SecBSD/src
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sync with OpenBSD -current

Browse source
This commit is contained in:
purplerain 2024-03-02 19:33:09 +00:00
parent efa57bf0d2
commit d178ff6848
Signed by: purplerain
GPG key ID: F42C07F07E2E35B7
153 changed files with 982 additions and 11182 deletions
Download patch file Download diff file Expand all files Collapse all files

4
distrib/notes/arm64/contents
View file

@ -1,4 +1,4 @@
dnl $OpenBSD: contents,v 1.8 2023/10/26 14:29:13 deraadt Exp $
dnl $OpenBSD: contents,v 1.9 2024/03/02 10:14:31 jsg Exp $
TopPart
OpenBSDminiroot
@ -13,6 +13,8 @@ OpenBSDrd
OpenBSDinstalliso
OpenBSDinstallfs
OpenBSDcd
DistributionDescription(eight)

12
distrib/sets/lists/base/mi
View file

@ -722,9 +722,9 @@
./usr/lib/crtendS.o
./usr/lib/gcrt0.o
./usr/lib/libagentx.so.1.1
./usr/lib/libc.so.98.0
./usr/lib/libc.so.99.0
./usr/lib/libcbor.so.2.0
./usr/lib/libcrypto.so.52.0
./usr/lib/libcrypto.so.53.0
./usr/lib/libcurses.so.15.0
./usr/lib/libedit.so.6.0
./usr/lib/libelf.so.3.0
@ -753,10 +753,10 @@
./usr/lib/librpcsvc.so.3.0
./usr/lib/libskey.so.6.0
./usr/lib/libsndio.so.7.2
./usr/lib/libssl.so.55.0
./usr/lib/libssl.so.56.0
./usr/lib/libtermcap.so.15.0
./usr/lib/libtermlib.so.15.0
./usr/lib/libtls.so.28.0
./usr/lib/libtls.so.29.0
./usr/lib/libusbhid.so.7.1
./usr/lib/libutil.so.18.0
./usr/lib/libz.so.7.0
@ -2955,8 +2955,8 @@
./usr/share/relink/kernel.tgz
./usr/share/relink/usr
./usr/share/relink/usr/lib
./usr/share/relink/usr/lib/libc.so.98.0.a
./usr/share/relink/usr/lib/libcrypto.so.52.0.a
./usr/share/relink/usr/lib/libc.so.99.0.a
./usr/share/relink/usr/lib/libcrypto.so.53.0.a
./usr/share/relink/usr/libexec
./usr/share/relink/usr/libexec/ld.so.a
./usr/share/relink/usr/sbin

2
distrib/sets/lists/comp/mi
View file

@ -1131,7 +1131,6 @@
./usr/include/openssl/engine.h
./usr/include/openssl/err.h
./usr/include/openssl/evp.h
./usr/include/openssl/gost.h
./usr/include/openssl/hkdf.h
./usr/include/openssl/hmac.h
./usr/include/openssl/idea.h
@ -2721,7 +2720,6 @@
./usr/share/man/man3/legacy_coding.3
./usr/share/man/man3/lgamma.3
./usr/share/man/man3/lh_new.3
./usr/share/man/man3/lh_stats.3
./usr/share/man/man3/link_ntoa.3
./usr/share/man/man3/lldiv.3
./usr/share/man/man3/localeconv.3

3
include/stdlib.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: stdlib.h,v 1.76 2019/05/10 15:03:24 otto Exp $ */
/* $OpenBSD: stdlib.h,v 1.77 2024/03/01 21:30:40 millert Exp $ */
/* $NetBSD: stdlib.h,v 1.25 1995/12/27 21:19:08 jtc Exp $ */
/*-
@ -289,6 +289,7 @@ void setprogname(const char *);
extern char *suboptarg; /* getsubopt(3) external variable */
char * mkdtemps(char *, int);
int mkstemps(char *, int);
int mkostemps(char *, int, int);

1
lib/libc/Symbols.list
View file

@ -1410,6 +1410,7 @@ getw
getwc
getwchar
mkdtemp
mkdtemps
mkostemp
mkostemps
mkstemp

1
lib/libc/arch/m88k/Symbols.list
View file

@ -3,6 +3,7 @@ __mcount
__modsi3
__udivsi3
__umodsi3
fabsl
frexpl
ldexpl
modfl

11
lib/libc/arch/m88k/gen/fabs.S
View file

@ -1,4 +1,4 @@
/* $OpenBSD: fabs.S,v 1.11 2013/01/11 21:23:24 miod Exp $ */
/* $OpenBSD: fabs.S,v 1.13 2024/03/02 16:51:00 miod Exp $ */
/*-
* Copyright (c) 1996 Nivas Madhur
* All rights reserved.
@ -35,13 +35,8 @@
* Will work only if the argument passed is in IEEE format!
*/
STRONG_ALIAS(fabsl, fabs)
ENTRY(fabs)
subu %r31,%r31,16
st.d %r2,%r31,0
ld.bu %r4,%r31,0
mask %r4,%r4,0x7f /* set sign bit to 0 */
st.b %r4,%r31,0
ld.d %r2,%r31,0
jmp.n %r1
addu %r31,%r31,16
and.u %r2, %r2, 0x7fff /* set sign bit to 0 */
END(fabs)

3
lib/libc/hidden/stdlib.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: stdlib.h,v 1.19 2024/01/19 19:45:02 millert Exp $ */
/* $OpenBSD: stdlib.h,v 1.20 2024/03/01 21:30:40 millert Exp $ */
/* $NetBSD: stdlib.h,v 1.25 1995/12/27 21:19:08 jtc Exp $ */
/*-
@ -116,6 +116,7 @@ PROTO_STD_DEPRECATED(mbstowcs);
PROTO_STD_DEPRECATED(mbtowc);
PROTO_DEPRECATED(mergesort);
PROTO_DEPRECATED(mkdtemp);
PROTO_DEPRECATED(mkdtemps);
PROTO_NORMAL(mkostemp);
PROTO_DEPRECATED(mkostemps);
PROTO_NORMAL(mkstemp);

2
lib/libc/shlib_version
View file

@ -1,4 +1,4 @@
major=98
major=99
minor=0
# note: If changes were made to include/thread_private.h or if system calls
# were added/changed then librthread/shlib_version must also be updated.

10
lib/libc/stdlib/mkdtemp.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: mkdtemp.c,v 1.1 2024/01/19 19:45:02 millert Exp $ */
/* $OpenBSD: mkdtemp.c,v 1.2 2024/03/01 21:30:40 millert Exp $ */
/*
* Copyright (c) 2024 Todd C. Miller
*
@ -31,3 +31,11 @@ mkdtemp(char *path)
return path;
return NULL;
}
char *
mkdtemps(char *path, int slen)
{
if (__mktemp4(path, slen, 0, mkdtemp_cb) == 0)
return path;
return NULL;
}

30
lib/libc/stdlib/mktemp.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: mktemp.3,v 1.1 2024/01/19 16:30:28 millert Exp $
.\" $OpenBSD: mktemp.3,v 1.2 2024/03/01 21:30:40 millert Exp $
.\"
.\" Copyright (c) 1989, 1991, 1993
.\" The Regents of the University of California. All rights reserved.
@ -27,7 +27,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.Dd $Mdocdate: January 19 2024 $
.Dd $Mdocdate: March 1 2024 $
.Dt MKTEMP 3
.Os
.Sh NAME
@ -36,7 +36,8 @@
.Nm mkostemp ,
.Nm mkstemps ,
.Nm mkostemps ,
.Nm mkdtemp
.Nm mkdtemp ,
.Nm mkdtemps
.Nd make temporary file name (unique)
.Sh SYNOPSIS
.In stdlib.h
@ -48,6 +49,8 @@
.Fn mkstemps "char *template" "int suffixlen"
.Ft char *
.Fn mkdtemp "char *template"
.Ft char *
.Fn mkdtemps "char *template" "int suffixlen"
.In stdlib.h
.In fcntl.h
.Ft int
@ -142,11 +145,19 @@ The
function makes the same replacement to the template as in
.Fn mktemp
and creates the template directory, mode 0700.
The
.Fn mkdtemps
function acts the same as
.Fn mkdtemp ,
except that it permits a suffix to exist in the template,
similar to
.Fn mkstemps .
.Sh RETURN VALUES
The
.Fn mktemp
.Fn mktemp ,
.Fn mkdtemp ,
and
.Fn mkdtemp
.Fn mkdtemps
functions return a pointer to the template on success and
.Dv NULL
on failure.
@ -356,9 +367,10 @@ as of
it is no longer a part of the standard.
.Pp
The
.Fn mkstemps
.Fn mkstemps ,
.Fn mkostemps ,
and
.Fn mkostemps
.Fn mkdtemps
functions are non-standard and should not be used if portability is required.
.Sh HISTORY
A
@ -383,6 +395,10 @@ and
.Fn mkostemps
functions appeared in
.Ox 5.7 .
The
.Fn mkdtemps
function appeared in
.Ox 7.5 .
.Sh BUGS
For
.Fn mktemp

29
lib/libcrypto/Makefile
View file

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.168 2024/02/18 16:28:37 tb Exp $
# $OpenBSD: Makefile,v 1.174 2024/03/02 13:39:28 tb Exp $
LIB= crypto
LIBREBUILD=y
@ -40,11 +40,13 @@ CFLAGS+= -I${LCRYPTO_SRC}/evp
CFLAGS+= -I${LCRYPTO_SRC}/hidden
CFLAGS+= -I${LCRYPTO_SRC}/hmac
CFLAGS+= -I${LCRYPTO_SRC}/kdf
CFLAGS+= -I${LCRYPTO_SRC}/lhash
CFLAGS+= -I${LCRYPTO_SRC}/modes
CFLAGS+= -I${LCRYPTO_SRC}/ocsp
CFLAGS+= -I${LCRYPTO_SRC}/pkcs12
CFLAGS+= -I${LCRYPTO_SRC}/rsa
CFLAGS+= -I${LCRYPTO_SRC}/sha
CFLAGS+= -I${LCRYPTO_SRC}/stack
CFLAGS+= -I${LCRYPTO_SRC}/ts
CFLAGS+= -I${LCRYPTO_SRC}/x509
@ -96,7 +98,6 @@ SRCS+= a_time_posix.c
SRCS+= a_time_tm.c
SRCS+= a_type.c
SRCS+= a_utf8.c
SRCS+= ameth_lib.c
SRCS+= asn1_err.c
SRCS+= asn1_gen.c
SRCS+= asn1_item.c
@ -349,7 +350,6 @@ SRCS+= bio_b64.c
SRCS+= bio_enc.c
SRCS+= bio_md.c
SRCS+= e_aes.c
SRCS+= e_aes_cbc_hmac_sha1.c
SRCS+= e_bf.c
SRCS+= e_camellia.c
SRCS+= e_cast.c
@ -357,12 +357,10 @@ SRCS+= e_chacha.c
SRCS+= e_chacha20poly1305.c
SRCS+= e_des.c
SRCS+= e_des3.c
SRCS+= e_gost2814789.c
SRCS+= e_idea.c
SRCS+= e_null.c
SRCS+= e_rc2.c
SRCS+= e_rc4.c
SRCS+= e_rc4_hmac_md5.c
SRCS+= e_sm4.c
SRCS+= e_xcbc_d.c
SRCS+= evp_aead.c
@ -374,8 +372,6 @@ SRCS+= evp_key.c
SRCS+= evp_names.c
SRCS+= evp_pbe.c
SRCS+= evp_pkey.c
SRCS+= m_gost2814789.c
SRCS+= m_gostr341194.c
SRCS+= m_md4.c
SRCS+= m_md5.c
SRCS+= m_md5_sha1.c
@ -385,7 +381,6 @@ SRCS+= m_sha1.c
SRCS+= m_sha3.c
SRCS+= m_sigver.c
SRCS+= m_sm3.c
SRCS+= m_streebog.c
SRCS+= m_wp.c
SRCS+= p_legacy.c
SRCS+= p_lib.c
@ -395,22 +390,6 @@ SRCS+= pmeth_fn.c
SRCS+= pmeth_gn.c
SRCS+= pmeth_lib.c
# gost/
SRCS+= gost2814789.c
SRCS+= gost89_keywrap.c
SRCS+= gost89_params.c
SRCS+= gost89imit_ameth.c
SRCS+= gost89imit_pmeth.c
SRCS+= gost_asn1.c
SRCS+= gost_err.c
SRCS+= gostr341001.c
SRCS+= gostr341001_ameth.c
SRCS+= gostr341001_key.c
SRCS+= gostr341001_params.c
SRCS+= gostr341001_pmeth.c
SRCS+= gostr341194.c
SRCS+= streebog.c
# hkdf/
SRCS+= hkdf.c
@ -431,7 +410,6 @@ SRCS+= hkdf_evp.c
SRCS+= kdf_err.c
# lhash/
SRCS+= lh_stats.c
SRCS+= lhash.c
# md4/
@ -730,7 +708,6 @@ HDRS=\
${LCRYPTO_SRC}/engine/engine.h \
${LCRYPTO_SRC}/err/err.h \
${LCRYPTO_SRC}/evp/evp.h \
${LCRYPTO_SRC}/gost/gost.h \
${LCRYPTO_SRC}/hkdf/hkdf.h \
${LCRYPTO_SRC}/hmac/hmac.h \
${LCRYPTO_SRC}/idea/idea.h \

298
lib/libcrypto/Symbols.list
View file

@ -81,18 +81,6 @@ ASN1_OCTET_STRING_free
ASN1_OCTET_STRING_it
ASN1_OCTET_STRING_new
ASN1_OCTET_STRING_set
ASN1_PCTX_free
ASN1_PCTX_get_cert_flags
ASN1_PCTX_get_flags
ASN1_PCTX_get_nm_flags
ASN1_PCTX_get_oid_flags
ASN1_PCTX_get_str_flags
ASN1_PCTX_new
ASN1_PCTX_set_cert_flags
ASN1_PCTX_set_flags
ASN1_PCTX_set_nm_flags
ASN1_PCTX_set_oid_flags
ASN1_PCTX_set_str_flags
ASN1_PRINTABLESTRING_free
ASN1_PRINTABLESTRING_it
ASN1_PRINTABLESTRING_new
@ -103,8 +91,6 @@ ASN1_PRINTABLE_type
ASN1_SEQUENCE_ANY_it
ASN1_SEQUENCE_it
ASN1_SET_ANY_it
ASN1_STRING_TABLE_add
ASN1_STRING_TABLE_cleanup
ASN1_STRING_TABLE_get
ASN1_STRING_cmp
ASN1_STRING_copy
@ -143,7 +129,6 @@ ASN1_TIME_print
ASN1_TIME_set
ASN1_TIME_set_string
ASN1_TIME_set_string_X509
ASN1_TIME_set_tm
ASN1_TIME_to_generalizedtime
ASN1_TIME_to_tm
ASN1_TYPE_cmp
@ -175,7 +160,6 @@ ASN1_UTF8STRING_new
ASN1_VISIBLESTRING_free
ASN1_VISIBLESTRING_it
ASN1_VISIBLESTRING_new
ASN1_add_oid_module
ASN1_d2i_bio
ASN1_d2i_fp
ASN1_dup
@ -213,9 +197,7 @@ ASN1_put_eoc
ASN1_put_object
ASN1_tag2bit
ASN1_tag2str
ASN1_time_parse
ASN1_time_tm_clamp_notafter
ASN1_time_tm_cmp
ASRange_free
ASRange_it
ASRange_new
@ -251,11 +233,7 @@ BIO_ctrl_wpending
BIO_debug_callback
BIO_dgram_non_fatal_error
BIO_dump
BIO_dump_cb
BIO_dump_fp
BIO_dump_indent
BIO_dump_indent_cb
BIO_dump_indent_fp
BIO_dup_chain
BIO_f_base64
BIO_f_buffer
@ -337,7 +315,6 @@ BIO_s_log
BIO_s_mem
BIO_s_null
BIO_s_socket
BIO_set
BIO_set_callback
BIO_set_callback_arg
BIO_set_callback_ex
@ -350,7 +327,6 @@ BIO_set_next
BIO_set_retry_reason
BIO_set_shutdown
BIO_set_tcp_ndelay
BIO_snprintf
BIO_sock_cleanup
BIO_sock_error
BIO_sock_init
@ -361,8 +337,6 @@ BIO_socket_nbio
BIO_test_flags
BIO_up_ref
BIO_vfree
BIO_vprintf
BIO_vsnprintf
BIO_write
BN_CTX_end
BN_CTX_free
@ -433,11 +407,8 @@ BN_mask_bits
BN_mod_add
BN_mod_add_quick
BN_mod_exp
BN_mod_exp2_mont
BN_mod_exp_mont
BN_mod_exp_mont_consttime
BN_mod_exp_mont_word
BN_mod_exp_simple
BN_mod_inverse
BN_mod_lshift
BN_mod_lshift1
@ -507,7 +478,6 @@ CMAC_CTX_new
CMAC_Final
CMAC_Init
CMAC_Update
CMAC_resume
CMS_ContentInfo_free
CMS_ContentInfo_it
CMS_ContentInfo_new
@ -653,11 +623,7 @@ CONF_set_nconf
CRL_DIST_POINTS_free
CRL_DIST_POINTS_it
CRL_DIST_POINTS_new
CRYPTO_THREADID_cmp
CRYPTO_THREADID_cpy
CRYPTO_THREADID_current
CRYPTO_THREADID_get_callback
CRYPTO_THREADID_hash
CRYPTO_THREADID_set_callback
CRYPTO_THREADID_set_numeric
CRYPTO_THREADID_set_pointer
@ -679,16 +645,10 @@ CRYPTO_chacha_20
CRYPTO_cleanup_all_ex_data
CRYPTO_ctr128_encrypt
CRYPTO_ctr128_encrypt_ctr32
CRYPTO_dbg_free
CRYPTO_dbg_get_options
CRYPTO_dbg_malloc
CRYPTO_dbg_realloc
CRYPTO_dbg_set_options
CRYPTO_destroy_dynlockid
CRYPTO_dup_ex_data
CRYPTO_free
CRYPTO_free_ex_data
CRYPTO_free_locked
CRYPTO_gcm128_aad
CRYPTO_gcm128_decrypt
CRYPTO_gcm128_decrypt_ctr32
@ -709,24 +669,13 @@ CRYPTO_get_ex_data
CRYPTO_get_ex_new_index
CRYPTO_get_id_callback
CRYPTO_get_lock_name
CRYPTO_get_locked_mem_ex_functions
CRYPTO_get_locked_mem_functions
CRYPTO_get_locking_callback
CRYPTO_get_mem_debug_functions
CRYPTO_get_mem_debug_options
CRYPTO_get_mem_ex_functions
CRYPTO_get_mem_functions
CRYPTO_get_new_dynlockid
CRYPTO_get_new_lockid
CRYPTO_hchacha_20
CRYPTO_is_mem_check_on
CRYPTO_lock
CRYPTO_malloc
CRYPTO_malloc_locked
CRYPTO_mem_ctrl
CRYPTO_mem_leaks
CRYPTO_mem_leaks_cb
CRYPTO_mem_leaks_fp
CRYPTO_memcmp
CRYPTO_new_ex_data
CRYPTO_num_locks
@ -734,23 +683,13 @@ CRYPTO_ofb128_encrypt
CRYPTO_poly1305_finish
CRYPTO_poly1305_init
CRYPTO_poly1305_update
CRYPTO_pop_info
CRYPTO_push_info_
CRYPTO_realloc
CRYPTO_realloc_clean
CRYPTO_remalloc
CRYPTO_remove_all_info
CRYPTO_set_add_lock_callback
CRYPTO_set_dynlock_create_callback
CRYPTO_set_dynlock_destroy_callback
CRYPTO_set_dynlock_lock_callback
CRYPTO_set_ex_data
CRYPTO_set_id_callback
CRYPTO_set_locked_mem_ex_functions
CRYPTO_set_locked_mem_functions
CRYPTO_set_locking_callback
CRYPTO_set_mem_debug_functions
CRYPTO_set_mem_debug_options
CRYPTO_set_mem_ex_functions
CRYPTO_set_mem_functions
CRYPTO_strdup
@ -895,7 +834,6 @@ DSA_do_verify
DSA_dup_DH
DSA_free
DSA_generate_key
DSA_generate_parameters
DSA_generate_parameters_ex
DSA_get0_engine
DSA_get0_g
@ -1117,7 +1055,6 @@ ERR_get_error
ERR_get_error_line
ERR_get_error_line_data
ERR_get_next_error_library
ERR_get_state
ERR_lib_error_string
ERR_load_ASN1_strings
ERR_load_BIO_strings
@ -1131,7 +1068,6 @@ ERR_load_DSA_strings
ERR_load_EC_strings
ERR_load_ERR_strings
ERR_load_EVP_strings
ERR_load_GOST_strings
ERR_load_OBJ_strings
ERR_load_OCSP_strings
ERR_load_PEM_strings
@ -1212,12 +1148,10 @@ EVP_CIPHER_CTX_set_iv
EVP_CIPHER_CTX_set_key_length
EVP_CIPHER_CTX_set_padding
EVP_CIPHER_CTX_test_flags
EVP_CIPHER_asn1_to_param
EVP_CIPHER_block_size
EVP_CIPHER_do_all
EVP_CIPHER_do_all_sorted
EVP_CIPHER_flags
EVP_CIPHER_get_asn1_iv
EVP_CIPHER_iv_length
EVP_CIPHER_key_length
EVP_CIPHER_meth_dup
@ -1233,8 +1167,6 @@ EVP_CIPHER_meth_set_init
EVP_CIPHER_meth_set_iv_length
EVP_CIPHER_meth_set_set_asn1_params
EVP_CIPHER_nid
EVP_CIPHER_param_to_asn1
EVP_CIPHER_set_asn1_iv
EVP_CIPHER_type
EVP_Cipher
EVP_CipherFinal
@ -1295,29 +1227,11 @@ EVP_MD_block_size
EVP_MD_do_all
EVP_MD_do_all_sorted
EVP_MD_flags
EVP_MD_meth_dup
EVP_MD_meth_free
EVP_MD_meth_new
EVP_MD_meth_set_app_datasize
EVP_MD_meth_set_cleanup
EVP_MD_meth_set_copy
EVP_MD_meth_set_ctrl
EVP_MD_meth_set_final
EVP_MD_meth_set_flags
EVP_MD_meth_set_init
EVP_MD_meth_set_input_blocksize
EVP_MD_meth_set_result_size
EVP_MD_meth_set_update
EVP_MD_pkey_type
EVP_MD_size
EVP_MD_type
EVP_OpenFinal
EVP_OpenInit
EVP_PBE_CipherInit
EVP_PBE_alg_add
EVP_PBE_alg_add_type
EVP_PBE_cleanup
EVP_PBE_find
EVP_PKCS82PKEY
EVP_PKEY2PKCS8
EVP_PKEY_CTX_ctrl
@ -1341,25 +1255,11 @@ EVP_PKEY_add1_attr
EVP_PKEY_add1_attr_by_NID
EVP_PKEY_add1_attr_by_OBJ
EVP_PKEY_add1_attr_by_txt
EVP_PKEY_asn1_add0
EVP_PKEY_asn1_add_alias
EVP_PKEY_asn1_copy
EVP_PKEY_asn1_find
EVP_PKEY_asn1_find_str
EVP_PKEY_asn1_free
EVP_PKEY_asn1_get0
EVP_PKEY_asn1_get0_info
EVP_PKEY_asn1_get_count
EVP_PKEY_asn1_new
EVP_PKEY_asn1_set_check
EVP_PKEY_asn1_set_ctrl
EVP_PKEY_asn1_set_free
EVP_PKEY_asn1_set_param
EVP_PKEY_asn1_set_param_check
EVP_PKEY_asn1_set_private
EVP_PKEY_asn1_set_public
EVP_PKEY_asn1_set_public_check
EVP_PKEY_asn1_set_security_bits
EVP_PKEY_assign
EVP_PKEY_base_id
EVP_PKEY_bits
@ -1399,29 +1299,6 @@ EVP_PKEY_get_raw_public_key
EVP_PKEY_id
EVP_PKEY_keygen
EVP_PKEY_keygen_init
EVP_PKEY_meth_add0
EVP_PKEY_meth_copy
EVP_PKEY_meth_find
EVP_PKEY_meth_free
EVP_PKEY_meth_get0_info
EVP_PKEY_meth_new
EVP_PKEY_meth_set_check
EVP_PKEY_meth_set_cleanup
EVP_PKEY_meth_set_copy
EVP_PKEY_meth_set_ctrl
EVP_PKEY_meth_set_decrypt
EVP_PKEY_meth_set_derive
EVP_PKEY_meth_set_encrypt
EVP_PKEY_meth_set_init
EVP_PKEY_meth_set_keygen
EVP_PKEY_meth_set_param_check
EVP_PKEY_meth_set_paramgen
EVP_PKEY_meth_set_public_check
EVP_PKEY_meth_set_sign
EVP_PKEY_meth_set_signctx
EVP_PKEY_meth_set_verify
EVP_PKEY_meth_set_verify_recover
EVP_PKEY_meth_set_verifyctx
EVP_PKEY_missing_parameters
EVP_PKEY_new
EVP_PKEY_new_CMAC_key
@ -1456,14 +1333,11 @@ EVP_SealFinal
EVP_SealInit
EVP_SignFinal
EVP_VerifyFinal
EVP_add_cipher
EVP_add_digest
EVP_aead_aes_128_gcm
EVP_aead_aes_256_gcm
EVP_aead_chacha20_poly1305
EVP_aead_xchacha20_poly1305
EVP_aes_128_cbc
EVP_aes_128_cbc_hmac_sha1
EVP_aes_128_ccm
EVP_aes_128_cfb1
EVP_aes_128_cfb128
@ -1485,7 +1359,6 @@ EVP_aes_192_gcm
EVP_aes_192_ofb
EVP_aes_192_wrap
EVP_aes_256_cbc
EVP_aes_256_cbc_hmac_sha1
EVP_aes_256_ccm
EVP_aes_256_cfb1
EVP_aes_256_cfb128
@ -1548,11 +1421,6 @@ EVP_enc_null
EVP_get_cipherbyname
EVP_get_digestbyname
EVP_get_pw_prompt
EVP_gost2814789_cfb64
EVP_gost2814789_cnt
EVP_gost2814789_ecb
EVP_gost2814789imit
EVP_gostr341194
EVP_idea_cbc
EVP_idea_cfb64
EVP_idea_ecb
@ -1569,7 +1437,6 @@ EVP_rc2_ecb
EVP_rc2_ofb
EVP_rc4
EVP_rc4_40
EVP_rc4_hmac_md5
EVP_read_pw_string
EVP_read_pw_string_min
EVP_ripemd160
@ -1591,8 +1458,6 @@ EVP_sm4_cfb128
EVP_sm4_ctr
EVP_sm4_ecb
EVP_sm4_ofb
EVP_streebog256
EVP_streebog512
EVP_whirlpool
EXTENDED_KEY_USAGE_free
EXTENDED_KEY_USAGE_it
@ -1615,37 +1480,6 @@ GENERAL_NAME_set0_value
GENERAL_SUBTREE_free
GENERAL_SUBTREE_it
GENERAL_SUBTREE_new
GOST2814789IMIT
GOST2814789IMIT_Final
GOST2814789IMIT_Init
GOST2814789IMIT_Transform
GOST2814789IMIT_Update
GOSTR341194
GOSTR341194_Final
GOSTR341194_Init
GOSTR341194_Transform
GOSTR341194_Update
GOST_CIPHER_PARAMS_free
GOST_CIPHER_PARAMS_it
GOST_CIPHER_PARAMS_new
GOST_KEY_check_key
GOST_KEY_free
GOST_KEY_get0_group
GOST_KEY_get0_private_key
GOST_KEY_get0_public_key
GOST_KEY_get_digest
GOST_KEY_get_size
GOST_KEY_new
GOST_KEY_set_digest
GOST_KEY_set_group
GOST_KEY_set_private_key
GOST_KEY_set_public_key
GOST_KEY_set_public_key_affine_coordinates
Gost2814789_cfb64_encrypt
Gost2814789_cnt_encrypt
Gost2814789_ecb_encrypt
Gost2814789_set_key
Gost2814789_set_sbox
HKDF
HKDF_expand
HKDF_extract
@ -1719,16 +1553,8 @@ NETSCAPE_SPKI_verify
NOTICEREF_free
NOTICEREF_it
NOTICEREF_new
OBJ_NAME_add
OBJ_NAME_cleanup
OBJ_NAME_do_all
OBJ_NAME_do_all_sorted
OBJ_NAME_get
OBJ_NAME_init
OBJ_NAME_new_index
OBJ_NAME_remove
OBJ_add_object
OBJ_bsearch_
OBJ_cleanup
OBJ_cmp
OBJ_create
@ -1893,12 +1719,16 @@ OPENSSL_cleanup
OPENSSL_config
OPENSSL_cpu_caps
OPENSSL_cpuid_setup
OPENSSL_gmtime
OPENSSL_init
OPENSSL_init_crypto
OPENSSL_load_builtin_modules
OPENSSL_no_config
OPENSSL_posix_to_tm
OPENSSL_strcasecmp
OPENSSL_strncasecmp
OPENSSL_timegm
OPENSSL_tm_to_posix
OPENSSL_uni2asc
OTHERNAME_cmp
OTHERNAME_free
@ -1909,15 +1739,7 @@ OpenSSL_add_all_ciphers
OpenSSL_add_all_digests
OpenSSL_version
OpenSSL_version_num
PBE2PARAM_free
PBE2PARAM_it
PBE2PARAM_new
PBEPARAM_free
PBEPARAM_it
PBEPARAM_new
PBKDF2PARAM_free
PBKDF2PARAM_it
PBKDF2PARAM_new
PEM_ASN1_read
PEM_ASN1_read_bio
PEM_ASN1_write
@ -2029,21 +1851,7 @@ PEM_write_bio_X509_AUX
PEM_write_bio_X509_CRL
PEM_write_bio_X509_REQ
PEM_write_bio_X509_REQ_NEW
PKCS12_AUTHSAFES_it
PKCS12_BAGS_free
PKCS12_BAGS_it
PKCS12_BAGS_new
PKCS12_MAC_DATA_free
PKCS12_MAC_DATA_it
PKCS12_MAC_DATA_new
PKCS12_PBE_add
PKCS12_PBE_keyivgen
PKCS12_SAFEBAGS_it
PKCS12_SAFEBAG_create0_p8inf
PKCS12_SAFEBAG_create0_pkcs8
PKCS12_SAFEBAG_create_cert
PKCS12_SAFEBAG_create_crl
PKCS12_SAFEBAG_create_pkcs8_encrypt
PKCS12_SAFEBAG_free
PKCS12_SAFEBAG_get0_attr
PKCS12_SAFEBAG_get0_attrs
@ -2057,53 +1865,24 @@ PKCS12_SAFEBAG_get_bag_nid
PKCS12_SAFEBAG_get_nid
PKCS12_SAFEBAG_it
PKCS12_SAFEBAG_new
PKCS12_add_CSPName_asc
PKCS12_add_cert
PKCS12_add_friendlyname_asc
PKCS12_add_friendlyname_uni
PKCS12_add_key
PKCS12_add_localkeyid
PKCS12_add_safe
PKCS12_add_safes
PKCS12_create
PKCS12_decrypt_skey
PKCS12_free
PKCS12_gen_mac
PKCS12_get0_mac
PKCS12_get_attr_gen
PKCS12_get_friendlyname
PKCS12_init
PKCS12_it
PKCS12_item_decrypt_d2i
PKCS12_item_i2d_encrypt
PKCS12_item_pack_safebag
PKCS12_key_gen_asc
PKCS12_key_gen_uni
PKCS12_mac_present
PKCS12_new
PKCS12_newpass
PKCS12_pack_authsafes
PKCS12_pack_p7data
PKCS12_pack_p7encdata
PKCS12_parse
PKCS12_pbe_crypt
PKCS12_set_mac
PKCS12_setup_mac
PKCS12_unpack_authsafes
PKCS12_unpack_p7data
PKCS12_unpack_p7encdata
PKCS12_verify_mac
PKCS1_MGF1
PKCS5_PBE_add
PKCS5_PBE_keyivgen
PKCS5_PBKDF2_HMAC
PKCS5_PBKDF2_HMAC_SHA1
PKCS5_pbe2_set
PKCS5_pbe2_set_iv
PKCS5_pbe_set
PKCS5_pbe_set0_algor
PKCS5_pbkdf2_set
PKCS5_v2_PBE_keyivgen
PKCS7_ATTR_SIGN_it
PKCS7_ATTR_VERIFY_it
PKCS7_DIGEST_free
@ -2413,15 +2192,6 @@ SMIME_write_CMS
SMIME_write_PKCS7
SSLeay
SSLeay_version
STREEBOG256
STREEBOG256_Final
STREEBOG256_Init
STREEBOG256_Update
STREEBOG512
STREEBOG512_Final
STREEBOG512_Init
STREEBOG512_Transform
STREEBOG512_Update
TS_ACCURACY_dup
TS_ACCURACY_free
TS_ACCURACY_get_micros
@ -2644,13 +2414,9 @@ X509V3_EXT_CRL_add_conf
X509V3_EXT_CRL_add_nconf
X509V3_EXT_REQ_add_conf
X509V3_EXT_REQ_add_nconf
X509V3_EXT_add
X509V3_EXT_add_alias
X509V3_EXT_add_conf
X509V3_EXT_add_list
X509V3_EXT_add_nconf
X509V3_EXT_add_nconf_sk
X509V3_EXT_cleanup
X509V3_EXT_conf
X509V3_EXT_conf_nid
X509V3_EXT_d2i
@ -2691,7 +2457,6 @@ X509_ALGOR_get0
X509_ALGOR_it
X509_ALGOR_new
X509_ALGOR_set0
X509_ALGOR_set_md
X509_ATTRIBUTE_count
X509_ATTRIBUTE_create
X509_ATTRIBUTE_create_by_NID
@ -2706,18 +2471,12 @@ X509_ATTRIBUTE_it
X509_ATTRIBUTE_new
X509_ATTRIBUTE_set1_data
X509_ATTRIBUTE_set1_object
X509_CERT_AUX_free
X509_CERT_AUX_it
X509_CERT_AUX_new
X509_CERT_AUX_print
X509_CINF_free
X509_CINF_it
X509_CINF_new
X509_CRL_INFO_free
X509_CRL_INFO_it
X509_CRL_INFO_new
X509_CRL_METHOD_free
X509_CRL_METHOD_new
X509_CRL_add0_revoked
X509_CRL_add1_ext_i2d
X509_CRL_add_ext
@ -2742,7 +2501,6 @@ X509_CRL_get_ext_count
X509_CRL_get_ext_d2i
X509_CRL_get_issuer
X509_CRL_get_lastUpdate
X509_CRL_get_meth_data
X509_CRL_get_nextUpdate
X509_CRL_get_signature_nid
X509_CRL_get_version
@ -2753,10 +2511,8 @@ X509_CRL_print
X509_CRL_print_fp
X509_CRL_set1_lastUpdate
X509_CRL_set1_nextUpdate
X509_CRL_set_default_method
X509_CRL_set_issuer_name
X509_CRL_set_lastUpdate
X509_CRL_set_meth_data
X509_CRL_set_nextUpdate
X509_CRL_set_version
X509_CRL_sign
@ -2779,18 +2535,11 @@ X509_EXTENSION_set_data
X509_EXTENSION_set_object
X509_INFO_free
X509_INFO_new
X509_LOOKUP_by_alias
X509_LOOKUP_by_fingerprint
X509_LOOKUP_by_issuer_serial
X509_LOOKUP_by_subject
X509_LOOKUP_ctrl
X509_LOOKUP_file
X509_LOOKUP_free
X509_LOOKUP_hash_dir
X509_LOOKUP_init
X509_LOOKUP_mem
X509_LOOKUP_new
X509_LOOKUP_shutdown
X509_NAME_ENTRIES_it
X509_NAME_ENTRY_create_by_NID
X509_NAME_ENTRY_create_by_OBJ
@ -2849,17 +2598,12 @@ X509_PUBKEY_it
X509_PUBKEY_new
X509_PUBKEY_set
X509_PUBKEY_set0_param
X509_PURPOSE_add
X509_PURPOSE_cleanup
X509_PURPOSE_get0
X509_PURPOSE_get0_name
X509_PURPOSE_get0_sname
X509_PURPOSE_get_by_id
X509_PURPOSE_get_by_sname
X509_PURPOSE_get_count
X509_PURPOSE_get_id
X509_PURPOSE_get_trust
X509_PURPOSE_set
X509_REQ_INFO_free
X509_REQ_INFO_it
X509_REQ_INFO_new
@ -2952,7 +2696,6 @@ X509_STORE_CTX_get_verify
X509_STORE_CTX_get_verify_cb
X509_STORE_CTX_init
X509_STORE_CTX_new
X509_STORE_CTX_purpose_inherit
X509_STORE_CTX_set0_crls
X509_STORE_CTX_set0_param
X509_STORE_CTX_set0_trusted_stack
@ -2978,6 +2721,7 @@ X509_STORE_add_crl
X509_STORE_add_lookup
X509_STORE_free
X509_STORE_get0_objects
X509_STORE_get1_objects
X509_STORE_get0_param
X509_STORE_get_check_issued
X509_STORE_get_ex_data
@ -2997,16 +2741,6 @@ X509_STORE_set_trust
X509_STORE_set_verify
X509_STORE_set_verify_cb
X509_STORE_up_ref
X509_TRUST_add
X509_TRUST_cleanup
X509_TRUST_get0
X509_TRUST_get0_name
X509_TRUST_get_by_id
X509_TRUST_get_count
X509_TRUST_get_flags
X509_TRUST_get_trust
X509_TRUST_set
X509_TRUST_set_default
X509_VAL_free
X509_VAL_it
X509_VAL_new
@ -3290,7 +3024,6 @@ d2i_ESS_SIGNING_CERT
d2i_EXTENDED_KEY_USAGE
d2i_GENERAL_NAME
d2i_GENERAL_NAMES
d2i_GOST_CIPHER_PARAMS
d2i_IPAddressChoice
d2i_IPAddressFamily
d2i_IPAddressOrRange
@ -3317,12 +3050,7 @@ d2i_OCSP_SERVICELOC
d2i_OCSP_SIGNATURE
d2i_OCSP_SINGLERESP
d2i_OTHERNAME
d2i_PBE2PARAM
d2i_PBEPARAM
d2i_PBKDF2PARAM
d2i_PKCS12
d2i_PKCS12_BAGS
d2i_PKCS12_MAC_DATA
d2i_PKCS12_SAFEBAG
d2i_PKCS12_bio
d2i_PKCS12_fp
@ -3387,7 +3115,6 @@ d2i_X509_ALGOR
d2i_X509_ALGORS
d2i_X509_ATTRIBUTE
d2i_X509_AUX
d2i_X509_CERT_AUX
d2i_X509_CINF
d2i_X509_CRL
d2i_X509_CRL_INFO
@ -3487,7 +3214,6 @@ i2d_ESS_SIGNING_CERT
i2d_EXTENDED_KEY_USAGE
i2d_GENERAL_NAME
i2d_GENERAL_NAMES
i2d_GOST_CIPHER_PARAMS
i2d_IPAddressChoice
i2d_IPAddressFamily
i2d_IPAddressOrRange
@ -3514,12 +3240,7 @@ i2d_OCSP_SERVICELOC
i2d_OCSP_SIGNATURE
i2d_OCSP_SINGLERESP
i2d_OTHERNAME
i2d_PBE2PARAM
i2d_PBEPARAM
i2d_PBKDF2PARAM
i2d_PKCS12
i2d_PKCS12_BAGS
i2d_PKCS12_MAC_DATA
i2d_PKCS12_SAFEBAG
i2d_PKCS12_bio
i2d_PKCS12_fp
@ -3589,7 +3310,6 @@ i2d_X509_ALGOR
i2d_X509_ALGORS
i2d_X509_ATTRIBUTE
i2d_X509_AUX
i2d_X509_CERT_AUX
i2d_X509_CINF
i2d_X509_CRL
i2d_X509_CRL_INFO
@ -3633,17 +3353,12 @@ idea_set_encrypt_key
lh_delete
lh_doall
lh_doall_arg
lh_error
lh_free
lh_insert
lh_new
lh_node_stats
lh_node_stats_bio
lh_node_usage_stats
lh_node_usage_stats_bio
lh_num_items
lh_retrieve
lh_stats
lh_stats_bio
lh_strhash
o2i_ECPublicKey
o2i_SCT
@ -3654,7 +3369,6 @@ sk_delete
sk_delete_ptr
sk_dup
sk_find
sk_find_ex
sk_free
sk_insert
sk_is_sorted

