mask & - ~((inp_len - j) >> (sizeof(j) * 8 - 8)); - data->c[res++] = (unsigned char)c; - - if (res != SHA_CBLOCK) - continue; - - /* j is not incremented yet */ - mask = 0 - ((inp_len + 7 - j) >> - (sizeof(j) * 8 - 1)); - data->u[SHA_LBLOCK - 1] |= bitlen&mask; - sha1_block_data_order(&key->md, data, 1); - mask &= 0 - ((j - inp_len - 72) >> - (sizeof(j) * 8 - 1)); - pmac->u[0] |= key->md.h0 & mask; - pmac->u[1] |= key->md.h1 & mask; - pmac->u[2] |= key->md.h2 & mask; - pmac->u[3] |= key->md.h3 & mask; - pmac->u[4] |= key->md.h4 & mask; - res = 0; - } - - for (i = res; i < SHA_CBLOCK; i++, j++) - data->c[i] = 0; - - if (res > SHA_CBLOCK - 8) { - mask = 0 - ((inp_len + 8 - j) >> - (sizeof(j) * 8 - 1)); - data->u[SHA_LBLOCK - 1] |= bitlen & mask; - sha1_block_data_order(&key->md, data, 1); - mask &= 0 - ((j - inp_len - 73) >> - (sizeof(j) * 8 - 1)); - pmac->u[0] |= key->md.h0 & mask; - pmac->u[1] |= key->md.h1 & mask; - pmac->u[2] |= key->md.h2 & mask; - pmac->u[3] |= key->md.h3 & mask; - pmac->u[4] |= key->md.h4 & mask; - - memset(data, 0, SHA_CBLOCK); - j += 64; - } - data->u[SHA_LBLOCK - 1] = bitlen; - sha1_block_data_order(&key->md, data, 1); - mask = 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1)); - pmac->u[0] |= key->md.h0 & mask; - pmac->u[1] |= key->md.h1 & mask; - pmac->u[2] |= key->md.h2 & mask; - pmac->u[3] |= key->md.h3 & mask; - pmac->u[4] |= key->md.h4 & mask; - -#ifdef BSWAP - pmac->u[0] = BSWAP(pmac->u[0]); - pmac->u[1] = BSWAP(pmac->u[1]); - pmac->u[2] = BSWAP(pmac->u[2]); - pmac->u[3] = BSWAP(pmac->u[3]); - pmac->u[4] = BSWAP(pmac->u[4]); -#else - for (i = 0; i < 5; i++) { - res = pmac->u[i]; - pmac->c[4 * i + 0] = (unsigned char)(res >> 24); - pmac->c[4 * i + 1] = (unsigned char)(res >> 16); - pmac->c[4 * i + 2] = (unsigned char)(res >> 8); - pmac->c[4 * i + 3] = (unsigned char)res; - } -#endif - len += SHA_DIGEST_LENGTH; -#else - SHA1_Update(&key->md, out, inp_len); - res = key->md.num; - SHA1_Final(pmac->c, &key->md); - - { - unsigned int inp_blocks, pad_blocks; - - /* but pretend as if we hashed padded payload */ - inp_blocks = 1 + ((SHA_CBLOCK - 9 - res) >> - (sizeof(res) * 8 - 1)); - res += (unsigned int)(len - inp_len); - pad_blocks = res / SHA_CBLOCK; - res %= SHA_CBLOCK; - pad_blocks += 1 + ((SHA_CBLOCK - 9 - res) >> - (sizeof(res) * 8 - 1)); - for (; inp_blocks < pad_blocks; inp_blocks++) - sha1_block_data_order(&key->md, - data, 1); - } -#endif - key->md = key->tail; - SHA1_Update(&key->md, pmac->c, SHA_DIGEST_LENGTH); - SHA1_Final(pmac->c, &key->md); - - /* verify HMAC */ - out += inp_len; - len -= inp_len; -#if 1 - { - unsigned char *p = - out + len - 1 - maxpad - SHA_DIGEST_LENGTH; - size_t off = out - p; - unsigned int c, cmask; - - maxpad += SHA_DIGEST_LENGTH; - for (res = 0, i = 0, j = 0; j < maxpad; j++) { - c = p[j]; - cmask = ((int)(j - off - - SHA_DIGEST_LENGTH)) >> - (sizeof(int) * 8 - 1); - res |= (c ^ pad) & ~cmask; /* ... and padding */ - cmask &= ((int)(off - 1 - j)) >> - (sizeof(int) * 8 - 1); - res |= (c ^ pmac->c[i]) & cmask; - i += 1 & cmask; - } - maxpad -= SHA_DIGEST_LENGTH; - - res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1)); - ret &= (int)~res; - } -#else - for (res = 0, i = 0; i < SHA_DIGEST_LENGTH; i++) - res |= out[i] ^ pmac->c[i]; - res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1)); - ret &= (int)~res; - - /* verify padding */ - pad = (pad & ~res) | (maxpad & res); - out = out + len - 1 - pad; - for (res = 0, i = 0; i < pad; i++) - res |= out[i] ^ pad; - - res = (0 - res) >> (sizeof(res) * 8 - 1); - ret &= (int)~res; -#endif - return ret; - } - } - - return 1; -} - -static int -aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) -{ - EVP_AES_HMAC_SHA1 *key = data(ctx); - - switch (type) { - case EVP_CTRL_AEAD_SET_MAC_KEY: - { - unsigned int i; - unsigned char hmac_key[64]; - - memset(hmac_key, 0, sizeof(hmac_key)); - - if (arg > (int)sizeof(hmac_key)) { - SHA1_Init(&key->head); - SHA1_Update(&key->head, ptr, arg); - SHA1_Final(hmac_key, &key->head); - } else { - memcpy(hmac_key, ptr, arg); - } - - for (i = 0; i < sizeof(hmac_key); i++) - hmac_key[i] ^= 0x36; /* ipad */ - SHA1_Init(&key->head); - SHA1_Update(&key->head, hmac_key, sizeof(hmac_key)); - - for (i = 0; i < sizeof(hmac_key); i++) - hmac_key[i] ^= 0x36 ^ 0x5c; /* opad */ - SHA1_Init(&key->tail); - SHA1_Update(&key->tail, hmac_key, sizeof(hmac_key)); - - explicit_bzero(hmac_key, sizeof(hmac_key)); - - return 1; - } - case EVP_CTRL_AEAD_TLS1_AAD: - { - unsigned char *p = ptr; - unsigned int len; - - /* RFC 5246, 6.2.3.3: additional data has length 13 */ - if (arg != 13) - return -1; - - len = p[arg - 2] << 8 | p[arg - 1]; - - if (ctx->encrypt) { - key->payload_length = len; - if ((key->aux.tls_ver = p[arg - 4] << 8 | - p[arg - 3]) >= TLS1_1_VERSION) { - len -= AES_BLOCK_SIZE; - p[arg - 2] = len >> 8; - p[arg - 1] = len; - } - key->md = key->head; - SHA1_Update(&key->md, p, arg); - - return (int)(((len + SHA_DIGEST_LENGTH + - AES_BLOCK_SIZE) & -AES_BLOCK_SIZE) - len); - } else { - memcpy(key->aux.tls_aad, ptr, arg); - key->payload_length = arg; - - return SHA_DIGEST_LENGTH; - } - } - default: - return -1; - } -} - -static const EVP_CIPHER aesni_128_cbc_hmac_sha1_cipher = { -#ifdef NID_aes_128_cbc_hmac_sha1 - .nid = NID_aes_128_cbc_hmac_sha1, -#else - .nid = NID_undef, -#endif - .block_size = 16, - .key_len = 16, - .iv_len = 16, - .flags = EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 | - EVP_CIPH_FLAG_AEAD_CIPHER, - .init = aesni_cbc_hmac_sha1_init_key, - .do_cipher = aesni_cbc_hmac_sha1_cipher, - .ctx_size = sizeof(EVP_AES_HMAC_SHA1), - .ctrl = aesni_cbc_hmac_sha1_ctrl -}; - -static const EVP_CIPHER aesni_256_cbc_hmac_sha1_cipher = { -#ifdef NID_aes_256_cbc_hmac_sha1 - .nid = NID_aes_256_cbc_hmac_sha1, -#else - .nid = NID_undef, -#endif - .block_size = 16, - .key_len = 32, - .iv_len = 16, - .flags = EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 | - EVP_CIPH_FLAG_AEAD_CIPHER, - .init = aesni_cbc_hmac_sha1_init_key, - .do_cipher = aesni_cbc_hmac_sha1_cipher, - .ctx_size = sizeof(EVP_AES_HMAC_SHA1), - .ctrl = aesni_cbc_hmac_sha1_ctrl -}; - -const EVP_CIPHER * -EVP_aes_128_cbc_hmac_sha1(void) -{ - return (OPENSSL_cpu_caps() & CPUCAP_MASK_AESNI) ? - &aesni_128_cbc_hmac_sha1_cipher : NULL; -} - -const EVP_CIPHER * -EVP_aes_256_cbc_hmac_sha1(void) -{ - return (OPENSSL_cpu_caps() & CPUCAP_MASK_AESNI) ? - &aesni_256_cbc_hmac_sha1_cipher : NULL; -} -#else -const EVP_CIPHER * -EVP_aes_128_cbc_hmac_sha1(void) -{ - return NULL; -} - -const EVP_CIPHER * -EVP_aes_256_cbc_hmac_sha1(void) -{ - return NULL; -} -#endif -#endif diff --git a/lib/libcrypto/evp/e_gost2814789.c b/lib/libcrypto/evp/e_gost2814789.c deleted file mode 100644 index 48619d109..000000000 --- a/lib/libcrypto/evp/e_gost2814789.c +++ /dev/null @@ -1,312 +0,0 @@ -/* $OpenBSD: e_gost2814789.c,v 1.14 2024/01/04 17:38:36 tb Exp $ */ -/* - * Copyright (c) 2014 Dmitry Eremin-Solenikov - * Copyright (c) 2005-2006 Cryptocom LTD - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include - -#include - -#ifndef OPENSSL_NO_GOST -#include -#include -#include - -#include "evp_local.h" - -typedef struct { - GOST2814789_KEY ks; - int param_nid; -} EVP_GOST2814789_CTX; - -static int -gost2814789_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - EVP_GOST2814789_CTX *c = ctx->cipher_data; - - return Gost2814789_set_key(&c->ks, key, ctx->key_len * 8); -} - -static int -gost2814789_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) -{ - EVP_GOST2814789_CTX *c = ctx->cipher_data; - - switch (type) { - case EVP_CTRL_PBE_PRF_NID: - if (ptr != NULL) { - *((int *)ptr) = NID_id_HMACGostR3411_94; - return 1; - } else { - return 0; - } - case EVP_CTRL_INIT: - /* Default value to have any s-box set at all */ - c->param_nid = NID_id_Gost28147_89_CryptoPro_A_ParamSet; - return Gost2814789_set_sbox(&c->ks, c->param_nid); - case EVP_CTRL_GOST_SET_SBOX: - return Gost2814789_set_sbox(&c->ks, arg); - default: - return -1; - } -} - -int -gost2814789_set_asn1_params(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params) -{ - int len = 0; - unsigned char *buf = NULL; - unsigned char *p = NULL; - EVP_GOST2814789_CTX *c = ctx->cipher_data; - ASN1_OCTET_STRING *os = NULL; - GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new(); - - if (gcp == NULL) { - GOSTerror(ERR_R_MALLOC_FAILURE); - return 0; - } - if (ASN1_OCTET_STRING_set(gcp->iv, ctx->iv, ctx->cipher->iv_len) == 0) { - GOST_CIPHER_PARAMS_free(gcp); - GOSTerror(ERR_R_ASN1_LIB); - return 0; - } - ASN1_OBJECT_free(gcp->enc_param_set); - gcp->enc_param_set = OBJ_nid2obj(c->param_nid); - - len = i2d_GOST_CIPHER_PARAMS(gcp, NULL); - p = buf = malloc(len); - if (buf == NULL) { - GOST_CIPHER_PARAMS_free(gcp); - GOSTerror(ERR_R_MALLOC_FAILURE); - return 0; - } - i2d_GOST_CIPHER_PARAMS(gcp, &p); - GOST_CIPHER_PARAMS_free(gcp); - - os = ASN1_OCTET_STRING_new(); - if (os == NULL) { - free(buf); - GOSTerror(ERR_R_MALLOC_FAILURE); - return 0; - } - if (ASN1_OCTET_STRING_set(os, buf, len) == 0) { - ASN1_OCTET_STRING_free(os); - free(buf); - GOSTerror(ERR_R_ASN1_LIB); - return 0; - } - free(buf); - - ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os); - return 1; -} - -int -gost2814789_get_asn1_params(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params) -{ - int ret = -1; - int len; - GOST_CIPHER_PARAMS *gcp = NULL; - EVP_GOST2814789_CTX *c = ctx->cipher_data; - unsigned char *p; - - if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE) - return ret; - - p = params->value.sequence->data; - - gcp = d2i_GOST_CIPHER_PARAMS(NULL, (const unsigned char **)&p, - params->value.sequence->length); - - len = gcp->iv->length; - if (len != ctx->cipher->iv_len) { - GOST_CIPHER_PARAMS_free(gcp); - GOSTerror(GOST_R_INVALID_IV_LENGTH); - return -1; - } - - if (!Gost2814789_set_sbox(&c->ks, OBJ_obj2nid(gcp->enc_param_set))) { - GOST_CIPHER_PARAMS_free(gcp); - return -1; - } - c->param_nid = OBJ_obj2nid(gcp->enc_param_set); - - memcpy(ctx->oiv, gcp->iv->data, len); - memcpy(ctx->iv, gcp->iv->data, len); - - GOST_CIPHER_PARAMS_free(gcp); - - return 1; -} - -static int -gost2814789_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t i, bl; - - bl = ctx->cipher->block_size; - - if (inl < bl) - return 1; - - inl -= bl; - - for (i = 0; i <= inl; i += bl) - Gost2814789_ecb_encrypt(in + i, out + i, &((EVP_GOST2814789_CTX *)ctx->cipher_data)->ks, ctx->encrypt); - - return 1; -} - -static int -gost2814789_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t chunk = EVP_MAXCHUNK; - - if (inl < chunk) - chunk = inl; - - while (inl && inl >= chunk) { - Gost2814789_cfb64_encrypt(in, out, chunk, &((EVP_GOST2814789_CTX *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - if (inl < chunk) - chunk = inl; - } - - return 1; -} - -static int -gost2814789_cnt_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - EVP_GOST2814789_CTX *c = ctx->cipher_data; - - while (inl >= EVP_MAXCHUNK) { - Gost2814789_cnt_encrypt(in, out, EVP_MAXCHUNK, &c->ks, - ctx->iv, ctx->buf, &ctx->num); - inl -= EVP_MAXCHUNK; - in += EVP_MAXCHUNK; - out += EVP_MAXCHUNK; - } - - if (inl) - Gost2814789_cnt_encrypt(in, out, inl, &c->ks, ctx->iv, ctx->buf, - &ctx->num); - return 1; -} - -/* gost89 is CFB-64 */ -#define NID_gost89_cfb64 NID_id_Gost28147_89 - -static const EVP_CIPHER gost2814789_ecb = { - .nid = NID_gost89_ecb, - .block_size = 8, - .key_len = 32, - .iv_len = 0, - .flags = EVP_CIPH_NO_PADDING | EVP_CIPH_CTRL_INIT | EVP_CIPH_ECB_MODE, - .init = gost2814789_init_key, - .do_cipher = gost2814789_ecb_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_GOST2814789_CTX), - .set_asn1_parameters = gost2814789_set_asn1_params, - .get_asn1_parameters = gost2814789_get_asn1_params, - .ctrl = gost2814789_ctl, -}; - -const EVP_CIPHER * -EVP_gost2814789_ecb(void) -{ - return &gost2814789_ecb; -} - -static const EVP_CIPHER gost2814789_cfb64 = { - .nid = NID_gost89_cfb64, - .block_size = 1, - .key_len = 32, - .iv_len = 8, - .flags = EVP_CIPH_NO_PADDING | EVP_CIPH_CTRL_INIT | EVP_CIPH_CFB_MODE, - .init = gost2814789_init_key, - .do_cipher = gost2814789_cfb64_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_GOST2814789_CTX), - .set_asn1_parameters = gost2814789_set_asn1_params, - .get_asn1_parameters = gost2814789_get_asn1_params, - .ctrl = gost2814789_ctl, -}; - -const EVP_CIPHER * -EVP_gost2814789_cfb64(void) -{ - return &gost2814789_cfb64; -} - -static const EVP_CIPHER gost2814789_cnt = { - .nid = NID_gost89_cnt, - .block_size = 1, - .key_len = 32, - .iv_len = 8, - .flags = EVP_CIPH_NO_PADDING | EVP_CIPH_CTRL_INIT | EVP_CIPH_OFB_MODE, - .init = gost2814789_init_key, - .do_cipher = gost2814789_cnt_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_GOST2814789_CTX), - .set_asn1_parameters = gost2814789_set_asn1_params, - .get_asn1_parameters = gost2814789_get_asn1_params, - .ctrl = gost2814789_ctl, -}; - -const EVP_CIPHER * -EVP_gost2814789_cnt(void) -{ - return &gost2814789_cnt; -} -#endif diff --git a/lib/libcrypto/evp/e_rc4_hmac_md5.c b/lib/libcrypto/evp/e_rc4_hmac_md5.c deleted file mode 100644 index 420b945a8..000000000 --- a/lib/libcrypto/evp/e_rc4_hmac_md5.c +++ /dev/null @@ -1,308 +0,0 @@ -/* $OpenBSD: e_rc4_hmac_md5.c,v 1.15 2024/01/07 16:18:18 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include - -#include - -#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_MD5) - -#include -#include -#include -#include - -#include "evp_local.h" - -/* FIXME: surely this is available elsewhere? */ -#define EVP_RC4_KEY_SIZE 16 - -typedef struct { - RC4_KEY ks; - MD5_CTX head, tail, md; - size_t payload_length; -} EVP_RC4_HMAC_MD5; - -#define NO_PAYLOAD_LENGTH ((size_t)-1) - -void rc4_md5_enc (RC4_KEY *key, const void *in0, void *out, - MD5_CTX *ctx, const void *inp, size_t blocks); - -#define data(ctx) ((EVP_RC4_HMAC_MD5 *)(ctx)->cipher_data) - -static int -rc4_hmac_md5_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *inkey, - const unsigned char *iv, int enc) -{ - EVP_RC4_HMAC_MD5 *key = data(ctx); - - RC4_set_key(&key->ks, EVP_CIPHER_CTX_key_length(ctx), inkey); - - MD5_Init(&key->head); /* handy when benchmarking */ - key->tail = key->head; - key->md = key->head; - - key->payload_length = NO_PAYLOAD_LENGTH; - - return 1; -} - -#if !defined(OPENSSL_NO_ASM) && defined(RC4_MD5_ASM) && ( \ - defined(__x86_64) || defined(__x86_64__) || \ - defined(_M_AMD64) || defined(_M_X64) || \ - defined(__INTEL__) ) && \ - !(defined(__APPLE__) && defined(__MACH__)) -#define STITCHED_CALL -#include "x86_arch.h" -#endif - -#if !defined(STITCHED_CALL) -#define rc4_off 0 -#define md5_off 0 -#endif - -static int -rc4_hmac_md5_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_RC4_HMAC_MD5 *key = data(ctx); -#if defined(STITCHED_CALL) - size_t rc4_off = 32-1-(key->ks.x&(32-1)), /* 32 is $MOD from rc4_md5-x86_64.pl */ - md5_off = MD5_CBLOCK - key->md.num, - blocks; - unsigned int l; -#endif - size_t plen = key->payload_length; - - if (plen != NO_PAYLOAD_LENGTH && len != (plen + MD5_DIGEST_LENGTH)) - return 0; - - if (ctx->encrypt) { - if (plen == NO_PAYLOAD_LENGTH) - plen = len; -#if defined(STITCHED_CALL) - /* cipher has to "fall behind" */ - if (rc4_off > md5_off) - md5_off += MD5_CBLOCK; - - if (plen > md5_off && - (blocks = (plen - md5_off) / MD5_CBLOCK) && - (OPENSSL_cpu_caps() & CPUCAP_MASK_INTELP4) == 0) { - MD5_Update(&key->md, in, md5_off); - RC4(&key->ks, rc4_off, in, out); - - rc4_md5_enc(&key->ks, in + rc4_off, out + rc4_off, - &key->md, in + md5_off, blocks); - blocks *= MD5_CBLOCK; - rc4_off += blocks; - md5_off += blocks; - key->md.Nh += blocks >> 29; - key->md.Nl += blocks <<= 3; - if (key->md.Nl < (unsigned int)blocks) - key->md.Nh++; - } else { - rc4_off = 0; - md5_off = 0; - } -#endif - MD5_Update(&key->md, in + md5_off, plen - md5_off); - - if (plen!=len) { /* "TLS" mode of operation */ - if (in != out) - memcpy(out + rc4_off, in + rc4_off, - plen - rc4_off); - - /* calculate HMAC and append it to payload */ - MD5_Final(out + plen, &key->md); - key->md = key->tail; - MD5_Update(&key->md, out + plen, MD5_DIGEST_LENGTH); - MD5_Final(out + plen, &key->md); - - /* encrypt HMAC at once */ - RC4(&key->ks, len - rc4_off, out + rc4_off, - out + rc4_off); - } else { - RC4(&key->ks, len - rc4_off, in + rc4_off, - out + rc4_off); - } - } else { - unsigned char mac[MD5_DIGEST_LENGTH]; -#if defined(STITCHED_CALL) - /* digest has to "fall behind" */ - if (md5_off > rc4_off) - rc4_off += 2*MD5_CBLOCK; - else - rc4_off += MD5_CBLOCK; - - if (len > rc4_off && (blocks = (len - rc4_off) / MD5_CBLOCK) && - (OPENSSL_cpu_caps() & CPUCAP_MASK_INTELP4) == 0) { - RC4(&key->ks, rc4_off, in, out); - MD5_Update(&key->md, out, md5_off); - - rc4_md5_enc(&key->ks, in + rc4_off, out + rc4_off, - &key->md, out + md5_off, blocks); - blocks *= MD5_CBLOCK; - rc4_off += blocks; - md5_off += blocks; - l = (key->md.Nl + (blocks << 3)) & 0xffffffffU; - if (l < key->md.Nl) - key->md.Nh++; - key->md.Nl = l; - key->md.Nh += blocks >> 29; - } else { - md5_off = 0; - rc4_off = 0; - } -#endif - /* decrypt HMAC at once */ - RC4(&key->ks, len - rc4_off, in + rc4_off, out + rc4_off); - if (plen!=NO_PAYLOAD_LENGTH) { /* "TLS" mode of operation */ - MD5_Update(&key->md, out + md5_off, plen - md5_off); - - /* calculate HMAC and verify it */ - MD5_Final(mac, &key->md); - key->md = key->tail; - MD5_Update(&key->md, mac, MD5_DIGEST_LENGTH); - MD5_Final(mac, &key->md); - - if (memcmp(out + plen, mac, MD5_DIGEST_LENGTH)) - return 0; - } else { - MD5_Update(&key->md, out + md5_off, len - md5_off); - } - } - - key->payload_length = NO_PAYLOAD_LENGTH; - - return 1; -} - -static int -rc4_hmac_md5_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) -{ - EVP_RC4_HMAC_MD5 *key = data(ctx); - - switch (type) { - case EVP_CTRL_AEAD_SET_MAC_KEY: - { - unsigned int i; - unsigned char hmac_key[64]; - - memset (hmac_key, 0, sizeof(hmac_key)); - - if (arg > (int)sizeof(hmac_key)) { - MD5_Init(&key->head); - MD5_Update(&key->head, ptr, arg); - MD5_Final(hmac_key, &key->head); - } else { - memcpy(hmac_key, ptr, arg); - } - - for (i = 0; i < sizeof(hmac_key); i++) - hmac_key[i] ^= 0x36; /* ipad */ - MD5_Init(&key->head); - MD5_Update(&key->head, hmac_key, sizeof(hmac_key)); - - for (i = 0; i < sizeof(hmac_key); i++) - hmac_key[i] ^= 0x36 ^ 0x5c; /* opad */ - MD5_Init(&key->tail); - MD5_Update(&key->tail, hmac_key, sizeof(hmac_key)); - - return 1; - } - case EVP_CTRL_AEAD_TLS1_AAD: - { - unsigned char *p = ptr; - unsigned int len = p[arg - 2] << 8 | p[arg - 1]; - - if (!ctx->encrypt) { - if (len < MD5_DIGEST_LENGTH) - return -1; - len -= MD5_DIGEST_LENGTH; - p[arg - 2] = len >> 8; - p[arg - 1] = len; - } - key->payload_length = len; - key->md = key->head; - MD5_Update(&key->md, p, arg); - - return MD5_DIGEST_LENGTH; - } - default: - return -1; - } -} - -static const EVP_CIPHER r4_hmac_md5_cipher = { -#ifdef NID_rc4_hmac_md5 - .nid = NID_rc4_hmac_md5, -#else - .nid = NID_undef, -#endif - .block_size = 1, - .key_len = EVP_RC4_KEY_SIZE, - .iv_len = 0, - .flags = EVP_CIPH_STREAM_CIPHER|EVP_CIPH_VARIABLE_LENGTH|EVP_CIPH_FLAG_AEAD_CIPHER, - .init = rc4_hmac_md5_init_key, - .do_cipher = rc4_hmac_md5_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_RC4_HMAC_MD5), - .set_asn1_parameters = NULL, - .get_asn1_parameters = NULL, - .ctrl = rc4_hmac_md5_ctrl, -}; - -const EVP_CIPHER * -EVP_rc4_hmac_md5(void) -{ - return (&r4_hmac_md5_cipher); -} -#endif diff --git a/lib/libcrypto/evp/evp.h b/lib/libcrypto/evp/evp.h index 4acd9facb..f6123963e 100644 --- a/lib/libcrypto/evp/evp.h +++ b/lib/libcrypto/evp/evp.h @@ -1,4 +1,4 @@ -/* $OpenBSD: evp.h,v 1.121 2024/02/18 15:47:48 tb Exp $ */ +/* $OpenBSD: evp.h,v 1.132 2024/03/02 10:21:12 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -210,8 +210,6 @@ extern "C" { #define EVP_CIPH_ALWAYS_CALL_INIT 0x20 /* Call ctrl() to init cipher parameters */ #define EVP_CIPH_CTRL_INIT 0x40 -/* Don't use standard key length function */ -#define EVP_CIPH_CUSTOM_KEY_LENGTH 0x80 /* Don't use standard block padding */ #define EVP_CIPH_NO_PADDING 0x100 /* cipher handles random key generation */ @@ -241,7 +239,6 @@ extern "C" { /* ctrl() values */ #define EVP_CTRL_INIT 0x0 -#define EVP_CTRL_SET_KEY_LENGTH 0x1 #define EVP_CTRL_GET_RC2_KEY_BITS 0x2 #define EVP_CTRL_SET_RC2_KEY_BITS 0x3 #define EVP_CTRL_GET_RC5_ROUNDS 0x4 @@ -352,24 +349,6 @@ int EVP_MD_size(const EVP_MD *md); int EVP_MD_block_size(const EVP_MD *md); unsigned long EVP_MD_flags(const EVP_MD *md); -EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type); -void EVP_MD_meth_free(EVP_MD *md); -EVP_MD *EVP_MD_meth_dup(const EVP_MD *md); -int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize); -int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize); -int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize); -int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags); -int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx)); -int EVP_MD_meth_set_update(EVP_MD *md, - int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count)); -int EVP_MD_meth_set_final(EVP_MD *md, - int (*final)(EVP_MD_CTX *ctx, unsigned char *md)); -int EVP_MD_meth_set_copy(EVP_MD *md, - int (*copy)(EVP_MD_CTX *to, const EVP_MD_CTX *from)); -int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx)); -int EVP_MD_meth_set_ctrl(EVP_MD *md, - int (*ctrl)(EVP_MD_CTX *ctx, int cmd, int p1, void *p2)); - const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx); void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx); EVP_PKEY_CTX *EVP_MD_CTX_pkey_ctx(const EVP_MD_CTX *ctx); @@ -461,19 +440,10 @@ int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, int EVP_Cipher(EVP_CIPHER_CTX *c, unsigned char *out, const unsigned char *in, unsigned int inl); -#define EVP_add_cipher_alias(n,alias) \ - OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n)) -#define EVP_add_digest_alias(n,alias) \ - OBJ_NAME_add((alias),OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,(n)) -#define EVP_delete_cipher_alias(alias) \ - OBJ_NAME_remove(alias,OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS); -#define EVP_delete_digest_alias(alias) \ - OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS); - EVP_MD_CTX *EVP_MD_CTX_new(void); void EVP_MD_CTX_free(EVP_MD_CTX *ctx); #ifndef LIBRESSL_INTERNAL -void EVP_MD_CTX_init(EVP_MD_CTX *ctx); +int EVP_MD_CTX_init(EVP_MD_CTX *ctx); #endif int EVP_MD_CTX_reset(EVP_MD_CTX *ctx); EVP_MD_CTX *EVP_MD_CTX_create(void); @@ -587,7 +557,7 @@ int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl); int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n); #ifndef LIBRESSL_INTERNAL -void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a); +int EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a); #endif int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a); EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void); @@ -676,9 +646,6 @@ const EVP_CIPHER *EVP_desx_cbc(void); #ifndef OPENSSL_NO_RC4 const EVP_CIPHER *EVP_rc4(void); const EVP_CIPHER *EVP_rc4_40(void); -#ifndef OPENSSL_NO_MD5 -const EVP_CIPHER *EVP_rc4_hmac_md5(void); -#endif #endif #ifndef OPENSSL_NO_IDEA const EVP_CIPHER *EVP_idea_ecb(void); @@ -749,10 +716,6 @@ const EVP_CIPHER *EVP_aes_256_xts(void); #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) const EVP_CIPHER *EVP_chacha20_poly1305(void); #endif -#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) -const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void); -const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void); -#endif #endif #ifndef OPENSSL_NO_CAMELLIA const EVP_CIPHER *EVP_camellia_128_ecb(void); @@ -813,9 +776,6 @@ void OpenSSL_add_all_digests(void); #define SSLeay_add_all_ciphers() OpenSSL_add_all_ciphers() #define SSLeay_add_all_digests() OpenSSL_add_all_digests() -int EVP_add_cipher(const EVP_CIPHER *cipher); -int EVP_add_digest(const EVP_MD *digest); - const EVP_CIPHER *EVP_get_cipherbyname(const char *name); const EVP_MD *EVP_get_digestbyname(const char *name); void EVP_cleanup(void); @@ -906,46 +866,13 @@ int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid); int EVP_CIPHER_type(const EVP_CIPHER *ctx); -/* calls methods */ -int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type); -int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type); - -/* These are used by EVP_CIPHER methods */ -int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type); -int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type); - /* PKCS5 password based encryption */ -int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de); int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, const unsigned char *salt, int saltlen, int iter, int keylen, unsigned char *out); int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt, int saltlen, int iter, const EVP_MD *digest, int keylen, unsigned char *out); -int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, - int en_de); - -void PKCS5_PBE_add(void); - -int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen, - ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de); - -/* PBE type */ - -/* Can appear as the outermost AlgorithmIdentifier */ -#define EVP_PBE_TYPE_OUTER 0x0 -/* Is an PRF type OID */ -#define EVP_PBE_TYPE_PRF 0x1 - -int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid, - EVP_PBE_KEYGEN *keygen); -int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md, - EVP_PBE_KEYGEN *keygen); -int EVP_PBE_find(int type, int pbe_nid, int *pcnid, int *pmnid, - EVP_PBE_KEYGEN **pkeygen); -void EVP_PBE_cleanup(void); #define ASN1_PKEY_ALIAS 0x1 #define ASN1_PKEY_DYNAMIC 0x2 @@ -963,53 +890,11 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx); const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type); const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe, const char *str, int len); -int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth); -int EVP_PKEY_asn1_add_alias(int to, int from); int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id, int *ppkey_flags, const char **pinfo, const char **ppem_str, const EVP_PKEY_ASN1_METHOD *ameth); const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey); -EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags, const char *pem_str, - const char *info); -void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst, - const EVP_PKEY_ASN1_METHOD *src); -void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth); -void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth, - int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub), - int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk), - int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b), - int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx), - int (*pkey_size)(const EVP_PKEY *pk), - int (*pkey_bits)(const EVP_PKEY *pk)); -void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth, - int (*priv_decode)(EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf), - int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk), - int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx)); -void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth, - int (*param_decode)(EVP_PKEY *pkey, const unsigned char **pder, int derlen), - int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder), - int (*param_missing)(const EVP_PKEY *pk), - int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from), - int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b), - int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx)); - -void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth, - void (*pkey_free)(EVP_PKEY *pkey)); -void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth, - int (*pkey_ctrl)(EVP_PKEY *pkey, int op, long arg1, void *arg2)); -void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth, - int (*pkey_security_bits)(const EVP_PKEY *pkey)); - -void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth, - int (*pkey_check)(const EVP_PKEY *pk)); -void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth, - int (*pkey_public_check)(const EVP_PKEY *pk)); -void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth, - int (*pkey_check)(const EVP_PKEY *pk)); #define EVP_PKEY_OP_UNDEFINED 0 #define EVP_PKEY_OP_PARAMGEN (1<<1) @@ -1076,14 +961,6 @@ void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth, */ #define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4 -const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type); -EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags); -void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, - const EVP_PKEY_METHOD *meth); -void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src); -void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth); -int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth); - EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e); EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e); EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx); @@ -1146,73 +1023,6 @@ EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx); int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx); -void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth, - int (*init)(EVP_PKEY_CTX *ctx)); - -void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth, - int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)); - -void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth, - void (*cleanup)(EVP_PKEY_CTX *ctx)); - -void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth, - int (*paramgen_init)(EVP_PKEY_CTX *ctx), - int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)); - -void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth, - int (*keygen_init)(EVP_PKEY_CTX *ctx), - int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)); - -void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth, - int (*sign_init)(EVP_PKEY_CTX *ctx), - int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen)); - -void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth, - int (*verify_init)(EVP_PKEY_CTX *ctx), - int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, - const unsigned char *tbs, size_t tbslen)); - -void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth, - int (*verify_recover_init)(EVP_PKEY_CTX *ctx), - int (*verify_recover)(EVP_PKEY_CTX *ctx, unsigned char *sig, - size_t *siglen, const unsigned char *tbs, size_t tbslen)); - -void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth, - int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx), - int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - EVP_MD_CTX *mctx)); - -void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth, - int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx), - int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen, - EVP_MD_CTX *mctx)); - -void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth, - int (*encrypt_init)(EVP_PKEY_CTX *ctx), - int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen)); - -void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth, - int (*decrypt_init)(EVP_PKEY_CTX *ctx), - int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen)); - -void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth, - int (*derive_init)(EVP_PKEY_CTX *ctx), - int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)); - -void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth, - int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2), - int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value)); - -void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth, - int (*check)(EVP_PKEY *pkey)); -void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth, - int (*public_check)(EVP_PKEY *pkey)); -void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth, - int (*param_check)(EVP_PKEY *pkey)); - /* Authenticated Encryption with Additional Data. * * AEAD couples confidentiality and integrity in a single primtive. AEAD diff --git a/lib/libcrypto/evp/evp_cipher.c b/lib/libcrypto/evp/evp_cipher.c index c2a88a559..48aaea0f1 100644 --- a/lib/libcrypto/evp/evp_cipher.c +++ b/lib/libcrypto/evp/evp_cipher.c @@ -1,4 +1,4 @@ -/* $OpenBSD: evp_cipher.c,v 1.20 2024/02/24 08:00:37 tb Exp $ */ +/* $OpenBSD: evp_cipher.c,v 1.21 2024/03/02 09:55:30 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -613,15 +613,15 @@ EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) } void -EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) +EVP_CIPHER_CTX_legacy_clear(EVP_CIPHER_CTX *ctx) { memset(ctx, 0, sizeof(*ctx)); } -void -EVP_CIPHER_CTX_legacy_clear(EVP_CIPHER_CTX *ctx) +int +EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) { - memset(ctx, 0, sizeof(*ctx)); + return EVP_CIPHER_CTX_cleanup(ctx); } int diff --git a/lib/libcrypto/evp/evp_digest.c b/lib/libcrypto/evp/evp_digest.c index 3a349ad0e..d36076029 100644 --- a/lib/libcrypto/evp/evp_digest.c +++ b/lib/libcrypto/evp/evp_digest.c @@ -1,4 +1,4 @@ -/* $OpenBSD: evp_digest.c,v 1.10 2024/02/18 15:45:42 tb Exp $ */ +/* $OpenBSD: evp_digest.c,v 1.12 2024/03/02 09:59:56 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -247,15 +247,15 @@ EVP_MD_CTX_destroy(EVP_MD_CTX *ctx) } void -EVP_MD_CTX_init(EVP_MD_CTX *ctx) +EVP_MD_CTX_legacy_clear(EVP_MD_CTX *ctx) { memset(ctx, 0, sizeof(*ctx)); } -void -EVP_MD_CTX_legacy_clear(EVP_MD_CTX *ctx) +int +EVP_MD_CTX_init(EVP_MD_CTX *ctx) { - memset(ctx, 0, sizeof(*ctx)); + return EVP_MD_CTX_cleanup(ctx); } int @@ -470,115 +470,3 @@ EVP_MD_block_size(const EVP_MD *md) { return md->block_size; } - -/* - * XXX - remove everything below in the next bump. - */ - -EVP_MD * -EVP_MD_meth_new(int md_type, int pkey_type) -{ - EVP_MD *md; - - if ((md = calloc(1, sizeof(*md))) == NULL) - return NULL; - - md->type = md_type; - md->pkey_type = pkey_type; - - return md; -} - -EVP_MD * -EVP_MD_meth_dup(const EVP_MD *md) -{ - EVP_MD *to; - - if ((to = EVP_MD_meth_new(md->type, md->pkey_type)) == NULL) - return NULL; - - memcpy(to, md, sizeof(*to)); - - return to; -} - -void -EVP_MD_meth_free(EVP_MD *md) -{ - freezero(md, sizeof(*md)); -} - -int -EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize) -{ - md->block_size = blocksize; - return 1; -} - -int -EVP_MD_meth_set_result_size(EVP_MD *md, int result_size) -{ - md->md_size = result_size; - return 1; -} - -int -EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize) -{ - md->ctx_size = datasize; - return 1; -} - -int -EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags) -{ - md->flags = flags; - return 1; -} - -int -EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx)) -{ - md->init = init; - return 1; -} - -int -EVP_MD_meth_set_update(EVP_MD *md, - int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count)) -{ - md->update = update; - return 1; -} - -int -EVP_MD_meth_set_final(EVP_MD *md, - int (*final)(EVP_MD_CTX *ctx, unsigned char *md)) -{ - md->final = final; - return 1; -} - -int -EVP_MD_meth_set_copy(EVP_MD *md, - int (*copy)(EVP_MD_CTX *to, const EVP_MD_CTX *from)) -{ - md->copy = copy; - return 1; -} - -int -EVP_MD_meth_set_cleanup(EVP_MD *md, - int (*cleanup)(EVP_MD_CTX *ctx)) -{ - md->cleanup = cleanup; - return 1; -} - -int -EVP_MD_meth_set_ctrl(EVP_MD *md, - int (*ctrl)(EVP_MD_CTX *ctx, int cmd, int p1, void *p2)) -{ - md->md_ctrl = ctrl; - return 1; -} diff --git a/lib/libcrypto/evp/evp_local.h b/lib/libcrypto/evp/evp_local.h index 65d23547b..dad2cec81 100644 --- a/lib/libcrypto/evp/evp_local.h +++ b/lib/libcrypto/evp/evp_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: evp_local.h,v 1.16 2024/02/18 15:43:21 tb Exp $ */ +/* $OpenBSD: evp_local.h,v 1.19 2024/03/02 10:20:27 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -340,9 +340,6 @@ struct evp_pkey_method_st { void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx); -int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de); - /* EVP_AEAD represents a specific AEAD algorithm. */ struct evp_aead_st { unsigned char key_len; @@ -373,6 +370,15 @@ struct evp_aead_ctx_st { void *aead_state; }; +/* Legacy EVP_CIPHER methods used by CMS and its predecessors. */ +int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *cipher, ASN1_TYPE *type); +int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *cipher, ASN1_TYPE *type); +int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *cipher, ASN1_TYPE *type); +int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *cipher, ASN1_TYPE *type); + +int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen, + ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de); + int EVP_PKEY_CTX_str2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *str); int EVP_PKEY_CTX_hex2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *hex); int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md_name); diff --git a/lib/libcrypto/evp/evp_names.c b/lib/libcrypto/evp/evp_names.c index cf57a4aa5..2936c3662 100644 --- a/lib/libcrypto/evp/evp_names.c +++ b/lib/libcrypto/evp/evp_names.c @@ -1,4 +1,4 @@ -/* $OpenBSD: evp_names.c,v 1.8 2024/01/27 18:12:27 tb Exp $ */ +/* $OpenBSD: evp_names.c,v 1.12 2024/03/02 10:13:13 tb Exp $ */ /* * Copyright (c) 2023 Theo Buehler * @@ -51,10 +51,6 @@ static const struct cipher_name cipher_names[] = { .name = SN_aes_128_cbc, .cipher = EVP_aes_128_cbc, }, - { - .name = SN_aes_128_cbc_hmac_sha1, - .cipher = EVP_aes_128_cbc_hmac_sha1, - }, { .name = SN_aes_128_cfb128, .cipher = EVP_aes_128_cfb128, @@ -117,10 +113,6 @@ static const struct cipher_name cipher_names[] = { .name = SN_aes_256_cbc, .cipher = EVP_aes_256_cbc, }, - { - .name = SN_aes_256_cbc_hmac_sha1, - .cipher = EVP_aes_256_cbc_hmac_sha1, - }, { .name = SN_aes_256_cfb128, .cipher = EVP_aes_256_cfb128, @@ -497,10 +489,6 @@ static const struct cipher_name cipher_names[] = { .name = SN_rc4_40, .cipher = EVP_rc4_40, }, - { - .name = SN_rc4_hmac_md5, - .cipher = EVP_rc4_hmac_md5, - }, #endif /* OPENSSL_NO_RC4 */ #ifndef OPENSSL_NO_SM4 @@ -537,10 +525,6 @@ static const struct cipher_name cipher_names[] = { .name = LN_aes_128_cbc, .cipher = EVP_aes_128_cbc, }, - { - .name = LN_aes_128_cbc_hmac_sha1, - .cipher = EVP_aes_128_cbc_hmac_sha1, - }, { .name = LN_aes_128_ccm, .cipher = EVP_aes_128_ccm, @@ -619,10 +603,6 @@ static const struct cipher_name cipher_names[] = { .name = LN_aes_256_cbc, .cipher = EVP_aes_256_cbc, }, - { - .name = LN_aes_256_cbc_hmac_sha1, - .cipher = EVP_aes_256_cbc_hmac_sha1, - }, { .name = LN_aes_256_ccm, .cipher = EVP_aes_256_ccm, @@ -1060,10 +1040,6 @@ static const struct cipher_name cipher_names[] = { .name = LN_rc4_40, .cipher = EVP_rc4_40, }, - { - .name = LN_rc4_hmac_md5, - .cipher = EVP_rc4_hmac_md5, - }, #endif /* OPENSSL_NO_RC4 */ #ifndef OPENSSL_NO_SM4 @@ -1787,7 +1763,7 @@ OBJ_NAME_from_cipher_name(OBJ_NAME *obj_name, const struct cipher_name *cipher) obj_name->data = cipher->alias; } else { obj_name->alias = 0; - obj_name->data = (const char *)evp_cipher; + obj_name->data = evp_cipher; } return 1; @@ -1822,7 +1798,7 @@ OBJ_NAME_from_digest_name(OBJ_NAME *obj_name, const struct digest_name *digest) obj_name->data = digest->alias; } else { obj_name->alias = 0; - obj_name->data = (const char *)evp_md; + obj_name->data = evp_md; } return 1; @@ -1914,67 +1890,3 @@ void EVP_cleanup(void) { } - -/* - * XXX - Remove all the garbage below in the next bump. - */ - -int -EVP_add_cipher(const EVP_CIPHER *c) -{ - return 1; -} - -int -EVP_add_digest(const EVP_MD *md) -{ - return 1; -} - -int -OBJ_NAME_init(void) -{ - OBJerror(ERR_R_DISABLED); - return 0; -} -LCRYPTO_ALIAS(OBJ_NAME_init); - -int -OBJ_NAME_new_index(unsigned long (*hash_func)(const char *), - int (*cmp_func)(const char *, const char *), - void (*free_func)(const char *, int, const char *)) -{ - OBJerror(ERR_R_DISABLED); - return 0; -} -LCRYPTO_ALIAS(OBJ_NAME_new_index); - -const char * -OBJ_NAME_get(const char *name, int type) -{ - OBJerror(ERR_R_DISABLED); - return NULL; -} -LCRYPTO_ALIAS(OBJ_NAME_get); - -int -OBJ_NAME_add(const char *name, int type, const char *data) -{ - /* No error to avoid polluting xca's error stack. */ - return 0; -} -LCRYPTO_ALIAS(OBJ_NAME_add); - -int -OBJ_NAME_remove(const char *name, int type) -{ - OBJerror(ERR_R_DISABLED); - return 0; -} -LCRYPTO_ALIAS(OBJ_NAME_remove); - -void -OBJ_NAME_cleanup(int type) -{ -} -LCRYPTO_ALIAS(OBJ_NAME_cleanup); diff --git a/lib/libcrypto/evp/evp_pbe.c b/lib/libcrypto/evp/evp_pbe.c index eb8d5c415..532c924a9 100644 --- a/lib/libcrypto/evp/evp_pbe.c +++ b/lib/libcrypto/evp/evp_pbe.c @@ -1,4 +1,4 @@ -/* $OpenBSD: evp_pbe.c,v 1.42 2024/02/18 15:45:42 tb Exp $ */ +/* $OpenBSD: evp_pbe.c,v 1.46 2024/03/02 10:20:27 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -69,8 +69,19 @@ #include "evp_local.h" #include "hmac_local.h" +#include "pkcs12_local.h" +#include "x509_local.h" /* Password based encryption (PBE) functions */ +int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, + ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de); +int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, + ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de); +int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, + ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md_type, + int en_de); +int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, + ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de); static const struct pbe_config { int pbe_nid; @@ -640,41 +651,3 @@ PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, return ret; } LCRYPTO_ALIAS(PKCS12_PBE_keyivgen); - -/* - * XXX - remove the functions below in the next major bump - */ - -int -EVP_PBE_find(int type, int pbe_nid, int *out_cipher_nid, int *out_md_nid, - EVP_PBE_KEYGEN **out_keygen) -{ - EVPerror(ERR_R_DISABLED); - return 0; -} - -int -EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid, - EVP_PBE_KEYGEN *keygen) -{ - EVPerror(ERR_R_DISABLED); - return 0; -} - -int -EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md, - EVP_PBE_KEYGEN *keygen) -{ - EVPerror(ERR_R_DISABLED); - return 0; -} - -void -EVP_PBE_cleanup(void) -{ -} - -void -PKCS5_PBE_add(void) -{ -} diff --git a/lib/libcrypto/evp/m_gost2814789.c b/lib/libcrypto/evp/m_gost2814789.c deleted file mode 100644 index 9b8a09e5a..000000000 --- a/lib/libcrypto/evp/m_gost2814789.c +++ /dev/null @@ -1,113 +0,0 @@ -/* $OpenBSD: m_gost2814789.c,v 1.6 2023/07/07 19:37:53 beck Exp $ */ -/* - * Copyright (c) 2014 Dmitry Eremin-Solenikov - * Copyright (c) 2005-2006 Cryptocom LTD - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include - -#ifndef OPENSSL_NO_GOST - -#include -#include -#include - -#include "evp_local.h" - -static int -gost2814789_init(EVP_MD_CTX *ctx) -{ - return GOST2814789IMIT_Init(ctx->md_data, - NID_id_Gost28147_89_CryptoPro_A_ParamSet); -} - -static int -gost2814789_update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - return GOST2814789IMIT_Update(ctx->md_data, data, count); -} - -static int -gost2814789_final(EVP_MD_CTX *ctx, unsigned char *md) -{ - return GOST2814789IMIT_Final(md, ctx->md_data); -} - -static int -gost2814789_md_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2) -{ - GOST2814789IMIT_CTX *gctx = ctx->md_data; - - switch (cmd) { - case EVP_MD_CTRL_SET_KEY: - return Gost2814789_set_key(&gctx->cipher, p2, p1); - case EVP_MD_CTRL_GOST_SET_SBOX: - return Gost2814789_set_sbox(&gctx->cipher, p1); - } - return -2; -} - -static const EVP_MD gost2814789imit_md = { - .type = NID_id_Gost28147_89_MAC, - .pkey_type = NID_undef, - .md_size = GOST2814789IMIT_LENGTH, - .flags = 0, - .init = gost2814789_init, - .update = gost2814789_update, - .final = gost2814789_final, - .block_size = GOST2814789IMIT_CBLOCK, - .ctx_size = sizeof(EVP_MD *) + sizeof(GOST2814789IMIT_CTX), - .md_ctrl = gost2814789_md_ctrl, -}; - -const EVP_MD * -EVP_gost2814789imit(void) -{ - return (&gost2814789imit_md); -} -#endif diff --git a/lib/libcrypto/evp/m_gostr341194.c b/lib/libcrypto/evp/m_gostr341194.c deleted file mode 100644 index 723349a0d..000000000 --- a/lib/libcrypto/evp/m_gostr341194.c +++ /dev/null @@ -1,100 +0,0 @@ -/* $OpenBSD: m_gostr341194.c,v 1.7 2023/07/07 19:37:53 beck Exp $ */ -/* - * Copyright (c) 2014 Dmitry Eremin-Solenikov - * Copyright (c) 2005-2006 Cryptocom LTD - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include - -#include - -#ifndef OPENSSL_NO_GOST - -#include -#include -#include - -#include "evp_local.h" - -static int -gostr341194_init(EVP_MD_CTX *ctx) -{ - return GOSTR341194_Init(ctx->md_data, - NID_id_GostR3411_94_CryptoProParamSet); -} - -static int -gostr341194_update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - return GOSTR341194_Update(ctx->md_data, data, count); -} - -static int -gostr341194_final(EVP_MD_CTX *ctx, unsigned char *md) -{ - return GOSTR341194_Final(md, ctx->md_data); -} - -static const EVP_MD gostr341194_md = { - .type = NID_id_GostR3411_94, - .pkey_type = NID_undef, - .md_size = GOSTR341194_LENGTH, - .flags = 0, - .init = gostr341194_init, - .update = gostr341194_update, - .final = gostr341194_final, - .block_size = GOSTR341194_CBLOCK, - .ctx_size = sizeof(EVP_MD *) + sizeof(GOSTR341194_CTX), -}; - -const EVP_MD * -EVP_gostr341194(void) -{ - return (&gostr341194_md); -} -#endif diff --git a/lib/libcrypto/evp/m_streebog.c b/lib/libcrypto/evp/m_streebog.c deleted file mode 100644 index 48fa65864..000000000 --- a/lib/libcrypto/evp/m_streebog.c +++ /dev/null @@ -1,133 +0,0 @@ -/* $OpenBSD: m_streebog.c,v 1.7 2023/07/07 19:37:54 beck Exp $ */ -/* - * Copyright (c) 2014 Dmitry Eremin-Solenikov - * Copyright (c) 2005-2006 Cryptocom LTD - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include - -#ifndef OPENSSL_NO_GOST - -#include -#include -#include - -#include "evp_local.h" - -static int -streebog_init256(EVP_MD_CTX *ctx) -{ - return STREEBOG256_Init(ctx->md_data); -} - -static int -streebog_update256(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - return STREEBOG256_Update(ctx->md_data, data, count); -} - -static int -streebog_final256(EVP_MD_CTX *ctx, unsigned char *md) -{ - return STREEBOG256_Final(md, ctx->md_data); -} - -static int -streebog_init512(EVP_MD_CTX *ctx) -{ - return STREEBOG512_Init(ctx->md_data); -} - -static int -streebog_update512(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - return STREEBOG512_Update(ctx->md_data, data, count); -} - -static int -streebog_final512(EVP_MD_CTX *ctx, unsigned char *md) -{ - return STREEBOG512_Final(md, ctx->md_data); -} - -static const EVP_MD streebog256_md = { - .type = NID_id_tc26_gost3411_2012_256, - .pkey_type = NID_undef, - .md_size = STREEBOG256_LENGTH, - .flags = 0, - .init = streebog_init256, - .update = streebog_update256, - .final = streebog_final256, - .block_size = STREEBOG_CBLOCK, - .ctx_size = sizeof(EVP_MD *) + sizeof(STREEBOG_CTX), -}; - -static const EVP_MD streebog512_md = { - .type = NID_id_tc26_gost3411_2012_512, - .pkey_type = NID_undef, - .md_size = STREEBOG512_LENGTH, - .flags = 0, - .init = streebog_init512, - .update = streebog_update512, - .final = streebog_final512, - .block_size = STREEBOG_CBLOCK, - .ctx_size = sizeof(EVP_MD *) + sizeof(STREEBOG_CTX), -}; - -const EVP_MD * -EVP_streebog256(void) -{ - return (&streebog256_md); -} - -const EVP_MD * -EVP_streebog512(void) -{ - return (&streebog512_md); -} -#endif diff --git a/lib/libcrypto/evp/p_lib.c b/lib/libcrypto/evp/p_lib.c index 558c89d42..8bf820560 100644 --- a/lib/libcrypto/evp/p_lib.c +++ b/lib/libcrypto/evp/p_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: p_lib.c,v 1.58 2024/01/05 21:22:01 tb Exp $ */ +/* $OpenBSD: p_lib.c,v 1.59 2024/03/02 11:17:27 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -140,10 +140,6 @@ extern const EVP_PKEY_ASN1_METHOD dsa3_asn1_meth; extern const EVP_PKEY_ASN1_METHOD dsa4_asn1_meth; extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth; extern const EVP_PKEY_ASN1_METHOD ed25519_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD gostimit_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD gostr01_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD gostr12_256_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD gostr12_512_asn1_meth; extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth; extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meth; extern const EVP_PKEY_ASN1_METHOD rsa2_asn1_meth; @@ -160,10 +156,6 @@ static const EVP_PKEY_ASN1_METHOD *asn1_methods[] = { &dsa4_asn1_meth, &eckey_asn1_meth, &ed25519_asn1_meth, - &gostimit_asn1_meth, - &gostr01_asn1_meth, - &gostr12_256_asn1_meth, - &gostr12_512_asn1_meth, &hmac_asn1_meth, &rsa_asn1_meth, &rsa2_asn1_meth, diff --git a/lib/libcrypto/evp/pmeth_lib.c b/lib/libcrypto/evp/pmeth_lib.c index 67ab72eff..a2a9ad9c7 100644 --- a/lib/libcrypto/evp/pmeth_lib.c +++ b/lib/libcrypto/evp/pmeth_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pmeth_lib.c,v 1.37 2024/01/13 12:46:59 tb Exp $ */ +/* $OpenBSD: pmeth_lib.c,v 1.39 2024/03/02 11:17:27 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -76,8 +76,6 @@ extern const EVP_PKEY_METHOD dh_pkey_meth; extern const EVP_PKEY_METHOD dsa_pkey_meth; extern const EVP_PKEY_METHOD ec_pkey_meth; extern const EVP_PKEY_METHOD ed25519_pkey_meth; -extern const EVP_PKEY_METHOD gostimit_pkey_meth; -extern const EVP_PKEY_METHOD gostr01_pkey_meth; extern const EVP_PKEY_METHOD hkdf_pkey_meth; extern const EVP_PKEY_METHOD hmac_pkey_meth; extern const EVP_PKEY_METHOD rsa_pkey_meth; @@ -90,8 +88,6 @@ static const EVP_PKEY_METHOD *pkey_methods[] = { &dsa_pkey_meth, &ec_pkey_meth, &ed25519_pkey_meth, - &gostimit_pkey_meth, - &gostr01_pkey_meth, &hkdf_pkey_meth, &hmac_pkey_meth, &rsa_pkey_meth, @@ -347,163 +343,3 @@ EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx) { return ctx->app_data; } - -/* - * Remove all the functions below in the next major bump - */ - -const EVP_PKEY_METHOD * -EVP_PKEY_meth_find(int type) -{ - EVPerror(ERR_R_DISABLED); - return NULL; -} - -EVP_PKEY_METHOD* -EVP_PKEY_meth_new(int id, int flags) -{ - EVPerror(ERR_R_DISABLED); - return NULL; -} - -void -EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, const EVP_PKEY_METHOD *meth) -{ -} - -void -EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src) -{ -} - -void -EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth) -{ -} - -int -EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth) -{ - EVPerror(ERR_R_DISABLED); - return 0; -} - -void -EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth, - int (*init)(EVP_PKEY_CTX *ctx)) -{ -} - -void -EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth, - int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)) -{ -} - -void -EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth, - void (*cleanup)(EVP_PKEY_CTX *ctx)) -{ -} - -void -EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth, - int (*paramgen_init)(EVP_PKEY_CTX *ctx), - int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)) -{ -} - -void -EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth, - int (*keygen_init)(EVP_PKEY_CTX *ctx), - int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)) -{ -} - -void -EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth, - int (*sign_init)(EVP_PKEY_CTX *ctx), - int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen)) -{ -} - -void -EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth, - int (*verify_init)(EVP_PKEY_CTX *ctx), - int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, - const unsigned char *tbs, size_t tbslen)) -{ -} - -void -EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth, - int (*verify_recover_init)(EVP_PKEY_CTX *ctx), - int (*verify_recover)(EVP_PKEY_CTX *ctx, - unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen)) -{ -} - -void -EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth, - int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx), - int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - EVP_MD_CTX *mctx)) -{ -} - -void -EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth, - int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx), - int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen, - EVP_MD_CTX *mctx)) -{ -} - -void -EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth, - int (*encrypt_init)(EVP_PKEY_CTX *ctx), - int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen)) -{ -} - -void -EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth, - int (*decrypt_init)(EVP_PKEY_CTX *ctx), - int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen)) -{ -} - -void -EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth, - int (*derive_init)(EVP_PKEY_CTX *ctx), - int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)) -{ -} - -void -EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth, - int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2), - int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value)) -{ -} - -void -EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth, int (*check)(EVP_PKEY *pkey)) -{ -} - -void -EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth, - int (*public_check)(EVP_PKEY *pkey)) -{ -} - -void -EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth, - int (*param_check)(EVP_PKEY *pkey)) -{ -} diff --git a/lib/libcrypto/gost/gost.h b/lib/libcrypto/gost/gost.h deleted file mode 100644 index c7d9d25b2..000000000 --- a/lib/libcrypto/gost/gost.h +++ /dev/null @@ -1,262 +0,0 @@ -/* $OpenBSD: gost.h,v 1.4 2022/07/12 14:42:49 kn Exp $ */ -/* - * Copyright (c) 2014 Dmitry Eremin-Solenikov - * Copyright (c) 2005-2006 Cryptocom LTD - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#ifndef HEADER_GOST_H -#define HEADER_GOST_H - -#include - -#ifdef OPENSSL_NO_GOST -#error GOST is disabled. -#endif - -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct gost2814789_key_st { - unsigned int key[8]; - unsigned int k87[256],k65[256],k43[256],k21[256]; - unsigned int count; - unsigned key_meshing : 1; -} GOST2814789_KEY; - -int Gost2814789_set_sbox(GOST2814789_KEY *key, int nid); -int Gost2814789_set_key(GOST2814789_KEY *key, - const unsigned char *userKey, const int bits); -void Gost2814789_ecb_encrypt(const unsigned char *in, unsigned char *out, - GOST2814789_KEY *key, const int enc); -void Gost2814789_cfb64_encrypt(const unsigned char *in, unsigned char *out, - size_t length, GOST2814789_KEY *key, - unsigned char *ivec, int *num, const int enc); -void Gost2814789_cnt_encrypt(const unsigned char *in, unsigned char *out, - size_t length, GOST2814789_KEY *key, - unsigned char *ivec, unsigned char *cnt_buf, int *num); - -typedef struct { - ASN1_OCTET_STRING *iv; - ASN1_OBJECT *enc_param_set; -} GOST_CIPHER_PARAMS; - -GOST_CIPHER_PARAMS *GOST_CIPHER_PARAMS_new(void); -void GOST_CIPHER_PARAMS_free(GOST_CIPHER_PARAMS *a); -GOST_CIPHER_PARAMS *d2i_GOST_CIPHER_PARAMS(GOST_CIPHER_PARAMS **a, const unsigned char **in, long len); -int i2d_GOST_CIPHER_PARAMS(GOST_CIPHER_PARAMS *a, unsigned char **out); -extern const ASN1_ITEM GOST_CIPHER_PARAMS_it; - -#define GOST2814789IMIT_LENGTH 4 -#define GOST2814789IMIT_CBLOCK 8 -#define GOST2814789IMIT_LONG unsigned int - -typedef struct GOST2814789IMITstate_st { - GOST2814789IMIT_LONG Nl, Nh; - unsigned char data[GOST2814789IMIT_CBLOCK]; - unsigned int num; - - GOST2814789_KEY cipher; - unsigned char mac[GOST2814789IMIT_CBLOCK]; -} GOST2814789IMIT_CTX; - -/* Note, also removed second parameter and removed dctx->cipher setting */ -int GOST2814789IMIT_Init(GOST2814789IMIT_CTX *c, int nid); -int GOST2814789IMIT_Update(GOST2814789IMIT_CTX *c, const void *data, size_t len); -int GOST2814789IMIT_Final(unsigned char *md, GOST2814789IMIT_CTX *c); -void GOST2814789IMIT_Transform(GOST2814789IMIT_CTX *c, const unsigned char *data); -unsigned char *GOST2814789IMIT(const unsigned char *d, size_t n, - unsigned char *md, int nid, - const unsigned char *key, const unsigned char *iv); - -#define GOSTR341194_LONG unsigned int - -#define GOSTR341194_LENGTH 32 -#define GOSTR341194_CBLOCK 32 -#define GOSTR341194_LBLOCK (GOSTR341194_CBLOCK/4) - -typedef struct GOSTR341194state_st { - GOSTR341194_LONG Nl, Nh; - GOSTR341194_LONG data[GOSTR341194_LBLOCK]; - unsigned int num; - - GOST2814789_KEY cipher; - unsigned char H[GOSTR341194_CBLOCK]; - unsigned char S[GOSTR341194_CBLOCK]; -} GOSTR341194_CTX; - -/* Note, also removed second parameter and removed dctx->cipher setting */ -int GOSTR341194_Init(GOSTR341194_CTX *c, int nid); -int GOSTR341194_Update(GOSTR341194_CTX *c, const void *data, size_t len); -int GOSTR341194_Final(unsigned char *md, GOSTR341194_CTX *c); -void GOSTR341194_Transform(GOSTR341194_CTX *c, const unsigned char *data); -unsigned char *GOSTR341194(const unsigned char *d, size_t n,unsigned char *md, int nid); - -#if defined(_LP64) -#define STREEBOG_LONG64 unsigned long -#define U64(C) C##UL -#else -#define STREEBOG_LONG64 unsigned long long -#define U64(C) C##ULL -#endif - -#define STREEBOG_LBLOCK 8 -#define STREEBOG_CBLOCK 64 -#define STREEBOG256_LENGTH 32 -#define STREEBOG512_LENGTH 64 - -typedef struct STREEBOGstate_st { - STREEBOG_LONG64 data[STREEBOG_LBLOCK]; - unsigned int num; - unsigned int md_len; - STREEBOG_LONG64 h[STREEBOG_LBLOCK]; - STREEBOG_LONG64 N[STREEBOG_LBLOCK]; - STREEBOG_LONG64 Sigma[STREEBOG_LBLOCK]; -} STREEBOG_CTX; - -int STREEBOG256_Init(STREEBOG_CTX *c); -int STREEBOG256_Update(STREEBOG_CTX *c, const void *data, size_t len); -int STREEBOG256_Final(unsigned char *md, STREEBOG_CTX *c); -void STREEBOG256_Transform(STREEBOG_CTX *c, const unsigned char *data); -unsigned char *STREEBOG256(const unsigned char *d, size_t n,unsigned char *md); - -int STREEBOG512_Init(STREEBOG_CTX *c); -int STREEBOG512_Update(STREEBOG_CTX *c, const void *data, size_t len); -int STREEBOG512_Final(unsigned char *md, STREEBOG_CTX *c); -void STREEBOG512_Transform(STREEBOG_CTX *c, const unsigned char *data); -unsigned char *STREEBOG512(const unsigned char *d, size_t n,unsigned char *md); - -typedef struct gost_key_st GOST_KEY; -GOST_KEY *GOST_KEY_new(void); -void GOST_KEY_free(GOST_KEY * r); -int GOST_KEY_check_key(const GOST_KEY * eckey); -int GOST_KEY_set_public_key_affine_coordinates(GOST_KEY * key, BIGNUM * x, BIGNUM * y); -const EC_GROUP * GOST_KEY_get0_group(const GOST_KEY * key); -int GOST_KEY_set_group(GOST_KEY * key, const EC_GROUP * group); -int GOST_KEY_get_digest(const GOST_KEY * key); -int GOST_KEY_set_digest(GOST_KEY * key, int digest_nid); -const BIGNUM * GOST_KEY_get0_private_key(const GOST_KEY * key); -int GOST_KEY_set_private_key(GOST_KEY * key, const BIGNUM * priv_key); -const EC_POINT * GOST_KEY_get0_public_key(const GOST_KEY * key); -int GOST_KEY_set_public_key(GOST_KEY * key, const EC_POINT * pub_key); -size_t GOST_KEY_get_size(const GOST_KEY * r); - -/* Gost-specific pmeth control-function parameters */ -/* For GOST R34.10 parameters */ -#define EVP_PKEY_CTRL_GOST_PARAMSET (EVP_PKEY_ALG_CTRL+1) -#define EVP_PKEY_CTRL_GOST_SIG_FORMAT (EVP_PKEY_ALG_CTRL+2) -#define EVP_PKEY_CTRL_GOST_SET_DIGEST (EVP_PKEY_ALG_CTRL+3) -#define EVP_PKEY_CTRL_GOST_GET_DIGEST (EVP_PKEY_ALG_CTRL+4) - -#define GOST_SIG_FORMAT_SR_BE 0 -#define GOST_SIG_FORMAT_RS_LE 1 - -void ERR_load_GOST_strings(void); - -/* Error codes for the GOST functions. */ - -/* Function codes. */ -#define GOST_F_DECODE_GOST01_ALGOR_PARAMS 104 -#define GOST_F_ENCODE_GOST01_ALGOR_PARAMS 105 -#define GOST_F_GOST2001_COMPUTE_PUBLIC 106 -#define GOST_F_GOST2001_DO_SIGN 107 -#define GOST_F_GOST2001_DO_VERIFY 108 -#define GOST_F_GOST2001_KEYGEN 109 -#define GOST_F_GOST89_GET_ASN1_PARAMETERS 102 -#define GOST_F_GOST89_SET_ASN1_PARAMETERS 103 -#define GOST_F_GOST_KEY_CHECK_KEY 124 -#define GOST_F_GOST_KEY_NEW 125 -#define GOST_F_GOST_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES 126 -#define GOST_F_PARAM_COPY_GOST01 110 -#define GOST_F_PARAM_DECODE_GOST01 111 -#define GOST_F_PKEY_GOST01_CTRL 116 -#define GOST_F_PKEY_GOST01_DECRYPT 112 -#define GOST_F_PKEY_GOST01_DERIVE 113 -#define GOST_F_PKEY_GOST01_ENCRYPT 114 -#define GOST_F_PKEY_GOST01_PARAMGEN 115 -#define GOST_F_PKEY_GOST01_SIGN 123 -#define GOST_F_PKEY_GOST_MAC_CTRL 100 -#define GOST_F_PKEY_GOST_MAC_KEYGEN 101 -#define GOST_F_PRIV_DECODE_GOST01 117 -#define GOST_F_PUB_DECODE_GOST01 118 -#define GOST_F_PUB_ENCODE_GOST01 119 -#define GOST_F_PUB_PRINT_GOST01 120 -#define GOST_F_UNPACK_SIGNATURE_CP 121 -#define GOST_F_UNPACK_SIGNATURE_LE 122 - -/* Reason codes. */ -#define GOST_R_BAD_KEY_PARAMETERS_FORMAT 104 -#define GOST_R_BAD_PKEY_PARAMETERS_FORMAT 105 -#define GOST_R_CANNOT_PACK_EPHEMERAL_KEY 106 -#define GOST_R_CTRL_CALL_FAILED 107 -#define GOST_R_ERROR_COMPUTING_SHARED_KEY 108 -#define GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO 109 -#define GOST_R_INCOMPATIBLE_ALGORITHMS 110 -#define GOST_R_INCOMPATIBLE_PEER_KEY 111 -#define GOST_R_INVALID_DIGEST_TYPE 100 -#define GOST_R_INVALID_IV_LENGTH 103 -#define GOST_R_INVALID_MAC_KEY_LENGTH 101 -#define GOST_R_KEY_IS_NOT_INITIALIZED 112 -#define GOST_R_KEY_PARAMETERS_MISSING 113 -#define GOST_R_MAC_KEY_NOT_SET 102 -#define GOST_R_NO_PARAMETERS_SET 115 -#define GOST_R_NO_PEER_KEY 116 -#define GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR 117 -#define GOST_R_PUBLIC_KEY_UNDEFINED 118 -#define GOST_R_RANDOM_NUMBER_GENERATOR_FAILED 120 -#define GOST_R_SIGNATURE_MISMATCH 121 -#define GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q 122 -#define GOST_R_UKM_NOT_SET 123 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/lib/libcrypto/gost/gost2814789.c b/lib/libcrypto/gost/gost2814789.c deleted file mode 100644 index dac3a8eab..000000000 --- a/lib/libcrypto/gost/gost2814789.c +++ /dev/null @@ -1,480 +0,0 @@ -/* $OpenBSD: gost2814789.c,v 1.9 2023/07/08 14:30:44 beck Exp $ */ -/* - * Copyright (c) 2014 Dmitry Eremin-Solenikov - * Copyright (c) 2005-2006 Cryptocom LTD - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include - -#include - -#ifndef OPENSSL_NO_GOST -#include -#include - -#include "gost_local.h" - -static inline unsigned int -f(const GOST2814789_KEY *c, unsigned int x) -{ - return c->k87[(x>>24) & 255] | c->k65[(x>>16) & 255]| - c->k43[(x>> 8) & 255] | c->k21[(x ) & 255]; -} - -void -Gost2814789_encrypt(const unsigned char *in, unsigned char *out, - const GOST2814789_KEY *key) -{ - unsigned int n1, n2; /* As named in the GOST */ - - c2l(in, n1); - c2l(in, n2); - - /* Instead of swapping halves, swap names each round */ - n2 ^= f(key, n1 + key->key[0]); n1 ^= f(key, n2 + key->key[1]); - n2 ^= f(key, n1 + key->key[2]); n1 ^= f(key, n2 + key->key[3]); - n2 ^= f(key, n1 + key->key[4]); n1 ^= f(key, n2 + key->key[5]); - n2 ^= f(key, n1 + key->key[6]); n1 ^= f(key, n2 + key->key[7]); - - n2 ^= f(key, n1 + key->key[0]); n1 ^= f(key, n2 + key->key[1]); - n2 ^= f(key, n1 + key->key[2]); n1 ^= f(key, n2 + key->key[3]); - n2 ^= f(key, n1 + key->key[4]); n1 ^= f(key, n2 + key->key[5]); - n2 ^= f(key, n1 + key->key[6]); n1 ^= f(key, n2 + key->key[7]); - - n2 ^= f(key, n1 + key->key[0]); n1 ^= f(key, n2 + key->key[1]); - n2 ^= f(key, n1 + key->key[2]); n1 ^= f(key, n2 + key->key[3]); - n2 ^= f(key, n1 + key->key[4]); n1 ^= f(key, n2 + key->key[5]); - n2 ^= f(key, n1 + key->key[6]); n1 ^= f(key, n2 + key->key[7]); - - n2 ^= f(key, n1 + key->key[7]); n1 ^= f(key, n2 + key->key[6]); - n2 ^= f(key, n1 + key->key[5]); n1 ^= f(key, n2 + key->key[4]); - n2 ^= f(key, n1 + key->key[3]); n1 ^= f(key, n2 + key->key[2]); - n2 ^= f(key, n1 + key->key[1]); n1 ^= f(key, n2 + key->key[0]); - - l2c(n2, out); - l2c(n1, out); -} - -void -Gost2814789_decrypt(const unsigned char *in, unsigned char *out, - const GOST2814789_KEY *key) -{ - unsigned int n1, n2; /* As named in the GOST */ - - c2l(in, n1); - c2l(in, n2); - - /* Instead of swapping halves, swap names each round */ - n2 ^= f(key, n1 + key->key[0]); n1 ^= f(key, n2 + key->key[1]); - n2 ^= f(key, n1 + key->key[2]); n1 ^= f(key, n2 + key->key[3]); - n2 ^= f(key, n1 + key->key[4]); n1 ^= f(key, n2 + key->key[5]); - n2 ^= f(key, n1 + key->key[6]); n1 ^= f(key, n2 + key->key[7]); - - n2 ^= f(key, n1 + key->key[7]); n1 ^= f(key, n2 + key->key[6]); - n2 ^= f(key, n1 + key->key[5]); n1 ^= f(key, n2 + key->key[4]); - n2 ^= f(key, n1 + key->key[3]); n1 ^= f(key, n2 + key->key[2]); - n2 ^= f(key, n1 + key->key[1]); n1 ^= f(key, n2 + key->key[0]); - - n2 ^= f(key, n1 + key->key[7]); n1 ^= f(key, n2 + key->key[6]); - n2 ^= f(key, n1 + key->key[5]); n1 ^= f(key, n2 + key->key[4]); - n2 ^= f(key, n1 + key->key[3]); n1 ^= f(key, n2 + key->key[2]); - n2 ^= f(key, n1 + key->key[1]); n1 ^= f(key, n2 + key->key[0]); - - n2 ^= f(key, n1 + key->key[7]); n1 ^= f(key, n2 + key->key[6]); - n2 ^= f(key, n1 + key->key[5]); n1 ^= f(key, n2 + key->key[4]); - n2 ^= f(key, n1 + key->key[3]); n1 ^= f(key, n2 + key->key[2]); - n2 ^= f(key, n1 + key->key[1]); n1 ^= f(key, n2 + key->key[0]); - - l2c(n2, out); - l2c(n1, out); -} - -static void -Gost2814789_mac(const unsigned char *in, unsigned char *mac, - GOST2814789_KEY *key) -{ - unsigned int n1, n2; /* As named in the GOST */ - unsigned char *p; - int i; - - for (i = 0; i < 8; i++) - mac[i] ^= in[i]; - - p = mac; - c2l(p, n1); - c2l(p, n2); - - /* Instead of swapping halves, swap names each round */ - n2 ^= f(key, n1 + key->key[0]); n1 ^= f(key, n2 + key->key[1]); - n2 ^= f(key, n1 + key->key[2]); n1 ^= f(key, n2 + key->key[3]); - n2 ^= f(key, n1 + key->key[4]); n1 ^= f(key, n2 + key->key[5]); - n2 ^= f(key, n1 + key->key[6]); n1 ^= f(key, n2 + key->key[7]); - - n2 ^= f(key, n1 + key->key[0]); n1 ^= f(key, n2 + key->key[1]); - n2 ^= f(key, n1 + key->key[2]); n1 ^= f(key, n2 + key->key[3]); - n2 ^= f(key, n1 + key->key[4]); n1 ^= f(key, n2 + key->key[5]); - n2 ^= f(key, n1 + key->key[6]); n1 ^= f(key, n2 + key->key[7]); - - p = mac; - l2c(n1, p); - l2c(n2, p); -} - -void -Gost2814789_ecb_encrypt(const unsigned char *in, unsigned char *out, - GOST2814789_KEY *key, const int enc) -{ - if (key->key_meshing && key->count == 1024) { - Gost2814789_cryptopro_key_mesh(key); - key->count = 0; - } - - if (enc) - Gost2814789_encrypt(in, out, key); - else - Gost2814789_decrypt(in, out, key); -} -LCRYPTO_ALIAS(Gost2814789_ecb_encrypt); - -static inline void -Gost2814789_encrypt_mesh(unsigned char *iv, GOST2814789_KEY *key) -{ - if (key->key_meshing && key->count == 1024) { - Gost2814789_cryptopro_key_mesh(key); - Gost2814789_encrypt(iv, iv, key); - key->count = 0; - } - Gost2814789_encrypt(iv, iv, key); - key->count += 8; -} - -static inline void -Gost2814789_mac_mesh(const unsigned char *data, unsigned char *mac, - GOST2814789_KEY *key) -{ - if (key->key_meshing && key->count == 1024) { - Gost2814789_cryptopro_key_mesh(key); - key->count = 0; - } - Gost2814789_mac(data, mac, key); - key->count += 8; -} - -void -Gost2814789_cfb64_encrypt(const unsigned char *in, unsigned char *out, - size_t len, GOST2814789_KEY *key, unsigned char *ivec, int *num, - const int enc) -{ - unsigned int n; - size_t l = 0; - - n = *num; - - if (enc) { -#if !defined(OPENSSL_SMALL_FOOTPRINT) - if (8 % sizeof(size_t) == 0) do { /* always true actually */ - while (n && len) { - *(out++) = ivec[n] ^= *(in++); - --len; - n = (n + 1) % 8; - } -#ifdef __STRICT_ALIGNMENT - if (((size_t)in | (size_t)out | (size_t)ivec) % - sizeof(size_t) != 0) - break; -#endif - while (len >= 8) { - Gost2814789_encrypt_mesh(ivec, key); - for (; n < 8; n += sizeof(size_t)) { - *(size_t*)(out + n) = - *(size_t*)(ivec + n) ^= - *(size_t*)(in + n); - } - len -= 8; - out += 8; - in += 8; - n = 0; - } - if (len) { - Gost2814789_encrypt_mesh(ivec, key); - while (len--) { - out[n] = ivec[n] ^= in[n]; - ++n; - } - } - *num = n; - return; - } while (0); - /* the rest would be commonly eliminated by x86* compiler */ -#endif - while (l= 8) { - Gost2814789_encrypt_mesh(ivec, key); - for (; n < 8; n += sizeof(size_t)) { - size_t t = *(size_t*)(in + n); - *(size_t*)(out + n) = - *(size_t*)(ivec + n) ^ t; - *(size_t*)(ivec + n) = t; - } - len -= 8; - out += 8; - in += 8; - n = 0; - } - if (len) { - Gost2814789_encrypt_mesh(ivec, key); - while (len--) { - unsigned char c; - - out[n] = ivec[n] ^ (c = in[n]); - ivec[n] = c; - ++n; - } - } - *num = n; - return; - } while (0); - /* the rest would be commonly eliminated by x86* compiler */ -#endif - while (l < len) { - unsigned char c; - - if (n == 0) { - Gost2814789_encrypt_mesh(ivec, key); - } - out[l] = ivec[n] ^ (c = in[l]); ivec[n] = c; - ++l; - n = (n + 1) % 8; - } - *num = n; - } -} -LCRYPTO_ALIAS(Gost2814789_cfb64_encrypt); - -static inline void -Gost2814789_cnt_next(unsigned char *ivec, unsigned char *out, - GOST2814789_KEY *key) -{ - unsigned char *p = ivec, *p2 = ivec; - unsigned int val, val2; - - if (key->count == 0) - Gost2814789_encrypt(ivec, ivec, key); - - if (key->key_meshing && key->count == 1024) { - Gost2814789_cryptopro_key_mesh(key); - Gost2814789_encrypt(ivec, ivec, key); - key->count = 0; - } - - c2l(p, val); - val2 = val + 0x01010101; - l2c(val2, p2); - - c2l(p, val); - val2 = val + 0x01010104; - if (val > val2) /* overflow */ - val2++; - l2c(val2, p2); - - Gost2814789_encrypt(ivec, out, key); - key->count += 8; -} - -void -Gost2814789_cnt_encrypt(const unsigned char *in, unsigned char *out, size_t len, - GOST2814789_KEY *key, unsigned char *ivec, unsigned char *cnt_buf, int *num) -{ - unsigned int n; - size_t l = 0; - - n = *num; - -#if !defined(OPENSSL_SMALL_FOOTPRINT) - if (8 % sizeof(size_t) == 0) do { /* always true actually */ - while (n && len) { - *(out++) = *(in++) ^ cnt_buf[n]; - --len; - n = (n + 1) % 8; - } - -#ifdef __STRICT_ALIGNMENT - if (((size_t)in | (size_t)out | (size_t)ivec) % - sizeof(size_t) != 0) - break; -#endif - while (len >= 8) { - Gost2814789_cnt_next(ivec, cnt_buf, key); - for (; n < 8; n += sizeof(size_t)) - *(size_t *)(out + n) = *(size_t *)(in + n) ^ - *(size_t *)(cnt_buf + n); - len -= 8; - out += 8; - in += 8; - n = 0; - } - if (len) { - Gost2814789_cnt_next(ivec, cnt_buf, key); - while (len--) { - out[n] = in[n] ^ cnt_buf[n]; - ++n; - } - } - *num = n; - return; - } while(0); - /* the rest would be commonly eliminated by x86* compiler */ -#endif - while (l < len) { - if (n==0) - Gost2814789_cnt_next(ivec, cnt_buf, key); - out[l] = in[l] ^ cnt_buf[n]; - ++l; - n = (n + 1) % 8; - } - - *num=n; -} -LCRYPTO_ALIAS(Gost2814789_cnt_encrypt); - -int -GOST2814789IMIT_Init(GOST2814789IMIT_CTX *c, int nid) -{ - c->Nl = c->Nh = c->num = 0; - memset(c->mac, 0, 8); - return Gost2814789_set_sbox(&c->cipher, nid); -} -LCRYPTO_ALIAS(GOST2814789IMIT_Init); - -static void -GOST2814789IMIT_block_data_order(GOST2814789IMIT_CTX *ctx, - const unsigned char *p, size_t num) -{ - int i; - - for (i = 0; i < num; i++) { - Gost2814789_mac_mesh(p, ctx->mac, &ctx->cipher); - p += 8; - } -} - -#define DATA_ORDER_IS_LITTLE_ENDIAN - -#define HASH_CBLOCK GOST2814789IMIT_CBLOCK -#define HASH_LONG GOST2814789IMIT_LONG -#define HASH_CTX GOST2814789IMIT_CTX -#define HASH_UPDATE GOST2814789IMIT_Update -#define HASH_TRANSFORM GOST2814789IMIT_Transform -#define HASH_NO_FINAL 1 -#define HASH_BLOCK_DATA_ORDER GOST2814789IMIT_block_data_order - -#include "md32_common.h" -LCRYPTO_ALIAS(GOST2814789IMIT_Update); -LCRYPTO_ALIAS(GOST2814789IMIT_Transform); - -int -GOST2814789IMIT_Final(unsigned char *md, GOST2814789IMIT_CTX *c) -{ - if (c->num) { - memset(c->data + c->num, 0, 8 - c->num); - Gost2814789_mac_mesh(c->data, c->mac, &c->cipher); - } - if (c->Nl <= 8 * 8 && c->Nl > 0 && c->Nh == 0) { - memset(c->data, 0, 8); - Gost2814789_mac_mesh(c->data, c->mac, &c->cipher); - } - memcpy(md, c->mac, 4); - return 1; -} -LCRYPTO_ALIAS(GOST2814789IMIT_Final); - -unsigned char * -GOST2814789IMIT(const unsigned char *d, size_t n, unsigned char *md, int nid, - const unsigned char *key, const unsigned char *iv) -{ - GOST2814789IMIT_CTX c; - static unsigned char m[GOST2814789IMIT_LENGTH]; - - if (md == NULL) - md = m; - GOST2814789IMIT_Init(&c, nid); - memcpy(c.mac, iv, 8); - Gost2814789_set_key(&c.cipher, key, 256); - GOST2814789IMIT_Update(&c, d, n); - GOST2814789IMIT_Final(md, &c); - explicit_bzero(&c, sizeof(c)); - return (md); -} -LCRYPTO_ALIAS(GOST2814789IMIT); - -#endif diff --git a/lib/libcrypto/gost/gost89_keywrap.c b/lib/libcrypto/gost/gost89_keywrap.c deleted file mode 100644 index 9bfc5b4ce..000000000 --- a/lib/libcrypto/gost/gost89_keywrap.c +++ /dev/null @@ -1,138 +0,0 @@ -/* $OpenBSD: gost89_keywrap.c,v 1.4 2022/11/26 16:08:53 tb Exp $ */ -/* - * Copyright (c) 2014 Dmitry Eremin-Solenikov - * Copyright (c) 2005-2006 Cryptocom LTD - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include - -#include - -#ifndef OPENSSL_NO_GOST - -#include - -#include "gost_local.h" - -static void -key_diversify_crypto_pro(GOST2814789_KEY *ctx, const unsigned char *inputKey, - const unsigned char *ukm, unsigned char *outputKey) -{ - unsigned long k, s1, s2; - int i, mask; - unsigned char S[8]; - unsigned char *p; - - memcpy(outputKey, inputKey, 32); - for (i = 0; i < 8; i++) { - /* Make array of integers from key */ - /* Compute IV S */ - s1 = 0, s2 = 0; - p = outputKey; - for (mask = 1; mask < 256; mask <<= 1) { - c2l(p, k); - if (mask & ukm[i]) { - s1 += k; - } else { - s2 += k; - } - } - p = S; - l2c (s1, p); - l2c (s2, p); - Gost2814789_set_key(ctx, outputKey, 256); - mask = 0; - Gost2814789_cfb64_encrypt(outputKey, outputKey, 32, ctx, S, - &mask, 1); - } -} - -int -gost_key_wrap_crypto_pro(int nid, const unsigned char *keyExchangeKey, - const unsigned char *ukm, const unsigned char *sessionKey, - unsigned char *wrappedKey) -{ - GOST2814789_KEY ctx; - unsigned char kek_ukm[32]; - - Gost2814789_set_sbox(&ctx, nid); - key_diversify_crypto_pro(&ctx, keyExchangeKey, ukm, kek_ukm); - Gost2814789_set_key(&ctx, kek_ukm, 256); - memcpy(wrappedKey, ukm, 8); - Gost2814789_encrypt(sessionKey + 0, wrappedKey + 8 + 0, &ctx); - Gost2814789_encrypt(sessionKey + 8, wrappedKey + 8 + 8, &ctx); - Gost2814789_encrypt(sessionKey + 16, wrappedKey + 8 + 16, &ctx); - Gost2814789_encrypt(sessionKey + 24, wrappedKey + 8 + 24, &ctx); - GOST2814789IMIT(sessionKey, 32, wrappedKey + 40, nid, kek_ukm, ukm); - return 1; -} - -int -gost_key_unwrap_crypto_pro(int nid, const unsigned char *keyExchangeKey, - const unsigned char *wrappedKey, unsigned char *sessionKey) -{ - unsigned char kek_ukm[32], cek_mac[4]; - GOST2814789_KEY ctx; - - Gost2814789_set_sbox(&ctx, nid); - /* First 8 bytes of wrapped Key is ukm */ - key_diversify_crypto_pro(&ctx, keyExchangeKey, wrappedKey, kek_ukm); - Gost2814789_set_key(&ctx, kek_ukm, 256); - Gost2814789_decrypt(wrappedKey + 8 + 0, sessionKey + 0, &ctx); - Gost2814789_decrypt(wrappedKey + 8 + 8, sessionKey + 8, &ctx); - Gost2814789_decrypt(wrappedKey + 8 + 16, sessionKey + 16, &ctx); - Gost2814789_decrypt(wrappedKey + 8 + 24, sessionKey + 24, &ctx); - - GOST2814789IMIT(sessionKey, 32, cek_mac, nid, kek_ukm, wrappedKey); - if (memcmp(cek_mac, wrappedKey + 40, 4)) - return 0; - - return 1; -} - -#endif diff --git a/lib/libcrypto/gost/gost89_params.c b/lib/libcrypto/gost/gost89_params.c deleted file mode 100644 index ef9c9cde6..000000000 --- a/lib/libcrypto/gost/gost89_params.c +++ /dev/null @@ -1,246 +0,0 @@ -/* $OpenBSD: gost89_params.c,v 1.4 2023/07/08 14:30:44 beck Exp $ */ -/* - * Copyright (c) 2014 Dmitry Eremin-Solenikov - * Copyright (c) 2005-2006 Cryptocom LTD - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include - -#include - -#ifndef OPENSSL_NO_GOST -#include -#include - -#include "gost_local.h" - -/* Substitution blocks from test examples for GOST R 34.11-94*/ -static const gost_subst_block GostR3411_94_TestParamSet = { - {0x1,0xF,0xD,0x0,0x5,0x7,0xA,0x4,0x9,0x2,0x3,0xE,0x6,0xB,0x8,0xC}, - {0xD,0xB,0x4,0x1,0x3,0xF,0x5,0x9,0x0,0xA,0xE,0x7,0x6,0x8,0x2,0xC}, - {0x4,0xB,0xA,0x0,0x7,0x2,0x1,0xD,0x3,0x6,0x8,0x5,0x9,0xC,0xF,0xE}, - {0x6,0xC,0x7,0x1,0x5,0xF,0xD,0x8,0x4,0xA,0x9,0xE,0x0,0x3,0xB,0x2}, - {0x7,0xD,0xA,0x1,0x0,0x8,0x9,0xF,0xE,0x4,0x6,0xC,0xB,0x2,0x5,0x3}, - {0x5,0x8,0x1,0xD,0xA,0x3,0x4,0x2,0xE,0xF,0xC,0x7,0x6,0x0,0x9,0xB}, - {0xE,0xB,0x4,0xC,0x6,0xD,0xF,0xA,0x2,0x3,0x8,0x1,0x0,0x7,0x5,0x9}, - {0x4,0xA,0x9,0x2,0xD,0x8,0x0,0xE,0x6,0xB,0x1,0xC,0x7,0xF,0x5,0x3} -}; - -/* Substitution blocks for hash function 1.2.643.2.9.1.6.1 */ -static const gost_subst_block GostR3411_94_CryptoProParamSet = { - {0x1,0x3,0xA,0x9,0x5,0xB,0x4,0xF,0x8,0x6,0x7,0xE,0xD,0x0,0x2,0xC}, - {0xD,0xE,0x4,0x1,0x7,0x0,0x5,0xA,0x3,0xC,0x8,0xF,0x6,0x2,0x9,0xB}, - {0x7,0x6,0x2,0x4,0xD,0x9,0xF,0x0,0xA,0x1,0x5,0xB,0x8,0xE,0xC,0x3}, - {0x7,0x6,0x4,0xB,0x9,0xC,0x2,0xA,0x1,0x8,0x0,0xE,0xF,0xD,0x3,0x5}, - {0x4,0xA,0x7,0xC,0x0,0xF,0x2,0x8,0xE,0x1,0x6,0x5,0xD,0xB,0x9,0x3}, - {0x7,0xF,0xC,0xE,0x9,0x4,0x1,0x0,0x3,0xB,0x5,0x2,0x6,0xA,0x8,0xD}, - {0x5,0xF,0x4,0x0,0x2,0xD,0xB,0x9,0x1,0x7,0x6,0x3,0xC,0xE,0xA,0x8}, - {0xA,0x4,0x5,0x6,0x8,0x1,0x3,0x7,0xD,0xC,0xE,0x0,0x9,0x2,0xB,0xF} -}; - -/* Test paramset from GOST 28147 */ -gost_subst_block Gost28147_TestParamSet = { - {0xC,0x6,0x5,0x2,0xB,0x0,0x9,0xD,0x3,0xE,0x7,0xA,0xF,0x4,0x1,0x8}, - {0x9,0xB,0xC,0x0,0x3,0x6,0x7,0x5,0x4,0x8,0xE,0xF,0x1,0xA,0x2,0xD}, - {0x8,0xF,0x6,0xB,0x1,0x9,0xC,0x5,0xD,0x3,0x7,0xA,0x0,0xE,0x2,0x4}, - {0x3,0xE,0x5,0x9,0x6,0x8,0x0,0xD,0xA,0xB,0x7,0xC,0x2,0x1,0xF,0x4}, - {0xE,0x9,0xB,0x2,0x5,0xF,0x7,0x1,0x0,0xD,0xC,0x6,0xA,0x4,0x3,0x8}, - {0xD,0x8,0xE,0xC,0x7,0x3,0x9,0xA,0x1,0x5,0x2,0x4,0x6,0xF,0x0,0xB}, - {0xC,0x9,0xF,0xE,0x8,0x1,0x3,0xA,0x2,0x7,0x4,0xD,0x6,0x0,0xB,0x5}, - {0x4,0x2,0xF,0x5,0x9,0x1,0x0,0x8,0xE,0x3,0xB,0xC,0xD,0x7,0xA,0x6} -}; - - -/* 1.2.643.2.2.31.1 */ -static const gost_subst_block Gost28147_CryptoProParamSetA = { - {0xB,0xA,0xF,0x5,0x0,0xC,0xE,0x8,0x6,0x2,0x3,0x9,0x1,0x7,0xD,0x4}, - {0x1,0xD,0x2,0x9,0x7,0xA,0x6,0x0,0x8,0xC,0x4,0x5,0xF,0x3,0xB,0xE}, - {0x3,0xA,0xD,0xC,0x1,0x2,0x0,0xB,0x7,0x5,0x9,0x4,0x8,0xF,0xE,0x6}, - {0xB,0x5,0x1,0x9,0x8,0xD,0xF,0x0,0xE,0x4,0x2,0x3,0xC,0x7,0xA,0x6}, - {0xE,0x7,0xA,0xC,0xD,0x1,0x3,0x9,0x0,0x2,0xB,0x4,0xF,0x8,0x5,0x6}, - {0xE,0x4,0x6,0x2,0xB,0x3,0xD,0x8,0xC,0xF,0x5,0xA,0x0,0x7,0x1,0x9}, - {0x3,0x7,0xE,0x9,0x8,0xA,0xF,0x0,0x5,0x2,0x6,0xC,0xB,0x4,0xD,0x1}, - {0x9,0x6,0x3,0x2,0x8,0xB,0x1,0x7,0xA,0x4,0xE,0xF,0xC,0x0,0xD,0x5} -}; - -/* 1.2.643.2.2.31.2 */ -static const gost_subst_block Gost28147_CryptoProParamSetB = { - {0x0,0x4,0xB,0xE,0x8,0x3,0x7,0x1,0xA,0x2,0x9,0x6,0xF,0xD,0x5,0xC}, - {0x5,0x2,0xA,0xB,0x9,0x1,0xC,0x3,0x7,0x4,0xD,0x0,0x6,0xF,0x8,0xE}, - {0x8,0x3,0x2,0x6,0x4,0xD,0xE,0xB,0xC,0x1,0x7,0xF,0xA,0x0,0x9,0x5}, - {0x2,0x7,0xC,0xF,0x9,0x5,0xA,0xB,0x1,0x4,0x0,0xD,0x6,0x8,0xE,0x3}, - {0x7,0x5,0x0,0xD,0xB,0x6,0x1,0x2,0x3,0xA,0xC,0xF,0x4,0xE,0x9,0x8}, - {0xE,0xC,0x0,0xA,0x9,0x2,0xD,0xB,0x7,0x5,0x8,0xF,0x3,0x6,0x1,0x4}, - {0x0,0x1,0x2,0xA,0x4,0xD,0x5,0xC,0x9,0x7,0x3,0xF,0xB,0x8,0x6,0xE}, - {0x8,0x4,0xB,0x1,0x3,0x5,0x0,0x9,0x2,0xE,0xA,0xC,0xD,0x6,0x7,0xF} -}; - -/* 1.2.643.2.2.31.3 */ -static const gost_subst_block Gost28147_CryptoProParamSetC = { - {0x7,0x4,0x0,0x5,0xA,0x2,0xF,0xE,0xC,0x6,0x1,0xB,0xD,0x9,0x3,0x8}, - {0xA,0x9,0x6,0x8,0xD,0xE,0x2,0x0,0xF,0x3,0x5,0xB,0x4,0x1,0xC,0x7}, - {0xC,0x9,0xB,0x1,0x8,0xE,0x2,0x4,0x7,0x3,0x6,0x5,0xA,0x0,0xF,0xD}, - {0x8,0xD,0xB,0x0,0x4,0x5,0x1,0x2,0x9,0x3,0xC,0xE,0x6,0xF,0xA,0x7}, - {0x3,0x6,0x0,0x1,0x5,0xD,0xA,0x8,0xB,0x2,0x9,0x7,0xE,0xF,0xC,0x4}, - {0x8,0x2,0x5,0x0,0x4,0x9,0xF,0xA,0x3,0x7,0xC,0xD,0x6,0xE,0x1,0xB}, - {0x0,0x1,0x7,0xD,0xB,0x4,0x5,0x2,0x8,0xE,0xF,0xC,0x9,0xA,0x6,0x3}, - {0x1,0xB,0xC,0x2,0x9,0xD,0x0,0xF,0x4,0x5,0x8,0xE,0xA,0x7,0x6,0x3} -}; - -/* 1.2.643.2.2.31.4 */ -static const gost_subst_block Gost28147_CryptoProParamSetD = { - {0x1,0xA,0x6,0x8,0xF,0xB,0x0,0x4,0xC,0x3,0x5,0x9,0x7,0xD,0x2,0xE}, - {0x3,0x0,0x6,0xF,0x1,0xE,0x9,0x2,0xD,0x8,0xC,0x4,0xB,0xA,0x5,0x7}, - {0x8,0x0,0xF,0x3,0x2,0x5,0xE,0xB,0x1,0xA,0x4,0x7,0xC,0x9,0xD,0x6}, - {0x0,0xC,0x8,0x9,0xD,0x2,0xA,0xB,0x7,0x3,0x6,0x5,0x4,0xE,0xF,0x1}, - {0x1,0x5,0xE,0xC,0xA,0x7,0x0,0xD,0x6,0x2,0xB,0x4,0x9,0x3,0xF,0x8}, - {0x1,0xC,0xB,0x0,0xF,0xE,0x6,0x5,0xA,0xD,0x4,0x8,0x9,0x3,0x7,0x2}, - {0xB,0x6,0x3,0x4,0xC,0xF,0xE,0x2,0x7,0xD,0x8,0x0,0x5,0xA,0x9,0x1}, - {0xF,0xC,0x2,0xA,0x6,0x4,0x5,0x0,0x7,0x9,0xE,0xD,0x1,0xB,0x8,0x3} -}; - -static const gost_subst_block Gost28147_TC26ParamSetZ = { - {0x1,0x7,0xe,0xd,0x0,0x5,0x8,0x3,0x4,0xf,0xa,0x6,0x9,0xc,0xb,0x2}, - {0x8,0xe,0x2,0x5,0x6,0x9,0x1,0xc,0xf,0x4,0xb,0x0,0xd,0xa,0x3,0x7}, - {0x5,0xd,0xf,0x6,0x9,0x2,0xc,0xa,0xb,0x7,0x8,0x1,0x4,0x3,0xe,0x0}, - {0x7,0xf,0x5,0xa,0x8,0x1,0x6,0xd,0x0,0x9,0x3,0xe,0xb,0x4,0x2,0xc}, - {0xc,0x8,0x2,0x1,0xd,0x4,0xf,0x6,0x7,0x0,0xa,0x5,0x3,0xe,0x9,0xb}, - {0xb,0x3,0x5,0x8,0x2,0xf,0xa,0xd,0xe,0x1,0x7,0x4,0xc,0x9,0x6,0x0}, - {0x6,0x8,0x2,0x3,0x9,0xa,0x5,0xc,0x1,0xe,0x4,0x7,0xb,0xd,0x0,0xf}, - {0xc,0x4,0x6,0x2,0xa,0x5,0xb,0x9,0xe,0x8,0xd,0x7,0x0,0x3,0xf,0x1} -}; - -static const unsigned char CryptoProKeyMeshingKey[] = { - 0x69, 0x00, 0x72, 0x22, 0x64, 0xC9, 0x04, 0x23, - 0x8D, 0x3A, 0xDB, 0x96, 0x46, 0xE9, 0x2A, 0xC4, - 0x18, 0xFE, 0xAC, 0x94, 0x00, 0xED, 0x07, 0x12, - 0xC0, 0x86, 0xDC, 0xC2, 0xEF, 0x4C, 0xA9, 0x2B -}; - -static const struct gost89_parameters_info { - int nid; - const gost_subst_block *sblock; - int key_meshing; -} gost_cipher_list[] = -{ - {NID_id_Gost28147_89_CryptoPro_A_ParamSet,&Gost28147_CryptoProParamSetA,1}, - {NID_id_Gost28147_89_CryptoPro_B_ParamSet,&Gost28147_CryptoProParamSetB,1}, - {NID_id_Gost28147_89_CryptoPro_C_ParamSet,&Gost28147_CryptoProParamSetC,1}, - {NID_id_Gost28147_89_CryptoPro_D_ParamSet,&Gost28147_CryptoProParamSetD,1}, - {NID_id_tc26_gost_28147_param_Z,&Gost28147_TC26ParamSetZ,1}, - {NID_id_Gost28147_89_TestParamSet,&Gost28147_TestParamSet,0}, - {NID_id_GostR3411_94_TestParamSet,&GostR3411_94_TestParamSet,0}, - {NID_id_GostR3411_94_CryptoProParamSet,&GostR3411_94_CryptoProParamSet,0}, - {NID_undef,NULL,0} -}; - -int -Gost2814789_set_sbox(GOST2814789_KEY *key, int nid) -{ - int i; - const gost_subst_block *b = NULL; - unsigned int t; - - for (i = 0; gost_cipher_list[i].nid != NID_undef; i++) { - if (gost_cipher_list[i].nid != nid) - continue; - - b = gost_cipher_list[i].sblock; - key->key_meshing = gost_cipher_list[i].key_meshing; - break; - } - - if (b == NULL) - return 0; - - for (i = 0; i < 256; i++) { - t = (unsigned int)(b->k8[i >> 4] <<4 | b->k7 [i & 15]) << 24; - key->k87[i] = (t << 11) | (t >> 21); - t = (unsigned int)(b->k6[i >> 4] <<4 | b->k5 [i & 15]) << 16; - key->k65[i] = (t << 11) | (t >> 21); - t = (unsigned int)(b->k4[i >> 4] <<4 | b->k3 [i & 15]) << 8; - key->k43[i] = (t << 11) | (t >> 21); - t = (unsigned int)(b->k2[i >> 4] <<4 | b->k1 [i & 15]) << 0; - key->k21[i] = (t << 11) | (t >> 21); - } - - return 1; -} -LCRYPTO_ALIAS(Gost2814789_set_sbox); - -int -Gost2814789_set_key(GOST2814789_KEY *key, const unsigned char *userKey, - const int bits) -{ - int i; - - if (bits != 256) - return 0; - - for (i = 0; i < 8; i++) - c2l(userKey, key->key[i]); - - key->count = 0; - - return 1; -} -LCRYPTO_ALIAS(Gost2814789_set_key); - -void -Gost2814789_cryptopro_key_mesh(GOST2814789_KEY *key) -{ - unsigned char newkey[32]; - - Gost2814789_decrypt(CryptoProKeyMeshingKey + 0, newkey + 0, key); - Gost2814789_decrypt(CryptoProKeyMeshingKey + 8, newkey + 8, key); - Gost2814789_decrypt(CryptoProKeyMeshingKey + 16, newkey + 16, key); - Gost2814789_decrypt(CryptoProKeyMeshingKey + 24, newkey + 24, key); - - Gost2814789_set_key(key, newkey, 256); -} -#endif diff --git a/lib/libcrypto/gost/gost89imit_ameth.c b/lib/libcrypto/gost/gost89imit_ameth.c deleted file mode 100644 index 76e285b2d..000000000 --- a/lib/libcrypto/gost/gost89imit_ameth.c +++ /dev/null @@ -1,89 +0,0 @@ -/* $OpenBSD: gost89imit_ameth.c,v 1.5 2024/01/04 17:01:26 tb Exp $ */ -/* - * Copyright (c) 2014 Dmitry Eremin-Solenikov - * Copyright (c) 2005-2006 Cryptocom LTD - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include - -#ifndef OPENSSL_NO_GOST -#include - -#include "asn1_local.h" -#include "evp_local.h" - -static void -mackey_free_gost(EVP_PKEY *pk) -{ - free(pk->pkey.ptr); -} - -static int -mac_ctrl_gost(EVP_PKEY *pkey, int op, long arg1, void *arg2) -{ - switch (op) { - case ASN1_PKEY_CTRL_DEFAULT_MD_NID: - *(int *)arg2 = NID_id_Gost28147_89_MAC; - return 2; - } - return -2; -} - -const EVP_PKEY_ASN1_METHOD gostimit_asn1_meth = { - .base_method = &gostimit_asn1_meth, - .pkey_id = EVP_PKEY_GOSTIMIT, - .pkey_flags = ASN1_PKEY_SIGPARAM_NULL, - - .pem_str = "GOST-MAC", - .info = "GOST 28147-89 MAC", - - .pkey_free = mackey_free_gost, - .pkey_ctrl = mac_ctrl_gost, -}; - -#endif diff --git a/lib/libcrypto/gost/gost89imit_pmeth.c b/lib/libcrypto/gost/gost89imit_pmeth.c deleted file mode 100644 index 3caa58ac8..000000000 --- a/lib/libcrypto/gost/gost89imit_pmeth.c +++ /dev/null @@ -1,255 +0,0 @@ -/* $OpenBSD: gost89imit_pmeth.c,v 1.6 2023/12/28 21:47:17 tb Exp $ */ -/* - * Copyright (c) 2014 Dmitry Eremin-Solenikov - * Copyright (c) 2005-2006 Cryptocom LTD - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include - -#include - -#ifndef OPENSSL_NO_GOST -#include -#include -#include -#include /* For string_to_hex */ - -#include "evp_local.h" -#include "gost_local.h" - -struct gost_mac_pmeth_data { - EVP_MD *md; - unsigned char key[32]; - unsigned key_set :1; -}; - -static int -pkey_gost_mac_init(EVP_PKEY_CTX *ctx) -{ - struct gost_mac_pmeth_data *data; - - data = calloc(1, sizeof(struct gost_mac_pmeth_data)); - if (data == NULL) - return 0; - EVP_PKEY_CTX_set_data(ctx, data); - return 1; -} - -static void -pkey_gost_mac_cleanup(EVP_PKEY_CTX *ctx) -{ - struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); - free(data); -} - -static int -pkey_gost_mac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) -{ - struct gost_mac_pmeth_data *dst_data, *src_data; - - if (pkey_gost_mac_init(dst) == 0) - return 0; - - src_data = EVP_PKEY_CTX_get_data(src); - dst_data = EVP_PKEY_CTX_get_data(dst); - - *dst_data = *src_data; - - return 1; -} - -static int -pkey_gost_mac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); - unsigned char *keydata = NULL; - int ret = 0; - - if (!data->key_set) { - GOSTerror(GOST_R_MAC_KEY_NOT_SET); - goto err; - } - - if ((keydata = malloc(32)) == NULL) { - GOSTerror(ERR_R_MALLOC_FAILURE); - goto err; - } - memcpy(keydata, data->key, 32); - if (!EVP_PKEY_assign(pkey, NID_id_Gost28147_89_MAC, keydata)) - goto err; - keydata = NULL; - - ret = 1; - - err: - freezero(keydata, 32); - - return ret; -} - -static int -pkey_gost_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) -{ - struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); - - switch (type) { - case EVP_PKEY_CTRL_MD: - if (EVP_MD_type(p2) != NID_id_Gost28147_89_MAC) { - GOSTerror(GOST_R_INVALID_DIGEST_TYPE); - return 0; - } - data->md = p2; - return 1; - - case EVP_PKEY_CTRL_SET_MAC_KEY: - if (p1 != 32) { - GOSTerror(GOST_R_INVALID_MAC_KEY_LENGTH); - return 0; - } - - memcpy(data->key, p2, 32); - data->key_set = 1; - return 1; - - case EVP_PKEY_CTRL_DIGESTINIT: - { - EVP_MD_CTX *mctx = p2; - void *key; - - if (!data->key_set) { - EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx); - if (pkey == NULL) { - GOSTerror(GOST_R_MAC_KEY_NOT_SET); - return 0; - } - key = EVP_PKEY_get0(pkey); - if (key == NULL) { - GOSTerror(GOST_R_MAC_KEY_NOT_SET); - return 0; - } - } else { - key = &(data->key); - } - if (mctx->digest->md_ctrl == NULL) - return 0; - return mctx->digest->md_ctrl(mctx, EVP_MD_CTRL_SET_KEY, 32 * 8, - key); - } - - } - - return -2; -} - -static int -pkey_gost_mac_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value) -{ - if (value == NULL) - return 0; - if (strcmp(type, "key") == 0) { - void *p = (void *)value; - return pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, - strlen(value), p); - } - if (strcmp(type, "hexkey") == 0) { - unsigned char *key; - int r; - long keylen; - - key = string_to_hex(value, &keylen); - if (key == NULL) - return 0; - r = pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, - key); - free(key); - return r; - } - return -2; -} - -static int -pkey_gost_mac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) -{ - return 1; -} - -static int -pkey_gost_mac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - EVP_MD_CTX *mctx) -{ - /* for platforms where sizeof(int) != sizeof(size_t)*/ - unsigned int tmpsiglen = *siglen; - int ret; - - if (sig == NULL) { - *siglen = 4; - return 1; - } - - ret = EVP_DigestFinal_ex(mctx, sig, &tmpsiglen); - *siglen = tmpsiglen; - return ret; -} - -const EVP_PKEY_METHOD gostimit_pkey_meth = { - .pkey_id = EVP_PKEY_GOSTIMIT, - - .init = pkey_gost_mac_init, - .cleanup = pkey_gost_mac_cleanup, - .copy = pkey_gost_mac_copy, - - .keygen = pkey_gost_mac_keygen, - - .signctx_init = pkey_gost_mac_signctx_init, - .signctx = pkey_gost_mac_signctx, - - .ctrl = pkey_gost_mac_ctrl, - .ctrl_str = pkey_gost_mac_ctrl_str, -}; - -#endif diff --git a/lib/libcrypto/gost/gost_asn1.c b/lib/libcrypto/gost/gost_asn1.c deleted file mode 100644 index 28e3a58e5..000000000 --- a/lib/libcrypto/gost/gost_asn1.c +++ /dev/null @@ -1,299 +0,0 @@ -/********************************************************************** - * gost_keytrans.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * ASN1 structure definition for GOST key transport * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ - -#include - -#ifndef OPENSSL_NO_GOST -#include -#include -#include - -#include "gost_local.h" -#include "gost_asn1.h" - -static const ASN1_TEMPLATE GOST_KEY_TRANSPORT_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(GOST_KEY_TRANSPORT, key_info), - .field_name = "key_info", - .item = &GOST_KEY_INFO_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = 0, - .offset = offsetof(GOST_KEY_TRANSPORT, key_agreement_info), - .field_name = "key_agreement_info", - .item = &GOST_KEY_AGREEMENT_INFO_it, - }, -}; - -const ASN1_ITEM GOST_KEY_TRANSPORT_it = { - .itype = ASN1_ITYPE_NDEF_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = GOST_KEY_TRANSPORT_seq_tt, - .tcount = sizeof(GOST_KEY_TRANSPORT_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(GOST_KEY_TRANSPORT), - .sname = "GOST_KEY_TRANSPORT", -}; - -GOST_KEY_TRANSPORT * -d2i_GOST_KEY_TRANSPORT(GOST_KEY_TRANSPORT **a, const unsigned char **in, long len) -{ - return (GOST_KEY_TRANSPORT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &GOST_KEY_TRANSPORT_it); -} - -int -i2d_GOST_KEY_TRANSPORT(GOST_KEY_TRANSPORT *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &GOST_KEY_TRANSPORT_it); -} - -GOST_KEY_TRANSPORT * -GOST_KEY_TRANSPORT_new(void) -{ - return (GOST_KEY_TRANSPORT *)ASN1_item_new(&GOST_KEY_TRANSPORT_it); -} - -void -GOST_KEY_TRANSPORT_free(GOST_KEY_TRANSPORT *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &GOST_KEY_TRANSPORT_it); -} - -static const ASN1_TEMPLATE GOST_KEY_INFO_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(GOST_KEY_INFO, encrypted_key), - .field_name = "encrypted_key", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(GOST_KEY_INFO, imit), - .field_name = "imit", - .item = &ASN1_OCTET_STRING_it, - }, -}; - -const ASN1_ITEM GOST_KEY_INFO_it = { - .itype = ASN1_ITYPE_NDEF_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = GOST_KEY_INFO_seq_tt, - .tcount = sizeof(GOST_KEY_INFO_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(GOST_KEY_INFO), - .sname = "GOST_KEY_INFO", -}; - -GOST_KEY_INFO * -d2i_GOST_KEY_INFO(GOST_KEY_INFO **a, const unsigned char **in, long len) -{ - return (GOST_KEY_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &GOST_KEY_INFO_it); -} - -int -i2d_GOST_KEY_INFO(GOST_KEY_INFO *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &GOST_KEY_INFO_it); -} - -GOST_KEY_INFO * -GOST_KEY_INFO_new(void) -{ - return (GOST_KEY_INFO *)ASN1_item_new(&GOST_KEY_INFO_it); -} - -void -GOST_KEY_INFO_free(GOST_KEY_INFO *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &GOST_KEY_INFO_it); -} - -static const ASN1_TEMPLATE GOST_KEY_AGREEMENT_INFO_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(GOST_KEY_AGREEMENT_INFO, cipher), - .field_name = "cipher", - .item = &ASN1_OBJECT_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(GOST_KEY_AGREEMENT_INFO, ephem_key), - .field_name = "ephem_key", - .item = &X509_PUBKEY_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(GOST_KEY_AGREEMENT_INFO, eph_iv), - .field_name = "eph_iv", - .item = &ASN1_OCTET_STRING_it, - }, -}; - -const ASN1_ITEM GOST_KEY_AGREEMENT_INFO_it = { - .itype = ASN1_ITYPE_NDEF_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = GOST_KEY_AGREEMENT_INFO_seq_tt, - .tcount = sizeof(GOST_KEY_AGREEMENT_INFO_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(GOST_KEY_AGREEMENT_INFO), - .sname = "GOST_KEY_AGREEMENT_INFO", -}; - -GOST_KEY_AGREEMENT_INFO * -d2i_GOST_KEY_AGREEMENT_INFO(GOST_KEY_AGREEMENT_INFO **a, const unsigned char **in, long len) -{ - return (GOST_KEY_AGREEMENT_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &GOST_KEY_AGREEMENT_INFO_it); -} - -int -i2d_GOST_KEY_AGREEMENT_INFO(GOST_KEY_AGREEMENT_INFO *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &GOST_KEY_AGREEMENT_INFO_it); -} - -GOST_KEY_AGREEMENT_INFO * -GOST_KEY_AGREEMENT_INFO_new(void) -{ - return (GOST_KEY_AGREEMENT_INFO *)ASN1_item_new(&GOST_KEY_AGREEMENT_INFO_it); -} - -void -GOST_KEY_AGREEMENT_INFO_free(GOST_KEY_AGREEMENT_INFO *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &GOST_KEY_AGREEMENT_INFO_it); -} - - -static const ASN1_TEMPLATE GOST_KEY_PARAMS_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(GOST_KEY_PARAMS, key_params), - .field_name = "key_params", - .item = &ASN1_OBJECT_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(GOST_KEY_PARAMS, hash_params), - .field_name = "hash_params", - .item = &ASN1_OBJECT_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(GOST_KEY_PARAMS, cipher_params), - .field_name = "cipher_params", - .item = &ASN1_OBJECT_it, - }, -}; - -const ASN1_ITEM GOST_KEY_PARAMS_it = { - .itype = ASN1_ITYPE_NDEF_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = GOST_KEY_PARAMS_seq_tt, - .tcount = sizeof(GOST_KEY_PARAMS_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(GOST_KEY_PARAMS), - .sname = "GOST_KEY_PARAMS", -}; - -GOST_KEY_PARAMS * -d2i_GOST_KEY_PARAMS(GOST_KEY_PARAMS **a, const unsigned char **in, long len) -{ - return (GOST_KEY_PARAMS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &GOST_KEY_PARAMS_it); -} - -int -i2d_GOST_KEY_PARAMS(GOST_KEY_PARAMS *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &GOST_KEY_PARAMS_it); -} - -GOST_KEY_PARAMS * -GOST_KEY_PARAMS_new(void) -{ - return (GOST_KEY_PARAMS *)ASN1_item_new(&GOST_KEY_PARAMS_it); -} - -void -GOST_KEY_PARAMS_free(GOST_KEY_PARAMS *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &GOST_KEY_PARAMS_it); -} - -static const ASN1_TEMPLATE GOST_CIPHER_PARAMS_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(GOST_CIPHER_PARAMS, iv), - .field_name = "iv", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(GOST_CIPHER_PARAMS, enc_param_set), - .field_name = "enc_param_set", - .item = &ASN1_OBJECT_it, - }, -}; - -const ASN1_ITEM GOST_CIPHER_PARAMS_it = { - .itype = ASN1_ITYPE_NDEF_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = GOST_CIPHER_PARAMS_seq_tt, - .tcount = sizeof(GOST_CIPHER_PARAMS_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(GOST_CIPHER_PARAMS), - .sname = "GOST_CIPHER_PARAMS", -}; - -GOST_CIPHER_PARAMS * -d2i_GOST_CIPHER_PARAMS(GOST_CIPHER_PARAMS **a, const unsigned char **in, long len) -{ - return (GOST_CIPHER_PARAMS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &GOST_CIPHER_PARAMS_it); -} -LCRYPTO_ALIAS(d2i_GOST_CIPHER_PARAMS); - -int -i2d_GOST_CIPHER_PARAMS(GOST_CIPHER_PARAMS *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &GOST_CIPHER_PARAMS_it); -} -LCRYPTO_ALIAS(i2d_GOST_CIPHER_PARAMS); - -GOST_CIPHER_PARAMS * -GOST_CIPHER_PARAMS_new(void) -{ - return (GOST_CIPHER_PARAMS *)ASN1_item_new(&GOST_CIPHER_PARAMS_it); -} -LCRYPTO_ALIAS(GOST_CIPHER_PARAMS_new); - -void -GOST_CIPHER_PARAMS_free(GOST_CIPHER_PARAMS *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &GOST_CIPHER_PARAMS_it); -} -LCRYPTO_ALIAS(GOST_CIPHER_PARAMS_free); - -#endif diff --git a/lib/libcrypto/gost/gost_asn1.h b/lib/libcrypto/gost/gost_asn1.h deleted file mode 100644 index 7cabfc79c..000000000 --- a/lib/libcrypto/gost/gost_asn1.h +++ /dev/null @@ -1,107 +0,0 @@ -/* $OpenBSD: gost_asn1.h,v 1.3 2016/12/21 15:49:29 jsing Exp $ */ -/* - * Copyright (c) 2014 Dmitry Eremin-Solenikov - * Copyright (c) 2005-2006 Cryptocom LTD - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#ifndef HEADER_GOST_ASN1_H -#define HEADER_GOST_ASN1_H - -#include - -__BEGIN_HIDDEN_DECLS - -typedef struct { - ASN1_OCTET_STRING *encrypted_key; - ASN1_OCTET_STRING *imit; -} GOST_KEY_INFO; - -GOST_KEY_INFO *GOST_KEY_INFO_new(void); -void GOST_KEY_INFO_free(GOST_KEY_INFO *a); -GOST_KEY_INFO *d2i_GOST_KEY_INFO(GOST_KEY_INFO **a, const unsigned char **in, long len); -int i2d_GOST_KEY_INFO(GOST_KEY_INFO *a, unsigned char **out); -extern const ASN1_ITEM GOST_KEY_INFO_it; - -typedef struct { - ASN1_OBJECT *cipher; - X509_PUBKEY *ephem_key; - ASN1_OCTET_STRING *eph_iv; -} GOST_KEY_AGREEMENT_INFO; - -GOST_KEY_AGREEMENT_INFO *GOST_KEY_AGREEMENT_INFO_new(void); -void GOST_KEY_AGREEMENT_INFO_free(GOST_KEY_AGREEMENT_INFO *a); -GOST_KEY_AGREEMENT_INFO *d2i_GOST_KEY_AGREEMENT_INFO(GOST_KEY_AGREEMENT_INFO **a, const unsigned char **in, long len); -int i2d_GOST_KEY_AGREEMENT_INFO(GOST_KEY_AGREEMENT_INFO *a, unsigned char **out); -extern const ASN1_ITEM GOST_KEY_AGREEMENT_INFO_it; - -typedef struct { - GOST_KEY_INFO *key_info; - GOST_KEY_AGREEMENT_INFO *key_agreement_info; -} GOST_KEY_TRANSPORT; - -GOST_KEY_TRANSPORT *GOST_KEY_TRANSPORT_new(void); -void GOST_KEY_TRANSPORT_free(GOST_KEY_TRANSPORT *a); -GOST_KEY_TRANSPORT *d2i_GOST_KEY_TRANSPORT(GOST_KEY_TRANSPORT **a, const unsigned char **in, long len); -int i2d_GOST_KEY_TRANSPORT(GOST_KEY_TRANSPORT *a, unsigned char **out); -extern const ASN1_ITEM GOST_KEY_TRANSPORT_it; - -typedef struct { - ASN1_OBJECT *key_params; - ASN1_OBJECT *hash_params; - ASN1_OBJECT *cipher_params; -} GOST_KEY_PARAMS; - -GOST_KEY_PARAMS *GOST_KEY_PARAMS_new(void); -void GOST_KEY_PARAMS_free(GOST_KEY_PARAMS *a); -GOST_KEY_PARAMS *d2i_GOST_KEY_PARAMS(GOST_KEY_PARAMS **a, const unsigned char **in, long len); -int i2d_GOST_KEY_PARAMS(GOST_KEY_PARAMS *a, unsigned char **out); -extern const ASN1_ITEM GOST_KEY_PARAMS_it; - -__END_HIDDEN_DECLS - -#endif diff --git a/lib/libcrypto/gost/gostr341001.c b/lib/libcrypto/gost/gostr341001.c deleted file mode 100644 index 1c34626a4..000000000 --- a/lib/libcrypto/gost/gostr341001.c +++ /dev/null @@ -1,403 +0,0 @@ -/* $OpenBSD: gostr341001.c,v 1.12 2023/07/05 11:37:45 tb Exp $ */ -/* - * Copyright (c) 2014 Dmitry Eremin-Solenikov - * Copyright (c) 2005-2006 Cryptocom LTD - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include - -#include - -#ifndef OPENSSL_NO_GOST -#include -#include -#include - -#include "bn_local.h" -#include "ecdsa_local.h" -#include "gost_local.h" - -/* Convert little-endian byte array into bignum */ -BIGNUM * -GOST_le2bn(const unsigned char *buf, size_t len, BIGNUM *bn) -{ - unsigned char temp[64]; - int i; - - if (len > 64) - return NULL; - - for (i = 0; i < len; i++) { - temp[len - 1 - i] = buf[i]; - } - - return BN_bin2bn(temp, len, bn); -} - -int -GOST_bn2le(BIGNUM *bn, unsigned char *buf, int len) -{ - unsigned char temp[64]; - int i, bytes; - - bytes = BN_num_bytes(bn); - if (len > 64 || bytes > len) - return 0; - - BN_bn2bin(bn, temp); - - for (i = 0; i < bytes; i++) { - buf[bytes - 1 - i] = temp[i]; - } - - memset(buf + bytes, 0, len - bytes); - - return 1; -} - -int -gost2001_compute_public(GOST_KEY *ec) -{ - const EC_GROUP *group = GOST_KEY_get0_group(ec); - EC_POINT *pub_key = NULL; - const BIGNUM *priv_key = NULL; - BN_CTX *ctx = NULL; - int ok = 0; - - if (group == NULL) { - GOSTerror(GOST_R_KEY_IS_NOT_INITIALIZED); - return 0; - } - ctx = BN_CTX_new(); - if (ctx == NULL) { - GOSTerror(ERR_R_MALLOC_FAILURE); - return 0; - } - BN_CTX_start(ctx); - if ((priv_key = GOST_KEY_get0_private_key(ec)) == NULL) - goto err; - - pub_key = EC_POINT_new(group); - if (pub_key == NULL) - goto err; - if (EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx) == 0) - goto err; - if (GOST_KEY_set_public_key(ec, pub_key) == 0) - goto err; - ok = 1; - - if (ok == 0) { -err: - GOSTerror(ERR_R_EC_LIB); - } - EC_POINT_free(pub_key); - if (ctx != NULL) { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - return ok; -} - -ECDSA_SIG * -gost2001_do_sign(BIGNUM *md, GOST_KEY *eckey) -{ - ECDSA_SIG *newsig = NULL; - BIGNUM *order = NULL; - const EC_GROUP *group; - const BIGNUM *priv_key; - BIGNUM *r = NULL, *s = NULL, *X = NULL, *tmp = NULL, *tmp2 = NULL, *k = - NULL, *e = NULL; - EC_POINT *C = NULL; - BN_CTX *ctx = BN_CTX_new(); - int ok = 0; - - if (ctx == NULL) { - GOSTerror(ERR_R_MALLOC_FAILURE); - return NULL; - } - BN_CTX_start(ctx); - newsig = ECDSA_SIG_new(); - if (newsig == NULL) { - GOSTerror(ERR_R_MALLOC_FAILURE); - goto err; - } - s = newsig->s; - r = newsig->r; - group = GOST_KEY_get0_group(eckey); - if ((order = BN_CTX_get(ctx)) == NULL) - goto err; - if (EC_GROUP_get_order(group, order, ctx) == 0) - goto err; - priv_key = GOST_KEY_get0_private_key(eckey); - if ((e = BN_CTX_get(ctx)) == NULL) - goto err; - if (BN_mod_ct(e, md, order, ctx) == 0) - goto err; - if (BN_is_zero(e)) { - if (!BN_one(e)) - goto err; - } - if ((k = BN_CTX_get(ctx)) == NULL) - goto err; - if ((X = BN_CTX_get(ctx)) == NULL) - goto err; - if ((C = EC_POINT_new(group)) == NULL) - goto