From 9385cb180789855cbce47d20173d90999724e428 Mon Sep 17 00:00:00 2001 From: Kenny Root Date: Wed, 4 Mar 2015 12:52:47 -0800 Subject: MinGW on Linux uses lowercase include files, part 2 On Windows this doesn't matter since the filesystems are case- insensitive, but building BoringSSL on Linux with MinGW has case-sensitive filesystems. Change-Id: I1a145ee8dbb74a9f82e23ac40e7b9d23e03ccffc --- src/crypto/rand/windows.c | 2 +- src/crypto/thread_test.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'src/crypto') diff --git a/src/crypto/rand/windows.c b/src/crypto/rand/windows.c index 7bfcb1d..1a0cb8b 100644 --- a/src/crypto/rand/windows.c +++ b/src/crypto/rand/windows.c @@ -27,7 +27,7 @@ * "Community Additions" comment on MSDN here: * http://msdn.microsoft.com/en-us/library/windows/desktop/aa387694.aspx */ #define SystemFunction036 NTAPI SystemFunction036 -#include +#include #undef SystemFunction036 #pragma warning(pop) diff --git a/src/crypto/thread_test.c b/src/crypto/thread_test.c index cecda88..e028b1b 100644 --- a/src/crypto/thread_test.c +++ b/src/crypto/thread_test.c @@ -22,7 +22,7 @@ #if defined(OPENSSL_WINDOWS) #pragma warning(push, 3) -#include +#include #pragma warning(pop) typedef HANDLE thread_t; -- cgit v1.1 From 9eb412c41ab99313c5909fba90801c3bff404a10 Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Wed, 13 May 2015 14:46:08 -0700 Subject: external/boringssl: update #define guards for x86_64-gcc.c. OS X builds with NO_ASM and was getting both generic.c and x86_64-gcc.c. This change updates the latter so that it's excluded in NO_ASM builds. This is a reland of 53b609c9, which got lost in the last BoringSSL sync because I forgot to send it upstream. Change-Id: I82462e5cd1d24fa96176c89d77cafc1f7ed0a0fd --- src/crypto/bn/asm/x86_64-gcc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/crypto') diff --git a/src/crypto/bn/asm/x86_64-gcc.c b/src/crypto/bn/asm/x86_64-gcc.c index ac63934..0496b95 100644 --- a/src/crypto/bn/asm/x86_64-gcc.c +++ b/src/crypto/bn/asm/x86_64-gcc.c @@ -1,6 +1,6 @@ #include -#if defined(OPENSSL_X86_64) && !defined(OPENSSL_WINDOWS) +#if !defined(OPENSSL_NO_ASM) && defined(OPENSSL_X86_64) && !defined(OPENSSL_WINDOWS) #include "../internal.h" @@ -596,4 +596,4 @@ void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a) { r[7] = c2; } -#endif /* defined(OPENSSL_X86_64) && !defined(OPENSSL_WINDOWS) */ +#endif /* !NO_ASM && X86_64 && !WINDOWS */ -- cgit v1.1 From f5cea4e0c1c842a9de02ce39cd6ff7ae66363b21 Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Mon, 18 May 2015 17:27:14 -0700 Subject: Add |BIO_read_asn1| to read a single ASN.1 object. Android needs to be able to read a PKCS#7 blob from a Java InputStream. This change adds |BIO_read_asn1| which reads a single ASN.1 object from the start of a BIO without overreading. (Taken from upstream's https://boringssl-review.googlesource.com/4800) Change-Id: Id88f34bedfdff4963c72bcd5c84f2915785d1fcd --- src/crypto/bio/bio.c | 140 +++++++++++++++++++++++++++++++++++++++++++++ src/crypto/bio/bio_test.cc | 81 +++++++++++++++++++++++++- 2 files changed, 220 insertions(+), 1 deletion(-) (limited to 'src/crypto') diff --git a/src/crypto/bio/bio.c b/src/crypto/bio/bio.c index 48c1466..694a11c 100644 --- a/src/crypto/bio/bio.c +++ b/src/crypto/bio/bio.c @@ -56,6 +56,7 @@ #include +#include #include #include #include @@ -459,3 +460,142 @@ static int print_bio(const char *str, size_t len, void *bio) { void BIO_print_errors(BIO *bio) { ERR_print_errors_cb(print_bio, bio); } + +/* bio_read_all reads everything from |bio| and prepends |prefix| to it. On + * success, |*out| is set to an allocated buffer (which should be freed with + * |OPENSSL_free|), |*out_len| is set to its length and one is returned. The + * buffer will contain |prefix| followed by the contents of |bio|. On failure, + * zero is returned. + * + * The function will fail if the size of the output would equal or exceed + * |max_len|. */ +static int bio_read_all(BIO *bio, uint8_t **out, size_t *out_len, + const uint8_t *prefix, size_t prefix_len, + size_t max_len) { + static const size_t kChunkSize = 4096; + + size_t len = prefix_len + kChunkSize; + if (len > max_len) { + len = max_len; + } + if (len < prefix_len) { + return 0; + } + *out = OPENSSL_malloc(len); + if (*out == NULL) { + return 0; + } + memcpy(*out, prefix, prefix_len); + size_t done = prefix_len; + + for (;;) { + if (done == len) { + OPENSSL_free(*out); + return 0; + } + const size_t todo = len - done; + assert(todo < INT_MAX); + const int n = BIO_read(bio, *out + done, todo); + if (n == 0) { + *out_len = done; + return 1; + } else if (n == -1) { + OPENSSL_free(*out); + return 0; + } + + done += n; + if (len < max_len && len - done < kChunkSize / 2) { + len += kChunkSize; + if (len > max_len) { + len = max_len; + } + uint8_t *new_buf = OPENSSL_realloc(*out, len); + if (new_buf == NULL) { + OPENSSL_free(*out); + return 0; + } + *out = new_buf; + } + } +} + +int BIO_read_asn1(BIO *bio, uint8_t **out, size_t *out_len, size_t max_len) { + uint8_t header[6]; + + static const size_t kInitialHeaderLen = 2; + if (BIO_read(bio, header, kInitialHeaderLen) != kInitialHeaderLen) { + return 0; + } + + const uint8_t tag = header[0]; + const uint8_t length_byte = header[1]; + + if ((tag & 0x1f) == 0x1f) { + /* Long form tags are not supported. */ + return 0; + } + + size_t len, header_len; + if ((length_byte & 0x80) == 0) { + /* Short form length. */ + len = length_byte; + header_len = kInitialHeaderLen; + } else { + const size_t num_bytes = length_byte & 0x7f; + + if ((tag & 0x20 /* constructed */) != 0 && num_bytes == 0) { + /* indefinite length. */ + return bio_read_all(bio, out, out_len, header, kInitialHeaderLen, + max_len); + } + + if (num_bytes == 0 || num_bytes > 4) { + return 0; + } + + if (BIO_read(bio, header + kInitialHeaderLen, num_bytes) != num_bytes) { + return 0; + } + header_len = kInitialHeaderLen + num_bytes; + + uint32_t len32 = 0; + unsigned i; + for (i = 0; i < num_bytes; i++) { + len32 <<= 8; + len32 |= header[kInitialHeaderLen + i]; + } + + if (len32 < 128) { + /* Length should have used short-form encoding. */ + return 0; + } + + if ((len32 >> ((num_bytes-1)*8)) == 0) { + /* Length should have been at least one byte shorter. */ + return 0; + } + + len = len32; + } + + if (len + header_len < len || + len + header_len > max_len) { + return 0; + } + len += header_len; + *out_len = len; + + *out = OPENSSL_malloc(len); + if (*out == NULL) { + return 0; + } + memcpy(*out, header, header_len); + if (BIO_read(bio, (*out) + header_len, len - header_len) != + len - header_len) { + OPENSSL_free(*out); + return 0; + } + + return 1; +} diff --git a/src/crypto/bio/bio_test.cc b/src/crypto/bio/bio_test.cc index 4c88df5..e0193f8 100644 --- a/src/crypto/bio/bio_test.cc +++ b/src/crypto/bio/bio_test.cc @@ -329,6 +329,84 @@ static bool TestPrintf() { return true; } +static bool ReadASN1(bool should_succeed, const uint8_t *data, size_t data_len, + size_t expected_len, size_t max_len) { + ScopedBIO bio(BIO_new_mem_buf(const_cast(data), data_len)); + + uint8_t *out; + size_t out_len; + int ok = BIO_read_asn1(bio.get(), &out, &out_len, max_len); + if (!ok) { + out = nullptr; + } + ScopedOpenSSLBytes out_storage(out); + + if (should_succeed != (ok == 1)) { + return false; + } + + if (should_succeed && + (out_len != expected_len || memcmp(data, out, expected_len) != 0)) { + return false; + } + + return true; +} + +static bool TestASN1() { + static const uint8_t kData1[] = {0x30, 2, 1, 2, 0, 0}; + static const uint8_t kData2[] = {0x30, 3, 1, 2}; /* truncated */ + static const uint8_t kData3[] = {0x30, 0x81, 1, 1}; /* should be short len */ + static const uint8_t kData4[] = {0x30, 0x82, 0, 1, 1}; /* zero padded. */ + + if (!ReadASN1(true, kData1, sizeof(kData1), 4, 100) || + !ReadASN1(false, kData2, sizeof(kData2), 0, 100) || + !ReadASN1(false, kData3, sizeof(kData3), 0, 100) || + !ReadASN1(false, kData4, sizeof(kData4), 0, 100)) { + return false; + } + + static const size_t kLargePayloadLen = 8000; + static const uint8_t kLargePrefix[] = {0x30, 0x82, kLargePayloadLen >> 8, + kLargePayloadLen & 0xff}; + ScopedOpenSSLBytes large(reinterpret_cast( + OPENSSL_malloc(sizeof(kLargePrefix) + kLargePayloadLen))); + memset(large.get() + sizeof(kLargePrefix), 0, kLargePayloadLen); + memcpy(large.get(), kLargePrefix, sizeof(kLargePrefix)); + + if (!ReadASN1(true, large.get(), sizeof(kLargePrefix) + kLargePayloadLen, + sizeof(kLargePrefix) + kLargePayloadLen, + kLargePayloadLen * 2)) { + fprintf(stderr, "Large payload test failed.\n"); + return false; + } + + if (!ReadASN1(false, large.get(), sizeof(kLargePrefix) + kLargePayloadLen, + sizeof(kLargePrefix) + kLargePayloadLen, + kLargePayloadLen - 1)) { + fprintf(stderr, "max_len test failed.\n"); + return false; + } + + static const uint8_t kIndefPrefix[] = {0x30, 0x80}; + memcpy(large.get(), kIndefPrefix, sizeof(kIndefPrefix)); + if (!ReadASN1(true, large.get(), sizeof(kLargePrefix) + kLargePayloadLen, + sizeof(kLargePrefix) + kLargePayloadLen, + kLargePayloadLen*2)) { + fprintf(stderr, "indefinite length test failed.\n"); + return false; + } + + if (!ReadASN1(false, large.get(), sizeof(kLargePrefix) + kLargePayloadLen, + sizeof(kLargePrefix) + kLargePayloadLen, + kLargePayloadLen-1)) { + fprintf(stderr, "indefinite length, max_len test failed.\n"); + return false; + } + + return true; +} + int main(void) { CRYPTO_library_init(); ERR_load_crypto_strings(); @@ -350,7 +428,8 @@ int main(void) { if (!TestSocketConnect() || !TestPrintf() || - !TestZeroCopyBioPairs()) { + !TestZeroCopyBioPairs() || + !TestASN1()) { return 1; } -- cgit v1.1 From 3ca955adbf31e6991e12f19f7c082b780e424172 Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Thu, 14 May 2015 14:07:30 -0700 Subject: Copy ecdsa_meth in EC_KEY_copy. This change imports 785e07b23d965e1e984c2ee9f6a0dbe06d3d658e from upstream into Android. Change-Id: I5fb67b5c39d62d6f2a2dd6980cc97569a7686eac --- src/crypto/ec/ec_key.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'src/crypto') diff --git a/src/crypto/ec/ec_key.c b/src/crypto/ec/ec_key.c index 3652ba5..348ec46 100644 --- a/src/crypto/ec/ec_key.c +++ b/src/crypto/ec/ec_key.c @@ -201,6 +201,11 @@ EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src) { } } /* copy method/extra data */ + if (src->ecdsa_meth) { + METHOD_unref(dest->ecdsa_meth); + dest->ecdsa_meth = src->ecdsa_meth; + METHOD_ref(dest->ecdsa_meth); + } CRYPTO_free_ex_data(&g_ex_data_class, dest, &dest->ex_data); if (!CRYPTO_dup_ex_data(&g_ex_data_class, &dest->ex_data, &src->ex_data)) { -- cgit v1.1 From 190eb169ed96e72590cae9e6c3258e88c8efc7c0 Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Tue, 19 May 2015 13:34:29 -0700 Subject: external/boringssl: fix use after free in X509. This change imports upstream's beeb0fa7 and fixes a UAF in X509 if certain, 1.0.2-only, APIs are used. Change-Id: If8268c17828f7202ce57421629da1a53a9e4dcc5 --- src/crypto/x509v3/v3_utl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/crypto') diff --git a/src/crypto/x509v3/v3_utl.c b/src/crypto/x509v3/v3_utl.c index 27a91ff..d79f0de 100644 --- a/src/crypto/x509v3/v3_utl.c +++ b/src/crypto/x509v3/v3_utl.c @@ -879,9 +879,9 @@ static int do_check_string(ASN1_STRING *a, int cmp_type, equal_fn equal, if (astrlen < 0) return -1; rv = equal(astr, astrlen, (unsigned char *)b, blen, flags); - OPENSSL_free(astr); if (rv > 0 && peername) *peername = BUF_strndup((char *)astr, astrlen); + OPENSSL_free(astr); } return rv; } -- cgit v1.1 From 12addf8c63e77091bece8ad715f30cfd957a5332 Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Tue, 19 May 2015 15:56:28 -0700 Subject: external/boringssl: fix |SSLeay|. SSLeay is a compatibility function for OpenSSL, but I got it wrong. It doesn't return a string, it returns a number. This doesn't end up making any difference, but it fixes a warning when building OpenSSH. Bug: 21304170 Change-Id: I3e4bb0240b18647cfe2a3ce5869948a4527ff0f0 --- src/crypto/crypto.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'src/crypto') diff --git a/src/crypto/crypto.c b/src/crypto/crypto.c index 64e55f4..d9bb07e 100644 --- a/src/crypto/crypto.c +++ b/src/crypto/crypto.c @@ -104,9 +104,9 @@ void CRYPTO_library_init(void) { } const char *SSLeay_version(int unused) { - return SSLeay(); + return "BoringSSL"; } -const char *SSLeay(void) { - return "BoringSSL"; +unsigned long SSLeay(void) { + return OPENSSL_VERSION_NUMBER; } -- cgit v1.1 From f4e427204234da139fd0585def4b4e22502e33f0 Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Thu, 4 Jun 2015 17:45:09 -0700 Subject: Bump revision of BoringSSL. This depends on https://android-review.googlesource.com/#/c/153481/ af0e32c Add SSL_get_tls_unique. 691992b Minor typo fix in comment. cc1e3df Make CBS_get_any_asn1_element accept only DER. 0976096 bytestring: Test out_header_len != NULL before writing. ba5934b Tighten up EMS resumption behaviour. b0eef0a runner: minor tidyups. 9f8ef2d Add |EVP_get_digestbyname|. b7326b0 Implement |PEM_def_callback| and call it where appropriate. e26e590 Avoid unused variable warnings with assert. efad697 Sync vs_toolschain.py up with Chromium. 39da317 Empty commit to kick the bots. 1550a84 Allow compilation for armv6 9a4996e Fix compilation of sha256-armv4.S when using -march=armv6 485a50a Match the ifdef check in bsaes-armv7.S e216288 Unexport and prune EVP_MD_CTX flags. af8731f Remove HMAC_CTX_set_flags. bf3208b Add additional HMAC tests. a1c90a5 Further tidy up cipher logic. 0fa4012 Add a test that DTLS does not support RC4. 9a980ab Fold TLS1_PRF_* into SSL_HANDSHAKE_MAC_* 29864b5 Remove SSL_CIPHER_ALGORITHM2_AEAD. 904dc72 Fold away SSL_PROTOCOL_METHOD hooks shared between TLS and DTLS. a602277 Split ssl_read_bytes hook into app_data and close_notify hooks. c933a47 Switch the ssl_write_bytes hook to ssl_write_app_data. 2c36792 EVP_Digest*Update, EVP_DigestFinal, and HMAC_Update can never fail. e2375e1 Low-level hash 'final' functions cannot fail. 049756b Fix integer types in low-level hash functions. 338e067 Reject sessions with the wrong structure version. f297e02 Reject unknown fields in d2i_SSL_SESSION. 8a228f5 Disable the malloc interceptor without glibc. bd15a8e Fix DTLS handling of multiple records in a packet. 15eaafb Fix bn_test's bc output and shut it up a little. efd8eb3 Tidy up overflows in obj_cmp. 05ead68 Readd CRYPTO_{LOCK|UNLOCK|READ|WRITE}. 71106ad Add |BIO_read_asn1| to read a single ASN.1 object. eb930b8 Fix signed/unsigned warning in bn_test.cc. b3a7b51 Fix off-by-one in BN_rand 074cc04 Reject negative shifts for BN_rshift and BN_lshift. 75fb74a aes/asm/bsaes-armv7.pl: fix compilation with Xcode 6.3. ff81e10 Add OPENSSL_PUT_ERROR line to X509V3_parse_list. 1590811 Fix typo in valid_star. e76ccae Release handshake buffer when sending no certificate. 5f04b65 Release the handshake buffer on the client for abbreviated handshakes. 5c1ce29 Decide whether or not to request client certificates early. 4b30b28 Remove server-side renego session resumption check. 5aea93e Deprecate and no-op SSL_VERIFY_CLIENT_ONCE. 34a1635 Remove fake RLE compression OID. 9c0918f Fix typo in objects.txt 91af02a Add some comments and tweak assertions for cbc.c. 74d8bc2 Don't make SSL_MODE_*HELLO_TIME configurable. 7b5aff4 Have consumers supply OPENSSL_C11_ATOMIC. ac63748 Revert "tool: we don't need -lrt." 444dce4 Do-nothing fns |OpenSSL_add_all_ciphers| and |OpenSSL_add_all_digests|. ece089c Deprecate and no-op SSL_set_state. be05c63 Remove compatibility s->version checks. 8ec8810 Remove SSL_in_before and SSL_ST_BEFORE. cd90f3a Remove renegotiation deferral logic. 44d3eed Forbid caller-initiated renegotiations and all renego as a servers. 3d59e04 Fix test used for not-in-place CBC mode. 5f387e3 Remove s->renegotiate check in SSL_clear. 20f6e97 Switch three more renegotiate checks to initial_handshake_complete. d23d5a5 Remove remnants of DTLS renegotiate. 9a41d1b Deprecate SSL_*_read_ahead and enforce DTLS packet boundaries. 76e48c5 Fix Windows mode. 3fa65f0 Fix some malloc test crashs. 0b635c5 Add malloc test support to unit tests. 3e3090d Pass a dtls1_use_epoch enum down to dtls1_seal_record. 31a0779 Factor SSL_AEAD_CTX into a dedicated type. 69d07d9 Get version-related functions from crypto.h rather than ssl.h. b487df6 Pull version, option, and mode APIs into their own sections. 7270cfc Prune version constants. 7ef9fff Remove ssl_ok. afc9ecd Unexport ssl_get_new_session and ssl_update_cache. 3b7456e Fix some documentation typos. b480428 Also skip #elif lines. 6deacb3 Parse macros in getNameFromDecl. 4831c33 Document some core SSL_CTX and SSL methods. 4dab297 Don't use struct names in ssl.h. 760b1dd Tidy up state machine coverage tests. 3629c7b Add client peer-initiated renego to the state machine tests. cff0b90 Add client-side tests for renegotiation_info enforcement. 6bff1ca Specify argc and argv arguments to refcount_test:main. 12a4768 Try to fix MSVC and __STDC_VERSION__ again. cb56c2a Cast refcounts to _Atomic before use. 0d1d0d5 Try again to only test __STDC_VERSION__ when defined. 7b348dc Disable C11 atomics on OS X. 04edcc8 Tag the mutex functions with OPENSSL_EXPORT. 6e1f645 Don't test __STDC_VERSION__ unless it's defined. 552df47 Remove leftovers of the old-style locks. 6fb174e Remove last references to named locks. 4bdb6e4 Remove remaining calls to the old lock functions. 03163f3 Remove |CRYPTO_add|. 0b5e390 Convert reference counts in ssl/ 0da323a Convert reference counts in crypto/ 6f2e733 Add infrastructure for reference counts. daaff93 Use C11 _Static_assert where available. dc8c739 Implement |DES_ede2_cbc_encrypt|. a7997f1 Set minimum DH group size to 1024 bits. 4a7b70d Add LICENSE file. b3a262c Fix |SSLeay|. f0320d3 Fix use after free in X509. 3dacff9 Always include x86_64-gcc.c in the standalone build. 9660032 Don't use x86_64-gcc.c with NO_ASM. 81091d5 Don't use uninitialized memory in RAND_bytes. d72e284 Support arbitrary elliptic curve groups. a07c0fc Fix SSL_get_current_cipher. 4b27d9f Never resume sessions on renegotiations. 785e07b Copy ecdsa_meth in EC_KEY_copy. 08dc68d Define no-op options consistently. e6df054 Add s->s3->initial_handshake_complete. 897e5e0 Default renegotiations to off. 4690bb5 Port cipher_test to file_test. 771a138 Add missing #include for abort() de12d6c Mind the end of the buffer in aligned case of generic RC4 implementation. 5694b3a Fix invalid assert in CRYPTO_ctr128_encrypt. 9b68e72 Define compatibility function |ERR_remove_state|. 2607383 Fix generate_build_files.py to account for crypto/test. af3d5bd Add no-op |RAND_load_file| function for compatibility. 58e95fc Remove a spurious semicolon after |DECLARE_LHASH_OF|. 3c65171 Add buffer.h for compatibility. c85373d Use EVP_AEAD_CTX in crypto/cipher/internal.h. Change-Id: Ife3698f4520572e1fca48732c6a1cbd4254ec85c --- src/crypto/CMakeLists.txt | 20 +- src/crypto/aes/asm/bsaes-armv7.pl | 4 +- src/crypto/asn1/tasn_fre.c | 2 +- src/crypto/asn1/tasn_new.c | 2 +- src/crypto/asn1/tasn_utl.c | 38 +- src/crypto/base64/CMakeLists.txt | 2 + src/crypto/bio/CMakeLists.txt | 2 + src/crypto/bio/bio.c | 9 +- src/crypto/bio/bio_test.cc | 3 + src/crypto/bio/printf.c | 6 +- src/crypto/bio/socket_helper.c | 2 +- src/crypto/bn/CMakeLists.txt | 4 +- src/crypto/bn/bn_test.cc | 509 +++--- src/crypto/bn/random.c | 2 +- src/crypto/bn/shift.c | 12 + src/crypto/bytestring/CMakeLists.txt | 2 + src/crypto/bytestring/ber.c | 14 +- src/crypto/bytestring/cbs.c | 29 +- src/crypto/bytestring/internal.h | 8 + src/crypto/cipher/CMakeLists.txt | 3 +- src/crypto/cipher/cipher.c | 13 +- src/crypto/cipher/cipher_test.c | 423 ----- src/crypto/cipher/cipher_test.cc | 262 +++ src/crypto/cipher/e_aes.c | 2 +- src/crypto/cipher/internal.h | 40 +- src/crypto/cipher/test/cipher_test.txt | 571 +++++- src/crypto/des/des.c | 8 + src/crypto/dh/CMakeLists.txt | 2 + src/crypto/dh/dh.c | 8 +- src/crypto/digest/CMakeLists.txt | 2 + src/crypto/digest/digest.c | 25 +- src/crypto/digest/digest_test.cc | 14 + src/crypto/digest/digests.c | 168 +- src/crypto/digest/internal.h | 20 +- src/crypto/digest/md32_common.h | 78 +- src/crypto/dsa/CMakeLists.txt | 2 + src/crypto/dsa/dsa.c | 4 +- src/crypto/dsa/dsa_impl.c | 10 +- src/crypto/dsa/dsa_test.c | 6 +- src/crypto/ec/CMakeLists.txt | 4 + src/crypto/ec/ec.c | 6 + src/crypto/ec/ec_key.c | 5 +- src/crypto/ec/ec_test.cc | 3 + src/crypto/ec/internal.h | 3 +- src/crypto/ec/p256-64.c | 1 - src/crypto/ec/wnaf.c | 7 +- src/crypto/ecdsa/CMakeLists.txt | 2 + src/crypto/err/CMakeLists.txt | 2 + src/crypto/err/bio.errordata | 1 + src/crypto/err/bn.errordata | 2 + src/crypto/err/err.c | 4 + src/crypto/err/ssl.errordata | 10 +- src/crypto/evp/CMakeLists.txt | 5 + src/crypto/evp/evp.c | 9 +- src/crypto/evp/p_hmac.c | 10 +- src/crypto/hkdf/CMakeLists.txt | 2 + src/crypto/hmac/CMakeLists.txt | 1 + src/crypto/hmac/hmac.c | 8 +- src/crypto/hmac/hmac_tests.txt | 21 + src/crypto/internal.h | 41 +- src/crypto/lhash/CMakeLists.txt | 2 + src/crypto/lhash/lhash_test.c | 3 + src/crypto/md4/md4.c | 2 +- src/crypto/md5/md5.c | 2 +- src/crypto/modes/CMakeLists.txt | 2 + src/crypto/modes/cbc.c | 18 +- src/crypto/modes/ctr.c | 3 +- src/crypto/modes/gcm_test.c | 3 + src/crypto/obj/obj.c | 14 +- src/crypto/obj/obj_dat.h | 3138 ++++++++++++++++---------------- src/crypto/obj/objects.txt | 6 +- src/crypto/pem/pem_lib.c | 23 +- src/crypto/pem/pem_pk8.c | 8 +- src/crypto/pem/pem_pkey.c | 4 +- src/crypto/pkcs8/CMakeLists.txt | 2 + src/crypto/rand/rand.c | 12 + src/crypto/rand/windows.c | 2 +- src/crypto/rc4/rc4.c | 62 - src/crypto/refcount_c11.c | 67 + src/crypto/refcount_lock.c | 53 + src/crypto/refcount_test.c | 59 + src/crypto/rsa/CMakeLists.txt | 2 + src/crypto/rsa/rsa.c | 4 +- src/crypto/sha/asm/sha256-armv4.pl | 2 +- src/crypto/sha/sha1.c | 6 +- src/crypto/sha/sha256.c | 12 +- src/crypto/sha/sha512.c | 14 +- src/crypto/test/CMakeLists.txt | 1 + src/crypto/test/file_test.cc | 1 + src/crypto/test/malloc.cc | 145 ++ src/crypto/test/scoped_types.h | 11 + src/crypto/thread.c | 64 +- src/crypto/thread_test.c | 2 +- src/crypto/x509/CMakeLists.txt | 2 + src/crypto/x509/by_dir.c | 23 +- src/crypto/x509/x509_lu.c | 65 +- src/crypto/x509/x509_vfy.c | 6 +- src/crypto/x509/x_crl.c | 26 +- src/crypto/x509/x_info.c | 16 - src/crypto/x509/x_pkey.c | 6 - src/crypto/x509/x_pubkey.c | 16 +- src/crypto/x509/x_req.c | 2 +- src/crypto/x509/x_x509.c | 4 +- src/crypto/x509v3/CMakeLists.txt | 4 + src/crypto/x509v3/pcy_cache.c | 27 +- src/crypto/x509v3/v3_purp.c | 27 +- src/crypto/x509v3/v3_utl.c | 5 +- 107 files changed, 3635 insertions(+), 2821 deletions(-) delete mode 100644 src/crypto/cipher/cipher_test.c create mode 100644 src/crypto/cipher/cipher_test.cc create mode 100644 src/crypto/refcount_c11.c create mode 100644 src/crypto/refcount_lock.c create mode 100644 src/crypto/refcount_test.c create mode 100644 src/crypto/test/malloc.cc (limited to 'src/crypto') diff --git a/src/crypto/CMakeLists.txt b/src/crypto/CMakeLists.txt index 6433dc6..6858cbb 100644 --- a/src/crypto/CMakeLists.txt +++ b/src/crypto/CMakeLists.txt @@ -145,15 +145,17 @@ add_library( crypto crypto.c + directory_posix.c + directory_win.c + ex_data.c mem.c + refcount_c11.c + refcount_lock.c thread.c thread_none.c thread_pthread.c thread_win.c - ex_data.c time_support.c - directory_posix.c - directory_win.c ${CRYPTO_ARCH_SOURCES} @@ -205,6 +207,8 @@ add_executable( constant_time_test constant_time_test.c + + $ ) target_link_libraries(constant_time_test crypto) @@ -213,9 +217,19 @@ add_executable( thread_test thread_test.c + + $ ) target_link_libraries(thread_test crypto) +add_executable( + refcount_test + + refcount_test.c +) + +target_link_libraries(refcount_test crypto) + perlasm(cpu-x86_64-asm.${ASM_EXT} cpu-x86_64-asm.pl) perlasm(cpu-x86-asm.${ASM_EXT} cpu-x86-asm.pl) diff --git a/src/crypto/aes/asm/bsaes-armv7.pl b/src/crypto/aes/asm/bsaes-armv7.pl index a5e4a98..273f0b9 100644 --- a/src/crypto/aes/asm/bsaes-armv7.pl +++ b/src/crypto/aes/asm/bsaes-armv7.pl @@ -1424,7 +1424,7 @@ bsaes_ctr32_encrypt_blocks: vld1.8 {@XMM[0]}, [$ctr] @ load counter #ifdef __APPLE__ - mov $ctr, #.LREVM0SR-.LM0 + mov $ctr, #:lower16:(.LREVM0SR-.LM0) add $ctr, $const, $ctr #else add $ctr, $const, #.LREVM0SR-.LM0 @ borrow $ctr @@ -1486,7 +1486,7 @@ bsaes_ctr32_encrypt_blocks: mov r5, $rounds @ pass rounds vstmia $fp, {@XMM[10]} @ save next counter #ifdef __APPLE__ - mov $const, #.LREVM0SR-.LSR + mov $const, #:lower16:(.LREVM0SR-.LSR) sub $const, $ctr, $const #else sub $const, $ctr, #.LREVM0SR-.LSR @ pass constants diff --git a/src/crypto/asn1/tasn_fre.c b/src/crypto/asn1/tasn_fre.c index c344ed7..d1317ae 100644 --- a/src/crypto/asn1/tasn_fre.c +++ b/src/crypto/asn1/tasn_fre.c @@ -143,7 +143,7 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c case ASN1_ITYPE_NDEF_SEQUENCE: case ASN1_ITYPE_SEQUENCE: - if (asn1_do_lock(pval, -1, it) > 0) + if (!asn1_refcount_dec_and_test_zero(pval, it)) return; if (asn1_cb) { diff --git a/src/crypto/asn1/tasn_new.c b/src/crypto/asn1/tasn_new.c index 918aba7..6d69dcb 100644 --- a/src/crypto/asn1/tasn_new.c +++ b/src/crypto/asn1/tasn_new.c @@ -190,7 +190,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, if (!*pval) goto memerr; memset(*pval, 0, it->size); - asn1_do_lock(pval, 0, it); + asn1_refcount_set_one(pval, it); asn1_enc_init(pval, it); } for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) diff --git a/src/crypto/asn1/tasn_utl.c b/src/crypto/asn1/tasn_utl.c index 1b9de94..ff3764e 100644 --- a/src/crypto/asn1/tasn_utl.c +++ b/src/crypto/asn1/tasn_utl.c @@ -64,6 +64,8 @@ #include #include +#include "../internal.h" + /* Utility functions for manipulating fields and offsets */ @@ -86,28 +88,32 @@ int asn1_set_choice_selector(ASN1_VALUE **pval, int value, return ret; } -/* Do reference counting. The value 'op' decides what to do. if it is +1 then - * the count is incremented. If op is 0 count is set to 1. If op is -1 count is - * decremented and the return value is the current refrence count or 0 if no - * reference count exists. */ -int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it) { - const ASN1_AUX *aux; - int *lck, ret; +static CRYPTO_refcount_t *asn1_get_references(ASN1_VALUE **pval, + const ASN1_ITEM *it) { if (it->itype != ASN1_ITYPE_SEQUENCE && it->itype != ASN1_ITYPE_NDEF_SEQUENCE) { - return 0; + return NULL; } - aux = it->funcs; + const ASN1_AUX *aux = it->funcs; if (!aux || !(aux->flags & ASN1_AFLG_REFCOUNT)) { - return 0; + return NULL; } - lck = offset2ptr(*pval, aux->ref_offset); - if (op == 0) { - *lck = 1; - return 1; + return offset2ptr(*pval, aux->ref_offset); +} + +void asn1_refcount_set_one(ASN1_VALUE **pval, const ASN1_ITEM *it) { + CRYPTO_refcount_t *references = asn1_get_references(pval, it); + if (references != NULL) { + *references = 1; } - ret = CRYPTO_add(lck, op, aux->ref_lock); - return ret; +} + +int asn1_refcount_dec_and_test_zero(ASN1_VALUE **pval, const ASN1_ITEM *it) { + CRYPTO_refcount_t *references = asn1_get_references(pval, it); + if (references != NULL) { + return CRYPTO_refcount_dec_and_test_zero(references); + } + return 1; } static ASN1_ENCODING *asn1_get_enc_ptr(ASN1_VALUE **pval, const ASN1_ITEM *it) { diff --git a/src/crypto/base64/CMakeLists.txt b/src/crypto/base64/CMakeLists.txt index 8bc531a..42037a5 100644 --- a/src/crypto/base64/CMakeLists.txt +++ b/src/crypto/base64/CMakeLists.txt @@ -12,6 +12,8 @@ add_executable( base64_test base64_test.cc + + $ ) target_link_libraries(base64_test crypto) diff --git a/src/crypto/bio/CMakeLists.txt b/src/crypto/bio/CMakeLists.txt index f4122c4..dbf5951 100644 --- a/src/crypto/bio/CMakeLists.txt +++ b/src/crypto/bio/CMakeLists.txt @@ -22,6 +22,8 @@ add_executable( bio_test bio_test.cc + + $ ) target_link_libraries(bio_test crypto) diff --git a/src/crypto/bio/bio.c b/src/crypto/bio/bio.c index 694a11c..5ac5911 100644 --- a/src/crypto/bio/bio.c +++ b/src/crypto/bio/bio.c @@ -65,6 +65,8 @@ #include #include +#include "../internal.h" + /* BIO_set initialises a BIO structure to have the given type and sets the * reference count to one. It returns one on success or zero on error. */ @@ -104,8 +106,7 @@ int BIO_free(BIO *bio) { BIO *next_bio; for (; bio != NULL; bio = next_bio) { - int refs = CRYPTO_add(&bio->references, -1, CRYPTO_LOCK_BIO); - if (refs > 0) { + if (!CRYPTO_refcount_dec_and_test_zero(&bio->references)) { return 0; } @@ -128,7 +129,7 @@ int BIO_free(BIO *bio) { } BIO *BIO_up_ref(BIO *bio) { - CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO); + CRYPTO_refcount_inc(&bio->references); return bio; } @@ -507,7 +508,7 @@ static int bio_read_all(BIO *bio, uint8_t **out, size_t *out_len, done += n; if (len < max_len && len - done < kChunkSize / 2) { len += kChunkSize; - if (len > max_len) { + if (len < kChunkSize || len > max_len) { len = max_len; } uint8_t *new_buf = OPENSSL_realloc(*out, len); diff --git a/src/crypto/bio/bio_test.cc b/src/crypto/bio/bio_test.cc index e0193f8..4d7dfe2 100644 --- a/src/crypto/bio/bio_test.cc +++ b/src/crypto/bio/bio_test.cc @@ -371,6 +371,9 @@ static bool TestASN1() { kLargePayloadLen & 0xff}; ScopedOpenSSLBytes large(reinterpret_cast( OPENSSL_malloc(sizeof(kLargePrefix) + kLargePayloadLen))); + if (!large) { + return false; + } memset(large.get() + sizeof(kLargePrefix), 0, kLargePayloadLen); memcpy(large.get(), kLargePrefix, sizeof(kLargePrefix)); diff --git a/src/crypto/bio/printf.c b/src/crypto/bio/printf.c index 3638915..f51b396 100644 --- a/src/crypto/bio/printf.c +++ b/src/crypto/bio/printf.c @@ -64,6 +64,7 @@ #include #include +#include #include int BIO_printf(BIO *bio, const char *format, ...) { @@ -94,9 +95,8 @@ int BIO_printf(BIO *bio, const char *format, ...) { out = OPENSSL_malloc(requested_len + 1); out_malloced = 1; if (out == NULL) { - /* Unclear what can be done in this situation. OpenSSL has historically - * crashed and that seems better than producing the wrong output. */ - abort(); + OPENSSL_PUT_ERROR(BIO, BIO_printf, ERR_R_MALLOC_FAILURE); + return -1; } va_start(args, format); out_len = vsnprintf(out, requested_len + 1, format, args); diff --git a/src/crypto/bio/socket_helper.c b/src/crypto/bio/socket_helper.c index 197c737..b1cdd1a 100644 --- a/src/crypto/bio/socket_helper.c +++ b/src/crypto/bio/socket_helper.c @@ -51,7 +51,7 @@ int bio_ip_and_port_to_socket_and_addr(int *out_sock, ret = getaddrinfo(hostname, port_str, &hint, &result); if (ret != 0) { OPENSSL_PUT_ERROR(SYS, getaddrinfo, 0); - ERR_add_error_data(2, gai_strerror(ret)); + ERR_add_error_data(1, gai_strerror(ret)); return 0; } diff --git a/src/crypto/bn/CMakeLists.txt b/src/crypto/bn/CMakeLists.txt index 25663af..2e0cb45 100644 --- a/src/crypto/bn/CMakeLists.txt +++ b/src/crypto/bn/CMakeLists.txt @@ -4,7 +4,6 @@ if (${ARCH} STREQUAL "x86_64") set( BN_ARCH_SOURCES - asm/x86_64-gcc.c x86_64-mont.${ASM_EXT} x86_64-mont5.${ASM_EXT} rsaz-x86_64.${ASM_EXT} @@ -38,6 +37,7 @@ add_library( OBJECT add.c + asm/x86_64-gcc.c bn.c cmp.c convert.c @@ -70,6 +70,8 @@ add_executable( bn_test bn_test.cc + + $ ) target_link_libraries(bn_test crypto) diff --git a/src/crypto/bn/bn_test.cc b/src/crypto/bn/bn_test.cc index 9aa2bf5..6a7d48c 100644 --- a/src/crypto/bn/bn_test.cc +++ b/src/crypto/bn/bn_test.cc @@ -72,6 +72,7 @@ #define __STDC_FORMAT_MACROS #endif +#include #include #include @@ -83,6 +84,12 @@ #include "../crypto/test/scoped_types.h" +// This program tests the BIGNUM implementation. It takes an optional -bc +// argument to write a transcript compatible with the UNIX bc utility. +// +// TODO(davidben): Rather than generate random inputs and depend on bc to check +// the results, most of these tests should use known answers. + static const int num0 = 100; // number of tests static const int num1 = 50; // additional tests for some functions static const int num2 = 5; // number of tests for slow functions @@ -114,10 +121,7 @@ static bool test_bn2bin_padded(FILE *fp, BN_CTX *ctx); static bool test_dec2bn(FILE *fp, BN_CTX *ctx); static bool test_hex2bn(FILE *fp, BN_CTX *ctx); static bool test_asc2bn(FILE *fp, BN_CTX *ctx); - -// g_results can be set to true to cause the result of each computation to be -// printed. -static bool g_results = false; +static bool test_rand(); static const uint8_t kSample[] = "\xC6\x4F\x43\x04\x2A\xEA\xCA\x6E\x58\x36\x80\x5B\xE8\xC9" @@ -126,7 +130,15 @@ static const uint8_t kSample[] = // A wrapper around puts that takes its arguments in the same order as our *_fp // functions. static void puts_fp(FILE *out, const char *m) { - fputs(m, out); + if (out != nullptr) { + fputs(m, out); + } +} + +static void flush_fp(FILE *out) { + if (out != nullptr) { + fflush(out); + } } static void message(FILE *out, const char *m) { @@ -138,11 +150,24 @@ static void message(FILE *out, const char *m) { int main(int argc, char *argv[]) { CRYPTO_library_init(); + ScopedFILE bc_file; argc--; argv++; while (argc >= 1) { - if (strcmp(*argv, "-results") == 0) { - g_results = true; + if (strcmp(*argv, "-bc") == 0) { + if (argc < 2) { + fprintf(stderr, "Missing parameter to -bc\n"); + return 1; + } + bc_file.reset(fopen(argv[1], "w+")); + if (!bc_file) { + fprintf(stderr, "Failed to open %s: %s\n", argv[1], strerror(errno)); + } + argc--; + argv++; + } else { + fprintf(stderr, "Unknown option: %s\n", argv[0]); + return 1; } argc--; argv++; @@ -154,159 +179,167 @@ int main(int argc, char *argv[]) { return 1; } - if (!g_results) { - puts_fp(stdout, "obase=16\nibase=16\n"); - } + puts_fp(bc_file.get(), "/* This script, when run through the UNIX bc utility, " + "should produce a sequence of zeros. */\n"); + puts_fp(bc_file.get(), "/* tr a-f A-F < bn_test.out | sed s/BAsE/base/ | bc " + "| grep -v 0 */\n"); + puts_fp(bc_file.get(), "obase=16\nibase=16\n"); - message(stdout, "BN_add"); - if (!test_add(stdout)) { + message(bc_file.get(), "BN_add"); + if (!test_add(bc_file.get())) { return 1; } - fflush(stdout); + flush_fp(bc_file.get()); - message(stdout, "BN_sub"); - if (!test_sub(stdout)) { + message(bc_file.get(), "BN_sub"); + if (!test_sub(bc_file.get())) { return 1; } - fflush(stdout); + flush_fp(bc_file.get()); - message(stdout, "BN_lshift1"); - if (!test_lshift1(stdout)) { + message(bc_file.get(), "BN_lshift1"); + if (!test_lshift1(bc_file.get())) { return 1; } - fflush(stdout); + flush_fp(bc_file.get()); - message(stdout, "BN_lshift (fixed)"); + message(bc_file.get(), "BN_lshift (fixed)"); ScopedBIGNUM sample(BN_bin2bn(kSample, sizeof(kSample) - 1, NULL)); if (!sample) { return 1; } - if (!test_lshift(stdout, ctx.get(), bssl::move(sample))) { + if (!test_lshift(bc_file.get(), ctx.get(), bssl::move(sample))) { return 1; } - fflush(stdout); + flush_fp(bc_file.get()); - message(stdout, "BN_lshift"); - if (!test_lshift(stdout, ctx.get(), nullptr)) { + message(bc_file.get(), "BN_lshift"); + if (!test_lshift(bc_file.get(), ctx.get(), nullptr)) { return 1; } - fflush(stdout); + flush_fp(bc_file.get()); - message(stdout, "BN_rshift1"); - if (!test_rshift1(stdout)) { + message(bc_file.get(), "BN_rshift1"); + if (!test_rshift1(bc_file.get())) { return 1; } - fflush(stdout); + flush_fp(bc_file.get()); - message(stdout, "BN_rshift"); - if (!test_rshift(stdout, ctx.get())) { + message(bc_file.get(), "BN_rshift"); + if (!test_rshift(bc_file.get(), ctx.get())) { return 1; } - fflush(stdout); + flush_fp(bc_file.get()); - message(stdout, "BN_sqr"); - if (!test_sqr(stdout, ctx.get())) { + message(bc_file.get(), "BN_sqr"); + if (!test_sqr(bc_file.get(), ctx.get())) { return 1; } - fflush(stdout); + flush_fp(bc_file.get()); - message(stdout, "BN_mul"); - if (!test_mul(stdout)) { + message(bc_file.get(), "BN_mul"); + if (!test_mul(bc_file.get())) { return 1; } - fflush(stdout); + flush_fp(bc_file.get()); - message(stdout, "BN_div"); - if (!test_div(stdout, ctx.get())) { + message(bc_file.get(), "BN_div"); + if (!test_div(bc_file.get(), ctx.get())) { return 1; } - fflush(stdout); + flush_fp(bc_file.get()); - message(stdout, "BN_div_word"); - if (!test_div_word(stdout)) { + message(bc_file.get(), "BN_div_word"); + if (!test_div_word(bc_file.get())) { return 1; } - fflush(stdout); + flush_fp(bc_file.get()); - message(stdout, "BN_mod"); - if (!test_mod(stdout, ctx.get())) { + message(bc_file.get(), "BN_mod"); + if (!test_mod(bc_file.get(), ctx.get())) { return 1; } - fflush(stdout); + flush_fp(bc_file.get()); - message(stdout, "BN_mod_mul"); - if (!test_mod_mul(stdout, ctx.get())) { + message(bc_file.get(), "BN_mod_mul"); + if (!test_mod_mul(bc_file.get(), ctx.get())) { return 1; } - fflush(stdout); + flush_fp(bc_file.get()); - message(stdout, "BN_mont"); - if (!test_mont(stdout, ctx.get())) { + message(bc_file.get(), "BN_mont"); + if (!test_mont(bc_file.get(), ctx.get())) { return 1; } - fflush(stdout); + flush_fp(bc_file.get()); - message(stdout, "BN_mod_exp"); - if (!test_mod_exp(stdout, ctx.get())) { + message(bc_file.get(), "BN_mod_exp"); + if (!test_mod_exp(bc_file.get(), ctx.get())) { return 1; } - fflush(stdout); + flush_fp(bc_file.get()); - message(stdout, "BN_mod_exp_mont_consttime"); - if (!test_mod_exp_mont_consttime(stdout, ctx.get()) || - !test_mod_exp_mont5(stdout, ctx.get())) { + message(bc_file.get(), "BN_mod_exp_mont_consttime"); + if (!test_mod_exp_mont_consttime(bc_file.get(), ctx.get()) || + !test_mod_exp_mont5(bc_file.get(), ctx.get())) { return 1; } - fflush(stdout); + flush_fp(bc_file.get()); - message(stdout, "BN_exp"); - if (!test_exp(stdout, ctx.get()) || + message(bc_file.get(), "BN_exp"); + if (!test_exp(bc_file.get(), ctx.get()) || !test_exp_mod_zero()) { return 1; } - fflush(stdout); + flush_fp(bc_file.get()); + + message(bc_file.get(), "BN_mod_sqrt"); + if (!test_mod_sqrt(bc_file.get(), ctx.get())) { + return 1; + } + flush_fp(bc_file.get()); - message(stdout, "BN_mod_sqrt"); - if (!test_mod_sqrt(stdout, ctx.get())) { + message(bc_file.get(), "Small prime generation"); + if (!test_small_prime(bc_file.get(), ctx.get())) { return 1; } - fflush(stdout); + flush_fp(bc_file.get()); - message(stdout, "Small prime generation"); - if (!test_small_prime(stdout, ctx.get())) { + message(bc_file.get(), "BN_sqrt"); + if (!test_sqrt(bc_file.get(), ctx.get())) { return 1; } - fflush(stdout); + flush_fp(bc_file.get()); - message(stdout, "BN_sqrt"); - if (!test_sqrt(stdout, ctx.get())) { + message(bc_file.get(), "BN_bn2bin_padded"); + if (!test_bn2bin_padded(bc_file.get(), ctx.get())) { return 1; } - fflush(stdout); + flush_fp(bc_file.get()); - message(stdout, "BN_bn2bin_padded"); - if (!test_bn2bin_padded(stdout, ctx.get())) { + message(bc_file.get(), "BN_dec2bn"); + if (!test_dec2bn(bc_file.get(), ctx.get())) { return 1; } - fflush(stdout); + flush_fp(bc_file.get()); - message(stdout, "BN_dec2bn"); - if (!test_dec2bn(stdout, ctx.get())) { + message(bc_file.get(), "BN_hex2bn"); + if (!test_hex2bn(bc_file.get(), ctx.get())) { return 1; } - fflush(stdout); + flush_fp(bc_file.get()); - message(stdout, "BN_hex2bn"); - if (!test_hex2bn(stdout, ctx.get())) { + message(bc_file.get(), "BN_asc2bn"); + if (!test_asc2bn(bc_file.get(), ctx.get())) { return 1; } - fflush(stdout); + flush_fp(bc_file.get()); - message(stdout, "BN_asc2bn"); - if (!test_asc2bn(stdout, ctx.get())) { + message(bc_file.get(), "BN_rand"); + if (!test_rand()) { return 1; } - fflush(stdout); + flush_fp(bc_file.get()); printf("PASS\n"); return 0; @@ -330,12 +363,10 @@ static bool test_add(FILE *fp) { return false; } if (fp != NULL) { - if (!g_results) { - BN_print_fp(fp, a.get()); - puts_fp(fp, " + "); - BN_print_fp(fp, b.get()); - puts_fp(fp, " - "); - } + BN_print_fp(fp, a.get()); + puts_fp(fp, " + "); + BN_print_fp(fp, b.get()); + puts_fp(fp, " - "); BN_print_fp(fp, c.get()); puts_fp(fp, "\n"); } @@ -380,12 +411,10 @@ static bool test_sub(FILE *fp) { return false; } if (fp != NULL) { - if (!g_results) { - BN_print_fp(fp, a.get()); - puts_fp(fp, " - "); - BN_print_fp(fp, b.get()); - puts_fp(fp, " - "); - } + BN_print_fp(fp, a.get()); + puts_fp(fp, " - "); + BN_print_fp(fp, b.get()); + puts_fp(fp, " - "); BN_print_fp(fp, c.get()); puts_fp(fp, "\n"); } @@ -428,21 +457,17 @@ static bool test_div(FILE *fp, BN_CTX *ctx) { return false; } if (fp != NULL) { - if (!g_results) { - BN_print_fp(fp, a.get()); - puts_fp(fp, " / "); - BN_print_fp(fp, b.get()); - puts_fp(fp, " - "); - } + BN_print_fp(fp, a.get()); + puts_fp(fp, " / "); + BN_print_fp(fp, b.get()); + puts_fp(fp, " - "); BN_print_fp(fp, d.get()); puts_fp(fp, "\n"); - if (!g_results) { - BN_print_fp(fp, a.get()); - puts_fp(fp, " % "); - BN_print_fp(fp, b.get()); - puts_fp(fp, " - "); - } + BN_print_fp(fp, a.get()); + puts_fp(fp, " % "); + BN_print_fp(fp, b.get()); + puts_fp(fp, " - "); BN_print_fp(fp, c.get()); puts_fp(fp, "\n"); } @@ -499,11 +524,9 @@ static bool test_lshift1(FILE *fp) { return false; } if (fp != NULL) { - if (!g_results) { - BN_print_fp(fp, a.get()); - puts_fp(fp, " * 2"); - puts_fp(fp, " - "); - } + BN_print_fp(fp, a.get()); + puts_fp(fp, " * 2"); + puts_fp(fp, " - "); BN_print_fp(fp, b.get()); puts_fp(fp, "\n"); } @@ -540,12 +563,10 @@ static bool test_rshift(FILE *fp, BN_CTX *ctx) { return false; } if (fp != NULL) { - if (!g_results) { - BN_print_fp(fp, a.get()); - puts_fp(fp, " / "); - BN_print_fp(fp, c.get()); - puts_fp(fp, " - "); - } + BN_print_fp(fp, a.get()); + puts_fp(fp, " / "); + BN_print_fp(fp, c.get()); + puts_fp(fp, " - "); BN_print_fp(fp, b.get()); puts_fp(fp, "\n"); } @@ -575,11 +596,9 @@ static bool test_rshift1(FILE *fp) { return false; } if (fp != NULL) { - if (!g_results) { - BN_print_fp(fp, a.get()); - puts_fp(fp, " / 2"); - puts_fp(fp, " - "); - } + BN_print_fp(fp, a.get()); + puts_fp(fp, " / 2"); + puts_fp(fp, " - "); BN_print_fp(fp, b.get()); puts_fp(fp, "\n"); } @@ -620,12 +639,10 @@ static bool test_lshift(FILE *fp, BN_CTX *ctx, ScopedBIGNUM a) { return false; } if (fp != NULL) { - if (!g_results) { - BN_print_fp(fp, a.get()); - puts_fp(fp, " * "); - BN_print_fp(fp, c.get()); - puts_fp(fp, " - "); - } + BN_print_fp(fp, a.get()); + puts_fp(fp, " * "); + BN_print_fp(fp, c.get()); + puts_fp(fp, " - "); BN_print_fp(fp, b.get()); puts_fp(fp, "\n"); } @@ -676,12 +693,10 @@ static bool test_mul(FILE *fp) { return false; } if (fp != NULL) { - if (!g_results) { - BN_print_fp(fp, a.get()); - puts_fp(fp, " * "); - BN_print_fp(fp, b.get()); - puts_fp(fp, " - "); - } + BN_print_fp(fp, a.get()); + puts_fp(fp, " * "); + BN_print_fp(fp, b.get()); + puts_fp(fp, " - "); BN_print_fp(fp, c.get()); puts_fp(fp, "\n"); } @@ -730,12 +745,10 @@ static bool test_sqr(FILE *fp, BN_CTX *ctx) { return false; } if (fp != NULL) { - if (!g_results) { - BN_print_fp(fp, a.get()); - puts_fp(fp, " * "); - BN_print_fp(fp, a.get()); - puts_fp(fp, " - "); - } + BN_print_fp(fp, a.get()); + puts_fp(fp, " * "); + BN_print_fp(fp, a.get()); + puts_fp(fp, " - "); BN_print_fp(fp, c.get()); puts_fp(fp, "\n"); } @@ -758,12 +771,10 @@ static bool test_sqr(FILE *fp, BN_CTX *ctx) { return false; } if (fp != NULL) { - if (!g_results) { - BN_print_fp(fp, a.get()); - puts_fp(fp, " * "); - BN_print_fp(fp, a.get()); - puts_fp(fp, " - "); - } + BN_print_fp(fp, a.get()); + puts_fp(fp, " * "); + BN_print_fp(fp, a.get()); + puts_fp(fp, " - "); BN_print_fp(fp, c.get()); puts_fp(fp, "\n"); } @@ -786,12 +797,10 @@ static bool test_sqr(FILE *fp, BN_CTX *ctx) { return false; } if (fp != NULL) { - if (!g_results) { - BN_print_fp(fp, a.get()); - puts_fp(fp, " * "); - BN_print_fp(fp, a.get()); - puts_fp(fp, " - "); - } + BN_print_fp(fp, a.get()); + puts_fp(fp, " * "); + BN_print_fp(fp, a.get()); + puts_fp(fp, " - "); BN_print_fp(fp, c.get()); puts_fp(fp, "\n"); } @@ -846,21 +855,17 @@ static bool test_div_word(FILE *fp) { } if (fp != NULL) { - if (!g_results) { - BN_print_fp(fp, a.get()); - puts_fp(fp, " / "); - print_word(fp, s); - puts_fp(fp, " - "); - } + BN_print_fp(fp, a.get()); + puts_fp(fp, " / "); + print_word(fp, s); + puts_fp(fp, " - "); BN_print_fp(fp, b.get()); puts_fp(fp, "\n"); - if (!g_results) { - BN_print_fp(fp, a.get()); - puts_fp(fp, " % "); - print_word(fp, s); - puts_fp(fp, " - "); - } + BN_print_fp(fp, a.get()); + puts_fp(fp, " % "); + print_word(fp, s); + puts_fp(fp, " - "); print_word(fp, r); puts_fp(fp, "\n"); } @@ -909,14 +914,12 @@ static bool test_mont(FILE *fp, BN_CTX *ctx) { return false; } if (fp != NULL) { - if (!g_results) { - BN_print_fp(fp, a.get()); - puts_fp(fp, " * "); - BN_print_fp(fp, b.get()); - puts_fp(fp, " % "); - BN_print_fp(fp, &mont->N); - puts_fp(fp, " - "); - } + BN_print_fp(fp, a.get()); + puts_fp(fp, " * "); + BN_print_fp(fp, b.get()); + puts_fp(fp, " % "); + BN_print_fp(fp, &mont->N); + puts_fp(fp, " - "); BN_print_fp(fp, A.get()); puts_fp(fp, "\n"); } @@ -953,12 +956,10 @@ static bool test_mod(FILE *fp, BN_CTX *ctx) { return false; } if (fp != NULL) { - if (!g_results) { - BN_print_fp(fp, a.get()); - puts_fp(fp, " % "); - BN_print_fp(fp, b.get()); - puts_fp(fp, " - "); - } + BN_print_fp(fp, a.get()); + puts_fp(fp, " % "); + BN_print_fp(fp, b.get()); + puts_fp(fp, " - "); BN_print_fp(fp, c.get()); puts_fp(fp, "\n"); } @@ -1000,22 +1001,20 @@ static bool test_mod_mul(FILE *fp, BN_CTX *ctx) { return false; } if (fp != NULL) { - if (!g_results) { - BN_print_fp(fp, a.get()); - puts_fp(fp, " * "); - BN_print_fp(fp, b.get()); - puts_fp(fp, " % "); + BN_print_fp(fp, a.get()); + puts_fp(fp, " * "); + BN_print_fp(fp, b.get()); + puts_fp(fp, " % "); + BN_print_fp(fp, c.get()); + if (a->neg != b->neg && !BN_is_zero(e.get())) { + // If (a*b) % c is negative, c must be added + // in order to obtain the normalized remainder + // (new with OpenSSL 0.9.7, previous versions of + // BN_mod_mul could generate negative results) + puts_fp(fp, " + "); BN_print_fp(fp, c.get()); - if (a->neg != b->neg && !BN_is_zero(e.get())) { - // If (a*b) % c is negative, c must be added - // in order to obtain the normalized remainder - // (new with OpenSSL 0.9.7, previous versions of - // BN_mod_mul could generate negative results) - puts_fp(fp, " + "); - BN_print_fp(fp, c.get()); - } - puts_fp(fp, " - "); } + puts_fp(fp, " - "); BN_print_fp(fp, e.get()); puts_fp(fp, "\n"); } @@ -1052,14 +1051,12 @@ static bool test_mod_exp(FILE *fp, BN_CTX *ctx) { } if (fp != NULL) { - if (!g_results) { - BN_print_fp(fp, a.get()); - puts_fp(fp, " ^ "); - BN_print_fp(fp, b.get()); - puts_fp(fp, " % "); - BN_print_fp(fp, c.get()); - puts_fp(fp, " - "); - } + BN_print_fp(fp, a.get()); + puts_fp(fp, " ^ "); + BN_print_fp(fp, b.get()); + puts_fp(fp, " % "); + BN_print_fp(fp, c.get()); + puts_fp(fp, " - "); BN_print_fp(fp, d.get()); puts_fp(fp, "\n"); } @@ -1095,14 +1092,12 @@ static bool test_mod_exp_mont_consttime(FILE *fp, BN_CTX *ctx) { } if (fp != NULL) { - if (!g_results) { - BN_print_fp(fp, a.get()); - puts_fp(fp, " ^ "); - BN_print_fp(fp, b.get()); - puts_fp(fp, " % "); - BN_print_fp(fp, c.get()); - puts_fp(fp, " - "); - } + BN_print_fp(fp, a.get()); + puts_fp(fp, " ^ "); + BN_print_fp(fp, b.get()); + puts_fp(fp, " % "); + BN_print_fp(fp, c.get()); + puts_fp(fp, " - "); BN_print_fp(fp, d.get()); puts_fp(fp, "\n"); } @@ -1203,12 +1198,10 @@ static bool test_exp(FILE *fp, BN_CTX *ctx) { } if (fp != NULL) { - if (!g_results) { - BN_print_fp(fp, a.get()); - puts_fp(fp, " ^ "); - BN_print_fp(fp, b.get()); - puts_fp(fp, " - "); - } + BN_print_fp(fp, a.get()); + puts_fp(fp, " ^ "); + BN_print_fp(fp, b.get()); + puts_fp(fp, " - "); BN_print_fp(fp, d.get()); puts_fp(fp, "\n"); } @@ -1247,32 +1240,15 @@ static bool test_exp_mod_zero(void) { } if (!BN_is_zero(r.get())) { - printf("1**0 mod 1 = "); - BN_print_fp(stdout, r.get()); - printf(", should be 0\n"); + fprintf(stderr, "1**0 mod 1 = "); + BN_print_fp(stderr, r.get()); + fprintf(stderr, ", should be 0\n"); return false; } return true; } -static int genprime_cb(int p, int n, BN_GENCB *arg) { - char c = '*'; - - if (p == 0) { - c = '.'; - } else if (p == 1) { - c = '+'; - } else if (p == 2) { - c = '*'; - } else if (p == 3) { - c = '\n'; - } - putc(c, stdout); - fflush(stdout); - return 1; -} - static bool test_mod_sqrt(FILE *fp, BN_CTX *ctx) { ScopedBIGNUM a(BN_new()); ScopedBIGNUM p(BN_new()); @@ -1281,9 +1257,6 @@ static bool test_mod_sqrt(FILE *fp, BN_CTX *ctx) { return false; } - BN_GENCB cb; - BN_GENCB_set(&cb, genprime_cb, NULL); - for (int i = 0; i < 16; i++) { if (i < 8) { const unsigned kPrimes[8] = {2, 3, 5, 7, 11, 13, 17, 19}; @@ -1293,10 +1266,9 @@ static bool test_mod_sqrt(FILE *fp, BN_CTX *ctx) { } else { if (!BN_set_word(a.get(), 32) || !BN_set_word(r.get(), 2 * i + 1) || - !BN_generate_prime_ex(p.get(), 256, 0, a.get(), r.get(), &cb)) { + !BN_generate_prime_ex(p.get(), 256, 0, a.get(), r.get(), nullptr)) { return false; } - putc('\n', stdout); } p->neg = rand_neg(); @@ -1332,26 +1304,21 @@ static bool test_mod_sqrt(FILE *fp, BN_CTX *ctx) { fprintf(stderr, "\n"); return false; } - - putc('.', stdout); - fflush(stdout); } - - putc('\n', stdout); - fflush(stderr); } return true; } static bool test_small_prime(FILE *fp, BN_CTX *ctx) { - static const int kBits = 10; + static const unsigned kBits = 10; ScopedBIGNUM r(BN_new()); - if (!r || !BN_generate_prime_ex(r.get(), kBits, 0, NULL, NULL, NULL)) { + if (!r || !BN_generate_prime_ex(r.get(), static_cast(kBits), 0, NULL, + NULL, NULL)) { return false; } if (BN_num_bits(r.get()) != kBits) { - fprintf(fp, "Expected %d bit prime, got %d bit number\n", kBits, + fprintf(fp, "Expected %u bit prime, got %u bit number\n", kBits, BN_num_bits(r.get())); return false; } @@ -1617,3 +1584,47 @@ static bool test_asc2bn(FILE *fp, BN_CTX *ctx) { return true; } + +static bool test_rand() { + ScopedBIGNUM bn(BN_new()); + if (!bn) { + return false; + } + + // Test BN_rand accounts for degenerate cases with |top| and |bottom| + // parameters. + if (!BN_rand(bn.get(), 0, 0 /* top */, 0 /* bottom */) || + !BN_is_zero(bn.get())) { + fprintf(stderr, "BN_rand gave a bad result.\n"); + return false; + } + if (!BN_rand(bn.get(), 0, 1 /* top */, 1 /* bottom */) || + !BN_is_zero(bn.get())) { + fprintf(stderr, "BN_rand gave a bad result.\n"); + return false; + } + + if (!BN_rand(bn.get(), 1, 0 /* top */, 0 /* bottom */) || + !BN_is_word(bn.get(), 1)) { + fprintf(stderr, "BN_rand gave a bad result.\n"); + return false; + } + if (!BN_rand(bn.get(), 1, 1 /* top */, 0 /* bottom */) || + !BN_is_word(bn.get(), 1)) { + fprintf(stderr, "BN_rand gave a bad result.\n"); + return false; + } + if (!BN_rand(bn.get(), 1, -1 /* top */, 1 /* bottom */) || + !BN_is_word(bn.get(), 1)) { + fprintf(stderr, "BN_rand gave a bad result.\n"); + return false; + } + + if (!BN_rand(bn.get(), 2, 1 /* top */, 0 /* bottom */) || + !BN_is_word(bn.get(), 3)) { + fprintf(stderr, "BN_rand gave a bad result.\n"); + return false; + } + + return true; +} diff --git a/src/crypto/bn/random.c b/src/crypto/bn/random.c index 3be7510..549ac48 100644 --- a/src/crypto/bn/random.c +++ b/src/crypto/bn/random.c @@ -144,7 +144,7 @@ int BN_rand(BIGNUM *rnd, int bits, int top, int bottom) { } if (top != -1) { - if (top) { + if (top && bits > 1) { if (bit == 0) { buf[0] = 1; buf[1] |= 0x80; diff --git a/src/crypto/bn/shift.c b/src/crypto/bn/shift.c index 1e3b7c3..f143996 100644 --- a/src/crypto/bn/shift.c +++ b/src/crypto/bn/shift.c @@ -58,6 +58,8 @@ #include +#include + #include "internal.h" @@ -66,6 +68,11 @@ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n) { BN_ULONG *t, *f; BN_ULONG l; + if (n < 0) { + OPENSSL_PUT_ERROR(BN, BN_lshift, BN_R_NEGATIVE_NUMBER); + return 0; + } + r->neg = a->neg; nw = n / BN_BITS2; if (bn_wexpand(r, a->top + nw + 1) == NULL) { @@ -130,6 +137,11 @@ int BN_rshift(BIGNUM *r, const BIGNUM *a, int n) { BN_ULONG *t, *f; BN_ULONG l, tmp; + if (n < 0) { + OPENSSL_PUT_ERROR(BN, BN_rshift, BN_R_NEGATIVE_NUMBER); + return 0; + } + nw = n / BN_BITS2; rb = n % BN_BITS2; lb = BN_BITS2 - rb; diff --git a/src/crypto/bytestring/CMakeLists.txt b/src/crypto/bytestring/CMakeLists.txt index d1f0441..cbbacf2 100644 --- a/src/crypto/bytestring/CMakeLists.txt +++ b/src/crypto/bytestring/CMakeLists.txt @@ -14,6 +14,8 @@ add_executable( bytestring_test bytestring_test.cc + + $ ) target_link_libraries(bytestring_test crypto) diff --git a/src/crypto/bytestring/ber.c b/src/crypto/bytestring/ber.c index 2729fa1..e3b150c 100644 --- a/src/crypto/bytestring/ber.c +++ b/src/crypto/bytestring/ber.c @@ -43,7 +43,7 @@ static int cbs_find_ber(CBS *orig_in, char *ber_found, unsigned depth) { unsigned tag; size_t header_len; - if (!CBS_get_any_asn1_element(&in, &contents, &tag, &header_len)) { + if (!CBS_get_any_ber_asn1_element(&in, &contents, &tag, &header_len)) { return 0; } if (CBS_len(&contents) == header_len && @@ -74,7 +74,7 @@ static char is_primitive_type(unsigned tag) { } /* is_eoc returns true if |header_len| and |contents|, as returned by - * |CBS_get_any_asn1_element|, indicate an "end of contents" (EOC) value. */ + * |CBS_get_any_ber_asn1_element|, indicate an "end of contents" (EOC) value. */ static char is_eoc(size_t header_len, CBS *contents) { return header_len == 2 && CBS_len(contents) == 2 && memcmp(CBS_data(contents), "\x00\x00", 2) == 0; @@ -98,7 +98,7 @@ static int cbs_convert_ber(CBS *in, CBB *out, char squash_header, size_t header_len; CBB *out_contents, out_contents_storage; - if (!CBS_get_any_asn1_element(in, &contents, &tag, &header_len)) { + if (!CBS_get_any_ber_asn1_element(in, &contents, &tag, &header_len)) { return 0; } out_contents = out; @@ -129,8 +129,8 @@ static int cbs_convert_ber(CBS *in, CBB *out, char squash_header, size_t inner_header_len; CBS_init(&in_copy, CBS_data(in), CBS_len(in)); - if (!CBS_get_any_asn1_element(&in_copy, &inner_contents, &inner_tag, - &inner_header_len)) { + if (!CBS_get_any_ber_asn1_element(&in_copy, &inner_contents, + &inner_tag, &inner_header_len)) { return 0; } if (CBS_len(&inner_contents) > inner_header_len && @@ -209,7 +209,9 @@ int CBS_asn1_ber_to_der(CBS *in, uint8_t **out, size_t *out_len) { return 1; } - CBB_init(&cbb, CBS_len(in)); + if (!CBB_init(&cbb, CBS_len(in))) { + return 0; + } if (!cbs_convert_ber(in, &cbb, 0, 0, 0)) { CBB_cleanup(&cbb); return 0; diff --git a/src/crypto/bytestring/cbs.c b/src/crypto/bytestring/cbs.c index 10f1a99..b8caedd 100644 --- a/src/crypto/bytestring/cbs.c +++ b/src/crypto/bytestring/cbs.c @@ -157,8 +157,8 @@ int CBS_get_u24_length_prefixed(CBS *cbs, CBS *out) { return cbs_get_length_prefixed(cbs, out, 3); } -int CBS_get_any_asn1_element(CBS *cbs, CBS *out, unsigned *out_tag, - size_t *out_header_len) { +static int cbs_get_any_asn1_element(CBS *cbs, CBS *out, unsigned *out_tag, + size_t *out_header_len, int ber_ok) { uint8_t tag, length_byte; CBS header = *cbs; CBS throwaway; @@ -193,9 +193,11 @@ int CBS_get_any_asn1_element(CBS *cbs, CBS *out, unsigned *out_tag, const size_t num_bytes = length_byte & 0x7f; uint32_t len32; - if ((tag & CBS_ASN1_CONSTRUCTED) != 0 && num_bytes == 0) { + if (ber_ok && (tag & CBS_ASN1_CONSTRUCTED) != 0 && num_bytes == 0) { /* indefinite length */ - *out_header_len = 2; + if (out_header_len != NULL) { + *out_header_len = 2; + } return CBS_get_bytes(cbs, out, 2); } @@ -227,6 +229,18 @@ int CBS_get_any_asn1_element(CBS *cbs, CBS *out, unsigned *out_tag, return CBS_get_bytes(cbs, out, len); } +int CBS_get_any_asn1_element(CBS *cbs, CBS *out, unsigned *out_tag, + size_t *out_header_len) { + return cbs_get_any_asn1_element(cbs, out, out_tag, out_header_len, + 0 /* DER only */); +} + +int CBS_get_any_ber_asn1_element(CBS *cbs, CBS *out, unsigned *out_tag, + size_t *out_header_len) { + return cbs_get_any_asn1_element(cbs, out, out_tag, out_header_len, + 1 /* BER allowed */); +} + static int cbs_get_asn1(CBS *cbs, CBS *out, unsigned tag_value, int skip_header) { size_t header_len; @@ -238,12 +252,7 @@ static int cbs_get_asn1(CBS *cbs, CBS *out, unsigned tag_value, } if (!CBS_get_any_asn1_element(cbs, out, &tag, &header_len) || - tag != tag_value || - (header_len > 0 && - /* This ensures that the tag is either zero length or - * indefinite-length. */ - CBS_len(out) == header_len && - CBS_data(out)[header_len - 1] == 0x80)) { + tag != tag_value) { return 0; } diff --git a/src/crypto/bytestring/internal.h b/src/crypto/bytestring/internal.h index b4ea7e5..391ad19 100644 --- a/src/crypto/bytestring/internal.h +++ b/src/crypto/bytestring/internal.h @@ -38,6 +38,14 @@ extern "C" { * It returns one on success and zero otherwise. */ OPENSSL_EXPORT int CBS_asn1_ber_to_der(CBS *in, uint8_t **out, size_t *out_len); +/* CBS_get_any_ber_asn1_element acts the same as |CBS_get_any_asn1_element| but + * also allows indefinite-length elements to be returned. In that case, + * |*out_header_len| and |CBS_len(out)| will both be two as only the header is + * returned. */ +OPENSSL_EXPORT int CBS_get_any_ber_asn1_element(CBS *cbs, CBS *out, + unsigned *out_tag, + size_t *out_header_len); + #if defined(__cplusplus) } /* extern C */ diff --git a/src/crypto/cipher/CMakeLists.txt b/src/crypto/cipher/CMakeLists.txt index f428e25..2775698 100644 --- a/src/crypto/cipher/CMakeLists.txt +++ b/src/crypto/cipher/CMakeLists.txt @@ -24,7 +24,8 @@ add_library( add_executable( cipher_test - cipher_test.c + cipher_test.cc + $ ) add_executable( diff --git a/src/crypto/cipher/cipher.c b/src/crypto/cipher/cipher.c index 1dcfd06..400c3f5 100644 --- a/src/crypto/cipher/cipher.c +++ b/src/crypto/cipher/cipher.c @@ -94,14 +94,13 @@ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) { } int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) { - if (c->cipher != NULL && c->cipher->cleanup) { - c->cipher->cleanup(c); - } - - if (c->cipher_data) { + if (c->cipher != NULL) { + if (c->cipher->cleanup) { + c->cipher->cleanup(c); + } OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size); - OPENSSL_free(c->cipher_data); } + OPENSSL_free(c->cipher_data); memset(c, 0, sizeof(EVP_CIPHER_CTX)); return 1; @@ -165,6 +164,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, if (ctx->cipher->ctx_size) { ctx->cipher_data = OPENSSL_malloc(ctx->cipher->ctx_size); if (!ctx->cipher_data) { + ctx->cipher = NULL; OPENSSL_PUT_ERROR(CIPHER, EVP_CipherInit_ex, ERR_R_MALLOC_FAILURE); return 0; } @@ -177,6 +177,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) { + ctx->cipher = NULL; OPENSSL_PUT_ERROR(CIPHER, EVP_CipherInit_ex, CIPHER_R_INITIALIZATION_ERROR); return 0; } diff --git a/src/crypto/cipher/cipher_test.c b/src/crypto/cipher/cipher_test.c deleted file mode 100644 index 390262f..0000000 --- a/src/crypto/cipher/cipher_test.c +++ /dev/null @@ -1,423 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#include -#include - -#include -#include -#include - - -static void hexdump(FILE *f, const char *title, const uint8_t *s, int l) { - int n = 0; - - fprintf(f, "%s", title); - for (; n < l; ++n) { - if ((n % 16) == 0) { - fprintf(f, "\n%04x", n); - } - fprintf(f, " %02x", s[n]); - } - fprintf(f, "\n"); -} - -static int convert(uint8_t *s) { - uint8_t *d; - - for (d = s; *s; s += 2, ++d) { - unsigned int n; - - if (!s[1]) { - fprintf(stderr, "Odd number of hex digits!"); - exit(4); - } - sscanf((char *)s, "%2x", &n); - *d = (uint8_t)n; - } - return s - d; -} - -static char *sstrsep(char **string, const char *delim) { - char isdelim[256]; - char *token = *string; - - if (**string == 0) { - return NULL; - } - - memset(isdelim, 0, 256); - isdelim[0] = 1; - - while (*delim) { - isdelim[(uint8_t)(*delim)] = 1; - delim++; - } - - while (!isdelim[(uint8_t)(**string)]) { - (*string)++; - } - - if (**string) { - **string = 0; - (*string)++; - } - - return token; -} - -static uint8_t *ustrsep(char **p, const char *sep) { - return (uint8_t *)sstrsep(p, sep); -} - -static void test1(const char* cipher_name, const EVP_CIPHER *c, - const uint8_t *key, int kn, const uint8_t *iv, int in, - const uint8_t *plaintext, int pn, const uint8_t *ciphertext, - int cn, const uint8_t *aad, int an, const uint8_t *tag, - int tn, int encdec) { - EVP_CIPHER_CTX ctx; - uint8_t out[4096]; - int outl, outl2, mode; - - printf("Testing cipher %s%s\n", cipher_name, - (encdec == 1 ? "(encrypt)" - : (encdec == 0 ? "(decrypt)" : "(encrypt/decrypt)"))); - hexdump(stdout, "Key", key, kn); - if (in) { - hexdump(stdout, "IV", iv, in); - } - hexdump(stdout, "Plaintext", plaintext, pn); - hexdump(stdout, "Ciphertext", ciphertext, cn); - if (an) { - hexdump(stdout, "AAD", aad, an); - } - if (tn) { - hexdump(stdout, "Tag", tag, tn); - } - mode = EVP_CIPHER_mode(c); - if (kn != EVP_CIPHER_key_length(c)) { - fprintf(stderr, "Key length doesn't match, got %d expected %lu\n", kn, - (unsigned long)EVP_CIPHER_key_length(c)); - exit(5); - } - EVP_CIPHER_CTX_init(&ctx); - if (encdec != 0) { - if (mode == EVP_CIPH_GCM_MODE) { - if (!EVP_EncryptInit_ex(&ctx, c, NULL, NULL, NULL)) { - fprintf(stderr, "EncryptInit failed\n"); - ERR_print_errors_fp(stderr); - exit(10); - } - if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, in, NULL)) { - fprintf(stderr, "IV length set failed\n"); - ERR_print_errors_fp(stderr); - exit(11); - } - if (!EVP_EncryptInit_ex(&ctx, NULL, NULL, key, iv)) { - fprintf(stderr, "Key/IV set failed\n"); - ERR_print_errors_fp(stderr); - exit(12); - } - if (an && !EVP_EncryptUpdate(&ctx, NULL, &outl, aad, an)) { - fprintf(stderr, "AAD set failed\n"); - ERR_print_errors_fp(stderr); - exit(13); - } - } else if (!EVP_EncryptInit_ex(&ctx, c, NULL, key, iv)) { - fprintf(stderr, "EncryptInit failed\n"); - ERR_print_errors_fp(stderr); - exit(10); - } - EVP_CIPHER_CTX_set_padding(&ctx, 0); - - if (!EVP_EncryptUpdate(&ctx, out, &outl, plaintext, pn)) { - fprintf(stderr, "Encrypt failed\n"); - ERR_print_errors_fp(stderr); - exit(6); - } - if (!EVP_EncryptFinal_ex(&ctx, out + outl, &outl2)) { - fprintf(stderr, "EncryptFinal failed\n"); - ERR_print_errors_fp(stderr); - exit(7); - } - - if (outl + outl2 != cn) { - fprintf(stderr, "Ciphertext length mismatch got %d expected %d\n", - outl + outl2, cn); - exit(8); - } - - if (memcmp(out, ciphertext, cn)) { - fprintf(stderr, "Ciphertext mismatch\n"); - hexdump(stderr, "Got", out, cn); - hexdump(stderr, "Expected", ciphertext, cn); - exit(9); - } - if (mode == EVP_CIPH_GCM_MODE) { - uint8_t rtag[16]; - /* Note: EVP_CTRL_CCM_GET_TAG has same value as - * EVP_CTRL_GCM_GET_TAG - */ - if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_GET_TAG, tn, rtag)) { - fprintf(stderr, "Get tag failed\n"); - ERR_print_errors_fp(stderr); - exit(14); - } - if (memcmp(rtag, tag, tn)) { - fprintf(stderr, "Tag mismatch\n"); - hexdump(stderr, "Got", rtag, tn); - hexdump(stderr, "Expected", tag, tn); - exit(9); - } - } - } - - if (encdec <= 0) { - if (mode == EVP_CIPH_GCM_MODE) { - if (!EVP_DecryptInit_ex(&ctx, c, NULL, NULL, NULL)) { - fprintf(stderr, "EncryptInit failed\n"); - ERR_print_errors_fp(stderr); - exit(10); - } - if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, in, NULL)) { - fprintf(stderr, "IV length set failed\n"); - ERR_print_errors_fp(stderr); - exit(11); - } - if (!EVP_DecryptInit_ex(&ctx, NULL, NULL, key, iv)) { - fprintf(stderr, "Key/IV set failed\n"); - ERR_print_errors_fp(stderr); - exit(12); - } - if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_TAG, tn, (void *)tag)) { - fprintf(stderr, "Set tag failed\n"); - ERR_print_errors_fp(stderr); - exit(14); - } - if (an && !EVP_DecryptUpdate(&ctx, NULL, &outl, aad, an)) { - fprintf(stderr, "AAD set failed\n"); - ERR_print_errors_fp(stderr); - exit(13); - } - } else if (!EVP_DecryptInit_ex(&ctx, c, NULL, key, iv)) { - fprintf(stderr, "DecryptInit failed\n"); - ERR_print_errors_fp(stderr); - exit(11); - } - EVP_CIPHER_CTX_set_padding(&ctx, 0); - - if (!EVP_DecryptUpdate(&ctx, out, &outl, ciphertext, cn)) { - fprintf(stderr, "Decrypt failed\n"); - ERR_print_errors_fp(stderr); - exit(6); - } - outl2 = 0; - if (!EVP_DecryptFinal_ex(&ctx, out + outl, &outl2)) { - fprintf(stderr, "DecryptFinal failed\n"); - ERR_print_errors_fp(stderr); - exit(7); - } - - if (outl + outl2 != pn) { - fprintf(stderr, "Plaintext length mismatch got %d expected %d\n", - outl + outl2, pn); - exit(8); - } - - if (memcmp(out, plaintext, pn)) { - fprintf(stderr, "Plaintext mismatch\n"); - hexdump(stderr, "Got", out, pn); - hexdump(stderr, "Expected", plaintext, pn); - exit(9); - } - } - - EVP_CIPHER_CTX_cleanup(&ctx); - - printf("\n"); -} - -static int test_cipher(const char *cipher, const uint8_t *key, int kn, - const uint8_t *iv, int in, const uint8_t *plaintext, - int pn, const uint8_t *ciphertext, int cn, - const uint8_t *aad, int an, const uint8_t *tag, int tn, - int encdec) { - const EVP_CIPHER *c; - - if (strcmp(cipher, "DES-CBC") == 0) { - c = EVP_des_cbc(); - } else if (strcmp(cipher, "DES-EDE3-CBC") == 0) { - c = EVP_des_ede3_cbc(); - } else if (strcmp(cipher, "RC4") == 0) { - c = EVP_rc4(); - } else if (strcmp(cipher, "AES-128-ECB") == 0) { - c = EVP_aes_128_ecb(); - } else if (strcmp(cipher, "AES-256-ECB") == 0) { - c = EVP_aes_256_ecb(); - } else if (strcmp(cipher, "AES-128-CBC") == 0) { - c = EVP_aes_128_cbc(); - } else if (strcmp(cipher, "AES-128-GCM") == 0) { - c = EVP_aes_128_gcm(); - } else if (strcmp(cipher, "AES-128-OFB") == 0) { - c = EVP_aes_128_ofb(); - } else if (strcmp(cipher, "AES-192-CBC") == 0) { - c = EVP_aes_192_cbc(); - } else if (strcmp(cipher, "AES-192-ECB") == 0) { - c = EVP_aes_192_ecb(); - } else if (strcmp(cipher, "AES-256-CBC") == 0) { - c = EVP_aes_256_cbc(); - } else if (strcmp(cipher, "AES-128-CTR") == 0) { - c = EVP_aes_128_ctr(); - } else if (strcmp(cipher, "AES-256-CTR") == 0) { - c = EVP_aes_256_ctr(); - } else if (strcmp(cipher, "AES-256-GCM") == 0) { - c = EVP_aes_256_gcm(); - } else if (strcmp(cipher, "AES-256-OFB") == 0) { - c = EVP_aes_256_ofb(); - } else { - fprintf(stderr, "Unknown cipher type %s\n", cipher); - return 0; - } - - test1(cipher, c, key, kn, iv, in, plaintext, pn, ciphertext, cn, aad, an, - tag, tn, encdec); - - return 1; -} - -int main(int argc, char **argv) { - const char *input_file; - FILE *f; - - CRYPTO_library_init(); - - if (argc != 2) { - fprintf(stderr, "%s \n", argv[0]); - return 1; - } - - input_file = argv[1]; - - f = fopen(input_file, "r"); - if (!f) { - perror(input_file); - return 2; - } - - ERR_load_crypto_strings(); - - for (;;) { - char line[4096]; - char *p; - char *cipher; - uint8_t *iv, *key, *plaintext, *ciphertext, *aad, *tag; - int encdec; - int kn, in, pn, cn; - int an = 0; - int tn = 0; - - if (!fgets((char *)line, sizeof line, f)) { - break; - } - if (line[0] == '#' || line[0] == '\n') { - continue; - } - p = line; - cipher = sstrsep(&p, ":"); - key = ustrsep(&p, ":"); - iv = ustrsep(&p, ":"); - plaintext = ustrsep(&p, ":"); - ciphertext = ustrsep(&p, ":"); - if (p[-1] == '\n') { - encdec = -1; - p[-1] = '\0'; - tag = aad = NULL; - an = tn = 0; - } else { - aad = ustrsep(&p, ":"); - tag = ustrsep(&p, ":"); - if (tag == NULL) { - p = (char *)aad; - tag = aad = NULL; - an = tn = 0; - } - if (p[-1] == '\n') { - encdec = -1; - p[-1] = '\0'; - } else { - encdec = atoi(sstrsep(&p, "\n")); - } - } - - kn = convert(key); - in = convert(iv); - pn = convert(plaintext); - cn = convert(ciphertext); - if (aad) { - an = convert(aad); - tn = convert(tag); - } - - if (!test_cipher(cipher, key, kn, iv, in, plaintext, pn, ciphertext, cn, - aad, an, tag, tn, encdec)) { - return 3; - } - } - fclose(f); - - printf("PASS\n"); - return 0; -} diff --git a/src/crypto/cipher/cipher_test.cc b/src/crypto/cipher/cipher_test.cc new file mode 100644 index 0000000..97a84e0 --- /dev/null +++ b/src/crypto/cipher/cipher_test.cc @@ -0,0 +1,262 @@ +/* + * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL + * project. + */ +/* ==================================================================== + * Copyright (c) 2015 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + +#include +#include + +#include +#include + +#include +#include +#include + +#include "../test/file_test.h" +#include "../test/scoped_types.h" +#include "../test/stl_compat.h" + + +static const EVP_CIPHER *GetCipher(const std::string &name) { + if (name == "DES-CBC") { + return EVP_des_cbc(); + } else if (name == "DES-EDE3-CBC") { + return EVP_des_ede3_cbc(); + } else if (name == "RC4") { + return EVP_rc4(); + } else if (name == "AES-128-ECB") { + return EVP_aes_128_ecb(); + } else if (name == "AES-256-ECB") { + return EVP_aes_256_ecb(); + } else if (name == "AES-128-CBC") { + return EVP_aes_128_cbc(); + } else if (name == "AES-128-GCM") { + return EVP_aes_128_gcm(); + } else if (name == "AES-128-OFB") { + return EVP_aes_128_ofb(); + } else if (name == "AES-192-CBC") { + return EVP_aes_192_cbc(); + } else if (name == "AES-192-ECB") { + return EVP_aes_192_ecb(); + } else if (name == "AES-256-CBC") { + return EVP_aes_256_cbc(); + } else if (name == "AES-128-CTR") { + return EVP_aes_128_ctr(); + } else if (name == "AES-256-CTR") { + return EVP_aes_256_ctr(); + } else if (name == "AES-256-GCM") { + return EVP_aes_256_gcm(); + } else if (name == "AES-256-OFB") { + return EVP_aes_256_ofb(); + } + return nullptr; +} + +static bool TestOperation(FileTest *t, + const EVP_CIPHER *cipher, + bool encrypt, + const std::vector &key, + const std::vector &iv, + const std::vector &plaintext, + const std::vector &ciphertext, + const std::vector &aad, + const std::vector &tag) { + const std::vector *in, *out; + if (encrypt) { + in = &plaintext; + out = &ciphertext; + } else { + in = &ciphertext; + out = &plaintext; + } + + bool is_aead = EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE; + + ScopedEVP_CIPHER_CTX ctx; + if (!EVP_CipherInit_ex(ctx.get(), cipher, nullptr, nullptr, nullptr, + encrypt ? 