127
lib/libcrypto/Symbols.namespace
View file

@ -18,7 +18,6 @@ _libre_sk_insert
_libre_sk_delete
_libre_sk_delete_ptr
_libre_sk_find
_libre_sk_find_ex
_libre_sk_push
_libre_sk_unshift
_libre_sk_shift
@ -136,40 +135,18 @@ _libre_PKCS12_SAFEBAG_get1_crl
_libre_PKCS8_get_attr
_libre_PKCS12_mac_present
_libre_PKCS12_get0_mac
_libre_PKCS12_SAFEBAG_create_cert
_libre_PKCS12_SAFEBAG_create_crl
_libre_PKCS12_SAFEBAG_create0_p8inf
_libre_PKCS12_SAFEBAG_create0_pkcs8
_libre_PKCS12_SAFEBAG_create_pkcs8_encrypt
_libre_PKCS12_SAFEBAG_get0_p8inf
_libre_PKCS12_SAFEBAG_get0_pkcs8
_libre_PKCS12_SAFEBAG_get0_safes
_libre_PKCS12_SAFEBAG_get0_type
_libre_PKCS12_item_pack_safebag
_libre_PKCS8_decrypt
_libre_PKCS12_decrypt_skey
_libre_PKCS8_encrypt
_libre_PKCS12_pack_p7data
_libre_PKCS12_unpack_p7data
_libre_PKCS12_pack_p7encdata
_libre_PKCS12_unpack_p7encdata
_libre_PKCS12_pack_authsafes
_libre_PKCS12_unpack_authsafes
_libre_PKCS12_add_localkeyid
_libre_PKCS12_add_friendlyname_asc
_libre_PKCS12_add_CSPName_asc
_libre_PKCS12_add_friendlyname_uni
_libre_PKCS8_add_keyusage
_libre_PKCS12_get_attr_gen
_libre_PKCS12_get_friendlyname
_libre_PKCS12_pbe_crypt
_libre_PKCS12_item_decrypt_d2i
_libre_PKCS12_item_i2d_encrypt
_libre_PKCS12_init
_libre_PKCS12_key_gen_asc
_libre_PKCS12_key_gen_uni
_libre_PKCS12_PBE_keyivgen
_libre_PKCS12_gen_mac
_libre_PKCS12_verify_mac
_libre_PKCS12_set_mac
_libre_PKCS12_setup_mac
@ -179,25 +156,13 @@ _libre_PKCS12_new
_libre_PKCS12_free
_libre_d2i_PKCS12
_libre_i2d_PKCS12
_libre_PKCS12_MAC_DATA_new
_libre_PKCS12_MAC_DATA_free
_libre_d2i_PKCS12_MAC_DATA
_libre_i2d_PKCS12_MAC_DATA
_libre_PKCS12_SAFEBAG_new
_libre_PKCS12_SAFEBAG_free
_libre_d2i_PKCS12_SAFEBAG
_libre_i2d_PKCS12_SAFEBAG
_libre_PKCS12_BAGS_new
_libre_PKCS12_BAGS_free
_libre_d2i_PKCS12_BAGS
_libre_i2d_PKCS12_BAGS
_libre_PKCS12_PBE_add
_libre_PKCS12_parse
_libre_PKCS12_create
_libre_PKCS12_add_cert
_libre_PKCS12_add_key
_libre_PKCS12_add_safe
_libre_PKCS12_add_safes
_libre_i2d_PKCS12_bio
_libre_i2d_PKCS12_fp
_libre_d2i_PKCS12_bio
@ -335,8 +300,6 @@ _libre_X509_get_default_private_dir
_libre_X509_to_X509_REQ
_libre_X509_REQ_to_X509
_libre_X509_get_pubkey_parameters
_libre_X509_TRUST_set_default
_libre_X509_TRUST_set
_libre_X509_NAME_oneline
_libre_X509_get0_extensions
_libre_X509_get0_tbs_sigalg
@ -499,14 +462,6 @@ _libre_X509_verify_cert
_libre_X509_find_by_issuer_and_serial
_libre_X509_find_by_subject
_libre_X509_check_trust
_libre_X509_TRUST_get_count
_libre_X509_TRUST_get0
_libre_X509_TRUST_get_by_id
_libre_X509_TRUST_add
_libre_X509_TRUST_cleanup
_libre_X509_TRUST_get_flags
_libre_X509_TRUST_get0_name
_libre_X509_TRUST_get_trust
_libre_X509_up_ref
_libre_X509_chain_up_ref
_libre_ERR_load_X509_strings
@ -561,14 +516,7 @@ _libre_X509_LOOKUP_ctrl
_libre_X509_load_cert_file
_libre_X509_load_crl_file
_libre_X509_load_cert_crl_file
_libre_X509_LOOKUP_new
_libre_X509_LOOKUP_free
_libre_X509_LOOKUP_init
_libre_X509_LOOKUP_by_subject
_libre_X509_LOOKUP_by_issuer_serial
_libre_X509_LOOKUP_by_fingerprint
_libre_X509_LOOKUP_by_alias
_libre_X509_LOOKUP_shutdown
_libre_X509_STORE_load_locations
_libre_X509_STORE_load_mem
_libre_X509_STORE_set_default_paths
@ -591,7 +539,6 @@ _libre_X509_STORE_CTX_set_chain
_libre_X509_STORE_CTX_set0_crls
_libre_X509_STORE_CTX_set_purpose
_libre_X509_STORE_CTX_set_trust
_libre_X509_STORE_CTX_purpose_inherit
_libre_X509_STORE_CTX_set_flags
_libre_X509_STORE_CTX_set_time
_libre_X509_STORE_CTX_set0_verified_chain
@ -789,10 +736,6 @@ _libre_i2s_ASN1_INTEGER
_libre_s2i_ASN1_INTEGER
_libre_i2s_ASN1_ENUMERATED
_libre_i2s_ASN1_ENUMERATED_TABLE
_libre_X509V3_EXT_add
_libre_X509V3_EXT_add_list
_libre_X509V3_EXT_add_alias
_libre_X509V3_EXT_cleanup
_libre_X509V3_EXT_get
_libre_X509V3_EXT_get_nid
_libre_X509V3_add_standard_extensions
@ -810,18 +753,13 @@ _libre_X509V3_extensions_print
_libre_X509_check_ca
_libre_X509_check_purpose
_libre_X509_supported_extension
_libre_X509_PURPOSE_set
_libre_X509_check_issued
_libre_X509_check_akid
_libre_X509_PURPOSE_get_count
_libre_X509_PURPOSE_get0
_libre_X509_PURPOSE_get_by_sname
_libre_X509_PURPOSE_get_by_id
_libre_X509_PURPOSE_add
_libre_X509_PURPOSE_get0_name
_libre_X509_PURPOSE_get0_sname
_libre_X509_PURPOSE_get_trust
_libre_X509_PURPOSE_cleanup
_libre_X509_PURPOSE_get_id
_libre_X509_get_extension_flags
_libre_X509_get_key_usage
@ -1025,7 +963,6 @@ _libre_ASN1_TIME_normalize
_libre_ASN1_TIME_set_string_X509
_libre_ASN1_TIME_diff
_libre_ASN1_TIME_set
_libre_ASN1_TIME_set_tm
_libre_ASN1_TIME_adj
_libre_ASN1_TIME_check
_libre_ASN1_TIME_to_generalizedtime
@ -1093,33 +1030,16 @@ _libre_ASN1_mbstring_copy
_libre_ASN1_mbstring_ncopy
_libre_ASN1_STRING_set_by_NID
_libre_ASN1_STRING_TABLE_get
_libre_ASN1_STRING_TABLE_add
_libre_ASN1_STRING_TABLE_cleanup
_libre_ASN1_item_new
_libre_ASN1_item_free
_libre_ASN1_item_d2i
_libre_ASN1_item_i2d
_libre_ASN1_add_oid_module
_libre_ASN1_generate_nconf
_libre_ASN1_generate_v3
_libre_ASN1_item_print
_libre_ASN1_PCTX_new
_libre_ASN1_PCTX_free
_libre_ASN1_PCTX_get_flags
_libre_ASN1_PCTX_set_flags
_libre_ASN1_PCTX_get_nm_flags
_libre_ASN1_PCTX_set_nm_flags
_libre_ASN1_PCTX_get_cert_flags
_libre_ASN1_PCTX_set_cert_flags
_libre_ASN1_PCTX_get_oid_flags
_libre_ASN1_PCTX_set_oid_flags
_libre_ASN1_PCTX_get_str_flags
_libre_ASN1_PCTX_set_str_flags
_libre_SMIME_crlf_copy
_libre_SMIME_text
_libre_ERR_load_ASN1_strings
_libre_ASN1_time_parse
_libre_ASN1_time_tm_cmp
_libre_BIO_set_flags
_libre_BIO_test_flags
_libre_BIO_clear_flags
@ -1163,7 +1083,6 @@ _libre_BIO_s_file
_libre_BIO_new_file
_libre_BIO_new_fp
_libre_BIO_new
_libre_BIO_set
_libre_BIO_free
_libre_BIO_up_ref
_libre_BIO_get_data
@ -1213,8 +1132,6 @@ _libre_BIO_fd_should_retry
_libre_BIO_fd_non_fatal_error
_libre_BIO_dump
_libre_BIO_dump_indent
_libre_BIO_dump_fp
_libre_BIO_dump_indent_fp
_libre_BIO_gethostbyname
_libre_BIO_sock_error
_libre_BIO_socket_ioctl
@ -1233,9 +1150,6 @@ _libre_BIO_new_connect
_libre_BIO_new_accept
_libre_BIO_copy_next_retry
_libre_BIO_printf
_libre_BIO_vprintf
_libre_BIO_snprintf
_libre_BIO_vsnprintf
_libre_ERR_load_BIO_strings
_libre_ASN1_item_ex_new
_libre_ASN1_item_ex_free
@ -1386,7 +1300,6 @@ _libre_ERR_load_crypto_strings
_libre_ERR_free_strings
_libre_ERR_remove_thread_state
_libre_ERR_remove_state
_libre_ERR_get_state
_libre_ERR_get_next_error_library
_libre_ERR_set_mark
_libre_ERR_pop_to_mark
@ -1739,12 +1652,6 @@ _libre_lh_doall
_libre_lh_doall_arg
_libre_lh_strhash
_libre_lh_num_items
_libre_lh_stats
_libre_lh_node_stats
_libre_lh_node_usage_stats
_libre_lh_stats_bio
_libre_lh_node_stats_bio
_libre_lh_node_usage_stats_bio
_libre_SM3_Init
_libre_SM3_Update
_libre_SM3_Final
@ -1948,35 +1855,14 @@ _libre_CRYPTO_get_ex_data
_libre_CRYPTO_cleanup_all_ex_data
_libre_CRYPTO_lock
_libre_CRYPTO_add_lock
_libre_CRYPTO_THREADID_current
_libre_CRYPTO_THREADID_cmp
_libre_CRYPTO_THREADID_cpy
_libre_CRYPTO_THREADID_hash
_libre_CRYPTO_set_mem_functions
_libre_CRYPTO_set_locked_mem_functions
_libre_CRYPTO_set_mem_ex_functions
_libre_CRYPTO_set_locked_mem_ex_functions
_libre_CRYPTO_set_mem_debug_functions
_libre_CRYPTO_get_mem_functions
_libre_CRYPTO_get_locked_mem_functions
_libre_CRYPTO_get_mem_ex_functions
_libre_CRYPTO_get_locked_mem_ex_functions
_libre_CRYPTO_get_mem_debug_functions
_libre_CRYPTO_realloc_clean
_libre_CRYPTO_remalloc
_libre_CRYPTO_set_mem_debug_options
_libre_CRYPTO_get_mem_debug_options
_libre_CRYPTO_push_info_
_libre_CRYPTO_pop_info
_libre_CRYPTO_remove_all_info
_libre_CRYPTO_dbg_malloc
_libre_CRYPTO_dbg_realloc
_libre_CRYPTO_dbg_free
_libre_CRYPTO_dbg_set_options
_libre_CRYPTO_dbg_get_options
_libre_CRYPTO_mem_leaks_fp
_libre_CRYPTO_mem_leaks
_libre_CRYPTO_mem_leaks_cb
_libre_OpenSSLDie
_libre_OPENSSL_cpu_caps
_libre_OPENSSL_init_crypto
@ -2245,9 +2131,6 @@ _libre_BN_lshift
_libre_BN_lshift1
_libre_BN_exp
_libre_BN_mod_exp_mont_consttime
_libre_BN_mod_exp_mont_word
_libre_BN_mod_exp2_mont
_libre_BN_mod_exp_simple
_libre_BN_mask_bits
_libre_BN_print_fp
_libre_BN_print
@ -2422,12 +2305,6 @@ _libre_RSA_meth_set_sign
_libre_RSA_meth_get_verify
_libre_RSA_meth_set_verify
_libre_ERR_load_RSA_strings
_libre_OBJ_NAME_init
_libre_OBJ_NAME_new_index
_libre_OBJ_NAME_get
_libre_OBJ_NAME_add
_libre_OBJ_NAME_remove
_libre_OBJ_NAME_cleanup
_libre_OBJ_NAME_do_all
_libre_OBJ_NAME_do_all_sorted
_libre_OBJ_dup
@ -2441,9 +2318,7 @@ _libre_OBJ_txt2nid
_libre_OBJ_ln2nid
_libre_OBJ_sn2nid
_libre_OBJ_cmp
_libre_OBJ_bsearch_
_libre_OBJ_new_nid
_libre_OBJ_add_object
_libre_OBJ_create
_libre_OBJ_cleanup
_libre_OBJ_create_objects
@ -2460,7 +2335,6 @@ _libre_CMAC_CTX_copy
_libre_CMAC_Init
_libre_CMAC_Update
_libre_CMAC_Final
_libre_CMAC_resume
_libre_d2i_DSAparams_bio
_libre_i2d_DSAparams_bio
_libre_d2i_DSAparams_fp
@ -2497,7 +2371,6 @@ _libre_d2i_DSAPrivateKey
_libre_i2d_DSAPrivateKey
_libre_d2i_DSAparams
_libre_i2d_DSAparams
_libre_DSA_generate_parameters
_libre_DSA_generate_parameters_ex
_libre_DSA_generate_key
_libre_DSAparams_print

25
lib/libcrypto/asn1/a_strnid.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: a_strnid.c,v 1.29 2023/12/16 12:56:20 tb Exp $ */
/* $OpenBSD: a_strnid.c,v 1.31 2024/03/02 08:54:02 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
@ -141,7 +141,7 @@ ASN1_STRING *
ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in, int inlen,
int inform, int nid)
{
ASN1_STRING_TABLE *tbl;
const ASN1_STRING_TABLE *tbl;
ASN1_STRING *str = NULL;
unsigned long mask;
int ret;
@ -313,8 +313,7 @@ static const ASN1_STRING_TABLE tbl_standard[] = {
#define N_STRING_TABLE_ENTRIES (sizeof(tbl_standard) / sizeof(tbl_standard[0]))
/* XXX - const */
ASN1_STRING_TABLE *
const ASN1_STRING_TABLE *
ASN1_STRING_TABLE_get(int nid)
{
size_t i;
@ -322,25 +321,9 @@ ASN1_STRING_TABLE_get(int nid)
for (i = 0; i < N_STRING_TABLE_ENTRIES; i++) {
const ASN1_STRING_TABLE *entry = &tbl_standard[i];
if (entry->nid == nid)
return (ASN1_STRING_TABLE *)entry;
return entry;
}
return NULL;
}
LCRYPTO_ALIAS(ASN1_STRING_TABLE_get);
int
ASN1_STRING_TABLE_add(int nid, long minsize, long maxsize, unsigned long mask,
unsigned long flags)
{
ASN1error(ERR_R_DISABLED);
return 0;
}
LCRYPTO_ALIAS(ASN1_STRING_TABLE_add);
void
ASN1_STRING_TABLE_cleanup(void)
{
ASN1error(ERR_R_DISABLED);
}
LCRYPTO_ALIAS(ASN1_STRING_TABLE_cleanup);

15
lib/libcrypto/asn1/a_time_tm.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: a_time_tm.c,v 1.31 2023/10/01 22:14:36 tb Exp $ */
/* $OpenBSD: a_time_tm.c,v 1.33 2024/03/02 09:10:42 tb Exp $ */
/*
* Copyright (c) 2015 Bob Beck <beck@openbsd.org>
*
@ -60,7 +60,6 @@ ASN1_time_tm_cmp(struct tm *tm1, struct tm *tm2)
return (1);
return 0;
}
LCRYPTO_ALIAS(ASN1_time_tm_cmp);
int
ASN1_time_tm_clamp_notafter(struct tm *tm)
@ -345,7 +344,6 @@ ASN1_time_parse(const char *bytes, size_t len, struct tm *tm, int mode)
return -1;
}
LCRYPTO_ALIAS(ASN1_time_parse);
/*
* ASN1_TIME generic functions.
@ -408,17 +406,6 @@ ASN1_TIME_set(ASN1_TIME *s, time_t t)
}
LCRYPTO_ALIAS(ASN1_TIME_set);
ASN1_TIME *
ASN1_TIME_set_tm(ASN1_TIME *s, struct tm *tm)
{
time_t t;
if (!asn1_time_tm_to_time_t(tm, &t))
return NULL;
return (ASN1_TIME_adj(s, t, 0, 0));
}
LCRYPTO_ALIAS(ASN1_TIME_set_tm);
ASN1_TIME *
ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day, long offset_sec)
{

180
lib/libcrypto/asn1/ameth_lib.c
View file

@ -1,180 +0,0 @@
/* $OpenBSD: ameth_lib.c,v 1.42 2024/01/04 16:50:53 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <stdlib.h>
#include <string.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include "evp_local.h"
/*
* XXX - remove all the API below here in the next major bump.
*/
EVP_PKEY_ASN1_METHOD*
EVP_PKEY_asn1_new(int id, int flags, const char *pem_str, const char *info)
{
EVPerror(ERR_R_DISABLED);
return NULL;
}
void
EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst, const EVP_PKEY_ASN1_METHOD *src)
{
EVPerror(ERR_R_DISABLED);
}
void
EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth)
{
EVPerror(ERR_R_DISABLED);
}
void
EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub),
int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk),
int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *pctx),
int (*pkey_size)(const EVP_PKEY *pk),
int (*pkey_bits)(const EVP_PKEY *pk))
{
EVPerror(ERR_R_DISABLED);
}
void
EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
int (*priv_decode)(EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf),
int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk),
int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *pctx))
{
EVPerror(ERR_R_DISABLED);
}
void
EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
int (*param_decode)(EVP_PKEY *pkey, const unsigned char **pder, int derlen),
int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder),
int (*param_missing)(const EVP_PKEY *pk),
int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from),
int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *pctx))
{
EVPerror(ERR_R_DISABLED);
}
void
EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
void (*pkey_free)(EVP_PKEY *pkey))
{
EVPerror(ERR_R_DISABLED);
}
void
EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
int (*pkey_ctrl)(EVP_PKEY *pkey, int op, long arg1, void *arg2))
{
EVPerror(ERR_R_DISABLED);
}
void
EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
int (*pkey_security_bits)(const EVP_PKEY *pkey))
{
EVPerror(ERR_R_DISABLED);
}
void
EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
int (*pkey_check)(const EVP_PKEY *pk))
{
EVPerror(ERR_R_DISABLED);
}
void
EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
int (*pkey_public_check)(const EVP_PKEY *pk))
{
EVPerror(ERR_R_DISABLED);
}
void
EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
int (*pkey_param_check)(const EVP_PKEY *pk))
{
EVPerror(ERR_R_DISABLED);
}
int
EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth)
{
EVPerror(ERR_R_DISABLED);
return 0;
}
int
EVP_PKEY_asn1_add_alias(int to, int from)
{
EVPerror(ERR_R_DISABLED);
return 0;
}

50
lib/libcrypto/asn1/asn1.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: asn1.h,v 1.83 2024/02/18 16:28:38 tb Exp $ */
/* $OpenBSD: asn1.h,v 1.91 2024/03/02 09:08:41 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -217,20 +217,6 @@ typedef struct asn1_string_table_st {
unsigned long flags;
} ASN1_STRING_TABLE;
/* XXX - unused. Remove in next major bump. */
DECLARE_STACK_OF(ASN1_STRING_TABLE)
/* size limits: this stuff is taken straight from RFC2459 */
/* XXX - unused macros. A more complete version is in a_strnid.c. Remove? */
#define ub_name 32768
#define ub_common_name 64
#define ub_locality_name 128
#define ub_state_name 128
#define ub_organization_name 64
#define ub_organization_unit_name 64
#define ub_title 64
#define ub_email_address 128
/* Declarations for template structures: for full definitions
* see asn1t.h
*/
@ -519,19 +505,6 @@ typedef struct BIT_STRING_BITNAME_st {
B_ASN1_BMPSTRING|\
B_ASN1_UTF8STRING
#ifndef LIBRESSL_INTERNAL
#define M_ASN1_IA5STRING_new ASN1_IA5STRING_new
#define M_ASN1_INTEGER_free ASN1_INTEGER_free
#define M_ASN1_ENUMERATED_free ASN1_ENUMERATED_free
#define M_ASN1_OCTET_STRING_free ASN1_OCTET_STRING_free
#define M_ASN1_OCTET_STRING_print ASN1_STRING_print
#define M_ASN1_STRING_data ASN1_STRING_data
#define M_ASN1_STRING_length ASN1_STRING_length
#endif
ASN1_TYPE *ASN1_TYPE_new(void);
void ASN1_TYPE_free(ASN1_TYPE *a);
ASN1_TYPE *d2i_ASN1_TYPE(ASN1_TYPE **a, const unsigned char **in, long len);
@ -711,7 +684,6 @@ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
extern const ASN1_ITEM ASN1_OCTET_STRING_NDEF_it;
ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
ASN1_TIME *ASN1_TIME_set_tm(ASN1_TIME *s, struct tm *tm);
ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
long offset_sec);
int ASN1_TIME_check(const ASN1_TIME *t);
@ -856,9 +828,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out,
const unsigned char *in, int inlen, int inform, int nid);
ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid);
int ASN1_STRING_TABLE_add(int, long, long, unsigned long, unsigned long);
void ASN1_STRING_TABLE_cleanup(void);
const ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid);
/* ASN1 template functions */
@ -869,8 +839,6 @@ ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in,
long len, const ASN1_ITEM *it);
int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
void ASN1_add_oid_module(void);
ASN1_TYPE *ASN1_generate_nconf(const char *str, CONF *nconf);
ASN1_TYPE *ASN1_generate_v3(const char *str, X509V3_CTX *cnf);
@ -897,18 +865,6 @@ ASN1_TYPE *ASN1_generate_v3(const char *str, X509V3_CTX *cnf);
int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent,
const ASN1_ITEM *it, const ASN1_PCTX *pctx);
ASN1_PCTX *ASN1_PCTX_new(void);
void ASN1_PCTX_free(ASN1_PCTX *p);
unsigned long ASN1_PCTX_get_flags(const ASN1_PCTX *p);
void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags);
unsigned long ASN1_PCTX_get_nm_flags(const ASN1_PCTX *p);
void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags);
unsigned long ASN1_PCTX_get_cert_flags(const ASN1_PCTX *p);
void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags);
unsigned long ASN1_PCTX_get_oid_flags(const ASN1_PCTX *p);
void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags);
unsigned long ASN1_PCTX_get_str_flags(const ASN1_PCTX *p);
void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags);
int SMIME_crlf_copy(BIO *in, BIO *out, int flags);
int SMIME_text(BIO *in, BIO *out);
@ -1168,8 +1124,6 @@ void ERR_load_ASN1_strings(void);
#define ASN1_R_WRONG_TAG 168
#define ASN1_R_WRONG_TYPE 169
int ASN1_time_parse(const char *_bytes, size_t _len, struct tm *_tm, int _mode);
int ASN1_time_tm_cmp(struct tm *_tm1, struct tm *_tm2);
#ifdef __cplusplus
}
#endif

5
lib/libcrypto/asn1/asn1_local.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: asn1_local.h,v 1.8 2024/02/18 16:28:38 tb Exp $ */
/* $OpenBSD: asn1_local.h,v 1.10 2024/03/02 09:10:42 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
@ -187,4 +187,7 @@ void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
int ASN1_time_parse(const char *_bytes, size_t _len, struct tm *_tm, int _mode);
int ASN1_time_tm_cmp(struct tm *_tm1, struct tm *_tm2);
__END_HIDDEN_DECLS

3
lib/libcrypto/asn1/asn_moid.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: asn_moid.c,v 1.16 2023/07/05 21:23:36 beck Exp $ */
/* $OpenBSD: asn_moid.c,v 1.17 2024/03/02 09:02:04 tb Exp $ */
/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
* project 2001.
*/
@ -105,7 +105,6 @@ ASN1_add_oid_module(void)
{
CONF_module_add("oid_section", oid_module_init, oid_module_finish);
}
LCRYPTO_ALIAS(ASN1_add_oid_module);
/* Create an OID based on a name value pair. Accept two formats.
* shortname = 1.2.3.4

4
lib/libcrypto/asn1/p5_pbe.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: p5_pbe.c,v 1.25 2023/07/07 19:37:52 beck Exp $ */
/* $OpenBSD: p5_pbe.c,v 1.26 2024/03/02 10:17:37 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
@ -64,6 +64,8 @@
#include <openssl/err.h>
#include <openssl/x509.h>
#include "x509_local.h"
/* PKCS#5 password based encryption structure */
static const ASN1_TEMPLATE PBEPARAM_seq_tt[] = {

3
lib/libcrypto/asn1/p5_pbev2.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: p5_pbev2.c,v 1.31 2024/02/18 15:44:10 tb Exp $ */
/* $OpenBSD: p5_pbev2.c,v 1.32 2024/03/02 10:17:37 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999-2004.
*/
@ -65,6 +65,7 @@
#include <openssl/x509.h>
#include "evp_local.h"
#include "x509_local.h"
/* PKCS#5 v2.0 password based encryption structures */

95
lib/libcrypto/asn1/tasn_prn.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: tasn_prn.c,v 1.26 2023/12/20 14:26:47 tb Exp $ */
/* $OpenBSD: tasn_prn.c,v 1.27 2024/03/02 09:04:07 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
@ -76,99 +76,6 @@ static const ASN1_PCTX default_pctx = {
.flags = ASN1_PCTX_FLAGS_SHOW_ABSENT,
};
ASN1_PCTX *
ASN1_PCTX_new(void)
{
ASN1_PCTX *p;
if ((p = calloc(1, sizeof(ASN1_PCTX))) == NULL) {
ASN1error(ERR_R_MALLOC_FAILURE);
return NULL;
}
return p;
}
LCRYPTO_ALIAS(ASN1_PCTX_new);
void
ASN1_PCTX_free(ASN1_PCTX *p)
{
free(p);
}
LCRYPTO_ALIAS(ASN1_PCTX_free);
unsigned long
ASN1_PCTX_get_flags(const ASN1_PCTX *p)
{
return p->flags;
}
LCRYPTO_ALIAS(ASN1_PCTX_get_flags);
void
ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags)
{
p->flags = flags;
}
LCRYPTO_ALIAS(ASN1_PCTX_set_flags);
unsigned long
ASN1_PCTX_get_nm_flags(const ASN1_PCTX *p)
{
return p->nm_flags;
}
LCRYPTO_ALIAS(ASN1_PCTX_get_nm_flags);
void
ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags)
{
p->nm_flags = flags;
}
LCRYPTO_ALIAS(ASN1_PCTX_set_nm_flags);
unsigned long
ASN1_PCTX_get_cert_flags(const ASN1_PCTX *p)
{
return p->cert_flags;
}
LCRYPTO_ALIAS(ASN1_PCTX_get_cert_flags);
void
ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags)
{
p->cert_flags = flags;
}
LCRYPTO_ALIAS(ASN1_PCTX_set_cert_flags);
unsigned long
ASN1_PCTX_get_oid_flags(const ASN1_PCTX *p)
{
return p->oid_flags;
}
LCRYPTO_ALIAS(ASN1_PCTX_get_oid_flags);
void
ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags)
{
p->oid_flags = flags;
}
LCRYPTO_ALIAS(ASN1_PCTX_set_oid_flags);
unsigned long
ASN1_PCTX_get_str_flags(const ASN1_PCTX *p)
{
return p->str_flags;
}
LCRYPTO_ALIAS(ASN1_PCTX_get_str_flags);
void
ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags)
{
p->str_flags = flags;
}
LCRYPTO_ALIAS(ASN1_PCTX_set_str_flags);
/* Main print routines */
static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
const ASN1_ITEM *it, const char *fname, const char *sname, int nohdr,
const ASN1_PCTX *pctx);

8
lib/libcrypto/asn1/x_algor.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: x_algor.c,v 1.38 2023/11/01 20:41:12 tb Exp $ */
/* $OpenBSD: x_algor.c,v 1.39 2024/03/02 10:33:51 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
@ -268,12 +268,6 @@ X509_ALGOR_set_evp_md(X509_ALGOR *alg, const EVP_MD *md)
return 1;
}
void
X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md)
{
(void)X509_ALGOR_set_evp_md(alg, md);
}
int
X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b)
{

35
lib/libcrypto/asn1/x_crl.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: x_crl.c,v 1.42 2024/01/06 17:37:23 tb Exp $ */
/* $OpenBSD: x_crl.c,v 1.43 2024/03/02 10:59:41 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -603,39 +603,6 @@ X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x)
X509_get_issuer_name(x));
}
void
X509_CRL_set_default_method(const X509_CRL_METHOD *meth)
{
}
X509_CRL_METHOD *
X509_CRL_METHOD_new(int (*crl_init)(X509_CRL *crl),
int (*crl_free)(X509_CRL *crl),
int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret,
ASN1_INTEGER *ser, X509_NAME *issuer),
int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk))
{
X509error(ERR_R_DISABLED);
return NULL;
}
void
X509_CRL_METHOD_free(X509_CRL_METHOD *m)
{
}
void
X509_CRL_set_meth_data(X509_CRL *crl, void *dat)
{
}
void *
X509_CRL_get_meth_data(X509_CRL *crl)
{
X509error(ERR_R_DISABLED);
return NULL;
}
int
X509_CRL_get_signature_nid(const X509_CRL *crl)
{

38
lib/libcrypto/bio/b_dump.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: b_dump.c,v 1.29 2024/02/15 10:34:30 tb Exp $ */
/* $OpenBSD: b_dump.c,v 1.30 2024/03/02 09:21:24 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -209,39 +209,3 @@ BIO_dump(BIO *bio, const char *s, int len)
return BIO_dump_indent(bio, s, len, 0);
}
LCRYPTO_ALIAS(BIO_dump);
/*
* XXX - remove the functions below in the next major bump.
*/
int
BIO_dump_cb(int (*cb)(const void *data, size_t len, void *u),
void *u, const char *s, int len)
{
BIOerror(ERR_R_DISABLED);
return -1;
}
int
BIO_dump_indent_cb(int (*cb)(const void *data, size_t len, void *u),
void *u, const char *s, int len, int indent)
{
BIOerror(ERR_R_DISABLED);
return -1;
}
int
BIO_dump_fp(FILE *fp, const char *s, int len)
{
BIOerror(ERR_R_DISABLED);
return -1;
}
LCRYPTO_ALIAS(BIO_dump_fp);
int
BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent)
{
BIOerror(ERR_R_DISABLED);
return -1;
}
LCRYPTO_ALIAS(BIO_dump_indent_fp);

59
lib/libcrypto/bio/b_print.c
View file

@ -1,21 +1,10 @@
/* $OpenBSD: b_print.c,v 1.27 2023/07/05 21:23:37 beck Exp $ */
/* $OpenBSD: b_print.c,v 1.28 2024/03/02 09:18:28 tb Exp $ */
/* Theo de Raadt places this file in the public domain. */
#include <openssl/bio.h>
int
BIO_printf(BIO *bio, const char *format, ...)
{
va_list args;
int ret;
va_start(args, format);
ret = BIO_vprintf(bio, format, args);
va_end(args);
return (ret);
}
LCRYPTO_ALIAS(BIO_printf);
#include "bio_local.h"
#ifdef HAVE_FUNOPEN
static int
@ -40,7 +29,6 @@ BIO_vprintf(BIO *bio, const char *format, va_list args)
fail:
return (ret);
}
LCRYPTO_ALIAS(BIO_vprintf);
#else /* !HAVE_FUNOPEN */
@ -57,55 +45,18 @@ BIO_vprintf(BIO *bio, const char *format, va_list args)
free(buf);
return (ret);
}
LCRYPTO_ALIAS(BIO_vprintf);
#endif /* HAVE_FUNOPEN */
/*
* BIO_snprintf and BIO_vsnprintf return -1 for overflow,
* due to the history of this API. Justification:
*
* Traditional snprintf surfaced in 4.4BSD, and returned
* "number of bytes wanted". Solaris and Windows opted to
* return -1. A draft standard was written which returned -1.
* Due to the large volume of code already using the first
* semantics, the draft was repaired before standardization to
* specify "number of bytes wanted" plus "-1 for character conversion
* style errors". Solaris adapted to this rule, but Windows stuck
* with -1.
*
* Original OpenSSL comment which is full of lies:
*
* "In case of truncation, return -1 like traditional snprintf.
* (Current drafts for ISO/IEC 9899 say snprintf should return
* the number of characters that would have been written,
* had the buffer been large enough.)"
*/
int
BIO_snprintf(char *buf, size_t n, const char *format, ...)
BIO_printf(BIO *bio, const char *format, ...)
{
va_list args;
int ret;
va_start(args, format);
ret = vsnprintf(buf, n, format, args);
ret = BIO_vprintf(bio, format, args);
va_end(args);
if (ret >= n || ret == -1)
return (-1);
return (ret);
}
LCRYPTO_ALIAS(BIO_snprintf);
int
BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
{
int ret;
ret = vsnprintf(buf, n, format, args);
if (ret >= n || ret == -1)
return (-1);
return (ret);
}
LCRYPTO_ALIAS(BIO_vsnprintf);
LCRYPTO_ALIAS(BIO_printf);

27
lib/libcrypto/bio/bio.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bio.h,v 1.60 2023/08/25 12:37:33 schwarze Exp $ */
/* $OpenBSD: bio.h,v 1.63 2024/03/02 09:22:41 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -534,7 +534,6 @@ const BIO_METHOD *BIO_s_file(void);
BIO *BIO_new_file(const char *filename, const char *mode);
BIO *BIO_new_fp(FILE *stream, int close_flag);
BIO *BIO_new(const BIO_METHOD *type);
int BIO_set(BIO *a, const BIO_METHOD *type);
int BIO_free(BIO *a);
int BIO_up_ref(BIO *bio);
void *BIO_get_data(BIO *a);
@ -599,14 +598,10 @@ int BIO_dgram_non_fatal_error(int _error);
int BIO_fd_should_retry(int i);
int BIO_fd_non_fatal_error(int _error);
int BIO_dump_cb(int (*cb)(const void *data, size_t len, void *u),
void *u, const char *s, int len);
int BIO_dump_indent_cb(int (*cb)(const void *data, size_t len, void *u),
void *u, const char *s, int len, int indent);
int BIO_dump(BIO *b, const char *bytes, int len);
int BIO_dump_indent(BIO *b, const char *bytes, int len, int indent);
int BIO_dump_fp(FILE *fp, const char *s, int len);
int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent);
struct hostent *BIO_gethostbyname(const char *name);
/* We might want a thread-safe interface too:
* struct hostent *BIO_gethostbyname_r(const char *name,
@ -648,25 +643,9 @@ void BIO_copy_next_retry(BIO *b);
#ifndef __MINGW_PRINTF_FORMAT
int BIO_printf(BIO *bio, const char *format, ...)
__attribute__((__format__(__printf__, 2, 3), __nonnull__(2)));
int BIO_vprintf(BIO *bio, const char *format, va_list args)
__attribute__((__format__(__printf__, 2, 0), __nonnull__(2)));
int BIO_snprintf(char *buf, size_t n, const char *format, ...)
__attribute__((__deprecated__, __format__(__printf__, 3, 4),
__nonnull__(3)));
int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
__attribute__((__deprecated__, __format__(__printf__, 3, 0),
__nonnull__(3)));
#else
int BIO_printf(BIO *bio, const char *format, ...)
__attribute__((__format__(__MINGW_PRINTF_FORMAT, 2, 3), __nonnull__(2)));
int BIO_vprintf(BIO *bio, const char *format, va_list args)
__attribute__((__format__(__MINGW_PRINTF_FORMAT, 2, 0), __nonnull__(2)));
int BIO_snprintf(char *buf, size_t n, const char *format, ...)
__attribute__((__deprecated__, __format__(__MINGW_PRINTF_FORMAT, 3, 4),
__nonnull__(3)));
int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
__attribute__((__deprecated__, __format__(__MINGW_PRINTF_FORMAT, 3, 0),
__nonnull__(3)));
#endif
void ERR_load_BIO_strings(void);

10
lib/libcrypto/bio/bio_lib.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bio_lib.c,v 1.51 2024/02/17 14:29:07 jsing Exp $ */
/* $OpenBSD: bio_lib.c,v 1.52 2024/03/02 09:22:41 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -160,14 +160,6 @@ BIO_new(const BIO_METHOD *method)
}
LCRYPTO_ALIAS(BIO_new);
int
BIO_set(BIO *bio, const BIO_METHOD *method)
{
BIOerror(ERR_R_DISABLED);
return 0;
}
LCRYPTO_ALIAS(BIO_set);
int
BIO_free(BIO *bio)
{

6
lib/libcrypto/bio/bio_local.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bio_local.h,v 1.5 2022/12/02 19:44:04 tb Exp $ */
/* $OpenBSD: bio_local.h,v 1.6 2024/03/02 09:18:28 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -59,6 +59,8 @@
#ifndef HEADER_BIO_LOCAL_H
#define HEADER_BIO_LOCAL_H
#include <stdarg.h>
__BEGIN_HIDDEN_DECLS
struct bio_method_st {
@ -118,6 +120,8 @@ typedef struct bio_f_buffer_ctx_struct {
int obuf_off; /* write/read offset */
} BIO_F_BUFFER_CTX;
int BIO_vprintf(BIO *bio, const char *format, va_list args);
__END_HIDDEN_DECLS
#endif /* !HEADER_BIO_LOCAL_H */

9
lib/libcrypto/bn/bn.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn.h,v 1.75 2023/07/31 05:04:06 tb Exp $ */
/* $OpenBSD: bn.h,v 1.77 2024/03/02 09:27:31 tb Exp $ */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -391,13 +391,6 @@ int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
#endif
int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont);
int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1,
const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m,
BN_CTX *ctx, BN_MONT_CTX *m_ctx);
int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx);
int BN_mask_bits(BIGNUM *a, int n);
int BN_print_fp(FILE *fp, const BIGNUM *a);

5
lib/libcrypto/bn/bn_exp.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn_exp.c,v 1.50 2023/10/19 10:27:27 tb Exp $ */
/* $OpenBSD: bn_exp.c,v 1.52 2024/03/02 09:27:31 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -304,7 +304,6 @@ BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
return ret;
}
LCRYPTO_ALIAS(BN_mod_exp_simple);
/* BN_mod_exp_mont_consttime() stores the precomputed powers in a specific layout
* so that accessing any of these table values shows the same access pattern as far
@ -962,7 +961,6 @@ err:
BN_CTX_end(ctx);
return (ret);
}
LCRYPTO_ALIAS(BN_mod_exp_mont_word);
int
BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
@ -1354,4 +1352,3 @@ err:
BN_CTX_end(ctx);
return (ret);
}
LCRYPTO_ALIAS(BN_mod_exp2_mont);

11
lib/libcrypto/bn/bn_local.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn_local.h,v 1.38 2023/08/09 09:23:03 tb Exp $ */
/* $OpenBSD: bn_local.h,v 1.40 2024/03/02 09:27:31 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -308,6 +308,15 @@ int BN_div_ct(BIGNUM *q, BIGNUM *r, const BIGNUM *n, const BIGNUM *d,
int BN_mod_ct(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
int BN_mod_nonct(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1,
const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m,
BN_CTX *ctx, BN_MONT_CTX *m_ctx);
int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx);
BIGNUM *BN_mod_inverse_ct(BIGNUM *ret, const BIGNUM *a, const BIGNUM *n,
BN_CTX *ctx);
BIGNUM *BN_mod_inverse_nonct(BIGNUM *ret, const BIGNUM *a, const BIGNUM *n,

3
lib/libcrypto/bn/bn_print.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn_print.c,v 1.46 2023/07/22 17:14:08 tb Exp $ */
/* $OpenBSD: bn_print.c,v 1.47 2024/03/02 09:18:28 tb Exp $ */
/*
* Copyright (c) 2023 Theo Buehler <tb@openbsd.org>
@ -25,6 +25,7 @@
#include <openssl/bio.h>
#include <openssl/bn.h>
#include "bio_local.h"
#include "bn_local.h"
#include "bytestring.h"

17
lib/libcrypto/cmac/cmac.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: cmac.c,v 1.22 2024/01/30 17:43:39 tb Exp $ */
/* $OpenBSD: cmac.c,v 1.23 2024/03/02 09:30:21 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
@ -323,18 +323,3 @@ CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen)
return 1;
}
LCRYPTO_ALIAS(CMAC_Final);
int
CMAC_resume(CMAC_CTX *ctx)
{
if (ctx->nlast_block == -1)
return 0;
/* The buffer "tbl" containes the last fully encrypted block
* which is the last IV (or all zeroes if no last encrypted block).
* The last block has not been modified since CMAC_final().
* So reinitialising using the last decrypted block will allow
* CMAC to continue after calling CMAC_Final().
*/
return EVP_EncryptInit_ex(ctx->cipher_ctx, NULL, NULL, NULL, ctx->tbl);
}
LCRYPTO_ALIAS(CMAC_resume);

3
lib/libcrypto/cmac/cmac.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: cmac.h,v 1.3 2014/06/21 13:42:14 jsing Exp $ */
/* $OpenBSD: cmac.h,v 1.4 2024/03/02 09:30:21 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
@ -74,7 +74,6 @@ int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
const EVP_CIPHER *cipher, ENGINE *impl);
int CMAC_Update(CMAC_CTX *ctx, const void *data, size_t dlen);
int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen);
int CMAC_resume(CMAC_CTX *ctx);
#ifdef __cplusplus
}

4
lib/libcrypto/conf/conf_api.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: conf_api.c,v 1.17 2024/01/24 14:05:10 jsing Exp $ */
/* $OpenBSD: conf_api.c,v 1.18 2024/03/02 11:11:11 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -69,6 +69,8 @@
#include <openssl/conf.h>
#include <openssl/conf_api.h>
#include "lhash_local.h"
static void value_free_hash_doall_arg(CONF_VALUE *a,
LHASH_OF(CONF_VALUE) *conf);
static void value_free_stack_doall(CONF_VALUE *a);

10
lib/libcrypto/conf/conf_mall.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: conf_mall.c,v 1.10 2023/11/19 15:46:09 tb Exp $ */
/* $OpenBSD: conf_mall.c,v 1.11 2024/03/02 09:02:04 tb Exp $ */
/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
* project 2001.
*/
@ -56,16 +56,10 @@
*
*/
#include <stdio.h>
#include <openssl/opensslconf.h>
#include <openssl/asn1.h>
#include <openssl/conf.h>
#include <openssl/crypto.h>
#include <openssl/x509.h>
/* Load all OpenSSL builtin modules */
void ASN1_add_oid_module(void);
void
OPENSSL_load_builtin_modules(void)

4
lib/libcrypto/cryptlib.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: cryptlib.c,v 1.47 2023/12/14 15:31:22 tb Exp $ */
/* $OpenBSD: cryptlib.c,v 1.48 2024/03/02 11:37:13 tb Exp $ */
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
@ -124,6 +124,8 @@
#include <openssl/opensslconf.h>
#include <openssl/crypto.h>
#include "crypto_local.h"
static void (*locking_callback)(int mode, int type,
const char *file, int line) = NULL;
static int (*add_lock_callback)(int *pointer, int amount,