err; - do { - do { - if (!BN_rand_range(k, order)) { - GOSTerror(GOST_R_RANDOM_NUMBER_GENERATOR_FAILED); - goto err; - } - /* - * We do not want timing information to leak the length - * of k, so we compute G*k using an equivalent scalar - * of fixed bit-length. - */ - if (BN_add(k, k, order) == 0) - goto err; - if (BN_num_bits(k) <= BN_num_bits(order)) - if (BN_add(k, k, order) == 0) - goto err; - - if (EC_POINT_mul(group, C, k, NULL, NULL, ctx) == 0) { - GOSTerror(ERR_R_EC_LIB); - goto err; - } - if (EC_POINT_get_affine_coordinates(group, C, X, - NULL, ctx) == 0) { - GOSTerror(ERR_R_EC_LIB); - goto err; - } - if (BN_nnmod(r, X, order, ctx) == 0) - goto err; - } while (BN_is_zero(r)); - /* s = (r*priv_key+k*e) mod order */ - if (tmp == NULL) { - if ((tmp = BN_CTX_get(ctx)) == NULL) - goto err; - } - if (BN_mod_mul(tmp, priv_key, r, order, ctx) == 0) - goto err; - if (tmp2 == NULL) { - if ((tmp2 = BN_CTX_get(ctx)) == NULL) - goto err; - } - if (BN_mod_mul(tmp2, k, e, order, ctx) == 0) - goto err; - if (BN_mod_add(s, tmp, tmp2, order, ctx) == 0) - goto err; - } while (BN_is_zero(s)); - ok = 1; - -err: - EC_POINT_free(C); - if (ctx != NULL) { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - if (ok == 0) { - ECDSA_SIG_free(newsig); - newsig = NULL; - } - return newsig; -} - -int -gost2001_do_verify(BIGNUM *md, ECDSA_SIG *sig, GOST_KEY *ec) -{ - BN_CTX *ctx = BN_CTX_new(); - const EC_GROUP *group = GOST_KEY_get0_group(ec); - BIGNUM *order; - BIGNUM *e = NULL, *R = NULL, *v = NULL, *z1 = NULL, *z2 = NULL; - BIGNUM *X = NULL, *tmp = NULL; - EC_POINT *C = NULL; - const EC_POINT *pub_key = NULL; - int ok = 0; - - if (ctx == NULL) - goto err; - BN_CTX_start(ctx); - if ((order = BN_CTX_get(ctx)) == NULL) - goto err; - if ((e = BN_CTX_get(ctx)) == NULL) - goto err; - if ((z1 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((z2 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((tmp = BN_CTX_get(ctx)) == NULL) - goto err; - if ((X = BN_CTX_get(ctx)) == NULL) - goto err; - if ((R = BN_CTX_get(ctx)) == NULL) - goto err; - if ((v = BN_CTX_get(ctx)) == NULL) - goto err; - - if (EC_GROUP_get_order(group, order, ctx) == 0) - goto err; - pub_key = GOST_KEY_get0_public_key(ec); - if (BN_is_zero(sig->s) || BN_is_zero(sig->r) || - BN_cmp(sig->s, order) >= 1 || BN_cmp(sig->r, order) >= 1) { - GOSTerror(GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q); - goto err; - } - - if (BN_mod_ct(e, md, order, ctx) == 0) - goto err; - if (BN_is_zero(e)) { - if (!BN_one(e)) - goto err; - } - if ((v = BN_mod_inverse_ct(v, e, order, ctx)) == NULL) - goto err; - if (BN_mod_mul(z1, sig->s, v, order, ctx) == 0) - goto err; - if (BN_sub(tmp, order, sig->r) == 0) - goto err; - if (BN_mod_mul(z2, tmp, v, order, ctx) == 0) - goto err; - if ((C = EC_POINT_new(group)) == NULL) - goto err; - if (EC_POINT_mul(group, C, z1, pub_key, z2, ctx) == 0) { - GOSTerror(ERR_R_EC_LIB); - goto err; - } - if (EC_POINT_get_affine_coordinates(group, C, X, NULL, ctx) == 0) { - GOSTerror(ERR_R_EC_LIB); - goto err; - } - if (BN_mod_ct(R, X, order, ctx) == 0) - goto err; - if (BN_cmp(R, sig->r) != 0) { - GOSTerror(GOST_R_SIGNATURE_MISMATCH); - } else { - ok = 1; - } -err: - EC_POINT_free(C); - if (ctx != NULL) { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - return ok; -} - -/* Implementation of CryptoPro VKO 34.10-2001 algorithm */ -int -VKO_compute_key(BIGNUM *X, BIGNUM *Y, const GOST_KEY *pkey, GOST_KEY *priv_key, - const BIGNUM *ukm) -{ - BIGNUM *p = NULL, *order = NULL; - const BIGNUM *key = GOST_KEY_get0_private_key(priv_key); - const EC_GROUP *group = GOST_KEY_get0_group(priv_key); - const EC_POINT *pub_key = GOST_KEY_get0_public_key(pkey); - EC_POINT *pnt; - BN_CTX *ctx = NULL; - int ok = 0; - - pnt = EC_POINT_new(group); - if (pnt == NULL) - goto err; - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - BN_CTX_start(ctx); - if ((p = BN_CTX_get(ctx)) == NULL) - goto err; - if ((order = BN_CTX_get(ctx)) == NULL) - goto err; - if (EC_GROUP_get_order(group, order, ctx) == 0) - goto err; - if (BN_mod_mul(p, key, ukm, order, ctx) == 0) - goto err; - if (EC_POINT_mul(group, pnt, NULL, pub_key, p, ctx) == 0) - goto err; - if (EC_POINT_get_affine_coordinates(group, pnt, X, Y, ctx) == 0) - goto err; - ok = 1; - -err: - if (ctx != NULL) { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - EC_POINT_free(pnt); - return ok; -} - -int -gost2001_keygen(GOST_KEY *ec) -{ - BIGNUM *order = BN_new(), *d = BN_new(); - const EC_GROUP *group = GOST_KEY_get0_group(ec); - int rc = 0; - - if (order == NULL || d == NULL) - goto err; - if (EC_GROUP_get_order(group, order, NULL) == 0) - goto err; - - do { - if (BN_rand_range(d, order) == 0) { - GOSTerror(GOST_R_RANDOM_NUMBER_GENERATOR_FAILED); - goto err; - } - } while (BN_is_zero(d)); - - if (GOST_KEY_set_private_key(ec, d) == 0) - goto err; - rc = gost2001_compute_public(ec); - -err: - BN_free(d); - BN_free(order); - return rc; -} -#endif diff --git a/lib/libcrypto/gost/gostr341001_ameth.c b/lib/libcrypto/gost/gostr341001_ameth.c deleted file mode 100644 index e8e8c8aa8..000000000 --- a/lib/libcrypto/gost/gostr341001_ameth.c +++ /dev/null @@ -1,727 +0,0 @@ -/* $OpenBSD: gostr341001_ameth.c,v 1.24 2024/01/04 17:01:26 tb Exp $ */ -/* - * Copyright (c) 2014 Dmitry Eremin-Solenikov - * Copyright (c) 2005-2006 Cryptocom LTD - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include - -#include - -#ifndef OPENSSL_NO_GOST -#include -#include -#include -#include -#include -#include - - -#include "asn1_local.h" -#include "evp_local.h" -#include "gost_local.h" -#include "gost_asn1.h" - -static void -pkey_free_gost01(EVP_PKEY *key) -{ - GOST_KEY_free(key->pkey.gost); -} - -/* - * Parses GOST algorithm parameters from X509_ALGOR and - * modifies pkey setting NID and parameters - */ -static int -decode_gost01_algor_params(EVP_PKEY *pkey, const unsigned char **p, int len) -{ - int param_nid = NID_undef, digest_nid = NID_undef; - GOST_KEY_PARAMS *gkp = NULL; - EC_GROUP *group; - GOST_KEY *ec; - - gkp = d2i_GOST_KEY_PARAMS(NULL, p, len); - if (gkp == NULL) { - GOSTerror(GOST_R_BAD_PKEY_PARAMETERS_FORMAT); - return 0; - } - param_nid = OBJ_obj2nid(gkp->key_params); - digest_nid = OBJ_obj2nid(gkp->hash_params); - GOST_KEY_PARAMS_free(gkp); - - ec = pkey->pkey.gost; - if (ec == NULL) { - ec = GOST_KEY_new(); - if (ec == NULL) { - GOSTerror(ERR_R_MALLOC_FAILURE); - return 0; - } - if (EVP_PKEY_assign_GOST(pkey, ec) == 0) { - GOST_KEY_free(ec); - return 0; - } - } - - group = EC_GROUP_new_by_curve_name(param_nid); - if (group == NULL) { - GOSTerror(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE); - return 0; - } - EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); - if (GOST_KEY_set_group(ec, group) == 0) { - EC_GROUP_free(group); - return 0; - } - EC_GROUP_free(group); - if (GOST_KEY_set_digest(ec, digest_nid) == 0) - return 0; - return 1; -} - -static ASN1_STRING * -encode_gost01_algor_params(const EVP_PKEY *key) -{ - ASN1_STRING *params = ASN1_STRING_new(); - GOST_KEY_PARAMS *gkp = GOST_KEY_PARAMS_new(); - int pkey_param_nid = NID_undef; - - if (params == NULL || gkp == NULL) { - GOSTerror(ERR_R_MALLOC_FAILURE); - ASN1_STRING_free(params); - params = NULL; - goto err; - } - - pkey_param_nid = - EC_GROUP_get_curve_name(GOST_KEY_get0_group(key->pkey.gost)); - gkp->key_params = OBJ_nid2obj(pkey_param_nid); - gkp->hash_params = OBJ_nid2obj(GOST_KEY_get_digest(key->pkey.gost)); - /*gkp->cipher_params = OBJ_nid2obj(cipher_param_nid); */ - params->length = i2d_GOST_KEY_PARAMS(gkp, ¶ms->data); - if (params->length <= 0) { - GOSTerror(ERR_R_MALLOC_FAILURE); - ASN1_STRING_free(params); - params = NULL; - goto err; - } - params->type = V_ASN1_SEQUENCE; -err: - GOST_KEY_PARAMS_free(gkp); - return params; -} - -static int -pub_cmp_gost01(const EVP_PKEY *a, const EVP_PKEY *b) -{ - const GOST_KEY *ea = a->pkey.gost; - const GOST_KEY *eb = b->pkey.gost; - const EC_POINT *ka, *kb; - int ret = 0; - - if (ea == NULL || eb == NULL) - return 0; - ka = GOST_KEY_get0_public_key(ea); - kb = GOST_KEY_get0_public_key(eb); - if (ka == NULL || kb == NULL) - return 0; - ret = (0 == EC_POINT_cmp(GOST_KEY_get0_group(ea), ka, kb, NULL)); - return ret; -} - -static int -pkey_size_gost01(const EVP_PKEY *pk) -{ - if (GOST_KEY_get_digest(pk->pkey.gost) == NID_id_tc26_gost3411_2012_512) - return 128; - return 64; -} - -static int -pkey_bits_gost01(const EVP_PKEY *pk) -{ - if (GOST_KEY_get_digest(pk->pkey.gost) == NID_id_tc26_gost3411_2012_512) - return 512; - return 256; -} - -static int -pub_decode_gost01(EVP_PKEY *pk, X509_PUBKEY *pub) -{ - X509_ALGOR *palg = NULL; - const unsigned char *pubkey_buf = NULL; - const unsigned char *p; - ASN1_OBJECT *palgobj = NULL; - int pub_len; - BIGNUM *X, *Y; - ASN1_OCTET_STRING *octet = NULL; - int len; - int ret; - int ptype = V_ASN1_UNDEF; - ASN1_STRING *pval = NULL; - - if (X509_PUBKEY_get0_param(&palgobj, &pubkey_buf, &pub_len, &palg, pub) - == 0) - return 0; - /* Called for the side effect of freeing pk->pkey. */ - if (!EVP_PKEY_set_type(pk, EVP_PKEY_GOSTR01)) - return 0; - X509_ALGOR_get0(NULL, &ptype, (const void **)&pval, palg); - if (ptype != V_ASN1_SEQUENCE) { - GOSTerror(GOST_R_BAD_KEY_PARAMETERS_FORMAT); - return 0; - } - p = pval->data; - if (decode_gost01_algor_params(pk, &p, pval->length) == 0) { - GOSTerror(GOST_R_BAD_KEY_PARAMETERS_FORMAT); - return 0; - } - - octet = d2i_ASN1_OCTET_STRING(NULL, &pubkey_buf, pub_len); - if (octet == NULL) { - GOSTerror(ERR_R_MALLOC_FAILURE); - return 0; - } - len = octet->length / 2; - - X = GOST_le2bn(octet->data, len, NULL); - Y = GOST_le2bn(octet->data + len, len, NULL); - - ASN1_OCTET_STRING_free(octet); - - ret = GOST_KEY_set_public_key_affine_coordinates(pk->pkey.gost, X, Y); - if (ret == 0) - GOSTerror(ERR_R_EC_LIB); - - BN_free(X); - BN_free(Y); - - return ret; -} - -static int -pub_encode_gost01(X509_PUBKEY *pub, const EVP_PKEY *pk) -{ - ASN1_OBJECT *algobj = NULL; - ASN1_OCTET_STRING *octet = NULL; - ASN1_STRING *params = NULL; - void *pval = NULL; - unsigned char *buf = NULL, *sptr; - int key_size, ret = 0; - const EC_POINT *pub_key; - BIGNUM *X = NULL, *Y = NULL; - const GOST_KEY *ec = pk->pkey.gost; - int ptype = V_ASN1_UNDEF; - - algobj = OBJ_nid2obj(GostR3410_get_pk_digest(GOST_KEY_get_digest(ec))); - if (pk->save_parameters) { - params = encode_gost01_algor_params(pk); - if (params == NULL) - return 0; - pval = params; - ptype = V_ASN1_SEQUENCE; - } - - key_size = GOST_KEY_get_size(ec); - - pub_key = GOST_KEY_get0_public_key(ec); - if (pub_key == NULL) { - GOSTerror(GOST_R_PUBLIC_KEY_UNDEFINED); - goto err; - } - - octet = ASN1_OCTET_STRING_new(); - if (octet == NULL) { - GOSTerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - ret = ASN1_STRING_set(octet, NULL, 2 * key_size); - if (ret == 0) { - GOSTerror(ERR_R_INTERNAL_ERROR); - goto err; - } - - sptr = ASN1_STRING_data(octet); - - X = BN_new(); - Y = BN_new(); - if (X == NULL || Y == NULL) { - GOSTerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (EC_POINT_get_affine_coordinates(GOST_KEY_get0_group(ec), - pub_key, X, Y, NULL) == 0) { - GOSTerror(ERR_R_EC_LIB); - goto err; - } - - GOST_bn2le(X, sptr, key_size); - GOST_bn2le(Y, sptr + key_size, key_size); - - BN_free(Y); - BN_free(X); - - ret = i2d_ASN1_OCTET_STRING(octet, &buf); - ASN1_BIT_STRING_free(octet); - if (ret < 0) - return 0; - - return X509_PUBKEY_set0_param(pub, algobj, ptype, pval, buf, ret); - -err: - BN_free(Y); - BN_free(X); - ASN1_BIT_STRING_free(octet); - ASN1_STRING_free(params); - return 0; -} - -static int -param_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx) -{ - int param_nid = - EC_GROUP_get_curve_name(GOST_KEY_get0_group(pkey->pkey.gost)); - - if (BIO_indent(out, indent, 128) == 0) - return 0; - BIO_printf(out, "Parameter set: %s\n", OBJ_nid2ln(param_nid)); - if (BIO_indent(out, indent, 128) == 0) - return 0; - BIO_printf(out, "Digest Algorithm: %s\n", - OBJ_nid2ln(GOST_KEY_get_digest(pkey->pkey.gost))); - return 1; -} - -static int -pub_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx) -{ - BN_CTX *ctx = BN_CTX_new(); - BIGNUM *X, *Y; - const EC_POINT *pubkey; - const EC_GROUP *group; - - if (ctx == NULL) { - GOSTerror(ERR_R_MALLOC_FAILURE); - return 0; - } - BN_CTX_start(ctx); - if ((X = BN_CTX_get(ctx)) == NULL) - goto err; - if ((Y = BN_CTX_get(ctx)) == NULL) - goto err; - pubkey = GOST_KEY_get0_public_key(pkey->pkey.gost); - group = GOST_KEY_get0_group(pkey->pkey.gost); - if (EC_POINT_get_affine_coordinates(group, pubkey, X, Y, ctx) == 0) { - GOSTerror(ERR_R_EC_LIB); - goto err; - } - if (BIO_indent(out, indent, 128) == 0) - goto err; - BIO_printf(out, "Public key:\n"); - if (BIO_indent(out, indent + 3, 128) == 0) - goto err; - BIO_printf(out, "X:"); - BN_print(out, X); - BIO_printf(out, "\n"); - if (BIO_indent(out, indent + 3, 128) == 0) - goto err; - BIO_printf(out, "Y:"); - BN_print(out, Y); - BIO_printf(out, "\n"); - - BN_CTX_end(ctx); - BN_CTX_free(ctx); - - return param_print_gost01(out, pkey, indent, pctx); - -err: - BN_CTX_end(ctx); - BN_CTX_free(ctx); - return 0; -} - -static int -priv_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx) -{ - const BIGNUM *key; - - if (BIO_indent(out, indent, 128) == 0) - return 0; - BIO_printf(out, "Private key: "); - key = GOST_KEY_get0_private_key(pkey->pkey.gost); - if (key == NULL) - BIO_printf(out, "pkey. */ - if (!EVP_PKEY_set_type(pk, EVP_PKEY_GOSTR01)) - return 0; - X509_ALGOR_get0(NULL, &ptype, (const void **)&pval, palg); - if (ptype != V_ASN1_SEQUENCE) { - GOSTerror(GOST_R_BAD_KEY_PARAMETERS_FORMAT); - return 0; - } - p = pval->data; - if (decode_gost01_algor_params(pk, &p, pval->length) == 0) { - GOSTerror(GOST_R_BAD_KEY_PARAMETERS_FORMAT); - return 0; - } - p = pkey_buf; - if (V_ASN1_OCTET_STRING == *p) { - /* New format - Little endian octet string */ - ASN1_OCTET_STRING *s = - d2i_ASN1_OCTET_STRING(NULL, &p, priv_len); - - if (s == NULL) { - GOSTerror(EVP_R_DECODE_ERROR); - ASN1_STRING_free(s); - return 0; - } - - pk_num = GOST_le2bn(s->data, s->length, NULL); - ASN1_STRING_free(s); - } else { - priv_key = d2i_ASN1_INTEGER(NULL, &p, priv_len); - if (priv_key == NULL) - return 0; - ret = ((pk_num = ASN1_INTEGER_to_BN(priv_key, NULL)) != NULL); - ASN1_INTEGER_free(priv_key); - if (ret == 0) { - GOSTerror(EVP_R_DECODE_ERROR); - return 0; - } - } - - ec = pk->pkey.gost; - if (ec == NULL) { - ec = GOST_KEY_new(); - if (ec == NULL) { - BN_free(pk_num); - return 0; - } - if (EVP_PKEY_assign_GOST(pk, ec) == 0) { - BN_free(pk_num); - GOST_KEY_free(ec); - return 0; - } - } - if (GOST_KEY_set_private_key(ec, pk_num) == 0) { - BN_free(pk_num); - return 0; - } - ret = 0; - if (EVP_PKEY_missing_parameters(pk) == 0) - ret = gost2001_compute_public(ec) != 0; - BN_free(pk_num); - - return ret; -} - -static int -priv_encode_gost01(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk) -{ - ASN1_OBJECT *algobj = - OBJ_nid2obj(GostR3410_get_pk_digest(GOST_KEY_get_digest(pk->pkey.gost))); - ASN1_STRING *params = encode_gost01_algor_params(pk); - unsigned char *priv_buf = NULL; - int priv_len; - ASN1_INTEGER *asn1key = NULL; - - if (params == NULL) - return 0; - - asn1key = BN_to_ASN1_INTEGER(GOST_KEY_get0_private_key(pk->pkey.gost), - NULL); - if (asn1key == NULL) { - ASN1_STRING_free(params); - return 0; - } - priv_len = i2d_ASN1_INTEGER(asn1key, &priv_buf); - ASN1_INTEGER_free(asn1key); - return PKCS8_pkey_set0(p8, algobj, 0, V_ASN1_SEQUENCE, params, priv_buf, - priv_len); -} - -static int -param_encode_gost01(const EVP_PKEY *pkey, unsigned char **pder) -{ - ASN1_STRING *params = encode_gost01_algor_params(pkey); - int len; - - if (params == NULL) - return 0; - len = params->length; - if (pder != NULL) - memcpy(*pder, params->data, params->length); - ASN1_STRING_free(params); - return len; -} - -static int -param_decode_gost01(EVP_PKEY *pkey, const unsigned char **pder, int derlen) -{ - ASN1_OBJECT *obj = NULL; - int nid; - GOST_KEY *ec; - EC_GROUP *group; - int ret; - - /* New format */ - if ((V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED) == **pder) - return decode_gost01_algor_params(pkey, pder, derlen); - - /* Compatibility */ - if (d2i_ASN1_OBJECT(&obj, pder, derlen) == NULL) { - GOSTerror(ERR_R_MALLOC_FAILURE); - return 0; - } - nid = OBJ_obj2nid(obj); - ASN1_OBJECT_free(obj); - - ec = GOST_KEY_new(); - if (ec == NULL) { - GOSTerror(ERR_R_MALLOC_FAILURE); - return 0; - } - group = EC_GROUP_new_by_curve_name(nid); - if (group == NULL) { - GOSTerror(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE); - GOST_KEY_free(ec); - return 0; - } - - EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); - if (GOST_KEY_set_group(ec, group) == 0) { - GOSTerror(ERR_R_EC_LIB); - EC_GROUP_free(group); - GOST_KEY_free(ec); - return 0; - } - EC_GROUP_free(group); - if (GOST_KEY_set_digest(ec, - NID_id_GostR3411_94_CryptoProParamSet) == 0) { - GOSTerror(GOST_R_INVALID_DIGEST_TYPE); - GOST_KEY_free(ec); - return 0; - } - ret = EVP_PKEY_assign_GOST(pkey, ec); - if (ret == 0) - GOST_KEY_free(ec); - return ret; -} - -static int -param_missing_gost01(const EVP_PKEY *pk) -{ - const GOST_KEY *ec = pk->pkey.gost; - - if (ec == NULL) - return 1; - if (GOST_KEY_get0_group(ec) == NULL) - return 1; - if (GOST_KEY_get_digest(ec) == NID_undef) - return 1; - return 0; -} - -static int -param_copy_gost01(EVP_PKEY *to, const EVP_PKEY *from) -{ - GOST_KEY *eto = to->pkey.gost; - const GOST_KEY *efrom = from->pkey.gost; - int ret = 1; - - if (EVP_PKEY_base_id(from) != EVP_PKEY_base_id(to)) { - GOSTerror(GOST_R_INCOMPATIBLE_ALGORITHMS); - return 0; - } - if (efrom == NULL) { - GOSTerror(GOST_R_KEY_PARAMETERS_MISSING); - return 0; - } - if (eto == NULL) { - eto = GOST_KEY_new(); - if (eto == NULL) { - GOSTerror(ERR_R_MALLOC_FAILURE); - return 0; - } - if (EVP_PKEY_assign(to, EVP_PKEY_base_id(from), eto) == 0) { - GOST_KEY_free(eto); - return 0; - } - } - GOST_KEY_set_group(eto, GOST_KEY_get0_group(efrom)); - GOST_KEY_set_digest(eto, GOST_KEY_get_digest(efrom)); - if (GOST_KEY_get0_private_key(eto) != NULL) - ret = gost2001_compute_public(eto); - - return ret; -} - -static int -param_cmp_gost01(const EVP_PKEY *a, const EVP_PKEY *b) -{ - if (EC_GROUP_get_curve_name(GOST_KEY_get0_group(a->pkey.gost)) != - EC_GROUP_get_curve_name(GOST_KEY_get0_group(b->pkey.gost))) - return 0; - - if (GOST_KEY_get_digest(a->pkey.gost) != - GOST_KEY_get_digest(b->pkey.gost)) - return 0; - - return 1; -} - -static int -pkey_ctrl_gost01(EVP_PKEY *pkey, int op, long arg1, void *arg2) -{ - X509_ALGOR *alg1 = NULL, *alg2 = NULL, *alg3 = NULL; - int digest = GOST_KEY_get_digest(pkey->pkey.gost); - - switch (op) { - case ASN1_PKEY_CTRL_PKCS7_SIGN: - if (arg1 == 0) - PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2); - break; - - case ASN1_PKEY_CTRL_PKCS7_ENCRYPT: - if (arg1 == 0) - PKCS7_RECIP_INFO_get0_alg(arg2, &alg3); - break; - case ASN1_PKEY_CTRL_DEFAULT_MD_NID: - *(int *)arg2 = GostR3410_get_md_digest(digest); - return 2; - - default: - return -2; - } - - if (alg1) - X509_ALGOR_set0(alg1, OBJ_nid2obj(GostR3410_get_md_digest(digest)), V_ASN1_NULL, 0); - if (alg2) - X509_ALGOR_set0(alg2, OBJ_nid2obj(GostR3410_get_pk_digest(digest)), V_ASN1_NULL, 0); - if (alg3) { - ASN1_STRING *params = encode_gost01_algor_params(pkey); - if (params == NULL) { - return -1; - } - X509_ALGOR_set0(alg3, - OBJ_nid2obj(GostR3410_get_pk_digest(digest)), - V_ASN1_SEQUENCE, params); - } - - return 1; -} - -const EVP_PKEY_ASN1_METHOD gostr01_asn1_meth = { - .base_method = &gostr01_asn1_meth, - .pkey_id = EVP_PKEY_GOSTR01, - .pkey_flags = ASN1_PKEY_SIGPARAM_NULL, - - .pem_str = "GOST2001", - .info = "GOST R 34.10-2001", - - .pkey_free = pkey_free_gost01, - .pkey_ctrl = pkey_ctrl_gost01, - - .priv_decode = priv_decode_gost01, - .priv_encode = priv_encode_gost01, - .priv_print = priv_print_gost01, - - .param_decode = param_decode_gost01, - .param_encode = param_encode_gost01, - .param_missing = param_missing_gost01, - .param_copy = param_copy_gost01, - .param_cmp = param_cmp_gost01, - .param_print = param_print_gost01, - - .pub_decode = pub_decode_gost01, - .pub_encode = pub_encode_gost01, - .pub_cmp = pub_cmp_gost01, - .pub_print = pub_print_gost01, - .pkey_size = pkey_size_gost01, - .pkey_bits = pkey_bits_gost01, -}; - -const EVP_PKEY_ASN1_METHOD gostr12_256_asn1_meth = { - .base_method = &gostr01_asn1_meth, - .pkey_id = EVP_PKEY_GOSTR12_256, - .pkey_flags = ASN1_PKEY_ALIAS, -}; - -const EVP_PKEY_ASN1_METHOD gostr12_512_asn1_meth = { - .base_method = &gostr01_asn1_meth, - .pkey_id = EVP_PKEY_GOSTR12_512, - .pkey_flags = ASN1_PKEY_ALIAS, -}; - -#endif diff --git a/lib/libcrypto/gost/gostr341001_key.c b/lib/libcrypto/gost/gostr341001_key.c deleted file mode 100644 index 0170ab44b..000000000 --- a/lib/libcrypto/gost/gostr341001_key.c +++ /dev/null @@ -1,334 +0,0 @@ -/* $OpenBSD: gostr341001_key.c,v 1.14 2023/07/24 17:08:53 tb Exp $ */ -/* - * Copyright (c) 2014 Dmitry Eremin-Solenikov - * Copyright (c) 2005-2006 Cryptocom LTD - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include - -#include - -#ifndef OPENSSL_NO_GOST -#include -#include -#include -#include -#include "gost_local.h" - -struct gost_key_st { - EC_GROUP *group; - - EC_POINT *pub_key; - BIGNUM *priv_key; - - int references; - - int digest_nid; -}; - -GOST_KEY * -GOST_KEY_new(void) -{ - GOST_KEY *ret; - - ret = malloc(sizeof(GOST_KEY)); - if (ret == NULL) { - GOSTerror(ERR_R_MALLOC_FAILURE); - return (NULL); - } - ret->group = NULL; - ret->pub_key = NULL; - ret->priv_key = NULL; - ret->references = 1; - ret->digest_nid = NID_undef; - return (ret); -} -LCRYPTO_ALIAS(GOST_KEY_new); - -void -GOST_KEY_free(GOST_KEY *r) -{ - int i; - - if (r == NULL) - return; - - i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_EC); - if (i > 0) - return; - - EC_GROUP_free(r->group); - EC_POINT_free(r->pub_key); - BN_free(r->priv_key); - - freezero(r, sizeof(GOST_KEY)); -} -LCRYPTO_ALIAS(GOST_KEY_free); - -int -GOST_KEY_check_key(const GOST_KEY *key) -{ - int ok = 0; - BN_CTX *ctx = NULL; - BIGNUM *order = NULL; - EC_POINT *point = NULL; - - if (key == NULL || key->group == NULL || key->pub_key == NULL) { - GOSTerror(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if (EC_POINT_is_at_infinity(key->group, key->pub_key) != 0) { - GOSTerror(EC_R_POINT_AT_INFINITY); - goto err; - } - if ((ctx = BN_CTX_new()) == NULL) - goto err; - if ((point = EC_POINT_new(key->group)) == NULL) - goto err; - - /* testing whether the pub_key is on the elliptic curve */ - if (EC_POINT_is_on_curve(key->group, key->pub_key, ctx) <= 0) { - GOSTerror(EC_R_POINT_IS_NOT_ON_CURVE); - goto err; - } - /* testing whether pub_key * order is the point at infinity */ - if ((order = BN_new()) == NULL) - goto err; - if (EC_GROUP_get_order(key->group, order, ctx) == 0) { - GOSTerror(EC_R_INVALID_GROUP_ORDER); - goto err; - } - if (EC_POINT_mul(key->group, point, NULL, key->pub_key, order, - ctx) == 0) { - GOSTerror(ERR_R_EC_LIB); - goto err; - } - if (EC_POINT_is_at_infinity(key->group, point) == 0) { - GOSTerror(EC_R_WRONG_ORDER); - goto err; - } - /* - * in case the priv_key is present : check if generator * priv_key == - * pub_key - */ - if (key->priv_key != NULL) { - if (BN_cmp(key->priv_key, order) >= 0) { - GOSTerror(EC_R_WRONG_ORDER); - goto err; - } - if (EC_POINT_mul(key->group, point, key->priv_key, NULL, NULL, - ctx) == 0) { - GOSTerror(ERR_R_EC_LIB); - goto err; - } - if (EC_POINT_cmp(key->group, point, key->pub_key, ctx) != 0) { - GOSTerror(EC_R_INVALID_PRIVATE_KEY); - goto err; - } - } - ok = 1; -err: - BN_free(order); - BN_CTX_free(ctx); - EC_POINT_free(point); - return (ok); -} -LCRYPTO_ALIAS(GOST_KEY_check_key); - -int -GOST_KEY_set_public_key_affine_coordinates(GOST_KEY *key, BIGNUM *x, BIGNUM *y) -{ - BN_CTX *ctx = NULL; - BIGNUM *tx, *ty; - EC_POINT *point = NULL; - int ok = 0; - - if (key == NULL || key->group == NULL || x == NULL || y == NULL) { - GOSTerror(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - - BN_CTX_start(ctx); - - point = EC_POINT_new(key->group); - if (point == NULL) - goto err; - - if ((tx = BN_CTX_get(ctx)) == NULL) - goto err; - if ((ty = BN_CTX_get(ctx)) == NULL) - goto err; - if (EC_POINT_set_affine_coordinates(key->group, point, x, y, - ctx) == 0) - goto err; - if (EC_POINT_get_affine_coordinates(key->group, point, tx, ty, - ctx) == 0) - goto err; - /* - * Check if retrieved coordinates match originals: if not, values are - * out of range. - */ - if (BN_cmp(x, tx) != 0 || BN_cmp(y, ty) != 0) { - GOSTerror(EC_R_COORDINATES_OUT_OF_RANGE); - goto err; - } - if (GOST_KEY_set_public_key(key, point) == 0) - goto err; - - if (GOST_KEY_check_key(key) == 0) - goto err; - - ok = 1; - -err: - EC_POINT_free(point); - BN_CTX_end(ctx); - BN_CTX_free(ctx); - return ok; - -} -LCRYPTO_ALIAS(GOST_KEY_set_public_key_affine_coordinates); - -const EC_GROUP * -GOST_KEY_get0_group(const GOST_KEY *key) -{ - return key->group; -} -LCRYPTO_ALIAS(GOST_KEY_get0_group); - -int -GOST_KEY_set_group(GOST_KEY *key, const EC_GROUP *group) -{ - EC_GROUP_free(key->group); - key->group = EC_GROUP_dup(group); - return (key->group == NULL) ? 0 : 1; -} -LCRYPTO_ALIAS(GOST_KEY_set_group); - -const BIGNUM * -GOST_KEY_get0_private_key(const GOST_KEY *key) -{ - return key->priv_key; -} -LCRYPTO_ALIAS(GOST_KEY_get0_private_key); - -int -GOST_KEY_set_private_key(GOST_KEY *key, const BIGNUM *priv_key) -{ - BN_free(key->priv_key); - key->priv_key = BN_dup(priv_key); - return (key->priv_key == NULL) ? 0 : 1; -} -LCRYPTO_ALIAS(GOST_KEY_set_private_key); - -const EC_POINT * -GOST_KEY_get0_public_key(const GOST_KEY *key) -{ - return key->pub_key; -} -LCRYPTO_ALIAS(GOST_KEY_get0_public_key); - -int -GOST_KEY_set_public_key(GOST_KEY *key, const EC_POINT *pub_key) -{ - EC_POINT_free(key->pub_key); - key->pub_key = EC_POINT_dup(pub_key, key->group); - return (key->pub_key == NULL) ? 0 : 1; -} -LCRYPTO_ALIAS(GOST_KEY_set_public_key); - -int -GOST_KEY_get_digest(const GOST_KEY *key) -{ - return key->digest_nid; -} -LCRYPTO_ALIAS(GOST_KEY_get_digest); -int -GOST_KEY_set_digest(GOST_KEY *key, int digest_nid) -{ - if (digest_nid == NID_id_GostR3411_94_CryptoProParamSet || - digest_nid == NID_id_tc26_gost3411_2012_256 || - digest_nid == NID_id_tc26_gost3411_2012_512) { - key->digest_nid = digest_nid; - return 1; - } - - return 0; -} -LCRYPTO_ALIAS(GOST_KEY_set_digest); - -size_t -GOST_KEY_get_size(const GOST_KEY *r) -{ - int i; - BIGNUM *order = NULL; - const EC_GROUP *group; - - if (r == NULL) - return 0; - group = GOST_KEY_get0_group(r); - if (group == NULL) - return 0; - - if ((order = BN_new()) == NULL) - return 0; - - if (EC_GROUP_get_order(group, order, NULL) == 0) { - BN_free(order); - return 0; - } - - i = BN_num_bytes(order); - BN_free(order); - return (i); -} -LCRYPTO_ALIAS(GOST_KEY_get_size); -#endif diff --git a/lib/libcrypto/gost/gostr341001_params.c b/lib/libcrypto/gost/gostr341001_params.c deleted file mode 100644 index ca8a27d71..000000000 --- a/lib/libcrypto/gost/gostr341001_params.c +++ /dev/null @@ -1,132 +0,0 @@ -/* $OpenBSD: gostr341001_params.c,v 1.5 2022/11/26 16:08:53 tb Exp $ */ -/* - * Copyright (c) 2014 Dmitry Eremin-Solenikov - * Copyright (c) 2005-2006 Cryptocom LTD - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include - -#include - -#ifndef OPENSSL_NO_GOST -#include -#include - -#include "gost_local.h" - -int -GostR3410_get_md_digest(int nid) -{ - if (nid == NID_id_GostR3411_94_CryptoProParamSet) - return NID_id_GostR3411_94; - return nid; -} - -int -GostR3410_get_pk_digest(int nid) -{ - switch (nid) { - case NID_id_GostR3411_94_CryptoProParamSet: - return NID_id_GostR3410_2001; - case NID_id_tc26_gost3411_2012_256: - return NID_id_tc26_gost3410_2012_256; - case NID_id_tc26_gost3411_2012_512: - return NID_id_tc26_gost3410_2012_512; - default: - return NID_undef; - } -} - -typedef struct GostR3410_params { - const char *name; - int nid; -} GostR3410_params; - -static const GostR3410_params GostR3410_256_params[] = { - { "A", NID_id_GostR3410_2001_CryptoPro_A_ParamSet }, - { "B", NID_id_GostR3410_2001_CryptoPro_B_ParamSet }, - { "C", NID_id_GostR3410_2001_CryptoPro_C_ParamSet }, - { "0", NID_id_GostR3410_2001_TestParamSet }, - { "XA", NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet }, - { "XB", NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet }, - { NULL, NID_undef }, -}; - -static const GostR3410_params GostR3410_512_params[] = { - { "A", NID_id_tc26_gost_3410_12_512_paramSetA }, - { "B", NID_id_tc26_gost_3410_12_512_paramSetB }, - { NULL, NID_undef }, -}; - -int -GostR3410_256_param_id(const char *value) -{ - int i; - - for (i = 0; GostR3410_256_params[i].nid != NID_undef; i++) { - if (strcasecmp(GostR3410_256_params[i].name, value) == 0) - return GostR3410_256_params[i].nid; - } - - return NID_undef; -} - -int -GostR3410_512_param_id(const char *value) -{ - int i; - - for (i = 0; GostR3410_512_params[i].nid != NID_undef; i++) { - if (strcasecmp(GostR3410_512_params[i].name, value) == 0) - return GostR3410_512_params[i].nid; - } - - return NID_undef; -} - -#endif diff --git a/lib/libcrypto/gost/gostr341001_pmeth.c b/lib/libcrypto/gost/gostr341001_pmeth.c deleted file mode 100644 index c5e05bec6..000000000 --- a/lib/libcrypto/gost/gostr341001_pmeth.c +++ /dev/null @@ -1,705 +0,0 @@ -/* $OpenBSD: gostr341001_pmeth.c,v 1.19 2023/07/28 15:50:33 tb Exp $ */ -/* - * Copyright (c) 2014 Dmitry Eremin-Solenikov - * Copyright (c) 2005-2006 Cryptocom LTD - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include - -#include - -#ifndef OPENSSL_NO_GOST -#include -#include -#include -#include -#include -#include - -#include "ecdsa_local.h" -#include "evp_local.h" -#include "gost_local.h" -#include "gost_asn1.h" - -static ECDSA_SIG * -unpack_signature_cp(const unsigned char *sig, size_t siglen) -{ - ECDSA_SIG *s; - - s = ECDSA_SIG_new(); - if (s == NULL) { - GOSTerror(ERR_R_MALLOC_FAILURE); - return NULL; - } - BN_bin2bn(sig, siglen / 2, s->s); - BN_bin2bn(sig + siglen / 2, siglen / 2, s->r); - return s; -} - -static int -pack_signature_cp(ECDSA_SIG *s, int order, unsigned char *sig, size_t *siglen) -{ - int r_len = BN_num_bytes(s->r); - int s_len = BN_num_bytes(s->s); - - if (r_len > order || s_len > order) - return 0; - - *siglen = 2 * order; - - memset(sig, 0, *siglen); - BN_bn2bin(s->s, sig + order - s_len); - BN_bn2bin(s->r, sig + 2 * order - r_len); - ECDSA_SIG_free(s); - return 1; -} - -static ECDSA_SIG * -unpack_signature_le(const unsigned char *sig, size_t siglen) -{ - ECDSA_SIG *s; - - s = ECDSA_SIG_new(); - if (s == NULL) { - GOSTerror(ERR_R_MALLOC_FAILURE); - return NULL; - } - GOST_le2bn(sig, siglen / 2, s->r); - GOST_le2bn(sig + siglen / 2, siglen / 2, s->s); - return s; -} - -static int -pack_signature_le(ECDSA_SIG *s, int order, unsigned char *sig, size_t *siglen) -{ - *siglen = 2 * order; - memset(sig, 0, *siglen); - GOST_bn2le(s->r, sig, order); - GOST_bn2le(s->s, sig + order, order); - ECDSA_SIG_free(s); - return 1; -} - -struct gost_pmeth_data { - int sign_param_nid; /* Should be set whenever parameters are filled */ - int digest_nid; - EVP_MD *md; - unsigned char *shared_ukm; - int peer_key_used; - int sig_format; -}; - -static int -pkey_gost01_init(EVP_PKEY_CTX *ctx) -{ - struct gost_pmeth_data *data; - EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx); - - data = calloc(1, sizeof(struct gost_pmeth_data)); - if (data == NULL) - return 0; - - if (pkey != NULL && pkey->pkey.gost != NULL) { - data->sign_param_nid = - EC_GROUP_get_curve_name(GOST_KEY_get0_group(pkey->pkey.gost)); - data->digest_nid = GOST_KEY_get_digest(pkey->pkey.gost); - } - EVP_PKEY_CTX_set_data(ctx, data); - return 1; -} - -/* Copies contents of gost_pmeth_data structure */ -static int -pkey_gost01_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) -{ - struct gost_pmeth_data *dst_data, *src_data; - - if (pkey_gost01_init(dst) == 0) - return 0; - - src_data = EVP_PKEY_CTX_get_data(src); - dst_data = EVP_PKEY_CTX_get_data(dst); - *dst_data = *src_data; - if (src_data->shared_ukm != NULL) - dst_data->shared_ukm = NULL; - return 1; -} - -/* Frees up gost_pmeth_data structure */ -static void -pkey_gost01_cleanup(EVP_PKEY_CTX *ctx) -{ - struct gost_pmeth_data *data; - - if ((data = EVP_PKEY_CTX_get_data(ctx)) == NULL) - return; - - free(data->shared_ukm); - free(data); -} - -static int -pkey_gost01_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); - EC_GROUP *group = NULL; - GOST_KEY *gost = NULL; - int ret = 0; - - if (data->sign_param_nid == NID_undef || - data->digest_nid == NID_undef) { - GOSTerror(GOST_R_NO_PARAMETERS_SET); - return 0; - } - - group = EC_GROUP_new_by_curve_name(data->sign_param_nid); - if (group == NULL) - goto done; - - EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); - - gost = GOST_KEY_new(); - if (gost == NULL) - goto done; - - if (GOST_KEY_set_digest(gost, data->digest_nid) == 0) - goto done; - - if (GOST_KEY_set_group(gost, group) != 0) - ret = EVP_PKEY_assign_GOST(pkey, gost); - -done: - if (ret == 0) - GOST_KEY_free(gost); - EC_GROUP_free(group); - return ret; -} - -static int -pkey_gost01_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - if (pkey_gost01_paramgen(ctx, pkey) == 0) - return 0; - return gost2001_keygen(pkey->pkey.gost) != 0; -} - -static int -pkey_gost01_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbs_len) -{ - ECDSA_SIG *unpacked_sig = NULL; - EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx); - struct gost_pmeth_data *pctx = EVP_PKEY_CTX_get_data(ctx); - BIGNUM *md; - size_t size; - int ret; - - if (pkey == NULL || pkey->pkey.gost == NULL) - return 0; - size = GOST_KEY_get_size(pkey->pkey.gost); - - if (siglen == NULL) - return 0; - if (sig == NULL) { - *siglen = 2 * size; - return 1; - } else if (*siglen < 2 * size) { - GOSTerror(EC_R_BUFFER_TOO_SMALL); - return 0; - } - if (tbs_len != 32 && tbs_len != 64) { - GOSTerror(EVP_R_BAD_BLOCK_LENGTH); - return 0; - } - md = GOST_le2bn(tbs, tbs_len, NULL); - if (md == NULL) - return 0; - unpacked_sig = gost2001_do_sign(md, pkey->pkey.gost); - BN_free(md); - if (unpacked_sig == NULL) { - return 0; - } - switch (pctx->sig_format) { - case GOST_SIG_FORMAT_SR_BE: - ret = pack_signature_cp(unpacked_sig, size, sig, siglen); - break; - case GOST_SIG_FORMAT_RS_LE: - ret = pack_signature_le(unpacked_sig, size, sig, siglen); - break; - default: - ret = -1; - break; - } - if (ret <= 0) - ECDSA_SIG_free(unpacked_sig); - return ret; -} - -static int -pkey_gost01_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, - const unsigned char *tbs, size_t tbs_len) -{ - int ok = 0; - EVP_PKEY *pub_key = EVP_PKEY_CTX_get0_pkey(ctx); - struct gost_pmeth_data *pctx = EVP_PKEY_CTX_get_data(ctx); - ECDSA_SIG *s = NULL; - BIGNUM *md; - - if (pub_key == NULL) - return 0; - switch (pctx->sig_format) { - case GOST_SIG_FORMAT_SR_BE: - s = unpack_signature_cp(sig, siglen); - break; - case GOST_SIG_FORMAT_RS_LE: - s = unpack_signature_le(sig, siglen); - break; - } - if (s == NULL) - return 0; - md = GOST_le2bn(tbs, tbs_len, NULL); - if (md == NULL) - goto err; - ok = gost2001_do_verify(md, s, pub_key->pkey.gost); - -err: - BN_free(md); - ECDSA_SIG_free(s); - return ok; -} - -static int -gost01_VKO_key(EVP_PKEY *pub_key, EVP_PKEY *priv_key, const unsigned char *ukm, - unsigned char *key) -{ - unsigned char hashbuf[128]; - int digest_nid; - int ret = 0; - BN_CTX *ctx = BN_CTX_new(); - BIGNUM *UKM, *X, *Y; - - if (ctx == NULL) - return 0; - - BN_CTX_start(ctx); - if ((UKM = BN_CTX_get(ctx)) == NULL) - goto err; - if ((X = BN_CTX_get(ctx)) == NULL) - goto err; - if ((Y = BN_CTX_get(ctx)) == NULL) - goto err; - - GOST_le2bn(ukm, 8, UKM); - - digest_nid = GOST_KEY_get_digest(priv_key->pkey.gost); - if (VKO_compute_key(X, Y, pub_key->pkey.gost, priv_key->pkey.gost, - UKM) == 0) - goto err; - - switch (digest_nid) { - case NID_id_GostR3411_94_CryptoProParamSet: - GOST_bn2le(X, hashbuf, 32); - GOST_bn2le(Y, hashbuf + 32, 32); - GOSTR341194(hashbuf, 64, key, digest_nid); - ret = 1; - break; - case NID_id_tc26_gost3411_2012_256: - GOST_bn2le(X, hashbuf, 32); - GOST_bn2le(Y, hashbuf + 32, 32); - STREEBOG256(hashbuf, 64, key); - ret = 1; - break; - case NID_id_tc26_gost3411_2012_512: - GOST_bn2le(X, hashbuf, 64); - GOST_bn2le(Y, hashbuf + 64, 64); - STREEBOG256(hashbuf, 128, key); - ret = 1; - break; - default: - ret = -2; - break; - } -err: - BN_CTX_end(ctx); - BN_CTX_free(ctx); - return ret; -} - -int -pkey_gost01_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, size_t *key_len, - const unsigned char *in, size_t in_len) -{ - const unsigned char *p = in; - EVP_PKEY *priv = EVP_PKEY_CTX_get0_pkey(pctx); - GOST_KEY_TRANSPORT *gkt = NULL; - int ret = 0; - unsigned char wrappedKey[44]; - unsigned char sharedKey[32]; - EVP_PKEY *eph_key = NULL, *peerkey = NULL; - int nid; - - if (key == NULL) { - *key_len = 32; - return 1; - } - gkt = d2i_GOST_KEY_TRANSPORT(NULL, (const unsigned char **)&p, in_len); - if (gkt == NULL) { - GOSTerror(GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO); - return -1; - } - - /* If key transport structure contains public key, use it */ - eph_key = X509_PUBKEY_get(gkt->key_agreement_info->ephem_key); - if (eph_key != NULL) { - if (EVP_PKEY_derive_set_peer(pctx, eph_key) <= 0) { - GOSTerror(GOST_R_INCOMPATIBLE_PEER_KEY); - goto err; - } - } else { - /* Set control "public key from client certificate used" */ - if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, - NULL) <= 0) { - GOSTerror(GOST_R_CTRL_CALL_FAILED); - goto err; - } - } - peerkey = EVP_PKEY_CTX_get0_peerkey(pctx); - if (peerkey == NULL) { - GOSTerror(GOST_R_NO_PEER_KEY); - goto err; - } - - nid = OBJ_obj2nid(gkt->key_agreement_info->cipher); - - if (gkt->key_agreement_info->eph_iv->length != 8) { - GOSTerror(GOST_R_INVALID_IV_LENGTH); - goto err; - } - memcpy(wrappedKey, gkt->key_agreement_info->eph_iv->data, 8); - if (gkt->key_info->encrypted_key->length != 32) { - GOSTerror(EVP_R_BAD_KEY_LENGTH); - goto err; - } - memcpy(wrappedKey + 8, gkt->key_info->encrypted_key->data, 32); - if (gkt->key_info->imit->length != 4) { - GOSTerror(ERR_R_INTERNAL_ERROR); - goto err; - } - memcpy(wrappedKey + 40, gkt->key_info->imit->data, 4); - if (gost01_VKO_key(peerkey, priv, wrappedKey, sharedKey) <= 0) - goto err; - if (gost_key_unwrap_crypto_pro(nid, sharedKey, wrappedKey, key) == 0) { - GOSTerror(GOST_R_ERROR_COMPUTING_SHARED_KEY); - goto err; - } - - ret = 1; -err: - EVP_PKEY_free(eph_key); - GOST_KEY_TRANSPORT_free(gkt); - return ret; -} - -int -pkey_gost01_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen) -{ - /* - * Public key of peer in the ctx field peerkey - * Our private key in the ctx pkey - * ukm is in the algorithm specific context data - */ - EVP_PKEY *my_key = EVP_PKEY_CTX_get0_pkey(ctx); - EVP_PKEY *peer_key = EVP_PKEY_CTX_get0_peerkey(ctx); - struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); - - if (data->shared_ukm == NULL) { - GOSTerror(GOST_R_UKM_NOT_SET); - return 0; - } - - if (key == NULL) { - *keylen = 32; - return 32; - } - - if (gost01_VKO_key(peer_key, my_key, data->shared_ukm, key) <= 0) - return 0; - - *keylen = 32; - return 1; -} - -int -pkey_gost01_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out, size_t *out_len, - const unsigned char *key, size_t key_len) -{ - GOST_KEY_TRANSPORT *gkt = NULL; - EVP_PKEY *pubk = EVP_PKEY_CTX_get0_pkey(pctx); - struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(pctx); - unsigned char ukm[8], shared_key[32], crypted_key[44]; - int ret = 0; - int key_is_ephemeral; - EVP_PKEY *sec_key = EVP_PKEY_CTX_get0_peerkey(pctx); - int nid = NID_id_Gost28147_89_CryptoPro_A_ParamSet; - - if (data->shared_ukm != NULL) { - memcpy(ukm, data->shared_ukm, 8); - } else /* if (out != NULL) */ { - arc4random_buf(ukm, 8); - } - /* Check for private key in the peer_key of context */ - if (sec_key) { - key_is_ephemeral = 0; - if (GOST_KEY_get0_private_key(sec_key->pkey.gost) == 0) { - GOSTerror(GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR); - goto err; - } - } else { - key_is_ephemeral = 1; - if (out != NULL) { - GOST_KEY *tmp_key; - - sec_key = EVP_PKEY_new(); - if (sec_key == NULL) - goto err; - tmp_key = GOST_KEY_new(); - if (tmp_key == NULL) - goto err; - if (EVP_PKEY_assign(sec_key, EVP_PKEY_base_id(pubk), - tmp_key) == 0) { - GOST_KEY_free(tmp_key); - goto err; - } - if (EVP_PKEY_copy_parameters(sec_key, pubk) == 0) - goto err; - if (gost2001_keygen(sec_key->pkey.gost) == 0) { - goto err; - } - } - } - - if (out != NULL) { - if (gost01_VKO_key(pubk, sec_key, ukm, shared_key) <= 0) - goto err; - gost_key_wrap_crypto_pro(nid, shared_key, ukm, key, - crypted_key); - } - gkt = GOST_KEY_TRANSPORT_new(); - if (gkt == NULL) - goto err; - if (ASN1_OCTET_STRING_set(gkt->key_agreement_info->eph_iv, ukm, 8) == 0) - goto err; - if (ASN1_OCTET_STRING_set(gkt->key_info->imit, crypted_key + 40, - 4) == 0) - goto err; - if (ASN1_OCTET_STRING_set(gkt->key_info->encrypted_key, crypted_key + 8, - 32) == 0) - goto err; - if (key_is_ephemeral) { - if (X509_PUBKEY_set(&gkt->key_agreement_info->ephem_key, - out != NULL ? sec_key : pubk) == 0) { - GOSTerror(GOST_R_CANNOT_PACK_EPHEMERAL_KEY); - goto err; - } - } - ASN1_OBJECT_free(gkt->key_agreement_info->cipher); - gkt->key_agreement_info->cipher = OBJ_nid2obj(nid); - if (key_is_ephemeral) - EVP_PKEY_free(sec_key); - else { - /* Set control "public key from client certificate used" */ - if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, - NULL) <= 0) { - GOSTerror(GOST_R_CTRL_CALL_FAILED); - goto err; - } - } - if ((*out_len = i2d_GOST_KEY_TRANSPORT(gkt, out ? &out : NULL)) > 0) - ret = 1; - GOST_KEY_TRANSPORT_free(gkt); - return ret; - -err: - if (key_is_ephemeral) - EVP_PKEY_free(sec_key); - GOST_KEY_TRANSPORT_free(gkt); - return -1; -} - - -static int -pkey_gost01_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) -{ - struct gost_pmeth_data *pctx = EVP_PKEY_CTX_get_data(ctx); - - switch (type) { - case EVP_PKEY_CTRL_MD: - if (EVP_MD_type(p2) != - GostR3410_get_md_digest(pctx->digest_nid)) { - GOSTerror(GOST_R_INVALID_DIGEST_TYPE); - return 0; - } - pctx->md = p2; - return 1; - case EVP_PKEY_CTRL_PKCS7_ENCRYPT: - case EVP_PKEY_CTRL_PKCS7_DECRYPT: - case EVP_PKEY_CTRL_PKCS7_SIGN: - case EVP_PKEY_CTRL_DIGESTINIT: - return 1; - - case EVP_PKEY_CTRL_GOST_PARAMSET: - pctx->sign_param_nid = (int)p1; - return 1; - - case EVP_PKEY_CTRL_SET_IV: - { - char *ukm = malloc(p1); - - if (ukm == NULL) { - GOSTerror(ERR_R_MALLOC_FAILURE); - return 0; - } - memcpy(ukm, p2, p1); - free(pctx->shared_ukm); - pctx->shared_ukm = ukm; - return 1; - } - - case EVP_PKEY_CTRL_PEER_KEY: - if (p1 == 0 || p1 == 1) /* call from EVP_PKEY_derive_set_peer */ - return 1; - if (p1 == 2) /* TLS: peer key used? */ - return pctx->peer_key_used; - if (p1 == 3) /* TLS: peer key used! */ - return (pctx->peer_key_used = 1); - return -2; - case EVP_PKEY_CTRL_GOST_SIG_FORMAT: - switch (p1) { - case GOST_SIG_FORMAT_SR_BE: - case GOST_SIG_FORMAT_RS_LE: - pctx->sig_format = p1; - return 1; - default: - return 0; - } - break; - case EVP_PKEY_CTRL_GOST_SET_DIGEST: - pctx->digest_nid = (int)p1; - return 1; - case EVP_PKEY_CTRL_GOST_GET_DIGEST: - *(int *)p2 = pctx->digest_nid; - return 1; - default: - return -2; - } -} - -static int -pkey_gost01_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value) -{ - int param_nid = NID_undef; - int digest_nid = NID_undef; - - if (strcmp(type, "paramset") == 0) { - if (value == NULL) - return 0; - if (pkey_gost01_ctrl(ctx, EVP_PKEY_CTRL_GOST_GET_DIGEST, 0, - &digest_nid) == 0) - return 0; - if (digest_nid == NID_id_tc26_gost3411_2012_512) - param_nid = GostR3410_512_param_id(value); - else - param_nid = GostR3410_256_param_id(value); - if (param_nid == NID_undef) - param_nid = OBJ_txt2nid(value); - if (param_nid == NID_undef) - return 0; - - return pkey_gost01_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET, - param_nid, NULL); - } - if (strcmp(type, "dgst") == 0) { - if (value == NULL) - return 0; - else if (strcmp(value, "gost94") == 0 || - strcmp(value, "md_gost94") == 0) - digest_nid = NID_id_GostR3411_94_CryptoProParamSet; - else if (strcmp(value, "streebog256") == 0) - digest_nid = NID_id_tc26_gost3411_2012_256; - else if (strcmp(value, "streebog512") == 0) - digest_nid = NID_id_tc26_gost3411_2012_512; - - if (digest_nid == NID_undef) - return 0; - - return pkey_gost01_ctrl(ctx, EVP_PKEY_CTRL_GOST_SET_DIGEST, - digest_nid, NULL); - } - return -2; -} - -const EVP_PKEY_METHOD gostr01_pkey_meth = { - .pkey_id = EVP_PKEY_GOSTR01, - - .init = pkey_gost01_init, - .copy = pkey_gost01_copy, - .cleanup = pkey_gost01_cleanup, - - .paramgen = pkey_gost01_paramgen, - .keygen = pkey_gost01_keygen, - .sign = pkey_gost01_sign, - .verify = pkey_gost01_verify, - - .encrypt = pkey_gost01_encrypt, - .decrypt = pkey_gost01_decrypt, - .derive = pkey_gost01_derive, - - .ctrl = pkey_gost01_ctrl, - .ctrl_str = pkey_gost01_ctrl_str, -}; -#endif diff --git a/lib/libcrypto/gost/streebog.c b/lib/libcrypto/gost/streebog.c deleted file mode 100644 index 60c575794..000000000 --- a/lib/libcrypto/gost/streebog.c +++ /dev/null @@ -1,1487 +0,0 @@ -/* $OpenBSD: streebog.c,v 1.9 2023/07/08 14:30:44 beck Exp $ */ -/* - * Copyright (c) 2014 Dmitry Eremin-Solenikov - * Copyright (c) 2005-2006 Cryptocom LTD - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include -#include - -#include - -#ifndef OPENSSL_NO_GOST -#include -#include -#include - -#include "gost_local.h" - -static const STREEBOG_LONG64 A_PI_table[8][256] = { - { /* 0 */ - U64(0xd01f715b5c7ef8e6), U64(0x16fa240980778325), - U64(0xa8a42e857ee049c8), U64(0x6ac1068fa186465b), - U64(0x6e417bd7a2e9320b), U64(0x665c8167a437daab), - U64(0x7666681aa89617f6), U64(0x4b959163700bdcf5), - U64(0xf14be6b78df36248), U64(0xc585bd689a625cff), - U64(0x9557d7fca67d82cb), U64(0x89f0b969af6dd366), - U64(0xb0833d48749f6c35), U64(0xa1998c23b1ecbc7c), - U64(0x8d70c431ac02a736), U64(0xd6dfbc2fd0a8b69e), - U64(0x37aeb3e551fa198b), U64(0x0b7d128a40b5cf9c), - U64(0x5a8f2008b5780cbc), U64(0xedec882284e333e5), - U64(0xd25fc177d3c7c2ce), U64(0x5e0f5d50b61778ec), - U64(0x1d873683c0c24cb9), U64(0xad040bcbb45d208c), - U64(0x2f89a0285b853c76), U64(0x5732fff6791b8d58), - U64(0x3e9311439ef6ec3f), U64(0xc9183a809fd3c00f), - U64(0x83adf3f5260a01ee), U64(0xa6791941f4e8ef10), - U64(0x103ae97d0ca1cd5d), U64(0x2ce948121dee1b4a), - U64(0x39738421dbf2bf53), U64(0x093da2a6cf0cf5b4), - U64(0xcd9847d89cbcb45f), U64(0xf9561c078b2d8ae8), - U64(0x9c6a755a6971777f), U64(0xbc1ebaa0712ef0c5), - U64(0x72e61542abf963a6), U64(0x78bb5fde229eb12e), - U64(0x14ba94250fceb90d), U64(0x844d6697630e5282), - U64(0x98ea08026a1e032f), U64(0xf06bbea144217f5c), - U64(0xdb6263d11ccb377a), U64(0x641c314b2b8ee083), - U64(0x320e96ab9b4770cf), U64(0x1ee7deb986a96b85), - U64(0xe96cf57a878c47b5), U64(0xfdd6615f8842feb8), - U64(0xc83862965601dd1b), U64(0x2ea9f83e92572162), - U64(0xf876441142ff97fc), U64(0xeb2c455608357d9d), - U64(0x5612a7e0b0c9904c), U64(0x6c01cbfb2d500823), - U64(0x4548a6a7fa037a2d), U64(0xabc4c6bf388b6ef4), - U64(0xbade77d4fdf8bebd), U64(0x799b07c8eb4cac3a), - U64(0x0c9d87e805b19cf0), U64(0xcb588aac106afa27), - U64(0xea0c1d40c1e76089), U64(0x2869354a1e816f1a), - U64(0xff96d17307fbc490), U64(0x9f0a9d602f1a5043), - U64(0x96373fc6e016a5f7), U64(0x5292dab8b3a6e41c), - U64(0x9b8ae0382c752413), U64(0x4f15ec3b7364a8a5), - U64(0x3fb349555724f12b), U64(0xc7c50d4415db66d7), - U64(0x92b7429ee379d1a7), U64(0xd37f99611a15dfda), - U64(0x231427c05e34a086), U64(0xa439a96d7b51d538), - U64(0xb403401077f01865), U64(0xdda2aea5901d7902), - U64(0x0a5d4a9c8967d288), U64(0xc265280adf660f93), - U64(0x8bb0094520d4e94e), U64(0x2a29856691385532), - U64(0x42a833c5bf072941), U64(0x73c64d54622b7eb2), - U64(0x07e095624504536c), U64(0x8a905153e906f45a), - U64(0x6f6123c16b3b2f1f), U64(0xc6e55552dc097bc3), - U64(0x4468feb133d16739), U64(0xe211e7f0c7398829), - U64(0xa2f96419f7879b40), U64(0x19074bdbc3ad38e9), - U64(0xf4ebc3f9474e0b0c), U64(0x43886bd376d53455), - U64(0xd8028beb5aa01046), U64(0x51f23282f5cdc320), - U64(0xe7b1c2be0d84e16d), U64(0x081dfab006dee8a0), - U64(0x3b33340d544b857b), U64(0x7f5bcabc679ae242), - U64(0x0edd37c48a08a6d8), U64(0x81ed43d9a9b33bc6), - U64(0xb1a3655ebd4d7121), U64(0x69a1eeb5e7ed6167), - U64(0xf6ab73d5c8f73124), U64(0x1a67a3e185c61fd5), - U64(0x2dc91004d43c065e), U64(0x0240b02c8fb93a28), - U64(0x90f7f2b26cc0eb8f), U64(0x3cd3a16f114fd617), - U64(0xaae49ea9f15973e0), U64(0x06c0cd748cd64e78), - U64(0xda423bc7d5192a6e), U64(0xc345701c16b41287), - U64(0x6d2193ede4821537), U64(0xfcf639494190e3ac), - U64(0x7c3b228621f1c57e), U64(0xfb16ac2b0494b0c0), - U64(0xbf7e529a3745d7f9), U64(0x6881b6a32e3f7c73), - U64(0xca78d2bad9b8e733), U64(0xbbfe2fc2342aa3a9), - U64(0x0dbddffecc6381e4), U64(0x70a6a56e2440598e), - U64(0xe4d12a844befc651), U64(0x8c509c2765d0ba22), - U64(0xee8c6018c28814d9), U64(0x17da7c1f49a59e31), - U64(0x609c4c1328e194d3), U64(0xb3e3d57232f44b09), - U64(0x91d7aaa4a512f69b), U64(0x0ffd6fd243dabbcc), - U64(0x50d26a943c1fde34), U64(0x6be15e9968545b4f), - U64(0x94778fea6faf9fdf), U64(0x2b09dd7058ea4826), - U64(0x677cd9716de5c7bf), U64(0x49d5214fffb2e6dd), - U64(0x0360e83a466b273c), U64(0x1fc786af4f7b7691), - U64(0xa0b9d435783ea168), U64(0xd49f0c035f118cb6), - U64(0x01205816c9d21d14), U64(0xac2453dd7d8f3d98), - U64(0x545217cc3f70aa64), U64(0x26b4028e9489c9c2), - U64(0xdec2469fd6765e3e), U64(0x04807d58036f7450), - U64(0xe5f17292823ddb45), U64(0xf30b569b024a5860), - U64(0x62dcfc3fa758aefb), U64(0xe84cad6c4e5e5aa1), - U64(0xccb81fce556ea94b), U64(0x53b282ae7a74f908), - U64(0x1b47fbf74c1402c1), U64(0x368eebf39828049f), - U64(0x7afbeff2ad278b06), U64(0xbe5e0a8cfe97caed), - U64(0xcfd8f7f413058e77), U64(0xf78b2bc301252c30), - U64(0x4d555c17fcdd928d), U64(0x5f2f05467fc565f8), - U64(0x24f4b2a21b30f3ea), U64(0x860dd6bbecb768aa), - U64(0x4c750401350f8f99), U64(0x0000000000000000), - U64(0xecccd0344d312ef1), U64(0xb5231806be220571), - U64(0xc105c030990d28af), U64(0x653c695de25cfd97), - U64(0x159acc33c61ca419), U64(0xb89ec7f872418495), - U64(0xa9847693b73254dc), U64(0x58cf90243ac13694), - U64(0x59efc832f3132b80), U64(0x5c4fed7c39ae42c4), - U64(0x828dabe3efd81cfa), U64(0xd13f294d95ace5f2), - U64(0x7d1b7a90e823d86a), U64(0xb643f03cf849224d), - U64(0x3df3f979d89dcb03), U64(0x7426d836272f2dde), - U64(0xdfe21e891fa4432a), U64(0x3a136c1b9d99986f), - U64(0xfa36f43dcd46add4), U64(0xc025982650df35bb), - U64(0x856d3e81aadc4f96), U64(0xc4a5e57e53b041eb), - U64(0x4708168b75ba4005), U64(0xaf44bbe73be41aa4), - U64(0x971767d029c4b8e3), U64(0xb9be9feebb939981), - U64(0x215497ecd18d9aae), U64(0x316e7e91dd2c57f3), - U64(0xcef8afe2dad79363), U64(0x3853dc371220a247), - U64(0x35ee03c9de4323a3), U64(0xe6919aa8c456fc79), - U64(0xe05157dc4880b201), U64(0x7bdbb7e464f59612), - U64(0x127a59518318f775), U64(0x332ecebd52956ddb), - U64(0x8f30741d23bb9d1e), U64(0xd922d3fd93720d52), - U64(0x7746300c61440ae2), U64(0x25d4eab4d2e2eefe), - U64(0x75068020eefd30ca), U64(0x135a01474acaea61), - U64(0x304e268714fe4ae7), U64(0xa519f17bb283c82c), - U64(0xdc82f6b359cf6416), U64(0x5baf781e7caa11a8), - U64(0xb2c38d64fb26561d), U64(0x34ce5bdf17913eb7), - U64(0x5d6fb56af07c5fd0), U64(0x182713cd0a7f25fd), - U64(0x9e2ac576e6c84d57), U64(0x9aaab82ee5a73907), - U64(0xa3d93c0f3e558654), U64(0x7e7b92aaae48ff56), - U64(0x872d8ead256575be), U64(0x41c8dbfff96c0e7d), - U64(0x99ca5014a3cc1e3b), U64(0x40e883e930be1369), - U64(0x1ca76e95091051ad), U64(0x4e35b42dbab6b5b1), - U64(0x05a0254ecabd6944), U64(0xe1710fca8152af15), - U64(0xf22b0e8dcb984574), U64(0xb763a82a319b3f59), - U64(0x63fca4296e8ab3ef), U64(0x9d4a2d4ca0a36a6b), - U64(0xe331bfe60eeb953d), U64(0xd5bf541596c391a2), - U64(0xf5cb9bef8e9c1618), U64(0x46284e9dbc685d11), - U64(0x2074cffa185f87ba), U64(0xbd3ee2b6b8fcedd1), - U64(0xae64e3f1f23607b0), U64(0xfeb68965ce29d984), - U64(0x55724fdaf6a2b770), U64(0x29496d5cd753720e), - U64(0xa75941573d3af204), U64(0x8e102c0bea69800a), - U64(0x111ab16bc573d049), U64(0xd7ffe439197aab8a), - U64(0xefac380e0b5a09cd), U64(0x48f579593660fbc9), - U64(0x22347fd697e6bd92), U64(0x61bc1405e13389c7), - U64(0x4ab5c975b9d9c1e1), U64(0x80cd1bcf606126d2), - U64(0x7186fd78ed92449a), U64(0x93971a882aabccb3), - U64(0x88d0e17f66bfce72), U64(0x27945a985d5bd4d6) - }, { /* 