1 : 0)) { + return false; + } + if (t->HasAttribute("IV")) { + if (is_aead) { + if (!EVP_CIPHER_CTX_ctrl(ctx.get(), EVP_CTRL_GCM_SET_IVLEN, + iv.size(), 0)) { + return false; + } + } else if (iv.size() != (size_t)EVP_CIPHER_CTX_iv_length(ctx.get())) { + t->PrintLine("Bad IV length."); + return false; + } + } + if (is_aead && !encrypt && + !EVP_CIPHER_CTX_ctrl(ctx.get(), EVP_CTRL_GCM_SET_TAG, tag.size(), + const_cast(bssl::vector_data(&tag)))) { + return false; + } + // The ciphers are run with no padding. For each of the ciphers we test, the + // output size matches the input size. + std::vector result(in->size()); + if (in->size() != out->size()) { + t->PrintLine("Input/output size mismatch (%u vs %u).", (unsigned)in->size(), + (unsigned)out->size()); + return false; + } + // Note: the deprecated |EVP_CIPHER|-based AES-GCM API is sensitive to whether + // parameters are NULL, so it is important to skip the |in| and |aad| + // |EVP_CipherUpdate| calls when empty. + int unused, result_len1 = 0, result_len2; + if (!EVP_CIPHER_CTX_set_key_length(ctx.get(), key.size()) || + !EVP_CipherInit_ex(ctx.get(), nullptr, nullptr, bssl::vector_data(&key), + bssl::vector_data(&iv), -1) || + (!aad.empty() && + !EVP_CipherUpdate(ctx.get(), nullptr, &unused, bssl::vector_data(&aad), + aad.size())) || + !EVP_CIPHER_CTX_set_padding(ctx.get(), 0) || + (!in->empty() && + !EVP_CipherUpdate(ctx.get(), bssl::vector_data(&result), &result_len1, + bssl::vector_data(in), in->size())) || + !EVP_CipherFinal_ex(ctx.get(), bssl::vector_data(&result) + result_len1, + &result_len2)) { + t->PrintLine("Operation failed."); + return false; + } + result.resize(result_len1 + result_len2); + if (!t->ExpectBytesEqual(bssl::vector_data(out), out->size(), + bssl::vector_data(&result), result.size())) { + return false; + } + if (encrypt && is_aead) { + uint8_t rtag[16]; + if (tag.size() > sizeof(rtag)) { + t->PrintLine("Bad tag length."); + return false; + } + if (!EVP_CIPHER_CTX_ctrl(ctx.get(), EVP_CTRL_GCM_GET_TAG, tag.size(), + rtag) || + !t->ExpectBytesEqual(bssl::vector_data(&tag), tag.size(), rtag, + tag.size())) { + return false; + } + } + return true; +} + +static bool TestCipher(FileTest *t, void *arg) { + std::string cipher_str; + if (!t->GetAttribute(&cipher_str, "Cipher")) { + return false; + } + const EVP_CIPHER *cipher = GetCipher(cipher_str); + if (cipher == nullptr) { + t->PrintLine("Unknown cipher: '%s'.", cipher_str.c_str()); + return false; + } + + std::vector key, iv, plaintext, ciphertext, aad, tag; + if (!t->GetBytes(&key, "Key") || + !t->GetBytes(&plaintext, "Plaintext") || + !t->GetBytes(&ciphertext, "Ciphertext")) { + return false; + } + if (EVP_CIPHER_iv_length(cipher) > 0 && + !t->GetBytes(&iv, "IV")) { + return false; + } + if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) { + if (!t->GetBytes(&aad, "AAD") || + !t->GetBytes(&tag, "Tag")) { + return false; + } + } + + enum { + kEncrypt, + kDecrypt, + kBoth, + } operation = kBoth; + if (t->HasAttribute("Operation")) { + const std::string &str = t->GetAttributeOrDie("Operation"); + if (str == "ENCRYPT") { + operation = kEncrypt; + } else if (str == "DECRYPT") { + operation = kDecrypt; + } else { + t->PrintLine("Unknown operation: '%s'.", str.c_str()); + return false; + } + } + + // By default, both directions are run, unless overridden by the operation. + if (operation != kDecrypt && + !TestOperation(t, cipher, true /* encrypt */, key, iv, plaintext, + ciphertext, aad, tag)) { + return false; + } + if (operation != kEncrypt && + !TestOperation(t, cipher, false /* decrypt */, key, iv, plaintext, + ciphertext, aad, tag)) { + return false; + } + + return true; +} + +int main(int argc, char **argv) { + CRYPTO_library_init(); + + if (argc != 2) { + fprintf(stderr, "%s \n", argv[0]); + return 1; + } + + return FileTestMain(TestCipher, nullptr, argv[1]); +} diff --git a/src/crypto/cipher/e_aes.c b/src/crypto/cipher/e_aes.c index eacbd10..41d0aec 100644 --- a/src/crypto/cipher/e_aes.c +++ b/src/crypto/cipher/e_aes.c @@ -115,7 +115,7 @@ static char bsaes_capable(void) { (defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64)) #include "../arm_arch.h" -#if defined(OPENSSL_ARM) && __ARM_ARCH__ >= 7 +#if defined(OPENSSL_ARM) && __ARM_MAX_ARCH__ >= 7 #define BSAES static char bsaes_capable(void) { return CRYPTO_is_NEON_capable(); diff --git a/src/crypto/cipher/internal.h b/src/crypto/cipher/internal.h index 605b8cb..b2a94f4 100644 --- a/src/crypto/cipher/internal.h +++ b/src/crypto/cipher/internal.h @@ -70,8 +70,6 @@ extern "C" { #define EVP_CIPH_MODE_MASK 0x3f -struct evp_aead_ctx_st; - /* EVP_AEAD represents a specific AEAD algorithm. */ struct evp_aead_st { uint8_t key_len; @@ -79,27 +77,25 @@ struct evp_aead_st { uint8_t overhead; uint8_t max_tag_len; - /* init initialises an |evp_aead_ctx_st|. If this call returns zero then + /* init initialises an |EVP_AEAD_CTX|. If this call returns zero then * |cleanup| will not be called for that context. */ - int (*init)(struct evp_aead_ctx_st *, const uint8_t *key, - size_t key_len, size_t tag_len); - int (*init_with_direction)(struct evp_aead_ctx_st *, const uint8_t *key, - size_t key_len, size_t tag_len, - enum evp_aead_direction_t dir); - void (*cleanup)(struct evp_aead_ctx_st *); - - int (*seal)(const struct evp_aead_ctx_st *ctx, uint8_t *out, - size_t *out_len, size_t max_out_len, const uint8_t *nonce, - size_t nonce_len, const uint8_t *in, size_t in_len, - const uint8_t *ad, size_t ad_len); - - int (*open)(const struct evp_aead_ctx_st *ctx, uint8_t *out, - size_t *out_len, size_t max_out_len, const uint8_t *nonce, - size_t nonce_len, const uint8_t *in, size_t in_len, - const uint8_t *ad, size_t ad_len); - - int (*get_rc4_state)(const struct evp_aead_ctx_st *ctx, - const RC4_KEY **out_key); + int (*init)(EVP_AEAD_CTX *, const uint8_t *key, size_t key_len, + size_t tag_len); + int (*init_with_direction)(EVP_AEAD_CTX *, const uint8_t *key, size_t key_len, + size_t tag_len, enum evp_aead_direction_t dir); + void (*cleanup)(EVP_AEAD_CTX *); + + int (*seal)(const EVP_AEAD_CTX *ctx, uint8_t *out, size_t *out_len, + size_t max_out_len, const uint8_t *nonce, size_t nonce_len, + const uint8_t *in, size_t in_len, const uint8_t *ad, + size_t ad_len); + + int (*open)(const EVP_AEAD_CTX *ctx, uint8_t *out, size_t *out_len, + size_t max_out_len, const uint8_t *nonce, size_t nonce_len, + const uint8_t *in, size_t in_len, const uint8_t *ad, + size_t ad_len); + + int (*get_rc4_state)(const EVP_AEAD_CTX *ctx, const RC4_KEY **out_key); }; diff --git a/src/crypto/cipher/test/cipher_test.txt b/src/crypto/cipher/test/cipher_test.txt index f3c6d35..93cb8f3 100644 --- a/src/crypto/cipher/test/cipher_test.txt +++ b/src/crypto/cipher/test/cipher_test.txt @@ -1,118 +1,537 @@ # RC4 tests (from rc4test) -RC4:0123456789abcdef0123456789abcdef::0123456789abcdef:75b7878099e0c596 -RC4:0123456789abcdef0123456789abcdef::0000000000000000:7494c2e7104b0879 -RC4:00000000000000000000000000000000::0000000000000000:de188941a3375d3a -RC4:ef012345ef012345ef012345ef012345::0000000000000000000000000000000000000000:d6a141a7ec3c38dfbd615a1162e1c7ba36b67858 -RC4:0123456789abcdef0123456789abcdef::123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345678:66a0949f8af7d6891f7f832ba833c00c892ebe30143ce28740011ecf -RC4:ef012345ef012345ef012345ef012345::00000000000000000000:d6a141a7ec3c38dfbd61 +Cipher = RC4 +Key = 0123456789abcdef0123456789abcdef +Plaintext = 0123456789abcdef +Ciphertext = 75b7878099e0c596 + +Cipher = RC4 +Key = 0123456789abcdef0123456789abcdef +Plaintext = 0000000000000000 +Ciphertext = 7494c2e7104b0879 + +Cipher = RC4 +Key = 00000000000000000000000000000000 +Plaintext = 0000000000000000 +Ciphertext = de188941a3375d3a + +Cipher = RC4 +Key = ef012345ef012345ef012345ef012345 +Plaintext = 0000000000000000000000000000000000000000 +Ciphertext = d6a141a7ec3c38dfbd615a1162e1c7ba36b67858 + +Cipher = RC4 +Key = 0123456789abcdef0123456789abcdef +Plaintext = 123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345678 +Ciphertext = 66a0949f8af7d6891f7f832ba833c00c892ebe30143ce28740011ecf + +Cipher = RC4 +Key = ef012345ef012345ef012345ef012345 +Plaintext = 00000000000000000000 +Ciphertext = d6a141a7ec3c38dfbd61 + # DES EDE3 CBC tests (from destest) -DES-EDE3-CBC:0123456789abcdeff1e0d3c2b5a49786fedcba9876543210:fedcba9876543210:37363534333231204E6F77206973207468652074696D6520666F722000000000:3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675 +Cipher = DES-EDE3-CBC +Key = 0123456789abcdeff1e0d3c2b5a49786fedcba9876543210 +IV = fedcba9876543210 +Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000 +Ciphertext = 3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675 + # AES 128 ECB tests (from FIPS-197 test vectors, encrypt) -AES-128-ECB:000102030405060708090A0B0C0D0E0F::00112233445566778899AABBCCDDEEFF:69C4E0D86A7B0430D8CDB78070B4C55A:1 +Cipher = AES-128-ECB +Key = 000102030405060708090A0B0C0D0E0F +Operation = ENCRYPT +Plaintext = 00112233445566778899AABBCCDDEEFF +Ciphertext = 69C4E0D86A7B0430D8CDB78070B4C55A + # AES 256 ECB tests (from FIPS-197 test vectors, encrypt) -AES-256-ECB:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF:8EA2B7CA516745BFEAFC49904B496089:1 +Cipher = AES-256-ECB +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Operation = ENCRYPT +Plaintext = 00112233445566778899AABBCCDDEEFF +Ciphertext = 8EA2B7CA516745BFEAFC49904B496089 -# AES 128 CBC tests (from NIST test vectors, decrypt) # AES tests from NIST document SP800-38A # For all ECB encrypts and decrypts, the transformed sequence is # AES-bits-ECB:key::plaintext:ciphertext:encdec # ECB-AES128.Encrypt and ECB-AES128.Decrypt -AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::6BC1BEE22E409F96E93D7E117393172A:3AD77BB40D7A3660A89ECAF32466EF97 -AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::AE2D8A571E03AC9C9EB76FAC45AF8E51:F5D3D58503B9699DE785895A96FDBAAF -AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::30C81C46A35CE411E5FBC1191A0A52EF:43B1CD7F598ECE23881B00E3ED030688 -AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::F69F2445DF4F9B17AD2B417BE66C3710:7B0C785E27E8AD3F8223207104725DD4 +Cipher = AES-128-ECB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = 3AD77BB40D7A3660A89ECAF32466EF97 + +Cipher = AES-128-ECB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = F5D3D58503B9699DE785895A96FDBAAF + +Cipher = AES-128-ECB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = 43B1CD7F598ECE23881B00E3ED030688 + +Cipher = AES-128-ECB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = 7B0C785E27E8AD3F8223207104725DD4 + + # ECB-AES256.Encrypt and ECB-AES256.Decrypt -AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::6BC1BEE22E409F96E93D7E117393172A:F3EED1BDB5D2A03C064B5A7E3DB181F8 -AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::AE2D8A571E03AC9C9EB76FAC45AF8E51:591CCB10D410ED26DC5BA74A31362870 -AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::30C81C46A35CE411E5FBC1191A0A52EF:B6ED21B99CA6F4F9F153E7B1BEAFED1D -AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::F69F2445DF4F9B17AD2B417BE66C3710:23304B7A39F9F3FF067D8D8F9E24ECC7 +Cipher = AES-256-ECB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = F3EED1BDB5D2A03C064B5A7E3DB181F8 + +Cipher = AES-256-ECB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = 591CCB10D410ED26DC5BA74A31362870 + +Cipher = AES-256-ECB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = B6ED21B99CA6F4F9F153E7B1BEAFED1D + +Cipher = AES-256-ECB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = 23304B7A39F9F3FF067D8D8F9E24ECC7 + + # For all CBC encrypts and decrypts, the transformed sequence is # AES-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec # CBC-AES128.Encrypt and CBC-AES128.Decrypt -AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:7649ABAC8119B246CEE98E9B12E9197D -AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:7649ABAC8119B246CEE98E9B12E9197D:AE2D8A571E03AC9C9EB76FAC45AF8E51:5086CB9B507219EE95DB113A917678B2 -AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:5086CB9B507219EE95DB113A917678B2:30C81C46A35CE411E5FBC1191A0A52EF:73BED6B8E3C1743B7116E69E22229516 -AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:73BED6B8E3C1743B7116E69E22229516:F69F2445DF4F9B17AD2B417BE66C3710:3FF1CAA1681FAC09120ECA307586E1A7 +Cipher = AES-128-CBC +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = 000102030405060708090A0B0C0D0E0F +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = 7649ABAC8119B246CEE98E9B12E9197D + +Cipher = AES-128-CBC +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = 7649ABAC8119B246CEE98E9B12E9197D +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = 5086CB9B507219EE95DB113A917678B2 + +Cipher = AES-128-CBC +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = 5086CB9B507219EE95DB113A917678B2 +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = 73BED6B8E3C1743B7116E69E22229516 + +Cipher = AES-128-CBC +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = 73BED6B8E3C1743B7116E69E22229516 +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = 3FF1CAA1681FAC09120ECA307586E1A7 + + # CBC-AES256.Encrypt and CBC-AES256.Decrypt -AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:F58C4C04D6E5F1BA779EABFB5F7BFBD6 -AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:F58C4C04D6E5F1BA779EABFB5F7BFBD6:AE2D8A571E03AC9C9EB76FAC45AF8E51:9CFC4E967EDB808D679F777BC6702C7D -AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:9CFC4E967EDB808D679F777BC6702C7D:30C81C46A35CE411E5FBC1191A0A52EF:39F23369A9D9BACFA530E26304231461 -AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39F23369A9D9BACFA530E26304231461:F69F2445DF4F9B17AD2B417BE66C3710:B2EB05E2C39BE9FCDA6C19078C6A9D1B +Cipher = AES-256-CBC +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = 000102030405060708090A0B0C0D0E0F +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = F58C4C04D6E5F1BA779EABFB5F7BFBD6 + +Cipher = AES-256-CBC +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = F58C4C04D6E5F1BA779EABFB5F7BFBD6 +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = 9CFC4E967EDB808D679F777BC6702C7D + +Cipher = AES-256-CBC +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = 9CFC4E967EDB808D679F777BC6702C7D +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = 39F23369A9D9BACFA530E26304231461 + +Cipher = AES-256-CBC +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = 39F23369A9D9BACFA530E26304231461 +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = B2EB05E2C39BE9FCDA6C19078C6A9D1B + # AES Counter test vectors from RFC3686 -AES-128-CTR:AE6852F8121067CC4BF7A5765577F39E:00000030000000000000000000000001:53696E676C6520626C6F636B206D7367:E4095D4FB7A7B3792D6175A3261311B8:1 -AES-128-CTR:7E24067817FAE0D743D6CE1F32539163:006CB6DBC0543B59DA48D90B00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:5104A106168A72D9790D41EE8EDAD388EB2E1EFC46DA57C8FCE630DF9141BE28:1 -AES-128-CTR:7691BE035E5020A8AC6E618529F9A0DC:00E0017B27777F3F4A1786F000000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:C1CF48A89F2FFDD9CF4652E9EFDB72D74540A42BDE6D7836D59A5CEAAEF3105325B2072F:1 +Cipher = AES-128-CTR +Key = AE6852F8121067CC4BF7A5765577F39E +IV = 00000030000000000000000000000001 +Operation = ENCRYPT +Plaintext = 53696E676C6520626C6F636B206D7367 +Ciphertext = E4095D4FB7A7B3792D6175A3261311B8 + +Cipher = AES-128-CTR +Key = 7E24067817FAE0D743D6CE1F32539163 +IV = 006CB6DBC0543B59DA48D90B00000001 +Operation = ENCRYPT +Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Ciphertext = 5104A106168A72D9790D41EE8EDAD388EB2E1EFC46DA57C8FCE630DF9141BE28 + +Cipher = AES-128-CTR +Key = 7691BE035E5020A8AC6E618529F9A0DC +IV = 00E0017B27777F3F4A1786F000000001 +Operation = ENCRYPT +Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223 +Ciphertext = C1CF48A89F2FFDD9CF4652E9EFDB72D74540A42BDE6D7836D59A5CEAAEF3105325B2072F + +Cipher = AES-256-CTR +Key = 776BEFF2851DB06F4C8A0542C8696F6C6A81AF1EEC96B4D37FC1D689E6C1C104 +IV = 00000060DB5672C97AA8F0B200000001 +Operation = ENCRYPT +Plaintext = 53696E676C6520626C6F636B206D7367 +Ciphertext = 145AD01DBF824EC7560863DC71E3E0C0 + +Cipher = AES-256-CTR +Key = F6D66D6BD52D59BB0796365879EFF886C66DD51A5B6A99744B50590C87A23884 +IV = 00FAAC24C1585EF15A43D87500000001 +Operation = ENCRYPT +Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Ciphertext = F05E231B3894612C49EE000B804EB2A9B8306B508F839D6A5530831D9344AF1C + +Cipher = AES-256-CTR +Key = FF7A617CE69148E4F1726E2F43581DE2AA62D9F805532EDFF1EED687FB54153D +IV = 001CC5B751A51D70A1C1114800000001 +Operation = ENCRYPT +Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223 +Ciphertext = EB6C52821D0BBBF7CE7594462ACA4FAAB407DF866569FD07F48CC0B583D6071F1EC0E6B8 -AES-256-CTR:776BEFF2851DB06F4C8A0542C8696F6C6A81AF1EEC96B4D37FC1D689E6C1C104:00000060DB5672C97AA8F0B200000001:53696E676C6520626C6F636B206D7367:145AD01DBF824EC7560863DC71E3E0C0:1 -AES-256-CTR:F6D66D6BD52D59BB0796365879EFF886C66DD51A5B6A99744B50590C87A23884:00FAAC24C1585EF15A43D87500000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:F05E231B3894612C49EE000B804EB2A9B8306B508F839D6A5530831D9344AF1C:1 -AES-256-CTR:FF7A617CE69148E4F1726E2F43581DE2AA62D9F805532EDFF1EED687FB54153D:001CC5B751A51D70A1C1114800000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:EB6C52821D0BBBF7CE7594462ACA4FAAB407DF866569FD07F48CC0B583D6071F1EC0E6B8:1 # AES GCM test vectors from http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-spec.pdf -AES-128-GCM:00000000000000000000000000000000:000000000000000000000000::::58e2fccefa7e3061367f1d57a4e7455a -AES-128-GCM:00000000000000000000000000000000:000000000000000000000000:00000000000000000000000000000000:0388dace60b6a392f328c2b971b2fe78::ab6e47d42cec13bdf53a67b21257bddf -AES-128-GCM:feffe9928665731c6d6a8f9467308308:cafebabefacedbaddecaf888:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255:42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985::4d5c2af327cd64a62cf35abd2ba6fab4 -AES-128-GCM:feffe9928665731c6d6a8f9467308308:cafebabefacedbaddecaf888:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39:42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091:feedfacedeadbeeffeedfacedeadbeefabaddad2:5bc94fbc3221a5db94fae95ae7121a47 -AES-128-GCM:feffe9928665731c6d6a8f9467308308:cafebabefacedbad:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39:61353b4c2806934a777ff51fa22a4755699b2a714fcdc6f83766e5f97b6c742373806900e49f24b22b097544d4896b424989b5e1ebac0f07c23f4598:feedfacedeadbeeffeedfacedeadbeefabaddad2:3612d2e79e3b0785561be14aaca2fccb -AES-128-GCM:feffe9928665731c6d6a8f9467308308:9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39:8ce24998625615b603a033aca13fb894be9112a5c3a211a8ba262a3cca7e2ca701e4a9a4fba43c90ccdcb281d48c7c6fd62875d2aca417034c34aee5:feedfacedeadbeeffeedfacedeadbeefabaddad2:619cc5aefffe0bfa462af43c1699d050 -AES-256-GCM:0000000000000000000000000000000000000000000000000000000000000000:000000000000000000000000::::530f8afbc74536b9a963b4f1c4cb738b -AES-256-GCM:0000000000000000000000000000000000000000000000000000000000000000:000000000000000000000000:00000000000000000000000000000000:cea7403d4d606b6e074ec5d3baf39d18::d0d1c8a799996bf0265b98b5d48ab919 -AES-256-GCM:feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308:cafebabefacedbaddecaf888:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255:522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad::b094dac5d93471bdec1a502270e3cc6c -AES-256-GCM:feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308:cafebabefacedbaddecaf888:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39:522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662:feedfacedeadbeeffeedfacedeadbeefabaddad2:76fc6ece0f4e1768cddf8853bb2d551b -AES-256-GCM:feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308:cafebabefacedbad:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39:c3762df1ca787d32ae47c13bf19844cbaf1ae14d0b976afac52ff7d79bba9de0feb582d33934a4f0954cc2363bc73f7862ac430e64abe499f47c9b1f:feedfacedeadbeeffeedfacedeadbeefabaddad2:3a337dbf46a792c45e454913fe2ea8f2 -AES-256-GCM:feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308:9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39:5a8def2f0c9e53f1f75d7853659e2a20eeb2b22aafde6419a058ab4f6f746bf40fc0c3b780f244452da3ebf1c5d82cdea2418997200ef82e44ae7e3f:feedfacedeadbeeffeedfacedeadbeefabaddad2:a44a8266ee1c8eb0c8b5d4cf5ae9f19a +Cipher = AES-128-GCM +Key = 00000000000000000000000000000000 +IV = 000000000000000000000000 +Plaintext = +Ciphertext = +AAD = +Tag = 58e2fccefa7e3061367f1d57a4e7455a + +Cipher = AES-128-GCM +Key = 00000000000000000000000000000000 +IV = 000000000000000000000000 +Plaintext = 00000000000000000000000000000000 +Ciphertext = 0388dace60b6a392f328c2b971b2fe78 +AAD = +Tag = ab6e47d42cec13bdf53a67b21257bddf + +Cipher = AES-128-GCM +Key = feffe9928665731c6d6a8f9467308308 +IV = cafebabefacedbaddecaf888 +Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255 +Ciphertext = 42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985 +AAD = +Tag = 4d5c2af327cd64a62cf35abd2ba6fab4 + +Cipher = AES-128-GCM +Key = feffe9928665731c6d6a8f9467308308 +IV = cafebabefacedbaddecaf888 +Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 +Ciphertext = 42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091 +AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2 +Tag = 5bc94fbc3221a5db94fae95ae7121a47 + +Cipher = AES-128-GCM +Key = feffe9928665731c6d6a8f9467308308 +IV = cafebabefacedbad +Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 +Ciphertext = 61353b4c2806934a777ff51fa22a4755699b2a714fcdc6f83766e5f97b6c742373806900e49f24b22b097544d4896b424989b5e1ebac0f07c23f4598 +AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2 +Tag = 3612d2e79e3b0785561be14aaca2fccb + +Cipher = AES-128-GCM +Key = feffe9928665731c6d6a8f9467308308 +IV = 9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b +Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 +Ciphertext = 8ce24998625615b603a033aca13fb894be9112a5c3a211a8ba262a3cca7e2ca701e4a9a4fba43c90ccdcb281d48c7c6fd62875d2aca417034c34aee5 +AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2 +Tag = 619cc5aefffe0bfa462af43c1699d050 + +Cipher = AES-256-GCM +Key = 0000000000000000000000000000000000000000000000000000000000000000 +IV = 000000000000000000000000 +Plaintext = +Ciphertext = +AAD = +Tag = 530f8afbc74536b9a963b4f1c4cb738b + +Cipher = AES-256-GCM +Key = 0000000000000000000000000000000000000000000000000000000000000000 +IV = 000000000000000000000000 +Plaintext = 00000000000000000000000000000000 +Ciphertext = cea7403d4d606b6e074ec5d3baf39d18 +AAD = +Tag = d0d1c8a799996bf0265b98b5d48ab919 + +Cipher = AES-256-GCM +Key = feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 +IV = cafebabefacedbaddecaf888 +Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255 +Ciphertext = 522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad +AAD = +Tag = b094dac5d93471bdec1a502270e3cc6c + +Cipher = AES-256-GCM +Key = feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 +IV = cafebabefacedbaddecaf888 +Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 +Ciphertext = 522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662 +AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2 +Tag = 76fc6ece0f4e1768cddf8853bb2d551b + +Cipher = AES-256-GCM +Key = feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 +IV = cafebabefacedbad +Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 +Ciphertext = c3762df1ca787d32ae47c13bf19844cbaf1ae14d0b976afac52ff7d79bba9de0feb582d33934a4f0954cc2363bc73f7862ac430e64abe499f47c9b1f +AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2 +Tag = 3a337dbf46a792c45e454913fe2ea8f2 + +Cipher = AES-256-GCM +Key = feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 +IV = 9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b +Plaintext = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 +Ciphertext = 5a8def2f0c9e53f1f75d7853659e2a20eeb2b22aafde6419a058ab4f6f746bf40fc0c3b780f244452da3ebf1c5d82cdea2418997200ef82e44ae7e3f +AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2 +Tag = a44a8266ee1c8eb0c8b5d4cf5ae9f19a + # local add-ons, primarily streaming ghash tests # 128 bytes aad -AES-128-GCM:00000000000000000000000000000000:000000000000000000000000:::d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad:5fea793a2d6f974d37e68e0cb8ff9492 +Cipher = AES-128-GCM +Key = 00000000000000000000000000000000 +IV = 000000000000000000000000 +Plaintext = +Ciphertext = +AAD = d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad +Tag = 5fea793a2d6f974d37e68e0cb8ff9492 + # 48 bytes plaintext -AES-128-GCM:00000000000000000000000000000000:000000000000000000000000:000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000:0388dace60b6a392f328c2b971b2fe78f795aaab494b5923f7fd89ff948bc1e0200211214e7394da2089b6acd093abe0::9dd0a376b08e40eb00c35f29f9ea61a4 +Cipher = AES-128-GCM +Key = 00000000000000000000000000000000 +IV = 000000000000000000000000 +Plaintext = 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Ciphertext = 0388dace60b6a392f328c2b971b2fe78f795aaab494b5923f7fd89ff948bc1e0200211214e7394da2089b6acd093abe0 +AAD = +Tag = 9dd0a376b08e40eb00c35f29f9ea61a4 + # 80 bytes plaintext -AES-128-GCM:00000000000000000000000000000000:000000000000000000000000:0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000:0388dace60b6a392f328c2b971b2fe78f795aaab494b5923f7fd89ff948bc1e0200211214e7394da2089b6acd093abe0c94da219118e297d7b7ebcbcc9c388f28ade7d85a8ee35616f7124a9d5270291::98885a3a22bd4742fe7b72172193b163 +Cipher = AES-128-GCM +Key = 00000000000000000000000000000000 +IV = 000000000000000000000000 +Plaintext = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Ciphertext = 0388dace60b6a392f328c2b971b2fe78f795aaab494b5923f7fd89ff948bc1e0200211214e7394da2089b6acd093abe0c94da219118e297d7b7ebcbcc9c388f28ade7d85a8ee35616f7124a9d5270291 +AAD = +Tag = 98885a3a22bd4742fe7b72172193b163 + # 128 bytes plaintext -AES-128-GCM:00000000000000000000000000000000:000000000000000000000000:0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000:0388dace60b6a392f328c2b971b2fe78f795aaab494b5923f7fd89ff948bc1e0200211214e7394da2089b6acd093abe0c94da219118e297d7b7ebcbcc9c388f28ade7d85a8ee35616f7124a9d527029195b84d1b96c690ff2f2de30bf2ec89e00253786e126504f0dab90c48a30321de3345e6b0461e7c9e6c6b7afedde83f40::cac45f60e31efd3b5a43b98a22ce1aa1 +Cipher = AES-128-GCM +Key = 00000000000000000000000000000000 +IV = 000000000000000000000000 +Plaintext = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Ciphertext = 0388dace60b6a392f328c2b971b2fe78f795aaab494b5923f7fd89ff948bc1e0200211214e7394da2089b6acd093abe0c94da219118e297d7b7ebcbcc9c388f28ade7d85a8ee35616f7124a9d527029195b84d1b96c690ff2f2de30bf2ec89e00253786e126504f0dab90c48a30321de3345e6b0461e7c9e6c6b7afedde83f40 +AAD = +Tag = cac45f60e31efd3b5a43b98a22ce1aa1 + # 192 bytes plaintext, iv is chosen so that initial counter LSB is 0xFF -AES-128-GCM:00000000000000000000000000000000:ffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000:000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000:56b3373ca9ef6e4a2b64fe1e9a17b61425f10d47a75a5fce13efc6bc784af24f4141bdd48cf7c770887afd573cca5418a9aeffcd7c5ceddfc6a78397b9a85b499da558257267caab2ad0b23ca476a53cb17fb41c4b8b475cb4f3f7165094c229c9e8c4dc0a2a5ff1903e501511221376a1cdb8364c5061a20cae74bc4acd76ceb0abc9fd3217ef9f8c90be402ddf6d8697f4f880dff15bfb7a6b28241ec8fe183c2d59e3f9dfff653c7126f0acb9e64211f42bae12af462b1070bef1ab5e3606::566f8ef683078bfdeeffa869d751a017 +Cipher = AES-128-GCM +Key = 00000000000000000000000000000000 +IV = ffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Plaintext = 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Ciphertext = 56b3373ca9ef6e4a2b64fe1e9a17b61425f10d47a75a5fce13efc6bc784af24f4141bdd48cf7c770887afd573cca5418a9aeffcd7c5ceddfc6a78397b9a85b499da558257267caab2ad0b23ca476a53cb17fb41c4b8b475cb4f3f7165094c229c9e8c4dc0a2a5ff1903e501511221376a1cdb8364c5061a20cae74bc4acd76ceb0abc9fd3217ef9f8c90be402ddf6d8697f4f880dff15bfb7a6b28241ec8fe183c2d59e3f9dfff653c7126f0acb9e64211f42bae12af462b1070bef1ab5e3606 +AAD = +Tag = 566f8ef683078bfdeeffa869d751a017 + # 288 bytes plaintext, iv is chosen so that initial counter LSB is 0xFF -AES-128-GCM:00000000000000000000000000000000:ffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000:000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000:56b3373ca9ef6e4a2b64fe1e9a17b61425f10d47a75a5fce13efc6bc784af24f4141bdd48cf7c770887afd573cca5418a9aeffcd7c5ceddfc6a78397b9a85b499da558257267caab2ad0b23ca476a53cb17fb41c4b8b475cb4f3f7165094c229c9e8c4dc0a2a5ff1903e501511221376a1cdb8364c5061a20cae74bc4acd76ceb0abc9fd3217ef9f8c90be402ddf6d8697f4f880dff15bfb7a6b28241ec8fe183c2d59e3f9dfff653c7126f0acb9e64211f42bae12af462b1070bef1ab5e3606872ca10dee15b3249b1a1b958f23134c4bccb7d03200bce420a2f8eb66dcf3644d1423c1b5699003c13ecef4bf38a3b60eedc34033bac1902783dc6d89e2e774188a439c7ebcc0672dbda4ddcfb2794613b0be41315ef778708a70ee7d75165c::8b307f6b33286d0ab026a9ed3fe1e85f +Cipher = AES-128-GCM +Key = 00000000000000000000000000000000 +IV = ffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Plaintext = 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Ciphertext = 56b3373ca9ef6e4a2b64fe1e9a17b61425f10d47a75a5fce13efc6bc784af24f4141bdd48cf7c770887afd573cca5418a9aeffcd7c5ceddfc6a78397b9a85b499da558257267caab2ad0b23ca476a53cb17fb41c4b8b475cb4f3f7165094c229c9e8c4dc0a2a5ff1903e501511221376a1cdb8364c5061a20cae74bc4acd76ceb0abc9fd3217ef9f8c90be402ddf6d8697f4f880dff15bfb7a6b28241ec8fe183c2d59e3f9dfff653c7126f0acb9e64211f42bae12af462b1070bef1ab5e3606872ca10dee15b3249b1a1b958f23134c4bccb7d03200bce420a2f8eb66dcf3644d1423c1b5699003c13ecef4bf38a3b60eedc34033bac1902783dc6d89e2e774188a439c7ebcc0672dbda4ddcfb2794613b0be41315ef778708a70ee7d75165c +AAD = +Tag = 8b307f6b33286d0ab026a9ed3fe1e85f + # 80 bytes plaintext, submitted by Intel -AES-128-GCM:843ffcf5d2b72694d19ed01d01249412:dbcca32ebf9b804617c3aa9e:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f:6268c6fa2a80b2d137467f092f657ac04d89be2beaa623d61b5a868c8f03ff95d3dcee23ad2f1ab3a6c80eaf4b140eb05de3457f0fbc111a6b43d0763aa422a3013cf1dc37fe417d1fbfc449b75d4cc5:00000000000000000000000000000000101112131415161718191a1b1c1d1e1f:3b629ccfbc1119b7319e1dce2cd6fd6d +Cipher = AES-128-GCM +Key = 843ffcf5d2b72694d19ed01d01249412 +IV = dbcca32ebf9b804617c3aa9e +Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f +Ciphertext = 6268c6fa2a80b2d137467f092f657ac04d89be2beaa623d61b5a868c8f03ff95d3dcee23ad2f1ab3a6c80eaf4b140eb05de3457f0fbc111a6b43d0763aa422a3013cf1dc37fe417d1fbfc449b75d4cc5 +AAD = 00000000000000000000000000000000101112131415161718191a1b1c1d1e1f +Tag = 3b629ccfbc1119b7319e1dce2cd6fd6d + # OFB tests from OpenSSL upstream. -AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:1 -AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:7789508D16918F03F53C52DAC54ED825:1 -AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:9740051E9C5FECF64344F7A82260EDCC:1 -AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:304C6528F659C77866A510D9C1D6AE5E:1 + +# OFB-AES128.Encrypt +Cipher = AES-128-OFB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = 000102030405060708090A0B0C0D0E0F +Operation = ENCRYPT +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = 3B3FD92EB72DAD20333449F8E83CFB4A + +Cipher = AES-128-OFB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = 50FE67CC996D32B6DA0937E99BAFEC60 +Operation = ENCRYPT +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = 7789508D16918F03F53C52DAC54ED825 + +Cipher = AES-128-OFB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = D9A4DADA0892239F6B8B3D7680E15674 +Operation = ENCRYPT +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = 9740051E9C5FECF64344F7A82260EDCC + +Cipher = AES-128-OFB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = A78819583F0308E7A6BF36B1386ABF23 +Operation = ENCRYPT +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = 304C6528F659C77866A510D9C1D6AE5E + # OFB-AES128.Decrypt -AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:0 -AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:7789508D16918F03F53C52DAC54ED825:0 -AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:9740051E9C5FECF64344F7A82260EDCC:0 -AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:304C6528F659C77866A510D9C1D6AE5E:0 +Cipher = AES-128-OFB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = 000102030405060708090A0B0C0D0E0F +Operation = DECRYPT +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = 3B3FD92EB72DAD20333449F8E83CFB4A + +Cipher = AES-128-OFB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = 50FE67CC996D32B6DA0937E99BAFEC60 +Operation = DECRYPT +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = 7789508D16918F03F53C52DAC54ED825 + +Cipher = AES-128-OFB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = D9A4DADA0892239F6B8B3D7680E15674 +Operation = DECRYPT +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = 9740051E9C5FECF64344F7A82260EDCC + +Cipher = AES-128-OFB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = A78819583F0308E7A6BF36B1386ABF23 +Operation = DECRYPT +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = 304C6528F659C77866A510D9C1D6AE5E + # OFB-AES256.Encrypt -AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:1 -AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:4FEBDC6740D20B3AC88F6AD82A4FB08D:1 -AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:1 -AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0126141D67F37BE8538F5A8BE740E484:1 +Cipher = AES-256-OFB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = 000102030405060708090A0B0C0D0E0F +Operation = ENCRYPT +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = DC7E84BFDA79164B7ECD8486985D3860 + +Cipher = AES-256-OFB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = B7BF3A5DF43989DD97F0FA97EBCE2F4A +Operation = ENCRYPT +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = 4FEBDC6740D20B3AC88F6AD82A4FB08D + +Cipher = AES-256-OFB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = E1C656305ED1A7A6563805746FE03EDC +Operation = ENCRYPT +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = 71AB47A086E86EEDF39D1C5BBA97C408 + +Cipher = AES-256-OFB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = 41635BE625B48AFC1666DD42A09D96E7 +Operation = ENCRYPT +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = 0126141D67F37BE8538F5A8BE740E484 + + # OFB-AES256.Decrypt -AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:0 -AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:4FEBDC6740D20B3AC88F6AD82A4FB08D:0 -AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:0 -AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0126141D67F37BE8538F5A8BE740E484:0 +Cipher = AES-256-OFB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = 000102030405060708090A0B0C0D0E0F +Operation = DECRYPT +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = DC7E84BFDA79164B7ECD8486985D3860 + +Cipher = AES-256-OFB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = B7BF3A5DF43989DD97F0FA97EBCE2F4A +Operation = DECRYPT +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = 4FEBDC6740D20B3AC88F6AD82A4FB08D + +Cipher = AES-256-OFB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = E1C656305ED1A7A6563805746FE03EDC +Operation = DECRYPT +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = 71AB47A086E86EEDF39D1C5BBA97C408 + +Cipher = AES-256-OFB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = 41635BE625B48AFC1666DD42A09D96E7 +Operation = DECRYPT +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = 0126141D67F37BE8538F5A8BE740E484 + # AES-192 CBC-mode test from upstream OpenSSL. -AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:4F021DB243BC633D7178183A9FA071E8 -AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:4F021DB243BC633D7178183A9FA071E8:AE2D8A571E03AC9C9EB76FAC45AF8E51:B4D9ADA9AD7DEDF4E5E738763F69145A -AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:B4D9ADA9AD7DEDF4E5E738763F69145A:30C81C46A35CE411E5FBC1191A0A52EF:571B242012FB7AE07FA9BAAC3DF102E0 -AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:571B242012FB7AE07FA9BAAC3DF102E0:F69F2445DF4F9B17AD2B417BE66C3710:08B0E27988598881D920A9E64F5615CD +Cipher = AES-192-CBC +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +IV = 000102030405060708090A0B0C0D0E0F +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = 4F021DB243BC633D7178183A9FA071E8 + +Cipher = AES-192-CBC +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +IV = 4F021DB243BC633D7178183A9FA071E8 +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = B4D9ADA9AD7DEDF4E5E738763F69145A + +Cipher = AES-192-CBC +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +IV = B4D9ADA9AD7DEDF4E5E738763F69145A +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = 571B242012FB7AE07FA9BAAC3DF102E0 + +Cipher = AES-192-CBC +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +IV = 571B242012FB7AE07FA9BAAC3DF102E0 +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = 08B0E27988598881D920A9E64F5615CD + # AES-192-ECB tests from FIPS-197 -AES-192-ECB:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF:DDA97CA4864CDFE06EAF70A0EC0D7191:1 +Cipher = AES-192-ECB +Key = 000102030405060708090A0B0C0D0E0F1011121314151617 +Operation = ENCRYPT +Plaintext = 00112233445566778899AABBCCDDEEFF +Ciphertext = DDA97CA4864CDFE06EAF70A0EC0D7191 + # AES-192-ECB tests from NIST document SP800-38A -AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::6BC1BEE22E409F96E93D7E117393172A:BD334F1D6E45F25FF712A214571FA5CC:1 -AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::AE2D8A571E03AC9C9EB76FAC45AF8E51:974104846D0AD3AD7734ECB3ECEE4EEF:1 -AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::30C81C46A35CE411E5FBC1191A0A52EF:EF7AFD2270E2E60ADCE0BA2FACE6444E:1 -AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::F69F2445DF4F9B17AD2B417BE66C3710:9A4B41BA738D6C72FB16691603C18E0E:1 +Cipher = AES-192-ECB +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = BD334F1D6E45F25FF712A214571FA5CC + +Cipher = AES-192-ECB +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = 974104846D0AD3AD7734ECB3ECEE4EEF + +Cipher = AES-192-ECB +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = EF7AFD2270E2E60ADCE0BA2FACE6444E + +Cipher = AES-192-ECB +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = 9A4B41BA738D6C72FB16691603C18E0E diff --git a/src/crypto/des/des.c b/src/crypto/des/des.c index 56a2996..9cd75f5 100644 --- a/src/crypto/des/des.c +++ b/src/crypto/des/des.c @@ -762,3 +762,11 @@ void DES_ede3_cbc_encrypt(const uint8_t *in, uint8_t *out, size_t len, tin[0] = tin[1] = 0; } + +void DES_ede2_cbc_encrypt(const uint8_t *in, uint8_t *out, size_t len, + const DES_key_schedule *ks1, + const DES_key_schedule *ks2, + DES_cblock *ivec, + int enc) { + DES_ede3_cbc_encrypt(in, out, len, ks1, ks2, ks1, ivec, enc); +} diff --git a/src/crypto/dh/CMakeLists.txt b/src/crypto/dh/CMakeLists.txt index 9e487d5..d0c1da7 100644 --- a/src/crypto/dh/CMakeLists.txt +++ b/src/crypto/dh/CMakeLists.txt @@ -16,6 +16,8 @@ add_executable( dh_test dh_test.cc + + $ ) target_link_libraries(dh_test crypto) diff --git a/src/crypto/dh/dh.c b/src/crypto/dh/dh.c index ab7ed8b..96b85f3 100644 --- a/src/crypto/dh/dh.c +++ b/src/crypto/dh/dh.c @@ -116,7 +116,7 @@ void DH_free(DH *dh) { return; } - if (CRYPTO_add(&dh->references, -1, CRYPTO_LOCK_DH) > 0) { + if (!CRYPTO_refcount_dec_and_test_zero(&dh->references)) { return; } @@ -164,8 +164,10 @@ int DH_compute_key(unsigned char *out, const BIGNUM *peers_key, DH *dh) { int DH_size(const DH *dh) { return BN_num_bytes(dh->p); } -int DH_up_ref(DH *r) { - CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DH); +unsigned DH_num_bits(const DH *dh) { return BN_num_bits(dh->p); } + +int DH_up_ref(DH *dh) { + CRYPTO_refcount_inc(&dh->references); return 1; } diff --git a/src/crypto/digest/CMakeLists.txt b/src/crypto/digest/CMakeLists.txt index 8cab46a..816d116 100644 --- a/src/crypto/digest/CMakeLists.txt +++ b/src/crypto/digest/CMakeLists.txt @@ -13,6 +13,8 @@ add_executable( digest_test digest_test.cc + + $ ) target_link_libraries(digest_test crypto) diff --git a/src/crypto/digest/digest.c b/src/crypto/digest/digest.c index e32eafd..f09948b 100644 --- a/src/crypto/digest/digest.c +++ b/src/crypto/digest/digest.c @@ -189,7 +189,8 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *engine) { return 1; } - return ctx->digest->init(ctx); + ctx->digest->init(ctx); + return 1; } int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) { @@ -198,26 +199,24 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) { } int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t len) { - return ctx->update(ctx, data, len); + ctx->update(ctx, data, len); + return 1; } int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, uint8_t *md_out, unsigned int *size) { - int ret; - assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); - ret = ctx->digest->final(ctx, md_out); + ctx->digest->final(ctx, md_out); if (size != NULL) { *size = ctx->digest->md_size; } OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size); - - return ret; + return 1; } int EVP_DigestFinal(EVP_MD_CTX *ctx, uint8_t *md, unsigned int *size) { - int ret = EVP_DigestFinal_ex(ctx, md, size); + EVP_DigestFinal_ex(ctx, md, size); EVP_MD_CTX_cleanup(ctx); - return ret; + return 1; } int EVP_Digest(const void *data, size_t count, uint8_t *out_md, @@ -258,14 +257,6 @@ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, uint32_t flags) { ctx->flags |= flags; } -void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, uint32_t flags) { - ctx->flags &= ~flags; -} - -uint32_t EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, uint32_t flags) { - return ctx->flags & flags; -} - int EVP_add_digest(const EVP_MD *digest) { return 1; } diff --git a/src/crypto/digest/digest_test.cc b/src/crypto/digest/digest_test.cc index dcb569c..6a6113d 100644 --- a/src/crypto/digest/digest_test.cc +++ b/src/crypto/digest/digest_test.cc @@ -233,6 +233,16 @@ static int TestDigest(const TestVector *test) { return true; } +static int TestGetters() { + if (EVP_get_digestbyname("RSA-SHA512") == NULL || + EVP_get_digestbyname("sha512WithRSAEncryption") == NULL || + EVP_get_digestbyname("nonsense") != NULL) { + return false; + } + + return true; +} + int main(void) { CRYPTO_library_init(); ERR_load_crypto_strings(); @@ -244,6 +254,10 @@ int main(void) { } } + if (!TestGetters()) { + return 1; + } + printf("PASS\n"); return 0; } diff --git a/src/crypto/digest/digests.c b/src/crypto/digest/digests.c index ac00ed3..f5eda36 100644 --- a/src/crypto/digest/digests.c +++ b/src/crypto/digest/digests.c @@ -56,6 +56,9 @@ #include +#include +#include + #include #include #include @@ -63,15 +66,23 @@ #include "internal.h" +#if defined(NDEBUG) +#define CHECK(x) x +#else +#define CHECK(x) assert(x) +#endif + -static int md4_init(EVP_MD_CTX *ctx) { return MD4_Init(ctx->md_data); } +static void md4_init(EVP_MD_CTX *ctx) { + CHECK(MD4_Init(ctx->md_data)); +} -static int md4_update(EVP_MD_CTX *ctx, const void *data, size_t count) { - return MD4_Update(ctx->md_data, data, count); +static void md4_update(EVP_MD_CTX *ctx, const void *data, size_t count) { + CHECK(MD4_Update(ctx->md_data, data, count)); } -static int md4_final(EVP_MD_CTX *ctx, unsigned char *out) { - return MD4_Final(out, ctx->md_data); +static void md4_final(EVP_MD_CTX *ctx, uint8_t *out) { + CHECK(MD4_Final(out, ctx->md_data)); } static const EVP_MD md4_md = { @@ -82,14 +93,16 @@ static const EVP_MD md4_md = { const EVP_MD *EVP_md4(void) { return &md4_md; } -static int md5_init(EVP_MD_CTX *ctx) { return MD5_Init(ctx->md_data); } +static void md5_init(EVP_MD_CTX *ctx) { + CHECK(MD5_Init(ctx->md_data)); +} -static int md5_update(EVP_MD_CTX *ctx, const void *data, size_t count) { - return MD5_Update(ctx->md_data, data, count); +static void md5_update(EVP_MD_CTX *ctx, const void *data, size_t count) { + CHECK(MD5_Update(ctx->md_data, data, count)); } -static int md5_final(EVP_MD_CTX *ctx, unsigned char *out) { - return MD5_Final(out, ctx->md_data); +static void md5_final(EVP_MD_CTX *ctx, uint8_t *out) { + CHECK(MD5_Final(out, ctx->md_data)); } static const EVP_MD md5_md = { @@ -100,14 +113,16 @@ static const EVP_MD md5_md = { const EVP_MD *EVP_md5(void) { return &md5_md; } -static int sha1_init(EVP_MD_CTX *ctx) { return SHA1_Init(ctx->md_data); } +static void sha1_init(EVP_MD_CTX *ctx) { + CHECK(SHA1_Init(ctx->md_data)); +} -static int sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count) { - return SHA1_Update(ctx->md_data, data, count); +static void sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count) { + CHECK(SHA1_Update(ctx->md_data, data, count)); } -static int sha1_final(EVP_MD_CTX *ctx, unsigned char *md) { - return SHA1_Final(md, ctx->md_data); +static void sha1_final(EVP_MD_CTX *ctx, uint8_t *md) { + CHECK(SHA1_Final(md, ctx->md_data)); } static const EVP_MD sha1_md = { @@ -118,14 +133,16 @@ static const EVP_MD sha1_md = { const EVP_MD *EVP_sha1(void) { return &sha1_md; } -static int sha224_init(EVP_MD_CTX *ctx) { return SHA224_Init(ctx->md_data); } +static void sha224_init(EVP_MD_CTX *ctx) { + CHECK(SHA224_Init(ctx->md_data)); +} -static int sha224_update(EVP_MD_CTX *ctx, const void *data, size_t count) { - return SHA224_Update(ctx->md_data, data, count); +static void sha224_update(EVP_MD_CTX *ctx, const void *data, size_t count) { + CHECK(SHA224_Update(ctx->md_data, data, count)); } -static int sha224_final(EVP_MD_CTX *ctx, unsigned char *md) { - return SHA224_Final(md, ctx->md_data); +static void sha224_final(EVP_MD_CTX *ctx, uint8_t *md) { + CHECK(SHA224_Final(md, ctx->md_data)); } static const EVP_MD sha224_md = { @@ -137,14 +154,16 @@ static const EVP_MD sha224_md = { const EVP_MD *EVP_sha224(void) { return &sha224_md; } -static int sha256_init(EVP_MD_CTX *ctx) { return SHA256_Init(ctx->md_data); } +static void sha256_init(EVP_MD_CTX *ctx) { + CHECK(SHA256_Init(ctx->md_data)); +} -static int sha256_update(EVP_MD_CTX *ctx, const void *data, size_t count) { - return SHA256_Update(ctx->md_data, data, count); +static void sha256_update(EVP_MD_CTX *ctx, const void *data, size_t count) { + CHECK(SHA256_Update(ctx->md_data, data, count)); } -static int sha256_final(EVP_MD_CTX *ctx, unsigned char *md) { - return SHA256_Final(md, ctx->md_data); +static void sha256_final(EVP_MD_CTX *ctx, uint8_t *md) { + CHECK(SHA256_Final(md, ctx->md_data)); } static const EVP_MD sha256_md = { @@ -156,14 +175,16 @@ static const EVP_MD sha256_md = { const EVP_MD *EVP_sha256(void) { return &sha256_md; } -static int sha384_init(EVP_MD_CTX *ctx) { return SHA384_Init(ctx->md_data); } +static void sha384_init(EVP_MD_CTX *ctx) { + CHECK(SHA384_Init(ctx->md_data)); +} -static int sha384_update(EVP_MD_CTX *ctx, const void *data, size_t count) { - return SHA384_Update(ctx->md_data, data, count); +static void sha384_update(EVP_MD_CTX *ctx, const void *data, size_t count) { + CHECK(SHA384_Update(ctx->md_data, data, count)); } -static int sha384_final(EVP_MD_CTX *ctx, unsigned char *md) { - return SHA384_Final(md, ctx->md_data); +static void sha384_final(EVP_MD_CTX *ctx, uint8_t *md) { + CHECK(SHA384_Final(md, ctx->md_data)); } static const EVP_MD sha384_md = { @@ -175,14 +196,16 @@ static const EVP_MD sha384_md = { const EVP_MD *EVP_sha384(void) { return &sha384_md; } -static int sha512_init(EVP_MD_CTX *ctx) { return SHA512_Init(ctx->md_data); } +static void sha512_init(EVP_MD_CTX *ctx) { + CHECK(SHA512_Init(ctx->md_data)); +} -static int sha512_update(EVP_MD_CTX *ctx, const void *data, size_t count) { - return SHA512_Update(ctx->md_data, data, count); +static void sha512_update(EVP_MD_CTX *ctx, const void *data, size_t count) { + CHECK(SHA512_Update(ctx->md_data, data, count)); } -static int sha512_final(EVP_MD_CTX *ctx, unsigned char *md) { - return SHA512_Final(md, ctx->md_data); +static void sha512_final(EVP_MD_CTX *ctx, uint8_t *md) { + CHECK(SHA512_Final(md, ctx->md_data)); } static const EVP_MD sha512_md = { @@ -199,23 +222,22 @@ typedef struct { SHA_CTX sha1; } MD5_SHA1_CTX; -static int md5_sha1_init(EVP_MD_CTX *md_ctx) { +static void md5_sha1_init(EVP_MD_CTX *md_ctx) { MD5_SHA1_CTX *ctx = md_ctx->md_data; - return MD5_Init(&ctx->md5) && SHA1_Init(&ctx->sha1); + CHECK(MD5_Init(&ctx->md5) && SHA1_Init(&ctx->sha1)); } -static int md5_sha1_update(EVP_MD_CTX *md_ctx, const void *data, size_t count) { +static void md5_sha1_update(EVP_MD_CTX *md_ctx, const void *data, + size_t count) { MD5_SHA1_CTX *ctx = md_ctx->md_data; - return MD5_Update(&ctx->md5, data, count) && SHA1_Update(&ctx->sha1, data, count); + CHECK(MD5_Update(&ctx->md5, data, count) && + SHA1_Update(&ctx->sha1, data, count)); } -static int md5_sha1_final(EVP_MD_CTX *md_ctx, unsigned char *out) { +static void md5_sha1_final(EVP_MD_CTX *md_ctx, uint8_t *out) { MD5_SHA1_CTX *ctx = md_ctx->md_data; - if (!MD5_Final(out, &ctx->md5) || - !SHA1_Final(out + MD5_DIGEST_LENGTH, &ctx->sha1)) { - return 0; - } - return 1; + CHECK(MD5_Final(out, &ctx->md5) && + SHA1_Final(out + MD5_DIGEST_LENGTH, &ctx->sha1)); } static const EVP_MD md5_sha1_md = { @@ -235,25 +257,33 @@ const EVP_MD *EVP_md5_sha1(void) { return &md5_sha1_md; } struct nid_to_digest { int nid; const EVP_MD* (*md_func)(void); + const char *short_name; + const char *long_name; }; static const struct nid_to_digest nid_to_digest_mapping[] = { - { NID_md5, EVP_md5 }, - { NID_sha1, EVP_sha1 }, - { NID_sha224, EVP_sha224 }, - { NID_sha256, EVP_sha256 }, - { NID_sha384, EVP_sha384 }, - { NID_sha512, EVP_sha512 }, - { NID_md5_sha1, EVP_md5_sha1 }, - { NID_dsaWithSHA, EVP_sha1 }, - { NID_dsaWithSHA1, EVP_sha1 }, - { NID_ecdsa_with_SHA1, EVP_sha1 }, - { NID_md5WithRSAEncryption, EVP_md5 }, - { NID_sha1WithRSAEncryption, EVP_sha1 }, - { NID_sha224WithRSAEncryption, EVP_sha224 }, - { NID_sha256WithRSAEncryption, EVP_sha256 }, - { NID_sha384WithRSAEncryption, EVP_sha384 }, - { NID_sha512WithRSAEncryption, EVP_sha512 }, + { NID_md5, EVP_md5, SN_md5, LN_md5 }, + { NID_sha1, EVP_sha1, SN_sha1, LN_sha1 }, + { NID_sha224, EVP_sha224, SN_sha224, LN_sha224 }, + { NID_sha256, EVP_sha256, SN_sha256, LN_sha256 }, + { NID_sha384, EVP_sha384, SN_sha384, LN_sha384 }, + { NID_sha512, EVP_sha512, SN_sha512, LN_sha512 }, + { NID_md5_sha1, EVP_md5_sha1, SN_md5_sha1, LN_md5_sha1 }, + { NID_dsaWithSHA, EVP_sha1, SN_dsaWithSHA, LN_dsaWithSHA }, + { NID_dsaWithSHA1, EVP_sha1, SN_dsaWithSHA1, LN_dsaWithSHA1 }, + { NID_ecdsa_with_SHA1, EVP_sha1, SN_ecdsa_with_SHA1, NULL }, + { NID_md5WithRSAEncryption, EVP_md5, SN_md5WithRSAEncryption, + LN_md5WithRSAEncryption }, + { NID_sha1WithRSAEncryption, EVP_sha1, SN_sha1WithRSAEncryption, + LN_sha1WithRSAEncryption }, + { NID_sha224WithRSAEncryption, EVP_sha224, SN_sha224WithRSAEncryption, + LN_sha224WithRSAEncryption }, + { NID_sha256WithRSAEncryption, EVP_sha256, SN_sha256WithRSAEncryption, + LN_sha256WithRSAEncryption }, + { NID_sha384WithRSAEncryption, EVP_sha384, SN_sha384WithRSAEncryption, + LN_sha384WithRSAEncryption }, + { NID_sha512WithRSAEncryption, EVP_sha512, SN_sha512WithRSAEncryption, + LN_sha512WithRSAEncryption }, }; const EVP_MD* EVP_get_digestbynid(int nid) { @@ -272,3 +302,19 @@ const EVP_MD* EVP_get_digestbynid(int nid) { const EVP_MD* EVP_get_digestbyobj(const ASN1_OBJECT *obj) { return EVP_get_digestbynid(OBJ_obj2nid(obj)); } + +const EVP_MD *EVP_get_digestbyname(const char *name) { + unsigned i; + + for (i = 0; i < sizeof(nid_to_digest_mapping) / sizeof(struct nid_to_digest); + i++) { + const char *short_name = nid_to_digest_mapping[i].short_name; + const char *long_name = nid_to_digest_mapping[i].long_name; + if ((short_name && strcmp(short_name, name) == 0) || + (long_name && strcmp(long_name, name) == 0)) { + return nid_to_digest_mapping[i].md_func(); + } + } + + return NULL; +} diff --git a/src/crypto/digest/internal.h b/src/crypto/digest/internal.h index 94dbfaa..1572fa8 100644 --- a/src/crypto/digest/internal.h +++ b/src/crypto/digest/internal.h @@ -75,15 +75,14 @@ struct env_md_st { /* flags contains the OR of |EVP_MD_FLAG_*| values. */ uint32_t flags; - /* init initialises the state in |ctx->md_data|. It returns one on success - * and zero otherwise. */ - int (*init)(EVP_MD_CTX *ctx); + /* init initialises the state in |ctx->md_data|. */ + void (*init)(EVP_MD_CTX *ctx); /* update hashes |len| bytes of |data| into the state in |ctx->md_data|. */ - int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count); + void (*update)(EVP_MD_CTX *ctx, const void *data, size_t count); /* final completes the hash and writes |md_size| bytes of digest to |out|. */ - int (*final)(EVP_MD_CTX *ctx, uint8_t *out); + void (*final)(EVP_MD_CTX *ctx, uint8_t *out); /* block_size contains the hash's native block size. */ unsigned block_size; @@ -109,6 +108,17 @@ struct evp_md_pctx_ops { int (*begin_digest) (EVP_MD_CTX *ctx); }; +/* EVP_MD_CTX_set_flags ORs |flags| into the flags member of |ctx|. */ +OPENSSL_EXPORT void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, uint32_t flags); + +/* EVP_MD_CTX_FLAG_NO_INIT causes the |EVP_MD|'s |init| function not to be + * called, the |update| member not to be copied from the |EVP_MD| in + * |EVP_DigestInit_ex| and for |md_data| not to be initialised. + * + * TODO(davidben): This is an implementation detail of |EVP_PKEY_HMAC| and can + * be removed when it is gone. */ +#define EVP_MD_CTX_FLAG_NO_INIT 1 + #if defined(__cplusplus) } /* extern C */ diff --git a/src/crypto/digest/md32_common.h b/src/crypto/digest/md32_common.h index d7caba2..14607fb 100644 --- a/src/crypto/digest/md32_common.h +++ b/src/crypto/digest/md32_common.h @@ -147,11 +147,11 @@ extern "C" { * */ # if defined(OPENSSL_X86) || defined(OPENSSL_X86_64) -# define ROTATE(a,n) ({ register unsigned int ret; \ +# define ROTATE(a,n) ({ register uint32_t ret; \ asm ( \ "roll %1,%0" \ : "=r"(ret) \ - : "I"(n), "0"((unsigned int)(a)) \ + : "I"(n), "0"((uint32_t)(a)) \ : "cc"); \ ret; \ }) @@ -173,28 +173,28 @@ extern "C" { * this trick on x86* platforms only, because these CPUs can fetch * unaligned data without raising an exception. */ -# define HOST_c2l(c,l) ({ unsigned int r=*((const unsigned int *)(c)); \ +# define HOST_c2l(c,l) ({ uint32_t r=*((const uint32_t *)(c)); \ asm ("bswapl %0":"=r"(r):"0"(r)); \ (c)+=4; (l)=r; }) -# define HOST_l2c(l,c) ({ unsigned int r=(l); \ +# define HOST_l2c(l,c) ({ uint32_t r=(l); \ asm ("bswapl %0":"=r"(r):"0"(r)); \ - *((unsigned int *)(c))=r; (c)+=4; r; }) + *((uint32_t *)(c))=r; (c)+=4; r; }) # elif defined(__aarch64__) # if defined(__BYTE_ORDER__) # if defined(__ORDER_LITTLE_ENDIAN__) && __BYTE_ORDER__==__ORDER_LITTLE_ENDIAN__ -# define HOST_c2l(c,l) ({ unsigned int r; \ +# define HOST_c2l(c,l) ({ uint32_t r; \ asm ("rev %w0,%w1" \ :"=r"(r) \ - :"r"(*((const unsigned int *)(c))));\ + :"r"(*((const uint32_t *)(c))));\ (c)+=4; (l)=r; }) -# define HOST_l2c(l,c) ({ unsigned int r; \ +# define HOST_l2c(l,c) ({ uint32_t r; \ asm ("rev %w0,%w1" \ :"=r"(r) \ - :"r"((unsigned int)(l)));\ - *((unsigned int *)(c))=r; (c)+=4; r; }) + :"r"((uint32_t)(l))); \ + *((uint32_t *)(c))=r; (c)+=4; r; }) # elif defined(__ORDER_BIG_ENDIAN__) && __BYTE_ORDER__==__ORDER_BIG_ENDIAN__ -# define HOST_c2l(c,l) (void)((l)=*((const unsigned int *)(c)), (c)+=4) -# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, (l)) +# define HOST_c2l(c,l) (void)((l)=*((const uint32_t *)(c)), (c)+=4) +# define HOST_l2c(l,c) (*((uint32_t *)(c))=(l), (c)+=4, (l)) # endif # endif # endif @@ -202,16 +202,16 @@ extern "C" { #endif #ifndef HOST_c2l -#define HOST_c2l(c,l) (void)(l =(((unsigned long)(*((c)++)))<<24), \ - l|=(((unsigned long)(*((c)++)))<<16), \ - l|=(((unsigned long)(*((c)++)))<< 8), \ - l|=(((unsigned long)(*((c)++))) )) +#define HOST_c2l(c,l) (void)(l =(((uint32_t)(*((c)++)))<<24), \ + l|=(((uint32_t)(*((c)++)))<<16), \ + l|=(((uint32_t)(*((c)++)))<< 8), \ + l|=(((uint32_t)(*((c)++))) )) #endif #ifndef HOST_l2c -#define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16)&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ - *((c)++)=(unsigned char)(((l) )&0xff), \ +#define HOST_l2c(l,c) (*((c)++)=(uint8_t)(((l)>>24)&0xff), \ + *((c)++)=(uint8_t)(((l)>>16)&0xff), \ + *((c)++)=(uint8_t)(((l)>> 8)&0xff), \ + *((c)++)=(uint8_t)(((l) )&0xff), \ l) #endif @@ -219,21 +219,21 @@ extern "C" { #if defined(OPENSSL_X86) || defined(OPENSSL_X86_64) /* See comment in DATA_ORDER_IS_BIG_ENDIAN section. */ -# define HOST_c2l(c,l) (void)((l)=*((const unsigned int *)(c)), (c)+=4) -# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, l) +# define HOST_c2l(c,l) (void)((l)=*((const uint32_t *)(c)), (c)+=4) +# define HOST_l2c(l,c) (*((uint32_t *)(c))=(l), (c)+=4, l) #endif #ifndef HOST_c2l -#define HOST_c2l(c,l) (void)(l =(((unsigned long)(*((c)++))) ), \ - l|=(((unsigned long)(*((c)++)))<< 8), \ - l|=(((unsigned long)(*((c)++)))<<16), \ - l|=(((unsigned long)(*((c)++)))<<24)) +#define HOST_c2l(c,l) (void)(l =(((uint32_t)(*((c)++))) ), \ + l|=(((uint32_t)(*((c)++)))<< 8), \ + l|=(((uint32_t)(*((c)++)))<<16), \ + l|=(((uint32_t)(*((c)++)))<<24)) #endif #ifndef HOST_l2c -#define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16)&0xff), \ - *((c)++)=(unsigned char)(((l)>>24)&0xff), \ +#define HOST_l2c(l,c) (*((c)++)=(uint8_t)(((l) )&0xff), \ + *((c)++)=(uint8_t)(((l)>> 8)&0xff), \ + *((c)++)=(uint8_t)(((l)>>16)&0xff), \ + *((c)++)=(uint8_t)(((l)>>24)&0xff), \ l) #endif @@ -241,8 +241,8 @@ extern "C" { int HASH_UPDATE (HASH_CTX *c, const void *data_, size_t len) { - const unsigned char *data=data_; - unsigned char *p; + const uint8_t *data=data_; + uint8_t *p; HASH_LONG l; size_t n; @@ -259,7 +259,7 @@ int HASH_UPDATE (HASH_CTX *c, const void *data_, size_t len) n = c->num; if (n != 0) { - p=(unsigned char *)c->data; + p=(uint8_t *)c->data; if (len >= HASH_CBLOCK || len+n >= HASH_CBLOCK) { @@ -290,7 +290,7 @@ int HASH_UPDATE (HASH_CTX *c, const void *data_, size_t len) if (len != 0) { - p = (unsigned char *)c->data; + p = (uint8_t *)c->data; c->num = (unsigned int)len; memcpy (p,data,len); } @@ -298,15 +298,15 @@ int HASH_UPDATE (HASH_CTX *c, const void *data_, size_t len) } -void HASH_TRANSFORM (HASH_CTX *c, const unsigned char *data) +void HASH_TRANSFORM (HASH_CTX *c, const uint8_t *data) { HASH_BLOCK_DATA_ORDER (c,data,1); } -int HASH_FINAL (unsigned char *md, HASH_CTX *c) +int HASH_FINAL (uint8_t *md, HASH_CTX *c) { - unsigned char *p = (unsigned char *)c->data; + uint8_t *p = (uint8_t *)c->data; size_t n = c->num; p[n] = 0x80; /* there is always room for one */ @@ -342,10 +342,6 @@ int HASH_FINAL (unsigned char *md, HASH_CTX *c) return 1; } -#ifndef MD32_REG_T -#define MD32_REG_T int -#endif - #if defined(__cplusplus) } /* extern C */ diff --git a/src/crypto/dsa/CMakeLists.txt b/src/crypto/dsa/CMakeLists.txt index dab2c4c..1bb8b63 100644 --- a/src/crypto/dsa/CMakeLists.txt +++ b/src/crypto/dsa/CMakeLists.txt @@ -14,6 +14,8 @@ add_executable( dsa_test dsa_test.c + + $ ) target_link_libraries(dsa_test crypto) diff --git a/src/crypto/dsa/dsa.c b/src/crypto/dsa/dsa.c index e8e3d73..65444b1 100644 --- a/src/crypto/dsa/dsa.c +++ b/src/crypto/dsa/dsa.c @@ -123,7 +123,7 @@ void DSA_free(DSA *dsa) { return; } - if (CRYPTO_add(&dsa->references, -1, CRYPTO_LOCK_DSA) > 0) { + if (!CRYPTO_refcount_dec_and_test_zero(&dsa->references)) { return; } @@ -146,7 +146,7 @@ void DSA_free(DSA *dsa) { } int DSA_up_ref(DSA *dsa) { - CRYPTO_add(&dsa->references, 1, CRYPTO_LOCK_DSA); + CRYPTO_refcount_inc(&dsa->references); return 1; } diff --git a/src/crypto/dsa/dsa_impl.c b/src/crypto/dsa/dsa_impl.c index b7e1fd8..2ab8ba8 100644 --- a/src/crypto/dsa/dsa_impl.c +++ b/src/crypto/dsa/dsa_impl.c @@ -501,12 +501,16 @@ static int paramgen(DSA *ret, unsigned bits, const uint8_t *seed_in, } ctx = BN_CTX_new(); + if (ctx == NULL) { + goto err; + } + BN_CTX_start(ctx); + mont = BN_MONT_CTX_new(); - if (ctx == NULL || mont == NULL) { + if (mont == NULL) { goto err; } - BN_CTX_start(ctx); r0 = BN_CTX_get(ctx); g = BN_CTX_get(ctx); W = BN_CTX_get(ctx); @@ -516,7 +520,7 @@ static int paramgen(DSA *ret, unsigned bits, const uint8_t *seed_in, p = BN_CTX_get(ctx); test = BN_CTX_get(ctx); - if (!BN_lshift(test, BN_value_one(), bits - 1)) { + if (test == NULL || !BN_lshift(test, BN_value_one(), bits - 1)) { goto err; } diff --git a/src/crypto/dsa/dsa_test.c b/src/crypto/dsa/dsa_test.c index 9b70dbe..8bdaaf4 100644 --- a/src/crypto/dsa/dsa_test.c +++ b/src/crypto/dsa/dsa_test.c @@ -238,8 +238,10 @@ static int test_generate(FILE *out) { goto end; } - DSA_generate_key(dsa); - DSA_sign(0, fips_digest, sizeof(fips_digest), sig, &siglen, dsa); + if (!DSA_generate_key(dsa) || + !DSA_sign(0, fips_digest, sizeof(fips_digest), sig, &siglen, dsa)) { + goto end; + } if (DSA_verify(0, fips_digest, sizeof(fips_digest), sig, siglen, dsa) == 1) { ok = 1; } else { diff --git a/src/crypto/ec/CMakeLists.txt b/src/crypto/ec/CMakeLists.txt index a218c0d..b5ebefa 100644 --- a/src/crypto/ec/CMakeLists.txt +++ b/src/crypto/ec/CMakeLists.txt @@ -20,12 +20,16 @@ add_executable( example_mul example_mul.c + + $ ) add_executable( ec_test ec_test.cc + + $ ) target_link_libraries(example_mul crypto) diff --git a/src/crypto/ec/ec.c b/src/crypto/ec/ec.c index 5e30730..f38eba6 100644 --- a/src/crypto/ec/ec.c +++ b/src/crypto/ec/ec.c @@ -289,6 +289,12 @@ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor) { + if (group->curve_name != NID_undef) { + /* |EC_GROUP_set_generator| should only be used with |EC_GROUP|s returned + * by |EC_GROUP_new_curve_GFp|. */ + return 0; + } + if (group->generator == NULL) { group->generator = EC_POINT_new(group); if (group->generator == NULL) { diff --git a/src/crypto/ec/ec_key.c b/src/crypto/ec/ec_key.c index 348ec46..e5cbfed 100644 --- a/src/crypto/ec/ec_key.c +++ b/src/crypto/ec/ec_key.c @@ -143,7 +143,7 @@ void EC_KEY_free(EC_KEY *r) { return; } - if (CRYPTO_add(&r->references, -1, CRYPTO_LOCK_EC)) { + if (!CRYPTO_refcount_dec_and_test_zero(&r->references)) { return; } @@ -234,7 +234,8 @@ EC_KEY *EC_KEY_dup(const EC_KEY *ec_key) { } int EC_KEY_up_ref(EC_KEY *r) { - return CRYPTO_add(&r->references, 1, CRYPTO_LOCK_EC) > 1; + CRYPTO_refcount_inc(&r->references); + return 1; } int EC_KEY_is_opaque(const EC_KEY *key) { diff --git a/src/crypto/ec/ec_test.cc b/src/crypto/ec/ec_test.cc index 74685eb..5af42d5 100644 --- a/src/crypto/ec/ec_test.cc +++ b/src/crypto/ec/ec_test.cc @@ -125,6 +125,9 @@ bool Testd2i_ECPrivateKey() { } ScopedOpenSSLString x_hex(BN_bn2hex(x.get())); ScopedOpenSSLString y_hex(BN_bn2hex(y.get())); + if (!x_hex || !y_hex) { + return false; + } if (0 != strcmp( x_hex.get(), "c81561ecf2e54edefe6617db1c7a34a70744ddb261f269b83dacfcd2ade5a681") || diff --git a/src/crypto/ec/internal.h b/src/crypto/ec/internal.h index 0a8bf24..71062c1 100644 --- a/src/crypto/ec/internal.h +++ b/src/crypto/ec/internal.h @@ -72,6 +72,7 @@ #include #include +#include #if defined(__cplusplus) extern "C" { @@ -331,7 +332,7 @@ struct ec_key_st { unsigned int enc_flag; point_conversion_form_t conv_form; - int references; + CRYPTO_refcount_t references; int flags; ECDSA_METHOD *ecdsa_meth; diff --git a/src/crypto/ec/p256-64.c b/src/crypto/ec/p256-64.c index 8f824de..fdb942c 100644 --- a/src/crypto/ec/p256-64.c +++ b/src/crypto/ec/p256-64.c @@ -1601,7 +1601,6 @@ static void batch_mul(felem x_out, felem y_out, felem z_out, /* Precomputation for the group generator. */ typedef struct { smallfelem g_pre_comp[2][16][3]; - int references; } NISTP256_PRE_COMP; /******************************************************************************/ diff --git a/src/crypto/ec/wnaf.c b/src/crypto/ec/wnaf.c index d87a7d9..ae0d73f 100644 --- a/src/crypto/ec/wnaf.c +++ b/src/crypto/ec/wnaf.c @@ -75,6 +75,7 @@ #include #include "internal.h" +#include "../internal.h" /* This file implements the wNAF-based interleaving multi-exponentation method @@ -91,7 +92,7 @@ typedef struct ec_pre_comp_st { EC_POINT **points; /* array with pre-calculated multiples of generator: * 'num' pointers to EC_POINT objects followed by a NULL */ size_t num; /* numblocks * 2^(w-1) */ - int references; + CRYPTO_refcount_t references; } EC_PRE_COMP; static EC_PRE_COMP *ec_pre_comp_new(void) { @@ -116,13 +117,13 @@ void *ec_pre_comp_dup(EC_PRE_COMP *pre_comp) { return NULL; } - CRYPTO_add(&pre_comp->references, 1, CRYPTO_LOCK_EC_PRE_COMP); + CRYPTO_refcount_inc(&pre_comp->references); return pre_comp; } void ec_pre_comp_free(EC_PRE_COMP *pre_comp) { if (pre_comp == NULL || - CRYPTO_add(&pre_comp->references, -1, CRYPTO_LOCK_EC_PRE_COMP) > 0) { + !CRYPTO_refcount_dec_and_test_zero(&pre_comp->references)) { return; } diff --git a/src/crypto/ecdsa/CMakeLists.txt b/src/crypto/ecdsa/CMakeLists.txt index c8645d1..f431e59 100644 --- a/src/crypto/ecdsa/CMakeLists.txt +++ b/src/crypto/ecdsa/CMakeLists.txt @@ -14,6 +14,8 @@ add_executable( ecdsa_test ecdsa_test.cc + + $ ) target_link_libraries(ecdsa_test crypto) diff --git a/src/crypto/err/CMakeLists.txt b/src/crypto/err/CMakeLists.txt index 89f96bd..5215eec 100644 --- a/src/crypto/err/CMakeLists.txt +++ b/src/crypto/err/CMakeLists.txt @@ -44,6 +44,8 @@ add_executable( err_test err_test.cc + + $ ) target_link_libraries(err_test crypto) diff --git a/src/crypto/err/bio.errordata b/src/crypto/err/bio.errordata index cd7286a..9f2af02 100644 --- a/src/crypto/err/bio.errordata +++ b/src/crypto/err/bio.errordata @@ -3,6 +3,7 @@ BIO,function,101,BIO_ctrl BIO,function,102,BIO_new BIO,function,103,BIO_new_file BIO,function,104,BIO_new_mem_buf +BIO,function,118,BIO_printf BIO,function,105,BIO_zero_copy_get_read_buf BIO,function,106,BIO_zero_copy_get_read_buf_done BIO,function,107,BIO_zero_copy_get_write_buf diff --git a/src/crypto/err/bn.errordata b/src/crypto/err/bn.errordata index ab74073..6fd4968 100644 --- a/src/crypto/err/bn.errordata +++ b/src/crypto/err/bn.errordata @@ -8,6 +8,7 @@ BN,function,106,BN_div_recp BN,function,107,BN_exp BN,function,108,BN_generate_dsa_nonce BN,function,109,BN_generate_prime_ex +BN,function,125,BN_lshift BN,function,110,BN_mod_exp2_mont BN,function,111,BN_mod_exp_mont BN,function,112,BN_mod_exp_mont_consttime @@ -19,6 +20,7 @@ BN,function,117,BN_mod_sqrt BN,function,118,BN_new BN,function,119,BN_rand BN,function,120,BN_rand_range +BN,function,126,BN_rshift BN,function,121,BN_sqrt BN,function,122,BN_usub BN,function,123,bn_wexpand diff --git a/src/crypto/err/err.c b/src/crypto/err/err.c index b879a22..de1b4a7 100644 --- a/src/crypto/err/err.c +++ b/src/crypto/err/err.c @@ -333,6 +333,10 @@ int ERR_get_next_error_library(void) { return ret; } +void ERR_remove_state(unsigned long pid) { + ERR_clear_error(); +} + void ERR_clear_system_error(void) { errno = 0; } diff --git a/src/crypto/err/ssl.errordata b/src/crypto/err/ssl.errordata index afeaaeb..4ae0a51 100644 --- a/src/crypto/err/ssl.errordata +++ b/src/crypto/err/ssl.errordata @@ -1,3 +1,6 @@ +SSL,function,276,SSL_AEAD_CTX_new +SSL,function,277,SSL_AEAD_CTX_open +SSL,function,278,SSL_AEAD_CTX_seal SSL,function,100,SSL_CTX_check_private_key SSL,function,101,SSL_CTX_new SSL,function,272,SSL_CTX_set1_tls_channel_id @@ -72,8 +75,9 @@ SSL,function,161,dtls1_preprocess_fragment SSL,function,264,dtls1_process_fragment SSL,function,162,dtls1_process_record SSL,function,163,dtls1_read_bytes +SSL,function,279,dtls1_seal_record SSL,function,164,dtls1_send_hello_verify_request -SSL,function,165,dtls1_write_app_data_bytes +SSL,function,165,dtls1_write_app_data SSL,function,166,i2d_SSL_SESSION SSL,function,167,ssl3_accept SSL,function,169,ssl3_cert_verify_hash @@ -220,6 +224,7 @@ SSL,reason,145,DIGEST_CHECK_FAILED SSL,reason,146,DTLS_MESSAGE_TOO_BIG SSL,reason,147,ECC_CERT_NOT_FOR_SIGNING SSL,reason,148,EMPTY_SRTP_PROTECTION_PROFILE_LIST +SSL,reason,276,EMS_STATE_INCONSISTENT SSL,reason,149,ENCRYPTED_LENGTH_TOO_LONG SSL,reason,150,ERROR_IN_RECEIVED_CIPHER_LIST SSL,reason,151,EVP_DIGESTSIGNFINAL_FAILED @@ -272,6 +277,7 @@ SSL,reason,196,NULL_SSL_CTX SSL,reason,197,NULL_SSL_METHOD_PASSED SSL,reason,198,OLD_SESSION_CIPHER_NOT_RETURNED SSL,reason,273,OLD_SESSION_VERSION_NOT_RETURNED +SSL,reason,274,OUTPUT_ALIASES_INPUT SSL,reason,199,PACKET_LENGTH_TOO_LONG SSL,reason,200,PARSE_TLSEXT SSL,reason,201,PATH_TOO_LONG @@ -289,6 +295,8 @@ SSL,reason,212,RENEGOTIATE_EXT_TOO_LONG SSL,reason,213,RENEGOTIATION_ENCODING_ERR SSL,reason,214,RENEGOTIATION_MISMATCH SSL,reason,215,REQUIRED_CIPHER_MISSING +SSL,reason,275,RESUMED_EMS_SESSION_WITHOUT_EMS_EXTENSION +SSL,reason,277,RESUMED_NON_EMS_SESSION_WITH_EMS_EXTENSION SSL,reason,216,SCSV_RECEIVED_WHEN_RENEGOTIATING SSL,reason,217,SERVERHELLO_TLSEXT SSL,reason,218,SESSION_ID_CONTEXT_UNINITIALIZED diff --git a/src/crypto/evp/CMakeLists.txt b/src/crypto/evp/CMakeLists.txt index 6db9752..5769fa4 100644 --- a/src/crypto/evp/CMakeLists.txt +++ b/src/crypto/evp/CMakeLists.txt @@ -26,12 +26,15 @@ add_executable( evp_extra_test evp_extra_test.cc + + $ ) add_executable( evp_test evp_test.cc + $ ) @@ -39,6 +42,8 @@ add_executable( pbkdf_test pbkdf_test.cc + + $ ) target_link_libraries(evp_extra_test crypto) diff --git a/src/crypto/evp/evp.c b/src/crypto/evp/evp.c index 58fd9a9..0ad5c27 100644 --- a/src/crypto/evp/evp.c +++ b/src/crypto/evp/evp.c @@ -70,6 +70,7 @@ #include #include "internal.h" +#include "../internal.h" extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meth; @@ -106,7 +107,7 @@ void EVP_PKEY_free(EVP_PKEY *pkey) { return; } - if (CRYPTO_add(&pkey->references, -1, CRYPTO_LOCK_EVP_PKEY)) { + if (!CRYPTO_refcount_dec_and_test_zero(&pkey->references)) { return; } @@ -115,7 +116,7 @@ void EVP_PKEY_free(EVP_PKEY *pkey) { } EVP_PKEY *EVP_PKEY_up_ref(EVP_PKEY *pkey) { - CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY); + CRYPTO_refcount_inc(&pkey->references); return pkey; } @@ -441,4 +442,8 @@ EVP_PKEY *EVP_PKEY_dup(EVP_PKEY *pkey) { void OpenSSL_add_all_algorithms(void) {} +void OpenSSL_add_all_ciphers(void) {} + +void OpenSSL_add_all_digests(void) {} + void EVP_cleanup(void) {} diff --git a/src/crypto/evp/p_hmac.c b/src/crypto/evp/p_hmac.c index 21703ed..7d3254a 100644 --- a/src/crypto/evp/p_hmac.c +++ b/src/crypto/evp/p_hmac.c @@ -64,6 +64,7 @@ #include #include "internal.h" +#include "../digest/internal.h" typedef struct { @@ -142,15 +143,14 @@ static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { return 1; } -static int int_update(EVP_MD_CTX *ctx, const void *data, size_t count) { +static void int_update(EVP_MD_CTX *ctx, const void *data, size_t count) { HMAC_PKEY_CTX *hctx = ctx->pctx->data; - return HMAC_Update(&hctx->ctx, data, count); + HMAC_Update(&hctx->ctx, data, count); } static int hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) { - HMAC_PKEY_CTX *hctx = ctx->data; - - HMAC_CTX_set_flags(&hctx->ctx, mctx->flags & ~EVP_MD_CTX_FLAG_NO_INIT); + /* |mctx| gets repurposed as a hook to call |HMAC_Update|. Suppress the + * automatic setting of |mctx->update| and the rest of its initialization. */ EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT); mctx->update = int_update; return 1; diff --git a/src/crypto/hkdf/CMakeLists.txt b/src/crypto/hkdf/CMakeLists.txt index f8dd748..66d680a 100644 --- a/src/crypto/hkdf/CMakeLists.txt +++ b/src/crypto/hkdf/CMakeLists.txt @@ -12,6 +12,8 @@ add_executable( hkdf_test hkdf_test.c + + $ ) target_link_libraries(hkdf_test crypto) diff --git a/src/crypto/hmac/CMakeLists.txt b/src/crypto/hmac/CMakeLists.txt index 1a08c55..11d267f 100644 --- a/src/crypto/hmac/CMakeLists.txt +++ b/src/crypto/hmac/CMakeLists.txt @@ -13,6 +13,7 @@ add_executable( hmac_test hmac_test.cc + $ ) diff --git a/src/crypto/hmac/hmac.c b/src/crypto/hmac/hmac.c index b1b2623..556e7f9 100644 --- a/src/crypto/hmac/hmac.c +++ b/src/crypto/hmac/hmac.c @@ -172,6 +172,8 @@ int HMAC_Final(HMAC_CTX *ctx, uint8_t *out, unsigned int *out_len) { unsigned int i; uint8_t buf[EVP_MAX_MD_SIZE]; + /* TODO(davidben): The only thing that can officially fail here is + * |EVP_MD_CTX_copy_ex|, but even that should be impossible in this case. */ if (!EVP_DigestFinal_ex(&ctx->md_ctx, buf, &i) || !EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->o_ctx) || !EVP_DigestUpdate(&ctx->md_ctx, buf, i) || @@ -198,12 +200,6 @@ int HMAC_CTX_copy_ex(HMAC_CTX *dest, const HMAC_CTX *src) { return 1; } -void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags) { - EVP_MD_CTX_set_flags(&ctx->i_ctx, flags); - EVP_MD_CTX_set_flags(&ctx->o_ctx, flags); - EVP_MD_CTX_set_flags(&ctx->md_ctx, flags); -} - int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len, const EVP_MD *md) { if (key && md) { HMAC_CTX_init(ctx); diff --git a/src/crypto/hmac/hmac_tests.txt b/src/crypto/hmac/hmac_tests.txt index 9caa3c9..012f593 100644 --- a/src/crypto/hmac/hmac_tests.txt +++ b/src/crypto/hmac/hmac_tests.txt @@ -100,3 +100,24 @@ HMAC = SHA512 Input = "Sample message for keylen=blocklen" Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7 Output = D93EC8D2DE1AD2A9957CB9B83F14E76AD6B5E0CCE285079A127D3B14BCCB7AA7286D4AC0D4CE64215F2BC9E6870B33D97438BE4AAA20CDA5C5A912B48B8E27F3 + +# Additional HMAC tests from OpenSSL. +HMAC = SHA1 +Input = "My test data" +Key = +Output = 61afdecb95429ef494d61fdee15990cabf0826fc + +HMAC = SHA256 +Input = "My test data" +Key = +Output = 2274b195d90ce8e03406f4b526a47e0787a88a65479938f1a5baa3ce0f079776 + +HMAC = SHA256 +Input = "My test data" +Key = "123456" +Output = bab53058ae861a7f191abe2d0145cbb123776a6369ee3f9d79ce455667e411dd + +HMAC = SHA1 +Input = "My test data" +Key = "12345" +Output = 7dbe8c764c068e3bcd6e6b0fbcd5e6fc197b15bb diff --git a/src/crypto/internal.h b/src/crypto/internal.h index 42125db..59eddd0 100644 --- a/src/crypto/internal.h +++ b/src/crypto/internal.h @@ -354,6 +354,28 @@ typedef pthread_once_t CRYPTO_once_t; OPENSSL_EXPORT void CRYPTO_once(CRYPTO_once_t *once, void (*init)(void)); +/* Reference counting. */ + +/* CRYPTO_REFCOUNT_MAX is the value at which the reference count saturates. */ +#define CRYPTO_REFCOUNT_MAX 0xffffffff + +/* CRYPTO_refcount_inc atomically increments the value at |*count| unless the + * value would overflow. It's safe for multiple threads to concurrently call + * this or |CRYPTO_refcount_dec_and_test_zero| on the same + * |CRYPTO_refcount_t|. */ +OPENSSL_EXPORT void CRYPTO_refcount_inc(CRYPTO_refcount_t *count); + +/* CRYPTO_refcount_dec_and_test_zero tests the value at |*count|: + * if it's zero, it crashes the address space. + * if it's the maximum value, it returns zero. + * otherwise, it atomically decrements it and returns one iff the resulting + * value is zero. + * + * It's safe for multiple threads to concurrently call this or + * |CRYPTO_refcount_inc| on the same |CRYPTO_refcount_t|. */ +OPENSSL_EXPORT int CRYPTO_refcount_dec_and_test_zero(CRYPTO_refcount_t *count); + + /* Locks. * * Two types of locks are defined: |CRYPTO_MUTEX|, which can be used in @@ -387,37 +409,40 @@ struct CRYPTO_STATIC_MUTEX { /* CRYPTO_MUTEX_init initialises |lock|. If |lock| is a static variable, use a * |CRYPTO_STATIC_MUTEX|. */ -void CRYPTO_MUTEX_init(CRYPTO_MUTEX *lock); +OPENSSL_EXPORT void CRYPTO_MUTEX_init(CRYPTO_MUTEX *lock); /* CRYPTO_MUTEX_lock_read locks |lock| such that other threads may also have a * read lock, but none may have a write lock. (On Windows, read locks are * actually fully exclusive.) */ -void CRYPTO_MUTEX_lock_read(CRYPTO_MUTEX *lock); +OPENSSL_EXPORT void CRYPTO_MUTEX_lock_read(CRYPTO_MUTEX *lock); /* CRYPTO_MUTEX_lock_write locks |lock| such that no other thread has any type * of lock on it. */ -void CRYPTO_MUTEX_lock_write(CRYPTO_MUTEX *lock); +OPENSSL_EXPORT void CRYPTO_MUTEX_lock_write(CRYPTO_MUTEX *lock); /* CRYPTO_MUTEX_unlock unlocks |lock|. */ -void CRYPTO_MUTEX_unlock(CRYPTO_MUTEX *lock); +OPENSSL_EXPORT void CRYPTO_MUTEX_unlock(CRYPTO_MUTEX *lock); /* CRYPTO_MUTEX_cleanup releases all resources held by |lock|. */ -void CRYPTO_MUTEX_cleanup(CRYPTO_MUTEX *lock); +OPENSSL_EXPORT void CRYPTO_MUTEX_cleanup(CRYPTO_MUTEX *lock); /* CRYPTO_STATIC_MUTEX_lock_read locks |lock| such that other threads may also * have a read lock, but none may have a write lock. The |lock| variable does * not need to be initialised by any function, but must have been statically * initialised with |CRYPTO_STATIC_MUTEX_INIT|. */ -void CRYPTO_STATIC_MUTEX_lock_read(struct CRYPTO_STATIC_MUTEX *lock); +OPENSSL_EXPORT void CRYPTO_STATIC_MUTEX_lock_read( + struct CRYPTO_STATIC_MUTEX *lock); /* CRYPTO_STATIC_MUTEX_lock_write locks |lock| such that no other thread has * any type of lock on it. The |lock| variable does not need to be initialised * by any function, but must have been statically initialised with * |CRYPTO_STATIC_MUTEX_INIT|. */ -void CRYPTO_STATIC_MUTEX_lock_write(struct CRYPTO_STATIC_MUTEX *lock); +OPENSSL_EXPORT void CRYPTO_STATIC_MUTEX_lock_write( + struct CRYPTO_STATIC_MUTEX *lock); /* CRYPTO_STATIC_MUTEX_unlock unlocks |lock|. */ -void CRYPTO_STATIC_MUTEX_unlock(struct CRYPTO_STATIC_MUTEX *lock); +OPENSSL_EXPORT void CRYPTO_STATIC_MUTEX_unlock( + struct CRYPTO_STATIC_MUTEX *lock); /* Thread local storage. */ diff --git a/src/crypto/lhash/CMakeLists.txt b/src/crypto/lhash/CMakeLists.txt index 0eaabed..c71b8a1 100644 --- a/src/crypto/lhash/CMakeLists.txt +++ b/src/crypto/lhash/CMakeLists.txt @@ -12,6 +12,8 @@ add_executable( lhash_test lhash_test.c + + $ ) target_link_libraries(lhash_test crypto) diff --git a/src/crypto/lhash/lhash_test.c b/src/crypto/lhash/lhash_test.c index cf5e99b..63748e7 100644 --- a/src/crypto/lhash/lhash_test.c +++ b/src/crypto/lhash/lhash_test.c @@ -123,6 +123,9 @@ int main(int argc, char **argv) { CRYPTO_library_init(); lh = lh_new(NULL, NULL); + if (lh == NULL) { + return 1; + } for (i = 0; i < 100000; i++) { unsigned action; diff --git a/src/crypto/md4/md4.c b/src/crypto/md4/md4.c index 6150b96..5ef9ae5 100644 --- a/src/crypto/md4/md4.c +++ b/src/crypto/md4/md4.c @@ -83,7 +83,7 @@ void md4_block_data_order (MD4_CTX *md4, const void *p, size_t num); #define HASH_FINAL MD4_Final #define HASH_MAKE_STRING(c, s) \ do { \ - unsigned long ll; \ + uint32_t ll; \ ll = (c)->A; \ (void) HOST_l2c(ll, (s)); \ ll = (c)->B; \ diff --git a/src/crypto/md5/md5.c b/src/crypto/md5/md5.c index e20b86b..5575efb 100644 --- a/src/crypto/md5/md5.c +++ b/src/crypto/md5/md5.c @@ -104,7 +104,7 @@ void md5_block_data_order(MD5_CTX *md5, const void *p, size_t num); #define HASH_FINAL MD5_Final #define HASH_MAKE_STRING(c, s) \ do { \ - unsigned long ll; \ + uint32_t ll; \ ll = (c)->A; \ (void) HOST_l2c(ll, (s)); \ ll = (c)->B; \ diff --git a/src/crypto/modes/CMakeLists.txt b/src/crypto/modes/CMakeLists.txt index d50e97b..ffb29b6 100644 --- a/src/crypto/modes/CMakeLists.txt +++ b/src/crypto/modes/CMakeLists.txt @@ -58,6 +58,8 @@ add_executable( gcm_test gcm_test.c + + $ ) target_link_libraries(gcm_test crypto) diff --git a/src/crypto/modes/cbc.c b/src/crypto/modes/cbc.c index ba4805b..931b718 100644 --- a/src/crypto/modes/cbc.c +++ b/src/crypto/modes/cbc.c @@ -63,7 +63,8 @@ void CRYPTO_cbc128_encrypt(const uint8_t *in, uint8_t *out, size_t len, size_t n; const uint8_t *iv = ivec; - assert(in && out && key && ivec); + assert(key != NULL && ivec != NULL); + assert(len == 0 || (in != NULL && out != NULL)); if (STRICT_ALIGNMENT && ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(size_t) != 0) { @@ -119,9 +120,17 @@ void CRYPTO_cbc128_decrypt(const uint8_t *in, uint8_t *out, size_t len, uint8_t c[16]; } tmp; - assert(in && out && key && ivec); + assert(key != NULL && ivec != NULL); + assert(len == 0 || (in != NULL && out != NULL)); - if (in != out) { + const uintptr_t inptr = (uintptr_t) in; + const uintptr_t outptr = (uintptr_t) out; + /* If |in| and |out| alias, |in| must be ahead. */ + assert(inptr >= outptr || inptr + len <= outptr); + + if ((inptr >= 32 && outptr <= inptr - 32) || inptr < outptr) { + /* If |out| is at least two blocks behind |in| or completely disjoint, there + * is no need to decrypt to a temporary block. */ const uint8_t *iv = ivec; if (STRICT_ALIGNMENT && @@ -152,6 +161,9 @@ void CRYPTO_cbc128_decrypt(const uint8_t *in, uint8_t *out, size_t len, } memcpy(ivec, iv, 16); } else { + /* |out| is less than two blocks behind |in|. Decrypting an input block + * directly to |out| would overwrite a ciphertext block before it is used as + * the next block's IV. Decrypt to a temporary block instead. */ if (STRICT_ALIGNMENT && ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(size_t) != 0) { uint8_t c; diff --git a/src/crypto/modes/ctr.c b/src/crypto/modes/ctr.c index 306b6f7..64062b2 100644 --- a/src/crypto/modes/ctr.c +++ b/src/crypto/modes/ctr.c @@ -88,7 +88,8 @@ void CRYPTO_ctr128_encrypt(const uint8_t *in, uint8_t *out, size_t len, block128_f block) { unsigned int n; - assert(in && out && key && ecount_buf && num); + assert(key && ecount_buf && num); + assert(len == 0 || (in && out)); assert(*num < 16); assert((16 % sizeof(size_t)) == 0); diff --git a/src/crypto/modes/gcm_test.c b/src/crypto/modes/gcm_test.c index 3548c81..a8819ea 100644 --- a/src/crypto/modes/gcm_test.c +++ b/src/crypto/modes/gcm_test.c @@ -347,6 +347,9 @@ static int run_test_case(unsigned test_num, const struct test_case *test) { } out = OPENSSL_malloc(plaintext_len); + if (out == NULL) { + goto out; + } if (AES_set_encrypt_key(key, key_len*8, &aes_key)) { fprintf(stderr, "%u: AES_set_encrypt_key failed.