110
lib/libcrypto/crypto.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: crypto.h,v 1.64 2024/02/18 16:28:37 tb Exp $ */
/* $OpenBSD: crypto.h,v 1.72 2024/03/02 15:40:05 tb Exp $ */
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
@ -117,6 +117,7 @@
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
#ifndef HEADER_CRYPTO_H
#define HEADER_CRYPTO_H
@ -240,7 +241,7 @@ typedef struct {
typedef struct bio_st BIO_dummy;
struct crypto_ex_data_st {
STACK_OF(void) *sk;
void *sk;
};
DECLARE_STACK_OF(void)
@ -272,26 +273,10 @@ DECLARE_STACK_OF(void)
#endif
int CRYPTO_mem_ctrl(int mode);
int CRYPTO_is_mem_check_on(void);
/* for applications */
#define MemCheck_start() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON)
#define MemCheck_stop() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF)
#define OPENSSL_malloc(num) CRYPTO_malloc((int)num,NULL,0)
#define OPENSSL_malloc(num) CRYPTO_malloc((num),NULL,0)
#define OPENSSL_strdup(str) CRYPTO_strdup((str),NULL,0)
#define OPENSSL_realloc(addr,num) \
CRYPTO_realloc((char *)addr,(int)num,NULL,0)
#define OPENSSL_realloc_clean(addr,old_num,num) \
CRYPTO_realloc_clean(addr,old_num,num,NULL,0)
#define OPENSSL_remalloc(addr,num) \
CRYPTO_remalloc((char **)addr,(int)num,NULL,0)
#define OPENSSL_freeFunc CRYPTO_free
#define OPENSSL_free(addr) CRYPTO_free(addr)
#define OPENSSL_malloc_locked(num) \
CRYPTO_malloc_locked((int)num,NULL,0)
#define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr)
#define OPENSSL_free(addr) CRYPTO_free((addr),NULL,0)
#endif
const char *OpenSSL_version(int type);
@ -329,14 +314,7 @@ int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file,
int line);
/* Don't use this structure directly. */
typedef struct crypto_threadid_st {
void *ptr;
unsigned long val;
} CRYPTO_THREADID;
void CRYPTO_THREADID_current(CRYPTO_THREADID *id);
int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b);
void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src);
unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id);
typedef struct crypto_threadid_st CRYPTO_THREADID;
#ifndef LIBRESSL_INTERNAL
/* These functions are deprecated no-op stubs */
@ -376,87 +354,19 @@ void (*CRYPTO_get_dynlock_destroy_callback(void))(struct CRYPTO_dynlock_value *l
/* CRYPTO_set_mem_functions includes CRYPTO_set_locked_mem_functions --
* call the latter last if you need different functions */
int CRYPTO_set_mem_functions(void *(*m)(size_t), void *(*r)(void *, size_t), void (*f)(void *));
int CRYPTO_set_locked_mem_functions(void *(*m)(size_t), void (*free_func)(void *));
int CRYPTO_set_mem_ex_functions(void *(*m)(size_t, const char *, int),
void *(*r)(void *, size_t, const char *, int), void (*f)(void *));
int CRYPTO_set_locked_mem_ex_functions(void *(*m)(size_t, const char *, int),
void (*free_func)(void *));
int CRYPTO_set_mem_debug_functions(
void (*m)(void *, int, const char *, int, int),
void (*r)(void *, void *, int, const char *, int, int),
void (*f)(void *, int), void (*so)(long), long (*go)(void));
void CRYPTO_get_mem_functions(void *(**m)(size_t), void *(**r)(void *, size_t),
void (**f)(void *));
void CRYPTO_get_locked_mem_functions(void *(**m)(size_t), void (**f)(void *));
void CRYPTO_get_mem_ex_functions(void *(**m)(size_t, const char *, int),
void *(**r)(void *, size_t, const char *, int), void (**f)(void *));
void CRYPTO_get_locked_mem_ex_functions(void *(**m)(size_t, const char *, int),
void (**f)(void *));
void CRYPTO_get_mem_debug_functions(
void (**m)(void *, int, const char *, int, int),
void (**r)(void *, void *, int, const char *, int, int),
void (**f)(void *, int), void (**so)(long), long (**go)(void));
#ifndef LIBRESSL_INTERNAL
void *CRYPTO_malloc_locked(int num, const char *file, int line);
void CRYPTO_free_locked(void *ptr);
void *CRYPTO_malloc(int num, const char *file, int line);
void *CRYPTO_malloc(size_t num, const char *file, int line);
char *CRYPTO_strdup(const char *str, const char *file, int line);
void CRYPTO_free(void *ptr);
void *CRYPTO_realloc(void *addr, int num, const char *file, int line);
void CRYPTO_free(void *ptr, const char *file, int line);
#endif
void *CRYPTO_realloc_clean(void *addr, int old_num, int num,
const char *file, int line);
void *CRYPTO_remalloc(void *addr, int num, const char *file, int line);
#ifndef LIBRESSL_INTERNAL
void OPENSSL_cleanse(void *ptr, size_t len);
#endif
void CRYPTO_set_mem_debug_options(long bits);
long CRYPTO_get_mem_debug_options(void);
#define CRYPTO_push_info(info) \
CRYPTO_push_info_(info, NULL, 0);
int CRYPTO_push_info_(const char *info, const char *file, int line);
int CRYPTO_pop_info(void);
int CRYPTO_remove_all_info(void);
/* Default debugging functions (enabled by CRYPTO_malloc_debug_init() macro;
* used as default in CRYPTO_MDEBUG compilations): */
/* The last argument has the following significance:
*
* 0: called before the actual memory allocation has taken place
* 1: called after the actual memory allocation has taken place
*/
void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line, int before_p)
__attribute__ ((deprecated));
void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num, const char *file, int line, int before_p)
__attribute__ ((deprecated));
void CRYPTO_dbg_free(void *addr, int before_p)
__attribute__ ((deprecated));
/* Tell the debugging code about options. By default, the following values
* apply:
*
* 0: Clear all options.
* V_CRYPTO_MDEBUG_TIME (1): Set the "Show Time" option.
* V_CRYPTO_MDEBUG_THREAD (2): Set the "Show Thread Number" option.
* V_CRYPTO_MDEBUG_ALL (3): 1 + 2
*/
void CRYPTO_dbg_set_options(long bits)
__attribute__ ((deprecated));
long CRYPTO_dbg_get_options(void)
__attribute__ ((deprecated));
int CRYPTO_mem_leaks_fp(FILE *);
int CRYPTO_mem_leaks(struct bio_st *bio);
/* unsigned long order, char *file, int line, int num_bytes, char *addr */
typedef int *CRYPTO_MEM_LEAK_CB(unsigned long, const char *, int, int, void *);
int CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb);
/*
* Because this is a public header, use a portable method of indicating the
* function does not return, rather than __dead.
@ -471,8 +381,6 @@ void OpenSSLDie(const char *file, int line, const char *assertion);
uint64_t OPENSSL_cpu_caps(void);
int OPENSSL_isservice(void);
#ifndef LIBRESSL_INTERNAL
int FIPS_mode(void);
int FIPS_mode_set(int r);
@ -526,9 +434,7 @@ void OPENSSL_cleanup(void);
* OpenSSL helpfully put OPENSSL_gmtime() here because all other time related
* functions are in asn1.h.
*/
#if defined(LIBRESSL_INTERNAL) || defined(LIBRESSL_NEXT_API)
struct tm *OPENSSL_gmtime(const time_t *time, struct tm *out_tm);
#endif
void ERR_load_CRYPTO_strings(void);

138
lib/libcrypto/crypto_local.h Normal file
View file

@ -0,0 +1,138 @@
/* $OpenBSD: crypto_local.h,v 1.1 2024/03/02 11:37:13 tb Exp $ */
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
* ECDH support in OpenSSL originally developed by
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
*/
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#ifndef HEADER_CRYPTO_LOCAL_H
#define HEADER_CRYPTO_LOCAL_H
__BEGIN_HIDDEN_DECLS
struct crypto_threadid_st {
void *ptr;
unsigned long val;
} /* CRYPTO_THREADID */;
void CRYPTO_THREADID_current(CRYPTO_THREADID *id);
int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b);
void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src);
unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id);
__END_HIDDEN_DECLS
#endif

8
lib/libcrypto/dsa/dsa.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: dsa.h,v 1.43 2023/04/18 08:47:28 tb Exp $ */
/* $OpenBSD: dsa.h,v 1.44 2024/03/02 09:33:14 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -163,12 +163,6 @@ DSA *d2i_DSAparams(DSA **a, const unsigned char **pp, long length);
int i2d_DSAparams(const DSA *a,unsigned char **pp);
extern const ASN1_ITEM DSAparams_it;
/* Wrapped in OPENSSL_NO_DEPRECATED in 0.9.8. Still used in 2023. */
DSA * DSA_generate_parameters(int bits,
unsigned char *seed,int seed_len,
int *counter_ret, unsigned long *h_ret,void
(*callback)(int, int, void *),void *cb_arg);
/* New version */
int DSA_generate_parameters_ex(DSA *dsa, int bits,
const unsigned char *seed,int seed_len,

23
lib/libcrypto/dsa/dsa_gen.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: dsa_gen.c,v 1.30 2023/07/08 14:28:15 beck Exp $ */
/* $OpenBSD: dsa_gen.c,v 1.31 2024/03/02 09:33:14 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -357,25 +357,4 @@ err:
return ok;
}
DSA *
DSA_generate_parameters(int bits, unsigned char *seed_in, int seed_len,
int *counter_ret, unsigned long *h_ret, void (*callback)(int, int, void *),
void *cb_arg)
{
BN_GENCB cb;
DSA *ret;
if ((ret = DSA_new()) == NULL)
return NULL;
BN_GENCB_set_old(&cb, callback, cb_arg);
if (DSA_generate_parameters_ex(ret, bits, seed_in, seed_len,
counter_ret, h_ret, &cb))
return ret;
DSA_free(ret);
return NULL;
}
LCRYPTO_ALIAS(DSA_generate_parameters);
#endif

46
lib/libcrypto/engine/engine.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: engine.h,v 1.43 2023/11/19 15:41:46 tb Exp $ */
/* $OpenBSD: engine.h,v 1.44 2024/03/02 10:22:07 tb Exp $ */
/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
* project 2000.
*/
@ -66,22 +66,8 @@
#include <openssl/opensslconf.h>
#include <openssl/bn.h>
#ifndef OPENSSL_NO_DH
#include <openssl/dh.h>
#endif
#ifndef OPENSSL_NO_DSA
#include <openssl/dsa.h>
#endif
#ifndef OPENSSL_NO_EC
#include <openssl/ec.h>
#endif
#include <openssl/err.h>
#ifndef OPENSSL_NO_RSA
#include <openssl/rsa.h>
#endif
#include <openssl/ui.h>
#include <openssl/x509.h>
#include <openssl/ossl_typ.h>
@ -102,36 +88,6 @@ extern "C" {
#define ENGINE_METHOD_ALL (unsigned int)0xFFFF
#define ENGINE_METHOD_NONE (unsigned int)0x0000
#define ENGINE_TABLE_FLAG_NOINIT (unsigned int)0x0001
#define ENGINE_FLAGS_MANUAL_CMD_CTRL (int)0x0002
#define ENGINE_FLAGS_BY_ID_COPY (int)0x0004
#define ENGINE_FLAGS_NO_REGISTER_ALL (int)0x0008
#define ENGINE_CMD_FLAG_NUMERIC (unsigned int)0x0001
#define ENGINE_CMD_FLAG_STRING (unsigned int)0x0002
#define ENGINE_CMD_FLAG_NO_INPUT (unsigned int)0x0004
#define ENGINE_CMD_FLAG_INTERNAL (unsigned int)0x0008
#define ENGINE_CTRL_SET_LOGSTREAM 1
#define ENGINE_CTRL_SET_PASSWORD_CALLBACK 2
#define ENGINE_CTRL_HUP 3
#define ENGINE_CTRL_SET_USER_INTERFACE 4
#define ENGINE_CTRL_SET_CALLBACK_DATA 5
#define ENGINE_CTRL_LOAD_CONFIGURATION 6
#define ENGINE_CTRL_LOAD_SECTION 7
#define ENGINE_CTRL_HAS_CTRL_FUNCTION 10
#define ENGINE_CTRL_GET_FIRST_CMD_TYPE 11
#define ENGINE_CTRL_GET_NEXT_CMD_TYPE 12
#define ENGINE_CTRL_GET_CMD_FROM_NAME 13
#define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD 14
#define ENGINE_CTRL_GET_NAME_FROM_CMD 15
#define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD 16
#define ENGINE_CTRL_GET_DESC_FROM_CMD 17
#define ENGINE_CTRL_GET_CMD_FLAGS 18
#define ENGINE_CMD_BASE 200
/*
* Prototypes for the stub functions in engine_stubs.c. They are provided to
* build M2Crypto, Dovecot, apr-utils without patching.

20
lib/libcrypto/err/err.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: err.c,v 1.58 2024/02/24 07:53:01 tb Exp $ */
/* $OpenBSD: err.c,v 1.60 2024/03/02 11:37:13 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -122,14 +122,29 @@
#include <openssl/err.h>
#include <openssl/lhash.h>
#include "crypto_local.h"
DECLARE_LHASH_OF(ERR_STRING_DATA);
DECLARE_LHASH_OF(ERR_STATE);
typedef struct st_ERR_FNS ERR_FNS;
typedef struct err_state_st {
CRYPTO_THREADID tid;
int err_flags[ERR_NUM_ERRORS];
unsigned long err_buffer[ERR_NUM_ERRORS];
char *err_data[ERR_NUM_ERRORS];
int err_data_flags[ERR_NUM_ERRORS];
const char *err_file[ERR_NUM_ERRORS];
int err_line[ERR_NUM_ERRORS];
int top, bottom;
} ERR_STATE;
static void err_load_strings(int lib, ERR_STRING_DATA *str);
static ERR_STATE *ERR_get_state(void);
static void ERR_STATE_free(ERR_STATE *s);
#ifndef OPENSSL_NO_ERR
static ERR_STRING_DATA ERR_str_libraries[] = {
{ERR_PACK(ERR_LIB_NONE,0,0), "unknown library"},
@ -1020,7 +1035,7 @@ ERR_remove_state(unsigned long pid)
}
LCRYPTO_ALIAS(ERR_remove_state);
ERR_STATE *
static ERR_STATE *
ERR_get_state(void)
{
static ERR_STATE fallback;
@ -1058,7 +1073,6 @@ ERR_get_state(void)
}
return ret;
}
LCRYPTO_ALIAS(ERR_get_state);
int
ERR_get_next_error_library(void)

17
lib/libcrypto/err/err.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: err.h,v 1.31 2023/07/28 10:23:19 tb Exp $ */
/* $OpenBSD: err.h,v 1.33 2024/03/02 10:32:26 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -143,16 +143,6 @@ extern "C" {
#define ERR_FLAG_MARK 0x01
#define ERR_NUM_ERRORS 16
typedef struct err_state_st {
CRYPTO_THREADID tid;
int err_flags[ERR_NUM_ERRORS];
unsigned long err_buffer[ERR_NUM_ERRORS];
char *err_data[ERR_NUM_ERRORS];
int err_data_flags[ERR_NUM_ERRORS];
const char *err_file[ERR_NUM_ERRORS];
int err_line[ERR_NUM_ERRORS];
int top, bottom;
} ERR_STATE;
/* library */
#define ERR_LIB_NONE 1
@ -388,8 +378,8 @@ void ERR_asprintf_error_data(char * format, ...);
void ERR_add_error_data(int num, ...);
void ERR_add_error_vdata(int num, va_list args);
#endif
void ERR_load_strings(int lib, ERR_STRING_DATA str[]);
void ERR_unload_strings(int lib, ERR_STRING_DATA str[]);
void ERR_load_strings(int lib, ERR_STRING_DATA *str);
void ERR_unload_strings(int lib, ERR_STRING_DATA *str);
void ERR_load_ERR_strings(void);
void ERR_load_crypto_strings(void);
void ERR_free_strings(void);
@ -397,7 +387,6 @@ void ERR_free_strings(void);
void ERR_remove_thread_state(const CRYPTO_THREADID *tid);
/* Wrapped in OPENSSL_NO_DEPRECATED in 0.9.8. Still used in 2023. */
void ERR_remove_state(unsigned long pid);
ERR_STATE *ERR_get_state(void);
int ERR_get_next_error_library(void);

5
lib/libcrypto/err/err_all.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: err_all.c,v 1.33 2023/11/19 15:46:09 tb Exp $ */
/* $OpenBSD: err_all.c,v 1.34 2024/03/02 13:39:28 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -94,9 +94,6 @@
#ifndef OPENSSL_NO_RSA
#include <openssl/rsa.h>
#endif
#ifndef OPENSSL_NO_GOST
#include <openssl/gost.h>
#endif
void ERR_load_ERR_strings_internal(void);

3
lib/libcrypto/err/err_prn.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: err_prn.c,v 1.22 2024/01/10 14:23:37 tb Exp $ */
/* $OpenBSD: err_prn.c,v 1.23 2024/03/02 11:37:13 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -66,6 +66,7 @@
#include <openssl/lhash.h>
#include "bio_local.h"
#include "crypto_local.h"
void
ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u), void *u)

604
lib/libcrypto/evp/e_aes_cbc_hmac_sha1.c
View file

@ -1,604 +0,0 @@
/* $OpenBSD: e_aes_cbc_hmac_sha1.c,v 1.20 2024/01/08 09:31:09 tb Exp $ */
/* ====================================================================
* Copyright (c) 2011-2013 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdio.h>
#include <string.h>
#include <openssl/opensslconf.h>
#if !defined(OPENSSL_NO_AES) && !defined(OPENSSL_NO_SHA1)
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/aes.h>
#include <openssl/sha.h>
#include "constant_time.h"
#include "evp_local.h"
#define TLS1_1_VERSION 0x0302
typedef struct {
AES_KEY ks;
SHA_CTX head, tail, md;
size_t payload_length; /* AAD length in decrypt case */
union {
unsigned int tls_ver;
unsigned char tls_aad[16]; /* 13 used */
} aux;
} EVP_AES_HMAC_SHA1;
#define NO_PAYLOAD_LENGTH ((size_t)-1)
#if defined(AES_ASM) && ( \
defined(__x86_64) || defined(__x86_64__) || \
defined(_M_AMD64) || defined(_M_X64) || \
defined(__INTEL__) )
#include "x86_arch.h"
#if defined(__GNUC__) && __GNUC__>=2
# define BSWAP(x) ({ unsigned int r=(x); asm ("bswapl %0":"=r"(r):"0"(r)); r; })
#endif
int aesni_set_encrypt_key(const unsigned char *userKey, int bits, AES_KEY *key);
int aesni_set_decrypt_key(const unsigned char *userKey, int bits, AES_KEY *key);
void aesni_cbc_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const AES_KEY *key, unsigned char *ivec, int enc);
void aesni_cbc_sha1_enc (const void *inp, void *out, size_t blocks,
const AES_KEY *key, unsigned char iv[16], SHA_CTX *ctx, const void *in0);
#define data(ctx) ((EVP_AES_HMAC_SHA1 *)(ctx)->cipher_data)
static int
aesni_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *inkey,
const unsigned char *iv, int enc)
{
EVP_AES_HMAC_SHA1 *key = data(ctx);
int ret;
if (enc)
ret = aesni_set_encrypt_key(inkey, ctx->key_len * 8, &key->ks);
else
ret = aesni_set_decrypt_key(inkey, ctx->key_len * 8, &key->ks);
SHA1_Init(&key->head); /* handy when benchmarking */
key->tail = key->head;
key->md = key->head;
key->payload_length = NO_PAYLOAD_LENGTH;
return ret < 0 ? 0 : 1;
}
#define STITCHED_CALL
#if !defined(STITCHED_CALL)
#define aes_off 0
#endif
void sha1_block_data_order (void *c, const void *p, size_t len);
static void
sha1_update(SHA_CTX *c, const void *data, size_t len)
{
const unsigned char *ptr = data;
size_t res;
if ((res = c->num)) {
res = SHA_CBLOCK - res;
if (len < res)
res = len;
SHA1_Update(c, ptr, res);
ptr += res;
len -= res;
}
res = len % SHA_CBLOCK;
len -= res;
if (len) {
sha1_block_data_order(c, ptr, len / SHA_CBLOCK);
ptr += len;
c->Nh += len >> 29;
c->Nl += len <<= 3;
if (c->Nl < (unsigned int)len)
c->Nh++;
}
if (res)
SHA1_Update(c, ptr, res);
}
#ifdef SHA1_Update
#undef SHA1_Update
#endif
#define SHA1_Update sha1_update
static int
aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t len)
{
EVP_AES_HMAC_SHA1 *key = data(ctx);
unsigned int l;
size_t plen = key->payload_length,
iv = 0, /* explicit IV in TLS 1.1 and later */
sha_off = 0;
#if defined(STITCHED_CALL)
size_t aes_off = 0, blocks;
sha_off = SHA_CBLOCK - key->md.num;
#endif
key->payload_length = NO_PAYLOAD_LENGTH;
if (len % AES_BLOCK_SIZE)
return 0;
if (ctx->encrypt) {
if (plen == NO_PAYLOAD_LENGTH)
plen = len;
else if (len != ((plen + SHA_DIGEST_LENGTH + AES_BLOCK_SIZE) &
-AES_BLOCK_SIZE))
return 0;
else if (key->aux.tls_ver >= TLS1_1_VERSION)
iv = AES_BLOCK_SIZE;
#if defined(STITCHED_CALL)
if (plen > (sha_off + iv) &&
(blocks = (plen - (sha_off + iv)) / SHA_CBLOCK)) {
SHA1_Update(&key->md, in + iv, sha_off);
aesni_cbc_sha1_enc(in, out, blocks, &key->ks,
ctx->iv, &key->md, in + iv + sha_off);
blocks *= SHA_CBLOCK;
aes_off += blocks;
sha_off += blocks;
key->md.Nh += blocks >> 29;
key->md.Nl += blocks <<= 3;
if (key->md.Nl < (unsigned int)blocks)
key->md.Nh++;
} else {
sha_off = 0;
}
#endif
sha_off += iv;
SHA1_Update(&key->md, in + sha_off, plen - sha_off);
if (plen != len) { /* "TLS" mode of operation */
if (in != out)
memcpy(out + aes_off, in + aes_off,
plen - aes_off);
/* calculate HMAC and append it to payload */
SHA1_Final(out + plen, &key->md);
key->md = key->tail;
SHA1_Update(&key->md, out + plen, SHA_DIGEST_LENGTH);
SHA1_Final(out + plen, &key->md);
/* pad the payload|hmac */
plen += SHA_DIGEST_LENGTH;
for (l = len - plen - 1; plen < len; plen++)
out[plen] = l;
/* encrypt HMAC|padding at once */
aesni_cbc_encrypt(out + aes_off, out + aes_off,
len - aes_off, &key->ks, ctx->iv, 1);
} else {
aesni_cbc_encrypt(in + aes_off, out + aes_off,
len - aes_off, &key->ks, ctx->iv, 1);
}
} else {
union {
unsigned int u[SHA_DIGEST_LENGTH/sizeof(unsigned int)];
unsigned char c[32 + SHA_DIGEST_LENGTH];
} mac, *pmac;
/* arrange cache line alignment */
pmac = (void *)(((size_t)mac.c + 31) & ((size_t)0 - 32));
/* decrypt HMAC|padding at once */
aesni_cbc_encrypt(in, out, len, &key->ks, ctx->iv, 0);
if (plen == 0 || plen == NO_PAYLOAD_LENGTH) {
SHA1_Update(&key->md, out, len);
} else if (plen < 4) {
return 0;
} else { /* "TLS" mode of operation */
size_t inp_len, mask, j, i;
unsigned int res, maxpad, pad, bitlen;
int ret = 1;
union {
unsigned int u[SHA_LBLOCK];
unsigned char c[SHA_CBLOCK];
}
*data = (void *)key->md.data;
if ((key->aux.tls_aad[plen - 4] << 8 |
key->aux.tls_aad[plen - 3]) >= TLS1_1_VERSION)
iv = AES_BLOCK_SIZE;
if (len < (iv + SHA_DIGEST_LENGTH + 1))
return 0;
/* omit explicit iv */
out += iv;
len -= iv;
/* figure out payload length */
pad = out[len - 1];
maxpad = len - (SHA_DIGEST_LENGTH + 1);
maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8);
maxpad &= 255;
ret &= constant_time_ge(maxpad, pad);
inp_len = len - (SHA_DIGEST_LENGTH + pad + 1);
mask = (0 - ((inp_len - len) >>
(sizeof(inp_len) * 8 - 1)));
inp_len &= mask;
ret &= (int)mask;
key->aux.tls_aad[plen - 2] = inp_len >> 8;
key->aux.tls_aad[plen - 1] = inp_len;
/* calculate HMAC */
key->md = key->head;
SHA1_Update(&key->md, key->aux.tls_aad, plen);
#if 1
len -= SHA_DIGEST_LENGTH; /* amend mac */
if (len >= (256 + SHA_CBLOCK)) {
j = (len - (256 + SHA_CBLOCK)) &
(0 - SHA_CBLOCK);
j += SHA_CBLOCK - key->md.num;
SHA1_Update(&key->md, out, j);
out += j;
len -= j;
inp_len -= j;
}
/* but pretend as if we hashed padded payload */
bitlen = key->md.Nl + (inp_len << 3); /* at most 18 bits */
#ifdef BSWAP
bitlen = BSWAP(bitlen);
#else
mac.c[0] = 0;
mac.c[1] = (unsigned char)(bitlen >> 16);
mac.c[2] = (unsigned char)(bitlen >> 8);
mac.c[3] = (unsigned char)bitlen;
bitlen = mac.u[0];
#endif
pmac->u[0] = 0;
pmac->u[1] = 0;
pmac->u[2] = 0;
pmac->u[3] = 0;
pmac->u[4] = 0;
for (res = key->md.num, j = 0; j < len; j++) {
size_t c = out[j];
mask = (j - inp_len) >> (sizeof(j) * 8 - 8);
c &= mask;
c |= 0x80 & ~mask &
~((inp_len - j) >> (sizeof(j) * 8 - 8));
data->c[res++] = (unsigned char)c;
if (res != SHA_CBLOCK)
continue;
/* j is not incremented yet */
mask = 0 - ((inp_len + 7 - j) >>
(sizeof(j) * 8 - 1));
data->u[SHA_LBLOCK - 1] |= bitlen&mask;
sha1_block_data_order(&key->md, data, 1);
mask &= 0 - ((j - inp_len - 72) >>
(sizeof(j) * 8 - 1));
pmac->u[0] |= key->md.h0 & mask;
pmac->u[1] |= key->md.h1 & mask;
pmac->u[2] |= key->md.h2 & mask;
pmac->u[3] |= key->md.h3 & mask;
pmac->u[4] |= key->md.h4 & mask;
res = 0;
}
for (i = res; i < SHA_CBLOCK; i++, j++)
data->c[i] = 0;
if (res > SHA_CBLOCK - 8) {
mask = 0 - ((inp_len + 8 - j) >>
(sizeof(j) * 8 - 1));
data->u[SHA_LBLOCK - 1] |= bitlen & mask;
sha1_block_data_order(&key->md, data, 1);
mask &= 0 - ((j - inp_len - 73) >>
(sizeof(j) * 8 - 1));
pmac->u[0] |= key->md.h0 & mask;
pmac->u[1] |= key->md.h1 & mask;
pmac->u[2] |= key->md.h2 & mask;
pmac->u[3] |= key->md.h3 & mask;
pmac->u[4] |= key->md.h4 & mask;
memset(data, 0, SHA_CBLOCK);
j += 64;
}
data->u[SHA_LBLOCK - 1] = bitlen;
sha1_block_data_order(&key->md, data, 1);
mask = 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1));
pmac->u[0] |= key->md.h0 & mask;
pmac->u[1] |= key->md.h1 & mask;
pmac->u[2] |= key->md.h2 & mask;
pmac->u[3] |= key->md.h3 & mask;
pmac->u[4] |= key->md.h4 & mask;
#ifdef BSWAP
pmac->u[0] = BSWAP(pmac->u[0]);
pmac->u[1] = BSWAP(pmac->u[1]);
pmac->u[2] = BSWAP(pmac->u[2]);
pmac->u[3] = BSWAP(pmac->u[3]);
pmac->u[4] = BSWAP(pmac->u[4]);
#else
for (i = 0; i < 5; i++) {
res = pmac->u[i];
pmac->c[4 * i + 0] = (unsigned char)(res >> 24);
pmac->c[4 * i + 1] = (unsigned char)(res >> 16);
pmac->c[4 * i + 2] = (unsigned char)(res >> 8);
pmac->c[4 * i + 3] = (unsigned char)res;
}
#endif
len += SHA_DIGEST_LENGTH;
#else
SHA1_Update(&key->md, out, inp_len);
res = key->md.num;
SHA1_Final(pmac->c, &key->md);
{
unsigned int inp_blocks, pad_blocks;
/* but pretend as if we hashed padded payload */
inp_blocks = 1 + ((SHA_CBLOCK - 9 - res) >>
(sizeof(res) * 8 - 1));
res += (unsigned int)(len - inp_len);
pad_blocks = res / SHA_CBLOCK;
res %= SHA_CBLOCK;
pad_blocks += 1 + ((SHA_CBLOCK - 9 - res) >>
(sizeof(res) * 8 - 1));
for (; inp_blocks < pad_blocks; inp_blocks++)
sha1_block_data_order(&key->md,
data, 1);
}
#endif
key->md = key->tail;
SHA1_Update(&key->md, pmac->c, SHA_DIGEST_LENGTH);
SHA1_Final(pmac->c, &key->md);
/* verify HMAC */
out += inp_len;
len -= inp_len;
#if 1
{
unsigned char *p =
out + len - 1 - maxpad - SHA_DIGEST_LENGTH;
size_t off = out - p;
unsigned int c, cmask;
maxpad += SHA_DIGEST_LENGTH;
for (res = 0, i = 0, j = 0; j < maxpad; j++) {
c = p[j];
cmask = ((int)(j - off -
SHA_DIGEST_LENGTH)) >>
(sizeof(int) * 8 - 1);
res |= (c ^ pad) & ~cmask; /* ... and padding */
cmask &= ((int)(off - 1 - j)) >>
(sizeof(int) * 8 - 1);
res |= (c ^ pmac->c[i]) & cmask;
i += 1 & cmask;
}
maxpad -= SHA_DIGEST_LENGTH;
res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
ret &= (int)~res;
}
#else
for (res = 0, i = 0; i < SHA_DIGEST_LENGTH; i++)
res |= out[i] ^ pmac->c[i];
res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
ret &= (int)~res;
/* verify padding */
pad = (pad & ~res) | (maxpad & res);
out = out + len - 1 - pad;
for (res = 0, i = 0; i < pad; i++)
res |= out[i] ^ pad;
res = (0 - res) >> (sizeof(res) * 8 - 1);
ret &= (int)~res;
#endif
return ret;
}
}
return 1;
}
static int
aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
{
EVP_AES_HMAC_SHA1 *key = data(ctx);
switch (type) {
case EVP_CTRL_AEAD_SET_MAC_KEY:
{
unsigned int i;
unsigned char hmac_key[64];
memset(hmac_key, 0, sizeof(hmac_key));
if (arg > (int)sizeof(hmac_key)) {
SHA1_Init(&key->head);
SHA1_Update(&key->head, ptr, arg);
SHA1_Final(hmac_key, &key->head);
} else {
memcpy(hmac_key, ptr, arg);
}
for (i = 0; i < sizeof(hmac_key); i++)
hmac_key[i] ^= 0x36; /* ipad */
SHA1_Init(&key->head);
SHA1_Update(&key->head, hmac_key, sizeof(hmac_key));
for (i = 0; i < sizeof(hmac_key); i++)
hmac_key[i] ^= 0x36 ^ 0x5c; /* opad */
SHA1_Init(&key->tail);
SHA1_Update(&key->tail, hmac_key, sizeof(hmac_key));
explicit_bzero(hmac_key, sizeof(hmac_key));
return 1;
}
case EVP_CTRL_AEAD_TLS1_AAD:
{
unsigned char *p = ptr;
unsigned int len;
/* RFC 5246, 6.2.3.3: additional data has length 13 */
if (arg != 13)
return -1;
len = p[arg - 2] << 8 | p[arg - 1];
if (ctx->encrypt) {
key->payload_length = len;
if ((key->aux.tls_ver = p[arg - 4] << 8 |
p[arg - 3]) >= TLS1_1_VERSION) {
len -= AES_BLOCK_SIZE;
p[arg - 2] = len >> 8;
p[arg - 1] = len;
}
key->md = key->head;
SHA1_Update(&key->md, p, arg);
return (int)(((len + SHA_DIGEST_LENGTH +
AES_BLOCK_SIZE) & -AES_BLOCK_SIZE) - len);
} else {
memcpy(key->aux.tls_aad, ptr, arg);
key->payload_length = arg;
return SHA_DIGEST_LENGTH;
}
}
default:
return -1;
}
}
static const EVP_CIPHER aesni_128_cbc_hmac_sha1_cipher = {
#ifdef NID_aes_128_cbc_hmac_sha1
.nid = NID_aes_128_cbc_hmac_sha1,
#else
.nid = NID_undef,
#endif
.block_size = 16,
.key_len = 16,
.iv_len = 16,
.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 |
EVP_CIPH_FLAG_AEAD_CIPHER,
.init = aesni_cbc_hmac_sha1_init_key,
.do_cipher = aesni_cbc_hmac_sha1_cipher,
.ctx_size = sizeof(EVP_AES_HMAC_SHA1),
.ctrl = aesni_cbc_hmac_sha1_ctrl
};
static const EVP_CIPHER aesni_256_cbc_hmac_sha1_cipher = {
#ifdef NID_aes_256_cbc_hmac_sha1
.nid = NID_aes_256_cbc_hmac_sha1,
#else
.nid = NID_undef,
#endif
.block_size = 16,
.key_len = 32,
.iv_len = 16,
.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 |
EVP_CIPH_FLAG_AEAD_CIPHER,
.init = aesni_cbc_hmac_sha1_init_key,
.do_cipher = aesni_cbc_hmac_sha1_cipher,
.ctx_size = sizeof(EVP_AES_HMAC_SHA1),
.ctrl = aesni_cbc_hmac_sha1_ctrl
};
const EVP_CIPHER *
EVP_aes_128_cbc_hmac_sha1(void)
{
return (OPENSSL_cpu_caps() & CPUCAP_MASK_AESNI) ?
&aesni_128_cbc_hmac_sha1_cipher : NULL;
}
const EVP_CIPHER *
EVP_aes_256_cbc_hmac_sha1(void)
{
return (OPENSSL_cpu_caps() & CPUCAP_MASK_AESNI) ?
&aesni_256_cbc_hmac_sha1_cipher : NULL;
}
#else
const EVP_CIPHER *
EVP_aes_128_cbc_hmac_sha1(void)
{
return NULL;
}
const EVP_CIPHER *
EVP_aes_256_cbc_hmac_sha1(void)
{
return NULL;
}
#endif
#endif

312
lib/libcrypto/evp/e_gost2814789.c
View file

@ -1,312 +0,0 @@
/* $OpenBSD: e_gost2814789.c,v 1.14 2024/01/04 17:38:36 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <string.h>
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_GOST
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/gost.h>
#include "evp_local.h"
typedef struct {
GOST2814789_KEY ks;
int param_nid;
} EVP_GOST2814789_CTX;
static int
gost2814789_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
EVP_GOST2814789_CTX *c = ctx->cipher_data;
return Gost2814789_set_key(&c->ks, key, ctx->key_len * 8);
}
static int
gost2814789_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
{
EVP_GOST2814789_CTX *c = ctx->cipher_data;
switch (type) {
case EVP_CTRL_PBE_PRF_NID:
if (ptr != NULL) {
*((int *)ptr) = NID_id_HMACGostR3411_94;
return 1;
} else {
return 0;
}
case EVP_CTRL_INIT:
/* Default value to have any s-box set at all */
c->param_nid = NID_id_Gost28147_89_CryptoPro_A_ParamSet;
return Gost2814789_set_sbox(&c->ks, c->param_nid);
case EVP_CTRL_GOST_SET_SBOX:
return Gost2814789_set_sbox(&c->ks, arg);
default:
return -1;
}
}
int
gost2814789_set_asn1_params(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
{
int len = 0;
unsigned char *buf = NULL;
unsigned char *p = NULL;
EVP_GOST2814789_CTX *c = ctx->cipher_data;
ASN1_OCTET_STRING *os = NULL;
GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new();
if (gcp == NULL) {
GOSTerror(ERR_R_MALLOC_FAILURE);
return 0;
}
if (ASN1_OCTET_STRING_set(gcp->iv, ctx->iv, ctx->cipher->iv_len) == 0) {
GOST_CIPHER_PARAMS_free(gcp);
GOSTerror(ERR_R_ASN1_LIB);
return 0;
}
ASN1_OBJECT_free(gcp->enc_param_set);
gcp->enc_param_set = OBJ_nid2obj(c->param_nid);
len = i2d_GOST_CIPHER_PARAMS(gcp, NULL);
p = buf = malloc(len);
if (buf == NULL) {
GOST_CIPHER_PARAMS_free(gcp);
GOSTerror(ERR_R_MALLOC_FAILURE);
return 0;
}
i2d_GOST_CIPHER_PARAMS(gcp, &p);
GOST_CIPHER_PARAMS_free(gcp);
os = ASN1_OCTET_STRING_new();
if (os == NULL) {
free(buf);
GOSTerror(ERR_R_MALLOC_FAILURE);
return 0;
}
if (ASN1_OCTET_STRING_set(os, buf, len) == 0) {
ASN1_OCTET_STRING_free(os);
free(buf);
GOSTerror(ERR_R_ASN1_LIB);
return 0;
}
free(buf);
ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os);
return 1;
}
int
gost2814789_get_asn1_params(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
{
int ret = -1;
int len;
GOST_CIPHER_PARAMS *gcp = NULL;
EVP_GOST2814789_CTX *c = ctx->cipher_data;
unsigned char *p;
if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE)
return ret;
p = params->value.sequence->data;
gcp = d2i_GOST_CIPHER_PARAMS(NULL, (const unsigned char **)&p,
params->value.sequence->length);
len = gcp->iv->length;
if (len != ctx->cipher->iv_len) {
GOST_CIPHER_PARAMS_free(gcp);
GOSTerror(GOST_R_INVALID_IV_LENGTH);
return -1;
}
if (!Gost2814789_set_sbox(&c->ks, OBJ_obj2nid(gcp->enc_param_set))) {
GOST_CIPHER_PARAMS_free(gcp);
return -1;
}
c->param_nid = OBJ_obj2nid(gcp->enc_param_set);
memcpy(ctx->oiv, gcp->iv->data, len);
memcpy(ctx->iv, gcp->iv->data, len);
GOST_CIPHER_PARAMS_free(gcp);
return 1;
}
static int
gost2814789_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl)
{
size_t i, bl;
bl = ctx->cipher->block_size;
if (inl < bl)
return 1;
inl -= bl;
for (i = 0; i <= inl; i += bl)
Gost2814789_ecb_encrypt(in + i, out + i, &((EVP_GOST2814789_CTX *)ctx->cipher_data)->ks, ctx->encrypt);
return 1;
}
static int
gost2814789_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl)
{
size_t chunk = EVP_MAXCHUNK;
if (inl < chunk)
chunk = inl;
while (inl && inl >= chunk) {
Gost2814789_cfb64_encrypt(in, out, chunk, &((EVP_GOST2814789_CTX *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
inl -= chunk;
in += chunk;
out += chunk;
if (inl < chunk)
chunk = inl;
}
return 1;
}
static int
gost2814789_cnt_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t inl)
{
EVP_GOST2814789_CTX *c = ctx->cipher_data;
while (inl >= EVP_MAXCHUNK) {
Gost2814789_cnt_encrypt(in, out, EVP_MAXCHUNK, &c->ks,
ctx->iv, ctx->buf, &ctx->num);
inl -= EVP_MAXCHUNK;
in += EVP_MAXCHUNK;
out += EVP_MAXCHUNK;
}
if (inl)
Gost2814789_cnt_encrypt(in, out, inl, &c->ks, ctx->iv, ctx->buf,
&ctx->num);
return 1;
}
/* gost89 is CFB-64 */
#define NID_gost89_cfb64 NID_id_Gost28147_89
static const EVP_CIPHER gost2814789_ecb = {
.nid = NID_gost89_ecb,
.block_size = 8,
.key_len = 32,
.iv_len = 0,
.flags = EVP_CIPH_NO_PADDING | EVP_CIPH_CTRL_INIT | EVP_CIPH_ECB_MODE,
.init = gost2814789_init_key,
.do_cipher = gost2814789_ecb_cipher,
.cleanup = NULL,
.ctx_size = sizeof(EVP_GOST2814789_CTX),
.set_asn1_parameters = gost2814789_set_asn1_params,
.get_asn1_parameters = gost2814789_get_asn1_params,
.ctrl = gost2814789_ctl,
};
const EVP_CIPHER *
EVP_gost2814789_ecb(void)
{
return &gost2814789_ecb;
}
static const EVP_CIPHER gost2814789_cfb64 = {
.nid = NID_gost89_cfb64,
.block_size = 1,
.key_len = 32,
.iv_len = 8,
.flags = EVP_CIPH_NO_PADDING | EVP_CIPH_CTRL_INIT | EVP_CIPH_CFB_MODE,
.init = gost2814789_init_key,
.do_cipher = gost2814789_cfb64_cipher,
.cleanup = NULL,
.ctx_size = sizeof(EVP_GOST2814789_CTX),
.set_asn1_parameters = gost2814789_set_asn1_params,
.get_asn1_parameters = gost2814789_get_asn1_params,
.ctrl = gost2814789_ctl,
};
const EVP_CIPHER *
EVP_gost2814789_cfb64(void)
{
return &gost2814789_cfb64;
}
static const EVP_CIPHER gost2814789_cnt = {
.nid = NID_gost89_cnt,
.block_size = 1,
.key_len = 32,
.iv_len = 8,
.flags = EVP_CIPH_NO_PADDING | EVP_CIPH_CTRL_INIT | EVP_CIPH_OFB_MODE,
.init = gost2814789_init_key,
.do_cipher = gost2814789_cnt_cipher,
.cleanup = NULL,
.ctx_size = sizeof(EVP_GOST2814789_CTX),
.set_asn1_parameters = gost2814789_set_asn1_params,
.get_asn1_parameters = gost2814789_get_asn1_params,
.ctrl = gost2814789_ctl,
};
const EVP_CIPHER *
EVP_gost2814789_cnt(void)
{
return &gost2814789_cnt;
}
#endif