1 */ - U64(0xde553f8c05a811c8), U64(0x1906b59631b4f565), - U64(0x436e70d6b1964ff7), U64(0x36d343cb8b1e9d85), - U64(0x843dfacc858aab5a), U64(0xfdfc95c299bfc7f9), - U64(0x0f634bdea1d51fa2), U64(0x6d458b3b76efb3cd), - U64(0x85c3f77cf8593f80), U64(0x3c91315fbe737cb2), - U64(0x2148b03366ace398), U64(0x18f8b8264c6761bf), - U64(0xc830c1c495c9fb0f), U64(0x981a76102086a0aa), - U64(0xaa16012142f35760), U64(0x35cc54060c763cf6), - U64(0x42907d66cc45db2d), U64(0x8203d44b965af4bc), - U64(0x3d6f3cefc3a0e868), U64(0xbc73ff69d292bda7), - U64(0x8722ed0102e20a29), U64(0x8f8185e8cd34deb7), - U64(0x9b0561dda7ee01d9), U64(0x5335a0193227fad6), - U64(0xc9cecc74e81a6fd5), U64(0x54f5832e5c2431ea), - U64(0x99e47ba05d553470), U64(0xf7bee756acd226ce), - U64(0x384e05a5571816fd), U64(0xd1367452a47d0e6a), - U64(0xf29fde1c386ad85b), U64(0x320c77316275f7ca), - U64(0xd0c879e2d9ae9ab0), U64(0xdb7406c69110ef5d), - U64(0x45505e51a2461011), U64(0xfc029872e46c5323), - U64(0xfa3cb6f5f7bc0cc5), U64(0x031f17cd8768a173), - U64(0xbd8df2d9af41297d), U64(0x9d3b4f5ab43e5e3f), - U64(0x4071671b36feee84), U64(0x716207e7d3e3b83d), - U64(0x48d20ff2f9283a1a), U64(0x27769eb4757cbc7e), - U64(0x5c56ebc793f2e574), U64(0xa48b474f9ef5dc18), - U64(0x52cbada94ff46e0c), U64(0x60c7da982d8199c6), - U64(0x0e9d466edc068b78), U64(0x4eec2175eaf865fc), - U64(0x550b8e9e21f7a530), U64(0x6b7ba5bc653fec2b), - U64(0x5eb7f1ba6949d0dd), U64(0x57ea94e3db4c9099), - U64(0xf640eae6d101b214), U64(0xdd4a284182c0b0bb), - U64(0xff1d8fbf6304f250), U64(0xb8accb933bf9d7e8), - U64(0xe8867c478eb68c4d), U64(0x3f8e2692391bddc1), - U64(0xcb2fd60912a15a7c), U64(0xaec935dbab983d2f), - U64(0xf55ffd2b56691367), U64(0x80e2ce366ce1c115), - U64(0x179bf3f8edb27e1d), U64(0x01fe0db07dd394da), - U64(0xda8a0b76ecc37b87), U64(0x44ae53e1df9584cb), - U64(0xb310b4b77347a205), U64(0xdfab323c787b8512), - U64(0x3b511268d070b78e), U64(0x65e6e3d2b9396753), - U64(0x6864b271e2574d58), U64(0x259784c98fc789d7), - U64(0x02e11a7dfabb35a9), U64(0x8841a6dfa337158b), - U64(0x7ade78c39b5dcdd0), U64(0xb7cf804d9a2cc84a), - U64(0x20b6bd831b7f7742), U64(0x75bd331d3a88d272), - U64(0x418f6aab4b2d7a5e), U64(0xd9951cbb6babdaf4), - U64(0xb6318dfde7ff5c90), U64(0x1f389b112264aa83), - U64(0x492c024284fbaec0), U64(0xe33a0363c608f9a0), - U64(0x2688930408af28a4), U64(0xc7538a1a341ce4ad), - U64(0x5da8e677ee2171ae), U64(0x8c9e92254a5c7fc4), - U64(0x63d8cd55aae938b5), U64(0x29ebd8daa97a3706), - U64(0x959827b37be88aa1), U64(0x1484e4356adadf6e), - U64(0xa7945082199d7d6b), U64(0xbf6ce8a455fa1cd4), - U64(0x9cc542eac9edcae5), U64(0x79c16f0e1c356ca3), - U64(0x89bfab6fdee48151), U64(0xd4174d1830c5f0ff), - U64(0x9258048415eb419d), U64(0x6139d72850520d1c), - U64(0x6a85a80c18ec78f1), U64(0xcd11f88e0171059a), - U64(0xcceff53e7ca29140), U64(0xd229639f2315af19), - U64(0x90b91ef9ef507434), U64(0x5977d28d074a1be1), - U64(0x311360fce51d56b9), U64(0xc093a92d5a1f2f91), - U64(0x1a19a25bb6dc5416), U64(0xeb996b8a09de2d3e), - U64(0xfee3820f1ed7668a), U64(0xd7085ad5b7ad518c), - U64(0x7fff41890fe53345), U64(0xec5948bd67dde602), - U64(0x2fd5f65dbaaa68e0), U64(0xa5754affe32648c2), - U64(0xf8ddac880d07396c), U64(0x6fa491468c548664), - U64(0x0c7c5c1326bdbed1), U64(0x4a33158f03930fb3), - U64(0x699abfc19f84d982), U64(0xe4fa2054a80b329c), - U64(0x6707f9af438252fa), U64(0x08a368e9cfd6d49e), - U64(0x47b1442c58fd25b8), U64(0xbbb3dc5ebc91769b), - U64(0x1665fe489061eac7), U64(0x33f27a811fa66310), - U64(0x93a609346838d547), U64(0x30ed6d4c98cec263), - U64(0x1dd9816cd8df9f2a), U64(0x94662a03063b1e7b), - U64(0x83fdd9fbeb896066), U64(0x7b207573e68e590a), - U64(0x5f49fc0a149a4407), U64(0x343259b671a5a82c), - U64(0xfbc2bb458a6f981f), U64(0xc272b350a0a41a38), - U64(0x3aaf1fd8ada32354), U64(0x6cbb868b0b3c2717), - U64(0xa2b569c88d2583fe), U64(0xf180c9d1bf027928), - U64(0xaf37386bd64ba9f5), U64(0x12bacab2790a8088), - U64(0x4c0d3b0810435055), U64(0xb2eeb9070e9436df), - U64(0xc5b29067cea7d104), U64(0xdcb425f1ff132461), - U64(0x4f122cc5972bf126), U64(0xac282fa651230886), - U64(0xe7e537992f6393ef), U64(0xe61b3a2952b00735), - U64(0x709c0a57ae302ce7), U64(0xe02514ae416058d3), - U64(0xc44c9dd7b37445de), U64(0x5a68c5408022ba92), - U64(0x1c278cdca50c0bf0), U64(0x6e5a9cf6f18712be), - U64(0x86dce0b17f319ef3), U64(0x2d34ec2040115d49), - U64(0x4bcd183f7e409b69), U64(0x2815d56ad4a9a3dc), - U64(0x24698979f2141d0d), U64(0x0000000000000000), - U64(0x1ec696a15fb73e59), U64(0xd86b110b16784e2e), - U64(0x8e7f8858b0e74a6d), U64(0x063e2e8713d05fe6), - U64(0xe2c40ed3bbdb6d7a), U64(0xb1f1aeca89fc97ac), - U64(0xe1db191e3cb3cc09), U64(0x6418ee62c4eaf389), - U64(0xc6ad87aa49cf7077), U64(0xd6f65765ca7ec556), - U64(0x9afb6c6dda3d9503), U64(0x7ce05644888d9236), - U64(0x8d609f95378feb1e), U64(0x23a9aa4e9c17d631), - U64(0x6226c0e5d73aac6f), U64(0x56149953a69f0443), - U64(0xeeb852c09d66d3ab), U64(0x2b0ac2a753c102af), - U64(0x07c023376e03cb3c), U64(0x2ccae1903dc2c993), - U64(0xd3d76e2f5ec63bc3), U64(0x9e2458973356ff4c), - U64(0xa66a5d32644ee9b1), U64(0x0a427294356de137), - U64(0x783f62be61e6f879), U64(0x1344c70204d91452), - U64(0x5b96c8f0fdf12e48), U64(0xa90916ecc59bf613), - U64(0xbe92e5142829880e), U64(0x727d102a548b194e), - U64(0x1be7afebcb0fc0cc), U64(0x3e702b2244c8491b), - U64(0xd5e940a84d166425), U64(0x66f9f41f3e51c620), - U64(0xabe80c913f20c3ba), U64(0xf07ec461c2d1edf2), - U64(0xf361d3ac45b94c81), U64(0x0521394a94b8fe95), - U64(0xadd622162cf09c5c), U64(0xe97871f7f3651897), - U64(0xf4a1f09b2bba87bd), U64(0x095d6559b2054044), - U64(0x0bbc7f2448be75ed), U64(0x2af4cf172e129675), - U64(0x157ae98517094bb4), U64(0x9fda55274e856b96), - U64(0x914713499283e0ee), U64(0xb952c623462a4332), - U64(0x74433ead475b46a8), U64(0x8b5eb112245fb4f8), - U64(0xa34b6478f0f61724), U64(0x11a5dd7ffe6221fb), - U64(0xc16da49d27ccbb4b), U64(0x76a224d0bde07301), - U64(0x8aa0bca2598c2022), U64(0x4df336b86d90c48f), - U64(0xea67663a740db9e4), U64(0xef465f70e0b54771), - U64(0x39b008152acb8227), U64(0x7d1e5bf4f55e06ec), - U64(0x105bd0cf83b1b521), U64(0x775c2960c033e7db), - U64(0x7e014c397236a79f), U64(0x811cc386113255cf), - U64(0xeda7450d1a0e72d8), U64(0x5889df3d7a998f3b), - U64(0x2e2bfbedc779fc3a), U64(0xce0eef438619a4e9), - U64(0x372d4e7bf6cd095f), U64(0x04df34fae96b6a4f), - U64(0xf923a13870d4adb6), U64(0xa1aa7e050a4d228d), - U64(0xa8f71b5cb84862c9), U64(0xb52e9a306097fde3), - U64(0x0d8251a35b6e2a0b), U64(0x2257a7fee1c442eb), - U64(0x73831d9a29588d94), U64(0x51d4ba64c89ccf7f), - U64(0x502ab7d4b54f5ba5), U64(0x97793dce8153bf08), - U64(0xe5042de4d5d8a646), U64(0x9687307efc802bd2), - U64(0xa05473b5779eb657), U64(0xb4d097801d446939), - U64(0xcff0e2f3fbca3033), U64(0xc38cbee0dd778ee2), - U64(0x464f499c252eb162), U64(0xcad1dbb96f72cea6), - U64(0xba4dd1eec142e241), U64(0xb00fa37af42f0376) - }, { /* 2 */ - U64(0xcce4cd3aa968b245), U64(0x089d5484e80b7faf), - U64(0x638246c1b3548304), U64(0xd2fe0ec8c2355492), - U64(0xa7fbdf7ff2374eee), U64(0x4df1600c92337a16), - U64(0x84e503ea523b12fb), U64(0x0790bbfd53ab0c4a), - U64(0x198a780f38f6ea9d), U64(0x2ab30c8f55ec48cb), - U64(0xe0f7fed6b2c49db5), U64(0xb6ecf3f422cadbdc), - U64(0x409c9a541358df11), U64(0xd3ce8a56dfde3fe3), - U64(0xc3e9224312c8c1a0), U64(0x0d6dfa58816ba507), - U64(0xddf3e1b179952777), U64(0x04c02a42748bb1d9), - U64(0x94c2abff9f2decb8), U64(0x4f91752da8f8acf4), - U64(0x78682befb169bf7b), U64(0xe1c77a48af2ff6c4), - U64(0x0c5d7ec69c80ce76), U64(0x4cc1e4928fd81167), - U64(0xfeed3d24d9997b62), U64(0x518bb6dfc3a54a23), - U64(0x6dbf2d26151f9b90), U64(0xb5bc624b05ea664f), - U64(0xe86aaa525acfe21a), U64(0x4801ced0fb53a0be), - U64(0xc91463e6c00868ed), U64(0x1027a815cd16fe43), - U64(0xf67069a0319204cd), U64(0xb04ccc976c8abce7), - U64(0xc0b9b3fc35e87c33), U64(0xf380c77c58f2de65), - U64(0x50bb3241de4e2152), U64(0xdf93f490435ef195), - U64(0xf1e0d25d62390887), U64(0xaf668bfb1a3c3141), - U64(0xbc11b251f00a7291), U64(0x73a5eed47e427d47), - U64(0x25bee3f6ee4c3b2e), U64(0x43cc0beb34786282), - U64(0xc824e778dde3039c), U64(0xf97d86d98a327728), - U64(0xf2b043e24519b514), U64(0xe297ebf7880f4b57), - U64(0x3a94a49a98fab688), U64(0x868516cb68f0c419), - U64(0xeffa11af0964ee50), U64(0xa4ab4ec0d517f37d), - U64(0xa9c6b498547c567a), U64(0x8e18424f80fbbbb6), - U64(0x0bcdc53bcf2bc23c), U64(0x137739aaea3643d0), - U64(0x2c1333ec1bac2ff0), U64(0x8d48d3f0a7db0625), - U64(0x1e1ac3f26b5de6d7), U64(0xf520f81f16b2b95e), - U64(0x9f0f6ec450062e84), U64(0x0130849e1deb6b71), - U64(0xd45e31ab8c7533a9), U64(0x652279a2fd14e43f), - U64(0x3209f01e70f1c927), U64(0xbe71a770cac1a473), - U64(0x0e3d6be7a64b1894), U64(0x7ec8148cff29d840), - U64(0xcb7476c7fac3be0f), U64(0x72956a4a63a91636), - U64(0x37f95ec21991138f), U64(0x9e3fea5a4ded45f5), - U64(0x7b38ba50964902e8), U64(0x222e580bbde73764), - U64(0x61e253e0899f55e6), U64(0xfc8d2805e352ad80), - U64(0x35994be3235ac56d), U64(0x09add01af5e014de), - U64(0x5e8659a6780539c6), U64(0xb17c48097161d796), - U64(0x026015213acbd6e2), U64(0xd1ae9f77e515e901), - U64(0xb7dc776a3f21b0ad), U64(0xaba6a1b96eb78098), - U64(0x9bcf4486248d9f5d), U64(0x582666c536455efd), - U64(0xfdbdac9bfeb9c6f1), U64(0xc47999be4163cdea), - U64(0x765540081722a7ef), U64(0x3e548ed8ec710751), - U64(0x3d041f67cb51bac2), U64(0x7958af71ac82d40a), - U64(0x36c9da5c047a78fe), U64(0xed9a048e33af38b2), - U64(0x26ee7249c96c86bd), U64(0x900281bdeba65d61), - U64(0x11172c8bd0fd9532), U64(0xea0abf73600434f8), - U64(0x42fc8f75299309f3), U64(0x34a9cf7d3eb1ae1c), - U64(0x2b838811480723ba), U64(0x5ce64c8742ceef24), - U64(0x1adae9b01fd6570e), U64(0x3c349bf9d6bad1b3), - U64(0x82453c891c7b75c0), U64(0x97923a40b80d512b), - U64(0x4a61dbf1c198765c), U64(0xb48ce6d518010d3e), - U64(0xcfb45c858e480fd6), U64(0xd933cbf30d1e96ae), - U64(0xd70ea014ab558e3a), U64(0xc189376228031742), - U64(0x9262949cd16d8b83), U64(0xeb3a3bed7def5f89), - U64(0x49314a4ee6b8cbcf), U64(0xdcc3652f647e4c06), - U64(0xda635a4c2a3e2b3d), U64(0x470c21a940f3d35b), - U64(0x315961a157d174b4), U64(0x6672e81dda3459ac), - U64(0x5b76f77a1165e36e), U64(0x445cb01667d36ec8), - U64(0xc5491d205c88a69b), U64(0x456c34887a3805b9), - U64(0xffddb9bac4721013), U64(0x99af51a71e4649bf), - U64(0xa15be01cbc7729d5), U64(0x52db2760e485f7b0), - U64(0x8c78576eba306d54), U64(0xae560f6507d75a30), - U64(0x95f22f6182c687c9), U64(0x71c5fbf54489aba5), - U64(0xca44f259e728d57e), U64(0x88b87d2ccebbdc8d), - U64(0xbab18d32be4a15aa), U64(0x8be8ec93e99b611e), - U64(0x17b713e89ebdf209), U64(0xb31c5d284baa0174), - U64(0xeeca9531148f8521), U64(0xb8d198138481c348), - U64(0x8988f9b2d350b7fc), U64(0xb9e11c8d996aa839), - U64(0x5a4673e40c8e881f), U64(0x1687977683569978), - U64(0xbf4123eed72acf02), U64(0x4ea1f1b3b513c785), - U64(0xe767452be16f91ff), U64(0x7505d1b730021a7c), - U64(0xa59bca5ec8fc980c), U64(0xad069eda20f7e7a3), - U64(0x38f4b1bba231606a), U64(0x60d2d77e94743e97), - U64(0x9affc0183966f42c), U64(0x248e6768f3a7505f), - U64(0xcdd449a4b483d934), U64(0x87b59255751baf68), - U64(0x1bea6d2e023d3c7f), U64(0x6b1f12455b5ffcab), - U64(0x743555292de9710d), U64(0xd8034f6d10f5fddf), - U64(0xc6198c9f7ba81b08), U64(0xbb8109aca3a17edb), - U64(0xfa2d1766ad12cabb), U64(0xc729080166437079), - U64(0x9c5fff7b77269317), U64(0x0000000000000000), - U64(0x15d706c9a47624eb), U64(0x6fdf38072fd44d72), - U64(0x5fb6dd3865ee52b7), U64(0xa33bf53d86bcff37), - U64(0xe657c1b5fc84fa8e), U64(0xaa962527735cebe9), - U64(0x39c43525bfda0b1b), U64(0x204e4d2a872ce186), - U64(0x7a083ece8ba26999), U64(0x554b9c9db72efbfa), - U64(0xb22cd9b656416a05), U64(0x96a2bedea5e63a5a), - U64(0x802529a826b0a322), U64(0x8115ad363b5bc853), - U64(0x8375b81701901eb1), U64(0x3069e53f4a3a1fc5), - U64(0xbd2136cfede119e0), U64(0x18bafc91251d81ec), - U64(0x1d4a524d4c7d5b44), U64(0x05f0aedc6960daa8), - U64(0x29e39d3072ccf558), U64(0x70f57f6b5962c0d4), - U64(0x989fd53903ad22ce), U64(0xf84d024797d91c59), - U64(0x547b1803aac5908b), U64(0xf0d056c37fd263f6), - U64(0xd56eb535919e58d8), U64(0x1c7ad6d351963035), - U64(0x2e7326cd2167f912), U64(0xac361a443d1c8cd2), - U64(0x697f076461942a49), U64(0x4b515f6fdc731d2d), - U64(0x8ad8680df4700a6f), U64(0x41ac1eca0eb3b460), - U64(0x7d988533d80965d3), U64(0xa8f6300649973d0b), - U64(0x7765c4960ac9cc9e), U64(0x7ca801adc5e20ea2), - U64(0xdea3700e5eb59ae4), U64(0xa06b6482a19c42a4), - U64(0x6a2f96db46b497da), U64(0x27def6d7d487edcc), - U64(0x463ca5375d18b82a), U64(0xa6cb5be1efdc259f), - U64(0x53eba3fef96e9cc1), U64(0xce84d81b93a364a7), - U64(0xf4107c810b59d22f), U64(0x333974806d1aa256), - U64(0x0f0def79bba073e5), U64(0x231edc95a00c5c15), - U64(0xe437d494c64f2c6c), U64(0x91320523f64d3610), - U64(0x67426c83c7df32dd), U64(0x6eefbc99323f2603), - U64(0x9d6f7be56acdf866), U64(0x5916e25b2bae358c), - U64(0x7ff89012e2c2b331), U64(0x035091bf2720bd93), - U64(0x561b0d22900e4669), U64(0x28d319ae6f279e29), - U64(0x2f43a2533c8c9263), U64(0xd09e1be9f8fe8270), - U64(0xf740ed3e2c796fbc), U64(0xdb53ded237d5404c), - U64(0x62b2c25faebfe875), U64(0x0afd41a5d2c0a94d), - U64(0x6412fd3ce0ff8f4e), U64(0xe3a76f6995e42026), - U64(0x6c8fa9b808f4f0e1), U64(0xc2d9a6dd0f23aad1), - U64(0x8f28c6d19d10d0c7), U64(0x85d587744fd0798a), - U64(0xa20b71a39b579446), U64(0x684f83fa7c7f4138), - U64(0xe507500adba4471d), U64(0x3f640a46f19a6c20), - U64(0x1247bd34f7dd28a1), U64(0x2d23b77206474481), - U64(0x93521002cc86e0f2), U64(0x572b89bc8de52d18), - U64(0xfb1d93f8b0f9a1ca), U64(0xe95a2ecc4724896b), - U64(0x3ba420048511ddf9), U64(0xd63e248ab6bee54b), - U64(0x5dd6c8195f258455), U64(0x06a03f634e40673b), - U64(0x1f2a476c76b68da6), U64(0x217ec9b49ac78af7), - U64(0xecaa80102e4453c3), U64(0x14e78257b99d4f9a) - }, { /* 3 */ - U64(0x20329b2cc87bba05), U64(0x4f5eb6f86546a531), - U64(0xd4f44775f751b6b1), U64(0x8266a47b850dfa8b), - U64(0xbb986aa15a6ca985), U64(0xc979eb08f9ae0f99), - U64(0x2da6f447a2375ea1), U64(0x1e74275dcd7d8576), - U64(0xbc20180a800bc5f8), U64(0xb4a2f701b2dc65be), - U64(0xe726946f981b6d66), U64(0x48e6c453bf21c94c), - U64(0x42cad9930f0a4195), U64(0xefa47b64aacccd20), - U64(0x71180a8960409a42), U64(0x8bb3329bf6a44e0c), - U64(0xd34c35de2d36dacc), U64(0xa92f5b7cbc23dc96), - U64(0xb31a85aa68bb09c3), U64(0x13e04836a73161d2), - U64(0xb24dfc4129c51d02), U64(0x8ae44b70b7da5acd), - U64(0xe671ed84d96579a7), U64(0xa4bb3417d66f3832), - U64(0x4572ab38d56d2de8), U64(0xb1b47761ea47215c), - U64(0xe81c09cf70aba15d), U64(0xffbdb872ce7f90ac), - U64(0xa8782297fd5dc857), U64(0x0d946f6b6a4ce4a4), - U64(0xe4df1f4f5b995138), U64(0x9ebc71edca8c5762), - U64(0x0a2c1dc0b02b88d9), U64(0x3b503c115d9d7b91), - U64(0xc64376a8111ec3a2), U64(0xcec199a323c963e4), - U64(0xdc76a87ec58616f7), U64(0x09d596e073a9b487), - U64(0x14583a9d7d560daf), U64(0xf4c6dc593f2a0cb4), - U64(0xdd21d19584f80236), U64(0x4a4836983ddde1d3), - U64(0xe58866a41ae745f9), U64(0xf591a5b27e541875), - U64(0x891dc05074586693), U64(0x5b068c651810a89e), - U64(0xa30346bc0c08544f), U64(0x3dbf3751c684032d), - U64(0x2a1e86ec785032dc), U64(0xf73f5779fca830ea), - U64(0xb60c05ca30204d21), U64(0x0cc316802b32f065), - U64(0x8770241bdd96be69), U64(0xb861e18199ee95db), - U64(0xf805cad91418fcd1), U64(0x29e70dccbbd20e82), - U64(0xc7140f435060d763), U64(0x0f3a9da0e8b0cc3b), - U64(0xa2543f574d76408e), U64(0xbd7761e1c175d139), - U64(0x4b1f4f737ca3f512), U64(0x6dc2df1f2fc137ab), - U64(0xf1d05c3967b14856), U64(0xa742bf3715ed046c), - U64(0x654030141d1697ed), U64(0x07b872abda676c7d), - U64(0x3ce84eba87fa17ec), U64(0xc1fb0403cb79afdf), - U64(0x3e46bc7105063f73), U64(0x278ae987121cd678), - U64(0xa1adb4778ef47cd0), U64(0x26dd906c5362c2b9), - U64(0x05168060589b44e2), U64(0xfbfc41f9d79ac08f), - U64(0x0e6de44ba9ced8fa), U64(0x9feb08068bf243a3), - U64(0x7b341749d06b129b), U64(0x229c69e74a87929a), - U64(0xe09ee6c4427c011b), U64(0x5692e30e725c4c3a), - U64(0xda99a33e5e9f6e4b), U64(0x353dd85af453a36b), - U64(0x25241b4c90e0fee7), U64(0x5de987258309d022), - U64(0xe230140fc0802984), U64(0x93281e86a0c0b3c6), - U64(0xf229d719a4337408), U64(0x6f6c2dd4ad3d1f34), - U64(0x8ea5b2fbae3f0aee), U64(0x8331dd90c473ee4a), - U64(0x346aa1b1b52db7aa), U64(0xdf8f235e06042aa9), - U64(0xcc6f6b68a1354b7b), U64(0x6c95a6f46ebf236a), - U64(0x52d31a856bb91c19), U64(0x1a35ded6d498d555), - U64(0xf37eaef2e54d60c9), U64(0x72e181a9a3c2a61c), - U64(0x98537aad51952fde), U64(0x16f6c856ffaa2530), - U64(0xd960281e9d1d5215), U64(0x3a0745fa1ce36f50), - U64(0x0b7b642bf1559c18), U64(0x59a87eae9aec8001), - U64(0x5e100c05408bec7c), U64(0x0441f98b19e55023), - U64(0xd70dcc5534d38aef), U64(0x927f676de1bea707), - U64(0x9769e70db925e3e5), U64(0x7a636ea29115065a), - U64(0x468b201816ef11b6), U64(0xab81a9b73edff409), - U64(0xc0ac7de88a07bb1e), U64(0x1f235eb68c0391b7), - U64(0x6056b074458dd30f), U64(0xbe8eeac102f7ed67), - U64(0xcd381283e04b5fba), U64(0x5cbefecec277c4e3), - U64(0xd21b4c356c48ce0d), U64(0x1019c31664b35d8c), - U64(0x247362a7d19eea26), U64(0xebe582efb3299d03), - U64(0x02aef2cb82fc289f), U64(0x86275df09ce8aaa8), - U64(0x28b07427faac1a43), U64(0x38a9b7319e1f47cf), - U64(0xc82e92e3b8d01b58), U64(0x06ef0b409b1978bc), - U64(0x62f842bfc771fb90), U64(0x9904034610eb3b1f), - U64(0xded85ab5477a3e68), U64(0x90d195a663428f98), - U64(0x5384636e2ac708d8), U64(0xcbd719c37b522706), - U64(0xae9729d76644b0eb), U64(0x7c8c65e20a0c7ee6), - U64(0x80c856b007f1d214), U64(0x8c0b40302cc32271), - U64(0xdbcedad51fe17a8a), U64(0x740e8ae938dbdea0), - U64(0xa615c6dc549310ad), U64(0x19cc55f6171ae90b), - U64(0x49b1bdb8fe5fdd8d), U64(0xed0a89af2830e5bf), - U64(0x6a7aadb4f5a65bd6), U64(0x7e22972988f05679), - U64(0xf952b3325566e810), U64(0x39fecedadf61530e), - U64(0x6101c99f04f3c7ce), U64(0x2e5f7f6761b562ff), - U64(0xf08725d226cf5c97), U64(0x63af3b54860fef51), - U64(0x8ff2cb10ef411e2f), U64(0x884ab9bb35267252), - U64(0x4df04433e7ba8dae), U64(0x9afd8866d3690741), - U64(0x66b9bb34de94abb3), U64(0x9baaf18d92171380), - U64(0x543c11c5f0a064a5), U64(0x17a1b1bdbed431f1), - U64(0xb5f58eeaf3a2717f), U64(0xc355f6c849858740), - U64(0xec5df044694ef17e), U64(0xd83751f5dc6346d4), - U64(0xfc4433520dfdacf2), U64(0x0000000000000000), - U64(0x5a51f58e596ebc5f), U64(0x3285aaf12e34cf16), - U64(0x8d5c39db6dbd36b0), U64(0x12b731dde64f7513), - U64(0x94906c2d7aa7dfbb), U64(0x302b583aacc8e789), - U64(0x9d45facd090e6b3c), U64(0x2165e2c78905aec4), - U64(0x68d45f7f775a7349), U64(0x189b2c1d5664fdca), - U64(0xe1c99f2f030215da), U64(0x6983269436246788), - U64(0x8489af3b1e148237), U64(0xe94b702431d5b59c), - U64(0x33d2d31a6f4adbd7), U64(0xbfd9932a4389f9a6), - U64(0xb0e30e8aab39359d), U64(0xd1e2c715afcaf253), - U64(0x150f43763c28196e), U64(0xc4ed846393e2eb3d), - U64(0x03f98b20c3823c5e), U64(0xfd134ab94c83b833), - U64(0x556b682eb1de7064), U64(0x36c4537a37d19f35), - U64(0x7559f30279a5ca61), U64(0x799ae58252973a04), - U64(0x9c12832648707ffd), U64(0x78cd9c6913e92ec5), - U64(0x1d8dac7d0effb928), U64(0x439da0784e745554), - U64(0x413352b3cc887dcb), U64(0xbacf134a1b12bd44), - U64(0x114ebafd25cd494d), U64(0x2f08068c20cb763e), - U64(0x76a07822ba27f63f), U64(0xeab2fb04f25789c2), - U64(0xe3676de481fe3d45), U64(0x1b62a73d95e6c194), - U64(0x641749ff5c68832c), U64(0xa5ec4dfc97112cf3), - U64(0xf6682e92bdd6242b), U64(0x3f11c59a44782bb2), - U64(0x317c21d1edb6f348), U64(0xd65ab5be75ad9e2e), - U64(0x6b2dd45fb4d84f17), U64(0xfaab381296e4d44e), - U64(0xd0b5befeeeb4e692), U64(0x0882ef0b32d7a046), - U64(0x512a91a5a83b2047), U64(0x963e9ee6f85bf724), - U64(0x4e09cf132438b1f0), U64(0x77f701c9fb59e2fe), - U64(0x7ddb1c094b726a27), U64(0x5f4775ee01f5f8bd), - U64(0x9186ec4d223c9b59), U64(0xfeeac1998f01846d), - U64(0xac39db1ce4b89874), U64(0xb75b7c21715e59e0), - U64(0xafc0503c273aa42a), U64(0x6e3b543fec430bf5), - U64(0x704f7362213e8e83), U64(0x58ff0745db9294c0), - U64(0x67eec2df9feabf72), U64(0xa0facd9ccf8a6811), - U64(0xb936986ad890811a), U64(0x95c715c63bd9cb7a), - U64(0xca8060283a2c33c7), U64(0x507de84ee9453486), - U64(0x85ded6d05f6a96f6), U64(0x1cdad5964f81ade9), - U64(0xd5a33e9eb62fa270), U64(0x40642b588df6690a), - U64(0x7f75eec2c98e42b8), U64(0x2cf18dace3494a60), - U64(0x23cb100c0bf9865b), U64(0xeef3028febb2d9e1), - U64(0x4425d2d394133929), U64(0xaad6d05c7fa1e0c8), - U64(0xad6ea2f7a5c68cb5), U64(0xc2028f2308fb9381), - U64(0x819f2f5b468fc6d5), U64(0xc5bafd88d29cfffc), - U64(0x47dc59f357910577), U64(0x2b49ff07392e261d), - U64(0x57c59ae5332258fb), U64(0x73b6f842e2bcb2dd), - U64(0xcf96e04862b77725), U64(0x4ca73dd8a6c4996f), - U64(0x015779eb417e14c1), U64(0x37932a9176af8bf4) - }, { /* 4 */ - U64(0x190a2c9b249df23e), U64(0x2f62f8b62263e1e9), - U64(0x7a7f754740993655), U64(0x330b7ba4d5564d9f), - U64(0x4c17a16a46672582), U64(0xb22f08eb7d05f5b8), - U64(0x535f47f40bc148cc), U64(0x3aec5d27d4883037), - U64(0x10ed0a1825438f96), U64(0x516101f72c233d17), - U64(0x13cc6f949fd04eae), U64(0x739853c441474bfd), - U64(0x653793d90d3f5b1b), U64(0x5240647b96b0fc2f), - U64(0x0c84890ad27623e0), U64(0xd7189b32703aaea3), - U64(0x2685de3523bd9c41), U64(0x99317c5b11bffefa), - U64(0x0d9baa854f079703), U64(0x70b93648fbd48ac5), - U64(0xa80441fce30bc6be), U64(0x7287704bdc36ff1e), - U64(0xb65384ed33dc1f13), U64(0xd36417343ee34408), - U64(0x39cd38ab6e1bf10f), U64(0x5ab861770a1f3564), - U64(0x0ebacf09f594563b), U64(0xd04572b884708530), - U64(0x3cae9722bdb3af47), U64(0x4a556b6f2f5cbaf2), - U64(0xe1704f1f76c4bd74), U64(0x5ec4ed7144c6dfcf), - U64(0x16afc01d4c7810e6), U64(0x283f113cd629ca7a), - U64(0xaf59a8761741ed2d), U64(0xeed5a3991e215fac), - U64(0x3bf37ea849f984d4), U64(0xe413e096a56ce33c), - U64(0x2c439d3a98f020d1), U64(0x637559dc6404c46b), - U64(0x9e6c95d1e5f5d569), U64(0x24bb9836045fe99a), - U64(0x44efa466dac8ecc9), U64(0xc6eab2a5c80895d6), - U64(0x803b50c035220cc4), U64(0x0321658cba93c138), - U64(0x8f9ebc465dc7ee1c), U64(0xd15a5137190131d3), - U64(0x0fa5ec8668e5e2d8), U64(0x91c979578d1037b1), - U64(0x0642ca05693b9f70), U64(0xefca80168350eb4f), - U64(0x38d21b24f36a45ec), U64(0xbeab81e1af73d658), - U64(0x8cbfd9cae7542f24), U64(0xfd19cc0d81f11102), - U64(0x0ac6430fbb4dbc90), U64(0x1d76a09d6a441895), - U64(0x2a01573ff1cbbfa1), U64(0xb572e161894fde2b), - U64(0x8124734fa853b827), U64(0x614b1fdf43e6b1b0), - U64(0x68ac395c4238cc18), U64(0x21d837bfd7f7b7d2), - U64(0x20c714304a860331), U64(0x5cfaab726324aa14), - U64(0x74c5ba4eb50d606e), U64(0xf3a3030474654739), - U64(0x23e671bcf015c209), U64(0x45f087e947b9582a), - U64(0xd8bd77b418df4c7b), U64(0xe06f6c90ebb50997), - U64(0x0bd96080263c0873), U64(0x7e03f9410e40dcfe), - U64(0xb8e94be4c6484928), U64(0xfb5b0608e8ca8e72), - U64(0x1a2b49179e0e3306), U64(0x4e29e76961855059), - U64(0x4f36c4e6fcf4e4ba), U64(0x49740ee395cf7bca), - U64(0xc2963ea386d17f7d), U64(0x90d65ad810618352), - U64(0x12d34c1b02a1fa4d), U64(0xfa44258775bb3a91), - U64(0x18150f14b9ec46dd), U64(0x1491861e6b9a653d), - U64(0x9a1019d7ab2c3fc2), U64(0x3668d42d06fe13d7), - U64(0xdcc1fbb25606a6d0), U64(0x969490dd795a1c22), - U64(0x3549b1a1bc6dd2ef), U64(0xc94f5e23a0ed770e), - U64(0xb9f6686b5b39fdcb), U64(0xc4d4f4a6efeae00d), - U64(0xe732851a1fff2204), U64(0x94aad6de5eb869f9), - U64(0x3f8ff2ae07206e7f), U64(0xfe38a9813b62d03a), - U64(0xa7a1ad7a8bee2466), U64(0x7b6056c8dde882b6), - U64(0x302a1e286fc58ca7), U64(0x8da0fa457a259bc7), - U64(0xb3302b64e074415b), U64(0x5402ae7eff8b635f), - U64(0x08f8050c9cafc94b), U64(0xae468bf98a3059ce), - U64(0x88c355cca98dc58f), U64(0xb10e6d67c7963480), - U64(0xbad70de7e1aa3cf3), U64(0xbfb4a26e320262bb), - U64(0xcb711820870f02d5), U64(0xce12b7a954a75c9d), - U64(0x563ce87dd8691684), U64(0x9f73b65e7884618a), - U64(0x2b1e74b06cba0b42), U64(0x47cec1ea605b2df1), - U64(0x1c698312f735ac76), U64(0x5fdbcefed9b76b2c), - U64(0x831a354c8fb1cdfc), U64(0x820516c312c0791f), - U64(0xb74ca762aeadabf0), U64(0xfc06ef821c80a5e1), - U64(0x5723cbf24518a267), U64(0x9d4df05d5f661451), - U64(0x588627742dfd40bf), U64(0xda8331b73f3d39a0), - U64(0x17b0e392d109a405), U64(0xf965400bcf28fba9), - U64(0x7c3dbf4229a2a925), U64(0x023e460327e275db), - U64(0x6cd0b55a0ce126b3), U64(0xe62da695828e96e7), - U64(0x42ad6e63b3f373b9), U64(0xe50cc319381d57df), - U64(0xc5cbd729729b54ee), U64(0x46d1e265fd2a9912), - U64(0x6428b056904eeff8), U64(0x8be23040131e04b7), - U64(0x6709d5da2add2ec0), U64(0x075de98af44a2b93), - U64(0x8447dcc67bfbe66f), U64(0x6616f655b7ac9a23), - U64(0xd607b8bded4b1a40), U64(0x0563af89d3a85e48), - U64(0x3db1b4ad20c21ba4), U64(0x11f22997b8323b75), - U64(0x292032b34b587e99), U64(0x7f1cdace9331681d), - U64(0x8e819fc9c0b65aff), U64(0xa1e3677fe2d5bb16), - U64(0xcd33d225ee349da5), U64(0xd9a2543b85aef898), - U64(0x795e10cbfa0af76d), U64(0x25a4bbb9992e5d79), - U64(0x78413344677b438e), U64(0xf0826688cef68601), - U64(0xd27b34bba392f0eb), U64(0x551d8df162fad7bc), - U64(0x1e57c511d0d7d9ad), U64(0xdeffbdb171e4d30b), - U64(0xf4feea8e802f6caa), U64(0xa480c8f6317de55e), - U64(0xa0fc44f07fa40ff5), U64(0x95b5f551c3c9dd1a), - U64(0x22f952336d6476ea), U64(0x0000000000000000), - U64(0xa6be8ef5169f9085), U64(0xcc2cf1aa73452946), - U64(0x2e7ddb39bf12550a), U64(0xd526dd3157d8db78), - U64(0x486b2d6c08becf29), U64(0x9b0f3a58365d8b21), - U64(0xac78cdfaadd22c15), U64(0xbc95c7e28891a383), - U64(0x6a927f5f65dab9c3), U64(0xc3891d2c1ba0cb9e), - U64(0xeaa92f9f50f8b507), U64(0xcf0d9426c9d6e87e), - U64(0xca6e3baf1a7eb636), U64(0xab25247059980786), - U64(0x69b31ad3df4978fb), U64(0xe2512a93cc577c4c), - U64(0xff278a0ea61364d9), U64(0x71a615c766a53e26), - U64(0x89dc764334fc716c), U64(0xf87a638452594f4a), - U64(0xf2bc208be914f3da), U64(0x8766b94ac1682757), - U64(0xbbc82e687cdb8810), U64(0x626a7a53f9757088), - U64(0xa2c202f358467a2e), U64(0x4d0882e5db169161), - U64(0x09e7268301de7da8), U64(0xe897699c771ac0dc), - U64(0xc8507dac3d9cc3ed), U64(0xc0a878a0a1330aa6), - U64(0x978bb352e42ba8c1), U64(0xe9884a13ea6b743f), - U64(0x279afdbabecc28a2), U64(0x047c8c064ed9eaab), - U64(0x507e2278b15289f4), U64(0x599904fbb08cf45c), - U64(0xbd8ae46d15e01760), U64(0x31353da7f2b43844), - U64(0x8558ff49e68a528c), U64(0x76fbfc4d92ef15b5), - U64(0x3456922e211c660c), U64(0x86799ac55c1993b4), - U64(0x3e90d1219a51da9c), U64(0x2d5cbeb505819432), - U64(0x982e5fd48cce4a19), U64(0xdb9c1238a24c8d43), - U64(0xd439febecaa96f9b), U64(0x418c0bef0960b281), - U64(0x158ea591f6ebd1de), U64(0x1f48e69e4da66d4e), - U64(0x8afd13cf8e6fb054), U64(0xf5e1c9011d5ed849), - U64(0xe34e091c5126c8af), U64(0xad67ee7530a398f6), - U64(0x43b24dec2e82c75a), U64(0x75da99c1287cd48d), - U64(0x92e81cdb3783f689), U64(0xa3dd217cc537cecd), - U64(0x60543c50de970553), U64(0x93f73f54aaf2426a), - U64(0xa91b62737e7a725d), U64(0xf19d4507538732e2), - U64(0x77e4dfc20f9ea156), U64(0x7d229ccdb4d31dc6), - U64(0x1b346a98037f87e5), U64(0xedf4c615a4b29e94), - U64(0x4093286094110662), U64(0xb0114ee85ae78063), - U64(0x6ff1d0d6b672e78b), U64(0x6dcf96d591909250), - U64(0xdfe09e3eec9567e8), U64(0x3214582b4827f97c), - U64(0xb46dc2ee143e6ac8), U64(0xf6c0ac8da7cd1971), - U64(0xebb60c10cd8901e4), U64(0xf7df8f023abcad92), - U64(0x9c52d3d2c217a0b2), U64(0x6b8d5cd0f8ab0d20), - U64(0x3777f7a29b8fa734), U64(0x011f238f9d71b4e3), - U64(0xc1b75b2f3c42be45), U64(0x5de588fdfe551ef7), - U64(0x6eeef3592b035368), U64(0xaa3a07ffc4e9b365), - U64(0xecebe59a39c32a77), U64(0x5ba742f8976e8187), - U64(0x4b4a48e0b22d0e11), U64(0xddded83dcb771233), - U64(0xa59feb79ac0c51bd), U64(0xc7f5912a55792135) - }, { /* 5 */ - U64(0x6d6ae04668a9b08a), U64(0x3ab3f04b0be8c743), - U64(0xe51e166b54b3c908), U64(0xbe90a9eb35c2f139), - U64(0xb2c7066637f2bec1), U64(0xaa6945613392202c), - U64(0x9a28c36f3b5201eb), U64(0xddce5a93ab536994), - U64(0x0e34133ef6382827), U64(0x52a02ba1ec55048b), - U64(0xa2f88f97c4b2a177), U64(0x8640e513ca2251a5), - U64(0xcdf1d36258137622), U64(0xfe6cb708dedf8ddb), - U64(0x8a174a9ec8121e5d), U64(0x679896036b81560e), - U64(0x59ed033395795fee), U64(0x1dd778ab8b74edaf), - U64(0xee533ef92d9f926d), U64(0x2a8c79baf8a8d8f5), - U64(0x6bcf398e69b119f6), U64(0xe20491742fafdd95), - U64(0x276488e0809c2aec), U64(0xea955b82d88f5cce), - U64(0x7102c63a99d9e0c4), U64(0xf9763017a5c39946), - U64(0x429fa2501f151b3d), U64(0x4659c72bea05d59e), - U64(0x984b7fdccf5a6634), U64(0xf742232953fbb161), - U64(0x3041860e08c021c7), U64(0x747bfd9616cd9386), - U64(0x4bb1367192312787), U64(0x1b72a1638a6c44d3), - U64(0x4a0e68a6e8359a66), U64(0x169a5039f258b6ca), - U64(0xb98a2ef44edee5a4), U64(0xd9083fe85e43a737), - U64(0x967f6ce239624e13), U64(0x8874f62d3c1a7982), - U64(0x3c1629830af06e3f), U64(0x9165ebfd427e5a8e), - U64(0xb5dd81794ceeaa5c), U64(0x0de8f15a7834f219), - U64(0x70bd98ede3dd5d25), U64(0xaccc9ca9328a8950), - U64(0x56664eda1945ca28), U64(0x221db34c0f8859ae), - U64(0x26dbd637fa98970d), U64(0x1acdffb4f068f932), - U64(0x4585254f64090fa0), U64(0x72de245e17d53afa), - U64(0x1546b25d7c546cf4), U64(0x207e0ffffb803e71), - U64(0xfaaad2732bcf4378), U64(0xb462dfae36ea17bd), - U64(0xcf926fd1ac1b11fd), U64(0xe0672dc7dba7ba4a), - U64(0xd3fa49ad5d6b41b3), U64(0x8ba81449b216a3bc), - U64(0x14f9ec8a0650d115), U64(0x40fc1ee3eb1d7ce2), - U64(0x23a2ed9b758ce44f), U64(0x782c521b14fddc7e), - U64(0x1c68267cf170504e), U64(0xbcf31558c1ca96e6), - U64(0xa781b43b4ba6d235), U64(0xf6fd7dfe29ff0c80), - U64(0xb0a4bad5c3fad91e), U64(0xd199f51ea963266c), - U64(0x414340349119c103), U64(0x5405f269ed4dadf7), - U64(0xabd61bb649969dcd), U64(0x6813dbeae7bdc3c8), - U64(0x65fb2ab09f8931d1), U64(0xf1e7fae152e3181d), - U64(0xc1a67cef5a2339da), U64(0x7a4feea8e0f5bba1), - U64(0x1e0b9acf05783791), U64(0x5b8ebf8061713831), - U64(0x80e53cdbcb3af8d9), U64(0x7e898bd315e57502), - U64(0xc6bcfbf0213f2d47), U64(0x95a38e86b76e942d), - U64(0x092e94218d243cba), U64(0x8339debf453622e7), - U64(0xb11be402b9fe64ff), U64(0x57d9100d634177c9), - U64(0xcc4e8db52217cbc3), U64(0x3b0cae9c71ec7aa2), - U64(0xfb158ca451cbfe99), U64(0x2b33276d82ac6514), - U64(0x01bf5ed77a04bde1), U64(0xc5601994af33f779), - U64(0x75c4a3416cc92e67), U64(0xf3844652a6eb7fc2), - U64(0x3487e375fdd0ef64), U64(0x18ae430704609eed), - U64(0x4d14efb993298efb), U64(0x815a620cb13e4538), - U64(0x125c354207487869), U64(0x9eeea614ce42cf48), - U64(0xce2d3106d61fac1c), U64(0xbbe99247bad6827b), - U64(0x071a871f7b1c149d), U64(0x2e4a1cc10db81656), - U64(0x77a71ff298c149b8), U64(0x06a5d9c80118a97c), - U64(0xad73c27e488e34b1), U64(0x443a7b981e0db241), - U64(0xe3bbcfa355ab6074), U64(0x0af276450328e684), - U64(0x73617a896dd1871b), U64(0x58525de4ef7de20f), - U64(0xb7be3dcab8e6cd83), U64(0x19111dd07e64230c), - U64(0x842359a03e2a367a), U64(0x103f89f1f3401fb6), - U64(0xdc710444d157d475), U64(0xb835702334da5845), - U64(0x4320fc876511a6dc), U64(0xd026abc9d3679b8d), - U64(0x17250eee885c0b2b), U64(0x90dab52a387ae76f), - U64(0x31fed8d972c49c26), U64(0x89cba8fa461ec463), - U64(0x2ff5421677bcabb7), U64(0x396f122f85e41d7d), - U64(0xa09b332430bac6a8), U64(0xc888e8ced7070560), - U64(0xaeaf201ac682ee8f), U64(0x1180d7268944a257), - U64(0xf058a43628e7a5fc), U64(0xbd4c4b8fbbce2b07), - U64(0xa1246df34abe7b49), U64(0x7d5569b79be9af3c), - U64(0xa9b5a705bd9efa12), U64(0xdb6b835baa4bc0e8), - U64(0x05793bac8f147342), U64(0x21c1512881848390), - U64(0xfdb0556c50d357e5), U64(0x613d4fcb6a99ff72), - U64(0x03dce2648e0cda3e), U64(0xe949b9e6568386f0), - U64(0xfc0f0bbb2ad7ea04), U64(0x6a70675913b5a417), - U64(0x7f36d5046fe1c8e3), U64(0x0c57af8d02304ff8), - U64(0x32223abdfcc84618), U64(0x0891caf6f720815b), - U64(0xa63eeaec31a26fd4), U64(0x2507345374944d33), - U64(0x49d28ac266394058), U64(0xf5219f9aa7f3d6be), - U64(0x2d96fea583b4cc68), U64(0x5a31e1571b7585d0), - U64(0x8ed12fe53d02d0fe), U64(0xdfade6205f5b0e4b), - U64(0x4cabb16ee92d331a), U64(0x04c6657bf510cea3), - U64(0xd73c2cd6a87b8f10), U64(0xe1d87310a1a307ab), - U64(0x6cd5be9112ad0d6b), U64(0x97c032354366f3f2), - U64(0xd4e0ceb22677552e), U64(0x0000000000000000), - U64(0x29509bde76a402cb), U64(0xc27a9e8bd42fe3e4), - U64(0x5ef7842cee654b73), U64(0xaf107ecdbc86536e), - U64(0x3fcacbe784fcb401), U64(0xd55f90655c73e8cf), - U64(0xe6c2f40fdabf1336), U64(0xe8f6e7312c873b11), - U64(0xeb2a0555a28be12f), U64(0xe4a148bc2eb774e9), - U64(0x9b979db84156bc0a), U64(0x6eb60222e6a56ab4), - U64(0x87ffbbc4b026ec44), U64(0xc703a5275b3b90a6), - U64(0x47e699fc9001687f), U64(0x9c8d1aa73a4aa897), - U64(0x7cea3760e1ed12dd), U64(0x4ec80ddd1d2554c5), - U64(0x13e36b957d4cc588), U64(0x5d2b66486069914d), - U64(0x92b90999cc7280b0), U64(0x517cc9c56259deb5), - U64(0xc937b619ad03b881), U64(0xec30824ad997f5b2), - U64(0xa45d565fc5aa080b), U64(0xd6837201d27f32f1), - U64(0x635ef3789e9198ad), U64(0x531f75769651b96a), - U64(0x4f77530a6721e924), U64(0x486dd4151c3dfdb9), - U64(0x5f48dafb9461f692), U64(0x375b011173dc355a), - U64(0x3da9775470f4d3de), U64(0x8d0dcd81b30e0ac0), - U64(0x36e45fc609d888bb), U64(0x55baacbe97491016), - U64(0x8cb29356c90ab721), U64(0x76184125e2c5f459), - U64(0x99f4210bb55edbd5), U64(0x6f095cf59ca1d755), - U64(0x9f51f8c3b44672a9), U64(0x3538bda287d45285), - U64(0x50c39712185d6354), U64(0xf23b1885dcefc223), - U64(0x79930ccc6ef9619f), U64(0xed8fdc9da3934853), - U64(0xcb540aaa590bdf5e), U64(0x5c94389f1a6d2cac), - U64(0xe77daad8a0bbaed7), U64(0x28efc5090ca0bf2a), - U64(0xbf2ff73c4fc64cd8), U64(0xb37858b14df60320), - U64(0xf8c96ec0dfc724a7), U64(0x828680683f329f06), - U64(0x941cd051cd6a29cc), U64(0xc3c5c05cae2b5e05), - U64(0xb601631dc2e27062), U64(0xc01922382027843b), - U64(0x24b86a840e90f0d2), U64(0xd245177a276ffc52), - U64(0x0f8b4de98c3c95c6), U64(0x3e759530fef809e0), - U64(0x0b4d2892792c5b65), U64(0xc4df4743d5374a98), - U64(0xa5e20888bfaeb5ea), U64(0xba56cc90c0d23f9a), - U64(0x38d04cf8ffe0a09c), U64(0x62e1adafe495254c), - U64(0x0263bcb3f40867df), U64(0xcaeb547d230f62bf), - U64(0x6082111c109d4293), U64(0xdad4dd8cd04f7d09), - U64(0xefec602e579b2f8c), U64(0x1fb4c4187f7c8a70), - U64(0xffd3e9dfa4db303a), U64(0x7bf0b07f9af10640), - U64(0xf49ec14dddf76b5f), U64(0x8f6e713247066d1f), - U64(0x339d646a86ccfbf9), U64(0x64447467e58d8c30), - U64(0x2c29a072f9b07189), U64(0xd8b7613f24471ad6), - U64(0x6627c8d41185ebef), U64(0xa347d140beb61c96), - U64(0xde12b8f7255fb3aa), U64(0x9d324470404e1576), - U64(0x9306574eb6763d51), U64(0xa80af9d2c79a47f3), - U64(0x859c0777442e8b9b), U64(0x69ac853d9db97e29) - }, { /* 6 */ - U64(0xc3407dfc2de6377e), U64(0x5b9e93eea4256f77), - U64(0xadb58fdd50c845e0), U64(0x5219ff11a75bed86), - U64(0x356b61cfd90b1de9), U64(0xfb8f406e25abe037), - U64(0x7a5a0231c0f60796), U64(0x9d3cd216e1f5020b), - U64(0x0c6550fb6b48d8f3), U64(0xf57508c427ff1c62), - U64(0x4ad35ffa71cb407d), U64(0x6290a2da1666aa6d), - U64(0xe284ec2349355f9f), U64(0xb3c307c53d7c84ec), - U64(0x05e23c0468365a02), U64(0x190bac4d6c9ebfa8), - U64(0x94bbbee9e28b80fa), U64(0xa34fc777529cb9b5), - U64(0xcc7b39f095bcd978), U64(0x2426addb0ce532e3), - U64(0x7e79329312ce4fc7), U64(0xab09a72eebec2917), - U64(0xf8d15499f6b9d6c2), U64(0x1a55b8babf8c895d), - U64(0xdb8add17fb769a85), U64(0xb57f2f368658e81b), - U64(0x8acd36f18f3f41f6), U64(0x5ce3b7bba50f11d3), - U64(0x114dcc14d5ee2f0a), U64(0xb91a7fcded1030e8), - U64(0x81d5425fe55de7a1), U64(0xb6213bc1554adeee), - U64(0x80144ef95f53f5f2), U64(0x1e7688186db4c10c), - U64(0x3b912965db5fe1bc), U64(0xc281715a97e8252d), - U64(0x54a5d7e21c7f8171), U64(0x4b12535ccbc5522e), - U64(0x1d289cefbea6f7f9), U64(0x6ef5f2217d2e729e), - U64(0xe6a7dc819b0d17ce), U64(0x1b94b41c05829b0e), - U64(0x33d7493c622f711e), U64(0xdcf7f942fa5ce421), - U64(0x600fba8b7f7a8ecb), U64(0x46b60f011a83988e), - U64(0x235b898e0dcf4c47), U64(0x957ab24f588592a9), - U64(0x4354330572b5c28c), U64(0xa5f3ef84e9b8d542), - U64(0x8c711e02341b2d01), U64(0x0b1874ae6a62a657), - U64(0x1213d8e306fc19ff), U64(0xfe6d7c6a4d9dba35), - U64(0x65ed868f174cd4c9), U64(0x88522ea0e6236550), - U64(0x899322065c2d7703), U64(0xc01e690bfef4018b), - U64(0x915982ed8abddaf8), U64(0xbe675b98ec3a4e4c), - U64(0xa996bf7f82f00db1), U64(0xe1daf8d49a27696a), - U64(0x2effd5d3dc8986e7), U64(0xd153a51f2b1a2e81), - U64(0x18caa0ebd690adfb), U64(0x390e3134b243c51a), - U64(0x2778b92cdff70416), U64(0x029f1851691c24a6), - U64(0x5e7cafeacc133575), U64(0xfa4e4cc89fa5f264), - U64(0x5a5f9f481e2b7d24), U64(0x484c47ab18d764db), - U64(0x400a27f2a1a7f479), U64(0xaeeb9b2a83da7315), - U64(0x721c626879869734), U64(0x042330a2d2384851), - U64(0x85f672fd3765aff0), U64(0xba446b3a3e02061d), - U64(0x73dd6ecec3888567), U64(0xffac70ccf793a866), - U64(0xdfa9edb5294ed2d4), U64(0x6c6aea7014325638), - U64(0x834a5a0e8c41c307), U64(0xcdba35562fb2cb2b), - U64(0x0ad97808d06cb404), U64(0x0f3b440cb85aee06), - U64(0xe5f9c876481f213b), U64(0x98deee1289c35809), - U64(0x59018bbfcd394bd1), U64(0xe01bf47220297b39), - U64(0xde68e1139340c087), U64(0x9fa3ca4788e926ad), - U64(0xbb85679c840c144e), U64(0x53d8f3b71d55ffd5), - U64(0x0da45c5dd146caa0), U64(0x6f34fe87c72060cd), - U64(0x57fbc315cf6db784), U64(0xcee421a1fca0fdde), - U64(0x3d2d0196607b8d4b), U64(0x642c8a29ad42c69a), - U64(0x14aff010bdd87508), U64(0xac74837beac657b3), - U64(0x3216459ad821634d), U64(0x3fb219c70967a9ed), - U64(0x06bc28f3bb246cf7), U64(0xf2082c9126d562c6), - U64(0x66b39278c45ee23c), U64(0xbd394f6f3f2878b9), - U64(0xfd33689d9e8f8cc0), U64(0x37f4799eb017394f), - U64(0x108cc0b26fe03d59), U64(0xda4bd1b1417888d6), - U64(0xb09d1332ee6eb219), U64(0x2f3ed975668794b4), - U64(0x58c0871977375982), U64(0x7561463d78ace990), - U64(0x09876cff037e82f1), U64(0x7fb83e35a8c05d94), - U64(0x26b9b58a65f91645), U64(0xef20b07e9873953f), - U64(0x3148516d0b3355b8), U64(0x41cb2b541ba9e62a), - U64(0x790416c613e43163), U64(0xa011d380818e8f40), - U64(0x3a5025c36151f3ef), U64(0xd57095bdf92266d0), - U64(0x498d4b0da2d97688), U64(0x8b0c3a57353153a5), - U64(0x21c491df64d368e1), U64(0x8f2f0af5e7091bf4), - U64(0x2da1c1240f9bb012), U64(0xc43d59a92ccc49da), - U64(0xbfa6573e56345c1f), U64(0x828b56a8364fd154), - U64(0x9a41f643e0df7caf), U64(0xbcf843c985266aea), - U64(0x2b1de9d7b4bfdce5), U64(0x20059d79dedd7ab2), - U64(0x6dabe6d6ae3c446b), U64(0x45e81bf6c991ae7b), - U64(0x6351ae7cac68b83e), U64(0xa432e32253b6c711), - U64(0xd092a9b991143cd2), U64(0xcac711032e98b58f), - U64(0xd8d4c9e02864ac70), U64(0xc5fc550f96c25b89), - U64(0xd7ef8dec903e4276), U64(0x67729ede7e50f06f), - U64(0xeac28c7af045cf3d), U64(0xb15c1f945460a04a), - U64(0x9cfddeb05bfb1058), U64(0x93c69abce3a1fe5e), - U64(0xeb0380dc4a4bdd6e), U64(0xd20db1e8f8081874), - U64(0x229a8528b7c15e14), U64(0x44291750739fbc28), - U64(0xd3ccbd4e42060a27), U64(0xf62b1c33f4ed2a97), - U64(0x86a8660ae4779905), U64(0xd62e814a2a305025), - U64(0x477703a7a08d8add), U64(0x7b9b0e977af815c5), - U64(0x78c51a60a9ea2330), U64(0xa6adfb733aaae3b7), - U64(0x97e5aa1e3199b60f), U64(0x0000000000000000), - U64(0xf4b404629df10e31), U64(0x5564db44a6719322), - U64(0x9207961a59afec0d), U64(0x9624a6b88b97a45c), - U64(0x363575380a192b1c), U64(0x2c60cd82b595a241), - U64(0x7d272664c1dc7932), U64(0x7142769faa94a1c1), - U64(0xa1d0df263b809d13), U64(0x1630e841d4c451ae), - U64(0xc1df65ad44fa13d8), U64(0x13d2d445bcf20bac), - U64(0xd915c546926abe23), U64(0x38cf3d92084dd749), - U64(0xe766d0272103059d), U64(0xc7634d5effde7f2f), - U64(0x077d2455012a7ea4), U64(0xedbfa82ff16fb199), - U64(0xaf2a978c39d46146), U64(0x42953fa3c8bbd0df), - U64(0xcb061da59496a7dc), U64(0x25e7a17db6eb20b0), - U64(0x34aa6d6963050fba), U64(0xa76cf7d580a4f1e4), - U64(0xf7ea10954ee338c4), U64(0xfcf2643b24819e93), - U64(0xcf252d0746aeef8d), U64(0x4ef06f58a3f3082c), - U64(0x563acfb37563a5d7), U64(0x5086e740ce47c920), - U64(0x2982f186dda3f843), U64(0x87696aac5e798b56), - U64(0x5d22bb1d1f010380), U64(0x035e14f7d31236f5), - U64(0x3cec0d30da759f18), U64(0xf3c920379cdb7095), - U64(0xb8db736b571e22bb), U64(0xdd36f5e44052f672), - U64(0xaac8ab8851e23b44), U64(0xa857b3d938fe1fe2), - U64(0x17f1e4e76eca43fd), U64(0xec7ea4894b61a3ca), - U64(0x9e62c6e132e734fe), U64(0xd4b1991b432c7483), - U64(0x6ad6c283af163acf), U64(0x1ce9904904a8e5aa), - U64(0x5fbda34c761d2726), U64(0xf910583f4cb7c491), - U64(0xc6a241f845d06d7c), U64(0x4f3163fe19fd1a7f), - U64(0xe99c988d2357f9c8), U64(0x8eee06535d0709a7), - U64(0x0efa48aa0254fc55), U64(0xb4be23903c56fa48), - U64(0x763f52caabbedf65), U64(0xeee1bcd8227d876c), - U64(0xe345e085f33b4dcc), U64(0x3e731561b369bbbe), - U64(0x2843fd2067adea10), U64(0x2adce5710eb1ceb6), - U64(0xb7e03767ef44ccbd), U64(0x8db012a48e153f52), - U64(0x61ceb62dc5749c98), U64(0xe85d942b9959eb9b), - U64(0x4c6f7709caef2c8a), U64(0x84377e5b8d6bbda3), - U64(0x30895dcbb13d47eb), U64(0x74a04a9bc2a2fbc3), - U64(0x6b17ce251518289c), U64(0xe438c4d0f2113368), - U64(0x1fb784bed7bad35f), U64(0x9b80fae55ad16efc), - U64(0x77fe5e6c11b0cd36), U64(0xc858095247849129), - U64(0x08466059b97090a2), U64(0x01c10ca6ba0e1253), - U64(0x6988d6747c040c3a), U64(0x6849dad2c60a1e69), - U64(0x5147ebe67449db73), U64(0xc99905f4fd8a837a), - U64(0x991fe2b433cd4a5a), U64(0xf09734c04fc94660), - U64(0xa28ecbd1e892abe6), U64(0xf1563866f5c75433), - U64(0x4dae7baf70e13ed9), U64(0x7ce62ac27bd26b61), - U64(0x70837a39109ab392), U64(0x90988e4b30b3c8ab), - U64(0xb2020b63877296bf), U64(0x156efcb607d6675b) - }, { /* 7 */ - U64(0xe63f55ce97c331d0), U64(0x25b506b0015bba16), - U64(0xc8706e29e6ad9ba8), U64(0x5b43d3775d521f6a), - U64(0x0bfa3d577035106e), U64(0xab95fc172afb0e66), - U64(0xf64b63979e7a3276), U64(0xf58b4562649dad4b), - U64(0x48f7c3dbae0c83f1), U64(0xff31916642f5c8c5), - U64(0xcbb048dc1c4a0495), U64(0x66b8f83cdf622989), - U64(0x35c130e908e2b9b0), U64(0x7c761a61f0b34fa1), - U64(0x3601161cf205268d), U64(0x9e54ccfe2219b7d6), - U64(0x8b7d90a538940837), U64(0x9cd403588ea35d0b), - U64(0xbc3c6fea9ccc5b5a), U64(0xe5ff733b6d24aeed), - U64(0xceed22de0f7eb8d2), U64(0xec8581cab1ab545e), - U64(0xb96105e88ff8e71d), U64(0x8ca03501871a5ead), - U64(0x76ccce65d6db2a2f), U64(0x5883f582a7b58057), - U64(0x3f7be4ed2e8adc3e), U64(0x0fe7be06355cd9c9), - U64(0xee054e6c1d11be83), U64(0x1074365909b903a6), - U64(0x5dde9f80b4813c10), U64(0x4a770c7d02b6692c), - U64(0x5379c8d5d7809039), U64(0xb4067448161ed409), - U64(0x5f5e5026183bd6cd), U64(0xe898029bf4c29df9), - U64(0x7fb63c940a54d09c), U64(0xc5171f897f4ba8bc), - U64(0xa6f28db7b31d3d72), U64(0x2e4f3be7716eaa78), - U64(0x0d6771a099e63314), U64(0x82076254e41bf284), - U64(0x2f0fd2b42733df98), U64(0x5c9e76d3e2dc49f0), - U64(0x7aeb569619606cdb), U64(0x83478b07b2468764), - U64(0xcfadcb8d5923cd32), U64(0x85dac7f05b95a41e), - U64(0xb5469d1b4043a1e9), U64(0xb821ecbbd9a592fd), - U64(0x1b8e0b0e798c13c8), U64(0x62a57b6d9a0be02e), - U64(0xfcf1b793b81257f8), U64(0x9d94ea0bd8fe28eb), - U64(0x4cea408aeb654a56), U64(0x23284a47e888996c), - U64(0x2d8f1d128b893545), U64(0xf4cbac3132c0d8ab), - U64(0xbd7c86b9ca912eba), U64(0x3a268eef3dbe6079), - U64(0xf0d62f6077a9110c), U64(0x2735c916ade150cb), - U64(0x89fd5f03942ee2ea), U64(0x1acee25d2fd16628), - U64(0x90f39bab41181bff), U64(0x430dfe8cde39939f), - U64(0xf70b8ac4c8274796), U64(0x1c53aeaac6024552), - U64(0x13b410acf35e9c9b), U64(0xa532ab4249faa24f), - U64(0x2b1251e5625a163f), U64(0xd7e3e676da4841c7), - U64(0xa7b264e4e5404892), U64(0xda8497d643ae72d3), - U64(0x861ae105a1723b23), U64(0x38a6414991048aa4), - U64(0x6578dec92585b6b4), U64(0x0280cfa6acbaeadd), - U64(0x88bdb650c273970a), U64(0x9333bd5ebbff84c2), - U64(0x4e6a8f2c47dfa08b), U64(0x321c954db76cef2a), - U64(0x418d312a72837942), U64(0xb29b38bfffcdf773), - U64(0x6c022c38f90a4c07), U64(0x5a033a240b0f6a8a), - U64(0x1f93885f3ce5da6f), U64(0xc38a537e96988bc6), - U64(0x39e6a81ac759ff44), U64(0x29929e43cee0fce2), - U64(0x40cdd87924de0ca2), U64(0xe9d8ebc8a29fe819), - U64(0x0c2798f3cfbb46f4), U64(0x55e484223e53b343), - U64(0x4650948ecd0d2fd8), U64(0x20e86cb2126f0651), - U64(0x6d42c56baf5739e7), U64(0xa06fc1405ace1e08), - U64(0x7babbfc54f3d193b), U64(0x424d17df8864e67f), - U64(0xd8045870ef14980e), U64(0xc6d7397c85ac3781), - U64(0x21a885e1443273b1), U64(0x67f8116f893f5c69), - U64(0x24f5efe35706cff6), U64(0xd56329d076f2ab1a), - U64(0x5e1eb9754e66a32d), U64(0x28d2771098bd8902), - U64(0x8f6013f47dfdc190), U64(0x17a993fdb637553c), - U64(0xe0a219397e1012aa), U64(0x786b9930b5da8606), - U64(0x6e82e39e55b0a6da), U64(0x875a0856f72f4ec3), - U64(0x3741ff4fa458536d), U64(0xac4859b3957558fc), - U64(0x7ef6d5c75c09a57c), U64(0xc04a758b6c7f14fb), - U64(0xf9acdd91ab26ebbf), U64(0x7391a467c5ef9668), - U64(0x335c7c1ee1319aca), U64(0xa91533b18641e4bb), - U64(0xe4bf9a683b79db0d), U64(0x8e20faa72ba0b470), - U64(0x51f907737b3a7ae4), U64(0x2268a314bed5ec8c), - U64(0xd944b123b949edee), U64(0x31dcb3b84d8b7017), - U64(0xd3fe65279f218860), U64(0x097af2f1dc8ffab3), - U64(0x9b09a6fc312d0b91), U64(0xcc6ded78a3c4520f), - U64(0x3481d9ba5ebfcc50), U64(0x4f2a667f1182d56b), - U64(0xdfd9fdd4509ace94), U64(0x26752045fbbc252b), - U64(0xbffc491f662bc467), U64(0xdd593272fc202449), - U64(0x3cbbc218d46d4303), U64(0x91b372f817456e1f), - U64(0x681faf69bc6385a0), U64(0xb686bbeebaa43ed4), - U64(0x1469b5084cd0ca01), U64(0x98c98009cbca94ac), - U64(0x6438379a73d8c354), U64(0xc2caba2dc0c5fe26), - U64(0x3e3b0dbe78d7a9de), U64(0x50b9ee202d670f04), - U64(0x4590b27b37eab0e5), U64(0x6025b4cb36b10af3), - U64(0xfb2c1237079c0162), U64(0xa12f28130c936be8), - U64(0x4b37e52e54eb1ccc), U64(0x083a1ba28ad28f53), - U64(0xc10a9cd83a22611b), U64(0x9f1425ad7444c236), - U64(0x069d4cf7e9d3237a), U64(0xedc56899e7f621be), - U64(0x778c273680865fcf), U64(0x309c5aeb1bd605f7), - U64(0x8de0dc52d1472b4d), U64(0xf8ec34c2fd7b9e5f), - U64(0xea18cd3d58787724), U64(0xaad515447ca67b86), - U64(0x9989695a9d97e14c), U64(0x0000000000000000), - U64(0xf196c63321f464ec), U64(0x71116bc169557cb5), - U64(0xaf887f466f92c7c1), U64(0x972e3e0ffe964d65), - U64(0x190ec4a8d536f915), U64(0x95aef1a9522ca7b8), - U64(0xdc19db21aa7d51a9), U64(0x94ee18fa0471d258), - U64(0x8087adf248a11859), U64(0xc457f6da2916dd5c), - U64(0xfa6cfb6451c17482), U64(0xf256e0c6db13fbd1), - U64(0x6a9f60cf10d96f7d), U64(0x4daaa9d9bd383fb6), - U64(0x03c026f5fae79f3d), U64(0xde99148706c7bb74), - U64(0x2a52b8b6340763df), U64(0x6fc20acd03edd33a), - U64(0xd423c08320afdefa), U64(0xbbe1ca4e23420dc0), - U64(0x966ed75ca8cb3885), U64(0xeb58246e0e2502c4), - U64(0x055d6a021334bc47), U64(0xa47242111fa7d7af), - U64(0xe3623fcc84f78d97), U64(0x81c744a11efc6db9), - U64(0xaec8961539cfb221), U64(0xf31609958d4e8e31), - U64(0x63e5923ecc5695ce), U64(0x47107ddd9b505a38), - U64(0xa3afe7b5a0298135), U64(0x792b7063e387f3e6), - U64(0x0140e953565d75e0), U64(0x12f4f9ffa503e97b), - U64(0x750ce8902c3cb512), U64(0xdbc47e8515f30733), - U64(0x1ed3610c6ab8af8f), U64(0x5239218681dde5d9), - U64(0xe222d69fd2aaf877), U64(0xfe71783514a8bd25), - U64(0xcaf0a18f4a177175), U64(0x61655d9860ec7f13), - U64(0xe77fbc9dc19e4430), U64(0x2ccff441ddd440a5), - U64(0x16e97aaee06a20dc), U64(0xa855dae2d01c915b), - U64(0x1d1347f9905f30b2), U64(0xb7c652bdecf94b34), - U64(0xd03e43d265c6175d), U64(0xfdb15ec0ee4f2218), - U64(0x57644b8492e9599e), U64(0x07dda5a4bf8e569a), - U64(0x54a46d71680ec6a3), U64(0x5624a2d7c4b42c7e), - U64(0xbebca04c3076b187), U64(0x7d36f332a6ee3a41), - U64(0x3b6667bc6be31599), U64(0x695f463aea3ef040), - U64(0xad08b0e0c3282d1c), U64(0xb15b1e4a052a684e), - U64(0x44d05b2861b7c505), U64(0x15295c5b1a8dbfe1), - U64(0x744c01c37a61c0f2), U64(0x59c31cd1f1e8f5b7), - U64(0xef45a73f4b4ccb63), U64(0x6bdf899c46841a9d), - U64(0x3dfb2b4b823036e3), U64(0xa2ef0ee6f674f4d5), - U64(0x184e2dfb836b8cf5), U64(0x1134df0a5fe47646), - U64(0xbaa1231d751f7820), U64(0xd17eaa81339b62bd), - U64(0xb01bf71953771dae), U64(0x849a2ea30dc8d1fe), - U64(0x705182923f080955), U64(0x0ea757556301ac29), - U64(0x041d83514569c9a7), U64(0x0abad4042668658e), - U64(0x49b72a88f851f611), U64(0x8a3d79f66ec97dd7), - U64(0xcd2d042bf59927ef), U64(0xc930877ab0f0ee48), - U64(0x9273540deda2f122), U64(0xc797d02fd3f14261), - U64(0xe1e2f06a284d674a), U64(0xd2be8c74c97cfd80), - U64(0x9a494faf67707e71), U64(0xb3dbd1eca9908293), - U64(0x72d14d3493b2e388), U64(0xd6a30f258c153427) - }, -}; - -static const STREEBOG_LONG64 C16[12][8] = { - { - U64(0xdd806559f2a64507), U64(0x05767436cc744d23), - U64(0xa2422a08a460d315), U64(0x4b7ce09192676901), - U64(0x714eb88d7585c4fc), U64(0x2f6a76432e45d016), - U64(0xebcb2f81c0657c1f), U64(0xb1085bda1ecadae9) - }, { - U64(0xe679047021b19bb7), U64(0x55dda21bd7cbcd56), - U64(0x5cb561c2db0aa7ca), U64(0x9ab5176b12d69958), - U64(0x61d55e0f16b50131), U64(0xf3feea720a232b98), - U64(0x4fe39d460f70b5d7), U64(0x6fa3b58aa99d2f1a) - }, { - U64(0x991e96f50aba0ab2), U64(0xc2b6f443867adb31), - U64(0xc1c93a376062db09), U64(0xd3e20fe490359eb1), - U64(0xf2ea7514b1297b7b), U64(0x06f15e5f529c1f8b), - U64(0x0a39fc286a3d8435), U64(0xf574dcac2bce2fc7) - }, { - U64(0x220cbebc84e3d12e), U64(0x3453eaa193e837f1), - U64(0xd8b71333935203be), U64(0xa9d72c82ed03d675), - U64(0x9d721cad685e353f), U64(0x488e857e335c3c7d), - U64(0xf948e1a05d71e4dd), U64(0xef1fdfb3e81566d2) - }, { - U64(0x601758fd7c6cfe57), U64(0x7a56a27ea9ea63f5), - U64(0xdfff00b723271a16), U64(0xbfcd1747253af5a3), - U64(0x359e35d7800fffbd), U64(0x7f151c1f1686104a), - U64(0x9a3f410c6ca92363), U64(0x4bea6bacad474799) - }, { - U64(0xfa68407a46647d6e), U64(0xbf71c57236904f35), - U64(0x0af21f66c2bec6b6), U64(0xcffaa6b71c9ab7b4), - U64(0x187f9ab49af08ec6), U64(0x2d66c4f95142a46c), - U64(0x6fa4c33b7a3039c0), U64(0xae4faeae1d3ad3d9) - }, { - U64(0x8886564d3a14d493), U64(0x3517454ca23c4af3), - U64(0x06476983284a0504), U64(0x0992abc52d822c37), - U64(0xd3473e33197a93c9), U64(0x399ec6c7e6bf87c9), - U64(0x51ac86febf240954), U64(0xf4c70e16eeaac5ec) - }, { - U64(0xa47f0dd4bf02e71e), U64(0x36acc2355951a8d9), - U64(0x69d18d2bd1a5c42f), U64(0xf4892bcb929b0690), - U64(0x89b4443b4ddbc49a), U64(0x4eb7f8719c36de1e), - U64(0x03e7aa020c6e4141), U64(0x9b1f5b424d93c9a7) - }, { - U64(0x7261445183235adb), U64(0x0e38dc92cb1f2a60), - U64(0x7b2b8a9aa6079c54), U64(0x800a440bdbb2ceb1), - U64(0x3cd955b7e00d0984), U64(0x3a7d3a1b25894224), - U64(0x944c9ad8ec165fde), U64(0x378f5a541631229b) - }, { - U64(0x74b4c7fb98459ced), U64(0x3698fad1153bb6c3), - U64(0x7a1e6c303b7652f4), U64(0x9fe76702af69334b), - U64(0x1fffe18a1b336103), U64(0x8941e71cff8a78db), - U64(0x382ae548b2e4f3f3), U64(0xabbedea680056f52) - }, { - U64(0x6bcaa4cd81f32d1b), U64(0xdea2594ac06fd85d), - U64(0xefbacd1d7d476e98), U64(0x8a1d71efea48b9ca), - U64(0x2001802114846679), U64(0xd8fa6bbbebab0761), - U64(0x3002c6cd635afe94), U64(0x7bcd9ed0efc889fb) - }, { - U64(0x48bc924af11bd720), U64(0xfaf417d5d9b21b99), - U64(0xe71da4aa88e12852), U64(0x5d80ef9d1891cc86), - U64(0xf82012d430219f9b), U64(0xcda43c32bcdf1d77), - U64(0xd21380b00449b17a), U64(0x378ee767f11631ba) - }, -}; - -#define