\n", test_num); goto out; diff --git a/src/crypto/obj/obj.c b/src/crypto/obj/obj.c index 511aba3..bf16d17 100644 --- a/src/crypto/obj/obj.c +++ b/src/crypto/obj/obj.c @@ -167,18 +167,18 @@ int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b) { return memcmp(a->data, b->data, a->length); } -/* nids_cmp is called to search the kNIDsInOIDOrder array. The |key| argument - * is an |ASN1_OBJECT|* that we're looking for and |element| is a pointer to an +/* obj_cmp is called to search the kNIDsInOIDOrder array. The |key| argument is + * an |ASN1_OBJECT|* that we're looking for and |element| is a pointer to an * unsigned int in the array. */ static int obj_cmp(const void *key, const void *element) { - int j; - unsigned nid = *((unsigned*) element); + unsigned nid = *((const unsigned*) element); const ASN1_OBJECT *a = key; const ASN1_OBJECT *b = &kObjects[nid]; - j = a->length - b->length; - if (j) { - return j; + if (a->length < b->length) { + return -1; + } else if (a->length > b->length) { + return 1; } return memcmp(a->data, b->data, a->length); } diff --git a/src/crypto/obj/obj_dat.h b/src/crypto/obj/obj_dat.h index 2584d87..517dc49 100644 --- a/src/crypto/obj/obj_dat.h +++ b/src/crypto/obj/obj_dat.h @@ -59,11 +59,11 @@ * [including the GNU Public Licence.] */ #define NUM_NID 948 -#define NUM_SN 941 -#define NUM_LN 941 -#define NUM_OBJ 883 +#define NUM_SN 940 +#define NUM_LN 940 +#define NUM_OBJ 882 -static const unsigned char lvalues[6182]={ +static const unsigned char lvalues[6176]={ 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */ @@ -160,787 +160,786 @@ static const unsigned char lvalues[6182]={ 0x2B,0x24,0x03,0x02,0x01, /* [597] OBJ_ripemd160 */ 0x2B,0x24,0x03,0x03,0x01,0x02, /* [602] OBJ_ripemd160WithRSA */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08, /* [608] OBJ_rc5_cbc */ -0x29,0x01,0x01,0x85,0x1A,0x01, /* [616] OBJ_rle_compression */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x08,/* [622] OBJ_zlib_compression */ -0x55,0x1D,0x25, /* [633] OBJ_ext_key_usage */ -0x2B,0x06,0x01,0x05,0x05,0x07, /* [636] OBJ_id_pkix */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03, /* [642] OBJ_id_kp */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x01, /* [649] OBJ_server_auth */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x02, /* [657] OBJ_client_auth */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03, /* [665] OBJ_code_sign */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04, /* [673] OBJ_email_protect */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08, /* [681] OBJ_time_stamp */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x15,/* [689] OBJ_ms_code_ind */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x16,/* [699] OBJ_ms_code_com */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x01,/* [709] OBJ_ms_ctl_sign */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x03,/* [719] OBJ_ms_sgc */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x04,/* [729] OBJ_ms_efs */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x04,0x01,/* [739] OBJ_ns_sgc */ -0x55,0x1D,0x1B, /* [748] OBJ_delta_crl */ -0x55,0x1D,0x15, /* [751] OBJ_crl_reason */ -0x55,0x1D,0x18, /* [754] OBJ_invalidity_date */ -0x2B,0x65,0x01,0x04,0x01, /* [757] OBJ_sxnet */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x01,/* [762] OBJ_pbe_WithSHA1And128BitRC4 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x02,/* [772] OBJ_pbe_WithSHA1And40BitRC4 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x03,/* [782] OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x04,/* [792] OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x05,/* [802] OBJ_pbe_WithSHA1And128BitRC2_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x06,/* [812] OBJ_pbe_WithSHA1And40BitRC2_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x01,/* [822] OBJ_keyBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x02,/* [833] OBJ_pkcs8ShroudedKeyBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x03,/* [844] OBJ_certBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x04,/* [855] OBJ_crlBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x05,/* [866] OBJ_secretBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x06,/* [877] OBJ_safeContentsBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x14,/* [888] OBJ_friendlyName */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x15,/* [897] OBJ_localKeyID */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x01,/* [906] OBJ_x509Certificate */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x02,/* [916] OBJ_sdsiCertificate */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x17,0x01,/* [926] OBJ_x509Crl */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [936] OBJ_pbes2 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [945] OBJ_pbmac1 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07, /* [954] OBJ_hmacWithSHA1 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01, /* [962] OBJ_id_qt_cps */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02, /* [970] OBJ_id_qt_unotice */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0F,/* [978] OBJ_SMIMECapabilities */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [987] OBJ_pbeWithMD2AndRC2_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [996] OBJ_pbeWithMD5AndRC2_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [1005] OBJ_pbeWithSHA1AndDES_CBC */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [1014] OBJ_ms_ext_req */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [1024] OBJ_ext_req */ -0x55,0x04,0x29, /* [1033] OBJ_name */ -0x55,0x04,0x2E, /* [1036] OBJ_dnQualifier */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01, /* [1039] OBJ_id_pe */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30, /* [1046] OBJ_id_ad */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01, /* [1053] OBJ_info_access */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01, /* [1061] OBJ_ad_OCSP */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02, /* [1069] OBJ_ad_ca_issuers */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09, /* [1077] OBJ_OCSP_sign */ -0x2A, /* [1085] OBJ_member_body */ -0x2A,0x86,0x48, /* [1086] OBJ_ISO_US */ -0x2A,0x86,0x48,0xCE,0x38, /* [1089] OBJ_X9_57 */ -0x2A,0x86,0x48,0xCE,0x38,0x04, /* [1094] OBJ_X9cm */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01, /* [1100] OBJ_pkcs1 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05, /* [1108] OBJ_pkcs5 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,/* [1116] OBJ_SMIME */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,/* [1125] OBJ_id_smime_mod */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,/* [1135] OBJ_id_smime_ct */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,/* [1145] OBJ_id_smime_aa */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,/* [1155] OBJ_id_smime_alg */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,/* [1165] OBJ_id_smime_cd */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,/* [1175] OBJ_id_smime_spq */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,/* [1185] OBJ_id_smime_cti */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x01,/* [1195] OBJ_id_smime_mod_cms */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x02,/* [1206] OBJ_id_smime_mod_ess */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x03,/* [1217] OBJ_id_smime_mod_oid */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x04,/* [1228] OBJ_id_smime_mod_msg_v3 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x05,/* [1239] OBJ_id_smime_mod_ets_eSignature_88 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x06,/* [1250] OBJ_id_smime_mod_ets_eSignature_97 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x07,/* [1261] OBJ_id_smime_mod_ets_eSigPolicy_88 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x08,/* [1272] OBJ_id_smime_mod_ets_eSigPolicy_97 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x01,/* [1283] OBJ_id_smime_ct_receipt */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x02,/* [1294] OBJ_id_smime_ct_authData */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x03,/* [1305] OBJ_id_smime_ct_publishCert */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x04,/* [1316] OBJ_id_smime_ct_TSTInfo */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x05,/* [1327] OBJ_id_smime_ct_TDTInfo */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x06,/* [1338] OBJ_id_smime_ct_contentInfo */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x07,/* [1349] OBJ_id_smime_ct_DVCSRequestData */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x08,/* [1360] OBJ_id_smime_ct_DVCSResponseData */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x01,/* [1371] OBJ_id_smime_aa_receiptRequest */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x02,/* [1382] OBJ_id_smime_aa_securityLabel */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x03,/* [1393] OBJ_id_smime_aa_mlExpandHistory */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x04,/* [1404] OBJ_id_smime_aa_contentHint */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x05,/* [1415] OBJ_id_smime_aa_msgSigDigest */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x06,/* [1426] OBJ_id_smime_aa_encapContentType */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x07,/* [1437] OBJ_id_smime_aa_contentIdentifier */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x08,/* [1448] OBJ_id_smime_aa_macValue */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x09,/* [1459] OBJ_id_smime_aa_equivalentLabels */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0A,/* [1470] OBJ_id_smime_aa_contentReference */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0B,/* [1481] OBJ_id_smime_aa_encrypKeyPref */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0C,/* [1492] OBJ_id_smime_aa_signingCertificate */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0D,/* [1503] OBJ_id_smime_aa_smimeEncryptCerts */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0E,/* [1514] OBJ_id_smime_aa_timeStampToken */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0F,/* [1525] OBJ_id_smime_aa_ets_sigPolicyId */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x10,/* [1536] OBJ_id_smime_aa_ets_commitmentType */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x11,/* [1547] OBJ_id_smime_aa_ets_signerLocation */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x12,/* [1558] OBJ_id_smime_aa_ets_signerAttr */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x13,/* [1569] OBJ_id_smime_aa_ets_otherSigCert */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x14,/* [1580] OBJ_id_smime_aa_ets_contentTimestamp */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x15,/* [1591] OBJ_id_smime_aa_ets_CertificateRefs */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x16,/* [1602] OBJ_id_smime_aa_ets_RevocationRefs */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x17,/* [1613] OBJ_id_smime_aa_ets_certValues */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x18,/* [1624] OBJ_id_smime_aa_ets_revocationValues */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x19,/* [1635] OBJ_id_smime_aa_ets_escTimeStamp */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1A,/* [1646] OBJ_id_smime_aa_ets_certCRLTimestamp */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1B,/* [1657] OBJ_id_smime_aa_ets_archiveTimeStamp */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1C,/* [1668] OBJ_id_smime_aa_signatureType */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1D,/* [1679] OBJ_id_smime_aa_dvcs_dvc */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x01,/* [1690] OBJ_id_smime_alg_ESDHwith3DES */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x02,/* [1701] OBJ_id_smime_alg_ESDHwithRC2 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x03,/* [1712] OBJ_id_smime_alg_3DESwrap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x04,/* [1723] OBJ_id_smime_alg_RC2wrap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x05,/* [1734] OBJ_id_smime_alg_ESDH */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x06,/* [1745] OBJ_id_smime_alg_CMS3DESwrap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x07,/* [1756] OBJ_id_smime_alg_CMSRC2wrap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,0x01,/* [1767] OBJ_id_smime_cd_ldap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x01,/* [1778] OBJ_id_smime_spq_ets_sqt_uri */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x02,/* [1789] OBJ_id_smime_spq_ets_sqt_unotice */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x01,/* [1800] OBJ_id_smime_cti_ets_proofOfOrigin */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x02,/* [1811] OBJ_id_smime_cti_ets_proofOfReceipt */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x03,/* [1822] OBJ_id_smime_cti_ets_proofOfDelivery */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x04,/* [1833] OBJ_id_smime_cti_ets_proofOfSender */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x05,/* [1844] OBJ_id_smime_cti_ets_proofOfApproval */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x06,/* [1855] OBJ_id_smime_cti_ets_proofOfCreation */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x04, /* [1866] OBJ_md4 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00, /* [1874] OBJ_id_pkix_mod */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x02, /* [1881] OBJ_id_qt */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04, /* [1888] OBJ_id_it */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05, /* [1895] OBJ_id_pkip */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06, /* [1902] OBJ_id_alg */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07, /* [1909] OBJ_id_cmc */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x08, /* [1916] OBJ_id_on */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09, /* [1923] OBJ_id_pda */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A, /* [1930] OBJ_id_aca */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0B, /* [1937] OBJ_id_qcs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0C, /* [1944] OBJ_id_cct */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x01, /* [1951] OBJ_id_pkix1_explicit_88 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x02, /* [1959] OBJ_id_pkix1_implicit_88 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x03, /* [1967] OBJ_id_pkix1_explicit_93 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x04, /* [1975] OBJ_id_pkix1_implicit_93 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x05, /* [1983] OBJ_id_mod_crmf */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x06, /* [1991] OBJ_id_mod_cmc */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x07, /* [1999] OBJ_id_mod_kea_profile_88 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x08, /* [2007] OBJ_id_mod_kea_profile_93 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x09, /* [2015] OBJ_id_mod_cmp */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0A, /* [2023] OBJ_id_mod_qualified_cert_88 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0B, /* [2031] OBJ_id_mod_qualified_cert_93 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0C, /* [2039] OBJ_id_mod_attribute_cert */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0D, /* [2047] OBJ_id_mod_timestamp_protocol */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0E, /* [2055] OBJ_id_mod_ocsp */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0F, /* [2063] OBJ_id_mod_dvcs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x10, /* [2071] OBJ_id_mod_cmp2000 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x02, /* [2079] OBJ_biometricInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x03, /* [2087] OBJ_qcStatements */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04, /* [2095] OBJ_ac_auditEntity */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05, /* [2103] OBJ_ac_targeting */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06, /* [2111] OBJ_aaControls */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07, /* [2119] OBJ_sbgp_ipAddrBlock */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08, /* [2127] OBJ_sbgp_autonomousSysNum */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09, /* [2135] OBJ_sbgp_routerIdentifier */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03, /* [2143] OBJ_textNotice */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05, /* [2151] OBJ_ipsecEndSystem */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06, /* [2159] OBJ_ipsecTunnel */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x07, /* [2167] OBJ_ipsecUser */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x0A, /* [2175] OBJ_dvcs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x01, /* [2183] OBJ_id_it_caProtEncCert */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x02, /* [2191] OBJ_id_it_signKeyPairTypes */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x03, /* [2199] OBJ_id_it_encKeyPairTypes */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x04, /* [2207] OBJ_id_it_preferredSymmAlg */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x05, /* [2215] OBJ_id_it_caKeyUpdateInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x06, /* [2223] OBJ_id_it_currentCRL */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x07, /* [2231] OBJ_id_it_unsupportedOIDs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x08, /* [2239] OBJ_id_it_subscriptionRequest */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x09, /* [2247] OBJ_id_it_subscriptionResponse */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0A, /* [2255] OBJ_id_it_keyPairParamReq */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0B, /* [2263] OBJ_id_it_keyPairParamRep */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0C, /* [2271] OBJ_id_it_revPassphrase */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0D, /* [2279] OBJ_id_it_implicitConfirm */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0E, /* [2287] OBJ_id_it_confirmWaitTime */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0F, /* [2295] OBJ_id_it_origPKIMessage */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01, /* [2303] OBJ_id_regCtrl */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02, /* [2311] OBJ_id_regInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x01,/* [2319] OBJ_id_regCtrl_regToken */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x02,/* [2328] OBJ_id_regCtrl_authenticator */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x03,/* [2337] OBJ_id_regCtrl_pkiPublicationInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x04,/* [2346] OBJ_id_regCtrl_pkiArchiveOptions */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x05,/* [2355] OBJ_id_regCtrl_oldCertID */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x06,/* [2364] OBJ_id_regCtrl_protocolEncrKey */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x01,/* [2373] OBJ_id_regInfo_utf8Pairs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x02,/* [2382] OBJ_id_regInfo_certReq */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x01, /* [2391] OBJ_id_alg_des40 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x02, /* [2399] OBJ_id_alg_noSignature */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x03, /* [2407] OBJ_id_alg_dh_sig_hmac_sha1 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x04, /* [2415] OBJ_id_alg_dh_pop */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x01, /* [2423] OBJ_id_cmc_statusInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x02, /* [2431] OBJ_id_cmc_identification */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x03, /* [2439] OBJ_id_cmc_identityProof */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x04, /* [2447] OBJ_id_cmc_dataReturn */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x05, /* [2455] OBJ_id_cmc_transactionId */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x06, /* [2463] OBJ_id_cmc_senderNonce */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x07, /* [2471] OBJ_id_cmc_recipientNonce */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x08, /* [2479] OBJ_id_cmc_addExtensions */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x09, /* [2487] OBJ_id_cmc_encryptedPOP */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0A, /* [2495] OBJ_id_cmc_decryptedPOP */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0B, /* [2503] OBJ_id_cmc_lraPOPWitness */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0F, /* [2511] OBJ_id_cmc_getCert */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x10, /* [2519] OBJ_id_cmc_getCRL */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x11, /* [2527] OBJ_id_cmc_revokeRequest */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x12, /* [2535] OBJ_id_cmc_regInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x13, /* [2543] OBJ_id_cmc_responseInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x15, /* [2551] OBJ_id_cmc_queryPending */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x16, /* [2559] OBJ_id_cmc_popLinkRandom */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x17, /* [2567] OBJ_id_cmc_popLinkWitness */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x18, /* [2575] OBJ_id_cmc_confirmCertAcceptance */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x01, /* [2583] OBJ_id_on_personalData */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x01, /* [2591] OBJ_id_pda_dateOfBirth */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x02, /* [2599] OBJ_id_pda_placeOfBirth */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x03, /* [2607] OBJ_id_pda_gender */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x04, /* [2615] OBJ_id_pda_countryOfCitizenship */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x05, /* [2623] OBJ_id_pda_countryOfResidence */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x01, /* [2631] OBJ_id_aca_authenticationInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x02, /* [2639] OBJ_id_aca_accessIdentity */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x03, /* [2647] OBJ_id_aca_chargingIdentity */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x04, /* [2655] OBJ_id_aca_group */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x05, /* [2663] OBJ_id_aca_role */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,0x01, /* [2671] OBJ_id_qcs_pkixQCSyntax_v1 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x01, /* [2679] OBJ_id_cct_crs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x02, /* [2687] OBJ_id_cct_PKIData */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x03, /* [2695] OBJ_id_cct_PKIResponse */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x03, /* [2703] OBJ_ad_timeStamping */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x04, /* [2711] OBJ_ad_dvcs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x01,/* [2719] OBJ_id_pkix_OCSP_basic */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x02,/* [2728] OBJ_id_pkix_OCSP_Nonce */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x03,/* [2737] OBJ_id_pkix_OCSP_CrlID */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x04,/* [2746] OBJ_id_pkix_OCSP_acceptableResponses */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x05,/* [2755] OBJ_id_pkix_OCSP_noCheck */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x06,/* [2764] OBJ_id_pkix_OCSP_archiveCutoff */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x07,/* [2773] OBJ_id_pkix_OCSP_serviceLocator */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x08,/* [2782] OBJ_id_pkix_OCSP_extendedStatus */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x09,/* [2791] OBJ_id_pkix_OCSP_valid */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0A,/* [2800] OBJ_id_pkix_OCSP_path */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0B,/* [2809] OBJ_id_pkix_OCSP_trustRoot */ -0x2B,0x0E,0x03,0x02, /* [2818] OBJ_algorithm */ -0x2B,0x0E,0x03,0x02,0x0B, /* [2822] OBJ_rsaSignature */ -0x55,0x08, /* [2827] OBJ_X500algorithms */ -0x2B, /* [2829] OBJ_org */ -0x2B,0x06, /* [2830] OBJ_dod */ -0x2B,0x06,0x01, /* [2832] OBJ_iana */ -0x2B,0x06,0x01,0x01, /* [2835] OBJ_Directory */ -0x2B,0x06,0x01,0x02, /* [2839] OBJ_Management */ -0x2B,0x06,0x01,0x03, /* [2843] OBJ_Experimental */ -0x2B,0x06,0x01,0x04, /* [2847] OBJ_Private */ -0x2B,0x06,0x01,0x05, /* [2851] OBJ_Security */ -0x2B,0x06,0x01,0x06, /* [2855] OBJ_SNMPv2 */ -0x2B,0x06,0x01,0x07, /* [2859] OBJ_Mail */ -0x2B,0x06,0x01,0x04,0x01, /* [2863] OBJ_Enterprises */ -0x2B,0x06,0x01,0x04,0x01,0x8B,0x3A,0x82,0x58,/* [2868] OBJ_dcObject */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x19,/* [2877] OBJ_domainComponent */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0D,/* [2887] OBJ_Domain */ -0x55,0x01,0x05, /* [2897] OBJ_selected_attribute_types */ -0x55,0x01,0x05,0x37, /* [2900] OBJ_clearance */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x03,/* [2904] OBJ_md4WithRSAEncryption */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0A, /* [2913] OBJ_ac_proxying */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0B, /* [2921] OBJ_sinfo_access */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x06, /* [2929] OBJ_id_aca_encAttrs */ -0x55,0x04,0x48, /* [2937] OBJ_role */ -0x55,0x1D,0x24, /* [2940] OBJ_policy_constraints */ -0x55,0x1D,0x37, /* [2943] OBJ_target_information */ -0x55,0x1D,0x38, /* [2946] OBJ_no_rev_avail */ -0x2A,0x86,0x48,0xCE,0x3D, /* [2949] OBJ_ansi_X9_62 */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x01, /* [2954] OBJ_X9_62_prime_field */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02, /* [2961] OBJ_X9_62_characteristic_two_field */ -0x2A,0x86,0x48,0xCE,0x3D,0x02,0x01, /* [2968] OBJ_X9_62_id_ecPublicKey */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x01, /* [2975] OBJ_X9_62_prime192v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x02, /* [2983] OBJ_X9_62_prime192v2 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x03, /* [2991] OBJ_X9_62_prime192v3 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x04, /* [2999] OBJ_X9_62_prime239v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x05, /* [3007] OBJ_X9_62_prime239v2 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x06, /* [3015] OBJ_X9_62_prime239v3 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07, /* [3023] OBJ_X9_62_prime256v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x01, /* [3031] OBJ_ecdsa_with_SHA1 */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x01,/* [3038] OBJ_ms_csp_name */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x01,/* [3047] OBJ_aes_128_ecb */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x02,/* [3056] OBJ_aes_128_cbc */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x03,/* [3065] OBJ_aes_128_ofb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x04,/* [3074] OBJ_aes_128_cfb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x15,/* [3083] OBJ_aes_192_ecb */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x16,/* [3092] OBJ_aes_192_cbc */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x17,/* [3101] OBJ_aes_192_ofb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x18,/* [3110] OBJ_aes_192_cfb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x29,/* [3119] OBJ_aes_256_ecb */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2A,/* [3128] OBJ_aes_256_cbc */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2B,/* [3137] OBJ_aes_256_ofb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2C,/* [3146] OBJ_aes_256_cfb128 */ -0x55,0x1D,0x17, /* [3155] OBJ_hold_instruction_code */ -0x2A,0x86,0x48,0xCE,0x38,0x02,0x01, /* [3158] OBJ_hold_instruction_none */ -0x2A,0x86,0x48,0xCE,0x38,0x02,0x02, /* [3165] OBJ_hold_instruction_call_issuer */ -0x2A,0x86,0x48,0xCE,0x38,0x02,0x03, /* [3172] OBJ_hold_instruction_reject */ -0x09, /* [3179] OBJ_data */ -0x09,0x92,0x26, /* [3180] OBJ_pss */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C, /* [3183] OBJ_ucl */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64, /* [3190] OBJ_pilot */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,/* [3198] OBJ_pilotAttributeType */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,/* [3207] OBJ_pilotAttributeSyntax */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,/* [3216] OBJ_pilotObjectClass */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x0A,/* [3225] OBJ_pilotGroups */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x04,/* [3234] OBJ_iA5StringSyntax */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x05,/* [3244] OBJ_caseIgnoreIA5StringSyntax */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x03,/* [3254] OBJ_pilotObject */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x04,/* [3264] OBJ_pilotPerson */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x05,/* [3274] OBJ_account */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x06,/* [3284] OBJ_document */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x07,/* [3294] OBJ_room */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x09,/* [3304] OBJ_documentSeries */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0E,/* [3314] OBJ_rFC822localPart */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0F,/* [3324] OBJ_dNSDomain */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x11,/* [3334] OBJ_domainRelatedObject */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x12,/* [3344] OBJ_friendlyCountry */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x13,/* [3354] OBJ_simpleSecurityObject */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x14,/* [3364] OBJ_pilotOrganization */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x15,/* [3374] OBJ_pilotDSA */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x16,/* [3384] OBJ_qualityLabelledData */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x01,/* [3394] OBJ_userId */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x02,/* [3404] OBJ_textEncodedORAddress */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x03,/* [3414] OBJ_rfc822Mailbox */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x04,/* [3424] OBJ_info */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x05,/* [3434] OBJ_favouriteDrink */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x06,/* [3444] OBJ_roomNumber */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x07,/* [3454] OBJ_photo */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x08,/* [3464] OBJ_userClass */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x09,/* [3474] OBJ_host */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0A,/* [3484] OBJ_manager */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0B,/* [3494] OBJ_documentIdentifier */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0C,/* [3504] OBJ_documentTitle */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0D,/* [3514] OBJ_documentVersion */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0E,/* [3524] OBJ_documentAuthor */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0F,/* [3534] OBJ_documentLocation */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x14,/* [3544] OBJ_homeTelephoneNumber */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x15,/* [3554] OBJ_secretary */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x16,/* [3564] OBJ_otherMailbox */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x17,/* [3574] OBJ_lastModifiedTime */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x18,/* [3584] OBJ_lastModifiedBy */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1A,/* [3594] OBJ_aRecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1B,/* [3604] OBJ_pilotAttributeType27 */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1C,/* [3614] OBJ_mXRecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1D,/* [3624] OBJ_nSRecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1E,/* [3634] OBJ_sOARecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1F,/* [3644] OBJ_cNAMERecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x25,/* [3654] OBJ_associatedDomain */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x26,/* [3664] OBJ_associatedName */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x27,/* [3674] OBJ_homePostalAddress */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x28,/* [3684] OBJ_personalTitle */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x29,/* [3694] OBJ_mobileTelephoneNumber */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2A,/* [3704] OBJ_pagerTelephoneNumber */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2B,/* [3714] OBJ_friendlyCountryName */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2D,/* [3724] OBJ_organizationalStatus */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2E,/* [3734] OBJ_janetMailbox */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2F,/* [3744] OBJ_mailPreferenceOption */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x30,/* [3754] OBJ_buildingName */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x31,/* [3764] OBJ_dSAQuality */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x32,/* [3774] OBJ_singleLevelQuality */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x33,/* [3784] OBJ_subtreeMinimumQuality */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x34,/* [3794] OBJ_subtreeMaximumQuality */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x35,/* [3804] OBJ_personalSignature */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x36,/* [3814] OBJ_dITRedirect */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x37,/* [3824] OBJ_audio */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x38,/* [3834] OBJ_documentPublisher */ -0x55,0x04,0x2D, /* [3844] OBJ_x500UniqueIdentifier */ -0x2B,0x06,0x01,0x07,0x01, /* [3847] OBJ_mime_mhs */ -0x2B,0x06,0x01,0x07,0x01,0x01, /* [3852] OBJ_mime_mhs_headings */ -0x2B,0x06,0x01,0x07,0x01,0x02, /* [3858] OBJ_mime_mhs_bodies */ -0x2B,0x06,0x01,0x07,0x01,0x01,0x01, /* [3864] OBJ_id_hex_partial_message */ -0x2B,0x06,0x01,0x07,0x01,0x01,0x02, /* [3871] OBJ_id_hex_multipart_message */ -0x55,0x04,0x2C, /* [3878] OBJ_generationQualifier */ -0x55,0x04,0x41, /* [3881] OBJ_pseudonym */ -0x67,0x2A, /* [3884] OBJ_id_set */ -0x67,0x2A,0x00, /* [3886] OBJ_set_ctype */ -0x67,0x2A,0x01, /* [3889] OBJ_set_msgExt */ -0x67,0x2A,0x03, /* [3892] OBJ_set_attr */ -0x67,0x2A,0x05, /* [3895] OBJ_set_policy */ -0x67,0x2A,0x07, /* [3898] OBJ_set_certExt */ -0x67,0x2A,0x08, /* [3901] OBJ_set_brand */ -0x67,0x2A,0x00,0x00, /* [3904] OBJ_setct_PANData */ -0x67,0x2A,0x00,0x01, /* [3908] OBJ_setct_PANToken */ -0x67,0x2A,0x00,0x02, /* [3912] OBJ_setct_PANOnly */ -0x67,0x2A,0x00,0x03, /* [3916] OBJ_setct_OIData */ -0x67,0x2A,0x00,0x04, /* [3920] OBJ_setct_PI */ -0x67,0x2A,0x00,0x05, /* [3924] OBJ_setct_PIData */ -0x67,0x2A,0x00,0x06, /* [3928] OBJ_setct_PIDataUnsigned */ -0x67,0x2A,0x00,0x07, /* [3932] OBJ_setct_HODInput */ -0x67,0x2A,0x00,0x08, /* [3936] OBJ_setct_AuthResBaggage */ -0x67,0x2A,0x00,0x09, /* [3940] OBJ_setct_AuthRevReqBaggage */ -0x67,0x2A,0x00,0x0A, /* [3944] OBJ_setct_AuthRevResBaggage */ -0x67,0x2A,0x00,0x0B, /* [3948] OBJ_setct_CapTokenSeq */ -0x67,0x2A,0x00,0x0C, /* [3952] OBJ_setct_PInitResData */ -0x67,0x2A,0x00,0x0D, /* [3956] OBJ_setct_PI_TBS */ -0x67,0x2A,0x00,0x0E, /* [3960] OBJ_setct_PResData */ -0x67,0x2A,0x00,0x10, /* [3964] OBJ_setct_AuthReqTBS */ -0x67,0x2A,0x00,0x11, /* [3968] OBJ_setct_AuthResTBS */ -0x67,0x2A,0x00,0x12, /* [3972] OBJ_setct_AuthResTBSX */ -0x67,0x2A,0x00,0x13, /* [3976] OBJ_setct_AuthTokenTBS */ -0x67,0x2A,0x00,0x14, /* [3980] OBJ_setct_CapTokenData */ -0x67,0x2A,0x00,0x15, /* [3984] OBJ_setct_CapTokenTBS */ -0x67,0x2A,0x00,0x16, /* [3988] OBJ_setct_AcqCardCodeMsg */ -0x67,0x2A,0x00,0x17, /* [3992] OBJ_setct_AuthRevReqTBS */ -0x67,0x2A,0x00,0x18, /* [3996] OBJ_setct_AuthRevResData */ -0x67,0x2A,0x00,0x19, /* [4000] OBJ_setct_AuthRevResTBS */ -0x67,0x2A,0x00,0x1A, /* [4004] OBJ_setct_CapReqTBS */ -0x67,0x2A,0x00,0x1B, /* [4008] OBJ_setct_CapReqTBSX */ -0x67,0x2A,0x00,0x1C, /* [4012] OBJ_setct_CapResData */ -0x67,0x2A,0x00,0x1D, /* [4016] OBJ_setct_CapRevReqTBS */ -0x67,0x2A,0x00,0x1E, /* [4020] OBJ_setct_CapRevReqTBSX */ -0x67,0x2A,0x00,0x1F, /* [4024] OBJ_setct_CapRevResData */ -0x67,0x2A,0x00,0x20, /* [4028] OBJ_setct_CredReqTBS */ -0x67,0x2A,0x00,0x21, /* [4032] OBJ_setct_CredReqTBSX */ -0x67,0x2A,0x00,0x22, /* [4036] OBJ_setct_CredResData */ -0x67,0x2A,0x00,0x23, /* [4040] OBJ_setct_CredRevReqTBS */ -0x67,0x2A,0x00,0x24, /* [4044] OBJ_setct_CredRevReqTBSX */ -0x67,0x2A,0x00,0x25, /* [4048] OBJ_setct_CredRevResData */ -0x67,0x2A,0x00,0x26, /* [4052] OBJ_setct_PCertReqData */ -0x67,0x2A,0x00,0x27, /* [4056] OBJ_setct_PCertResTBS */ -0x67,0x2A,0x00,0x28, /* [4060] OBJ_setct_BatchAdminReqData */ -0x67,0x2A,0x00,0x29, /* [4064] OBJ_setct_BatchAdminResData */ -0x67,0x2A,0x00,0x2A, /* [4068] OBJ_setct_CardCInitResTBS */ -0x67,0x2A,0x00,0x2B, /* [4072] OBJ_setct_MeAqCInitResTBS */ -0x67,0x2A,0x00,0x2C, /* [4076] OBJ_setct_RegFormResTBS */ -0x67,0x2A,0x00,0x2D, /* [4080] OBJ_setct_CertReqData */ -0x67,0x2A,0x00,0x2E, /* [4084] OBJ_setct_CertReqTBS */ -0x67,0x2A,0x00,0x2F, /* [4088] OBJ_setct_CertResData */ -0x67,0x2A,0x00,0x30, /* [4092] OBJ_setct_CertInqReqTBS */ -0x67,0x2A,0x00,0x31, /* [4096] OBJ_setct_ErrorTBS */ -0x67,0x2A,0x00,0x32, /* [4100] OBJ_setct_PIDualSignedTBE */ -0x67,0x2A,0x00,0x33, /* [4104] OBJ_setct_PIUnsignedTBE */ -0x67,0x2A,0x00,0x34, /* [4108] OBJ_setct_AuthReqTBE */ -0x67,0x2A,0x00,0x35, /* [4112] OBJ_setct_AuthResTBE */ -0x67,0x2A,0x00,0x36, /* [4116] OBJ_setct_AuthResTBEX */ -0x67,0x2A,0x00,0x37, /* [4120] OBJ_setct_AuthTokenTBE */ -0x67,0x2A,0x00,0x38, /* [4124] OBJ_setct_CapTokenTBE */ -0x67,0x2A,0x00,0x39, /* [4128] OBJ_setct_CapTokenTBEX */ -0x67,0x2A,0x00,0x3A, /* [4132] OBJ_setct_AcqCardCodeMsgTBE */ -0x67,0x2A,0x00,0x3B, /* [4136] OBJ_setct_AuthRevReqTBE */ -0x67,0x2A,0x00,0x3C, /* [4140] OBJ_setct_AuthRevResTBE */ -0x67,0x2A,0x00,0x3D, /* [4144] OBJ_setct_AuthRevResTBEB */ -0x67,0x2A,0x00,0x3E, /* [4148] OBJ_setct_CapReqTBE */ -0x67,0x2A,0x00,0x3F, /* [4152] OBJ_setct_CapReqTBEX */ -0x67,0x2A,0x00,0x40, /* [4156] OBJ_setct_CapResTBE */ -0x67,0x2A,0x00,0x41, /* [4160] OBJ_setct_CapRevReqTBE */ -0x67,0x2A,0x00,0x42, /* [4164] OBJ_setct_CapRevReqTBEX */ -0x67,0x2A,0x00,0x43, /* [4168] OBJ_setct_CapRevResTBE */ -0x67,0x2A,0x00,0x44, /* [4172] OBJ_setct_CredReqTBE */ -0x67,0x2A,0x00,0x45, /* [4176] OBJ_setct_CredReqTBEX */ -0x67,0x2A,0x00,0x46, /* [4180] OBJ_setct_CredResTBE */ -0x67,0x2A,0x00,0x47, /* [4184] OBJ_setct_CredRevReqTBE */ -0x67,0x2A,0x00,0x48, /* [4188] OBJ_setct_CredRevReqTBEX */ -0x67,0x2A,0x00,0x49, /* [4192] OBJ_setct_CredRevResTBE */ -0x67,0x2A,0x00,0x4A, /* [4196] OBJ_setct_BatchAdminReqTBE */ -0x67,0x2A,0x00,0x4B, /* [4200] OBJ_setct_BatchAdminResTBE */ -0x67,0x2A,0x00,0x4C, /* [4204] OBJ_setct_RegFormReqTBE */ -0x67,0x2A,0x00,0x4D, /* [4208] OBJ_setct_CertReqTBE */ -0x67,0x2A,0x00,0x4E, /* [4212] OBJ_setct_CertReqTBEX */ -0x67,0x2A,0x00,0x4F, /* [4216] OBJ_setct_CertResTBE */ -0x67,0x2A,0x00,0x50, /* [4220] OBJ_setct_CRLNotificationTBS */ -0x67,0x2A,0x00,0x51, /* [4224] OBJ_setct_CRLNotificationResTBS */ -0x67,0x2A,0x00,0x52, /* [4228] OBJ_setct_BCIDistributionTBS */ -0x67,0x2A,0x01,0x01, /* [4232] OBJ_setext_genCrypt */ -0x67,0x2A,0x01,0x03, /* [4236] OBJ_setext_miAuth */ -0x67,0x2A,0x01,0x04, /* [4240] OBJ_setext_pinSecure */ -0x67,0x2A,0x01,0x05, /* [4244] OBJ_setext_pinAny */ -0x67,0x2A,0x01,0x07, /* [4248] OBJ_setext_track2 */ -0x67,0x2A,0x01,0x08, /* [4252] OBJ_setext_cv */ -0x67,0x2A,0x05,0x00, /* [4256] OBJ_set_policy_root */ -0x67,0x2A,0x07,0x00, /* [4260] OBJ_setCext_hashedRoot */ -0x67,0x2A,0x07,0x01, /* [4264] OBJ_setCext_certType */ -0x67,0x2A,0x07,0x02, /* [4268] OBJ_setCext_merchData */ -0x67,0x2A,0x07,0x03, /* [4272] OBJ_setCext_cCertRequired */ -0x67,0x2A,0x07,0x04, /* [4276] OBJ_setCext_tunneling */ -0x67,0x2A,0x07,0x05, /* [4280] OBJ_setCext_setExt */ -0x67,0x2A,0x07,0x06, /* [4284] OBJ_setCext_setQualf */ -0x67,0x2A,0x07,0x07, /* [4288] OBJ_setCext_PGWYcapabilities */ -0x67,0x2A,0x07,0x08, /* [4292] OBJ_setCext_TokenIdentifier */ -0x67,0x2A,0x07,0x09, /* [4296] OBJ_setCext_Track2Data */ -0x67,0x2A,0x07,0x0A, /* [4300] OBJ_setCext_TokenType */ -0x67,0x2A,0x07,0x0B, /* [4304] OBJ_setCext_IssuerCapabilities */ -0x67,0x2A,0x03,0x00, /* [4308] OBJ_setAttr_Cert */ -0x67,0x2A,0x03,0x01, /* [4312] OBJ_setAttr_PGWYcap */ -0x67,0x2A,0x03,0x02, /* [4316] OBJ_setAttr_TokenType */ -0x67,0x2A,0x03,0x03, /* [4320] OBJ_setAttr_IssCap */ -0x67,0x2A,0x03,0x00,0x00, /* [4324] OBJ_set_rootKeyThumb */ -0x67,0x2A,0x03,0x00,0x01, /* [4329] OBJ_set_addPolicy */ -0x67,0x2A,0x03,0x02,0x01, /* [4334] OBJ_setAttr_Token_EMV */ -0x67,0x2A,0x03,0x02,0x02, /* [4339] OBJ_setAttr_Token_B0Prime */ -0x67,0x2A,0x03,0x03,0x03, /* [4344] OBJ_setAttr_IssCap_CVM */ -0x67,0x2A,0x03,0x03,0x04, /* [4349] OBJ_setAttr_IssCap_T2 */ -0x67,0x2A,0x03,0x03,0x05, /* [4354] OBJ_setAttr_IssCap_Sig */ -0x67,0x2A,0x03,0x03,0x03,0x01, /* [4359] OBJ_setAttr_GenCryptgrm */ -0x67,0x2A,0x03,0x03,0x04,0x01, /* [4365] OBJ_setAttr_T2Enc */ -0x67,0x2A,0x03,0x03,0x04,0x02, /* [4371] OBJ_setAttr_T2cleartxt */ -0x67,0x2A,0x03,0x03,0x05,0x01, /* [4377] OBJ_setAttr_TokICCsig */ -0x67,0x2A,0x03,0x03,0x05,0x02, /* [4383] OBJ_setAttr_SecDevSig */ -0x67,0x2A,0x08,0x01, /* [4389] OBJ_set_brand_IATA_ATA */ -0x67,0x2A,0x08,0x1E, /* [4393] OBJ_set_brand_Diners */ -0x67,0x2A,0x08,0x22, /* [4397] OBJ_set_brand_AmericanExpress */ -0x67,0x2A,0x08,0x23, /* [4401] OBJ_set_brand_JCB */ -0x67,0x2A,0x08,0x04, /* [4405] OBJ_set_brand_Visa */ -0x67,0x2A,0x08,0x05, /* [4409] OBJ_set_brand_MasterCard */ -0x67,0x2A,0x08,0xAE,0x7B, /* [4413] OBJ_set_brand_Novus */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x0A, /* [4418] OBJ_des_cdmf */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4426] OBJ_rsaOAEPEncryptionSET */ -0x67, /* [4435] OBJ_international_organizations */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4436] OBJ_ms_smartcard_login */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4446] OBJ_ms_upn */ -0x55,0x04,0x09, /* [4456] OBJ_streetAddress */ -0x55,0x04,0x11, /* [4459] OBJ_postalCode */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x15, /* [4462] OBJ_id_ppl */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E, /* [4469] OBJ_proxyCertInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00, /* [4477] OBJ_id_ppl_anyLanguage */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01, /* [4485] OBJ_id_ppl_inheritAll */ -0x55,0x1D,0x1E, /* [4493] OBJ_name_constraints */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02, /* [4496] OBJ_Independent */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4504] OBJ_sha256WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4513] OBJ_sha384WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4522] OBJ_sha512WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4531] OBJ_sha224WithRSAEncryption */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4540] OBJ_sha256 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4549] OBJ_sha384 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4558] OBJ_sha512 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4567] OBJ_sha224 */ -0x2B, /* [4576] OBJ_identified_organization */ -0x2B,0x81,0x04, /* [4577] OBJ_certicom_arc */ -0x67,0x2B, /* [4580] OBJ_wap */ -0x67,0x2B,0x01, /* [4582] OBJ_wap_wsg */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03, /* [4585] OBJ_X9_62_id_characteristic_two_basis */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x01,/* [4593] OBJ_X9_62_onBasis */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x02,/* [4602] OBJ_X9_62_tpBasis */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x03,/* [4611] OBJ_X9_62_ppBasis */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x01, /* [4620] OBJ_X9_62_c2pnb163v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x02, /* [4628] OBJ_X9_62_c2pnb163v2 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x03, /* [4636] OBJ_X9_62_c2pnb163v3 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x04, /* [4644] OBJ_X9_62_c2pnb176v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x05, /* [4652] OBJ_X9_62_c2tnb191v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x06, /* [4660] OBJ_X9_62_c2tnb191v2 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x07, /* [4668] OBJ_X9_62_c2tnb191v3 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x08, /* [4676] OBJ_X9_62_c2onb191v4 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x09, /* [4684] OBJ_X9_62_c2onb191v5 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0A, /* [4692] OBJ_X9_62_c2pnb208w1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0B, /* [4700] OBJ_X9_62_c2tnb239v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0C, /* [4708] OBJ_X9_62_c2tnb239v2 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0D, /* [4716] OBJ_X9_62_c2tnb239v3 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0E, /* [4724] OBJ_X9_62_c2onb239v4 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0F, /* [4732] OBJ_X9_62_c2onb239v5 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x10, /* [4740] OBJ_X9_62_c2pnb272w1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x11, /* [4748] OBJ_X9_62_c2pnb304w1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x12, /* [4756] OBJ_X9_62_c2tnb359v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x13, /* [4764] OBJ_X9_62_c2pnb368w1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x14, /* [4772] OBJ_X9_62_c2tnb431r1 */ -0x2B,0x81,0x04,0x00,0x06, /* [4780] OBJ_secp112r1 */ -0x2B,0x81,0x04,0x00,0x07, /* [4785] OBJ_secp112r2 */ -0x2B,0x81,0x04,0x00,0x1C, /* [4790] OBJ_secp128r1 */ -0x2B,0x81,0x04,0x00,0x1D, /* [4795] OBJ_secp128r2 */ -0x2B,0x81,0x04,0x00,0x09, /* [4800] OBJ_secp160k1 */ -0x2B,0x81,0x04,0x00,0x08, /* [4805] OBJ_secp160r1 */ -0x2B,0x81,0x04,0x00,0x1E, /* [4810] OBJ_secp160r2 */ -0x2B,0x81,0x04,0x00,0x1F, /* [4815] OBJ_secp192k1 */ -0x2B,0x81,0x04,0x00,0x20, /* [4820] OBJ_secp224k1 */ -0x2B,0x81,0x04,0x00,0x21, /* [4825] OBJ_secp224r1 */ -0x2B,0x81,0x04,0x00,0x0A, /* [4830] OBJ_secp256k1 */ -0x2B,0x81,0x04,0x00,0x22, /* [4835] OBJ_secp384r1 */ -0x2B,0x81,0x04,0x00,0x23, /* [4840] OBJ_secp521r1 */ -0x2B,0x81,0x04,0x00,0x04, /* [4845] OBJ_sect113r1 */ -0x2B,0x81,0x04,0x00,0x05, /* [4850] OBJ_sect113r2 */ -0x2B,0x81,0x04,0x00,0x16, /* [4855] OBJ_sect131r1 */ -0x2B,0x81,0x04,0x00,0x17, /* [4860] OBJ_sect131r2 */ -0x2B,0x81,0x04,0x00,0x01, /* [4865] OBJ_sect163k1 */ -0x2B,0x81,0x04,0x00,0x02, /* [4870] OBJ_sect163r1 */ -0x2B,0x81,0x04,0x00,0x0F, /* [4875] OBJ_sect163r2 */ -0x2B,0x81,0x04,0x00,0x18, /* [4880] OBJ_sect193r1 */ -0x2B,0x81,0x04,0x00,0x19, /* [4885] OBJ_sect193r2 */ -0x2B,0x81,0x04,0x00,0x1A, /* [4890] OBJ_sect233k1 */ -0x2B,0x81,0x04,0x00,0x1B, /* [4895] OBJ_sect233r1 */ -0x2B,0x81,0x04,0x00,0x03, /* [4900] OBJ_sect239k1 */ -0x2B,0x81,0x04,0x00,0x10, /* [4905] OBJ_sect283k1 */ -0x2B,0x81,0x04,0x00,0x11, /* [4910] OBJ_sect283r1 */ -0x2B,0x81,0x04,0x00,0x24, /* [4915] OBJ_sect409k1 */ -0x2B,0x81,0x04,0x00,0x25, /* [4920] OBJ_sect409r1 */ -0x2B,0x81,0x04,0x00,0x26, /* [4925] OBJ_sect571k1 */ -0x2B,0x81,0x04,0x00,0x27, /* [4930] OBJ_sect571r1 */ -0x67,0x2B,0x01,0x04,0x01, /* [4935] OBJ_wap_wsg_idm_ecid_wtls1 */ -0x67,0x2B,0x01,0x04,0x03, /* [4940] OBJ_wap_wsg_idm_ecid_wtls3 */ -0x67,0x2B,0x01,0x04,0x04, /* [4945] OBJ_wap_wsg_idm_ecid_wtls4 */ -0x67,0x2B,0x01,0x04,0x05, /* [4950] OBJ_wap_wsg_idm_ecid_wtls5 */ -0x67,0x2B,0x01,0x04,0x06, /* [4955] OBJ_wap_wsg_idm_ecid_wtls6 */ -0x67,0x2B,0x01,0x04,0x07, /* [4960] OBJ_wap_wsg_idm_ecid_wtls7 */ -0x67,0x2B,0x01,0x04,0x08, /* [4965] OBJ_wap_wsg_idm_ecid_wtls8 */ -0x67,0x2B,0x01,0x04,0x09, /* [4970] OBJ_wap_wsg_idm_ecid_wtls9 */ -0x67,0x2B,0x01,0x04,0x0A, /* [4975] OBJ_wap_wsg_idm_ecid_wtls10 */ -0x67,0x2B,0x01,0x04,0x0B, /* [4980] OBJ_wap_wsg_idm_ecid_wtls11 */ -0x67,0x2B,0x01,0x04,0x0C, /* [4985] OBJ_wap_wsg_idm_ecid_wtls12 */ -0x55,0x1D,0x20,0x00, /* [4990] OBJ_any_policy */ -0x55,0x1D,0x21, /* [4994] OBJ_policy_mappings */ -0x55,0x1D,0x36, /* [4997] OBJ_inhibit_any_policy */ -0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x02,/* [5000] OBJ_camellia_128_cbc */ -0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x03,/* [5011] OBJ_camellia_192_cbc */ -0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x04,/* [5022] OBJ_camellia_256_cbc */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x01, /* [5033] OBJ_camellia_128_ecb */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x15, /* [5041] OBJ_camellia_192_ecb */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x29, /* [5049] OBJ_camellia_256_ecb */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x04, /* [5057] OBJ_camellia_128_cfb128 */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x18, /* [5065] OBJ_camellia_192_cfb128 */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2C, /* [5073] OBJ_camellia_256_cfb128 */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x03, /* [5081] OBJ_camellia_128_ofb128 */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x17, /* [5089] OBJ_camellia_192_ofb128 */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2B, /* [5097] OBJ_camellia_256_ofb128 */ -0x55,0x1D,0x09, /* [5105] OBJ_subject_directory_attributes */ -0x55,0x1D,0x1C, /* [5108] OBJ_issuing_distribution_point */ -0x55,0x1D,0x1D, /* [5111] OBJ_certificate_issuer */ -0x2A,0x83,0x1A,0x8C,0x9A,0x44, /* [5114] OBJ_kisa */ -0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x03, /* [5120] OBJ_seed_ecb */ -0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x04, /* [5128] OBJ_seed_cbc */ -0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x06, /* [5136] OBJ_seed_ofb128 */ -0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x05, /* [5144] OBJ_seed_cfb128 */ -0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x01, /* [5152] OBJ_hmac_md5 */ -0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x02, /* [5160] OBJ_hmac_sha1 */ -0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0D,/* [5168] OBJ_id_PasswordBasedMAC */ -0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x1E,/* [5177] OBJ_id_DHBasedMac */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x10, /* [5186] OBJ_id_it_suppLangTags */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x05, /* [5194] OBJ_caRepository */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x09,/* [5202] OBJ_id_smime_ct_compressedData */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x1B,/* [5213] OBJ_id_ct_asciiTextWithCRLF */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x05,/* [5224] OBJ_id_aes128_wrap */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x19,/* [5233] OBJ_id_aes192_wrap */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2D,/* [5242] OBJ_id_aes256_wrap */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x02, /* [5251] OBJ_ecdsa_with_Recommended */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03, /* [5258] OBJ_ecdsa_with_Specified */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x01, /* [5265] OBJ_ecdsa_with_SHA224 */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x02, /* [5273] OBJ_ecdsa_with_SHA256 */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x03, /* [5281] OBJ_ecdsa_with_SHA384 */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x04, /* [5289] OBJ_ecdsa_with_SHA512 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x06, /* [5297] OBJ_hmacWithMD5 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x08, /* [5305] OBJ_hmacWithSHA224 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x09, /* [5313] OBJ_hmacWithSHA256 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0A, /* [5321] OBJ_hmacWithSHA384 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0B, /* [5329] OBJ_hmacWithSHA512 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x01,/* [5337] OBJ_dsa_with_SHA224 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x02,/* [5346] OBJ_dsa_with_SHA256 */ -0x28,0xCF,0x06,0x03,0x00,0x37, /* [5355] OBJ_whirlpool */ -0x2A,0x85,0x03,0x02,0x02, /* [5361] OBJ_cryptopro */ -0x2A,0x85,0x03,0x02,0x09, /* [5366] OBJ_cryptocom */ -0x2A,0x85,0x03,0x02,0x02,0x03, /* [5371] OBJ_id_GostR3411_94_with_GostR3410_2001 */ -0x2A,0x85,0x03,0x02,0x02,0x04, /* [5377] OBJ_id_GostR3411_94_with_GostR3410_94 */ -0x2A,0x85,0x03,0x02,0x02,0x09, /* [5383] OBJ_id_GostR3411_94 */ -0x2A,0x85,0x03,0x02,0x02,0x0A, /* [5389] OBJ_id_HMACGostR3411_94 */ -0x2A,0x85,0x03,0x02,0x02,0x13, /* [5395] OBJ_id_GostR3410_2001 */ -0x2A,0x85,0x03,0x02,0x02,0x14, /* [5401] OBJ_id_GostR3410_94 */ -0x2A,0x85,0x03,0x02,0x02,0x15, /* [5407] OBJ_id_Gost28147_89 */ -0x2A,0x85,0x03,0x02,0x02,0x16, /* [5413] OBJ_id_Gost28147_89_MAC */ -0x2A,0x85,0x03,0x02,0x02,0x17, /* [5419] OBJ_id_GostR3411_94_prf */ -0x2A,0x85,0x03,0x02,0x02,0x62, /* [5425] OBJ_id_GostR3410_2001DH */ -0x2A,0x85,0x03,0x02,0x02,0x63, /* [5431] OBJ_id_GostR3410_94DH */ -0x2A,0x85,0x03,0x02,0x02,0x0E,0x01, /* [5437] OBJ_id_Gost28147_89_CryptoPro_KeyMeshing */ -0x2A,0x85,0x03,0x02,0x02,0x0E,0x00, /* [5444] OBJ_id_Gost28147_89_None_KeyMeshing */ -0x2A,0x85,0x03,0x02,0x02,0x1E,0x00, /* [5451] OBJ_id_GostR3411_94_TestParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1E,0x01, /* [5458] OBJ_id_GostR3411_94_CryptoProParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x00, /* [5465] OBJ_id_Gost28147_89_TestParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x01, /* [5472] OBJ_id_Gost28147_89_CryptoPro_A_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x02, /* [5479] OBJ_id_Gost28147_89_CryptoPro_B_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x03, /* [5486] OBJ_id_Gost28147_89_CryptoPro_C_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x04, /* [5493] OBJ_id_Gost28147_89_CryptoPro_D_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x05, /* [5500] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x06, /* [5507] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x07, /* [5514] OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x20,0x00, /* [5521] OBJ_id_GostR3410_94_TestParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x20,0x02, /* [5528] OBJ_id_GostR3410_94_CryptoPro_A_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x20,0x03, /* [5535] OBJ_id_GostR3410_94_CryptoPro_B_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x20,0x04, /* [5542] OBJ_id_GostR3410_94_CryptoPro_C_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x20,0x05, /* [5549] OBJ_id_GostR3410_94_CryptoPro_D_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x21,0x01, /* [5556] OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x21,0x02, /* [5563] OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x21,0x03, /* [5570] OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x23,0x00, /* [5577] OBJ_id_GostR3410_2001_TestParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x23,0x01, /* [5584] OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x23,0x02, /* [5591] OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x23,0x03, /* [5598] OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x24,0x00, /* [5605] OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x24,0x01, /* [5612] OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x14,0x01, /* [5619] OBJ_id_GostR3410_94_a */ -0x2A,0x85,0x03,0x02,0x02,0x14,0x02, /* [5626] OBJ_id_GostR3410_94_aBis */ -0x2A,0x85,0x03,0x02,0x02,0x14,0x03, /* [5633] OBJ_id_GostR3410_94_b */ -0x2A,0x85,0x03,0x02,0x02,0x14,0x04, /* [5640] OBJ_id_GostR3410_94_bBis */ -0x2A,0x85,0x03,0x02,0x09,0x01,0x06,0x01, /* [5647] OBJ_id_Gost28147_89_cc */ -0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x03, /* [5655] OBJ_id_GostR3410_94_cc */ -0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x04, /* [5663] OBJ_id_GostR3410_2001_cc */ -0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x03, /* [5671] OBJ_id_GostR3411_94_with_GostR3410_94_cc */ -0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x04, /* [5679] OBJ_id_GostR3411_94_with_GostR3410_2001_cc */ -0x2A,0x85,0x03,0x02,0x09,0x01,0x08,0x01, /* [5687] OBJ_id_GostR3410_2001_ParamSet_cc */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x02,/* [5695] OBJ_LocalKeySet */ -0x55,0x1D,0x2E, /* [5704] OBJ_freshest_crl */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x03, /* [5707] OBJ_id_on_permanentIdentifier */ -0x55,0x04,0x0E, /* [5715] OBJ_searchGuide */ -0x55,0x04,0x0F, /* [5718] OBJ_businessCategory */ -0x55,0x04,0x10, /* [5721] OBJ_postalAddress */ -0x55,0x04,0x12, /* [5724] OBJ_postOfficeBox */ -0x55,0x04,0x13, /* [5727] OBJ_physicalDeliveryOfficeName */ -0x55,0x04,0x14, /* [5730] OBJ_telephoneNumber */ -0x55,0x04,0x15, /* [5733] OBJ_telexNumber */ -0x55,0x04,0x16, /* [5736] OBJ_teletexTerminalIdentifier */ -0x55,0x04,0x17, /* [5739] OBJ_facsimileTelephoneNumber */ -0x55,0x04,0x18, /* [5742] OBJ_x121Address */ -0x55,0x04,0x19, /* [5745] OBJ_internationaliSDNNumber */ -0x55,0x04,0x1A, /* [5748] OBJ_registeredAddress */ -0x55,0x04,0x1B, /* [5751] OBJ_destinationIndicator */ -0x55,0x04,0x1C, /* [5754] OBJ_preferredDeliveryMethod */ -0x55,0x04,0x1D, /* [5757] OBJ_presentationAddress */ -0x55,0x04,0x1E, /* [5760] OBJ_supportedApplicationContext */ -0x55,0x04,0x1F, /* [5763] OBJ_member */ -0x55,0x04,0x20, /* [5766] OBJ_owner */ -0x55,0x04,0x21, /* [5769] OBJ_roleOccupant */ -0x55,0x04,0x22, /* [5772] OBJ_seeAlso */ -0x55,0x04,0x23, /* [5775] OBJ_userPassword */ -0x55,0x04,0x24, /* [5778] OBJ_userCertificate */ -0x55,0x04,0x25, /* [5781] OBJ_cACertificate */ -0x55,0x04,0x26, /* [5784] OBJ_authorityRevocationList */ -0x55,0x04,0x27, /* [5787] OBJ_certificateRevocationList */ -0x55,0x04,0x28, /* [5790] OBJ_crossCertificatePair */ -0x55,0x04,0x2F, /* [5793] OBJ_enhancedSearchGuide */ -0x55,0x04,0x30, /* [5796] OBJ_protocolInformation */ -0x55,0x04,0x31, /* [5799] OBJ_distinguishedName */ -0x55,0x04,0x32, /* [5802] OBJ_uniqueMember */ -0x55,0x04,0x33, /* [5805] OBJ_houseIdentifier */ -0x55,0x04,0x34, /* [5808] OBJ_supportedAlgorithms */ -0x55,0x04,0x35, /* [5811] OBJ_deltaRevocationList */ -0x55,0x04,0x36, /* [5814] OBJ_dmdName */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x09,/* [5817] OBJ_id_alg_PWRI_KEK */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x06,/* [5828] OBJ_aes_128_gcm */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x07,/* [5837] OBJ_aes_128_ccm */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x08,/* [5846] OBJ_id_aes128_wrap_pad */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1A,/* [5855] OBJ_aes_192_gcm */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1B,/* [5864] OBJ_aes_192_ccm */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1C,/* [5873] OBJ_id_aes192_wrap_pad */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2E,/* [5882] OBJ_aes_256_gcm */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2F,/* [5891] OBJ_aes_256_ccm */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x30,/* [5900] OBJ_id_aes256_wrap_pad */ -0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x02,/* [5909] OBJ_id_camellia128_wrap */ -0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x03,/* [5920] OBJ_id_camellia192_wrap */ -0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x04,/* [5931] OBJ_id_camellia256_wrap */ -0x55,0x1D,0x25,0x00, /* [5942] OBJ_anyExtendedKeyUsage */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x08,/* [5946] OBJ_mgf1 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0A,/* [5955] OBJ_rsassaPss */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x07,/* [5964] OBJ_rsaesOaep */ -0x2A,0x86,0x48,0xCE,0x3E,0x02,0x01, /* [5973] OBJ_dhpublicnumber */ -0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x01,/* [5980] OBJ_brainpoolP160r1 */ -0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x02,/* [5989] OBJ_brainpoolP160t1 */ -0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x03,/* [5998] OBJ_brainpoolP192r1 */ -0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x04,/* [6007] OBJ_brainpoolP192t1 */ -0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x05,/* [6016] OBJ_brainpoolP224r1 */ -0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x06,/* [6025] OBJ_brainpoolP224t1 */ -0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x07,/* [6034] OBJ_brainpoolP256r1 */ -0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x08,/* [6043] OBJ_brainpoolP256t1 */ -0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x09,/* [6052] OBJ_brainpoolP320r1 */ -0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0A,/* [6061] OBJ_brainpoolP320t1 */ -0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0B,/* [6070] OBJ_brainpoolP384r1 */ -0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0C,/* [6079] OBJ_brainpoolP384t1 */ -0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0D,/* [6088] OBJ_brainpoolP512r1 */ -0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0E,/* [6097] OBJ_brainpoolP512t1 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x09,/* [6106] OBJ_pSpecified */ -0x2B,0x81,0x05,0x10,0x86,0x48,0x3F,0x00,0x02,/* [6115] OBJ_dhSinglePass_stdDH_sha1kdf_scheme */ -0x2B,0x81,0x04,0x01,0x0B,0x00, /* [6124] OBJ_dhSinglePass_stdDH_sha224kdf_scheme */ -0x2B,0x81,0x04,0x01,0x0B,0x01, /* [6130] OBJ_dhSinglePass_stdDH_sha256kdf_scheme */ -0x2B,0x81,0x04,0x01,0x0B,0x02, /* [6136] OBJ_dhSinglePass_stdDH_sha384kdf_scheme */ -0x2B,0x81,0x04,0x01,0x0B,0x03, /* [6142] OBJ_dhSinglePass_stdDH_sha512kdf_scheme */ -0x2B,0x81,0x05,0x10,0x86,0x48,0x3F,0x00,0x03,/* [6148] OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme */ -0x2B,0x81,0x04,0x01,0x0E,0x00, /* [6157] OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme */ -0x2B,0x81,0x04,0x01,0x0E,0x01, /* [6163] OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme */ -0x2B,0x81,0x04,0x01,0x0E,0x02, /* [6169] OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme */ -0x2B,0x81,0x04,0x01,0x0E,0x03, /* [6175] OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x08,/* [616] OBJ_zlib_compression */ +0x55,0x1D,0x25, /* [627] OBJ_ext_key_usage */ +0x2B,0x06,0x01,0x05,0x05,0x07, /* [630] OBJ_id_pkix */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03, /* [636] OBJ_id_kp */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x01, /* [643] OBJ_server_auth */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x02, /* [651] OBJ_client_auth */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03, /* [659] OBJ_code_sign */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04, /* [667] OBJ_email_protect */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08, /* [675] OBJ_time_stamp */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x15,/* [683] OBJ_ms_code_ind */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x16,/* [693] OBJ_ms_code_com */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x01,/* [703] OBJ_ms_ctl_sign */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x03,/* [713] OBJ_ms_sgc */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x04,/* [723] OBJ_ms_efs */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x04,0x01,/* [733] OBJ_ns_sgc */ +0x55,0x1D,0x1B, /* [742] OBJ_delta_crl */ +0x55,0x1D,0x15, /* [745] OBJ_crl_reason */ +0x55,0x1D,0x18, /* [748] OBJ_invalidity_date */ +0x2B,0x65,0x01,0x04,0x01, /* [751] OBJ_sxnet */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x01,/* [756] OBJ_pbe_WithSHA1And128BitRC4 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x02,/* [766] OBJ_pbe_WithSHA1And40BitRC4 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x03,/* [776] OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x04,/* [786] OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x05,/* [796] OBJ_pbe_WithSHA1And128BitRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x06,/* [806] OBJ_pbe_WithSHA1And40BitRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x01,/* [816] OBJ_keyBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x02,/* [827] OBJ_pkcs8ShroudedKeyBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x03,/* [838] OBJ_certBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x04,/* [849] OBJ_crlBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x05,/* [860] OBJ_secretBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x06,/* [871] OBJ_safeContentsBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x14,/* [882] OBJ_friendlyName */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x15,/* [891] OBJ_localKeyID */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x01,/* [900] OBJ_x509Certificate */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x02,/* [910] OBJ_sdsiCertificate */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x17,0x01,/* [920] OBJ_x509Crl */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [930] OBJ_pbes2 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [939] OBJ_pbmac1 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07, /* [948] OBJ_hmacWithSHA1 