308
lib/libcrypto/evp/e_rc4_hmac_md5.c
View file

@ -1,308 +0,0 @@
/* $OpenBSD: e_rc4_hmac_md5.c,v 1.15 2024/01/07 16:18:18 tb Exp $ */
/* ====================================================================
* Copyright (c) 2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdio.h>
#include <string.h>
#include <openssl/opensslconf.h>
#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_MD5)
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/rc4.h>
#include <openssl/md5.h>
#include "evp_local.h"
/* FIXME: surely this is available elsewhere? */
#define EVP_RC4_KEY_SIZE 16
typedef struct {
RC4_KEY ks;
MD5_CTX head, tail, md;
size_t payload_length;
} EVP_RC4_HMAC_MD5;
#define NO_PAYLOAD_LENGTH ((size_t)-1)
void rc4_md5_enc (RC4_KEY *key, const void *in0, void *out,
MD5_CTX *ctx, const void *inp, size_t blocks);
#define data(ctx) ((EVP_RC4_HMAC_MD5 *)(ctx)->cipher_data)
static int
rc4_hmac_md5_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *inkey,
const unsigned char *iv, int enc)
{
EVP_RC4_HMAC_MD5 *key = data(ctx);
RC4_set_key(&key->ks, EVP_CIPHER_CTX_key_length(ctx), inkey);
MD5_Init(&key->head); /* handy when benchmarking */
key->tail = key->head;
key->md = key->head;
key->payload_length = NO_PAYLOAD_LENGTH;
return 1;
}
#if !defined(OPENSSL_NO_ASM) && defined(RC4_MD5_ASM) && ( \
defined(__x86_64) || defined(__x86_64__) || \
defined(_M_AMD64) || defined(_M_X64) || \
defined(__INTEL__) ) && \
!(defined(__APPLE__) && defined(__MACH__))
#define STITCHED_CALL
#include "x86_arch.h"
#endif
#if !defined(STITCHED_CALL)
#define rc4_off 0
#define md5_off 0
#endif
static int
rc4_hmac_md5_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t len)
{
EVP_RC4_HMAC_MD5 *key = data(ctx);
#if defined(STITCHED_CALL)
size_t rc4_off = 32-1-(key->ks.x&(32-1)), /* 32 is $MOD from rc4_md5-x86_64.pl */
md5_off = MD5_CBLOCK - key->md.num,
blocks;
unsigned int l;
#endif
size_t plen = key->payload_length;
if (plen != NO_PAYLOAD_LENGTH && len != (plen + MD5_DIGEST_LENGTH))
return 0;
if (ctx->encrypt) {
if (plen == NO_PAYLOAD_LENGTH)
plen = len;
#if defined(STITCHED_CALL)
/* cipher has to "fall behind" */
if (rc4_off > md5_off)
md5_off += MD5_CBLOCK;
if (plen > md5_off &&
(blocks = (plen - md5_off) / MD5_CBLOCK) &&
(OPENSSL_cpu_caps() & CPUCAP_MASK_INTELP4) == 0) {
MD5_Update(&key->md, in, md5_off);
RC4(&key->ks, rc4_off, in, out);
rc4_md5_enc(&key->ks, in + rc4_off, out + rc4_off,
&key->md, in + md5_off, blocks);
blocks *= MD5_CBLOCK;
rc4_off += blocks;
md5_off += blocks;
key->md.Nh += blocks >> 29;
key->md.Nl += blocks <<= 3;
if (key->md.Nl < (unsigned int)blocks)
key->md.Nh++;
} else {
rc4_off = 0;
md5_off = 0;
}
#endif
MD5_Update(&key->md, in + md5_off, plen - md5_off);
if (plen!=len) { /* "TLS" mode of operation */
if (in != out)
memcpy(out + rc4_off, in + rc4_off,
plen - rc4_off);
/* calculate HMAC and append it to payload */
MD5_Final(out + plen, &key->md);
key->md = key->tail;
MD5_Update(&key->md, out + plen, MD5_DIGEST_LENGTH);
MD5_Final(out + plen, &key->md);
/* encrypt HMAC at once */
RC4(&key->ks, len - rc4_off, out + rc4_off,
out + rc4_off);
} else {
RC4(&key->ks, len - rc4_off, in + rc4_off,
out + rc4_off);
}
} else {
unsigned char mac[MD5_DIGEST_LENGTH];
#if defined(STITCHED_CALL)
/* digest has to "fall behind" */
if (md5_off > rc4_off)
rc4_off += 2*MD5_CBLOCK;
else
rc4_off += MD5_CBLOCK;
if (len > rc4_off && (blocks = (len - rc4_off) / MD5_CBLOCK) &&
(OPENSSL_cpu_caps() & CPUCAP_MASK_INTELP4) == 0) {
RC4(&key->ks, rc4_off, in, out);
MD5_Update(&key->md, out, md5_off);
rc4_md5_enc(&key->ks, in + rc4_off, out + rc4_off,
&key->md, out + md5_off, blocks);
blocks *= MD5_CBLOCK;
rc4_off += blocks;
md5_off += blocks;
l = (key->md.Nl + (blocks << 3)) & 0xffffffffU;
if (l < key->md.Nl)
key->md.Nh++;
key->md.Nl = l;
key->md.Nh += blocks >> 29;
} else {
md5_off = 0;
rc4_off = 0;
}
#endif
/* decrypt HMAC at once */
RC4(&key->ks, len - rc4_off, in + rc4_off, out + rc4_off);
if (plen!=NO_PAYLOAD_LENGTH) { /* "TLS" mode of operation */
MD5_Update(&key->md, out + md5_off, plen - md5_off);
/* calculate HMAC and verify it */
MD5_Final(mac, &key->md);
key->md = key->tail;
MD5_Update(&key->md, mac, MD5_DIGEST_LENGTH);
MD5_Final(mac, &key->md);
if (memcmp(out + plen, mac, MD5_DIGEST_LENGTH))
return 0;
} else {
MD5_Update(&key->md, out + md5_off, len - md5_off);
}
}
key->payload_length = NO_PAYLOAD_LENGTH;
return 1;
}
static int
rc4_hmac_md5_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
{
EVP_RC4_HMAC_MD5 *key = data(ctx);
switch (type) {
case EVP_CTRL_AEAD_SET_MAC_KEY:
{
unsigned int i;
unsigned char hmac_key[64];
memset (hmac_key, 0, sizeof(hmac_key));
if (arg > (int)sizeof(hmac_key)) {
MD5_Init(&key->head);
MD5_Update(&key->head, ptr, arg);
MD5_Final(hmac_key, &key->head);
} else {
memcpy(hmac_key, ptr, arg);
}
for (i = 0; i < sizeof(hmac_key); i++)
hmac_key[i] ^= 0x36; /* ipad */
MD5_Init(&key->head);
MD5_Update(&key->head, hmac_key, sizeof(hmac_key));
for (i = 0; i < sizeof(hmac_key); i++)
hmac_key[i] ^= 0x36 ^ 0x5c; /* opad */
MD5_Init(&key->tail);
MD5_Update(&key->tail, hmac_key, sizeof(hmac_key));
return 1;
}
case EVP_CTRL_AEAD_TLS1_AAD:
{
unsigned char *p = ptr;
unsigned int len = p[arg - 2] << 8 | p[arg - 1];
if (!ctx->encrypt) {
if (len < MD5_DIGEST_LENGTH)
return -1;
len -= MD5_DIGEST_LENGTH;
p[arg - 2] = len >> 8;
p[arg - 1] = len;
}
key->payload_length = len;
key->md = key->head;
MD5_Update(&key->md, p, arg);
return MD5_DIGEST_LENGTH;
}
default:
return -1;
}
}
static const EVP_CIPHER r4_hmac_md5_cipher = {
#ifdef NID_rc4_hmac_md5
.nid = NID_rc4_hmac_md5,
#else
.nid = NID_undef,
#endif
.block_size = 1,
.key_len = EVP_RC4_KEY_SIZE,
.iv_len = 0,
.flags = EVP_CIPH_STREAM_CIPHER|EVP_CIPH_VARIABLE_LENGTH|EVP_CIPH_FLAG_AEAD_CIPHER,
.init = rc4_hmac_md5_init_key,
.do_cipher = rc4_hmac_md5_cipher,
.cleanup = NULL,
.ctx_size = sizeof(EVP_RC4_HMAC_MD5),
.set_asn1_parameters = NULL,
.get_asn1_parameters = NULL,
.ctrl = rc4_hmac_md5_ctrl,
};
const EVP_CIPHER *
EVP_rc4_hmac_md5(void)
{
return (&r4_hmac_md5_cipher);
}
#endif

196
lib/libcrypto/evp/evp.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: evp.h,v 1.121 2024/02/18 15:47:48 tb Exp $ */
/* $OpenBSD: evp.h,v 1.132 2024/03/02 10:21:12 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -210,8 +210,6 @@ extern "C" {
#define EVP_CIPH_ALWAYS_CALL_INIT 0x20
/* Call ctrl() to init cipher parameters */
#define EVP_CIPH_CTRL_INIT 0x40
/* Don't use standard key length function */
#define EVP_CIPH_CUSTOM_KEY_LENGTH 0x80
/* Don't use standard block padding */
#define EVP_CIPH_NO_PADDING 0x100
/* cipher handles random key generation */
@ -241,7 +239,6 @@ extern "C" {
/* ctrl() values */
#define EVP_CTRL_INIT 0x0
#define EVP_CTRL_SET_KEY_LENGTH 0x1
#define EVP_CTRL_GET_RC2_KEY_BITS 0x2
#define EVP_CTRL_SET_RC2_KEY_BITS 0x3
#define EVP_CTRL_GET_RC5_ROUNDS 0x4
@ -352,24 +349,6 @@ int EVP_MD_size(const EVP_MD *md);
int EVP_MD_block_size(const EVP_MD *md);
unsigned long EVP_MD_flags(const EVP_MD *md);
EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
void EVP_MD_meth_free(EVP_MD *md);
EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
int EVP_MD_meth_set_update(EVP_MD *md,
int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count));
int EVP_MD_meth_set_final(EVP_MD *md,
int (*final)(EVP_MD_CTX *ctx, unsigned char *md));
int EVP_MD_meth_set_copy(EVP_MD *md,
int (*copy)(EVP_MD_CTX *to, const EVP_MD_CTX *from));
int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
int EVP_MD_meth_set_ctrl(EVP_MD *md,
int (*ctrl)(EVP_MD_CTX *ctx, int cmd, int p1, void *p2));
const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
EVP_PKEY_CTX *EVP_MD_CTX_pkey_ctx(const EVP_MD_CTX *ctx);
@ -461,19 +440,10 @@ int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey,
int EVP_Cipher(EVP_CIPHER_CTX *c, unsigned char *out, const unsigned char *in,
unsigned int inl);
#define EVP_add_cipher_alias(n,alias) \
OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n))
#define EVP_add_digest_alias(n,alias) \
OBJ_NAME_add((alias),OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,(n))
#define EVP_delete_cipher_alias(alias) \
OBJ_NAME_remove(alias,OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS);
#define EVP_delete_digest_alias(alias) \
OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS);
EVP_MD_CTX *EVP_MD_CTX_new(void);
void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
#ifndef LIBRESSL_INTERNAL
void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
int EVP_MD_CTX_init(EVP_MD_CTX *ctx);
#endif
int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
EVP_MD_CTX *EVP_MD_CTX_create(void);
@ -587,7 +557,7 @@ int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
#ifndef LIBRESSL_INTERNAL
void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
int EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
#endif
int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
@ -676,9 +646,6 @@ const EVP_CIPHER *EVP_desx_cbc(void);
#ifndef OPENSSL_NO_RC4
const EVP_CIPHER *EVP_rc4(void);
const EVP_CIPHER *EVP_rc4_40(void);
#ifndef OPENSSL_NO_MD5
const EVP_CIPHER *EVP_rc4_hmac_md5(void);
#endif
#endif
#ifndef OPENSSL_NO_IDEA
const EVP_CIPHER *EVP_idea_ecb(void);
@ -749,10 +716,6 @@ const EVP_CIPHER *EVP_aes_256_xts(void);
#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
const EVP_CIPHER *EVP_chacha20_poly1305(void);
#endif
#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void);
const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void);
#endif
#endif
#ifndef OPENSSL_NO_CAMELLIA
const EVP_CIPHER *EVP_camellia_128_ecb(void);
@ -813,9 +776,6 @@ void OpenSSL_add_all_digests(void);
#define SSLeay_add_all_ciphers() OpenSSL_add_all_ciphers()
#define SSLeay_add_all_digests() OpenSSL_add_all_digests()
int EVP_add_cipher(const EVP_CIPHER *cipher);
int EVP_add_digest(const EVP_MD *digest);
const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
const EVP_MD *EVP_get_digestbyname(const char *name);
void EVP_cleanup(void);
@ -906,46 +866,13 @@ int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
int EVP_CIPHER_type(const EVP_CIPHER *ctx);
/* calls methods */
int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
/* These are used by EVP_CIPHER methods */
int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
/* PKCS5 password based encryption */
int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de);
int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
const unsigned char *salt, int saltlen, int iter, int keylen,
unsigned char *out);
int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt,
int saltlen, int iter, const EVP_MD *digest, int keylen,
unsigned char *out);
int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
int en_de);
void PKCS5_PBE_add(void);
int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
/* PBE type */
/* Can appear as the outermost AlgorithmIdentifier */
#define EVP_PBE_TYPE_OUTER 0x0
/* Is an PRF type OID */
#define EVP_PBE_TYPE_PRF 0x1
int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
EVP_PBE_KEYGEN *keygen);
int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
EVP_PBE_KEYGEN *keygen);
int EVP_PBE_find(int type, int pbe_nid, int *pcnid, int *pmnid,
EVP_PBE_KEYGEN **pkeygen);
void EVP_PBE_cleanup(void);
#define ASN1_PKEY_ALIAS 0x1
#define ASN1_PKEY_DYNAMIC 0x2
@ -963,53 +890,11 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);
const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type);
const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
const char *str, int len);
int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
int EVP_PKEY_asn1_add_alias(int to, int from);
int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id, int *ppkey_flags,
const char **pinfo, const char **ppem_str,
const EVP_PKEY_ASN1_METHOD *ameth);
const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);
EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags, const char *pem_str,
const char *info);
void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
const EVP_PKEY_ASN1_METHOD *src);
void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub),
int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk),
int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *pctx),
int (*pkey_size)(const EVP_PKEY *pk),
int (*pkey_bits)(const EVP_PKEY *pk));
void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
int (*priv_decode)(EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf),
int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk),
int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *pctx));
void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
int (*param_decode)(EVP_PKEY *pkey, const unsigned char **pder, int derlen),
int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder),
int (*param_missing)(const EVP_PKEY *pk),
int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from),
int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *pctx));
void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
void (*pkey_free)(EVP_PKEY *pkey));
void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
int (*pkey_ctrl)(EVP_PKEY *pkey, int op, long arg1, void *arg2));
void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
int (*pkey_security_bits)(const EVP_PKEY *pkey));
void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
int (*pkey_check)(const EVP_PKEY *pk));
void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
int (*pkey_public_check)(const EVP_PKEY *pk));
void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
int (*pkey_check)(const EVP_PKEY *pk));
#define EVP_PKEY_OP_UNDEFINED 0
#define EVP_PKEY_OP_PARAMGEN (1<<1)
@ -1076,14 +961,6 @@ void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
*/
#define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4
const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
const EVP_PKEY_METHOD *meth);
void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx);
@ -1146,73 +1023,6 @@ EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
int (*init)(EVP_PKEY_CTX *ctx));
void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src));
void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
void (*cleanup)(EVP_PKEY_CTX *ctx));
void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
int (*paramgen_init)(EVP_PKEY_CTX *ctx),
int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
int (*keygen_init)(EVP_PKEY_CTX *ctx),
int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
int (*sign_init)(EVP_PKEY_CTX *ctx),
int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
const unsigned char *tbs, size_t tbslen));
void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
int (*verify_init)(EVP_PKEY_CTX *ctx),
int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
const unsigned char *tbs, size_t tbslen));
void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
int (*verify_recover_init)(EVP_PKEY_CTX *ctx),
int (*verify_recover)(EVP_PKEY_CTX *ctx, unsigned char *sig,
size_t *siglen, const unsigned char *tbs, size_t tbslen));
void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
EVP_MD_CTX *mctx));
void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
EVP_MD_CTX *mctx));
void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
int (*encrypt_init)(EVP_PKEY_CTX *ctx),
int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen));
void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
int (*decrypt_init)(EVP_PKEY_CTX *ctx),
int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen));
void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
int (*derive_init)(EVP_PKEY_CTX *ctx),
int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen));
void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value));
void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
int (*check)(EVP_PKEY *pkey));
void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
int (*public_check)(EVP_PKEY *pkey));
void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
int (*param_check)(EVP_PKEY *pkey));
/* Authenticated Encryption with Additional Data.
*
* AEAD couples confidentiality and integrity in a single primtive. AEAD

10
lib/libcrypto/evp/evp_cipher.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: evp_cipher.c,v 1.20 2024/02/24 08:00:37 tb Exp $ */
/* $OpenBSD: evp_cipher.c,v 1.21 2024/03/02 09:55:30 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -613,15 +613,15 @@ EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
}
void
EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
EVP_CIPHER_CTX_legacy_clear(EVP_CIPHER_CTX *ctx)
{
memset(ctx, 0, sizeof(*ctx));
}
void
EVP_CIPHER_CTX_legacy_clear(EVP_CIPHER_CTX *ctx)
int
EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
{
memset(ctx, 0, sizeof(*ctx));
return EVP_CIPHER_CTX_cleanup(ctx);
}
int

122
lib/libcrypto/evp/evp_digest.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: evp_digest.c,v 1.10 2024/02/18 15:45:42 tb Exp $ */
/* $OpenBSD: evp_digest.c,v 1.12 2024/03/02 09:59:56 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -247,15 +247,15 @@ EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
}
void
EVP_MD_CTX_init(EVP_MD_CTX *ctx)
EVP_MD_CTX_legacy_clear(EVP_MD_CTX *ctx)
{
memset(ctx, 0, sizeof(*ctx));
}
void
EVP_MD_CTX_legacy_clear(EVP_MD_CTX *ctx)
int
EVP_MD_CTX_init(EVP_MD_CTX *ctx)
{
memset(ctx, 0, sizeof(*ctx));
return EVP_MD_CTX_cleanup(ctx);
}
int
@ -470,115 +470,3 @@ EVP_MD_block_size(const EVP_MD *md)
{
return md->block_size;
}
/*
* XXX - remove everything below in the next bump.
*/
EVP_MD *
EVP_MD_meth_new(int md_type, int pkey_type)
{
EVP_MD *md;
if ((md = calloc(1, sizeof(*md))) == NULL)
return NULL;
md->type = md_type;
md->pkey_type = pkey_type;
return md;
}
EVP_MD *
EVP_MD_meth_dup(const EVP_MD *md)
{
EVP_MD *to;
if ((to = EVP_MD_meth_new(md->type, md->pkey_type)) == NULL)
return NULL;
memcpy(to, md, sizeof(*to));
return to;
}
void
EVP_MD_meth_free(EVP_MD *md)
{
freezero(md, sizeof(*md));
}
int
EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize)
{
md->block_size = blocksize;
return 1;
}
int
EVP_MD_meth_set_result_size(EVP_MD *md, int result_size)
{
md->md_size = result_size;
return 1;
}
int
EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize)
{
md->ctx_size = datasize;
return 1;
}
int
EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags)
{
md->flags = flags;
return 1;
}
int
EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx))
{
md->init = init;
return 1;
}
int
EVP_MD_meth_set_update(EVP_MD *md,
int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count))
{
md->update = update;
return 1;
}
int
EVP_MD_meth_set_final(EVP_MD *md,
int (*final)(EVP_MD_CTX *ctx, unsigned char *md))
{
md->final = final;
return 1;
}
int
EVP_MD_meth_set_copy(EVP_MD *md,
int (*copy)(EVP_MD_CTX *to, const EVP_MD_CTX *from))
{
md->copy = copy;
return 1;
}
int
EVP_MD_meth_set_cleanup(EVP_MD *md,
int (*cleanup)(EVP_MD_CTX *ctx))
{
md->cleanup = cleanup;
return 1;
}
int
EVP_MD_meth_set_ctrl(EVP_MD *md,
int (*ctrl)(EVP_MD_CTX *ctx, int cmd, int p1, void *p2))
{
md->md_ctrl = ctrl;
return 1;
}

14
lib/libcrypto/evp/evp_local.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: evp_local.h,v 1.16 2024/02/18 15:43:21 tb Exp $ */
/* $OpenBSD: evp_local.h,v 1.19 2024/03/02 10:20:27 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
@ -340,9 +340,6 @@ struct evp_pkey_method_st {
void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de);
/* EVP_AEAD represents a specific AEAD algorithm. */
struct evp_aead_st {
unsigned char key_len;
@ -373,6 +370,15 @@ struct evp_aead_ctx_st {
void *aead_state;
};
/* Legacy EVP_CIPHER methods used by CMS and its predecessors. */
int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *cipher, ASN1_TYPE *type);
int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *cipher, ASN1_TYPE *type);
int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *cipher, ASN1_TYPE *type);
int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *cipher, ASN1_TYPE *type);
int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
int EVP_PKEY_CTX_str2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *str);
int EVP_PKEY_CTX_hex2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *hex);
int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md_name);

94
lib/libcrypto/evp/evp_names.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: evp_names.c,v 1.8 2024/01/27 18:12:27 tb Exp $ */
/* $OpenBSD: evp_names.c,v 1.12 2024/03/02 10:13:13 tb Exp $ */
/*
* Copyright (c) 2023 Theo Buehler <tb@openbsd.org>
*
@ -51,10 +51,6 @@ static const struct cipher_name cipher_names[] = {
.name = SN_aes_128_cbc,
.cipher = EVP_aes_128_cbc,
},
{
.name = SN_aes_128_cbc_hmac_sha1,
.cipher = EVP_aes_128_cbc_hmac_sha1,
},
{
.name = SN_aes_128_cfb128,
.cipher = EVP_aes_128_cfb128,
@ -117,10 +113,6 @@ static const struct cipher_name cipher_names[] = {
.name = SN_aes_256_cbc,
.cipher = EVP_aes_256_cbc,
},
{
.name = SN_aes_256_cbc_hmac_sha1,
.cipher = EVP_aes_256_cbc_hmac_sha1,
},
{
.name = SN_aes_256_cfb128,
.cipher = EVP_aes_256_cfb128,
@ -497,10 +489,6 @@ static const struct cipher_name cipher_names[] = {
.name = SN_rc4_40,
.cipher = EVP_rc4_40,
},
{
.name = SN_rc4_hmac_md5,
.cipher = EVP_rc4_hmac_md5,
},
#endif /* OPENSSL_NO_RC4 */
#ifndef OPENSSL_NO_SM4
@ -537,10 +525,6 @@ static const struct cipher_name cipher_names[] = {
.name = LN_aes_128_cbc,
.cipher = EVP_aes_128_cbc,
},
{
.name = LN_aes_128_cbc_hmac_sha1,
.cipher = EVP_aes_128_cbc_hmac_sha1,
},
{
.name = LN_aes_128_ccm,
.cipher = EVP_aes_128_ccm,
@ -619,10 +603,6 @@ static const struct cipher_name cipher_names[] = {
.name = LN_aes_256_cbc,
.cipher = EVP_aes_256_cbc,
},
{
.name = LN_aes_256_cbc_hmac_sha1,
.cipher = EVP_aes_256_cbc_hmac_sha1,
},
{
.name = LN_aes_256_ccm,
.cipher = EVP_aes_256_ccm,
@ -1060,10 +1040,6 @@ static const struct cipher_name cipher_names[] = {
.name = LN_rc4_40,
.cipher = EVP_rc4_40,
},
{
.name = LN_rc4_hmac_md5,
.cipher = EVP_rc4_hmac_md5,
},
#endif /* OPENSSL_NO_RC4 */
#ifndef OPENSSL_NO_SM4
@ -1787,7 +1763,7 @@ OBJ_NAME_from_cipher_name(OBJ_NAME *obj_name, const struct cipher_name *cipher)
obj_name->data = cipher->alias;
} else {
obj_name->alias = 0;
obj_name->data = (const char *)evp_cipher;
obj_name->data = evp_cipher;
}
return 1;
@ -1822,7 +1798,7 @@ OBJ_NAME_from_digest_name(OBJ_NAME *obj_name, const struct digest_name *digest)
obj_name->data = digest->alias;
} else {
obj_name->alias = 0;
obj_name->data = (const char *)evp_md;
obj_name->data = evp_md;
}
return 1;
@ -1914,67 +1890,3 @@ void
EVP_cleanup(void)
{
}
/*
* XXX - Remove all the garbage below in the next bump.
*/
int
EVP_add_cipher(const EVP_CIPHER *c)
{
return 1;
}
int
EVP_add_digest(const EVP_MD *md)
{
return 1;
}
int
OBJ_NAME_init(void)
{
OBJerror(ERR_R_DISABLED);
return 0;
}
LCRYPTO_ALIAS(OBJ_NAME_init);
int
OBJ_NAME_new_index(unsigned long (*hash_func)(const char *),
int (*cmp_func)(const char *, const char *),
void (*free_func)(const char *, int, const char *))
{
OBJerror(ERR_R_DISABLED);
return 0;
}
LCRYPTO_ALIAS(OBJ_NAME_new_index);
const char *
OBJ_NAME_get(const char *name, int type)
{
OBJerror(ERR_R_DISABLED);
return NULL;
}
LCRYPTO_ALIAS(OBJ_NAME_get);
int
OBJ_NAME_add(const char *name, int type, const char *data)
{
/* No error to avoid polluting xca's error stack. */
return 0;
}
LCRYPTO_ALIAS(OBJ_NAME_add);
int
OBJ_NAME_remove(const char *name, int type)
{
OBJerror(ERR_R_DISABLED);
return 0;
}
LCRYPTO_ALIAS(OBJ_NAME_remove);
void
OBJ_NAME_cleanup(int type)
{
}
LCRYPTO_ALIAS(OBJ_NAME_cleanup);

51
lib/libcrypto/evp/evp_pbe.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: evp_pbe.c,v 1.42 2024/02/18 15:45:42 tb Exp $ */
/* $OpenBSD: evp_pbe.c,v 1.46 2024/03/02 10:20:27 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
@ -69,8 +69,19 @@
#include "evp_local.h"
#include "hmac_local.h"
#include "pkcs12_local.h"
#include "x509_local.h"
/* Password based encryption (PBE) functions */
int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de);
int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de);
int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md_type,
int en_de);
int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de);
static const struct pbe_config {
int pbe_nid;
@ -640,41 +651,3 @@ PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
return ret;
}
LCRYPTO_ALIAS(PKCS12_PBE_keyivgen);
/*
* XXX - remove the functions below in the next major bump
*/
int
EVP_PBE_find(int type, int pbe_nid, int *out_cipher_nid, int *out_md_nid,
EVP_PBE_KEYGEN **out_keygen)
{
EVPerror(ERR_R_DISABLED);
return 0;
}
int
EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
EVP_PBE_KEYGEN *keygen)
{
EVPerror(ERR_R_DISABLED);
return 0;
}
int
EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
EVP_PBE_KEYGEN *keygen)
{
EVPerror(ERR_R_DISABLED);
return 0;
}
void
EVP_PBE_cleanup(void)
{
}
void
PKCS5_PBE_add(void)
{
}

113
lib/libcrypto/evp/m_gost2814789.c
View file

@ -1,113 +0,0 @@
/* $OpenBSD: m_gost2814789.c,v 1.6 2023/07/07 19:37:53 beck Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_GOST
#include <openssl/evp.h>
#include <openssl/gost.h>
#include <openssl/objects.h>
#include "evp_local.h"
static int
gost2814789_init(EVP_MD_CTX *ctx)
{
return GOST2814789IMIT_Init(ctx->md_data,
NID_id_Gost28147_89_CryptoPro_A_ParamSet);
}
static int
gost2814789_update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
return GOST2814789IMIT_Update(ctx->md_data, data, count);
}
static int
gost2814789_final(EVP_MD_CTX *ctx, unsigned char *md)
{
return GOST2814789IMIT_Final(md, ctx->md_data);
}
static int
gost2814789_md_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2)
{
GOST2814789IMIT_CTX *gctx = ctx->md_data;
switch (cmd) {
case EVP_MD_CTRL_SET_KEY:
return Gost2814789_set_key(&gctx->cipher, p2, p1);
case EVP_MD_CTRL_GOST_SET_SBOX:
return Gost2814789_set_sbox(&gctx->cipher, p1);
}
return -2;
}
static const EVP_MD gost2814789imit_md = {
.type = NID_id_Gost28147_89_MAC,
.pkey_type = NID_undef,
.md_size = GOST2814789IMIT_LENGTH,
.flags = 0,
.init = gost2814789_init,
.update = gost2814789_update,
.final = gost2814789_final,
.block_size = GOST2814789IMIT_CBLOCK,
.ctx_size = sizeof(EVP_MD *) + sizeof(GOST2814789IMIT_CTX),
.md_ctrl = gost2814789_md_ctrl,
};
const EVP_MD *
EVP_gost2814789imit(void)
{
return (&gost2814789imit_md);
}
#endif

100
lib/libcrypto/evp/m_gostr341194.c
View file

@ -1,100 +0,0 @@
/* $OpenBSD: m_gostr341194.c,v 1.7 2023/07/07 19:37:53 beck Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdio.h>
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_GOST
#include <openssl/evp.h>
#include <openssl/gost.h>
#include <openssl/objects.h>
#include "evp_local.h"
static int
gostr341194_init(EVP_MD_CTX *ctx)
{
return GOSTR341194_Init(ctx->md_data,
NID_id_GostR3411_94_CryptoProParamSet);
}
static int
gostr341194_update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
return GOSTR341194_Update(ctx->md_data, data, count);
}
static int
gostr341194_final(EVP_MD_CTX *ctx, unsigned char *md)
{
return GOSTR341194_Final(md, ctx->md_data);
}
static const EVP_MD gostr341194_md = {
.type = NID_id_GostR3411_94,
.pkey_type = NID_undef,
.md_size = GOSTR341194_LENGTH,
.flags = 0,
.init = gostr341194_init,
.update = gostr341194_update,
.final = gostr341194_final,
.block_size = GOSTR341194_CBLOCK,
.ctx_size = sizeof(EVP_MD *) + sizeof(GOSTR341194_CTX),
};
const EVP_MD *
EVP_gostr341194(void)
{
return (&gostr341194_md);
}
#endif

133
lib/libcrypto/evp/m_streebog.c
View file

@ -1,133 +0,0 @@
/* $OpenBSD: m_streebog.c,v 1.7 2023/07/07 19:37:54 beck Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_GOST
#include <openssl/evp.h>
#include <openssl/gost.h>
#include <openssl/objects.h>
#include "evp_local.h"
static int
streebog_init256(EVP_MD_CTX *ctx)
{
return STREEBOG256_Init(ctx->md_data);
}
static int
streebog_update256(EVP_MD_CTX *ctx, const void *data, size_t count)
{
return STREEBOG256_Update(ctx->md_data, data, count);
}
static int
streebog_final256(EVP_MD_CTX *ctx, unsigned char *md)
{
return STREEBOG256_Final(md, ctx->md_data);
}
static int
streebog_init512(EVP_MD_CTX *ctx)
{
return STREEBOG512_Init(ctx->md_data);
}
static int
streebog_update512(EVP_MD_CTX *ctx, const void *data, size_t count)
{
return STREEBOG512_Update(ctx->md_data, data, count);
}
static int
streebog_final512(EVP_MD_CTX *ctx, unsigned char *md)
{
return STREEBOG512_Final(md, ctx->md_data);
}
static const EVP_MD streebog256_md = {
.type = NID_id_tc26_gost3411_2012_256,
.pkey_type = NID_undef,
.md_size = STREEBOG256_LENGTH,
.flags = 0,
.init = streebog_init256,
.update = streebog_update256,
.final = streebog_final256,
.block_size = STREEBOG_CBLOCK,
.ctx_size = sizeof(EVP_MD *) + sizeof(STREEBOG_CTX),
};
static const EVP_MD streebog512_md = {
.type = NID_id_tc26_gost3411_2012_512,
.pkey_type = NID_undef,
.md_size = STREEBOG512_LENGTH,
.flags = 0,
.init = streebog_init512,
.update = streebog_update512,
.final = streebog_final512,
.block_size = STREEBOG_CBLOCK,
.ctx_size = sizeof(EVP_MD *) + sizeof(STREEBOG_CTX),
};
const EVP_MD *
EVP_streebog256(void)
{
return (&streebog256_md);
}
const EVP_MD *
EVP_streebog512(void)
{
return (&streebog512_md);
}
#endif

10
lib/libcrypto/evp/p_lib.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: p_lib.c,v 1.58 2024/01/05 21:22:01 tb Exp $ */
/* $OpenBSD: p_lib.c,v 1.59 2024/03/02 11:17:27 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -140,10 +140,6 @@ extern const EVP_PKEY_ASN1_METHOD dsa3_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD dsa4_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD ed25519_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD gostimit_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD gostr01_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD gostr12_256_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD gostr12_512_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD rsa2_asn1_meth;
@ -160,10 +156,6 @@ static const EVP_PKEY_ASN1_METHOD *asn1_methods[] = {
&dsa4_asn1_meth,
&eckey_asn1_meth,
&ed25519_asn1_meth,
&gostimit_asn1_meth,
&gostr01_asn1_meth,
&gostr12_256_asn1_meth,
&gostr12_512_asn1_meth,
&hmac_asn1_meth,
&rsa_asn1_meth,
&rsa2_asn1_meth,

166
lib/libcrypto/evp/pmeth_lib.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: pmeth_lib.c,v 1.37 2024/01/13 12:46:59 tb Exp $ */
/* $OpenBSD: pmeth_lib.c,v 1.39 2024/03/02 11:17:27 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
@ -76,8 +76,6 @@ extern const EVP_PKEY_METHOD dh_pkey_meth;
extern const EVP_PKEY_METHOD dsa_pkey_meth;
extern const EVP_PKEY_METHOD ec_pkey_meth;
extern const EVP_PKEY_METHOD ed25519_pkey_meth;
extern const EVP_PKEY_METHOD gostimit_pkey_meth;
extern const EVP_PKEY_METHOD gostr01_pkey_meth;
extern const EVP_PKEY_METHOD hkdf_pkey_meth;
extern const EVP_PKEY_METHOD hmac_pkey_meth;
extern const EVP_PKEY_METHOD rsa_pkey_meth;
@ -90,8 +88,6 @@ static const EVP_PKEY_METHOD *pkey_methods[] = {
&dsa_pkey_meth,
&ec_pkey_meth,
&ed25519_pkey_meth,
&gostimit_pkey_meth,
&gostr01_pkey_meth,
&hkdf_pkey_meth,
&hmac_pkey_meth,
&rsa_pkey_meth,
@ -347,163 +343,3 @@ EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx)
{
return ctx->app_data;
}
/*
* Remove all the functions below in the next major bump
*/
const EVP_PKEY_METHOD *
EVP_PKEY_meth_find(int type)
{
EVPerror(ERR_R_DISABLED);
return NULL;
}
EVP_PKEY_METHOD*
EVP_PKEY_meth_new(int id, int flags)
{
EVPerror(ERR_R_DISABLED);
return NULL;
}
void
EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, const EVP_PKEY_METHOD *meth)
{
}
void
EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src)
{
}
void
EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth)
{
}
int
EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth)
{
EVPerror(ERR_R_DISABLED);
return 0;
}
void
EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
int (*init)(EVP_PKEY_CTX *ctx))
{
}
void
EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src))
{
}
void
EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
void (*cleanup)(EVP_PKEY_CTX *ctx))
{
}
void
EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
int (*paramgen_init)(EVP_PKEY_CTX *ctx),
int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey))
{
}
void
EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
int (*keygen_init)(EVP_PKEY_CTX *ctx),
int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey))
{
}
void
EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
int (*sign_init)(EVP_PKEY_CTX *ctx),
int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
const unsigned char *tbs, size_t tbslen))
{
}
void
EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
int (*verify_init)(EVP_PKEY_CTX *ctx),
int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
const unsigned char *tbs, size_t tbslen))
{
}
void
EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
int (*verify_recover_init)(EVP_PKEY_CTX *ctx),
int (*verify_recover)(EVP_PKEY_CTX *ctx,
unsigned char *sig, size_t *siglen,
const unsigned char *tbs, size_t tbslen))
{
}
void
EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
EVP_MD_CTX *mctx))
{
}
void
EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
EVP_MD_CTX *mctx))
{
}
void
EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
int (*encrypt_init)(EVP_PKEY_CTX *ctx),
int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen))
{
}
void
EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
int (*decrypt_init)(EVP_PKEY_CTX *ctx),
int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen))
{
}
void
EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
int (*derive_init)(EVP_PKEY_CTX *ctx),
int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen))
{
}
void
EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value))
{
}
void
EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth, int (*check)(EVP_PKEY *pkey))
{
}
void
EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
int (*public_check)(EVP_PKEY *pkey))
{
}
void
EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
int (*param_check)(EVP_PKEY *pkey))
{
}

262
lib/libcrypto/gost/gost.h
View file

@ -1,262 +0,0 @@
/* $OpenBSD: gost.h,v 1.4 2022/07/12 14:42:49 kn Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#ifndef HEADER_GOST_H
#define HEADER_GOST_H
#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_GOST
#error GOST is disabled.
#endif
#include <openssl/asn1t.h>
#include <openssl/ec.h>
#ifdef __cplusplus
extern "C" {
#endif
typedef struct gost2814789_key_st {
unsigned int key[8];
unsigned int k87[256],k65[256],k43[256],k21[256];
unsigned int count;
unsigned key_meshing : 1;
} GOST2814789_KEY;
int Gost2814789_set_sbox(GOST2814789_KEY *key, int nid);
int Gost2814789_set_key(GOST2814789_KEY *key,
const unsigned char *userKey, const int bits);
void Gost2814789_ecb_encrypt(const unsigned char *in, unsigned char *out,
GOST2814789_KEY *key, const int enc);
void Gost2814789_cfb64_encrypt(const unsigned char *in, unsigned char *out,
size_t length, GOST2814789_KEY *key,
unsigned char *ivec, int *num, const int enc);
void Gost2814789_cnt_encrypt(const unsigned char *in, unsigned char *out,
size_t length, GOST2814789_KEY *key,
unsigned char *ivec, unsigned char *cnt_buf, int *num);
typedef struct {
ASN1_OCTET_STRING *iv;
ASN1_OBJECT *enc_param_set;
} GOST_CIPHER_PARAMS;
GOST_CIPHER_PARAMS *GOST_CIPHER_PARAMS_new(void);
void GOST_CIPHER_PARAMS_free(GOST_CIPHER_PARAMS *a);
GOST_CIPHER_PARAMS *d2i_GOST_CIPHER_PARAMS(GOST_CIPHER_PARAMS **a, const unsigned char **in, long len);
int i2d_GOST_CIPHER_PARAMS(GOST_CIPHER_PARAMS *a, unsigned char **out);
extern const ASN1_ITEM GOST_CIPHER_PARAMS_it;
#define GOST2814789IMIT_LENGTH 4
#define GOST2814789IMIT_CBLOCK 8
#define GOST2814789IMIT_LONG unsigned int
typedef struct GOST2814789IMITstate_st {
GOST2814789IMIT_LONG Nl, Nh;
unsigned char data[GOST2814789IMIT_CBLOCK];
unsigned int num;
GOST2814789_KEY cipher;
unsigned char mac[GOST2814789IMIT_CBLOCK];
} GOST2814789IMIT_CTX;
/* Note, also removed second parameter and removed dctx->cipher setting */
int GOST2814789IMIT_Init(GOST2814789IMIT_CTX *c, int nid);
int GOST2814789IMIT_Update(GOST2814789IMIT_CTX *c, const void *data, size_t len);
int GOST2814789IMIT_Final(unsigned char *md, GOST2814789IMIT_CTX *c);
void GOST2814789IMIT_Transform(GOST2814789IMIT_CTX *c, const unsigned char *data);
unsigned char *GOST2814789IMIT(const unsigned char *d, size_t n,
unsigned char *md, int nid,
const unsigned char *key, const unsigned char *iv);
#define GOSTR341194_LONG unsigned int
#define GOSTR341194_LENGTH 32
#define GOSTR341194_CBLOCK 32
#define GOSTR341194_LBLOCK (GOSTR341194_CBLOCK/4)
typedef struct GOSTR341194state_st {
GOSTR341194_LONG Nl, Nh;
GOSTR341194_LONG data[GOSTR341194_LBLOCK];
unsigned int num;
GOST2814789_KEY cipher;
unsigned char H[GOSTR341194_CBLOCK];
unsigned char S[GOSTR341194_CBLOCK];
} GOSTR341194_CTX;
/* Note, also removed second parameter and removed dctx->cipher setting */
int GOSTR341194_Init(GOSTR341194_CTX *c, int nid);
int GOSTR341194_Update(GOSTR341194_CTX *c, const void *data, size_t len);
int GOSTR341194_Final(unsigned char *md, GOSTR341194_CTX *c);
void GOSTR341194_Transform(GOSTR341194_CTX *c, const unsigned char *data);
unsigned char *GOSTR341194(const unsigned char *d, size_t n,unsigned char *md, int nid);
#if defined(_LP64)
#define STREEBOG_LONG64 unsigned long
#define U64(C) C##UL
#else
#define STREEBOG_LONG64 unsigned long long
#define U64(C) C##ULL
#endif
#define STREEBOG_LBLOCK 8
#define STREEBOG_CBLOCK 64
#define STREEBOG256_LENGTH 32
#define STREEBOG512_LENGTH 64
typedef struct STREEBOGstate_st {
STREEBOG_LONG64 data[STREEBOG_LBLOCK];
unsigned int num;
unsigned int md_len;
STREEBOG_LONG64 h[STREEBOG_LBLOCK];
STREEBOG_LONG64 N[STREEBOG_LBLOCK];
STREEBOG_LONG64 Sigma[STREEBOG_LBLOCK];
} STREEBOG_CTX;
int STREEBOG256_Init(STREEBOG_CTX *c);
int STREEBOG256_Update(STREEBOG_CTX *c, const void *data, size_t len);
int STREEBOG256_Final(unsigned char *md, STREEBOG_CTX *c);
void STREEBOG256_Transform(STREEBOG_CTX *c, const unsigned char *data);
unsigned char *STREEBOG256(const unsigned char *d, size_t n,unsigned char *md);
int STREEBOG512_Init(STREEBOG_CTX *c);
int STREEBOG512_Update(STREEBOG_CTX *c, const void *data, size_t len);
int STREEBOG512_Final(unsigned char *md, STREEBOG_CTX *c);
void STREEBOG512_Transform(STREEBOG_CTX *c, const unsigned char *data);
unsigned char *STREEBOG512(const unsigned char *d, size_t n,unsigned char *md);
typedef struct gost_key_st GOST_KEY;
GOST_KEY *GOST_KEY_new(void);
void GOST_KEY_free(GOST_KEY * r);
int GOST_KEY_check_key(const GOST_KEY * eckey);
int GOST_KEY_set_public_key_affine_coordinates(GOST_KEY * key, BIGNUM * x, BIGNUM * y);
const EC_GROUP * GOST_KEY_get0_group(const GOST_KEY * key);
int GOST_KEY_set_group(GOST_KEY * key, const EC_GROUP * group);
int GOST_KEY_get_digest(const GOST_KEY * key);
int GOST_KEY_set_digest(GOST_KEY * key, int digest_nid);
const BIGNUM * GOST_KEY_get0_private_key(const GOST_KEY * key);
int GOST_KEY_set_private_key(GOST_KEY * key, const BIGNUM * priv_key);
const EC_POINT * GOST_KEY_get0_public_key(const GOST_KEY * key);
int GOST_KEY_set_public_key(GOST_KEY * key, const EC_POINT * pub_key);
size_t GOST_KEY_get_size(const GOST_KEY * r);
/* Gost-specific pmeth control-function parameters */
/* For GOST R34.10 parameters */
#define EVP_PKEY_CTRL_GOST_PARAMSET (EVP_PKEY_ALG_CTRL+1)
#define EVP_PKEY_CTRL_GOST_SIG_FORMAT (EVP_PKEY_ALG_CTRL+2)
#define EVP_PKEY_CTRL_GOST_SET_DIGEST (EVP_PKEY_ALG_CTRL+3)
#define EVP_PKEY_CTRL_GOST_GET_DIGEST (EVP_PKEY_ALG_CTRL+4)
#define GOST_SIG_FORMAT_SR_BE 0
#define GOST_SIG_FORMAT_RS_LE 1
void ERR_load_GOST_strings(void);
/* Error codes for the GOST functions. */
/* Function codes. */
#define GOST_F_DECODE_GOST01_ALGOR_PARAMS 104
#define GOST_F_ENCODE_GOST01_ALGOR_PARAMS 105
#define GOST_F_GOST2001_COMPUTE_PUBLIC 106
#define GOST_F_GOST2001_DO_SIGN 107
#define GOST_F_GOST2001_DO_VERIFY 108
#define GOST_F_GOST2001_KEYGEN 109
#define GOST_F_GOST89_GET_ASN1_PARAMETERS 102
#define GOST_F_GOST89_SET_ASN1_PARAMETERS 103
#define GOST_F_GOST_KEY_CHECK_KEY 124
#define GOST_F_GOST_KEY_NEW 125
#define GOST_F_GOST_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES 126
#define GOST_F_PARAM_COPY_GOST01 110
#define GOST_F_PARAM_DECODE_GOST01 111
#define GOST_F_PKEY_GOST01_CTRL 116
#define GOST_F_PKEY_GOST01_DECRYPT 112
#define GOST_F_PKEY_GOST01_DERIVE 113
#define GOST_F_PKEY_GOST01_ENCRYPT 114
#define GOST_F_PKEY_GOST01_PARAMGEN 115
#define GOST_F_PKEY_GOST01_SIGN 123
#define GOST_F_PKEY_GOST_MAC_CTRL 100
#define GOST_F_PKEY_GOST_MAC_KEYGEN 101
#define GOST_F_PRIV_DECODE_GOST01 117
#define GOST_F_PUB_DECODE_GOST01 118
#define GOST_F_PUB_ENCODE_GOST01 119
#define GOST_F_PUB_PRINT_GOST01 120
#define GOST_F_UNPACK_SIGNATURE_CP 121
#define GOST_F_UNPACK_SIGNATURE_LE 122
/* Reason codes. */
#define GOST_R_BAD_KEY_PARAMETERS_FORMAT 104
#define GOST_R_BAD_PKEY_PARAMETERS_FORMAT 105
#define GOST_R_CANNOT_PACK_EPHEMERAL_KEY 106
#define GOST_R_CTRL_CALL_FAILED 107
#define GOST_R_ERROR_COMPUTING_SHARED_KEY 108
#define GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO 109
#define GOST_R_INCOMPATIBLE_ALGORITHMS 110
#define GOST_R_INCOMPATIBLE_PEER_KEY 111
#define GOST_R_INVALID_DIGEST_TYPE 100
#define GOST_R_INVALID_IV_LENGTH 103
#define GOST_R_INVALID_MAC_KEY_LENGTH 101
#define GOST_R_KEY_IS_NOT_INITIALIZED 112
#define GOST_R_KEY_PARAMETERS_MISSING 113
#define GOST_R_MAC_KEY_NOT_SET 102
#define GOST_R_NO_PARAMETERS_SET 115
#define GOST_R_NO_PEER_KEY 116
#define GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR 117
#define GOST_R_PUBLIC_KEY_UNDEFINED 118
#define GOST_R_RANDOM_NUMBER_GENERATOR_FAILED 120
#define GOST_R_SIGNATURE_MISMATCH 121
#define GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q 122
#define GOST_R_UKM_NOT_SET 123
#ifdef __cplusplus
}
#endif
#endif