B(x,i,j) (((STREEBOG_LONG64)(*(((const unsigned char *)(&x))+i)))<<(j*8)) -#define PULL64(x) (B(x,0,0)|B(x,1,1)|B(x,2,2)|B(x,3,3)|B(x,4,4)|B(x,5,5)|B(x,6,6)|B(x,7,7)) -#define SWAB64(x) (B(x,0,7)|B(x,1,6)|B(x,2,5)|B(x,3,4)|B(x,4,3)|B(x,5,2)|B(x,6,1)|B(x,7,0)) - -static inline STREEBOG_LONG64 -multipermute(const STREEBOG_LONG64 *in, int i) -{ - STREEBOG_LONG64 t = 0; - - t ^= A_PI_table[0][(in[0] >> (i * 8)) & 0xff]; - t ^= A_PI_table[1][(in[1] >> (i * 8)) & 0xff]; - t ^= A_PI_table[2][(in[2] >> (i * 8)) & 0xff]; - t ^= A_PI_table[3][(in[3] >> (i * 8)) & 0xff]; - t ^= A_PI_table[4][(in[4] >> (i * 8)) & 0xff]; - t ^= A_PI_table[5][(in[5] >> (i * 8)) & 0xff]; - t ^= A_PI_table[6][(in[6] >> (i * 8)) & 0xff]; - t ^= A_PI_table[7][(in[7] >> (i * 8)) & 0xff]; - - return t; -} - -static void -transform(STREEBOG_LONG64 *out, const STREEBOG_LONG64 *a, - const STREEBOG_LONG64 *b) -{ - STREEBOG_LONG64 tmp[8]; - - tmp[0] = a[0] ^ b[0]; - tmp[1] = a[1] ^ b[1]; - tmp[2] = a[2] ^ b[2]; - tmp[3] = a[3] ^ b[3]; - tmp[4] = a[4] ^ b[4]; - tmp[5] = a[5] ^ b[5]; - tmp[6] = a[6] ^ b[6]; - tmp[7] = a[7] ^ b[7]; - - out[0] = multipermute(tmp, 0); - out[1] = multipermute(tmp, 1); - out[2] = multipermute(tmp, 2); - out[3] = multipermute(tmp, 3); - out[4] = multipermute(tmp, 4); - out[5] = multipermute(tmp, 5); - out[6] = multipermute(tmp, 6); - out[7] = multipermute(tmp, 7); -} - -static inline void -gN(STREEBOG_LONG64 *h, STREEBOG_LONG64 *m, STREEBOG_LONG64 *N) -{ - STREEBOG_LONG64 K[8]; - STREEBOG_LONG64 T[8]; - int i; - - transform(K, h, N); - - transform(T, K, m); - transform(K, K, C16[0]); - for (i = 1; i < 12; i++) { - transform(T, K, T); - transform(K, K, C16[i]); - } - - h[0] ^= T[0] ^ K[0] ^ m[0]; - h[1] ^= T[1] ^ K[1] ^ m[1]; - h[2] ^= T[2] ^ K[2] ^ m[2]; - h[3] ^= T[3] ^ K[3] ^ m[3]; - h[4] ^= T[4] ^ K[4] ^ m[4]; - h[5] ^= T[5] ^ K[5] ^ m[5]; - h[6] ^= T[6] ^ K[6] ^ m[6]; - h[7] ^= T[7] ^ K[7] ^ m[7]; -} - - -static void -streebog_single_block(STREEBOG_CTX *ctx, const unsigned char *in, size_t num) -{ - STREEBOG_LONG64 M[8], l; - STREEBOG_LONG64 CF; - int i; - - for (i = 0; i < 8; i++) - M[i] = PULL64(in[i*8]); - - gN(ctx->h, M, ctx->N); - - l = ctx->N[0]; - ctx->N[0] += num; - - if (ctx->N[0] < l || ctx->N[0] < num) { - for (i = 1; i < 8; i++) { - ctx->N[i]++; - if (ctx->N[i] != 0) - break; - } - } - - CF = 0; - ctx->Sigma[0] += M[0]; - for (i = 1; i < 8; i++) { - if (ctx->Sigma[i-1] != M[i-1]) - CF = (ctx->Sigma[i-1] < M[i-1]); - ctx->Sigma[i] += M[i] + CF; - } -} - - - -static void -streebog_block_data_order(STREEBOG_CTX *ctx, const unsigned char *in, - size_t num) -{ - int i; - - for (i = 0; i < num; i++) - streebog_single_block(ctx, in + i * STREEBOG_CBLOCK, 64 * 8); -} - -int -STREEBOG512_Final(unsigned char *md, STREEBOG_CTX *c) -{ - unsigned char *p = (unsigned char *)c->data; - STREEBOG_LONG64 Z[STREEBOG_LBLOCK] = {0}; - int n; - - if (c->num == STREEBOG_CBLOCK) { - streebog_block_data_order(c, p, 1); - c->num -= STREEBOG_CBLOCK; - } - - n = c->num; - p[n++] = 1; - memset(p + n, 0, STREEBOG_CBLOCK - n); - - streebog_single_block(c, p, c->num * 8); - - gN(c->h, c->N, Z); - gN(c->h, c->Sigma, Z); - - for (n = 0; n < STREEBOG_LBLOCK; n++) - c->h[n] = SWAB64(c->h[n]); - - if (md == NULL) - return 0; - - switch (c->md_len) { - /* Let compiler decide if it's appropriate to unroll... */ - case STREEBOG256_LENGTH: - for (n = 0; n < STREEBOG256_LENGTH / 8; n++) { - STREEBOG_LONG64 t = c->h[4+n]; - -#if BYTE_ORDER == BIG_ENDIAN - *(md++) = (unsigned char)(t); - *(md++) = (unsigned char)(t >> 8); - *(md++) = (unsigned char)(t >> 16); - *(md++) = (unsigned char)(t >> 24); - *(md++) = (unsigned char)(t >> 32); - *(md++) = (unsigned char)(t >> 40); - *(md++) = (unsigned char)(t >> 48); - *(md++) = (unsigned char)(t >> 56); -#else - *(md++) = (unsigned char)(t >> 56); - *(md++) = (unsigned char)(t >> 48); - *(md++) = (unsigned char)(t >> 40); - *(md++) = (unsigned char)(t >> 32); - *(md++) = (unsigned char)(t >> 24); - *(md++) = (unsigned char)(t >> 16); - *(md++) = (unsigned char)(t >> 8); - *(md++) = (unsigned char)(t); -#endif - } - break; - case STREEBOG512_LENGTH: - for (n = 0; n < STREEBOG512_LENGTH / 8; n++) { - STREEBOG_LONG64 t = c->h[n]; - -#if BYTE_ORDER == BIG_ENDIAN - *(md++) = (unsigned char)(t); - *(md++) = (unsigned char)(t >> 8); - *(md++) = (unsigned char)(t >> 16); - *(md++) = (unsigned char)(t >> 24); - *(md++) = (unsigned char)(t >> 32); - *(md++) = (unsigned char)(t >> 40); - *(md++) = (unsigned char)(t >> 48); - *(md++) = (unsigned char)(t >> 56); -#else - *(md++) = (unsigned char)(t >> 56); - *(md++) = (unsigned char)(t >> 48); - *(md++) = (unsigned char)(t >> 40); - *(md++) = (unsigned char)(t >> 32); - *(md++) = (unsigned char)(t >> 24); - *(md++) = (unsigned char)(t >> 16); - *(md++) = (unsigned char)(t >> 8); - *(md++) = (unsigned char)(t); -#endif - } - break; - /* ... as well as make sure md_len is not abused. */ - default: - return 0; - } - - return 1; -} -LCRYPTO_ALIAS(STREEBOG512_Final); - -int -STREEBOG256_Final(unsigned char *md, STREEBOG_CTX * c) -{ - return STREEBOG512_Final(md, c); -} -LCRYPTO_ALIAS(STREEBOG256_Final); - -int -STREEBOG512_Update(STREEBOG_CTX *c, const void *_data, size_t len) -{ - unsigned char *p = (unsigned char *)c->data; - const unsigned char *data = (const unsigned char *)_data; - - if (len == 0) - return 1; - - if (c->num != 0) { - size_t n = STREEBOG_CBLOCK - c->num; - - if (len < n) { - memcpy(p + c->num, data, len); - c->num += (unsigned int)len; - return 1; - } else { - memcpy(p + c->num, data, n); - c->num = 0; - len -= n; - data += n; - streebog_block_data_order(c, p, 1); - } - } - - if (len >= STREEBOG_CBLOCK) { - streebog_block_data_order(c, data, len / STREEBOG_CBLOCK); - data += len; - len %= STREEBOG_CBLOCK; - data -= len; - } - - if (len != 0) { - memcpy(p, data, len); - c->num = (int)len; - } - - return 1; -} -LCRYPTO_ALIAS(STREEBOG512_Update); - -int -STREEBOG256_Update(STREEBOG_CTX *c, const void *data, size_t len) -{ - return STREEBOG512_Update(c, data, len); -} -LCRYPTO_ALIAS(STREEBOG256_Update); - -void -STREEBOG512_Transform(STREEBOG_CTX *c, const unsigned char *data) -{ - streebog_block_data_order(c, data, 1); -} -LCRYPTO_ALIAS(STREEBOG512_Transform); - -int -STREEBOG256_Init(STREEBOG_CTX *c) -{ - memset(c, 0, sizeof(*c)); - memset(c->h, 1, sizeof(c->h)); - - c->md_len = STREEBOG256_LENGTH; - return 1; -} -LCRYPTO_ALIAS(STREEBOG256_Init); - -int -STREEBOG512_Init(STREEBOG_CTX *c) -{ - memset(c, 0, sizeof(*c)); - memset(c->h, 0, sizeof(c->h)); - - c->num = 0; - c->md_len = STREEBOG512_LENGTH; - return 1; -} -LCRYPTO_ALIAS(STREEBOG512_Init); - -unsigned char * -STREEBOG256(const unsigned char *d, size_t n, unsigned char *md) -{ - STREEBOG_CTX c; - static unsigned char m[STREEBOG256_LENGTH]; - - if (md == NULL) - md = m; - STREEBOG256_Init(&c); - STREEBOG256_Update(&c, d, n); - STREEBOG256_Final(md, &c); - explicit_bzero(&c, sizeof(c)); - return (md); -} -LCRYPTO_ALIAS(STREEBOG256); - -unsigned char * -STREEBOG512(const unsigned char *d, size_t n, unsigned char *md) -{ - STREEBOG_CTX c; - static unsigned char m[STREEBOG512_LENGTH]; - - if (md == NULL) - md = m; - STREEBOG512_Init(&c); - STREEBOG512_Update(&c, d, n); - STREEBOG512_Final(md, &c); - explicit_bzero(&c, sizeof(c)); - return (md); -} -LCRYPTO_ALIAS(STREEBOG512); - -#endif diff --git a/lib/libcrypto/hidden/openssl/asn1.h b/lib/libcrypto/hidden/openssl/asn1.h index 63852d1e6..12d9618f8 100644 --- a/lib/libcrypto/hidden/openssl/asn1.h +++ b/lib/libcrypto/hidden/openssl/asn1.h @@ -1,4 +1,4 @@ -/* $OpenBSD: asn1.h,v 1.8 2024/03/01 07:38:33 tb Exp $ */ +/* $OpenBSD: asn1.h,v 1.12 2024/03/02 09:08:41 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -154,7 +154,6 @@ LCRYPTO_USED(ASN1_TIME_normalize); LCRYPTO_USED(ASN1_TIME_set_string_X509); LCRYPTO_USED(ASN1_TIME_diff); LCRYPTO_USED(ASN1_TIME_set); -LCRYPTO_USED(ASN1_TIME_set_tm); LCRYPTO_USED(ASN1_TIME_adj); LCRYPTO_USED(ASN1_TIME_check); LCRYPTO_USED(ASN1_TIME_to_generalizedtime); @@ -222,32 +221,15 @@ LCRYPTO_USED(ASN1_mbstring_copy); LCRYPTO_USED(ASN1_mbstring_ncopy); LCRYPTO_USED(ASN1_STRING_set_by_NID); LCRYPTO_USED(ASN1_STRING_TABLE_get); -LCRYPTO_USED(ASN1_STRING_TABLE_add); -LCRYPTO_USED(ASN1_STRING_TABLE_cleanup); LCRYPTO_USED(ASN1_item_new); LCRYPTO_USED(ASN1_item_free); LCRYPTO_USED(ASN1_item_d2i); LCRYPTO_USED(ASN1_item_i2d); -LCRYPTO_USED(ASN1_add_oid_module); LCRYPTO_USED(ASN1_generate_nconf); LCRYPTO_USED(ASN1_generate_v3); LCRYPTO_USED(ASN1_item_print); -LCRYPTO_USED(ASN1_PCTX_new); -LCRYPTO_USED(ASN1_PCTX_free); -LCRYPTO_USED(ASN1_PCTX_get_flags); -LCRYPTO_USED(ASN1_PCTX_set_flags); -LCRYPTO_USED(ASN1_PCTX_get_nm_flags); -LCRYPTO_USED(ASN1_PCTX_set_nm_flags); -LCRYPTO_USED(ASN1_PCTX_get_cert_flags); -LCRYPTO_USED(ASN1_PCTX_set_cert_flags); -LCRYPTO_USED(ASN1_PCTX_get_oid_flags); -LCRYPTO_USED(ASN1_PCTX_set_oid_flags); -LCRYPTO_USED(ASN1_PCTX_get_str_flags); -LCRYPTO_USED(ASN1_PCTX_set_str_flags); LCRYPTO_USED(SMIME_crlf_copy); LCRYPTO_USED(SMIME_text); LCRYPTO_USED(ERR_load_ASN1_strings); -LCRYPTO_USED(ASN1_time_parse); -LCRYPTO_USED(ASN1_time_tm_cmp); #endif /* _LIBCRYPTO_ASN1_H */ diff --git a/lib/libcrypto/hidden/openssl/bio.h b/lib/libcrypto/hidden/openssl/bio.h index f7e7cd3d8..425d1e294 100644 --- a/lib/libcrypto/hidden/openssl/bio.h +++ b/lib/libcrypto/hidden/openssl/bio.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bio.h,v 1.4 2023/07/28 10:13:50 tb Exp $ */ +/* $OpenBSD: bio.h,v 1.7 2024/03/02 09:22:41 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -68,7 +68,6 @@ LCRYPTO_USED(BIO_s_file); LCRYPTO_USED(BIO_new_file); LCRYPTO_USED(BIO_new_fp); LCRYPTO_USED(BIO_new); -LCRYPTO_USED(BIO_set); LCRYPTO_USED(BIO_free); LCRYPTO_USED(BIO_up_ref); LCRYPTO_USED(BIO_get_data); @@ -118,8 +117,6 @@ LCRYPTO_USED(BIO_fd_should_retry); LCRYPTO_USED(BIO_fd_non_fatal_error); LCRYPTO_USED(BIO_dump); LCRYPTO_USED(BIO_dump_indent); -LCRYPTO_USED(BIO_dump_fp); -LCRYPTO_USED(BIO_dump_indent_fp); LCRYPTO_USED(BIO_gethostbyname); LCRYPTO_USED(BIO_sock_error); LCRYPTO_USED(BIO_socket_ioctl); @@ -138,9 +135,6 @@ LCRYPTO_USED(BIO_new_connect); LCRYPTO_USED(BIO_new_accept); LCRYPTO_USED(BIO_copy_next_retry); LCRYPTO_USED(BIO_printf); -LCRYPTO_USED(BIO_vprintf); -LCRYPTO_USED(BIO_snprintf); -LCRYPTO_USED(BIO_vsnprintf); LCRYPTO_USED(ERR_load_BIO_strings); #endif /* _LIBCRYPTO_BIO_H */ diff --git a/lib/libcrypto/hidden/openssl/bn.h b/lib/libcrypto/hidden/openssl/bn.h index 9942cf6fc..f6f00cf76 100644 --- a/lib/libcrypto/hidden/openssl/bn.h +++ b/lib/libcrypto/hidden/openssl/bn.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bn.h,v 1.4 2023/07/29 03:13:38 tb Exp $ */ +/* $OpenBSD: bn.h,v 1.6 2024/03/02 09:27:31 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -97,9 +97,6 @@ LCRYPTO_USED(BN_lshift); LCRYPTO_USED(BN_lshift1); LCRYPTO_USED(BN_exp); LCRYPTO_USED(BN_mod_exp_mont_consttime); -LCRYPTO_USED(BN_mod_exp_mont_word); -LCRYPTO_USED(BN_mod_exp2_mont); -LCRYPTO_USED(BN_mod_exp_simple); LCRYPTO_USED(BN_mask_bits); LCRYPTO_USED(BN_print_fp); LCRYPTO_USED(BN_print); diff --git a/lib/libcrypto/hidden/openssl/cmac.h b/lib/libcrypto/hidden/openssl/cmac.h index cefdb4f6e..1e802aa88 100644 --- a/lib/libcrypto/hidden/openssl/cmac.h +++ b/lib/libcrypto/hidden/openssl/cmac.h @@ -1,4 +1,4 @@ -/* $OpenBSD: cmac.h,v 1.1 2023/07/08 14:27:14 beck Exp $ */ +/* $OpenBSD: cmac.h,v 1.2 2024/03/02 09:30:21 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -33,6 +33,5 @@ LCRYPTO_USED(CMAC_CTX_copy); LCRYPTO_USED(CMAC_Init); LCRYPTO_USED(CMAC_Update); LCRYPTO_USED(CMAC_Final); -LCRYPTO_USED(CMAC_resume); #endif /* _LIBCRYPTO_CMAC_H */ diff --git a/lib/libcrypto/hidden/openssl/crypto.h b/lib/libcrypto/hidden/openssl/crypto.h index 083d156d1..10daf41f5 100644 --- a/lib/libcrypto/hidden/openssl/crypto.h +++ b/lib/libcrypto/hidden/openssl/crypto.h @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto.h,v 1.3 2024/03/01 07:38:33 tb Exp $ */ +/* $OpenBSD: crypto.h,v 1.6 2024/03/02 11:37:13 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -38,35 +38,8 @@ LCRYPTO_USED(CRYPTO_get_ex_data); LCRYPTO_USED(CRYPTO_cleanup_all_ex_data); LCRYPTO_USED(CRYPTO_lock); LCRYPTO_USED(CRYPTO_add_lock); -LCRYPTO_USED(CRYPTO_THREADID_current); -LCRYPTO_USED(CRYPTO_THREADID_cmp); -LCRYPTO_USED(CRYPTO_THREADID_cpy); -LCRYPTO_USED(CRYPTO_THREADID_hash); LCRYPTO_USED(CRYPTO_set_mem_functions); -LCRYPTO_USED(CRYPTO_set_locked_mem_functions); LCRYPTO_USED(CRYPTO_set_mem_ex_functions); -LCRYPTO_USED(CRYPTO_set_locked_mem_ex_functions); -LCRYPTO_USED(CRYPTO_set_mem_debug_functions); -LCRYPTO_USED(CRYPTO_get_mem_functions); -LCRYPTO_USED(CRYPTO_get_locked_mem_functions); -LCRYPTO_USED(CRYPTO_get_mem_ex_functions); -LCRYPTO_USED(CRYPTO_get_locked_mem_ex_functions); -LCRYPTO_USED(CRYPTO_get_mem_debug_functions); -LCRYPTO_USED(CRYPTO_realloc_clean); -LCRYPTO_USED(CRYPTO_remalloc); -LCRYPTO_USED(CRYPTO_set_mem_debug_options); -LCRYPTO_USED(CRYPTO_get_mem_debug_options); -LCRYPTO_USED(CRYPTO_push_info_); -LCRYPTO_USED(CRYPTO_pop_info); -LCRYPTO_USED(CRYPTO_remove_all_info); -LCRYPTO_USED(CRYPTO_dbg_malloc); -LCRYPTO_USED(CRYPTO_dbg_realloc); -LCRYPTO_USED(CRYPTO_dbg_free); -LCRYPTO_USED(CRYPTO_dbg_set_options); -LCRYPTO_USED(CRYPTO_dbg_get_options); -LCRYPTO_USED(CRYPTO_mem_leaks_fp); -LCRYPTO_USED(CRYPTO_mem_leaks); -LCRYPTO_USED(CRYPTO_mem_leaks_cb); LCRYPTO_USED(OpenSSLDie); LCRYPTO_USED(OPENSSL_cpu_caps); LCRYPTO_USED(OPENSSL_init_crypto); diff --git a/lib/libcrypto/hidden/openssl/dsa.h b/lib/libcrypto/hidden/openssl/dsa.h index b2b0058cb..40597abb6 100644 --- a/lib/libcrypto/hidden/openssl/dsa.h +++ b/lib/libcrypto/hidden/openssl/dsa.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa.h,v 1.1 2023/07/08 14:28:15 beck Exp $ */ +/* $OpenBSD: dsa.h,v 1.2 2024/03/02 09:33:14 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -61,7 +61,6 @@ LCRYPTO_USED(d2i_DSAPrivateKey); LCRYPTO_USED(i2d_DSAPrivateKey); LCRYPTO_USED(d2i_DSAparams); LCRYPTO_USED(i2d_DSAparams); -LCRYPTO_USED(DSA_generate_parameters); LCRYPTO_USED(DSA_generate_parameters_ex); LCRYPTO_USED(DSA_generate_key); LCRYPTO_USED(DSAparams_print); diff --git a/lib/libcrypto/hidden/openssl/err.h b/lib/libcrypto/hidden/openssl/err.h index 036ead8c0..08f97e1c5 100644 --- a/lib/libcrypto/hidden/openssl/err.h +++ b/lib/libcrypto/hidden/openssl/err.h @@ -1,4 +1,4 @@ -/* $OpenBSD: err.h,v 1.4 2023/07/28 10:23:19 tb Exp $ */ +/* $OpenBSD: err.h,v 1.5 2024/03/02 10:30:48 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -53,7 +53,6 @@ LCRYPTO_USED(ERR_load_crypto_strings); LCRYPTO_USED(ERR_free_strings); LCRYPTO_USED(ERR_remove_thread_state); LCRYPTO_USED(ERR_remove_state); -LCRYPTO_USED(ERR_get_state); LCRYPTO_USED(ERR_get_next_error_library); LCRYPTO_USED(ERR_set_mark); LCRYPTO_USED(ERR_pop_to_mark); diff --git a/lib/libcrypto/hidden/openssl/gost.h b/lib/libcrypto/hidden/openssl/gost.h deleted file mode 100644 index e30e6611a..000000000 --- a/lib/libcrypto/hidden/openssl/gost.h +++ /dev/null @@ -1,71 +0,0 @@ -/* $OpenBSD: gost.h,v 1.1 2023/07/08 14:30:44 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_GOST_H -#define _LIBCRYPTO_GOST_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/gost.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(Gost2814789_set_sbox); -LCRYPTO_USED(Gost2814789_set_key); -LCRYPTO_USED(Gost2814789_ecb_encrypt); -LCRYPTO_USED(Gost2814789_cfb64_encrypt); -LCRYPTO_USED(Gost2814789_cnt_encrypt); -LCRYPTO_USED(GOST_CIPHER_PARAMS_new); -LCRYPTO_USED(GOST_CIPHER_PARAMS_free); -LCRYPTO_USED(d2i_GOST_CIPHER_PARAMS); -LCRYPTO_USED(i2d_GOST_CIPHER_PARAMS); -LCRYPTO_USED(GOST2814789IMIT_Init); -LCRYPTO_USED(GOST2814789IMIT_Update); -LCRYPTO_USED(GOST2814789IMIT_Final); -LCRYPTO_USED(GOST2814789IMIT_Transform); -LCRYPTO_USED(GOST2814789IMIT); -LCRYPTO_USED(GOSTR341194_Init); -LCRYPTO_USED(GOSTR341194_Update); -LCRYPTO_USED(GOSTR341194_Final); -LCRYPTO_USED(GOSTR341194_Transform); -LCRYPTO_USED(GOSTR341194); -LCRYPTO_USED(STREEBOG256_Init); -LCRYPTO_USED(STREEBOG256_Update); -LCRYPTO_USED(STREEBOG256_Final); -LCRYPTO_USED(STREEBOG256); -LCRYPTO_USED(STREEBOG512_Init); -LCRYPTO_USED(STREEBOG512_Update); -LCRYPTO_USED(STREEBOG512_Final); -LCRYPTO_USED(STREEBOG512_Transform); -LCRYPTO_USED(STREEBOG512); -LCRYPTO_USED(GOST_KEY_new); -LCRYPTO_USED(GOST_KEY_free); -LCRYPTO_USED(GOST_KEY_check_key); -LCRYPTO_USED(GOST_KEY_set_public_key_affine_coordinates); -LCRYPTO_USED(GOST_KEY_get0_group); -LCRYPTO_USED(GOST_KEY_set_group); -LCRYPTO_USED(GOST_KEY_get_digest); -LCRYPTO_USED(GOST_KEY_set_digest); -LCRYPTO_USED(GOST_KEY_get0_private_key); -LCRYPTO_USED(GOST_KEY_set_private_key); -LCRYPTO_USED(GOST_KEY_get0_public_key); -LCRYPTO_USED(GOST_KEY_set_public_key); -LCRYPTO_USED(GOST_KEY_get_size); -LCRYPTO_USED(ERR_load_GOST_strings); - -#endif /* _LIBCRYPTO_GOST_H */ diff --git a/lib/libcrypto/hidden/openssl/lhash.h b/lib/libcrypto/hidden/openssl/lhash.h index 151f154a4..2cf5b2dc5 100644 --- a/lib/libcrypto/hidden/openssl/lhash.h +++ b/lib/libcrypto/hidden/openssl/lhash.h @@ -1,4 +1,4 @@ -/* $OpenBSD: lhash.h,v 1.2 2023/07/07 19:37:54 beck Exp $ */ +/* $OpenBSD: lhash.h,v 1.4 2024/03/02 11:11:11 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -27,6 +27,7 @@ LCRYPTO_USED(lh_new); LCRYPTO_USED(lh_free); +LCRYPTO_USED(lh_error); LCRYPTO_USED(lh_insert); LCRYPTO_USED(lh_delete); LCRYPTO_USED(lh_retrieve); @@ -34,11 +35,5 @@ LCRYPTO_USED(lh_doall); LCRYPTO_USED(lh_doall_arg); LCRYPTO_USED(lh_strhash); LCRYPTO_USED(lh_num_items); -LCRYPTO_USED(lh_stats); -LCRYPTO_USED(lh_node_stats); -LCRYPTO_USED(lh_node_usage_stats); -LCRYPTO_USED(lh_stats_bio); -LCRYPTO_USED(lh_node_stats_bio); -LCRYPTO_USED(lh_node_usage_stats_bio); #endif /* _LIBCRYPTO_LHASH_H */ diff --git a/lib/libcrypto/hidden/openssl/objects.h b/lib/libcrypto/hidden/openssl/objects.h index ba5bf8e25..c2db51a6c 100644 --- a/lib/libcrypto/hidden/openssl/objects.h +++ b/lib/libcrypto/hidden/openssl/objects.h @@ -1,4 +1,4 @@ -/* $OpenBSD: objects.h,v 1.2 2023/07/28 10:25:05 tb Exp $ */ +/* $OpenBSD: objects.h,v 1.5 2024/03/02 09:49:45 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -25,12 +25,6 @@ #endif #include "crypto_namespace.h" -LCRYPTO_USED(OBJ_NAME_init); -LCRYPTO_USED(OBJ_NAME_new_index); -LCRYPTO_USED(OBJ_NAME_get); -LCRYPTO_USED(OBJ_NAME_add); -LCRYPTO_USED(OBJ_NAME_remove); -LCRYPTO_USED(OBJ_NAME_cleanup); LCRYPTO_USED(OBJ_NAME_do_all); LCRYPTO_USED(OBJ_NAME_do_all_sorted); LCRYPTO_USED(OBJ_dup); @@ -44,9 +38,7 @@ LCRYPTO_USED(OBJ_txt2nid); LCRYPTO_USED(OBJ_ln2nid); LCRYPTO_USED(OBJ_sn2nid); LCRYPTO_USED(OBJ_cmp); -LCRYPTO_USED(OBJ_bsearch_); LCRYPTO_USED(OBJ_new_nid); -LCRYPTO_USED(OBJ_add_object); LCRYPTO_USED(OBJ_create); LCRYPTO_USED(OBJ_cleanup); LCRYPTO_USED(OBJ_create_objects); diff --git a/lib/libcrypto/hidden/openssl/pkcs12.h b/lib/libcrypto/hidden/openssl/pkcs12.h index 9a2dffa35..4c37e73cc 100644 --- a/lib/libcrypto/hidden/openssl/pkcs12.h +++ b/lib/libcrypto/hidden/openssl/pkcs12.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pkcs12.h,v 1.2 2023/07/05 21:14:54 bcook Exp $ */ +/* $OpenBSD: pkcs12.h,v 1.3 2024/03/02 10:15:16 tb Exp $ */ /* * Copyright (c) 2022 Bob Beck * @@ -34,68 +34,33 @@ LCRYPTO_USED(PKCS12_SAFEBAG_get1_crl); LCRYPTO_USED(PKCS8_get_attr); LCRYPTO_USED(PKCS12_mac_present); LCRYPTO_USED(PKCS12_get0_mac); -LCRYPTO_USED(PKCS12_SAFEBAG_create_cert); -LCRYPTO_USED(PKCS12_SAFEBAG_create_crl); -LCRYPTO_USED(PKCS12_SAFEBAG_create0_p8inf); -LCRYPTO_USED(PKCS12_SAFEBAG_create0_pkcs8); -LCRYPTO_USED(PKCS12_SAFEBAG_create_pkcs8_encrypt); LCRYPTO_USED(PKCS12_SAFEBAG_get0_p8inf); LCRYPTO_USED(PKCS12_SAFEBAG_get0_pkcs8); LCRYPTO_USED(PKCS12_SAFEBAG_get0_safes); LCRYPTO_USED(PKCS12_SAFEBAG_get0_type); -LCRYPTO_USED(PKCS12_item_pack_safebag); LCRYPTO_USED(PKCS8_decrypt); LCRYPTO_USED(PKCS12_decrypt_skey); LCRYPTO_USED(PKCS8_encrypt); -LCRYPTO_USED(PKCS12_pack_p7data); LCRYPTO_USED(PKCS12_unpack_p7data); -LCRYPTO_USED(PKCS12_pack_p7encdata); LCRYPTO_USED(PKCS12_unpack_p7encdata); -LCRYPTO_USED(PKCS12_pack_authsafes); LCRYPTO_USED(PKCS12_unpack_authsafes); -LCRYPTO_USED(PKCS12_add_localkeyid); -LCRYPTO_USED(PKCS12_add_friendlyname_asc); -LCRYPTO_USED(PKCS12_add_CSPName_asc); -LCRYPTO_USED(PKCS12_add_friendlyname_uni); LCRYPTO_USED(PKCS8_add_keyusage); -LCRYPTO_USED(PKCS12_get_attr_gen); LCRYPTO_USED(PKCS12_get_friendlyname); -LCRYPTO_USED(PKCS12_pbe_crypt); -LCRYPTO_USED(PKCS12_item_decrypt_d2i); -LCRYPTO_USED(PKCS12_item_i2d_encrypt); -LCRYPTO_USED(PKCS12_init); -LCRYPTO_USED(PKCS12_key_gen_asc); -LCRYPTO_USED(PKCS12_key_gen_uni); -LCRYPTO_USED(PKCS12_PBE_keyivgen); -LCRYPTO_USED(PKCS12_gen_mac); LCRYPTO_USED(PKCS12_verify_mac); LCRYPTO_USED(PKCS12_set_mac); -LCRYPTO_USED(PKCS12_setup_mac); LCRYPTO_USED(OPENSSL_asc2uni); LCRYPTO_USED(OPENSSL_uni2asc); LCRYPTO_USED(PKCS12_new); LCRYPTO_USED(PKCS12_free); LCRYPTO_USED(d2i_PKCS12); LCRYPTO_USED(i2d_PKCS12); -LCRYPTO_USED(PKCS12_MAC_DATA_new); -LCRYPTO_USED(PKCS12_MAC_DATA_free); -LCRYPTO_USED(d2i_PKCS12_MAC_DATA); -LCRYPTO_USED(i2d_PKCS12_MAC_DATA); LCRYPTO_USED(PKCS12_SAFEBAG_new); LCRYPTO_USED(PKCS12_SAFEBAG_free); LCRYPTO_USED(d2i_PKCS12_SAFEBAG); LCRYPTO_USED(i2d_PKCS12_SAFEBAG); -LCRYPTO_USED(PKCS12_BAGS_new); -LCRYPTO_USED(PKCS12_BAGS_free); -LCRYPTO_USED(d2i_PKCS12_BAGS); -LCRYPTO_USED(i2d_PKCS12_BAGS); LCRYPTO_USED(PKCS12_PBE_add); LCRYPTO_USED(PKCS12_parse); LCRYPTO_USED(PKCS12_create); -LCRYPTO_USED(PKCS12_add_cert); -LCRYPTO_USED(PKCS12_add_key); -LCRYPTO_USED(PKCS12_add_safe); -LCRYPTO_USED(PKCS12_add_safes); LCRYPTO_USED(i2d_PKCS12_bio); LCRYPTO_USED(i2d_PKCS12_fp); LCRYPTO_USED(d2i_PKCS12_bio); diff --git a/lib/libcrypto/hidden/openssl/stack.h b/lib/libcrypto/hidden/openssl/stack.h index 38bb02e86..3f742c1b0 100644 --- a/lib/libcrypto/hidden/openssl/stack.h +++ b/lib/libcrypto/hidden/openssl/stack.h @@ -1,4 +1,4 @@ -/* $OpenBSD: stack.h,v 1.2 2023/07/05 21:14:54 bcook Exp $ */ +/* $OpenBSD: stack.h,v 1.3 2024/03/02 11:20:36 tb Exp $ */ /* * Copyright (c) 2022 Bob Beck * @@ -36,7 +36,6 @@ LCRYPTO_USED(sk_insert); LCRYPTO_USED(sk_delete); LCRYPTO_USED(sk_delete_ptr); LCRYPTO_USED(sk_find); -LCRYPTO_USED(sk_find_ex); LCRYPTO_USED(sk_push); LCRYPTO_USED(sk_unshift); LCRYPTO_USED(sk_shift); diff --git a/lib/libcrypto/hidden/openssl/x509.h b/lib/libcrypto/hidden/openssl/x509.h index 13bd5b533..35a4a67e0 100644 --- a/lib/libcrypto/hidden/openssl/x509.h +++ b/lib/libcrypto/hidden/openssl/x509.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x509.h,v 1.3 2023/07/05 21:14:54 bcook Exp $ */ +/* $OpenBSD: x509.h,v 1.4 2024/03/02 10:48:17 tb Exp $ */ /* * Copyright (c) 2022 Bob Beck * @@ -104,8 +104,6 @@ LCRYPTO_USED(X509_get_default_private_dir); LCRYPTO_USED(X509_to_X509_REQ); LCRYPTO_USED(X509_REQ_to_X509); LCRYPTO_USED(X509_get_pubkey_parameters); -LCRYPTO_USED(X509_TRUST_set_default); -LCRYPTO_USED(X509_TRUST_set); LCRYPTO_USED(X509_NAME_oneline); LCRYPTO_USED(X509_get0_extensions); LCRYPTO_USED(X509_get0_tbs_sigalg); @@ -268,14 +266,6 @@ LCRYPTO_USED(X509_verify_cert); LCRYPTO_USED(X509_find_by_issuer_and_serial); LCRYPTO_USED(X509_find_by_subject); LCRYPTO_USED(X509_check_trust); -LCRYPTO_USED(X509_TRUST_get_count); -LCRYPTO_USED(X509_TRUST_get0); -LCRYPTO_USED(X509_TRUST_get_by_id); -LCRYPTO_USED(X509_TRUST_add); -LCRYPTO_USED(X509_TRUST_cleanup); -LCRYPTO_USED(X509_TRUST_get_flags); -LCRYPTO_USED(X509_TRUST_get0_name); -LCRYPTO_USED(X509_TRUST_get_trust); LCRYPTO_USED(X509_up_ref); LCRYPTO_USED(X509_chain_up_ref); LCRYPTO_USED(ERR_load_X509_strings); diff --git a/lib/libcrypto/hidden/openssl/x509_vfy.h b/lib/libcrypto/hidden/openssl/x509_vfy.h index 350249213..3d65837a4 100644 --- a/lib/libcrypto/hidden/openssl/x509_vfy.h +++ b/lib/libcrypto/hidden/openssl/x509_vfy.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_vfy.h,v 1.7 2024/02/23 10:39:07 tb Exp $ */ +/* $OpenBSD: x509_vfy.h,v 1.9 2024/03/02 10:57:03 tb Exp $ */ /* * Copyright (c) 2022 Bob Beck * @@ -79,14 +79,7 @@ LCRYPTO_USED(X509_LOOKUP_ctrl); LCRYPTO_USED(X509_load_cert_file); LCRYPTO_USED(X509_load_crl_file); LCRYPTO_USED(X509_load_cert_crl_file); -LCRYPTO_USED(X509_LOOKUP_new); LCRYPTO_USED(X509_LOOKUP_free); -LCRYPTO_USED(X509_LOOKUP_init); -LCRYPTO_USED(X509_LOOKUP_by_subject); -LCRYPTO_USED(X509_LOOKUP_by_issuer_serial); -LCRYPTO_USED(X509_LOOKUP_by_fingerprint); -LCRYPTO_USED(X509_LOOKUP_by_alias); -LCRYPTO_USED(X509_LOOKUP_shutdown); LCRYPTO_USED(X509_STORE_load_locations); LCRYPTO_USED(X509_STORE_load_mem); LCRYPTO_USED(X509_STORE_set_default_paths); @@ -109,7 +102,6 @@ LCRYPTO_USED(X509_STORE_CTX_set_chain); LCRYPTO_USED(X509_STORE_CTX_set0_crls); LCRYPTO_USED(X509_STORE_CTX_set_purpose); LCRYPTO_USED(X509_STORE_CTX_set_trust); -LCRYPTO_USED(X509_STORE_CTX_purpose_inherit); LCRYPTO_USED(X509_STORE_CTX_set_flags); LCRYPTO_USED(X509_STORE_CTX_set_time); LCRYPTO_USED(X509_STORE_CTX_set0_verified_chain); diff --git a/lib/libcrypto/hidden/openssl/x509v3.h b/lib/libcrypto/hidden/openssl/x509v3.h index a85c5c26a..a833ec9f4 100644 --- a/lib/libcrypto/hidden/openssl/x509v3.h +++ b/lib/libcrypto/hidden/openssl/x509v3.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x509v3.h,v 1.5 2023/07/05 21:14:54 bcook Exp $ */ +/* $OpenBSD: x509v3.h,v 1.7 2024/03/02 10:40:05 tb Exp $ */ /* * Copyright (c) 2022 Bob Beck * @@ -160,10 +160,6 @@ LCRYPTO_USED(i2s_ASN1_INTEGER); LCRYPTO_USED(s2i_ASN1_INTEGER); LCRYPTO_USED(i2s_ASN1_ENUMERATED); LCRYPTO_USED(i2s_ASN1_ENUMERATED_TABLE); -LCRYPTO_USED(X509V3_EXT_add); -LCRYPTO_USED(X509V3_EXT_add_list); -LCRYPTO_USED(X509V3_EXT_add_alias); -LCRYPTO_USED(X509V3_EXT_cleanup); LCRYPTO_USED(X509V3_EXT_get); LCRYPTO_USED(X509V3_EXT_get_nid); LCRYPTO_USED(X509V3_add_standard_extensions); @@ -181,18 +177,13 @@ LCRYPTO_USED(X509V3_extensions_print); LCRYPTO_USED(X509_check_ca); LCRYPTO_USED(X509_check_purpose); LCRYPTO_USED(X509_supported_extension); -LCRYPTO_USED(X509_PURPOSE_set); LCRYPTO_USED(X509_check_issued); LCRYPTO_USED(X509_check_akid); LCRYPTO_USED(X509_PURPOSE_get_count); LCRYPTO_USED(X509_PURPOSE_get0); LCRYPTO_USED(X509_PURPOSE_get_by_sname); -LCRYPTO_USED(X509_PURPOSE_get_by_id); -LCRYPTO_USED(X509_PURPOSE_add); LCRYPTO_USED(X509_PURPOSE_get0_name); LCRYPTO_USED(X509_PURPOSE_get0_sname); -LCRYPTO_USED(X509_PURPOSE_get_trust); -LCRYPTO_USED(X509_PURPOSE_cleanup); LCRYPTO_USED(X509_PURPOSE_get_id); LCRYPTO_USED(X509_get_extension_flags); LCRYPTO_USED(X509_get_key_usage); diff --git a/lib/libcrypto/lhash/lh_stats.c b/lib/libcrypto/lhash/lh_stats.c deleted file mode 100644 index 123792a2a..000000000 --- a/lib/libcrypto/lhash/lh_stats.c +++ /dev/null @@ -1,263 +0,0 @@ -/* $OpenBSD: lh_stats.c,v 1.13 2023/07/07 13:40:44 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include - -#ifndef OPENSSL_NO_BIO -#include -#endif -#include - -#ifdef OPENSSL_NO_BIO - -void -lh_stats(LHASH *lh, FILE *out) -{ - fprintf(out, "num_items = %lu\n", lh->num_items); - fprintf(out, "num_nodes = %u\n", lh->num_nodes); - fprintf(out, "num_alloc_nodes = %u\n", lh->num_alloc_nodes); - fprintf(out, "num_expands = %lu\n", lh->num_expands); - fprintf(out, "num_expand_reallocs = %lu\n", lh->num_expand_reallocs); - fprintf(out, "num_contracts = %lu\n", lh->num_contracts); - fprintf(out, "num_contract_reallocs = %lu\n", - lh->num_contract_reallocs); - fprintf(out, "num_hash_calls = %lu\n", lh->num_hash_calls); - fprintf(out, "num_comp_calls = %lu\n", lh->num_comp_calls); - fprintf(out, "num_insert = %lu\n", lh->num_insert); - fprintf(out, "num_replace = %lu\n", lh->num_replace); - fprintf(out, "num_delete = %lu\n", lh->num_delete); - fprintf(out, "num_no_delete = %lu\n", lh->num_no_delete); - fprintf(out, "num_retrieve = %lu\n", lh->num_retrieve); - fprintf(out, "num_retrieve_miss = %lu\n", lh->num_retrieve_miss); - fprintf(out, "num_hash_comps = %lu\n", lh->num_hash_comps); -#if 0 - fprintf(out, "p = %u\n", lh->p); - fprintf(out, "pmax = %u\n", lh->pmax); - fprintf(out, "up_load = %lu\n", lh->up_load); - fprintf(out, "down_load = %lu\n", lh->down_load); -#endif -} -LCRYPTO_ALIAS(lh_stats); - -void -lh_node_stats(LHASH *lh, FILE *out) -{ - LHASH_NODE *n; - unsigned int i, num; - - for (i = 0; i < lh->num_nodes; i++) { - for (n = lh->b[i], num = 0; n != NULL; n = n->next) - num++; - fprintf(out, "node %6u -> %3u\n", i, num); - } -} -LCRYPTO_ALIAS(lh_node_stats); - -void -lh_node_usage_stats(LHASH *lh, FILE *out) -{ - LHASH_NODE *n; - unsigned long num; - unsigned int i; - unsigned long total = 0, n_used = 0; - - for (i = 0; i < lh->num_nodes; i++) { - for (n = lh->b[i], num = 0; n != NULL; n = n->next) - num++; - if (num != 0) { - n_used++; - total += num; - } - } - fprintf(out, "%lu nodes used out of %u\n", n_used, lh->num_nodes); - fprintf(out, "%lu items\n", total); - if (n_used == 0) - return; - fprintf(out, "load %d.%02d actual load %d.%02d\n", - (int)(total / lh->num_nodes), - (int)((total % lh->num_nodes) * 100 / lh->num_nodes), - (int)(total / n_used), - (int)((total % n_used) * 100 / n_used)); -} -LCRYPTO_ALIAS(lh_node_usage_stats); - -#else - -void -lh_stats(const _LHASH *lh, FILE *fp) -{ - BIO *bp; - - bp = BIO_new(BIO_s_file()); - if (bp == NULL) - goto end; - BIO_set_fp(bp, fp, BIO_NOCLOSE); - lh_stats_bio(lh, bp); - BIO_free(bp); -end:; -} -LCRYPTO_ALIAS(lh_stats); - -void -lh_node_stats(const _LHASH *lh, FILE *fp) -{ - BIO *bp; - - bp = BIO_new(BIO_s_file()); - if (bp == NULL) - goto end; - BIO_set_fp(bp, fp, BIO_NOCLOSE); - lh_node_stats_bio(lh, bp); - BIO_free(bp); -end:; -} -LCRYPTO_ALIAS(lh_node_stats); - -void -lh_node_usage_stats(const _LHASH *lh, FILE *fp) -{ - BIO *bp; - - bp = BIO_new(BIO_s_file()); - if (bp == NULL) - goto end; - BIO_set_fp(bp, fp, BIO_NOCLOSE); - lh_node_usage_stats_bio(lh, bp); - BIO_free(bp); -end:; -} -LCRYPTO_ALIAS(lh_node_usage_stats); - - -void -lh_stats_bio(const _LHASH *lh, BIO *out) -{ - BIO_printf(out, "num_items = %lu\n", lh->num_items); - BIO_printf(out, "num_nodes = %u\n", lh->num_nodes); - BIO_printf(out, "num_alloc_nodes = %u\n", lh->num_alloc_nodes); - BIO_printf(out, "num_expands = %lu\n", lh->num_expands); - BIO_printf(out, "num_expand_reallocs = %lu\n", - lh->num_expand_reallocs); - BIO_printf(out, "num_contracts = %lu\n", lh->num_contracts); - BIO_printf(out, "num_contract_reallocs = %lu\n", - lh->num_contract_reallocs); - BIO_printf(out, "num_hash_calls = %lu\n", lh->num_hash_calls); - BIO_printf(out, "num_comp_calls = %lu\n", lh->num_comp_calls); - BIO_printf(out, "num_insert = %lu\n", lh->num_insert); - BIO_printf(out, "num_replace = %lu\n", lh->num_replace); - BIO_printf(out, "num_delete = %lu\n", lh->num_delete); - BIO_printf(out, "num_no_delete = %lu\n", lh->num_no_delete); - BIO_printf(out, "num_retrieve = %lu\n", lh->num_retrieve); - BIO_printf(out, "num_retrieve_miss = %lu\n", lh->num_retrieve_miss); - BIO_printf(out, "num_hash_comps = %lu\n", lh->num_hash_comps); -#if 0 - BIO_printf(out, "p = %u\n", lh->p); - BIO_printf(out, "pmax = %u\n", lh->pmax); - BIO_printf(out, "up_load = %lu\n", lh->up_load); - BIO_printf(out, "down_load = %lu\n", lh->down_load); -#endif -} -LCRYPTO_ALIAS(lh_stats_bio); - -void -lh_node_stats_bio(const _LHASH *lh, BIO *out) -{ - LHASH_NODE *n; - unsigned int i, num; - - for (i = 0; i < lh->num_nodes; i++) { - for (n = lh->b[i], num = 0; n != NULL; n = n->next) - num++; - BIO_printf(out, "node %6u -> %3u\n", i, num); - } -} -LCRYPTO_ALIAS(lh_node_stats_bio); - -void -lh_node_usage_stats_bio(const _LHASH *lh, BIO *out) -{ - LHASH_NODE *n; - unsigned long num; - unsigned int i; - unsigned long total = 0, n_used = 0; - - for (i = 0; i < lh->num_nodes; i++) { - for (n = lh->b[i], num = 0; n != NULL; n = n->next) - num++; - if (num != 0) { - n_used++; - total += num; - } - } - BIO_printf(out, "%lu nodes used out of %u\n", n_used, lh->num_nodes); - BIO_printf(out, "%lu items\n", total); - if (n_used == 0) - return; - BIO_printf(out, "load %d.%02d actual load %d.%02d\n", - (int)(total / lh->num_nodes), - (int)((total % lh->num_nodes) * 100 / lh->num_nodes), - (int)(total / n_used), - (int)((total % n_used) * 100 / n_used)); -} -LCRYPTO_ALIAS(lh_node_usage_stats_bio); - -#endif diff --git a/lib/libcrypto/lhash/lhash.c b/lib/libcrypto/lhash/lhash.c index 81660419c..cd69f6fec 100644 --- a/lib/libcrypto/lhash/lhash.c +++ b/lib/libcrypto/lhash/lhash.c @@ -1,4 +1,4 @@ -/* $OpenBSD: lhash.c,v 1.21 2024/01/24 14:02:52 jsing Exp $ */ +/* $OpenBSD: lhash.c,v 1.22 2024/03/02 11:11:11 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -103,6 +103,8 @@ #include #include +#include "lhash_local.h" + #undef MIN_NODES #define MIN_NODES 16 #define UP_LOAD (2*LH_LOAD_MULT) /* load times 256 (default 2) */ @@ -157,6 +159,13 @@ lh_free(_LHASH *lh) } LCRYPTO_ALIAS(lh_free); +int +lh_error(_LHASH *lh) +{ + return lh->error; +} +LCRYPTO_ALIAS(lh_error); + void * lh_insert(_LHASH *lh, void *data) { diff --git a/lib/libcrypto/lhash/lhash.h b/lib/libcrypto/lhash/lhash.h index 9c6365739..86d05544a 100644 --- a/lib/libcrypto/lhash/lhash.h +++ b/lib/libcrypto/lhash/lhash.h @@ -1,4 +1,4 @@ -/* $OpenBSD: lhash.h,v 1.12 2014/06/12 15:49:29 deraadt Exp $ */ +/* $OpenBSD: lhash.h,v 1.14 2024/03/02 11:11:11 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -75,14 +75,6 @@ extern "C" { #endif -typedef struct lhash_node_st { - void *data; - struct lhash_node_st *next; -#ifndef OPENSSL_NO_HASH_COMP - unsigned long hash; -#endif -} LHASH_NODE; - typedef int (*LHASH_COMP_FN_TYPE)(const void *, const void *); typedef unsigned long (*LHASH_HASH_FN_TYPE)(const void *); typedef void (*LHASH_DOALL_FN_TYPE)(void *); @@ -133,44 +125,13 @@ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(void *, void *); name##_doall_arg(a, b); } #define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG -typedef struct lhash_st { - LHASH_NODE **b; - LHASH_COMP_FN_TYPE comp; - LHASH_HASH_FN_TYPE hash; - unsigned int num_nodes; - unsigned int num_alloc_nodes; - unsigned int p; - unsigned int pmax; - unsigned long up_load; /* load times 256 */ - unsigned long down_load; /* load times 256 */ - unsigned long num_items; - - unsigned long num_expands; - unsigned long num_expand_reallocs; - unsigned long num_contracts; - unsigned long num_contract_reallocs; - unsigned long num_hash_calls; - unsigned long num_comp_calls; - unsigned long num_insert; - unsigned long num_replace; - unsigned long num_delete; - unsigned long num_no_delete; - unsigned long num_retrieve; - unsigned long num_retrieve_miss; - unsigned long num_hash_comps; - - int error; -} _LHASH; /* Do not use _LHASH directly, use LHASH_OF - * and friends */ +typedef struct lhash_st _LHASH; #define LH_LOAD_MULT 256 -/* Indicates a malloc() error in the last call, this is only bad - * in lh_insert(). */ -#define lh_error(lh) ((lh)->error) - _LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c); void lh_free(_LHASH *lh); +int lh_error(_LHASH *lh); void *lh_insert(_LHASH *lh, void *data); void *lh_delete(_LHASH *lh, const void *data); void *lh_retrieve(_LHASH *lh, const void *data); @@ -179,21 +140,11 @@ void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg); unsigned long lh_strhash(const char *c); unsigned long lh_num_items(const _LHASH *lh); -void lh_stats(const _LHASH *lh, FILE *out); -void lh_node_stats(const _LHASH *lh, FILE *out); -void lh_node_usage_stats(const _LHASH *lh, FILE *out); - -#ifndef OPENSSL_NO_BIO -void lh_stats_bio(const _LHASH *lh, BIO *out); -void lh_node_stats_bio(const _LHASH *lh, BIO *out); -void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out); -#endif - /* Type checking... */ #define LHASH_OF(type) struct lhash_st_##type -#define DECLARE_LHASH_OF(type) LHASH_OF(type) { int dummy; } +#define DECLARE_LHASH_OF(type) LHASH_OF(type) #define CHECKED_LHASH_OF(type,lh) \ ((_LHASH *)CHECKED_PTR_OF(LHASH_OF(type),lh)) @@ -216,13 +167,6 @@ void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out); #define LHM_lh_doall_arg(type, lh, fn, arg_type, arg) \ lh_doall_arg(CHECKED_LHASH_OF(type, lh), fn, CHECKED_PTR_OF(arg_type, arg)) #define LHM_lh_num_items(type, lh) lh_num_items(CHECKED_LHASH_OF(type, lh)) -#define LHM_lh_down_load(type, lh) (CHECKED_LHASH_OF(type, lh)->down_load) -#define LHM_lh_node_stats_bio(type, lh, out) \ - lh_node_stats_bio(CHECKED_LHASH_OF(type, lh), out) -#define LHM_lh_node_usage_stats_bio(type, lh, out) \ - lh_node_usage_stats_bio(CHECKED_LHASH_OF(type, lh), out) -#define LHM_lh_stats_bio(type, lh, out) \ - lh_stats_bio(CHECKED_LHASH_OF(type, lh), out) #define LHM_lh_free(type, lh) lh_free(CHECKED_LHASH_OF(type, lh)) DECLARE_LHASH_OF(OPENSSL_STRING); diff --git a/lib/libcrypto/lhash/lhash_local.h b/lib/libcrypto/lhash/lhash_local.h new file mode 100644 index 000000000..5466e554e --- /dev/null +++ b/lib/libcrypto/lhash/lhash_local.h @@ -0,0 +1,105 @@ +/* $OpenBSD: lhash_local.h,v 1.1 2024/03/02 11:11:11 tb Exp $ */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* Header for dynamic hash table routines + * Author - Eric Young + */ + +#include + +#ifndef HEADER_LHASH_LOCAL_H +#define HEADER_LHASH_LOCAL_H + +typedef struct lhash_node_st { + void *data; + struct lhash_node_st *next; +#ifndef OPENSSL_NO_HASH_COMP + unsigned long hash; +#endif +} LHASH_NODE; + +struct lhash_st { + LHASH_NODE **b; + LHASH_COMP_FN_TYPE comp; + LHASH_HASH_FN_TYPE hash; + unsigned int num_nodes; + unsigned int num_alloc_nodes; + unsigned int p; + unsigned int pmax; + unsigned long up_load; /* load times 256 */ + unsigned long down_load; /* load times 256 */ + unsigned long num_items; + + unsigned long num_expands; + unsigned long num_expand_reallocs; + unsigned long num_contracts; + unsigned long num_contract_reallocs; + unsigned long num_hash_calls; + unsigned long num_comp_calls; + unsigned long num_insert; + unsigned long num_replace; + unsigned long num_delete; + unsigned long num_no_delete; + unsigned long num_retrieve; + unsigned long num_retrieve_miss; + unsigned long num_hash_comps; + + int error; +} /* _LHASH */; + +#endif diff --git a/lib/libcrypto/malloc-wrapper.c b/lib/libcrypto/malloc-wrapper.c index 4d57f00b2..fb42169b2 100644 --- a/lib/libcrypto/malloc-wrapper.c +++ b/lib/libcrypto/malloc-wrapper.c @@ -1,4 +1,4 @@ -/* $OpenBSD: malloc-wrapper.c,v 1.8 2023/07/08 08:28:23 beck Exp $ */ +/* $OpenBSD: malloc-wrapper.c,v 1.10 2024/03/02 11:35:09 tb Exp $ */ /* * Copyright (c) 2014 Bob Beck * @@ -36,116 +36,9 @@ CRYPTO_set_mem_ex_functions(void *(*m)(size_t, const char *, int), } LCRYPTO_ALIAS(CRYPTO_set_mem_ex_functions); -int -CRYPTO_set_locked_mem_functions(void *(*m)(size_t), void (*f)(void *)) -{ - return 0; -} -LCRYPTO_ALIAS(CRYPTO_set_locked_mem_functions); - -int -CRYPTO_set_locked_mem_ex_functions(void *(*m)(size_t, const char *, int), - void (*f)(void *)) -{ - return 0; -} -LCRYPTO_ALIAS(CRYPTO_set_locked_mem_ex_functions); - -int -CRYPTO_set_mem_debug_functions(void (*m)(void *, int, const char *, int, int), - void (*r)(void *, void *, int, const char *, int, int), - void (*f)(void *, int), void (*so)(long), long (*go)(void)) -{ - return 0; -} -LCRYPTO_ALIAS(CRYPTO_set_mem_debug_functions); - - -void -CRYPTO_get_mem_functions(void *(**m)(size_t), void *(**r)(void *, size_t), - void (**f)(void *)) -{ - if (m != NULL) - *m = malloc; - if (r != NULL) - *r = realloc; - if (f != NULL) - *f = free; -} -LCRYPTO_ALIAS(CRYPTO_get_mem_functions); - -void -CRYPTO_get_mem_ex_functions(void *(**m)(size_t, const char *, int), - void *(**r)(void *, size_t, const char *, int), void (**f)(void *)) -{ - if (m != NULL) - *m = NULL; - if (r != NULL) - *r = NULL; - if (f != NULL) - *f = free; -} -LCRYPTO_ALIAS(CRYPTO_get_mem_ex_functions); - -void -CRYPTO_get_locked_mem_functions(void *(**m)(size_t), void (**f)(void *)) -{ - if (m != NULL) - *m = malloc; - if (f != NULL) - *f = free; -} -LCRYPTO_ALIAS(CRYPTO_get_locked_mem_functions); - -void -CRYPTO_get_locked_mem_ex_functions(void *(**m)(size_t, const char *, int), - void (**f)(void *)) -{ - if (m != NULL) - *m = NULL; - if (f != NULL) - *f = free; -} -LCRYPTO_ALIAS(CRYPTO_get_locked_mem_ex_functions); - -void -CRYPTO_get_mem_debug_functions(void (**m)(void *, int, const char *, int, int), - void (**r)(void *, void *, int, const char *, int, int), - void (**f)(void *, int), void (**so)(long), long (**go)(void)) -{ - if (m != NULL) - *m = NULL; - if (r != NULL) - *r = NULL; - if (f != NULL) - *f = NULL; - if (so != NULL) - *so = NULL; - if (go != NULL) - *go = NULL; -} -LCRYPTO_ALIAS(CRYPTO_get_mem_debug_functions); - - void * -CRYPTO_malloc_locked(int num, const char *file, int line) +CRYPTO_malloc(size_t num, const char *file, int line) { - if (num <= 0) - return NULL; - return malloc(num); -} - -void -CRYPTO_free_locked(void *ptr) -{ - free(ptr); -} - -void * -CRYPTO_malloc(int num, const char *file, int line) -{ - if (num <= 0) - return NULL; return malloc(num); } @@ -155,51 +48,8 @@ CRYPTO_strdup(const char *str, const char *file, int line) return strdup(str); } -void * -CRYPTO_realloc(void *ptr, int num, const char *file, int line) -{ - if (num <= 0) - return NULL; - return realloc(ptr, num); -} - -void * -CRYPTO_realloc_clean(void *ptr, int old_len, int num, const char *file, - int line) -{ - if (num <= 0) - return NULL; - /* Original does not support shrinking. */ - if (num < old_len) - return NULL; - return recallocarray(ptr, old_len, num, 1); -} -LCRYPTO_ALIAS(CRYPTO_realloc_clean); - void -CRYPTO_free(void *ptr) +CRYPTO_free(void *ptr, const char *file, int line) { free(ptr); } - -void * -CRYPTO_remalloc(void *a, int num, const char *file, int line) -{ - free(a); - return malloc(num); -} -LCRYPTO_ALIAS(CRYPTO_remalloc); - -void -CRYPTO_set_mem_debug_options(long bits) -{ - return; -} -LCRYPTO_ALIAS(CRYPTO_set_mem_debug_options); - -long -CRYPTO_get_mem_debug_options(void) -{ - return 0; -} -LCRYPTO_ALIAS(CRYPTO_get_mem_debug_options); diff --git a/lib/libcrypto/man/BIO_printf.3 b/lib/libcrypto/man/BIO_printf.3 index 838b771be..32dec0a82 100644 --- a/lib/libcrypto/man/BIO_printf.3 +++ b/lib/libcrypto/man/BIO_printf.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: BIO_printf.3,v 1.3 2018/03/22 17:11:04 schwarze Exp $ +.\" $OpenBSD: BIO_printf.3,v 1.4 2024/03/02 09:18:28 tb Exp $ .\" OpenSSL 2ca2e917 Mon Mar 20 16:25:22 2017 -0400 .\" .\" Copyright (c) 2017 Ingo Schwarze @@ -15,14 +15,11 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: March 22 2018 $ +.Dd $Mdocdate: March 2 2024 $ .Dt BIO_PRINTF 3 .Os .Sh NAME -.Nm BIO_printf , -.Nm BIO_vprintf , -.Nm BIO_snprintf , -.Nm BIO_vsnprintf +.Nm BIO_printf .Nd formatted output to a BIO .Sh SYNOPSIS .In openssl/bio.h @@ -32,66 +29,18 @@ .Fa "const char *format" .Fa ... .Fc -.Ft int -.Fo BIO_vprintf -.Fa "BIO *bio" -.Fa "const char *format" -.Fa "va_list args" -.Fc -.Ft int -.Fo BIO_snprintf -.Fa "char *buf" -.Fa "size_t n" -.Fa "const char *format" -.Fa ... -.Fc -.Ft int -.Fo BIO_vsnprintf -.Fa "char *buf" -.Fa "size_t n" -.Fa "const char *format" -.Fa "va_list args" -.Fc .Sh DESCRIPTION -.Fn BIO_vprintf +.Fn BIO_printf is a wrapper around .Xr vfprintf 3 , sending the output to the specified .Fa bio . -.Pp -.Fn BIO_printf -is a wrapper around -.Fn BIO_vprintf . -.Pp -.Fn BIO_snprintf -and -.Fn BIO_vsnprintf -are wrappers around -.Xr vsnprintf 3 . .Sh RETURN VALUES These functions return the number of bytes written, or -1 if an error occurs. -.Pp -In contrast to -.Xr snprintf 3 -and -.Xr vsnprintf 3 , -.Fn BIO_snprintf -and -.Fn BIO_vsnprintf -also return -1 if -.Fa n -is too small to hold the complete output. .Sh SEE ALSO .Xr BIO_new 3 .Sh HISTORY .Fn BIO_printf first appeared in SSLeay 0.6.5 and has been available since .Ox 2.4 . -.Pp -.Fn BIO_vprintf , -.Fn BIO_snprintf , -and -.Fn BIO_vsnprintf -first appeared in OpenSSL 0.9.6 and have been available since -.Ox 2.9 . diff --git a/lib/libcrypto/man/CMAC_Init.3 b/lib/libcrypto/man/CMAC_Init.3 index 81cb8b8f0..f4143cf45 100644 --- a/lib/libcrypto/man/CMAC_Init.3 +++ b/lib/libcrypto/man/CMAC_Init.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: CMAC_Init.3,v 1.5 2023/12/25 15:52:18 schwarze Exp $ +.\" $OpenBSD: CMAC_Init.3,v 1.6 2024/03/02 09:30:21 tb Exp $ .\" .\" Copyright (c) 2020 Ingo Schwarze .\" @@ -14,7 +14,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: December 25 2023 $ +.Dd $Mdocdate: March 2 2024 $ .Dt CMAC_INIT 3 .Os .Sh NAME @@ -22,7 +22,6 @@ .Nm CMAC_Init , .Nm CMAC_Update , .Nm CMAC_Final , -.Nm CMAC_resume , .Nm CMAC_CTX_copy , .Nm CMAC_CTX_get0_cipher_ctx , .Nm CMAC_CTX_cleanup , @@ -52,13 +51,6 @@ .Fa "unsigned char *out_mac" .Fa "size_t *out_len" .Fc -.Ft int -.Fn CMAC_resume "CMAC_CTX *ctx" -.Ft int -.Fo CMAC_CTX_copy -.Fa "CMAC_CTX *out_ctx" -.Fa "CMAC_CTX *in_ctx" -.Fc .Ft EVP_CIPHER_CTX * .Fn CMAC_CTX_get0_cipher_ctx "CMAC_CTX *ctx" .Ft void @@ -183,19 +175,6 @@ resulting message authentication code to .Fa out_mac . The caller is responsible for providing a buffer of sufficient size. .Pp -Calling -.Fn CMAC_resume -after -.Fn CMAC_Final -allows the user to subsequently append additional data with -.Fn CMAC_Update . -Otherwise, unless -.Fn CMAC_Init -is called to start from scratch, -.Fn CMAC_Update -can no longer be used after -.Fn CMAC_Final . -.Pp .Fn CMAC_CTX_copy performs a deep copy of the already initialized .Fa in_ctx @@ -235,7 +214,6 @@ It succeeds unless memory is exhausted. .Fn CMAC_Init , .Fn CMAC_Update , .Fn CMAC_Final , -.Fn CMAC_resume , and .Fn CMAC_CTX_copy return 1 on success or 0 on failure. diff --git a/lib/libcrypto/man/Makefile b/lib/libcrypto/man/Makefile index 1123f1729..8cb837107 100644 --- a/lib/libcrypto/man/Makefile +++ b/lib/libcrypto/man/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.281 2024/01/22 13:44:59 job Exp $ +# $OpenBSD: Makefile,v 1.282 2024/03/02 11:04:51 tb Exp $ .include @@ -432,7 +432,6 @@ MAN= \ i2d_CMS_bio_stream.3 \ i2d_PKCS7_bio_stream.3 \ lh_new.3 \ - lh_stats.3 \ openssl.cnf.5 \ s2i_ASN1_INTEGER.3 \ x509v3.cnf.5 diff --git a/lib/libcrypto/man/lh_new.3 b/lib/libcrypto/man/lh_new.3 index d672b4d2d..eea5c288a 100644 --- a/lib/libcrypto/man/lh_new.3 +++ b/lib/libcrypto/man/lh_new.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: lh_new.3,v 1.10 2024/01/24 14:02:52 jsing Exp $ +.\" $OpenBSD: lh_new.3,v 1.11 2024/03/02 11:04:51 tb Exp $ .\" full merge up to: .\" OpenSSL doc/crypto/lhash.pod 1bc74519 May 20 08:11:46 2016 -0400 .\" selective merge up to: @@ -118,7 +118,7 @@ .\" copied and put under another distribution licence .\" [including the GNU Public Licence.] .\" -.Dd $Mdocdate: January 24 2024 $ +.Dd $Mdocdate: March 2 2024 $ .Dt LH_NEW 3 .Os .Sh NAME @@ -520,7 +520,6 @@ rather it would be used in the function passed to .Fn lh__new . .Sh SEE ALSO .Xr crypto 3 , -.Xr lh_stats 3 .Sh HISTORY .Fn lh_new , .Fn lh_free , diff --git a/lib/libcrypto/man/lh_stats.3 b/lib/libcrypto/man/lh_stats.3 deleted file mode 100644 index 5041721fe..000000000 --- a/lib/libcrypto/man/lh_stats.3 +++ /dev/null @@ -1,206 +0,0 @@ -.\" $OpenBSD: lh_stats.3,v 1.7 2020/03/29 17:05:02 schwarze Exp $ -.\" OpenSSL e2f92610 May 18 11:44:05 2016 -0400 -.\" -.\" -------------------------------------------------------------------------- -.\" Major patches to this file were contributed by -.\" Ulf Moeller . -.\" -------------------------------------------------------------------------- -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.\" -------------------------------------------------------------------------- -.\" Parts of this file are derived from SSLeay documentation, -.\" which is covered by the following Copyright and license: -.\" -------------------------------------------------------------------------- -.\" -.\" Copyright (C) 1995-1998 Tim Hudson (tjh@cryptsoft.com) -.\" All rights reserved. -.\" -.\" This package is an SSL implementation written -.\" by Eric Young (eay@cryptsoft.com). -.\" The implementation was written so as to conform with Netscapes SSL. -.\" -.\" This library is free for commercial and non-commercial use as long as -.\" the following conditions are aheared to. The following conditions -.\" apply to all code found in this distribution, be it the RC4, RSA, -.\" lhash, DES, etc., code; not just the SSL code. The SSL documentation -.\" included with this distribution is covered by the same copyright terms -.\" except that the holder is Tim Hudson (tjh@cryptsoft.com). -.\" -.\" Copyright remains Eric Young's, and as such any Copyright notices in -.\" the code are not to be removed. -.\" If this package is used in a product, Eric Young should be given -.\" attribution as the author of the parts of the library used. -.\" This can be in the form of a textual message at program startup or -.\" in documentation (online or textual) provided with the package. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" "This product includes cryptographic software written by -.\" Eric Young (eay@cryptsoft.com)" -.\" The word 'cryptographic' can be left out if the rouines from the -.\" library being used are not cryptographic related :-). -.\" 4. If you include any Windows specific code (or a derivative thereof) -.\" from the apps directory (application code) you must include an -.\" acknowledgement: "This product includes software written by -.\" Tim Hudson (tjh@cryptsoft.com)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" The licence and distribution terms for any publically available version or -.\" derivative of this code cannot be changed. i.e. this code cannot simply be -.\" copied and put under another distribution licence -.\" [including the GNU Public Licence.] -.