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01, /* [956] OBJ_id_qt_cps */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02, /* [964] OBJ_id_qt_unotice */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0F,/* [972] OBJ_SMIMECapabilities */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [981] OBJ_pbeWithMD2AndRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [990] OBJ_pbeWithMD5AndRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [999] OBJ_pbeWithSHA1AndDES_CBC */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [1008] OBJ_ms_ext_req */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [1018] OBJ_ext_req */ +0x55,0x04,0x29, /* [1027] OBJ_name */ +0x55,0x04,0x2E, /* [1030] OBJ_dnQualifier */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01, /* [1033] OBJ_id_pe */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30, /* [1040] OBJ_id_ad */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01, /* [1047] OBJ_info_access */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01, /* [1055] OBJ_ad_OCSP */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02, /* [1063] OBJ_ad_ca_issuers */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09, /* [1071] OBJ_OCSP_sign */ +0x2A, /* [1079] OBJ_member_body */ +0x2A,0x86,0x48, /* [1080] OBJ_ISO_US */ +0x2A,0x86,0x48,0xCE,0x38, /* [1083] OBJ_X9_57 */ +0x2A,0x86,0x48,0xCE,0x38,0x04, /* [1088] OBJ_X9cm */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01, /* [1094] OBJ_pkcs1 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05, /* [1102] OBJ_pkcs5 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,/* [1110] OBJ_SMIME */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,/* [1119] OBJ_id_smime_mod */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,/* [1129] OBJ_id_smime_ct */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,/* [1139] OBJ_id_smime_aa */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,/* [1149] OBJ_id_smime_alg */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,/* [1159] OBJ_id_smime_cd */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,/* [1169] OBJ_id_smime_spq */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,/* [1179] OBJ_id_smime_cti */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x01,/* [1189] OBJ_id_smime_mod_cms */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x02,/* [1200] OBJ_id_smime_mod_ess */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x03,/* [1211] OBJ_id_smime_mod_oid */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x04,/* [1222] OBJ_id_smime_mod_msg_v3 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x05,/* [1233] OBJ_id_smime_mod_ets_eSignature_88 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x06,/* [1244] OBJ_id_smime_mod_ets_eSignature_97 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x07,/* [1255] OBJ_id_smime_mod_ets_eSigPolicy_88 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x08,/* [1266] OBJ_id_smime_mod_ets_eSigPolicy_97 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x01,/* [1277] OBJ_id_smime_ct_receipt */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x02,/* [1288] OBJ_id_smime_ct_authData */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x03,/* [1299] OBJ_id_smime_ct_publishCert */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x04,/* [1310] OBJ_id_smime_ct_TSTInfo */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x05,/* [1321] OBJ_id_smime_ct_TDTInfo */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x06,/* [1332] OBJ_id_smime_ct_contentInfo */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x07,/* [1343] OBJ_id_smime_ct_DVCSRequestData */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x08,/* [1354] OBJ_id_smime_ct_DVCSResponseData */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x01,/* [1365] OBJ_id_smime_aa_receiptRequest */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x02,/* [1376] OBJ_id_smime_aa_securityLabel */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x03,/* [1387] OBJ_id_smime_aa_mlExpandHistory */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x04,/* [1398] OBJ_id_smime_aa_contentHint */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x05,/* [1409] OBJ_id_smime_aa_msgSigDigest */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x06,/* [1420] OBJ_id_smime_aa_encapContentType */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x07,/* [1431] OBJ_id_smime_aa_contentIdentifier */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x08,/* [1442] OBJ_id_smime_aa_macValue */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x09,/* [1453] OBJ_id_smime_aa_equivalentLabels */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0A,/* [1464] OBJ_id_smime_aa_contentReference */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0B,/* [1475] OBJ_id_smime_aa_encrypKeyPref */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0C,/* [1486] OBJ_id_smime_aa_signingCertificate */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0D,/* [1497] OBJ_id_smime_aa_smimeEncryptCerts */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0E,/* [1508] OBJ_id_smime_aa_timeStampToken */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0F,/* [1519] OBJ_id_smime_aa_ets_sigPolicyId */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x10,/* [1530] OBJ_id_smime_aa_ets_commitmentType */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x11,/* [1541] OBJ_id_smime_aa_ets_signerLocation */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x12,/* [1552] OBJ_id_smime_aa_ets_signerAttr */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x13,/* [1563] OBJ_id_smime_aa_ets_otherSigCert */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x14,/* [1574] OBJ_id_smime_aa_ets_contentTimestamp */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x15,/* [1585] OBJ_id_smime_aa_ets_CertificateRefs */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x16,/* [1596] OBJ_id_smime_aa_ets_RevocationRefs */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x17,/* [1607] OBJ_id_smime_aa_ets_certValues */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x18,/* [1618] OBJ_id_smime_aa_ets_revocationValues */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x19,/* [1629] OBJ_id_smime_aa_ets_escTimeStamp */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1A,/* [1640] OBJ_id_smime_aa_ets_certCRLTimestamp */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1B,/* [1651] OBJ_id_smime_aa_ets_archiveTimeStamp */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1C,/* [1662] OBJ_id_smime_aa_signatureType */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1D,/* [1673] OBJ_id_smime_aa_dvcs_dvc */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x01,/* [1684] OBJ_id_smime_alg_ESDHwith3DES */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x02,/* [1695] OBJ_id_smime_alg_ESDHwithRC2 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x03,/* [1706] OBJ_id_smime_alg_3DESwrap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x04,/* [1717] OBJ_id_smime_alg_RC2wrap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x05,/* [1728] OBJ_id_smime_alg_ESDH */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x06,/* [1739] OBJ_id_smime_alg_CMS3DESwrap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x07,/* [1750] OBJ_id_smime_alg_CMSRC2wrap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,0x01,/* [1761] OBJ_id_smime_cd_ldap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x01,/* [1772] OBJ_id_smime_spq_ets_sqt_uri */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x02,/* [1783] OBJ_id_smime_spq_ets_sqt_unotice */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x01,/* [1794] OBJ_id_smime_cti_ets_proofOfOrigin */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x02,/* [1805] OBJ_id_smime_cti_ets_proofOfReceipt */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x03,/* [1816] OBJ_id_smime_cti_ets_proofOfDelivery */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x04,/* [1827] OBJ_id_smime_cti_ets_proofOfSender */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x05,/* [1838] OBJ_id_smime_cti_ets_proofOfApproval */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x06,/* [1849] OBJ_id_smime_cti_ets_proofOfCreation */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x04, /* [1860] OBJ_md4 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00, /* [1868] OBJ_id_pkix_mod */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02, /* [1875] OBJ_id_qt */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04, /* [1882] OBJ_id_it */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05, /* [1889] OBJ_id_pkip */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06, /* [1896] OBJ_id_alg */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07, /* [1903] OBJ_id_cmc */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x08, /* [1910] OBJ_id_on */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09, /* [1917] OBJ_id_pda */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A, /* [1924] OBJ_id_aca */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0B, /* [1931] OBJ_id_qcs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0C, /* [1938] OBJ_id_cct */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x01, /* [1945] OBJ_id_pkix1_explicit_88 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x02, /* [1953] OBJ_id_pkix1_implicit_88 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x03, /* [1961] OBJ_id_pkix1_explicit_93 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x04, /* [1969] OBJ_id_pkix1_implicit_93 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x05, /* [1977] OBJ_id_mod_crmf */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x06, /* [1985] OBJ_id_mod_cmc */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x07, /* [1993] OBJ_id_mod_kea_profile_88 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x08, /* [2001] OBJ_id_mod_kea_profile_93 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x09, /* [2009] OBJ_id_mod_cmp */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0A, /* [2017] OBJ_id_mod_qualified_cert_88 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0B, /* [2025] OBJ_id_mod_qualified_cert_93 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0C, /* [2033] OBJ_id_mod_attribute_cert */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0D, /* [2041] OBJ_id_mod_timestamp_protocol */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0E, /* [2049] OBJ_id_mod_ocsp */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0F, /* [2057] OBJ_id_mod_dvcs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x10, /* [2065] OBJ_id_mod_cmp2000 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x02, /* [2073] OBJ_biometricInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x03, /* [2081] OBJ_qcStatements */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04, /* [2089] OBJ_ac_auditEntity */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05, /* [2097] OBJ_ac_targeting */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06, /* [2105] OBJ_aaControls */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07, /* [2113] OBJ_sbgp_ipAddrBlock */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08, /* [2121] OBJ_sbgp_autonomousSysNum */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09, /* [2129] OBJ_sbgp_routerIdentifier */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03, /* [2137] OBJ_textNotice */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05, /* [2145] OBJ_ipsecEndSystem */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06, /* [2153] OBJ_ipsecTunnel */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x07, /* [2161] OBJ_ipsecUser */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x0A, /* [2169] OBJ_dvcs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x01, /* [2177] OBJ_id_it_caProtEncCert */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x02, /* [2185] OBJ_id_it_signKeyPairTypes */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x03, /* [2193] OBJ_id_it_encKeyPairTypes */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x04, /* [2201] OBJ_id_it_preferredSymmAlg */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x05, /* [2209] OBJ_id_it_caKeyUpdateInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x06, /* [2217] OBJ_id_it_currentCRL */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x07, /* [2225] OBJ_id_it_unsupportedOIDs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x08, /* [2233] OBJ_id_it_subscriptionRequest */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x09, /* [2241] OBJ_id_it_subscriptionResponse */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0A, /* [2249] OBJ_id_it_keyPairParamReq */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0B, /* [2257] OBJ_id_it_keyPairParamRep */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0C, /* [2265] OBJ_id_it_revPassphrase */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0D, /* [2273] OBJ_id_it_implicitConfirm */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0E, /* [2281] OBJ_id_it_confirmWaitTime */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0F, /* [2289] OBJ_id_it_origPKIMessage */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01, /* [2297] OBJ_id_regCtrl */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02, /* [2305] OBJ_id_regInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x01,/* [2313] OBJ_id_regCtrl_regToken */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x02,/* [2322] OBJ_id_regCtrl_authenticator */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x03,/* [2331] OBJ_id_regCtrl_pkiPublicationInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x04,/* [2340] OBJ_id_regCtrl_pkiArchiveOptions */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x05,/* [2349] OBJ_id_regCtrl_oldCertID */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x06,/* [2358] OBJ_id_regCtrl_protocolEncrKey */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x01,/* [2367] OBJ_id_regInfo_utf8Pairs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x02,/* [2376] OBJ_id_regInfo_certReq */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x01, /* [2385] OBJ_id_alg_des40 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x02, /* [2393] OBJ_id_alg_noSignature */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x03, /* [2401] OBJ_id_alg_dh_sig_hmac_sha1 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x04, /* [2409] OBJ_id_alg_dh_pop */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x01, /* [2417] OBJ_id_cmc_statusInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x02, /* [2425] OBJ_id_cmc_identification */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x03, /* [2433] OBJ_id_cmc_identityProof */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x04, /* [2441] OBJ_id_cmc_dataReturn */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x05, /* [2449] OBJ_id_cmc_transactionId */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x06, /* [2457] OBJ_id_cmc_senderNonce */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x07, /* [2465] OBJ_id_cmc_recipientNonce */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x08, /* [2473] OBJ_id_cmc_addExtensions */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x09, /* [2481] OBJ_id_cmc_encryptedPOP */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0A, /* [2489] OBJ_id_cmc_decryptedPOP */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0B, /* [2497] OBJ_id_cmc_lraPOPWitness */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0F, /* [2505] OBJ_id_cmc_getCert */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x10, /* [2513] OBJ_id_cmc_getCRL */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x11, /* [2521] OBJ_id_cmc_revokeRequest */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x12, /* [2529] OBJ_id_cmc_regInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x13, /* [2537] OBJ_id_cmc_responseInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x15, /* [2545] OBJ_id_cmc_queryPending */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x16, /* [2553] OBJ_id_cmc_popLinkRandom */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x17, /* [2561] OBJ_id_cmc_popLinkWitness */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x18, /* [2569] OBJ_id_cmc_confirmCertAcceptance */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x01, /* [2577] OBJ_id_on_personalData */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x01, /* [2585] OBJ_id_pda_dateOfBirth */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x02, /* [2593] OBJ_id_pda_placeOfBirth */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x03, /* [2601] OBJ_id_pda_gender */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x04, /* [2609] OBJ_id_pda_countryOfCitizenship */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x05, /* [2617] OBJ_id_pda_countryOfResidence */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x01, /* [2625] OBJ_id_aca_authenticationInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x02, /* [2633] OBJ_id_aca_accessIdentity */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x03, /* [2641] OBJ_id_aca_chargingIdentity */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x04, /* [2649] OBJ_id_aca_group */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x05, /* [2657] OBJ_id_aca_role */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,0x01, /* [2665] OBJ_id_qcs_pkixQCSyntax_v1 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x01, /* [2673] OBJ_id_cct_crs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x02, /* [2681] OBJ_id_cct_PKIData */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x03, /* [2689] OBJ_id_cct_PKIResponse */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x03, /* [2697] OBJ_ad_timeStamping */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x04, /* [2705] OBJ_ad_dvcs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x01,/* [2713] OBJ_id_pkix_OCSP_basic */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x02,/* [2722] OBJ_id_pkix_OCSP_Nonce */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x03,/* [2731] OBJ_id_pkix_OCSP_CrlID */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x04,/* [2740] OBJ_id_pkix_OCSP_acceptableResponses */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x05,/* [2749] OBJ_id_pkix_OCSP_noCheck */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x06,/* [2758] OBJ_id_pkix_OCSP_archiveCutoff */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x07,/* [2767] OBJ_id_pkix_OCSP_serviceLocator */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x08,/* [2776] OBJ_id_pkix_OCSP_extendedStatus */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x09,/* [2785] OBJ_id_pkix_OCSP_valid */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0A,/* [2794] OBJ_id_pkix_OCSP_path */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0B,/* [2803] OBJ_id_pkix_OCSP_trustRoot */ +0x2B,0x0E,0x03,0x02, /* [2812] OBJ_algorithm */ +0x2B,0x0E,0x03,0x02,0x0B, /* [2816] OBJ_rsaSignature */ +0x55,0x08, /* [2821] OBJ_X500algorithms */ +0x2B, /* [2823] OBJ_org */ +0x2B,0x06, /* [2824] OBJ_dod */ +0x2B,0x06,0x01, /* [2826] OBJ_iana */ +0x2B,0x06,0x01,0x01, /* [2829] OBJ_Directory */ +0x2B,0x06,0x01,0x02, /* [2833] OBJ_Management */ +0x2B,0x06,0x01,0x03, /* [2837] OBJ_Experimental */ +0x2B,0x06,0x01,0x04, /* [2841] OBJ_Private */ +0x2B,0x06,0x01,0x05, /* [2845] OBJ_Security */ +0x2B,0x06,0x01,0x06, /* [2849] OBJ_SNMPv2 */ +0x2B,0x06,0x01,0x07, /* [2853] OBJ_Mail */ +0x2B,0x06,0x01,0x04,0x01, /* [2857] OBJ_Enterprises */ +0x2B,0x06,0x01,0x04,0x01,0x8B,0x3A,0x82,0x58,/* [2862] OBJ_dcObject */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x19,/* [2871] OBJ_domainComponent */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0D,/* [2881] OBJ_Domain */ +0x55,0x01,0x05, /* [2891] OBJ_selected_attribute_types */ +0x55,0x01,0x05,0x37, /* [2894] OBJ_clearance */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x03,/* [2898] OBJ_md4WithRSAEncryption */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0A, /* [2907] OBJ_ac_proxying */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0B, /* [2915] OBJ_sinfo_access */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x06, /* [2923] OBJ_id_aca_encAttrs */ +0x55,0x04,0x48, /* [2931] OBJ_role */ +0x55,0x1D,0x24, /* [2934] OBJ_policy_constraints */ +0x55,0x1D,0x37, /* [2937] OBJ_target_information */ +0x55,0x1D,0x38, /* [2940] OBJ_no_rev_avail */ +0x2A,0x86,0x48,0xCE,0x3D, /* [2943] OBJ_ansi_X9_62 */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x01, /* [2948] OBJ_X9_62_prime_field */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02, /* [2955] OBJ_X9_62_characteristic_two_field */ +0x2A,0x86,0x48,0xCE,0x3D,0x02,0x01, /* [2962] OBJ_X9_62_id_ecPublicKey */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x01, /* [2969] OBJ_X9_62_prime192v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x02, /* [2977] OBJ_X9_62_prime192v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x03, /* [2985] OBJ_X9_62_prime192v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x04, /* [2993] OBJ_X9_62_prime239v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x05, /* [3001] OBJ_X9_62_prime239v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x06, /* [3009] OBJ_X9_62_prime239v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07, /* [3017] OBJ_X9_62_prime256v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x01, /* [3025] OBJ_ecdsa_with_SHA1 */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x01,/* [3032] OBJ_ms_csp_name */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x01,/* [3041] OBJ_aes_128_ecb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x02,/* [3050] OBJ_aes_128_cbc */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x03,/* [3059] OBJ_aes_128_ofb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x04,/* [3068] OBJ_aes_128_cfb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x15,/* [3077] OBJ_aes_192_ecb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x16,/* [3086] OBJ_aes_192_cbc */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x17,/* [3095] OBJ_aes_192_ofb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x18,/* [3104] OBJ_aes_192_cfb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x29,/* [3113] OBJ_aes_256_ecb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2A,/* [3122] OBJ_aes_256_cbc */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2B,/* [3131] OBJ_aes_256_ofb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2C,/* [3140] OBJ_aes_256_cfb128 */ +0x55,0x1D,0x17, /* [3149] OBJ_hold_instruction_code */ +0x2A,0x86,0x48,0xCE,0x38,0x02,0x01, /* [3152] OBJ_hold_instruction_none */ +0x2A,0x86,0x48,0xCE,0x38,0x02,0x02, /* [3159] OBJ_hold_instruction_call_issuer */ +0x2A,0x86,0x48,0xCE,0x38,0x02,0x03, /* [3166] OBJ_hold_instruction_reject */ +0x09, /* [3173] OBJ_data */ +0x09,0x92,0x26, /* [3174] OBJ_pss */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C, /* [3177] OBJ_ucl */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64, /* [3184] OBJ_pilot */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,/* [3192] OBJ_pilotAttributeType */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,/* [3201] OBJ_pilotAttributeSyntax */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,/* [3210] OBJ_pilotObjectClass */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x0A,/* [3219] OBJ_pilotGroups */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x04,/* [3228] OBJ_iA5StringSyntax */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x05,/* [3238] OBJ_caseIgnoreIA5StringSyntax */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x03,/* [3248] OBJ_pilotObject */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x04,/* [3258] OBJ_pilotPerson */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x05,/* [3268] OBJ_account */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x06,/* [3278] OBJ_document */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x07,/* [3288] OBJ_room */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x09,/* [3298] OBJ_documentSeries */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0E,/* [3308] OBJ_rFC822localPart */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0F,/* [3318] OBJ_dNSDomain */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x11,/* [3328] OBJ_domainRelatedObject */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x12,/* [3338] OBJ_friendlyCountry */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x13,/* [3348] OBJ_simpleSecurityObject */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x14,/* [3358] OBJ_pilotOrganization */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x15,/* [3368] OBJ_pilotDSA */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x16,/* [3378] OBJ_qualityLabelledData */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x01,/* [3388] OBJ_userId */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x02,/* [3398] OBJ_textEncodedORAddress */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x03,/* [3408] OBJ_rfc822Mailbox */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x04,/* [3418] OBJ_info */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x05,/* [3428] OBJ_favouriteDrink */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x06,/* [3438] OBJ_roomNumber */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x07,/* [3448] OBJ_photo */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x08,/* [3458] OBJ_userClass */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x09,/* [3468] OBJ_host */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0A,/* [3478] OBJ_manager */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0B,/* [3488] OBJ_documentIdentifier */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0C,/* [3498] OBJ_documentTitle */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0D,/* [3508] OBJ_documentVersion */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0E,/* [3518] OBJ_documentAuthor */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0F,/* [3528] OBJ_documentLocation */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x14,/* [3538] OBJ_homeTelephoneNumber */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x15,/* [3548] OBJ_secretary */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x16,/* [3558] OBJ_otherMailbox */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x17,/* [3568] OBJ_lastModifiedTime */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x18,/* [3578] OBJ_lastModifiedBy */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1A,/* [3588] OBJ_aRecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1B,/* [3598] OBJ_pilotAttributeType27 */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1C,/* [3608] OBJ_mXRecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1D,/* [3618] OBJ_nSRecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1E,/* [3628] OBJ_sOARecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1F,/* [3638] OBJ_cNAMERecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x25,/* [3648] OBJ_associatedDomain */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x26,/* [3658] OBJ_associatedName */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x27,/* [3668] OBJ_homePostalAddress */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x28,/* [3678] OBJ_personalTitle */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x29,/* [3688] OBJ_mobileTelephoneNumber */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2A,/* [3698] OBJ_pagerTelephoneNumber */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2B,/* [3708] OBJ_friendlyCountryName */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2D,/* [3718] OBJ_organizationalStatus */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2E,/* [3728] OBJ_janetMailbox */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2F,/* [3738] OBJ_mailPreferenceOption */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x30,/* [3748] OBJ_buildingName */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x31,/* [3758] OBJ_dSAQuality */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x32,/* [3768] OBJ_singleLevelQuality */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x33,/* [3778] OBJ_subtreeMinimumQuality */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x34,/* [3788] OBJ_subtreeMaximumQuality */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x35,/* [3798] OBJ_personalSignature */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x36,/* [3808] OBJ_dITRedirect */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x37,/* [3818] OBJ_audio */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x38,/* [3828] OBJ_documentPublisher */ +0x55,0x04,0x2D, /* [3838] OBJ_x500UniqueIdentifier */ +0x2B,0x06,0x01,0x07,0x01, /* [3841] OBJ_mime_mhs */ +0x2B,0x06,0x01,0x07,0x01,0x01, /* [3846] OBJ_mime_mhs_headings */ +0x2B,0x06,0x01,0x07,0x01,0x02, /* [3852] OBJ_mime_mhs_bodies */ +0x2B,0x06,0x01,0x07,0x01,0x01,0x01, /* [3858] OBJ_id_hex_partial_message */ +0x2B,0x06,0x01,0x07,0x01,0x01,0x02, /* [3865] OBJ_id_hex_multipart_message */ +0x55,0x04,0x2C, /* [3872] OBJ_generationQualifier */ +0x55,0x04,0x41, /* [3875] OBJ_pseudonym */ +0x67,0x2A, /* [3878] OBJ_id_set */ +0x67,0x2A,0x00, /* [3880] OBJ_set_ctype */ +0x67,0x2A,0x01, /* [3883] OBJ_set_msgExt */ +0x67,0x2A,0x03, /* [3886] OBJ_set_attr */ +0x67,0x2A,0x05, /* [3889] OBJ_set_policy */ +0x67,0x2A,0x07, /* [3892] OBJ_set_certExt */ +0x67,0x2A,0x08, /* [3895] OBJ_set_brand */ +0x67,0x2A,0x00,0x00, /* [3898] OBJ_setct_PANData */ +0x67,0x2A,0x00,0x01, /* [3902] OBJ_setct_PANToken */ +0x67,0x2A,0x00,0x02, /* [3906] OBJ_setct_PANOnly */ +0x67,0x2A,0x00,0x03, /* [3910] OBJ_setct_OIData */ +0x67,0x2A,0x00,0x04, /* [3914] OBJ_setct_PI */ +0x67,0x2A,0x00,0x05, /* [3918] OBJ_setct_PIData */ +0x67,0x2A,0x00,0x06, /* [3922] OBJ_setct_PIDataUnsigned */ +0x67,0x2A,0x00,0x07, /* [3926] OBJ_setct_HODInput */ +0x67,0x2A,0x00,0x08, /* [3930] OBJ_setct_AuthResBaggage */ +0x67,0x2A,0x00,0x09, /* [3934] OBJ_setct_AuthRevReqBaggage */ +0x67,0x2A,0x00,0x0A, /* [3938] OBJ_setct_AuthRevResBaggage */ +0x67,0x2A,0x00,0x0B, /* [3942] OBJ_setct_CapTokenSeq */ +0x67,0x2A,0x00,0x0C, /* [3946] OBJ_setct_PInitResData */ +0x67,0x2A,0x00,0x0D, /* [3950] OBJ_setct_PI_TBS */ +0x67,0x2A,0x00,0x0E, /* [3954] OBJ_setct_PResData */ +0x67,0x2A,0x00,0x10, /* [3958] OBJ_setct_AuthReqTBS */ +0x67,0x2A,0x00,0x11, /* [3962] OBJ_setct_AuthResTBS */ +0x67,0x2A,0x00,0x12, /* [3966] OBJ_setct_AuthResTBSX */ +0x67,0x2A,0x00,0x13, /* [3970] OBJ_setct_AuthTokenTBS */ +0x67,0x2A,0x00,0x14, /* [3974] OBJ_setct_CapTokenData */ +0x67,0x2A,0x00,0x15, /* [3978] OBJ_setct_CapTokenTBS */ +0x67,0x2A,0x00,0x16, /* [3982] OBJ_setct_AcqCardCodeMsg */ +0x67,0x2A,0x00,0x17, /* [3986] OBJ_setct_AuthRevReqTBS */ +0x67,0x2A,0x00,0x18, /* [3990] OBJ_setct_AuthRevResData */ +0x67,0x2A,0x00,0x19, /* [3994] OBJ_setct_AuthRevResTBS */ +0x67,0x2A,0x00,0x1A, /* [3998] OBJ_setct_CapReqTBS */ +0x67,0x2A,0x00,0x1B, /* [4002] OBJ_setct_CapReqTBSX */ +0x67,0x2A,0x00,0x1C, /* [4006] OBJ_setct_CapResData */ +0x67,0x2A,0x00,0x1D, /* [4010] OBJ_setct_CapRevReqTBS */ +0x67,0x2A,0x00,0x1E, /* [4014] OBJ_setct_CapRevReqTBSX */ +0x67,0x2A,0x00,0x1F, /* [4018] OBJ_setct_CapRevResData */ +0x67,0x2A,0x00,0x20, /* [4022] OBJ_setct_CredReqTBS */ +0x67,0x2A,0x00,0x21, /* [4026] OBJ_setct_CredReqTBSX */ +0x67,0x2A,0x00,0x22, /* [4030] OBJ_setct_CredResData */ +0x67,0x2A,0x00,0x23, /* [4034] OBJ_setct_CredRevReqTBS */ +0x67,0x2A,0x00,0x24, /* [4038] OBJ_setct_CredRevReqTBSX */ +0x67,0x2A,0x00,0x25, /* [4042] OBJ_setct_CredRevResData */ +0x67,0x2A,0x00,0x26, /* [4046] OBJ_setct_PCertReqData */ +0x67,0x2A,0x00,0x27, /* [4050] OBJ_setct_PCertResTBS */ +0x67,0x2A,0x00,0x28, /* [4054] OBJ_setct_BatchAdminReqData */ +0x67,0x2A,0x00,0x29, /* [4058] OBJ_setct_BatchAdminResData */ +0x67,0x2A,0x00,0x2A, /* [4062] OBJ_setct_CardCInitResTBS */ +0x67,0x2A,0x00,0x2B, /* [4066] OBJ_setct_MeAqCInitResTBS */ +0x67,0x2A,0x00,0x2C, /* [4070] OBJ_setct_RegFormResTBS */ +0x67,0x2A,0x00,0x2D, /* [4074] OBJ_setct_CertReqData */ +0x67,0x2A,0x00,0x2E, /* [4078] OBJ_setct_CertReqTBS */ +0x67,0x2A,0x00,0x2F, /* [4082] OBJ_setct_CertResData */ +0x67,0x2A,0x00,0x30, /* [4086] OBJ_setct_CertInqReqTBS */ +0x67,0x2A,0x00,0x31, /* [4090] OBJ_setct_ErrorTBS */ +0x67,0x2A,0x00,0x32, /* [4094] OBJ_setct_PIDualSignedTBE */ +0x67,0x2A,0x00,0x33, /* [4098] OBJ_setct_PIUnsignedTBE */ +0x67,0x2A,0x00,0x34, /* [4102] OBJ_setct_AuthReqTBE */ +0x67,0x2A,0x00,0x35, /* [4106] OBJ_setct_AuthResTBE */ +0x67,0x2A,0x00,0x36, /* [4110] OBJ_setct_AuthResTBEX */ +0x67,0x2A,0x00,0x37, /* [4114] OBJ_setct_AuthTokenTBE */ +0x67,0x2A,0x00,0x38, /* [4118] OBJ_setct_CapTokenTBE */ +0x67,0x2A,0x00,0x39, /* [4122] OBJ_setct_CapTokenTBEX */ +0x67,0x2A,0x00,0x3A, /* [4126] OBJ_setct_AcqCardCodeMsgTBE */ +0x67,0x2A,0x00,0x3B, /* [4130] OBJ_setct_AuthRevReqTBE */ +0x67,0x2A,0x00,0x3C, /* [4134] OBJ_setct_AuthRevResTBE */ +0x67,0x2A,0x00,0x3D, /* [4138] OBJ_setct_AuthRevResTBEB */ +0x67,0x2A,0x00,0x3E, /* [4142] OBJ_setct_CapReqTBE */ +0x67,0x2A,0x00,0x3F, /* [4146] OBJ_setct_CapReqTBEX */ +0x67,0x2A,0x00,0x40, /* [4150] OBJ_setct_CapResTBE */ +0x67,0x2A,0x00,0x41, /* [4154] OBJ_setct_CapRevReqTBE */ +0x67,0x2A,0x00,0x42, /* [4158] OBJ_setct_CapRevReqTBEX */ +0x67,0x2A,0x00,0x43, /* [4162] OBJ_setct_CapRevResTBE */ +0x67,0x2A,0x00,0x44, /* [4166] OBJ_setct_CredReqTBE */ +0x67,0x2A,0x00,0x45, /* [4170] OBJ_setct_CredReqTBEX */ +0x67,0x2A,0x00,0x46, /* [4174] OBJ_setct_CredResTBE */ +0x67,0x2A,0x00,0x47, /* [4178] OBJ_setct_CredRevReqTBE */ +0x67,0x2A,0x00,0x48, /* [4182] OBJ_setct_CredRevReqTBEX */ +0x67,0x2A,0x00,0x49, /* [4186] OBJ_setct_CredRevResTBE */ +0x67,0x2A,0x00,0x4A, /* [4190] OBJ_setct_BatchAdminReqTBE */ +0x67,0x2A,0x00,0x4B, /* [4194] OBJ_setct_BatchAdminResTBE */ +0x67,0x2A,0x00,0x4C, /* [4198] OBJ_setct_RegFormReqTBE */ +0x67,0x2A,0x00,0x4D, /* [4202] OBJ_setct_CertReqTBE */ +0x67,0x2A,0x00,0x4E, /* [4206] OBJ_setct_CertReqTBEX */ +0x67,0x2A,0x00,0x4F, /* [4210] OBJ_setct_CertResTBE */ +0x67,0x2A,0x00,0x50, /* [4214] OBJ_setct_CRLNotificationTBS */ +0x67,0x2A,0x00,0x51, /* [4218] OBJ_setct_CRLNotificationResTBS */ +0x67,0x2A,0x00,0x52, /* [4222] OBJ_setct_BCIDistributionTBS */ +0x67,0x2A,0x01,0x01, /* [4226] OBJ_setext_genCrypt */ +0x67,0x2A,0x01,0x03, /* [4230] OBJ_setext_miAuth */ +0x67,0x2A,0x01,0x04, /* [4234] OBJ_setext_pinSecure */ +0x67,0x2A,0x01,0x05, /* [4238] OBJ_setext_pinAny */ +0x67,0x2A,0x01,0x07, /* [4242] OBJ_setext_track2 */ +0x67,0x2A,0x01,0x08, /* [4246] OBJ_setext_cv */ +0x67,0x2A,0x05,0x00, /* [4250] OBJ_set_policy_root */ +0x67,0x2A,0x07,0x00, /* [4254] OBJ_setCext_hashedRoot */ +0x67,0x2A,0x07,0x01, /* [4258] OBJ_setCext_certType */ +0x67,0x2A,0x07,0x02, /* [4262] OBJ_setCext_merchData */ +0x67,0x2A,0x07,0x03, /* [4266] OBJ_setCext_cCertRequired */ +0x67,0x2A,0x07,0x04, /* [4270] OBJ_setCext_tunneling */ +0x67,0x2A,0x07,0x05, /* [4274] OBJ_setCext_setExt */ +0x67,0x2A,0x07,0x06, /* [4278] OBJ_setCext_setQualf */ +0x67,0x2A,0x07,0x07, /* [4282] OBJ_setCext_PGWYcapabilities */ +0x67,0x2A,0x07,0x08, /* [4286] OBJ_setCext_TokenIdentifier */ +0x67,0x2A,0x07,0x09, /* [4290] OBJ_setCext_Track2Data */ +0x67,0x2A,0x07,0x0A, /* [4294] OBJ_setCext_TokenType */ +0x67,0x2A,0x07,0x0B, /* [4298] OBJ_setCext_IssuerCapabilities */ +0x67,0x2A,0x03,0x00, /* [4302] OBJ_setAttr_Cert */ +0x67,0x2A,0x03,0x01, /* [4306] OBJ_setAttr_PGWYcap */ +0x67,0x2A,0x03,0x02, /* [4310] OBJ_setAttr_TokenType */ +0x67,0x2A,0x03,0x03, /* [4314] OBJ_setAttr_IssCap */ +0x67,0x2A,0x03,0x00,0x00, /* [4318] OBJ_set_rootKeyThumb */ +0x67,0x2A,0x03,0x00,0x01, /* [4323] OBJ_set_addPolicy */ +0x67,0x2A,0x03,0x02,0x01, /* [4328] OBJ_setAttr_Token_EMV */ +0x67,0x2A,0x03,0x02,0x02, /* [4333] OBJ_setAttr_Token_B0Prime */ +0x67,0x2A,0x03,0x03,0x03, /* [4338] OBJ_setAttr_IssCap_CVM */ +0x67,0x2A,0x03,0x03,0x04, /* [4343] OBJ_setAttr_IssCap_T2 */ +0x67,0x2A,0x03,0x03,0x05, /* [4348] OBJ_setAttr_IssCap_Sig */ +0x67,0x2A,0x03,0x03,0x03,0x01, /* [4353] OBJ_setAttr_GenCryptgrm */ +0x67,0x2A,0x03,0x03,0x04,0x01, /* [4359] OBJ_setAttr_T2Enc */ +0x67,0x2A,0x03,0x03,0x04,0x02, /* [4365] OBJ_setAttr_T2cleartxt */ +0x67,0x2A,0x03,0x03,0x05,0x01, /* [4371] OBJ_setAttr_TokICCsig */ +0x67,0x2A,0x03,0x03,0x05,0x02, /* [4377] OBJ_setAttr_SecDevSig */ +0x67,0x2A,0x08,0x01, /* [4383] OBJ_set_brand_IATA_ATA */ +0x67,0x2A,0x08,0x1E, /* [4387] OBJ_set_brand_Diners */ +0x67,0x2A,0x08,0x22, /* [4391] OBJ_set_brand_AmericanExpress */ +0x67,0x2A,0x08,0x23, /* [4395] OBJ_set_brand_JCB */ +0x67,0x2A,0x08,0x04, /* [4399] OBJ_set_brand_Visa */ +0x67,0x2A,0x08,0x05, /* [4403] OBJ_set_brand_MasterCard */ +0x67,0x2A,0x08,0xAE,0x7B, /* [4407] OBJ_set_brand_Novus */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x0A, /* [4412] OBJ_des_cdmf */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4420] OBJ_rsaOAEPEncryptionSET */ +0x67, /* [4429] OBJ_international_organizations */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4430] OBJ_ms_smartcard_login */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4440] OBJ_ms_upn */ +0x55,0x04,0x09, /* [4450] OBJ_streetAddress */ +0x55,0x04,0x11, /* [4453] OBJ_postalCode */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x15, /* [4456] OBJ_id_ppl */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E, /* [4463] OBJ_proxyCertInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00, /* [4471] OBJ_id_ppl_anyLanguage */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01, /* [4479] OBJ_id_ppl_inheritAll */ +0x55,0x1D,0x1E, /* [4487] OBJ_name_constraints */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02, /* [4490] OBJ_Independent */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4498] OBJ_sha256WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4507] OBJ_sha384WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4516] OBJ_sha512WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4525] OBJ_sha224WithRSAEncryption */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4534] OBJ_sha256 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4543] OBJ_sha384 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4552] OBJ_sha512 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4561] OBJ_sha224 */ +0x2B, /* [4570] OBJ_identified_organization */ +0x2B,0x81,0x04, /* [4571] OBJ_certicom_arc */ +0x67,0x2B, /* [4574] OBJ_wap */ +0x67,0x2B,0x01, /* [4576] OBJ_wap_wsg */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03, /* [4579] OBJ_X9_62_id_characteristic_two_basis */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x01,/* [4587] OBJ_X9_62_onBasis */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x02,/* [4596] OBJ_X9_62_tpBasis */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x03,/* [4605] OBJ_X9_62_ppBasis */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x01, /* [4614] OBJ_X9_62_c2pnb163v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x02, /* [4622] OBJ_X9_62_c2pnb163v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x03, /* [4630] OBJ_X9_62_c2pnb163v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x04, /* [4638] OBJ_X9_62_c2pnb176v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x05, /* [4646] OBJ_X9_62_c2tnb191v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x06, /* [4654] OBJ_X9_62_c2tnb191v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x07, /* [4662] OBJ_X9_62_c2tnb191v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x08, /* [4670] OBJ_X9_62_c2onb191v4 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x09, /* [4678] OBJ_X9_62_c2onb191v5 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0A, /* [4686] OBJ_X9_62_c2pnb208w1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0B, /* [4694] OBJ_X9_62_c2tnb239v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0C, /* [4702] OBJ_X9_62_c2tnb239v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0D, /* [4710] OBJ_X9_62_c2tnb239v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0E, /* [4718] OBJ_X9_62_c2onb239v4 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0F, /* [4726] OBJ_X9_62_c2onb239v5 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x10, /* [4734] OBJ_X9_62_c2pnb272w1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x11, /* [4742] OBJ_X9_62_c2pnb304w1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x12, /* [4750] OBJ_X9_62_c2tnb359v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x13, /* [4758] OBJ_X9_62_c2pnb368w1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x14, /* [4766] OBJ_X9_62_c2tnb431r1 */ +0x2B,0x81,0x04,0x00,0x06, /* [4774] OBJ_secp112r1 */ +0x2B,0x81,0x04,0x00,0x07, /* [4779] OBJ_secp112r2 */ +0x2B,0x81,0x04,0x00,0x1C, /* [4784] OBJ_secp128r1 */ +0x2B,0x81,0x04,0x00,0x1D, /* [4789] OBJ_secp128r2 */ +0x2B,0x81,0x04,0x00,0x09, /* [4794] OBJ_secp160k1 */ +0x2B,0x81,0x04,0x00,0x08, /* [4799] OBJ_secp160r1 */ +0x2B,0x81,0x04,0x00,0x1E, /* [4804] OBJ_secp160r2 */ +0x2B,0x81,0x04,0x00,0x1F, /* [4809] OBJ_secp192k1 */ +0x2B,0x81,0x04,0x00,0x20, /* [4814] OBJ_secp224k1 */ +0x2B,0x81,0x04,0x00,0x21, /* [4819] OBJ_secp224r1 */ +0x2B,0x81,0x04,0x00,0x0A, /* [4824] OBJ_secp256k1 */ +0x2B,0x81,0x04,0x00,0x22, /* [4829] OBJ_secp384r1 */ +0x2B,0x81,0x04,0x00,0x23, /* [4834] OBJ_secp521r1 */ +0x2B,0x81,0x04,0x00,0x04, /* [4839] OBJ_sect113r1 */ +0x2B,0x81,0x04,0x00,0x05, /* [4844] OBJ_sect113r2 */ +0x2B,0x81,0x04,0x00,0x16, /* [4849] OBJ_sect131r1 */ +0x2B,0x81,0x04,0x00,0x17, /* [4854] OBJ_sect131r2 */ +0x2B,0x81,0x04,0x00,0x01, /* [4859] OBJ_sect163k1 */ +0x2B,0x81,0x04,0x00,0x02, /* [4864] OBJ_sect163r1 */ +0x2B,0x81,0x04,0x00,0x0F, /* [4869] OBJ_sect163r2 */ +0x2B,0x81,0x04,0x00,0x18, /* [4874] OBJ_sect193r1 */ +0x2B,0x81,0x04,0x00,0x19, /* [4879] OBJ_sect193r2 */ +0x2B,0x81,0x04,0x00,0x1A, /* [4884] OBJ_sect233k1 */ +0x2B,0x81,0x04,0x00,0x1B, /* [4889] OBJ_sect233r1 */ +0x2B,0x81,0x04,0x00,0x03, /* [4894] OBJ_sect239k1 */ +0x2B,0x81,0x04,0x00,0x10, /* [4899] OBJ_sect283k1 */ +0x2B,0x81,0x04,0x00,0x11, /* [4904] OBJ_sect283r1 */ +0x2B,0x81,0x04,0x00,0x24, /* [4909] OBJ_sect409k1 */ +0x2B,0x81,0x04,0x00,0x25, /* [4914] OBJ_sect409r1 */ +0x2B,0x81,0x04,0x00,0x26, /* [4919] OBJ_sect571k1 */ +0x2B,0x81,0x04,0x00,0x27, /* [4924] OBJ_sect571r1 */ +0x67,0x2B,0x01,0x04,0x01, /* [4929] OBJ_wap_wsg_idm_ecid_wtls1 */ +0x67,0x2B,0x01,0x04,0x03, /* [4934] OBJ_wap_wsg_idm_ecid_wtls3 */ +0x67,0x2B,0x01,0x04,0x04, /* [4939] OBJ_wap_wsg_idm_ecid_wtls4 */ +0x67,0x2B,0x01,0x04,0x05, /* [4944] OBJ_wap_wsg_idm_ecid_wtls5 */ +0x67,0x2B,0x01,0x04,0x06, /* [4949] OBJ_wap_wsg_idm_ecid_wtls6 */ +0x67,0x2B,0x01,0x04,0x07, /* [4954] OBJ_wap_wsg_idm_ecid_wtls7 */ +0x67,0x2B,0x01,0x04,0x08, /* [4959] OBJ_wap_wsg_idm_ecid_wtls8 */ +0x67,0x2B,0x01,0x04,0x09, /* [4964] OBJ_wap_wsg_idm_ecid_wtls9 */ +0x67,0x2B,0x01,0x04,0x0A, /* [4969] OBJ_wap_wsg_idm_ecid_wtls10 */ +0x67,0x2B,0x01,0x04,0x0B, /* [4974] OBJ_wap_wsg_idm_ecid_wtls11 */ +0x67,0x2B,0x01,0x04,0x0C, /* [4979] OBJ_wap_wsg_idm_ecid_wtls12 */ +0x55,0x1D,0x20,0x00, /* [4984] OBJ_any_policy */ +0x55,0x1D,0x21, /* [4988] OBJ_policy_mappings */ +0x55,0x1D,0x36, /* [4991] OBJ_inhibit_any_policy */ +0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x02,/* [4994] OBJ_camellia_128_cbc */ +0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x03,/* [5005] OBJ_camellia_192_cbc */ +0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x04,/* [5016] OBJ_camellia_256_cbc */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x01, /* [5027] OBJ_camellia_128_ecb */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x15, /* [5035] OBJ_camellia_192_ecb */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x29, /* [5043] OBJ_camellia_256_ecb */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x04, /* [5051] OBJ_camellia_128_cfb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x18, /* [5059] OBJ_camellia_192_cfb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2C, /* [5067] OBJ_camellia_256_cfb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x03, /* [5075] OBJ_camellia_128_ofb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x17, /* [5083] OBJ_camellia_192_ofb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2B, /* [5091] OBJ_camellia_256_ofb128 */ +0x55,0x1D,0x09, /* [5099] OBJ_subject_directory_attributes */ +0x55,0x1D,0x1C, /* [5102] OBJ_issuing_distribution_point */ +0x55,0x1D,0x1D, /* [5105] OBJ_certificate_issuer */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44, /* [5108] OBJ_kisa */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x03, /* [5114] OBJ_seed_ecb */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x04, /* [5122] OBJ_seed_cbc */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x06, /* [5130] OBJ_seed_ofb128 */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x05, /* [5138] OBJ_seed_cfb128 */ +0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x01, /* [5146] OBJ_hmac_md5 */ +0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x02, /* [5154] OBJ_hmac_sha1 */ +0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0D,/* [5162] OBJ_id_PasswordBasedMAC */ +0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x1E,/* [5171] OBJ_id_DHBasedMac */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x10, /* [5180] OBJ_id_it_suppLangTags */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x05, /* [5188] OBJ_caRepository */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x09,/* [5196] OBJ_id_smime_ct_compressedData */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x1B,/* [5207] OBJ_id_ct_asciiTextWithCRLF */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x05,/* [5218] OBJ_id_aes128_wrap */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x19,/* [5227] OBJ_id_aes192_wrap */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2D,/* [5236] OBJ_id_aes256_wrap */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x02, /* [5245] OBJ_ecdsa_with_Recommended */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03, /* [5252] OBJ_ecdsa_with_Specified */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x01, /* [5259] OBJ_ecdsa_with_SHA224 */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x02, /* [5267] OBJ_ecdsa_with_SHA256 */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x03, /* [5275] OBJ_ecdsa_with_SHA384 */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x04, /* [5283] OBJ_ecdsa_with_SHA512 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x06, /* [5291] OBJ_hmacWithMD5 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x08, /* [5299] OBJ_hmacWithSHA224 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x09, /* [5307] OBJ_hmacWithSHA256 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0A, /* [5315] OBJ_hmacWithSHA384 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0B, /* [5323] OBJ_hmacWithSHA512 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x01,/* [5331] OBJ_dsa_with_SHA224 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x02,/* [5340] OBJ_dsa_with_SHA256 */ +0x28,0xCF,0x06,0x03,0x00,0x37, /* [5349] OBJ_whirlpool */ +0x2A,0x85,0x03,0x02,0x02, /* [5355] OBJ_cryptopro */ +0x2A,0x85,0x03,0x02,0x09, /* [5360] OBJ_cryptocom */ +0x2A,0x85,0x03,0x02,0x02,0x03, /* [5365] OBJ_id_GostR3411_94_with_GostR3410_2001 */ +0x2A,0x85,0x03,0x02,0x02,0x04, /* [5371] OBJ_id_GostR3411_94_with_GostR3410_94 */ +0x2A,0x85,0x03,0x02,0x02,0x09, /* [5377] OBJ_id_GostR3411_94 */ +0x2A,0x85,0x03,0x02,0x02,0x0A, /* [5383] OBJ_id_HMACGostR3411_94 */ +0x2A,0x85,0x03,0x02,0x02,0x13, /* [5389] OBJ_id_GostR3410_2001 */ +0x2A,0x85,0x03,0x02,0x02,0x14, /* [5395] OBJ_id_GostR3410_94 */ +0x2A,0x85,0x03,0x02,0x02,0x15, /* [5401] OBJ_id_Gost28147_89 */ +0x2A,0x85,0x03,0x02,0x02,0x16, /* [5407] OBJ_id_Gost28147_89_MAC */ +0x2A,0x85,0x03,0x02,0x02,0x17, /* [5413] OBJ_id_GostR3411_94_prf */ +0x2A,0x85,0x03,0x02,0x02,0x62, /* [5419] OBJ_id_GostR3410_2001DH */ +0x2A,0x85,0x03,0x02,0x02,0x63, /* [5425] OBJ_id_GostR3410_94DH */ +0x2A,0x85,0x03,0x02,0x02,0x0E,0x01, /* [5431] OBJ_id_Gost28147_89_CryptoPro_KeyMeshing */ +0x2A,0x85,0x03,0x02,0x02,0x0E,0x00, /* [5438] OBJ_id_Gost28147_89_None_KeyMeshing */ +0x2A,0x85,0x03,0x02,0x02,0x1E,0x00, /* [5445] OBJ_id_GostR3411_94_TestParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1E,0x01, /* [5452] OBJ_id_GostR3411_94_CryptoProParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x00, /* [5459] OBJ_id_Gost28147_89_TestParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x01, /* [5466] OBJ_id_Gost28147_89_CryptoPro_A_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x02, /* [5473] OBJ_id_Gost28147_89_CryptoPro_B_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x03, /* [5480] OBJ_id_Gost28147_89_CryptoPro_C_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x04, /* [5487] OBJ_id_Gost28147_89_CryptoPro_D_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x05, /* [5494] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x06, /* [5501] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x07, /* [5508] OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x20,0x00, /* [5515] OBJ_id_GostR3410_94_TestParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x20,0x02, /* [5522] OBJ_id_GostR3410_94_CryptoPro_A_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x20,0x03, /* [5529] OBJ_id_GostR3410_94_CryptoPro_B_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x20,0x04, /* [5536] OBJ_id_GostR3410_94_CryptoPro_C_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x20,0x05, /* [5543] OBJ_id_GostR3410_94_CryptoPro_D_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x21,0x01, /* [5550] OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x21,0x02, /* [5557] OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x21,0x03, /* [5564] OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x23,0x00, /* [5571] OBJ_id_GostR3410_2001_TestParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x23,0x01, /* [5578] OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x23,0x02, /* [5585] OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x23,0x03, /* [5592] OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x24,0x00, /* [5599] OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x24,0x01, /* [5606] OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x14,0x01, /* [5613] OBJ_id_GostR3410_94_a */ +0x2A,0x85,0x03,0x02,0x02,0x14,0x02, /* [5620] OBJ_id_GostR3410_94_aBis */ +0x2A,0x85,0x03,0x02,0x02,0x14,0x03, /* [5627] OBJ_id_GostR3410_94_b */ +0x2A,0x85,0x03,0x02,0x02,0x14,0x04, /* [5634] OBJ_id_GostR3410_94_bBis */ +0x2A,0x85,0x03,0x02,0x09,0x01,0x06,0x01, /* [5641] OBJ_id_Gost28147_89_cc */ +0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x03, /* [5649] OBJ_id_GostR3410_94_cc */ +0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x04, /* [5657] OBJ_id_GostR3410_2001_cc */ +0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x03, /* [5665] OBJ_id_GostR3411_94_with_GostR3410_94_cc */ +0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x04, /* [5673] OBJ_id_GostR3411_94_with_GostR3410_2001_cc */ +0x2A,0x85,0x03,0x02,0x09,0x01,0x08,0x01, /* [5681] OBJ_id_GostR3410_2001_ParamSet_cc */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x02,/* [5689] OBJ_LocalKeySet */ +0x55,0x1D,0x2E, /* [5698] OBJ_freshest_crl */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x03, /* [5701] OBJ_id_on_permanentIdentifier */ +0x55,0x04,0x0E, /* [5709] OBJ_searchGuide */ +0x55,0x04,0x0F, /* [5712] OBJ_businessCategory */ +0x55,0x04,0x10, /* [5715] OBJ_postalAddress */ +0x55,0x04,0x12, /* [5718] OBJ_postOfficeBox */ +0x55,0x04,0x13, /* [5721] OBJ_physicalDeliveryOfficeName */ +0x55,0x04,0x14, /* [5724] OBJ_telephoneNumber */ +0x55,0x04,0x15, /* [5727] OBJ_telexNumber */ +0x55,0x04,0x16, /* [5730] OBJ_teletexTerminalIdentifier */ +0x55,0x04,0x17, /* [5733] OBJ_facsimileTelephoneNumber */ +0x55,0x04,0x18, /* [5736] OBJ_x121Address */ +0x55,0x04,0x19, /* [5739] OBJ_internationaliSDNNumber */ +0x55,0x04,0x1A, /* [5742] OBJ_registeredAddress */ +0x55,0x04,0x1B, /* [5745] OBJ_destinationIndicator */ +0x55,0x04,0x1C, /* [5748] OBJ_preferredDeliveryMethod */ +0x55,0x04,0x1D, /* [5751] OBJ_presentationAddress */ +0x55,0x04,0x1E, /* [5754] OBJ_supportedApplicationContext */ +0x55,0x04,0x1F, /* [5757] OBJ_member */ +0x55,0x04,0x20, /* [5760] OBJ_owner */ +0x55,0x04,0x21, /* [5763] OBJ_roleOccupant */ +0x55,0x04,0x22, /* [5766] OBJ_seeAlso */ +0x55,0x04,0x23, /* [5769] OBJ_userPassword */ +0x55,0x04,0x24, /* [5772] OBJ_userCertificate */ +0x55,0x04,0x25, /* [5775] OBJ_cACertificate */ +0x55,0x04,0x26, /* [5778] OBJ_authorityRevocationList */ +0x55,0x04,0x27, /* [5781] OBJ_certificateRevocationList */ +0x55,0x04,0x28, /* [5784] OBJ_crossCertificatePair */ +0x55,0x04,0x2F, /* [5787] OBJ_enhancedSearchGuide */ +0x55,0x04,0x30, /* [5790] OBJ_protocolInformation */ +0x55,0x04,0x31, /* [5793] OBJ_distinguishedName */ +0x55,0x04,0x32, /* [5796] OBJ_uniqueMember */ +0x55,0x04,0x33, /* [5799] OBJ_houseIdentifier */ +0x55,0x04,0x34, /* [5802] OBJ_supportedAlgorithms */ +0x55,0x04,0x35, /* [5805] OBJ_deltaRevocationList */ +0x55,0x04,0x36, /* [5808] OBJ_dmdName */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x09,/* [5811] OBJ_id_alg_PWRI_KEK */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x06,/* [5822] OBJ_aes_128_gcm */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x07,/* [5831] OBJ_aes_128_ccm */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x08,/* [5840] OBJ_id_aes128_wrap_pad */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1A,/* [5849] OBJ_aes_192_gcm */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1B,/* [5858] OBJ_aes_192_ccm */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1C,/* [5867] OBJ_id_aes192_wrap_pad */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2E,/* [5876] OBJ_aes_256_gcm */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2F,/* [5885] OBJ_aes_256_ccm */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x30,/* [5894] OBJ_id_aes256_wrap_pad */ +0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x02,/* [5903] OBJ_id_camellia128_wrap */ +0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x03,/* [5914] OBJ_id_camellia192_wrap */ +0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x04,/* [5925] OBJ_id_camellia256_wrap */ +0x55,0x1D,0x25,0x00, /* [5936] OBJ_anyExtendedKeyUsage */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x08,/* [5940] OBJ_mgf1 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0A,/* [5949] OBJ_rsassaPss */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x07,/* [5958] OBJ_rsaesOaep */ +0x2A,0x86,0x48,0xCE,0x3E,0x02,0x01, /* [5967] OBJ_dhpublicnumber */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x01,/* [5974] OBJ_brainpoolP160r1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x02,/* [5983] OBJ_brainpoolP160t1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x03,/* [5992] OBJ_brainpoolP192r1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x04,/* [6001] OBJ_brainpoolP192t1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x05,/* [6010] OBJ_brainpoolP224r1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x06,/* [6019] OBJ_brainpoolP224t1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x07,/* [6028] OBJ_brainpoolP256r1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x08,/* [6037] OBJ_brainpoolP256t1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x09,/* [6046] OBJ_brainpoolP320r1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0A,/* [6055] OBJ_brainpoolP320t1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0B,/* [6064] OBJ_brainpoolP384r1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0C,/* [6073] OBJ_brainpoolP384t1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0D,/* [6082] OBJ_brainpoolP512r1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0E,/* [6091] OBJ_brainpoolP512t1 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x09,/* [6100] OBJ_pSpecified */ +0x2B,0x81,0x05,0x10,0x86,0x48,0x3F,0x00,0x02,/* [6109] OBJ_dhSinglePass_stdDH_sha1kdf_scheme */ +0x2B,0x81,0x04,0x01,0x0B,0x00, /* [6118] OBJ_dhSinglePass_stdDH_sha224kdf_scheme */ +0x2B,0x81,0x04,0x01,0x0B,0x01, /* [6124] OBJ_dhSinglePass_stdDH_sha256kdf_scheme */ +0x2B,0x81,0x04,0x01,0x0B,0x02, /* [6130] OBJ_dhSinglePass_stdDH_sha384kdf_scheme */ +0x2B,0x81,0x04,0x01,0x0B,0x03, /* [6136] OBJ_dhSinglePass_stdDH_sha512kdf_scheme */ +0x2B,0x81,0x05,0x10,0x86,0x48,0x3F,0x00,0x03,/* [6142] OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme */ +0x2B,0x81,0x04,0x01,0x0E,0x00, /* [6151] OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme */ +0x2B,0x81,0x04,0x01,0x0E,0x01, /* [6157] OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme */ +0x2B,0x81,0x04,0x01,0x0E,0x02, /* [6163] OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme */ +0x2B,0x81,0x04,0x01,0x0E,0x03, /* [6169] OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme */ }; static const ASN1_OBJECT kObjects[NUM_NID]={ @@ -1110,880 +1109,880 @@ static const ASN1_OBJECT kObjects[NUM_NID]={ {"RC5-ECB","rc5-ecb",NID_rc5_ecb,0,NULL,0}, {"RC5-CFB","rc5-cfb",NID_rc5_cfb64,0,NULL,0}, {"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL,0}, -{"RLE","run length compression",NID_rle_compression,6,&(lvalues[616]),0}, -{"ZLIB","zlib compression",NID_zlib_compression,11,&(lvalues[622]),0}, +{NULL,NULL,NID_undef,0,NULL,0}, +{"ZLIB","zlib compression",NID_zlib_compression,11,&(lvalues[616]),0}, {"extendedKeyUsage","X509v3 Extended Key Usage",NID_ext_key_usage,3, - &(lvalues[633]),0}, -{"PKIX","PKIX",NID_id_pkix,6,&(lvalues[636]),0}, -{"id-kp","id-kp",NID_id_kp,7,&(lvalues[642]),0}, + &(lvalues[627]),0}, +{"PKIX","PKIX",NID_id_pkix,6,&(lvalues[630]),0}, +{"id-kp","id-kp",NID_id_kp,7,&(lvalues[636]),0}, {"serverAuth","TLS Web Server Authentication",NID_server_auth,8, - &(lvalues[649]),0}, + &(lvalues[643]),0}, {"clientAuth","TLS Web Client Authentication",NID_client_auth,8, - &(lvalues[657]),0}, -{"codeSigning","Code Signing",NID_code_sign,8,&(lvalues[665]),0}, + &(lvalues[651]),0}, +{"codeSigning","Code Signing",NID_code_sign,8,&(lvalues[659]),0}, {"emailProtection","E-mail Protection",NID_email_protect,8, - &(lvalues[673]),0}, -{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[681]),0}, + &(lvalues[667]),0}, +{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[675]),0}, {"msCodeInd","Microsoft Individual Code Signing",NID_ms_code_ind,10, - &(lvalues[689]),0}, + &(lvalues[683]),0}, {"msCodeCom","Microsoft Commercial Code Signing",NID_ms_code_com,10, - &(lvalues[699]),0}, + &(lvalues[693]),0}, {"msCTLSign","Microsoft Trust List Signing",NID_ms_ctl_sign,10, - &(lvalues[709]),0}, -{"msSGC","Microsoft Server Gated Crypto",NID_ms_sgc,10,&(lvalues[719]),0}, + &(lvalues[703]),0}, +{"msSGC","Microsoft Server Gated Crypto",NID_ms_sgc,10,&(lvalues[713]),0}, {"msEFS","Microsoft Encrypted File System",NID_ms_efs,10, - &(lvalues[729]),0}, -{"nsSGC","Netscape Server Gated Crypto",NID_ns_sgc,9,&(lvalues[739]),0}, + &(lvalues[723]),0}, +{"nsSGC","Netscape Server Gated Crypto",NID_ns_sgc,9,&(lvalues[733]),0}, {"deltaCRL","X509v3 Delta CRL Indicator",NID_delta_crl,3, - &(lvalues[748]),0}, -{"CRLReason","X509v3 CRL Reason Code",NID_crl_reason,3,&(lvalues[751]),0}, + &(lvalues[742]),0}, +{"CRLReason","X509v3 CRL Reason Code",NID_crl_reason,3,&(lvalues[745]),0}, {"invalidityDate","Invalidity Date",NID_invalidity_date,3, - &(lvalues[754]),0}, -{"SXNetID","Strong Extranet ID",NID_sxnet,5,&(lvalues[757]),0}, + &(lvalues[748]),0}, +{"SXNetID","Strong Extranet ID",NID_sxnet,5,&(lvalues[751]),0}, {"PBE-SHA1-RC4-128","pbeWithSHA1And128BitRC4", - NID_pbe_WithSHA1And128BitRC4,10,&(lvalues[762]),0}, + NID_pbe_WithSHA1And128BitRC4,10,&(lvalues[756]),0}, {"PBE-SHA1-RC4-40","pbeWithSHA1And40BitRC4", - NID_pbe_WithSHA1And40BitRC4,10,&(lvalues[772]),0}, + NID_pbe_WithSHA1And40BitRC4,10,&(lvalues[766]),0}, {"PBE-SHA1-3DES","pbeWithSHA1And3-KeyTripleDES-CBC", - NID_pbe_WithSHA1And3_Key_TripleDES_CBC,10,&(lvalues[782]),0}, + NID_pbe_WithSHA1And3_Key_TripleDES_CBC,10,&(lvalues[776]),0}, {"PBE-SHA1-2DES","pbeWithSHA1And2-KeyTripleDES-CBC", - NID_pbe_WithSHA1And2_Key_TripleDES_CBC,10,&(lvalues[792]),0}, + NID_pbe_WithSHA1And2_Key_TripleDES_CBC,10,&(lvalues[786]),0}, {"PBE-SHA1-RC2-128","pbeWithSHA1And128BitRC2-CBC", - NID_pbe_WithSHA1And128BitRC2_CBC,10,&(lvalues[802]),0}, + NID_pbe_WithSHA1And128BitRC2_CBC,10,&(lvalues[796]),0}, {"PBE-SHA1-RC2-40","pbeWithSHA1And40BitRC2-CBC", - NID_pbe_WithSHA1And40BitRC2_CBC,10,&(lvalues[812]),0}, -{"keyBag","keyBag",NID_keyBag,11,&(lvalues[822]),0}, + NID_pbe_WithSHA1And40BitRC2_CBC,10,&(lvalues[806]),0}, +{"keyBag","keyBag",NID_keyBag,11,&(lvalues[816]),0}, {"pkcs8ShroudedKeyBag","pkcs8ShroudedKeyBag",NID_pkcs8ShroudedKeyBag, - 11,&(lvalues[833]),0}, -{"certBag","certBag",NID_certBag,11,&(lvalues[844]),0}, -{"crlBag","crlBag",NID_crlBag,11,&(lvalues[855]),0}, -{"secretBag","secretBag",NID_secretBag,11,&(lvalues[866]),0}, + 11,&(lvalues[827]),0}, +{"certBag","certBag",NID_certBag,11,&(lvalues[838]),0}, +{"crlBag","crlBag",NID_crlBag,11,&(lvalues[849]),0}, +{"secretBag","secretBag",NID_secretBag,11,&(lvalues[860]),0}, {"safeContentsBag","safeContentsBag",NID_safeContentsBag,11, - &(lvalues[877]),0}, -{"friendlyName","friendlyName",NID_friendlyName,9,&(lvalues[888]),0}, -{"localKeyID","localKeyID",NID_localKeyID,9,&(lvalues[897]),0}, + &(lvalues[871]),0}, +{"friendlyName","friendlyName",NID_friendlyName,9,&(lvalues[882]),0}, +{"localKeyID","localKeyID",NID_localKeyID,9,&(lvalues[891]),0}, {"x509Certificate","x509Certificate",NID_x509Certificate,10, - &(lvalues[906]),0}, + &(lvalues[900]),0}, {"sdsiCertificate","sdsiCertificate",NID_sdsiCertificate,10, - &(lvalues[916]),0}, -{"x509Crl","x509Crl",NID_x509Crl,10,&(lvalues[926]),0}, -{"PBES2","PBES2",NID_pbes2,9,&(lvalues[936]),0}, -{"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[945]),0}, -{"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[954]),0}, -{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[962]),0}, + &(lvalues[910]),0}, +{"x509Crl","x509Crl",NID_x509Crl,10,&(lvalues[920]),0}, +{"PBES2","PBES2",NID_pbes2,9,&(lvalues[930]),0}, +{"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[939]),0}, +{"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[948]),0}, +{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[956]),0}, {"id-qt-unotice","Policy Qualifier User Notice",NID_id_qt_unotice,8, - &(lvalues[970]),0}, + &(lvalues[964]),0}, {"RC2-64-CBC","rc2-64-cbc",NID_rc2_64_cbc,0,NULL,0}, {"SMIME-CAPS","S/MIME Capabilities",NID_SMIMECapabilities,9, - &(lvalues[978]),0}, + &(lvalues[972]),0}, {"PBE-MD2-RC2-64","pbeWithMD2AndRC2-CBC",NID_pbeWithMD2AndRC2_CBC,9, - &(lvalues[987]),0}, + &(lvalues[981]),0}, {"PBE-MD5-RC2-64","pbeWithMD5AndRC2-CBC",NID_pbeWithMD5AndRC2_CBC,9, - &(lvalues[996]),0}, + &(lvalues[990]),0}, {"PBE-SHA1-DES","pbeWithSHA1AndDES-CBC",NID_pbeWithSHA1AndDES_CBC,9, - &(lvalues[1005]),0}, + &(lvalues[999]),0}, {"msExtReq","Microsoft Extension Request",NID_ms_ext_req,10, - &(lvalues[1014]),0}, -{"extReq","Extension Request",NID_ext_req,9,&(lvalues[1024]),0}, -{"name","name",NID_name,3,&(lvalues[1033]),0}, -{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1036]),0}, -{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1039]),0}, -{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1046]),0}, + &(lvalues[1008]),0}, +{"extReq","Extension Request",NID_ext_req,9,&(lvalues[1018]),0}, +{"name","name",NID_name,3,&(lvalues[1027]),0}, +{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1030]),0}, +{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1033]),0}, +{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1040]),0}, {"authorityInfoAccess","Authority Information Access",NID_info_access, - 8,&(lvalues[1053]),0}, -{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1061]),0}, -{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1069]),0}, -{"OCSPSigning","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1077]),0}, + 8,&(lvalues[1047]),0}, +{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1055]),0}, +{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1063]),0}, +{"OCSPSigning","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1071]),0}, {"ISO","iso",NID_iso,0,NULL,0}, -{"member-body","ISO Member Body",NID_member_body,1,&(lvalues[1085]),0}, -{"ISO-US","ISO US Member Body",NID_ISO_US,3,&(lvalues[1086]),0}, -{"X9-57","X9.57",NID_X9_57,5,&(lvalues[1089]),0}, -{"X9cm","X9.57 CM ?",NID_X9cm,6,&(lvalues[1094]),0}, -{"pkcs1","pkcs1",NID_pkcs1,8,&(lvalues[1100]),0}, -{"pkcs5","pkcs5",NID_pkcs5,8,&(lvalues[1108]),0}, -{"SMIME","S/MIME",NID_SMIME,9,&(lvalues[1116]),0}, -{"id-smime-mod","id-smime-mod",NID_id_smime_mod,10,&(lvalues[1125]),0}, -{"id-smime-ct","id-smime-ct",NID_id_smime_ct,10,&(lvalues[1135]),0}, -{"id-smime-aa","id-smime-aa",NID_id_smime_aa,10,&(lvalues[1145]),0}, -{"id-smime-alg","id-smime-alg",NID_id_smime_alg,10,&(lvalues[1155]),0}, -{"id-smime-cd","id-smime-cd",NID_id_smime_cd,10,&(lvalues[1165]),0}, -{"id-smime-spq","id-smime-spq",NID_id_smime_spq,10,&(lvalues[1175]),0}, -{"id-smime-cti","id-smime-cti",NID_id_smime_cti,10,&(lvalues[1185]),0}, +{"member-body","ISO Member Body",NID_member_body,1,&(lvalues[1079]),0}, +{"ISO-US","ISO US Member Body",NID_ISO_US,3,&(lvalues[1080]),0}, +{"X9-57","X9.57",NID_X9_57,5,&(lvalues[1083]),0}, +{"X9cm","X9.57 CM ?",NID_X9cm,6,&(lvalues[1088]),0}, +{"pkcs1","pkcs1",NID_pkcs1,8,&(lvalues[1094]),0}, +{"pkcs5","pkcs5",NID_pkcs5,8,&(lvalues[1102]),0}, +{"SMIME","S/MIME",NID_SMIME,9,&(lvalues[1110]),0}, +{"id-smime-mod","id-smime-mod",NID_id_smime_mod,10,&(lvalues[1119]),0}, +{"id-smime-ct","id-smime-ct",NID_id_smime_ct,10,&(lvalues[1129]),0}, +{"id-smime-aa","id-smime-aa",NID_id_smime_aa,10,&(lvalues[1139]),0}, +{"id-smime-alg","id-smime-alg",NID_id_smime_alg,10,&(lvalues[1149]),0}, +{"id-smime-cd","id-smime-cd",NID_id_smime_cd,10,&(lvalues[1159]),0}, +{"id-smime-spq","id-smime-spq",NID_id_smime_spq,10,&(lvalues[1169]),0}, +{"id-smime-cti","id-smime-cti",NID_id_smime_cti,10,&(lvalues[1179]),0}, {"id-smime-mod-cms","id-smime-mod-cms",NID_id_smime_mod_cms,11, - &(lvalues[1195]),0}, + &(lvalues[1189]),0}, {"id-smime-mod-ess","id-smime-mod-ess",NID_id_smime_mod_ess,11, - &(lvalues[1206]),0}, + &(lvalues[1200]),0}, {"id-smime-mod-oid","id-smime-mod-oid",NID_id_smime_mod_oid,11, - &(lvalues[1217]),0}, + &(lvalues[1211]),0}, {"id-smime-mod-msg-v3","id-smime-mod-msg-v3",NID_id_smime_mod_msg_v3, - 11,&(lvalues[1228]),0}, + 11,&(lvalues[1222]),0}, {"id-smime-mod-ets-eSignature-88","id-smime-mod-ets-eSignature-88", - NID_id_smime_mod_ets_eSignature_88,11,&(lvalues[1239]),0}, + NID_id_smime_mod_ets_eSignature_88,11,&(lvalues[1233]),0}, {"id-smime-mod-ets-eSignature-97","id-smime-mod-ets-eSignature-97", - NID_id_smime_mod_ets_eSignature_97,11,&(lvalues[1250]),0}, + NID_id_smime_mod_ets_eSignature_97,11,&(lvalues[1244]),0}, {"id-smime-mod-ets-eSigPolicy-88","id-smime-mod-ets-eSigPolicy-88", - NID_id_smime_mod_ets_eSigPolicy_88,11,&(lvalues[1261]),0}, + NID_id_smime_mod_ets_eSigPolicy_88,11,&(lvalues[1255]),0}, {"id-smime-mod-ets-eSigPolicy-97","id-smime-mod-ets-eSigPolicy-97", - NID_id_smime_mod_ets_eSigPolicy_97,11,&(lvalues[1272]),0}, + NID_id_smime_mod_ets_eSigPolicy_97,11,&(lvalues[1266]),0}, {"id-smime-ct-receipt","id-smime-ct-receipt",NID_id_smime_ct_receipt, - 11,&(lvalues[1283]),0}, + 11,&(lvalues[1277]),0}, {"id-smime-ct-authData","id-smime-ct-authData", - NID_id_smime_ct_authData,11,&(lvalues[1294]),0}, + NID_id_smime_ct_authData,11,&(lvalues[1288]),0}, {"id-smime-ct-publishCert","id-smime-ct-publishCert", - NID_id_smime_ct_publishCert,11,&(lvalues[1305]),0}, + NID_id_smime_ct_publishCert,11,&(lvalues[1299]),0}, {"id-smime-ct-TSTInfo","id-smime-ct-TSTInfo",NID_id_smime_ct_TSTInfo, - 11,&(lvalues[1316]),0}, + 11,&(lvalues[1310]),0}, {"id-smime-ct-TDTInfo","id-smime-ct-TDTInfo",NID_id_smime_ct_TDTInfo, - 11,&(lvalues[1327]),0}, + 