480
lib/libcrypto/gost/gost2814789.c
View file

@ -1,480 +0,0 @@
/* $OpenBSD: gost2814789.c,v 1.9 2023/07/08 14:30:44 beck Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <endian.h>
#include <string.h>
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_GOST
#include <openssl/objects.h>
#include <openssl/gost.h>
#include "gost_local.h"
static inline unsigned int
f(const GOST2814789_KEY *c, unsigned int x)
{
return c->k87[(x>>24) & 255] | c->k65[(x>>16) & 255]|
c->k43[(x>> 8) & 255] | c->k21[(x ) & 255];
}
void
Gost2814789_encrypt(const unsigned char *in, unsigned char *out,
const GOST2814789_KEY *key)
{
unsigned int n1, n2; /* As named in the GOST */
c2l(in, n1);
c2l(in, n2);
/* Instead of swapping halves, swap names each round */
n2 ^= f(key, n1 + key->key[0]); n1 ^= f(key, n2 + key->key[1]);
n2 ^= f(key, n1 + key->key[2]); n1 ^= f(key, n2 + key->key[3]);
n2 ^= f(key, n1 + key->key[4]); n1 ^= f(key, n2 + key->key[5]);
n2 ^= f(key, n1 + key->key[6]); n1 ^= f(key, n2 + key->key[7]);
n2 ^= f(key, n1 + key->key[0]); n1 ^= f(key, n2 + key->key[1]);
n2 ^= f(key, n1 + key->key[2]); n1 ^= f(key, n2 + key->key[3]);
n2 ^= f(key, n1 + key->key[4]); n1 ^= f(key, n2 + key->key[5]);
n2 ^= f(key, n1 + key->key[6]); n1 ^= f(key, n2 + key->key[7]);
n2 ^= f(key, n1 + key->key[0]); n1 ^= f(key, n2 + key->key[1]);
n2 ^= f(key, n1 + key->key[2]); n1 ^= f(key, n2 + key->key[3]);
n2 ^= f(key, n1 + key->key[4]); n1 ^= f(key, n2 + key->key[5]);
n2 ^= f(key, n1 + key->key[6]); n1 ^= f(key, n2 + key->key[7]);
n2 ^= f(key, n1 + key->key[7]); n1 ^= f(key, n2 + key->key[6]);
n2 ^= f(key, n1 + key->key[5]); n1 ^= f(key, n2 + key->key[4]);
n2 ^= f(key, n1 + key->key[3]); n1 ^= f(key, n2 + key->key[2]);
n2 ^= f(key, n1 + key->key[1]); n1 ^= f(key, n2 + key->key[0]);
l2c(n2, out);
l2c(n1, out);
}
void
Gost2814789_decrypt(const unsigned char *in, unsigned char *out,
const GOST2814789_KEY *key)
{
unsigned int n1, n2; /* As named in the GOST */
c2l(in, n1);
c2l(in, n2);
/* Instead of swapping halves, swap names each round */
n2 ^= f(key, n1 + key->key[0]); n1 ^= f(key, n2 + key->key[1]);
n2 ^= f(key, n1 + key->key[2]); n1 ^= f(key, n2 + key->key[3]);
n2 ^= f(key, n1 + key->key[4]); n1 ^= f(key, n2 + key->key[5]);
n2 ^= f(key, n1 + key->key[6]); n1 ^= f(key, n2 + key->key[7]);
n2 ^= f(key, n1 + key->key[7]); n1 ^= f(key, n2 + key->key[6]);
n2 ^= f(key, n1 + key->key[5]); n1 ^= f(key, n2 + key->key[4]);
n2 ^= f(key, n1 + key->key[3]); n1 ^= f(key, n2 + key->key[2]);
n2 ^= f(key, n1 + key->key[1]); n1 ^= f(key, n2 + key->key[0]);
n2 ^= f(key, n1 + key->key[7]); n1 ^= f(key, n2 + key->key[6]);
n2 ^= f(key, n1 + key->key[5]); n1 ^= f(key, n2 + key->key[4]);
n2 ^= f(key, n1 + key->key[3]); n1 ^= f(key, n2 + key->key[2]);
n2 ^= f(key, n1 + key->key[1]); n1 ^= f(key, n2 + key->key[0]);
n2 ^= f(key, n1 + key->key[7]); n1 ^= f(key, n2 + key->key[6]);
n2 ^= f(key, n1 + key->key[5]); n1 ^= f(key, n2 + key->key[4]);
n2 ^= f(key, n1 + key->key[3]); n1 ^= f(key, n2 + key->key[2]);
n2 ^= f(key, n1 + key->key[1]); n1 ^= f(key, n2 + key->key[0]);
l2c(n2, out);
l2c(n1, out);
}
static void
Gost2814789_mac(const unsigned char *in, unsigned char *mac,
GOST2814789_KEY *key)
{
unsigned int n1, n2; /* As named in the GOST */
unsigned char *p;
int i;
for (i = 0; i < 8; i++)
mac[i] ^= in[i];
p = mac;
c2l(p, n1);
c2l(p, n2);
/* Instead of swapping halves, swap names each round */
n2 ^= f(key, n1 + key->key[0]); n1 ^= f(key, n2 + key->key[1]);
n2 ^= f(key, n1 + key->key[2]); n1 ^= f(key, n2 + key->key[3]);
n2 ^= f(key, n1 + key->key[4]); n1 ^= f(key, n2 + key->key[5]);
n2 ^= f(key, n1 + key->key[6]); n1 ^= f(key, n2 + key->key[7]);
n2 ^= f(key, n1 + key->key[0]); n1 ^= f(key, n2 + key->key[1]);
n2 ^= f(key, n1 + key->key[2]); n1 ^= f(key, n2 + key->key[3]);
n2 ^= f(key, n1 + key->key[4]); n1 ^= f(key, n2 + key->key[5]);
n2 ^= f(key, n1 + key->key[6]); n1 ^= f(key, n2 + key->key[7]);
p = mac;
l2c(n1, p);
l2c(n2, p);
}
void
Gost2814789_ecb_encrypt(const unsigned char *in, unsigned char *out,
GOST2814789_KEY *key, const int enc)
{
if (key->key_meshing && key->count == 1024) {
Gost2814789_cryptopro_key_mesh(key);
key->count = 0;
}
if (enc)
Gost2814789_encrypt(in, out, key);
else
Gost2814789_decrypt(in, out, key);
}
LCRYPTO_ALIAS(Gost2814789_ecb_encrypt);
static inline void
Gost2814789_encrypt_mesh(unsigned char *iv, GOST2814789_KEY *key)
{
if (key->key_meshing && key->count == 1024) {
Gost2814789_cryptopro_key_mesh(key);
Gost2814789_encrypt(iv, iv, key);
key->count = 0;
}
Gost2814789_encrypt(iv, iv, key);
key->count += 8;
}
static inline void
Gost2814789_mac_mesh(const unsigned char *data, unsigned char *mac,
GOST2814789_KEY *key)
{
if (key->key_meshing && key->count == 1024) {
Gost2814789_cryptopro_key_mesh(key);
key->count = 0;
}
Gost2814789_mac(data, mac, key);
key->count += 8;
}
void
Gost2814789_cfb64_encrypt(const unsigned char *in, unsigned char *out,
size_t len, GOST2814789_KEY *key, unsigned char *ivec, int *num,
const int enc)
{
unsigned int n;
size_t l = 0;
n = *num;
if (enc) {
#if !defined(OPENSSL_SMALL_FOOTPRINT)
if (8 % sizeof(size_t) == 0) do { /* always true actually */
while (n && len) {
*(out++) = ivec[n] ^= *(in++);
--len;
n = (n + 1) % 8;
}
#ifdef __STRICT_ALIGNMENT
if (((size_t)in | (size_t)out | (size_t)ivec) %
sizeof(size_t) != 0)
break;
#endif
while (len >= 8) {
Gost2814789_encrypt_mesh(ivec, key);
for (; n < 8; n += sizeof(size_t)) {
*(size_t*)(out + n) =
*(size_t*)(ivec + n) ^=
*(size_t*)(in + n);
}
len -= 8;
out += 8;
in += 8;
n = 0;
}
if (len) {
Gost2814789_encrypt_mesh(ivec, key);
while (len--) {
out[n] = ivec[n] ^= in[n];
++n;
}
}
*num = n;
return;
} while (0);
/* the rest would be commonly eliminated by x86* compiler */
#endif
while (l<len) {
if (n == 0) {
Gost2814789_encrypt_mesh(ivec, key);
}
out[l] = ivec[n] ^= in[l];
++l;
n = (n + 1) % 8;
}
*num = n;
} else {
#if !defined(OPENSSL_SMALL_FOOTPRINT)
if (8 % sizeof(size_t) == 0) do { /* always true actually */
while (n && len) {
unsigned char c;
*(out++) = ivec[n] ^ (c = *(in++));
ivec[n] = c;
--len;
n = (n + 1) % 8;
}
#ifdef __STRICT_ALIGNMENT
if (((size_t)in | (size_t)out | (size_t)ivec) %
sizeof(size_t) != 0)
break;
#endif
while (len >= 8) {
Gost2814789_encrypt_mesh(ivec, key);
for (; n < 8; n += sizeof(size_t)) {
size_t t = *(size_t*)(in + n);
*(size_t*)(out + n) =
*(size_t*)(ivec + n) ^ t;
*(size_t*)(ivec + n) = t;
}
len -= 8;
out += 8;
in += 8;
n = 0;
}
if (len) {
Gost2814789_encrypt_mesh(ivec, key);
while (len--) {
unsigned char c;
out[n] = ivec[n] ^ (c = in[n]);
ivec[n] = c;
++n;
}
}
*num = n;
return;
} while (0);
/* the rest would be commonly eliminated by x86* compiler */
#endif
while (l < len) {
unsigned char c;
if (n == 0) {
Gost2814789_encrypt_mesh(ivec, key);
}
out[l] = ivec[n] ^ (c = in[l]); ivec[n] = c;
++l;
n = (n + 1) % 8;
}
*num = n;
}
}
LCRYPTO_ALIAS(Gost2814789_cfb64_encrypt);
static inline void
Gost2814789_cnt_next(unsigned char *ivec, unsigned char *out,
GOST2814789_KEY *key)
{
unsigned char *p = ivec, *p2 = ivec;
unsigned int val, val2;
if (key->count == 0)
Gost2814789_encrypt(ivec, ivec, key);
if (key->key_meshing && key->count == 1024) {
Gost2814789_cryptopro_key_mesh(key);
Gost2814789_encrypt(ivec, ivec, key);
key->count = 0;
}
c2l(p, val);
val2 = val + 0x01010101;
l2c(val2, p2);
c2l(p, val);
val2 = val + 0x01010104;
if (val > val2) /* overflow */
val2++;
l2c(val2, p2);
Gost2814789_encrypt(ivec, out, key);
key->count += 8;
}
void
Gost2814789_cnt_encrypt(const unsigned char *in, unsigned char *out, size_t len,
GOST2814789_KEY *key, unsigned char *ivec, unsigned char *cnt_buf, int *num)
{
unsigned int n;
size_t l = 0;
n = *num;
#if !defined(OPENSSL_SMALL_FOOTPRINT)
if (8 % sizeof(size_t) == 0) do { /* always true actually */
while (n && len) {
*(out++) = *(in++) ^ cnt_buf[n];
--len;
n = (n + 1) % 8;
}
#ifdef __STRICT_ALIGNMENT
if (((size_t)in | (size_t)out | (size_t)ivec) %
sizeof(size_t) != 0)
break;
#endif
while (len >= 8) {
Gost2814789_cnt_next(ivec, cnt_buf, key);
for (; n < 8; n += sizeof(size_t))
*(size_t *)(out + n) = *(size_t *)(in + n) ^
*(size_t *)(cnt_buf + n);
len -= 8;
out += 8;
in += 8;
n = 0;
}
if (len) {
Gost2814789_cnt_next(ivec, cnt_buf, key);
while (len--) {
out[n] = in[n] ^ cnt_buf[n];
++n;
}
}
*num = n;
return;
} while(0);
/* the rest would be commonly eliminated by x86* compiler */
#endif
while (l < len) {
if (n==0)
Gost2814789_cnt_next(ivec, cnt_buf, key);
out[l] = in[l] ^ cnt_buf[n];
++l;
n = (n + 1) % 8;
}
*num=n;
}
LCRYPTO_ALIAS(Gost2814789_cnt_encrypt);
int
GOST2814789IMIT_Init(GOST2814789IMIT_CTX *c, int nid)
{
c->Nl = c->Nh = c->num = 0;
memset(c->mac, 0, 8);
return Gost2814789_set_sbox(&c->cipher, nid);
}
LCRYPTO_ALIAS(GOST2814789IMIT_Init);
static void
GOST2814789IMIT_block_data_order(GOST2814789IMIT_CTX *ctx,
const unsigned char *p, size_t num)
{
int i;
for (i = 0; i < num; i++) {
Gost2814789_mac_mesh(p, ctx->mac, &ctx->cipher);
p += 8;
}
}
#define DATA_ORDER_IS_LITTLE_ENDIAN
#define HASH_CBLOCK GOST2814789IMIT_CBLOCK
#define HASH_LONG GOST2814789IMIT_LONG
#define HASH_CTX GOST2814789IMIT_CTX
#define HASH_UPDATE GOST2814789IMIT_Update
#define HASH_TRANSFORM GOST2814789IMIT_Transform
#define HASH_NO_FINAL 1
#define HASH_BLOCK_DATA_ORDER GOST2814789IMIT_block_data_order
#include "md32_common.h"
LCRYPTO_ALIAS(GOST2814789IMIT_Update);
LCRYPTO_ALIAS(GOST2814789IMIT_Transform);
int
GOST2814789IMIT_Final(unsigned char *md, GOST2814789IMIT_CTX *c)
{
if (c->num) {
memset(c->data + c->num, 0, 8 - c->num);
Gost2814789_mac_mesh(c->data, c->mac, &c->cipher);
}
if (c->Nl <= 8 * 8 && c->Nl > 0 && c->Nh == 0) {
memset(c->data, 0, 8);
Gost2814789_mac_mesh(c->data, c->mac, &c->cipher);
}
memcpy(md, c->mac, 4);
return 1;
}
LCRYPTO_ALIAS(GOST2814789IMIT_Final);
unsigned char *
GOST2814789IMIT(const unsigned char *d, size_t n, unsigned char *md, int nid,
const unsigned char *key, const unsigned char *iv)
{
GOST2814789IMIT_CTX c;
static unsigned char m[GOST2814789IMIT_LENGTH];
if (md == NULL)
md = m;
GOST2814789IMIT_Init(&c, nid);
memcpy(c.mac, iv, 8);
Gost2814789_set_key(&c.cipher, key, 256);
GOST2814789IMIT_Update(&c, d, n);
GOST2814789IMIT_Final(md, &c);
explicit_bzero(&c, sizeof(c));
return (md);
}
LCRYPTO_ALIAS(GOST2814789IMIT);
#endif

138
lib/libcrypto/gost/gost89_keywrap.c
View file

@ -1,138 +0,0 @@
/* $OpenBSD: gost89_keywrap.c,v 1.4 2022/11/26 16:08:53 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <string.h>
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_GOST
#include <openssl/gost.h>
#include "gost_local.h"
static void
key_diversify_crypto_pro(GOST2814789_KEY *ctx, const unsigned char *inputKey,
const unsigned char *ukm, unsigned char *outputKey)
{
unsigned long k, s1, s2;
int i, mask;
unsigned char S[8];
unsigned char *p;
memcpy(outputKey, inputKey, 32);
for (i = 0; i < 8; i++) {
/* Make array of integers from key */
/* Compute IV S */
s1 = 0, s2 = 0;
p = outputKey;
for (mask = 1; mask < 256; mask <<= 1) {
c2l(p, k);
if (mask & ukm[i]) {
s1 += k;
} else {
s2 += k;
}
}
p = S;
l2c (s1, p);
l2c (s2, p);
Gost2814789_set_key(ctx, outputKey, 256);
mask = 0;
Gost2814789_cfb64_encrypt(outputKey, outputKey, 32, ctx, S,
&mask, 1);
}
}
int
gost_key_wrap_crypto_pro(int nid, const unsigned char *keyExchangeKey,
const unsigned char *ukm, const unsigned char *sessionKey,
unsigned char *wrappedKey)
{
GOST2814789_KEY ctx;
unsigned char kek_ukm[32];
Gost2814789_set_sbox(&ctx, nid);
key_diversify_crypto_pro(&ctx, keyExchangeKey, ukm, kek_ukm);
Gost2814789_set_key(&ctx, kek_ukm, 256);
memcpy(wrappedKey, ukm, 8);
Gost2814789_encrypt(sessionKey + 0, wrappedKey + 8 + 0, &ctx);
Gost2814789_encrypt(sessionKey + 8, wrappedKey + 8 + 8, &ctx);
Gost2814789_encrypt(sessionKey + 16, wrappedKey + 8 + 16, &ctx);
Gost2814789_encrypt(sessionKey + 24, wrappedKey + 8 + 24, &ctx);
GOST2814789IMIT(sessionKey, 32, wrappedKey + 40, nid, kek_ukm, ukm);
return 1;
}
int
gost_key_unwrap_crypto_pro(int nid, const unsigned char *keyExchangeKey,
const unsigned char *wrappedKey, unsigned char *sessionKey)
{
unsigned char kek_ukm[32], cek_mac[4];
GOST2814789_KEY ctx;
Gost2814789_set_sbox(&ctx, nid);
/* First 8 bytes of wrapped Key is ukm */
key_diversify_crypto_pro(&ctx, keyExchangeKey, wrappedKey, kek_ukm);
Gost2814789_set_key(&ctx, kek_ukm, 256);
Gost2814789_decrypt(wrappedKey + 8 + 0, sessionKey + 0, &ctx);
Gost2814789_decrypt(wrappedKey + 8 + 8, sessionKey + 8, &ctx);
Gost2814789_decrypt(wrappedKey + 8 + 16, sessionKey + 16, &ctx);
Gost2814789_decrypt(wrappedKey + 8 + 24, sessionKey + 24, &ctx);
GOST2814789IMIT(sessionKey, 32, cek_mac, nid, kek_ukm, wrappedKey);
if (memcmp(cek_mac, wrappedKey + 40, 4))
return 0;
return 1;
}
#endif

246
lib/libcrypto/gost/gost89_params.c
View file

@ -1,246 +0,0 @@
/* $OpenBSD: gost89_params.c,v 1.4 2023/07/08 14:30:44 beck Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdlib.h>
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_GOST
#include <openssl/objects.h>
#include <openssl/gost.h>
#include "gost_local.h"
/* Substitution blocks from test examples for GOST R 34.11-94*/
static const gost_subst_block GostR3411_94_TestParamSet = {
{0x1,0xF,0xD,0x0,0x5,0x7,0xA,0x4,0x9,0x2,0x3,0xE,0x6,0xB,0x8,0xC},
{0xD,0xB,0x4,0x1,0x3,0xF,0x5,0x9,0x0,0xA,0xE,0x7,0x6,0x8,0x2,0xC},
{0x4,0xB,0xA,0x0,0x7,0x2,0x1,0xD,0x3,0x6,0x8,0x5,0x9,0xC,0xF,0xE},
{0x6,0xC,0x7,0x1,0x5,0xF,0xD,0x8,0x4,0xA,0x9,0xE,0x0,0x3,0xB,0x2},
{0x7,0xD,0xA,0x1,0x0,0x8,0x9,0xF,0xE,0x4,0x6,0xC,0xB,0x2,0x5,0x3},
{0x5,0x8,0x1,0xD,0xA,0x3,0x4,0x2,0xE,0xF,0xC,0x7,0x6,0x0,0x9,0xB},
{0xE,0xB,0x4,0xC,0x6,0xD,0xF,0xA,0x2,0x3,0x8,0x1,0x0,0x7,0x5,0x9},
{0x4,0xA,0x9,0x2,0xD,0x8,0x0,0xE,0x6,0xB,0x1,0xC,0x7,0xF,0x5,0x3}
};
/* Substitution blocks for hash function 1.2.643.2.9.1.6.1 */
static const gost_subst_block GostR3411_94_CryptoProParamSet = {
{0x1,0x3,0xA,0x9,0x5,0xB,0x4,0xF,0x8,0x6,0x7,0xE,0xD,0x0,0x2,0xC},
{0xD,0xE,0x4,0x1,0x7,0x0,0x5,0xA,0x3,0xC,0x8,0xF,0x6,0x2,0x9,0xB},
{0x7,0x6,0x2,0x4,0xD,0x9,0xF,0x0,0xA,0x1,0x5,0xB,0x8,0xE,0xC,0x3},
{0x7,0x6,0x4,0xB,0x9,0xC,0x2,0xA,0x1,0x8,0x0,0xE,0xF,0xD,0x3,0x5},
{0x4,0xA,0x7,0xC,0x0,0xF,0x2,0x8,0xE,0x1,0x6,0x5,0xD,0xB,0x9,0x3},
{0x7,0xF,0xC,0xE,0x9,0x4,0x1,0x0,0x3,0xB,0x5,0x2,0x6,0xA,0x8,0xD},
{0x5,0xF,0x4,0x0,0x2,0xD,0xB,0x9,0x1,0x7,0x6,0x3,0xC,0xE,0xA,0x8},
{0xA,0x4,0x5,0x6,0x8,0x1,0x3,0x7,0xD,0xC,0xE,0x0,0x9,0x2,0xB,0xF}
};
/* Test paramset from GOST 28147 */
gost_subst_block Gost28147_TestParamSet = {
{0xC,0x6,0x5,0x2,0xB,0x0,0x9,0xD,0x3,0xE,0x7,0xA,0xF,0x4,0x1,0x8},
{0x9,0xB,0xC,0x0,0x3,0x6,0x7,0x5,0x4,0x8,0xE,0xF,0x1,0xA,0x2,0xD},
{0x8,0xF,0x6,0xB,0x1,0x9,0xC,0x5,0xD,0x3,0x7,0xA,0x0,0xE,0x2,0x4},
{0x3,0xE,0x5,0x9,0x6,0x8,0x0,0xD,0xA,0xB,0x7,0xC,0x2,0x1,0xF,0x4},
{0xE,0x9,0xB,0x2,0x5,0xF,0x7,0x1,0x0,0xD,0xC,0x6,0xA,0x4,0x3,0x8},
{0xD,0x8,0xE,0xC,0x7,0x3,0x9,0xA,0x1,0x5,0x2,0x4,0x6,0xF,0x0,0xB},
{0xC,0x9,0xF,0xE,0x8,0x1,0x3,0xA,0x2,0x7,0x4,0xD,0x6,0x0,0xB,0x5},
{0x4,0x2,0xF,0x5,0x9,0x1,0x0,0x8,0xE,0x3,0xB,0xC,0xD,0x7,0xA,0x6}
};
/* 1.2.643.2.2.31.1 */
static const gost_subst_block Gost28147_CryptoProParamSetA = {
{0xB,0xA,0xF,0x5,0x0,0xC,0xE,0x8,0x6,0x2,0x3,0x9,0x1,0x7,0xD,0x4},
{0x1,0xD,0x2,0x9,0x7,0xA,0x6,0x0,0x8,0xC,0x4,0x5,0xF,0x3,0xB,0xE},
{0x3,0xA,0xD,0xC,0x1,0x2,0x0,0xB,0x7,0x5,0x9,0x4,0x8,0xF,0xE,0x6},
{0xB,0x5,0x1,0x9,0x8,0xD,0xF,0x0,0xE,0x4,0x2,0x3,0xC,0x7,0xA,0x6},
{0xE,0x7,0xA,0xC,0xD,0x1,0x3,0x9,0x0,0x2,0xB,0x4,0xF,0x8,0x5,0x6},
{0xE,0x4,0x6,0x2,0xB,0x3,0xD,0x8,0xC,0xF,0x5,0xA,0x0,0x7,0x1,0x9},
{0x3,0x7,0xE,0x9,0x8,0xA,0xF,0x0,0x5,0x2,0x6,0xC,0xB,0x4,0xD,0x1},
{0x9,0x6,0x3,0x2,0x8,0xB,0x1,0x7,0xA,0x4,0xE,0xF,0xC,0x0,0xD,0x5}
};
/* 1.2.643.2.2.31.2 */
static const gost_subst_block Gost28147_CryptoProParamSetB = {
{0x0,0x4,0xB,0xE,0x8,0x3,0x7,0x1,0xA,0x2,0x9,0x6,0xF,0xD,0x5,0xC},
{0x5,0x2,0xA,0xB,0x9,0x1,0xC,0x3,0x7,0x4,0xD,0x0,0x6,0xF,0x8,0xE},
{0x8,0x3,0x2,0x6,0x4,0xD,0xE,0xB,0xC,0x1,0x7,0xF,0xA,0x0,0x9,0x5},
{0x2,0x7,0xC,0xF,0x9,0x5,0xA,0xB,0x1,0x4,0x0,0xD,0x6,0x8,0xE,0x3},
{0x7,0x5,0x0,0xD,0xB,0x6,0x1,0x2,0x3,0xA,0xC,0xF,0x4,0xE,0x9,0x8},
{0xE,0xC,0x0,0xA,0x9,0x2,0xD,0xB,0x7,0x5,0x8,0xF,0x3,0x6,0x1,0x4},
{0x0,0x1,0x2,0xA,0x4,0xD,0x5,0xC,0x9,0x7,0x3,0xF,0xB,0x8,0x6,0xE},
{0x8,0x4,0xB,0x1,0x3,0x5,0x0,0x9,0x2,0xE,0xA,0xC,0xD,0x6,0x7,0xF}
};
/* 1.2.643.2.2.31.3 */
static const gost_subst_block Gost28147_CryptoProParamSetC = {
{0x7,0x4,0x0,0x5,0xA,0x2,0xF,0xE,0xC,0x6,0x1,0xB,0xD,0x9,0x3,0x8},
{0xA,0x9,0x6,0x8,0xD,0xE,0x2,0x0,0xF,0x3,0x5,0xB,0x4,0x1,0xC,0x7},
{0xC,0x9,0xB,0x1,0x8,0xE,0x2,0x4,0x7,0x3,0x6,0x5,0xA,0x0,0xF,0xD},
{0x8,0xD,0xB,0x0,0x4,0x5,0x1,0x2,0x9,0x3,0xC,0xE,0x6,0xF,0xA,0x7},
{0x3,0x6,0x0,0x1,0x5,0xD,0xA,0x8,0xB,0x2,0x9,0x7,0xE,0xF,0xC,0x4},
{0x8,0x2,0x5,0x0,0x4,0x9,0xF,0xA,0x3,0x7,0xC,0xD,0x6,0xE,0x1,0xB},
{0x0,0x1,0x7,0xD,0xB,0x4,0x5,0x2,0x8,0xE,0xF,0xC,0x9,0xA,0x6,0x3},
{0x1,0xB,0xC,0x2,0x9,0xD,0x0,0xF,0x4,0x5,0x8,0xE,0xA,0x7,0x6,0x3}
};
/* 1.2.643.2.2.31.4 */
static const gost_subst_block Gost28147_CryptoProParamSetD = {
{0x1,0xA,0x6,0x8,0xF,0xB,0x0,0x4,0xC,0x3,0x5,0x9,0x7,0xD,0x2,0xE},
{0x3,0x0,0x6,0xF,0x1,0xE,0x9,0x2,0xD,0x8,0xC,0x4,0xB,0xA,0x5,0x7},
{0x8,0x0,0xF,0x3,0x2,0x5,0xE,0xB,0x1,0xA,0x4,0x7,0xC,0x9,0xD,0x6},
{0x0,0xC,0x8,0x9,0xD,0x2,0xA,0xB,0x7,0x3,0x6,0x5,0x4,0xE,0xF,0x1},
{0x1,0x5,0xE,0xC,0xA,0x7,0x0,0xD,0x6,0x2,0xB,0x4,0x9,0x3,0xF,0x8},
{0x1,0xC,0xB,0x0,0xF,0xE,0x6,0x5,0xA,0xD,0x4,0x8,0x9,0x3,0x7,0x2},
{0xB,0x6,0x3,0x4,0xC,0xF,0xE,0x2,0x7,0xD,0x8,0x0,0x5,0xA,0x9,0x1},
{0xF,0xC,0x2,0xA,0x6,0x4,0x5,0x0,0x7,0x9,0xE,0xD,0x1,0xB,0x8,0x3}
};
static const gost_subst_block Gost28147_TC26ParamSetZ = {
{0x1,0x7,0xe,0xd,0x0,0x5,0x8,0x3,0x4,0xf,0xa,0x6,0x9,0xc,0xb,0x2},
{0x8,0xe,0x2,0x5,0x6,0x9,0x1,0xc,0xf,0x4,0xb,0x0,0xd,0xa,0x3,0x7},
{0x5,0xd,0xf,0x6,0x9,0x2,0xc,0xa,0xb,0x7,0x8,0x1,0x4,0x3,0xe,0x0},
{0x7,0xf,0x5,0xa,0x8,0x1,0x6,0xd,0x0,0x9,0x3,0xe,0xb,0x4,0x2,0xc},
{0xc,0x8,0x2,0x1,0xd,0x4,0xf,0x6,0x7,0x0,0xa,0x5,0x3,0xe,0x9,0xb},
{0xb,0x3,0x5,0x8,0x2,0xf,0xa,0xd,0xe,0x1,0x7,0x4,0xc,0x9,0x6,0x0},
{0x6,0x8,0x2,0x3,0x9,0xa,0x5,0xc,0x1,0xe,0x4,0x7,0xb,0xd,0x0,0xf},
{0xc,0x4,0x6,0x2,0xa,0x5,0xb,0x9,0xe,0x8,0xd,0x7,0x0,0x3,0xf,0x1}
};
static const unsigned char CryptoProKeyMeshingKey[] = {
0x69, 0x00, 0x72, 0x22, 0x64, 0xC9, 0x04, 0x23,
0x8D, 0x3A, 0xDB, 0x96, 0x46, 0xE9, 0x2A, 0xC4,
0x18, 0xFE, 0xAC, 0x94, 0x00, 0xED, 0x07, 0x12,
0xC0, 0x86, 0xDC, 0xC2, 0xEF, 0x4C, 0xA9, 0x2B
};
static const struct gost89_parameters_info {
int nid;
const gost_subst_block *sblock;
int key_meshing;
} gost_cipher_list[] =
{
{NID_id_Gost28147_89_CryptoPro_A_ParamSet,&Gost28147_CryptoProParamSetA,1},
{NID_id_Gost28147_89_CryptoPro_B_ParamSet,&Gost28147_CryptoProParamSetB,1},
{NID_id_Gost28147_89_CryptoPro_C_ParamSet,&Gost28147_CryptoProParamSetC,1},
{NID_id_Gost28147_89_CryptoPro_D_ParamSet,&Gost28147_CryptoProParamSetD,1},
{NID_id_tc26_gost_28147_param_Z,&Gost28147_TC26ParamSetZ,1},
{NID_id_Gost28147_89_TestParamSet,&Gost28147_TestParamSet,0},
{NID_id_GostR3411_94_TestParamSet,&GostR3411_94_TestParamSet,0},
{NID_id_GostR3411_94_CryptoProParamSet,&GostR3411_94_CryptoProParamSet,0},
{NID_undef,NULL,0}
};
int
Gost2814789_set_sbox(GOST2814789_KEY *key, int nid)
{
int i;
const gost_subst_block *b = NULL;
unsigned int t;
for (i = 0; gost_cipher_list[i].nid != NID_undef; i++) {
if (gost_cipher_list[i].nid != nid)
continue;
b = gost_cipher_list[i].sblock;
key->key_meshing = gost_cipher_list[i].key_meshing;
break;
}
if (b == NULL)
return 0;
for (i = 0; i < 256; i++) {
t = (unsigned int)(b->k8[i >> 4] <<4 | b->k7 [i & 15]) << 24;
key->k87[i] = (t << 11) | (t >> 21);
t = (unsigned int)(b->k6[i >> 4] <<4 | b->k5 [i & 15]) << 16;
key->k65[i] = (t << 11) | (t >> 21);
t = (unsigned int)(b->k4[i >> 4] <<4 | b->k3 [i & 15]) << 8;
key->k43[i] = (t << 11) | (t >> 21);
t = (unsigned int)(b->k2[i >> 4] <<4 | b->k1 [i & 15]) << 0;
key->k21[i] = (t << 11) | (t >> 21);
}
return 1;
}
LCRYPTO_ALIAS(Gost2814789_set_sbox);
int
Gost2814789_set_key(GOST2814789_KEY *key, const unsigned char *userKey,
const int bits)
{
int i;
if (bits != 256)
return 0;
for (i = 0; i < 8; i++)
c2l(userKey, key->key[i]);
key->count = 0;
return 1;
}
LCRYPTO_ALIAS(Gost2814789_set_key);
void
Gost2814789_cryptopro_key_mesh(GOST2814789_KEY *key)
{
unsigned char newkey[32];
Gost2814789_decrypt(CryptoProKeyMeshingKey + 0, newkey + 0, key);
Gost2814789_decrypt(CryptoProKeyMeshingKey + 8, newkey + 8, key);
Gost2814789_decrypt(CryptoProKeyMeshingKey + 16, newkey + 16, key);
Gost2814789_decrypt(CryptoProKeyMeshingKey + 24, newkey + 24, key);
Gost2814789_set_key(key, newkey, 256);
}
#endif

89
lib/libcrypto/gost/gost89imit_ameth.c
View file

@ -1,89 +0,0 @@
/* $OpenBSD: gost89imit_ameth.c,v 1.5 2024/01/04 17:01:26 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_GOST
#include <openssl/evp.h>
#include "asn1_local.h"
#include "evp_local.h"
static void
mackey_free_gost(EVP_PKEY *pk)
{
free(pk->pkey.ptr);
}
static int
mac_ctrl_gost(EVP_PKEY *pkey, int op, long arg1, void *arg2)
{
switch (op) {
case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
*(int *)arg2 = NID_id_Gost28147_89_MAC;
return 2;
}
return -2;
}
const EVP_PKEY_ASN1_METHOD gostimit_asn1_meth = {
.base_method = &gostimit_asn1_meth,
.pkey_id = EVP_PKEY_GOSTIMIT,
.pkey_flags = ASN1_PKEY_SIGPARAM_NULL,
.pem_str = "GOST-MAC",
.info = "GOST 28147-89 MAC",
.pkey_free = mackey_free_gost,
.pkey_ctrl = mac_ctrl_gost,
};
#endif

255
lib/libcrypto/gost/gost89imit_pmeth.c
View file

@ -1,255 +0,0 @@
/* $OpenBSD: gost89imit_pmeth.c,v 1.6 2023/12/28 21:47:17 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <string.h>
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_GOST
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/gost.h>
#include <openssl/x509v3.h> /* For string_to_hex */
#include "evp_local.h"
#include "gost_local.h"
struct gost_mac_pmeth_data {
EVP_MD *md;
unsigned char key[32];
unsigned key_set :1;
};
static int
pkey_gost_mac_init(EVP_PKEY_CTX *ctx)
{
struct gost_mac_pmeth_data *data;
data = calloc(1, sizeof(struct gost_mac_pmeth_data));
if (data == NULL)
return 0;
EVP_PKEY_CTX_set_data(ctx, data);
return 1;
}
static void
pkey_gost_mac_cleanup(EVP_PKEY_CTX *ctx)
{
struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
free(data);
}
static int
pkey_gost_mac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
{
struct gost_mac_pmeth_data *dst_data, *src_data;
if (pkey_gost_mac_init(dst) == 0)
return 0;
src_data = EVP_PKEY_CTX_get_data(src);
dst_data = EVP_PKEY_CTX_get_data(dst);
*dst_data = *src_data;
return 1;
}
static int
pkey_gost_mac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
{
struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
unsigned char *keydata = NULL;
int ret = 0;
if (!data->key_set) {
GOSTerror(GOST_R_MAC_KEY_NOT_SET);
goto err;
}
if ((keydata = malloc(32)) == NULL) {
GOSTerror(ERR_R_MALLOC_FAILURE);
goto err;
}
memcpy(keydata, data->key, 32);
if (!EVP_PKEY_assign(pkey, NID_id_Gost28147_89_MAC, keydata))
goto err;
keydata = NULL;
ret = 1;
err:
freezero(keydata, 32);
return ret;
}
static int
pkey_gost_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
{
struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
switch (type) {
case EVP_PKEY_CTRL_MD:
if (EVP_MD_type(p2) != NID_id_Gost28147_89_MAC) {
GOSTerror(GOST_R_INVALID_DIGEST_TYPE);
return 0;
}
data->md = p2;
return 1;
case EVP_PKEY_CTRL_SET_MAC_KEY:
if (p1 != 32) {
GOSTerror(GOST_R_INVALID_MAC_KEY_LENGTH);
return 0;
}
memcpy(data->key, p2, 32);
data->key_set = 1;
return 1;
case EVP_PKEY_CTRL_DIGESTINIT:
{
EVP_MD_CTX *mctx = p2;
void *key;
if (!data->key_set) {
EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
if (pkey == NULL) {
GOSTerror(GOST_R_MAC_KEY_NOT_SET);
return 0;
}
key = EVP_PKEY_get0(pkey);
if (key == NULL) {
GOSTerror(GOST_R_MAC_KEY_NOT_SET);
return 0;
}
} else {
key = &(data->key);
}
if (mctx->digest->md_ctrl == NULL)
return 0;
return mctx->digest->md_ctrl(mctx, EVP_MD_CTRL_SET_KEY, 32 * 8,
key);
}
}
return -2;
}
static int
pkey_gost_mac_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
{
if (value == NULL)
return 0;
if (strcmp(type, "key") == 0) {
void *p = (void *)value;
return pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY,
strlen(value), p);
}
if (strcmp(type, "hexkey") == 0) {
unsigned char *key;
int r;
long keylen;
key = string_to_hex(value, &keylen);
if (key == NULL)
return 0;
r = pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen,
key);
free(key);
return r;
}
return -2;
}
static int
pkey_gost_mac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
{
return 1;
}
static int
pkey_gost_mac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
EVP_MD_CTX *mctx)
{
/* for platforms where sizeof(int) != sizeof(size_t)*/
unsigned int tmpsiglen = *siglen;
int ret;
if (sig == NULL) {
*siglen = 4;
return 1;
}
ret = EVP_DigestFinal_ex(mctx, sig, &tmpsiglen);
*siglen = tmpsiglen;
return ret;
}
const EVP_PKEY_METHOD gostimit_pkey_meth = {
.pkey_id = EVP_PKEY_GOSTIMIT,
.init = pkey_gost_mac_init,
.cleanup = pkey_gost_mac_cleanup,
.copy = pkey_gost_mac_copy,
.keygen = pkey_gost_mac_keygen,
.signctx_init = pkey_gost_mac_signctx_init,
.signctx = pkey_gost_mac_signctx,
.ctrl = pkey_gost_mac_ctrl,
.ctrl_str = pkey_gost_mac_ctrl_str,
};
#endif