\" -.Dd $Mdocdate: March 29 2020 $ -.Dt LH_STATS 3 -.Os -.Sh NAME -.Nm lh_stats , -.Nm lh_node_stats , -.Nm lh_node_usage_stats , -.Nm lh_stats_bio , -.Nm lh_node_stats_bio , -.Nm lh_node_usage_stats_bio -.Nd LHASH statistics -.Sh SYNOPSIS -.In openssl/lhash.h -.Ft void -.Fo lh_stats -.Fa "LHASH *table" -.Fa "FILE *out" -.Fc -.Ft void -.Fo lh_node_stats -.Fa "LHASH *table" -.Fa "FILE *out" -.Fc -.Ft void -.Fo lh_node_usage_stats -.Fa "LHASH *table" -.Fa "FILE *out" -.Fc -.Ft void -.Fo lh_stats_bio -.Fa "LHASH *table" -.Fa "BIO *out" -.Fc -.Ft void -.Fo lh_node_stats_bio -.Fa "LHASH *table" -.Fa "BIO *out" -.Fc -.Ft void -.Fo lh_node_usage_stats_bio -.Fa "LHASH *table" -.Fa "BIO *out" -.Fc -.Sh DESCRIPTION -The -.Vt LHASH -structure records statistics about most aspects of accessing the hash -table. -.Pp -.Fn lh_stats -prints out statistics on the size of the hash table, how many entries -are in it, and the number and result of calls to the routines in this -library. -.Pp -.Fn lh_node_stats -prints the number of entries for each 'bucket' in the hash table. -.Pp -.Fn lh_node_usage_stats -prints out a short summary of the state of the hash table. -It prints the 'load' and the 'actual load'. -The load is the average number of data items per 'bucket' in the hash -table. -The 'actual load' is the average number of items per 'bucket', but only -for buckets which contain entries. -So the 'actual load' is the average number of searches that will need to -find an item in the hash table, while the 'load' is the average number -that will be done to record a miss. -.Pp -.Fn lh_stats_bio , -.Fn lh_node_stats_bio , -and -.Fn lh_node_usage_stats_bio -are the same as the above, except that the output goes to a -.Vt BIO . -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr lh_new 3 -.Sh HISTORY -.Fn lh_stats , -.Fn lh_node_stats , -.Fn lh_node_usage_stats -appeared in SSLeay 0.4. -.Fn lh_stats_bio , -.Fn lh_node_stats_bio , -and -.Fn lh_node_usage_stats_bio -first appeared in SSLeay 0.6.0. -These functions have been available since -.Ox 2.4 . -.Sh AUTHORS -.An Eric Young diff --git a/lib/libcrypto/mem_dbg.c b/lib/libcrypto/mem_dbg.c index e2eacebe1..031db43e3 100644 --- a/lib/libcrypto/mem_dbg.c +++ b/lib/libcrypto/mem_dbg.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mem_dbg.c,v 1.25 2023/07/08 08:28:23 beck Exp $ */ +/* $OpenBSD: mem_dbg.c,v 1.27 2024/03/02 11:32:31 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -109,101 +109,10 @@ * */ -#include -#include #include -#include -#include int CRYPTO_mem_ctrl(int mode) { return (CRYPTO_MEM_CHECK_OFF); } - -int -CRYPTO_is_mem_check_on(void) -{ - return (0); -} - - -void -CRYPTO_dbg_set_options(long bits) -{ - return; -} -LCRYPTO_ALIAS(CRYPTO_dbg_set_options); - -long -CRYPTO_dbg_get_options(void) -{ - return (0); -} -LCRYPTO_ALIAS(CRYPTO_dbg_get_options); - -int -CRYPTO_push_info_(const char *info, const char *file, int line) -{ - return (0); -} -LCRYPTO_ALIAS(CRYPTO_push_info_); - -int -CRYPTO_pop_info(void) -{ - return (0); -} -LCRYPTO_ALIAS(CRYPTO_pop_info); - -int -CRYPTO_remove_all_info(void) -{ - return (0); -} -LCRYPTO_ALIAS(CRYPTO_remove_all_info); - -void -CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line, - int before_p) -{ - OPENSSL_assert("CRYPTO_dbg_malloc is no longer permitted"); -} -LCRYPTO_ALIAS(CRYPTO_dbg_malloc); - -void -CRYPTO_dbg_free(void *addr, int before_p) -{ - OPENSSL_assert("CRYPTO_dbg_free is no longer permitted"); -} -LCRYPTO_ALIAS(CRYPTO_dbg_free); - -void -CRYPTO_dbg_realloc(void *addr1, void *addr2, int num, - const char *file, int line, int before_p) -{ - OPENSSL_assert("CRYPTO_dbg_realloc is no longer permitted"); -} -LCRYPTO_ALIAS(CRYPTO_dbg_realloc); - -int -CRYPTO_mem_leaks(BIO *b) -{ - return -1; -} -LCRYPTO_ALIAS(CRYPTO_mem_leaks); - -int -CRYPTO_mem_leaks_fp(FILE *fp) -{ - return -1; -} -LCRYPTO_ALIAS(CRYPTO_mem_leaks_fp); - - -int -CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb) -{ - return -1; -} -LCRYPTO_ALIAS(CRYPTO_mem_leaks_cb); diff --git a/lib/libcrypto/objects/obj_dat.c b/lib/libcrypto/objects/obj_dat.c index 1719cc73e..b90c80316 100644 --- a/lib/libcrypto/objects/obj_dat.c +++ b/lib/libcrypto/objects/obj_dat.c @@ -1,4 +1,4 @@ -/* $OpenBSD: obj_dat.c,v 1.86 2024/02/26 15:00:30 tb Exp $ */ +/* $OpenBSD: obj_dat.c,v 1.89 2024/03/02 11:11:11 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -71,6 +71,7 @@ #include #include "asn1_local.h" +#include "lhash_local.h" /* obj_dat.h is generated from objects.h by obj_dat.pl */ #include "obj_dat.h" @@ -208,7 +209,7 @@ OBJ_new_nid(int num) } LCRYPTO_ALIAS(OBJ_new_nid); -int +static int OBJ_add_object(const ASN1_OBJECT *obj) { ASN1_OBJECT *o = NULL; @@ -258,7 +259,6 @@ OBJ_add_object(const ASN1_OBJECT *obj) ASN1_OBJECT_free(o); return (NID_undef); } -LCRYPTO_ALIAS(OBJ_add_object); ASN1_OBJECT * OBJ_nid2obj(int nid) @@ -436,23 +436,6 @@ OBJ_ln2nid(const char *ln) } LCRYPTO_ALIAS(OBJ_ln2nid); -const void * -OBJ_bsearch_(const void *key, const void *base, int num, int size, - int (*cmp)(const void *, const void *)) -{ - OBJerror(ERR_R_DISABLED); - return NULL; -} -LCRYPTO_ALIAS(OBJ_bsearch_); - -const void * -OBJ_bsearch_ex_(const void *key, const void *base_, int num, int size, - int (*cmp)(const void *, const void *), int flags) -{ - OBJerror(ERR_R_DISABLED); - return NULL; -} - /* Convert an object name into an ASN1_OBJECT * if "noname" is not set then search for short and long names first. * This will convert the "dotted" form into an object: unlike OBJ_txt2nid diff --git a/lib/libcrypto/objects/objects.h b/lib/libcrypto/objects/objects.h index 451545e05..1a8490bd1 100644 --- a/lib/libcrypto/objects/objects.h +++ b/lib/libcrypto/objects/objects.h @@ -1,4 +1,4 @@ -/* $OpenBSD: objects.h,v 1.23 2023/07/28 10:25:05 tb Exp $ */ +/* $OpenBSD: objects.h,v 1.29 2024/03/02 09:51:36 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -71,16 +71,10 @@ #define OBJ_NAME_TYPE_UNDEF 0x00 #define OBJ_NAME_TYPE_MD_METH 0x01 #define OBJ_NAME_TYPE_CIPHER_METH 0x02 -#define OBJ_NAME_TYPE_PKEY_METH 0x03 -#define OBJ_NAME_TYPE_COMP_METH 0x04 -#define OBJ_NAME_TYPE_NUM 0x05 +#define OBJ_NAME_TYPE_NUM 0x03 #define OBJ_NAME_ALIAS 0x8000 -#define OBJ_BSEARCH_VALUE_ON_NOMATCH 0x01 -#define OBJ_BSEARCH_FIRST_VALUE_ON_MATCH 0x02 - - #ifdef __cplusplus extern "C" { #endif @@ -89,20 +83,9 @@ typedef struct obj_name_st { int type; int alias; const char *name; - const char *data; + const void *data; } OBJ_NAME; -#define OBJ_create_and_add_object(a,b,c) OBJ_create(a,b,c) - - -int OBJ_NAME_init(void); -int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *), - int (*cmp_func)(const char *, const char *), - void (*free_func)(const char *, int, const char *)); -const char *OBJ_NAME_get(const char *name, int type); -int OBJ_NAME_add(const char *name, int type, const char *data); -int OBJ_NAME_remove(const char *name, int type); -void OBJ_NAME_cleanup(int type); /* -1 for everything */ void OBJ_NAME_do_all(int type, void (*fn)(const OBJ_NAME *, void *arg), void *arg); void OBJ_NAME_do_all_sorted(int type, void (*fn)(const OBJ_NAME *, void *arg), @@ -120,16 +103,7 @@ int OBJ_ln2nid(const char *s); int OBJ_sn2nid(const char *s); int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b); -#if defined(LIBRESSL_INTERNAL) -const void * OBJ_bsearch_(const void *key, const void *base, int num, - int size, int (*cmp)(const void *, const void *)); -const void * OBJ_bsearch_ex_(const void *key, const void *base, int num, - int size, int (*cmp)(const void *, const void *), - int flags); -#endif - int OBJ_new_nid(int num); -int OBJ_add_object(const ASN1_OBJECT *obj); int OBJ_create(const char *oid, const char *sn, const char *ln); void OBJ_cleanup(void); int OBJ_create_objects(BIO *in); diff --git a/lib/libcrypto/ocsp/ocsp_cl.c b/lib/libcrypto/ocsp/ocsp_cl.c index 89113f78b..5ef222678 100644 --- a/lib/libcrypto/ocsp/ocsp_cl.c +++ b/lib/libcrypto/ocsp/ocsp_cl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ocsp_cl.c,v 1.23 2023/07/08 10:44:00 beck Exp $ */ +/* $OpenBSD: ocsp_cl.c,v 1.24 2024/03/02 09:08:41 tb Exp $ */ /* Written by Tom Titchener for the OpenSSL * project. */ @@ -71,6 +71,7 @@ #include #include +#include "asn1_local.h" #include "ocsp_local.h" /* Utility functions related to sending OCSP requests and extracting diff --git a/lib/libcrypto/opensslfeatures.h b/lib/libcrypto/opensslfeatures.h index 02d522895..aecc872d4 100644 --- a/lib/libcrypto/opensslfeatures.h +++ b/lib/libcrypto/opensslfeatures.h @@ -1,4 +1,4 @@ -/* $OpenBSD: opensslfeatures.h,v 1.41 2023/07/28 09:53:55 tb Exp $ */ +/* $OpenBSD: opensslfeatures.h,v 1.43 2024/03/02 11:25:46 tb Exp $ */ /* * Feature flags for LibreSSL... so you can actually tell when things * are enabled, rather than not being able to tell when things are @@ -34,14 +34,19 @@ /* #define OPENSSL_NO_AUTOERRINIT */ /* #define OPENSSL_NO_AUTOLOAD_CONFIG */ /* #define OPENSSL_NO_BF */ -/* #define OPENSSL_NO_BLAKE2 */ +#define OPENSSL_NO_BLAKE2 +#define OPENSSL_NO_BROTLI +/* #define OPENSSL_NO_BUILTIN_OVERFLOW_CHECKING */ /* #define OPENSSL_NO_CAMELLIA */ -/* #define OPENSSL_NO_CAPIENG */ +#define OPENSSL_NO_CAPIENG /* #define OPENSSL_NO_CAST */ /* #define OPENSSL_NO_CHACHA */ /* #define OPENSSL_NO_CMAC */ +/* #define OPENSSL_NO_CMP */ /* #define OPENSSL_NO_CMS */ -#define OPENSSL_NO_COMP /* XXX */ +#define OPENSSL_NO_COMP +/* #define OPENSSL_NO_COMP_ALG */ +/* #define OPENSSL_NO_CRMF */ /* #define OPENSSL_NO_CRYPTO_MDEBUG */ /* #define OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE */ /* #define OPENSSL_NO_CT */ @@ -65,14 +70,20 @@ #define OPENSSL_NO_EGD #define OPENSSL_NO_ENGINE /* #define OPENSSL_NO_ERR */ +/* #define OPENSSL_NO_FILENAMES */ /* #define OPENSSL_NO_FUZZ_AFL */ /* #define OPENSSL_NO_FUZZ_LIBFUZZER */ -/* #define OPENSSL_NO_GOST */ +#define OPENSSL_NO_GOST #define OPENSSL_NO_HEARTBEATS /* #define OPENSSL_NO_HW */ /* #define OPENSSL_NO_HW_PADLOCK */ /* #define OPENSSL_NO_IDEA */ /* #define OPENSSL_NO_INLINE_ASM */ +/* #define OPENSSL_NO_KEYPARAMS */ +#define OPENSSL_NO_KTLS +/* #define OPENSSL_NO_KTLS_RX */ +/* #define OPENSSL_NO_KTLS_ZC_TX */ +/* #define OPENSSL_NO_LOCALE */ #define OPENSSL_NO_MD2 /* #define OPENSSL_NO_MD4 */ /* #define OPENSSL_NO_MD5 */ @@ -81,10 +92,12 @@ /* #define OPENSSL_NO_NEXTPROTONEG */ /* #define OPENSSL_NO_OCB */ /* #define OPENSSL_NO_OCSP */ +/* #define OPENSSL_NO_PADLOCKENG */ /* #define OPENSSL_NO_PINSHARED */ /* #define OPENSSL_NO_POLY1305 */ /* #define OPENSSL_NO_POSIX_IO */ #define OPENSSL_NO_PSK +#define OPENSSL_NO_QUIC /* #define OPENSSL_NO_RC2 */ /* #define OPENSSL_NO_RC4 */ #define OPENSSL_NO_RC5 @@ -92,11 +105,12 @@ /* #define OPENSSL_NO_RFC3779 */ /* #define OPENSSL_NO_RMD160 */ /* #define OPENSSL_NO_RSA */ -/* #define OPENSSL_NO_SCRYPT */ +#define OPENSSL_NO_SCRYPT #define OPENSSL_NO_SCTP /* #define OPENSSL_NO_SECURE_MEMORY */ #define OPENSSL_NO_SEED /* #define OPENSSL_NO_SIPHASH */ +/* #define OPENSSL_NO_SIV */ /* #define OPENSSL_NO_SM2 */ /* #define OPENSSL_NO_SM3 */ /* #define OPENSSL_NO_SM4 */ @@ -108,6 +122,7 @@ #define OPENSSL_NO_SSL_TRACE /* #define OPENSSL_NO_STATIC_ENGINE */ /* #define OPENSSL_NO_STDIO */ +/* #define OPENSSL_NO_THREAD_POOL */ /* #define OPENSSL_NO_TLS */ #define OPENSSL_NO_TLS1 #define OPENSSL_NO_TLS1_1 @@ -119,8 +134,13 @@ #define OPENSSL_NO_TLS1_3 #endif /* #define OPENSSL_NO_TLS1_METHOD */ +/* #define OPENSSL_NO_TRACE */ /* #define OPENSSL_NO_TS */ /* #define OPENSSL_NO_UI_CONSOLE */ /* #define OPENSSL_NO_UNIT_TEST */ +/* #define OPENSSL_NO_UNIX_SOCK */ /* #define OPENSSL_NO_WEAK_SSL_CIPHERS */ /* #define OPENSSL_NO_WHIRLPOOL */ +/* #define OPENSSL_NO_WINSTORE */ +#define OPENSSL_NO_ZLIB +/* #define OPENSSL_NO_ZSTD */ diff --git a/lib/libcrypto/opensslv.h b/lib/libcrypto/opensslv.h index d7ce60fd3..c6603655e 100644 --- a/lib/libcrypto/opensslv.h +++ b/lib/libcrypto/opensslv.h @@ -1,11 +1,11 @@ -/* $OpenBSD: opensslv.h,v 1.77 2023/09/20 11:42:25 tb Exp $ */ +/* $OpenBSD: opensslv.h,v 1.78 2024/03/02 11:53:30 tb Exp $ */ #ifndef HEADER_OPENSSLV_H #define HEADER_OPENSSLV_H /* These will change with each release of LibreSSL-portable */ -#define LIBRESSL_VERSION_NUMBER 0x3080200fL +#define LIBRESSL_VERSION_NUMBER 0x3090000fL /* ^ Patch starts here */ -#define LIBRESSL_VERSION_TEXT "LibreSSL 3.8.2" +#define LIBRESSL_VERSION_TEXT "LibreSSL 3.9.0" /* These will never change */ #define OPENSSL_VERSION_NUMBER 0x20000000L diff --git a/lib/libcrypto/pkcs12/p12_add.c b/lib/libcrypto/pkcs12/p12_add.c index 8ce1fede7..f6f42c558 100644 --- a/lib/libcrypto/pkcs12/p12_add.c +++ b/lib/libcrypto/pkcs12/p12_add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: p12_add.c,v 1.23 2024/01/25 13:44:08 tb Exp $ */ +/* $OpenBSD: p12_add.c,v 1.25 2024/03/02 10:20:27 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -62,6 +62,7 @@ #include #include "pkcs12_local.h" +#include "x509_local.h" /* Pack an object into an OCTET STRING and turn into a safebag */ @@ -90,7 +91,6 @@ PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it, int nid1, int nid2) safebag->type = OBJ_nid2obj(nid2); return safebag; } -LCRYPTO_ALIAS(PKCS12_item_pack_safebag); /* Turn a stack of SAFEBAGS into a PKCS#7 data Contentinfo */ PKCS7 * @@ -118,7 +118,6 @@ err: PKCS7_free(p7); return NULL; } -LCRYPTO_ALIAS(PKCS12_pack_p7data); /* Unpack SAFEBAGS from PKCS#7 data ContentInfo */ STACK_OF(PKCS12_SAFEBAG) * @@ -181,7 +180,6 @@ err: PKCS7_free(p7); return NULL; } -LCRYPTO_ALIAS(PKCS12_pack_p7encdata); STACK_OF(PKCS12_SAFEBAG) * PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass, int passlen) @@ -214,7 +212,6 @@ PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes) return 1; return 0; } -LCRYPTO_ALIAS(PKCS12_pack_authsafes); STACK_OF(PKCS7) * PKCS12_unpack_authsafes(const PKCS12 *p12) diff --git a/lib/libcrypto/pkcs12/p12_asn.c b/lib/libcrypto/pkcs12/p12_asn.c index d32b6730f..d34947e92 100644 --- a/lib/libcrypto/pkcs12/p12_asn.c +++ b/lib/libcrypto/pkcs12/p12_asn.c @@ -1,4 +1,4 @@ -/* $OpenBSD: p12_asn.c,v 1.14 2023/02/16 08:38:17 tb Exp $ */ +/* $OpenBSD: p12_asn.c,v 1.15 2024/03/02 10:15:16 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -170,28 +170,24 @@ d2i_PKCS12_MAC_DATA(PKCS12_MAC_DATA **a, const unsigned char **in, long len) return (PKCS12_MAC_DATA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, &PKCS12_MAC_DATA_it); } -LCRYPTO_ALIAS(d2i_PKCS12_MAC_DATA); int i2d_PKCS12_MAC_DATA(PKCS12_MAC_DATA *a, unsigned char **out) { return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS12_MAC_DATA_it); } -LCRYPTO_ALIAS(i2d_PKCS12_MAC_DATA); PKCS12_MAC_DATA * PKCS12_MAC_DATA_new(void) { return (PKCS12_MAC_DATA *)ASN1_item_new(&PKCS12_MAC_DATA_it); } -LCRYPTO_ALIAS(PKCS12_MAC_DATA_new); void PKCS12_MAC_DATA_free(PKCS12_MAC_DATA *a) { ASN1_item_free((ASN1_VALUE *)a, &PKCS12_MAC_DATA_it); } -LCRYPTO_ALIAS(PKCS12_MAC_DATA_free); static const ASN1_TEMPLATE bag_default_tt = { .flags = ASN1_TFLG_EXPLICIT, @@ -280,28 +276,24 @@ d2i_PKCS12_BAGS(PKCS12_BAGS **a, const unsigned char **in, long len) return (PKCS12_BAGS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, &PKCS12_BAGS_it); } -LCRYPTO_ALIAS(d2i_PKCS12_BAGS); int i2d_PKCS12_BAGS(PKCS12_BAGS *a, unsigned char **out) { return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS12_BAGS_it); } -LCRYPTO_ALIAS(i2d_PKCS12_BAGS); PKCS12_BAGS * PKCS12_BAGS_new(void) { return (PKCS12_BAGS *)ASN1_item_new(&PKCS12_BAGS_it); } -LCRYPTO_ALIAS(PKCS12_BAGS_new); void PKCS12_BAGS_free(PKCS12_BAGS *a) { ASN1_item_free((ASN1_VALUE *)a, &PKCS12_BAGS_it); } -LCRYPTO_ALIAS(PKCS12_BAGS_free); static const ASN1_TEMPLATE safebag_default_tt = { .flags = ASN1_TFLG_EXPLICIT, diff --git a/lib/libcrypto/pkcs12/p12_decr.c b/lib/libcrypto/pkcs12/p12_decr.c index 04818acd1..907d4e52a 100644 --- a/lib/libcrypto/pkcs12/p12_decr.c +++ b/lib/libcrypto/pkcs12/p12_decr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: p12_decr.c,v 1.25 2024/02/18 15:44:10 tb Exp $ */ +/* $OpenBSD: p12_decr.c,v 1.26 2024/03/02 10:15:16 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -116,7 +116,6 @@ err: return out; } -LCRYPTO_ALIAS(PKCS12_pbe_crypt); /* Decrypt an OCTET STRING and decode ASN1 structure * if zbuf set zero buffer after use. @@ -145,7 +144,6 @@ PKCS12_item_decrypt_d2i(const X509_ALGOR *algor, const ASN1_ITEM *it, free(out); return ret; } -LCRYPTO_ALIAS(PKCS12_item_decrypt_d2i); /* Encode ASN1 structure and encrypt, return OCTET STRING * if zbuf set zero encoding. @@ -184,6 +182,3 @@ err: ASN1_OCTET_STRING_free(oct); return NULL; } -LCRYPTO_ALIAS(PKCS12_item_i2d_encrypt); - -IMPLEMENT_PKCS12_STACK_OF(PKCS7) diff --git a/lib/libcrypto/pkcs12/p12_key.c b/lib/libcrypto/pkcs12/p12_key.c index 8812f1c06..78e7d0450 100644 --- a/lib/libcrypto/pkcs12/p12_key.c +++ b/lib/libcrypto/pkcs12/p12_key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: p12_key.c,v 1.34 2023/02/16 08:38:17 tb Exp $ */ +/* $OpenBSD: p12_key.c,v 1.35 2024/03/02 10:15:16 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -64,6 +64,7 @@ #include #include "evp_local.h" +#include "pkcs12_local.h" /* PKCS12 compatible key/IV generation */ #ifndef min @@ -93,7 +94,6 @@ PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, freezero(unipass, uniplen); return ret; } -LCRYPTO_ALIAS(PKCS12_key_gen_asc); int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, @@ -194,4 +194,3 @@ PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, return ret; } -LCRYPTO_ALIAS(PKCS12_key_gen_uni); diff --git a/lib/libcrypto/pkcs12/p12_mutl.c b/lib/libcrypto/pkcs12/p12_mutl.c index c71ed735e..2a728294a 100644 --- a/lib/libcrypto/pkcs12/p12_mutl.c +++ b/lib/libcrypto/pkcs12/p12_mutl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: p12_mutl.c,v 1.36 2024/01/25 13:44:08 tb Exp $ */ +/* $OpenBSD: p12_mutl.c,v 1.37 2024/03/02 10:15:16 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -263,5 +263,4 @@ PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen, return 1; } -LCRYPTO_ALIAS(PKCS12_setup_mac); #endif diff --git a/lib/libcrypto/pkcs12/p12_p8d.c b/lib/libcrypto/pkcs12/p12_p8d.c index dd5e8d987..d4874e3b7 100644 --- a/lib/libcrypto/pkcs12/p12_p8d.c +++ b/lib/libcrypto/pkcs12/p12_p8d.c @@ -1,4 +1,4 @@ -/* $OpenBSD: p12_p8d.c,v 1.11 2023/02/16 08:38:17 tb Exp $ */ +/* $OpenBSD: p12_p8d.c,v 1.12 2024/03/02 10:15:16 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2001. */ @@ -60,6 +60,7 @@ #include +#include "pkcs12_local.h" #include "x509_local.h" PKCS8_PRIV_KEY_INFO * diff --git a/lib/libcrypto/pkcs12/p12_p8e.c b/lib/libcrypto/pkcs12/p12_p8e.c index 87c4be56a..bf6159326 100644 --- a/lib/libcrypto/pkcs12/p12_p8e.c +++ b/lib/libcrypto/pkcs12/p12_p8e.c @@ -1,4 +1,4 @@ -/* $OpenBSD: p12_p8e.c,v 1.12 2023/02/16 08:38:17 tb Exp $ */ +/* $OpenBSD: p12_p8e.c,v 1.13 2024/03/02 10:15:16 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2001. */ @@ -61,6 +61,7 @@ #include #include +#include "pkcs12_local.h" #include "x509_local.h" X509_SIG * diff --git a/lib/libcrypto/pkcs12/pkcs12.h b/lib/libcrypto/pkcs12/pkcs12.h index 44dbb3815..962403976 100644 --- a/lib/libcrypto/pkcs12/pkcs12.h +++ b/lib/libcrypto/pkcs12/pkcs12.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pkcs12.h,v 1.27 2022/09/11 17:30:13 tb Exp $ */ +/* $OpenBSD: pkcs12.h,v 1.28 2024/03/02 10:15:16 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -161,22 +161,12 @@ void PKCS12_get0_mac(const ASN1_OCTET_STRING **pmac, const X509_ALGOR **pmacalg, const ASN1_OCTET_STRING **psalt, const ASN1_INTEGER **piter, const PKCS12 *p12); -PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_cert(X509 *x509); -PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_crl(X509_CRL *crl); -PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_p8inf(PKCS8_PRIV_KEY_INFO *p8); -PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_pkcs8(X509_SIG *p8); -PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8_encrypt(int pbe_nid, - const char *pass, int passlen, unsigned char *salt, int saltlen, int iter, - PKCS8_PRIV_KEY_INFO *p8); - const PKCS8_PRIV_KEY_INFO *PKCS12_SAFEBAG_get0_p8inf(const PKCS12_SAFEBAG *bag); const X509_SIG *PKCS12_SAFEBAG_get0_pkcs8(const PKCS12_SAFEBAG *bag); const STACK_OF(PKCS12_SAFEBAG) * PKCS12_SAFEBAG_get0_safes(const PKCS12_SAFEBAG *bag); const ASN1_OBJECT *PKCS12_SAFEBAG_get0_type(const PKCS12_SAFEBAG *bag); -PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it, - int nid1, int nid2); PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(const X509_SIG *p8, const char *pass, int passlen); PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(const PKCS12_SAFEBAG *bag, @@ -184,53 +174,19 @@ PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(const PKCS12_SAFEBAG *bag, X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, const char *pass, int passlen, unsigned char *salt, int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8); -PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk); + STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7); -PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen, - unsigned char *salt, int saltlen, int iter, STACK_OF(PKCS12_SAFEBAG) *bags); STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass, int passlen); - -int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes); STACK_OF(PKCS7) *PKCS12_unpack_authsafes(const PKCS12 *p12); -int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, - int namelen); -int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name, - int namelen); -int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name, - int namelen); -int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag, const unsigned char *name, - int namelen); int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage); -ASN1_TYPE *PKCS12_get_attr_gen(const STACK_OF(X509_ATTRIBUTE) *attrs, - int attr_nid); char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag); -unsigned char *PKCS12_pbe_crypt(const X509_ALGOR *algor, const char *pass, - int passlen, const unsigned char *in, int inlen, unsigned char **data, - int *datalen, int en_de); -void *PKCS12_item_decrypt_d2i(const X509_ALGOR *algor, const ASN1_ITEM *it, - const char *pass, int passlen, const ASN1_OCTET_STRING *oct, int zbuf); -ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor, - const ASN1_ITEM *it, const char *pass, int passlen, void *obj, int zbuf); -PKCS12 *PKCS12_init(int mode); -int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, - int saltlen, int id, int iter, int n, unsigned char *out, - const EVP_MD *md_type); -int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, - int saltlen, int id, int iter, int n, unsigned char *out, - const EVP_MD *md_type); -int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md_type, - int en_de); -int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, - unsigned char *mac, unsigned int *maclen); int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen); int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen, unsigned char *salt, int saltlen, int iter, const EVP_MD *md_type); -int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, - int saltlen, const EVP_MD *md_type); + unsigned char *OPENSSL_asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen); char *OPENSSL_uni2asc(const unsigned char *uni, int unilen); @@ -240,24 +196,12 @@ void PKCS12_free(PKCS12 *a); PKCS12 *d2i_PKCS12(PKCS12 **a, const unsigned char **in, long len); int i2d_PKCS12(PKCS12 *a, unsigned char **out); extern const ASN1_ITEM PKCS12_it; -PKCS12_MAC_DATA *PKCS12_MAC_DATA_new(void); -void PKCS12_MAC_DATA_free(PKCS12_MAC_DATA *a); -PKCS12_MAC_DATA *d2i_PKCS12_MAC_DATA(PKCS12_MAC_DATA **a, const unsigned char **in, long len); -int i2d_PKCS12_MAC_DATA(PKCS12_MAC_DATA *a, unsigned char **out); -extern const ASN1_ITEM PKCS12_MAC_DATA_it; + PKCS12_SAFEBAG *PKCS12_SAFEBAG_new(void); void PKCS12_SAFEBAG_free(PKCS12_SAFEBAG *a); PKCS12_SAFEBAG *d2i_PKCS12_SAFEBAG(PKCS12_SAFEBAG **a, const unsigned char **in, long len); int i2d_PKCS12_SAFEBAG(PKCS12_SAFEBAG *a, unsigned char **out); extern const ASN1_ITEM PKCS12_SAFEBAG_it; -PKCS12_BAGS *PKCS12_BAGS_new(void); -void PKCS12_BAGS_free(PKCS12_BAGS *a); -PKCS12_BAGS *d2i_PKCS12_BAGS(PKCS12_BAGS **a, const unsigned char **in, long len); -int i2d_PKCS12_BAGS(PKCS12_BAGS *a, unsigned char **out); -extern const ASN1_ITEM PKCS12_BAGS_it; - -extern const ASN1_ITEM PKCS12_SAFEBAGS_it; -extern const ASN1_ITEM PKCS12_AUTHSAFES_it; void PKCS12_PBE_add(void); int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, @@ -266,13 +210,6 @@ PKCS12 *PKCS12_create(const char *pass, const char *name, EVP_PKEY *pkey, X509 *cert, STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, int mac_iter, int keytype); -PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert); -PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags, EVP_PKEY *key, - int key_usage, int iter, int key_nid, const char *pass); -int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags, - int safe_nid, int iter, const char *pass); -PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid); - int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12); int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12); PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12); diff --git a/lib/libcrypto/pkcs12/pkcs12_local.h b/lib/libcrypto/pkcs12/pkcs12_local.h index 8d82d2f46..dfdcdce1f 100644 --- a/lib/libcrypto/pkcs12/pkcs12_local.h +++ b/lib/libcrypto/pkcs12/pkcs12_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pkcs12_local.h,v 1.4 2024/01/25 13:44:08 tb Exp $ */ +/* $OpenBSD: pkcs12_local.h,v 1.5 2024/03/02 10:15:16 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -96,6 +96,79 @@ struct pkcs12_bag_st { } value; }; +extern const ASN1_ITEM PKCS12_SAFEBAGS_it; +extern const ASN1_ITEM PKCS12_AUTHSAFES_it; + +PKCS12_BAGS *PKCS12_BAGS_new(void); +void PKCS12_BAGS_free(PKCS12_BAGS *a); +PKCS12_BAGS *d2i_PKCS12_BAGS(PKCS12_BAGS **a, const unsigned char **in, long len); +int i2d_PKCS12_BAGS(PKCS12_BAGS *a, unsigned char **out); +extern const ASN1_ITEM PKCS12_BAGS_it; + +PKCS12_MAC_DATA *PKCS12_MAC_DATA_new(void); +void PKCS12_MAC_DATA_free(PKCS12_MAC_DATA *a); +PKCS12_MAC_DATA *d2i_PKCS12_MAC_DATA(PKCS12_MAC_DATA **a, const unsigned char **in, long len); +int i2d_PKCS12_MAC_DATA(PKCS12_MAC_DATA *a, unsigned char **out); +extern const ASN1_ITEM PKCS12_MAC_DATA_it; + +PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_p8inf(PKCS8_PRIV_KEY_INFO *p8); +PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_pkcs8(X509_SIG *p8); +PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_cert(X509 *x509); +PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_crl(X509_CRL *crl); +PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8_encrypt(int pbe_nid, + const char *pass, int passlen, unsigned char *salt, int saltlen, int iter, + PKCS8_PRIV_KEY_INFO *p8); + +PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert); +PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags, EVP_PKEY *key, + int key_usage, int iter, int key_nid, const char *pass); +int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags, + int safe_nid, int iter, const char *pass); +PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid); + +int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name, + int namelen); +int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name, + int namelen); +int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag, const unsigned char *name, + int namelen); +int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, + int namelen); + +int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, + unsigned char *mac, unsigned int *maclen); + +ASN1_TYPE *PKCS12_get_attr_gen(const STACK_OF(X509_ATTRIBUTE) *attrs, + int attr_nid); + +PKCS12 *PKCS12_init(int mode); + +void *PKCS12_item_decrypt_d2i(const X509_ALGOR *algor, const ASN1_ITEM *it, + const char *pass, int passlen, const ASN1_OCTET_STRING *oct, int zbuf); +ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor, + const ASN1_ITEM *it, const char *pass, int passlen, void *obj, int zbuf); +PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it, + int nid1, int nid2); + +int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, + int saltlen, int id, int iter, int n, unsigned char *out, + const EVP_MD *md_type); +int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, + int saltlen, int id, int iter, int n, unsigned char *out, + const EVP_MD *md_type); + +int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes); +PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk); +PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen, + unsigned char *salt, int saltlen, int iter, STACK_OF(PKCS12_SAFEBAG) *bags); + +unsigned char *PKCS12_pbe_crypt(const X509_ALGOR *algor, const char *pass, + int passlen, const unsigned char *in, int inlen, unsigned char **data, + int *datalen, int en_de); + +int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, + int saltlen, const EVP_MD *md_type); + /* XXX - should go into pkcs7_local.h. */ ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7); diff --git a/lib/libcrypto/shlib_version b/lib/libcrypto/shlib_version index 41c861f74..9ef118abb 100644 --- a/lib/libcrypto/shlib_version +++ b/lib/libcrypto/shlib_version @@ -1,3 +1,3 @@ # Don't forget to give libssl and libtls the same type of bump! -major=52 +major=53 minor=0 diff --git a/lib/libcrypto/stack/safestack.h b/lib/libcrypto/stack/safestack.h index df580eb3f..8330cf181 100644 --- a/lib/libcrypto/stack/safestack.h +++ b/lib/libcrypto/stack/safestack.h @@ -1,4 +1,4 @@ -/* $OpenBSD: safestack.h,v 1.29 2023/08/03 16:32:15 tb Exp $ */ +/* $OpenBSD: safestack.h,v 1.33 2024/03/02 11:22:48 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999 The OpenSSL Project. All rights reserved. * @@ -84,16 +84,8 @@ #define STACK_OF(type) struct stack_st_##type #define PREDECLARE_STACK_OF(type) STACK_OF(type); -#define DECLARE_STACK_OF(type) \ -STACK_OF(type) \ - { \ - _STACK stack; \ - }; -#define DECLARE_SPECIAL_STACK_OF(type, type2) \ -STACK_OF(type) \ - { \ - _STACK stack; \ - }; +#define DECLARE_STACK_OF(type) STACK_OF(type); +#define DECLARE_SPECIAL_STACK_OF(type, type2) STACK_OF(type); #define IMPLEMENT_STACK_OF(type) /* nada (obsolete in new safestack approach)*/ @@ -147,9 +139,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) sk_unshift(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val)) #define SKM_sk_find(type, st, val) \ sk_find(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val)) -#define SKM_sk_find_ex(type, st, val) \ - sk_find_ex(CHECKED_STACK_OF(type, st), \ - CHECKED_PTR_OF(type, val)) #define SKM_sk_delete(type, st, i) \ (type *)sk_delete(CHECKED_STACK_OF(type, st), i) #define SKM_sk_delete_ptr(type, st, ptr) \ @@ -182,7 +171,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_ACCESS_DESCRIPTION_push(st, val) SKM_sk_push(ACCESS_DESCRIPTION, (st), (val)) #define sk_ACCESS_DESCRIPTION_unshift(st, val) SKM_sk_unshift(ACCESS_DESCRIPTION, (st), (val)) #define sk_ACCESS_DESCRIPTION_find(st, val) SKM_sk_find(ACCESS_DESCRIPTION, (st), (val)) -#define sk_ACCESS_DESCRIPTION_find_ex(st, val) SKM_sk_find_ex(ACCESS_DESCRIPTION, (st), (val)) #define sk_ACCESS_DESCRIPTION_delete(st, i) SKM_sk_delete(ACCESS_DESCRIPTION, (st), (i)) #define sk_ACCESS_DESCRIPTION_delete_ptr(st, ptr) SKM_sk_delete_ptr(ACCESS_DESCRIPTION, (st), (ptr)) #define sk_ACCESS_DESCRIPTION_insert(st, val, i) SKM_sk_insert(ACCESS_DESCRIPTION, (st), (val), (i)) @@ -204,7 +192,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_ASIdOrRange_push(st, val) SKM_sk_push(ASIdOrRange, (st), (val)) #define sk_ASIdOrRange_unshift(st, val) SKM_sk_unshift(ASIdOrRange, (st), (val)) #define sk_ASIdOrRange_find(st, val) SKM_sk_find(ASIdOrRange, (st), (val)) -#define sk_ASIdOrRange_find_ex(st, val) SKM_sk_find_ex(ASIdOrRange, (st), (val)) #define sk_ASIdOrRange_delete(st, i) SKM_sk_delete(ASIdOrRange, (st), (i)) #define sk_ASIdOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASIdOrRange, (st), (ptr)) #define sk_ASIdOrRange_insert(st, val, i) SKM_sk_insert(ASIdOrRange, (st), (val), (i)) @@ -226,7 +213,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_ASN1_GENERALSTRING_push(st, val) SKM_sk_push(ASN1_GENERALSTRING, (st), (val)) #define sk_ASN1_GENERALSTRING_unshift(st, val) SKM_sk_unshift(ASN1_GENERALSTRING, (st), (val)) #define sk_ASN1_GENERALSTRING_find(st, val) SKM_sk_find(ASN1_GENERALSTRING, (st), (val)) -#define sk_ASN1_GENERALSTRING_find_ex(st, val) SKM_sk_find_ex(ASN1_GENERALSTRING, (st), (val)) #define sk_ASN1_GENERALSTRING_delete(st, i) SKM_sk_delete(ASN1_GENERALSTRING, (st), (i)) #define sk_ASN1_GENERALSTRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_GENERALSTRING, (st), (ptr)) #define sk_ASN1_GENERALSTRING_insert(st, val, i) SKM_sk_insert(ASN1_GENERALSTRING, (st), (val), (i)) @@ -248,7 +234,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_ASN1_INTEGER_push(st, val) SKM_sk_push(ASN1_INTEGER, (st), (val)) #define sk_ASN1_INTEGER_unshift(st, val) SKM_sk_unshift(ASN1_INTEGER, (st), (val)) #define sk_ASN1_INTEGER_find(st, val) SKM_sk_find(ASN1_INTEGER, (st), (val)) -#define sk_ASN1_INTEGER_find_ex(st, val) SKM_sk_find_ex(ASN1_INTEGER, (st), (val)) #define sk_ASN1_INTEGER_delete(st, i) SKM_sk_delete(ASN1_INTEGER, (st), (i)) #define sk_ASN1_INTEGER_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_INTEGER, (st), (ptr)) #define sk_ASN1_INTEGER_insert(st, val, i) SKM_sk_insert(ASN1_INTEGER, (st), (val), (i)) @@ -270,7 +255,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_ASN1_OBJECT_push(st, val) SKM_sk_push(ASN1_OBJECT, (st), (val)) #define sk_ASN1_OBJECT_unshift(st, val) SKM_sk_unshift(ASN1_OBJECT, (st), (val)) #define sk_ASN1_OBJECT_find(st, val) SKM_sk_find(ASN1_OBJECT, (st), (val)) -#define sk_ASN1_OBJECT_find_ex(st, val) SKM_sk_find_ex(ASN1_OBJECT, (st), (val)) #define sk_ASN1_OBJECT_delete(st, i) SKM_sk_delete(ASN1_OBJECT, (st), (i)) #define sk_ASN1_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_OBJECT, (st), (ptr)) #define sk_ASN1_OBJECT_insert(st, val, i) SKM_sk_insert(ASN1_OBJECT, (st), (val), (i)) @@ -282,28 +266,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_ASN1_OBJECT_sort(st) SKM_sk_sort(ASN1_OBJECT, (st)) #define sk_ASN1_OBJECT_is_sorted(st) SKM_sk_is_sorted(ASN1_OBJECT, (st)) -#define sk_ASN1_STRING_TABLE_new(cmp) SKM_sk_new(ASN1_STRING_TABLE, (cmp)) -#define sk_ASN1_STRING_TABLE_new_null() SKM_sk_new_null(ASN1_STRING_TABLE) -#define sk_ASN1_STRING_TABLE_free(st) SKM_sk_free(ASN1_STRING_TABLE, (st)) -#define sk_ASN1_STRING_TABLE_num(st) SKM_sk_num(ASN1_STRING_TABLE, (st)) -#define sk_ASN1_STRING_TABLE_value(st, i) SKM_sk_value(ASN1_STRING_TABLE, (st), (i)) -#define sk_ASN1_STRING_TABLE_set(st, i, val) SKM_sk_set(ASN1_STRING_TABLE, (st), (i), (val)) -#define sk_ASN1_STRING_TABLE_zero(st) SKM_sk_zero(ASN1_STRING_TABLE, (st)) -#define sk_ASN1_STRING_TABLE_push(st, val) SKM_sk_push(ASN1_STRING_TABLE, (st), (val)) -#define sk_ASN1_STRING_TABLE_unshift(st, val) SKM_sk_unshift(ASN1_STRING_TABLE, (st), (val)) -#define sk_ASN1_STRING_TABLE_find(st, val) SKM_sk_find(ASN1_STRING_TABLE, (st), (val)) -#define sk_ASN1_STRING_TABLE_find_ex(st, val) SKM_sk_find_ex(ASN1_STRING_TABLE, (st), (val)) -#define sk_ASN1_STRING_TABLE_delete(st, i) SKM_sk_delete(ASN1_STRING_TABLE, (st), (i)) -#define sk_ASN1_STRING_TABLE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_STRING_TABLE, (st), (ptr)) -#define sk_ASN1_STRING_TABLE_insert(st, val, i) SKM_sk_insert(ASN1_STRING_TABLE, (st), (val), (i)) -#define sk_ASN1_STRING_TABLE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_STRING_TABLE, (st), (cmp)) -#define sk_ASN1_STRING_TABLE_dup(st) SKM_sk_dup(ASN1_STRING_TABLE, st) -#define sk_ASN1_STRING_TABLE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_STRING_TABLE, (st), (free_func)) -#define sk_ASN1_STRING_TABLE_shift(st) SKM_sk_shift(ASN1_STRING_TABLE, (st)) -#define sk_ASN1_STRING_TABLE_pop(st) SKM_sk_pop(ASN1_STRING_TABLE, (st)) -#define sk_ASN1_STRING_TABLE_sort(st) SKM_sk_sort(ASN1_STRING_TABLE, (st)) -#define sk_ASN1_STRING_TABLE_is_sorted(st) SKM_sk_is_sorted(ASN1_STRING_TABLE, (st)) - #define sk_ASN1_TYPE_new(cmp) SKM_sk_new(ASN1_TYPE, (cmp)) #define sk_ASN1_TYPE_new_null() SKM_sk_new_null(ASN1_TYPE) #define sk_ASN1_TYPE_free(st) SKM_sk_free(ASN1_TYPE, (st)) @@ -314,7 +276,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_ASN1_TYPE_push(st, val) SKM_sk_push(ASN1_TYPE, (st), (val)) #define sk_ASN1_TYPE_unshift(st, val) SKM_sk_unshift(ASN1_TYPE, (st), (val)) #define sk_ASN1_TYPE_find(st, val) SKM_sk_find(ASN1_TYPE, (st), (val)) -#define sk_ASN1_TYPE_find_ex(st, val) SKM_sk_find_ex(ASN1_TYPE, (st), (val)) #define sk_ASN1_TYPE_delete(st, i) SKM_sk_delete(ASN1_TYPE, (st), (i)) #define sk_ASN1_TYPE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_TYPE, (st), (ptr)) #define sk_ASN1_TYPE_insert(st, val, i) SKM_sk_insert(ASN1_TYPE, (st), (val), (i)) @@ -336,7 +297,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_ASN1_UTF8STRING_push(st, val) SKM_sk_push(ASN1_UTF8STRING, (st), (val)) #define sk_ASN1_UTF8STRING_unshift(st, val) SKM_sk_unshift(ASN1_UTF8STRING, (st), (val)) #define sk_ASN1_UTF8STRING_find(st, val) SKM_sk_find(ASN1_UTF8STRING, (st), (val)) -#define sk_ASN1_UTF8STRING_find_ex(st, val) SKM_sk_find_ex(ASN1_UTF8STRING, (st), (val)) #define sk_ASN1_UTF8STRING_delete(st, i) SKM_sk_delete(ASN1_UTF8STRING, (st), (i)) #define sk_ASN1_UTF8STRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_UTF8STRING, (st), (ptr)) #define sk_ASN1_UTF8STRING_insert(st, val, i) SKM_sk_insert(ASN1_UTF8STRING, (st), (val), (i)) @@ -358,7 +318,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_ASN1_VALUE_push(st, val) SKM_sk_push(ASN1_VALUE, (st), (val)) #define sk_ASN1_VALUE_unshift(st, val) SKM_sk_unshift(ASN1_VALUE, (st), (val)) #define sk_ASN1_VALUE_find(st, val) SKM_sk_find(ASN1_VALUE, (st), (val)) -#define sk_ASN1_VALUE_find_ex(st, val) SKM_sk_find_ex(ASN1_VALUE, (st), (val)) #define sk_ASN1_VALUE_delete(st, i) SKM_sk_delete(ASN1_VALUE, (st), (i)) #define sk_ASN1_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_VALUE, (st), (ptr)) #define sk_ASN1_VALUE_insert(st, val, i) SKM_sk_insert(ASN1_VALUE, (st), (val), (i)) @@ -380,7 +339,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_BIO_push(st, val) SKM_sk_push(BIO, (st), (val)) #define sk_BIO_unshift(st, val) SKM_sk_unshift(BIO, (st), (val)) #define sk_BIO_find(st, val) SKM_sk_find(BIO, (st), (val)) -#define sk_BIO_find_ex(st, val) SKM_sk_find_ex(BIO, (st), (val)) #define sk_BIO_delete(st, i) SKM_sk_delete(BIO, (st), (i)) #define sk_BIO_delete_ptr(st, ptr) SKM_sk_delete_ptr(BIO, (st), (ptr)) #define sk_BIO_insert(st, val, i) SKM_sk_insert(BIO, (st), (val), (i)) @@ -402,7 +360,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_BY_DIR_ENTRY_push(st, val) SKM_sk_push(BY_DIR_ENTRY, (st), (val)) #define sk_BY_DIR_ENTRY_unshift(st, val) SKM_sk_unshift(BY_DIR_ENTRY, (st), (val)) #define sk_BY_DIR_ENTRY_find(st, val) SKM_sk_find(BY_DIR_ENTRY, (st), (val)) -#define sk_BY_DIR_ENTRY_find_ex(st, val) SKM_sk_find_ex(BY_DIR_ENTRY, (st), (val)) #define sk_BY_DIR_ENTRY_delete(st, i) SKM_sk_delete(BY_DIR_ENTRY, (st), (i)) #define sk_BY_DIR_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(BY_DIR_ENTRY, (st), (ptr)) #define sk_BY_DIR_ENTRY_insert(st, val, i) SKM_sk_insert(BY_DIR_ENTRY, (st), (val), (i)) @@ -424,7 +381,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_BY_DIR_HASH_push(st, val) SKM_sk_push(BY_DIR_HASH, (st), (val)) #define sk_BY_DIR_HASH_unshift(st, val) SKM_sk_unshift(BY_DIR_HASH, (st), (val)) #define sk_BY_DIR_HASH_find(st, val) SKM_sk_find(BY_DIR_HASH, (st), (val)) -#define sk_BY_DIR_HASH_find_ex(st, val) SKM_sk_find_ex(BY_DIR_HASH, (st), (val)) #define sk_BY_DIR_HASH_delete(st, i) SKM_sk_delete(BY_DIR_HASH, (st), (i)) #define sk_BY_DIR_HASH_delete_ptr(st, ptr) SKM_sk_delete_ptr(BY_DIR_HASH, (st), (ptr)) #define sk_BY_DIR_HASH_insert(st, val, i) SKM_sk_insert(BY_DIR_HASH, (st), (val), (i)) @@ -446,7 +402,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_CMS_CertificateChoices_push(st, val) SKM_sk_push(CMS_CertificateChoices, (st), (val)) #define sk_CMS_CertificateChoices_unshift(st, val) SKM_sk_unshift(CMS_CertificateChoices, (st), (val)) #define sk_CMS_CertificateChoices_find(st, val) SKM_sk_find(CMS_CertificateChoices, (st), (val)) -#define sk_CMS_CertificateChoices_find_ex(st, val) SKM_sk_find_ex(CMS_CertificateChoices, (st), (val)) #define sk_CMS_CertificateChoices_delete(st, i) SKM_sk_delete(CMS_CertificateChoices, (st), (i)) #define sk_CMS_CertificateChoices_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_CertificateChoices, (st), (ptr)) #define sk_CMS_CertificateChoices_insert(st, val, i) SKM_sk_insert(CMS_CertificateChoices, (st), (val), (i)) @@ -468,7 +423,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_CMS_RecipientEncryptedKey_push(st, val) SKM_sk_push(CMS_RecipientEncryptedKey, (st), (val)) #define sk_CMS_RecipientEncryptedKey_unshift(st, val) SKM_sk_unshift(CMS_RecipientEncryptedKey, (st), (val)) #define sk_CMS_RecipientEncryptedKey_find(st, val) SKM_sk_find(CMS_RecipientEncryptedKey, (st), (val)) -#define sk_CMS_RecipientEncryptedKey_find_ex(st, val) SKM_sk_find_ex(CMS_RecipientEncryptedKey, (st), (val)) #define sk_CMS_RecipientEncryptedKey_delete(st, i) SKM_sk_delete(CMS_RecipientEncryptedKey, (st), (i)) #define sk_CMS_RecipientEncryptedKey_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RecipientEncryptedKey, (st), (ptr)) #define sk_CMS_RecipientEncryptedKey_insert(st, val, i) SKM_sk_insert(CMS_RecipientEncryptedKey, (st), (val), (i)) @@ -490,7 +444,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_CMS_RecipientInfo_push(st, val) SKM_sk_push(CMS_RecipientInfo, (st), (val)) #define sk_CMS_RecipientInfo_unshift(st, val) SKM_sk_unshift(CMS_RecipientInfo, (st), (val)) #define sk_CMS_RecipientInfo_find(st, val) SKM_sk_find(CMS_RecipientInfo, (st), (val)) -#define sk_CMS_RecipientInfo_find_ex(st, val) SKM_sk_find_ex(CMS_RecipientInfo, (st), (val)) #define sk_CMS_RecipientInfo_delete(st, i) SKM_sk_delete(CMS_RecipientInfo, (st), (i)) #define sk_CMS_RecipientInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RecipientInfo, (st), (ptr)) #define sk_CMS_RecipientInfo_insert(st, val, i) SKM_sk_insert(CMS_RecipientInfo, (st), (val), (i)) @@ -512,7 +465,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_CMS_RevocationInfoChoice_push(st, val) SKM_sk_push(CMS_RevocationInfoChoice, (st), (val)) #define sk_CMS_RevocationInfoChoice_unshift(st, val) SKM_sk_unshift(CMS_RevocationInfoChoice, (st), (val)) #define sk_CMS_RevocationInfoChoice_find(st, val) SKM_sk_find(CMS_RevocationInfoChoice, (st), (val)) -#define sk_CMS_RevocationInfoChoice_find_ex(st, val) SKM_sk_find_ex(CMS_RevocationInfoChoice, (st), (val)) #define sk_CMS_RevocationInfoChoice_delete(st, i) SKM_sk_delete(CMS_RevocationInfoChoice, (st), (i)) #define sk_CMS_RevocationInfoChoice_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RevocationInfoChoice, (st), (ptr)) #define sk_CMS_RevocationInfoChoice_insert(st, val, i) SKM_sk_insert(CMS_RevocationInfoChoice, (st), (val), (i)) @@ -534,7 +486,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_CMS_SignerInfo_push(st, val) SKM_sk_push(CMS_SignerInfo, (st), (val)) #define sk_CMS_SignerInfo_unshift(st, val) SKM_sk_unshift(CMS_SignerInfo, (st), (val)) #define sk_CMS_SignerInfo_find(st, val) SKM_sk_find(CMS_SignerInfo, (st), (val)) -#define sk_CMS_SignerInfo_find_ex(st, val) SKM_sk_find_ex(CMS_SignerInfo, (st), (val)) #define sk_CMS_SignerInfo_delete(st, i) SKM_sk_delete(CMS_SignerInfo, (st), (i)) #define sk_CMS_SignerInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_SignerInfo, (st), (ptr)) #define sk_CMS_SignerInfo_insert(st, val, i) SKM_sk_insert(CMS_SignerInfo, (st), (val), (i)) @@ -556,7 +507,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_CONF_IMODULE_push(st, val) SKM_sk_push(CONF_IMODULE, (st), (val)) #define sk_CONF_IMODULE_unshift(st, val) SKM_sk_unshift(CONF_IMODULE, (st), (val)) #define sk_CONF_IMODULE_find(st, val) SKM_sk_find(CONF_IMODULE, (st), (val)) -#define sk_CONF_IMODULE_find_ex(st, val) SKM_sk_find_ex(CONF_IMODULE, (st), (val)) #define sk_CONF_IMODULE_delete(st, i) SKM_sk_delete(CONF_IMODULE, (st), (i)) #define sk_CONF_IMODULE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_IMODULE, (st), (ptr)) #define sk_CONF_IMODULE_insert(st, val, i) SKM_sk_insert(CONF_IMODULE, (st), (val), (i)) @@ -578,7 +528,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_CONF_MODULE_push(st, val) SKM_sk_push(CONF_MODULE, (st), (val)) #define sk_CONF_MODULE_unshift(st, val) SKM_sk_unshift(CONF_MODULE, (st), (val)) #define sk_CONF_MODULE_find(st, val) SKM_sk_find(CONF_MODULE, (st), (val)) -#define sk_CONF_MODULE_find_ex(st, val) SKM_sk_find_ex(CONF_MODULE, (st), (val)) #define sk_CONF_MODULE_delete(st, i) SKM_sk_delete(CONF_MODULE, (st), (i)) #define sk_CONF_MODULE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_MODULE, (st), (ptr)) #define sk_CONF_MODULE_insert(st, val, i) SKM_sk_insert(CONF_MODULE, (st), (val), (i)) @@ -600,7 +549,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_CONF_VALUE_push(st, val) SKM_sk_push(CONF_VALUE, (st), (val)) #define sk_CONF_VALUE_unshift(st, val) SKM_sk_unshift(CONF_VALUE, (st), (val)) #define sk_CONF_VALUE_find(st, val) SKM_sk_find(CONF_VALUE, (st), (val)) -#define sk_CONF_VALUE_find_ex(st, val) SKM_sk_find_ex(CONF_VALUE, (st), (val)) #define sk_CONF_VALUE_delete(st, i) SKM_sk_delete(CONF_VALUE, (st), (i)) #define sk_CONF_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_VALUE, (st), (ptr)) #define sk_CONF_VALUE_insert(st, val, i) SKM_sk_insert(CONF_VALUE, (st), (val), (i)) @@ -622,7 +570,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_CRYPTO_dynlock_push(st, val) SKM_sk_push(CRYPTO_dynlock, (st), (val)) #define sk_CRYPTO_dynlock_unshift(st, val) SKM_sk_unshift(CRYPTO_dynlock, (st), (val)) #define sk_CRYPTO_dynlock_find(st, val) SKM_sk_find(CRYPTO_dynlock, (st), (val)) -#define sk_CRYPTO_dynlock_find_ex(st, val) SKM_sk_find_ex(CRYPTO_dynlock, (st), (val)) #define sk_CRYPTO_dynlock_delete(st, i) SKM_sk_delete(CRYPTO_dynlock, (st), (i)) #define sk_CRYPTO_dynlock_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_dynlock, (st), (ptr)) #define sk_CRYPTO_dynlock_insert(st, val, i) SKM_sk_insert(CRYPTO_dynlock, (st), (val), (i)) @@ -644,7 +591,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_CTLOG_push(st, val) SKM_sk_push(CTLOG, (st), (val)) #define sk_CTLOG_unshift(st, val) SKM_sk_unshift(CTLOG, (st), (val)) #define sk_CTLOG_find(st, val) SKM_sk_find(CTLOG, (st), (val)) -#define sk_CTLOG_find_ex(st, val) SKM_sk_find_ex(CTLOG, (st), (val)) #define sk_CTLOG_delete(st, i) SKM_sk_delete(CTLOG, (st), (i)) #define sk_CTLOG_delete_ptr(st, ptr) SKM_sk_delete_ptr(CTLOG, (st), (ptr)) #define sk_CTLOG_insert(st, val, i) SKM_sk_insert(CTLOG, (st), (val), (i)) @@ -666,7 +612,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_DIST_POINT_push(st, val) SKM_sk_push(DIST_POINT, (st), (val)) #define sk_DIST_POINT_unshift(st, val) SKM_sk_unshift(DIST_POINT, (st), (val)) #define sk_DIST_POINT_find(st, val) SKM_sk_find(DIST_POINT, (st), (val)) -#define sk_DIST_POINT_find_ex(st, val) SKM_sk_find_ex(DIST_POINT, (st), (val)) #define sk_DIST_POINT_delete(st, i) SKM_sk_delete(DIST_POINT, (st), (i)) #define sk_DIST_POINT_delete_ptr(st, ptr) SKM_sk_delete_ptr(DIST_POINT, (st), (ptr)) #define sk_DIST_POINT_insert(st, val, i) SKM_sk_insert(DIST_POINT, (st), (val), (i)) @@ -688,7 +633,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_ESS_CERT_ID_push(st, val) SKM_sk_push(ESS_CERT_ID, (st), (val)) #define sk_ESS_CERT_ID_unshift(st, val) SKM_sk_unshift(ESS_CERT_ID, (st), (val)) #define sk_ESS_CERT_ID_find(st, val) SKM_sk_find(ESS_CERT_ID, (st), (val)) -#define sk_ESS_CERT_ID_find_ex(st, val) SKM_sk_find_ex(ESS_CERT_ID, (st), (val)) #define sk_ESS_CERT_ID_delete(st, i) SKM_sk_delete(ESS_CERT_ID, (st), (i)) #define sk_ESS_CERT_ID_delete_ptr(st, ptr) SKM_sk_delete_ptr(ESS_CERT_ID, (st), (ptr)) #define sk_ESS_CERT_ID_insert(st, val, i) SKM_sk_insert(ESS_CERT_ID, (st), (val), (i)) @@ -711,7 +655,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_ESS_CERT_ID_V2_push(st, val) SKM_sk_push(ESS_CERT_ID_V2, (st), (val)) #define sk_ESS_CERT_ID_V2_unshift(st, val) SKM_sk_unshift(ESS_CERT_ID_V2, (st), (val)) #define sk_ESS_CERT_ID_V2_find(st, val) SKM_sk_find(ESS_CERT_ID_V2, (st), (val)) -#define sk_ESS_CERT_ID_V2_find_ex(st, val) SKM_sk_find_ex(ESS_CERT_ID_V2, (st), (val)) #define sk_ESS_CERT_ID_V2_delete(st, i) SKM_sk_delete(ESS_CERT_ID_V2, (st), (i)) #define sk_ESS_CERT_ID_V2_delete_ptr(st, ptr) SKM_sk_delete_ptr(ESS_CERT_ID_V2, (st), (ptr)) #define sk_ESS_CERT_ID_V2_insert(st, val, i) SKM_sk_insert(ESS_CERT_ID_V2, (st), (val), (i)) @@ -734,7 +677,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_EVP_MD_push(st, val) SKM_sk_push(EVP_MD, (st), (val)) #define sk_EVP_MD_unshift(st, val) SKM_sk_unshift(EVP_MD, (st), (val)) #define sk_EVP_MD_find(st, val) SKM_sk_find(EVP_MD, (st), (val)) -#define sk_EVP_MD_find_ex(st, val) SKM_sk_find_ex(EVP_MD, (st), (val)) #define sk_EVP_MD_delete(st, i) SKM_sk_delete(EVP_MD, (st), (i)) #define sk_EVP_MD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_MD, (st), (ptr)) #define sk_EVP_MD_insert(st, val, i) SKM_sk_insert(EVP_MD, (st), (val), (i)) @@ -746,28 +688,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_EVP_MD_sort(st) SKM_sk_sort(EVP_MD, (st)) #define sk_EVP_MD_is_sorted(st) SKM_sk_is_sorted(EVP_MD, (st)) -#define sk_EVP_PBE_CTL_new(cmp) SKM_sk_new(EVP_PBE_CTL, (cmp)) -#define sk_EVP_PBE_CTL_new_null() SKM_sk_new_null(EVP_PBE_CTL) -#define sk_EVP_PBE_CTL_free(st) SKM_sk_free(EVP_PBE_CTL, (st)) -#define sk_EVP_PBE_CTL_num(st) SKM_sk_num(EVP_PBE_CTL, (st)) -#define sk_EVP_PBE_CTL_value(st, i) SKM_sk_value(EVP_PBE_CTL, (st), (i)) -#define sk_EVP_PBE_CTL_set(st, i, val) SKM_sk_set(EVP_PBE_CTL, (st), (i), (val)) -#define sk_EVP_PBE_CTL_zero(st) SKM_sk_zero(EVP_PBE_CTL, (st)) -#define sk_EVP_PBE_CTL_push(st, val) SKM_sk_push(EVP_PBE_CTL, (st), (val)) -#define sk_EVP_PBE_CTL_unshift(st, val) SKM_sk_unshift(EVP_PBE_CTL, (st), (val)) -#define sk_EVP_PBE_CTL_find(st, val) SKM_sk_find(EVP_PBE_CTL, (st), (val)) -#define sk_EVP_PBE_CTL_find_ex(st, val) SKM_sk_find_ex(EVP_PBE_CTL, (st), (val)) -#define sk_EVP_PBE_CTL_delete(st, i) SKM_sk_delete(EVP_PBE_CTL, (st), (i)) -#define sk_EVP_PBE_CTL_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PBE_CTL, (st), (ptr)) -#define sk_EVP_PBE_CTL_insert(st, val, i) SKM_sk_insert(EVP_PBE_CTL, (st), (val), (i)) -#define sk_EVP_PBE_CTL_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PBE_CTL, (st), (cmp)) -#define sk_EVP_PBE_CTL_dup(st) SKM_sk_dup(EVP_PBE_CTL, st) -#define sk_EVP_PBE_CTL_pop_free(st, free_func) SKM_sk_pop_free(EVP_PBE_CTL, (st), (free_func)) -#define sk_EVP_PBE_CTL_shift(st) SKM_sk_shift(EVP_PBE_CTL, (st)) -#define sk_EVP_PBE_CTL_pop(st) SKM_sk_pop(EVP_PBE_CTL, (st)) -#define sk_EVP_PBE_CTL_sort(st) SKM_sk_sort(EVP_PBE_CTL, (st)) -#define sk_EVP_PBE_CTL_is_sorted(st) SKM_sk_is_sorted(EVP_PBE_CTL, (st)) - #define sk_EVP_PKEY_ASN1_METHOD_new(cmp) SKM_sk_new(EVP_PKEY_ASN1_METHOD, (cmp)) #define sk_EVP_PKEY_ASN1_METHOD_new_null() SKM_sk_new_null(EVP_PKEY_ASN1_METHOD) #define