11,&(lvalues[1321]),0}, {"id-smime-ct-contentInfo","id-smime-ct-contentInfo", - NID_id_smime_ct_contentInfo,11,&(lvalues[1338]),0}, + NID_id_smime_ct_contentInfo,11,&(lvalues[1332]),0}, {"id-smime-ct-DVCSRequestData","id-smime-ct-DVCSRequestData", - NID_id_smime_ct_DVCSRequestData,11,&(lvalues[1349]),0}, + NID_id_smime_ct_DVCSRequestData,11,&(lvalues[1343]),0}, {"id-smime-ct-DVCSResponseData","id-smime-ct-DVCSResponseData", - NID_id_smime_ct_DVCSResponseData,11,&(lvalues[1360]),0}, + NID_id_smime_ct_DVCSResponseData,11,&(lvalues[1354]),0}, {"id-smime-aa-receiptRequest","id-smime-aa-receiptRequest", - NID_id_smime_aa_receiptRequest,11,&(lvalues[1371]),0}, + NID_id_smime_aa_receiptRequest,11,&(lvalues[1365]),0}, {"id-smime-aa-securityLabel","id-smime-aa-securityLabel", - NID_id_smime_aa_securityLabel,11,&(lvalues[1382]),0}, + NID_id_smime_aa_securityLabel,11,&(lvalues[1376]),0}, {"id-smime-aa-mlExpandHistory","id-smime-aa-mlExpandHistory", - NID_id_smime_aa_mlExpandHistory,11,&(lvalues[1393]),0}, + NID_id_smime_aa_mlExpandHistory,11,&(lvalues[1387]),0}, {"id-smime-aa-contentHint","id-smime-aa-contentHint", - NID_id_smime_aa_contentHint,11,&(lvalues[1404]),0}, + NID_id_smime_aa_contentHint,11,&(lvalues[1398]),0}, {"id-smime-aa-msgSigDigest","id-smime-aa-msgSigDigest", - NID_id_smime_aa_msgSigDigest,11,&(lvalues[1415]),0}, + NID_id_smime_aa_msgSigDigest,11,&(lvalues[1409]),0}, {"id-smime-aa-encapContentType","id-smime-aa-encapContentType", - NID_id_smime_aa_encapContentType,11,&(lvalues[1426]),0}, + NID_id_smime_aa_encapContentType,11,&(lvalues[1420]),0}, {"id-smime-aa-contentIdentifier","id-smime-aa-contentIdentifier", - NID_id_smime_aa_contentIdentifier,11,&(lvalues[1437]),0}, + NID_id_smime_aa_contentIdentifier,11,&(lvalues[1431]),0}, {"id-smime-aa-macValue","id-smime-aa-macValue", - NID_id_smime_aa_macValue,11,&(lvalues[1448]),0}, + NID_id_smime_aa_macValue,11,&(lvalues[1442]),0}, {"id-smime-aa-equivalentLabels","id-smime-aa-equivalentLabels", - NID_id_smime_aa_equivalentLabels,11,&(lvalues[1459]),0}, + NID_id_smime_aa_equivalentLabels,11,&(lvalues[1453]),0}, {"id-smime-aa-contentReference","id-smime-aa-contentReference", - NID_id_smime_aa_contentReference,11,&(lvalues[1470]),0}, + NID_id_smime_aa_contentReference,11,&(lvalues[1464]),0}, {"id-smime-aa-encrypKeyPref","id-smime-aa-encrypKeyPref", - NID_id_smime_aa_encrypKeyPref,11,&(lvalues[1481]),0}, + NID_id_smime_aa_encrypKeyPref,11,&(lvalues[1475]),0}, {"id-smime-aa-signingCertificate","id-smime-aa-signingCertificate", - NID_id_smime_aa_signingCertificate,11,&(lvalues[1492]),0}, + NID_id_smime_aa_signingCertificate,11,&(lvalues[1486]),0}, {"id-smime-aa-smimeEncryptCerts","id-smime-aa-smimeEncryptCerts", - NID_id_smime_aa_smimeEncryptCerts,11,&(lvalues[1503]),0}, + NID_id_smime_aa_smimeEncryptCerts,11,&(lvalues[1497]),0}, {"id-smime-aa-timeStampToken","id-smime-aa-timeStampToken", - NID_id_smime_aa_timeStampToken,11,&(lvalues[1514]),0}, + NID_id_smime_aa_timeStampToken,11,&(lvalues[1508]),0}, {"id-smime-aa-ets-sigPolicyId","id-smime-aa-ets-sigPolicyId", - NID_id_smime_aa_ets_sigPolicyId,11,&(lvalues[1525]),0}, + NID_id_smime_aa_ets_sigPolicyId,11,&(lvalues[1519]),0}, {"id-smime-aa-ets-commitmentType","id-smime-aa-ets-commitmentType", - NID_id_smime_aa_ets_commitmentType,11,&(lvalues[1536]),0}, + NID_id_smime_aa_ets_commitmentType,11,&(lvalues[1530]),0}, {"id-smime-aa-ets-signerLocation","id-smime-aa-ets-signerLocation", - NID_id_smime_aa_ets_signerLocation,11,&(lvalues[1547]),0}, + NID_id_smime_aa_ets_signerLocation,11,&(lvalues[1541]),0}, {"id-smime-aa-ets-signerAttr","id-smime-aa-ets-signerAttr", - NID_id_smime_aa_ets_signerAttr,11,&(lvalues[1558]),0}, + NID_id_smime_aa_ets_signerAttr,11,&(lvalues[1552]),0}, {"id-smime-aa-ets-otherSigCert","id-smime-aa-ets-otherSigCert", - NID_id_smime_aa_ets_otherSigCert,11,&(lvalues[1569]),0}, + NID_id_smime_aa_ets_otherSigCert,11,&(lvalues[1563]),0}, {"id-smime-aa-ets-contentTimestamp", "id-smime-aa-ets-contentTimestamp", - NID_id_smime_aa_ets_contentTimestamp,11,&(lvalues[1580]),0}, + NID_id_smime_aa_ets_contentTimestamp,11,&(lvalues[1574]),0}, {"id-smime-aa-ets-CertificateRefs","id-smime-aa-ets-CertificateRefs", - NID_id_smime_aa_ets_CertificateRefs,11,&(lvalues[1591]),0}, + NID_id_smime_aa_ets_CertificateRefs,11,&(lvalues[1585]),0}, {"id-smime-aa-ets-RevocationRefs","id-smime-aa-ets-RevocationRefs", - NID_id_smime_aa_ets_RevocationRefs,11,&(lvalues[1602]),0}, + NID_id_smime_aa_ets_RevocationRefs,11,&(lvalues[1596]),0}, {"id-smime-aa-ets-certValues","id-smime-aa-ets-certValues", - NID_id_smime_aa_ets_certValues,11,&(lvalues[1613]),0}, + NID_id_smime_aa_ets_certValues,11,&(lvalues[1607]),0}, {"id-smime-aa-ets-revocationValues", "id-smime-aa-ets-revocationValues", - NID_id_smime_aa_ets_revocationValues,11,&(lvalues[1624]),0}, + NID_id_smime_aa_ets_revocationValues,11,&(lvalues[1618]),0}, {"id-smime-aa-ets-escTimeStamp","id-smime-aa-ets-escTimeStamp", - NID_id_smime_aa_ets_escTimeStamp,11,&(lvalues[1635]),0}, + NID_id_smime_aa_ets_escTimeStamp,11,&(lvalues[1629]),0}, {"id-smime-aa-ets-certCRLTimestamp", "id-smime-aa-ets-certCRLTimestamp", - NID_id_smime_aa_ets_certCRLTimestamp,11,&(lvalues[1646]),0}, + NID_id_smime_aa_ets_certCRLTimestamp,11,&(lvalues[1640]),0}, {"id-smime-aa-ets-archiveTimeStamp", "id-smime-aa-ets-archiveTimeStamp", - NID_id_smime_aa_ets_archiveTimeStamp,11,&(lvalues[1657]),0}, + NID_id_smime_aa_ets_archiveTimeStamp,11,&(lvalues[1651]),0}, {"id-smime-aa-signatureType","id-smime-aa-signatureType", - NID_id_smime_aa_signatureType,11,&(lvalues[1668]),0}, + NID_id_smime_aa_signatureType,11,&(lvalues[1662]),0}, {"id-smime-aa-dvcs-dvc","id-smime-aa-dvcs-dvc", - NID_id_smime_aa_dvcs_dvc,11,&(lvalues[1679]),0}, + NID_id_smime_aa_dvcs_dvc,11,&(lvalues[1673]),0}, {"id-smime-alg-ESDHwith3DES","id-smime-alg-ESDHwith3DES", - NID_id_smime_alg_ESDHwith3DES,11,&(lvalues[1690]),0}, + NID_id_smime_alg_ESDHwith3DES,11,&(lvalues[1684]),0}, {"id-smime-alg-ESDHwithRC2","id-smime-alg-ESDHwithRC2", - NID_id_smime_alg_ESDHwithRC2,11,&(lvalues[1701]),0}, + NID_id_smime_alg_ESDHwithRC2,11,&(lvalues[1695]),0}, {"id-smime-alg-3DESwrap","id-smime-alg-3DESwrap", - NID_id_smime_alg_3DESwrap,11,&(lvalues[1712]),0}, + NID_id_smime_alg_3DESwrap,11,&(lvalues[1706]),0}, {"id-smime-alg-RC2wrap","id-smime-alg-RC2wrap", - NID_id_smime_alg_RC2wrap,11,&(lvalues[1723]),0}, + NID_id_smime_alg_RC2wrap,11,&(lvalues[1717]),0}, {"id-smime-alg-ESDH","id-smime-alg-ESDH",NID_id_smime_alg_ESDH,11, - &(lvalues[1734]),0}, + &(lvalues[1728]),0}, {"id-smime-alg-CMS3DESwrap","id-smime-alg-CMS3DESwrap", - NID_id_smime_alg_CMS3DESwrap,11,&(lvalues[1745]),0}, + NID_id_smime_alg_CMS3DESwrap,11,&(lvalues[1739]),0}, {"id-smime-alg-CMSRC2wrap","id-smime-alg-CMSRC2wrap", - NID_id_smime_alg_CMSRC2wrap,11,&(lvalues[1756]),0}, + NID_id_smime_alg_CMSRC2wrap,11,&(lvalues[1750]),0}, {"id-smime-cd-ldap","id-smime-cd-ldap",NID_id_smime_cd_ldap,11, - &(lvalues[1767]),0}, + &(lvalues[1761]),0}, {"id-smime-spq-ets-sqt-uri","id-smime-spq-ets-sqt-uri", - NID_id_smime_spq_ets_sqt_uri,11,&(lvalues[1778]),0}, + NID_id_smime_spq_ets_sqt_uri,11,&(lvalues[1772]),0}, {"id-smime-spq-ets-sqt-unotice","id-smime-spq-ets-sqt-unotice", - NID_id_smime_spq_ets_sqt_unotice,11,&(lvalues[1789]),0}, + NID_id_smime_spq_ets_sqt_unotice,11,&(lvalues[1783]),0}, {"id-smime-cti-ets-proofOfOrigin","id-smime-cti-ets-proofOfOrigin", - NID_id_smime_cti_ets_proofOfOrigin,11,&(lvalues[1800]),0}, + NID_id_smime_cti_ets_proofOfOrigin,11,&(lvalues[1794]),0}, {"id-smime-cti-ets-proofOfReceipt","id-smime-cti-ets-proofOfReceipt", - NID_id_smime_cti_ets_proofOfReceipt,11,&(lvalues[1811]),0}, + NID_id_smime_cti_ets_proofOfReceipt,11,&(lvalues[1805]),0}, {"id-smime-cti-ets-proofOfDelivery", "id-smime-cti-ets-proofOfDelivery", - NID_id_smime_cti_ets_proofOfDelivery,11,&(lvalues[1822]),0}, + NID_id_smime_cti_ets_proofOfDelivery,11,&(lvalues[1816]),0}, {"id-smime-cti-ets-proofOfSender","id-smime-cti-ets-proofOfSender", - NID_id_smime_cti_ets_proofOfSender,11,&(lvalues[1833]),0}, + NID_id_smime_cti_ets_proofOfSender,11,&(lvalues[1827]),0}, {"id-smime-cti-ets-proofOfApproval", "id-smime-cti-ets-proofOfApproval", - NID_id_smime_cti_ets_proofOfApproval,11,&(lvalues[1844]),0}, + NID_id_smime_cti_ets_proofOfApproval,11,&(lvalues[1838]),0}, {"id-smime-cti-ets-proofOfCreation", "id-smime-cti-ets-proofOfCreation", - NID_id_smime_cti_ets_proofOfCreation,11,&(lvalues[1855]),0}, -{"MD4","md4",NID_md4,8,&(lvalues[1866]),0}, -{"id-pkix-mod","id-pkix-mod",NID_id_pkix_mod,7,&(lvalues[1874]),0}, -{"id-qt","id-qt",NID_id_qt,7,&(lvalues[1881]),0}, -{"id-it","id-it",NID_id_it,7,&(lvalues[1888]),0}, -{"id-pkip","id-pkip",NID_id_pkip,7,&(lvalues[1895]),0}, -{"id-alg","id-alg",NID_id_alg,7,&(lvalues[1902]),0}, -{"id-cmc","id-cmc",NID_id_cmc,7,&(lvalues[1909]),0}, -{"id-on","id-on",NID_id_on,7,&(lvalues[1916]),0}, -{"id-pda","id-pda",NID_id_pda,7,&(lvalues[1923]),0}, -{"id-aca","id-aca",NID_id_aca,7,&(lvalues[1930]),0}, -{"id-qcs","id-qcs",NID_id_qcs,7,&(lvalues[1937]),0}, -{"id-cct","id-cct",NID_id_cct,7,&(lvalues[1944]),0}, + NID_id_smime_cti_ets_proofOfCreation,11,&(lvalues[1849]),0}, +{"MD4","md4",NID_md4,8,&(lvalues[1860]),0}, +{"id-pkix-mod","id-pkix-mod",NID_id_pkix_mod,7,&(lvalues[1868]),0}, +{"id-qt","id-qt",NID_id_qt,7,&(lvalues[1875]),0}, +{"id-it","id-it",NID_id_it,7,&(lvalues[1882]),0}, +{"id-pkip","id-pkip",NID_id_pkip,7,&(lvalues[1889]),0}, +{"id-alg","id-alg",NID_id_alg,7,&(lvalues[1896]),0}, +{"id-cmc","id-cmc",NID_id_cmc,7,&(lvalues[1903]),0}, +{"id-on","id-on",NID_id_on,7,&(lvalues[1910]),0}, +{"id-pda","id-pda",NID_id_pda,7,&(lvalues[1917]),0}, +{"id-aca","id-aca",NID_id_aca,7,&(lvalues[1924]),0}, +{"id-qcs","id-qcs",NID_id_qcs,7,&(lvalues[1931]),0}, +{"id-cct","id-cct",NID_id_cct,7,&(lvalues[1938]),0}, {"id-pkix1-explicit-88","id-pkix1-explicit-88", - NID_id_pkix1_explicit_88,8,&(lvalues[1951]),0}, + NID_id_pkix1_explicit_88,8,&(lvalues[1945]),0}, {"id-pkix1-implicit-88","id-pkix1-implicit-88", - NID_id_pkix1_implicit_88,8,&(lvalues[1959]),0}, + NID_id_pkix1_implicit_88,8,&(lvalues[1953]),0}, {"id-pkix1-explicit-93","id-pkix1-explicit-93", - NID_id_pkix1_explicit_93,8,&(lvalues[1967]),0}, + NID_id_pkix1_explicit_93,8,&(lvalues[1961]),0}, {"id-pkix1-implicit-93","id-pkix1-implicit-93", - NID_id_pkix1_implicit_93,8,&(lvalues[1975]),0}, -{"id-mod-crmf","id-mod-crmf",NID_id_mod_crmf,8,&(lvalues[1983]),0}, -{"id-mod-cmc","id-mod-cmc",NID_id_mod_cmc,8,&(lvalues[1991]),0}, + NID_id_pkix1_implicit_93,8,&(lvalues[1969]),0}, +{"id-mod-crmf","id-mod-crmf",NID_id_mod_crmf,8,&(lvalues[1977]),0}, +{"id-mod-cmc","id-mod-cmc",NID_id_mod_cmc,8,&(lvalues[1985]),0}, {"id-mod-kea-profile-88","id-mod-kea-profile-88", - NID_id_mod_kea_profile_88,8,&(lvalues[1999]),0}, + NID_id_mod_kea_profile_88,8,&(lvalues[1993]),0}, {"id-mod-kea-profile-93","id-mod-kea-profile-93", - NID_id_mod_kea_profile_93,8,&(lvalues[2007]),0}, -{"id-mod-cmp","id-mod-cmp",NID_id_mod_cmp,8,&(lvalues[2015]),0}, + NID_id_mod_kea_profile_93,8,&(lvalues[2001]),0}, +{"id-mod-cmp","id-mod-cmp",NID_id_mod_cmp,8,&(lvalues[2009]),0}, {"id-mod-qualified-cert-88","id-mod-qualified-cert-88", - NID_id_mod_qualified_cert_88,8,&(lvalues[2023]),0}, + NID_id_mod_qualified_cert_88,8,&(lvalues[2017]),0}, {"id-mod-qualified-cert-93","id-mod-qualified-cert-93", - NID_id_mod_qualified_cert_93,8,&(lvalues[2031]),0}, + NID_id_mod_qualified_cert_93,8,&(lvalues[2025]),0}, {"id-mod-attribute-cert","id-mod-attribute-cert", - NID_id_mod_attribute_cert,8,&(lvalues[2039]),0}, + NID_id_mod_attribute_cert,8,&(lvalues[2033]),0}, {"id-mod-timestamp-protocol","id-mod-timestamp-protocol", - NID_id_mod_timestamp_protocol,8,&(lvalues[2047]),0}, -{"id-mod-ocsp","id-mod-ocsp",NID_id_mod_ocsp,8,&(lvalues[2055]),0}, -{"id-mod-dvcs","id-mod-dvcs",NID_id_mod_dvcs,8,&(lvalues[2063]),0}, + NID_id_mod_timestamp_protocol,8,&(lvalues[2041]),0}, +{"id-mod-ocsp","id-mod-ocsp",NID_id_mod_ocsp,8,&(lvalues[2049]),0}, +{"id-mod-dvcs","id-mod-dvcs",NID_id_mod_dvcs,8,&(lvalues[2057]),0}, {"id-mod-cmp2000","id-mod-cmp2000",NID_id_mod_cmp2000,8, - &(lvalues[2071]),0}, -{"biometricInfo","Biometric Info",NID_biometricInfo,8,&(lvalues[2079]),0}, -{"qcStatements","qcStatements",NID_qcStatements,8,&(lvalues[2087]),0}, + &(lvalues[2065]),0}, +{"biometricInfo","Biometric Info",NID_biometricInfo,8,&(lvalues[2073]),0}, +{"qcStatements","qcStatements",NID_qcStatements,8,&(lvalues[2081]),0}, {"ac-auditEntity","ac-auditEntity",NID_ac_auditEntity,8, - &(lvalues[2095]),0}, -{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2103]),0}, -{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2111]),0}, + &(lvalues[2089]),0}, +{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2097]),0}, +{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2105]),0}, {"sbgp-ipAddrBlock","sbgp-ipAddrBlock",NID_sbgp_ipAddrBlock,8, - &(lvalues[2119]),0}, + &(lvalues[2113]),0}, {"sbgp-autonomousSysNum","sbgp-autonomousSysNum", - NID_sbgp_autonomousSysNum,8,&(lvalues[2127]),0}, + NID_sbgp_autonomousSysNum,8,&(lvalues[2121]),0}, {"sbgp-routerIdentifier","sbgp-routerIdentifier", - NID_sbgp_routerIdentifier,8,&(lvalues[2135]),0}, -{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2143]),0}, + NID_sbgp_routerIdentifier,8,&(lvalues[2129]),0}, +{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2137]),0}, {"ipsecEndSystem","IPSec End System",NID_ipsecEndSystem,8, - &(lvalues[2151]),0}, -{"ipsecTunnel","IPSec Tunnel",NID_ipsecTunnel,8,&(lvalues[2159]),0}, -{"ipsecUser","IPSec User",NID_ipsecUser,8,&(lvalues[2167]),0}, -{"DVCS","dvcs",NID_dvcs,8,&(lvalues[2175]),0}, + &(lvalues[2145]),0}, +{"ipsecTunnel","IPSec Tunnel",NID_ipsecTunnel,8,&(lvalues[2153]),0}, +{"ipsecUser","IPSec User",NID_ipsecUser,8,&(lvalues[2161]),0}, +{"DVCS","dvcs",NID_dvcs,8,&(lvalues[2169]),0}, {"id-it-caProtEncCert","id-it-caProtEncCert",NID_id_it_caProtEncCert, - 8,&(lvalues[2183]),0}, + 8,&(lvalues[2177]),0}, {"id-it-signKeyPairTypes","id-it-signKeyPairTypes", - NID_id_it_signKeyPairTypes,8,&(lvalues[2191]),0}, + NID_id_it_signKeyPairTypes,8,&(lvalues[2185]),0}, {"id-it-encKeyPairTypes","id-it-encKeyPairTypes", - NID_id_it_encKeyPairTypes,8,&(lvalues[2199]),0}, + NID_id_it_encKeyPairTypes,8,&(lvalues[2193]),0}, {"id-it-preferredSymmAlg","id-it-preferredSymmAlg", - NID_id_it_preferredSymmAlg,8,&(lvalues[2207]),0}, + NID_id_it_preferredSymmAlg,8,&(lvalues[2201]),0}, {"id-it-caKeyUpdateInfo","id-it-caKeyUpdateInfo", - NID_id_it_caKeyUpdateInfo,8,&(lvalues[2215]),0}, + NID_id_it_caKeyUpdateInfo,8,&(lvalues[2209]),0}, {"id-it-currentCRL","id-it-currentCRL",NID_id_it_currentCRL,8, - &(lvalues[2223]),0}, + &(lvalues[2217]),0}, {"id-it-unsupportedOIDs","id-it-unsupportedOIDs", - NID_id_it_unsupportedOIDs,8,&(lvalues[2231]),0}, + NID_id_it_unsupportedOIDs,8,&(lvalues[2225]),0}, {"id-it-subscriptionRequest","id-it-subscriptionRequest", - NID_id_it_subscriptionRequest,8,&(lvalues[2239]),0}, + NID_id_it_subscriptionRequest,8,&(lvalues[2233]),0}, {"id-it-subscriptionResponse","id-it-subscriptionResponse", - NID_id_it_subscriptionResponse,8,&(lvalues[2247]),0}, + NID_id_it_subscriptionResponse,8,&(lvalues[2241]),0}, {"id-it-keyPairParamReq","id-it-keyPairParamReq", - NID_id_it_keyPairParamReq,8,&(lvalues[2255]),0}, + NID_id_it_keyPairParamReq,8,&(lvalues[2249]),0}, {"id-it-keyPairParamRep","id-it-keyPairParamRep", - NID_id_it_keyPairParamRep,8,&(lvalues[2263]),0}, + NID_id_it_keyPairParamRep,8,&(lvalues[2257]),0}, {"id-it-revPassphrase","id-it-revPassphrase",NID_id_it_revPassphrase, - 8,&(lvalues[2271]),0}, + 8,&(lvalues[2265]),0}, {"id-it-implicitConfirm","id-it-implicitConfirm", - NID_id_it_implicitConfirm,8,&(lvalues[2279]),0}, + NID_id_it_implicitConfirm,8,&(lvalues[2273]),0}, {"id-it-confirmWaitTime","id-it-confirmWaitTime", - NID_id_it_confirmWaitTime,8,&(lvalues[2287]),0}, + NID_id_it_confirmWaitTime,8,&(lvalues[2281]),0}, {"id-it-origPKIMessage","id-it-origPKIMessage", - NID_id_it_origPKIMessage,8,&(lvalues[2295]),0}, -{"id-regCtrl","id-regCtrl",NID_id_regCtrl,8,&(lvalues[2303]),0}, -{"id-regInfo","id-regInfo",NID_id_regInfo,8,&(lvalues[2311]),0}, + NID_id_it_origPKIMessage,8,&(lvalues[2289]),0}, +{"id-regCtrl","id-regCtrl",NID_id_regCtrl,8,&(lvalues[2297]),0}, +{"id-regInfo","id-regInfo",NID_id_regInfo,8,&(lvalues[2305]),0}, {"id-regCtrl-regToken","id-regCtrl-regToken",NID_id_regCtrl_regToken, - 9,&(lvalues[2319]),0}, + 9,&(lvalues[2313]),0}, {"id-regCtrl-authenticator","id-regCtrl-authenticator", - NID_id_regCtrl_authenticator,9,&(lvalues[2328]),0}, + NID_id_regCtrl_authenticator,9,&(lvalues[2322]),0}, {"id-regCtrl-pkiPublicationInfo","id-regCtrl-pkiPublicationInfo", - NID_id_regCtrl_pkiPublicationInfo,9,&(lvalues[2337]),0}, + NID_id_regCtrl_pkiPublicationInfo,9,&(lvalues[2331]),0}, {"id-regCtrl-pkiArchiveOptions","id-regCtrl-pkiArchiveOptions", - NID_id_regCtrl_pkiArchiveOptions,9,&(lvalues[2346]),0}, + NID_id_regCtrl_pkiArchiveOptions,9,&(lvalues[2340]),0}, {"id-regCtrl-oldCertID","id-regCtrl-oldCertID", - NID_id_regCtrl_oldCertID,9,&(lvalues[2355]),0}, + NID_id_regCtrl_oldCertID,9,&(lvalues[2349]),0}, {"id-regCtrl-protocolEncrKey","id-regCtrl-protocolEncrKey", - NID_id_regCtrl_protocolEncrKey,9,&(lvalues[2364]),0}, + NID_id_regCtrl_protocolEncrKey,9,&(lvalues[2358]),0}, {"id-regInfo-utf8Pairs","id-regInfo-utf8Pairs", - NID_id_regInfo_utf8Pairs,9,&(lvalues[2373]),0}, + NID_id_regInfo_utf8Pairs,9,&(lvalues[2367]),0}, {"id-regInfo-certReq","id-regInfo-certReq",NID_id_regInfo_certReq,9, - &(lvalues[2382]),0}, -{"id-alg-des40","id-alg-des40",NID_id_alg_des40,8,&(lvalues[2391]),0}, + &(lvalues[2376]),0}, +{"id-alg-des40","id-alg-des40",NID_id_alg_des40,8,&(lvalues[2385]),0}, {"id-alg-noSignature","id-alg-noSignature",NID_id_alg_noSignature,8, - &(lvalues[2399]),0}, + &(lvalues[2393]),0}, {"id-alg-dh-sig-hmac-sha1","id-alg-dh-sig-hmac-sha1", - NID_id_alg_dh_sig_hmac_sha1,8,&(lvalues[2407]),0}, -{"id-alg-dh-pop","id-alg-dh-pop",NID_id_alg_dh_pop,8,&(lvalues[2415]),0}, + NID_id_alg_dh_sig_hmac_sha1,8,&(lvalues[2401]),0}, +{"id-alg-dh-pop","id-alg-dh-pop",NID_id_alg_dh_pop,8,&(lvalues[2409]),0}, {"id-cmc-statusInfo","id-cmc-statusInfo",NID_id_cmc_statusInfo,8, - &(lvalues[2423]),0}, + &(lvalues[2417]),0}, {"id-cmc-identification","id-cmc-identification", - NID_id_cmc_identification,8,&(lvalues[2431]),0}, + NID_id_cmc_identification,8,&(lvalues[2425]),0}, {"id-cmc-identityProof","id-cmc-identityProof", - NID_id_cmc_identityProof,8,&(lvalues[2439]),0}, + NID_id_cmc_identityProof,8,&(lvalues[2433]),0}, {"id-cmc-dataReturn","id-cmc-dataReturn",NID_id_cmc_dataReturn,8, - &(lvalues[2447]),0}, + &(lvalues[2441]),0}, {"id-cmc-transactionId","id-cmc-transactionId", - NID_id_cmc_transactionId,8,&(lvalues[2455]),0}, + NID_id_cmc_transactionId,8,&(lvalues[2449]),0}, {"id-cmc-senderNonce","id-cmc-senderNonce",NID_id_cmc_senderNonce,8, - &(lvalues[2463]),0}, + &(lvalues[2457]),0}, {"id-cmc-recipientNonce","id-cmc-recipientNonce", - NID_id_cmc_recipientNonce,8,&(lvalues[2471]),0}, + NID_id_cmc_recipientNonce,8,&(lvalues[2465]),0}, {"id-cmc-addExtensions","id-cmc-addExtensions", - NID_id_cmc_addExtensions,8,&(lvalues[2479]),0}, + NID_id_cmc_addExtensions,8,&(lvalues[2473]),0}, {"id-cmc-encryptedPOP","id-cmc-encryptedPOP",NID_id_cmc_encryptedPOP, - 8,&(lvalues[2487]),0}, + 8,&(lvalues[2481]),0}, {"id-cmc-decryptedPOP","id-cmc-decryptedPOP",NID_id_cmc_decryptedPOP, - 8,&(lvalues[2495]),0}, + 8,&(lvalues[2489]),0}, {"id-cmc-lraPOPWitness","id-cmc-lraPOPWitness", - NID_id_cmc_lraPOPWitness,8,&(lvalues[2503]),0}, + NID_id_cmc_lraPOPWitness,8,&(lvalues[2497]),0}, {"id-cmc-getCert","id-cmc-getCert",NID_id_cmc_getCert,8, - &(lvalues[2511]),0}, -{"id-cmc-getCRL","id-cmc-getCRL",NID_id_cmc_getCRL,8,&(lvalues[2519]),0}, + &(lvalues[2505]),0}, +{"id-cmc-getCRL","id-cmc-getCRL",NID_id_cmc_getCRL,8,&(lvalues[2513]),0}, {"id-cmc-revokeRequest","id-cmc-revokeRequest", - NID_id_cmc_revokeRequest,8,&(lvalues[2527]),0}, + NID_id_cmc_revokeRequest,8,&(lvalues[2521]),0}, {"id-cmc-regInfo","id-cmc-regInfo",NID_id_cmc_regInfo,8, - &(lvalues[2535]),0}, + &(lvalues[2529]),0}, {"id-cmc-responseInfo","id-cmc-responseInfo",NID_id_cmc_responseInfo, - 8,&(lvalues[2543]),0}, + 8,&(lvalues[2537]),0}, {"id-cmc-queryPending","id-cmc-queryPending",NID_id_cmc_queryPending, - 8,&(lvalues[2551]),0}, + 8,&(lvalues[2545]),0}, {"id-cmc-popLinkRandom","id-cmc-popLinkRandom", - NID_id_cmc_popLinkRandom,8,&(lvalues[2559]),0}, + NID_id_cmc_popLinkRandom,8,&(lvalues[2553]),0}, {"id-cmc-popLinkWitness","id-cmc-popLinkWitness", - NID_id_cmc_popLinkWitness,8,&(lvalues[2567]),0}, + NID_id_cmc_popLinkWitness,8,&(lvalues[2561]),0}, {"id-cmc-confirmCertAcceptance","id-cmc-confirmCertAcceptance", - NID_id_cmc_confirmCertAcceptance,8,&(lvalues[2575]),0}, + NID_id_cmc_confirmCertAcceptance,8,&(lvalues[2569]),0}, {"id-on-personalData","id-on-personalData",NID_id_on_personalData,8, - &(lvalues[2583]),0}, + &(lvalues[2577]),0}, {"id-pda-dateOfBirth","id-pda-dateOfBirth",NID_id_pda_dateOfBirth,8, - &(lvalues[2591]),0}, + &(lvalues[2585]),0}, {"id-pda-placeOfBirth","id-pda-placeOfBirth",NID_id_pda_placeOfBirth, - 8,&(lvalues[2599]),0}, + 8,&(lvalues[2593]),0}, {NULL,NULL,NID_undef,0,NULL,0}, -{"id-pda-gender","id-pda-gender",NID_id_pda_gender,8,&(lvalues[2607]),0}, +{"id-pda-gender","id-pda-gender",NID_id_pda_gender,8,&(lvalues[2601]),0}, {"id-pda-countryOfCitizenship","id-pda-countryOfCitizenship", - NID_id_pda_countryOfCitizenship,8,&(lvalues[2615]),0}, + NID_id_pda_countryOfCitizenship,8,&(lvalues[2609]),0}, {"id-pda-countryOfResidence","id-pda-countryOfResidence", - NID_id_pda_countryOfResidence,8,&(lvalues[2623]),0}, + NID_id_pda_countryOfResidence,8,&(lvalues[2617]),0}, {"id-aca-authenticationInfo","id-aca-authenticationInfo", - NID_id_aca_authenticationInfo,8,&(lvalues[2631]),0}, + NID_id_aca_authenticationInfo,8,&(lvalues[2625]),0}, {"id-aca-accessIdentity","id-aca-accessIdentity", - NID_id_aca_accessIdentity,8,&(lvalues[2639]),0}, + NID_id_aca_accessIdentity,8,&(lvalues[2633]),0}, {"id-aca-chargingIdentity","id-aca-chargingIdentity", - NID_id_aca_chargingIdentity,8,&(lvalues[2647]),0}, -{"id-aca-group","id-aca-group",NID_id_aca_group,8,&(lvalues[2655]),0}, -{"id-aca-role","id-aca-role",NID_id_aca_role,8,&(lvalues[2663]),0}, + NID_id_aca_chargingIdentity,8,&(lvalues[2641]),0}, +{"id-aca-group","id-aca-group",NID_id_aca_group,8,&(lvalues[2649]),0}, +{"id-aca-role","id-aca-role",NID_id_aca_role,8,&(lvalues[2657]),0}, {"id-qcs-pkixQCSyntax-v1","id-qcs-pkixQCSyntax-v1", - NID_id_qcs_pkixQCSyntax_v1,8,&(lvalues[2671]),0}, -{"id-cct-crs","id-cct-crs",NID_id_cct_crs,8,&(lvalues[2679]),0}, + NID_id_qcs_pkixQCSyntax_v1,8,&(lvalues[2665]),0}, +{"id-cct-crs","id-cct-crs",NID_id_cct_crs,8,&(lvalues[2673]),0}, {"id-cct-PKIData","id-cct-PKIData",NID_id_cct_PKIData,8, - &(lvalues[2687]),0}, + &(lvalues[2681]),0}, {"id-cct-PKIResponse","id-cct-PKIResponse",NID_id_cct_PKIResponse,8, - &(lvalues[2695]),0}, + &(lvalues[2689]),0}, {"ad_timestamping","AD Time Stamping",NID_ad_timeStamping,8, - &(lvalues[2703]),0}, -{"AD_DVCS","ad dvcs",NID_ad_dvcs,8,&(lvalues[2711]),0}, + &(lvalues[2697]),0}, +{"AD_DVCS","ad dvcs",NID_ad_dvcs,8,&(lvalues[2705]),0}, {"basicOCSPResponse","Basic OCSP Response",NID_id_pkix_OCSP_basic,9, - &(lvalues[2719]),0}, -{"Nonce","OCSP Nonce",NID_id_pkix_OCSP_Nonce,9,&(lvalues[2728]),0}, -{"CrlID","OCSP CRL ID",NID_id_pkix_OCSP_CrlID,9,&(lvalues[2737]),0}, + &(lvalues[2713]),0}, +{"Nonce","OCSP Nonce",NID_id_pkix_OCSP_Nonce,9,&(lvalues[2722]),0}, +{"CrlID","OCSP CRL ID",NID_id_pkix_OCSP_CrlID,9,&(lvalues[2731]),0}, {"acceptableResponses","Acceptable OCSP Responses", - NID_id_pkix_OCSP_acceptableResponses,9,&(lvalues[2746]),0}, -{"noCheck","OCSP No Check",NID_id_pkix_OCSP_noCheck,9,&(lvalues[2755]),0}, + NID_id_pkix_OCSP_acceptableResponses,9,&(lvalues[2740]),0}, +{"noCheck","OCSP No Check",NID_id_pkix_OCSP_noCheck,9,&(lvalues[2749]),0}, {"archiveCutoff","OCSP Archive Cutoff",NID_id_pkix_OCSP_archiveCutoff, - 9,&(lvalues[2764]),0}, + 9,&(lvalues[2758]),0}, {"serviceLocator","OCSP Service Locator", - NID_id_pkix_OCSP_serviceLocator,9,&(lvalues[2773]),0}, + NID_id_pkix_OCSP_serviceLocator,9,&(lvalues[2767]),0}, {"extendedStatus","Extended OCSP Status", - NID_id_pkix_OCSP_extendedStatus,9,&(lvalues[2782]),0}, -{"valid","valid",NID_id_pkix_OCSP_valid,9,&(lvalues[2791]),0}, -{"path","path",NID_id_pkix_OCSP_path,9,&(lvalues[2800]),0}, + NID_id_pkix_OCSP_extendedStatus,9,&(lvalues[2776]),0}, +{"valid","valid",NID_id_pkix_OCSP_valid,9,&(lvalues[2785]),0}, +{"path","path",NID_id_pkix_OCSP_path,9,&(lvalues[2794]),0}, {"trustRoot","Trust Root",NID_id_pkix_OCSP_trustRoot,9, - &(lvalues[2809]),0}, -{"algorithm","algorithm",NID_algorithm,4,&(lvalues[2818]),0}, -{"rsaSignature","rsaSignature",NID_rsaSignature,5,&(lvalues[2822]),0}, + &(lvalues[2803]),0}, +{"algorithm","algorithm",NID_algorithm,4,&(lvalues[2812]),0}, +{"rsaSignature","rsaSignature",NID_rsaSignature,5,&(lvalues[2816]),0}, {"X500algorithms","directory services - algorithms", - NID_X500algorithms,2,&(lvalues[2827]),0}, -{"ORG","org",NID_org,1,&(lvalues[2829]),0}, -{"DOD","dod",NID_dod,2,&(lvalues[2830]),0}, -{"IANA","iana",NID_iana,3,&(lvalues[2832]),0}, -{"directory","Directory",NID_Directory,4,&(lvalues[2835]),0}, -{"mgmt","Management",NID_Management,4,&(lvalues[2839]),0}, -{"experimental","Experimental",NID_Experimental,4,&(lvalues[2843]),0}, -{"private","Private",NID_Private,4,&(lvalues[2847]),0}, -{"security","Security",NID_Security,4,&(lvalues[2851]),0}, -{"snmpv2","SNMPv2",NID_SNMPv2,4,&(lvalues[2855]),0}, -{"Mail","Mail",NID_Mail,4,&(lvalues[2859]),0}, -{"enterprises","Enterprises",NID_Enterprises,5,&(lvalues[2863]),0}, -{"dcobject","dcObject",NID_dcObject,9,&(lvalues[2868]),0}, -{"DC","domainComponent",NID_domainComponent,10,&(lvalues[2877]),0}, -{"domain","Domain",NID_Domain,10,&(lvalues[2887]),0}, + NID_X500algorithms,2,&(lvalues[2821]),0}, +{"ORG","org",NID_org,1,&(lvalues[2823]),0}, +{"DOD","dod",NID_dod,2,&(lvalues[2824]),0}, +{"IANA","iana",NID_iana,3,&(lvalues[2826]),0}, +{"directory","Directory",NID_Directory,4,&(lvalues[2829]),0}, +{"mgmt","Management",NID_Management,4,&(lvalues[2833]),0}, +{"experimental","Experimental",NID_Experimental,4,&(lvalues[2837]),0}, +{"private","Private",NID_Private,4,&(lvalues[2841]),0}, +{"security","Security",NID_Security,4,&(lvalues[2845]),0}, +{"snmpv2","SNMPv2",NID_SNMPv2,4,&(lvalues[2849]),0}, +{"Mail","Mail",NID_Mail,4,&(lvalues[2853]),0}, +{"enterprises","Enterprises",NID_Enterprises,5,&(lvalues[2857]),0}, +{"dcobject","dcObject",NID_dcObject,9,&(lvalues[2862]),0}, +{"DC","domainComponent",NID_domainComponent,10,&(lvalues[2871]),0}, +{"domain","Domain",NID_Domain,10,&(lvalues[2881]),0}, {"NULL","NULL",NID_joint_iso_ccitt,0,NULL,0}, {"selected-attribute-types","Selected Attribute Types", - NID_selected_attribute_types,3,&(lvalues[2897]),0}, -{"clearance","clearance",NID_clearance,4,&(lvalues[2900]),0}, + NID_selected_attribute_types,3,&(lvalues[2891]),0}, +{"clearance","clearance",NID_clearance,4,&(lvalues[2894]),0}, {"RSA-MD4","md4WithRSAEncryption",NID_md4WithRSAEncryption,9, - &(lvalues[2904]),0}, -{"ac-proxying","ac-proxying",NID_ac_proxying,8,&(lvalues[2913]),0}, + &(lvalues[2898]),0}, +{"ac-proxying","ac-proxying",NID_ac_proxying,8,&(lvalues[2907]),0}, {"subjectInfoAccess","Subject Information Access",NID_sinfo_access,8, - &(lvalues[2921]),0}, + &(lvalues[2915]),0}, {"id-aca-encAttrs","id-aca-encAttrs",NID_id_aca_encAttrs,8, - &(lvalues[2929]),0}, -{"role","role",NID_role,3,&(lvalues[2937]),0}, + &(lvalues[2923]),0}, +{"role","role",NID_role,3,&(lvalues[2931]),0}, {"policyConstraints","X509v3 Policy Constraints", - NID_policy_constraints,3,&(lvalues[2940]),0}, + NID_policy_constraints,3,&(lvalues[2934]),0}, {"targetInformation","X509v3 AC Targeting",NID_target_information,3, - &(lvalues[2943]),0}, + &(lvalues[2937]),0}, {"noRevAvail","X509v3 No Revocation Available",NID_no_rev_avail,3, - &(lvalues[2946]),0}, + &(lvalues[2940]),0}, {"NULL","NULL",NID_ccitt,0,NULL,0}, -{"ansi-X9-62","ANSI X9.62",NID_ansi_X9_62,5,&(lvalues[2949]),0}, -{"prime-field","prime-field",NID_X9_62_prime_field,7,&(lvalues[2954]),0}, +{"ansi-X9-62","ANSI X9.62",NID_ansi_X9_62,5,&(lvalues[2943]),0}, +{"prime-field","prime-field",NID_X9_62_prime_field,7,&(lvalues[2948]),0}, {"characteristic-two-field","characteristic-two-field", - NID_X9_62_characteristic_two_field,7,&(lvalues[2961]),0}, + NID_X9_62_characteristic_two_field,7,&(lvalues[2955]),0}, {"id-ecPublicKey","id-ecPublicKey",NID_X9_62_id_ecPublicKey,7, - &(lvalues[2968]),0}, -{"prime192v1","prime192v1",NID_X9_62_prime192v1,8,&(lvalues[2975]),0}, -{"prime192v2","prime192v2",NID_X9_62_prime192v2,8,&(lvalues[2983]),0}, -{"prime192v3","prime192v3",NID_X9_62_prime192v3,8,&(lvalues[2991]),0}, -{"prime239v1","prime239v1",NID_X9_62_prime239v1,8,&(lvalues[2999]),0}, -{"prime239v2","prime239v2",NID_X9_62_prime239v2,8,&(lvalues[3007]),0}, -{"prime239v3","prime239v3",NID_X9_62_prime239v3,8,&(lvalues[3015]),0}, -{"prime256v1","prime256v1",NID_X9_62_prime256v1,8,&(lvalues[3023]),0}, + &(lvalues[2962]),0}, +{"prime192v1","prime192v1",NID_X9_62_prime192v1,8,&(lvalues[2969]),0}, +{"prime192v2","prime192v2",NID_X9_62_prime192v2,8,&(lvalues[2977]),0}, +{"prime192v3","prime192v3",NID_X9_62_prime192v3,8,&(lvalues[2985]),0}, +{"prime239v1","prime239v1",NID_X9_62_prime239v1,8,&(lvalues[2993]),0}, +{"prime239v2","prime239v2",NID_X9_62_prime239v2,8,&(lvalues[3001]),0}, +{"prime239v3","prime239v3",NID_X9_62_prime239v3,8,&(lvalues[3009]),0}, +{"prime256v1","prime256v1",NID_X9_62_prime256v1,8,&(lvalues[3017]),0}, {"ecdsa-with-SHA1","ecdsa-with-SHA1",NID_ecdsa_with_SHA1,7, - &(lvalues[3031]),0}, -{"CSPName","Microsoft CSP Name",NID_ms_csp_name,9,&(lvalues[3038]),0}, -{"AES-128-ECB","aes-128-ecb",NID_aes_128_ecb,9,&(lvalues[3047]),0}, -{"AES-128-CBC","aes-128-cbc",NID_aes_128_cbc,9,&(lvalues[3056]),0}, -{"AES-128-OFB","aes-128-ofb",NID_aes_128_ofb128,9,&(lvalues[3065]),0}, -{"AES-128-CFB","aes-128-cfb",NID_aes_128_cfb128,9,&(lvalues[3074]),0}, -{"AES-192-ECB","aes-192-ecb",NID_aes_192_ecb,9,&(lvalues[3083]),0}, -{"AES-192-CBC","aes-192-cbc",NID_aes_192_cbc,9,&(lvalues[3092]),0}, -{"AES-192-OFB","aes-192-ofb",NID_aes_192_ofb128,9,&(lvalues[3101]),0}, -{"AES-192-CFB","aes-192-cfb",NID_aes_192_cfb128,9,&(lvalues[3110]),0}, -{"AES-256-ECB","aes-256-ecb",NID_aes_256_ecb,9,&(lvalues[3119]),0}, -{"AES-256-CBC","aes-256-cbc",NID_aes_256_cbc,9,&(lvalues[3128]),0}, -{"AES-256-OFB","aes-256-ofb",NID_aes_256_ofb128,9,&(lvalues[3137]),0}, -{"AES-256-CFB","aes-256-cfb",NID_aes_256_cfb128,9,&(lvalues[3146]),0}, + &(lvalues[3025]),0}, +{"CSPName","Microsoft CSP Name",NID_ms_csp_name,9,&(lvalues[3032]),0}, +{"AES-128-ECB","aes-128-ecb",NID_aes_128_ecb,9,&(lvalues[3041]),0}, +{"AES-128-CBC","aes-128-cbc",NID_aes_128_cbc,9,&(lvalues[3050]),0}, +{"AES-128-OFB","aes-128-ofb",NID_aes_128_ofb128,9,&(lvalues[3059]),0}, +{"AES-128-CFB","aes-128-cfb",NID_aes_128_cfb128,9,&(lvalues[3068]),0}, +{"AES-192-ECB","aes-192-ecb",NID_aes_192_ecb,9,&(lvalues[3077]),0}, +{"AES-192-CBC","aes-192-cbc",NID_aes_192_cbc,9,&(lvalues[3086]),0}, +{"AES-192-OFB","aes-192-ofb",NID_aes_192_ofb128,9,&(lvalues[3095]),0}, +{"AES-192-CFB","aes-192-cfb",NID_aes_192_cfb128,9,&(lvalues[3104]),0}, +{"AES-256-ECB","aes-256-ecb",NID_aes_256_ecb,9,&(lvalues[3113]),0}, +{"AES-256-CBC","aes-256-cbc",NID_aes_256_cbc,9,&(lvalues[3122]),0}, +{"AES-256-OFB","aes-256-ofb",NID_aes_256_ofb128,9,&(lvalues[3131]),0}, +{"AES-256-CFB","aes-256-cfb",NID_aes_256_cfb128,9,&(lvalues[3140]),0}, {"holdInstructionCode","Hold Instruction Code", - NID_hold_instruction_code,3,&(lvalues[3155]),0}, + NID_hold_instruction_code,3,&(lvalues[3149]),0}, {"holdInstructionNone","Hold Instruction None", - NID_hold_instruction_none,7,&(lvalues[3158]),0}, + NID_hold_instruction_none,7,&(lvalues[3152]),0}, {"holdInstructionCallIssuer","Hold Instruction Call Issuer", - NID_hold_instruction_call_issuer,7,&(lvalues[3165]),0}, + NID_hold_instruction_call_issuer,7,&(lvalues[3159]),0}, {"holdInstructionReject","Hold Instruction Reject", - NID_hold_instruction_reject,7,&(lvalues[3172]),0}, -{"data","data",NID_data,1,&(lvalues[3179]),0}, -{"pss","pss",NID_pss,3,&(lvalues[3180]),0}, -{"ucl","ucl",NID_ucl,7,&(lvalues[3183]),0}, -{"pilot","pilot",NID_pilot,8,&(lvalues[3190]),0}, + NID_hold_instruction_reject,7,&(lvalues[3166]),0}, +{"data","data",NID_data,1,&(lvalues[3173]),0}, +{"pss","pss",NID_pss,3,&(lvalues[3174]),0}, +{"ucl","ucl",NID_ucl,7,&(lvalues[3177]),0}, +{"pilot","pilot",NID_pilot,8,&(lvalues[3184]),0}, {"pilotAttributeType","pilotAttributeType",NID_pilotAttributeType,9, - &(lvalues[3198]),0}, + &(lvalues[3192]),0}, {"pilotAttributeSyntax","pilotAttributeSyntax", - NID_pilotAttributeSyntax,9,&(lvalues[3207]),0}, + NID_pilotAttributeSyntax,9,&(lvalues[3201]),0}, {"pilotObjectClass","pilotObjectClass",NID_pilotObjectClass,9, - &(lvalues[3216]),0}, -{"pilotGroups","pilotGroups",NID_pilotGroups,9,&(lvalues[3225]),0}, + &(lvalues[3210]),0}, +{"pilotGroups","pilotGroups",NID_pilotGroups,9,&(lvalues[3219]),0}, {"iA5StringSyntax","iA5StringSyntax",NID_iA5StringSyntax,10, - &(lvalues[3234]),0}, + &(lvalues[3228]),0}, {"caseIgnoreIA5StringSyntax","caseIgnoreIA5StringSyntax", - NID_caseIgnoreIA5StringSyntax,10,&(lvalues[3244]),0}, -{"pilotObject","pilotObject",NID_pilotObject,10,&(lvalues[3254]),0}, -{"pilotPerson","pilotPerson",NID_pilotPerson,10,&(lvalues[3264]),0}, -{"account","account",NID_account,10,&(lvalues[3274]),0}, -{"document","document",NID_document,10,&(lvalues[3284]),0}, -{"room","room",NID_room,10,&(lvalues[3294]),0}, + NID_caseIgnoreIA5StringSyntax,10,&(lvalues[3238]),0}, +{"pilotObject","pilotObject",NID_pilotObject,10,&(lvalues[3248]),0}, +{"pilotPerson","pilotPerson",NID_pilotPerson,10,&(lvalues[3258]),0}, +{"account","account",NID_account,10,&(lvalues[3268]),0}, +{"document","document",NID_document,10,&(lvalues[3278]),0}, +{"room","room",NID_room,10,&(lvalues[3288]),0}, {"documentSeries","documentSeries",NID_documentSeries,10, - &(lvalues[3304]),0}, + &(lvalues[3298]),0}, {"rFC822localPart","rFC822localPart",NID_rFC822localPart,10, - &(lvalues[3314]),0}, -{"dNSDomain","dNSDomain",NID_dNSDomain,10,&(lvalues[3324]),0}, + &(lvalues[3308]),0}, +{"dNSDomain","dNSDomain",NID_dNSDomain,10,&(lvalues[3318]),0}, {"domainRelatedObject","domainRelatedObject",NID_domainRelatedObject, - 10,&(lvalues[3334]),0}, + 10,&(lvalues[3328]),0}, {"friendlyCountry","friendlyCountry",NID_friendlyCountry,10, - &(lvalues[3344]),0}, + &(lvalues[3338]),0}, {"simpleSecurityObject","simpleSecurityObject", - NID_simpleSecurityObject,10,&(lvalues[3354]),0}, + NID_simpleSecurityObject,10,&(lvalues[3348]),0}, {"pilotOrganization","pilotOrganization",NID_pilotOrganization,10, - &(lvalues[3364]),0}, -{"pilotDSA","pilotDSA",NID_pilotDSA,10,&(lvalues[3374]),0}, + &(lvalues[3358]),0}, +{"pilotDSA","pilotDSA",NID_pilotDSA,10,&(lvalues[3368]),0}, {"qualityLabelledData","qualityLabelledData",NID_qualityLabelledData, - 10,&(lvalues[3384]),0}, -{"UID","userId",NID_userId,10,&(lvalues[3394]),0}, + 10,&(lvalues[3378]),0}, +{"UID","userId",NID_userId,10,&(lvalues[3388]),0}, {"textEncodedORAddress","textEncodedORAddress", - NID_textEncodedORAddress,10,&(lvalues[3404]),0}, -{"mail","rfc822Mailbox",NID_rfc822Mailbox,10,&(lvalues[3414]),0}, -{"info","info",NID_info,10,&(lvalues[3424]),0}, + NID_textEncodedORAddress,10,&(lvalues[3398]),0}, +{"mail","rfc822Mailbox",NID_rfc822Mailbox,10,&(lvalues[3408]),0}, +{"info","info",NID_info,10,&(lvalues[3418]),0}, {"favouriteDrink","favouriteDrink",NID_favouriteDrink,10, - &(lvalues[3434]),0}, -{"roomNumber","roomNumber",NID_roomNumber,10,&(lvalues[3444]),0}, -{"photo","photo",NID_photo,10,&(lvalues[3454]),0}, -{"userClass","userClass",NID_userClass,10,&(lvalues[3464]),0}, -{"host","host",NID_host,10,&(lvalues[3474]),0}, -{"manager","manager",NID_manager,10,&(lvalues[3484]),0}, + &(lvalues[3428]),0}, +{"roomNumber","roomNumber",NID_roomNumber,10,&(lvalues[3438]),0}, +{"photo","photo",NID_photo,10,&(lvalues[3448]),0}, +{"userClass","userClass",NID_userClass,10,&(lvalues[3458]),0}, +{"host","host",NID_host,10,&(lvalues[3468]),0}, +{"manager","manager",NID_manager,10,&(lvalues[3478]),0}, {"documentIdentifier","documentIdentifier",NID_documentIdentifier,10, - &(lvalues[3494]),0}, -{"documentTitle","documentTitle",NID_documentTitle,10,&(lvalues[3504]),0}, + &(lvalues[3488]),0}, +{"documentTitle","documentTitle",NID_documentTitle,10,&(lvalues[3498]),0}, {"documentVersion","documentVersion",NID_documentVersion,10, - &(lvalues[3514]),0}, + &(lvalues[3508]),0}, {"documentAuthor","documentAuthor",NID_documentAuthor,10, - &(lvalues[3524]),0}, + &(lvalues[3518]),0}, {"documentLocation","documentLocation",NID_documentLocation,10, - &(lvalues[3534]),0}, + &(lvalues[3528]),0}, {"homeTelephoneNumber","homeTelephoneNumber",NID_homeTelephoneNumber, - 10,&(lvalues[3544]),0}, -{"secretary","secretary",NID_secretary,10,&(lvalues[3554]),0}, -{"otherMailbox","otherMailbox",NID_otherMailbox,10,&(lvalues[3564]),0}, + 10,&(lvalues[3538]),0}, +{"secretary","secretary",NID_secretary,10,&(lvalues[3548]),0}, +{"otherMailbox","otherMailbox",NID_otherMailbox,10,&(lvalues[3558]),0}, {"lastModifiedTime","lastModifiedTime",NID_lastModifiedTime,10, - &(lvalues[3574]),0}, + &(lvalues[3568]),0}, {"lastModifiedBy","lastModifiedBy",NID_lastModifiedBy,10, - &(lvalues[3584]),0}, -{"aRecord","aRecord",NID_aRecord,10,&(lvalues[3594]),0}, + &(lvalues[3578]),0}, +{"aRecord","aRecord",NID_aRecord,10,&(lvalues[3588]),0}, {"pilotAttributeType27","pilotAttributeType27", - NID_pilotAttributeType27,10,&(lvalues[3604]),0}, -{"mXRecord","mXRecord",NID_mXRecord,10,&(lvalues[3614]),0}, -{"nSRecord","nSRecord",NID_nSRecord,10,&(lvalues[3624]),0}, -{"sOARecord","sOARecord",NID_sOARecord,10,&(lvalues[3634]),0}, -{"cNAMERecord","cNAMERecord",NID_cNAMERecord,10,&(lvalues[3644]),0}, + NID_pilotAttributeType27,10,&(lvalues[3598]),0}, +{"mXRecord","mXRecord",NID_mXRecord,10,&(lvalues[3608]),0}, +{"nSRecord","nSRecord",NID_nSRecord,10,&(lvalues[3618]),0}, +{"sOARecord","sOARecord",NID_sOARecord,10,&(lvalues[3628]),0}, +{"cNAMERecord","cNAMERecord",NID_cNAMERecord,10,&(lvalues[3638]),0}, {"associatedDomain","associatedDomain",NID_associatedDomain,10, - &(lvalues[3654]),0}, + &(lvalues[3648]),0}, {"associatedName","associatedName",NID_associatedName,10, - &(lvalues[3664]),0}, + &(lvalues[3658]),0}, {"homePostalAddress","homePostalAddress",NID_homePostalAddress,10, - &(lvalues[3674]),0}, -{"personalTitle","personalTitle",NID_personalTitle,10,&(lvalues[3684]),0}, + &(lvalues[3668]),0}, +{"personalTitle","personalTitle",NID_personalTitle,10,&(lvalues[3678]),0}, {"mobileTelephoneNumber","mobileTelephoneNumber", - NID_mobileTelephoneNumber,10,&(lvalues[3694]),0}, + NID_mobileTelephoneNumber,10,&(lvalues[3688]),0}, {"pagerTelephoneNumber","pagerTelephoneNumber", - NID_pagerTelephoneNumber,10,&(lvalues[3704]),0}, + NID_pagerTelephoneNumber,10,&(lvalues[3698]),0}, {"friendlyCountryName","friendlyCountryName",NID_friendlyCountryName, - 10,&(lvalues[3714]),0}, + 10,&(lvalues[3708]),0}, {"organizationalStatus","organizationalStatus", - NID_organizationalStatus,10,&(lvalues[3724]),0}, -{"janetMailbox","janetMailbox",NID_janetMailbox,10,&(lvalues[3734]),0}, + NID_organizationalStatus,10,&(lvalues[3718]),0}, +{"janetMailbox","janetMailbox",NID_janetMailbox,10,&(lvalues[3728]),0}, {"mailPreferenceOption","mailPreferenceOption", - NID_mailPreferenceOption,10,&(lvalues[3744]),0}, -{"buildingName","buildingName",NID_buildingName,10,&(lvalues[3754]),0}, -{"dSAQuality","dSAQuality",NID_dSAQuality,10,&(lvalues[3764]),0}, + NID_mailPreferenceOption,10,&(lvalues[3738]),0}, +{"buildingName","buildingName",NID_buildingName,10,&(lvalues[3748]),0}, +{"dSAQuality","dSAQuality",NID_dSAQuality,10,&(lvalues[3758]),0}, {"singleLevelQuality","singleLevelQuality",NID_singleLevelQuality,10, - &(lvalues[3774]),0}, + &(lvalues[3768]),0}, {"subtreeMinimumQuality","subtreeMinimumQuality", - NID_subtreeMinimumQuality,10,&(lvalues[3784]),0}, + NID_subtreeMinimumQuality,10,&(lvalues[3778]),0}, {"subtreeMaximumQuality","subtreeMaximumQuality", - NID_subtreeMaximumQuality,10,&(lvalues[3794]),0}, + NID_subtreeMaximumQuality,10,&(lvalues[3788]),0}, {"personalSignature","personalSignature",NID_personalSignature,10, - &(lvalues[3804]),0}, -{"dITRedirect","dITRedirect",NID_dITRedirect,10,&(lvalues[3814]),0}, -{"audio","audio",NID_audio,10,&(lvalues[3824]),0}, + &(lvalues[3798]),0}, +{"dITRedirect","dITRedirect",NID_dITRedirect,10,&(lvalues[3808]),0}, +{"audio","audio",NID_audio,10,&(lvalues[3818]),0}, {"documentPublisher","documentPublisher",NID_documentPublisher,10, - &(lvalues[3834]),0}, + &(lvalues[3828]),0}, {"x500UniqueIdentifier","x500UniqueIdentifier", - NID_x500UniqueIdentifier,3,&(lvalues[3844]),0}, -{"mime-mhs","MIME MHS",NID_mime_mhs,5,&(lvalues[3847]),0}, + NID_x500UniqueIdentifier,3,&(lvalues[3838]),0}, +{"mime-mhs","MIME MHS",NID_mime_mhs,5,&(lvalues[3841]),0}, {"mime-mhs-headings","mime-mhs-headings",NID_mime_mhs_headings,6, - &(lvalues[3852]),0}, + &(lvalues[3846]),0}, {"mime-mhs-bodies","mime-mhs-bodies",NID_mime_mhs_bodies,6, - &(lvalues[3858]),0}, + &(lvalues[3852]),0}, {"id-hex-partial-message","id-hex-partial-message", - NID_id_hex_partial_message,7,&(lvalues[3864]),0}, + NID_id_hex_partial_message,7,&(lvalues[3858]),0}, {"id-hex-multipart-message","id-hex-multipart-message", - NID_id_hex_multipart_message,7,&(lvalues[3871]),0}, + NID_id_hex_multipart_message,7,&(lvalues[3865]),0}, {"generationQualifier","generationQualifier",NID_generationQualifier, - 3,&(lvalues[3878]),0}, -{"pseudonym","pseudonym",NID_pseudonym,3,&(lvalues[3881]),0}, + 3,&(lvalues[3872]),0}, +{"pseudonym","pseudonym",NID_pseudonym,3,&(lvalues[3875]),0}, {NULL,NULL,NID_undef,0,NULL,0}, {"id-set","Secure Electronic Transactions",NID_id_set,2, - &(lvalues[3884]),0}, -{"set-ctype","content types",NID_set_ctype,3,&(lvalues[3886]),0}, -{"set-msgExt","message extensions",NID_set_msgExt,3,&(lvalues[3889]),0}, -{"set-attr","set-attr",NID_set_attr,3,&(lvalues[3892]),0}, -{"set-policy","set-policy",NID_set_policy,3,&(lvalues[3895]),0}, + &(lvalues[3878]),0}, +{"set-ctype","content types",NID_set_ctype,3,&(lvalues[3880]),0}, +{"set-msgExt","message extensions",NID_set_msgExt,3,&(lvalues[3883]),0}, +{"set-attr","set-attr",NID_set_attr,3,&(lvalues[3886]),0}, +{"set-policy","set-policy",NID_set_policy,3,&(lvalues[3889]),0}, {"set-certExt","certificate extensions",NID_set_certExt,3, - &(lvalues[3898]),0}, -{"set-brand","set-brand",NID_set_brand,3,&(lvalues[3901]),0}, -{"setct-PANData","setct-PANData",NID_setct_PANData,4,&(lvalues[3904]),0}, + &(lvalues[3892]),0}, +{"set-brand","set-brand",NID_set_brand,3,&(lvalues[3895]),0}, +{"setct-PANData","setct-PANData",NID_setct_PANData,4,&(lvalues[3898]),0}, {"setct-PANToken","setct-PANToken",NID_setct_PANToken,4, - &(lvalues[3908]),0}, -{"setct-PANOnly","setct-PANOnly",NID_setct_PANOnly,4,&(lvalues[3912]),0}, -{"setct-OIData","setct-OIData",NID_setct_OIData,4,&(lvalues[3916]),0}, -{"setct-PI","setct-PI",NID_setct_PI,4,&(lvalues[3920]),0}, -{"setct-PIData","setct-PIData",NID_setct_PIData,4,&(lvalues[3924]),0}, + &(lvalues[3902]),0}, +{"setct-PANOnly","setct-PANOnly",NID_setct_PANOnly,4,&(lvalues[3906]),0}, +{"setct-OIData","setct-OIData",NID_setct_OIData,4,&(lvalues[3910]),0}, +{"setct-PI","setct-PI",NID_setct_PI,4,&(lvalues[3914]),0}, +{"setct-PIData","setct-PIData",NID_setct_PIData,4,&(lvalues[3918]),0}, {"setct-PIDataUnsigned","setct-PIDataUnsigned", - NID_setct_PIDataUnsigned,4,&(lvalues[3928]),0}, + NID_setct_PIDataUnsigned,4,&(lvalues[3922]),0}, {"setct-HODInput","setct-HODInput",NID_setct_HODInput,4, - &(lvalues[3932]),0}, + &(lvalues[3926]),0}, {"setct-AuthResBaggage","setct-AuthResBaggage", - NID_setct_AuthResBaggage,4,&(lvalues[3936]),0}, + NID_setct_AuthResBaggage,4,&(lvalues[3930]),0}, {"setct-AuthRevReqBaggage","setct-AuthRevReqBaggage", - NID_setct_AuthRevReqBaggage,4,&(lvalues[3940]),0}, + NID_setct_AuthRevReqBaggage,4,&(lvalues[3934]),0}, {"setct-AuthRevResBaggage","setct-AuthRevResBaggage", - NID_setct_AuthRevResBaggage,4,&(lvalues[3944]),0}, + NID_setct_AuthRevResBaggage,4,&(lvalues[3938]),0}, {"setct-CapTokenSeq","setct-CapTokenSeq",NID_setct_CapTokenSeq,4, - &(lvalues[3948]),0}, + &(lvalues[3942]),0}, {"setct-PInitResData","setct-PInitResData",NID_setct_PInitResData,4, - &(lvalues[3952]),0}, -{"setct-PI-TBS","setct-PI-TBS",NID_setct_PI_TBS,4,&(lvalues[3956]),0}, + &(lvalues[3946]),0}, +{"setct-PI-TBS","setct-PI-TBS",NID_setct_PI_TBS,4,&(lvalues[3950]),0}, {"setct-PResData","setct-PResData",NID_setct_PResData,4, - &(lvalues[3960]),0}, + &(lvalues[3954]),0}, {"setct-AuthReqTBS","setct-AuthReqTBS",NID_setct_AuthReqTBS,4, - &(lvalues[3964]),0}, + &(lvalues[3958]),0}, {"setct-AuthResTBS","setct-AuthResTBS",NID_setct_AuthResTBS,4, - &(lvalues[3968]),0}, + &(lvalues[3962]),0}, {"setct-AuthResTBSX","setct-AuthResTBSX",NID_setct_AuthResTBSX,4, - &(lvalues[3972]),0}, + &(lvalues[3966]),0}, {"setct-AuthTokenTBS","setct-AuthTokenTBS",NID_setct_AuthTokenTBS,4, - &(lvalues[3976]),0}, + &(lvalues[3970]),0}, {"setct-CapTokenData","setct-CapTokenData",NID_setct_CapTokenData,4, - &(lvalues[3980]),0}, + &(lvalues[3974]),0}, {"setct-CapTokenTBS","setct-CapTokenTBS",NID_setct_CapTokenTBS,4, - &(lvalues[3984]),0}, + &(lvalues[3978]),0}, {"setct-AcqCardCodeMsg","setct-AcqCardCodeMsg", - NID_setct_AcqCardCodeMsg,4,&(lvalues[3988]),0}, + NID_setct_AcqCardCodeMsg,4,&(lvalues[3982]),0}, {"setct-AuthRevReqTBS","setct-AuthRevReqTBS",NID_setct_AuthRevReqTBS, - 4,&(lvalues[3992]),0}, + 4,&(lvalues[3986]),0}, {"setct-AuthRevResData","setct-AuthRevResData", - NID_setct_AuthRevResData,4,&(lvalues[3996]),0}, + NID_setct_AuthRevResData,4,&(lvalues[3990]),0}, {"setct-AuthRevResTBS","setct-AuthRevResTBS",NID_setct_AuthRevResTBS, - 4,&(lvalues[4000]),0}, + 4,&(lvalues[3994]),0}, {"setct-CapReqTBS","setct-CapReqTBS",NID_setct_CapReqTBS,4, - &(lvalues[4004]),0}, + &(lvalues[3998]),0}, {"setct-CapReqTBSX","setct-CapReqTBSX",NID_setct_CapReqTBSX,4, - &(lvalues[4008]),0}, + &(lvalues[4002]),0}, {"setct-CapResData","setct-CapResData",NID_setct_CapResData,4, - &(lvalues[4012]),0}, + &(lvalues[4006]),0}, {"setct-CapRevReqTBS","setct-CapRevReqTBS",NID_setct_CapRevReqTBS,4, - &(lvalues[4016]),0}, + &(lvalues[4010]),0}, {"setct-CapRevReqTBSX","setct-CapRevReqTBSX",NID_setct_CapRevReqTBSX, - 4,&(lvalues[4020]),0}, + 4,&(lvalues[4014]),0}, {"setct-CapRevResData","setct-CapRevResData",NID_setct_CapRevResData, - 4,&(lvalues[4024]),0}, + 4,&(lvalues[4018]),0}, {"setct-CredReqTBS","setct-CredReqTBS",NID_setct_CredReqTBS,4, - &(lvalues[4028]),0}, + &(lvalues[4022]),0}, {"setct-CredReqTBSX","setct-CredReqTBSX",NID_setct_CredReqTBSX,4, - &(lvalues[4032]),0}, + &(lvalues[4026]),0}, {"setct-CredResData","setct-CredResData",NID_setct_CredResData,4, - &(lvalues[4036]),0}, + &(lvalues[4030]),0}, {"setct-CredRevReqTBS","setct-CredRevReqTBS",NID_setct_CredRevReqTBS, - 4,&(lvalues[4040]),0}, + 4,&(lvalues[4034]),0}, {"setct-CredRevReqTBSX","setct-CredRevReqTBSX", - NID_setct_CredRevReqTBSX,4,&(lvalues[4044]),0}, + NID_setct_CredRevReqTBSX,4,&(lvalues[4038]),0}, {"setct-CredRevResData","setct-CredRevResData", - NID_setct_CredRevResData,4,&(lvalues[4048]),0}, + NID_setct_CredRevResData,4,&(lvalues[4042]),0}, {"setct-PCertReqData","setct-PCertReqData",NID_setct_PCertReqData,4, - &(lvalues[4052]),0}, + &(lvalues[4046]),0}, {"setct-PCertResTBS","setct-PCertResTBS",NID_setct_PCertResTBS,4, - &(lvalues[4056]),0}, + &(lvalues[4050]),0}, {"setct-BatchAdminReqData","setct-BatchAdminReqData", - NID_setct_BatchAdminReqData,4,&(lvalues[4060]),0}, + NID_setct_BatchAdminReqData,4,&(lvalues[4054]),0}, {"setct-BatchAdminResData","setct-BatchAdminResData", - NID_setct_BatchAdminResData,4,&(lvalues[4064]),0}, + NID_setct_BatchAdminResData,4,&(lvalues[4058]),0}, {"setct-CardCInitResTBS","setct-CardCInitResTBS", - NID_setct_CardCInitResTBS,4,&(lvalues[4068]),0}, + NID_setct_CardCInitResTBS,4,&(lvalues[4062]),0}, {"setct-MeAqCInitResTBS","setct-MeAqCInitResTBS", - NID_setct_MeAqCInitResTBS,4,&(lvalues[4072]),0}, + NID_setct_MeAqCInitResTBS,4,&(lvalues[4066]),0}, {"setct-RegFormResTBS","setct-RegFormResTBS",NID_setct_RegFormResTBS, - 4,&(lvalues[4076]),0}, + 4,&(lvalues[4070]),0}, {"setct-CertReqData","setct-CertReqData",NID_setct_CertReqData,4, - &(lvalues[4080]),0}, + &(lvalues[4074]),0}, {"setct-CertReqTBS","setct-CertReqTBS",NID_setct_CertReqTBS,4, - &(lvalues[4084]),0}, + &(lvalues[4078]),0}, {"setct-CertResData","setct-CertResData",NID_setct_CertResData,4, - &(lvalues[4088]),0}, + &(lvalues[4082]),0}, {"setct-CertInqReqTBS","setct-CertInqReqTBS",NID_setct_CertInqReqTBS, - 4,&(lvalues[4092]),0}, + 4,&(lvalues[4086]),0}, {"setct-ErrorTBS","setct-ErrorTBS",NID_setct_ErrorTBS,4, - &(lvalues[4096]),0}, + &(lvalues[4090]),0}, {"setct-PIDualSignedTBE","setct-PIDualSignedTBE", - NID_setct_PIDualSignedTBE,4,&(lvalues[4100]),0}, + NID_setct_PIDualSignedTBE,4,&(lvalues[4094]),0}, {"setct-PIUnsignedTBE","setct-PIUnsignedTBE",NID_setct_PIUnsignedTBE, - 4,&(lvalues[4104]),0}, + 4,&(lvalues[4098]),0}, {"setct-AuthReqTBE","setct-AuthReqTBE",NID_setct_AuthReqTBE,4, - &(lvalues[4108]),0}, + &(lvalues[4102]),0}, {"setct-AuthResTBE","setct-AuthResTBE",NID_setct_AuthResTBE,4, - &(lvalues[4112]),0}, + &(lvalues[4106]),0}, {"setct-AuthResTBEX","setct-AuthResTBEX",NID_setct_AuthResTBEX,4, - &(lvalues[4116]),0}, + &(lvalues[4110]),0}, {"setct-AuthTokenTBE","setct-AuthTokenTBE",NID_setct_AuthTokenTBE,4, - &(lvalues[4120]),0}, + &(lvalues[4114]),0}, {"setct-CapTokenTBE","setct-CapTokenTBE",NID_setct_CapTokenTBE,4, - &(lvalues[4124]),0}, + &(lvalues[4118]),0}, {"setct-CapTokenTBEX","setct-CapTokenTBEX",NID_setct_CapTokenTBEX,4, - &(lvalues[4128]),0}, + &(lvalues[4122]),0}, {"setct-AcqCardCodeMsgTBE","setct-AcqCardCodeMsgTBE", - NID_setct_AcqCardCodeMsgTBE,4,&(lvalues[4132]),0}, + NID_setct_AcqCardCodeMsgTBE,4,&(lvalues[4126]),0}, {"setct-AuthRevReqTBE","setct-AuthRevReqTBE",NID_setct_AuthRevReqTBE, - 4,&(lvalues[4136]),0}, + 4,&(lvalues[4130]),0}, {"setct-AuthRevResTBE","setct-AuthRevResTBE",NID_setct_AuthRevResTBE, - 4,&(lvalues[4140]),0}, + 4,&(lvalues[4134]),0}, {"setct-AuthRevResTBEB","setct-AuthRevResTBEB", - NID_setct_AuthRevResTBEB,4,&(lvalues[4144]),0}, + NID_setct_AuthRevResTBEB,4,&(lvalues[4138]),0}, {"setct-CapReqTBE","setct-CapReqTBE",NID_setct_CapReqTBE,4, - &(lvalues[4148]),0}, + &(lvalues[4142]),0}, {"setct-CapReqTBEX","setct-CapReqTBEX",NID_setct_CapReqTBEX,4, - &(lvalues[4152]),0}, + &(lvalues[4146]),0}, {"setct-CapResTBE","setct-CapResTBE",NID_setct_CapResTBE,4, - &(lvalues[4156]),0}, + &(lvalues[4150]),0}, {"setct-CapRevReqTBE","setct-CapRevReqTBE",NID_setct_CapRevReqTBE,4, - &(lvalues[4160]),0}, + &(lvalues[4154]),0}, {"setct-CapRevReqTBEX","setct-CapRevReqTBEX",NID_setct_CapRevReqTBEX, - 4,&(lvalues[4164]),0}, + 4,&(lvalues[4158]),0}, {"setct-CapRevResTBE","setct-CapRevResTBE",NID_setct_CapRevResTBE,4, - &(lvalues[4168]),0}, + &(lvalues[4162]),0}, {"setct-CredReqTBE","setct-CredReqTBE",NID_setct_CredReqTBE,4, - &(lvalues[4172]),0}, + &(lvalues[4166]),0}, {"setct-CredReqTBEX","setct-CredReqTBEX",NID_setct_CredReqTBEX,4, - &(lvalues[4176]),0}, + &(lvalues[4170]),0}, {"setct-CredResTBE","setct-CredResTBE",NID_setct_CredResTBE,4, - &(lvalues[4180]),0}, + &(lvalues[4174]),0}, {"setct-CredRevReqTBE","setct-CredRevReqTBE",NID_setct_CredRevReqTBE, - 4,&(lvalues[4184]),0}, + 4,&(lvalues[4178]),0}, {"setct-CredRevReqTBEX","setct-CredRevReqTBEX", - NID_setct_CredRevReqTBEX,4,&(lvalues[4188]),0}, + NID_setct_CredRevReqTBEX,4,&(lvalues[4182]),0}, {"setct-CredRevResTBE","setct-CredRevResTBE",NID_setct_CredRevResTBE, - 4,&(lvalues[4192]),0}, + 4,&(lvalues[4186]),0}, {"setct-BatchAdminReqTBE","setct-BatchAdminReqTBE", - NID_setct_BatchAdminReqTBE,4,&(lvalues[4196]),0}, + NID_setct_BatchAdminReqTBE,4,&(lvalues[4190]),0}, {"setct-BatchAdminResTBE","setct-BatchAdminResTBE", - NID_setct_BatchAdminResTBE,4,&(lvalues[4200]),0}, + NID_setct_BatchAdminResTBE,4,&(lvalues[4194]),0}, {"setct-RegFormReqTBE","setct-RegFormReqTBE",NID_setct_RegFormReqTBE, - 4,&(lvalues[4204]),0}, + 4,&(lvalues[4198]),0}, {"setct-CertReqTBE","setct-CertReqTBE",NID_setct_CertReqTBE,4, - &(lvalues[4208]),0}, + &(lvalues[4202]),0}, {"setct-CertReqTBEX","setct-CertReqTBEX",NID_setct_CertReqTBEX,4, - &(lvalues[4212]),0}, + &(lvalues[4206]),0}, {"setct-CertResTBE","setct-CertResTBE",NID_setct_CertResTBE,4, - &(lvalues[4216]),0}, + &(lvalues[4210]),0}, {"setct-CRLNotificationTBS","setct-CRLNotificationTBS", - NID_setct_CRLNotificationTBS,4,&(lvalues[4220]),0}, + NID_setct_CRLNotificationTBS,4,&(lvalues[4214]),0}, {"setct-CRLNotificationResTBS","setct-CRLNotificationResTBS", - NID_setct_CRLNotificationResTBS,4,&(lvalues[4224]),0}, + NID_setct_CRLNotificationResTBS,4,&(lvalues[4218]),0}, {"setct-BCIDistributionTBS","setct-BCIDistributionTBS", - NID_setct_BCIDistributionTBS,4,&(lvalues[4228]),0}, + NID_setct_BCIDistributionTBS,4,&(lvalues[4222]),0}, {"setext-genCrypt","generic cryptogram",NID_setext_genCrypt,4, - &(lvalues[4232]),0}, + &(lvalues[4226]),0}, {"setext-miAuth","merchant initiated auth",NID_setext_miAuth,4, - &(lvalues[4236]),0}, + &(lvalues[4230]),0}, {"setext-pinSecure","setext-pinSecure",NID_setext_pinSecure,4, - &(lvalues[4240]),0}, -{"setext-pinAny","setext-pinAny",NID_setext_pinAny,4,&(lvalues[4244]),0}, -{"setext-track2","setext-track2",NID_setext_track2,4,&(lvalues[4248]),0}, + &(lvalues[4234]),0}, +{"setext-pinAny","setext-pinAny",NID_setext_pinAny,4,&(lvalues[4238]),0}, +{"setext-track2","setext-track2",NID_setext_track2,4,&(lvalues[4242]),0}, {"setext-cv","additional verification",NID_setext_cv,4, - &(lvalues[4252]),0}, + &(lvalues[4246]),0}, {"set-policy-root","set-policy-root",NID_set_policy_root,4, - &(lvalues[4256]),0}, + &(lvalues[4250]),0}, {"setCext-hashedRoot","setCext-hashedRoot",NID_setCext_hashedRoot,4, - &(lvalues[4260]),0}, + &(lvalues[4254]),0}, {"setCext-certType","setCext-certType",NID_setCext_certType,4, - &(lvalues[4264]),0}, + &(lvalues[4258]),0}, {"setCext-merchData","setCext-merchData",NID_setCext_merchData,4, - &(lvalues[4268]),0}, + &(lvalues[4262]),0}, {"setCext-cCertRequired","setCext-cCertRequired", - NID_setCext_cCertRequired,4,&(lvalues[4272]),0}, + NID_setCext_cCertRequired,4,&(lvalues[4266]),0}, {"setCext-tunneling","setCext-tunneling",NID_setCext_tunneling,4, - &(lvalues[4276]),0}, + &(lvalues[4270]),0}, {"setCext-setExt","setCext-setExt",NID_setCext_setExt,4, - &(lvalues[4280]),0}, + &(lvalues[4274]),0}, {"setCext-setQualf","setCext-setQualf",NID_setCext_setQualf,4, - &(lvalues[4284]),0}, + &(lvalues[4278]),0}, {"setCext-PGWYcapabilities","setCext-PGWYcapabilities", - NID_setCext_PGWYcapabilities,4,&(lvalues[4288]),0}, + NID_setCext_PGWYcapabilities,4,&(lvalues[4282]),0}, {"setCext-TokenIdentifier","setCext-TokenIdentifier", - NID_setCext_TokenIdentifier,4,&(lvalues[4292]),0}, + NID_setCext_TokenIdentifier,4,&(lvalues[4286]),0}, {"setCext-Track2Data","setCext-Track2Data",NID_setCext_Track2Data,4, - &(lvalues[4296]),0}, + &(lvalues[4290]),0}, {"setCext-TokenType","setCext-TokenType",NID_setCext_TokenType,4, - &(lvalues[4300]),0}, + &(lvalues[4294]),0}, {"setCext-IssuerCapabilities","setCext-IssuerCapabilities", - NID_setCext_IssuerCapabilities,4,&(lvalues[4304]),0}, -{"setAttr-Cert","setAttr-Cert",NID_setAttr_Cert,4,&(lvalues[4308]),0}, + NID_setCext_IssuerCapabilities,4,&(lvalues[4298]),0}, +{"setAttr-Cert","setAttr-Cert",NID_setAttr_Cert,4,&(lvalues[4302]),0}, {"setAttr-PGWYcap","payment gateway capabilities",NID_setAttr_PGWYcap, - 4,&(lvalues[4312]),0}, + 4,&(lvalues[4306]),0}, {"setAttr-TokenType","setAttr-TokenType",NID_setAttr_TokenType,4, - &(lvalues[4316]),0}, + &(lvalues[4310]),0}, {"setAttr-IssCap","issuer capabilities",NID_setAttr_IssCap,4, - &(lvalues[4320]),0}, + &(lvalues[4314]),0}, {"set-rootKeyThumb","set-rootKeyThumb",NID_set_rootKeyThumb,5, - &(lvalues[4324]),0}, -{"set-addPolicy","set-addPolicy",NID_set_addPolicy,5,&(lvalues[4329]),0}, + &(lvalues[4318]),0}, +{"set-addPolicy","set-addPolicy",NID_set_addPolicy,5,&(lvalues[4323]),0}, {"setAttr-Token-EMV","setAttr-Token-EMV",NID_setAttr_Token_EMV,5, - &(lvalues[4334]),0}, + &(lvalues[4328]),0}, {"setAttr-Token-B0Prime","setAttr-Token-B0Prime", - NID_setAttr_Token_B0Prime,5,&(lvalues[4339]),0}, + NID_setAttr_Token_B0Prime,5,&(lvalues[4333]),0}, {"setAttr-IssCap-CVM","setAttr-IssCap-CVM",NID_setAttr_IssCap_CVM,5, - &(lvalues[4344]),0}, + &(lvalues[4338]),0}, {"setAttr-IssCap-T2","setAttr-IssCap-T2",NID_setAttr_IssCap_T2,5, - &(lvalues[4349]),0}, + &(lvalues[4343]),0}, {"setAttr-IssCap-Sig","setAttr-IssCap-Sig",NID_setAttr_IssCap_Sig,5, - &(lvalues[4354]),0}, + &(lvalues[4348]),0}, {"setAttr-GenCryptgrm","generate cryptogram",NID_setAttr_GenCryptgrm, - 6,&(lvalues[4359]),0}, + 6,&(lvalues[4353]),0}, {"setAttr-T2Enc","encrypted track 2",NID_setAttr_T2Enc,6, - &(lvalues[4365]),0}, + &(lvalues[4359]),0}, {"setAttr-T2cleartxt","cleartext track 2",NID_setAttr_T2cleartxt,6, - &(lvalues[4371]),0}, + &(lvalues[4365]),0}, {"setAttr-TokICCsig","ICC or token signature",NID_setAttr_TokICCsig,6, - &(lvalues[4377]),0}, + &(lvalues[4371]),0}, {"setAttr-SecDevSig","secure device signature",NID_setAttr_SecDevSig, - 6,&(lvalues[4383]),0}, + 6,&(lvalues[4377]),0}, {"set-brand-IATA-ATA","set-brand-IATA-ATA",NID_set_brand_IATA_ATA,4, - &(lvalues[4389]),0}, + &(lvalues[4383]),0}, {"set-brand-Diners","set-brand-Diners",NID_set_brand_Diners,4, - &(lvalues[4393]),0}, + &(lvalues[4387]),0}, {"set-brand-AmericanExpress","set-brand-AmericanExpress", - NID_set_brand_AmericanExpress,4,&(lvalues[4397]),0}, -{"set-brand-JCB","set-brand-JCB",NID_set_brand_JCB,4,&(lvalues[4401]),0}, + NID_set_brand_AmericanExpress,4,&(lvalues[4391]),0}, +{"set-brand-JCB","set-brand-JCB",NID_set_brand_JCB,4,&(lvalues[4395]),0}, {"set-brand-Visa","set-brand-Visa",NID_set_brand_Visa,4, - &(lvalues[4405]),0}, + &(lvalues[4399]),0}, {"set-brand-MasterCard","set-brand-MasterCard", - NID_set_brand_MasterCard,4,&(lvalues[4409]),0}, + NID_set_brand_MasterCard,4,&(lvalues[4403]),0}, {"set-brand-Novus","set-brand-Novus",NID_set_brand_Novus,5, - &(lvalues[4413]),0}, -{"DES-CDMF","des-cdmf",NID_des_cdmf,8,&(lvalues[4418]),0}, + &(lvalues[4407]),0}, +{"DES-CDMF","des-cdmf",NID_des_cdmf,8,&(lvalues[4412]),0}, {"rsaOAEPEncryptionSET","rsaOAEPEncryptionSET", - NID_rsaOAEPEncryptionSET,9,&(lvalues[4426]),0}, + NID_rsaOAEPEncryptionSET,9,&(lvalues[4420]),0}, {"ITU-T","itu-t",NID_itu_t,0,NULL,0}, {"JOINT-ISO-ITU-T","joint-iso-itu-t",NID_joint_iso_itu_t,0,NULL,0}, {"international-organizations","International Organizations", - NID_international_organizations,1,&(lvalues[4435]),0}, + NID_international_organizations,1,&(lvalues[4429]),0}, {"msSmartcardLogin","Microsoft Smartcardlogin",NID_ms_smartcard_login, - 10,&(lvalues[4436]),0}, + 10,&(lvalues[4430]),0}, {"msUPN","Microsoft Universal Principal Name",NID_ms_upn,10, - &(lvalues[4446]),0}, + &(lvalues[4440]),0}, {"AES-128-CFB1","aes-128-cfb1",NID_aes_128_cfb1,0,NULL,0}, {"AES-192-CFB1","aes-192-cfb1",NID_aes_192_cfb1,0,NULL,0}, {"AES-256-CFB1","aes-256-cfb1",NID_aes_256_cfb1,0,NULL,0}, @@ -1994,138 +1993,138 @@ static const ASN1_OBJECT kObjects[NUM_NID]={ {"DES-CFB8","des-cfb8",NID_des_cfb8,0,NULL,0}, {"DES-EDE3-CFB1","des-ede3-cfb1",NID_des_ede3_cfb1,0,NULL,0}, {"DES-EDE3-CFB8","des-ede3-cfb8",NID_des_ede3_cfb8,0,NULL,0}, -{"street","streetAddress",NID_streetAddress,3,&(lvalues[4456]),0}, -{"postalCode","postalCode",NID_postalCode,3,&(lvalues[4459]),0}, -{"id-ppl","id-ppl",NID_id_ppl,7,&(lvalues[4462]),0}, +{"street","streetAddress",NID_streetAddress,3,&(lvalues[4450]),0}, +{"postalCode","postalCode",NID_postalCode,3,&(lvalues[4453]),0}, +{"id-ppl","id-ppl",NID_id_ppl,7,&(lvalues[4456]),0}, {"proxyCertInfo","Proxy Certificate Information",NID_proxyCertInfo,8, - &(lvalues[4469]),0}, + &(lvalues[4463]),0}, {"id-ppl-anyLanguage","Any language",NID_id_ppl_anyLanguage,8, - &(lvalues[4477]),0}, + &(lvalues[4471]),0}, {"id-ppl-inheritAll","Inherit all",NID_id_ppl_inheritAll,8, - &(lvalues[4485]),0}, + &(lvalues[4479]),0}, {"nameConstraints","X509v3 Name Constraints",NID_name_constraints,3, - &(lvalues[4493]),0}, -{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4496]),0}, + &(lvalues[4487]),0}, +{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4490]),0}, {"RSA-SHA256","sha256WithRSAEncryption",NID_sha256WithRSAEncryption,9, - &(lvalues[4504]),0}, + &(lvalues[4498]),0}, {"RSA-SHA384","sha384WithRSAEncryption",NID_sha384WithRSAEncryption,9, - &(lvalues[4513]),0}, + &(lvalues[4507]),0}, {"RSA-SHA512","sha512WithRSAEncryption",NID_sha512WithRSAEncryption,9, - &(lvalues[4522]),0}, + &(lvalues[4516]),0}, {"RSA-SHA224","sha224WithRSAEncryption",NID_sha224WithRSAEncryption,9, - &(lvalues[4531]),0}, -{"SHA256","sha256",NID_sha256,9,&(lvalues[4540]),0}, -{"SHA384","sha384",NID_sha384,9,&(lvalues[4549]),0}, -{"SHA512","sha512",NID_sha512,9,&(lvalues[4558]),0}, -{"SHA224","sha224",NID_sha224,9,&(lvalues[4567]),0}, + &(lvalues[4525]),0}, +{"SHA256","sha256",NID_sha256,9,&(lvalues[4534]),0}, +{"SHA384","sha384",NID_sha384,9,&(lvalues[4543]),0}, +{"SHA512","sha512",NID_sha512,9,&(lvalues[4552]),0}, +{"SHA224","sha224",NID_sha224,9,&(lvalues[4561]),0}, {"identified-organization","identified-organization", - NID_identified_organization,1,&(lvalues[4576]),0}, -{"certicom-arc","certicom-arc",NID_certicom_arc,3,&(lvalues[4577]),0}, -{"wap","wap",NID_wap,2,&(lvalues[4580]),0}, -{"wap-wsg","wap-wsg",NID_wap_wsg,3,&(lvalues[4582]),0}, + NID_identified_organization,1,&(lvalues[4570]),0}, +{"certicom-arc","certicom-arc",NID_certicom_arc,3,&(lvalues[4571]),0}, +{"wap","wap",NID_wap,2,&(lvalues[4574]),0}, +{"wap-wsg","wap-wsg",NID_wap_wsg,3,&(lvalues[4576]),0}, {"id-characteristic-two-basis","id-characteristic-two-basis", - NID_X9_62_id_characteristic_two_basis,8,&(lvalues[4585]),0}, -{"onBasis","onBasis",NID_X9_62_onBasis,9,&(lvalues[4593]),0}, -{"tpBasis","tpBasis",NID_X9_62_tpBasis,9,&(lvalues[4602]),0}, -{"ppBasis","ppBasis",NID_X9_62_ppBasis,9,&(lvalues[4611]),0}, -{"c2pnb163v1","c2pnb163v1",NID_X9_62_c2pnb163v1,8,&(lvalues[4620]),0}, -{"c2pnb163v2","c2pnb163v2",NID_X9_62_c2pnb163v2,8,&(lvalues[4628]),0}, -{"c2pnb163v3","c2pnb163v3",NID_X9_62_c2pnb163v3,8,&(lvalues[4636]),0}, -{"c2pnb176v1","c2pnb176v1",NID_X9_62_c2pnb176v1,8,&(lvalues[4644]),0}, -{"c2tnb191v1","c2tnb191v1",NID_X9_62_c2tnb191v1,8,&(lvalues[4652]),0}, -{"c2tnb191v2","c2tnb191v2",NID_X9_62_c2tnb191v2,8,&(lvalues[4660]),0}, -{"c2tnb191v3","c2tnb191v3",NID_X9_62_c2tnb191v3,8,&(lvalues[4668]),0}, -{"c2onb191v4","c2onb191v4",NID_X9_62_c2onb191v4,8,&(lvalues[4676]),0}, -{"c2onb191v5","c2onb191v5",NID_X9_62_c2onb191v5,8,&(lvalues[4684]),0}, -{"c2pnb208w1","c2pnb208w1",NID_X9_62_c2pnb208w1,8,&(lvalues[4692]),0}, -{"c2tnb239v1","c2tnb239v1",NID_X9_62_c2tnb239v1,8,&(lvalues[4700]),0}, -{"c2tnb239v2","c2tnb239v2",NID_X9_62_c2tnb239v2,8,&(lvalues[4708]),0}, -{"c2tnb239v3","c2tnb239v3",NID_X9_62_c2tnb239v3,8,&(lvalues[4716]),0}, -{"c2onb239v4","c2onb239v4",NID_X9_62_c2onb239v4,8,&(lvalues[4724]),0}, -{"c2onb239v5","c2onb239v5",NID_X9_62_c2onb239v5,8,&(lvalues[4732]),0}, -{"c2pnb272w1","c2pnb272w1",NID_X9_62_c2pnb272w1,8,&(lvalues[4740]),0}, -{"c2pnb304w1","c2pnb304w1",NID_X9_62_c2pnb304w1,8,&(lvalues[4748]),0}, -{"c2tnb359v1","c2tnb359v1",NID_X9_62_c2tnb359v1,8,&(lvalues[4756]),0}, -{"c2pnb368w1","c2pnb368w1",NID_X9_62_c2pnb368w1,8,&(lvalues[4764]),0}, -{"c2tnb431r1","c2tnb431r1",NID_X9_62_c2tnb431r1,8,&(lvalues[4772]),0}, -{"secp112r1","secp112r1",NID_secp112r1,5,&(lvalues[4780]),0}, -{"secp112r2","secp112r2",NID_secp112r2,5,&(lvalues[4785]),0}, -{"secp128r1","secp128r1",NID_secp128r1,5,&(lvalues[4790]),0}, -{"secp128r2","secp128r2",NID_secp128r2,5,&(lvalues[4795]),0}, -{"secp160k1","secp160k1",NID_secp160k1,5,&(lvalues[4800]),0}, -{"secp160r1","secp160r1",NID_secp160r1,5,&(lvalues[4805]),0}, -{"secp160r2","secp160r2",NID_secp160r2,5,&(lvalues[4810]),0}, -{"secp192k1","secp192k1",NID_secp192k1,5,&(lvalues[4815]),0}, -{"secp224k1","secp224k1",NID_secp224k1,5,&(lvalues[4820]),0}, -{"secp224r1","secp224r1",NID_secp224r1,5,&(lvalues[4825]),0}, -{"secp256k1","secp256k1",NID_secp256k1,5,&(lvalues[4830]),0}, -{"secp384r1","secp384r1",NID_secp384r1,5,&(lvalues[4835]),0}, -{"secp521r1","secp521r1",NID_secp521r1,5,&(lvalues[4840]),0}, -{"sect113r1","sect113r1",NID_sect113r1,5,&(lvalues[4845]),0}, -{"sect113r2","sect113r2",NID_sect113r2,5,&(lvalues[4850]),0}, -{"sect131r1","sect131r1",NID_sect131r1,5,&(lvalues[4855]),0}, -{"sect131r2","sect131r2",NID_sect131r2,5,&(lvalues[4860]),0}, -{"sect163k1","sect163k1",NID_sect163k1,5,&(lvalues[4865]),0}, -{"sect163r1","sect163r1",NID_sect163r1,5,&(lvalues[4870]),0}, -{"sect163r2","sect163r2",NID_sect163r2,5,&(lvalues[4875]),0}, -{"sect193r1","sect193r1",NID_sect193r1,5,&(lvalues[4880]),0}, -{"sect193r2","sect193r2",NID_sect193r2,5,&(lvalues[4885]),0}, -{"sect233k1","sect233k1",NID_sect233k1,5,&(lvalues[4890]),0}, -{"sect233r1","sect233r1",NID_sect233r1,5,&(lvalues[4895]),0}, -{"sect239k1","sect239k1",NID_sect239k1,5,&(lvalues[4900]),0}, -{"sect283k1","sect283k1",NID_sect283k1,5,&(lvalues[4905]),0}, -{"sect283r1","sect283r1",NID_sect283r1,5,&(lvalues[4910]),0}, -{"sect409k1","sect409k1",NID_sect409k1,5,&(lvalues[4915]),0}, -{"sect409r1","sect409r1",NID_sect409r1,5,&(lvalues[4920]),0}, -{"sect571k1","sect571k1",NID_sect571k1,5,&(lvalues[4925]),0}, -{"sect571r1","sect571r1",NID_sect571r1,5,&(lvalues[4930]),0}, + NID_X9_62_id_characteristic_two_basis,8,&(lvalues[4579]),0}, +{"onBasis","onBasis",NID_X9_62_onBasis,9,&(lvalues[4587]),0}, +{"tpBasis","tpBasis",NID_X9_62_tpBasis,9,&(lvalues[4596]),0}, +{"ppBasis","ppBasis",NID_X9_62_ppBasis,9,&(lvalues[4605]),0}, +{"c2pnb163v1","c2pnb163v1",NID_X9_62_c2pnb163v1,8,&(lvalues[4614]),0}, +{"c2pnb163v2","c2pnb163v2",NID_X9_62_c2pnb163v2,8,&(lvalues[4622]),0}, +{"c2pnb163v3","c2pnb163v3",NID_X9_62_c2pnb163v3,8,&(lvalues[4630]),0}, +{"c2pnb176v1","c2pnb176v1",NID_X9_62_c2pnb176v1,8,&(lvalues[4638]),0}, +{"c2tnb191v1","c2tnb191v1",NID_X9_62_c2tnb191v1,8,&(lvalues[4646]),0}, +{"c2tnb191v2","c2tnb191v2",NID_X9_62_c2tnb191v2,8,&(lvalues[4654]),0}, +{"c2tnb191v3","c2tnb191v3",NID_X9_62_c2tnb191v3,8,&(lvalues[4662]),0}, +{"c2onb191v4","c2onb191v4",NID_X9_62_c2onb191v4,8,&(lvalues[4670]),0}, +{"c2onb191v5","c2onb191v5",NID_X9_62_c2onb191v5,8,&(lvalues[4678]),0}, +{"c2pnb208w1","c2pnb208w1",NID_X9_62_c2pnb208w1,8,&(lvalues[4686]),0}, +{"c2tnb239v1","c2tnb239v1",NID_X9_62_c2tnb239v1,8,&(lvalues[4694]),0}, +{"c2tnb239v2","c2tnb239v2",NID_X9_62_c2tnb239v2,8,&(lvalues[4702]),0}, +{"c2tnb239v3","c2tnb239v3",NID_X9_62_c2tnb239v3,8,&(lvalues[4710]),0}, +{"c2onb239v4","c2onb239v4",NID_X9_62_c2onb239v4,8,&(lvalues[4718]),0}, +{"c2onb239v5","c2onb239v5",NID_X9_62_c2onb239v5,8,&(lvalues[4726]),0}, +{"c2pnb272w1","c2pnb272w1",NID_X9_62_c2pnb272w1,8,&(lvalues[4734]),0}, +{"c2pnb304w1","c2pnb304w1",NID_X9_62_c2pnb304w1,8,&(lvalues[4742]),0}, +{"c2tnb359v1","c2tnb359v1",NID_X9_62_c2tnb359v1,8,&(lvalues[4750]),0}, +{"c2pnb368w1","c2pnb368w1",NID_X9_62_c2pnb368w1,8,&(lvalues[4758]),0}, +{"c2tnb431r1","c2tnb431r1",NID_X9_62_c2tnb431r1,8,&(lvalues[4766]),0}, +{"secp112r1","secp112r1",NID_secp112r1,5,&(lvalues[4774]),0}, +{"secp112r2","secp112r2",NID_secp112r2,5,&(lvalues[4779]),0}, +{"secp128r1","secp128r1",NID_secp128r1,5,&(lvalues[4784]),0}, +{"secp128r2","secp128r2",NID_secp128r2,5,&(lvalues[4789]),0}, +{"secp160k1","secp160k1",NID_secp160k1,5,&(lvalues[4794]),0}, +{"secp160r1","secp160r1",NID_secp160r1,5,&(lvalues[4799]),0}, +{"secp160r2","secp160r2",NID_secp160r2,5,&(lvalues[4804]),0}, +{"secp192k1","secp192k1",NID_secp192k1,5,&(lvalues[4809]),0}, +{"secp224k1","secp224k1",NID_secp224k1,5,&(lvalues[4814]),0}, +{"secp224r1","secp224r1",NID_secp224r1,5,&(lvalues[4819]),0}, +{"secp256k1","secp256k1",NID_secp256k1,5,&(lvalues[4824]),0}, +{"secp384r1","secp384r1",NID_secp384r1,5,&(lvalues[4829]),0}, +{"secp521r1","secp521r1",NID_secp521r1,5,&(lvalues[4834]),0}, +{"sect113r1","sect113r1",NID_sect113r1,5,&(lvalues[4839]),0}, +{"sect113r2","sect113r2",NID_sect113r2,5,&(lvalues[4844]),0}, +{"sect131r1","sect131r1",NID_sect131r1,5,&(lvalues[4849]),0}, +{"sect131r2","sect131r2",NID_sect131r2,5,&(lvalues[4854]),0}, +{"sect163k1","sect163k1",NID_sect163k1,5,&(lvalues[4859]),0}, +{"sect163r1","sect163r1",NID_sect163r1,5,&(lvalues[4864]),0}, +{"sect163r2","sect163r2",NID_sect163r2,5,&(lvalues[4869]),0}, +{"sect193r1","sect193r1",NID_sect193r1,5,&(lvalues[4874]),0}, +{"sect193r2","sect193r2",NID_sect193r2,5,&(lvalues[4879]),0}, +{"sect233k1","sect233k1",NID_sect233k1,5,&(lvalues[4884]),0}, +{"sect233r1","sect233r1",NID_sect233r1,5,&(lvalues[4889]),0}, +{"sect239k1","sect239k1",NID_sect239k1,5,&(lvalues[4894]),0}, +{"sect283k1","sect283k1",NID_sect283k1,5,&(lvalues[4899]),0}, +{"sect283r1","sect283r1",NID_sect283r1,5,&(lvalues[4904]),0}, +{"sect409k1","sect409k1",NID_sect409k1,5,&(lvalues[4909]),0}, +{"sect409r1","sect409r1",NID_sect409r1,5,&(lvalues[4914]),0}, +{"sect571k1","sect571k1",NID_sect571k1,5,&(lvalues[4919]),0}, +{"sect571r1","sect571r1",NID_sect571r1,5,&(lvalues[4924]),0}, {"wap-wsg-idm-ecid-wtls1","wap-wsg-idm-ecid-wtls1", - NID_wap_wsg_idm_ecid_wtls1,5,&(lvalues[4935]),0}, + NID_wap_wsg_idm_ecid_wtls1,5,&(lvalues[4929]),0}, {"wap-wsg-idm-ecid-wtls3","wap-wsg-idm-ecid-wtls3", - NID_wap_wsg_idm_ecid_wtls3,5,&(lvalues[4940]),0}, + NID_wap_wsg_idm_ecid_wtls3,5,&(lvalues[4934]),0}, {"wap-wsg-idm-ecid-wtls4","wap-wsg-idm-ecid-wtls4", - NID_wap_wsg_idm_ecid_wtls4,5,&(lvalues[4945]),0}, + NID_wap_wsg_idm_ecid_wtls4,5,&(lvalues[4939]),0}, {"wap-wsg-idm-ecid-wtls5","wap-wsg-idm-ecid-wtls5", - NID_wap_wsg_idm_ecid_wtls5,5,&(lvalues[4950]),0}, + NID_wap_wsg_idm_ecid_wtls5,5,&(lvalues[4944]),0}, {"wap-wsg-idm-ecid-wtls6","wap-wsg-idm-ecid-wtls6", - NID_wap_wsg_idm_ecid_wtls6,5,&(lvalues[4955]),0}, + NID_wap_wsg_idm_ecid_wtls6,5,&(lvalues[4949]),0}, {"wap-wsg-idm-ecid-wtls7","wap-wsg-idm-ecid-wtls7", - NID_wap_wsg_idm_ecid_wtls7,5,&(lvalues[4960]),0}, + NID_wap_wsg_idm_ecid_wtls7,5,&(lvalues[4954]),0}, {"wap-wsg-idm-ecid-wtls8","wap-wsg-idm-ecid-wtls8", - NID_wap_wsg_idm_ecid_wtls8,5,&(lvalues[4965]),0}, + NID_wap_wsg_idm_ecid_wtls8,5,&(lvalues[4959]),0}, {"wap-wsg-idm-ecid-wtls9","wap-wsg-idm-ecid-wtls9", - NID_wap_wsg_idm_ecid_wtls9,5,&(lvalues[4970]),0}, + NID_wap_wsg_idm_ecid_wtls9,5,&(lvalues[4964]),0}, {"wap-wsg-idm-ecid-wtls10","wap-wsg-idm-ecid-wtls10", - NID_wap_wsg_idm_ecid_wtls10,5,&(lvalues[4975]),0}, + NID_wap_wsg_idm_ecid_wtls10,5,&(lvalues[4969]),0}, {"wap-wsg-idm-ecid-wtls11","wap-wsg-idm-ecid-wtls11", - NID_wap_wsg_idm_ecid_wtls11,5,&(lvalues[4980]),0}, + NID_wap_wsg_idm_ecid_wtls11,5,&(lvalues[4974]),0}, {"wap-wsg-idm-ecid-wtls12","wap-wsg-idm-ecid-wtls12", - NID_wap_wsg_idm_ecid_wtls12,5,&(lvalues[4985]),0}, -{"anyPolicy","X509v3 Any Policy",NID_any_policy,4,&(lvalues[4990]),0}, + NID_wap_wsg_idm_ecid_wtls12,5,&(lvalues[4979]),0}, +{"anyPolicy","X509v3 Any Policy",NID_any_policy,4,&(lvalues[4984]),0}, {"policyMappings","X509v3 Policy Mappings",NID_policy_mappings,3, - &(lvalues[4994]),0}, + &(lvalues[4988]),0}, {"inhibitAnyPolicy","X509v3 Inhibit Any Policy", - NID_inhibit_any_policy,3,&(lvalues[4997]),0}, + NID_inhibit_any_policy,3,&(lvalues[4991]),0}, {"Oakley-EC2N-3","ipsec3",NID_ipsec3,0,NULL,0}, {"Oakley-EC2N-4","ipsec4",NID_ipsec4,0,NULL,0}, {"CAMELLIA-128-CBC","camellia-128-cbc",NID_camellia_128_cbc,11, - &(lvalues[5000]),0}, + &(lvalues[4994]),0}, {"CAMELLIA-192-CBC","camellia-192-cbc",NID_camellia_192_cbc,11, - &(lvalues[5011]),0}, + &(lvalues[5005]),0}, {"CAMELLIA-256-CBC","camellia-256-cbc",NID_camellia_256_cbc,11, - &(lvalues[5022]),0}, + &(lvalues[5016]),0}, {"CAMELLIA-128-ECB","camellia-128-ecb",NID_camellia_128_ecb,8, - &(lvalues[5033]),0}, + &(lvalues[5027]),0}, {"CAMELLIA-192-ECB","camellia-192-ecb",NID_camellia_192_ecb,8, - &(lvalues[5041]),0}, + &(lvalues[5035]),0}, {"CAMELLIA-256-ECB","camellia-256-ecb",NID_camellia_256_ecb,8, - &(lvalues[5049]),0}, + &(lvalues[5043]),0}, {"CAMELLIA-128-CFB","camellia-128-cfb",NID_camellia_128_cfb128,8, - &(lvalues[5057]),0}, + &(lvalues[5051]),0}, {"CAMELLIA-192-CFB","camellia-192-cfb",NID_camellia_192_cfb128,8, - &(lvalues[5065]),0}, + &(lvalues[5059]),0}, {"CAMELLIA-256-CFB","camellia-256-cfb",NID_camellia_256_cfb128,8, - &(lvalues[5073]),0}, + &(lvalues[5067]),0}, {"CAMELLIA-128-CFB1","camellia-128-cfb1",NID_camellia_128_cfb1,0,NULL,0}, {"CAMELLIA-192-CFB1","camellia-192-cfb1",NID_camellia_192_cfb1,0,NULL,0}, {"CAMELLIA-256-CFB1","camellia-256-cfb1",NID_camellia_256_cfb1,0,NULL,0}, @@ -2133,284 +2132,284 @@ static const ASN1_OBJECT kObjects[NUM_NID]={ {"CAMELLIA-192-CFB8","camellia-192-cfb8",NID_camellia_192_cfb8,0,NULL,0}, {"CAMELLIA-256-CFB8","camellia-256-cfb8",NID_camellia_256_cfb8,0,NULL,0}, {"CAMELLIA-128-OFB","camellia-128-ofb",NID_camellia_128_ofb128,8, - &(lvalues[5081]),0}, + &(lvalues[5075]),0}, {"CAMELLIA-192-OFB","camellia-192-ofb",NID_camellia_192_ofb128,8, - &(lvalues[5089]),0}, + &(lvalues[5083]),0}, {"CAMELLIA-256-OFB","camellia-256-ofb",NID_camellia_256_ofb128,8, - &(lvalues[5097]),0}, + &(lvalues[5091]),0}, {"subjectDirectoryAttributes","X509v3 Subject Directory Attributes", - NID_subject_directory_attributes,3,&(lvalues[5105]),0}, -{"issuingDistributionPoint","X509v3 Issuing Distrubution Point", - NID_issuing_distribution_point,3,&(lvalues[5108]),0}, + NID_subject_directory_attributes,3,&(lvalues[5099]),0}, +{"issuingDistributionPoint","X509v3 Issuing Distribution Point", + NID_issuing_distribution_point,3,&(lvalues[5102]),0}, {"certificateIssuer","X509v3 Certificate Issuer", - NID_certificate_issuer,3,&(lvalues[5111]),0}, + NID_certificate_issuer,3,&(lvalues[5105]),0}, {NULL,NULL,NID_undef,0,NULL,0}, -{"KISA","kisa",NID_kisa,6,&(lvalues[5114]),0}, +{"KISA","kisa",NID_kisa,6,&(lvalues[5108]),0}, {NULL,NULL,NID_undef,0,NULL,0}, {NULL,NULL,NID_undef,0,NULL,0}, -{"SEED-ECB","seed-ecb",NID_seed_ecb,8,&(lvalues[5120]),0}, -{"SEED-CBC","seed-cbc",NID_seed_cbc,8,&(lvalues[5128]),0}, -{"SEED-OFB","seed-ofb",NID_seed_ofb128,8,&(lvalues[5136]),0}, -{"SEED-CFB","seed-cfb",NID_seed_cfb128,8,&(lvalues[5144]),0}, -{"HMAC-MD5","hmac-md5",NID_hmac_md5,8,&(lvalues[5152]),0}, -{"HMAC-SHA1","hmac-sha1",NID_hmac_sha1,8,&(lvalues[5160]),0}, +{"SEED-ECB","seed-ecb",NID_seed_ecb,8,&(lvalues[5114]),0}, +{"SEED-CBC","seed-cbc",NID_seed_cbc,8,&(lvalues[5122]),0}, +{"SEED-OFB","seed-ofb",NID_seed_ofb128,8,&(lvalues[5130]),0}, +{"SEED-CFB","seed-cfb",NID_seed_cfb128,8,&(lvalues[5138]),0}, +{"HMAC-MD5","hmac-md5",NID_hmac_md5,8,&(lvalues[5146]),0}, +{"HMAC-SHA1","hmac-sha1",NID_hmac_sha1,8,&(lvalues[5154]),0}, {"id-PasswordBasedMAC","password based MAC",NID_id_PasswordBasedMAC,9, - &(lvalues[5168]),0}, + &(lvalues[5162]),0}, {"id-DHBasedMac","Diffie-Hellman based MAC",NID_id_DHBasedMac,9, - &(lvalues[5177]),0}, + &(lvalues[5171]),0}, {"id-it-suppLangTags","id-it-suppLangTags",NID_id_it_suppLangTags,8, - &(lvalues[5186]),0}, -{"caRepository","CA Repository",NID_caRepository,8,&(lvalues[5194]),0}, + &(lvalues[5180]),0}, +{"caRepository","CA