299
lib/libcrypto/gost/gost_asn1.c
View file

@ -1,299 +0,0 @@
/**********************************************************************
* gost_keytrans.c *
* Copyright (c) 2005-2006 Cryptocom LTD *
* This file is distributed under the same license as OpenSSL *
* *
* ASN1 structure definition for GOST key transport *
* Requires OpenSSL 0.9.9 for compilation *
**********************************************************************/
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_GOST
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <openssl/gost.h>
#include "gost_local.h"
#include "gost_asn1.h"
static const ASN1_TEMPLATE GOST_KEY_TRANSPORT_seq_tt[] = {
{
.flags = 0,
.tag = 0,
.offset = offsetof(GOST_KEY_TRANSPORT, key_info),
.field_name = "key_info",
.item = &GOST_KEY_INFO_it,
},
{
.flags = ASN1_TFLG_IMPLICIT,
.tag = 0,
.offset = offsetof(GOST_KEY_TRANSPORT, key_agreement_info),
.field_name = "key_agreement_info",
.item = &GOST_KEY_AGREEMENT_INFO_it,
},
};
const ASN1_ITEM GOST_KEY_TRANSPORT_it = {
.itype = ASN1_ITYPE_NDEF_SEQUENCE,
.utype = V_ASN1_SEQUENCE,
.templates = GOST_KEY_TRANSPORT_seq_tt,
.tcount = sizeof(GOST_KEY_TRANSPORT_seq_tt) / sizeof(ASN1_TEMPLATE),
.funcs = NULL,
.size = sizeof(GOST_KEY_TRANSPORT),
.sname = "GOST_KEY_TRANSPORT",
};
GOST_KEY_TRANSPORT *
d2i_GOST_KEY_TRANSPORT(GOST_KEY_TRANSPORT **a, const unsigned char **in, long len)
{
return (GOST_KEY_TRANSPORT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
&GOST_KEY_TRANSPORT_it);
}
int
i2d_GOST_KEY_TRANSPORT(GOST_KEY_TRANSPORT *a, unsigned char **out)
{
return ASN1_item_i2d((ASN1_VALUE *)a, out, &GOST_KEY_TRANSPORT_it);
}
GOST_KEY_TRANSPORT *
GOST_KEY_TRANSPORT_new(void)
{
return (GOST_KEY_TRANSPORT *)ASN1_item_new(&GOST_KEY_TRANSPORT_it);
}
void
GOST_KEY_TRANSPORT_free(GOST_KEY_TRANSPORT *a)
{
ASN1_item_free((ASN1_VALUE *)a, &GOST_KEY_TRANSPORT_it);
}
static const ASN1_TEMPLATE GOST_KEY_INFO_seq_tt[] = {
{
.flags = 0,
.tag = 0,
.offset = offsetof(GOST_KEY_INFO, encrypted_key),
.field_name = "encrypted_key",
.item = &ASN1_OCTET_STRING_it,
},
{
.flags = 0,
.tag = 0,
.offset = offsetof(GOST_KEY_INFO, imit),
.field_name = "imit",
.item = &ASN1_OCTET_STRING_it,
},
};
const ASN1_ITEM GOST_KEY_INFO_it = {
.itype = ASN1_ITYPE_NDEF_SEQUENCE,
.utype = V_ASN1_SEQUENCE,
.templates = GOST_KEY_INFO_seq_tt,
.tcount = sizeof(GOST_KEY_INFO_seq_tt) / sizeof(ASN1_TEMPLATE),
.funcs = NULL,
.size = sizeof(GOST_KEY_INFO),
.sname = "GOST_KEY_INFO",
};
GOST_KEY_INFO *
d2i_GOST_KEY_INFO(GOST_KEY_INFO **a, const unsigned char **in, long len)
{
return (GOST_KEY_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
&GOST_KEY_INFO_it);
}
int
i2d_GOST_KEY_INFO(GOST_KEY_INFO *a, unsigned char **out)
{
return ASN1_item_i2d((ASN1_VALUE *)a, out, &GOST_KEY_INFO_it);
}
GOST_KEY_INFO *
GOST_KEY_INFO_new(void)
{
return (GOST_KEY_INFO *)ASN1_item_new(&GOST_KEY_INFO_it);
}
void
GOST_KEY_INFO_free(GOST_KEY_INFO *a)
{
ASN1_item_free((ASN1_VALUE *)a, &GOST_KEY_INFO_it);
}
static const ASN1_TEMPLATE GOST_KEY_AGREEMENT_INFO_seq_tt[] = {
{
.flags = 0,
.tag = 0,
.offset = offsetof(GOST_KEY_AGREEMENT_INFO, cipher),
.field_name = "cipher",
.item = &ASN1_OBJECT_it,
},
{
.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
.tag = 0,
.offset = offsetof(GOST_KEY_AGREEMENT_INFO, ephem_key),
.field_name = "ephem_key",
.item = &X509_PUBKEY_it,
},
{
.flags = 0,
.tag = 0,
.offset = offsetof(GOST_KEY_AGREEMENT_INFO, eph_iv),
.field_name = "eph_iv",
.item = &ASN1_OCTET_STRING_it,
},
};
const ASN1_ITEM GOST_KEY_AGREEMENT_INFO_it = {
.itype = ASN1_ITYPE_NDEF_SEQUENCE,
.utype = V_ASN1_SEQUENCE,
.templates = GOST_KEY_AGREEMENT_INFO_seq_tt,
.tcount = sizeof(GOST_KEY_AGREEMENT_INFO_seq_tt) / sizeof(ASN1_TEMPLATE),
.funcs = NULL,
.size = sizeof(GOST_KEY_AGREEMENT_INFO),
.sname = "GOST_KEY_AGREEMENT_INFO",
};
GOST_KEY_AGREEMENT_INFO *
d2i_GOST_KEY_AGREEMENT_INFO(GOST_KEY_AGREEMENT_INFO **a, const unsigned char **in, long len)
{
return (GOST_KEY_AGREEMENT_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
&GOST_KEY_AGREEMENT_INFO_it);
}
int
i2d_GOST_KEY_AGREEMENT_INFO(GOST_KEY_AGREEMENT_INFO *a, unsigned char **out)
{
return ASN1_item_i2d((ASN1_VALUE *)a, out, &GOST_KEY_AGREEMENT_INFO_it);
}
GOST_KEY_AGREEMENT_INFO *
GOST_KEY_AGREEMENT_INFO_new(void)
{
return (GOST_KEY_AGREEMENT_INFO *)ASN1_item_new(&GOST_KEY_AGREEMENT_INFO_it);
}
void
GOST_KEY_AGREEMENT_INFO_free(GOST_KEY_AGREEMENT_INFO *a)
{
ASN1_item_free((ASN1_VALUE *)a, &GOST_KEY_AGREEMENT_INFO_it);
}
static const ASN1_TEMPLATE GOST_KEY_PARAMS_seq_tt[] = {
{
.flags = 0,
.tag = 0,
.offset = offsetof(GOST_KEY_PARAMS, key_params),
.field_name = "key_params",
.item = &ASN1_OBJECT_it,
},
{
.flags = 0,
.tag = 0,
.offset = offsetof(GOST_KEY_PARAMS, hash_params),
.field_name = "hash_params",
.item = &ASN1_OBJECT_it,
},
{
.flags = ASN1_TFLG_OPTIONAL,
.tag = 0,
.offset = offsetof(GOST_KEY_PARAMS, cipher_params),
.field_name = "cipher_params",
.item = &ASN1_OBJECT_it,
},
};
const ASN1_ITEM GOST_KEY_PARAMS_it = {
.itype = ASN1_ITYPE_NDEF_SEQUENCE,
.utype = V_ASN1_SEQUENCE,
.templates = GOST_KEY_PARAMS_seq_tt,
.tcount = sizeof(GOST_KEY_PARAMS_seq_tt) / sizeof(ASN1_TEMPLATE),
.funcs = NULL,
.size = sizeof(GOST_KEY_PARAMS),
.sname = "GOST_KEY_PARAMS",
};
GOST_KEY_PARAMS *
d2i_GOST_KEY_PARAMS(GOST_KEY_PARAMS **a, const unsigned char **in, long len)
{
return (GOST_KEY_PARAMS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
&GOST_KEY_PARAMS_it);
}
int
i2d_GOST_KEY_PARAMS(GOST_KEY_PARAMS *a, unsigned char **out)
{
return ASN1_item_i2d((ASN1_VALUE *)a, out, &GOST_KEY_PARAMS_it);
}
GOST_KEY_PARAMS *
GOST_KEY_PARAMS_new(void)
{
return (GOST_KEY_PARAMS *)ASN1_item_new(&GOST_KEY_PARAMS_it);
}
void
GOST_KEY_PARAMS_free(GOST_KEY_PARAMS *a)
{
ASN1_item_free((ASN1_VALUE *)a, &GOST_KEY_PARAMS_it);
}
static const ASN1_TEMPLATE GOST_CIPHER_PARAMS_seq_tt[] = {
{
.flags = 0,
.tag = 0,
.offset = offsetof(GOST_CIPHER_PARAMS, iv),
.field_name = "iv",
.item = &ASN1_OCTET_STRING_it,
},
{
.flags = 0,
.tag = 0,
.offset = offsetof(GOST_CIPHER_PARAMS, enc_param_set),
.field_name = "enc_param_set",
.item = &ASN1_OBJECT_it,
},
};
const ASN1_ITEM GOST_CIPHER_PARAMS_it = {
.itype = ASN1_ITYPE_NDEF_SEQUENCE,
.utype = V_ASN1_SEQUENCE,
.templates = GOST_CIPHER_PARAMS_seq_tt,
.tcount = sizeof(GOST_CIPHER_PARAMS_seq_tt) / sizeof(ASN1_TEMPLATE),
.funcs = NULL,
.size = sizeof(GOST_CIPHER_PARAMS),
.sname = "GOST_CIPHER_PARAMS",
};
GOST_CIPHER_PARAMS *
d2i_GOST_CIPHER_PARAMS(GOST_CIPHER_PARAMS **a, const unsigned char **in, long len)
{
return (GOST_CIPHER_PARAMS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
&GOST_CIPHER_PARAMS_it);
}
LCRYPTO_ALIAS(d2i_GOST_CIPHER_PARAMS);
int
i2d_GOST_CIPHER_PARAMS(GOST_CIPHER_PARAMS *a, unsigned char **out)
{
return ASN1_item_i2d((ASN1_VALUE *)a, out, &GOST_CIPHER_PARAMS_it);
}
LCRYPTO_ALIAS(i2d_GOST_CIPHER_PARAMS);
GOST_CIPHER_PARAMS *
GOST_CIPHER_PARAMS_new(void)
{
return (GOST_CIPHER_PARAMS *)ASN1_item_new(&GOST_CIPHER_PARAMS_it);
}
LCRYPTO_ALIAS(GOST_CIPHER_PARAMS_new);
void
GOST_CIPHER_PARAMS_free(GOST_CIPHER_PARAMS *a)
{
ASN1_item_free((ASN1_VALUE *)a, &GOST_CIPHER_PARAMS_it);
}
LCRYPTO_ALIAS(GOST_CIPHER_PARAMS_free);
#endif

107
lib/libcrypto/gost/gost_asn1.h
View file

@ -1,107 +0,0 @@
/* $OpenBSD: gost_asn1.h,v 1.3 2016/12/21 15:49:29 jsing Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#ifndef HEADER_GOST_ASN1_H
#define HEADER_GOST_ASN1_H
#include <openssl/asn1.h>
__BEGIN_HIDDEN_DECLS
typedef struct {
ASN1_OCTET_STRING *encrypted_key;
ASN1_OCTET_STRING *imit;
} GOST_KEY_INFO;
GOST_KEY_INFO *GOST_KEY_INFO_new(void);
void GOST_KEY_INFO_free(GOST_KEY_INFO *a);
GOST_KEY_INFO *d2i_GOST_KEY_INFO(GOST_KEY_INFO **a, const unsigned char **in, long len);
int i2d_GOST_KEY_INFO(GOST_KEY_INFO *a, unsigned char **out);
extern const ASN1_ITEM GOST_KEY_INFO_it;
typedef struct {
ASN1_OBJECT *cipher;
X509_PUBKEY *ephem_key;
ASN1_OCTET_STRING *eph_iv;
} GOST_KEY_AGREEMENT_INFO;
GOST_KEY_AGREEMENT_INFO *GOST_KEY_AGREEMENT_INFO_new(void);
void GOST_KEY_AGREEMENT_INFO_free(GOST_KEY_AGREEMENT_INFO *a);
GOST_KEY_AGREEMENT_INFO *d2i_GOST_KEY_AGREEMENT_INFO(GOST_KEY_AGREEMENT_INFO **a, const unsigned char **in, long len);
int i2d_GOST_KEY_AGREEMENT_INFO(GOST_KEY_AGREEMENT_INFO *a, unsigned char **out);
extern const ASN1_ITEM GOST_KEY_AGREEMENT_INFO_it;
typedef struct {
GOST_KEY_INFO *key_info;
GOST_KEY_AGREEMENT_INFO *key_agreement_info;
} GOST_KEY_TRANSPORT;
GOST_KEY_TRANSPORT *GOST_KEY_TRANSPORT_new(void);
void GOST_KEY_TRANSPORT_free(GOST_KEY_TRANSPORT *a);
GOST_KEY_TRANSPORT *d2i_GOST_KEY_TRANSPORT(GOST_KEY_TRANSPORT **a, const unsigned char **in, long len);
int i2d_GOST_KEY_TRANSPORT(GOST_KEY_TRANSPORT *a, unsigned char **out);
extern const ASN1_ITEM GOST_KEY_TRANSPORT_it;
typedef struct {
ASN1_OBJECT *key_params;
ASN1_OBJECT *hash_params;
ASN1_OBJECT *cipher_params;
} GOST_KEY_PARAMS;
GOST_KEY_PARAMS *GOST_KEY_PARAMS_new(void);
void GOST_KEY_PARAMS_free(GOST_KEY_PARAMS *a);
GOST_KEY_PARAMS *d2i_GOST_KEY_PARAMS(GOST_KEY_PARAMS **a, const unsigned char **in, long len);
int i2d_GOST_KEY_PARAMS(GOST_KEY_PARAMS *a, unsigned char **out);
extern const ASN1_ITEM GOST_KEY_PARAMS_it;
__END_HIDDEN_DECLS
#endif

403
lib/libcrypto/gost/gostr341001.c
View file

@ -1,403 +0,0 @@
/* $OpenBSD: gostr341001.c,v 1.12 2023/07/05 11:37:45 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <string.h>
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_GOST
#include <openssl/bn.h>
#include <openssl/err.h>
#include <openssl/gost.h>
#include "bn_local.h"
#include "ecdsa_local.h"
#include "gost_local.h"
/* Convert little-endian byte array into bignum */
BIGNUM *
GOST_le2bn(const unsigned char *buf, size_t len, BIGNUM *bn)
{
unsigned char temp[64];
int i;
if (len > 64)
return NULL;
for (i = 0; i < len; i++) {
temp[len - 1 - i] = buf[i];
}
return BN_bin2bn(temp, len, bn);
}
int
GOST_bn2le(BIGNUM *bn, unsigned char *buf, int len)
{
unsigned char temp[64];
int i, bytes;
bytes = BN_num_bytes(bn);
if (len > 64 || bytes > len)
return 0;
BN_bn2bin(bn, temp);
for (i = 0; i < bytes; i++) {
buf[bytes - 1 - i] = temp[i];
}
memset(buf + bytes, 0, len - bytes);
return 1;
}
int
gost2001_compute_public(GOST_KEY *ec)
{
const EC_GROUP *group = GOST_KEY_get0_group(ec);
EC_POINT *pub_key = NULL;
const BIGNUM *priv_key = NULL;
BN_CTX *ctx = NULL;
int ok = 0;
if (group == NULL) {
GOSTerror(GOST_R_KEY_IS_NOT_INITIALIZED);
return 0;
}
ctx = BN_CTX_new();
if (ctx == NULL) {
GOSTerror(ERR_R_MALLOC_FAILURE);
return 0;
}
BN_CTX_start(ctx);
if ((priv_key = GOST_KEY_get0_private_key(ec)) == NULL)
goto err;
pub_key = EC_POINT_new(group);
if (pub_key == NULL)
goto err;
if (EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx) == 0)
goto err;
if (GOST_KEY_set_public_key(ec, pub_key) == 0)
goto err;
ok = 1;
if (ok == 0) {
err:
GOSTerror(ERR_R_EC_LIB);
}
EC_POINT_free(pub_key);
if (ctx != NULL) {
BN_CTX_end(ctx);
BN_CTX_free(ctx);
}
return ok;
}
ECDSA_SIG *
gost2001_do_sign(BIGNUM *md, GOST_KEY *eckey)
{
ECDSA_SIG *newsig = NULL;
BIGNUM *order = NULL;
const EC_GROUP *group;
const BIGNUM *priv_key;
BIGNUM *r = NULL, *s = NULL, *X = NULL, *tmp = NULL, *tmp2 = NULL, *k =
NULL, *e = NULL;
EC_POINT *C = NULL;
BN_CTX *ctx = BN_CTX_new();
int ok = 0;
if (ctx == NULL) {
GOSTerror(ERR_R_MALLOC_FAILURE);
return NULL;
}
BN_CTX_start(ctx);
newsig = ECDSA_SIG_new();
if (newsig == NULL) {
GOSTerror(ERR_R_MALLOC_FAILURE);
goto err;
}
s = newsig->s;
r = newsig->r;
group = GOST_KEY_get0_group(eckey);
if ((order = BN_CTX_get(ctx)) == NULL)
goto err;
if (EC_GROUP_get_order(group, order, ctx) == 0)
goto err;
priv_key = GOST_KEY_get0_private_key(eckey);
if ((e = BN_CTX_get(ctx)) == NULL)
goto err;
if (BN_mod_ct(e, md, order, ctx) == 0)
goto err;
if (BN_is_zero(e)) {
if (!BN_one(e))
goto err;
}
if ((k = BN_CTX_get(ctx)) == NULL)
goto err;
if ((X = BN_CTX_get(ctx)) == NULL)
goto err;
if ((C = EC_POINT_new(group)) == NULL)
goto err;
do {
do {
if (!BN_rand_range(k, order)) {
GOSTerror(GOST_R_RANDOM_NUMBER_GENERATOR_FAILED);
goto err;
}
/*
* We do not want timing information to leak the length
* of k, so we compute G*k using an equivalent scalar
* of fixed bit-length.
*/
if (BN_add(k, k, order) == 0)
goto err;
if (BN_num_bits(k) <= BN_num_bits(order))
if (BN_add(k, k, order) == 0)
goto err;
if (EC_POINT_mul(group, C, k, NULL, NULL, ctx) == 0) {
GOSTerror(ERR_R_EC_LIB);
goto err;
}
if (EC_POINT_get_affine_coordinates(group, C, X,
NULL, ctx) == 0) {
GOSTerror(ERR_R_EC_LIB);
goto err;
}
if (BN_nnmod(r, X, order, ctx) == 0)
goto err;
} while (BN_is_zero(r));
/* s = (r*priv_key+k*e) mod order */
if (tmp == NULL) {
if ((tmp = BN_CTX_get(ctx)) == NULL)
goto err;
}
if (BN_mod_mul(tmp, priv_key, r, order, ctx) == 0)
goto err;
if (tmp2 == NULL) {
if ((tmp2 = BN_CTX_get(ctx)) == NULL)
goto err;
}
if (BN_mod_mul(tmp2, k, e, order, ctx) == 0)
goto err;
if (BN_mod_add(s, tmp, tmp2, order, ctx) == 0)
goto err;
} while (BN_is_zero(s));
ok = 1;
err:
EC_POINT_free(C);
if (ctx != NULL) {
BN_CTX_end(ctx);
BN_CTX_free(ctx);
}
if (ok == 0) {
ECDSA_SIG_free(newsig);
newsig = NULL;
}
return newsig;
}
int
gost2001_do_verify(BIGNUM *md, ECDSA_SIG *sig, GOST_KEY *ec)
{
BN_CTX *ctx = BN_CTX_new();
const EC_GROUP *group = GOST_KEY_get0_group(ec);
BIGNUM *order;
BIGNUM *e = NULL, *R = NULL, *v = NULL, *z1 = NULL, *z2 = NULL;
BIGNUM *X = NULL, *tmp = NULL;
EC_POINT *C = NULL;
const EC_POINT *pub_key = NULL;
int ok = 0;
if (ctx == NULL)
goto err;
BN_CTX_start(ctx);
if ((order = BN_CTX_get(ctx)) == NULL)
goto err;
if ((e = BN_CTX_get(ctx)) == NULL)
goto err;
if ((z1 = BN_CTX_get(ctx)) == NULL)
goto err;
if ((z2 = BN_CTX_get(ctx)) == NULL)
goto err;
if ((tmp = BN_CTX_get(ctx)) == NULL)
goto err;
if ((X = BN_CTX_get(ctx)) == NULL)
goto err;
if ((R = BN_CTX_get(ctx)) == NULL)
goto err;
if ((v = BN_CTX_get(ctx)) == NULL)
goto err;
if (EC_GROUP_get_order(group, order, ctx) == 0)
goto err;
pub_key = GOST_KEY_get0_public_key(ec);
if (BN_is_zero(sig->s) || BN_is_zero(sig->r) ||
BN_cmp(sig->s, order) >= 1 || BN_cmp(sig->r, order) >= 1) {
GOSTerror(GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q);
goto err;
}
if (BN_mod_ct(e, md, order, ctx) == 0)
goto err;
if (BN_is_zero(e)) {
if (!BN_one(e))
goto err;
}
if ((v = BN_mod_inverse_ct(v, e, order, ctx)) == NULL)
goto err;
if (BN_mod_mul(z1, sig->s, v, order, ctx) == 0)
goto err;
if (BN_sub(tmp, order, sig->r) == 0)
goto err;
if (BN_mod_mul(z2, tmp, v, order, ctx) == 0)
goto err;
if ((C = EC_POINT_new(group)) == NULL)
goto err;
if (EC_POINT_mul(group, C, z1, pub_key, z2, ctx) == 0) {
GOSTerror(ERR_R_EC_LIB);
goto err;
}
if (EC_POINT_get_affine_coordinates(group, C, X, NULL, ctx) == 0) {
GOSTerror(ERR_R_EC_LIB);
goto err;
}
if (BN_mod_ct(R, X, order, ctx) == 0)
goto err;
if (BN_cmp(R, sig->r) != 0) {
GOSTerror(GOST_R_SIGNATURE_MISMATCH);
} else {
ok = 1;
}
err:
EC_POINT_free(C);
if (ctx != NULL) {
BN_CTX_end(ctx);
BN_CTX_free(ctx);
}
return ok;
}
/* Implementation of CryptoPro VKO 34.10-2001 algorithm */
int
VKO_compute_key(BIGNUM *X, BIGNUM *Y, const GOST_KEY *pkey, GOST_KEY *priv_key,
const BIGNUM *ukm)
{
BIGNUM *p = NULL, *order = NULL;
const BIGNUM *key = GOST_KEY_get0_private_key(priv_key);
const EC_GROUP *group = GOST_KEY_get0_group(priv_key);
const EC_POINT *pub_key = GOST_KEY_get0_public_key(pkey);
EC_POINT *pnt;
BN_CTX *ctx = NULL;
int ok = 0;
pnt = EC_POINT_new(group);
if (pnt == NULL)
goto err;
ctx = BN_CTX_new();
if (ctx == NULL)
goto err;
BN_CTX_start(ctx);
if ((p = BN_CTX_get(ctx)) == NULL)
goto err;
if ((order = BN_CTX_get(ctx)) == NULL)
goto err;
if (EC_GROUP_get_order(group, order, ctx) == 0)
goto err;
if (BN_mod_mul(p, key, ukm, order, ctx) == 0)
goto err;
if (EC_POINT_mul(group, pnt, NULL, pub_key, p, ctx) == 0)
goto err;
if (EC_POINT_get_affine_coordinates(group, pnt, X, Y, ctx) == 0)
goto err;
ok = 1;
err:
if (ctx != NULL) {
BN_CTX_end(ctx);
BN_CTX_free(ctx);
}
EC_POINT_free(pnt);
return ok;
}
int
gost2001_keygen(GOST_KEY *ec)
{
BIGNUM *order = BN_new(), *d = BN_new();
const EC_GROUP *group = GOST_KEY_get0_group(ec);
int rc = 0;
if (order == NULL || d == NULL)
goto err;
if (EC_GROUP_get_order(group, order, NULL) == 0)
goto err;
do {
if (BN_rand_range(d, order) == 0) {
GOSTerror(GOST_R_RANDOM_NUMBER_GENERATOR_FAILED);
goto err;
}
} while (BN_is_zero(d));
if (GOST_KEY_set_private_key(ec, d) == 0)
goto err;
rc = gost2001_compute_public(ec);
err:
BN_free(d);
BN_free(order);
return rc;
}
#endif

727
lib/libcrypto/gost/gostr341001_ameth.c
View file

@ -1,727 +0,0 @@
/* $OpenBSD: gostr341001_ameth.c,v 1.24 2024/01/04 17:01:26 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <string.h>
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_GOST
#include <openssl/bn.h>
#include <openssl/evp.h>
#include <openssl/ec.h>
#include <openssl/err.h>
#include <openssl/x509.h>
#include <openssl/gost.h>
#include "asn1_local.h"
#include "evp_local.h"
#include "gost_local.h"
#include "gost_asn1.h"
static void
pkey_free_gost01(EVP_PKEY *key)
{
GOST_KEY_free(key->pkey.gost);
}
/*
* Parses GOST algorithm parameters from X509_ALGOR and
* modifies pkey setting NID and parameters
*/
static int
decode_gost01_algor_params(EVP_PKEY *pkey, const unsigned char **p, int len)
{
int param_nid = NID_undef, digest_nid = NID_undef;
GOST_KEY_PARAMS *gkp = NULL;
EC_GROUP *group;
GOST_KEY *ec;
gkp = d2i_GOST_KEY_PARAMS(NULL, p, len);
if (gkp == NULL) {
GOSTerror(GOST_R_BAD_PKEY_PARAMETERS_FORMAT);
return 0;
}
param_nid = OBJ_obj2nid(gkp->key_params);
digest_nid = OBJ_obj2nid(gkp->hash_params);
GOST_KEY_PARAMS_free(gkp);
ec = pkey->pkey.gost;
if (ec == NULL) {
ec = GOST_KEY_new();
if (ec == NULL) {
GOSTerror(ERR_R_MALLOC_FAILURE);
return 0;
}
if (EVP_PKEY_assign_GOST(pkey, ec) == 0) {
GOST_KEY_free(ec);
return 0;
}
}
group = EC_GROUP_new_by_curve_name(param_nid);
if (group == NULL) {
GOSTerror(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE);
return 0;
}
EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
if (GOST_KEY_set_group(ec, group) == 0) {
EC_GROUP_free(group);
return 0;
}
EC_GROUP_free(group);
if (GOST_KEY_set_digest(ec, digest_nid) == 0)
return 0;
return 1;
}
static ASN1_STRING *
encode_gost01_algor_params(const EVP_PKEY *key)
{
ASN1_STRING *params = ASN1_STRING_new();
GOST_KEY_PARAMS *gkp = GOST_KEY_PARAMS_new();
int pkey_param_nid = NID_undef;
if (params == NULL || gkp == NULL) {
GOSTerror(ERR_R_MALLOC_FAILURE);
ASN1_STRING_free(params);
params = NULL;
goto err;
}
pkey_param_nid =
EC_GROUP_get_curve_name(GOST_KEY_get0_group(key->pkey.gost));
gkp->key_params = OBJ_nid2obj(pkey_param_nid);
gkp->hash_params = OBJ_nid2obj(GOST_KEY_get_digest(key->pkey.gost));
/*gkp->cipher_params = OBJ_nid2obj(cipher_param_nid); */
params->length = i2d_GOST_KEY_PARAMS(gkp, &params->data);
if (params->length <= 0) {
GOSTerror(ERR_R_MALLOC_FAILURE);
ASN1_STRING_free(params);
params = NULL;
goto err;
}
params->type = V_ASN1_SEQUENCE;
err:
GOST_KEY_PARAMS_free(gkp);
return params;
}
static int
pub_cmp_gost01(const EVP_PKEY *a, const EVP_PKEY *b)
{
const GOST_KEY *ea = a->pkey.gost;
const GOST_KEY *eb = b->pkey.gost;
const EC_POINT *ka, *kb;
int ret = 0;
if (ea == NULL || eb == NULL)
return 0;
ka = GOST_KEY_get0_public_key(ea);
kb = GOST_KEY_get0_public_key(eb);
if (ka == NULL || kb == NULL)
return 0;
ret = (0 == EC_POINT_cmp(GOST_KEY_get0_group(ea), ka, kb, NULL));
return ret;
}
static int
pkey_size_gost01(const EVP_PKEY *pk)
{
if (GOST_KEY_get_digest(pk->pkey.gost) == NID_id_tc26_gost3411_2012_512)
return 128;
return 64;
}
static int
pkey_bits_gost01(const EVP_PKEY *pk)
{
if (GOST_KEY_get_digest(pk->pkey.gost) == NID_id_tc26_gost3411_2012_512)
return 512;
return 256;
}
static int
pub_decode_gost01(EVP_PKEY *pk, X509_PUBKEY *pub)
{
X509_ALGOR *palg = NULL;
const unsigned char *pubkey_buf = NULL;
const unsigned char *p;
ASN1_OBJECT *palgobj = NULL;
int pub_len;
BIGNUM *X, *Y;
ASN1_OCTET_STRING *octet = NULL;
int len;
int ret;
int ptype = V_ASN1_UNDEF;
ASN1_STRING *pval = NULL;
if (X509_PUBKEY_get0_param(&palgobj, &pubkey_buf, &pub_len, &palg, pub)
== 0)
return 0;
/* Called for the side effect of freeing pk->pkey. */
if (!EVP_PKEY_set_type(pk, EVP_PKEY_GOSTR01))
return 0;
X509_ALGOR_get0(NULL, &ptype, (const void **)&pval, palg);
if (ptype != V_ASN1_SEQUENCE) {
GOSTerror(GOST_R_BAD_KEY_PARAMETERS_FORMAT);
return 0;
}
p = pval->data;
if (decode_gost01_algor_params(pk, &p, pval->length) == 0) {
GOSTerror(GOST_R_BAD_KEY_PARAMETERS_FORMAT);
return 0;
}
octet = d2i_ASN1_OCTET_STRING(NULL, &pubkey_buf, pub_len);
if (octet == NULL) {
GOSTerror(ERR_R_MALLOC_FAILURE);
return 0;
}
len = octet->length / 2;
X = GOST_le2bn(octet->data, len, NULL);
Y = GOST_le2bn(octet->data + len, len, NULL);
ASN1_OCTET_STRING_free(octet);
ret = GOST_KEY_set_public_key_affine_coordinates(pk->pkey.gost, X, Y);
if (ret == 0)
GOSTerror(ERR_R_EC_LIB);
BN_free(X);
BN_free(Y);
return ret;
}
static int
pub_encode_gost01(X509_PUBKEY *pub, const EVP_PKEY *pk)
{
ASN1_OBJECT *algobj = NULL;
ASN1_OCTET_STRING *octet = NULL;
ASN1_STRING *params = NULL;
void *pval = NULL;
unsigned char *buf = NULL, *sptr;
int key_size, ret = 0;
const EC_POINT *pub_key;
BIGNUM *X = NULL, *Y = NULL;
const GOST_KEY *ec = pk->pkey.gost;
int ptype = V_ASN1_UNDEF;
algobj = OBJ_nid2obj(GostR3410_get_pk_digest(GOST_KEY_get_digest(ec)));
if (pk->save_parameters) {
params = encode_gost01_algor_params(pk);
if (params == NULL)
return 0;
pval = params;
ptype = V_ASN1_SEQUENCE;
}
key_size = GOST_KEY_get_size(ec);
pub_key = GOST_KEY_get0_public_key(ec);
if (pub_key == NULL) {
GOSTerror(GOST_R_PUBLIC_KEY_UNDEFINED);
goto err;
}
octet = ASN1_OCTET_STRING_new();
if (octet == NULL) {
GOSTerror(ERR_R_MALLOC_FAILURE);
goto err;
}
ret = ASN1_STRING_set(octet, NULL, 2 * key_size);
if (ret == 0) {
GOSTerror(ERR_R_INTERNAL_ERROR);
goto err;
}
sptr = ASN1_STRING_data(octet);
X = BN_new();
Y = BN_new();
if (X == NULL || Y == NULL) {
GOSTerror(ERR_R_MALLOC_FAILURE);
goto err;
}
if (EC_POINT_get_affine_coordinates(GOST_KEY_get0_group(ec),
pub_key, X, Y, NULL) == 0) {
GOSTerror(ERR_R_EC_LIB);
goto err;
}
GOST_bn2le(X, sptr, key_size);
GOST_bn2le(Y, sptr + key_size, key_size);
BN_free(Y);
BN_free(X);
ret = i2d_ASN1_OCTET_STRING(octet, &buf);
ASN1_BIT_STRING_free(octet);
if (ret < 0)
return 0;
return X509_PUBKEY_set0_param(pub, algobj, ptype, pval, buf, ret);
err:
BN_free(Y);
BN_free(X);
ASN1_BIT_STRING_free(octet);
ASN1_STRING_free(params);
return 0;
}
static int
param_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx)
{
int param_nid =
EC_GROUP_get_curve_name(GOST_KEY_get0_group(pkey->pkey.gost));
if (BIO_indent(out, indent, 128) == 0)
return 0;
BIO_printf(out, "Parameter set: %s\n", OBJ_nid2ln(param_nid));
if (BIO_indent(out, indent, 128) == 0)
return 0;
BIO_printf(out, "Digest Algorithm: %s\n",
OBJ_nid2ln(GOST_KEY_get_digest(pkey->pkey.gost)));
return 1;
}
static int
pub_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx)
{
BN_CTX *ctx = BN_CTX_new();
BIGNUM *X, *Y;
const EC_POINT *pubkey;
const EC_GROUP *group;
if (ctx == NULL) {
GOSTerror(ERR_R_MALLOC_FAILURE);
return 0;
}
BN_CTX_start(ctx);
if ((X = BN_CTX_get(ctx)) == NULL)
goto err;
if ((Y = BN_CTX_get(ctx)) == NULL)
goto err;
pubkey = GOST_KEY_get0_public_key(pkey->pkey.gost);
group = GOST_KEY_get0_group(pkey->pkey.gost);
if (EC_POINT_get_affine_coordinates(group, pubkey, X, Y, ctx) == 0) {
GOSTerror(ERR_R_EC_LIB);
goto err;
}
if (BIO_indent(out, indent, 128) == 0)
goto err;
BIO_printf(out, "Public key:\n");
if (BIO_indent(out, indent + 3, 128) == 0)
goto err;
BIO_printf(out, "X:");
BN_print(out, X);
BIO_printf(out, "\n");
if (BIO_indent(out, indent + 3, 128) == 0)
goto err;
BIO_printf(out, "Y:");
BN_print(out, Y);
BIO_printf(out, "\n");
BN_CTX_end(ctx);
BN_CTX_free(ctx);
return param_print_gost01(out, pkey, indent, pctx);
err:
BN_CTX_end(ctx);
BN_CTX_free(ctx);
return 0;
}
static int
priv_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx)
{
const BIGNUM *key;
if (BIO_indent(out, indent, 128) == 0)
return 0;
BIO_printf(out, "Private key: ");
key = GOST_KEY_get0_private_key(pkey->pkey.gost);
if (key == NULL)
BIO_printf(out, "<undefined)");
else
BN_print(out, key);
BIO_printf(out, "\n");
return pub_print_gost01(out, pkey, indent, pctx);
}
static int
priv_decode_gost01(EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf)
{
const unsigned char *pkey_buf = NULL, *p = NULL;
int priv_len = 0;
BIGNUM *pk_num = NULL;
int ret = 0;
const X509_ALGOR *palg = NULL;
const ASN1_OBJECT *palg_obj = NULL;
ASN1_INTEGER *priv_key = NULL;
GOST_KEY *ec;
int ptype = V_ASN1_UNDEF;
ASN1_STRING *pval = NULL;
if (PKCS8_pkey_get0(&palg_obj, &pkey_buf, &priv_len, &palg, p8inf) == 0) {
GOSTerror(GOST_R_BAD_KEY_PARAMETERS_FORMAT);
return 0;
}
/* Called for the side effect of freeing pk->pkey. */
if (!EVP_PKEY_set_type(pk, EVP_PKEY_GOSTR01))
return 0;
X509_ALGOR_get0(NULL, &ptype, (const void **)&pval, palg);
if (ptype != V_ASN1_SEQUENCE) {
GOSTerror(GOST_R_BAD_KEY_PARAMETERS_FORMAT);
return 0;
}
p = pval->data;
if (decode_gost01_algor_params(pk, &p, pval->length) == 0) {
GOSTerror(GOST_R_BAD_KEY_PARAMETERS_FORMAT);
return 0;
}
p = pkey_buf;
if (V_ASN1_OCTET_STRING == *p) {
/* New format - Little endian octet string */
ASN1_OCTET_STRING *s =
d2i_ASN1_OCTET_STRING(NULL, &p, priv_len);
if (s == NULL) {
GOSTerror(EVP_R_DECODE_ERROR);
ASN1_STRING_free(s);
return 0;
}
pk_num = GOST_le2bn(s->data, s->length, NULL);
ASN1_STRING_free(s);
} else {
priv_key = d2i_ASN1_INTEGER(NULL, &p, priv_len);
if (priv_key == NULL)
return 0;
ret = ((pk_num = ASN1_INTEGER_to_BN(priv_key, NULL)) != NULL);
ASN1_INTEGER_free(priv_key);
if (ret == 0) {
GOSTerror(EVP_R_DECODE_ERROR);
return 0;
}
}
ec = pk->pkey.gost;
if (ec == NULL) {
ec = GOST_KEY_new();
if (ec == NULL) {
BN_free(pk_num);
return 0;
}
if (EVP_PKEY_assign_GOST(pk, ec) == 0) {
BN_free(pk_num);
GOST_KEY_free(ec);
return 0;
}
}
if (GOST_KEY_set_private_key(ec, pk_num) == 0) {
BN_free(pk_num);
return 0;
}
ret = 0;
if (EVP_PKEY_missing_parameters(pk) == 0)
ret = gost2001_compute_public(ec) != 0;
BN_free(pk_num);
return ret;
}
static int
priv_encode_gost01(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk)
{
ASN1_OBJECT *algobj =
OBJ_nid2obj(GostR3410_get_pk_digest(GOST_KEY_get_digest(pk->pkey.gost)));
ASN1_STRING *params = encode_gost01_algor_params(pk);
unsigned char *priv_buf = NULL;
int priv_len;
ASN1_INTEGER *asn1key = NULL;
if (params == NULL)
return 0;
asn1key = BN_to_ASN1_INTEGER(GOST_KEY_get0_private_key(pk->pkey.gost),
NULL);
if (asn1key == NULL) {
ASN1_STRING_free(params);
return 0;
}
priv_len = i2d_ASN1_INTEGER(asn1key, &priv_buf);
ASN1_INTEGER_free(asn1key);
return PKCS8_pkey_set0(p8, algobj, 0, V_ASN1_SEQUENCE, params, priv_buf,
priv_len);
}
static int
param_encode_gost01(const EVP_PKEY *pkey, unsigned char **pder)
{
ASN1_STRING *params = encode_gost01_algor_params(pkey);
int len;
if (params == NULL)
return 0;
len = params->length;
if (pder != NULL)
memcpy(*pder, params->data, params->length);
ASN1_STRING_free(params);
return len;
}
static int
param_decode_gost01(EVP_PKEY *pkey, const unsigned char **pder, int derlen)
{
ASN1_OBJECT *obj = NULL;
int nid;
GOST_KEY *ec;
EC_GROUP *group;
int ret;
/* New format */
if ((V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED) == **pder)
return decode_gost01_algor_params(pkey, pder, derlen);
/* Compatibility */
if (d2i_ASN1_OBJECT(&obj, pder, derlen) == NULL) {
GOSTerror(ERR_R_MALLOC_FAILURE);
return 0;
}
nid = OBJ_obj2nid(obj);
ASN1_OBJECT_free(obj);
ec = GOST_KEY_new();
if (ec == NULL) {
GOSTerror(ERR_R_MALLOC_FAILURE);
return 0;
}
group = EC_GROUP_new_by_curve_name(nid);
if (group == NULL) {
GOSTerror(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE);
GOST_KEY_free(ec);
return 0;
}
EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
if (GOST_KEY_set_group(ec, group) == 0) {
GOSTerror(ERR_R_EC_LIB);
EC_GROUP_free(group);
GOST_KEY_free(ec);
return 0;
}
EC_GROUP_free(group);
if (GOST_KEY_set_digest(ec,
NID_id_GostR3411_94_CryptoProParamSet) == 0) {
GOSTerror(GOST_R_INVALID_DIGEST_TYPE);
GOST_KEY_free(ec);
return 0;
}
ret = EVP_PKEY_assign_GOST(pkey, ec);
if (ret == 0)
GOST_KEY_free(ec);
return ret;
}
static int
param_missing_gost01(const EVP_PKEY *pk)
{
const GOST_KEY *ec = pk->pkey.gost;
if (ec == NULL)
return 1;
if (GOST_KEY_get0_group(ec) == NULL)
return 1;
if (GOST_KEY_get_digest(ec) == NID_undef)
return 1;
return 0;
}
static int
param_copy_gost01(EVP_PKEY *to, const EVP_PKEY *from)
{
GOST_KEY *eto = to->pkey.gost;
const GOST_KEY *efrom = from->pkey.gost;
int ret = 1;
if (EVP_PKEY_base_id(from) != EVP_PKEY_base_id(to)) {
GOSTerror(GOST_R_INCOMPATIBLE_ALGORITHMS);
return 0;
}
if (efrom == NULL) {
GOSTerror(GOST_R_KEY_PARAMETERS_MISSING);
return 0;
}
if (eto == NULL) {
eto = GOST_KEY_new();
if (eto == NULL) {
GOSTerror(ERR_R_MALLOC_FAILURE);
return 0;
}
if (EVP_PKEY_assign(to, EVP_PKEY_base_id(from), eto) == 0) {
GOST_KEY_free(eto);
return 0;
}
}
GOST_KEY_set_group(eto, GOST_KEY_get0_group(efrom));
GOST_KEY_set_digest(eto, GOST_KEY_get_digest(efrom));
if (GOST_KEY_get0_private_key(eto) != NULL)
ret = gost2001_compute_public(eto);
return ret;
}
static int
param_cmp_gost01(const EVP_PKEY *a, const EVP_PKEY *b)
{
if (EC_GROUP_get_curve_name(GOST_KEY_get0_group(a->pkey.gost)) !=
EC_GROUP_get_curve_name(GOST_KEY_get0_group(b->pkey.gost)))
return 0;
if (GOST_KEY_get_digest(a->pkey.gost) !=
GOST_KEY_get_digest(b->pkey.gost))
return 0;
return 1;
}
static int
pkey_ctrl_gost01(EVP_PKEY *pkey, int op, long arg1, void *arg2)
{
X509_ALGOR *alg1 = NULL, *alg2 = NULL, *alg3 = NULL;
int digest = GOST_KEY_get_digest(pkey->pkey.gost);
switch (op) {
case ASN1_PKEY_CTRL_PKCS7_SIGN:
if (arg1 == 0)
PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
break;
case ASN1_PKEY_CTRL_PKCS7_ENCRYPT:
if (arg1 == 0)
PKCS7_RECIP_INFO_get0_alg(arg2, &alg3);
break;
case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
*(int *)arg2 = GostR3410_get_md_digest(digest);
return 2;
default:
return -2;
}
if (alg1)
X509_ALGOR_set0(alg1, OBJ_nid2obj(GostR3410_get_md_digest(digest)), V_ASN1_NULL, 0);
if (alg2)
X509_ALGOR_set0(alg2, OBJ_nid2obj(GostR3410_get_pk_digest(digest)), V_ASN1_NULL, 0);
if (alg3) {
ASN1_STRING *params = encode_gost01_algor_params(pkey);
if (params == NULL) {
return -1;
}
X509_ALGOR_set0(alg3,
OBJ_nid2obj(GostR3410_get_pk_digest(digest)),
V_ASN1_SEQUENCE, params);
}
return 1;
}
const EVP_PKEY_ASN1_METHOD gostr01_asn1_meth = {
.base_method = &gostr01_asn1_meth,
.pkey_id = EVP_PKEY_GOSTR01,
.pkey_flags = ASN1_PKEY_SIGPARAM_NULL,
.pem_str = "GOST2001",
.info = "GOST R 34.10-2001",
.pkey_free = pkey_free_gost01,
.pkey_ctrl = pkey_ctrl_gost01,
.priv_decode = priv_decode_gost01,
.priv_encode = priv_encode_gost01,
.priv_print = priv_print_gost01,
.param_decode = param_decode_gost01,
.param_encode = param_encode_gost01,
.param_missing = param_missing_gost01,
.param_copy = param_copy_gost01,
.param_cmp = param_cmp_gost01,
.param_print = param_print_gost01,
.pub_decode = pub_decode_gost01,
.pub_encode = pub_encode_gost01,
.pub_cmp = pub_cmp_gost01,
.pub_print = pub_print_gost01,
.pkey_size = pkey_size_gost01,
.pkey_bits = pkey_bits_gost01,
};
const EVP_PKEY_ASN1_METHOD gostr12_256_asn1_meth = {
.base_method = &gostr01_asn1_meth,
.pkey_id = EVP_PKEY_GOSTR12_256,
.pkey_flags = ASN1_PKEY_ALIAS,
};
const EVP_PKEY_ASN1_METHOD gostr12_512_asn1_meth = {
.base_method = &gostr01_asn1_meth,
.pkey_id = EVP_PKEY_GOSTR12_512,
.pkey_flags = ASN1_PKEY_ALIAS,
};
#endif