sk_EVP_PKEY_ASN1_METHOD_free(st) SKM_sk_free(EVP_PKEY_ASN1_METHOD, (st)) @@ -778,7 +698,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_EVP_PKEY_ASN1_METHOD_push(st, val) SKM_sk_push(EVP_PKEY_ASN1_METHOD, (st), (val)) #define sk_EVP_PKEY_ASN1_METHOD_unshift(st, val) SKM_sk_unshift(EVP_PKEY_ASN1_METHOD, (st), (val)) #define sk_EVP_PKEY_ASN1_METHOD_find(st, val) SKM_sk_find(EVP_PKEY_ASN1_METHOD, (st), (val)) -#define sk_EVP_PKEY_ASN1_METHOD_find_ex(st, val) SKM_sk_find_ex(EVP_PKEY_ASN1_METHOD, (st), (val)) #define sk_EVP_PKEY_ASN1_METHOD_delete(st, i) SKM_sk_delete(EVP_PKEY_ASN1_METHOD, (st), (i)) #define sk_EVP_PKEY_ASN1_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PKEY_ASN1_METHOD, (st), (ptr)) #define sk_EVP_PKEY_ASN1_METHOD_insert(st, val, i) SKM_sk_insert(EVP_PKEY_ASN1_METHOD, (st), (val), (i)) @@ -800,7 +719,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_EVP_PKEY_METHOD_push(st, val) SKM_sk_push(EVP_PKEY_METHOD, (st), (val)) #define sk_EVP_PKEY_METHOD_unshift(st, val) SKM_sk_unshift(EVP_PKEY_METHOD, (st), (val)) #define sk_EVP_PKEY_METHOD_find(st, val) SKM_sk_find(EVP_PKEY_METHOD, (st), (val)) -#define sk_EVP_PKEY_METHOD_find_ex(st, val) SKM_sk_find_ex(EVP_PKEY_METHOD, (st), (val)) #define sk_EVP_PKEY_METHOD_delete(st, i) SKM_sk_delete(EVP_PKEY_METHOD, (st), (i)) #define sk_EVP_PKEY_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PKEY_METHOD, (st), (ptr)) #define sk_EVP_PKEY_METHOD_insert(st, val, i) SKM_sk_insert(EVP_PKEY_METHOD, (st), (val), (i)) @@ -822,7 +740,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_GENERAL_NAME_push(st, val) SKM_sk_push(GENERAL_NAME, (st), (val)) #define sk_GENERAL_NAME_unshift(st, val) SKM_sk_unshift(GENERAL_NAME, (st), (val)) #define sk_GENERAL_NAME_find(st, val) SKM_sk_find(GENERAL_NAME, (st), (val)) -#define sk_GENERAL_NAME_find_ex(st, val) SKM_sk_find_ex(GENERAL_NAME, (st), (val)) #define sk_GENERAL_NAME_delete(st, i) SKM_sk_delete(GENERAL_NAME, (st), (i)) #define sk_GENERAL_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAME, (st), (ptr)) #define sk_GENERAL_NAME_insert(st, val, i) SKM_sk_insert(GENERAL_NAME, (st), (val), (i)) @@ -844,7 +761,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_GENERAL_NAMES_push(st, val) SKM_sk_push(GENERAL_NAMES, (st), (val)) #define sk_GENERAL_NAMES_unshift(st, val) SKM_sk_unshift(GENERAL_NAMES, (st), (val)) #define sk_GENERAL_NAMES_find(st, val) SKM_sk_find(GENERAL_NAMES, (st), (val)) -#define sk_GENERAL_NAMES_find_ex(st, val) SKM_sk_find_ex(GENERAL_NAMES, (st), (val)) #define sk_GENERAL_NAMES_delete(st, i) SKM_sk_delete(GENERAL_NAMES, (st), (i)) #define sk_GENERAL_NAMES_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAMES, (st), (ptr)) #define sk_GENERAL_NAMES_insert(st, val, i) SKM_sk_insert(GENERAL_NAMES, (st), (val), (i)) @@ -866,7 +782,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_GENERAL_SUBTREE_push(st, val) SKM_sk_push(GENERAL_SUBTREE, (st), (val)) #define sk_GENERAL_SUBTREE_unshift(st, val) SKM_sk_unshift(GENERAL_SUBTREE, (st), (val)) #define sk_GENERAL_SUBTREE_find(st, val) SKM_sk_find(GENERAL_SUBTREE, (st), (val)) -#define sk_GENERAL_SUBTREE_find_ex(st, val) SKM_sk_find_ex(GENERAL_SUBTREE, (st), (val)) #define sk_GENERAL_SUBTREE_delete(st, i) SKM_sk_delete(GENERAL_SUBTREE, (st), (i)) #define sk_GENERAL_SUBTREE_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_SUBTREE, (st), (ptr)) #define sk_GENERAL_SUBTREE_insert(st, val, i) SKM_sk_insert(GENERAL_SUBTREE, (st), (val), (i)) @@ -888,7 +803,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_IPAddressFamily_push(st, val) SKM_sk_push(IPAddressFamily, (st), (val)) #define sk_IPAddressFamily_unshift(st, val) SKM_sk_unshift(IPAddressFamily, (st), (val)) #define sk_IPAddressFamily_find(st, val) SKM_sk_find(IPAddressFamily, (st), (val)) -#define sk_IPAddressFamily_find_ex(st, val) SKM_sk_find_ex(IPAddressFamily, (st), (val)) #define sk_IPAddressFamily_delete(st, i) SKM_sk_delete(IPAddressFamily, (st), (i)) #define sk_IPAddressFamily_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressFamily, (st), (ptr)) #define sk_IPAddressFamily_insert(st, val, i) SKM_sk_insert(IPAddressFamily, (st), (val), (i)) @@ -910,7 +824,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_IPAddressOrRange_push(st, val) SKM_sk_push(IPAddressOrRange, (st), (val)) #define sk_IPAddressOrRange_unshift(st, val) SKM_sk_unshift(IPAddressOrRange, (st), (val)) #define sk_IPAddressOrRange_find(st, val) SKM_sk_find(IPAddressOrRange, (st), (val)) -#define sk_IPAddressOrRange_find_ex(st, val) SKM_sk_find_ex(IPAddressOrRange, (st), (val)) #define sk_IPAddressOrRange_delete(st, i) SKM_sk_delete(IPAddressOrRange, (st), (i)) #define sk_IPAddressOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressOrRange, (st), (ptr)) #define sk_IPAddressOrRange_insert(st, val, i) SKM_sk_insert(IPAddressOrRange, (st), (val), (i)) @@ -932,7 +845,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_MIME_HEADER_push(st, val) SKM_sk_push(MIME_HEADER, (st), (val)) #define sk_MIME_HEADER_unshift(st, val) SKM_sk_unshift(MIME_HEADER, (st), (val)) #define sk_MIME_HEADER_find(st, val) SKM_sk_find(MIME_HEADER, (st), (val)) -#define sk_MIME_HEADER_find_ex(st, val) SKM_sk_find_ex(MIME_HEADER, (st), (val)) #define sk_MIME_HEADER_delete(st, i) SKM_sk_delete(MIME_HEADER, (st), (i)) #define sk_MIME_HEADER_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_HEADER, (st), (ptr)) #define sk_MIME_HEADER_insert(st, val, i) SKM_sk_insert(MIME_HEADER, (st), (val), (i)) @@ -954,7 +866,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_MIME_PARAM_push(st, val) SKM_sk_push(MIME_PARAM, (st), (val)) #define sk_MIME_PARAM_unshift(st, val) SKM_sk_unshift(MIME_PARAM, (st), (val)) #define sk_MIME_PARAM_find(st, val) SKM_sk_find(MIME_PARAM, (st), (val)) -#define sk_MIME_PARAM_find_ex(st, val) SKM_sk_find_ex(MIME_PARAM, (st), (val)) #define sk_MIME_PARAM_delete(st, i) SKM_sk_delete(MIME_PARAM, (st), (i)) #define sk_MIME_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_PARAM, (st), (ptr)) #define sk_MIME_PARAM_insert(st, val, i) SKM_sk_insert(MIME_PARAM, (st), (val), (i)) @@ -976,7 +887,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_NAME_FUNCS_push(st, val) SKM_sk_push(NAME_FUNCS, (st), (val)) #define sk_NAME_FUNCS_unshift(st, val) SKM_sk_unshift(NAME_FUNCS, (st), (val)) #define sk_NAME_FUNCS_find(st, val) SKM_sk_find(NAME_FUNCS, (st), (val)) -#define sk_NAME_FUNCS_find_ex(st, val) SKM_sk_find_ex(NAME_FUNCS, (st), (val)) #define sk_NAME_FUNCS_delete(st, i) SKM_sk_delete(NAME_FUNCS, (st), (i)) #define sk_NAME_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(NAME_FUNCS, (st), (ptr)) #define sk_NAME_FUNCS_insert(st, val, i) SKM_sk_insert(NAME_FUNCS, (st), (val), (i)) @@ -998,7 +908,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_OCSP_CERTID_push(st, val) SKM_sk_push(OCSP_CERTID, (st), (val)) #define sk_OCSP_CERTID_unshift(st, val) SKM_sk_unshift(OCSP_CERTID, (st), (val)) #define sk_OCSP_CERTID_find(st, val) SKM_sk_find(OCSP_CERTID, (st), (val)) -#define sk_OCSP_CERTID_find_ex(st, val) SKM_sk_find_ex(OCSP_CERTID, (st), (val)) #define sk_OCSP_CERTID_delete(st, i) SKM_sk_delete(OCSP_CERTID, (st), (i)) #define sk_OCSP_CERTID_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_CERTID, (st), (ptr)) #define sk_OCSP_CERTID_insert(st, val, i) SKM_sk_insert(OCSP_CERTID, (st), (val), (i)) @@ -1020,7 +929,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_OCSP_ONEREQ_push(st, val) SKM_sk_push(OCSP_ONEREQ, (st), (val)) #define sk_OCSP_ONEREQ_unshift(st, val) SKM_sk_unshift(OCSP_ONEREQ, (st), (val)) #define sk_OCSP_ONEREQ_find(st, val) SKM_sk_find(OCSP_ONEREQ, (st), (val)) -#define sk_OCSP_ONEREQ_find_ex(st, val) SKM_sk_find_ex(OCSP_ONEREQ, (st), (val)) #define sk_OCSP_ONEREQ_delete(st, i) SKM_sk_delete(OCSP_ONEREQ, (st), (i)) #define sk_OCSP_ONEREQ_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_ONEREQ, (st), (ptr)) #define sk_OCSP_ONEREQ_insert(st, val, i) SKM_sk_insert(OCSP_ONEREQ, (st), (val), (i)) @@ -1042,7 +950,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_OCSP_RESPID_push(st, val) SKM_sk_push(OCSP_RESPID, (st), (val)) #define sk_OCSP_RESPID_unshift(st, val) SKM_sk_unshift(OCSP_RESPID, (st), (val)) #define sk_OCSP_RESPID_find(st, val) SKM_sk_find(OCSP_RESPID, (st), (val)) -#define sk_OCSP_RESPID_find_ex(st, val) SKM_sk_find_ex(OCSP_RESPID, (st), (val)) #define sk_OCSP_RESPID_delete(st, i) SKM_sk_delete(OCSP_RESPID, (st), (i)) #define sk_OCSP_RESPID_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_RESPID, (st), (ptr)) #define sk_OCSP_RESPID_insert(st, val, i) SKM_sk_insert(OCSP_RESPID, (st), (val), (i)) @@ -1064,7 +971,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_OCSP_SINGLERESP_push(st, val) SKM_sk_push(OCSP_SINGLERESP, (st), (val)) #define sk_OCSP_SINGLERESP_unshift(st, val) SKM_sk_unshift(OCSP_SINGLERESP, (st), (val)) #define sk_OCSP_SINGLERESP_find(st, val) SKM_sk_find(OCSP_SINGLERESP, (st), (val)) -#define sk_OCSP_SINGLERESP_find_ex(st, val) SKM_sk_find_ex(OCSP_SINGLERESP, (st), (val)) #define sk_OCSP_SINGLERESP_delete(st, i) SKM_sk_delete(OCSP_SINGLERESP, (st), (i)) #define sk_OCSP_SINGLERESP_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_SINGLERESP, (st), (ptr)) #define sk_OCSP_SINGLERESP_insert(st, val, i) SKM_sk_insert(OCSP_SINGLERESP, (st), (val), (i)) @@ -1086,7 +992,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_PKCS12_SAFEBAG_push(st, val) SKM_sk_push(PKCS12_SAFEBAG, (st), (val)) #define sk_PKCS12_SAFEBAG_unshift(st, val) SKM_sk_unshift(PKCS12_SAFEBAG, (st), (val)) #define sk_PKCS12_SAFEBAG_find(st, val) SKM_sk_find(PKCS12_SAFEBAG, (st), (val)) -#define sk_PKCS12_SAFEBAG_find_ex(st, val) SKM_sk_find_ex(PKCS12_SAFEBAG, (st), (val)) #define sk_PKCS12_SAFEBAG_delete(st, i) SKM_sk_delete(PKCS12_SAFEBAG, (st), (i)) #define sk_PKCS12_SAFEBAG_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS12_SAFEBAG, (st), (ptr)) #define sk_PKCS12_SAFEBAG_insert(st, val, i) SKM_sk_insert(PKCS12_SAFEBAG, (st), (val), (i)) @@ -1108,7 +1013,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_PKCS7_push(st, val) SKM_sk_push(PKCS7, (st), (val)) #define sk_PKCS7_unshift(st, val) SKM_sk_unshift(PKCS7, (st), (val)) #define sk_PKCS7_find(st, val) SKM_sk_find(PKCS7, (st), (val)) -#define sk_PKCS7_find_ex(st, val) SKM_sk_find_ex(PKCS7, (st), (val)) #define sk_PKCS7_delete(st, i) SKM_sk_delete(PKCS7, (st), (i)) #define sk_PKCS7_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7, (st), (ptr)) #define sk_PKCS7_insert(st, val, i) SKM_sk_insert(PKCS7, (st), (val), (i)) @@ -1130,7 +1034,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_PKCS7_RECIP_INFO_push(st, val) SKM_sk_push(PKCS7_RECIP_INFO, (st), (val)) #define sk_PKCS7_RECIP_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_RECIP_INFO, (st), (val)) #define sk_PKCS7_RECIP_INFO_find(st, val) SKM_sk_find(PKCS7_RECIP_INFO, (st), (val)) -#define sk_PKCS7_RECIP_INFO_find_ex(st, val) SKM_sk_find_ex(PKCS7_RECIP_INFO, (st), (val)) #define sk_PKCS7_RECIP_INFO_delete(st, i) SKM_sk_delete(PKCS7_RECIP_INFO, (st), (i)) #define sk_PKCS7_RECIP_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_RECIP_INFO, (st), (ptr)) #define sk_PKCS7_RECIP_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_RECIP_INFO, (st), (val), (i)) @@ -1152,7 +1055,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_PKCS7_SIGNER_INFO_push(st, val) SKM_sk_push(PKCS7_SIGNER_INFO, (st), (val)) #define sk_PKCS7_SIGNER_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_SIGNER_INFO, (st), (val)) #define sk_PKCS7_SIGNER_INFO_find(st, val) SKM_sk_find(PKCS7_SIGNER_INFO, (st), (val)) -#define sk_PKCS7_SIGNER_INFO_find_ex(st, val) SKM_sk_find_ex(PKCS7_SIGNER_INFO, (st), (val)) #define sk_PKCS7_SIGNER_INFO_delete(st, i) SKM_sk_delete(PKCS7_SIGNER_INFO, (st), (i)) #define sk_PKCS7_SIGNER_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_SIGNER_INFO, (st), (ptr)) #define sk_PKCS7_SIGNER_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_SIGNER_INFO, (st), (val), (i)) @@ -1174,7 +1076,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_POLICYINFO_push(st, val) SKM_sk_push(POLICYINFO, (st), (val)) #define sk_POLICYINFO_unshift(st, val) SKM_sk_unshift(POLICYINFO, (st), (val)) #define sk_POLICYINFO_find(st, val) SKM_sk_find(POLICYINFO, (st), (val)) -#define sk_POLICYINFO_find_ex(st, val) SKM_sk_find_ex(POLICYINFO, (st), (val)) #define sk_POLICYINFO_delete(st, i) SKM_sk_delete(POLICYINFO, (st), (i)) #define sk_POLICYINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYINFO, (st), (ptr)) #define sk_POLICYINFO_insert(st, val, i) SKM_sk_insert(POLICYINFO, (st), (val), (i)) @@ -1196,7 +1097,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_POLICYQUALINFO_push(st, val) SKM_sk_push(POLICYQUALINFO, (st), (val)) #define sk_POLICYQUALINFO_unshift(st, val) SKM_sk_unshift(POLICYQUALINFO, (st), (val)) #define sk_POLICYQUALINFO_find(st, val) SKM_sk_find(POLICYQUALINFO, (st), (val)) -#define sk_POLICYQUALINFO_find_ex(st, val) SKM_sk_find_ex(POLICYQUALINFO, (st), (val)) #define sk_POLICYQUALINFO_delete(st, i) SKM_sk_delete(POLICYQUALINFO, (st), (i)) #define sk_POLICYQUALINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYQUALINFO, (st), (ptr)) #define sk_POLICYQUALINFO_insert(st, val, i) SKM_sk_insert(POLICYQUALINFO, (st), (val), (i)) @@ -1218,7 +1118,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_POLICY_MAPPING_push(st, val) SKM_sk_push(POLICY_MAPPING, (st), (val)) #define sk_POLICY_MAPPING_unshift(st, val) SKM_sk_unshift(POLICY_MAPPING, (st), (val)) #define sk_POLICY_MAPPING_find(st, val) SKM_sk_find(POLICY_MAPPING, (st), (val)) -#define sk_POLICY_MAPPING_find_ex(st, val) SKM_sk_find_ex(POLICY_MAPPING, (st), (val)) #define sk_POLICY_MAPPING_delete(st, i) SKM_sk_delete(POLICY_MAPPING, (st), (i)) #define sk_POLICY_MAPPING_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICY_MAPPING, (st), (ptr)) #define sk_POLICY_MAPPING_insert(st, val, i) SKM_sk_insert(POLICY_MAPPING, (st), (val), (i)) @@ -1240,7 +1139,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_SCT_push(st, val) SKM_sk_push(SCT, (st), (val)) #define sk_SCT_unshift(st, val) SKM_sk_unshift(SCT, (st), (val)) #define sk_SCT_find(st, val) SKM_sk_find(SCT, (st), (val)) -#define sk_SCT_find_ex(st, val) SKM_sk_find_ex(SCT, (st), (val)) #define sk_SCT_delete(st, i) SKM_sk_delete(SCT, (st), (i)) #define sk_SCT_delete_ptr(st, ptr) SKM_sk_delete_ptr(SCT, (st), (ptr)) #define sk_SCT_insert(st, val, i) SKM_sk_insert(SCT, (st), (val), (i)) @@ -1262,7 +1160,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_SRTP_PROTECTION_PROFILE_push(st, val) SKM_sk_push(SRTP_PROTECTION_PROFILE, (st), (val)) #define sk_SRTP_PROTECTION_PROFILE_unshift(st, val) SKM_sk_unshift(SRTP_PROTECTION_PROFILE, (st), (val)) #define sk_SRTP_PROTECTION_PROFILE_find(st, val) SKM_sk_find(SRTP_PROTECTION_PROFILE, (st), (val)) -#define sk_SRTP_PROTECTION_PROFILE_find_ex(st, val) SKM_sk_find_ex(SRTP_PROTECTION_PROFILE, (st), (val)) #define sk_SRTP_PROTECTION_PROFILE_delete(st, i) SKM_sk_delete(SRTP_PROTECTION_PROFILE, (st), (i)) #define sk_SRTP_PROTECTION_PROFILE_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRTP_PROTECTION_PROFILE, (st), (ptr)) #define sk_SRTP_PROTECTION_PROFILE_insert(st, val, i) SKM_sk_insert(SRTP_PROTECTION_PROFILE, (st), (val), (i)) @@ -1284,7 +1181,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_SSL_CIPHER_push(st, val) SKM_sk_push(SSL_CIPHER, (st), (val)) #define sk_SSL_CIPHER_unshift(st, val) SKM_sk_unshift(SSL_CIPHER, (st), (val)) #define sk_SSL_CIPHER_find(st, val) SKM_sk_find(SSL_CIPHER, (st), (val)) -#define sk_SSL_CIPHER_find_ex(st, val) SKM_sk_find_ex(SSL_CIPHER, (st), (val)) #define sk_SSL_CIPHER_delete(st, i) SKM_sk_delete(SSL_CIPHER, (st), (i)) #define sk_SSL_CIPHER_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_CIPHER, (st), (ptr)) #define sk_SSL_CIPHER_insert(st, val, i) SKM_sk_insert(SSL_CIPHER, (st), (val), (i)) @@ -1306,7 +1202,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_SSL_COMP_push(st, val) SKM_sk_push(SSL_COMP, (st), (val)) #define sk_SSL_COMP_unshift(st, val) SKM_sk_unshift(SSL_COMP, (st), (val)) #define sk_SSL_COMP_find(st, val) SKM_sk_find(SSL_COMP, (st), (val)) -#define sk_SSL_COMP_find_ex(st, val) SKM_sk_find_ex(SSL_COMP, (st), (val)) #define sk_SSL_COMP_delete(st, i) SKM_sk_delete(SSL_COMP, (st), (i)) #define sk_SSL_COMP_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_COMP, (st), (ptr)) #define sk_SSL_COMP_insert(st, val, i) SKM_sk_insert(SSL_COMP, (st), (val), (i)) @@ -1328,7 +1223,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_STACK_OF_X509_NAME_ENTRY_push(st, val) SKM_sk_push(STACK_OF_X509_NAME_ENTRY, (st), (val)) #define sk_STACK_OF_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(STACK_OF_X509_NAME_ENTRY, (st), (val)) #define sk_STACK_OF_X509_NAME_ENTRY_find(st, val) SKM_sk_find(STACK_OF_X509_NAME_ENTRY, (st), (val)) -#define sk_STACK_OF_X509_NAME_ENTRY_find_ex(st, val) SKM_sk_find_ex(STACK_OF_X509_NAME_ENTRY, (st), (val)) #define sk_STACK_OF_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(STACK_OF_X509_NAME_ENTRY, (st), (i)) #define sk_STACK_OF_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(STACK_OF_X509_NAME_ENTRY, (st), (ptr)) #define sk_STACK_OF_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(STACK_OF_X509_NAME_ENTRY, (st), (val), (i)) @@ -1350,7 +1244,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_STORE_ATTR_INFO_push(st, val) SKM_sk_push(STORE_ATTR_INFO, (st), (val)) #define sk_STORE_ATTR_INFO_unshift(st, val) SKM_sk_unshift(STORE_ATTR_INFO, (st), (val)) #define sk_STORE_ATTR_INFO_find(st, val) SKM_sk_find(STORE_ATTR_INFO, (st), (val)) -#define sk_STORE_ATTR_INFO_find_ex(st, val) SKM_sk_find_ex(STORE_ATTR_INFO, (st), (val)) #define sk_STORE_ATTR_INFO_delete(st, i) SKM_sk_delete(STORE_ATTR_INFO, (st), (i)) #define sk_STORE_ATTR_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(STORE_ATTR_INFO, (st), (ptr)) #define sk_STORE_ATTR_INFO_insert(st, val, i) SKM_sk_insert(STORE_ATTR_INFO, (st), (val), (i)) @@ -1372,7 +1265,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_STORE_OBJECT_push(st, val) SKM_sk_push(STORE_OBJECT, (st), (val)) #define sk_STORE_OBJECT_unshift(st, val) SKM_sk_unshift(STORE_OBJECT, (st), (val)) #define sk_STORE_OBJECT_find(st, val) SKM_sk_find(STORE_OBJECT, (st), (val)) -#define sk_STORE_OBJECT_find_ex(st, val) SKM_sk_find_ex(STORE_OBJECT, (st), (val)) #define sk_STORE_OBJECT_delete(st, i) SKM_sk_delete(STORE_OBJECT, (st), (i)) #define sk_STORE_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(STORE_OBJECT, (st), (ptr)) #define sk_STORE_OBJECT_insert(st, val, i) SKM_sk_insert(STORE_OBJECT, (st), (val), (i)) @@ -1394,7 +1286,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_UI_STRING_push(st, val) SKM_sk_push(UI_STRING, (st), (val)) #define sk_UI_STRING_unshift(st, val) SKM_sk_unshift(UI_STRING, (st), (val)) #define sk_UI_STRING_find(st, val) SKM_sk_find(UI_STRING, (st), (val)) -#define sk_UI_STRING_find_ex(st, val) SKM_sk_find_ex(UI_STRING, (st), (val)) #define sk_UI_STRING_delete(st, i) SKM_sk_delete(UI_STRING, (st), (i)) #define sk_UI_STRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(UI_STRING, (st), (ptr)) #define sk_UI_STRING_insert(st, val, i) SKM_sk_insert(UI_STRING, (st), (val), (i)) @@ -1416,7 +1307,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_X509_push(st, val) SKM_sk_push(X509, (st), (val)) #define sk_X509_unshift(st, val) SKM_sk_unshift(X509, (st), (val)) #define sk_X509_find(st, val) SKM_sk_find(X509, (st), (val)) -#define sk_X509_find_ex(st, val) SKM_sk_find_ex(X509, (st), (val)) #define sk_X509_delete(st, i) SKM_sk_delete(X509, (st), (i)) #define sk_X509_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509, (st), (ptr)) #define sk_X509_insert(st, val, i) SKM_sk_insert(X509, (st), (val), (i)) @@ -1438,7 +1328,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_X509V3_EXT_METHOD_push(st, val) SKM_sk_push(X509V3_EXT_METHOD, (st), (val)) #define sk_X509V3_EXT_METHOD_unshift(st, val) SKM_sk_unshift(X509V3_EXT_METHOD, (st), (val)) #define sk_X509V3_EXT_METHOD_find(st, val) SKM_sk_find(X509V3_EXT_METHOD, (st), (val)) -#define sk_X509V3_EXT_METHOD_find_ex(st, val) SKM_sk_find_ex(X509V3_EXT_METHOD, (st), (val)) #define sk_X509V3_EXT_METHOD_delete(st, i) SKM_sk_delete(X509V3_EXT_METHOD, (st), (i)) #define sk_X509V3_EXT_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509V3_EXT_METHOD, (st), (ptr)) #define sk_X509V3_EXT_METHOD_insert(st, val, i) SKM_sk_insert(X509V3_EXT_METHOD, (st), (val), (i)) @@ -1460,7 +1349,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_X509_ALGOR_push(st, val) SKM_sk_push(X509_ALGOR, (st), (val)) #define sk_X509_ALGOR_unshift(st, val) SKM_sk_unshift(X509_ALGOR, (st), (val)) #define sk_X509_ALGOR_find(st, val) SKM_sk_find(X509_ALGOR, (st), (val)) -#define sk_X509_ALGOR_find_ex(st, val) SKM_sk_find_ex(X509_ALGOR, (st), (val)) #define sk_X509_ALGOR_delete(st, i) SKM_sk_delete(X509_ALGOR, (st), (i)) #define sk_X509_ALGOR_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ALGOR, (st), (ptr)) #define sk_X509_ALGOR_insert(st, val, i) SKM_sk_insert(X509_ALGOR, (st), (val), (i)) @@ -1482,7 +1370,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_X509_ATTRIBUTE_push(st, val) SKM_sk_push(X509_ATTRIBUTE, (st), (val)) #define sk_X509_ATTRIBUTE_unshift(st, val) SKM_sk_unshift(X509_ATTRIBUTE, (st), (val)) #define sk_X509_ATTRIBUTE_find(st, val) SKM_sk_find(X509_ATTRIBUTE, (st), (val)) -#define sk_X509_ATTRIBUTE_find_ex(st, val) SKM_sk_find_ex(X509_ATTRIBUTE, (st), (val)) #define sk_X509_ATTRIBUTE_delete(st, i) SKM_sk_delete(X509_ATTRIBUTE, (st), (i)) #define sk_X509_ATTRIBUTE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ATTRIBUTE, (st), (ptr)) #define sk_X509_ATTRIBUTE_insert(st, val, i) SKM_sk_insert(X509_ATTRIBUTE, (st), (val), (i)) @@ -1504,7 +1391,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_X509_CRL_push(st, val) SKM_sk_push(X509_CRL, (st), (val)) #define sk_X509_CRL_unshift(st, val) SKM_sk_unshift(X509_CRL, (st), (val)) #define sk_X509_CRL_find(st, val) SKM_sk_find(X509_CRL, (st), (val)) -#define sk_X509_CRL_find_ex(st, val) SKM_sk_find_ex(X509_CRL, (st), (val)) #define sk_X509_CRL_delete(st, i) SKM_sk_delete(X509_CRL, (st), (i)) #define sk_X509_CRL_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_CRL, (st), (ptr)) #define sk_X509_CRL_insert(st, val, i) SKM_sk_insert(X509_CRL, (st), (val), (i)) @@ -1526,7 +1412,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_X509_EXTENSION_push(st, val) SKM_sk_push(X509_EXTENSION, (st), (val)) #define sk_X509_EXTENSION_unshift(st, val) SKM_sk_unshift(X509_EXTENSION, (st), (val)) #define sk_X509_EXTENSION_find(st, val) SKM_sk_find(X509_EXTENSION, (st), (val)) -#define sk_X509_EXTENSION_find_ex(st, val) SKM_sk_find_ex(X509_EXTENSION, (st), (val)) #define sk_X509_EXTENSION_delete(st, i) SKM_sk_delete(X509_EXTENSION, (st), (i)) #define sk_X509_EXTENSION_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_EXTENSION, (st), (ptr)) #define sk_X509_EXTENSION_insert(st, val, i) SKM_sk_insert(X509_EXTENSION, (st), (val), (i)) @@ -1548,7 +1433,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_X509_INFO_push(st, val) SKM_sk_push(X509_INFO, (st), (val)) #define sk_X509_INFO_unshift(st, val) SKM_sk_unshift(X509_INFO, (st), (val)) #define sk_X509_INFO_find(st, val) SKM_sk_find(X509_INFO, (st), (val)) -#define sk_X509_INFO_find_ex(st, val) SKM_sk_find_ex(X509_INFO, (st), (val)) #define sk_X509_INFO_delete(st, i) SKM_sk_delete(X509_INFO, (st), (i)) #define sk_X509_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_INFO, (st), (ptr)) #define sk_X509_INFO_insert(st, val, i) SKM_sk_insert(X509_INFO, (st), (val), (i)) @@ -1570,7 +1454,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_X509_LOOKUP_push(st, val) SKM_sk_push(X509_LOOKUP, (st), (val)) #define sk_X509_LOOKUP_unshift(st, val) SKM_sk_unshift(X509_LOOKUP, (st), (val)) #define sk_X509_LOOKUP_find(st, val) SKM_sk_find(X509_LOOKUP, (st), (val)) -#define sk_X509_LOOKUP_find_ex(st, val) SKM_sk_find_ex(X509_LOOKUP, (st), (val)) #define sk_X509_LOOKUP_delete(st, i) SKM_sk_delete(X509_LOOKUP, (st), (i)) #define sk_X509_LOOKUP_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_LOOKUP, (st), (ptr)) #define sk_X509_LOOKUP_insert(st, val, i) SKM_sk_insert(X509_LOOKUP, (st), (val), (i)) @@ -1592,7 +1475,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_X509_NAME_push(st, val) SKM_sk_push(X509_NAME, (st), (val)) #define sk_X509_NAME_unshift(st, val) SKM_sk_unshift(X509_NAME, (st), (val)) #define sk_X509_NAME_find(st, val) SKM_sk_find(X509_NAME, (st), (val)) -#define sk_X509_NAME_find_ex(st, val) SKM_sk_find_ex(X509_NAME, (st), (val)) #define sk_X509_NAME_delete(st, i) SKM_sk_delete(X509_NAME, (st), (i)) #define sk_X509_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME, (st), (ptr)) #define sk_X509_NAME_insert(st, val, i) SKM_sk_insert(X509_NAME, (st), (val), (i)) @@ -1614,7 +1496,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_X509_NAME_ENTRY_push(st, val) SKM_sk_push(X509_NAME_ENTRY, (st), (val)) #define sk_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(X509_NAME_ENTRY, (st), (val)) #define sk_X509_NAME_ENTRY_find(st, val) SKM_sk_find(X509_NAME_ENTRY, (st), (val)) -#define sk_X509_NAME_ENTRY_find_ex(st, val) SKM_sk_find_ex(X509_NAME_ENTRY, (st), (val)) #define sk_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(X509_NAME_ENTRY, (st), (i)) #define sk_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME_ENTRY, (st), (ptr)) #define sk_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(X509_NAME_ENTRY, (st), (val), (i)) @@ -1636,7 +1517,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_X509_OBJECT_push(st, val) SKM_sk_push(X509_OBJECT, (st), (val)) #define sk_X509_OBJECT_unshift(st, val) SKM_sk_unshift(X509_OBJECT, (st), (val)) #define sk_X509_OBJECT_find(st, val) SKM_sk_find(X509_OBJECT, (st), (val)) -#define sk_X509_OBJECT_find_ex(st, val) SKM_sk_find_ex(X509_OBJECT, (st), (val)) #define sk_X509_OBJECT_delete(st, i) SKM_sk_delete(X509_OBJECT, (st), (i)) #define sk_X509_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_OBJECT, (st), (ptr)) #define sk_X509_OBJECT_insert(st, val, i) SKM_sk_insert(X509_OBJECT, (st), (val), (i)) @@ -1648,28 +1528,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_X509_OBJECT_sort(st) SKM_sk_sort(X509_OBJECT, (st)) #define sk_X509_OBJECT_is_sorted(st) SKM_sk_is_sorted(X509_OBJECT, (st)) -#define sk_X509_PURPOSE_new(cmp) SKM_sk_new(X509_PURPOSE, (cmp)) -#define sk_X509_PURPOSE_new_null() SKM_sk_new_null(X509_PURPOSE) -#define sk_X509_PURPOSE_free(st) SKM_sk_free(X509_PURPOSE, (st)) -#define sk_X509_PURPOSE_num(st) SKM_sk_num(X509_PURPOSE, (st)) -#define sk_X509_PURPOSE_value(st, i) SKM_sk_value(X509_PURPOSE, (st), (i)) -#define sk_X509_PURPOSE_set(st, i, val) SKM_sk_set(X509_PURPOSE, (st), (i), (val)) -#define sk_X509_PURPOSE_zero(st) SKM_sk_zero(X509_PURPOSE, (st)) -#define sk_X509_PURPOSE_push(st, val) SKM_sk_push(X509_PURPOSE, (st), (val)) -#define sk_X509_PURPOSE_unshift(st, val) SKM_sk_unshift(X509_PURPOSE, (st), (val)) -#define sk_X509_PURPOSE_find(st, val) SKM_sk_find(X509_PURPOSE, (st), (val)) -#define sk_X509_PURPOSE_find_ex(st, val) SKM_sk_find_ex(X509_PURPOSE, (st), (val)) -#define sk_X509_PURPOSE_delete(st, i) SKM_sk_delete(X509_PURPOSE, (st), (i)) -#define sk_X509_PURPOSE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_PURPOSE, (st), (ptr)) -#define sk_X509_PURPOSE_insert(st, val, i) SKM_sk_insert(X509_PURPOSE, (st), (val), (i)) -#define sk_X509_PURPOSE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_PURPOSE, (st), (cmp)) -#define sk_X509_PURPOSE_dup(st) SKM_sk_dup(X509_PURPOSE, st) -#define sk_X509_PURPOSE_pop_free(st, free_func) SKM_sk_pop_free(X509_PURPOSE, (st), (free_func)) -#define sk_X509_PURPOSE_shift(st) SKM_sk_shift(X509_PURPOSE, (st)) -#define sk_X509_PURPOSE_pop(st) SKM_sk_pop(X509_PURPOSE, (st)) -#define sk_X509_PURPOSE_sort(st) SKM_sk_sort(X509_PURPOSE, (st)) -#define sk_X509_PURPOSE_is_sorted(st) SKM_sk_is_sorted(X509_PURPOSE, (st)) - #define sk_X509_REVOKED_new(cmp) SKM_sk_new(X509_REVOKED, (cmp)) #define sk_X509_REVOKED_new_null() SKM_sk_new_null(X509_REVOKED) #define sk_X509_REVOKED_free(st) SKM_sk_free(X509_REVOKED, (st)) @@ -1680,7 +1538,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_X509_REVOKED_push(st, val) SKM_sk_push(X509_REVOKED, (st), (val)) #define sk_X509_REVOKED_unshift(st, val) SKM_sk_unshift(X509_REVOKED, (st), (val)) #define sk_X509_REVOKED_find(st, val) SKM_sk_find(X509_REVOKED, (st), (val)) -#define sk_X509_REVOKED_find_ex(st, val) SKM_sk_find_ex(X509_REVOKED, (st), (val)) #define sk_X509_REVOKED_delete(st, i) SKM_sk_delete(X509_REVOKED, (st), (i)) #define sk_X509_REVOKED_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_REVOKED, (st), (ptr)) #define sk_X509_REVOKED_insert(st, val, i) SKM_sk_insert(X509_REVOKED, (st), (val), (i)) @@ -1692,28 +1549,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_X509_REVOKED_sort(st) SKM_sk_sort(X509_REVOKED, (st)) #define sk_X509_REVOKED_is_sorted(st) SKM_sk_is_sorted(X509_REVOKED, (st)) -#define sk_X509_TRUST_new(cmp) SKM_sk_new(X509_TRUST, (cmp)) -#define sk_X509_TRUST_new_null() SKM_sk_new_null(X509_TRUST) -#define sk_X509_TRUST_free(st) SKM_sk_free(X509_TRUST, (st)) -#define sk_X509_TRUST_num(st) SKM_sk_num(X509_TRUST, (st)) -#define sk_X509_TRUST_value(st, i) SKM_sk_value(X509_TRUST, (st), (i)) -#define sk_X509_TRUST_set(st, i, val) SKM_sk_set(X509_TRUST, (st), (i), (val)) -#define sk_X509_TRUST_zero(st) SKM_sk_zero(X509_TRUST, (st)) -#define sk_X509_TRUST_push(st, val) SKM_sk_push(X509_TRUST, (st), (val)) -#define sk_X509_TRUST_unshift(st, val) SKM_sk_unshift(X509_TRUST, (st), (val)) -#define sk_X509_TRUST_find(st, val) SKM_sk_find(X509_TRUST, (st), (val)) -#define sk_X509_TRUST_find_ex(st, val) SKM_sk_find_ex(X509_TRUST, (st), (val)) -#define sk_X509_TRUST_delete(st, i) SKM_sk_delete(X509_TRUST, (st), (i)) -#define sk_X509_TRUST_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_TRUST, (st), (ptr)) -#define sk_X509_TRUST_insert(st, val, i) SKM_sk_insert(X509_TRUST, (st), (val), (i)) -#define sk_X509_TRUST_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_TRUST, (st), (cmp)) -#define sk_X509_TRUST_dup(st) SKM_sk_dup(X509_TRUST, st) -#define sk_X509_TRUST_pop_free(st, free_func) SKM_sk_pop_free(X509_TRUST, (st), (free_func)) -#define sk_X509_TRUST_shift(st) SKM_sk_shift(X509_TRUST, (st)) -#define sk_X509_TRUST_pop(st) SKM_sk_pop(X509_TRUST, (st)) -#define sk_X509_TRUST_sort(st) SKM_sk_sort(X509_TRUST, (st)) -#define sk_X509_TRUST_is_sorted(st) SKM_sk_is_sorted(X509_TRUST, (st)) - #define sk_X509_VERIFY_PARAM_new(cmp) SKM_sk_new(X509_VERIFY_PARAM, (cmp)) #define sk_X509_VERIFY_PARAM_new_null() SKM_sk_new_null(X509_VERIFY_PARAM) #define sk_X509_VERIFY_PARAM_free(st) SKM_sk_free(X509_VERIFY_PARAM, (st)) @@ -1724,7 +1559,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_X509_VERIFY_PARAM_push(st, val) SKM_sk_push(X509_VERIFY_PARAM, (st), (val)) #define sk_X509_VERIFY_PARAM_unshift(st, val) SKM_sk_unshift(X509_VERIFY_PARAM, (st), (val)) #define sk_X509_VERIFY_PARAM_find(st, val) SKM_sk_find(X509_VERIFY_PARAM, (st), (val)) -#define sk_X509_VERIFY_PARAM_find_ex(st, val) SKM_sk_find_ex(X509_VERIFY_PARAM, (st), (val)) #define sk_X509_VERIFY_PARAM_delete(st, i) SKM_sk_delete(X509_VERIFY_PARAM, (st), (i)) #define sk_X509_VERIFY_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_VERIFY_PARAM, (st), (ptr)) #define sk_X509_VERIFY_PARAM_insert(st, val, i) SKM_sk_insert(X509_VERIFY_PARAM, (st), (val), (i)) @@ -1746,7 +1580,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_void_push(st, val) SKM_sk_push(void, (st), (val)) #define sk_void_unshift(st, val) SKM_sk_unshift(void, (st), (val)) #define sk_void_find(st, val) SKM_sk_find(void, (st), (val)) -#define sk_void_find_ex(st, val) SKM_sk_find_ex(void, (st), (val)) #define sk_void_delete(st, i) SKM_sk_delete(void, (st), (i)) #define sk_void_delete_ptr(st, ptr) SKM_sk_delete_ptr(void, (st), (ptr)) #define sk_void_insert(st, val, i) SKM_sk_insert(void, (st), (val), (i)) @@ -1770,7 +1603,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_OPENSSL_STRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_STRING, st), i, CHECKED_PTR_OF(char, val)) #define sk_OPENSSL_STRING_zero(st) SKM_sk_zero(OPENSSL_STRING, (st)) #define sk_OPENSSL_STRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val)) -#define sk_OPENSSL_STRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_CONST_PTR_OF(char, val)) #define sk_OPENSSL_STRING_delete(st, i) SKM_sk_delete(OPENSSL_STRING, (st), (i)) #define sk_OPENSSL_STRING_delete_ptr(st, ptr) (OPENSSL_STRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, ptr)) #define sk_OPENSSL_STRING_set_cmp_func(st, cmp) \ @@ -1794,7 +1626,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) #define sk_OPENSSL_PSTRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i, CHECKED_PTR_OF(OPENSSL_STRING, val)) #define sk_OPENSSL_PSTRING_zero(st) SKM_sk_zero(OPENSSL_PSTRING, (st)) #define sk_OPENSSL_PSTRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val)) -#define sk_OPENSSL_PSTRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_CONST_PTR_OF(OPENSSL_STRING, val)) #define sk_OPENSSL_PSTRING_delete(st, i) SKM_sk_delete(OPENSSL_PSTRING, (st), (i)) #define sk_OPENSSL_PSTRING_delete_ptr(st, ptr) (OPENSSL_PSTRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, ptr)) #define sk_OPENSSL_PSTRING_set_cmp_func(st, cmp) \ @@ -1815,13 +1646,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) LHM_lh_doall_arg(ADDED_OBJ,lh,fn,arg_type,arg) #define lh_ADDED_OBJ_error(lh) LHM_lh_error(ADDED_OBJ,lh) #define lh_ADDED_OBJ_num_items(lh) LHM_lh_num_items(ADDED_OBJ,lh) -#define lh_ADDED_OBJ_down_load(lh) LHM_lh_down_load(ADDED_OBJ,lh) -#define lh_ADDED_OBJ_node_stats_bio(lh,out) \ - LHM_lh_node_stats_bio(ADDED_OBJ,lh,out) -#define lh_ADDED_OBJ_node_usage_stats_bio(lh,out) \ - LHM_lh_node_usage_stats_bio(ADDED_OBJ,lh,out) -#define lh_ADDED_OBJ_stats_bio(lh,out) \ - LHM_lh_stats_bio(ADDED_OBJ,lh,out) #define lh_ADDED_OBJ_free(lh) LHM_lh_free(ADDED_OBJ,lh) #define lh_CONF_VALUE_new() LHM_lh_new(CONF_VALUE,conf_value) @@ -1833,13 +1657,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) LHM_lh_doall_arg(CONF_VALUE,lh,fn,arg_type,arg) #define lh_CONF_VALUE_error(lh) LHM_lh_error(CONF_VALUE,lh) #define lh_CONF_VALUE_num_items(lh) LHM_lh_num_items(CONF_VALUE,lh) -#define lh_CONF_VALUE_down_load(lh) LHM_lh_down_load(CONF_VALUE,lh) -#define lh_CONF_VALUE_node_stats_bio(lh,out) \ - LHM_lh_node_stats_bio(CONF_VALUE,lh,out) -#define lh_CONF_VALUE_node_usage_stats_bio(lh,out) \ - LHM_lh_node_usage_stats_bio(CONF_VALUE,lh,out) -#define lh_CONF_VALUE_stats_bio(lh,out) \ - LHM_lh_stats_bio(CONF_VALUE,lh,out) #define lh_CONF_VALUE_free(lh) LHM_lh_free(CONF_VALUE,lh) #define lh_ERR_STATE_new() LHM_lh_new(ERR_STATE,err_state) @@ -1851,13 +1668,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) LHM_lh_doall_arg(ERR_STATE,lh,fn,arg_type,arg) #define lh_ERR_STATE_error(lh) LHM_lh_error(ERR_STATE,lh) #define lh_ERR_STATE_num_items(lh) LHM_lh_num_items(ERR_STATE,lh) -#define lh_ERR_STATE_down_load(lh) LHM_lh_down_load(ERR_STATE,lh) -#define lh_ERR_STATE_node_stats_bio(lh,out) \ - LHM_lh_node_stats_bio(ERR_STATE,lh,out) -#define lh_ERR_STATE_node_usage_stats_bio(lh,out) \ - LHM_lh_node_usage_stats_bio(ERR_STATE,lh,out) -#define lh_ERR_STATE_stats_bio(lh,out) \ - LHM_lh_stats_bio(ERR_STATE,lh,out) #define lh_ERR_STATE_free(lh) LHM_lh_free(ERR_STATE,lh) #define lh_ERR_STRING_DATA_new() LHM_lh_new(ERR_STRING_DATA,err_string_data) @@ -1869,13 +1679,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) LHM_lh_doall_arg(ERR_STRING_DATA,lh,fn,arg_type,arg) #define lh_ERR_STRING_DATA_error(lh) LHM_lh_error(ERR_STRING_DATA,lh) #define lh_ERR_STRING_DATA_num_items(lh) LHM_lh_num_items(ERR_STRING_DATA,lh) -#define lh_ERR_STRING_DATA_down_load(lh) LHM_lh_down_load(ERR_STRING_DATA,lh) -#define lh_ERR_STRING_DATA_node_stats_bio(lh,out) \ - LHM_lh_node_stats_bio(ERR_STRING_DATA,lh,out) -#define lh_ERR_STRING_DATA_node_usage_stats_bio(lh,out) \ - LHM_lh_node_usage_stats_bio(ERR_STRING_DATA,lh,out) -#define lh_ERR_STRING_DATA_stats_bio(lh,out) \ - LHM_lh_stats_bio(ERR_STRING_DATA,lh,out) #define lh_ERR_STRING_DATA_free(lh) LHM_lh_free(ERR_STRING_DATA,lh) #define lh_EX_CLASS_ITEM_new() LHM_lh_new(EX_CLASS_ITEM,ex_class_item) @@ -1887,13 +1690,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) LHM_lh_doall_arg(EX_CLASS_ITEM,lh,fn,arg_type,arg) #define lh_EX_CLASS_ITEM_error(lh) LHM_lh_error(EX_CLASS_ITEM,lh) #define lh_EX_CLASS_ITEM_num_items(lh) LHM_lh_num_items(EX_CLASS_ITEM,lh) -#define lh_EX_CLASS_ITEM_down_load(lh) LHM_lh_down_load(EX_CLASS_ITEM,lh) -#define lh_EX_CLASS_ITEM_node_stats_bio(lh,out) \ - LHM_lh_node_stats_bio(EX_CLASS_ITEM,lh,out) -#define lh_EX_CLASS_ITEM_node_usage_stats_bio(lh,out) \ - LHM_lh_node_usage_stats_bio(EX_CLASS_ITEM,lh,out) -#define lh_EX_CLASS_ITEM_stats_bio(lh,out) \ - LHM_lh_stats_bio(EX_CLASS_ITEM,lh,out) #define lh_EX_CLASS_ITEM_free(lh) LHM_lh_free(EX_CLASS_ITEM,lh) #define lh_FUNCTION_new() LHM_lh_new(FUNCTION,function) @@ -1905,13 +1701,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) LHM_lh_doall_arg(FUNCTION,lh,fn,arg_type,arg) #define lh_FUNCTION_error(lh) LHM_lh_error(FUNCTION,lh) #define lh_FUNCTION_num_items(lh) LHM_lh_num_items(FUNCTION,lh) -#define lh_FUNCTION_down_load(lh) LHM_lh_down_load(FUNCTION,lh) -#define lh_FUNCTION_node_stats_bio(lh,out) \ - LHM_lh_node_stats_bio(FUNCTION,lh,out) -#define lh_FUNCTION_node_usage_stats_bio(lh,out) \ - LHM_lh_node_usage_stats_bio(FUNCTION,lh,out) -#define lh_FUNCTION_stats_bio(lh,out) \ - LHM_lh_stats_bio(FUNCTION,lh,out) #define lh_FUNCTION_free(lh) LHM_lh_free(FUNCTION,lh) #define lh_OBJ_NAME_new() LHM_lh_new(OBJ_NAME,obj_name) @@ -1923,13 +1712,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) LHM_lh_doall_arg(OBJ_NAME,lh,fn,arg_type,arg) #define lh_OBJ_NAME_error(lh) LHM_lh_error(OBJ_NAME,lh) #define lh_OBJ_NAME_num_items(lh) LHM_lh_num_items(OBJ_NAME,lh) -#define lh_OBJ_NAME_down_load(lh) LHM_lh_down_load(OBJ_NAME,lh) -#define lh_OBJ_NAME_node_stats_bio(lh,out) \ - LHM_lh_node_stats_bio(OBJ_NAME,lh,out) -#define lh_OBJ_NAME_node_usage_stats_bio(lh,out) \ - LHM_lh_node_usage_stats_bio(OBJ_NAME,lh,out) -#define lh_OBJ_NAME_stats_bio(lh,out) \ - LHM_lh_stats_bio(OBJ_NAME,lh,out) #define lh_OBJ_NAME_free(lh) LHM_lh_free(OBJ_NAME,lh) #define lh_OPENSSL_STRING_new() LHM_lh_new(OPENSSL_STRING,openssl_string) @@ -1941,13 +1723,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) LHM_lh_doall_arg(OPENSSL_STRING,lh,fn,arg_type,arg) #define lh_OPENSSL_STRING_error(lh) LHM_lh_error(OPENSSL_STRING,lh) #define lh_OPENSSL_STRING_num_items(lh) LHM_lh_num_items(OPENSSL_STRING,lh) -#define lh_OPENSSL_STRING_down_load(lh) LHM_lh_down_load(OPENSSL_STRING,lh) -#define lh_OPENSSL_STRING_node_stats_bio(lh,out) \ - LHM_lh_node_stats_bio(OPENSSL_STRING,lh,out) -#define lh_OPENSSL_STRING_node_usage_stats_bio(lh,out) \ - LHM_lh_node_usage_stats_bio(OPENSSL_STRING,lh,out) -#define lh_OPENSSL_STRING_stats_bio(lh,out) \ - LHM_lh_stats_bio(OPENSSL_STRING,lh,out) #define lh_OPENSSL_STRING_free(lh) LHM_lh_free(OPENSSL_STRING,lh) #define lh_SSL_SESSION_new() LHM_lh_new(SSL_SESSION,ssl_session) @@ -1959,13 +1734,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) LHM_lh_doall_arg(SSL_SESSION,lh,fn,arg_type,arg) #define lh_SSL_SESSION_error(lh) LHM_lh_error(SSL_SESSION,lh) #define lh_SSL_SESSION_num_items(lh) LHM_lh_num_items(SSL_SESSION,lh) -#define lh_SSL_SESSION_down_load(lh) LHM_lh_down_load(SSL_SESSION,lh) -#define lh_SSL_SESSION_node_stats_bio(lh,out) \ - LHM_lh_node_stats_bio(SSL_SESSION,lh,out) -#define lh_SSL_SESSION_node_usage_stats_bio(lh,out) \ - LHM_lh_node_usage_stats_bio(SSL_SESSION,lh,out) -#define lh_SSL_SESSION_stats_bio(lh,out) \ - LHM_lh_stats_bio(SSL_SESSION,lh,out) #define lh_SSL_SESSION_free(lh) LHM_lh_free(SSL_SESSION,lh) #endif /* !defined HEADER_SAFESTACK_H */ diff --git a/lib/libcrypto/stack/stack.c b/lib/libcrypto/stack/stack.c index 818e73844..60a302afc 100644 --- a/lib/libcrypto/stack/stack.c +++ b/lib/libcrypto/stack/stack.c @@ -1,4 +1,4 @@ -/* $OpenBSD: stack.c,v 1.25 2024/02/26 15:00:30 tb Exp $ */ +/* $OpenBSD: stack.c,v 1.28 2024/03/02 11:20:36 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -63,9 +63,14 @@ #include #include +#include "stack_local.h" + #undef MIN_NODES #define MIN_NODES 4 +#define OBJ_BSEARCH_VALUE_ON_NOMATCH 0x01 +#define OBJ_BSEARCH_FIRST_VALUE_ON_MATCH 0x02 + int (*sk_set_cmp_func(_STACK *sk, int (*c)(const void *, const void *)))( const void *, const void *) @@ -260,13 +265,6 @@ sk_find(_STACK *st, void *data) } LCRYPTO_ALIAS(sk_find); -int -sk_find_ex(_STACK *st, void *data) -{ - return internal_find(st, data, OBJ_BSEARCH_VALUE_ON_NOMATCH); -} -LCRYPTO_ALIAS(sk_find_ex); - int sk_push(_STACK *st, void *data) { diff --git a/lib/libcrypto/stack/stack.h b/lib/libcrypto/stack/stack.h index 6bea6348f..783ccb482 100644 --- a/lib/libcrypto/stack/stack.h +++ b/lib/libcrypto/stack/stack.h @@ -1,4 +1,4 @@ -/* $OpenBSD: stack.h,v 1.9 2014/06/12 15:49:30 deraadt Exp $ */ +/* $OpenBSD: stack.h,v 1.11 2024/03/02 11:20:36 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -63,14 +63,7 @@ extern "C" { #endif -typedef struct stack_st { - int num; - char **data; - int sorted; - - int num_alloc; - int (*comp)(const void *, const void *); -} _STACK; /* Use STACK_OF(...) instead */ +typedef struct stack_st _STACK; #define M_sk_num(sk) ((sk) ? (sk)->num:-1) #define M_sk_value(sk,n) ((sk) ? (sk)->data[n] : NULL) @@ -88,7 +81,6 @@ int sk_insert(_STACK *sk, void *data, int where); void *sk_delete(_STACK *st, int loc); void *sk_delete_ptr(_STACK *st, void *p); int sk_find(_STACK *st, void *data); -int sk_find_ex(_STACK *st, void *data); int sk_push(_STACK *st, void *data); int sk_unshift(_STACK *st, void *data); void *sk_shift(_STACK *st); diff --git a/lib/libcrypto/stack/stack_local.h b/lib/libcrypto/stack/stack_local.h new file mode 100644 index 000000000..a33070719 --- /dev/null +++ b/lib/libcrypto/stack/stack_local.h @@ -0,0 +1,71 @@ +/* $OpenBSD: stack_local.h,v 1.1 2024/03/02 11:11:11 tb Exp $ */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_STACK_LOCAL_H +#define HEADER_STACK_LOCAL_H + +struct stack_st { + int num; + char **data; + int sorted; + + int num_alloc; + int (*comp)(const void *, const void *); +} /* _STACK */; + +#endif diff --git a/lib/libcrypto/util/mkstack.pl b/lib/libcrypto/util/mkstack.pl index 33288b632..60b910d02 100644 --- a/lib/libcrypto/util/mkstack.pl +++ b/lib/libcrypto/util/mkstack.pl @@ -83,7 +83,6 @@ while() { #define sk_${type_thing}_push(st, val) SKM_sk_push($type_thing, (st), (val)) #define sk_${type_thing}_unshift(st, val) SKM_sk_unshift($type_thing, (st), (val)) #define sk_${type_thing}_find(st, val) SKM_sk_find($type_thing, (st), (val)) -#define sk_${type_thing}_find_ex(st, val) SKM_sk_find_ex($type_thing, (st), (val)) #define sk_${type_thing}_delete(st, i) SKM_sk_delete($type_thing, (st), (i)) #define sk_${type_thing}_delete_ptr(st, ptr) SKM_sk_delete_ptr($type_thing, (st), (ptr)) #define sk_${type_thing}_insert(st, val, i) SKM_sk_insert($type_thing, (st), (val), (i)) @@ -114,7 +113,6 @@ EOF #define sk_${t1}_set(st, i, val) sk_set(CHECKED_STACK_OF($t1, st), i, CHECKED_PTR_OF($t2, val)) #define sk_${t1}_zero(st) SKM_sk_zero($t1, (st)) #define sk_${t1}_unshift(st, val) sk_unshift(CHECKED_STACK_OF($t1, st), CHECKED_PTR_OF($t2, val)) -#define sk_${t1}_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF($t1), st), CHECKED_CONST_PTR_OF($t2, val)) #define sk_${t1}_delete(st, i) SKM_sk_delete($t1, (st), (i)) #define sk_${t1}_delete_ptr(st, ptr) ($t1 *)sk_delete_ptr(CHECKED_STACK_OF($t1, st), CHECKED_PTR_OF($t2, ptr)) #define sk_${t1}_set_cmp_func(st, cmp) \\ @@ -151,12 +149,6 @@ EOF #define lh_${type_thing}_error(lh) LHM_lh_error(${type_thing},lh) #define lh_${type_thing}_num_items(lh) LHM_lh_num_items(${type_thing},lh) #define lh_${type_thing}_down_load(lh) LHM_lh_down_load(${type_thing},lh) -#define lh_${type_thing}_node_stats_bio(lh,out) \\ - LHM_lh_node_stats_bio(${type_thing},lh,out) -#define lh_${type_thing}_node_usage_stats_bio(lh,out) \\ - LHM_lh_node_usage_stats_bio(${type_thing},lh,out) -#define lh_${type_thing}_stats_bio(lh,out) \\ - LHM_lh_stats_bio(${type_thing},lh,out) #define lh_${type_thing}_free(lh) LHM_lh_free(${type_thing},lh) EOF } diff --git a/lib/libcrypto/x509/x509.h b/lib/libcrypto/x509/x509.h index 8d4fb3041..acdb28350 100644 --- a/lib/libcrypto/x509/x509.h +++ b/lib/libcrypto/x509/x509.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x509.h,v 1.103 2023/11/02 20:25:48 tb Exp $ */ +/* $OpenBSD: x509.h,v 1.111 2024/03/02 10:59:41 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -149,25 +149,10 @@ typedef struct X509_req_info_st X509_REQ_INFO; typedef struct X509_req_st X509_REQ; -typedef struct x509_cert_aux_st X509_CERT_AUX; - typedef struct x509_cinf_st X509_CINF; DECLARE_STACK_OF(X509) -/* This is used for a table of trust checking functions */ - -typedef struct x509_trust_st { - int trust; - int flags; - int (*check_trust)(struct x509_trust_st *, X509 *, int); - char *name; - int arg1; - void *arg2; -} X509_TRUST; - -DECLARE_STACK_OF(X509_TRUST) - /* standard trust ids */ /* OpenSSL changed this to 0 */ @@ -328,28 +313,11 @@ typedef struct Netscape_spki_st { ASN1_BIT_STRING *signature; } NETSCAPE_SPKI; -/* Password based encryption structure */ - typedef struct PBEPARAM_st { ASN1_OCTET_STRING *salt; ASN1_INTEGER *iter; } PBEPARAM; -/* Password based encryption V2 structures */ - -typedef struct PBE2PARAM_st { - X509_ALGOR *keyfunc; - X509_ALGOR *encryption; -} PBE2PARAM; - -typedef struct PBKDF2PARAM_st { - /* Usually OCTET STRING but could be anything */ - ASN1_TYPE *salt; - ASN1_INTEGER *iter; - ASN1_INTEGER *keylength; - X509_ALGOR *prf; -} PBKDF2PARAM; - #ifdef __cplusplus } #endif @@ -388,18 +356,6 @@ int X509_REQ_get_signature_nid(const X509_REQ *req); void X509_REQ_get0_signature(const X509_REQ *req, const ASN1_BIT_STRING **psig, const X509_ALGOR **palg); -void X509_CRL_set_default_method(const X509_CRL_METHOD *meth); -X509_CRL_METHOD *X509_CRL_METHOD_new( - int (*crl_init)(X509_CRL *crl), - int (*crl_free)(X509_CRL *crl), - int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret, - ASN1_INTEGER *ser, X509_NAME *issuer), - int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk)); -void X509_CRL_METHOD_free(X509_CRL_METHOD *m); - -void X509_CRL_set_meth_data(X509_CRL *crl, void *dat); -void *X509_CRL_get_meth_data(X509_CRL *crl); - X509_PUBKEY *X509_get_X509_PUBKEY(const X509 *x); const char *X509_verify_cert_error_string(long n); @@ -527,9 +483,6 @@ X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn); int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval); void X509_ALGOR_get0(const ASN1_OBJECT **paobj, int *pptype, const void **ppval, const X509_ALGOR *algor); -#ifndef LIBRESSL_INTERNAL -void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md); -#endif int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b); X509_NAME *X509_NAME_dup(X509_NAME *xn); @@ -659,11 +612,6 @@ void X509_free(X509 *a); X509 *d2i_X509(X509 **a, const unsigned char **in, long len); int i2d_X509(X509 *a, unsigned char **out); extern const ASN1_ITEM X509_it; -X509_CERT_AUX *X509_CERT_AUX_new(void); -void X509_CERT_AUX_free(X509_CERT_AUX *a); -X509_CERT_AUX *d2i_X509_CERT_AUX(X509_CERT_AUX **a, const unsigned char **in, long len); -int i2d_X509_CERT_AUX(X509_CERT_AUX *a, unsigned char **out); -extern const ASN1_ITEM X509_CERT_AUX_it; int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); @@ -682,8 +630,6 @@ int X509_alias_set1(X509 *x, const unsigned char *name, int len); int X509_keyid_set1(X509 *x, const unsigned char *id, int len); unsigned char *X509_alias_get0(X509 *x, int *len); unsigned char *X509_keyid_get0(X509 *x, int *len); -int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int); -int X509_TRUST_set(int *t, int trust); int X509_add1_trust_object(X509 *x, const ASN1_OBJECT *obj); int X509_add1_reject_object(X509 *x, const ASN1_OBJECT *obj); void X509_trust_clear(X509 *x); @@ -863,7 +809,6 @@ int X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent, int X509_print_ex(BIO *bp,X509 *x, unsigned long nmflag, unsigned long cflag); int X509_print(BIO *bp,X509 *x); int X509_ocspid_print(BIO *bp,X509 *x); -int X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent); int X509_CRL_print(BIO *bp,X509_CRL *x); int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag, unsigned long cflag); int X509_REQ_print(BIO *bp,X509_REQ *req); @@ -1033,35 +978,7 @@ X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,X509_NAME *name, ASN1_INTEGER *serial); X509 *X509_find_by_subject(STACK_OF(X509) *sk,X509_NAME *name); -PBEPARAM *PBEPARAM_new(void); -void PBEPARAM_free(PBEPARAM *a); -PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, const unsigned char **in, long len); -int i2d_PBEPARAM(PBEPARAM *a, unsigned char **out); extern const ASN1_ITEM PBEPARAM_it; -PBE2PARAM *PBE2PARAM_new(void); -void PBE2PARAM_free(PBE2PARAM *a); -PBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, const unsigned char **in, long len); -int i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **out); -extern const ASN1_ITEM PBE2PARAM_it; -PBKDF2PARAM *PBKDF2PARAM_new(void); -void PBKDF2PARAM_free(PBKDF2PARAM *a); -PBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, const unsigned char **in, long len); -int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **out); -extern const ASN1_ITEM PBKDF2PARAM_it; - -int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, - const unsigned char *salt, int saltlen); - -X509_ALGOR *PKCS5_pbe_set(int alg, int iter, - const unsigned char *salt, int saltlen); -X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, - unsigned char *salt, int saltlen); -X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, - unsigned char *salt, int saltlen, - unsigned char *aiv, int prf_nid); - -X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, - int prf_nid, int keylen); /* PKCS#8 utilities */ @@ -1089,15 +1006,6 @@ int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, const unsigned char **pk, int *ppklen, X509_ALGOR **pa, X509_PUBKEY *pub); int X509_check_trust(X509 *x, int id, int flags); -int X509_TRUST_get_count(void); -X509_TRUST * X509_TRUST_get0(int idx); -int X509_TRUST_get_by_id(int id); -int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), - const char *name, int arg1, void *arg2); -void X509_TRUST_cleanup(void); -int X509_TRUST_get_flags(const X509_TRUST *xp); -char *X509_TRUST_get0_name(const X509_TRUST *xp); -int X509_TRUST_get_trust(const X509_TRUST *xp); int X509_up_ref(X509 *x); STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain); diff --git a/lib/libcrypto/x509/x509_lib.c b/lib/libcrypto/x509/x509_lib.c index 5ddfc3761..c5151d407 100644 --- a/lib/libcrypto/x509/x509_lib.c +++ b/lib/libcrypto/x509/x509_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_lib.c,v 1.16 2024/01/25 15:09:22 tb Exp $ */ +/* $OpenBSD: x509_lib.c,v 1.17 2024/03/02 10:35:32 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -333,37 +333,3 @@ err: return 0; } LCRYPTO_ALIAS(X509V3_add1_i2d); - -/* - * XXX - remove all the functions below in the next major bump. - */ - -int -X509V3_EXT_add(X509V3_EXT_METHOD *ext) -{ - X509V3error(ERR_R_DISABLED); - return 0; -} -LCRYPTO_ALIAS(X509V3_EXT_add); - -int -X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist) -{ - X509V3error(ERR_R_DISABLED); - return 0; -} -LCRYPTO_ALIAS(X509V3_EXT_add_list); - -int -X509V3_EXT_add_alias(int nid_to, int nid_from) -{ - X509V3error(ERR_R_DISABLED); - return 0; -} -LCRYPTO_ALIAS(X509V3_EXT_add_alias); - -void -X509V3_EXT_cleanup(void) -{ -} -LCRYPTO_ALIAS(X509V3_EXT_cleanup); diff --git a/lib/libcrypto/x509/x509_local.h b/lib/libcrypto/x509/x509_local.h index f62f5ad57..83b57403d 100644 --- a/lib/libcrypto/x509/x509_local.h +++ b/lib/libcrypto/x509/x509_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_local.h,v 1.18 2024/01/06 17:37:23 tb Exp $ */ +/* $OpenBSD: x509_local.h,v 1.22 2024/03/02 10:52:24 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2013. */ @@ -59,6 +59,8 @@ #ifndef HEADER_X509_LOCAL_H #define HEADER_X509_LOCAL_H +#include + __BEGIN_HIDDEN_DECLS #define TS_HASH_EVP EVP_sha1() @@ -133,13 +135,20 @@ struct X509_req_st { * useful in certificate stores and databases. When used this is tagged onto * the end of the certificate itself. */ -struct x509_cert_aux_st { +typedef struct x509_cert_aux_st { STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */ STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */ ASN1_UTF8STRING *alias; /* "friendly name" */ ASN1_OCTET_STRING *keyid; /* key id of private key */ STACK_OF(X509_ALGOR) *other; /* other unspecified info */ -} /* X509_CERT_AUX */; +} X509_CERT_AUX; + +X509_CERT_AUX *X509_CERT_AUX_new(void); +void X509_CERT_AUX_free(X509_CERT_AUX *a); +X509_CERT_AUX *d2i_X509_CERT_AUX(X509_CERT_AUX **a, const unsigned char **in, long len); +int i2d_X509_CERT_AUX(X509_CERT_AUX *a, unsigned char **out); +extern const ASN1_ITEM X509_CERT_AUX_it; +int X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent); struct x509_cinf_st { ASN1_INTEGER *version; /* [ 0 ] default of v1 */ @@ -360,6 +369,51 @@ int X509_policy_check(const STACK_OF(X509) *certs, const STACK_OF(ASN1_OBJECT) *user_policies, unsigned long flags, X509 **out_current_cert); +PBEPARAM *PBEPARAM_new(void); +void PBEPARAM_free(PBEPARAM *a); +PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, const unsigned char **in, long len); +int i2d_PBEPARAM(PBEPARAM *a, unsigned char **out); + +/* Password based encryption V2 structures */ +typedef struct PBE2PARAM_st { + X509_ALGOR *keyfunc; + X509_ALGOR *encryption; +} PBE2PARAM; + +PBE2PARAM *PBE2PARAM_new(void); +void PBE2PARAM_free(PBE2PARAM *a); +PBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, const unsigned char **in, long len); +int i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **out); +extern const ASN1_ITEM PBE2PARAM_it; + +typedef struct PBKDF2PARAM_st { + /* Usually OCTET STRING but could be anything */ + ASN1_TYPE *salt; + ASN1_INTEGER *iter; + ASN1_INTEGER *keylength; + X509_ALGOR *prf; +} PBKDF2PARAM; + +PBKDF2PARAM *PBKDF2PARAM_new(void); +void PBKDF2PARAM_free(PBKDF2PARAM *a); +PBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, const unsigned char **in, long len); +int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **out); +extern const ASN1_ITEM PBKDF2PARAM_it; + +int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, + const unsigned char *salt, int saltlen); +X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, + unsigned char *salt, int saltlen); +X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, + unsigned char *salt, int saltlen, unsigned char *aiv, int prf_nid); +X509_ALGOR *PKCS5_pbe_set(int alg, int iter, const unsigned char *salt, + int saltlen); +X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, + int prf_nid, int keylen); + +int X509_PURPOSE_get_by_id(int id); +int X509_PURPOSE_get_trust(const X509_PURPOSE *xp); + __END_HIDDEN_DECLS #endif /* !HEADER_X509_LOCAL_H */ diff --git a/lib/libcrypto/x509/x509_lu.c b/lib/libcrypto/x509/x509_lu.c index 7e7a5dedd..56fb43999 100644 --- a/lib/libcrypto/x509/x509_lu.c +++ b/lib/libcrypto/x509/x509_lu.