Repository",NID_caRepository,8,&(lvalues[5188]),0}, {"id-smime-ct-compressedData","id-smime-ct-compressedData", - NID_id_smime_ct_compressedData,11,&(lvalues[5202]),0}, + NID_id_smime_ct_compressedData,11,&(lvalues[5196]),0}, {"id-ct-asciiTextWithCRLF","id-ct-asciiTextWithCRLF", - NID_id_ct_asciiTextWithCRLF,11,&(lvalues[5213]),0}, + NID_id_ct_asciiTextWithCRLF,11,&(lvalues[5207]),0}, {"id-aes128-wrap","id-aes128-wrap",NID_id_aes128_wrap,9, - &(lvalues[5224]),0}, + &(lvalues[5218]),0}, {"id-aes192-wrap","id-aes192-wrap",NID_id_aes192_wrap,9, - &(lvalues[5233]),0}, + &(lvalues[5227]),0}, {"id-aes256-wrap","id-aes256-wrap",NID_id_aes256_wrap,9, - &(lvalues[5242]),0}, + &(lvalues[5236]),0}, {"ecdsa-with-Recommended","ecdsa-with-Recommended", - NID_ecdsa_with_Recommended,7,&(lvalues[5251]),0}, + NID_ecdsa_with_Recommended,7,&(lvalues[5245]),0}, {"ecdsa-with-Specified","ecdsa-with-Specified", - NID_ecdsa_with_Specified,7,&(lvalues[5258]),0}, + NID_ecdsa_with_Specified,7,&(lvalues[5252]),0}, {"ecdsa-with-SHA224","ecdsa-with-SHA224",NID_ecdsa_with_SHA224,8, - &(lvalues[5265]),0}, + &(lvalues[5259]),0}, {"ecdsa-with-SHA256","ecdsa-with-SHA256",NID_ecdsa_with_SHA256,8, - &(lvalues[5273]),0}, + &(lvalues[5267]),0}, {"ecdsa-with-SHA384","ecdsa-with-SHA384",NID_ecdsa_with_SHA384,8, - &(lvalues[5281]),0}, + &(lvalues[5275]),0}, {"ecdsa-with-SHA512","ecdsa-with-SHA512",NID_ecdsa_with_SHA512,8, - &(lvalues[5289]),0}, -{"hmacWithMD5","hmacWithMD5",NID_hmacWithMD5,8,&(lvalues[5297]),0}, + &(lvalues[5283]),0}, +{"hmacWithMD5","hmacWithMD5",NID_hmacWithMD5,8,&(lvalues[5291]),0}, {"hmacWithSHA224","hmacWithSHA224",NID_hmacWithSHA224,8, - &(lvalues[5305]),0}, + &(lvalues[5299]),0}, {"hmacWithSHA256","hmacWithSHA256",NID_hmacWithSHA256,8, - &(lvalues[5313]),0}, + &(lvalues[5307]),0}, {"hmacWithSHA384","hmacWithSHA384",NID_hmacWithSHA384,8, - &(lvalues[5321]),0}, + &(lvalues[5315]),0}, {"hmacWithSHA512","hmacWithSHA512",NID_hmacWithSHA512,8, - &(lvalues[5329]),0}, + &(lvalues[5323]),0}, {"dsa_with_SHA224","dsa_with_SHA224",NID_dsa_with_SHA224,9, - &(lvalues[5337]),0}, + &(lvalues[5331]),0}, {"dsa_with_SHA256","dsa_with_SHA256",NID_dsa_with_SHA256,9, - &(lvalues[5346]),0}, -{"whirlpool","whirlpool",NID_whirlpool,6,&(lvalues[5355]),0}, -{"cryptopro","cryptopro",NID_cryptopro,5,&(lvalues[5361]),0}, -{"cryptocom","cryptocom",NID_cryptocom,5,&(lvalues[5366]),0}, + &(lvalues[5340]),0}, +{"whirlpool","whirlpool",NID_whirlpool,6,&(lvalues[5349]),0}, +{"cryptopro","cryptopro",NID_cryptopro,5,&(lvalues[5355]),0}, +{"cryptocom","cryptocom",NID_cryptocom,5,&(lvalues[5360]),0}, {"id-GostR3411-94-with-GostR3410-2001", "GOST R 34.11-94 with GOST R 34.10-2001", - NID_id_GostR3411_94_with_GostR3410_2001,6,&(lvalues[5371]),0}, + NID_id_GostR3411_94_with_GostR3410_2001,6,&(lvalues[5365]),0}, {"id-GostR3411-94-with-GostR3410-94", "GOST R 34.11-94 with GOST R 34.10-94", - NID_id_GostR3411_94_with_GostR3410_94,6,&(lvalues[5377]),0}, -{"md_gost94","GOST R 34.11-94",NID_id_GostR3411_94,6,&(lvalues[5383]),0}, + NID_id_GostR3411_94_with_GostR3410_94,6,&(lvalues[5371]),0}, +{"md_gost94","GOST R 34.11-94",NID_id_GostR3411_94,6,&(lvalues[5377]),0}, {"id-HMACGostR3411-94","HMAC GOST 34.11-94",NID_id_HMACGostR3411_94,6, - &(lvalues[5389]),0}, + &(lvalues[5383]),0}, {"gost2001","GOST R 34.10-2001",NID_id_GostR3410_2001,6, - &(lvalues[5395]),0}, -{"gost94","GOST R 34.10-94",NID_id_GostR3410_94,6,&(lvalues[5401]),0}, -{"gost89","GOST 28147-89",NID_id_Gost28147_89,6,&(lvalues[5407]),0}, + &(lvalues[5389]),0}, +{"gost94","GOST R 34.10-94",NID_id_GostR3410_94,6,&(lvalues[5395]),0}, +{"gost89","GOST 28147-89",NID_id_Gost28147_89,6,&(lvalues[5401]),0}, {"gost89-cnt","gost89-cnt",NID_gost89_cnt,0,NULL,0}, {"gost-mac","GOST 28147-89 MAC",NID_id_Gost28147_89_MAC,6, - &(lvalues[5413]),0}, + &(lvalues[5407]),0}, {"prf-gostr3411-94","GOST R 34.11-94 PRF",NID_id_GostR3411_94_prf,6, - &(lvalues[5419]),0}, + &(lvalues[5413]),0}, {"id-GostR3410-2001DH","GOST R 34.10-2001 DH",NID_id_GostR3410_2001DH, - 6,&(lvalues[5425]),0}, + 6,&(lvalues[5419]),0}, {"id-GostR3410-94DH","GOST R 34.10-94 DH",NID_id_GostR3410_94DH,6, - &(lvalues[5431]),0}, + &(lvalues[5425]),0}, {"id-Gost28147-89-CryptoPro-KeyMeshing", "id-Gost28147-89-CryptoPro-KeyMeshing", - NID_id_Gost28147_89_CryptoPro_KeyMeshing,7,&(lvalues[5437]),0}, + NID_id_Gost28147_89_CryptoPro_KeyMeshing,7,&(lvalues[5431]),0}, {"id-Gost28147-89-None-KeyMeshing","id-Gost28147-89-None-KeyMeshing", - NID_id_Gost28147_89_None_KeyMeshing,7,&(lvalues[5444]),0}, + NID_id_Gost28147_89_None_KeyMeshing,7,&(lvalues[5438]),0}, {"id-GostR3411-94-TestParamSet","id-GostR3411-94-TestParamSet", - NID_id_GostR3411_94_TestParamSet,7,&(lvalues[5451]),0}, + NID_id_GostR3411_94_TestParamSet,7,&(lvalues[5445]),0}, {"id-GostR3411-94-CryptoProParamSet", "id-GostR3411-94-CryptoProParamSet", - NID_id_GostR3411_94_CryptoProParamSet,7,&(lvalues[5458]),0}, + NID_id_GostR3411_94_CryptoProParamSet,7,&(lvalues[5452]),0}, {"id-Gost28147-89-TestParamSet","id-Gost28147-89-TestParamSet", - NID_id_Gost28147_89_TestParamSet,7,&(lvalues[5465]),0}, + NID_id_Gost28147_89_TestParamSet,7,&(lvalues[5459]),0}, {"id-Gost28147-89-CryptoPro-A-ParamSet", "id-Gost28147-89-CryptoPro-A-ParamSet", - NID_id_Gost28147_89_CryptoPro_A_ParamSet,7,&(lvalues[5472]),0}, + NID_id_Gost28147_89_CryptoPro_A_ParamSet,7,&(lvalues[5466]),0}, {"id-Gost28147-89-CryptoPro-B-ParamSet", "id-Gost28147-89-CryptoPro-B-ParamSet", - NID_id_Gost28147_89_CryptoPro_B_ParamSet,7,&(lvalues[5479]),0}, + NID_id_Gost28147_89_CryptoPro_B_ParamSet,7,&(lvalues[5473]),0}, {"id-Gost28147-89-CryptoPro-C-ParamSet", "id-Gost28147-89-CryptoPro-C-ParamSet", - NID_id_Gost28147_89_CryptoPro_C_ParamSet,7,&(lvalues[5486]),0}, + NID_id_Gost28147_89_CryptoPro_C_ParamSet,7,&(lvalues[5480]),0}, {"id-Gost28147-89-CryptoPro-D-ParamSet", "id-Gost28147-89-CryptoPro-D-ParamSet", - NID_id_Gost28147_89_CryptoPro_D_ParamSet,7,&(lvalues[5493]),0}, + NID_id_Gost28147_89_CryptoPro_D_ParamSet,7,&(lvalues[5487]),0}, {"id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet", "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet", - NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet,7,&(lvalues[5500]), + NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet,7,&(lvalues[5494]), 0}, {"id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet", "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet", - NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet,7,&(lvalues[5507]), + NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet,7,&(lvalues[5501]), 0}, {"id-Gost28147-89-CryptoPro-RIC-1-ParamSet", "id-Gost28147-89-CryptoPro-RIC-1-ParamSet", - NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet,7,&(lvalues[5514]),0}, + NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet,7,&(lvalues[5508]),0}, {"id-GostR3410-94-TestParamSet","id-GostR3410-94-TestParamSet", - NID_id_GostR3410_94_TestParamSet,7,&(lvalues[5521]),0}, + NID_id_GostR3410_94_TestParamSet,7,&(lvalues[5515]),0}, {"id-GostR3410-94-CryptoPro-A-ParamSet", "id-GostR3410-94-CryptoPro-A-ParamSet", - NID_id_GostR3410_94_CryptoPro_A_ParamSet,7,&(lvalues[5528]),0}, + NID_id_GostR3410_94_CryptoPro_A_ParamSet,7,&(lvalues[5522]),0}, {"id-GostR3410-94-CryptoPro-B-ParamSet", "id-GostR3410-94-CryptoPro-B-ParamSet", - NID_id_GostR3410_94_CryptoPro_B_ParamSet,7,&(lvalues[5535]),0}, + NID_id_GostR3410_94_CryptoPro_B_ParamSet,7,&(lvalues[5529]),0}, {"id-GostR3410-94-CryptoPro-C-ParamSet", "id-GostR3410-94-CryptoPro-C-ParamSet", - NID_id_GostR3410_94_CryptoPro_C_ParamSet,7,&(lvalues[5542]),0}, + NID_id_GostR3410_94_CryptoPro_C_ParamSet,7,&(lvalues[5536]),0}, {"id-GostR3410-94-CryptoPro-D-ParamSet", "id-GostR3410-94-CryptoPro-D-ParamSet", - NID_id_GostR3410_94_CryptoPro_D_ParamSet,7,&(lvalues[5549]),0}, + NID_id_GostR3410_94_CryptoPro_D_ParamSet,7,&(lvalues[5543]),0}, {"id-GostR3410-94-CryptoPro-XchA-ParamSet", "id-GostR3410-94-CryptoPro-XchA-ParamSet", - NID_id_GostR3410_94_CryptoPro_XchA_ParamSet,7,&(lvalues[5556]),0}, + NID_id_GostR3410_94_CryptoPro_XchA_ParamSet,7,&(lvalues[5550]),0}, {"id-GostR3410-94-CryptoPro-XchB-ParamSet", "id-GostR3410-94-CryptoPro-XchB-ParamSet", - NID_id_GostR3410_94_CryptoPro_XchB_ParamSet,7,&(lvalues[5563]),0}, + NID_id_GostR3410_94_CryptoPro_XchB_ParamSet,7,&(lvalues[5557]),0}, {"id-GostR3410-94-CryptoPro-XchC-ParamSet", "id-GostR3410-94-CryptoPro-XchC-ParamSet", - NID_id_GostR3410_94_CryptoPro_XchC_ParamSet,7,&(lvalues[5570]),0}, + NID_id_GostR3410_94_CryptoPro_XchC_ParamSet,7,&(lvalues[5564]),0}, {"id-GostR3410-2001-TestParamSet","id-GostR3410-2001-TestParamSet", - NID_id_GostR3410_2001_TestParamSet,7,&(lvalues[5577]),0}, + NID_id_GostR3410_2001_TestParamSet,7,&(lvalues[5571]),0}, {"id-GostR3410-2001-CryptoPro-A-ParamSet", "id-GostR3410-2001-CryptoPro-A-ParamSet", - NID_id_GostR3410_2001_CryptoPro_A_ParamSet,7,&(lvalues[5584]),0}, + NID_id_GostR3410_2001_CryptoPro_A_ParamSet,7,&(lvalues[5578]),0}, {"id-GostR3410-2001-CryptoPro-B-ParamSet", "id-GostR3410-2001-CryptoPro-B-ParamSet", - NID_id_GostR3410_2001_CryptoPro_B_ParamSet,7,&(lvalues[5591]),0}, + NID_id_GostR3410_2001_CryptoPro_B_ParamSet,7,&(lvalues[5585]),0}, {"id-GostR3410-2001-CryptoPro-C-ParamSet", "id-GostR3410-2001-CryptoPro-C-ParamSet", - NID_id_GostR3410_2001_CryptoPro_C_ParamSet,7,&(lvalues[5598]),0}, + NID_id_GostR3410_2001_CryptoPro_C_ParamSet,7,&(lvalues[5592]),0}, {"id-GostR3410-2001-CryptoPro-XchA-ParamSet", "id-GostR3410-2001-CryptoPro-XchA-ParamSet", - NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet,7,&(lvalues[5605]),0}, + NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet,7,&(lvalues[5599]),0}, {"id-GostR3410-2001-CryptoPro-XchB-ParamSet", "id-GostR3410-2001-CryptoPro-XchB-ParamSet", - NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet,7,&(lvalues[5612]),0}, + NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet,7,&(lvalues[5606]),0}, {"id-GostR3410-94-a","id-GostR3410-94-a",NID_id_GostR3410_94_a,7, - &(lvalues[5619]),0}, + &(lvalues[5613]),0}, {"id-GostR3410-94-aBis","id-GostR3410-94-aBis", - NID_id_GostR3410_94_aBis,7,&(lvalues[5626]),0}, + NID_id_GostR3410_94_aBis,7,&(lvalues[5620]),0}, {"id-GostR3410-94-b","id-GostR3410-94-b",NID_id_GostR3410_94_b,7, - &(lvalues[5633]),0}, + &(lvalues[5627]),0}, {"id-GostR3410-94-bBis","id-GostR3410-94-bBis", - NID_id_GostR3410_94_bBis,7,&(lvalues[5640]),0}, + NID_id_GostR3410_94_bBis,7,&(lvalues[5634]),0}, {"id-Gost28147-89-cc","GOST 28147-89 Cryptocom ParamSet", - NID_id_Gost28147_89_cc,8,&(lvalues[5647]),0}, + NID_id_Gost28147_89_cc,8,&(lvalues[5641]),0}, {"gost94cc","GOST 34.10-94 Cryptocom",NID_id_GostR3410_94_cc,8, - &(lvalues[5655]),0}, + &(lvalues[5649]),0}, {"gost2001cc","GOST 34.10-2001 Cryptocom",NID_id_GostR3410_2001_cc,8, - &(lvalues[5663]),0}, + &(lvalues[5657]),0}, {"id-GostR3411-94-with-GostR3410-94-cc", "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom", - NID_id_GostR3411_94_with_GostR3410_94_cc,8,&(lvalues[5671]),0}, + NID_id_GostR3411_94_with_GostR3410_94_cc,8,&(lvalues[5665]),0}, {"id-GostR3411-94-with-GostR3410-2001-cc", "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom", - NID_id_GostR3411_94_with_GostR3410_2001_cc,8,&(lvalues[5679]),0}, + NID_id_GostR3411_94_with_GostR3410_2001_cc,8,&(lvalues[5673]),0}, {"id-GostR3410-2001-ParamSet-cc", "GOST R 3410-2001 Parameter Set Cryptocom", - NID_id_GostR3410_2001_ParamSet_cc,8,&(lvalues[5687]),0}, + NID_id_GostR3410_2001_ParamSet_cc,8,&(lvalues[5681]),0}, {"HMAC","hmac",NID_hmac,0,NULL,0}, {"LocalKeySet","Microsoft Local Key set",NID_LocalKeySet,9, - &(lvalues[5695]),0}, + &(lvalues[5689]),0}, {"freshestCRL","X509v3 Freshest CRL",NID_freshest_crl,3, - &(lvalues[5704]),0}, + &(lvalues[5698]),0}, {"id-on-permanentIdentifier","Permanent Identifier", - NID_id_on_permanentIdentifier,8,&(lvalues[5707]),0}, -{"searchGuide","searchGuide",NID_searchGuide,3,&(lvalues[5715]),0}, + NID_id_on_permanentIdentifier,8,&(lvalues[5701]),0}, +{"searchGuide","searchGuide",NID_searchGuide,3,&(lvalues[5709]),0}, {"businessCategory","businessCategory",NID_businessCategory,3, - &(lvalues[5718]),0}, -{"postalAddress","postalAddress",NID_postalAddress,3,&(lvalues[5721]),0}, -{"postOfficeBox","postOfficeBox",NID_postOfficeBox,3,&(lvalues[5724]),0}, + &(lvalues[5712]),0}, +{"postalAddress","postalAddress",NID_postalAddress,3,&(lvalues[5715]),0}, +{"postOfficeBox","postOfficeBox",NID_postOfficeBox,3,&(lvalues[5718]),0}, {"physicalDeliveryOfficeName","physicalDeliveryOfficeName", - NID_physicalDeliveryOfficeName,3,&(lvalues[5727]),0}, + NID_physicalDeliveryOfficeName,3,&(lvalues[5721]),0}, {"telephoneNumber","telephoneNumber",NID_telephoneNumber,3, - &(lvalues[5730]),0}, -{"telexNumber","telexNumber",NID_telexNumber,3,&(lvalues[5733]),0}, + &(lvalues[5724]),0}, +{"telexNumber","telexNumber",NID_telexNumber,3,&(lvalues[5727]),0}, {"teletexTerminalIdentifier","teletexTerminalIdentifier", - NID_teletexTerminalIdentifier,3,&(lvalues[5736]),0}, + NID_teletexTerminalIdentifier,3,&(lvalues[5730]),0}, {"facsimileTelephoneNumber","facsimileTelephoneNumber", - NID_facsimileTelephoneNumber,3,&(lvalues[5739]),0}, -{"x121Address","x121Address",NID_x121Address,3,&(lvalues[5742]),0}, + NID_facsimileTelephoneNumber,3,&(lvalues[5733]),0}, +{"x121Address","x121Address",NID_x121Address,3,&(lvalues[5736]),0}, {"internationaliSDNNumber","internationaliSDNNumber", - NID_internationaliSDNNumber,3,&(lvalues[5745]),0}, + NID_internationaliSDNNumber,3,&(lvalues[5739]),0}, {"registeredAddress","registeredAddress",NID_registeredAddress,3, - &(lvalues[5748]),0}, + &(lvalues[5742]),0}, {"destinationIndicator","destinationIndicator", - NID_destinationIndicator,3,&(lvalues[5751]),0}, + NID_destinationIndicator,3,&(lvalues[5745]),0}, {"preferredDeliveryMethod","preferredDeliveryMethod", - NID_preferredDeliveryMethod,3,&(lvalues[5754]),0}, + NID_preferredDeliveryMethod,3,&(lvalues[5748]),0}, {"presentationAddress","presentationAddress",NID_presentationAddress, - 3,&(lvalues[5757]),0}, + 3,&(lvalues[5751]),0}, {"supportedApplicationContext","supportedApplicationContext", - NID_supportedApplicationContext,3,&(lvalues[5760]),0}, -{"member","member",NID_member,3,&(lvalues[5763]),0}, -{"owner","owner",NID_owner,3,&(lvalues[5766]),0}, -{"roleOccupant","roleOccupant",NID_roleOccupant,3,&(lvalues[5769]),0}, -{"seeAlso","seeAlso",NID_seeAlso,3,&(lvalues[5772]),0}, -{"userPassword","userPassword",NID_userPassword,3,&(lvalues[5775]),0}, + NID_supportedApplicationContext,3,&(lvalues[5754]),0}, +{"member","member",NID_member,3,&(lvalues[5757]),0}, +{"owner","owner",NID_owner,3,&(lvalues[5760]),0}, +{"roleOccupant","roleOccupant",NID_roleOccupant,3,&(lvalues[5763]),0}, +{"seeAlso","seeAlso",NID_seeAlso,3,&(lvalues[5766]),0}, +{"userPassword","userPassword",NID_userPassword,3,&(lvalues[5769]),0}, {"userCertificate","userCertificate",NID_userCertificate,3, - &(lvalues[5778]),0}, -{"cACertificate","cACertificate",NID_cACertificate,3,&(lvalues[5781]),0}, + &(lvalues[5772]),0}, +{"cACertificate","cACertificate",NID_cACertificate,3,&(lvalues[5775]),0}, {"authorityRevocationList","authorityRevocationList", - NID_authorityRevocationList,3,&(lvalues[5784]),0}, + NID_authorityRevocationList,3,&(lvalues[5778]),0}, {"certificateRevocationList","certificateRevocationList", - NID_certificateRevocationList,3,&(lvalues[5787]),0}, + NID_certificateRevocationList,3,&(lvalues[5781]),0}, {"crossCertificatePair","crossCertificatePair", - NID_crossCertificatePair,3,&(lvalues[5790]),0}, + NID_crossCertificatePair,3,&(lvalues[5784]),0}, {"enhancedSearchGuide","enhancedSearchGuide",NID_enhancedSearchGuide, - 3,&(lvalues[5793]),0}, + 3,&(lvalues[5787]),0}, {"protocolInformation","protocolInformation",NID_protocolInformation, - 3,&(lvalues[5796]),0}, + 3,&(lvalues[5790]),0}, {"distinguishedName","distinguishedName",NID_distinguishedName,3, - &(lvalues[5799]),0}, -{"uniqueMember","uniqueMember",NID_uniqueMember,3,&(lvalues[5802]),0}, + &(lvalues[5793]),0}, +{"uniqueMember","uniqueMember",NID_uniqueMember,3,&(lvalues[5796]),0}, {"houseIdentifier","houseIdentifier",NID_houseIdentifier,3, - &(lvalues[5805]),0}, + &(lvalues[5799]),0}, {"supportedAlgorithms","supportedAlgorithms",NID_supportedAlgorithms, - 3,&(lvalues[5808]),0}, + 3,&(lvalues[5802]),0}, {"deltaRevocationList","deltaRevocationList",NID_deltaRevocationList, - 3,&(lvalues[5811]),0}, -{"dmdName","dmdName",NID_dmdName,3,&(lvalues[5814]),0}, + 3,&(lvalues[5805]),0}, +{"dmdName","dmdName",NID_dmdName,3,&(lvalues[5808]),0}, {"id-alg-PWRI-KEK","id-alg-PWRI-KEK",NID_id_alg_PWRI_KEK,11, - &(lvalues[5817]),0}, + &(lvalues[5811]),0}, {"CMAC","cmac",NID_cmac,0,NULL,0}, -{"id-aes128-GCM","aes-128-gcm",NID_aes_128_gcm,9,&(lvalues[5828]),0}, -{"id-aes128-CCM","aes-128-ccm",NID_aes_128_ccm,9,&(lvalues[5837]),0}, +{"id-aes128-GCM","aes-128-gcm",NID_aes_128_gcm,9,&(lvalues[5822]),0}, +{"id-aes128-CCM","aes-128-ccm",NID_aes_128_ccm,9,&(lvalues[5831]),0}, {"id-aes128-wrap-pad","id-aes128-wrap-pad",NID_id_aes128_wrap_pad,9, - &(lvalues[5846]),0}, -{"id-aes192-GCM","aes-192-gcm",NID_aes_192_gcm,9,&(lvalues[5855]),0}, -{"id-aes192-CCM","aes-192-ccm",NID_aes_192_ccm,9,&(lvalues[5864]),0}, + &(lvalues[5840]),0}, +{"id-aes192-GCM","aes-192-gcm",NID_aes_192_gcm,9,&(lvalues[5849]),0}, +{"id-aes192-CCM","aes-192-ccm",NID_aes_192_ccm,9,&(lvalues[5858]),0}, {"id-aes192-wrap-pad","id-aes192-wrap-pad",NID_id_aes192_wrap_pad,9, - &(lvalues[5873]),0}, -{"id-aes256-GCM","aes-256-gcm",NID_aes_256_gcm,9,&(lvalues[5882]),0}, -{"id-aes256-CCM","aes-256-ccm",NID_aes_256_ccm,9,&(lvalues[5891]),0}, + &(lvalues[5867]),0}, +{"id-aes256-GCM","aes-256-gcm",NID_aes_256_gcm,9,&(lvalues[5876]),0}, +{"id-aes256-CCM","aes-256-ccm",NID_aes_256_ccm,9,&(lvalues[5885]),0}, {"id-aes256-wrap-pad","id-aes256-wrap-pad",NID_id_aes256_wrap_pad,9, - &(lvalues[5900]),0}, + &(lvalues[5894]),0}, {"AES-128-CTR","aes-128-ctr",NID_aes_128_ctr,0,NULL,0}, {"AES-192-CTR","aes-192-ctr",NID_aes_192_ctr,0,NULL,0}, {"AES-256-CTR","aes-256-ctr",NID_aes_256_ctr,0,NULL,0}, {"id-camellia128-wrap","id-camellia128-wrap",NID_id_camellia128_wrap, - 11,&(lvalues[5909]),0}, + 11,&(lvalues[5903]),0}, {"id-camellia192-wrap","id-camellia192-wrap",NID_id_camellia192_wrap, - 11,&(lvalues[5920]),0}, + 11,&(lvalues[5914]),0}, {"id-camellia256-wrap","id-camellia256-wrap",NID_id_camellia256_wrap, - 11,&(lvalues[5931]),0}, + 11,&(lvalues[5925]),0}, {"anyExtendedKeyUsage","Any Extended Key Usage", - NID_anyExtendedKeyUsage,4,&(lvalues[5942]),0}, -{"MGF1","mgf1",NID_mgf1,9,&(lvalues[5946]),0}, -{"RSASSA-PSS","rsassaPss",NID_rsassaPss,9,&(lvalues[5955]),0}, + NID_anyExtendedKeyUsage,4,&(lvalues[5936]),0}, +{"MGF1","mgf1",NID_mgf1,9,&(lvalues[5940]),0}, +{"RSASSA-PSS","rsassaPss",NID_rsassaPss,9,&(lvalues[5949]),0}, {"AES-128-XTS","aes-128-xts",NID_aes_128_xts,0,NULL,0}, {"AES-256-XTS","aes-256-xts",NID_aes_256_xts,0,NULL,0}, {"RC4-HMAC-MD5","rc4-hmac-md5",NID_rc4_hmac_md5,0,NULL,0}, @@ -2420,67 +2419,67 @@ static const ASN1_OBJECT kObjects[NUM_NID]={ NID_aes_192_cbc_hmac_sha1,0,NULL,0}, {"AES-256-CBC-HMAC-SHA1","aes-256-cbc-hmac-sha1", NID_aes_256_cbc_hmac_sha1,0,NULL,0}, -{"RSAES-OAEP","rsaesOaep",NID_rsaesOaep,9,&(lvalues[5964]),0}, -{"dhpublicnumber","X9.42 DH",NID_dhpublicnumber,7,&(lvalues[5973]),0}, +{"RSAES-OAEP","rsaesOaep",NID_rsaesOaep,9,&(lvalues[5958]),0}, +{"dhpublicnumber","X9.42 DH",NID_dhpublicnumber,7,&(lvalues[5967]),0}, {"brainpoolP160r1","brainpoolP160r1",NID_brainpoolP160r1,9, - &(lvalues[5980]),0}, + &(lvalues[5974]),0}, {"brainpoolP160t1","brainpoolP160t1",NID_brainpoolP160t1,9, - &(lvalues[5989]),0}, + &(lvalues[5983]),0}, {"brainpoolP192r1","brainpoolP192r1",NID_brainpoolP192r1,9, - &(lvalues[5998]),0}, + &(lvalues[5992]),0}, {"brainpoolP192t1","brainpoolP192t1",NID_brainpoolP192t1,9, - &(lvalues[6007]),0}, + &(lvalues[6001]),0}, {"brainpoolP224r1","brainpoolP224r1",NID_brainpoolP224r1,9, - &(lvalues[6016]),0}, + &(lvalues[6010]),0}, {"brainpoolP224t1","brainpoolP224t1",NID_brainpoolP224t1,9, - &(lvalues[6025]),0}, + &(lvalues[6019]),0}, {"brainpoolP256r1","brainpoolP256r1",NID_brainpoolP256r1,9, - &(lvalues[6034]),0}, + &(lvalues[6028]),0}, {"brainpoolP256t1","brainpoolP256t1",NID_brainpoolP256t1,9, - &(lvalues[6043]),0}, + &(lvalues[6037]),0}, {"brainpoolP320r1","brainpoolP320r1",NID_brainpoolP320r1,9, - &(lvalues[6052]),0}, + &(lvalues[6046]),0}, {"brainpoolP320t1","brainpoolP320t1",NID_brainpoolP320t1,9, - &(lvalues[6061]),0}, + &(lvalues[6055]),0}, {"brainpoolP384r1","brainpoolP384r1",NID_brainpoolP384r1,9, - &(lvalues[6070]),0}, + &(lvalues[6064]),0}, {"brainpoolP384t1","brainpoolP384t1",NID_brainpoolP384t1,9, - &(lvalues[6079]),0}, + &(lvalues[6073]),0}, {"brainpoolP512r1","brainpoolP512r1",NID_brainpoolP512r1,9, - &(lvalues[6088]),0}, + &(lvalues[6082]),0}, {"brainpoolP512t1","brainpoolP512t1",NID_brainpoolP512t1,9, - &(lvalues[6097]),0}, -{"PSPECIFIED","pSpecified",NID_pSpecified,9,&(lvalues[6106]),0}, + &(lvalues[6091]),0}, +{"PSPECIFIED","pSpecified",NID_pSpecified,9,&(lvalues[6100]),0}, {"dhSinglePass-stdDH-sha1kdf-scheme", "dhSinglePass-stdDH-sha1kdf-scheme", - NID_dhSinglePass_stdDH_sha1kdf_scheme,9,&(lvalues[6115]),0}, + NID_dhSinglePass_stdDH_sha1kdf_scheme,9,&(lvalues[6109]),0}, {"dhSinglePass-stdDH-sha224kdf-scheme", "dhSinglePass-stdDH-sha224kdf-scheme", - NID_dhSinglePass_stdDH_sha224kdf_scheme,6,&(lvalues[6124]),0}, + NID_dhSinglePass_stdDH_sha224kdf_scheme,6,&(lvalues[6118]),0}, {"dhSinglePass-stdDH-sha256kdf-scheme", "dhSinglePass-stdDH-sha256kdf-scheme", - NID_dhSinglePass_stdDH_sha256kdf_scheme,6,&(lvalues[6130]),0}, + NID_dhSinglePass_stdDH_sha256kdf_scheme,6,&(lvalues[6124]),0}, {"dhSinglePass-stdDH-sha384kdf-scheme", "dhSinglePass-stdDH-sha384kdf-scheme", - NID_dhSinglePass_stdDH_sha384kdf_scheme,6,&(lvalues[6136]),0}, + NID_dhSinglePass_stdDH_sha384kdf_scheme,6,&(lvalues[6130]),0}, {"dhSinglePass-stdDH-sha512kdf-scheme", "dhSinglePass-stdDH-sha512kdf-scheme", - NID_dhSinglePass_stdDH_sha512kdf_scheme,6,&(lvalues[6142]),0}, + NID_dhSinglePass_stdDH_sha512kdf_scheme,6,&(lvalues[6136]),0}, {"dhSinglePass-cofactorDH-sha1kdf-scheme", "dhSinglePass-cofactorDH-sha1kdf-scheme", - NID_dhSinglePass_cofactorDH_sha1kdf_scheme,9,&(lvalues[6148]),0}, + NID_dhSinglePass_cofactorDH_sha1kdf_scheme,9,&(lvalues[6142]),0}, {"dhSinglePass-cofactorDH-sha224kdf-scheme", "dhSinglePass-cofactorDH-sha224kdf-scheme", - NID_dhSinglePass_cofactorDH_sha224kdf_scheme,6,&(lvalues[6157]),0}, + NID_dhSinglePass_cofactorDH_sha224kdf_scheme,6,&(lvalues[6151]),0}, {"dhSinglePass-cofactorDH-sha256kdf-scheme", "dhSinglePass-cofactorDH-sha256kdf-scheme", - NID_dhSinglePass_cofactorDH_sha256kdf_scheme,6,&(lvalues[6163]),0}, + NID_dhSinglePass_cofactorDH_sha256kdf_scheme,6,&(lvalues[6157]),0}, {"dhSinglePass-cofactorDH-sha384kdf-scheme", "dhSinglePass-cofactorDH-sha384kdf-scheme", - NID_dhSinglePass_cofactorDH_sha384kdf_scheme,6,&(lvalues[6169]),0}, + NID_dhSinglePass_cofactorDH_sha384kdf_scheme,6,&(lvalues[6163]),0}, {"dhSinglePass-cofactorDH-sha512kdf-scheme", "dhSinglePass-cofactorDH-sha512kdf-scheme", - NID_dhSinglePass_cofactorDH_sha512kdf_scheme,6,&(lvalues[6175]),0}, + NID_dhSinglePass_cofactorDH_sha512kdf_scheme,6,&(lvalues[6169]),0}, {"dh-std-kdf","dh-std-kdf",NID_dh_std_kdf,0,NULL,0}, {"dh-cofactor-kdf","dh-cofactor-kdf",NID_dh_cofactor_kdf,0,NULL,0}, }; @@ -2636,7 +2635,6 @@ static const unsigned int kNIDsInShortNameOrder[NUM_SN]={ 121, /* "RC5-ECB" */ 123, /* "RC5-OFB" */ 117, /* "RIPEMD160" */ -124, /* "RLE" */ 19, /* "RSA" */ 7, /* "RSA-MD2" */ 396, /* "RSA-MD4" */ @@ -3553,7 +3551,7 @@ static const unsigned int kNIDsInLongNameOrder[NUM_LN]={ 857, /* "X509v3 Freshest CRL" */ 748, /* "X509v3 Inhibit Any Policy" */ 86, /* "X509v3 Issuer Alternative Name" */ -770, /* "X509v3 Issuing Distrubution Point" */ +770, /* "X509v3 Issuing Distribution Point" */ 83, /* "X509v3 Key Usage" */ 666, /* "X509v3 Name Constraints" */ 403, /* "X509v3 No Revocation Available" */ @@ -4147,7 +4145,6 @@ static const unsigned int kNIDsInLongNameOrder[NUM_LN]={ 377, /* "rsaSignature" */ 919, /* "rsaesOaep" */ 912, /* "rsassaPss" */ -124, /* "run length compression" */ 482, /* "sOARecord" */ 155, /* "safeContentsBag" */ 291, /* "sbgp-autonomousSysNum" */ @@ -4681,7 +4678,6 @@ static const unsigned int kNIDsInOIDOrder[NUM_OBJ]={ 744, /* OBJ_wap_wsg_idm_ecid_wtls11 2 23 43 1 4 11 */ 745, /* OBJ_wap_wsg_idm_ecid_wtls12 2 23 43 1 4 12 */ 804, /* OBJ_whirlpool 1 0 10118 3 0 55 */ -124, /* OBJ_rle_compression 1 1 1 1 666 1 */ 773, /* OBJ_kisa 1 2 410 200004 */ 807, /* OBJ_id_GostR3411_94_with_GostR3410_2001 1 2 643 2 2 3 */ 808, /* OBJ_id_GostR3411_94_with_GostR3410_94 1 2 643 2 2 4 */ diff --git a/src/crypto/obj/objects.txt b/src/crypto/obj/objects.txt index aeffc6c..2757c4f 100644 --- a/src/crypto/obj/objects.txt +++ b/src/crypto/obj/objects.txt @@ -748,7 +748,7 @@ id-ce 24 : invalidityDate : Invalidity Date !Cname delta-crl id-ce 27 : deltaCRL : X509v3 Delta CRL Indicator !Cname issuing-distribution-point -id-ce 28 : issuingDistributionPoint : X509v3 Issuing Distrubution Point +id-ce 28 : issuingDistributionPoint : X509v3 Issuing Distribution Point !Cname certificate-issuer id-ce 29 : certificateIssuer : X509v3 Certificate Issuer !Cname name-constraints @@ -838,9 +838,7 @@ mime-mhs 2 : mime-mhs-bodies : mime-mhs-bodies mime-mhs-headings 1 : id-hex-partial-message : id-hex-partial-message mime-mhs-headings 2 : id-hex-multipart-message : id-hex-multipart-message -# What the hell are these OIDs, really? -!Cname rle-compression -1 1 1 1 666 1 : RLE : run length compression +# RFC 3274 !Cname zlib-compression id-smime-alg 8 : ZLIB : zlib compression diff --git a/src/crypto/pem/pem_lib.c b/src/crypto/pem/pem_lib.c index 48e3297..5201467 100644 --- a/src/crypto/pem/pem_lib.c +++ b/src/crypto/pem/pem_lib.c @@ -331,8 +331,9 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, if (kstr == NULL) { klen = 0; - if (callback) - klen=(*callback)(buf,PEM_BUFSIZE,1,u); + if (!callback) + callback = PEM_def_callback; + klen=(*callback)(buf,PEM_BUFSIZE,1,u); if (klen <= 0) { OPENSSL_PUT_ERROR(PEM, PEM_ASN1_write_bio, PEM_R_READ_KEY); @@ -403,8 +404,8 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen, if (cipher->cipher == NULL) return(1); klen = 0; - if (callback) - klen=callback(buf,PEM_BUFSIZE,0,u); + if (!callback) callback = PEM_def_callback; + klen=callback(buf,PEM_BUFSIZE,0,u); if (klen <= 0) { OPENSSL_PUT_ERROR(PEM, PEM_do_header, PEM_R_BAD_PASSWORD_READ); @@ -811,3 +812,17 @@ int pem_check_suffix(const char *pem_str, const char *suffix) return p - pem_str; } +int PEM_def_callback(char *buf, int size, int rwflag, void *userdata) + { + if (!buf || !userdata) + { + return 0; + } + size_t len = strlen((char *) userdata); + if (len >= (size_t) size) + { + return 0; + } + strcpy(buf, (char *) userdata); + return len; + } diff --git a/src/crypto/pem/pem_pk8.c b/src/crypto/pem/pem_pk8.c index 383a524..035038e 100644 --- a/src/crypto/pem/pem_pk8.c +++ b/src/crypto/pem/pem_pk8.c @@ -124,8 +124,8 @@ static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER if(enc || (nid != -1)) { if(!kstr) { klen = 0; - if (cb) - klen = cb(buf, PEM_BUFSIZE, 1, u); + if (!cb) cb = PEM_def_callback; + klen = cb(buf, PEM_BUFSIZE, 1, u); if(klen <= 0) { OPENSSL_PUT_ERROR(PEM, do_pk8pkey, PEM_R_READ_KEY); PKCS8_PRIV_KEY_INFO_free(p8inf); @@ -160,8 +160,8 @@ EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo if(!p8) return NULL; klen = 0; - if (cb) - klen=cb(psbuf,PEM_BUFSIZE,0,u); + if (!cb) cb = PEM_def_callback; + klen=cb(psbuf,PEM_BUFSIZE,0,u); if (klen <= 0) { OPENSSL_PUT_ERROR(PEM, d2i_PKCS8PrivateKey_bio, PEM_R_BAD_PASSWORD_READ); X509_SIG_free(p8); diff --git a/src/crypto/pem/pem_pkey.c b/src/crypto/pem/pem_pkey.c index c0aba51..fe58558 100644 --- a/src/crypto/pem/pem_pkey.c +++ b/src/crypto/pem/pem_pkey.c @@ -106,7 +106,8 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo if(!p8) goto p8err; klen = 0; - if (cb) klen=cb(psbuf,PEM_BUFSIZE,0,u); + if (!cb) cb = PEM_def_callback; + klen=cb(psbuf,PEM_BUFSIZE,0,u); if (klen <= 0) { OPENSSL_PUT_ERROR(PEM, PEM_read_bio_PrivateKey, PEM_R_BAD_PASSWORD_READ); X509_SIG_free(p8); @@ -309,4 +310,3 @@ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u) return(ret); } #endif - diff --git a/src/crypto/pkcs8/CMakeLists.txt b/src/crypto/pkcs8/CMakeLists.txt index c0f2746..4426f1e 100644 --- a/src/crypto/pkcs8/CMakeLists.txt +++ b/src/crypto/pkcs8/CMakeLists.txt @@ -15,6 +15,8 @@ add_executable( pkcs12_test pkcs12_test.cc + + $ ) target_link_libraries(pkcs12_test crypto) diff --git a/src/crypto/rand/rand.c b/src/crypto/rand/rand.c index ae30edb..a647b6a 100644 --- a/src/crypto/rand/rand.c +++ b/src/crypto/rand/rand.c @@ -14,6 +14,7 @@ #include +#include #include #include @@ -95,6 +96,7 @@ int RAND_bytes(uint8_t *buf, size_t len) { return 1; } + memset(state->partial_block, 0, sizeof(state->partial_block)); state->calls_used = kMaxCallsPerRefresh; } @@ -149,6 +151,16 @@ int RAND_pseudo_bytes(uint8_t *buf, size_t len) { void RAND_seed(const void *buf, int num) {} +int RAND_load_file(const char *path, long num) { + if (num < 0) { /* read the "whole file" */ + return 1; + } else if (num <= INT_MAX) { + return (int) num; + } else { + return INT_MAX; + } +} + void RAND_add(const void *buf, int num, double entropy) {} int RAND_poll(void) { diff --git a/src/crypto/rand/windows.c b/src/crypto/rand/windows.c index 1a0cb8b..7bfcb1d 100644 --- a/src/crypto/rand/windows.c +++ b/src/crypto/rand/windows.c @@ -27,7 +27,7 @@ * "Community Additions" comment on MSDN here: * http://msdn.microsoft.com/en-us/library/windows/desktop/aa387694.aspx */ #define SystemFunction036 NTAPI SystemFunction036 -#include +#include #undef SystemFunction036 #pragma warning(pop) diff --git a/src/crypto/rc4/rc4.c b/src/crypto/rc4/rc4.c index 2a98fd0..aa19dc2 100644 --- a/src/crypto/rc4/rc4.c +++ b/src/crypto/rc4/rc4.c @@ -141,37 +141,6 @@ void RC4(RC4_KEY *key, size_t len, const uint8_t *in, uint8_t *out) { in += sizeof(RC4_CHUNK); out += sizeof(RC4_CHUNK); } - if (len) { - RC4_CHUNK mask = (RC4_CHUNK) - 1, ochunk; - - ichunk = *(RC4_CHUNK *)in; - ochunk = *(RC4_CHUNK *)out; - otp = 0; - i = BESHFT(0); - mask <<= (sizeof(RC4_CHUNK) - len) << 3; - switch (len & (sizeof(RC4_CHUNK) - 1)) { - case 7: - otp = RC4_STEP << i, i -= 8; - case 6: - otp |= RC4_STEP << i, i -= 8; - case 5: - otp |= RC4_STEP << i, i -= 8; - case 4: - otp |= RC4_STEP << i, i -= 8; - case 3: - otp |= RC4_STEP << i, i -= 8; - case 2: - otp |= RC4_STEP << i, i -= 8; - case 1: - otp |= RC4_STEP << i, i -= 8; - } - ochunk &= ~mask; - ochunk |= (otp ^ ichunk) & mask; - *(RC4_CHUNK *)out = ochunk; - } - key->x = x; - key->y = y; - return; } else { /* LITTLE-ENDIAN CASE */ #define LESHFT(c) (((c) * 8) & (sizeof(RC4_CHUNK) * 8 - 1)) for (; len & (0 - sizeof(RC4_CHUNK)); len -= sizeof(RC4_CHUNK)) { @@ -190,37 +159,6 @@ void RC4(RC4_KEY *key, size_t len, const uint8_t *in, uint8_t *out) { in += sizeof(RC4_CHUNK); out += sizeof(RC4_CHUNK); } - if (len) { - RC4_CHUNK mask = (RC4_CHUNK) - 1, ochunk; - - ichunk = *(RC4_CHUNK *)in; - ochunk = *(RC4_CHUNK *)out; - otp = 0; - i = 0; - mask >>= (sizeof(RC4_CHUNK) - len) << 3; - switch (len & (sizeof(RC4_CHUNK) - 1)) { - case 7: - otp = RC4_STEP, i += 8; - case 6: - otp |= RC4_STEP << i, i += 8; - case 5: - otp |= RC4_STEP << i, i += 8; - case 4: - otp |= RC4_STEP << i, i += 8; - case 3: - otp |= RC4_STEP << i, i += 8; - case 2: - otp |= RC4_STEP << i, i += 8; - case 1: - otp |= RC4_STEP << i, i += 8; - } - ochunk &= ~mask; - ochunk |= (otp ^ ichunk) & mask; - *(RC4_CHUNK *)out = ochunk; - } - key->x = x; - key->y = y; - return; } } #define LOOP(in, out) \ diff --git a/src/crypto/refcount_c11.c b/src/crypto/refcount_c11.c new file mode 100644 index 0000000..fbc0343 --- /dev/null +++ b/src/crypto/refcount_c11.c @@ -0,0 +1,67 @@ +/* Copyright (c) 2015, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#include "internal.h" + + +#if defined(OPENSSL_C11_ATOMIC) + +#include +#include +#include +#include + +#include + + +/* See comment above the typedef of CRYPTO_refcount_t about these tests. */ +static_assert(alignof(CRYPTO_refcount_t) == alignof(_Atomic CRYPTO_refcount_t), + "_Atomic alters the needed alignment of a reference count"); +static_assert(sizeof(CRYPTO_refcount_t) == sizeof(_Atomic CRYPTO_refcount_t), + "_Atomic alters the size of a reference count"); + +static_assert((CRYPTO_refcount_t)-1 == CRYPTO_REFCOUNT_MAX, + "CRYPTO_REFCOUNT_MAX is incorrect"); + +void CRYPTO_refcount_inc(CRYPTO_refcount_t *in_count) { + _Atomic CRYPTO_refcount_t *count = (_Atomic CRYPTO_refcount_t *) in_count; + uint32_t expected = atomic_load(count); + + while (expected != CRYPTO_REFCOUNT_MAX) { + uint32_t new_value = expected + 1; + if (atomic_compare_exchange_weak(count, &expected, new_value)) { + break; + } + } +} + +int CRYPTO_refcount_dec_and_test_zero(CRYPTO_refcount_t *in_count) { + _Atomic CRYPTO_refcount_t *count = (_Atomic CRYPTO_refcount_t *)in_count; + uint32_t expected = atomic_load(count); + + for (;;) { + if (expected == 0) { + abort(); + } else if (expected == CRYPTO_REFCOUNT_MAX) { + return 0; + } else { + const uint32_t new_value = expected - 1; + if (atomic_compare_exchange_weak(count, &expected, new_value)) { + return new_value == 0; + } + } + } +} + +#endif /* OPENSSL_C11_ATOMIC */ diff --git a/src/crypto/refcount_lock.c b/src/crypto/refcount_lock.c new file mode 100644 index 0000000..bb8ef86 --- /dev/null +++ b/src/crypto/refcount_lock.c @@ -0,0 +1,53 @@ +/* Copyright (c) 2015, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#include "internal.h" + +#include + +#include + + +#if !defined(OPENSSL_C11_ATOMIC) + +OPENSSL_COMPILE_ASSERT((CRYPTO_refcount_t)-1 == CRYPTO_REFCOUNT_MAX, + CRYPTO_REFCOUNT_MAX_is_incorrect); + +static struct CRYPTO_STATIC_MUTEX g_refcount_lock = CRYPTO_STATIC_MUTEX_INIT; + +void CRYPTO_refcount_inc(CRYPTO_refcount_t *count) { + CRYPTO_STATIC_MUTEX_lock_write(&g_refcount_lock); + if (*count < CRYPTO_REFCOUNT_MAX) { + (*count)++; + } + CRYPTO_STATIC_MUTEX_unlock(&g_refcount_lock); +} + +int CRYPTO_refcount_dec_and_test_zero(CRYPTO_refcount_t *count) { + int ret; + + CRYPTO_STATIC_MUTEX_lock_write(&g_refcount_lock); + if (*count == 0) { + abort(); + } + if (*count < CRYPTO_REFCOUNT_MAX) { + (*count)--; + } + ret = (*count == 0); + CRYPTO_STATIC_MUTEX_unlock(&g_refcount_lock); + + return ret; +} + +#endif /* OPENSSL_C11_ATOMIC */ diff --git a/src/crypto/refcount_test.c b/src/crypto/refcount_test.c new file mode 100644 index 0000000..97bfbd6 --- /dev/null +++ b/src/crypto/refcount_test.c @@ -0,0 +1,59 @@ +/* Copyright (c) 2015, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#include "internal.h" + +#include + +#include + + +int main(int argc, char **argv) { + CRYPTO_refcount_t count = 0; + + CRYPTO_refcount_inc(&count); + if (count != 1) { + fprintf(stderr, "Incrementing reference count did not work.\n"); + return 1; + } + if (!CRYPTO_refcount_dec_and_test_zero(&count) || count != 0) { + fprintf(stderr, "Decrementing reference count to zero did not work.\n"); + return 1; + } + + count = CRYPTO_REFCOUNT_MAX; + CRYPTO_refcount_inc(&count); + if (count != CRYPTO_REFCOUNT_MAX) { + fprintf(stderr, "Count did not saturate correctly when incrementing.\n"); + return 1; + } + if (CRYPTO_refcount_dec_and_test_zero(&count) || + count != CRYPTO_REFCOUNT_MAX) { + fprintf(stderr, "Count did not saturate correctly when decrementing.\n"); + return 1; + } + + count = 2; + if (CRYPTO_refcount_dec_and_test_zero(&count)) { + fprintf(stderr, "Decrementing two resulted in zero!\n"); + return 1; + } + if (count != 1) { + fprintf(stderr, "Decrementing two did not produce one!"); + return 1; + } + + printf("PASS\n"); + return 0; +} diff --git a/src/crypto/rsa/CMakeLists.txt b/src/crypto/rsa/CMakeLists.txt index c438e1d..0ea12c8 100644 --- a/src/crypto/rsa/CMakeLists.txt +++ b/src/crypto/rsa/CMakeLists.txt @@ -16,6 +16,8 @@ add_executable( rsa_test rsa_test.c + + $ ) target_link_libraries(rsa_test crypto) diff --git a/src/crypto/rsa/rsa.c b/src/crypto/rsa/rsa.c index 5cc48ed..17059b0 100644 --- a/src/crypto/rsa/rsa.c +++ b/src/crypto/rsa/rsa.c @@ -121,7 +121,7 @@ void RSA_free(RSA *rsa) { return; } - if (CRYPTO_add(&rsa->references, -1, CRYPTO_LOCK_RSA) > 0) { + if (!CRYPTO_refcount_dec_and_test_zero(&rsa->references)) { return; } @@ -150,7 +150,7 @@ void RSA_free(RSA *rsa) { } int RSA_up_ref(RSA *rsa) { - CRYPTO_add(&rsa->references, 1, CRYPTO_LOCK_RSA); + CRYPTO_refcount_inc(&rsa->references); return 1; } diff --git a/src/crypto/sha/asm/sha256-armv4.pl b/src/crypto/sha/asm/sha256-armv4.pl index 778c3d9..df71676 100644 --- a/src/crypto/sha/asm/sha256-armv4.pl +++ b/src/crypto/sha/asm/sha256-armv4.pl @@ -479,7 +479,7 @@ sha256_block_data_order_neon: stmdb sp!,{r4-r12,lr} sub $H,sp,#16*4+16 - adr $Ktbl,K256 + adrl $Ktbl,K256 bic $H,$H,#15 @ align for 128-bit stores mov $t2,sp mov sp,$H @ alloca diff --git a/src/crypto/sha/sha1.c b/src/crypto/sha/sha1.c index 60d09f6..c03e608 100644 --- a/src/crypto/sha/sha1.c +++ b/src/crypto/sha/sha1.c @@ -101,7 +101,7 @@ uint8_t *SHA1(const uint8_t *data, size_t len, uint8_t *out) { #define HASH_CBLOCK 64 #define HASH_MAKE_STRING(c, s) \ do { \ - unsigned long ll; \ + uint32_t ll; \ ll = (c)->h0; \ (void) HOST_l2c(ll, (s)); \ ll = (c)->h1; \ @@ -188,8 +188,8 @@ void sha1_block_data_order(SHA_CTX *c, const void *p, size_t num); #if !defined(SHA1_ASM) static void HASH_BLOCK_DATA_ORDER(SHA_CTX *c, const void *p, size_t num) { const uint8_t *data = p; - register unsigned MD32_REG_T A, B, C, D, E, T, l; - unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, XX8, XX9, XX10, + register uint32_t A, B, C, D, E, T, l; + uint32_t XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, XX8, XX9, XX10, XX11, XX12, XX13, XX14, XX15; A = c->h0; diff --git a/src/crypto/sha/sha256.c b/src/crypto/sha/sha256.c index 8d4106e..8276bbb 100644 --- a/src/crypto/sha/sha256.c +++ b/src/crypto/sha/sha256.c @@ -144,10 +144,13 @@ int SHA224_Final(uint8_t *md, SHA256_CTX *ctx) { * to truncate to amount of bytes not divisible by 4. I bet not, but if it is, * then default: case shall be extended. For reference. Idea behind separate * cases for pre-defined lenghts is to let the compiler decide if it's - * appropriate to unroll small loops. */ + * appropriate to unroll small loops. + * + * TODO(davidben): The small |md_len| case is one of the few places a low-level + * hash 'final' function can fail. This should never happen. */ #define HASH_MAKE_STRING(c, s) \ do { \ - unsigned long ll; \ + uint32_t ll; \ unsigned int nn; \ switch ((c)->md_len) { \ case SHA224_DIGEST_LENGTH: \ @@ -163,8 +166,9 @@ int SHA224_Final(uint8_t *md, SHA256_CTX *ctx) { } \ break; \ default: \ - if ((c)->md_len > SHA256_DIGEST_LENGTH) \ + if ((c)->md_len > SHA256_DIGEST_LENGTH) { \ return 0; \ + } \ for (nn = 0; nn < (c)->md_len / 4; nn++) { \ ll = (c)->h[nn]; \ (void) HOST_l2c(ll, (s)); \ @@ -232,7 +236,7 @@ static const HASH_LONG K256[64] = { static void sha256_block_data_order(SHA256_CTX *ctx, const void *in, size_t num) { - unsigned MD32_REG_T a, b, c, d, e, f, g, h, s0, s1, T1; + uint32_t a, b, c, d, e, f, g, h, s0, s1, T1; HASH_LONG X[16]; int i; const uint8_t *data = in; diff --git a/src/crypto/sha/sha512.c b/src/crypto/sha/sha512.c index 2acefb1..57c96ab 100644 --- a/src/crypto/sha/sha512.c +++ b/src/crypto/sha/sha512.c @@ -166,7 +166,7 @@ static void sha512_block_data_order(SHA512_CTX *ctx, const void *in, size_t num); -int SHA384_Final(unsigned char *md, SHA512_CTX *sha) { +int SHA384_Final(uint8_t *md, SHA512_CTX *sha) { return SHA512_Final(md, sha); } @@ -174,7 +174,7 @@ int SHA384_Update(SHA512_CTX *sha, const void *data, size_t len) { return SHA512_Update(sha, data, len); } -void SHA512_Transform(SHA512_CTX *c, const unsigned char *data) { +void SHA512_Transform(SHA512_CTX *c, const uint8_t *data) { #ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA if ((size_t)data % sizeof(c->u.d[0]) != 0) { memcpy(c->u.p, data, sizeof(c->u.p)); @@ -244,7 +244,7 @@ int SHA512_Update(SHA512_CTX *c, const void *in_data, size_t len) { return 1; } -int SHA512_Final(unsigned char *md, SHA512_CTX *sha) { +int SHA512_Final(uint8_t *md, SHA512_CTX *sha) { uint8_t *p = (uint8_t *)sha->u.p; size_t n = sha->num; @@ -276,7 +276,9 @@ int SHA512_Final(unsigned char *md, SHA512_CTX *sha) { sha512_block_data_order(sha, p, 1); - if (md == 0) { + if (md == NULL) { + /* TODO(davidben): This NULL check is absent in other low-level hash 'final' + * functions and is one of the few places one can fail. */ return 0; } @@ -312,6 +314,8 @@ int SHA512_Final(unsigned char *md, SHA512_CTX *sha) { break; /* ... as well as make sure md_len is not abused. */ default: + /* TODO(davidben): This bad |md_len| case is one of the few places a + * low-level hash 'final' function can fail. This should never happen. */ return 0; } @@ -415,7 +419,7 @@ static uint64_t __fastcall __pull64be(const void *x) { #ifndef PULL64 #define B(x, j) \ - (((uint64_t)(*(((const unsigned char *)(&x)) + j))) << ((7 - j) * 8)) + (((uint64_t)(*(((const uint8_t *)(&x)) + j))) << ((7 - j) * 8)) #define PULL64(x) \ (B(x, 0) | B(x, 1) | B(x, 2) | B(x, 3) | B(x, 4) | B(x, 5) | B(x, 6) | \ B(x, 7)) diff --git a/src/crypto/test/CMakeLists.txt b/src/crypto/test/CMakeLists.txt index 0d5ca81..84a6174 100644 --- a/src/crypto/test/CMakeLists.txt +++ b/src/crypto/test/CMakeLists.txt @@ -4,4 +4,5 @@ add_library( OBJECT file_test.cc + malloc.cc ) diff --git a/src/crypto/test/file_test.cc b/src/crypto/test/file_test.cc index 12405f2..8df6f9a 100644 --- a/src/crypto/test/file_test.cc +++ b/src/crypto/test/file_test.cc @@ -17,6 +17,7 @@ #include #include #include +#include #include #include diff --git a/src/crypto/test/malloc.cc b/src/crypto/test/malloc.cc new file mode 100644 index 0000000..9ffdf01 --- /dev/null +++ b/src/crypto/test/malloc.cc @@ -0,0 +1,145 @@ +/* Copyright (c) 2014, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#include + +#if defined(__has_feature) +#if __has_feature(address_sanitizer) || __has_feature(memory_sanitizer) +#define OPENSSL_ASAN +#endif +#endif + +#if defined(__GLIBC__) && !defined(__UCLIBC__) +#define OPENSSL_GLIBC +#endif + +// This file isn't built on ARM or Aarch64 because we link statically in those +// builds and trying to override malloc in a static link doesn't work. It also +// requires glibc. It's also disabled on ASan builds as this interferes with +// ASan's malloc interceptor. +// +// TODO(davidben): See if this and ASan's and MSan's interceptors can be made to +// coexist. +#if defined(__linux__) && defined(OPENSSL_GLIBC) && !defined(OPENSSL_ARM) && \ + !defined(OPENSSL_AARCH64) && !defined(OPENSSL_ASAN) + +#include +#include +#include +#include + +#include + + +/* This file defines overrides for the standard allocation functions that allow + * a given allocation to be made to fail for testing. If the program is run + * with MALLOC_NUMBER_TO_FAIL set to a base-10 number then that allocation will + * return NULL. If MALLOC_ABORT_ON_FAIL is also defined then the allocation + * will abort() rather than return NULL. + * + * This code is not thread safe. */ + +static uint64_t current_malloc_count = 0; +static uint64_t malloc_number_to_fail = 0; +static char failure_enabled = 0, abort_on_fail = 0; +static int in_call = 0; + +extern "C" { +/* These are other names for the standard allocation functions. */ +extern void *__libc_malloc(size_t size); +extern void *__libc_calloc(size_t num_elems, size_t size); +extern void *__libc_realloc(void *ptr, size_t size); +} + +static void exit_handler(void) { + if (failure_enabled && current_malloc_count > malloc_number_to_fail) { + _exit(88); + } +} + +static void cpp_new_handler() { + // Return to try again. It won't fail a second time. + return; +} + +/* should_fail_allocation returns true if the current allocation should fail. */ +static int should_fail_allocation() { + static int init = 0; + char should_fail; + + if (in_call) { + return 0; + } + + in_call = 1; + + if (!init) { + const char *env = getenv("MALLOC_NUMBER_TO_FAIL"); + if (env != NULL && env[0] != 0) { + char *endptr; + malloc_number_to_fail = strtoull(env, &endptr, 10); + if (*endptr == 0) { + failure_enabled = 1; + atexit(exit_handler); + std::set_new_handler(cpp_new_handler); + } + } + abort_on_fail = (NULL != getenv("MALLOC_ABORT_ON_FAIL")); + init = 1; + } + + in_call = 0; + + if (!failure_enabled) { + return 0; + } + + should_fail = (current_malloc_count == malloc_number_to_fail); + current_malloc_count++; + + if (should_fail && abort_on_fail) { + abort(); + } + return should_fail; +} + +extern "C" { + +void *malloc(size_t size) { + if (should_fail_allocation()) { + return NULL; + } + + return __libc_malloc(size); +} + +void *calloc(size_t num_elems, size_t size) { + if (should_fail_allocation()) { + return NULL; + } + + return __libc_calloc(num_elems, size); +} + +void *realloc(void *ptr, size_t size) { + if (should_fail_allocation()) { + return NULL; + } + + return __libc_realloc(ptr, size); +} + +} // extern "C" + +#endif /* defined(linux) && GLIBC && !ARM && !AARCH64 && !ASAN */ diff --git a/src/crypto/test/scoped_types.h b/src/crypto/test/scoped_types.h index eb04c18..c5c8cfe 100644 --- a/src/crypto/test/scoped_types.h +++ b/src/crypto/test/scoped_types.h @@ -16,6 +16,7 @@ #define OPENSSL_HEADER_CRYPTO_TEST_SCOPED_TYPES_H #include +#include #include #include @@ -57,6 +58,12 @@ struct OpenSSLFree { } }; +struct FileCloser { + void operator()(FILE *file) { + fclose(file); + } +}; + template using ScopedOpenSSLType = bssl::unique_ptr>; @@ -108,6 +115,9 @@ using ScopedX509_ALGOR = ScopedOpenSSLType; using ScopedX509Stack = ScopedOpenSSLStack; +using ScopedEVP_CIPHER_CTX = ScopedOpenSSLContext; using ScopedEVP_MD_CTX = ScopedOpenSSLContext; using ScopedHMAC_CTX = ScopedOpenSSLContext>; using ScopedOpenSSLString = bssl::unique_ptr>; +using ScopedFILE = bssl::unique_ptr; #endif // OPENSSL_HEADER_CRYPTO_TEST_SCOPED_TYPES_H diff --git a/src/crypto/thread.c b/src/crypto/thread.c index abc8b6f..8837115 100644 --- a/src/crypto/thread.c +++ b/src/crypto/thread.c @@ -69,40 +69,16 @@ #include -#define CRYPTO_LOCK_ITEM(x) #x - -/* lock_names contains the names of all the locks defined in thread.h. */ -static const char *const lock_names[] = { - CRYPTO_LOCK_LIST -}; - -#undef CRYPTO_LOCK_ITEM - -#define CRYPTO_NUM_LOCKS (sizeof(lock_names) / sizeof(lock_names[0])) - -static void (*locking_callback)(int mode, int lock_num, const char *file, - int line) = 0; -static int (*add_lock_callback)(int *pointer, int amount, int lock_num, - const char *file, int line) = 0; - -int CRYPTO_num_locks(void) { return CRYPTO_NUM_LOCKS; } +int CRYPTO_num_locks(void) { return 1; } void CRYPTO_set_locking_callback(void (*func)(int mode, int lock_num, - const char *file, int line)) { - locking_callback = func; -} + const char *file, int line)) {} void CRYPTO_set_add_lock_callback(int (*func)(int *num, int mount, int lock_num, - const char *file, int line)) { - add_lock_callback = func; -} + const char *file, int line)) {} const char *CRYPTO_get_lock_name(int lock_num) { - if (lock_num >= 0 && lock_num < CRYPTO_NUM_LOCKS) { - return lock_names[lock_num]; - } else { - return "ERROR"; - } + return "No old-style OpenSSL locks anymore"; } int CRYPTO_THREADID_set_callback(void (*func)(CRYPTO_THREADID *)) { return 1; } @@ -113,38 +89,6 @@ void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr) {} void CRYPTO_THREADID_current(CRYPTO_THREADID *id) {} -void (*CRYPTO_get_locking_callback(void))(int mode, int lock_num, - const char *file, int line) { - return locking_callback; -} - -int (*CRYPTO_get_add_lock_callback(void))(int *num, int mount, int lock_num, - const char *file, int line) { - return add_lock_callback; -} - -void CRYPTO_lock(int mode, int lock_num, const char *file, int line) { - if (locking_callback != NULL) { - locking_callback(mode, lock_num, file, line); - } -} - -int CRYPTO_add_lock(int *pointer, int amount, int lock_num, const char *file, - int line) { - int ret = 0; - - if (add_lock_callback != NULL) { - ret = add_lock_callback(pointer, amount, lock_num, file, line); - } else { - CRYPTO_lock(CRYPTO_LOCK | CRYPTO_WRITE, lock_num, file, line); - ret = *pointer + amount; - *pointer = ret; - CRYPTO_lock(CRYPTO_UNLOCK | CRYPTO_WRITE, lock_num, file, line); - } - - return ret; -} - void CRYPTO_set_id_callback(unsigned long (*func)(void)) {} void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *( diff --git a/src/crypto/thread_test.c b/src/crypto/thread_test.c index e028b1b..cecda88 100644 --- a/src/crypto/thread_test.c +++ b/src/crypto/thread_test.c @@ -22,7 +22,7 @@ #if defined(OPENSSL_WINDOWS) #pragma warning(push, 3) -#include +#include #pragma warning(pop) typedef HANDLE thread_t; diff --git a/src/crypto/x509/CMakeLists.txt b/src/crypto/x509/CMakeLists.txt index 96cf35c..3bb5704 100644 --- a/src/crypto/x509/CMakeLists.txt +++ b/src/crypto/x509/CMakeLists.txt @@ -59,6 +59,8 @@ add_executable( pkcs7_test pkcs7_test.c + + $ ) target_link_libraries(pkcs7_test crypto) diff --git a/src/crypto/x509/by_dir.c b/src/crypto/x509/by_dir.c index 098c1bd..34bb1e4 100644 --- a/src/crypto/x509/by_dir.c +++ b/src/crypto/x509/by_dir.c @@ -66,6 +66,8 @@ #include #include +#include "../internal.h" + typedef struct lookup_dir_hashes_st { @@ -262,6 +264,10 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) return 1; } +/* g_ent_hashes_lock protects the |hashes| member of all |BY_DIR_ENTRY| + * objects. */ +static struct CRYPTO_STATIC_MUTEX g_ent_hashes_lock = CRYPTO_STATIC_MUTEX_INIT; + static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, X509_OBJECT *ret) { @@ -337,7 +343,7 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, if (type == X509_LU_CRL && ent->hashes) { htmp.hash = h; - CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE); + CRYPTO_STATIC_MUTEX_lock_read(&g_ent_hashes_lock); if (sk_BY_DIR_HASH_find(ent->hashes, &idx, &htmp)) { hent = sk_BY_DIR_HASH_value(ent->hashes, idx); @@ -348,7 +354,7 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, hent = NULL; k=0; } - CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE); + CRYPTO_STATIC_MUTEX_unlock(&g_ent_hashes_lock); } else { @@ -418,19 +424,19 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, /* we have added it to the cache so now pull * it out again */ - CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); + CRYPTO_MUTEX_lock_write(&xl->store_ctx->objs_lock); tmp = NULL; if (sk_X509_OBJECT_find(xl->store_ctx->objs, &idx, &stmp)) { tmp=sk_X509_OBJECT_value(xl->store_ctx->objs,idx); } - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + CRYPTO_MUTEX_unlock(&xl->store_ctx->objs_lock); /* If a CRL, update the last file suffix added for this */ if (type == X509_LU_CRL) { - CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); + CRYPTO_STATIC_MUTEX_lock_write(&g_ent_hashes_lock); /* Look for entry again in case another thread added * an entry first. */ @@ -445,7 +451,7 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, hent = OPENSSL_malloc(sizeof(BY_DIR_HASH)); if (hent == NULL) { - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + CRYPTO_STATIC_MUTEX_unlock(&g_ent_hashes_lock); ok = 0; goto finish; } @@ -453,7 +459,7 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, hent->suffix = k; if (!sk_BY_DIR_HASH_push(ent->hashes, hent)) { - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + CRYPTO_STATIC_MUTEX_unlock(&g_ent_hashes_lock); OPENSSL_free(hent); ok = 0; goto finish; @@ -462,8 +468,7 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, else if (hent->suffix < k) hent->suffix = k; - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); - + CRYPTO_STATIC_MUTEX_unlock(&g_ent_hashes_lock); } if (tmp != NULL) diff --git a/src/crypto/x509/x509_lu.c b/src/crypto/x509/x509_lu.c index 34ef26e..a662305 100644 --- a/src/crypto/x509/x509_lu.c +++ b/src/crypto/x509/x509_lu.c @@ -64,6 +64,8 @@ #include #include +#include "../internal.h" + X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method) { @@ -186,6 +188,7 @@ X509_STORE *X509_STORE_new(void) return NULL; memset(ret, 0, sizeof(*ret)); ret->objs = sk_X509_OBJECT_new(x509_object_cmp); + CRYPTO_MUTEX_init(&ret->objs_lock); ret->cache = 1; ret->get_cert_methods = sk_X509_LOOKUP_new_null(); @@ -228,7 +231,6 @@ static void cleanup(X509_OBJECT *a) void X509_STORE_free(X509_STORE *vfy) { - int i; size_t j; STACK_OF(X509_LOOKUP) *sk; X509_LOOKUP *lu; @@ -236,18 +238,11 @@ void X509_STORE_free(X509_STORE *vfy) if (vfy == NULL) return; - i=CRYPTO_add(&vfy->references,-1,CRYPTO_LOCK_X509_STORE); -#ifdef REF_PRINT - REF_PRINT("X509_STORE",vfy); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"X509_STORE_free, bad reference count\n"); - abort(); /* ok */ - } -#endif + if (!CRYPTO_refcount_dec_and_test_zero(&vfy->references)) { + return; + } + + CRYPTO_MUTEX_cleanup(&vfy->objs_lock); sk=vfy->get_cert_methods; for (j=0; jobjs_lock); tmp=X509_OBJECT_retrieve_by_subject(ctx->objs,type,name); - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + CRYPTO_MUTEX_unlock(&ctx->objs_lock); if (tmp == NULL || type == X509_LU_CRL) { @@ -356,7 +351,7 @@ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x) obj->type=X509_LU_X509; obj->data.x509=x; - CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); + CRYPTO_MUTEX_lock_write(&ctx->objs_lock); X509_OBJECT_up_ref_count(obj); @@ -369,7 +364,7 @@ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x) } else sk_X509_OBJECT_push(ctx->objs, obj); - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + CRYPTO_MUTEX_unlock(&ctx->objs_lock); return ret; } @@ -389,7 +384,7 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x) obj->type=X509_LU_CRL; obj->data.crl=x; - CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); + CRYPTO_MUTEX_lock_write(&ctx->objs_lock); X509_OBJECT_up_ref_count(obj); @@ -402,7 +397,7 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x) } else sk_X509_OBJECT_push(ctx->objs, obj); - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + CRYPTO_MUTEX_unlock(&ctx->objs_lock); return ret; } @@ -415,7 +410,7 @@ void X509_OBJECT_up_ref_count(X509_OBJECT *a) X509_up_ref(a->data.x509); break; case X509_LU_CRL: - CRYPTO_add(&a->data.crl->references,1,CRYPTO_LOCK_X509_CRL); + CRYPTO_refcount_inc(&a->data.crl->references); break; } } @@ -503,7 +498,7 @@ STACK_OF(X509)* X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm) X509 *x; X509_OBJECT *obj; sk = sk_X509_new_null(); - CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); + CRYPTO_MUTEX_lock_write(&ctx->ctx->objs_lock); idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt); if (idx < 0) { @@ -511,18 +506,18 @@ STACK_OF(X509)* X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm) * objects to cache */ X509_OBJECT xobj; - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + CRYPTO_MUTEX_unlock(&ctx->ctx->objs_lock); if (!X509_STORE_get_by_subject(ctx, X509_LU_X509, nm, &xobj)) { sk_X509_free(sk); return NULL; } X509_OBJECT_free_contents(&xobj); - CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); + CRYPTO_MUTEX_lock_write(&ctx->ctx->objs_lock); idx = x509_object_idx_cnt(ctx->ctx->objs,X509_LU_X509,nm, &cnt); if (idx < 0) { - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + CRYPTO_MUTEX_unlock(&ctx->ctx->objs_lock); sk_X509_free(sk); return NULL; } @@ -533,13 +528,13 @@ STACK_OF(X509)* X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm) x = obj->data.x509; if (!sk_X509_push(sk, X509_up_ref(x))) { - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + CRYPTO_MUTEX_unlock(&ctx->ctx->objs_lock); X509_free(x); sk_X509_pop_free(sk, X509_free); return NULL; } } - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + CRYPTO_MUTEX_unlock(&ctx->ctx->objs_lock); return sk; } @@ -551,24 +546,24 @@ STACK_OF(X509_CRL)* X509_STORE_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm) X509_CRL *x; X509_OBJECT *obj, xobj; sk = sk_X509_CRL_new_null(); - CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); + CRYPTO_MUTEX_lock_write(&ctx->ctx->objs_lock); /* Check cache first */ idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_CRL, nm, &cnt); /* Always do lookup to possibly add new CRLs to cache */ - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + CRYPTO_MUTEX_unlock(&ctx->ctx->objs_lock); if (!X509_STORE_get_by_subject(ctx, X509_LU_CRL, nm, &xobj)) { sk_X509_CRL_free(sk); return NULL; } X509_OBJECT_free_contents(&xobj); - CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); + CRYPTO_MUTEX_lock_write(&ctx->ctx->objs_lock); idx = x509_object_idx_cnt(ctx->ctx->objs,X509_LU_CRL, nm, &cnt); if (idx < 0) { - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + CRYPTO_MUTEX_unlock(&ctx->ctx->objs_lock); sk_X509_CRL_free(sk); return NULL; } @@ -577,16 +572,16 @@ STACK_OF(X509_CRL)* X509_STORE_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm) { obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx); x = obj->data.crl; - CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509_CRL); + CRYPTO_refcount_inc(&x->references); if (!sk_X509_CRL_push(sk, x)) { - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + CRYPTO_MUTEX_unlock(&ctx->ctx->objs_lock); X509_CRL_free(x); sk_X509_CRL_pop_free(sk, X509_CRL_free); return NULL; } } - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + CRYPTO_MUTEX_unlock(&ctx->ctx->objs_lock); return sk; } @@ -667,7 +662,7 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) /* Else find index of first cert accepted by 'check_issued' */ ret = 0; - CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); + CRYPTO_MUTEX_lock_write(&ctx->ctx->objs_lock); idx = X509_OBJECT_idx_by_subject(ctx->ctx->objs, X509_LU_X509, xn); if (idx != -1) /* should be true as we've had at least one match */ { @@ -689,7 +684,7 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) } } } - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); + CRYPTO_MUTEX_unlock(&ctx->ctx->objs_lock); return ret; } diff --git a/src/crypto/x509/x509_vfy.c b/src/crypto/x509/x509_vfy.c index a0cd9fc..2ba9c84 100644 --- a/src/crypto/x509/x509_vfy.c +++ b/src/crypto/x509/x509_vfy.c @@ -273,7 +273,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) OPENSSL_PUT_ERROR(X509, X509_verify_cert, ERR_R_MALLOC_FAILURE); goto end; } - CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509); + CRYPTO_refcount_inc(&xtmp->references); (void)sk_X509_delete_ptr(sktmp,xtmp); ctx->last_untrusted++; x=xtmp; @@ -990,7 +990,7 @@ static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl, *pissuer = best_crl_issuer; *pscore = best_score; *preasons = best_reasons; - CRYPTO_add(&best_crl->references, 1, CRYPTO_LOCK_X509_CRL); + CRYPTO_refcount_inc(&best_crl->references); if (*pdcrl) { X509_CRL_free(*pdcrl); @@ -1097,7 +1097,7 @@ static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pscore, { if (check_crl_time(ctx, delta, 0)) *pscore |= CRL_SCORE_TIME_DELTA; - CRYPTO_add(&delta->references, 1, CRYPTO_LOCK_X509_CRL); + CRYPTO_refcount_inc(&delta->references); *dcrl = delta; return; } diff --git a/src/crypto/x509/x_crl.c b/src/crypto/x509/x_crl.c index aa92fa9..2f41bb1 100644 --- a/src/crypto/x509/x_crl.c +++ b/src/crypto/x509/x_crl.c @@ -65,6 +65,9 @@ #include #include +#include "../internal.h" + + /* Method to handle CRL access. * In general a CRL could be very large (several Mb) and can consume large * amounts of resources if stored in memory by multiple processes. @@ -370,7 +373,7 @@ static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp) DIST_POINT_set_dpname(idp->distpoint, X509_CRL_get_issuer(crl)); } -ASN1_SEQUENCE_ref(X509_CRL, crl_cb, CRYPTO_LOCK_X509_CRL) = { +ASN1_SEQUENCE_ref(X509_CRL, crl_cb) = { ASN1_SIMPLE(X509_CRL, crl, X509_CRL_INFO), ASN1_SIMPLE(X509_CRL, sig_alg, X509_ALGOR), ASN1_SIMPLE(X509_CRL, signature, ASN1_BIT_STRING) @@ -463,6 +466,8 @@ static int crl_revoked_issuer_match(X509_CRL *crl, X509_NAME *nm, } +static struct CRYPTO_STATIC_MUTEX g_crl_sort_lock = CRYPTO_STATIC_MUTEX_INIT; + static int def_crl_lookup(X509_CRL *crl, X509_REVOKED **ret, ASN1_INTEGER *serial, X509_NAME *issuer) { @@ -471,13 +476,22 @@ static int def_crl_lookup(X509_CRL *crl, rtmp.serialNumber = serial; /* Sort revoked into serial number order if not already sorted. * Do this under a lock to avoid race condition. - */ - if (!sk_X509_REVOKED_is_sorted(crl->crl->revoked)) + */ + + CRYPTO_STATIC_MUTEX_lock_read(&g_crl_sort_lock); + const int is_sorted = sk_X509_REVOKED_is_sorted(crl->crl->revoked); + CRYPTO_STATIC_MUTEX_unlock(&g_crl_sort_lock); + + if (!is_sorted) { - CRYPTO_w_lock(CRYPTO_LOCK_X509_CRL); - sk_X509_REVOKED_sort(crl->crl->revoked); - CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL); + CRYPTO_STATIC_MUTEX_lock_write(&g_crl_sort_lock); + if (!sk_X509_REVOKED_is_sorted(crl->crl->revoked)) + { + sk_X509_REVOKED_sort(crl->crl->revoked); + } + CRYPTO_STATIC_MUTEX_unlock(&g_crl_sort_lock); } + if (!sk_X509_REVOKED_find(crl->crl->revoked, &idx, &rtmp)) return 0; /* Need to look for matching name */ diff --git a/src/crypto/x509/x_info.c b/src/crypto/x509/x_info.c index 6807b24..f9e9ab8 100644 --- a/src/crypto/x509/x_info.c +++ b/src/crypto/x509/x_info.c @@ -77,7 +77,6 @@ X509_INFO *X509_INFO_new(void) ret->enc_len=0; ret->enc_data=NULL; - ret->references=1; ret->x509=NULL; ret->crl=NULL; ret->x_pkey=NULL; @@ -86,23 +85,8 @@ X509_INFO *X509_INFO_new(void) void X509_INFO_free(X509_INFO *x) { - int i; - if (x == NULL) return; - i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_X509_INFO); -#ifdef REF_PRINT - REF_PRINT("X509_INFO",x); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"X509_INFO_free, bad reference count\n"); - abort(); - } -#endif - if (x->x509 != NULL) X509_free(x->x509); if (x->crl != NULL) X509_CRL_free(x->crl); if (x->x_pkey != NULL) X509_PKEY_free(x->x_pkey); diff --git a/src/crypto/x509/x_pkey.c b/src/crypto/x509/x_pkey.c index 5acbe5b..5bc6415 100644 --- a/src/crypto/x509/x_pkey.c +++ b/src/crypto/x509/x_pkey.c @@ -73,7 +73,6 @@ X509_PKEY *X509_PKEY_new(void) goto err; } memset(ret, 0, sizeof(X509_PKEY)); - ret->references=1; ret->enc_algor = X509_ALGOR_new(); if (ret->enc_algor == NULL) @@ -91,13 +90,8 @@ err: void X509_PKEY_free(X509_PKEY *x) { - int i; - if (x == NULL) return; - i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_X509_PKEY); - if (i > 0) return; - if (x->enc_algor != NULL) X509_ALGOR_free(x->enc_algor); if (x->enc_pkey != NULL) M_ASN1_OCTET_STRING_free(x->enc_pkey); if (x->dec_pkey != NULL)EVP_PKEY_free(x->dec_pkey); diff --git a/src/crypto/x509/x_pubkey.c b/src/crypto/x509/x_pubkey.c index d6512ae..c2e0863 100644 --- a/src/crypto/x509/x_pubkey.c +++ b/src/crypto/x509/x_pubkey.c @@ -64,6 +64,7 @@ #include #include "../evp/internal.h" +#include "../internal.h" /* Minor tweak to operation: free up EVP_PKEY */ @@ -126,16 +127,25 @@ error: return 0; } +/* g_pubkey_lock is used to protect the initialisation of the |pkey| member of + * |X509_PUBKEY| objects. Really |X509_PUBKEY| should have a |CRYPTO_once_t| + * inside it for this, but |CRYPTO_once_t| is private and |X509_PUBKEY| is + * not. */ +static struct CRYPTO_STATIC_MUTEX g_pubkey_lock = CRYPTO_STATIC_MUTEX_INIT; + EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) { EVP_PKEY *ret=NULL; if (key == NULL) goto error; + CRYPTO_STATIC_MUTEX_lock_read(&g_pubkey_lock); if (key->pkey != NULL) { + CRYPTO_STATIC_MUTEX_unlock(&g_pubkey_lock); return EVP_PKEY_up_ref(key->pkey); } + CRYPTO_STATIC_MUTEX_unlock(&g_pubkey_lock); if (key->public_key == NULL) goto error; @@ -166,17 +176,17 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) } /* Check to see if another thread set key->pkey first */ - CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY); + CRYPTO_STATIC_MUTEX_lock_write(&g_pubkey_lock); if (key->pkey) { - CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); + CRYPTO_STATIC_MUTEX_unlock(&g_pubkey_lock); EVP_PKEY_free(ret); ret = key->pkey; } else { key->pkey = ret; - CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); + CRYPTO_STATIC_MUTEX_unlock(&g_pubkey_lock); } return EVP_PKEY_up_ref(ret); diff --git a/src/crypto/x509/x_req.c b/src/crypto/x509/x_req.c index 8bf4613..3d30129 100644 --- a/src/crypto/x509/x_req.c +++ b/src/crypto/x509/x_req.c @@ -102,7 +102,7 @@ ASN1_SEQUENCE_enc(X509_REQ_INFO, enc, rinf_cb) = { IMPLEMENT_ASN1_FUNCTIONS(X509_REQ_INFO) -ASN1_SEQUENCE_ref(X509_REQ, 0, CRYPTO_LOCK_X509_REQ) = { +ASN1_SEQUENCE_ref(X509_REQ, 0) = { ASN1_SIMPLE(X509_REQ, req_info, X509_REQ_INFO), ASN1_SIMPLE(X509_REQ, sig_alg, X509_ALGOR), ASN1_SIMPLE(X509_REQ, signature, ASN1_BIT_STRING) diff --git a/src/crypto/x509/x_x509.c b/src/crypto/x509/x_x509.c index 234494d..c975dd3 100644 --- a/src/crypto/x509/x_x509.c +++ b/src/crypto/x509/x_x509.c @@ -131,7 +131,7 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, } -ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = { +ASN1_SEQUENCE_ref(X509, x509_cb) = { ASN1_SIMPLE(X509, cert_info, X509_CINF), ASN1_SIMPLE(X509, sig_alg, X509_ALGOR), ASN1_SIMPLE(X509, signature, ASN1_BIT_STRING) @@ -142,7 +142,7 @@ IMPLEMENT_ASN1_DUP_FUNCTION(X509) X509 *X509_up_ref(X509 *x) { - CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509); + CRYPTO_refcount_inc(&x->references); return x; } diff --git a/src/crypto/x509v3/CMakeLists.txt b/src/crypto/x509v3/CMakeLists.txt index ffa5a4a..c7e6054 100644 --- a/src/crypto/x509v3/CMakeLists.txt +++ b/src/crypto/x509v3/CMakeLists.txt @@ -47,6 +47,8 @@ add_executable( v3name_test v3nametest.c + + $ ) target_link_libraries(v3name_test crypto) @@ -55,6 +57,8 @@ add_executable( tab_test tabtest.c + + $ ) target_link_libraries(tab_test crypto) diff --git a/src/crypto/x509v3/pcy_cache.c b/src/crypto/x509v3/pcy_cache.c index 5d59c00..08f20aa 100644 --- a/src/crypto/x509v3/pcy_cache.c +++ b/src/crypto/x509v3/pcy_cache.c @@ -60,6 +60,7 @@ #include #include "pcy_int.h" +#include "../internal.h" static int policy_data_cmp(const X509_POLICY_DATA **a, @@ -243,18 +244,30 @@ void policy_cache_free(X509_POLICY_CACHE *cache) OPENSSL_free(cache); } +/* g_x509_policy_cache_lock is used to protect against concurrent calls to + * |policy_cache_new|. Ideally this would be done with a |CRYPTO_once_t| + * in the |X509| structure, but |CRYPTO_once_t| isn't public. */ +static struct CRYPTO_STATIC_MUTEX g_x509_policy_cache_lock = + CRYPTO_STATIC_MUTEX_INIT; + const X509_POLICY_CACHE *policy_cache_set(X509 *x) { + X509_POLICY_CACHE *cache; - if (x->policy_cache == NULL) - { - CRYPTO_w_lock(CRYPTO_LOCK_X509); - policy_cache_new(x); - CRYPTO_w_unlock(CRYPTO_LOCK_X509); - } + CRYPTO_STATIC_MUTEX_lock_read(&g_x509_policy_cache_lock); + cache = x->policy_cache; + CRYPTO_STATIC_MUTEX_unlock(&g_x509_policy_cache_lock); + + if (cache != NULL) + return cache; - return x->policy_cache; + CRYPTO_STATIC_MUTEX_lock_write(&g_x509_policy_cache_lock); + if (x->policy_cache == NULL) + policy_cache_new(x); + cache = x->policy_cache; + CRYPTO_STATIC_MUTEX_unlock(&g_x509_policy_cache_lock); + return cache; } X509_POLICY_DATA *policy_cache_find_data(const X509_POLICY_CACHE *cache, diff --git a/src/crypto/x509v3/v3_purp.c b/src/crypto/x509v3/v3_purp.c index 3f175c9..8ae8a06 100644 --- a/src/crypto/x509v3/v3_purp.c +++ b/src/crypto/x509v3/v3_purp.c @@ -67,6 +67,8 @@ #include #include +#include "../internal.h" + static void x509v3_cache_extensions(X509 *x); @@ -114,9 +116,7 @@ int X509_check_purpose(X509 *x, int id, int ca) int idx; const X509_PURPOSE *pt; if(!(x->ex_flags & EXFLAG_SET)) { - CRYPTO_w_lock(CRYPTO_LOCK_X509); x509v3_cache_extensions(x); - CRYPTO_w_unlock(CRYPTO_LOCK_X509); } if(id == -1) return 1; idx = X509_PURPOSE_get_by_id(id); @@ -367,6 +367,15 @@ static void setup_crldp(X509 *x) setup_dp(x, sk_DIST_POINT_value(x->crldp, i)); } +/* g_x509_cache_extensions_lock is used to protect against concurrent calls to + * |x509v3_cache_extensions|. Ideally this would be done with a |CRYPTO_once_t| + * in the |X509| structure, but |CRYPTO_once_t| isn't public. + * + * Note: it's not entirely clear whether this lock is needed. Not all paths to + * this function took a lock in OpenSSL. */ +static struct CRYPTO_STATIC_MUTEX g_x509_cache_extensions_lock = + CRYPTO_STATIC_MUTEX_INIT; + static void x509v3_cache_extensions(X509 *x) { BASIC_CONSTRAINTS *bs; @@ -377,7 +386,15 @@ static void x509v3_cache_extensions(X509 *x) X509_EXTENSION *ex; size_t i; int j; - if(x->ex_flags & EXFLAG_SET) return; + + CRYPTO_STATIC_MUTEX_lock_write(&g_x509_cache_extensions_lock); + + if(x->ex_flags & EXFLAG_SET) + { + CRYPTO_STATIC_MUTEX_unlock(&g_x509_cache_extensions_lock); + return; + } + X509_digest(x, EVP_sha1(), x->sha1_hash, NULL); /* V1 should mean no extensions ... */ if(!X509_get_version(x)) x->ex_flags |= EXFLAG_V1; @@ -501,6 +518,8 @@ static void x509v3_cache_extensions(X509 *x) } } x->ex_flags |= EXFLAG_SET; + + CRYPTO_STATIC_MUTEX_unlock(&g_x509_cache_extensions_lock); } /* CA checks common to all purposes @@ -544,9 +563,7 @@ static int check_ca(const X509 *x) int X509_check_ca(X509 *x) { if(!(x->ex_flags & EXFLAG_SET)) { - CRYPTO_w_lock(CRYPTO_LOCK_X509); x509v3_cache_extensions(x); - CRYPTO_w_unlock(CRYPTO_LOCK_X509); } return check_ca(x); diff --git a/src/crypto/x509v3/v3_utl.c b/src/crypto/x509v3/v3_utl.c index d79f0de..77fc65c 100644 --- a/src/crypto/x509v3/v3_utl.c +++ b/src/crypto/x509v3/v3_utl.c @@ -263,7 +263,10 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) /* We are going to modify the line so copy it first */ linebuf = BUF_strdup(line); if (linebuf == NULL) + { + OPENSSL_PUT_ERROR(X509V3, X509V3_parse_list, ERR_R_MALLOC_FAILURE); goto err; + } state = HDR_NAME; ntmp = NULL; /* Go through all characters */ @@ -751,7 +754,7 @@ static const unsigned char *valid_star(const unsigned char *p, size_t len, if (p[i] == '*') { int atstart = (state & LABEL_START); - int atend = (i == len - 1 || p[i+i] == '.'); + int atend = (i == len - 1 || p[i+1] == '.'); /* * At most one wildcard per pattern. * No wildcards in IDNA labels. -- cgit v1.1 From cfb958c9a3369d555e4515a6277be43185af4445 Mon Sep 17 00:00:00 2001 From: Kenny Root Date: Mon, 8 Jun 2015 18:08:33 -0700 Subject: Fix Windows SDK build again Windows SDK doesn't like uppercase includes because of MinGW being used on case-sensitive filesystems. Change-Id: I27ec95f26f105798e0da118d06aa82f003be2878 --- src/crypto/rand/windows.c | 2 +- src/crypto/thread_test.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'src/crypto') diff --git a/src/crypto/rand/windows.c b/src/crypto/rand/windows.c index 7bfcb1d..1a0cb8b 100644 --- a/src/crypto/rand/windows.c +++ b/src/crypto/rand/windows.c @@ -27,7 +27,7 @@ * "Community Additions" comment on MSDN here: * http://msdn.microsoft.com/en-us/library/windows/desktop/aa387694.aspx */ #define SystemFunction036 NTAPI SystemFunction036 -#include +#include #undef SystemFunction036 #pragma warning(pop) diff --git a/src/crypto/thread_test.c b/src/crypto/thread_test.c index cecda88..e028b1b 100644 --- a/src/crypto/thread_test.c +++ b/src/crypto/thread_test.c @@ -22,7 +22,7 @@ #if defined(OPENSSL_WINDOWS) #pragma warning(push, 3) -#include +#include #pragma warning(pop) typedef HANDLE thread_t; -- cgit v1.1 From 56d250321ea9dfa66ea9afa599f12c83a4147c86 Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Tue, 23 Jun 2015 16:20:13 -0700 Subject: Fixes for CVE-2015-1791. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket then a race condition can occur potentially leading to a double free of the ticket data. This change cherry-picks the following BoringSSL changes: b31040d0 – Get rid of CERT_PKEY slots in SESS_CERT. fd67aa8c – Add SSL_SESSION_from_bytes. 95d31825 – Duplicate SSL_SESSIONs when renewing them. d65bb78c – Add SSL_initial_handshake_complete. 