334
lib/libcrypto/gost/gostr341001_key.c
View file

@ -1,334 +0,0 @@
/* $OpenBSD: gostr341001_key.c,v 1.14 2023/07/24 17:08:53 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <string.h>
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_GOST
#include <openssl/bn.h>
#include <openssl/err.h>
#include <openssl/gost.h>
#include <openssl/objects.h>
#include "gost_local.h"
struct gost_key_st {
EC_GROUP *group;
EC_POINT *pub_key;
BIGNUM *priv_key;
int references;
int digest_nid;
};
GOST_KEY *
GOST_KEY_new(void)
{
GOST_KEY *ret;
ret = malloc(sizeof(GOST_KEY));
if (ret == NULL) {
GOSTerror(ERR_R_MALLOC_FAILURE);
return (NULL);
}
ret->group = NULL;
ret->pub_key = NULL;
ret->priv_key = NULL;
ret->references = 1;
ret->digest_nid = NID_undef;
return (ret);
}
LCRYPTO_ALIAS(GOST_KEY_new);
void
GOST_KEY_free(GOST_KEY *r)
{
int i;
if (r == NULL)
return;
i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_EC);
if (i > 0)
return;
EC_GROUP_free(r->group);
EC_POINT_free(r->pub_key);
BN_free(r->priv_key);
freezero(r, sizeof(GOST_KEY));
}
LCRYPTO_ALIAS(GOST_KEY_free);
int
GOST_KEY_check_key(const GOST_KEY *key)
{
int ok = 0;
BN_CTX *ctx = NULL;
BIGNUM *order = NULL;
EC_POINT *point = NULL;
if (key == NULL || key->group == NULL || key->pub_key == NULL) {
GOSTerror(ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (EC_POINT_is_at_infinity(key->group, key->pub_key) != 0) {
GOSTerror(EC_R_POINT_AT_INFINITY);
goto err;
}
if ((ctx = BN_CTX_new()) == NULL)
goto err;
if ((point = EC_POINT_new(key->group)) == NULL)
goto err;
/* testing whether the pub_key is on the elliptic curve */
if (EC_POINT_is_on_curve(key->group, key->pub_key, ctx) <= 0) {
GOSTerror(EC_R_POINT_IS_NOT_ON_CURVE);
goto err;
}
/* testing whether pub_key * order is the point at infinity */
if ((order = BN_new()) == NULL)
goto err;
if (EC_GROUP_get_order(key->group, order, ctx) == 0) {
GOSTerror(EC_R_INVALID_GROUP_ORDER);
goto err;
}
if (EC_POINT_mul(key->group, point, NULL, key->pub_key, order,
ctx) == 0) {
GOSTerror(ERR_R_EC_LIB);
goto err;
}
if (EC_POINT_is_at_infinity(key->group, point) == 0) {
GOSTerror(EC_R_WRONG_ORDER);
goto err;
}
/*
* in case the priv_key is present : check if generator * priv_key ==
* pub_key
*/
if (key->priv_key != NULL) {
if (BN_cmp(key->priv_key, order) >= 0) {
GOSTerror(EC_R_WRONG_ORDER);
goto err;
}
if (EC_POINT_mul(key->group, point, key->priv_key, NULL, NULL,
ctx) == 0) {
GOSTerror(ERR_R_EC_LIB);
goto err;
}
if (EC_POINT_cmp(key->group, point, key->pub_key, ctx) != 0) {
GOSTerror(EC_R_INVALID_PRIVATE_KEY);
goto err;
}
}
ok = 1;
err:
BN_free(order);
BN_CTX_free(ctx);
EC_POINT_free(point);
return (ok);
}
LCRYPTO_ALIAS(GOST_KEY_check_key);
int
GOST_KEY_set_public_key_affine_coordinates(GOST_KEY *key, BIGNUM *x, BIGNUM *y)
{
BN_CTX *ctx = NULL;
BIGNUM *tx, *ty;
EC_POINT *point = NULL;
int ok = 0;
if (key == NULL || key->group == NULL || x == NULL || y == NULL) {
GOSTerror(ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
ctx = BN_CTX_new();
if (ctx == NULL)
goto err;
BN_CTX_start(ctx);
point = EC_POINT_new(key->group);
if (point == NULL)
goto err;
if ((tx = BN_CTX_get(ctx)) == NULL)
goto err;
if ((ty = BN_CTX_get(ctx)) == NULL)
goto err;
if (EC_POINT_set_affine_coordinates(key->group, point, x, y,
ctx) == 0)
goto err;
if (EC_POINT_get_affine_coordinates(key->group, point, tx, ty,
ctx) == 0)
goto err;
/*
* Check if retrieved coordinates match originals: if not, values are
* out of range.
*/
if (BN_cmp(x, tx) != 0 || BN_cmp(y, ty) != 0) {
GOSTerror(EC_R_COORDINATES_OUT_OF_RANGE);
goto err;
}
if (GOST_KEY_set_public_key(key, point) == 0)
goto err;
if (GOST_KEY_check_key(key) == 0)
goto err;
ok = 1;
err:
EC_POINT_free(point);
BN_CTX_end(ctx);
BN_CTX_free(ctx);
return ok;
}
LCRYPTO_ALIAS(GOST_KEY_set_public_key_affine_coordinates);
const EC_GROUP *
GOST_KEY_get0_group(const GOST_KEY *key)
{
return key->group;
}
LCRYPTO_ALIAS(GOST_KEY_get0_group);
int
GOST_KEY_set_group(GOST_KEY *key, const EC_GROUP *group)
{
EC_GROUP_free(key->group);
key->group = EC_GROUP_dup(group);
return (key->group == NULL) ? 0 : 1;
}
LCRYPTO_ALIAS(GOST_KEY_set_group);
const BIGNUM *
GOST_KEY_get0_private_key(const GOST_KEY *key)
{
return key->priv_key;
}
LCRYPTO_ALIAS(GOST_KEY_get0_private_key);
int
GOST_KEY_set_private_key(GOST_KEY *key, const BIGNUM *priv_key)
{
BN_free(key->priv_key);
key->priv_key = BN_dup(priv_key);
return (key->priv_key == NULL) ? 0 : 1;
}
LCRYPTO_ALIAS(GOST_KEY_set_private_key);
const EC_POINT *
GOST_KEY_get0_public_key(const GOST_KEY *key)
{
return key->pub_key;
}
LCRYPTO_ALIAS(GOST_KEY_get0_public_key);
int
GOST_KEY_set_public_key(GOST_KEY *key, const EC_POINT *pub_key)
{
EC_POINT_free(key->pub_key);
key->pub_key = EC_POINT_dup(pub_key, key->group);
return (key->pub_key == NULL) ? 0 : 1;
}
LCRYPTO_ALIAS(GOST_KEY_set_public_key);
int
GOST_KEY_get_digest(const GOST_KEY *key)
{
return key->digest_nid;
}
LCRYPTO_ALIAS(GOST_KEY_get_digest);
int
GOST_KEY_set_digest(GOST_KEY *key, int digest_nid)
{
if (digest_nid == NID_id_GostR3411_94_CryptoProParamSet ||
digest_nid == NID_id_tc26_gost3411_2012_256 ||
digest_nid == NID_id_tc26_gost3411_2012_512) {
key->digest_nid = digest_nid;
return 1;
}
return 0;
}
LCRYPTO_ALIAS(GOST_KEY_set_digest);
size_t
GOST_KEY_get_size(const GOST_KEY *r)
{
int i;
BIGNUM *order = NULL;
const EC_GROUP *group;
if (r == NULL)
return 0;
group = GOST_KEY_get0_group(r);
if (group == NULL)
return 0;
if ((order = BN_new()) == NULL)
return 0;
if (EC_GROUP_get_order(group, order, NULL) == 0) {
BN_free(order);
return 0;
}
i = BN_num_bytes(order);
BN_free(order);
return (i);
}
LCRYPTO_ALIAS(GOST_KEY_get_size);
#endif

132
lib/libcrypto/gost/gostr341001_params.c
View file

@ -1,132 +0,0 @@
/* $OpenBSD: gostr341001_params.c,v 1.5 2022/11/26 16:08:53 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <string.h>
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_GOST
#include <openssl/objects.h>
#include <openssl/gost.h>
#include "gost_local.h"
int
GostR3410_get_md_digest(int nid)
{
if (nid == NID_id_GostR3411_94_CryptoProParamSet)
return NID_id_GostR3411_94;
return nid;
}
int
GostR3410_get_pk_digest(int nid)
{
switch (nid) {
case NID_id_GostR3411_94_CryptoProParamSet:
return NID_id_GostR3410_2001;
case NID_id_tc26_gost3411_2012_256:
return NID_id_tc26_gost3410_2012_256;
case NID_id_tc26_gost3411_2012_512:
return NID_id_tc26_gost3410_2012_512;
default:
return NID_undef;
}
}
typedef struct GostR3410_params {
const char *name;
int nid;
} GostR3410_params;
static const GostR3410_params GostR3410_256_params[] = {
{ "A", NID_id_GostR3410_2001_CryptoPro_A_ParamSet },
{ "B", NID_id_GostR3410_2001_CryptoPro_B_ParamSet },
{ "C", NID_id_GostR3410_2001_CryptoPro_C_ParamSet },
{ "0", NID_id_GostR3410_2001_TestParamSet },
{ "XA", NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet },
{ "XB", NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet },
{ NULL, NID_undef },
};
static const GostR3410_params GostR3410_512_params[] = {
{ "A", NID_id_tc26_gost_3410_12_512_paramSetA },
{ "B", NID_id_tc26_gost_3410_12_512_paramSetB },
{ NULL, NID_undef },
};
int
GostR3410_256_param_id(const char *value)
{
int i;
for (i = 0; GostR3410_256_params[i].nid != NID_undef; i++) {
if (strcasecmp(GostR3410_256_params[i].name, value) == 0)
return GostR3410_256_params[i].nid;
}
return NID_undef;
}
int
GostR3410_512_param_id(const char *value)
{
int i;
for (i = 0; GostR3410_512_params[i].nid != NID_undef; i++) {
if (strcasecmp(GostR3410_512_params[i].name, value) == 0)
return GostR3410_512_params[i].nid;
}
return NID_undef;
}
#endif

705
lib/libcrypto/gost/gostr341001_pmeth.c
View file

@ -1,705 +0,0 @@
/* $OpenBSD: gostr341001_pmeth.c,v 1.19 2023/07/28 15:50:33 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <string.h>
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_GOST
#include <openssl/bn.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/gost.h>
#include <openssl/ec.h>
#include <openssl/x509.h>
#include "ecdsa_local.h"
#include "evp_local.h"
#include "gost_local.h"
#include "gost_asn1.h"
static ECDSA_SIG *
unpack_signature_cp(const unsigned char *sig, size_t siglen)
{
ECDSA_SIG *s;
s = ECDSA_SIG_new();
if (s == NULL) {
GOSTerror(ERR_R_MALLOC_FAILURE);
return NULL;
}
BN_bin2bn(sig, siglen / 2, s->s);
BN_bin2bn(sig + siglen / 2, siglen / 2, s->r);
return s;
}
static int
pack_signature_cp(ECDSA_SIG *s, int order, unsigned char *sig, size_t *siglen)
{
int r_len = BN_num_bytes(s->r);
int s_len = BN_num_bytes(s->s);
if (r_len > order || s_len > order)
return 0;
*siglen = 2 * order;
memset(sig, 0, *siglen);
BN_bn2bin(s->s, sig + order - s_len);
BN_bn2bin(s->r, sig + 2 * order - r_len);
ECDSA_SIG_free(s);
return 1;
}
static ECDSA_SIG *
unpack_signature_le(const unsigned char *sig, size_t siglen)
{
ECDSA_SIG *s;
s = ECDSA_SIG_new();
if (s == NULL) {
GOSTerror(ERR_R_MALLOC_FAILURE);
return NULL;
}
GOST_le2bn(sig, siglen / 2, s->r);
GOST_le2bn(sig + siglen / 2, siglen / 2, s->s);
return s;
}
static int
pack_signature_le(ECDSA_SIG *s, int order, unsigned char *sig, size_t *siglen)
{
*siglen = 2 * order;
memset(sig, 0, *siglen);
GOST_bn2le(s->r, sig, order);
GOST_bn2le(s->s, sig + order, order);
ECDSA_SIG_free(s);
return 1;
}
struct gost_pmeth_data {
int sign_param_nid; /* Should be set whenever parameters are filled */
int digest_nid;
EVP_MD *md;
unsigned char *shared_ukm;
int peer_key_used;
int sig_format;
};
static int
pkey_gost01_init(EVP_PKEY_CTX *ctx)
{
struct gost_pmeth_data *data;
EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
data = calloc(1, sizeof(struct gost_pmeth_data));
if (data == NULL)
return 0;
if (pkey != NULL && pkey->pkey.gost != NULL) {
data->sign_param_nid =
EC_GROUP_get_curve_name(GOST_KEY_get0_group(pkey->pkey.gost));
data->digest_nid = GOST_KEY_get_digest(pkey->pkey.gost);
}
EVP_PKEY_CTX_set_data(ctx, data);
return 1;
}
/* Copies contents of gost_pmeth_data structure */
static int
pkey_gost01_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
{
struct gost_pmeth_data *dst_data, *src_data;
if (pkey_gost01_init(dst) == 0)
return 0;
src_data = EVP_PKEY_CTX_get_data(src);
dst_data = EVP_PKEY_CTX_get_data(dst);
*dst_data = *src_data;
if (src_data->shared_ukm != NULL)
dst_data->shared_ukm = NULL;
return 1;
}
/* Frees up gost_pmeth_data structure */
static void
pkey_gost01_cleanup(EVP_PKEY_CTX *ctx)
{
struct gost_pmeth_data *data;
if ((data = EVP_PKEY_CTX_get_data(ctx)) == NULL)
return;
free(data->shared_ukm);
free(data);
}
static int
pkey_gost01_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
{
struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
EC_GROUP *group = NULL;
GOST_KEY *gost = NULL;
int ret = 0;
if (data->sign_param_nid == NID_undef ||
data->digest_nid == NID_undef) {
GOSTerror(GOST_R_NO_PARAMETERS_SET);
return 0;
}
group = EC_GROUP_new_by_curve_name(data->sign_param_nid);
if (group == NULL)
goto done;
EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
gost = GOST_KEY_new();
if (gost == NULL)
goto done;
if (GOST_KEY_set_digest(gost, data->digest_nid) == 0)
goto done;
if (GOST_KEY_set_group(gost, group) != 0)
ret = EVP_PKEY_assign_GOST(pkey, gost);
done:
if (ret == 0)
GOST_KEY_free(gost);
EC_GROUP_free(group);
return ret;
}
static int
pkey_gost01_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
{
if (pkey_gost01_paramgen(ctx, pkey) == 0)
return 0;
return gost2001_keygen(pkey->pkey.gost) != 0;
}
static int
pkey_gost01_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
const unsigned char *tbs, size_t tbs_len)
{
ECDSA_SIG *unpacked_sig = NULL;
EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
struct gost_pmeth_data *pctx = EVP_PKEY_CTX_get_data(ctx);
BIGNUM *md;
size_t size;
int ret;
if (pkey == NULL || pkey->pkey.gost == NULL)
return 0;
size = GOST_KEY_get_size(pkey->pkey.gost);
if (siglen == NULL)
return 0;
if (sig == NULL) {
*siglen = 2 * size;
return 1;
} else if (*siglen < 2 * size) {
GOSTerror(EC_R_BUFFER_TOO_SMALL);
return 0;
}
if (tbs_len != 32 && tbs_len != 64) {
GOSTerror(EVP_R_BAD_BLOCK_LENGTH);
return 0;
}
md = GOST_le2bn(tbs, tbs_len, NULL);
if (md == NULL)
return 0;
unpacked_sig = gost2001_do_sign(md, pkey->pkey.gost);
BN_free(md);
if (unpacked_sig == NULL) {
return 0;
}
switch (pctx->sig_format) {
case GOST_SIG_FORMAT_SR_BE:
ret = pack_signature_cp(unpacked_sig, size, sig, siglen);
break;
case GOST_SIG_FORMAT_RS_LE:
ret = pack_signature_le(unpacked_sig, size, sig, siglen);
break;
default:
ret = -1;
break;
}
if (ret <= 0)
ECDSA_SIG_free(unpacked_sig);
return ret;
}
static int
pkey_gost01_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
const unsigned char *tbs, size_t tbs_len)
{
int ok = 0;
EVP_PKEY *pub_key = EVP_PKEY_CTX_get0_pkey(ctx);
struct gost_pmeth_data *pctx = EVP_PKEY_CTX_get_data(ctx);
ECDSA_SIG *s = NULL;
BIGNUM *md;
if (pub_key == NULL)
return 0;
switch (pctx->sig_format) {
case GOST_SIG_FORMAT_SR_BE:
s = unpack_signature_cp(sig, siglen);
break;
case GOST_SIG_FORMAT_RS_LE:
s = unpack_signature_le(sig, siglen);
break;
}
if (s == NULL)
return 0;
md = GOST_le2bn(tbs, tbs_len, NULL);
if (md == NULL)
goto err;
ok = gost2001_do_verify(md, s, pub_key->pkey.gost);
err:
BN_free(md);
ECDSA_SIG_free(s);
return ok;
}
static int
gost01_VKO_key(EVP_PKEY *pub_key, EVP_PKEY *priv_key, const unsigned char *ukm,
unsigned char *key)
{
unsigned char hashbuf[128];
int digest_nid;
int ret = 0;
BN_CTX *ctx = BN_CTX_new();
BIGNUM *UKM, *X, *Y;
if (ctx == NULL)
return 0;
BN_CTX_start(ctx);
if ((UKM = BN_CTX_get(ctx)) == NULL)
goto err;
if ((X = BN_CTX_get(ctx)) == NULL)
goto err;
if ((Y = BN_CTX_get(ctx)) == NULL)
goto err;
GOST_le2bn(ukm, 8, UKM);
digest_nid = GOST_KEY_get_digest(priv_key->pkey.gost);
if (VKO_compute_key(X, Y, pub_key->pkey.gost, priv_key->pkey.gost,
UKM) == 0)
goto err;
switch (digest_nid) {
case NID_id_GostR3411_94_CryptoProParamSet:
GOST_bn2le(X, hashbuf, 32);
GOST_bn2le(Y, hashbuf + 32, 32);
GOSTR341194(hashbuf, 64, key, digest_nid);
ret = 1;
break;
case NID_id_tc26_gost3411_2012_256:
GOST_bn2le(X, hashbuf, 32);
GOST_bn2le(Y, hashbuf + 32, 32);
STREEBOG256(hashbuf, 64, key);
ret = 1;
break;
case NID_id_tc26_gost3411_2012_512:
GOST_bn2le(X, hashbuf, 64);
GOST_bn2le(Y, hashbuf + 64, 64);
STREEBOG256(hashbuf, 128, key);
ret = 1;
break;
default:
ret = -2;
break;
}
err:
BN_CTX_end(ctx);
BN_CTX_free(ctx);
return ret;
}
int
pkey_gost01_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, size_t *key_len,
const unsigned char *in, size_t in_len)
{
const unsigned char *p = in;
EVP_PKEY *priv = EVP_PKEY_CTX_get0_pkey(pctx);
GOST_KEY_TRANSPORT *gkt = NULL;
int ret = 0;
unsigned char wrappedKey[44];
unsigned char sharedKey[32];
EVP_PKEY *eph_key = NULL, *peerkey = NULL;
int nid;
if (key == NULL) {
*key_len = 32;
return 1;
}
gkt = d2i_GOST_KEY_TRANSPORT(NULL, (const unsigned char **)&p, in_len);
if (gkt == NULL) {
GOSTerror(GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO);
return -1;
}
/* If key transport structure contains public key, use it */
eph_key = X509_PUBKEY_get(gkt->key_agreement_info->ephem_key);
if (eph_key != NULL) {
if (EVP_PKEY_derive_set_peer(pctx, eph_key) <= 0) {
GOSTerror(GOST_R_INCOMPATIBLE_PEER_KEY);
goto err;
}
} else {
/* Set control "public key from client certificate used" */
if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3,
NULL) <= 0) {
GOSTerror(GOST_R_CTRL_CALL_FAILED);
goto err;
}
}
peerkey = EVP_PKEY_CTX_get0_peerkey(pctx);
if (peerkey == NULL) {
GOSTerror(GOST_R_NO_PEER_KEY);
goto err;
}
nid = OBJ_obj2nid(gkt->key_agreement_info->cipher);
if (gkt->key_agreement_info->eph_iv->length != 8) {
GOSTerror(GOST_R_INVALID_IV_LENGTH);
goto err;
}
memcpy(wrappedKey, gkt->key_agreement_info->eph_iv->data, 8);
if (gkt->key_info->encrypted_key->length != 32) {
GOSTerror(EVP_R_BAD_KEY_LENGTH);
goto err;
}
memcpy(wrappedKey + 8, gkt->key_info->encrypted_key->data, 32);
if (gkt->key_info->imit->length != 4) {
GOSTerror(ERR_R_INTERNAL_ERROR);
goto err;
}
memcpy(wrappedKey + 40, gkt->key_info->imit->data, 4);
if (gost01_VKO_key(peerkey, priv, wrappedKey, sharedKey) <= 0)
goto err;
if (gost_key_unwrap_crypto_pro(nid, sharedKey, wrappedKey, key) == 0) {
GOSTerror(GOST_R_ERROR_COMPUTING_SHARED_KEY);
goto err;
}
ret = 1;
err:
EVP_PKEY_free(eph_key);
GOST_KEY_TRANSPORT_free(gkt);
return ret;
}
int
pkey_gost01_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
{
/*
* Public key of peer in the ctx field peerkey
* Our private key in the ctx pkey
* ukm is in the algorithm specific context data
*/
EVP_PKEY *my_key = EVP_PKEY_CTX_get0_pkey(ctx);
EVP_PKEY *peer_key = EVP_PKEY_CTX_get0_peerkey(ctx);
struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
if (data->shared_ukm == NULL) {
GOSTerror(GOST_R_UKM_NOT_SET);
return 0;
}
if (key == NULL) {
*keylen = 32;
return 32;
}
if (gost01_VKO_key(peer_key, my_key, data->shared_ukm, key) <= 0)
return 0;
*keylen = 32;
return 1;
}
int
pkey_gost01_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out, size_t *out_len,
const unsigned char *key, size_t key_len)
{
GOST_KEY_TRANSPORT *gkt = NULL;
EVP_PKEY *pubk = EVP_PKEY_CTX_get0_pkey(pctx);
struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(pctx);
unsigned char ukm[8], shared_key[32], crypted_key[44];
int ret = 0;
int key_is_ephemeral;
EVP_PKEY *sec_key = EVP_PKEY_CTX_get0_peerkey(pctx);
int nid = NID_id_Gost28147_89_CryptoPro_A_ParamSet;
if (data->shared_ukm != NULL) {
memcpy(ukm, data->shared_ukm, 8);
} else /* if (out != NULL) */ {
arc4random_buf(ukm, 8);
}
/* Check for private key in the peer_key of context */
if (sec_key) {
key_is_ephemeral = 0;
if (GOST_KEY_get0_private_key(sec_key->pkey.gost) == 0) {
GOSTerror(GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR);
goto err;
}
} else {
key_is_ephemeral = 1;
if (out != NULL) {
GOST_KEY *tmp_key;
sec_key = EVP_PKEY_new();
if (sec_key == NULL)
goto err;
tmp_key = GOST_KEY_new();
if (tmp_key == NULL)
goto err;
if (EVP_PKEY_assign(sec_key, EVP_PKEY_base_id(pubk),
tmp_key) == 0) {
GOST_KEY_free(tmp_key);
goto err;
}
if (EVP_PKEY_copy_parameters(sec_key, pubk) == 0)
goto err;
if (gost2001_keygen(sec_key->pkey.gost) == 0) {
goto err;
}
}
}
if (out != NULL) {
if (gost01_VKO_key(pubk, sec_key, ukm, shared_key) <= 0)
goto err;
gost_key_wrap_crypto_pro(nid, shared_key, ukm, key,
crypted_key);
}
gkt = GOST_KEY_TRANSPORT_new();
if (gkt == NULL)
goto err;
if (ASN1_OCTET_STRING_set(gkt->key_agreement_info->eph_iv, ukm, 8) == 0)
goto err;
if (ASN1_OCTET_STRING_set(gkt->key_info->imit, crypted_key + 40,
4) == 0)
goto err;
if (ASN1_OCTET_STRING_set(gkt->key_info->encrypted_key, crypted_key + 8,
32) == 0)
goto err;
if (key_is_ephemeral) {
if (X509_PUBKEY_set(&gkt->key_agreement_info->ephem_key,
out != NULL ? sec_key : pubk) == 0) {
GOSTerror(GOST_R_CANNOT_PACK_EPHEMERAL_KEY);
goto err;
}
}
ASN1_OBJECT_free(gkt->key_agreement_info->cipher);
gkt->key_agreement_info->cipher = OBJ_nid2obj(nid);
if (key_is_ephemeral)
EVP_PKEY_free(sec_key);
else {
/* Set control "public key from client certificate used" */
if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3,
NULL) <= 0) {
GOSTerror(GOST_R_CTRL_CALL_FAILED);
goto err;
}
}
if ((*out_len = i2d_GOST_KEY_TRANSPORT(gkt, out ? &out : NULL)) > 0)
ret = 1;
GOST_KEY_TRANSPORT_free(gkt);
return ret;
err:
if (key_is_ephemeral)
EVP_PKEY_free(sec_key);
GOST_KEY_TRANSPORT_free(gkt);
return -1;
}
static int
pkey_gost01_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
{
struct gost_pmeth_data *pctx = EVP_PKEY_CTX_get_data(ctx);
switch (type) {
case EVP_PKEY_CTRL_MD:
if (EVP_MD_type(p2) !=
GostR3410_get_md_digest(pctx->digest_nid)) {
GOSTerror(GOST_R_INVALID_DIGEST_TYPE);
return 0;
}
pctx->md = p2;
return 1;
case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
case EVP_PKEY_CTRL_PKCS7_DECRYPT:
case EVP_PKEY_CTRL_PKCS7_SIGN:
case EVP_PKEY_CTRL_DIGESTINIT:
return 1;
case EVP_PKEY_CTRL_GOST_PARAMSET:
pctx->sign_param_nid = (int)p1;
return 1;
case EVP_PKEY_CTRL_SET_IV:
{
char *ukm = malloc(p1);
if (ukm == NULL) {
GOSTerror(ERR_R_MALLOC_FAILURE);
return 0;
}
memcpy(ukm, p2, p1);
free(pctx->shared_ukm);
pctx->shared_ukm = ukm;
return 1;
}
case EVP_PKEY_CTRL_PEER_KEY:
if (p1 == 0 || p1 == 1) /* call from EVP_PKEY_derive_set_peer */
return 1;
if (p1 == 2) /* TLS: peer key used? */
return pctx->peer_key_used;
if (p1 == 3) /* TLS: peer key used! */
return (pctx->peer_key_used = 1);
return -2;
case EVP_PKEY_CTRL_GOST_SIG_FORMAT:
switch (p1) {
case GOST_SIG_FORMAT_SR_BE:
case GOST_SIG_FORMAT_RS_LE:
pctx->sig_format = p1;
return 1;
default:
return 0;
}
break;
case EVP_PKEY_CTRL_GOST_SET_DIGEST:
pctx->digest_nid = (int)p1;
return 1;
case EVP_PKEY_CTRL_GOST_GET_DIGEST:
*(int *)p2 = pctx->digest_nid;
return 1;
default:
return -2;
}
}
static int
pkey_gost01_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
{
int param_nid = NID_undef;
int digest_nid = NID_undef;
if (strcmp(type, "paramset") == 0) {
if (value == NULL)
return 0;
if (pkey_gost01_ctrl(ctx, EVP_PKEY_CTRL_GOST_GET_DIGEST, 0,
&digest_nid) == 0)
return 0;
if (digest_nid == NID_id_tc26_gost3411_2012_512)
param_nid = GostR3410_512_param_id(value);
else
param_nid = GostR3410_256_param_id(value);
if (param_nid == NID_undef)
param_nid = OBJ_txt2nid(value);
if (param_nid == NID_undef)
return 0;
return pkey_gost01_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET,
param_nid, NULL);
}
if (strcmp(type, "dgst") == 0) {
if (value == NULL)
return 0;
else if (strcmp(value, "gost94") == 0 ||
strcmp(value, "md_gost94") == 0)
digest_nid = NID_id_GostR3411_94_CryptoProParamSet;
else if (strcmp(value, "streebog256") == 0)
digest_nid = NID_id_tc26_gost3411_2012_256;
else if (strcmp(value, "streebog512") == 0)
digest_nid = NID_id_tc26_gost3411_2012_512;
if (digest_nid == NID_undef)
return 0;
return pkey_gost01_ctrl(ctx, EVP_PKEY_CTRL_GOST_SET_DIGEST,
digest_nid, NULL);
}
return -2;
}
const EVP_PKEY_METHOD gostr01_pkey_meth = {
.pkey_id = EVP_PKEY_GOSTR01,
.init = pkey_gost01_init,
.copy = pkey_gost01_copy,
.cleanup = pkey_gost01_cleanup,
.paramgen = pkey_gost01_paramgen,
.keygen = pkey_gost01_keygen,
.sign = pkey_gost01_sign,
.verify = pkey_gost01_verify,
.encrypt = pkey_gost01_encrypt,
.decrypt = pkey_gost01_decrypt,
.derive = pkey_gost01_derive,
.ctrl = pkey_gost01_ctrl,
.ctrl_str = pkey_gost01_ctrl_str,
};
#endif

1487
lib/libcrypto/gost/streebog.c
View file

File diff suppressed because it is too large Load diff

20
lib/libcrypto/hidden/openssl/asn1.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: asn1.h,v 1.8 2024/03/01 07:38:33 tb Exp $ */
/* $OpenBSD: asn1.h,v 1.12 2024/03/02 09:08:41 tb Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
@ -154,7 +154,6 @@ LCRYPTO_USED(ASN1_TIME_normalize);
LCRYPTO_USED(ASN1_TIME_set_string_X509);
LCRYPTO_USED(ASN1_TIME_diff);
LCRYPTO_USED(ASN1_TIME_set);
LCRYPTO_USED(ASN1_TIME_set_tm);
LCRYPTO_USED(ASN1_TIME_adj);
LCRYPTO_USED(ASN1_TIME_check);
LCRYPTO_USED(ASN1_TIME_to_generalizedtime);
@ -222,32 +221,15 @@ LCRYPTO_USED(ASN1_mbstring_copy);
LCRYPTO_USED(ASN1_mbstring_ncopy);
LCRYPTO_USED(ASN1_STRING_set_by_NID);
LCRYPTO_USED(ASN1_STRING_TABLE_get);
LCRYPTO_USED(ASN1_STRING_TABLE_add);
LCRYPTO_USED(ASN1_STRING_TABLE_cleanup);
LCRYPTO_USED(ASN1_item_new);
LCRYPTO_USED(ASN1_item_free);
LCRYPTO_USED(ASN1_item_d2i);
LCRYPTO_USED(ASN1_item_i2d);
LCRYPTO_USED(ASN1_add_oid_module);
LCRYPTO_USED(ASN1_generate_nconf);
LCRYPTO_USED(ASN1_generate_v3);
LCRYPTO_USED(ASN1_item_print);
LCRYPTO_USED(ASN1_PCTX_new);
LCRYPTO_USED(ASN1_PCTX_free);
LCRYPTO_USED(ASN1_PCTX_get_flags);
LCRYPTO_USED(ASN1_PCTX_set_flags);
LCRYPTO_USED(ASN1_PCTX_get_nm_flags);
LCRYPTO_USED(ASN1_PCTX_set_nm_flags);
LCRYPTO_USED(ASN1_PCTX_get_cert_flags);
LCRYPTO_USED(ASN1_PCTX_set_cert_flags);
LCRYPTO_USED(ASN1_PCTX_get_oid_flags);
LCRYPTO_USED(ASN1_PCTX_set_oid_flags);
LCRYPTO_USED(ASN1_PCTX_get_str_flags);
LCRYPTO_USED(ASN1_PCTX_set_str_flags);
LCRYPTO_USED(SMIME_crlf_copy);
LCRYPTO_USED(SMIME_text);
LCRYPTO_USED(ERR_load_ASN1_strings);
LCRYPTO_USED(ASN1_time_parse);
LCRYPTO_USED(ASN1_time_tm_cmp);
#endif /* _LIBCRYPTO_ASN1_H */

8
lib/libcrypto/hidden/openssl/bio.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bio.h,v 1.4 2023/07/28 10:13:50 tb Exp $ */
/* $OpenBSD: bio.h,v 1.7 2024/03/02 09:22:41 tb Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
@ -68,7 +68,6 @@ LCRYPTO_USED(BIO_s_file);
LCRYPTO_USED(BIO_new_file);
LCRYPTO_USED(BIO_new_fp);
LCRYPTO_USED(BIO_new);
LCRYPTO_USED(BIO_set);
LCRYPTO_USED(BIO_free);
LCRYPTO_USED(BIO_up_ref);
LCRYPTO_USED(BIO_get_data);
@ -118,8 +117,6 @@ LCRYPTO_USED(BIO_fd_should_retry);
LCRYPTO_USED(BIO_fd_non_fatal_error);
LCRYPTO_USED(BIO_dump);
LCRYPTO_USED(BIO_dump_indent);
LCRYPTO_USED(BIO_dump_fp);
LCRYPTO_USED(BIO_dump_indent_fp);
LCRYPTO_USED(BIO_gethostbyname);
LCRYPTO_USED(BIO_sock_error);
LCRYPTO_USED(BIO_socket_ioctl);
@ -138,9 +135,6 @@ LCRYPTO_USED(BIO_new_connect);
LCRYPTO_USED(BIO_new_accept);
LCRYPTO_USED(BIO_copy_next_retry);
LCRYPTO_USED(BIO_printf);
LCRYPTO_USED(BIO_vprintf);
LCRYPTO_USED(BIO_snprintf);
LCRYPTO_USED(BIO_vsnprintf);
LCRYPTO_USED(ERR_load_BIO_strings);
#endif /* _LIBCRYPTO_BIO_H */

5
lib/libcrypto/hidden/openssl/bn.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn.h,v 1.4 2023/07/29 03:13:38 tb Exp $ */
/* $OpenBSD: bn.h,v 1.6 2024/03/02 09:27:31 tb Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
@ -97,9 +97,6 @@ LCRYPTO_USED(BN_lshift);
LCRYPTO_USED(BN_lshift1);
LCRYPTO_USED(BN_exp);
LCRYPTO_USED(BN_mod_exp_mont_consttime);
LCRYPTO_USED(BN_mod_exp_mont_word);
LCRYPTO_USED(BN_mod_exp2_mont);
LCRYPTO_USED(BN_mod_exp_simple);
LCRYPTO_USED(BN_mask_bits);
LCRYPTO_USED(BN_print_fp);
LCRYPTO_USED(BN_print);

3
lib/libcrypto/hidden/openssl/cmac.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: cmac.h,v 1.1 2023/07/08 14:27:14 beck Exp $ */
/* $OpenBSD: cmac.h,v 1.2 2024/03/02 09:30:21 tb Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
@ -33,6 +33,5 @@ LCRYPTO_USED(CMAC_CTX_copy);
LCRYPTO_USED(CMAC_Init);
LCRYPTO_USED(CMAC_Update);
LCRYPTO_USED(CMAC_Final);
LCRYPTO_USED(CMAC_resume);
#endif /* _LIBCRYPTO_CMAC_H */

29
lib/libcrypto/hidden/openssl/crypto.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: crypto.h,v 1.3 2024/03/01 07:38:33 tb Exp $ */
/* $OpenBSD: crypto.h,v 1.6 2024/03/02 11:37:13 tb Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
@ -38,35 +38,8 @@ LCRYPTO_USED(CRYPTO_get_ex_data);
LCRYPTO_USED(CRYPTO_cleanup_all_ex_data);
LCRYPTO_USED(CRYPTO_lock);
LCRYPTO_USED(CRYPTO_add_lock);
LCRYPTO_USED(CRYPTO_THREADID_current);
LCRYPTO_USED(CRYPTO_THREADID_cmp);
LCRYPTO_USED(CRYPTO_THREADID_cpy);
LCRYPTO_USED(CRYPTO_THREADID_hash);
LCRYPTO_USED(CRYPTO_set_mem_functions);
LCRYPTO_USED(CRYPTO_set_locked_mem_functions);
LCRYPTO_USED(CRYPTO_set_mem_ex_functions);
LCRYPTO_USED(CRYPTO_set_locked_mem_ex_functions);
LCRYPTO_USED(CRYPTO_set_mem_debug_functions);
LCRYPTO_USED(CRYPTO_get_mem_functions);
LCRYPTO_USED(CRYPTO_get_locked_mem_functions);
LCRYPTO_USED(CRYPTO_get_mem_ex_functions);
LCRYPTO_USED(CRYPTO_get_locked_mem_ex_functions);
LCRYPTO_USED(CRYPTO_get_mem_debug_functions);
LCRYPTO_USED(CRYPTO_realloc_clean);
LCRYPTO_USED(CRYPTO_remalloc);
LCRYPTO_USED(CRYPTO_set_mem_debug_options);
LCRYPTO_USED(CRYPTO_get_mem_debug_options);
LCRYPTO_USED(CRYPTO_push_info_);
LCRYPTO_USED(CRYPTO_pop_info);
LCRYPTO_USED(CRYPTO_remove_all_info);
LCRYPTO_USED(CRYPTO_dbg_malloc);
LCRYPTO_USED(CRYPTO_dbg_realloc);
LCRYPTO_USED(CRYPTO_dbg_free);
LCRYPTO_USED(CRYPTO_dbg_set_options);
LCRYPTO_USED(CRYPTO_dbg_get_options);
LCRYPTO_USED(CRYPTO_mem_leaks_fp);
LCRYPTO_USED(CRYPTO_mem_leaks);
LCRYPTO_USED(CRYPTO_mem_leaks_cb);
LCRYPTO_USED(OpenSSLDie);
LCRYPTO_USED(OPENSSL_cpu_caps);
LCRYPTO_USED(OPENSSL_init_crypto);

3
lib/libcrypto/hidden/openssl/dsa.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: dsa.h,v 1.1 2023/07/08 14:28:15 beck Exp $ */
/* $OpenBSD: dsa.h,v 1.2 2024/03/02 09:33:14 tb Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
@ -61,7 +61,6 @@ LCRYPTO_USED(d2i_DSAPrivateKey);
LCRYPTO_USED(i2d_DSAPrivateKey);
LCRYPTO_USED(d2i_DSAparams);
LCRYPTO_USED(i2d_DSAparams);
LCRYPTO_USED(DSA_generate_parameters);
LCRYPTO_USED(DSA_generate_parameters_ex);
LCRYPTO_USED(DSA_generate_key);
LCRYPTO_USED(DSAparams_print);