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_lu.c,v 1.63 2024/02/23 10:39:07 tb Exp $ */ +/* $OpenBSD: x509_lu.c,v 1.64 2024/03/02 10:57:03 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -65,7 +65,7 @@ #include #include "x509_local.h" -X509_LOOKUP * +static X509_LOOKUP * X509_LOOKUP_new(X509_LOOKUP_METHOD *method) { X509_LOOKUP *lu; @@ -84,7 +84,6 @@ X509_LOOKUP_new(X509_LOOKUP_METHOD *method) return lu; } -LCRYPTO_ALIAS(X509_LOOKUP_new); void X509_LOOKUP_free(X509_LOOKUP *ctx) @@ -97,26 +96,6 @@ X509_LOOKUP_free(X509_LOOKUP *ctx) } LCRYPTO_ALIAS(X509_LOOKUP_free); -int -X509_LOOKUP_init(X509_LOOKUP *ctx) -{ - if (ctx->method == NULL) - return 0; - /* Historical behavior: make init succeed even without method. */ - return 1; -} -LCRYPTO_ALIAS(X509_LOOKUP_init); - -int -X509_LOOKUP_shutdown(X509_LOOKUP *ctx) -{ - if (ctx->method == NULL) - return 0; - /* Historical behavior: make shutdown succeed even without method. */ - return 1; -} -LCRYPTO_ALIAS(X509_LOOKUP_shutdown); - int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret) @@ -129,7 +108,7 @@ X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, } LCRYPTO_ALIAS(X509_LOOKUP_ctrl); -int +static int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, X509_NAME *name, X509_OBJECT *ret) { @@ -137,31 +116,6 @@ X509_LOOKUP_by_subject(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, X509_NAME *name, return 0; return ctx->method->get_by_subject(ctx, type, name, ret); } -LCRYPTO_ALIAS(X509_LOOKUP_by_subject); - -int -X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, - X509_NAME *name, ASN1_INTEGER *serial, X509_OBJECT *ret) -{ - return 0; -} -LCRYPTO_ALIAS(X509_LOOKUP_by_issuer_serial); - -int -X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, - const unsigned char *bytes, int len, X509_OBJECT *ret) -{ - return 0; -} -LCRYPTO_ALIAS(X509_LOOKUP_by_fingerprint); - -int -X509_LOOKUP_by_alias(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, const char *str, - int len, X509_OBJECT *ret) -{ - return 0; -} -LCRYPTO_ALIAS(X509_LOOKUP_by_alias); static int x509_object_cmp(const X509_OBJECT * const *a, const X509_OBJECT * const *b) diff --git a/lib/libcrypto/x509/x509_policy.c b/lib/libcrypto/x509/x509_policy.c index 73f7154f5..0da16b948 100644 --- a/lib/libcrypto/x509/x509_policy.c +++ b/lib/libcrypto/x509/x509_policy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_policy.c,v 1.25 2023/04/28 16:30:14 tb Exp $ */ +/* $OpenBSD: x509_policy.c,v 1.27 2024/03/02 11:20:36 tb Exp $ */ /* * Copyright (c) 2022, Google Inc. * @@ -23,6 +23,7 @@ #include #include +#include "stack_local.h" #include "x509_internal.h" #include "x509_local.h" @@ -102,7 +103,6 @@ DECLARE_STACK_OF(X509_POLICY_NODE) #define sk_X509_POLICY_NODE_push(st, val) SKM_sk_push(X509_POLICY_NODE, (st), (val)) #define sk_X509_POLICY_NODE_unshift(st, val) SKM_sk_unshift(X509_POLICY_NODE, (st), (val)) #define sk_X509_POLICY_NODE_find(st, val) SKM_sk_find(X509_POLICY_NODE, (st), (val)) -#define sk_X509_POLICY_NODE_find_ex(st, val) SKM_sk_find_ex(X509_POLICY_NODE, (st), (val)) #define sk_X509_POLICY_NODE_delete(st, i) SKM_sk_delete(X509_POLICY_NODE, (st), (i)) #define sk_X509_POLICY_NODE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_NODE, (st), (ptr)) #define sk_X509_POLICY_NODE_insert(st, val, i) SKM_sk_insert(X509_POLICY_NODE, (st), (val), (i)) @@ -145,7 +145,6 @@ DECLARE_STACK_OF(X509_POLICY_LEVEL) #define sk_X509_POLICY_LEVEL_push(st, val) SKM_sk_push(X509_POLICY_LEVEL, (st), (val)) #define sk_X509_POLICY_LEVEL_unshift(st, val) SKM_sk_unshift(X509_POLICY_LEVEL, (st), (val)) #define sk_X509_POLICY_LEVEL_find(st, val) SKM_sk_find(X509_POLICY_LEVEL, (st), (val)) -#define sk_X509_POLICY_LEVEL_find_ex(st, val) SKM_sk_find_ex(X509_POLICY_LEVEL, (st), (val)) #define sk_X509_POLICY_LEVEL_delete(st, i) SKM_sk_delete(X509_POLICY_LEVEL, (st), (i)) #define sk_X509_POLICY_LEVEL_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_LEVEL, (st), (ptr)) #define sk_X509_POLICY_LEVEL_insert(st, val, i) SKM_sk_insert(X509_POLICY_LEVEL, (st), (val), (i)) diff --git a/lib/libcrypto/x509/x509_purp.c b/lib/libcrypto/x509/x509_purp.c index 1735e70ca..53f4f2f96 100644 --- a/lib/libcrypto/x509/x509_purp.c +++ b/lib/libcrypto/x509/x509_purp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_purp.c,v 1.36 2024/02/28 16:26:08 tb Exp $ */ +/* $OpenBSD: x509_purp.c,v 1.39 2024/03/02 10:43:52 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2001. */ @@ -68,6 +68,16 @@ #include "x509_internal.h" #include "x509_local.h" +struct x509_purpose_st { + int purpose; + int trust; /* Default trust ID */ + int flags; + int (*check_purpose)(const struct x509_purpose_st *, const X509 *, int); + char *name; + char *sname; + void *usr_data; +} /* X509_PURPOSE */; + #define V1_ROOT (EXFLAG_V1|EXFLAG_SS) #define ku_reject(x, usage) \ (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage))) @@ -95,7 +105,7 @@ static int check_purpose_timestamp_sign(const X509_PURPOSE *xp, const X509 *x, static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca); static int ocsp_helper(const X509_PURPOSE *xp, const X509 *x, int ca); -static X509_PURPOSE xstandard[] = { +static const X509_PURPOSE xstandard[] = { { .purpose = X509_PURPOSE_SSL_CLIENT, .trust = X509_TRUST_SSL_CLIENT, @@ -187,18 +197,6 @@ X509_check_purpose(X509 *x, int id, int ca) } LCRYPTO_ALIAS(X509_check_purpose); -int -X509_PURPOSE_set(int *p, int purpose) -{ - if (X509_PURPOSE_get_by_id(purpose) == -1) { - X509V3error(X509V3_R_INVALID_PURPOSE); - return 0; - } - *p = purpose; - return 1; -} -LCRYPTO_ALIAS(X509_PURPOSE_set); - int X509_PURPOSE_get_count(void) { @@ -206,7 +204,7 @@ X509_PURPOSE_get_count(void) } LCRYPTO_ALIAS(X509_PURPOSE_get_count); -X509_PURPOSE * +const X509_PURPOSE * X509_PURPOSE_get0(int idx) { if (idx < 0 || (size_t)idx >= X509_PURPOSE_COUNT) @@ -220,7 +218,7 @@ int X509_PURPOSE_get_by_sname(const char *sname) { int i; - X509_PURPOSE *xptmp; + const X509_PURPOSE *xptmp; for (i = 0; i < X509_PURPOSE_get_count(); i++) { xptmp = X509_PURPOSE_get0(i); @@ -243,23 +241,6 @@ X509_PURPOSE_get_by_id(int purpose) return purpose - X509_PURPOSE_MIN; } -LCRYPTO_ALIAS(X509_PURPOSE_get_by_id); - -int -X509_PURPOSE_add(int id, int trust, int flags, - int (*ck)(const X509_PURPOSE *, const X509 *, int), const char *name, - const char *sname, void *arg) -{ - X509error(ERR_R_DISABLED); - return 0; -} -LCRYPTO_ALIAS(X509_PURPOSE_add); - -void -X509_PURPOSE_cleanup(void) -{ -} -LCRYPTO_ALIAS(X509_PURPOSE_cleanup); int X509_PURPOSE_get_id(const X509_PURPOSE *xp) @@ -268,14 +249,14 @@ X509_PURPOSE_get_id(const X509_PURPOSE *xp) } LCRYPTO_ALIAS(X509_PURPOSE_get_id); -char * +const char * X509_PURPOSE_get0_name(const X509_PURPOSE *xp) { return xp->name; } LCRYPTO_ALIAS(X509_PURPOSE_get0_name); -char * +const char * X509_PURPOSE_get0_sname(const X509_PURPOSE *xp) { return xp->sname; @@ -287,7 +268,6 @@ X509_PURPOSE_get_trust(const X509_PURPOSE *xp) { return xp->trust; } -LCRYPTO_ALIAS(X509_PURPOSE_get_trust); /* * List of NIDs of extensions supported by the verifier. If an extension diff --git a/lib/libcrypto/x509/x509_trs.c b/lib/libcrypto/x509/x509_trs.c index a6fc4d61c..2f4cbba38 100644 --- a/lib/libcrypto/x509/x509_trs.c +++ b/lib/libcrypto/x509/x509_trs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_trs.c,v 1.40 2024/01/13 19:57:38 tb Exp $ */ +/* $OpenBSD: x509_trs.c,v 1.42 2024/03/02 10:50:26 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -67,6 +67,15 @@ #include "crypto_internal.h" #include "x509_local.h" +typedef struct x509_trust_st { + int trust; + int flags; + int (*check_trust)(struct x509_trust_st *, X509 *, int); + char *name; + int arg1; + void *arg2; +} X509_TRUST; + static int obj_trust(int id, X509 *x, int flags) { @@ -219,82 +228,3 @@ X509_check_trust(X509 *x, int trust_id, int flags) return trust->check_trust((X509_TRUST *)trust, x, flags); } LCRYPTO_ALIAS(X509_check_trust); - -/* - * Remove all the functions below in the next bump. - */ - -int -(*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int) -{ - X509error(ERR_R_DISABLED); - return NULL; -} -LCRYPTO_ALIAS(X509_TRUST_set_default); - -int -X509_TRUST_get_count(void) -{ - return X509_TRUST_COUNT; -} -LCRYPTO_ALIAS(X509_TRUST_get_count); - -X509_TRUST * -X509_TRUST_get0(int idx) -{ - X509error(ERR_R_DISABLED); - return NULL; -} -LCRYPTO_ALIAS(X509_TRUST_get0); - -int -X509_TRUST_get_by_id(int id) -{ - X509error(ERR_R_DISABLED); - return -1; -} -LCRYPTO_ALIAS(X509_TRUST_get_by_id); - -int -X509_TRUST_set(int *t, int trust) -{ - X509error(ERR_R_DISABLED); - return 0; -} -LCRYPTO_ALIAS(X509_TRUST_set); - -int -X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), - const char *name, int arg1, void *arg2) -{ - X509error(ERR_R_DISABLED); - return 0; -} -LCRYPTO_ALIAS(X509_TRUST_add); - -void -X509_TRUST_cleanup(void) -{ -} -LCRYPTO_ALIAS(X509_TRUST_cleanup); - -int -X509_TRUST_get_flags(const X509_TRUST *xp) -{ - return xp->flags; -} -LCRYPTO_ALIAS(X509_TRUST_get_flags); - -char * -X509_TRUST_get0_name(const X509_TRUST *xp) -{ - return xp->name; -} -LCRYPTO_ALIAS(X509_TRUST_get0_name); - -int -X509_TRUST_get_trust(const X509_TRUST *xp) -{ - return xp->trust; -} -LCRYPTO_ALIAS(X509_TRUST_get_trust); diff --git a/lib/libcrypto/x509/x509_vfy.c b/lib/libcrypto/x509/x509_vfy.c index 499db3557..539965863 100644 --- a/lib/libcrypto/x509/x509_vfy.c +++ b/lib/libcrypto/x509/x509_vfy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_vfy.c,v 1.141 2024/02/28 12:21:16 tb Exp $ */ +/* $OpenBSD: x509_vfy.c,v 1.142 2024/03/02 10:40:05 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -2171,15 +2171,6 @@ LCRYPTO_ALIAS(X509_STORE_CTX_set0_crls); * purpose and trust settings which the application can set: if they * aren't set then we use the default of SSL client/server. */ -int -X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, - int purpose, int trust) -{ - X509error(ERR_R_DISABLED); - return 0; -} -LCRYPTO_ALIAS(X509_STORE_CTX_purpose_inherit); - int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose_id) { diff --git a/lib/libcrypto/x509/x509_vfy.h b/lib/libcrypto/x509/x509_vfy.h index d7657a51f..755a06435 100644 --- a/lib/libcrypto/x509/x509_vfy.h +++ b/lib/libcrypto/x509/x509_vfy.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_vfy.h,v 1.65 2024/02/23 10:39:07 tb Exp $ */ +/* $OpenBSD: x509_vfy.h,v 1.68 2024/03/02 10:57:03 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -293,9 +293,7 @@ int X509_STORE_up_ref(X509_STORE *x); STACK_OF(X509) *X509_STORE_CTX_get1_certs(X509_STORE_CTX *st, X509_NAME *nm); STACK_OF(X509_CRL) *X509_STORE_CTX_get1_crls(X509_STORE_CTX *st, X509_NAME *nm); STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *xs); -#if defined(LIBRESSL_INTERNAL) || defined(LIBRESSL_NEXT_API) STACK_OF(X509_OBJECT) *X509_STORE_get1_objects(X509_STORE *xs); -#endif void *X509_STORE_get_ex_data(X509_STORE *xs, int idx); int X509_STORE_set_ex_data(X509_STORE *xs, int idx, void *data); @@ -365,19 +363,7 @@ int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type); int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type); int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type); - -X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method); void X509_LOOKUP_free(X509_LOOKUP *ctx); -int X509_LOOKUP_init(X509_LOOKUP *ctx); -int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, - X509_NAME *name, X509_OBJECT *ret); -int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, - X509_NAME *name, ASN1_INTEGER *serial, X509_OBJECT *ret); -int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, - const unsigned char *bytes, int len, X509_OBJECT *ret); -int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, - const char *str, int len, X509_OBJECT *ret); -int X509_LOOKUP_shutdown(X509_LOOKUP *ctx); int X509_STORE_load_locations(X509_STORE *ctx, const char *file, const char *dir); @@ -404,8 +390,6 @@ void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK_OF(X509) *sk); void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c,STACK_OF(X509_CRL) *sk); int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose); int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust); -int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, - int purpose, int trust); void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags); void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags, time_t t); diff --git a/lib/libcrypto/x509/x509v3.h b/lib/libcrypto/x509/x509v3.h index f867cc38c..1004f6f15 100644 --- a/lib/libcrypto/x509/x509v3.h +++ b/lib/libcrypto/x509/x509v3.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x509v3.h,v 1.25 2023/06/25 18:15:21 tb Exp $ */ +/* $OpenBSD: x509v3.h,v 1.29 2024/03/02 10:43:52 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -422,15 +422,7 @@ struct ISSUING_DIST_POINT_st { #define X509_PURPOSE_DYNAMIC 0x1 #define X509_PURPOSE_DYNAMIC_NAME 0x2 -typedef struct x509_purpose_st { - int purpose; - int trust; /* Default trust ID */ - int flags; - int (*check_purpose)(const struct x509_purpose_st *, const X509 *, int); - char *name; - char *sname; - void *usr_data; -} X509_PURPOSE; +typedef struct x509_purpose_st X509_PURPOSE; #define X509_PURPOSE_SSL_CLIENT 1 #define X509_PURPOSE_SSL_SERVER 2 @@ -692,10 +684,6 @@ ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, const char *value); char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, const ASN1_ENUMERATED *aint); char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth, const ASN1_ENUMERATED *aint); -int X509V3_EXT_add(X509V3_EXT_METHOD *ext); -int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist); -int X509V3_EXT_add_alias(int nid_to, int nid_from); -void X509V3_EXT_cleanup(void); const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext); const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid); @@ -723,20 +711,14 @@ int X509V3_extensions_print(BIO *out, const char *title, int X509_check_ca(X509 *x); int X509_check_purpose(X509 *x, int id, int ca); int X509_supported_extension(X509_EXTENSION *ex); -int X509_PURPOSE_set(int *p, int purpose); int X509_check_issued(X509 *issuer, X509 *subject); int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid); + int X509_PURPOSE_get_count(void); -X509_PURPOSE * X509_PURPOSE_get0(int idx); +const X509_PURPOSE *X509_PURPOSE_get0(int idx); int X509_PURPOSE_get_by_sname(const char *sname); -int X509_PURPOSE_get_by_id(int id); -int X509_PURPOSE_add(int id, int trust, int flags, - int (*ck)(const X509_PURPOSE *, const X509 *, int), - const char *name, const char *sname, void *arg); -char *X509_PURPOSE_get0_name(const X509_PURPOSE *xp); -char *X509_PURPOSE_get0_sname(const X509_PURPOSE *xp); -int X509_PURPOSE_get_trust(const X509_PURPOSE *xp); -void X509_PURPOSE_cleanup(void); +const char *X509_PURPOSE_get0_name(const X509_PURPOSE *xp); +const char *X509_PURPOSE_get0_sname(const X509_PURPOSE *xp); int X509_PURPOSE_get_id(const X509_PURPOSE *); uint32_t X509_get_extension_flags(X509 *x); uint32_t X509_get_key_usage(X509 *x); diff --git a/lib/libssl/Symbols.list b/lib/libssl/Symbols.list index 9f261bb97..ee7477f31 100644 --- a/lib/libssl/Symbols.list +++ b/lib/libssl/Symbols.list @@ -23,8 +23,6 @@ SSL_CIPHER_description SSL_CIPHER_find SSL_CIPHER_get_auth_nid SSL_CIPHER_get_bits -SSL_CIPHER_get_by_id -SSL_CIPHER_get_by_value SSL_CIPHER_get_cipher_nid SSL_CIPHER_get_digest_nid SSL_CIPHER_get_id @@ -222,6 +220,7 @@ SSL_get_peer_cert_chain SSL_get_peer_certificate SSL_get_peer_finished SSL_get_peer_quic_transport_params +SSL_get_peer_signature_type_nid SSL_get_privatekey SSL_get_quiet_shutdown SSL_get_rbio @@ -235,6 +234,7 @@ SSL_get_servername_type SSL_get_session SSL_get_shared_ciphers SSL_get_shutdown +SSL_get_signature_type_nid SSL_get_srtp_profiles SSL_get_ssl_method SSL_get_verify_callback @@ -284,7 +284,6 @@ SSL_set_cipher_list SSL_set_ciphersuites SSL_set_client_CA_list SSL_set_connect_state -SSL_set_debug SSL_set_ex_data SSL_set_fd SSL_set_generate_session_id diff --git a/lib/libssl/hidden/openssl/ssl.h b/lib/libssl/hidden/openssl/ssl.h index e4ec6d625..aa946ad25 100644 --- a/lib/libssl/hidden/openssl/ssl.h +++ b/lib/libssl/hidden/openssl/ssl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl.h,v 1.4 2023/07/28 09:53:55 tb Exp $ */ +/* $OpenBSD: ssl.h,v 1.6 2024/03/02 11:48:55 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -111,8 +111,6 @@ LSSL_USED(SSL_want); LSSL_USED(SSL_clear); LSSL_USED(SSL_CTX_flush_sessions); LSSL_USED(SSL_get_current_cipher); -LSSL_USED(SSL_CIPHER_get_by_id); -LSSL_USED(SSL_CIPHER_get_by_value); LSSL_USED(SSL_CIPHER_get_bits); LSSL_USED(SSL_CIPHER_get_version); LSSL_USED(SSL_CIPHER_get_name); @@ -360,7 +358,6 @@ LSSL_USED(SSL_COMP_add_compression_method); LSSL_USED(SSL_set_session_ticket_ext); LSSL_USED(SSL_set_session_ticket_ext_cb); LSSL_USED(SSL_set_session_secret_cb); -LSSL_USED(SSL_set_debug); LSSL_USED(SSL_cache_hit); LSSL_USED(SSL_set_security_level); LSSL_USED(SSL_get_security_level); diff --git a/lib/libssl/hidden/openssl/tls1.h b/lib/libssl/hidden/openssl/tls1.h index de93f9aa2..e7c572195 100644 --- a/lib/libssl/hidden/openssl/tls1.h +++ b/lib/libssl/hidden/openssl/tls1.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tls1.h,v 1.1 2023/07/08 16:40:14 beck Exp $ */ +/* $OpenBSD: tls1.h,v 1.2 2024/03/02 11:44:47 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -28,5 +28,7 @@ LSSL_USED(SSL_get_servername); LSSL_USED(SSL_get_servername_type); LSSL_USED(SSL_export_keying_material); +LSSL_USED(SSL_get_peer_signature_type_nid); +LSSL_USED(SSL_get_signature_type_nid); #endif /* _LIBSSL_TLS1_H */ diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index bb8e9465b..6ebe2605d 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.249 2024/02/03 15:58:33 beck Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.251 2024/03/02 11:46:55 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1970,6 +1970,7 @@ SSL_get_signature_type_nid(const SSL *s, int *nid) return 1; } +LSSL_ALIAS(SSL_get_signature_type_nid); int SSL_get_peer_signature_type_nid(const SSL *s, int *nid) @@ -1986,6 +1987,7 @@ SSL_get_peer_signature_type_nid(const SSL *s, int *nid) return 1; } +LSSL_ALIAS(SSL_get_peer_signature_type_nid); long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) @@ -2592,6 +2594,10 @@ ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, return (ret); } +#define SSL3_CT_RSA_SIGN 1 +#define SSL3_CT_RSA_FIXED_DH 3 +#define SSL3_CT_ECDSA_SIGN 64 + int ssl3_get_req_cert_types(SSL *s, CBB *cbb) { @@ -2611,7 +2617,7 @@ ssl3_get_req_cert_types(SSL *s, CBB *cbb) * ECDSA certs can be used with RSA cipher suites as well * so we don't need to check for SSL_kECDH or SSL_kECDHE. */ - if (!CBB_add_u8(cbb, TLS_CT_ECDSA_SIGN)) + if (!CBB_add_u8(cbb, SSL3_CT_ECDSA_SIGN)) return 0; return 1; diff --git a/lib/libssl/shlib_version b/lib/libssl/shlib_version index 9416bb7a3..ac10f4cbe 100644 --- a/lib/libssl/shlib_version +++ b/lib/libssl/shlib_version @@ -1,3 +1,3 @@ # Don't forget to give libtls the same type of bump! -major=55 +major=56 minor=0 diff --git a/lib/libssl/ssl.h b/lib/libssl/ssl.h index 03a5a80d0..9a5f8d025 100644 --- a/lib/libssl/ssl.h +++ b/lib/libssl/ssl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl.h,v 1.233 2024/02/03 15:58:33 beck Exp $ */ +/* $OpenBSD: ssl.h,v 1.236 2024/03/02 11:48:55 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1058,10 +1058,6 @@ const SSL_METHOD *SSL_CTX_get_ssl_method(const SSL_CTX *ctx); SSL_ctrl(s, SSL_CTRL_GET_PEER_SIGNATURE_NID, 0, pn) #define SSL_get_peer_tmp_key(s, pk) \ SSL_ctrl(s, SSL_CTRL_GET_PEER_TMP_KEY, 0, pk) - -int SSL_get_signature_type_nid(const SSL *ssl, int *nid); -int SSL_get_peer_signature_type_nid(const SSL *ssl, int *nid); - #endif /* LIBRESSL_HAS_TLS1_3 || LIBRESSL_INTERNAL */ #ifndef LIBRESSL_INTERNAL @@ -1126,8 +1122,6 @@ int SSL_clear(SSL *s); void SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm); const SSL_CIPHER *SSL_get_current_cipher(const SSL *s); -const SSL_CIPHER *SSL_CIPHER_get_by_id(unsigned int id); -const SSL_CIPHER *SSL_CIPHER_get_by_value(uint16_t value); int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits); const char * SSL_CIPHER_get_version(const SSL_CIPHER *c); const char * SSL_CIPHER_get_name(const SSL_CIPHER *c); @@ -1502,7 +1496,6 @@ int SSL_set_session_ticket_ext_cb(SSL *s, int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg); -void SSL_set_debug(SSL *s, int debug); int SSL_cache_hit(SSL *s); /* What the "other" parameter contains in security callback */ diff --git a/lib/libssl/ssl3.h b/lib/libssl/ssl3.h index 603d9ccb4..1b1110b4e 100644 --- a/lib/libssl/ssl3.h +++ b/lib/libssl/ssl3.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl3.h,v 1.58 2024/02/03 15:58:33 beck Exp $ */ +/* $OpenBSD: ssl3.h,v 1.60 2024/03/02 11:47:41 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -314,21 +314,7 @@ extern "C" { #define TLS1_HB_REQUEST 1 #define TLS1_HB_RESPONSE 2 -#define SSL3_CT_RSA_SIGN 1 -#define SSL3_CT_DSS_SIGN 2 -#define SSL3_CT_RSA_FIXED_DH 3 -#define SSL3_CT_DSS_FIXED_DH 4 -#define SSL3_CT_RSA_EPHEMERAL_DH 5 -#define SSL3_CT_DSS_EPHEMERAL_DH 6 -#define SSL3_CT_FORTEZZA_DMS 20 -/* SSL3_CT_NUMBER is used to size arrays and it must be large - * enough to contain all of the cert types defined either for - * SSLv3 and TLSv1. - */ -#define SSL3_CT_NUMBER 7 - #define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001 -#define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010 #define TLS1_FLAGS_FREEZE_TRANSCRIPT 0x0020 #define SSL3_FLAGS_CCS_OK 0x0080 diff --git a/lib/libssl/ssl_ciph.c b/lib/libssl/ssl_ciph.c index 76a384052..45d7889b9 100644 --- a/lib/libssl/ssl_ciph.c +++ b/lib/libssl/ssl_ciph.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_ciph.c,v 1.139 2024/02/03 15:58:33 beck Exp $ */ +/* $OpenBSD: ssl_ciph.c,v 1.140 2024/03/02 11:45:51 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1341,20 +1341,6 @@ ssl_create_cipher_list(const SSL_METHOD *ssl_method, return ret; } -const SSL_CIPHER * -SSL_CIPHER_get_by_id(unsigned int id) -{ - return ssl3_get_cipher_by_id(id); -} -LSSL_ALIAS(SSL_CIPHER_get_by_id); - -const SSL_CIPHER * -SSL_CIPHER_get_by_value(uint16_t value) -{ - return ssl3_get_cipher_by_value(value); -} -LSSL_ALIAS(SSL_CIPHER_get_by_value); - char * SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) { diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c index 3d7810a36..bb9779bbe 100644 --- a/lib/libssl/ssl_lib.c +++ b/lib/libssl/ssl_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_lib.c,v 1.320 2024/02/04 20:50:23 tb Exp $ */ +/* $OpenBSD: ssl_lib.c,v 1.321 2024/03/02 11:48:55 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -3475,13 +3475,6 @@ SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, } LSSL_ALIAS(SSL_set_msg_callback); -void -SSL_set_debug(SSL *s, int debug) -{ - SSLerror(s, ERR_R_DISABLED); -} -LSSL_ALIAS(SSL_set_debug); - int SSL_cache_hit(SSL *s) { diff --git a/lib/libssl/tls1.h b/lib/libssl/tls1.h index daf6cba6f..21666291f 100644 --- a/lib/libssl/tls1.h +++ b/lib/libssl/tls1.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tls1.h,v 1.57 2024/02/03 15:58:34 beck Exp $ */ +/* $OpenBSD: tls1.h,v 1.59 2024/03/02 11:46:55 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -316,6 +316,9 @@ int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen, const char *label, size_t llen, const unsigned char *p, size_t plen, int use_context); +int SSL_get_signature_type_nid(const SSL *ssl, int *nid); +int SSL_get_peer_signature_type_nid(const SSL *ssl, int *nid); + #define SSL_set_tlsext_host_name(s,name) \ SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name) @@ -737,17 +740,6 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb) #define TLS1_3_RFC_AES_128_CCM_8_SHA256 "TLS_AES_128_CCM_8_SHA256" #endif -#define TLS_CT_RSA_SIGN 1 -#define TLS_CT_DSS_SIGN 2 -#define TLS_CT_RSA_FIXED_DH 3 -#define TLS_CT_DSS_FIXED_DH 4 -#define TLS_CT_ECDSA_SIGN 64 -#define TLS_CT_RSA_FIXED_ECDH 65 -#define TLS_CT_ECDSA_FIXED_ECDH 66 -/* when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see - * comment there) */ -#define TLS_CT_NUMBER 7 - #define TLS1_FINISH_MAC_LENGTH 12 #define TLS_MD_MAX_CONST_SIZE 20 diff --git a/lib/libtls/shlib_version b/lib/libtls/shlib_version index 295c96b24..ade1e3940 100644 --- a/lib/libtls/shlib_version +++ b/lib/libtls/shlib_version @@ -1,2 +1,2 @@ -major=28 +major=29 minor=0 diff --git a/regress/usr.bin/openssl/appstest.sh b/regress/usr.bin/openssl/appstest.sh index 8c0e75deb..26ba92004 100755 --- a/regress/usr.bin/openssl/appstest.sh +++ b/regress/usr.bin/openssl/appstest.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# $OpenBSD: appstest.sh,v 1.61 2024/01/26 11:58:36 job Exp $ +# $OpenBSD: appstest.sh,v 1.62 2024/03/02 11:53:55 tb Exp $ # # Copyright (c) 2016 Kinichiro Inoguchi # @@ -786,40 +786,6 @@ __EOF__ -out $sv_ecdsa_csr.verify.out check_exit_status $? - # GOST certificate - - sv_gost_key=$server_dir/sv_gost_key.pem - sv_gost_csr=$server_dir/sv_gost_csr.pem - sv_gost_pass=test-gost-pass - - if [ $mingw = 0 ] ; then - subj='/C=JP/ST=Tokyo/O=TEST_DUMMY_COMPANY/CN=gost.test-dummy.com/' - else - subj='//C=JP\ST=Tokyo\O=TEST_DUMMY_COMPANY\CN=gost.test-dummy.com\' - fi - - start_message "genpkey ... generate server key#4" - - $openssl_bin genpkey -algorithm GOST2001 -pkeyopt paramset:A \ - -pkeyopt dgst:streebog512 -out $sv_gost_key - check_exit_status $? - - start_message "req ... generate server csr#4" - - $openssl_bin req -new -subj $subj -streebog512 \ - -key $sv_gost_key -keyform pem -passin pass:$sv_gost_pass \ - -addext 'subjectAltName = DNS:gost.test-dummy.com' \ - -out $sv_gost_csr -outform pem - check_exit_status $? - - start_message "req ... verify server csr#4" - - $openssl_bin req -verify -in $sv_gost_csr -inform pem \ - -newhdr -noout -pubkey -subject -modulus -text \ - -nameopt multiline -reqopt compatible \ - -out $sv_gost_csr.verify.out - check_exit_status $? - #---------#---------#---------#---------#---------#---------#--------- # --- CA operations (issue cert for server) --- @@ -923,13 +889,6 @@ __EOF__ -in $sv_ecdsa_csr -out $sv_ecdsa_cert > $sv_ecdsa_cert.log 2>&1 check_exit_status $? - start_message "ca ... issue cert for server csr#4" - - sv_gost_cert=$server_dir/sv_gost_cert.pem - $openssl_bin ca -batch -cert $ca_cert -keyfile $ca_key -key $ca_pass \ - -in $sv_gost_csr -out $sv_gost_cert > $sv_gost_cert.log 2>&1 - check_exit_status $? - #---------#---------#---------#---------#---------#---------#--------- # --- CA operations (revoke cert and generate crl) --- @@ -1084,27 +1043,6 @@ __EOF__ -out $cl_ecdsa_csr -outform pem check_exit_status $? - start_message "req ... generate private key and csr for user3" - - cl_gost_key=$user1_dir/cl_gost_key.pem - cl_gost_csr=$user1_dir/cl_gost_csr.pem - cl_gost_pass=test-user1-pass - - if [ $mingw = 0 ] ; then - subj='/C=JP/ST=Tokyo/O=TEST_DUMMY_COMPANY/CN=user3.test-dummy.com/' - else - subj='//C=JP\ST=Tokyo\O=TEST_DUMMY_COMPANY\CN=user3.test-dummy.com\' - fi - - $openssl_bin genpkey -algorithm GOST2001 -pkeyopt paramset:A \ - -pkeyopt dgst:streebog512 -out $cl_gost_key - check_exit_status $? - - $openssl_bin req -new -subj $subj -streebog512 \ - -key $cl_gost_key -keyform pem -passin pass:$cl_gost_pass \ - -out $cl_gost_csr -outform pem - check_exit_status $? - #---------#---------#---------#---------#---------#---------#--------- # --- CA operations (issue cert for user1) --- @@ -1123,13 +1061,6 @@ __EOF__ $openssl_bin ca -batch -cert $ca_cert -keyfile $ca_key -key $ca_pass \ -in $cl_ecdsa_csr -out $cl_ecdsa_cert > $cl_ecdsa_cert.log 2>&1 check_exit_status $? - - start_message "ca ... issue cert for user3" - - cl_gost_cert=$user1_dir/cl_gost_cert.pem - $openssl_bin ca -batch -cert $ca_cert -keyfile $ca_key -key $ca_pass \ - -in $cl_gost_csr -out $cl_gost_cert > $cl_gost_cert.log 2>&1 - check_exit_status $? } function test_tsa { @@ -1530,10 +1461,6 @@ function test_sc_by_protocol_version { msg=$3 cid=$4 - if [ $gost_tests = 1 ] && [ $ver = "tls1_3" -o $sc != 00 ] ; then - return - fi - groups_and_cipher="" if [ $ver = "tls1_3" ] ; then # Expect HelloRetryRequest @@ -1596,10 +1523,6 @@ function test_sc_all_cipher { sc=$1 ver=$2 - if [ $gost_tests = 1 ] && [ $ver = "tls1_3" -o $sc != 00 ] ; then - return - fi - copt=cipher ciphers=$user1_dir/ciphers_${sc}_${ver} @@ -1616,8 +1539,6 @@ function test_sc_all_cipher { if [ $s_id = "0" ] ; then if [ $ecdsa_tests = 1 ] ; then cipher_string="ECDSA+TLSv1.2:!TLSv1.3" - elif [ $gost_tests = 1 ] ; then - cipher_string="kGOST:!NULL:!TLSv1.3" else cipher_string="ALL:!ECDSA:!kGOST:!TLSv1.3" fi @@ -1629,8 +1550,6 @@ function test_sc_all_cipher { if [ $c_id = "0" ] ; then if [ $ecdsa_tests = 1 ] ; then cipher_string="ECDSA+TLSv1.2:!TLSv1.3" - elif [ $gost_tests = 1 ] ; then - cipher_string="kGOST:!NULL:!TLSv1.3" else cipher_string="ALL:!ECDSA:!kGOST:!TLSv1.3" fi @@ -1665,10 +1584,6 @@ function test_sc_session_reuse { sc=$1 ver=$2 - if [ $gost_tests = 1 ] && [ $ver = "tls1_3" -o $sc != 00 ] ; then - return - fi - sess_dat=$user1_dir/s_client_${sc}_${ver}_sess.dat # Get session ticket to reuse @@ -1716,10 +1631,6 @@ function test_sc_verify { sc=$1 ver=$2 - if [ $gost_tests = 1 ] && [ $ver = "tls1_3" -o $sc != 00 ] ; then - return - fi - # invalid verification pattern s_client_out=$user1_dir/s_client_${sc}_${ver}_tls_invalid.out @@ -1750,11 +1661,6 @@ function test_sc_verify { crt=$cl_ecdsa_cert key=$cl_ecdsa_key pwd=$cl_ecdsa_pass - elif [ $gost_tests = 1 ] ; then - echo "Using GOST client certificate" - crt=$cl_gost_cert - key=$cl_gost_key - pwd=$cl_gost_pass else echo "Using RSA client certificate" crt=$cl_rsa_cert @@ -1806,11 +1712,6 @@ function test_server_client { crt=$sv_ecdsa_cert key=$sv_ecdsa_key pwd=$sv_ecdsa_pass - elif [ $gost_tests = 1 ] ; then - echo "Using GOST certificate" - crt=$sv_gost_cert - key=$sv_gost_key - pwd=$sv_gost_pass else echo "Using RSA certificate" crt=$sv_rsa_cert @@ -1846,14 +1747,6 @@ function test_server_client { test_sc_verify $sc tls1_2 test_sc_verify $sc tls1_3 - # s_time - if [ $gost_tests != 1 ] ; then - start_message "s_time ... connect to TLS/SSL test server" - $c_bin s_time -connect $host:$port -CApath $ca_dir -time 1 \ - > $server_dir/s_time_${sc}.log - check_exit_status $? - fi - stop_s_server } @@ -1891,11 +1784,6 @@ function test_server_client_dtls { crt=$sv_ecdsa_cert key=$sv_ecdsa_key pwd=$sv_ecdsa_pass - elif [ $gost_tests = 1 ] ; then - echo "Using GOST certificate" - crt=$sv_gost_cert - key=$sv_gost_key - pwd=$sv_gost_pass else echo "Using RSA certificate" crt=$sv_rsa_cert @@ -1949,11 +1837,6 @@ function test_gnutls { crt=$sv_ecdsa_cert key=$sv_ecdsa_key sni=ecdsa.test-dummy.com - elif [ $gost_tests = 1 ] ; then - echo "Using GOST certificate" - crt=$sv_gost_cert - key=$sv_gost_key - sni=gost.test-dummy.com else echo "Using RSA certificate" crt=$sv_rsa_cert @@ -2036,7 +1919,6 @@ other_openssl_bin=${OTHER_OPENSSL:-/usr/local/bin/eopenssl11} other_openssl_version=`$other_openssl_bin version | cut -b 1-10` ecdsa_tests=0 -gost_tests=0 interop_tests=0 gnutls_tests=0 no_long_tests=0 @@ -2045,10 +1927,8 @@ while [ "$1" != "" ]; do case $1 in -e | --ecdsa) shift ecdsa_tests=1 - gost_tests=0 ;; -g | --gost) shift - gost_tests=1 ecdsa_tests=0 ;; -i | --interop) shift diff --git a/sbin/iked/iked.h b/sbin/iked/iked.h index 5b65a16bc..41720d397 100644 --- a/sbin/iked/iked.h +++ b/sbin/iked/iked.h @@ -1,4 +1,4 @@ -/* $OpenBSD: iked.h,v 1.229 2024/02/15 20:10:45 tobhe Exp $ */ +/* $OpenBSD: iked.h,v 1.230 2024/03/02 16:16:07 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider @@ -656,6 +656,7 @@ struct iked_message { struct iked_addr *msg_cp_addr; /* requested address */ struct iked_addr *msg_cp_addr6; /* requested address */ struct iked_addr *msg_cp_dns; /* requested dns */ + uint16_t msg_frag_num; /* MOBIKE */ int msg_update_sa_addresses; @@ -1130,7 +1131,7 @@ struct iked_socket * int ikev2_msg_enqueue(struct iked *, struct iked_msgqueue *, struct iked_message *, int); int ikev2_msg_retransmit_response(struct iked *, struct iked_sa *, - struct iked_message *, uint8_t); + struct iked_message *, struct ike_header *); void ikev2_msg_prevail(struct iked *, struct iked_msgqueue *, struct iked_message *); void ikev2_msg_dispose(struct iked *, struct iked_msgqueue *, @@ -1143,6 +1144,8 @@ struct iked_msg_retransmit * /* ikev2_pld.c */ int ikev2_pld_parse(struct iked *, struct ike_header *, struct iked_message *, size_t); +int ikev2_pld_parse_quick(struct iked *, struct ike_header *, + struct iked_message *, size_t); /* eap.c */ int eap_parse(struct iked *, const struct iked_sa *, struct iked_message*, diff --git a/sbin/iked/ikev2.c b/sbin/iked/ikev2.c index 8bbbeb34b..d5cc0ed52 100644 --- a/sbin/iked/ikev2.c +++ b/sbin/iked/ikev2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2.c,v 1.384 2024/02/15 19:11:00 tobhe Exp $ */ +/* $OpenBSD: ikev2.c,v 1.385 2024/03/02 16:16:07 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider @@ -756,8 +756,8 @@ ikev2_recv(struct iked *env, struct iked_message *msg) * See if we have responded to this request before * For return values 0 and -1 we have. */ - if ((r = ikev2_msg_retransmit_response(env, sa, msg, - hdr->ike_exchange)) != -2) { + if ((r = ikev2_msg_retransmit_response(env, sa, msg, hdr)) + != -2) { if (r == -1) { log_warn("%s: failed to retransmit a " "response", __func__); diff --git a/sbin/iked/ikev2_msg.c b/sbin/iked/ikev2_msg.c index 8e0f74889..15ef28251 100644 --- a/sbin/iked/ikev2_msg.c +++ b/sbin/iked/ikev2_msg.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2_msg.c,v 1.100 2023/08/04 19:06:25 claudio Exp $ */ +/* $OpenBSD: ikev2_msg.c,v 1.101 2024/03/02 16:16:07 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider @@ -1275,15 +1275,25 @@ ikev2_msg_lookup(struct iked *env, struct iked_msgqueue *queue, int ikev2_msg_retransmit_response(struct iked *env, struct iked_sa *sa, - struct iked_message *msg, uint8_t exchange) + struct iked_message *msg, struct ike_header *hdr) { struct iked_msg_retransmit *mr = NULL; - struct iked_message *m = NULL; + struct iked_message *m = NULL; - if ((mr = ikev2_msg_lookup(env, &sa->sa_responses, msg, exchange)) - == NULL) + if ((mr = ikev2_msg_lookup(env, &sa->sa_responses, msg, + hdr->ike_exchange)) == NULL) return (-2); /* not found */ + if (hdr->ike_nextpayload == IKEV2_PAYLOAD_SKF) { + /* only retransmit for fragment number one */ + if (ikev2_pld_parse_quick(env, hdr, msg, + msg->msg_offset) != 0 || msg->msg_frag_num != 1) { + log_debug("%s: ignoring fragment", SPI_SA(sa, __func__)); + return (0); + } + log_debug("%s: first fragment", SPI_SA(sa, __func__)); + } + TAILQ_FOREACH(m, &mr->mrt_frags, msg_entry) { if (sendtofrom(m->msg_fd, ibuf_data(m->msg_data), ibuf_size(m->msg_data), 0, @@ -1295,7 +1305,7 @@ ikev2_msg_retransmit_response(struct iked *env, struct iked_sa *sa, } log_info("%sretransmit %s res %u local %s peer %s", SPI_SA(sa, NULL), - print_map(exchange, ikev2_exchange_map), + print_map(hdr->ike_exchange, ikev2_exchange_map), m->msg_msgid, print_addr(&m->msg_local), print_addr(&m->msg_peer)); diff --git a/sbin/iked/ikev2_pld.c b/sbin/iked/ikev2_pld.c index f207fbfc3..1fb5f3054 100644 --- a/sbin/iked/ikev2_pld.c +++ b/sbin/iked/ikev2_pld.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2_pld.c,v 1.133 2023/09/02 18:36:30 tobhe Exp $ */ +/* $OpenBSD: ikev2_pld.c,v 1.134 2024/03/02 16:16:07 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider @@ -2103,3 +2103,79 @@ ikev2_pld_eap(struct iked *env, struct ikev2_payload *pld, return (0); } + +/* parser for the initial IKE_AUTH payload, does not require msg_sa */ +int +ikev2_pld_parse_quick(struct iked *env, struct ike_header *hdr, + struct iked_message *msg, size_t offset) +{ + struct ikev2_payload pld; + struct ikev2_frag_payload frag; + uint8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t *buf; + size_t len, total, left; + size_t length; + unsigned int payload; + + log_debug("%s: header ispi %s rspi %s" + " nextpayload %s version 0x%02x exchange %s flags 0x%02x" + " msgid %d length %u response %d", __func__, + print_spi(betoh64(hdr->ike_ispi), 8), + print_spi(betoh64(hdr->ike_rspi), 8), + print_map(hdr->ike_nextpayload, ikev2_payload_map), + hdr->ike_version, + print_map(hdr->ike_exchange, ikev2_exchange_map), + hdr->ike_flags, + betoh32(hdr->ike_msgid), + betoh32(hdr->ike_length), + msg->msg_response); + + length = betoh32(hdr->ike_length); + + if (ibuf_size(msg->msg_data) < length) { + log_debug("%s: short message", __func__); + return (-1); + } + + offset += sizeof(*hdr); + + /* Bytes left in datagram. */ + total = length - offset; + + payload = hdr->ike_nextpayload; + + while (payload != 0 && offset < length) { + if (ikev2_validate_pld(msg, offset, total, &pld)) + return (-1); + + log_debug("%s: %spayload %s" + " nextpayload %s critical 0x%02x length %d", + __func__, msg->msg_e ? "decrypted " : "", + print_map(payload, ikev2_payload_map), + print_map(pld.pld_nextpayload, ikev2_payload_map), + pld.pld_reserved & IKEV2_CRITICAL_PAYLOAD, + betoh16(pld.pld_length)); + + /* Skip over generic payload header. */ + offset += sizeof(pld); + total -= sizeof(pld); + left = betoh16(pld.pld_length) - sizeof(pld); + + switch (payload) { + case IKEV2_PAYLOAD_SKF: + len = left; + buf = msgbuf + offset; + if (len < sizeof(frag)) + return (-1); + memcpy(&frag, buf, sizeof(frag)); + msg->msg_frag_num = betoh16(frag.frag_num); + break; + } + + payload = pld.pld_nextpayload; + offset += left; + total -= left; + } + + return (0); +} diff --git a/sbin/iked/version.h b/sbin/iked/version.h index d2b64228d..63f210890 100644 --- a/sbin/iked/version.h +++ b/sbin/iked/version.h @@ -1,3 +1,3 @@ -/* $OpenBSD: version.h,v 1.3 2022/11/26 17:12:11 tobhe Exp $ */ +/* $OpenBSD: version.h,v 1.4 2024/03/02 15:55:58 tobhe Exp $ */ -#define IKED_VERSION "7.2" +#define IKED_VERSION "7.4" diff --git a/sys/dev/ic/qwx.c b/sys/dev/ic/qwx.c index ab426012d..bd7aff150 100644 --- a/sys/dev/ic/qwx.c +++ b/sys/dev/ic/qwx.c @@ -1,4 +1,4 @@ -/* $OpenBSD: qwx.c,v 1.54 2024/02/29 11:45:47 stsp Exp $ */ +/* $OpenBSD: qwx.c,v 1.57 2024/03/02 15:18:57 stsp Exp $ */ /* * Copyright 2023 Stefan Sperling @@ -151,6 +151,7 @@ int qwx_dp_tx_send_reo_cmd(struct qwx_softc *, struct dp_rx_tid *, enum hal_reo_cmd_type , struct ath11k_hal_reo_cmd *, void (*func)(struct qwx_dp *, void *, enum hal_reo_cmd_status)); void qwx_dp_rx_deliver_msdu(struct qwx_softc *, struct qwx_rx_msdu *); +void qwx_dp_service_mon_ring(void *); int qwx_scan(struct qwx_softc *); void qwx_scan_abort(struct qwx_softc *); @@ -272,6 +273,8 @@ qwx_stop(struct ifnet *ifp) rw_assert_wrlock(&sc->ioctl_rwl); + timeout_del(&sc->mon_reap_timer); + /* Disallow new tasks. */ set_bit(ATH11K_FLAG_CRASH_FLUSH, sc->sc_flags); @@ -13060,10 +13063,10 @@ qwx_wmi_tlv_op_rx(struct qwx_softc *sc, struct mbuf *m) case WMI_PEER_ASSOC_CONF_EVENTID: qwx_peer_assoc_conf_event(sc, m); break; -#if 0 case WMI_UPDATE_STATS_EVENTID: - ath11k_update_stats_event(ab, skb); + /* ignore */ break; +#if 0 case WMI_PDEV_CTL_FAILSAFE_CHECK_EVENTID: ath11k_pdev_ctl_failsafe_check_event(ab, skb); break; @@ -13899,8 +13902,8 @@ qwx_peer_unmap_event(struct qwx_softc *sc, uint16_t peer_id) goto exit; } - DPRINTF(QWX_D_HTT, "%s: peer unmap vdev %d peer %s id %d\n", - __func__, peer->vdev_id, ether_sprintf(ni->ni_macaddr), peer_id); + DNPRINTF(QWX_D_HTT, "%s: peer unmap peer %s id %d\n", + __func__, ether_sprintf(ni->ni_macaddr), peer_id); #if 0 list_del(&peer->list); kfree(peer); @@ -14130,11 +14133,7 @@ qwx_dp_rx_pdev_srng_alloc(struct qwx_softc *sc) * init reap timer for QCA6390. */ if (!sc->hw_params.rxdma1_enable) { -#if 0 - //init mon status buffer reap timer - timer_setup(&ar->ab->mon_reap_timer, - ath11k_dp_service_mon_ring, 0); -#endif + timeout_set(&sc->mon_reap_timer, qwx_dp_service_mon_ring, sc); return 0; } #if 0 @@ -14835,6 +14834,8 @@ qwx_dp_pdev_free(struct qwx_softc *sc) { int i; + timeout_del(&sc->mon_reap_timer); + for (i = 0; i < sc->num_radios; i++) qwx_dp_rx_pdev_free(sc, i); } @@ -16541,7 +16542,6 @@ qwx_dp_rx_process_mon_status(struct qwx_softc *sc, int mac_id) struct hal_rx_mon_ppdu_info *ppdu_info = &pmon->mon_ppdu_info; num_buffs_reaped = qwx_dp_rx_reap_mon_status_ring(sc, mac_id, &ml); - printf("%s: processing %d packets\n", __func__, num_buffs_reaped); if (!num_buffs_reaped) goto exit; @@ -16629,6 +16629,18 @@ qwx_dp_rx_process_mon_rings(struct qwx_softc *sc, int mac_id) return ret; } +void +qwx_dp_service_mon_ring(void *arg) +{ + struct qwx_softc *sc = arg; + int i; + + for (i = 0; i < sc->hw_params.num_rxmda_per_pdev; i++) + qwx_dp_rx_process_mon_rings(sc, i); + + timeout_add(&sc->mon_reap_timer, ATH11K_MON_TIMER_INTERVAL); +} + int qwx_dp_process_rxdma_err(struct qwx_softc *sc, int mac_id) { @@ -21747,7 +21759,7 @@ qwx_mac_config_mon_status_default(struct qwx_softc *sc, int enable) if (enable) tlv_filter = qwx_mac_mon_status_filter_default; -#if 0 +#if 0 /* mon status info is not useful and the code triggers mbuf corruption */ for (i = 0; i < sc->hw_params.num_rxmda_per_pdev; i++) { ring = &sc->pdev_dp.rx_mon_status_refill_ring[i]; ret = qwx_dp_tx_htt_rx_filter_setup(sc, @@ -21756,11 +21768,11 @@ qwx_mac_config_mon_status_default(struct qwx_softc *sc, int enable) if (ret) return ret; } -#endif -#if 0 - if (enable && !ar->ab->hw_params.rxdma1_enable) - mod_timer(&ar->ab->mon_reap_timer, jiffies + - msecs_to_jiffies(ATH11K_MON_TIMER_INTERVAL)); + + if (enable && !sc->hw_params.rxdma1_enable) { + timeout_add_msec(&sc->mon_reap_timer, + ATH11K_MON_TIMER_INTERVAL); + } #endif return ret; } @@ -24527,7 +24539,7 @@ qwx_deauth(struct qwx_softc *sc) return ret; DNPRINTF(QWX_D_MAC, "%s: disassociated from bssid %s aid %d\n", - __func__, arvif->vdev_id, ether_sprintf(ni->ni_bssid), arvif->aid); + __func__, ether_sprintf(ni->ni_bssid), arvif->aid); return 0; } diff --git a/sys/dev/ic/qwxvar.h b/sys/dev/ic/qwxvar.h index 694ce81a0..eb08272d3 100644 --- a/sys/dev/ic/qwxvar.h +++ b/sys/dev/ic/qwxvar.h @@ -1,4 +1,4 @@ -/* $OpenBSD: qwxvar.h,v 1.23 2024/02/24 15:21:39 cheloha Exp $ */ +/* $OpenBSD: qwxvar.h,v 1.24 2024/03/02 15:18:57 stsp Exp $ */ /* * Copyright (c) 2018-2019 The Linux Foundation. @@ -1869,6 +1869,9 @@ struct qwx_softc { struct qwx_dmamem *m3_mem; + struct timeout mon_reap_timer; +#define ATH11K_MON_TIMER_INTERVAL 10 + /* Provided by attachment driver: */ struct qwx_ops ops; bus_dma_tag_t sc_dmat; diff --git a/usr.bin/mktemp/mktemp.1 b/usr.bin/mktemp/mktemp.1 index 20cd5ec5a..e5095b5d2 100644 --- a/usr.bin/mktemp/mktemp.1 +++ b/usr.bin/mktemp/mktemp.1 @@ -1,6 +1,6 @@ -.\" $OpenBSD: mktemp.1,v 1.31 2022/03/31 17:27:25 naddy Exp $ +.\" $OpenBSD: mktemp.1,v 1.33 2024/03/01 23:37:42 millert Exp $ .\" -.\" Copyright (c) 1996, 2000, 2001, 2003, 2010, 2013 +.\" Copyright (c) 1996, 2000, 2001, 2003, 2010, 2013, 2024 .\" Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: March 31 2022 $ +.Dd $Mdocdate: March 1 2024 $ .Dt MKTEMP 1 .Os .Sh NAME @@ -36,9 +36,15 @@ The .Ar template may be any filename with at least six .Ql X Ns s -appended -to it, for example -.Pa /tmp/tfile.XXXXXXXXXX . +in the last component of the filename, for example +.Pa /tmp/tfile.XXXXXXXXXX +or +.Pa /tmp/editor.XXXXXXXXXX.txt . +If there is more than one run of +.Ql X Ns s +in the +.Ar template , +only the last one will be considered. If no .Ar template is specified, a default of @@ -47,7 +53,7 @@ is used and the .Fl t flag is implied (see below). .Pp -The trailing +The final .Ql X Ns s are replaced with a unique digit and letter combination. The name chosen depends both on the number of diff --git a/usr.bin/mktemp/mktemp.c b/usr.bin/mktemp/mktemp.c index 188fac101..f4ccbe0ca 100644 --- a/usr.bin/mktemp/mktemp.c +++ b/usr.bin/mktemp/mktemp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mktemp.c,v 1.25 2019/06/28 05:35:34 deraadt Exp $ */ +/* $OpenBSD: mktemp.c,v 1.26 2024/03/01 21:50:40 millert Exp $ */ /* * Copyright (c) 1996, 1997, 2001-2003, 2013 @@ -35,8 +35,8 @@ int main(int argc, char *argv[]) { int ch, fd, uflag = 0, tflag = 0, makedir = 0; - char *cp, *template, *tempfile, *prefix = _PATH_TMP; - size_t len; + char *base, *cp, *template, *tempfile, *prefix = _PATH_TMP; + size_t len, suffixlen = 0; if (pledge("stdio rpath wpath cpath", NULL) == -1) err(1, "pledge"); @@ -76,13 +76,26 @@ main(int argc, char *argv[]) usage(); } - len = strlen(template); - if (len < 6 || strcmp(&template[len - 6], "XXXXXX")) { + base = strrchr(template, '/'); + if (base != NULL) + base++; + else + base = template; + len = strlen(base); + if (len > 0 && base[len - 1] != 'X') { + /* Check for suffix, e.g. /tmp/XXXXXX.foo in last component. */ + for (suffixlen = 0; suffixlen < len; suffixlen++) { + if (base[len - suffixlen - 1] == 'X') + break; + } + } + if (len - suffixlen < 6 || + strncmp(&base[len - suffixlen - 6], "XXXXXX", 6)) { fatalx("insufficient number of Xs in template `%s'", template); } if (tflag) { - if (strchr(template, '/')) { + if (base != template) { fatalx("template must not contain directory " "separators in -t mode"); } @@ -103,12 +116,12 @@ main(int argc, char *argv[]) fatalx("cannot allocate memory"); if (makedir) { - if (mkdtemp(tempfile) == NULL) + if (mkdtemps(tempfile, suffixlen) == NULL) fatal("cannot make temp dir %s", tempfile); if (uflag) (void)rmdir(tempfile); } else { - if ((fd = mkstemp(tempfile)) == -1) + if ((fd = mkstemps(tempfile, suffixlen)) == -1) fatal("cannot make temp file %s", tempfile); (void)close(fd); if (uflag) @@ -118,7 +131,7 @@ main(int argc, char *argv[]) (void)puts(tempfile); free(tempfile); - exit(EXIT_SUCCESS); + return EXIT_SUCCESS; } __dead void