680ca961 – Preserve session->sess_cert on ticket renewal. Change-Id: I474065330842e4ab0066b2485c1489a50e4dfd5b --- src/crypto/err/ssl.errordata | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'src/crypto') diff --git a/src/crypto/err/ssl.errordata b/src/crypto/err/ssl.errordata index 4ae0a51..9464c3d 100644 --- a/src/crypto/err/ssl.errordata +++ b/src/crypto/err/ssl.errordata @@ -20,7 +20,11 @@ SSL,function,112,SSL_CTX_use_certificate_ASN1 SSL,function,113,SSL_CTX_use_certificate_chain_file SSL,function,114,SSL_CTX_use_certificate_file SSL,function,115,SSL_CTX_use_psk_identity_hint +SSL,function,280,SSL_SESSION_from_bytes SSL,function,116,SSL_SESSION_new +SSL,function,281,SSL_SESSION_parse +SSL,function,150,SSL_SESSION_parse_octet_string +SSL,function,151,SSL_SESSION_parse_string SSL,function,117,SSL_SESSION_print_fp SSL,function,118,SSL_SESSION_set1_id_context SSL,function,119,SSL_SESSION_to_bytes_full @@ -58,8 +62,6 @@ SSL,function,146,SSL_use_certificate_file SSL,function,147,SSL_use_psk_identity_hint SSL,function,148,SSL_write SSL,function,149,d2i_SSL_SESSION -SSL,function,150,d2i_SSL_SESSION_get_octet_string -SSL,function,151,d2i_SSL_SESSION_get_string SSL,function,152,do_ssl3_write SSL,function,153,dtls1_accept SSL,function,154,dtls1_buffer_record @@ -82,6 +84,7 @@ SSL,function,166,i2d_SSL_SESSION SSL,function,167,ssl3_accept SSL,function,169,ssl3_cert_verify_hash SSL,function,170,ssl3_check_cert_and_algorithm +SSL,function,282,ssl3_check_certificate_for_cipher SSL,function,171,ssl3_connect SSL,function,172,ssl3_ctrl SSL,function,173,ssl3_ctx_ctrl -- cgit v1.1 From 98856d4b9dc1a59a576816dbb097aa9d9e6de47a Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Tue, 23 Jun 2015 16:23:41 -0700 Subject: Fix for CVE-2015-1789. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X509_cmp_time does not properly check the length of the ASN1_TIME string and can read a few bytes out of bounds. In addition, X509_cmp_time accepts an arbitrary number of fractional seconds in the time string. An attacker can use this to craft malformed certificates and CRLs of various sizes and potentially cause a segmentation fault, resulting in a DoS on applications that verify certificates or CRLs. TLS clients that verify CRLs are affected. TLS clients and servers with client authentication enabled may be affected if they use custom verification callbacks. This change cherry-picks the following changes from BoringSSL: d87021d2 – Fix length checks in X509_cmp_time to avoid out-of-bounds reads. Change-Id: Ia7d0c5d889f61a3c4be6ea79a5ab41f67bc3c65c --- src/crypto/x509/x509_vfy.c | 54 ++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 47 insertions(+), 7 deletions(-) (limited to 'src/crypto') diff --git a/src/crypto/x509/x509_vfy.c b/src/crypto/x509/x509_vfy.c index 2ba9c84..f53f279 100644 --- a/src/crypto/x509/x509_vfy.c +++ b/src/crypto/x509/x509_vfy.c @@ -1829,49 +1829,89 @@ int X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time) ASN1_TIME atm; long offset; char buff1[24],buff2[24],*p; - int i,j; + int i, j, remaining; p=buff1; - i=ctm->length; + remaining = ctm->length; str=(char *)ctm->data; + /* Note that the following (historical) code allows much more slack in + * the time format than RFC5280. In RFC5280, the representation is + * fixed: + * UTCTime: YYMMDDHHMMSSZ + * GeneralizedTime: YYYYMMDDHHMMSSZ */ if (ctm->type == V_ASN1_UTCTIME) { - if ((i < 11) || (i > 17)) return 0; + /* YYMMDDHHMM[SS]Z or YYMMDDHHMM[SS](+-)hhmm */ + int min_length = sizeof("YYMMDDHHMMZ") - 1; + int max_length = sizeof("YYMMDDHHMMSS+hhmm") - 1; + if (remaining < min_length || remaining > max_length) + return 0; memcpy(p,str,10); p+=10; str+=10; + remaining -= 10; } else { - if (i < 13) return 0; + /* YYYYMMDDHHMM[SS[.fff]]Z or YYYYMMDDHHMM[SS[.f[f[f]]]](+-)hhmm */ + int min_length = sizeof("YYYYMMDDHHMMZ") - 1; + int max_length = sizeof("YYYYMMDDHHMMSS.fff+hhmm") - 1; + if (remaining < min_length || remaining > max_length) + return 0; memcpy(p,str,12); p+=12; str+=12; + remaining -= 12; } if ((*str == 'Z') || (*str == '-') || (*str == '+')) { *(p++)='0'; *(p++)='0'; } else { + /* SS (seconds) */ + if (remaining < 2) + return 0; *(p++)= *(str++); *(p++)= *(str++); - /* Skip any fractional seconds... */ - if (*str == '.') + remaining -= 2; + /* Skip any (up to three) fractional seconds... + * TODO(emilia): in RFC5280, fractional seconds are forbidden. + * Can we just kill them altogether? */ + if (remaining && *str == '.') { str++; - while ((*str >= '0') && (*str <= '9')) str++; + remaining--; + for (i = 0; i < 3 && remaining; i++, str++, remaining--) + { + if (*str < '0' || *str > '9') + break; + } } } *(p++)='Z'; *(p++)='\0'; + /* We now need either a terminating 'Z' or an offset. */ + if (!remaining) + return 0; if (*str == 'Z') + { + if (remaining != 1) + return 0; offset=0; + } else { + /* (+-)HHMM */ if ((*str != '+') && (*str != '-')) return 0; + /* Historical behaviour: the (+-)hhmm offset is forbidden in RFC5280. */ + if (remaining != 5) + return 0; + if (str[1] < '0' || str[1] > '9' || str[2] < '0' || str[2] > '9' || + str[3] < '0' || str[3] > '9' || str[4] < '0' || str[4] > '9') + return 0; offset=((str[1]-'0')*10+(str[2]-'0'))*60; offset+=(str[3]-'0')*10+(str[4]-'0'); if (*str == '-') -- cgit v1.1 From e0846beeb321f7d3170e4e389950b12fce69ab10 Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Tue, 23 Jun 2015 16:25:33 -0700 Subject: dsa_pub_encode: Write out DSA parameters (p, q, g) in addition to key. This change cherry-picks BoringSSL's e65886a5. Change-Id: I63d5dc280d420b64b658bfd85f180a01adb8a18b --- src/crypto/evp/p_dsa_asn1.c | 22 +++++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) (limited to 'src/crypto') diff --git a/src/crypto/evp/p_dsa_asn1.c b/src/crypto/evp/p_dsa_asn1.c index 0ac7da7..826d4e4 100644 --- a/src/crypto/evp/p_dsa_asn1.c +++ b/src/crypto/evp/p_dsa_asn1.c @@ -129,21 +129,37 @@ err: static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { DSA *dsa; - void *pval = NULL; + ASN1_STRING *pval = NULL; uint8_t *penc = NULL; int penclen; dsa = pkey->pkey.dsa; dsa->write_params = 0; - penclen = i2d_DSAPublicKey(dsa, &penc); + int ptype; + if (dsa->p && dsa->q && dsa->g) { + pval = ASN1_STRING_new(); + if (!pval) { + OPENSSL_PUT_ERROR(EVP, dsa_pub_encode, ERR_R_MALLOC_FAILURE); + goto err; + } + pval->length = i2d_DSAparams(dsa, &pval->data); + if (pval->length <= 0) { + OPENSSL_PUT_ERROR(EVP, dsa_pub_encode, ERR_R_MALLOC_FAILURE); + goto err; + } + ptype = V_ASN1_SEQUENCE; + } else { + ptype = V_ASN1_UNDEF; + } + penclen = i2d_DSAPublicKey(dsa, &penc); if (penclen <= 0) { OPENSSL_PUT_ERROR(EVP, dsa_pub_encode, ERR_R_MALLOC_FAILURE); goto err; } - if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA), V_ASN1_UNDEF, pval, + if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA), ptype, pval, penc, penclen)) { return 1; } -- cgit v1.1 From bd9957e6e28506c4431ce8d3cadbc0a04905b15e Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Tue, 23 Jun 2015 16:28:07 -0700 Subject: Handle RDRAND failures. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit I mistakenly believed that only RDSEED could fail. However, the Intel manuals state that RDRAND can fail too. This change cherry-picks the following BoringSSL changes: 2cac3506 – Handle RDRAND failures. 248abbd7 – Add missing comma in .type pragma for rdrand code. Change-Id: Icdc56a50ce36e9c525063583882c676a5312d313 --- src/crypto/rand/asm/rdrand-x86_64.pl | 52 +++++++++++++++++++++++++++++++++++- src/crypto/rand/hwrand.c | 30 +++++++++++++-------- src/crypto/rand/internal.h | 5 ++-- src/crypto/rand/rand.c | 5 ++-- 4 files changed, 75 insertions(+), 17 deletions(-) (limited to 'src/crypto') diff --git a/src/crypto/rand/asm/rdrand-x86_64.pl b/src/crypto/rand/asm/rdrand-x86_64.pl index a917611..c32a55c 100644 --- a/src/crypto/rand/asm/rdrand-x86_64.pl +++ b/src/crypto/rand/asm/rdrand-x86_64.pl @@ -1,5 +1,19 @@ #!/usr/bin/env perl +# Copyright (c) 2015, Google Inc. +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY +# SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION +# OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN +# CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + $flavour = shift; $output = shift; if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } @@ -14,11 +28,47 @@ open OUT,"| \"$^X\" $xlate $flavour $output"; print<<___; .text +# CRYPTO_rdrand writes eight bytes of random data from the hardware RNG to +# |out|. It returns one on success or zero on hardware failure. +# int CRYPTO_rdrand(uint8_t out[8]); .globl CRYPTO_rdrand .type CRYPTO_rdrand,\@function,1 .align 16 CRYPTO_rdrand: - .byte 0x48, 0x0f, 0xc7, 0xf0 + xorq %rax, %rax + # This is rdrand %rcx. It sets rcx to a random value and sets the carry + # flag on success. + .byte 0x48, 0x0f, 0xc7, 0xf1 + # An add-with-carry of zero effectively sets %rax to the carry flag. + adcq %rax, %rax + movq %rcx, 0(%rdi) + retq + +# CRYPTO_rdrand_multiple8_buf fills |len| bytes at |buf| with random data from +# the hardware RNG. The |len| argument must be a multiple of eight. It returns +# one on success and zero on hardware failure. +# int CRYPTO_rdrand_multiple8_buf(uint8_t *buf, size_t len); +.globl CRYPTO_rdrand_multiple8_buf +.type CRYPTO_rdrand_multiple8_buf,\@function,2 +.align 16 +CRYPTO_rdrand_multiple8_buf: + test %rsi, %rsi + jz .Lout + movq \$8, %rdx +.Lloop: + # This is rdrand %rcx. It sets rcx to a random value and sets the carry + # flag on success. + .byte 0x48, 0x0f, 0xc7, 0xf1 + jnc .Lerr + movq %rcx, 0(%rdi) + addq %rdx, %rdi + subq %rdx, %rsi + jnz .Lloop +.Lout: + movq \$1, %rax + retq +.Lerr: + xorq %rax, %rax retq ___ diff --git a/src/crypto/rand/hwrand.c b/src/crypto/rand/hwrand.c index 73d3de7..5f81f09 100644 --- a/src/crypto/rand/hwrand.c +++ b/src/crypto/rand/hwrand.c @@ -14,6 +14,7 @@ #include +#include #include #include @@ -26,21 +27,28 @@ int CRYPTO_have_hwrand(void) { return (OPENSSL_ia32cap_P[1] & (1u << 30)) != 0; } -/* CRYPTO_rdrand is defined in asm/rdrand-x86_64.pl */ -extern uint64_t CRYPTO_rdrand(void); +/* These functions are defined in asm/rdrand-x86_64.pl */ +extern int CRYPTO_rdrand(uint8_t out[8]); +extern int CRYPTO_rdrand_multiple8_buf(uint8_t *buf, size_t len); -void CRYPTO_hwrand(uint8_t *buf, size_t len) { - while (len >= 8) { - uint64_t rand = CRYPTO_rdrand(); - memcpy(buf, &rand, sizeof(rand)); - len -= sizeof(rand); - buf += sizeof(rand); +int CRYPTO_hwrand(uint8_t *buf, size_t len) { + const size_t len_multiple8 = len & ~7; + if (!CRYPTO_rdrand_multiple8_buf(buf, len_multiple8)) { + return 0; } + len -= len_multiple8; + + if (len != 0) { + assert(len < 8); - if (len > 0) { - uint64_t rand = CRYPTO_rdrand(); - memcpy(buf, &rand, len); + uint8_t rand_buf[8]; + if (!CRYPTO_rdrand(rand_buf)) { + return 0; + } + memcpy(buf + len_multiple8, rand_buf, len); } + + return 1; } #else diff --git a/src/crypto/rand/internal.h b/src/crypto/rand/internal.h index 1cca7f3..5e6ea11 100644 --- a/src/crypto/rand/internal.h +++ b/src/crypto/rand/internal.h @@ -29,8 +29,9 @@ void CRYPTO_sysrand(uint8_t *buf, size_t len); int CRYPTO_have_hwrand(void); /* CRYPTO_hwrand fills |len| bytes at |buf| with entropy from the hardware. - * This function can only be called if |CRYPTO_have_hwrand| returns one. */ -void CRYPTO_hwrand(uint8_t *buf, size_t len); + * This function can only be called if |CRYPTO_have_hwrand| returns one. + * It returns one on success or zero on hardware failure. */ +int CRYPTO_hwrand(uint8_t *buf, size_t len); #if defined(__cplusplus) diff --git a/src/crypto/rand/rand.c b/src/crypto/rand/rand.c index a647b6a..a96ac48 100644 --- a/src/crypto/rand/rand.c +++ b/src/crypto/rand/rand.c @@ -78,7 +78,8 @@ int RAND_bytes(uint8_t *buf, size_t len) { return 1; } - if (!CRYPTO_have_hwrand()) { + if (!CRYPTO_have_hwrand() || + !CRYPTO_hwrand(buf, len)) { /* Without a hardware RNG to save us from address-space duplication, the OS * entropy is used directly. */ CRYPTO_sysrand(buf, len); @@ -108,8 +109,6 @@ int RAND_bytes(uint8_t *buf, size_t len) { state->partial_block_used = sizeof(state->partial_block); } - CRYPTO_hwrand(buf, len); - if (len >= sizeof(state->partial_block)) { size_t remaining = len; while (remaining > 0) { -- cgit v1.1 From 1e4884f615b20946411a74e41eb9c6aa65e2d5f3 Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Thu, 24 Sep 2015 10:57:52 -0700 Subject: external/boringssl: sync with upstream. This change imports the current version of BoringSSL. The only local change now is that |BORINGSSL_201509| is defined in base.h. This allows this change to be made without (hopefully) breaking the build. This change will need https://android-review.googlesource.com/172744 to be landed afterwards to update a test. Change-Id: I6d1f463f7785a2423bd846305af91c973c326104 --- src/crypto/CMakeLists.txt | 7 +- src/crypto/aes/CMakeLists.txt | 11 +- src/crypto/aes/aes_test.cc | 102 ++++ src/crypto/aes/asm/aes-586.pl | 6 +- src/crypto/aes/asm/aes-armv4.pl | 2 +- src/crypto/aes/asm/aesv8-armx.pl | 2 +- src/crypto/aes/asm/bsaes-armv7.pl | 2 +- src/crypto/arm_arch.h | 136 ----- src/crypto/asn1/CMakeLists.txt | 2 +- src/crypto/asn1/a_bitstr.c | 11 +- src/crypto/asn1/a_bool.c | 2 +- src/crypto/asn1/a_bytes.c | 6 +- src/crypto/asn1/a_d2i_fp.c | 24 +- src/crypto/asn1/a_dup.c | 4 +- src/crypto/asn1/a_enum.c | 8 +- src/crypto/asn1/a_gentm.c | 2 +- src/crypto/asn1/a_i2d_fp.c | 10 +- src/crypto/asn1/a_int.c | 12 +- src/crypto/asn1/a_mbstr.c | 20 +- src/crypto/asn1/a_object.c | 22 +- src/crypto/asn1/a_strnid.c | 4 +- src/crypto/asn1/a_time.c | 4 +- src/crypto/asn1/a_utctm.c | 6 +- src/crypto/asn1/asn1_lib.c | 15 +- src/crypto/asn1/asn_pack.c | 8 +- src/crypto/asn1/bio_ndef.c | 2 +- src/crypto/asn1/f_enum.c | 8 +- src/crypto/asn1/f_int.c | 8 +- src/crypto/asn1/f_string.c | 8 +- src/crypto/asn1/tasn_dec.c | 111 ++-- src/crypto/asn1/tasn_new.c | 6 +- src/crypto/asn1/tasn_prn.c | 2 +- src/crypto/asn1/tasn_utl.c | 3 +- src/crypto/asn1/x_long.c | 4 +- src/crypto/base64/CMakeLists.txt | 2 +- src/crypto/bio/CMakeLists.txt | 2 +- src/crypto/bio/bio.c | 14 +- src/crypto/bio/bio_mem.c | 4 +- src/crypto/bio/buffer.c | 2 +- src/crypto/bio/connect.c | 16 +- src/crypto/bio/file.c | 21 +- src/crypto/bio/pair.c | 62 +- src/crypto/bio/printf.c | 2 +- src/crypto/bio/socket_helper.c | 5 +- src/crypto/bn/CMakeLists.txt | 3 +- src/crypto/bn/add.c | 2 +- src/crypto/bn/asm/armv4-mont.pl | 2 +- src/crypto/bn/bn.c | 20 +- src/crypto/bn/bn_asn1.c | 93 +++ src/crypto/bn/bn_test.cc | 376 ++++++++++-- src/crypto/bn/convert.c | 178 ++++-- src/crypto/bn/ctx.c | 6 +- src/crypto/bn/div.c | 6 +- src/crypto/bn/exponentiation.c | 30 +- src/crypto/bn/gcd.c | 32 +- src/crypto/bn/internal.h | 4 +- src/crypto/bn/montgomery.c | 6 + src/crypto/bn/mul.c | 8 +- src/crypto/bn/prime.c | 9 +- src/crypto/bn/random.c | 14 +- src/crypto/bn/rsaz_exp.h | 68 ++- src/crypto/bn/shift.c | 4 +- src/crypto/bn/sqrt.c | 24 +- src/crypto/buf/CMakeLists.txt | 2 +- src/crypto/buf/buf.c | 14 +- src/crypto/bytestring/CMakeLists.txt | 2 +- src/crypto/bytestring/bytestring_test.cc | 13 +- src/crypto/bytestring/cbb.c | 9 + src/crypto/bytestring/cbs.c | 20 +- src/crypto/bytestring/internal.h | 8 - src/crypto/chacha/CMakeLists.txt | 2 +- src/crypto/chacha/chacha_vec_arm.S | 2 + src/crypto/chacha/chacha_vec_arm_generate.go | 4 +- src/crypto/cipher/CMakeLists.txt | 2 +- src/crypto/cipher/aead.c | 15 +- src/crypto/cipher/aead_test.cc | 62 +- src/crypto/cipher/cipher.c | 41 +- src/crypto/cipher/cipher_test.cc | 57 +- src/crypto/cipher/e_aes.c | 108 ++-- src/crypto/cipher/e_chacha20poly1305.c | 22 +- src/crypto/cipher/e_des.c | 78 ++- src/crypto/cipher/e_rc2.c | 27 +- src/crypto/cipher/e_rc4.c | 22 +- src/crypto/cipher/e_ssl3.c | 56 +- src/crypto/cipher/e_tls.c | 56 +- src/crypto/cipher/test/aes_128_gcm_tests.txt | 6 + src/crypto/cipher/test/cipher_test.txt | 60 ++ src/crypto/cmac/CMakeLists.txt | 4 +- src/crypto/cmac/cmac_test.cc | 13 +- src/crypto/conf/CMakeLists.txt | 2 +- src/crypto/conf/conf.c | 64 +- src/crypto/conf/internal.h | 31 + src/crypto/cpu-arm.c | 6 +- src/crypto/cpu-intel.c | 157 ++++- src/crypto/cpu-x86-asm.pl | 334 ---------- src/crypto/cpu-x86_64-asm.pl | 163 ----- src/crypto/crypto.c | 2 +- src/crypto/des/CMakeLists.txt | 2 +- src/crypto/des/des.c | 157 ++--- src/crypto/des/internal.h | 10 +- src/crypto/dh/CMakeLists.txt | 2 +- src/crypto/dh/dh.c | 2 +- src/crypto/dh/dh_impl.c | 14 +- src/crypto/digest/CMakeLists.txt | 2 +- src/crypto/digest/digest.c | 32 +- src/crypto/digest/digests.c | 3 +- src/crypto/digest/internal.h | 17 +- src/crypto/dsa/CMakeLists.txt | 2 +- src/crypto/dsa/dsa.c | 2 +- src/crypto/dsa/dsa_asn1.c | 2 +- src/crypto/dsa/dsa_impl.c | 42 +- src/crypto/ec/CMakeLists.txt | 2 +- src/crypto/ec/ec.c | 127 ++-- src/crypto/ec/ec_asn1.c | 77 ++- src/crypto/ec/ec_key.c | 32 +- src/crypto/ec/ec_montgomery.c | 12 +- src/crypto/ec/oct.c | 59 +- src/crypto/ec/p256-64.c | 26 +- src/crypto/ec/simple.c | 20 +- src/crypto/ec/wnaf.c | 58 +- src/crypto/ecdh/CMakeLists.txt | 2 +- src/crypto/ecdh/ecdh.c | 14 +- src/crypto/ecdsa/CMakeLists.txt | 2 +- src/crypto/ecdsa/ecdsa.c | 119 ++-- src/crypto/ecdsa/ecdsa_asn1.c | 183 ++++-- src/crypto/ecdsa/ecdsa_test.cc | 55 +- src/crypto/engine/CMakeLists.txt | 2 +- src/crypto/err/CMakeLists.txt | 4 +- src/crypto/err/asn1.errordata | 240 +++----- src/crypto/err/bio.errordata | 53 +- src/crypto/err/bn.errordata | 63 +- src/crypto/err/buf.errordata | 4 - src/crypto/err/cipher.errordata | 85 +-- src/crypto/err/conf.errordata | 16 +- src/crypto/err/crypto.errordata | 4 - src/crypto/err/dh.errordata | 12 +- src/crypto/err/digest.errordata | 4 +- src/crypto/err/dsa.errordata | 13 +- src/crypto/err/ec.errordata | 123 +--- src/crypto/err/ecdh.errordata | 7 +- src/crypto/err/ecdsa.errordata | 16 +- src/crypto/err/engine.errordata | 2 +- src/crypto/err/err.c | 132 ++-- src/crypto/err/err_data_generate.go | 32 +- src/crypto/err/err_test.cc | 50 +- src/crypto/err/evp.errordata | 160 ++--- src/crypto/err/hkdf.errordata | 3 +- src/crypto/err/obj.errordata | 6 +- src/crypto/err/pem.errordata | 54 +- src/crypto/err/pkcs8.errordata | 68 +-- src/crypto/err/rsa.errordata | 115 ++-- src/crypto/err/ssl.errordata | 604 +++++++------------ src/crypto/err/x509.errordata | 133 ++-- src/crypto/err/x509v3.errordata | 183 ++---- src/crypto/evp/CMakeLists.txt | 6 +- src/crypto/evp/algorithm.c | 18 +- src/crypto/evp/asn1.c | 167 ----- src/crypto/evp/digestsign.c | 72 +-- src/crypto/evp/evp.c | 53 +- src/crypto/evp/evp_asn1.c | 166 +++++ src/crypto/evp/evp_ctx.c | 77 +-- src/crypto/evp/evp_extra_test.cc | 4 +- src/crypto/evp/evp_test.cc | 64 +- src/crypto/evp/evp_tests.txt | 5 +- src/crypto/evp/internal.h | 69 +-- src/crypto/evp/p_dsa_asn1.c | 44 +- src/crypto/evp/p_ec.c | 52 +- src/crypto/evp/p_ec_asn1.c | 42 +- src/crypto/evp/p_hmac.c | 223 ------- src/crypto/evp/p_hmac_asn1.c | 89 --- src/crypto/evp/p_rsa.c | 49 +- src/crypto/evp/p_rsa_asn1.c | 116 ++-- src/crypto/ex_data.c | 31 +- src/crypto/hkdf/CMakeLists.txt | 2 +- src/crypto/hkdf/hkdf.c | 4 +- src/crypto/hmac/CMakeLists.txt | 2 +- src/crypto/hmac/hmac.c | 2 +- src/crypto/hmac/hmac_tests.txt | 3 - src/crypto/internal.h | 8 +- src/crypto/lhash/CMakeLists.txt | 2 +- src/crypto/lhash/lhash.c | 3 +- src/crypto/md4/CMakeLists.txt | 2 +- src/crypto/md5/CMakeLists.txt | 2 +- src/crypto/md5/md5.c | 3 +- src/crypto/mem.c | 3 +- src/crypto/modes/CMakeLists.txt | 2 +- src/crypto/modes/asm/ghash-armv4.pl | 10 +- src/crypto/modes/asm/ghash-x86.pl | 2 +- src/crypto/modes/asm/ghash-x86_64.pl | 8 +- src/crypto/modes/asm/ghashv8-armx.pl | 24 +- src/crypto/modes/gcm.c | 8 +- src/crypto/modes/gcm_test.c | 16 +- src/crypto/modes/internal.h | 5 - src/crypto/obj/CMakeLists.txt | 2 +- src/crypto/obj/obj.c | 10 +- src/crypto/pem/CMakeLists.txt | 2 +- src/crypto/pem/pem_info.c | 14 +- src/crypto/pem/pem_lib.c | 67 ++- src/crypto/pem/pem_oth.c | 2 +- src/crypto/pem/pem_pk8.c | 10 +- src/crypto/pem/pem_pkey.c | 14 +- src/crypto/perlasm/arm-xlate.pl | 5 + src/crypto/pkcs8/CMakeLists.txt | 9 +- src/crypto/pkcs8/internal.h | 9 + src/crypto/pkcs8/p5_pbe.c | 10 +- src/crypto/pkcs8/p5_pbev2.c | 144 ++++- src/crypto/pkcs8/pkcs8.c | 255 ++++---- src/crypto/pkcs8/pkcs8_test.cc | 91 +++ src/crypto/poly1305/CMakeLists.txt | 11 +- src/crypto/poly1305/poly1305_test.cc | 81 +++ src/crypto/poly1305/poly1305_test.txt | 52 ++ src/crypto/rand/CMakeLists.txt | 2 +- src/crypto/rand/hwrand.c | 21 +- src/crypto/rand/internal.h | 10 +- src/crypto/rand/rand.c | 27 +- src/crypto/rand/urandom.c | 292 ++++----- src/crypto/rc4/CMakeLists.txt | 2 +- src/crypto/rc4/asm/rc4-x86_64.pl | 2 +- src/crypto/rsa/CMakeLists.txt | 4 +- src/crypto/rsa/blinding.c | 24 +- src/crypto/rsa/internal.h | 34 +- src/crypto/rsa/padding.c | 110 ++-- src/crypto/rsa/rsa.c | 143 +++-- src/crypto/rsa/rsa_asn1.c | 421 +++++++++++-- src/crypto/rsa/rsa_impl.c | 311 ++++++++-- src/crypto/rsa/rsa_test.c | 511 ---------------- src/crypto/rsa/rsa_test.cc | 869 +++++++++++++++++++++++++++ src/crypto/sha/CMakeLists.txt | 2 +- src/crypto/sha/asm/sha1-586.pl | 4 +- src/crypto/sha/asm/sha1-armv4-large.pl | 2 +- src/crypto/sha/asm/sha1-armv8.pl | 2 +- src/crypto/sha/asm/sha256-586.pl | 2 +- src/crypto/sha/asm/sha256-armv4.pl | 2 +- src/crypto/sha/asm/sha512-586.pl | 2 +- src/crypto/sha/asm/sha512-armv4.pl | 2 +- src/crypto/sha/asm/sha512-armv8.pl | 2 +- src/crypto/stack/CMakeLists.txt | 2 +- src/crypto/test/CMakeLists.txt | 1 + src/crypto/test/file_test.cc | 1 + src/crypto/test/file_test.h | 8 + src/crypto/test/malloc.cc | 17 +- src/crypto/test/scoped_types.h | 5 + src/crypto/test/test_util.cc | 30 + src/crypto/test/test_util.h | 35 ++ src/crypto/x509/CMakeLists.txt | 3 +- src/crypto/x509/a_digest.c | 2 +- src/crypto/x509/a_sign.c | 4 +- src/crypto/x509/a_verify.c | 10 +- src/crypto/x509/asn1_gen.c | 62 +- src/crypto/x509/by_dir.c | 12 +- src/crypto/x509/by_file.c | 22 +- src/crypto/x509/i2d_pr.c | 2 +- src/crypto/x509/pkcs7.c | 12 +- src/crypto/x509/t_crl.c | 2 +- src/crypto/x509/t_req.c | 246 ++++++++ src/crypto/x509/t_x509.c | 4 +- src/crypto/x509/x509_att.c | 16 +- src/crypto/x509/x509_cmp.c | 6 +- src/crypto/x509/x509_lu.c | 14 +- src/crypto/x509/x509_obj.c | 2 +- src/crypto/x509/x509_r2x.c | 2 +- src/crypto/x509/x509_req.c | 12 +- src/crypto/x509/x509_trs.c | 10 +- src/crypto/x509/x509_v3.c | 8 +- src/crypto/x509/x509_vfy.c | 54 +- src/crypto/x509/x509cset.c | 7 + src/crypto/x509/x509name.c | 8 +- src/crypto/x509/x509spki.c | 12 +- src/crypto/x509/x_all.c | 25 +- src/crypto/x509/x_crl.c | 2 +- src/crypto/x509/x_info.c | 2 +- src/crypto/x509/x_name.c | 6 +- src/crypto/x509/x_pkey.c | 2 +- src/crypto/x509/x_pubkey.c | 20 +- src/crypto/x509/x_x509a.c | 48 +- src/crypto/x509v3/CMakeLists.txt | 6 +- src/crypto/x509v3/tab_test.c | 103 ++++ src/crypto/x509v3/tabtest.c | 103 ---- src/crypto/x509v3/v3_akey.c | 10 +- src/crypto/x509v3/v3_alt.c | 40 +- src/crypto/x509v3/v3_bcons.c | 4 +- src/crypto/x509v3/v3_bitst.c | 6 +- src/crypto/x509v3/v3_conf.c | 26 +- src/crypto/x509v3/v3_cpols.c | 40 +- src/crypto/x509v3/v3_crld.c | 14 +- src/crypto/x509v3/v3_extku.c | 4 +- src/crypto/x509v3/v3_ia5.c | 6 +- src/crypto/x509v3/v3_info.c | 12 +- src/crypto/x509v3/v3_lib.c | 16 +- src/crypto/x509v3/v3_ncons.c | 4 +- src/crypto/x509v3/v3_pci.c | 35 +- src/crypto/x509v3/v3_pcons.c | 6 +- src/crypto/x509v3/v3_pmaps.c | 8 +- src/crypto/x509v3/v3_purp.c | 10 +- src/crypto/x509v3/v3_skey.c | 10 +- src/crypto/x509v3/v3_sxnet.c | 16 +- src/crypto/x509v3/v3_utl.c | 40 +- src/crypto/x509v3/v3name_test.c | 422 +++++++++++++ src/crypto/x509v3/v3nametest.c | 422 ------------- 299 files changed, 7231 insertions(+), 6241 deletions(-) create mode 100644 src/crypto/aes/aes_test.cc delete mode 100644 src/crypto/arm_arch.h create mode 100644 src/crypto/bn/bn_asn1.c create mode 100644 src/crypto/conf/internal.h delete mode 100644 src/crypto/cpu-x86-asm.pl delete mode 100644 src/crypto/cpu-x86_64-asm.pl delete mode 100644 src/crypto/err/buf.errordata delete mode 100644 src/crypto/err/crypto.errordata delete mode 100644 src/crypto/evp/asn1.c create mode 100644 src/crypto/evp/evp_asn1.c delete mode 100644 src/crypto/evp/p_hmac.c delete mode 100644 src/crypto/evp/p_hmac_asn1.c create mode 100644 src/crypto/pkcs8/pkcs8_test.cc create mode 100644 src/crypto/poly1305/poly1305_test.cc create mode 100644 src/crypto/poly1305/poly1305_test.txt delete mode 100644 src/crypto/rsa/rsa_test.c create mode 100644 src/crypto/rsa/rsa_test.cc create mode 100644 src/crypto/test/test_util.cc create mode 100644 src/crypto/test/test_util.h create mode 100644 src/crypto/x509/t_req.c create mode 100644 src/crypto/x509v3/tab_test.c delete mode 100644 src/crypto/x509v3/tabtest.c create mode 100644 src/crypto/x509v3/v3name_test.c delete mode 100644 src/crypto/x509v3/v3nametest.c (limited to 'src/crypto') diff --git a/src/crypto/CMakeLists.txt b/src/crypto/CMakeLists.txt index 6858cbb..3115279 100644 --- a/src/crypto/CMakeLists.txt +++ b/src/crypto/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. ../include) +include_directories(../include) if(APPLE) if (${ARCH} STREQUAL "x86") @@ -57,7 +57,6 @@ if (${ARCH} STREQUAL "x86_64") set( CRYPTO_ARCH_SOURCES - cpu-x86_64-asm.${ASM_EXT} cpu-intel.c ) endif() @@ -66,7 +65,6 @@ if (${ARCH} STREQUAL "x86") set( CRYPTO_ARCH_SOURCES - cpu-x86-asm.${ASM_EXT} cpu-intel.c ) endif() @@ -230,6 +228,3 @@ add_executable( ) target_link_libraries(refcount_test crypto) - -perlasm(cpu-x86_64-asm.${ASM_EXT} cpu-x86_64-asm.pl) -perlasm(cpu-x86-asm.${ASM_EXT} cpu-x86-asm.pl) diff --git a/src/crypto/aes/CMakeLists.txt b/src/crypto/aes/CMakeLists.txt index 490f40a..c82d99a 100644 --- a/src/crypto/aes/CMakeLists.txt +++ b/src/crypto/aes/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) if (${ARCH} STREQUAL "x86_64") set( @@ -60,3 +60,12 @@ perlasm(aesni-x86.${ASM_EXT} asm/aesni-x86.pl) perlasm(aes-armv4.${ASM_EXT} asm/aes-armv4.pl) perlasm(bsaes-armv7.${ASM_EXT} asm/bsaes-armv7.pl) perlasm(aesv8-armx.${ASM_EXT} asm/aesv8-armx.pl) + +add_executable( + aes_test + + aes_test.cc + $ +) + +target_link_libraries(aes_test crypto) diff --git a/src/crypto/aes/aes_test.cc b/src/crypto/aes/aes_test.cc new file mode 100644 index 0000000..e488d81 --- /dev/null +++ b/src/crypto/aes/aes_test.cc @@ -0,0 +1,102 @@ +/* Copyright (c) 2015, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#include +#include + +#include +#include + + +static bool TestAES(const uint8_t *key, size_t key_len, + const uint8_t plaintext[AES_BLOCK_SIZE], + const uint8_t ciphertext[AES_BLOCK_SIZE]) { + AES_KEY aes_key; + if (AES_set_encrypt_key(key, key_len * 8, &aes_key) != 0) { + fprintf(stderr, "AES_set_encrypt_key failed\n"); + return false; + } + + // Test encryption. + uint8_t block[AES_BLOCK_SIZE]; + AES_encrypt(plaintext, block, &aes_key); + if (memcmp(block, ciphertext, AES_BLOCK_SIZE) != 0) { + fprintf(stderr, "AES_encrypt gave the wrong output\n"); + return false; + } + + // Test in-place encryption. + memcpy(block, plaintext, AES_BLOCK_SIZE); + AES_encrypt(block, block, &aes_key); + if (memcmp(block, ciphertext, AES_BLOCK_SIZE) != 0) { + fprintf(stderr, "AES_encrypt gave the wrong output\n"); + return false; + } + + if (AES_set_decrypt_key(key, key_len * 8, &aes_key) != 0) { + fprintf(stderr, "AES_set_decrypt_key failed\n"); + return false; + } + + // Test decryption. + AES_decrypt(ciphertext, block, &aes_key); + if (memcmp(block, plaintext, AES_BLOCK_SIZE) != 0) { + fprintf(stderr, "AES_decrypt gave the wrong output\n"); + return false; + } + + // Test in-place decryption. + memcpy(block, ciphertext, AES_BLOCK_SIZE); + AES_decrypt(block, block, &aes_key); + if (memcmp(block, plaintext, AES_BLOCK_SIZE) != 0) { + fprintf(stderr, "AES_decrypt gave the wrong output\n"); + return false; + } + return true; +} + +int main() { + CRYPTO_library_init(); + + // Test vectors from FIPS-197, Appendix C. + if (!TestAES((const uint8_t *)"\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + 128 / 8, + (const uint8_t *)"\x00\x11\x22\x33\x44\x55\x66\x77" + "\x88\x99\xaa\xbb\xcc\xdd\xee\xff", + (const uint8_t *)"\x69\xc4\xe0\xd8\x6a\x7b\x04\x30" + "\xd8\xcd\xb7\x80\x70\xb4\xc5\x5a") || + !TestAES((const uint8_t *)"\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17", + 192 / 8, + (const uint8_t *)"\x00\x11\x22\x33\x44\x55\x66\x77" + "\x88\x99\xaa\xbb\xcc\xdd\xee\xff", + (const uint8_t *)"\xdd\xa9\x7c\xa4\x86\x4c\xdf\xe0" + "\x6e\xaf\x70\xa0\xec\x0d\x71\x91") || + !TestAES((const uint8_t *)"\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", + 256 / 8, + (const uint8_t *)"\x00\x11\x22\x33\x44\x55\x66\x77" + "\x88\x99\xaa\xbb\xcc\xdd\xee\xff", + (const uint8_t *)"\x8e\xa2\xb7\xca\x51\x67\x45\xbf" + "\xea\xfc\x49\x90\x4b\x49\x60\x89")) { + return false; + } + + printf("PASS\n"); + return 0; +} diff --git a/src/crypto/aes/asm/aes-586.pl b/src/crypto/aes/asm/aes-586.pl index 07fb94c..6e8a6a8 100755 --- a/src/crypto/aes/asm/aes-586.pl +++ b/src/crypto/aes/asm/aes-586.pl @@ -45,7 +45,7 @@ # the undertaken effort was that it appeared that in tight IA-32 # register window little-endian flavor could achieve slightly higher # Instruction Level Parallelism, and it indeed resulted in up to 15% -# better performance on most recent µ-archs... +# better performance on most recent µ-archs... # # Third version adds AES_cbc_encrypt implementation, which resulted in # up to 40% performance imrovement of CBC benchmark results. 40% was @@ -224,7 +224,7 @@ sub _data_word() { my $i; while(defined($i=shift)) { &data_word($i,$i); } } $speed_limit=512; # chunks smaller than $speed_limit are # processed with compact routine in CBC mode $small_footprint=1; # $small_footprint=1 code is ~5% slower [on - # recent µ-archs], but ~5 times smaller! + # recent µ-archs], but ~5 times smaller! # I favor compact code to minimize cache # contention and in hope to "collect" 5% back # in real-life applications... @@ -565,7 +565,7 @@ sub enctransform() # Performance is not actually extraordinary in comparison to pure # x86 code. In particular encrypt performance is virtually the same. # Decrypt performance on the other hand is 15-20% better on newer -# µ-archs [but we're thankful for *any* improvement here], and ~50% +# µ-archs [but we're thankful for *any* improvement here], and ~50% # better on PIII:-) And additionally on the pros side this code # eliminates redundant references to stack and thus relieves/ # minimizes the pressure on the memory bus. diff --git a/src/crypto/aes/asm/aes-armv4.pl b/src/crypto/aes/asm/aes-armv4.pl index 36cd3b6..882017a 100644 --- a/src/crypto/aes/asm/aes-armv4.pl +++ b/src/crypto/aes/asm/aes-armv4.pl @@ -65,7 +65,7 @@ $rounds="r12"; $code=<<___; #if defined(__arm__) #ifndef __KERNEL__ -# include "arm_arch.h" +# include #else # define __ARM_ARCH__ __LINUX_ARM_ARCH__ #endif diff --git a/src/crypto/aes/asm/aesv8-armx.pl b/src/crypto/aes/asm/aesv8-armx.pl index b0916f6..121154a 100644 --- a/src/crypto/aes/asm/aesv8-armx.pl +++ b/src/crypto/aes/asm/aesv8-armx.pl @@ -45,7 +45,7 @@ open OUT,"| \"$^X\" $xlate $flavour $output"; $prefix="aes_v8"; $code=<<___; -#include "arm_arch.h" +#include #if __ARM_MAX_ARCH__>=7 .text diff --git a/src/crypto/aes/asm/bsaes-armv7.pl b/src/crypto/aes/asm/bsaes-armv7.pl index 273f0b9..7fe349a 100644 --- a/src/crypto/aes/asm/bsaes-armv7.pl +++ b/src/crypto/aes/asm/bsaes-armv7.pl @@ -703,7 +703,7 @@ ___ $code.=<<___; #if defined(__arm__) #ifndef __KERNEL__ -# include "arm_arch.h" +# include # define VFP_ABI_PUSH vstmdb sp!,{d8-d15} # define VFP_ABI_POP vldmia sp!,{d8-d15} diff --git a/src/crypto/arm_arch.h b/src/crypto/arm_arch.h deleted file mode 100644 index 0600fbb..0000000 --- a/src/crypto/arm_arch.h +++ /dev/null @@ -1,136 +0,0 @@ -/* ==================================================================== - * Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). */ - -#ifndef OPENSSL_HEADER_ARM_ARCH_H -#define OPENSSL_HEADER_ARM_ARCH_H - -#if !defined(__ARM_ARCH__) -# if defined(__CC_ARM) -# define __ARM_ARCH__ __TARGET_ARCH_ARM -# if defined(__BIG_ENDIAN) -# define __ARMEB__ -# else -# define __ARMEL__ -# endif -# elif defined(__GNUC__) -# if defined(__aarch64__) -# define __ARM_ARCH__ 8 -# if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ -# define __ARMEB__ -# else -# define __ARMEL__ -# endif - /* Why doesn't gcc define __ARM_ARCH__? Instead it defines - * bunch of below macros. See all_architectires[] table in - * gcc/config/arm/arm.c. On a side note it defines - * __ARMEL__/__ARMEB__ for little-/big-endian. */ -# elif defined(__ARM_ARCH) -# define __ARM_ARCH__ __ARM_ARCH -# elif defined(__ARM_ARCH_8A__) -# define __ARM_ARCH__ 8 -# elif defined(__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__) || \ - defined(__ARM_ARCH_7R__)|| defined(__ARM_ARCH_7M__) || \ - defined(__ARM_ARCH_7EM__) -# define __ARM_ARCH__ 7 -# elif defined(__ARM_ARCH_6__) || defined(__ARM_ARCH_6J__) || \ - defined(__ARM_ARCH_6K__)|| defined(__ARM_ARCH_6M__) || \ - defined(__ARM_ARCH_6Z__)|| defined(__ARM_ARCH_6ZK__) || \ - defined(__ARM_ARCH_6T2__) -# define __ARM_ARCH__ 6 -# elif defined(__ARM_ARCH_5__) || defined(__ARM_ARCH_5T__) || \ - defined(__ARM_ARCH_5E__)|| defined(__ARM_ARCH_5TE__) || \ - defined(__ARM_ARCH_5TEJ__) -# define __ARM_ARCH__ 5 -# elif defined(__ARM_ARCH_4__) || defined(__ARM_ARCH_4T__) -# define __ARM_ARCH__ 4 -# else -# error "unsupported ARM architecture" -# endif -# endif -#endif - -/* Even when building for 32-bit ARM, support for aarch64 crypto instructions - * will be included. */ -#define __ARM_MAX_ARCH__ 8 - -#if !__ASSEMBLER__ - -/* OPENSSL_armcap_P contains flags describing the capabilities of the CPU and - * is easy for assembly code to acesss. For C code, see the functions in - * |cpu.h|. */ -extern uint32_t OPENSSL_armcap_P; - -#endif /* !__ASSEMBLER__ */ - -/* ARMV7_NEON is true when a NEON unit is present in the current CPU. */ -#define ARMV7_NEON (1 << 0) - -/* ARMV7_NEON_FUNCTIONAL is true when the NEON unit doesn't contain subtle bugs. - * The Poly1305 NEON code is known to trigger bugs in the NEON units of some - * phones. If this bit isn't set then the Poly1305 NEON code won't be used. - * See https://code.google.com/p/chromium/issues/detail?id=341598. */ -#define ARMV7_NEON_FUNCTIONAL (1 << 10) - -/* ARMV8_AES indicates support for hardware AES instructions. */ -#define ARMV8_AES (1 << 2) - -/* ARMV8_SHA1 indicates support for hardware SHA-1 instructions. */ -#define ARMV8_SHA1 (1 << 3) - -/* ARMV8_SHA256 indicates support for hardware SHA-256 instructions. */ -#define ARMV8_SHA256 (1 << 4) - -/* ARMV8_PMULL indicates support for carryless multiplication. */ -#define ARMV8_PMULL (1 << 5) - - -#endif /* OPENSSL_HEADER_THREAD_H */ diff --git a/src/crypto/asn1/CMakeLists.txt b/src/crypto/asn1/CMakeLists.txt index 283636e..41e3122 100644 --- a/src/crypto/asn1/CMakeLists.txt +++ b/src/crypto/asn1/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( asn1 diff --git a/src/crypto/asn1/a_bitstr.c b/src/crypto/asn1/a_bitstr.c index 8055f0c..8bad339 100644 --- a/src/crypto/asn1/a_bitstr.c +++ b/src/crypto/asn1/a_bitstr.c @@ -125,8 +125,7 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, if (len < 1) { - OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_BIT_STRING, - ASN1_R_STRING_TOO_SHORT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_STRING_TOO_SHORT); goto err; } @@ -141,8 +140,7 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, padding = *(p++); if (padding > 7) { - OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_BIT_STRING, - ASN1_R_INVALID_BIT_STRING_BITS_LEFT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_BIT_STRING_BITS_LEFT); goto err; } @@ -157,8 +155,7 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, s=(unsigned char *)OPENSSL_malloc((int)len); if (s == NULL) { - OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_BIT_STRING, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto err; } memcpy(s,p,(int)len); @@ -209,7 +206,7 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) w+1); if (c == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_BIT_STRING_set_bit, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return 0; } if (w+1-a->length > 0) memset(c+a->length, 0, w+1-a->length); diff --git a/src/crypto/asn1/a_bool.c b/src/crypto/asn1/a_bool.c index c30ee48..826bcf4 100644 --- a/src/crypto/asn1/a_bool.c +++ b/src/crypto/asn1/a_bool.c @@ -107,6 +107,6 @@ int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length) *pp=p; return(ret); err: - OPENSSL_PUT_ERROR(ASN1, d2i_ASN1_BOOLEAN, i); + OPENSSL_PUT_ERROR(ASN1, i); return(ret); } diff --git a/src/crypto/asn1/a_bytes.c b/src/crypto/asn1/a_bytes.c index 8874f48..1904375 100644 --- a/src/crypto/asn1/a_bytes.c +++ b/src/crypto/asn1/a_bytes.c @@ -125,7 +125,7 @@ ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp, *pp=p; return(ret); err: - OPENSSL_PUT_ERROR(ASN1, d2i_ASN1_type_bytes, i); + OPENSSL_PUT_ERROR(ASN1, i); if ((ret != NULL) && ((a == NULL) || (*a != ret))) ASN1_STRING_free(ret); return(NULL); @@ -243,7 +243,7 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp, err: if ((ret != NULL) && ((a == NULL) || (*a != ret))) ASN1_STRING_free(ret); - OPENSSL_PUT_ERROR(ASN1, d2i_ASN1_bytes, i); + OPENSSL_PUT_ERROR(ASN1, i); return(NULL); } @@ -309,7 +309,7 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c) if (os != NULL) ASN1_STRING_free(os); return(1); err: - OPENSSL_PUT_ERROR(ASN1, asn1_collate_primitive, c->error); + OPENSSL_PUT_ERROR(ASN1, c->error); if (os != NULL) ASN1_STRING_free(os); if (b.data != NULL) OPENSSL_free(b.data); return(0); diff --git a/src/crypto/asn1/a_d2i_fp.c b/src/crypto/asn1/a_d2i_fp.c index 6022c74..97ec75b 100644 --- a/src/crypto/asn1/a_d2i_fp.c +++ b/src/crypto/asn1/a_d2i_fp.c @@ -75,7 +75,7 @@ void *ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x) if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_d2i_fp, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(ASN1, ERR_R_BUF_LIB); return(NULL); } BIO_set_fp(b,in,BIO_NOCLOSE); @@ -129,7 +129,7 @@ void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x) if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_d2i_fp, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(ASN1, ERR_R_BUF_LIB); return(NULL); } BIO_set_fp(b,in,BIO_NOCLOSE); @@ -154,7 +154,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) b=BUF_MEM_new(); if (b == NULL) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return -1; } @@ -167,20 +167,20 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) if (len + want < len || !BUF_MEM_grow_clean(b,len+want)) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto err; } i=BIO_read(in,&(b->data[len]),want); if ((i < 0) && ((len-off) == 0)) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ASN1_R_NOT_ENOUGH_DATA); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NOT_ENOUGH_DATA); goto err; } if (i > 0) { if (len+i < len) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ASN1_R_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG); goto err; } len+=i; @@ -211,7 +211,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) eos++; if (eos < 0) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ASN1_R_HEADER_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_HEADER_TOO_LONG); goto err; } want=HEADER_SIZE; @@ -235,12 +235,12 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) if (want > INT_MAX /* BIO_read takes an int length */ || len+want < len) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ASN1_R_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG); goto err; } if (!BUF_MEM_grow_clean(b,len+want)) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto err; } while (want > 0) @@ -248,7 +248,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) i=BIO_read(in,&(b->data[len]),want); if (i <= 0) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ASN1_R_NOT_ENOUGH_DATA); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NOT_ENOUGH_DATA); goto err; } /* This can't overflow because @@ -259,7 +259,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) } if (off + c.slen < off) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ASN1_R_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG); goto err; } off+=c.slen; @@ -274,7 +274,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) if (off > INT_MAX) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ASN1_R_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG); goto err; } diff --git a/src/crypto/asn1/a_dup.c b/src/crypto/asn1/a_dup.c index 8ec1c5f..5e87457 100644 --- a/src/crypto/asn1/a_dup.c +++ b/src/crypto/asn1/a_dup.c @@ -72,7 +72,7 @@ void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x) i=i2d(x,NULL); b=OPENSSL_malloc(i+10); if (b == NULL) - { OPENSSL_PUT_ERROR(ASN1, ASN1_dup, ERR_R_MALLOC_FAILURE); return(NULL); } + { OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return(NULL); } p= b; i=i2d(x,&p); p2= b; @@ -95,7 +95,7 @@ void *ASN1_item_dup(const ASN1_ITEM *it, void *x) i=ASN1_item_i2d(x,&b,it); if (b == NULL) - { OPENSSL_PUT_ERROR(ASN1, ASN1_item_dup, ERR_R_MALLOC_FAILURE); return(NULL); } + { OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return(NULL); } p= b; ret=ASN1_item_d2i(NULL,&p,i, it); OPENSSL_free(b); diff --git a/src/crypto/asn1/a_enum.c b/src/crypto/asn1/a_enum.c index a581a34..579dafd 100644 --- a/src/crypto/asn1/a_enum.c +++ b/src/crypto/asn1/a_enum.c @@ -84,7 +84,7 @@ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v) } if (a->data == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_ENUMERATED_set, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return(0); } d=v; @@ -147,7 +147,7 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai) ret=ai; if (ret == NULL) { - OPENSSL_PUT_ERROR(ASN1, BN_to_ASN1_ENUMERATED, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } if(BN_is_negative(bn)) ret->type = V_ASN1_NEG_ENUMERATED; @@ -159,7 +159,7 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai) unsigned char *new_data=OPENSSL_realloc(ret->data, len+4); if (!new_data) { - OPENSSL_PUT_ERROR(ASN1, BN_to_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto err; } ret->data=new_data; @@ -177,7 +177,7 @@ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn) BIGNUM *ret; if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL) - OPENSSL_PUT_ERROR(ASN1, ASN1_ENUMERATED_to_BN, ASN1_R_BN_LIB); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_BN_LIB); else if(ai->type == V_ASN1_NEG_ENUMERATED) BN_set_negative(ret,1); return(ret); } diff --git a/src/crypto/asn1/a_gentm.c b/src/crypto/asn1/a_gentm.c index be093a4..7cb18a9 100644 --- a/src/crypto/asn1/a_gentm.c +++ b/src/crypto/asn1/a_gentm.c @@ -239,7 +239,7 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s, p=OPENSSL_malloc(len); if (p == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_GENERALIZEDTIME_adj, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return(NULL); } if (s->data != NULL) diff --git a/src/crypto/asn1/a_i2d_fp.c b/src/crypto/asn1/a_i2d_fp.c index 11e40d3..74ded78 100644 --- a/src/crypto/asn1/a_i2d_fp.c +++ b/src/crypto/asn1/a_i2d_fp.c @@ -67,7 +67,7 @@ int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x) if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_i2d_fp, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(ASN1, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,out,BIO_NOCLOSE); @@ -76,7 +76,7 @@ int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x) return(ret); } -int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x) +int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, void *x) { char *b; unsigned char *p; @@ -86,7 +86,7 @@ int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x) b=(char *)OPENSSL_malloc(n); if (b == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_i2d_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return(0); } @@ -116,7 +116,7 @@ int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x) if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_i2d_fp, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(ASN1, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,out,BIO_NOCLOSE); @@ -133,7 +133,7 @@ int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x) n = ASN1_item_i2d(x, &b, it); if (b == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_i2d_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return(0); } diff --git a/src/crypto/asn1/a_int.c b/src/crypto/asn1/a_int.c index 2ecccc5..9a56534 100644 --- a/src/crypto/asn1/a_int.c +++ b/src/crypto/asn1/a_int.c @@ -257,7 +257,7 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, *pp=pend; return(ret); err: - OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_INTEGER, i); + OPENSSL_PUT_ERROR(ASN1, i); if ((ret != NULL) && ((a == NULL) || (*a != ret))) M_ASN1_INTEGER_free(ret); return(NULL); @@ -327,7 +327,7 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, *pp=p; return(ret); err: - OPENSSL_PUT_ERROR(ASN1, d2i_ASN1_UINTEGER, i); + OPENSSL_PUT_ERROR(ASN1, i); if ((ret != NULL) && ((a == NULL) || (*a != ret))) M_ASN1_INTEGER_free(ret); return(NULL); @@ -350,7 +350,7 @@ int ASN1_INTEGER_set(ASN1_INTEGER *a, long v) } if (a->data == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_INTEGER_set, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return(0); } d=v; @@ -413,7 +413,7 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai) ret=ai; if (ret == NULL) { - OPENSSL_PUT_ERROR(ASN1, BN_to_ASN1_INTEGER, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } if (BN_is_negative(bn) && !BN_is_zero(bn)) @@ -426,7 +426,7 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai) unsigned char *new_data=OPENSSL_realloc(ret->data, len+4); if (!new_data) { - OPENSSL_PUT_ERROR(ASN1, BN_to_ASN1_INTEGER, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto err; } ret->data=new_data; @@ -449,7 +449,7 @@ BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn) BIGNUM *ret; if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL) - OPENSSL_PUT_ERROR(ASN1, ASN1_INTEGER_to_BN, ASN1_R_BN_LIB); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_BN_LIB); else if(ai->type == V_ASN1_NEG_INTEGER) BN_set_negative(ret, 1); return(ret); diff --git a/src/crypto/asn1/a_mbstr.c b/src/crypto/asn1/a_mbstr.c index 9abe659..42806d1 100644 --- a/src/crypto/asn1/a_mbstr.c +++ b/src/crypto/asn1/a_mbstr.c @@ -108,7 +108,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, case MBSTRING_BMP: if(len & 1) { - OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ASN1_R_INVALID_BMPSTRING_LENGTH); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_BMPSTRING_LENGTH); return -1; } nchar = len >> 1; @@ -116,7 +116,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, case MBSTRING_UNIV: if(len & 3) { - OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH); return -1; } nchar = len >> 2; @@ -127,7 +127,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, /* This counts the characters and does utf8 syntax checking */ ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar); if(ret < 0) { - OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ASN1_R_INVALID_UTF8STRING); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_UTF8STRING); return -1; } break; @@ -137,19 +137,19 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, break; default: - OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ASN1_R_UNKNOWN_FORMAT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNKNOWN_FORMAT); return -1; } if((minsize > 0) && (nchar < minsize)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ASN1_R_STRING_TOO_SHORT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_STRING_TOO_SHORT); BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize); ERR_add_error_data(2, "minsize=", strbuf); return -1; } if((maxsize > 0) && (nchar > maxsize)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ASN1_R_STRING_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_STRING_TOO_LONG); BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize); ERR_add_error_data(2, "maxsize=", strbuf); return -1; @@ -157,7 +157,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, /* Now work out minimal type (if any) */ if(traverse_string(in, len, inform, type_str, &mask) < 0) { - OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ASN1_R_ILLEGAL_CHARACTERS); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_CHARACTERS); return -1; } @@ -191,7 +191,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, free_out = 1; dest = ASN1_STRING_type_new(str_type); if(!dest) { - OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return -1; } *out = dest; @@ -199,7 +199,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, /* If both the same type just copy across */ if(inform == outform) { if(!ASN1_STRING_set(dest, in, len)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return -1; } return str_type; @@ -230,7 +230,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, } if(!(p = OPENSSL_malloc(outlen + 1))) { if(free_out) ASN1_STRING_free(dest); - OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return -1; } dest->length = outlen; diff --git a/src/crypto/asn1/a_object.c b/src/crypto/asn1/a_object.c index 189886c..6ddfca9 100644 --- a/src/crypto/asn1/a_object.c +++ b/src/crypto/asn1/a_object.c @@ -106,13 +106,13 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) } else { - OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_FIRST_NUM_TOO_LARGE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_FIRST_NUM_TOO_LARGE); goto err; } if (num <= 0) { - OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_MISSING_SECOND_NUMBER); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_SECOND_NUMBER); goto err; } c= *(p++); @@ -122,7 +122,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) if (num <= 0) break; if ((c != '.') && (c != ' ')) { - OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_INVALID_SEPARATOR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_SEPARATOR); goto err; } l=0; @@ -136,7 +136,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) break; if ((c < '0') || (c > '9')) { - OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_INVALID_DIGIT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_DIGIT); goto err; } if (!use_bn && l >= ((ULONG_MAX - 80) / 10L)) @@ -160,7 +160,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) { if ((first < 2) && (l >= 40)) { - OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_SECOND_NUMBER_TOO_LARGE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_SECOND_NUMBER_TOO_LARGE); goto err; } if (use_bn) @@ -204,7 +204,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) { if (len+i > olen) { - OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_BUFFER_TOO_SMALL); goto err; } while (--i > 0) @@ -280,7 +280,7 @@ ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, if(ret) *pp = p; return ret; err: - OPENSSL_PUT_ERROR(ASN1, d2i_ASN1_OBJECT, i); + OPENSSL_PUT_ERROR(ASN1, i); return(NULL); } @@ -300,7 +300,7 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, if (len <= 0 || len > INT_MAX || pp == NULL || (p = *pp) == NULL || p[len - 1] & 0x80) { - OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_OBJECT_ENCODING); return NULL; } /* Now 0 < len <= INT_MAX, so the cast is safe. */ @@ -309,7 +309,7 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, { if (*p == 0x80 && (!i || !(p[-1] & 0x80))) { - OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_OBJECT_ENCODING); return NULL; } } @@ -350,7 +350,7 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, *pp=p; return(ret); err: - OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_OBJECT, i); + OPENSSL_PUT_ERROR(ASN1, i); if ((ret != NULL) && ((a == NULL) || (*a != ret))) ASN1_OBJECT_free(ret); return(NULL); @@ -363,7 +363,7 @@ ASN1_OBJECT *ASN1_OBJECT_new(void) ret=(ASN1_OBJECT *)OPENSSL_malloc(sizeof(ASN1_OBJECT)); if (ret == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_OBJECT_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return(NULL); } ret->length=0; diff --git a/src/crypto/asn1/a_strnid.c b/src/crypto/asn1/a_strnid.c index df849e1..d4316f7 100644 --- a/src/crypto/asn1/a_strnid.c +++ b/src/crypto/asn1/a_strnid.c @@ -215,13 +215,13 @@ int ASN1_STRING_TABLE_add(int nid, flags &= ~STABLE_FLAGS_MALLOC; if(!stable) stable = sk_ASN1_STRING_TABLE_new(sk_table_cmp); if(!stable) { - OPENSSL_PUT_ERROR(ASN1, ASN1_STRING_TABLE_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return 0; } if(!(tmp = ASN1_STRING_TABLE_get(nid))) { tmp = OPENSSL_malloc(sizeof(ASN1_STRING_TABLE)); if(!tmp) { - OPENSSL_PUT_ERROR(ASN1, ASN1_STRING_TABLE_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return 0; } tmp->flags = flags | STABLE_FLAGS_MALLOC; diff --git a/src/crypto/asn1/a_time.c b/src/crypto/asn1/a_time.c index e02e858..ac2cb48 100644 --- a/src/crypto/asn1/a_time.c +++ b/src/crypto/asn1/a_time.c @@ -85,7 +85,7 @@ int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp) if(a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME) return(i2d_ASN1_bytes((ASN1_STRING *)a,pp, a->type ,V_ASN1_UNIVERSAL)); - OPENSSL_PUT_ERROR(ASN1, XXX, ASN1_R_EXPECTING_A_TIME); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_EXPECTING_A_TIME); return -1; } #endif @@ -105,7 +105,7 @@ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, ts=OPENSSL_gmtime(&t,&data); if (ts == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_TIME_adj, ASN1_R_ERROR_GETTING_TIME); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ERROR_GETTING_TIME); return NULL; } if (offset_day || offset_sec) diff --git a/src/crypto/asn1/a_utctm.c b/src/crypto/asn1/a_utctm.c index 52b010f..dbbbecb 100644 --- a/src/crypto/asn1/a_utctm.c +++ b/src/crypto/asn1/a_utctm.c @@ -81,12 +81,12 @@ ASN1_UTCTIME *d2i_ASN1_UTCTIME(ASN1_UTCTIME **a, unsigned char **pp, V_ASN1_UTCTIME,V_ASN1_UNIVERSAL); if (ret == NULL) { - OPENSSL_PUT_ERROR(ASN1, XXX, ERR_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ERR_R_NESTED_ASN1_ERROR); return(NULL); } if (!ASN1_UTCTIME_check(ret)) { - OPENSSL_PUT_ERROR(ASN1, XXX, ASN1_R_INVALID_TIME_FORMAT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_TIME_FORMAT); goto err; } @@ -257,7 +257,7 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, p=OPENSSL_malloc(len); if (p == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_UTCTIME_adj, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto err; } if (s->data != NULL) diff --git a/src/crypto/asn1/asn1_lib.c b/src/crypto/asn1/asn1_lib.c index 9aa2678..a109749 100644 --- a/src/crypto/asn1/asn1_lib.c +++ b/src/crypto/asn1/asn1_lib.c @@ -69,17 +69,10 @@ OPENSSL_DECLARE_ERROR_REASON(ASN1, MALLOC_FAILURE); /* Cross-module errors from crypto/x509/i2d_pr.c */ -OPENSSL_DECLARE_ERROR_FUNCTION(ASN1, i2d_PrivateKey); OPENSSL_DECLARE_ERROR_REASON(ASN1, UNSUPPORTED_PUBLIC_KEY_TYPE); /* Cross-module errors from crypto/x509/asn1_gen.c. * TODO(davidben): Remove these once asn1_gen.c is gone. */ -OPENSSL_DECLARE_ERROR_FUNCTION(ASN1, ASN1_generate_v3); -OPENSSL_DECLARE_ERROR_FUNCTION(ASN1, asn1_cb); -OPENSSL_DECLARE_ERROR_FUNCTION(ASN1, parse_tagging); -OPENSSL_DECLARE_ERROR_FUNCTION(ASN1, append_exp); -OPENSSL_DECLARE_ERROR_FUNCTION(ASN1, asn1_str2type); -OPENSSL_DECLARE_ERROR_FUNCTION(ASN1, bitstr_cb); OPENSSL_DECLARE_ERROR_REASON(ASN1, DEPTH_EXCEEDED); OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_BITSTRING_FORMAT); OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_BOOLEAN); @@ -183,7 +176,7 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, #endif if (*plength > (omax - (p - *pp))) { - OPENSSL_PUT_ERROR(ASN1, ASN1_get_object, ASN1_R_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG); /* Set this so that even if things are not long enough * the values are set correctly */ ret|=0x80; @@ -191,7 +184,7 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, *pp=p; return(ret|inf); err: - OPENSSL_PUT_ERROR(ASN1, ASN1_get_object, ASN1_R_HEADER_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_HEADER_TOO_LONG); return(0x80); } @@ -433,7 +426,7 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len) if (str->data == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_STRING_set, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); str->data=c; return(0); } @@ -469,7 +462,7 @@ ASN1_STRING *ASN1_STRING_type_new(int type) ret=(ASN1_STRING *)OPENSSL_malloc(sizeof(ASN1_STRING)); if (ret == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_STRING_type_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return(NULL); } ret->length=0; diff --git a/src/crypto/asn1/asn_pack.c b/src/crypto/asn1/asn_pack.c index ee58fa5..e842a10 100644 --- a/src/crypto/asn1/asn_pack.c +++ b/src/crypto/asn1/asn_pack.c @@ -68,7 +68,7 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct) if (!oct || !*oct) { if (!(octmp = ASN1_STRING_new ())) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_pack, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return NULL; } if (oct) *oct = octmp; @@ -80,11 +80,11 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct) } if (!(octmp->length = ASN1_item_i2d(obj, &octmp->data, it))) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_pack, ASN1_R_ENCODE_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ENCODE_ERROR); return NULL; } if (!octmp->data) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_pack, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return NULL; } return octmp; @@ -99,6 +99,6 @@ void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it) p = oct->data; if(!(ret = ASN1_item_d2i(NULL, &p, oct->length, it))) - OPENSSL_PUT_ERROR(ASN1, ASN1_item_unpack, ASN1_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_DECODE_ERROR); return ret; } diff --git a/src/crypto/asn1/bio_ndef.c b/src/crypto/asn1/bio_ndef.c index 2f7105d..f07d3de 100644 --- a/src/crypto/asn1/bio_ndef.c +++ b/src/crypto/asn1/bio_ndef.c @@ -112,7 +112,7 @@ BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it) if (!aux || !aux->asn1_cb) { - OPENSSL_PUT_ERROR(ASN1, BIO_new_NDEF, ASN1_R_STREAMING_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_STREAMING_NOT_SUPPORTED); return NULL; } ndef_aux = OPENSSL_malloc(sizeof(NDEF_SUPPORT)); diff --git a/src/crypto/asn1/f_enum.c b/src/crypto/asn1/f_enum.c index 530afe5..bcdb773 100644 --- a/src/crypto/asn1/f_enum.c +++ b/src/crypto/asn1/f_enum.c @@ -144,7 +144,7 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size) i-=again; if (i%2 != 0) { - OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_ENUMERATED, ASN1_R_ODD_NUMBER_OF_CHARS); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ODD_NUMBER_OF_CHARS); goto err; } i/=2; @@ -158,7 +158,7 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size) (unsigned int)num+i*2); if (sp == NULL) { - OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto err; } s=sp; @@ -177,7 +177,7 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size) m=m-'A'+10; else { - OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_ENUMERATED, ASN1_R_NON_HEX_CHARACTERS); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NON_HEX_CHARACTERS); goto err; } s[num+j]<<=4; @@ -197,7 +197,7 @@ err: if (0) { err_sl: - OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_ENUMERATED, ASN1_R_SHORT_LINE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_SHORT_LINE); } if (s != NULL) OPENSSL_free(s); diff --git a/src/crypto/asn1/f_int.c b/src/crypto/asn1/f_int.c index 2c4fe6f..5186304 100644 --- a/src/crypto/asn1/f_int.c +++ b/src/crypto/asn1/f_int.c @@ -149,7 +149,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size) i-=again; if (i%2 != 0) { - OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_INTEGER, ASN1_R_ODD_NUMBER_OF_CHARS); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ODD_NUMBER_OF_CHARS); goto err; } i/=2; @@ -162,7 +162,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size) sp=OPENSSL_realloc_clean(s,slen,num+i*2); if (sp == NULL) { - OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_INTEGER, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto err; } s=sp; @@ -181,7 +181,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size) m=m-'A'+10; else { - OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_INTEGER, ASN1_R_NON_HEX_CHARACTERS); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NON_HEX_CHARACTERS); goto err; } s[num+j]<<=4; @@ -201,7 +201,7 @@ err: if (0) { err_sl: - OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_INTEGER, ASN1_R_SHORT_LINE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_SHORT_LINE); } if (s != NULL) OPENSSL_free(s); diff --git a/src/crypto/asn1/f_string.c b/src/crypto/asn1/f_string.c index 2f53670..5a7fe36 100644 --- a/src/crypto/asn1/f_string.c +++ b/src/crypto/asn1/f_string.c @@ -142,7 +142,7 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size) i-=again; if (i%2 != 0) { - OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_STRING, ASN1_R_ODD_NUMBER_OF_CHARS); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ODD_NUMBER_OF_CHARS); goto err; } i/=2; @@ -156,7 +156,7 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size) (unsigned int)num+i*2); if (sp == NULL) { - OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_STRING, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto err; } s=sp; @@ -175,7 +175,7 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size) m=m-'A'+10; else { - OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_STRING, ASN1_R_NON_HEX_CHARACTERS); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NON_HEX_CHARACTERS); goto err; } s[num+j]<<=4; @@ -195,7 +195,7 @@ err: if (0) { err_sl: - OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_STRING, ASN1_R_SHORT_LINE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_SHORT_LINE); } if (s != NULL) OPENSSL_free(s); diff --git a/src/crypto/asn1/tasn_dec.c b/src/crypto/asn1/tasn_dec.c index 73d3bb3..507a842 100644 --- a/src/crypto/asn1/tasn_dec.c +++ b/src/crypto/asn1/tasn_dec.c @@ -189,7 +189,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, */ if ((tag != -1) || opt) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE); goto err; } return asn1_template_ex_d2i(pval, in, len, @@ -206,7 +206,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, &p, len, -1, 0, 1, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } @@ -215,7 +215,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, { /* If OPTIONAL, assume this is OK */ if (opt) return -1; - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_MSTRING_NOT_UNIVERSAL); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_MSTRING_NOT_UNIVERSAL); goto err; } /* Check tag matches bit map */ @@ -224,7 +224,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, /* If OPTIONAL, assume this is OK */ if (opt) return -1; - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_MSTRING_WRONG_TAG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_MSTRING_WRONG_TAG); goto err; } return asn1_d2i_ex_primitive(pval, in, len, @@ -255,7 +255,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, &p, len, exptag, aclass, 1, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } if (ret == -1) @@ -283,7 +283,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, imphack = *wp; if (p == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } *wp = (unsigned char)((*p & V_ASN1_CONSTRUCTED) @@ -298,7 +298,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, if (ptmpval) return 1; - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; @@ -320,7 +320,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, } else if (!ASN1_item_ex_new(pval, it)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } /* CHOICE type, try each possibility in turn */ @@ -340,7 +340,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, break; /* Otherwise must be an ASN1 parsing error */ errtt = tt; - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } @@ -354,7 +354,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, ASN1_item_ex_free(pval, it); return -1; } - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NO_MATCHING_CHOICE_TYPE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NO_MATCHING_CHOICE_TYPE); goto err; } @@ -380,7 +380,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, &p, len, tag, aclass, opt, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } else if (ret == -1) @@ -394,13 +394,13 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, else seq_nolen = seq_eoc; if (!cst) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_SEQUENCE_NOT_CONSTRUCTED); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_SEQUENCE_NOT_CONSTRUCTED); goto err; } if (!*pval && !ASN1_item_ex_new(pval, it)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } @@ -437,7 +437,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, { if (!seq_eoc) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_UNEXPECTED_EOC); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNEXPECTED_EOC); goto err; } len -= p - q; @@ -479,13 +479,13 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, /* Check for EOC if expecting one */ if (seq_eoc && !asn1_check_eoc(&p, len)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_MISSING_EOC); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_EOC); goto err; } /* Check all data read */ if (!seq_nolen && len) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_SEQUENCE_LENGTH_MISMATCH); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_SEQUENCE_LENGTH_MISMATCH); goto err; } @@ -508,7 +508,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, else { errtt = seqtt; - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_FIELD_MISSING); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_FIELD_MISSING); goto err; } } @@ -524,7 +524,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, return 0; } auxerr: - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_AUX_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_AUX_ERROR); err: ASN1_item_ex_free(pval, it); if (errtt) @@ -569,21 +569,21 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val, q = p; if (!ret) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); return 0; } else if (ret == -1) return -1; if (!cst) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_ex_d2i, ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED); return 0; } /* We've found the field so it can't be OPTIONAL now */ ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); return 0; } /* We read the field in OK so update length */ @@ -593,7 +593,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val, /* If NDEF we must have an EOC here */ if (!asn1_check_eoc(&p, len)) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_ex_d2i, ASN1_R_MISSING_EOC); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_EOC); goto err; } } @@ -603,7 +603,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val, * an error */ if (len) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_ex_d2i, ASN1_R_EXPLICIT_LENGTH_MISMATCH); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_EXPLICIT_LENGTH_MISMATCH); goto err; } } @@ -659,7 +659,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, &p, len, sktag, skaclass, opt, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_noexp_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); return 0; } else if (ret == -1) @@ -682,7 +682,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, if (!*val) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_noexp_d2i, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto err; } @@ -696,7 +696,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, { if (!sk_eoc) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_noexp_d2i, ASN1_R_UNEXPECTED_EOC); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNEXPECTED_EOC); goto err; } len -= p - q; @@ -708,20 +708,20 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx)) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_noexp_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } len -= p - q; if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val, skfield)) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_noexp_d2i, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto err; } } if (sk_eoc) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_noexp_d2i, ASN1_R_MISSING_EOC); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_EOC); goto err; } } @@ -732,7 +732,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_noexp_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } else if (ret == -1) @@ -745,7 +745,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, -1, 0, opt, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_noexp_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } else if (ret == -1) @@ -775,7 +775,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, long len; if (!pval) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_ex_primitive, ASN1_R_ILLEGAL_NULL); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_NULL); return 0; /* Should never happen */ } @@ -793,12 +793,12 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char oclass; if (tag >= 0) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_ex_primitive, ASN1_R_ILLEGAL_TAGGED_ANY); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_TAGGED_ANY); return 0; } if (opt) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_ex_primitive, ASN1_R_ILLEGAL_OPTIONAL_ANY); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_OPTIONAL_ANY); return 0; } p = *in; @@ -806,7 +806,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, &p, inlen, -1, 0, 0, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_ex_primitive, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); return 0; } if (oclass != V_ASN1_UNIVERSAL) @@ -823,7 +823,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, &p, inlen, tag, aclass, opt, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_ex_primitive, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); return 0; } else if (ret == -1) @@ -843,7 +843,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, /* SEQUENCE and SET must be constructed */ else if (!cst) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_ex_primitive, ASN1_R_TYPE_NOT_CONSTRUCTED); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_TYPE_NOT_CONSTRUCTED); return 0; } @@ -869,8 +869,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, || utype == V_ASN1_ENUMERATED) { /* These types only have primitive encodings. */ - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_ex_primitive, - ASN1_R_TYPE_NOT_PRIMITIVE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_TYPE_NOT_PRIMITIVE); return 0; } @@ -892,7 +891,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, /* Append a final null to string */ if (!BUF_MEM_grow_clean(&buf, len + 1)) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_ex_primitive, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return 0; } buf.data[len] = 0; @@ -960,7 +959,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, case V_ASN1_NULL: if (len) { - OPENSSL_PUT_ERROR(ASN1, asn1_ex_c2i, ASN1_R_NULL_IS_WRONG_LENGTH); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NULL_IS_WRONG_LENGTH); goto err; } *pval = (ASN1_VALUE *)1; @@ -969,7 +968,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, case V_ASN1_BOOLEAN: if (len != 1) { - OPENSSL_PUT_ERROR(ASN1, asn1_ex_c2i, ASN1_R_BOOLEAN_IS_WRONG_LENGTH); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_BOOLEAN_IS_WRONG_LENGTH); goto err; } else @@ -1016,12 +1015,12 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, default: if (utype == V_ASN1_BMPSTRING && (len & 1)) { - OPENSSL_PUT_ERROR(ASN1, asn1_ex_c2i, ASN1_R_BMPSTRING_IS_WRONG_LENGTH); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_BMPSTRING_IS_WRONG_LENGTH); goto err; } if (utype == V_ASN1_UNIVERSALSTRING && (len & 3)) { - OPENSSL_PUT_ERROR(ASN1, asn1_ex_c2i, ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH); goto err; } /* All based on ASN1_STRING and handled the same */ @@ -1030,7 +1029,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, stmp = ASN1_STRING_type_new(utype); if (!stmp) { - OPENSSL_PUT_ERROR(ASN1, asn1_ex_c2i, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto err; } *pval = (ASN1_VALUE *)stmp; @@ -1053,7 +1052,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, { if (!ASN1_STRING_set(stmp, cont, len)) { - OPENSSL_PUT_ERROR(ASN1, asn1_ex_c2i, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); ASN1_STRING_free(stmp); *pval = NULL; goto err; @@ -1115,7 +1114,7 @@ static int asn1_find_end(const unsigned char **in, long len, char inf) if(!asn1_check_tlen(&plen, NULL, NULL, &inf, NULL, &p, len, -1, 0, 0, NULL)) { - OPENSSL_PUT_ERROR(ASN1, asn1_find_end, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); return 0; } if (inf) @@ -1126,7 +1125,7 @@ static int asn1_find_end(const unsigned char **in, long len, char inf) } if (expected_eoc) { - OPENSSL_PUT_ERROR(ASN1, asn1_find_end, ASN1_R_MISSING_EOC); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_EOC); return 0; } *in = p; @@ -1173,7 +1172,7 @@ static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, * constructed form */ if (!inf) { - OPENSSL_PUT_ERROR(ASN1, asn1_collect, ASN1_R_UNEXPECTED_EOC); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNEXPECTED_EOC); return 0; } inf = 0; @@ -1183,7 +1182,7 @@ static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, if (!