3
lib/libcrypto/hidden/openssl/err.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: err.h,v 1.4 2023/07/28 10:23:19 tb Exp $ */
/* $OpenBSD: err.h,v 1.5 2024/03/02 10:30:48 tb Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
@ -53,7 +53,6 @@ LCRYPTO_USED(ERR_load_crypto_strings);
LCRYPTO_USED(ERR_free_strings);
LCRYPTO_USED(ERR_remove_thread_state);
LCRYPTO_USED(ERR_remove_state);
LCRYPTO_USED(ERR_get_state);
LCRYPTO_USED(ERR_get_next_error_library);
LCRYPTO_USED(ERR_set_mark);
LCRYPTO_USED(ERR_pop_to_mark);

71
lib/libcrypto/hidden/openssl/gost.h
View file

@ -1,71 +0,0 @@
/* $OpenBSD: gost.h,v 1.1 2023/07/08 14:30:44 beck Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#ifndef _LIBCRYPTO_GOST_H
#define _LIBCRYPTO_GOST_H
#ifndef _MSC_VER
#include_next <openssl/gost.h>
#else
#include "../include/openssl/gost.h"
#endif
#include "crypto_namespace.h"
LCRYPTO_USED(Gost2814789_set_sbox);
LCRYPTO_USED(Gost2814789_set_key);
LCRYPTO_USED(Gost2814789_ecb_encrypt);
LCRYPTO_USED(Gost2814789_cfb64_encrypt);
LCRYPTO_USED(Gost2814789_cnt_encrypt);
LCRYPTO_USED(GOST_CIPHER_PARAMS_new);
LCRYPTO_USED(GOST_CIPHER_PARAMS_free);
LCRYPTO_USED(d2i_GOST_CIPHER_PARAMS);
LCRYPTO_USED(i2d_GOST_CIPHER_PARAMS);
LCRYPTO_USED(GOST2814789IMIT_Init);
LCRYPTO_USED(GOST2814789IMIT_Update);
LCRYPTO_USED(GOST2814789IMIT_Final);
LCRYPTO_USED(GOST2814789IMIT_Transform);
LCRYPTO_USED(GOST2814789IMIT);
LCRYPTO_USED(GOSTR341194_Init);
LCRYPTO_USED(GOSTR341194_Update);
LCRYPTO_USED(GOSTR341194_Final);
LCRYPTO_USED(GOSTR341194_Transform);
LCRYPTO_USED(GOSTR341194);
LCRYPTO_USED(STREEBOG256_Init);
LCRYPTO_USED(STREEBOG256_Update);
LCRYPTO_USED(STREEBOG256_Final);
LCRYPTO_USED(STREEBOG256);
LCRYPTO_USED(STREEBOG512_Init);
LCRYPTO_USED(STREEBOG512_Update);
LCRYPTO_USED(STREEBOG512_Final);
LCRYPTO_USED(STREEBOG512_Transform);
LCRYPTO_USED(STREEBOG512);
LCRYPTO_USED(GOST_KEY_new);
LCRYPTO_USED(GOST_KEY_free);
LCRYPTO_USED(GOST_KEY_check_key);
LCRYPTO_USED(GOST_KEY_set_public_key_affine_coordinates);
LCRYPTO_USED(GOST_KEY_get0_group);
LCRYPTO_USED(GOST_KEY_set_group);
LCRYPTO_USED(GOST_KEY_get_digest);
LCRYPTO_USED(GOST_KEY_set_digest);
LCRYPTO_USED(GOST_KEY_get0_private_key);
LCRYPTO_USED(GOST_KEY_set_private_key);
LCRYPTO_USED(GOST_KEY_get0_public_key);
LCRYPTO_USED(GOST_KEY_set_public_key);
LCRYPTO_USED(GOST_KEY_get_size);
LCRYPTO_USED(ERR_load_GOST_strings);
#endif /* _LIBCRYPTO_GOST_H */

9
lib/libcrypto/hidden/openssl/lhash.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: lhash.h,v 1.2 2023/07/07 19:37:54 beck Exp $ */
/* $OpenBSD: lhash.h,v 1.4 2024/03/02 11:11:11 tb Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
@ -27,6 +27,7 @@
LCRYPTO_USED(lh_new);
LCRYPTO_USED(lh_free);
LCRYPTO_USED(lh_error);
LCRYPTO_USED(lh_insert);
LCRYPTO_USED(lh_delete);
LCRYPTO_USED(lh_retrieve);
@ -34,11 +35,5 @@ LCRYPTO_USED(lh_doall);
LCRYPTO_USED(lh_doall_arg);
LCRYPTO_USED(lh_strhash);
LCRYPTO_USED(lh_num_items);
LCRYPTO_USED(lh_stats);
LCRYPTO_USED(lh_node_stats);
LCRYPTO_USED(lh_node_usage_stats);
LCRYPTO_USED(lh_stats_bio);
LCRYPTO_USED(lh_node_stats_bio);
LCRYPTO_USED(lh_node_usage_stats_bio);
#endif /* _LIBCRYPTO_LHASH_H */

10
lib/libcrypto/hidden/openssl/objects.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: objects.h,v 1.2 2023/07/28 10:25:05 tb Exp $ */
/* $OpenBSD: objects.h,v 1.5 2024/03/02 09:49:45 tb Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
@ -25,12 +25,6 @@
#endif
#include "crypto_namespace.h"
LCRYPTO_USED(OBJ_NAME_init);
LCRYPTO_USED(OBJ_NAME_new_index);
LCRYPTO_USED(OBJ_NAME_get);
LCRYPTO_USED(OBJ_NAME_add);
LCRYPTO_USED(OBJ_NAME_remove);
LCRYPTO_USED(OBJ_NAME_cleanup);
LCRYPTO_USED(OBJ_NAME_do_all);
LCRYPTO_USED(OBJ_NAME_do_all_sorted);
LCRYPTO_USED(OBJ_dup);
@ -44,9 +38,7 @@ LCRYPTO_USED(OBJ_txt2nid);
LCRYPTO_USED(OBJ_ln2nid);
LCRYPTO_USED(OBJ_sn2nid);
LCRYPTO_USED(OBJ_cmp);
LCRYPTO_USED(OBJ_bsearch_);
LCRYPTO_USED(OBJ_new_nid);
LCRYPTO_USED(OBJ_add_object);
LCRYPTO_USED(OBJ_create);
LCRYPTO_USED(OBJ_cleanup);
LCRYPTO_USED(OBJ_create_objects);

37
lib/libcrypto/hidden/openssl/pkcs12.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: pkcs12.h,v 1.2 2023/07/05 21:14:54 bcook Exp $ */
/* $OpenBSD: pkcs12.h,v 1.3 2024/03/02 10:15:16 tb Exp $ */
/*
* Copyright (c) 2022 Bob Beck <beck@openbsd.org>
*
@ -34,68 +34,33 @@ LCRYPTO_USED(PKCS12_SAFEBAG_get1_crl);
LCRYPTO_USED(PKCS8_get_attr);
LCRYPTO_USED(PKCS12_mac_present);
LCRYPTO_USED(PKCS12_get0_mac);
LCRYPTO_USED(PKCS12_SAFEBAG_create_cert);
LCRYPTO_USED(PKCS12_SAFEBAG_create_crl);
LCRYPTO_USED(PKCS12_SAFEBAG_create0_p8inf);
LCRYPTO_USED(PKCS12_SAFEBAG_create0_pkcs8);
LCRYPTO_USED(PKCS12_SAFEBAG_create_pkcs8_encrypt);
LCRYPTO_USED(PKCS12_SAFEBAG_get0_p8inf);
LCRYPTO_USED(PKCS12_SAFEBAG_get0_pkcs8);
LCRYPTO_USED(PKCS12_SAFEBAG_get0_safes);
LCRYPTO_USED(PKCS12_SAFEBAG_get0_type);
LCRYPTO_USED(PKCS12_item_pack_safebag);
LCRYPTO_USED(PKCS8_decrypt);
LCRYPTO_USED(PKCS12_decrypt_skey);
LCRYPTO_USED(PKCS8_encrypt);
LCRYPTO_USED(PKCS12_pack_p7data);
LCRYPTO_USED(PKCS12_unpack_p7data);
LCRYPTO_USED(PKCS12_pack_p7encdata);
LCRYPTO_USED(PKCS12_unpack_p7encdata);
LCRYPTO_USED(PKCS12_pack_authsafes);
LCRYPTO_USED(PKCS12_unpack_authsafes);
LCRYPTO_USED(PKCS12_add_localkeyid);
LCRYPTO_USED(PKCS12_add_friendlyname_asc);
LCRYPTO_USED(PKCS12_add_CSPName_asc);
LCRYPTO_USED(PKCS12_add_friendlyname_uni);
LCRYPTO_USED(PKCS8_add_keyusage);
LCRYPTO_USED(PKCS12_get_attr_gen);
LCRYPTO_USED(PKCS12_get_friendlyname);
LCRYPTO_USED(PKCS12_pbe_crypt);
LCRYPTO_USED(PKCS12_item_decrypt_d2i);
LCRYPTO_USED(PKCS12_item_i2d_encrypt);
LCRYPTO_USED(PKCS12_init);
LCRYPTO_USED(PKCS12_key_gen_asc);
LCRYPTO_USED(PKCS12_key_gen_uni);
LCRYPTO_USED(PKCS12_PBE_keyivgen);
LCRYPTO_USED(PKCS12_gen_mac);
LCRYPTO_USED(PKCS12_verify_mac);
LCRYPTO_USED(PKCS12_set_mac);
LCRYPTO_USED(PKCS12_setup_mac);
LCRYPTO_USED(OPENSSL_asc2uni);
LCRYPTO_USED(OPENSSL_uni2asc);
LCRYPTO_USED(PKCS12_new);
LCRYPTO_USED(PKCS12_free);
LCRYPTO_USED(d2i_PKCS12);
LCRYPTO_USED(i2d_PKCS12);
LCRYPTO_USED(PKCS12_MAC_DATA_new);
LCRYPTO_USED(PKCS12_MAC_DATA_free);
LCRYPTO_USED(d2i_PKCS12_MAC_DATA);
LCRYPTO_USED(i2d_PKCS12_MAC_DATA);
LCRYPTO_USED(PKCS12_SAFEBAG_new);
LCRYPTO_USED(PKCS12_SAFEBAG_free);
LCRYPTO_USED(d2i_PKCS12_SAFEBAG);
LCRYPTO_USED(i2d_PKCS12_SAFEBAG);
LCRYPTO_USED(PKCS12_BAGS_new);
LCRYPTO_USED(PKCS12_BAGS_free);
LCRYPTO_USED(d2i_PKCS12_BAGS);
LCRYPTO_USED(i2d_PKCS12_BAGS);
LCRYPTO_USED(PKCS12_PBE_add);
LCRYPTO_USED(PKCS12_parse);
LCRYPTO_USED(PKCS12_create);
LCRYPTO_USED(PKCS12_add_cert);
LCRYPTO_USED(PKCS12_add_key);
LCRYPTO_USED(PKCS12_add_safe);
LCRYPTO_USED(PKCS12_add_safes);
LCRYPTO_USED(i2d_PKCS12_bio);
LCRYPTO_USED(i2d_PKCS12_fp);
LCRYPTO_USED(d2i_PKCS12_bio);

3
lib/libcrypto/hidden/openssl/stack.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: stack.h,v 1.2 2023/07/05 21:14:54 bcook Exp $ */
/* $OpenBSD: stack.h,v 1.3 2024/03/02 11:20:36 tb Exp $ */
/*
* Copyright (c) 2022 Bob Beck <beck@openbsd.org>
*
@ -36,7 +36,6 @@ LCRYPTO_USED(sk_insert);
LCRYPTO_USED(sk_delete);
LCRYPTO_USED(sk_delete_ptr);
LCRYPTO_USED(sk_find);
LCRYPTO_USED(sk_find_ex);
LCRYPTO_USED(sk_push);
LCRYPTO_USED(sk_unshift);
LCRYPTO_USED(sk_shift);

12
lib/libcrypto/hidden/openssl/x509.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: x509.h,v 1.3 2023/07/05 21:14:54 bcook Exp $ */
/* $OpenBSD: x509.h,v 1.4 2024/03/02 10:48:17 tb Exp $ */
/*
* Copyright (c) 2022 Bob Beck <beck@openbsd.org>
*
@ -104,8 +104,6 @@ LCRYPTO_USED(X509_get_default_private_dir);
LCRYPTO_USED(X509_to_X509_REQ);
LCRYPTO_USED(X509_REQ_to_X509);
LCRYPTO_USED(X509_get_pubkey_parameters);
LCRYPTO_USED(X509_TRUST_set_default);
LCRYPTO_USED(X509_TRUST_set);
LCRYPTO_USED(X509_NAME_oneline);
LCRYPTO_USED(X509_get0_extensions);
LCRYPTO_USED(X509_get0_tbs_sigalg);
@ -268,14 +266,6 @@ LCRYPTO_USED(X509_verify_cert);
LCRYPTO_USED(X509_find_by_issuer_and_serial);
LCRYPTO_USED(X509_find_by_subject);
LCRYPTO_USED(X509_check_trust);
LCRYPTO_USED(X509_TRUST_get_count);
LCRYPTO_USED(X509_TRUST_get0);
LCRYPTO_USED(X509_TRUST_get_by_id);
LCRYPTO_USED(X509_TRUST_add);
LCRYPTO_USED(X509_TRUST_cleanup);
LCRYPTO_USED(X509_TRUST_get_flags);
LCRYPTO_USED(X509_TRUST_get0_name);
LCRYPTO_USED(X509_TRUST_get_trust);
LCRYPTO_USED(X509_up_ref);
LCRYPTO_USED(X509_chain_up_ref);
LCRYPTO_USED(ERR_load_X509_strings);

10
lib/libcrypto/hidden/openssl/x509_vfy.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: x509_vfy.h,v 1.7 2024/02/23 10:39:07 tb Exp $ */
/* $OpenBSD: x509_vfy.h,v 1.9 2024/03/02 10:57:03 tb Exp $ */
/*
* Copyright (c) 2022 Bob Beck <beck@openbsd.org>
*
@ -79,14 +79,7 @@ LCRYPTO_USED(X509_LOOKUP_ctrl);
LCRYPTO_USED(X509_load_cert_file);
LCRYPTO_USED(X509_load_crl_file);
LCRYPTO_USED(X509_load_cert_crl_file);
LCRYPTO_USED(X509_LOOKUP_new);
LCRYPTO_USED(X509_LOOKUP_free);
LCRYPTO_USED(X509_LOOKUP_init);
LCRYPTO_USED(X509_LOOKUP_by_subject);
LCRYPTO_USED(X509_LOOKUP_by_issuer_serial);
LCRYPTO_USED(X509_LOOKUP_by_fingerprint);
LCRYPTO_USED(X509_LOOKUP_by_alias);
LCRYPTO_USED(X509_LOOKUP_shutdown);
LCRYPTO_USED(X509_STORE_load_locations);
LCRYPTO_USED(X509_STORE_load_mem);
LCRYPTO_USED(X509_STORE_set_default_paths);
@ -109,7 +102,6 @@ LCRYPTO_USED(X509_STORE_CTX_set_chain);
LCRYPTO_USED(X509_STORE_CTX_set0_crls);
LCRYPTO_USED(X509_STORE_CTX_set_purpose);
LCRYPTO_USED(X509_STORE_CTX_set_trust);
LCRYPTO_USED(X509_STORE_CTX_purpose_inherit);
LCRYPTO_USED(X509_STORE_CTX_set_flags);
LCRYPTO_USED(X509_STORE_CTX_set_time);
LCRYPTO_USED(X509_STORE_CTX_set0_verified_chain);

11
lib/libcrypto/hidden/openssl/x509v3.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: x509v3.h,v 1.5 2023/07/05 21:14:54 bcook Exp $ */
/* $OpenBSD: x509v3.h,v 1.7 2024/03/02 10:40:05 tb Exp $ */
/*
* Copyright (c) 2022 Bob Beck <beck@openbsd.org>
*
@ -160,10 +160,6 @@ LCRYPTO_USED(i2s_ASN1_INTEGER);
LCRYPTO_USED(s2i_ASN1_INTEGER);
LCRYPTO_USED(i2s_ASN1_ENUMERATED);
LCRYPTO_USED(i2s_ASN1_ENUMERATED_TABLE);
LCRYPTO_USED(X509V3_EXT_add);
LCRYPTO_USED(X509V3_EXT_add_list);
LCRYPTO_USED(X509V3_EXT_add_alias);
LCRYPTO_USED(X509V3_EXT_cleanup);
LCRYPTO_USED(X509V3_EXT_get);
LCRYPTO_USED(X509V3_EXT_get_nid);
LCRYPTO_USED(X509V3_add_standard_extensions);
@ -181,18 +177,13 @@ LCRYPTO_USED(X509V3_extensions_print);
LCRYPTO_USED(X509_check_ca);
LCRYPTO_USED(X509_check_purpose);
LCRYPTO_USED(X509_supported_extension);
LCRYPTO_USED(X509_PURPOSE_set);
LCRYPTO_USED(X509_check_issued);
LCRYPTO_USED(X509_check_akid);
LCRYPTO_USED(X509_PURPOSE_get_count);
LCRYPTO_USED(X509_PURPOSE_get0);
LCRYPTO_USED(X509_PURPOSE_get_by_sname);
LCRYPTO_USED(X509_PURPOSE_get_by_id);
LCRYPTO_USED(X509_PURPOSE_add);
LCRYPTO_USED(X509_PURPOSE_get0_name);
LCRYPTO_USED(X509_PURPOSE_get0_sname);
LCRYPTO_USED(X509_PURPOSE_get_trust);
LCRYPTO_USED(X509_PURPOSE_cleanup);
LCRYPTO_USED(X509_PURPOSE_get_id);
LCRYPTO_USED(X509_get_extension_flags);
LCRYPTO_USED(X509_get_key_usage);

263
lib/libcrypto/lhash/lh_stats.c
View file

@ -1,263 +0,0 @@
/* $OpenBSD: lh_stats.c,v 1.13 2023/07/07 13:40:44 beck Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_BIO
#include <openssl/bio.h>
#endif
#include <openssl/lhash.h>
#ifdef OPENSSL_NO_BIO
void
lh_stats(LHASH *lh, FILE *out)
{
fprintf(out, "num_items = %lu\n", lh->num_items);
fprintf(out, "num_nodes = %u\n", lh->num_nodes);
fprintf(out, "num_alloc_nodes = %u\n", lh->num_alloc_nodes);
fprintf(out, "num_expands = %lu\n", lh->num_expands);
fprintf(out, "num_expand_reallocs = %lu\n", lh->num_expand_reallocs);
fprintf(out, "num_contracts = %lu\n", lh->num_contracts);
fprintf(out, "num_contract_reallocs = %lu\n",
lh->num_contract_reallocs);
fprintf(out, "num_hash_calls = %lu\n", lh->num_hash_calls);
fprintf(out, "num_comp_calls = %lu\n", lh->num_comp_calls);
fprintf(out, "num_insert = %lu\n", lh->num_insert);
fprintf(out, "num_replace = %lu\n", lh->num_replace);
fprintf(out, "num_delete = %lu\n", lh->num_delete);
fprintf(out, "num_no_delete = %lu\n", lh->num_no_delete);
fprintf(out, "num_retrieve = %lu\n", lh->num_retrieve);
fprintf(out, "num_retrieve_miss = %lu\n", lh->num_retrieve_miss);
fprintf(out, "num_hash_comps = %lu\n", lh->num_hash_comps);
#if 0
fprintf(out, "p = %u\n", lh->p);
fprintf(out, "pmax = %u\n", lh->pmax);
fprintf(out, "up_load = %lu\n", lh->up_load);
fprintf(out, "down_load = %lu\n", lh->down_load);
#endif
}
LCRYPTO_ALIAS(lh_stats);
void
lh_node_stats(LHASH *lh, FILE *out)
{
LHASH_NODE *n;
unsigned int i, num;
for (i = 0; i < lh->num_nodes; i++) {
for (n = lh->b[i], num = 0; n != NULL; n = n->next)
num++;
fprintf(out, "node %6u -> %3u\n", i, num);
}
}
LCRYPTO_ALIAS(lh_node_stats);
void
lh_node_usage_stats(LHASH *lh, FILE *out)
{
LHASH_NODE *n;
unsigned long num;
unsigned int i;
unsigned long total = 0, n_used = 0;
for (i = 0; i < lh->num_nodes; i++) {
for (n = lh->b[i], num = 0; n != NULL; n = n->next)
num++;
if (num != 0) {
n_used++;
total += num;
}
}
fprintf(out, "%lu nodes used out of %u\n", n_used, lh->num_nodes);
fprintf(out, "%lu items\n", total);
if (n_used == 0)
return;
fprintf(out, "load %d.%02d actual load %d.%02d\n",
(int)(total / lh->num_nodes),
(int)((total % lh->num_nodes) * 100 / lh->num_nodes),
(int)(total / n_used),
(int)((total % n_used) * 100 / n_used));
}
LCRYPTO_ALIAS(lh_node_usage_stats);
#else
void
lh_stats(const _LHASH *lh, FILE *fp)
{
BIO *bp;
bp = BIO_new(BIO_s_file());
if (bp == NULL)
goto end;
BIO_set_fp(bp, fp, BIO_NOCLOSE);
lh_stats_bio(lh, bp);
BIO_free(bp);
end:;
}
LCRYPTO_ALIAS(lh_stats);
void
lh_node_stats(const _LHASH *lh, FILE *fp)
{
BIO *bp;
bp = BIO_new(BIO_s_file());
if (bp == NULL)
goto end;
BIO_set_fp(bp, fp, BIO_NOCLOSE);
lh_node_stats_bio(lh, bp);
BIO_free(bp);
end:;
}
LCRYPTO_ALIAS(lh_node_stats);
void
lh_node_usage_stats(const _LHASH *lh, FILE *fp)
{
BIO *bp;
bp = BIO_new(BIO_s_file());
if (bp == NULL)
goto end;
BIO_set_fp(bp, fp, BIO_NOCLOSE);
lh_node_usage_stats_bio(lh, bp);
BIO_free(bp);
end:;
}
LCRYPTO_ALIAS(lh_node_usage_stats);
void
lh_stats_bio(const _LHASH *lh, BIO *out)
{
BIO_printf(out, "num_items = %lu\n", lh->num_items);
BIO_printf(out, "num_nodes = %u\n", lh->num_nodes);
BIO_printf(out, "num_alloc_nodes = %u\n", lh->num_alloc_nodes);
BIO_printf(out, "num_expands = %lu\n", lh->num_expands);
BIO_printf(out, "num_expand_reallocs = %lu\n",
lh->num_expand_reallocs);
BIO_printf(out, "num_contracts = %lu\n", lh->num_contracts);
BIO_printf(out, "num_contract_reallocs = %lu\n",
lh->num_contract_reallocs);
BIO_printf(out, "num_hash_calls = %lu\n", lh->num_hash_calls);
BIO_printf(out, "num_comp_calls = %lu\n", lh->num_comp_calls);
BIO_printf(out, "num_insert = %lu\n", lh->num_insert);
BIO_printf(out, "num_replace = %lu\n", lh->num_replace);
BIO_printf(out, "num_delete = %lu\n", lh->num_delete);
BIO_printf(out, "num_no_delete = %lu\n", lh->num_no_delete);
BIO_printf(out, "num_retrieve = %lu\n", lh->num_retrieve);
BIO_printf(out, "num_retrieve_miss = %lu\n", lh->num_retrieve_miss);
BIO_printf(out, "num_hash_comps = %lu\n", lh->num_hash_comps);
#if 0
BIO_printf(out, "p = %u\n", lh->p);
BIO_printf(out, "pmax = %u\n", lh->pmax);
BIO_printf(out, "up_load = %lu\n", lh->up_load);
BIO_printf(out, "down_load = %lu\n", lh->down_load);
#endif
}
LCRYPTO_ALIAS(lh_stats_bio);
void
lh_node_stats_bio(const _LHASH *lh, BIO *out)
{
LHASH_NODE *n;
unsigned int i, num;
for (i = 0; i < lh->num_nodes; i++) {
for (n = lh->b[i], num = 0; n != NULL; n = n->next)
num++;
BIO_printf(out, "node %6u -> %3u\n", i, num);
}
}
LCRYPTO_ALIAS(lh_node_stats_bio);
void
lh_node_usage_stats_bio(const _LHASH *lh, BIO *out)
{
LHASH_NODE *n;
unsigned long num;
unsigned int i;
unsigned long total = 0, n_used = 0;
for (i = 0; i < lh->num_nodes; i++) {
for (n = lh->b[i], num = 0; n != NULL; n = n->next)
num++;
if (num != 0) {
n_used++;
total += num;
}
}
BIO_printf(out, "%lu nodes used out of %u\n", n_used, lh->num_nodes);
BIO_printf(out, "%lu items\n", total);
if (n_used == 0)
return;
BIO_printf(out, "load %d.%02d actual load %d.%02d\n",
(int)(total / lh->num_nodes),
(int)((total % lh->num_nodes) * 100 / lh->num_nodes),
(int)(total / n_used),
(int)((total % n_used) * 100 / n_used));
}
LCRYPTO_ALIAS(lh_node_usage_stats_bio);
#endif

11
lib/libcrypto/lhash/lhash.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: lhash.c,v 1.21 2024/01/24 14:02:52 jsing Exp $ */
/* $OpenBSD: lhash.c,v 1.22 2024/03/02 11:11:11 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -103,6 +103,8 @@
#include <openssl/crypto.h>
#include <openssl/lhash.h>
#include "lhash_local.h"
#undef MIN_NODES
#define MIN_NODES 16
#define UP_LOAD (2*LH_LOAD_MULT) /* load times 256 (default 2) */
@ -157,6 +159,13 @@ lh_free(_LHASH *lh)
}
LCRYPTO_ALIAS(lh_free);
int
lh_error(_LHASH *lh)
{
return lh->error;
}
LCRYPTO_ALIAS(lh_error);
void *
lh_insert(_LHASH *lh, void *data)
{

64
lib/libcrypto/lhash/lhash.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: lhash.h,v 1.12 2014/06/12 15:49:29 deraadt Exp $ */
/* $OpenBSD: lhash.h,v 1.14 2024/03/02 11:11:11 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -75,14 +75,6 @@
extern "C" {
#endif
typedef struct lhash_node_st {
void *data;
struct lhash_node_st *next;
#ifndef OPENSSL_NO_HASH_COMP
unsigned long hash;
#endif
} LHASH_NODE;
typedef int (*LHASH_COMP_FN_TYPE)(const void *, const void *);
typedef unsigned long (*LHASH_HASH_FN_TYPE)(const void *);
typedef void (*LHASH_DOALL_FN_TYPE)(void *);
@ -133,44 +125,13 @@ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(void *, void *);
name##_doall_arg(a, b); }
#define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG
typedef struct lhash_st {
LHASH_NODE **b;
LHASH_COMP_FN_TYPE comp;
LHASH_HASH_FN_TYPE hash;
unsigned int num_nodes;
unsigned int num_alloc_nodes;
unsigned int p;
unsigned int pmax;
unsigned long up_load; /* load times 256 */
unsigned long down_load; /* load times 256 */
unsigned long num_items;
unsigned long num_expands;
unsigned long num_expand_reallocs;
unsigned long num_contracts;
unsigned long num_contract_reallocs;
unsigned long num_hash_calls;
unsigned long num_comp_calls;
unsigned long num_insert;
unsigned long num_replace;
unsigned long num_delete;
unsigned long num_no_delete;
unsigned long num_retrieve;
unsigned long num_retrieve_miss;
unsigned long num_hash_comps;
int error;
} _LHASH; /* Do not use _LHASH directly, use LHASH_OF
* and friends */
typedef struct lhash_st _LHASH;
#define LH_LOAD_MULT 256
/* Indicates a malloc() error in the last call, this is only bad
* in lh_insert(). */
#define lh_error(lh) ((lh)->error)
_LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c);
void lh_free(_LHASH *lh);
int lh_error(_LHASH *lh);
void *lh_insert(_LHASH *lh, void *data);
void *lh_delete(_LHASH *lh, const void *data);
void *lh_retrieve(_LHASH *lh, const void *data);
@ -179,21 +140,11 @@ void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg);
unsigned long lh_strhash(const char *c);
unsigned long lh_num_items(const _LHASH *lh);
void lh_stats(const _LHASH *lh, FILE *out);
void lh_node_stats(const _LHASH *lh, FILE *out);
void lh_node_usage_stats(const _LHASH *lh, FILE *out);
#ifndef OPENSSL_NO_BIO
void lh_stats_bio(const _LHASH *lh, BIO *out);
void lh_node_stats_bio(const _LHASH *lh, BIO *out);
void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out);
#endif
/* Type checking... */
#define LHASH_OF(type) struct lhash_st_##type
#define DECLARE_LHASH_OF(type) LHASH_OF(type) { int dummy; }
#define DECLARE_LHASH_OF(type) LHASH_OF(type)
#define CHECKED_LHASH_OF(type,lh) \
((_LHASH *)CHECKED_PTR_OF(LHASH_OF(type),lh))
@ -216,13 +167,6 @@ void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out);
#define LHM_lh_doall_arg(type, lh, fn, arg_type, arg) \
lh_doall_arg(CHECKED_LHASH_OF(type, lh), fn, CHECKED_PTR_OF(arg_type, arg))
#define LHM_lh_num_items(type, lh) lh_num_items(CHECKED_LHASH_OF(type, lh))
#define LHM_lh_down_load(type, lh) (CHECKED_LHASH_OF(type, lh)->down_load)
#define LHM_lh_node_stats_bio(type, lh, out) \
lh_node_stats_bio(CHECKED_LHASH_OF(type, lh), out)
#define LHM_lh_node_usage_stats_bio(type, lh, out) \
lh_node_usage_stats_bio(CHECKED_LHASH_OF(type, lh), out)
#define LHM_lh_stats_bio(type, lh, out) \
lh_stats_bio(CHECKED_LHASH_OF(type, lh), out)
#define LHM_lh_free(type, lh) lh_free(CHECKED_LHASH_OF(type, lh))
DECLARE_LHASH_OF(OPENSSL_STRING);

105
lib/libcrypto/lhash/lhash_local.h Normal file
View file

@ -0,0 +1,105 @@
/* $OpenBSD: lhash_local.h,v 1.1 2024/03/02 11:11:11 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
/* Header for dynamic hash table routines
* Author - Eric Young
*/
#include <openssl/opensslconf.h>
#ifndef HEADER_LHASH_LOCAL_H
#define HEADER_LHASH_LOCAL_H
typedef struct lhash_node_st {
void *data;
struct lhash_node_st *next;
#ifndef OPENSSL_NO_HASH_COMP
unsigned long hash;
#endif
} LHASH_NODE;
struct lhash_st {
LHASH_NODE **b;
LHASH_COMP_FN_TYPE comp;
LHASH_HASH_FN_TYPE hash;
unsigned int num_nodes;
unsigned int num_alloc_nodes;
unsigned int p;
unsigned int pmax;
unsigned long up_load; /* load times 256 */
unsigned long down_load; /* load times 256 */
unsigned long num_items;
unsigned long num_expands;
unsigned long num_expand_reallocs;
unsigned long num_contracts;
unsigned long num_contract_reallocs;
unsigned long num_hash_calls;
unsigned long num_comp_calls;
unsigned long num_insert;
unsigned long num_replace;
unsigned long num_delete;
unsigned long num_no_delete;
unsigned long num_retrieve;
unsigned long num_retrieve_miss;
unsigned long num_hash_comps;
int error;
} /* _LHASH */;
#endif

156
lib/libcrypto/malloc-wrapper.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: malloc-wrapper.c,v 1.8 2023/07/08 08:28:23 beck Exp $ */
/* $OpenBSD: malloc-wrapper.c,v 1.10 2024/03/02 11:35:09 tb Exp $ */
/*
* Copyright (c) 2014 Bob Beck
*
@ -36,116 +36,9 @@ CRYPTO_set_mem_ex_functions(void *(*m)(size_t, const char *, int),
}
LCRYPTO_ALIAS(CRYPTO_set_mem_ex_functions);
int
CRYPTO_set_locked_mem_functions(void *(*m)(size_t), void (*f)(void *))
{
return 0;
}
LCRYPTO_ALIAS(CRYPTO_set_locked_mem_functions);
int
CRYPTO_set_locked_mem_ex_functions(void *(*m)(size_t, const char *, int),
void (*f)(void *))
{
return 0;
}
LCRYPTO_ALIAS(CRYPTO_set_locked_mem_ex_functions);
int
CRYPTO_set_mem_debug_functions(void (*m)(void *, int, const char *, int, int),
void (*r)(void *, void *, int, const char *, int, int),
void (*f)(void *, int), void (*so)(long), long (*go)(void))
{
return 0;
}
LCRYPTO_ALIAS(CRYPTO_set_mem_debug_functions);
void
CRYPTO_get_mem_functions(void *(**m)(size_t), void *(**r)(void *, size_t),
void (**f)(void *))
{
if (m != NULL)
*m = malloc;
if (r != NULL)
*r = realloc;
if (f != NULL)
*f = free;
}
LCRYPTO_ALIAS(CRYPTO_get_mem_functions);
void
CRYPTO_get_mem_ex_functions(void *(**m)(size_t, const char *, int),
void *(**r)(void *, size_t, const char *, int), void (**f)(void *))
{
if (m != NULL)
*m = NULL;
if (r != NULL)
*r = NULL;
if (f != NULL)
*f = free;
}
LCRYPTO_ALIAS(CRYPTO_get_mem_ex_functions);
void
CRYPTO_get_locked_mem_functions(void *(**m)(size_t), void (**f)(void *))
{
if (m != NULL)
*m = malloc;
if (f != NULL)
*f = free;
}
LCRYPTO_ALIAS(CRYPTO_get_locked_mem_functions);
void
CRYPTO_get_locked_mem_ex_functions(void *(**m)(size_t, const char *, int),
void (**f)(void *))
{
if (m != NULL)
*m = NULL;
if (f != NULL)
*f = free;
}
LCRYPTO_ALIAS(CRYPTO_get_locked_mem_ex_functions);
void
CRYPTO_get_mem_debug_functions(void (**m)(void *, int, const char *, int, int),
void (**r)(void *, void *, int, const char *, int, int),
void (**f)(void *, int), void (**so)(long), long (**go)(void))
{
if (m != NULL)
*m = NULL;
if (r != NULL)
*r = NULL;
if (f != NULL)
*f = NULL;
if (so != NULL)
*so = NULL;
if (go != NULL)
*go = NULL;
}
LCRYPTO_ALIAS(CRYPTO_get_mem_debug_functions);
void *
CRYPTO_malloc_locked(int num, const char *file, int line)
CRYPTO_malloc(size_t num, const char *file, int line)
{
if (num <= 0)
return NULL;
return malloc(num);
}
void
CRYPTO_free_locked(void *ptr)
{
free(ptr);
}
void *
CRYPTO_malloc(int num, const char *file, int line)
{
if (num <= 0)
return NULL;
return malloc(num);
}
@ -155,51 +48,8 @@ CRYPTO_strdup(const char *str, const char *file, int line)
return strdup(str);
}
void *
CRYPTO_realloc(void *ptr, int num, const char *file, int line)
{
if (num <= 0)
return NULL;
return realloc(ptr, num);
}
void *
CRYPTO_realloc_clean(void *ptr, int old_len, int num, const char *file,
int line)
{
if (num <= 0)
return NULL;
/* Original does not support shrinking. */
if (num < old_len)
return NULL;
return recallocarray(ptr, old_len, num, 1);
}
LCRYPTO_ALIAS(CRYPTO_realloc_clean);
void
CRYPTO_free(void *ptr)
CRYPTO_free(void *ptr, const char *file, int line)
{
free(ptr);
}
void *
CRYPTO_remalloc(void *a, int num, const char *file, int line)
{
free(a);
return malloc(num);
}
LCRYPTO_ALIAS(CRYPTO_remalloc);
void
CRYPTO_set_mem_debug_options(long bits)
{
return;
}
LCRYPTO_ALIAS(CRYPTO_set_mem_debug_options);
long
CRYPTO_get_mem_debug_options(void)
{
return 0;
}
LCRYPTO_ALIAS(CRYPTO_get_mem_debug_options);

59
lib/libcrypto/man/BIO_printf.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: BIO_printf.3,v 1.3 2018/03/22 17:11:04 schwarze Exp $
.\" $OpenBSD: BIO_printf.3,v 1.4 2024/03/02 09:18:28 tb Exp $
.\" OpenSSL 2ca2e917 Mon Mar 20 16:25:22 2017 -0400
.\"
.\" Copyright (c) 2017 Ingo Schwarze <schwarze@openbsd.org>
@ -15,14 +15,11 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: March 22 2018 $
.Dd $Mdocdate: March 2 2024 $
.Dt BIO_PRINTF 3
.Os
.Sh NAME
.Nm BIO_printf ,
.Nm BIO_vprintf ,
.Nm BIO_snprintf ,
.Nm BIO_vsnprintf
.Nm BIO_printf
.Nd formatted output to a BIO
.Sh SYNOPSIS
.In openssl/bio.h
@ -32,66 +29,18 @@
.Fa "const char *format"
.Fa ...
.Fc
.Ft int
.Fo BIO_vprintf
.Fa "BIO *bio"
.Fa "const char *format"
.Fa "va_list args"
.Fc
.Ft int
.Fo BIO_snprintf
.Fa "char *buf"
.Fa "size_t n"
.Fa "const char *format"
.Fa ...
.Fc
.Ft int
.Fo BIO_vsnprintf
.Fa "char *buf"
.Fa "size_t n"
.Fa "const char *format"
.Fa "va_list args"
.Fc
.Sh DESCRIPTION
.Fn BIO_vprintf
.Fn BIO_printf
is a wrapper around
.Xr vfprintf 3 ,
sending the output to the specified
.Fa bio .
.Pp
.Fn BIO_printf
is a wrapper around
.Fn BIO_vprintf .
.Pp
.Fn BIO_snprintf
and
.Fn BIO_vsnprintf
are wrappers around
.Xr vsnprintf 3 .
.Sh RETURN VALUES
These functions return the number of bytes written,
or -1 if an error occurs.
.Pp
In contrast to
.Xr snprintf 3
and
.Xr vsnprintf 3 ,
.Fn BIO_snprintf
and
.Fn BIO_vsnprintf
also return -1 if
.Fa n
is too small to hold the complete output.
.Sh SEE ALSO
.Xr BIO_new 3
.Sh HISTORY
.Fn BIO_printf
first appeared in SSLeay 0.6.5 and has been available since
.Ox 2.4 .
.Pp
.Fn BIO_vprintf ,
.Fn BIO_snprintf ,
and
.Fn BIO_vsnprintf
first appeared in OpenSSL 0.9.6 and have been available since
.Ox 2.9 .

26
lib/libcrypto/man/CMAC_Init.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: CMAC_Init.3,v 1.5 2023/12/25 15:52:18 schwarze Exp $
.\" $OpenBSD: CMAC_Init.3,v 1.6 2024/03/02 09:30:21 tb Exp $
.\"
.\" Copyright (c) 2020 Ingo Schwarze <schwarze@openbsd.org>
.\"
@ -14,7 +14,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: December 25 2023 $
.Dd $Mdocdate: March 2 2024 $
.Dt CMAC_INIT 3
.Os
.Sh NAME
@ -22,7 +22,6 @@
.Nm CMAC_Init ,
.Nm CMAC_Update ,
.Nm CMAC_Final ,
.Nm CMAC_resume ,
.Nm CMAC_CTX_copy ,
.Nm CMAC_CTX_get0_cipher_ctx ,
.Nm CMAC_CTX_cleanup ,
@ -52,13 +51,6 @@
.Fa "unsigned char *out_mac"
.Fa "size_t *out_len"
.Fc
.Ft int
.Fn CMAC_resume "CMAC_CTX *ctx"
.Ft int
.Fo CMAC_CTX_copy
.Fa "CMAC_CTX *out_ctx"
.Fa "CMAC_CTX *in_ctx"
.Fc
.Ft EVP_CIPHER_CTX *
.Fn CMAC_CTX_get0_cipher_ctx "CMAC_CTX *ctx"
.Ft void
@ -183,19 +175,6 @@ resulting message authentication code to
.Fa out_mac .
The caller is responsible for providing a buffer of sufficient size.
.Pp
Calling
.Fn CMAC_resume
after
.Fn CMAC_Final
allows the user to subsequently append additional data with
.Fn CMAC_Update .
Otherwise, unless
.Fn CMAC_Init
is called to start from scratch,
.Fn CMAC_Update
can no longer be used after
.Fn CMAC_Final .
.Pp
.Fn CMAC_CTX_copy
performs a deep copy of the already initialized
.Fa in_ctx
@ -235,7 +214,6 @@ It succeeds unless memory is exhausted.
.Fn CMAC_Init ,
.Fn CMAC_Update ,
.Fn CMAC_Final ,
.Fn CMAC_resume ,
and
.Fn CMAC_CTX_copy
return 1 on success or 0 on failure.

3
lib/libcrypto/man/Makefile
View file

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.281 2024/01/22 13:44:59 job Exp $
# $OpenBSD: Makefile,v 1.282 2024/03/02 11:04:51 tb Exp $
.include <bsd.own.mk>
@ -432,7 +432,6 @@ MAN= \
i2d_CMS_bio_stream.3 \
i2d_PKCS7_bio_stream.3 \
lh_new.3 \
lh_stats.3 \
openssl.cnf.5 \
s2i_ASN1_INTEGER.3 \
x509v3.cnf.5

5
lib/libcrypto/man/lh_new.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: lh_new.3,v 1.10 2024/01/24 14:02:52 jsing Exp $
.\" $OpenBSD: lh_new.3,v 1.11 2024/03/02 11:04:51 tb Exp $
.\" full merge up to:
.\" OpenSSL doc/crypto/lhash.pod 1bc74519 May 20 08:11:46 2016 -0400
.\" selective merge up to:
@ -118,7 +118,7 @@
.\" copied and put under another distribution licence
.\" [including the GNU Public Licence.]
.\"
.Dd $Mdocdate: January 24 2024 $
.Dd $Mdocdate: March 2 2024 $
.Dt LH_NEW 3
.Os
.Sh NAME
@ -520,7 +520,6 @@ rather it would be used in the function passed to
.Fn lh_<type>_new .
.Sh SEE ALSO
.Xr crypto 3 ,
.Xr lh_stats 3
.Sh HISTORY
.Fn lh_new ,
.Fn lh_free ,

Some files were not shown because too many files have changed in this diff Show more