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p, len, tag, aclass, 0, NULL)) { - OPENSSL_PUT_ERROR(ASN1, asn1_collect, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); return 0; } @@ -1192,7 +1191,7 @@ static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, { if (depth >= ASN1_MAX_STRING_NEST) { - OPENSSL_PUT_ERROR(ASN1, asn1_collect, ASN1_R_NESTED_ASN1_STRING); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_STRING); return 0; } if (!asn1_collect(buf, &p, plen, ininf, tag, aclass, @@ -1205,7 +1204,7 @@ static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, } if (inf) { - OPENSSL_PUT_ERROR(ASN1, asn1_collect, ASN1_R_MISSING_EOC); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_EOC); return 0; } *in = p; @@ -1220,7 +1219,7 @@ static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen) len = buf->length; if (!BUF_MEM_grow_clean(buf, len + plen)) { - OPENSSL_PUT_ERROR(ASN1, collect_data, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return 0; } memcpy(buf->data + len, *p, plen); @@ -1288,7 +1287,7 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, */ if (!(i & 0x81) && ((plen + ctx->hdrlen) > len)) { - OPENSSL_PUT_ERROR(ASN1, asn1_check_tlen, ASN1_R_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG); asn1_tlc_clear(ctx); return 0; } @@ -1297,7 +1296,7 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, if (i & 0x80) { - OPENSSL_PUT_ERROR(ASN1, asn1_check_tlen, ASN1_R_BAD_OBJECT_HEADER); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_BAD_OBJECT_HEADER); asn1_tlc_clear(ctx); return 0; } @@ -1310,7 +1309,7 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, */ if (opt) return -1; asn1_tlc_clear(ctx); - OPENSSL_PUT_ERROR(ASN1, asn1_check_tlen, ASN1_R_WRONG_TAG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_WRONG_TAG); return 0; } /* We have a tag and class match: diff --git a/src/crypto/asn1/tasn_new.c b/src/crypto/asn1/tasn_new.c index 6d69dcb..c68fe06 100644 --- a/src/crypto/asn1/tasn_new.c +++ b/src/crypto/asn1/tasn_new.c @@ -209,7 +209,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, return 1; memerr: - OPENSSL_PUT_ERROR(ASN1, asn1_item_ex_combine_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); ASN1_item_ex_free(pval, it); #ifdef CRYPTO_MDEBUG if (it->sname) CRYPTO_pop_info(); @@ -217,7 +217,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, return 0; auxerr: - OPENSSL_PUT_ERROR(ASN1, asn1_item_ex_combine_new, ASN1_R_AUX_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_AUX_ERROR); ASN1_item_ex_free(pval, it); #ifdef CRYPTO_MDEBUG if (it->sname) CRYPTO_pop_info(); @@ -289,7 +289,7 @@ int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) skval = sk_ASN1_VALUE_new_null(); if (!skval) { - OPENSSL_PUT_ERROR(ASN1, ASN1_template_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); ret = 0; goto done; } diff --git a/src/crypto/asn1/tasn_prn.c b/src/crypto/asn1/tasn_prn.c index df19ff0..6a097a1 100644 --- a/src/crypto/asn1/tasn_prn.c +++ b/src/crypto/asn1/tasn_prn.c @@ -88,7 +88,7 @@ ASN1_PCTX *ASN1_PCTX_new(void) ret = OPENSSL_malloc(sizeof(ASN1_PCTX)); if (ret == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_PCTX_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return NULL; } ret->flags = 0; diff --git a/src/crypto/asn1/tasn_utl.c b/src/crypto/asn1/tasn_utl.c index ff3764e..960cdbb 100644 --- a/src/crypto/asn1/tasn_utl.c +++ b/src/crypto/asn1/tasn_utl.c @@ -260,8 +260,7 @@ const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, err: /* FIXME: should log the value or OID of unsupported type */ if (nullerr) { - OPENSSL_PUT_ERROR(ASN1, asn1_do_adb, - ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE); } return NULL; } diff --git a/src/crypto/asn1/x_long.c b/src/crypto/asn1/x_long.c index 5c2f96e..7b1a6fe 100644 --- a/src/crypto/asn1/x_long.c +++ b/src/crypto/asn1/x_long.c @@ -150,7 +150,7 @@ static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, unsigned long utmp = 0; char *cp = (char *)pval; if(len > (int)sizeof(long)) { - OPENSSL_PUT_ERROR(ASN1, long_c2i, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG); return 0; } /* Is it negative? */ @@ -168,7 +168,7 @@ static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, ltmp = -ltmp; } if(ltmp == it->size) { - OPENSSL_PUT_ERROR(ASN1, long_c2i, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG); return 0; } memcpy(cp, <mp, sizeof(long)); diff --git a/src/crypto/base64/CMakeLists.txt b/src/crypto/base64/CMakeLists.txt index 42037a5..f1dba6c 100644 --- a/src/crypto/base64/CMakeLists.txt +++ b/src/crypto/base64/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( base64 diff --git a/src/crypto/bio/CMakeLists.txt b/src/crypto/bio/CMakeLists.txt index dbf5951..8de090a 100644 --- a/src/crypto/bio/CMakeLists.txt +++ b/src/crypto/bio/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( bio diff --git a/src/crypto/bio/bio.c b/src/crypto/bio/bio.c index 5ac5911..4bc98ba 100644 --- a/src/crypto/bio/bio.c +++ b/src/crypto/bio/bio.c @@ -90,7 +90,7 @@ static int bio_set(BIO *bio, const BIO_METHOD *method) { BIO *BIO_new(const BIO_METHOD *method) { BIO *ret = OPENSSL_malloc(sizeof(BIO)); if (ret == NULL) { - OPENSSL_PUT_ERROR(BIO, BIO_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BIO, ERR_R_MALLOC_FAILURE); return NULL; } @@ -153,7 +153,7 @@ static int bio_io(BIO *bio, void *buf, int len, size_t method_offset, } if (io_func == NULL) { - OPENSSL_PUT_ERROR(BIO, bio_io, BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return -2; } @@ -165,7 +165,7 @@ static int bio_io(BIO *bio, void *buf, int len, size_t method_offset, } if (!bio->init) { - OPENSSL_PUT_ERROR(BIO, bio_io, BIO_R_UNINITIALIZED); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNINITIALIZED); return -2; } @@ -217,7 +217,7 @@ long BIO_ctrl(BIO *bio, int cmd, long larg, void *parg) { } if (bio->method == NULL || bio->method->ctrl == NULL) { - OPENSSL_PUT_ERROR(BIO, BIO_ctrl, BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return -2; } @@ -323,7 +323,7 @@ long BIO_callback_ctrl(BIO *bio, int cmd, bio_info_cb fp) { } if (bio->method == NULL || bio->method->callback_ctrl == NULL) { - OPENSSL_PUT_ERROR(BIO, BIO_callback_ctrl, BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return 0; } @@ -462,6 +462,10 @@ void BIO_print_errors(BIO *bio) { ERR_print_errors_cb(print_bio, bio); } +void ERR_print_errors(BIO *bio) { + BIO_print_errors(bio); +} + /* bio_read_all reads everything from |bio| and prepends |prefix| to it. On * success, |*out| is set to an allocated buffer (which should be freed with * |OPENSSL_free|), |*out_len| is set to its length and one is returned. The diff --git a/src/crypto/bio/bio_mem.c b/src/crypto/bio/bio_mem.c index f3aad6f..ef56111 100644 --- a/src/crypto/bio/bio_mem.c +++ b/src/crypto/bio/bio_mem.c @@ -70,7 +70,7 @@ BIO *BIO_new_mem_buf(void *buf, int len) { const size_t size = len < 0 ? strlen((char *)buf) : (size_t)len; if (!buf && len != 0) { - OPENSSL_PUT_ERROR(BIO, BIO_new_mem_buf, BIO_R_NULL_PARAMETER); + OPENSSL_PUT_ERROR(BIO, BIO_R_NULL_PARAMETER); return NULL; } @@ -167,7 +167,7 @@ static int mem_write(BIO *bio, const char *in, int inl) { b = (BUF_MEM *)bio->ptr; if (bio->flags & BIO_FLAGS_MEM_RDONLY) { - OPENSSL_PUT_ERROR(BIO, mem_write, BIO_R_WRITE_TO_READ_ONLY_BIO); + OPENSSL_PUT_ERROR(BIO, BIO_R_WRITE_TO_READ_ONLY_BIO); goto err; } diff --git a/src/crypto/bio/buffer.c b/src/crypto/bio/buffer.c index 3fc0685..9d0cb3c 100644 --- a/src/crypto/bio/buffer.c +++ b/src/crypto/bio/buffer.c @@ -406,7 +406,7 @@ static long buffer_ctrl(BIO *b, int cmd, long num, void *ptr) { return ret; malloc_error: - OPENSSL_PUT_ERROR(BIO, buffer_ctrl, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BIO, ERR_R_MALLOC_FAILURE); return 0; } diff --git a/src/crypto/bio/connect.c b/src/crypto/bio/connect.c index 32361bf..2ed2def 100644 --- a/src/crypto/bio/connect.c +++ b/src/crypto/bio/connect.c @@ -142,7 +142,7 @@ static int conn_state(BIO *bio, BIO_CONNECT *c) { case BIO_CONN_S_BEFORE: p = c->param_hostname; if (p == NULL) { - OPENSSL_PUT_ERROR(BIO, conn_state, BIO_R_NO_HOSTNAME_SPECIFIED); + OPENSSL_PUT_ERROR(BIO, BIO_R_NO_HOSTNAME_SPECIFIED); goto exit_loop; } for (; *p != 0; p++) { @@ -167,7 +167,7 @@ static int conn_state(BIO *bio, BIO_CONNECT *c) { } if (c->param_port == NULL) { - OPENSSL_PUT_ERROR(BIO, conn_state, BIO_R_NO_PORT_SPECIFIED); + OPENSSL_PUT_ERROR(BIO, BIO_R_NO_PORT_SPECIFIED); ERR_add_error_data(2, "host=", c->param_hostname); goto exit_loop; } @@ -175,7 +175,7 @@ static int conn_state(BIO *bio, BIO_CONNECT *c) { if (!bio_ip_and_port_to_socket_and_addr( &bio->num, &c->them, &c->them_length, c->param_hostname, c->param_port)) { - OPENSSL_PUT_ERROR(BIO, conn_state, BIO_R_UNABLE_TO_CREATE_SOCKET); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNABLE_TO_CREATE_SOCKET); ERR_add_error_data(4, "host=", c->param_hostname, ":", c->param_port); goto exit_loop; } @@ -185,7 +185,7 @@ static int conn_state(BIO *bio, BIO_CONNECT *c) { if (c->nbio) { if (!bio_socket_nbio(bio->num, 1)) { - OPENSSL_PUT_ERROR(BIO, conn_state, BIO_R_ERROR_SETTING_NBIO); + OPENSSL_PUT_ERROR(BIO, BIO_R_ERROR_SETTING_NBIO); ERR_add_error_data(4, "host=", c->param_hostname, ":", c->param_port); goto exit_loop; @@ -197,7 +197,7 @@ static int conn_state(BIO *bio, BIO_CONNECT *c) { sizeof(i)); if (ret < 0) { OPENSSL_PUT_SYSTEM_ERROR(setsockopt); - OPENSSL_PUT_ERROR(BIO, conn_state, BIO_R_KEEPALIVE); + OPENSSL_PUT_ERROR(BIO, BIO_R_KEEPALIVE); ERR_add_error_data(4, "host=", c->param_hostname, ":", c->param_port); goto exit_loop; } @@ -211,7 +211,7 @@ static int conn_state(BIO *bio, BIO_CONNECT *c) { bio->retry_reason = BIO_RR_CONNECT; } else { OPENSSL_PUT_SYSTEM_ERROR(connect); - OPENSSL_PUT_ERROR(BIO, conn_state, BIO_R_CONNECT_ERROR); + OPENSSL_PUT_ERROR(BIO, BIO_R_CONNECT_ERROR); ERR_add_error_data(4, "host=", c->param_hostname, ":", c->param_port); } @@ -232,7 +232,7 @@ static int conn_state(BIO *bio, BIO_CONNECT *c) { } else { BIO_clear_retry_flags(bio); OPENSSL_PUT_SYSTEM_ERROR(connect); - OPENSSL_PUT_ERROR(BIO, conn_state, BIO_R_NBIO_CONNECT_ERROR); + OPENSSL_PUT_ERROR(BIO, BIO_R_NBIO_CONNECT_ERROR); ERR_add_error_data(4, "host=", c->param_hostname, ":", c->param_port); ret = 0; } @@ -464,7 +464,7 @@ static long conn_ctrl(BIO *bio, int cmd, long num, void *ptr) { break; case BIO_CTRL_SET_CALLBACK: { #if 0 /* FIXME: Should this be used? -- Richard Levitte */ - OPENSSL_PUT_ERROR(BIO, XXX, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(BIO, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); ret = -1; #else ret = 0; diff --git a/src/crypto/bio/file.c b/src/crypto/bio/file.c index 7f57aad..2d3ccfe 100644 --- a/src/crypto/bio/file.c +++ b/src/crypto/bio/file.c @@ -88,7 +88,7 @@ #define BIO_FP_APPEND 0x08 static FILE *open_file(const char *filename, const char *mode) { -#if defined(_WIN32) && defined(CP_UTF8) +#if defined(OPENSSL_WINDOWS) && defined(CP_UTF8) int sz, len_0 = (int)strlen(filename) + 1; DWORD flags; @@ -133,9 +133,9 @@ BIO *BIO_new_file(const char *filename, const char *mode) { ERR_add_error_data(5, "fopen('", filename, "','", mode, "')"); if (errno == ENOENT) { - OPENSSL_PUT_ERROR(BIO, BIO_new_file, BIO_R_NO_SUCH_FILE); + OPENSSL_PUT_ERROR(BIO, BIO_R_NO_SUCH_FILE); } else { - OPENSSL_PUT_ERROR(BIO, BIO_new_file, BIO_R_SYS_LIB); + OPENSSL_PUT_ERROR(BIO, BIO_R_SYS_LIB); } return NULL; } @@ -182,20 +182,19 @@ static int file_free(BIO *bio) { } static int file_read(BIO *b, char *out, int outl) { - int ret = 0; - if (!b->init) { return 0; } - ret = fread(out, 1, outl, (FILE *)b->ptr); + size_t ret = fread(out, 1, outl, (FILE *)b->ptr); if (ret == 0 && ferror((FILE *)b->ptr)) { OPENSSL_PUT_SYSTEM_ERROR(fread); - OPENSSL_PUT_ERROR(BIO, file_read, ERR_R_SYS_LIB); - ret = -1; + OPENSSL_PUT_ERROR(BIO, ERR_R_SYS_LIB); + return -1; } - return ret; + /* fread reads at most |outl| bytes, so |ret| fits in an int. */ + return (int)ret; } static int file_write(BIO *b, const char *in, int inl) { @@ -253,7 +252,7 @@ static long file_ctrl(BIO *b, int cmd, long num, void *ptr) { } else if (num & BIO_FP_READ) { BUF_strlcpy(p, "r", sizeof(p)); } else { - OPENSSL_PUT_ERROR(BIO, file_ctrl, BIO_R_BAD_FOPEN_MODE); + OPENSSL_PUT_ERROR(BIO, BIO_R_BAD_FOPEN_MODE); ret = 0; break; } @@ -261,7 +260,7 @@ static long file_ctrl(BIO *b, int cmd, long num, void *ptr) { if (fp == NULL) { OPENSSL_PUT_SYSTEM_ERROR(fopen); ERR_add_error_data(5, "fopen('", ptr, "','", p, "')"); - OPENSSL_PUT_ERROR(BIO, file_ctrl, ERR_R_SYS_LIB); + OPENSSL_PUT_ERROR(BIO, ERR_R_SYS_LIB); ret = 0; break; } diff --git a/src/crypto/bio/pair.c b/src/crypto/bio/pair.c index cc55950..6f78890 100644 --- a/src/crypto/bio/pair.c +++ b/src/crypto/bio/pair.c @@ -181,27 +181,25 @@ int BIO_zero_copy_get_read_buf(BIO* bio, uint8_t** out_read_buf, BIO_clear_retry_flags(bio); if (!bio->init) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf, BIO_R_UNINITIALIZED); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNINITIALIZED); return 0; } b = bio->ptr; if (!b || !b->peer) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf, - BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return 0; } peer_b = b->peer->ptr; if (!peer_b || !peer_b->peer || peer_b->peer->ptr != b) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf, - BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return 0; } if (peer_b->zero_copy_read_lock) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf, BIO_R_INVALID_ARGUMENT); + OPENSSL_PUT_ERROR(BIO, BIO_R_INVALID_ARGUMENT); return 0; } @@ -229,37 +227,32 @@ int BIO_zero_copy_get_read_buf_done(BIO* bio, size_t bytes_read) { assert(BIO_get_retry_flags(bio) == 0); if (!bio->init) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf_done, - BIO_R_UNINITIALIZED); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNINITIALIZED); return 0; } b = bio->ptr; if (!b || !b->peer) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf_done, - BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return 0; } peer_b = b->peer->ptr; if (!peer_b || !peer_b->peer || peer_b->peer->ptr != b) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf_done, - BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return 0; } if (!peer_b->zero_copy_read_lock) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf_done, - BIO_R_INVALID_ARGUMENT); + OPENSSL_PUT_ERROR(BIO, BIO_R_INVALID_ARGUMENT); return 0; } max_available = bio_zero_copy_get_read_buf(peer_b, &dummy_read_buf, &dummy_read_offset); if (bytes_read > max_available) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf_done, - BIO_R_INVALID_ARGUMENT); + OPENSSL_PUT_ERROR(BIO, BIO_R_INVALID_ARGUMENT); return 0; } @@ -318,35 +311,33 @@ int BIO_zero_copy_get_write_buf(BIO* bio, uint8_t** out_write_buf, BIO_clear_retry_flags(bio); if (!bio->init) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf, BIO_R_UNINITIALIZED); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNINITIALIZED); return 0; } b = bio->ptr; if (!b || !b->buf || !b->peer) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf, - BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return 0; } peer_b = b->peer->ptr; if (!peer_b || !peer_b->peer || peer_b->peer->ptr != b) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf, - BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return 0; } assert(b->buf != NULL); if (b->zero_copy_write_lock) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf, BIO_R_INVALID_ARGUMENT); + OPENSSL_PUT_ERROR(BIO, BIO_R_INVALID_ARGUMENT); return 0; } b->request = 0; if (b->closed) { /* Bio is already closed. */ - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf, BIO_R_BROKEN_PIPE); + OPENSSL_PUT_ERROR(BIO, BIO_R_BROKEN_PIPE); return 0; } @@ -369,43 +360,38 @@ int BIO_zero_copy_get_write_buf_done(BIO* bio, size_t bytes_written) { uint8_t* dummy_write_buf; if (!bio->init) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf_done, - BIO_R_UNINITIALIZED); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNINITIALIZED); return 0; } b = bio->ptr; if (!b || !b->buf || !b->peer) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf_done, - BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return 0; } peer_b = b->peer->ptr; if (!peer_b || !peer_b->peer || peer_b->peer->ptr != b) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf_done, - BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return 0; } b->request = 0; if (b->closed) { /* BIO is already closed. */ - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf_done, BIO_R_BROKEN_PIPE); + OPENSSL_PUT_ERROR(BIO, BIO_R_BROKEN_PIPE); return 0; } if (!b->zero_copy_write_lock) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf_done, - BIO_R_INVALID_ARGUMENT); + OPENSSL_PUT_ERROR(BIO, BIO_R_INVALID_ARGUMENT); return 0; } rest = bio_zero_copy_get_write_buf(b, &dummy_write_buf, &dummy_write_offset); if (bytes_written > rest) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf_done, - BIO_R_INVALID_ARGUMENT); + OPENSSL_PUT_ERROR(BIO, BIO_R_INVALID_ARGUMENT); return 0; } @@ -525,7 +511,7 @@ static int bio_write(BIO *bio, const char *buf, int num_) { b->request = 0; if (b->closed) { /* we already closed */ - OPENSSL_PUT_ERROR(BIO, bio_write, BIO_R_BROKEN_PIPE); + OPENSSL_PUT_ERROR(BIO, BIO_R_BROKEN_PIPE); return -1; } @@ -590,7 +576,7 @@ static int bio_make_pair(BIO* bio1, BIO* bio2, b2 = bio2->ptr; if (b1->peer != NULL || b2->peer != NULL) { - OPENSSL_PUT_ERROR(BIO, bio_make_pair, BIO_R_IN_USE); + OPENSSL_PUT_ERROR(BIO, BIO_R_IN_USE); return 0; } @@ -605,7 +591,7 @@ static int bio_make_pair(BIO* bio1, BIO* bio2, b1->buf_externally_allocated = 0; b1->buf = OPENSSL_malloc(b1->size); if (b1->buf == NULL) { - OPENSSL_PUT_ERROR(BIO, bio_make_pair, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BIO, ERR_R_MALLOC_FAILURE); return 0; } } else { @@ -624,7 +610,7 @@ static int bio_make_pair(BIO* bio1, BIO* bio2, b2->buf_externally_allocated = 0; b2->buf = OPENSSL_malloc(b2->size); if (b2->buf == NULL) { - OPENSSL_PUT_ERROR(BIO, bio_make_pair, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BIO, ERR_R_MALLOC_FAILURE); return 0; } } else { diff --git a/src/crypto/bio/printf.c b/src/crypto/bio/printf.c index f51b396..2f5ae4a 100644 --- a/src/crypto/bio/printf.c +++ b/src/crypto/bio/printf.c @@ -95,7 +95,7 @@ int BIO_printf(BIO *bio, const char *format, ...) { out = OPENSSL_malloc(requested_len + 1); out_malloced = 1; if (out == NULL) { - OPENSSL_PUT_ERROR(BIO, BIO_printf, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BIO, ERR_R_MALLOC_FAILURE); return -1; } va_start(args, format); diff --git a/src/crypto/bio/socket_helper.c b/src/crypto/bio/socket_helper.c index b1cdd1a..01f635e 100644 --- a/src/crypto/bio/socket_helper.c +++ b/src/crypto/bio/socket_helper.c @@ -12,7 +12,8 @@ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -#define _POSIX_SOURCE +#undef _POSIX_C_SOURCE +#define _POSIX_C_SOURCE 200112L #include #include @@ -50,7 +51,7 @@ int bio_ip_and_port_to_socket_and_addr(int *out_sock, ret = getaddrinfo(hostname, port_str, &hint, &result); if (ret != 0) { - OPENSSL_PUT_ERROR(SYS, getaddrinfo, 0); + OPENSSL_PUT_ERROR(SYS, 0); ERR_add_error_data(1, gai_strerror(ret)); return 0; } diff --git a/src/crypto/bn/CMakeLists.txt b/src/crypto/bn/CMakeLists.txt index 2e0cb45..232e40a 100644 --- a/src/crypto/bn/CMakeLists.txt +++ b/src/crypto/bn/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) if (${ARCH} STREQUAL "x86_64") set( @@ -39,6 +39,7 @@ add_library( add.c asm/x86_64-gcc.c bn.c + bn_asn1.c cmp.c convert.c ctx.c diff --git a/src/crypto/bn/add.c b/src/crypto/bn/add.c index 1c6b2d7..a043d83 100644 --- a/src/crypto/bn/add.c +++ b/src/crypto/bn/add.c @@ -267,7 +267,7 @@ int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) { if (dif < 0) /* hmm... should not be happening */ { - OPENSSL_PUT_ERROR(BN, BN_usub, BN_R_ARG2_LT_ARG3); + OPENSSL_PUT_ERROR(BN, BN_R_ARG2_LT_ARG3); return 0; } diff --git a/src/crypto/bn/asm/armv4-mont.pl b/src/crypto/bn/asm/armv4-mont.pl index 0f1b6a9..4206fd8 100644 --- a/src/crypto/bn/asm/armv4-mont.pl +++ b/src/crypto/bn/asm/armv4-mont.pl @@ -79,7 +79,7 @@ $_n0="$num,#14*4"; $_num="$num,#15*4"; $_bpend=$_num; $code=<<___; -#include "arm_arch.h" +#include .text .code 32 diff --git a/src/crypto/bn/bn.c b/src/crypto/bn/bn.c index f32d6b0..b342749 100644 --- a/src/crypto/bn/bn.c +++ b/src/crypto/bn/bn.c @@ -69,7 +69,7 @@ BIGNUM *BN_new(void) { BIGNUM *bn = OPENSSL_malloc(sizeof(BIGNUM)); if (bn == NULL) { - OPENSSL_PUT_ERROR(BN, BN_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); return NULL; } @@ -279,26 +279,26 @@ void BN_set_negative(BIGNUM *bn, int sign) { } } -BIGNUM *bn_wexpand(BIGNUM *bn, unsigned words) { +BIGNUM *bn_wexpand(BIGNUM *bn, size_t words) { BN_ULONG *a; - if (words <= (unsigned) bn->dmax) { + if (words <= (size_t)bn->dmax) { return bn; } if (words > (INT_MAX / (4 * BN_BITS2))) { - OPENSSL_PUT_ERROR(BN, bn_wexpand, BN_R_BIGNUM_TOO_LONG); + OPENSSL_PUT_ERROR(BN, BN_R_BIGNUM_TOO_LONG); return NULL; } if (bn->flags & BN_FLG_STATIC_DATA) { - OPENSSL_PUT_ERROR(BN, bn_wexpand, BN_R_EXPAND_ON_STATIC_BIGNUM_DATA); + OPENSSL_PUT_ERROR(BN, BN_R_EXPAND_ON_STATIC_BIGNUM_DATA); return NULL; } a = (BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG) * words); if (a == NULL) { - OPENSSL_PUT_ERROR(BN, bn_wexpand, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); return NULL; } @@ -306,12 +306,16 @@ BIGNUM *bn_wexpand(BIGNUM *bn, unsigned words) { OPENSSL_free(bn->d); bn->d = a; - bn->dmax = words; + bn->dmax = (int)words; return bn; } -BIGNUM *bn_expand(BIGNUM *bn, unsigned bits) { +BIGNUM *bn_expand(BIGNUM *bn, size_t bits) { + if (bits + BN_BITS2 - 1 < bits) { + OPENSSL_PUT_ERROR(BN, BN_R_BIGNUM_TOO_LONG); + return NULL; + } return bn_wexpand(bn, (bits+BN_BITS2-1)/BN_BITS2); } diff --git a/src/crypto/bn/bn_asn1.c b/src/crypto/bn/bn_asn1.c new file mode 100644 index 0000000..9d70ba8 --- /dev/null +++ b/src/crypto/bn/bn_asn1.c @@ -0,0 +1,93 @@ +/* Copyright (c) 2015, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#include + +#include +#include + + +int BN_cbs2unsigned(CBS *cbs, BIGNUM *ret) { + CBS child; + if (!CBS_get_asn1(cbs, &child, CBS_ASN1_INTEGER) || + CBS_len(&child) == 0) { + OPENSSL_PUT_ERROR(BN, BN_R_BAD_ENCODING); + return 0; + } + + if (CBS_data(&child)[0] & 0x80) { + OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER); + return 0; + } + + /* INTEGERs must be minimal. */ + if (CBS_data(&child)[0] == 0x00 && + CBS_len(&child) > 1 && + !(CBS_data(&child)[1] & 0x80)) { + OPENSSL_PUT_ERROR(BN, BN_R_BAD_ENCODING); + return 0; + } + + return BN_bin2bn(CBS_data(&child), CBS_len(&child), ret) != NULL; +} + +int BN_cbs2unsigned_buggy(CBS *cbs, BIGNUM *ret) { + CBS child; + if (!CBS_get_asn1(cbs, &child, CBS_ASN1_INTEGER) || + CBS_len(&child) == 0) { + OPENSSL_PUT_ERROR(BN, BN_R_BAD_ENCODING); + return 0; + } + + /* This function intentionally does not reject negative numbers or non-minimal + * encodings. Estonian IDs issued between September 2014 to September 2015 are + * broken. See https://crbug.com/532048 and https://crbug.com/534766. + * + * TODO(davidben): Remove this code and callers in March 2016. */ + return BN_bin2bn(CBS_data(&child), CBS_len(&child), ret) != NULL; +} + +int BN_bn2cbb(CBB *cbb, const BIGNUM *bn) { + /* Negative numbers are unsupported. */ + if (BN_is_negative(bn)) { + OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER); + return 0; + } + + CBB child; + if (!CBB_add_asn1(cbb, &child, CBS_ASN1_INTEGER)) { + OPENSSL_PUT_ERROR(BN, BN_R_ENCODE_ERROR); + return 0; + } + + /* The number must be padded with a leading zero if the high bit would + * otherwise be set (or |bn| is zero). */ + if (BN_num_bits(bn) % 8 == 0 && + !CBB_add_u8(&child, 0x00)) { + OPENSSL_PUT_ERROR(BN, BN_R_ENCODE_ERROR); + return 0; + } + + uint8_t *out; + if (!CBB_add_space(&child, &out, BN_num_bytes(bn))) { + OPENSSL_PUT_ERROR(BN, BN_R_ENCODE_ERROR); + return 0; + } + BN_bn2bin(bn, out); + if (!CBB_flush(cbb)) { + OPENSSL_PUT_ERROR(BN, BN_R_ENCODE_ERROR); + return 0; + } + return 1; +} diff --git a/src/crypto/bn/bn_test.cc b/src/crypto/bn/bn_test.cc index 6a7d48c..47093a7 100644 --- a/src/crypto/bn/bn_test.cc +++ b/src/crypto/bn/bn_test.cc @@ -82,6 +82,7 @@ #include #include "../crypto/test/scoped_types.h" +#include "../crypto/test/test_util.h" // This program tests the BIGNUM implementation. It takes an optional -bc @@ -117,11 +118,13 @@ static bool test_exp_mod_zero(void); static bool test_small_prime(FILE *fp, BN_CTX *ctx); static bool test_mod_exp_mont5(FILE *fp, BN_CTX *ctx); static bool test_sqrt(FILE *fp, BN_CTX *ctx); -static bool test_bn2bin_padded(FILE *fp, BN_CTX *ctx); -static bool test_dec2bn(FILE *fp, BN_CTX *ctx); -static bool test_hex2bn(FILE *fp, BN_CTX *ctx); -static bool test_asc2bn(FILE *fp, BN_CTX *ctx); +static bool test_bn2bin_padded(BN_CTX *ctx); +static bool test_dec2bn(BN_CTX *ctx); +static bool test_hex2bn(BN_CTX *ctx); +static bool test_asc2bn(BN_CTX *ctx); +static bool test_mpi(); static bool test_rand(); +static bool test_asn1(); static const uint8_t kSample[] = "\xC6\x4F\x43\x04\x2A\xEA\xCA\x6E\x58\x36\x80\x5B\xE8\xC9" @@ -311,35 +314,15 @@ int main(int argc, char *argv[]) { } flush_fp(bc_file.get()); - message(bc_file.get(), "BN_bn2bin_padded"); - if (!test_bn2bin_padded(bc_file.get(), ctx.get())) { + if (!test_bn2bin_padded(ctx.get()) || + !test_dec2bn(ctx.get()) || + !test_hex2bn(ctx.get()) || + !test_asc2bn(ctx.get()) || + !test_mpi() || + !test_rand() || + !test_asn1()) { return 1; } - flush_fp(bc_file.get()); - - message(bc_file.get(), "BN_dec2bn"); - if (!test_dec2bn(bc_file.get(), ctx.get())) { - return 1; - } - flush_fp(bc_file.get()); - - message(bc_file.get(), "BN_hex2bn"); - if (!test_hex2bn(bc_file.get(), ctx.get())) { - return 1; - } - flush_fp(bc_file.get()); - - message(bc_file.get(), "BN_asc2bn"); - if (!test_asc2bn(bc_file.get(), ctx.get())) { - return 1; - } - flush_fp(bc_file.get()); - - message(bc_file.get(), "BN_rand"); - if (!test_rand()) { - return 1; - } - flush_fp(bc_file.get()); printf("PASS\n"); return 0; @@ -440,6 +423,16 @@ static bool test_div(FILE *fp, BN_CTX *ctx) { return false; } + if (!BN_one(a.get())) { + return false; + } + BN_zero(b.get()); + if (BN_div(d.get(), c.get(), a.get(), b.get(), ctx)) { + fprintf(stderr, "Division by zero succeeded!\n"); + return false; + } + ERR_clear_error(); + for (int i = 0; i < num0 + num1; i++) { if (i < num1) { if (!BN_rand(a.get(), 400, 0, 0) || @@ -837,18 +830,17 @@ static bool test_div_word(FILE *fp) { } for (int i = 0; i < num0; i++) { - BN_ULONG s; do { if (!BN_rand(a.get(), 512, -1, 0) || !BN_rand(b.get(), BN_BITS2, -1, 0)) { return false; } - s = b->d[0]; - } while (!s); + } while (BN_is_zero(b.get())); if (!BN_copy(b.get(), a.get())) { return false; } + BN_ULONG s = b->d[0]; BN_ULONG r = BN_div_word(b.get(), s); if (r == (BN_ULONG)-1) { return false; @@ -891,8 +883,27 @@ static bool test_mont(FILE *fp, BN_CTX *ctx) { ScopedBIGNUM B(BN_new()); ScopedBIGNUM n(BN_new()); ScopedBN_MONT_CTX mont(BN_MONT_CTX_new()); - if (!a || !b || !c || !d || !A || !B || !n || !mont || - !BN_rand(a.get(), 100, 0, 0) || + if (!a || !b || !c || !d || !A || !B || !n || !mont) { + return false; + } + + BN_zero(n.get()); + if (BN_MONT_CTX_set(mont.get(), n.get(), ctx)) { + fprintf(stderr, "BN_MONT_CTX_set succeeded for zero modulus!\n"); + return false; + } + ERR_clear_error(); + + if (!BN_set_word(n.get(), 16)) { + return false; + } + if (BN_MONT_CTX_set(mont.get(), n.get(), ctx)) { + fprintf(stderr, "BN_MONT_CTX_set succeeded for even modulus!\n"); + return false; + } + ERR_clear_error(); + + if (!BN_rand(a.get(), 100, 0, 0) || !BN_rand(b.get(), 100, 0, 0)) { return false; } @@ -932,6 +943,7 @@ static bool test_mont(FILE *fp, BN_CTX *ctx) { return false; } } + return true; } @@ -985,6 +997,16 @@ static bool test_mod_mul(FILE *fp, BN_CTX *ctx) { return false; } + if (!BN_one(a.get()) || !BN_one(b.get())) { + return false; + } + BN_zero(c.get()); + if (BN_mod_mul(e.get(), a.get(), b.get(), c.get(), ctx)) { + fprintf(stderr, "BN_mod_mul with zero modulus succeeded!\n"); + return false; + } + ERR_clear_error(); + for (int j = 0; j < 3; j++) { if (!BN_rand(c.get(), 1024, 0, 0)) { return false; @@ -1039,8 +1061,21 @@ static bool test_mod_exp(FILE *fp, BN_CTX *ctx) { ScopedBIGNUM c(BN_new()); ScopedBIGNUM d(BN_new()); ScopedBIGNUM e(BN_new()); - if (!a || !b || !c || !d || !e || - !BN_rand(c.get(), 30, 0, 1)) { // must be odd for montgomery + if (!a || !b || !c || !d || !e) { + return false; + } + + if (!BN_one(a.get()) || !BN_one(b.get())) { + return false; + } + BN_zero(c.get()); + if (BN_mod_exp(d.get(), a.get(), b.get(), c.get(), ctx)) { + fprintf(stderr, "BN_mod_exp with zero modulus succeeded!\n"); + return 0; + } + ERR_clear_error(); + + if (!BN_rand(c.get(), 30, 0, 1)) { // must be odd for montgomery return false; } for (int i = 0; i < num2; i++) { @@ -1079,8 +1114,32 @@ static bool test_mod_exp_mont_consttime(FILE *fp, BN_CTX *ctx) { ScopedBIGNUM c(BN_new()); ScopedBIGNUM d(BN_new()); ScopedBIGNUM e(BN_new()); - if (!a || !b || !c || !d || !e || - !BN_rand(c.get(), 30, 0, 1)) { // must be odd for montgomery + if (!a || !b || !c || !d || !e) { + return false; + } + + if (!BN_one(a.get()) || !BN_one(b.get())) { + return false; + } + BN_zero(c.get()); + if (BN_mod_exp_mont_consttime(d.get(), a.get(), b.get(), c.get(), ctx, + nullptr)) { + fprintf(stderr, "BN_mod_exp_mont_consttime with zero modulus succeeded!\n"); + return 0; + } + ERR_clear_error(); + + if (!BN_set_word(c.get(), 16)) { + return false; + } + if (BN_mod_exp_mont_consttime(d.get(), a.get(), b.get(), c.get(), ctx, + nullptr)) { + fprintf(stderr, "BN_mod_exp_mont_consttime with even modulus succeeded!\n"); + return 0; + } + ERR_clear_error(); + + if (!BN_rand(c.get(), 30, 0, 1)) { // must be odd for montgomery return false; } for (int i = 0; i < num2; i++) { @@ -1208,8 +1267,9 @@ static bool test_exp(FILE *fp, BN_CTX *ctx) { if (!BN_one(e.get())) { return false; } - for (; !BN_is_zero(b.get()); BN_sub(b.get(), b.get(), BN_value_one())) { - if (!BN_mul(e.get(), e.get(), a.get(), ctx)) { + while (!BN_is_zero(b.get())) { + if (!BN_mul(e.get(), e.get(), a.get(), ctx) || + !BN_sub(b.get(), b.get(), BN_value_one())) { return false; } } @@ -1371,7 +1431,7 @@ static bool test_sqrt(FILE *fp, BN_CTX *ctx) { return true; } -static bool test_bn2bin_padded(FILE *fp, BN_CTX *ctx) { +static bool test_bn2bin_padded(BN_CTX *ctx) { uint8_t zeros[256], out[256], reference[128]; memset(zeros, 0, sizeof(zeros)); @@ -1448,7 +1508,7 @@ static int DecimalToBIGNUM(ScopedBIGNUM *out, const char *in) { return ret; } -static bool test_dec2bn(FILE *fp, BN_CTX *ctx) { +static bool test_dec2bn(BN_CTX *ctx) { ScopedBIGNUM bn; int ret = DecimalToBIGNUM(&bn, "0"); if (ret != 1 || !BN_is_zero(bn.get()) || BN_is_negative(bn.get())) { @@ -1490,7 +1550,7 @@ static int HexToBIGNUM(ScopedBIGNUM *out, const char *in) { return ret; } -static bool test_hex2bn(FILE *fp, BN_CTX *ctx) { +static bool test_hex2bn(BN_CTX *ctx) { ScopedBIGNUM bn; int ret = HexToBIGNUM(&bn, "0"); if (ret != 1 || !BN_is_zero(bn.get()) || BN_is_negative(bn.get())) { @@ -1533,7 +1593,7 @@ static ScopedBIGNUM ASCIIToBIGNUM(const char *in) { return ScopedBIGNUM(raw); } -static bool test_asc2bn(FILE *fp, BN_CTX *ctx) { +static bool test_asc2bn(BN_CTX *ctx) { ScopedBIGNUM bn = ASCIIToBIGNUM("0"); if (!bn || !BN_is_zero(bn.get()) || BN_is_negative(bn.get())) { fprintf(stderr, "BN_asc2bn gave a bad result.\n"); @@ -1585,6 +1645,63 @@ static bool test_asc2bn(FILE *fp, BN_CTX *ctx) { return true; } +struct MPITest { + const char *base10; + const char *mpi; + size_t mpi_len; +}; + +static const MPITest kMPITests[] = { + { "0", "\x00\x00\x00\x00", 4 }, + { "1", "\x00\x00\x00\x01\x01", 5 }, + { "-1", "\x00\x00\x00\x01\x81", 5 }, + { "128", "\x00\x00\x00\x02\x00\x80", 6 }, + { "256", "\x00\x00\x00\x02\x01\x00", 6 }, + { "-256", "\x00\x00\x00\x02\x81\x00", 6 }, +}; + +static bool test_mpi() { + uint8_t scratch[8]; + + for (size_t i = 0; i < sizeof(kMPITests) / sizeof(kMPITests[0]); i++) { + const MPITest &test = kMPITests[i]; + ScopedBIGNUM bn(ASCIIToBIGNUM(test.base10)); + const size_t mpi_len = BN_bn2mpi(bn.get(), NULL); + if (mpi_len > sizeof(scratch)) { + fprintf(stderr, "MPI test #%u: MPI size is too large to test.\n", + (unsigned)i); + return false; + } + + const size_t mpi_len2 = BN_bn2mpi(bn.get(), scratch); + if (mpi_len != mpi_len2) { + fprintf(stderr, "MPI test #%u: length changes.\n", (unsigned)i); + return false; + } + + if (mpi_len != test.mpi_len || + memcmp(test.mpi, scratch, mpi_len) != 0) { + fprintf(stderr, "MPI test #%u failed:\n", (unsigned)i); + hexdump(stderr, "Expected: ", test.mpi, test.mpi_len); + hexdump(stderr, "Got: ", scratch, mpi_len); + return false; + } + + ScopedBIGNUM bn2(BN_mpi2bn(scratch, mpi_len, NULL)); + if (bn2.get() == nullptr) { + fprintf(stderr, "MPI test #%u: failed to parse\n", (unsigned)i); + return false; + } + + if (BN_cmp(bn.get(), bn2.get()) != 0) { + fprintf(stderr, "MPI test #%u: wrong result\n", (unsigned)i); + return false; + } + } + + return true; +} + static bool test_rand() { ScopedBIGNUM bn(BN_new()); if (!bn) { @@ -1628,3 +1745,170 @@ static bool test_rand() { return true; } + +struct ASN1Test { + const char *value_ascii; + const char *der; + size_t der_len; +}; + +static const ASN1Test kASN1Tests[] = { + {"0", "\x02\x01\x00", 3}, + {"1", "\x02\x01\x01", 3}, + {"127", "\x02\x01\x7f", 3}, + {"128", "\x02\x02\x00\x80", 4}, + {"0xdeadbeef", "\x02\x05\x00\xde\xad\xbe\xef", 7}, + {"0x0102030405060708", + "\x02\x08\x01\x02\x03\x04\x05\x06\x07\x08", 10}, + {"0xffffffffffffffff", + "\x02\x09\x00\xff\xff\xff\xff\xff\xff\xff\xff", 11}, +}; + +struct ASN1InvalidTest { + const char *der; + size_t der_len; +}; + +static const ASN1InvalidTest kASN1InvalidTests[] = { + // Bad tag. + {"\x03\x01\x00", 3}, + // Empty contents. + {"\x02\x00", 2}, +}; + +// kASN1BuggyTests are incorrect encodings and how |BN_cbs2unsigned_buggy| +// should interpret them. +static const ASN1Test kASN1BuggyTests[] = { + // Negative numbers. + {"128", "\x02\x01\x80", 3}, + {"255", "\x02\x01\xff", 3}, + // Unnecessary leading zeros. + {"1", "\x02\x02\x00\x01", 4}, +}; + +static bool test_asn1() { + for (const ASN1Test &test : kASN1Tests) { + ScopedBIGNUM bn = ASCIIToBIGNUM(test.value_ascii); + if (!bn) { + return false; + } + + // Test that the input is correctly parsed. + ScopedBIGNUM bn2(BN_new()); + if (!bn2) { + return false; + } + CBS cbs; + CBS_init(&cbs, reinterpret_cast(test.der), test.der_len); + if (!BN_cbs2unsigned(&cbs, bn2.get()) || CBS_len(&cbs) != 0) { + fprintf(stderr, "Parsing ASN.1 INTEGER failed.\n"); + return false; + } + if (BN_cmp(bn.get(), bn2.get()) != 0) { + fprintf(stderr, "Bad parse.\n"); + return false; + } + + // Test the value serializes correctly. + CBB cbb; + uint8_t *der; + size_t der_len; + CBB_zero(&cbb); + if (!CBB_init(&cbb, 0) || + !BN_bn2cbb(&cbb, bn.get()) || + !CBB_finish(&cbb, &der, &der_len)) { + CBB_cleanup(&cbb); + return false; + } + ScopedOpenSSLBytes delete_der(der); + if (der_len != test.der_len || + memcmp(der, reinterpret_cast(test.der), der_len) != 0) { + fprintf(stderr, "Bad serialization.\n"); + return false; + } + + // |BN_cbs2unsigned_buggy| parses all valid input. + CBS_init(&cbs, reinterpret_cast(test.der), test.der_len); + if (!BN_cbs2unsigned_buggy(&cbs, bn2.get()) || CBS_len(&cbs) != 0) { + fprintf(stderr, "Parsing ASN.1 INTEGER failed.\n"); + return false; + } + if (BN_cmp(bn.get(), bn2.get()) != 0) { + fprintf(stderr, "Bad parse.\n"); + return false; + } + } + + for (const ASN1InvalidTest &test : kASN1InvalidTests) { + ScopedBIGNUM bn(BN_new()); + if (!bn) { + return false; + } + CBS cbs; + CBS_init(&cbs, reinterpret_cast(test.der), test.der_len); + if (BN_cbs2unsigned(&cbs, bn.get())) { + fprintf(stderr, "Parsed invalid input.\n"); + return false; + } + ERR_clear_error(); + + // All tests in kASN1InvalidTests are also rejected by + // |BN_cbs2unsigned_buggy|. + CBS_init(&cbs, reinterpret_cast(test.der), test.der_len); + if (BN_cbs2unsigned_buggy(&cbs, bn.get())) { + fprintf(stderr, "Parsed invalid input.\n"); + return false; + } + ERR_clear_error(); + } + + for (const ASN1Test &test : kASN1BuggyTests) { + // These broken encodings are rejected by |BN_cbs2unsigned|. + ScopedBIGNUM bn(BN_new()); + if (!bn) { + return false; + } + + CBS cbs; + CBS_init(&cbs, reinterpret_cast(test.der), test.der_len); + if (BN_cbs2unsigned(&cbs, bn.get())) { + fprintf(stderr, "Parsed invalid input.\n"); + return false; + } + ERR_clear_error(); + + // However |BN_cbs2unsigned_buggy| accepts them. + ScopedBIGNUM bn2 = ASCIIToBIGNUM(test.value_ascii); + if (!bn2) { + return false; + } + + CBS_init(&cbs, reinterpret_cast(test.der), test.der_len); + if (!BN_cbs2unsigned_buggy(&cbs, bn.get()) || CBS_len(&cbs) != 0) { + fprintf(stderr, "Parsing (invalid) ASN.1 INTEGER failed.\n"); + return false; + } + + if (BN_cmp(bn.get(), bn2.get()) != 0) { + fprintf(stderr, "\"Bad\" parse.\n"); + return false; + } + } + + // Serializing negative numbers is not supported. + ScopedBIGNUM bn = ASCIIToBIGNUM("-1"); + if (!bn) { + return false; + } + CBB cbb; + CBB_zero(&cbb); + if (!CBB_init(&cbb, 0) || + BN_bn2cbb(&cbb, bn.get())) { + fprintf(stderr, "Serialized negative number.\n"); + CBB_cleanup(&cbb); + return false; + } + CBB_cleanup(&cbb); + + return true; +} diff --git a/src/crypto/bn/convert.c b/src/crypto/bn/convert.c index 531b661..0122709 100644 --- a/src/crypto/bn/convert.c +++ b/src/crypto/bn/convert.c @@ -56,7 +56,9 @@ #include +#include #include +#include #include #include @@ -67,7 +69,8 @@ #include "internal.h" BIGNUM *BN_bin2bn(const uint8_t *in, size_t len, BIGNUM *ret) { - unsigned num_words, m; + size_t num_words; + unsigned m; BN_ULONG word = 0; BIGNUM *bn = NULL; @@ -93,7 +96,10 @@ BIGNUM *BN_bin2bn(const uint8_t *in, size_t len, BIGNUM *ret) { return NULL; } - ret->top = num_words; + /* |bn_wexpand| must check bounds on |num_words| to write it into + * |ret->dmax|. */ + assert(num_words <= INT_MAX); + ret->top = (int)num_words; ret->neg = 0; while (len--) { @@ -198,7 +204,7 @@ char *BN_bn2hex(const BIGNUM *bn) { buf = (char *)OPENSSL_malloc(bn->top * BN_BYTES * 2 + 2); if (buf == NULL) { - OPENSSL_PUT_ERROR(BN, BN_bn2hex, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); return NULL; } @@ -227,47 +233,59 @@ char *BN_bn2hex(const BIGNUM *bn) { return buf; } -/* decode_hex decodes |i| bytes of hex data from |in| and updates |bn|. */ -static void decode_hex(BIGNUM *bn, const char *in, int i) { - int h, m, j, k, c; - BN_ULONG l=0; - - j = i; /* least significant 'hex' */ - h = 0; - while (j > 0) { - m = ((BN_BYTES * 2) <= j) ? (BN_BYTES * 2) : j; - l = 0; - for (;;) { - c = in[j - m]; - if ((c >= '0') && (c <= '9')) { - k = c - '0'; - } else if ((c >= 'a') && (c <= 'f')) { - k = c - 'a' + 10; - } else if ((c >= 'A') && (c <= 'F')) { - k = c - 'A' + 10; - } else { - k = 0; /* paranoia */ - } +/* decode_hex decodes |in_len| bytes of hex data from |in| and updates |bn|. */ +static int decode_hex(BIGNUM *bn, const char *in, int in_len) { + if (in_len > INT_MAX/4) { + OPENSSL_PUT_ERROR(BN, BN_R_BIGNUM_TOO_LONG); + return 0; + } + /* |in_len| is the number of hex digits. */ + if (bn_expand(bn, in_len * 4) == NULL) { + return 0; + } - l = (l << 4) | k; + int i = 0; + while (in_len > 0) { + /* Decode one |BN_ULONG| at a time. */ + int todo = BN_BYTES * 2; + if (todo > in_len) { + todo = in_len; + } - if (--m <= 0) { - bn->d[h++] = l; - break; + BN_ULONG word = 0; + int j; + for (j = todo; j > 0; j--) { + char c = in[in_len - j]; + + BN_ULONG hex; + if (c >= '0' && c <= '9') { + hex = c - '0'; + } else if (c >= 'a' && c <= 'f') { + hex = c - 'a' + 10; + } else if (c >= 'A' && c <= 'F') { + hex = c - 'A' + 10; + } else { + hex = 0; + /* This shouldn't happen. The caller checks |isxdigit|. */ + assert(0); } + word = (word << 4) | hex; } - j -= (BN_BYTES * 2); + bn->d[i++] = word; + in_len -= todo; } - - bn->top = h; + assert(i <= bn->dmax); + bn->top = i; + return 1; } /* decode_dec decodes |in_len| bytes of decimal data from |in| and updates |bn|. */ -static void decode_dec(BIGNUM *bn, const char *in, int in_len) { +static int decode_dec(BIGNUM *bn, const char *in, int in_len) { int i, j; BN_ULONG l = 0; + /* Decode |BN_DEC_NUM| digits at a time. */ j = BN_DEC_NUM - (in_len % BN_DEC_NUM); if (j == BN_DEC_NUM) { j = 0; @@ -277,15 +295,18 @@ static void decode_dec(BIGNUM *bn, const char *in, int in_len) { l *= 10; l += in[i] - '0'; if (++j == BN_DEC_NUM) { - BN_mul_word(bn, BN_DEC_CONV); - BN_add_word(bn, l); + if (!BN_mul_word(bn, BN_DEC_CONV) || + !BN_add_word(bn, l)) { + return 0; + } l = 0; j = 0; } } + return 1; } -typedef void (*decode_func) (BIGNUM *bn, const char *in, int i); +typedef int (*decode_func) (BIGNUM *bn, const char *in, int in_len); typedef int (*char_test_func) (int c); static int bn_x2bn(BIGNUM **outp, const char *in, decode_func decode, char_test_func want_char) { @@ -302,7 +323,7 @@ static int bn_x2bn(BIGNUM **outp, const char *in, decode_func decode, char_test_ in++; } - for (i = 0; want_char((unsigned char)in[i]); i++) {} + for (i = 0; want_char((unsigned char)in[i]) && i + neg < INT_MAX; i++) {} num = i + neg; if (outp == NULL) { @@ -320,13 +341,10 @@ static int bn_x2bn(BIGNUM **outp, const char *in, decode_func decode, char_test_ BN_zero(ret); } - /* i is the number of hex digests; */ - if (bn_expand(ret, i * 4) == NULL) { + if (!decode(ret, in, i)) { goto err; } - decode(ret, in, i); - bn_correct_top(ret); if (!BN_is_zero(ret)) { ret->neg = neg; @@ -365,7 +383,7 @@ char *BN_bn2dec(const BIGNUM *a) { (BN_ULONG *)OPENSSL_malloc((num / BN_DEC_NUM + 1) * sizeof(BN_ULONG)); buf = (char *)OPENSSL_malloc(num + 3); if ((buf == NULL) || (bn_data == NULL)) { - OPENSSL_PUT_ERROR(BN, BN_bn2dec, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); goto err; } t = BN_dup(a); @@ -499,3 +517,81 @@ BN_ULONG BN_get_word(const BIGNUM *bn) { return BN_MASK2; } } + +size_t BN_bn2mpi(const BIGNUM *in, uint8_t *out) { + const size_t bits = BN_num_bits(in); + const size_t bytes = (bits + 7) / 8; + /* If the number of bits is a multiple of 8, i.e. if the MSB is set, + * prefix with a zero byte. */ + int extend = 0; + if (bytes != 0 && (bits & 0x07) == 0) { + extend = 1; + } + + const size_t len = bytes + extend; + if (len < bytes || + 4 + len < len || + (len & 0xffffffff) != len) { + /* If we cannot represent the number then we emit zero as the interface + * doesn't allow an error to be signalled. */ + if (out) { + memset(out, 0, 4); + } + return 4; + } + + if (out == NULL) { + return 4 + len; + } + + out[0] = len >> 24; + out[1] = len >> 16; + out[2] = len >> 8; + out[3] = len; + if (extend) { + out[4] = 0; + } + BN_bn2bin(in, out + 4 + extend); + if (in->neg && len > 0) { + out[4] |= 0x80; + } + return len + 4; +} + +BIGNUM *BN_mpi2bn(const uint8_t *in, size_t len, BIGNUM *out) { + if (len < 4) { + OPENSSL_PUT_ERROR(BN, BN_R_BAD_ENCODING); + return NULL; + } + const size_t in_len = ((size_t)in[0] << 24) | + ((size_t)in[1] << 16) | + ((size_t)in[2] << 8) | + ((size_t)in[3]); + if (in_len != len - 4) { + OPENSSL_PUT_ERROR(BN, BN_R_BAD_ENCODING); + return NULL; + } + + if (out == NULL) { + out = BN_new(); + } + if (out == NULL) { + OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); + return NULL; + } + + if (in_len == 0) { + BN_zero(out); + return out; + } + + in += 4; + if (BN_bin2bn(in, in_len, out) == NULL) { + return NULL; + } + out->neg = ((*in) & 0x80) != 0; + if (out->neg) { + BN_clear_bit(out, BN_num_bits(out) - 1); + } + return out; +} diff --git a/src/crypto/bn/ctx.c b/src/crypto/bn/ctx.c index 0578376..48d9adf 100644 --- a/src/crypto/bn/ctx.c +++ b/src/crypto/bn/ctx.c @@ -124,7 +124,7 @@ struct bignum_ctx { BN_CTX *BN_CTX_new(void) { BN_CTX *ret = OPENSSL_malloc(sizeof(BN_CTX)); if (!ret) { - OPENSSL_PUT_ERROR(BN, BN_CTX_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); return NULL; } @@ -153,7 +153,7 @@ void BN_CTX_start(BN_CTX *ctx) { ctx->err_stack++; } else if (!BN_STACK_push(&ctx->stack, ctx->used)) { /* (Try to) get a new frame pointer */ - OPENSSL_PUT_ERROR(BN, BN_CTX_start, BN_R_TOO_MANY_TEMPORARY_VARIABLES); + OPENSSL_PUT_ERROR(BN, BN_R_TOO_MANY_TEMPORARY_VARIABLES); ctx->err_stack++; } } @@ -169,7 +169,7 @@ BIGNUM *BN_CTX_get(BN_CTX *ctx) { /* Setting too_many prevents repeated "get" attempts from * cluttering the error stack. */ ctx->too_many = 1; - OPENSSL_PUT_ERROR(BN, BN_CTX_get, BN_R_TOO_MANY_TEMPORARY_VARIABLES); + OPENSSL_PUT_ERROR(BN, BN_R_TOO_MANY_TEMPORARY_VARIABLES); return NULL; } diff --git a/src/crypto/bn/div.c b/src/crypto/bn/div.c index 3588ea1..779dda2 100644 --- a/src/crypto/bn/div.c +++ b/src/crypto/bn/div.c @@ -125,7 +125,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, * so don't just rely on bn_check_top() here */ if ((num->top > 0 && num->d[num->top - 1] == 0) || (divisor->top > 0 && divisor->d[divisor->top - 1] == 0)) { - OPENSSL_PUT_ERROR(BN, BN_div, BN_R_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(BN, BN_R_NOT_INITIALIZED); return 0; } @@ -135,7 +135,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, } if (BN_is_zero(divisor)) { - OPENSSL_PUT_ERROR(BN, BN_div, BN_R_DIV_BY_ZERO); + OPENSSL_PUT_ERROR(BN, BN_R_DIV_BY_ZERO); return 0; } @@ -511,7 +511,7 @@ int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m) { /* max_shift >= 0 */ if (max_shift < 0) { - OPENSSL_PUT_ERROR(BN, BN_mod_lshift_quick, BN_R_INPUT_NOT_REDUCED); + OPENSSL_PUT_ERROR(BN, BN_R_INPUT_NOT_REDUCED); return 0; } diff --git a/src/crypto/bn/exponentiation.c b/src/crypto/bn/exponentiation.c index d3063c9..6c5e11b 100644 --- a/src/crypto/bn/exponentiation.c +++ b/src/crypto/bn/exponentiation.c @@ -131,7 +131,7 @@ int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { if ((p->flags & BN_FLG_CONSTTIME) != 0) { /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */ - OPENSSL_PUT_ERROR(BN, BN_exp, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(BN, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } @@ -173,8 +173,8 @@ int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { } } - if (r != rr) { - BN_copy(r, rr); + if (r != rr && !BN_copy(r, rr)) { + goto err; } ret = 1; @@ -333,7 +333,7 @@ static int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, j = 0; while (BN_ucmp(r, &(recp->N)) >= 0) { if (j++ > 2) { - OPENSSL_PUT_ERROR(BN, BN_div_recp, BN_R_BAD_RECIPROCAL); + OPENSSL_PUT_ERROR(BN, BN_R_BAD_RECIPROCAL); goto err; } if (!BN_usub(r, r, &(recp->N))) { @@ -427,7 +427,7 @@ static int mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) { /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */ - OPENSSL_PUT_ERROR(BN, mod_exp_recp, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(BN, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } @@ -616,7 +616,7 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, } if (!BN_is_odd(m)) { - OPENSSL_PUT_ERROR(BN, BN_mod_exp_mont, BN_R_CALLED_WITH_EVEN_MODULUS); + OPENSSL_PUT_ERROR(BN, BN_R_CALLED_WITH_EVEN_MODULUS); return 0; } bits = BN_num_bits(p); @@ -862,13 +862,13 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, unsigned char *powerbuf = NULL; BIGNUM tmp, am; - top = m->top; - - if (!(m->d[0] & 1)) { - OPENSSL_PUT_ERROR(BN, BN_mod_exp_mont_consttime, - BN_R_CALLED_WITH_EVEN_MODULUS); + if (!BN_is_odd(m)) { + OPENSSL_PUT_ERROR(BN, BN_R_CALLED_WITH_EVEN_MODULUS); return 0; } + + top = m->top; + bits = BN_num_bits(p); if (bits == 0) { ret = BN_one(rr); @@ -926,7 +926,6 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, } } #endif - (void)0; /* Allocate a buffer large enough to hold all of the pre-computed * powers of am, am itself and tmp. @@ -1223,13 +1222,12 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) { /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */ - OPENSSL_PUT_ERROR(BN, BN_mod_exp_mont_word, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(BN, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (!BN_is_odd(m)) { - OPENSSL_PUT_ERROR(BN, BN_mod_exp_mont_word, BN_R_CALLED_WITH_EVEN_MODULUS); + OPENSSL_PUT_ERROR(BN, BN_R_CALLED_WITH_EVEN_MODULUS); return 0; } @@ -1372,7 +1370,7 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1, BN_MONT_CTX *mont = NULL; if (!(m->d[0] & 1)) { - OPENSSL_PUT_ERROR(BN, BN_mod_exp2_mont, BN_R_CALLED_WITH_EVEN_MODULUS); + OPENSSL_PUT_ERROR(BN, BN_R_CALLED_WITH_EVEN_MODULUS); return 0; } bits1 = BN_num_bits(p1); diff --git a/src/crypto/bn/gcd.c b/src/crypto/bn/gcd.c index 3132c29..e106149 100644 --- a/src/crypto/bn/gcd.c +++ b/src/crypto/bn/gcd.c @@ -223,20 +223,23 @@ err: } /* solves ax == 1 (mod n) */ -static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *out, const BIGNUM *a, - const BIGNUM *n, BN_CTX *ctx); +static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *out, int *out_no_inverse, + const BIGNUM *a, const BIGNUM *n, + BN_CTX *ctx); -BIGNUM *BN_mod_inverse(BIGNUM *out, const BIGNUM *a, const BIGNUM *n, - BN_CTX *ctx) { +BIGNUM *BN_mod_inverse_ex(BIGNUM *out, int *out_no_inverse, const BIGNUM *a, + const BIGNUM *n, BN_CTX *ctx) { BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL; BIGNUM *ret = NULL; int sign; if ((a->flags & BN_FLG_CONSTTIME) != 0 || (n->flags & BN_FLG_CONSTTIME) != 0) { - return BN_mod_inverse_no_branch(out, a, n, ctx); + return BN_mod_inverse_no_branch(out, out_no_inverse, a, n, ctx); } + *out_no_inverse = 0; + BN_CTX_start(ctx); A = BN_CTX_get(ctx); B = BN_CTX_get(ctx); @@ -522,7 +525,8 @@ BIGNUM *BN_mod_inverse(BIGNUM *out, const BIGNUM *a, const BIGNUM *n, } } } else { - OPENSSL_PUT_ERROR(BN, BN_mod_inverse, BN_R_NO_INVERSE); + *out_no_inverse = 1; + OPENSSL_PUT_ERROR(BN, BN_R_NO_INVERSE); goto err; } ret = R; @@ -535,16 +539,25 @@ err: return ret; } +BIGNUM *BN_mod_inverse(BIGNUM *out, const BIGNUM *a, const BIGNUM *n, + BN_CTX *ctx) { + int no_inverse; + return BN_mod_inverse_ex(out, &no_inverse, a, n, ctx); +} + /* BN_mod_inverse_no_branch is a special version of BN_mod_inverse. * It does not contain branches that may leak sensitive information. */ -static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *out, const BIGNUM *a, - const BIGNUM *n, BN_CTX *ctx) { +static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *out, int *out_no_inverse, + const BIGNUM *a, const BIGNUM *n, + BN_CTX *ctx) { BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL; BIGNUM local_A, local_B; BIGNUM *pA, *pB; BIGNUM *ret = NULL; int sign; + *out_no_inverse = 0; + BN_CTX_start(ctx); A = BN_CTX_get(ctx); B = BN_CTX_get(ctx); @@ -682,7 +695,8 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *out, const BIGNUM *a, } } } else { - OPENSSL_PUT_ERROR(BN, BN_mod_inverse_no_branch, BN_R_NO_INVERSE); + *out_no_inverse = 1; + OPENSSL_PUT_ERROR(BN, BN_R_NO_INVERSE); goto err; } ret = R; diff --git a/src/crypto/bn/internal.h b/src/crypto/bn/internal.h index 2674b3c..0d0eb44 100644 --- a/src/crypto/bn/internal.h +++ b/src/crypto/bn/internal.h @@ -136,9 +136,9 @@ extern "C" { #endif -/* bn_expand acts the same as |BN_wexpand|, but takes a number of bits rather +/* bn_expand acts the same as |bn_wexpand|, but takes a number of bits rather * than a number of words. */ -BIGNUM *bn_expand(BIGNUM *bn, unsigned bits); +BIGNUM *bn_expand(BIGNUM *bn, size_t bits); #if defined(OPENSSL_64_BIT) diff --git a/src/crypto/bn/montgomery.c b/src/crypto/bn/montgomery.c index 152cf2d..c6c9c88 100644 --- a/src/crypto/bn/montgomery.c +++ b/src/crypto/bn/montgomery.c @@ -110,6 +110,7 @@ #include +#include #include #include @@ -176,6 +177,11 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx) { BIGNUM tmod; BN_ULONG buf[2]; + if (BN_is_zero(mod)) { + OPENSSL_PUT_ERROR(BN, BN_R_DIV_BY_ZERO); + return 0; + } + BN_CTX_start(ctx); Ri = BN_CTX_get(ctx); if (Ri == NULL) { diff --git a/src/crypto/bn/mul.c b/src/crypto/bn/mul.c index a17d766..029a59e 100644 --- a/src/crypto/bn/mul.c +++ b/src/crypto/bn/mul.c @@ -666,8 +666,8 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) { end: bn_correct_top(rr); - if (r != rr) { - BN_copy(r, rr); + if (r != rr && !BN_copy(r, rr)) { + goto err; } ret = 1; @@ -877,8 +877,8 @@ int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) { rr->top = max; } - if (rr != r) { - BN_copy(r, rr); + if (rr != r && !BN_copy(r, rr)) { + goto err; } ret = 1; diff --git a/src/crypto/bn/prime.c b/src/crypto/bn/prime.c index cf3afcf..bbb8fe0 100644 --- a/src/crypto/bn/prime.c +++ b/src/crypto/bn/prime.c @@ -362,11 +362,11 @@ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add, if (bits < 2) { /* There are no prime numbers this small. */ - OPENSSL_PUT_ERROR(BN, BN_generate_prime_ex, BN_R_BITS_TOO_SMALL); + OPENSSL_PUT_ERROR(BN, BN_R_BITS_TOO_SMALL); return 0; } else if (bits == 2 && safe) { /* The smallest safe prime (7) is three bits. */ - OPENSSL_PUT_ERROR(BN, BN_generate_prime_ex, BN_R_BITS_TOO_SMALL); + OPENSSL_PUT_ERROR(BN, BN_R_BITS_TOO_SMALL); return 0; } @@ -515,11 +515,10 @@ int BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, /* A := abs(a) */ if (a->neg) { - BIGNUM *t; - if ((t = BN_CTX_get(ctx)) == NULL) { + BIGNUM *t = BN_CTX_get(ctx); + if (t == NULL || !BN_copy(t, a)) { goto err; } - BN_copy(t, a); t->neg = 0; A = t; } else { diff --git a/src/crypto/bn/random.c b/src/crypto/bn/random.c index 549ac48..3116e54 100644 --- a/src/crypto/bn/random.c +++ b/src/crypto/bn/random.c @@ -134,7 +134,7 @@ int BN_rand(BIGNUM *rnd, int bits, int top, int bottom) { buf = OPENSSL_malloc(bytes); if (buf == NULL) { - OPENSSL_PUT_ERROR(BN, BN_rand, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); goto err; } @@ -186,7 +186,7 @@ int BN_rand_range(BIGNUM *r, const BIGNUM *range) { unsigned count = 100; if (range->neg || BN_is_zero(range)) { - OPENSSL_PUT_ERROR(BN, BN_rand_range, BN_R_INVALID_RANGE); + OPENSSL_PUT_ERROR(BN, BN_R_INVALID_RANGE); return 0; } @@ -219,7 +219,7 @@ int BN_rand_range(BIGNUM *r, const BIGNUM *range) { } if (!--count) { - OPENSSL_PUT_ERROR(BN, BN_rand_range, BN_R_TOO_MANY_ITERATIONS); + OPENSSL_PUT_ERROR(BN, BN_R_TOO_MANY_ITERATIONS); return 0; } } while (BN_cmp(r, range) >= 0); @@ -231,7 +231,7 @@ int BN_rand_range(BIGNUM *r, const BIGNUM *range) { } if (!--count) { - OPENSSL_PUT_ERROR(BN, BN_rand_range, BN_R_TOO_MANY_ITERATIONS); + OPENSSL_PUT_ERROR(BN, BN_R_TOO_MANY_ITERATIONS); return 0; } } while (BN_cmp(r, range) >= 0); @@ -264,13 +264,13 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range, const BIGNUM *priv, } if (BN_is_zero(range)) { - OPENSSL_PUT_ERROR(BN, BN_generate_dsa_nonce, BN_R_DIV_BY_ZERO); + OPENSSL_PUT_ERROR(BN, BN_R_DIV_BY_ZERO); goto err; } k_bytes = OPENSSL_malloc(num_k_bytes); if (!k_bytes) { - OPENSSL_PUT_ERROR(BN, BN_generate_dsa_nonce, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); goto err; } @@ -281,7 +281,7 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range, const BIGNUM *priv, /* No reasonable DSA or ECDSA key should have a private key * this large and we don't handle this case in order to avoid * leaking the length of the private key. */ - OPENSSL_PUT_ERROR(BN, BN_generate_dsa_nonce, BN_R_PRIVATE_KEY_TOO_LARGE); + OPENSSL_PUT_ERROR(BN, BN_R_PRIVATE_KEY_TOO_LARGE); goto err; } memcpy(private_bytes, priv->d, todo); diff --git a/src/crypto/bn/rsaz_exp.h b/src/crypto/bn/rsaz_exp.h index 0bb6b0c..c752b45 100644 --- a/src/crypto/bn/rsaz_exp.h +++ b/src/crypto/bn/rsaz_exp.h @@ -1,32 +1,44 @@ -/****************************************************************************** -* Copyright(c) 2012, Intel Corp. -* Developers and authors: -* Shay Gueron (1, 2), and Vlad Krasnov (1) -* (1) Intel Corporation, Israel Development Center, Haifa, Israel -* (2) University of Haifa, Israel +/***************************************************************************** +* * +* Copyright (c) 2012, Intel Corporation * +* * +* All rights reserved. * +* * +* Redistribution and use in source and binary forms, with or without * +* modification, are permitted provided that the following conditions are * +* met: * +* * +* * Redistributions of source code must retain the above copyright * +* notice, this list of conditions and the following disclaimer. * +* * +* * Redistributions in binary form must reproduce the above copyright * +* notice, this list of conditions and the following disclaimer in the * +* documentation and/or other materials provided with the * +* distribution. * +* * +* * Neither the name of the Intel Corporation nor the names of its * +* contributors may be used to endorse or promote products derived from * +* this software without specific prior written permission. * +* * +* * +* THIS SOFTWARE IS PROVIDED BY INTEL CORPORATION ""AS IS"" AND ANY * +* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * +* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * +* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL INTEL CORPORATION OR * +* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, * +* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * +* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +* * ****************************************************************************** -* LICENSE: -* This submission to OpenSSL is to be made available under the OpenSSL -* license, and only to the OpenSSL project, in order to allow integration -* into the publicly distributed code. -* The use of this code, or portions of this code, or concepts embedded in -* this code, or modification of this code and/or algorithm(s) in it, or the -* use of this code for any other purpose than stated above, requires special -* licensing. -****************************************************************************** -* DISCLAIMER: -* THIS SOFTWARE IS PROVIDED BY THE CONTRIBUTORS AND THE COPYRIGHT OWNERS -* ``AS IS''. ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED -* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS OR THE COPYRIGHT -* OWNERS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, -* OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -* POSSIBILITY OF SUCH DAMAGE. -******************************************************************************/ +* Developers and authors: * +* Shay Gueron (1, 2), and Vlad Krasnov (1) * +* (1) Intel Corporation, Israel Development Center, Haifa, Israel * +* (2) University of Haifa, Israel * +*****************************************************************************/ #ifndef RSAZ_EXP_H #define RSAZ_EXP_H diff --git a/src/crypto/bn/shift.c b/src/crypto/bn/shift.c index f143996..defec92 100644 --- a/src/crypto/bn/shift.c +++ b/src/crypto/bn/shift.c @@ -69,7 +69,7 @@ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n) { BN_ULONG l; if (n < 0) { - OPENSSL_PUT_ERROR(BN, BN_lshift, BN_R_NEGATIVE_NUMBER); + OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER); return 0; } @@ -138,7 +138,7 @@ int BN_rshift(BIGNUM *r, const BIGNUM *a, int n) { BN_ULONG l, tmp; if (n < 0) { - OPENSSL_PUT_ERROR(BN, BN_rshift, BN_R_NEGATIVE_NUMBER); + OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER); return 0; } diff --git a/src/crypto/bn/sqrt.c b/src/crypto/bn/sqrt.c index e71a818..2ed66c2 100644 --- a/src/crypto/bn/sqrt.c +++ b/src/crypto/bn/sqrt.c @@ -86,7 +86,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { return ret; } - OPENSSL_PUT_ERROR(BN, BN_mod_sqrt, BN_R_P_IS_NOT_PRIME); + OPENSSL_PUT_ERROR(BN, BN_R_P_IS_NOT_PRIME); return (NULL); } @@ -260,7 +260,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { } if (r == 0) { /* m divides p */ - OPENSSL_PUT_ERROR(BN, BN_mod_sqrt, BN_R_P_IS_NOT_PRIME); + OPENSSL_PUT_ERROR(BN, BN_R_P_IS_NOT_PRIME); goto end; } } while (r == 1 && ++i < 82); @@ -271,7 +271,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { * Even if p is not prime, we should have found some y * such that r == -1. */ - OPENSSL_PUT_ERROR(BN, BN_mod_sqrt, BN_R_TOO_MANY_ITERATIONS); + OPENSSL_PUT_ERROR(BN, BN_R_TOO_MANY_ITERATIONS); goto end; } @@ -286,7 +286,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { goto end; } if (BN_is_one(y)) { - OPENSSL_PUT_ERROR(BN, BN_mod_sqrt, BN_R_P_IS_NOT_PRIME); + OPENSSL_PUT_ERROR(BN, BN_R_P_IS_NOT_PRIME); goto end; } @@ -377,7 +377,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { while (!BN_is_one(t)) { i++; if (i == e) { - OPENSSL_PUT_ERROR(BN, BN_mod_sqrt, BN_R_NOT_A_SQUARE); + OPENSSL_PUT_ERROR(BN, BN_R_NOT_A_SQUARE); goto end; } if (!BN_mod_mul(t, t, t, p, ctx)) { @@ -413,7 +413,7 @@ vrfy: } if (!err && 0 != BN_cmp(x, A)) { - OPENSSL_PUT_ERROR(BN, BN_mod_sqrt, BN_R_NOT_A_SQUARE); + OPENSSL_PUT_ERROR(BN, BN_R_NOT_A_SQUARE); err = 1; } } @@ -434,7 +434,7 @@ int BN_sqrt(BIGNUM *out_sqrt, const BIGNUM *in, BN_CTX *ctx) { int ok = 0, last_delta_valid = 0; if (in->neg) { - OPENSSL_PUT_ERROR(BN, BN_sqrt, BN_R_NEGATIVE_NUMBER); + OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER); return 0; } if (BN_is_zero(in)) { @@ -452,7 +452,7 @@ int BN_sqrt(BIGNUM *out_sqrt, const BIGNUM *in, BN_CTX *ctx) { last_delta = BN_CTX_get(ctx); delta = BN_CTX_get(ctx); if (estimate == NULL || tmp == NULL || last_delta == NULL || delta == NULL) { - OPENSSL_PUT_ERROR(BN, BN_sqrt, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); goto err; } @@ -470,7 +470,7 @@ int BN_sqrt(BIGNUM *out_sqrt, const BIGNUM *in, BN_CTX *ctx) { !BN_sqr(tmp, estimate, ctx) || /* |delta| = |in| - |tmp| */ !BN_sub(delta, in, tmp)) { - OPENSSL_PUT_ERROR(BN, BN_sqrt, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(BN, ERR_R_BN_LIB); goto err; } @@ -490,15 +490,15 @@ int BN_sqrt(BIGNUM *out_sqrt, const BIGNUM *in, BN_CTX *ctx) { } if (BN_cmp(tmp, in) != 0) { - OPENSSL_PUT_ERROR(BN, BN_sqrt, BN_R_NOT_A_SQUARE); + OPENSSL_PUT_ERROR(BN, BN_R_NOT_A_SQUARE); goto err; } ok = 1; err: - if (ok && out_sqrt == in) { - BN_copy(out_sqrt, estimate); + if (ok && out_sqrt == in && !BN_copy(out_sqrt, estimate)) { + ok = 0; } BN_CTX_end(ctx); return ok; diff --git a/src/crypto/buf/CMakeLists.txt b/src/crypto/buf/CMakeLists.txt index 19edf7d..63f1025 100644 --- a/src/crypto/buf/CMakeLists.txt +++ b/src/crypto/buf/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( buf diff --git a/src/crypto/buf/buf.c b/src/crypto/buf/buf.c index 5769e77..13b5ceb 100644 --- a/src/crypto/buf/buf.c +++ b/src/crypto/buf/buf.c @@ -67,7 +67,7 @@ BUF_MEM *BUF_MEM_new(void) { ret = OPENSSL_malloc(sizeof(BUF_MEM)); if (ret == NULL) { - OPENSSL_PUT_ERROR(BUF, BUF_MEM_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BUF, ERR_R_MALLOC_FAILURE); return NULL; } @@ -105,14 +105,14 @@ static size_t buf_mem_grow(BUF_MEM *buf, size_t len, char clean) { n = len + 3; if (n < len) { /* overflow */ - OPENSSL_PUT_ERROR(BUF, buf_mem_grow, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BUF, ERR_R_MALLOC_FAILURE); return 0; } n = n / 3; alloc_size = n * 4; if (alloc_size / 4 != n) { /* overflow */ - OPENSSL_PUT_ERROR(BUF, buf_mem_grow, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BUF, ERR_R_MALLOC_FAILURE); return 0; } @@ -127,7 +127,7 @@ static size_t buf_mem_grow(BUF_MEM *buf, size_t len, char clean) { } if (new_buf == NULL) { - OPENSSL_PUT_ERROR(BUF, buf_mem_grow, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BUF, ERR_R_MALLOC_FAILURE); len = 0; } else { buf->data = new_buf; @@ -180,12 +180,12 @@ char *BUF_strndup(const char *buf, size_t size) { alloc_size = size + 1; if (alloc_size < size) { /* overflow */ - OPENSSL_PUT_ERROR(BUF, BUF_strndup, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BUF, ERR_R_MALLOC_FAILURE); return NULL; } ret = OPENSSL_malloc(alloc_size); if (ret == NULL) { - OPENSSL_PUT_ERROR(BUF, BUF_strndup, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BUF, ERR_R_MALLOC_FAILURE); return NULL; } @@ -226,7 +226,7 @@ void *BUF_memdup(const void *data, size_t dst_size) { ret = OPENSSL_malloc(dst_size); if (ret == NULL) { - OPENSSL_PUT_ERROR(BUF, BUF_memdup, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BUF, ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/src/crypto/bytestring/CMakeLists.txt b/src/crypto/bytestring/CMakeLists.txt index cbbacf2..3462aee 100644 --- a/src/crypto/bytestring/CMakeLists.txt +++ b/src/crypto/bytestring/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( bytestring diff --git a/src/crypto/bytestring/bytestring_test.cc b/src/crypto/bytestring/bytestring_test.cc index 66e9c1e..e987e1b 100644 --- a/src/crypto/bytestring/bytestring_test.cc +++ b/src/crypto/bytestring/bytestring_test.cc @@ -109,7 +109,7 @@ static bool TestGetASN1() { static const uint8_t kData2[] = {0x30, 3, 1, 2}; static const uint8_t kData3[] = {0x30, 0x80}; static const uint8_t kData4[] = {0x30, 0x81, 1, 1}; - static const uint8_t kData5[] = {0x30, 0x82, 0, 1, 1}; + static const uint8_t kData5[4 + 0x80] = {0x30, 0x82, 0, 0x80}; static const uint8_t kData6[] = {0xa1, 3, 0x4, 1, 1}; static const uint8_t kData7[] = {0xa1, 3, 0x4, 2, 1}; static const uint8_t kData8[] = {0xa1, 3, 0x2, 1, 1}; @@ -649,6 +649,14 @@ static bool TestASN1Uint64() { return true; } +static int TestZero() { + CBB cbb; + CBB_zero(&cbb); + // Calling |CBB_cleanup| on a zero-state |CBB| must not crash. + CBB_cleanup(&cbb); + return 1; +} + int main(void) { CRYPTO_library_init(); @@ -665,7 +673,8 @@ int main(void) { !TestCBBASN1() || !TestBerConvert() || !TestASN1Uint64() || - !TestGetOptionalASN1Bool()) { + !TestGetOptionalASN1Bool() || + !TestZero()) { return 1; } diff --git a/src/crypto/bytestring/cbb.c b/src/crypto/bytestring/cbb.c index f1e09a2..1da6a21 100644 --- a/src/crypto/bytestring/cbb.c +++ b/src/crypto/bytestring/cbb.c @@ -20,6 +20,10 @@ #include +void CBB_zero(CBB *cbb) { + memset(cbb, 0, sizeof(CBB)); +} + static int cbb_init(CBB *cbb, uint8_t *buf, size_t cap) { struct cbb_buffer_st *base; @@ -243,6 +247,11 @@ int CBB_flush(CBB *cbb) { return 1; } +size_t CBB_len(const CBB *cbb) { + assert(cbb->child == NULL); + + return cbb->base->len; +} static int cbb_add_length_prefixed(CBB *cbb, CBB *out_contents, size_t len_len) { diff --git a/src/crypto/bytestring/cbs.c b/src/crypto/bytestring/cbs.c index b8caedd..5e0c538 100644 --- a/src/crypto/bytestring/cbs.c +++ b/src/crypto/bytestring/cbs.c @@ -137,6 +137,15 @@ int CBS_get_bytes(CBS *cbs, CBS *out, size_t len) { return 1; } +int CBS_copy_bytes(CBS *cbs, uint8_t *out, size_t len) { + const uint8_t *v; + if (!cbs_get(cbs, &v, len)) { + return 0; + } + memcpy(out, v, len); + return 1; +} + static int cbs_get_length_prefixed(CBS *cbs, CBS *out, size_t len_len) { uint32_t len; if (!cbs_get_u(cbs, &len, len_len)) { @@ -320,14 +329,19 @@ int CBS_get_asn1_uint64(CBS *cbs, uint64_t *out) { } int CBS_get_optional_asn1(CBS *cbs, CBS *out, int *out_present, unsigned tag) { + int present = 0; + if (CBS_peek_asn1_tag(cbs, tag)) { if (!CBS_get_asn1(cbs, out, tag)) { return 0; } - *out_present = 1; - } else { - *out_present = 0; + present = 1; + } + + if (out_present != NULL) { + *out_present = present; } + return 1; } diff --git a/src/crypto/bytestring/internal.h b/src/crypto/bytestring/internal.h index 391ad19..b4ea7e5 100644 --- a/src/crypto/bytestring/internal.h +++ b/src/crypto/bytestring/internal.h @@ -38,14 +38,6 @@ extern "C" { * It returns one on success and zero otherwise. */ OPENSSL_EXPORT int CBS_asn1_ber_to_der(CBS *in, uint8_t **out, size_t *out_len); -/* CBS_get_any_ber_asn1_element acts the same as |CBS_get_any_asn1_element| but - * also allows indefinite-length elements to be returned. In that case, - * |*out_header_len| and |CBS_len(out)| will both be two as only the header is - * returned. */ -OPENSSL_EXPORT int CBS_get_any_ber_asn1_element(CBS *cbs, CBS *out, - unsigned *out_tag, - size_t *out_header_len); - #if defined(__cplusplus) } /* extern C */ diff --git a/src/crypto/chacha/CMakeLists.txt b/src/crypto/chacha/CMakeLists.txt index 6c3f87e..266e869 100644 --- a/src/crypto/chacha/CMakeLists.txt +++ b/src/crypto/chacha/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) if (${ARCH} STREQUAL "arm") set( diff --git a/src/crypto/chacha/chacha_vec_arm.S b/src/crypto/chacha/chacha_vec_arm.S index ddc374e..0f82627 100644 --- a/src/crypto/chacha/chacha_vec_arm.S +++ b/src/crypto/chacha/chacha_vec_arm.S @@ -23,6 +23,7 @@ # /opt/gcc-linaro-4.9-2014.11-x86_64_arm-linux-gnueabihf/bin/arm-linux-gnueabihf-gcc -O3 -mcpu=cortex-a8 -mfpu=neon -fpic -DASM_GEN -I ../../include -S chacha_vec.c -o - #if !defined(OPENSSL_NO_ASM) +#if defined(__arm__) || defined(__aarch64__) .syntax unified .cpu cortex-a8 @@ -1423,4 +1424,5 @@ CRYPTO_chacha_20_neon: .ident "GCC: (Linaro GCC 2014.11) 4.9.3 20141031 (prerelease)" .section .note.GNU-stack,"",%progbits +#endif /* __arm__ || __aarch64__ */ #endif /* !OPENSSL_NO_ASM */ diff --git a/src/crypto/chacha/chacha_vec_arm_generate.go b/src/crypto/chacha/chacha_vec_arm_generate.go index d681e8a..6d167b9 100644 --- a/src/crypto/chacha/chacha_vec_arm_generate.go +++ b/src/crypto/chacha/chacha_vec_arm_generate.go @@ -52,7 +52,8 @@ func main() { output.WriteString(compiler) output.WriteString(" ") output.WriteString(strings.Join(args, " ")) - output.WriteString("\n\n#if !defined(OPENSSL_NO_ASM)\n\n") + output.WriteString("\n\n#if !defined(OPENSSL_NO_ASM)\n") + output.WriteString("#if defined(__arm__) || defined(__aarch64__)\n\n") cmd := exec.Command(compiler, args...) cmd.Stderr = os.Stderr @@ -144,5 +145,6 @@ const attr28Block = ` ` const trailer = ` +#endif /* __arm__ || __aarch64__ */ #endif /* !OPENSSL_NO_ASM */ ` diff --git a/src/crypto/cipher/CMakeLists.txt b/src/crypto/cipher/CMakeLists.txt index 2775698..6b4c729 100644 --- a/src/crypto/cipher/CMakeLists.txt +++ b/src/crypto/cipher/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( cipher diff --git a/src/crypto/cipher/aead.c b/src/crypto/cipher/aead.c index 20d699d..7e747f8 100644 --- a/src/crypto/cipher/aead.c +++ b/src/crypto/cipher/aead.c @@ -30,11 +30,15 @@ size_t EVP_AEAD_max_overhead(const EVP_AEAD *aead) { return aead->overhead; } size_t EVP_AEAD_max_tag_len(const EVP_AEAD *aead) { return aead->max_tag_len; } +void EVP_AEAD_CTX_zero(EVP_AEAD_CTX *ctx) { + memset(ctx, 0, sizeof(EVP_AEAD_CTX)); +} + int EVP_AEAD_CTX_init(EVP_AEAD_CTX *ctx, const EVP_AEAD *aead, const uint8_t *key, size_t key_len, size_t tag_len, ENGINE *impl) { if (!aead->init) { - OPENSSL_PUT_ERROR(CIPHER, EVP_AEAD_CTX_init, CIPHER_R_NO_DIRECTION_SET); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_NO_DIRECTION_SET); ctx->aead = NULL; return 0; } @@ -47,8 +51,7 @@ int EVP_AEAD_CTX_init_with_direction(EVP_AEAD_CTX *ctx, const EVP_AEAD *aead, size_t tag_len, enum evp_aead_direction_t dir) { if (key_len != aead->key_len) { - OPENSSL_PUT_ERROR(CIPHER, EVP_AEAD_CTX_init_with_direction, - CIPHER_R_UNSUPPORTED_KEY_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_KEY_SIZE); ctx->aead = NULL; return 0; } @@ -101,12 +104,12 @@ int EVP_AEAD_CTX_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, size_t *out_len, size_t possible_out_len = in_len + ctx->aead->overhead; if (possible_out_len < in_len /* overflow */) { - OPENSSL_PUT_ERROR(CIPHER, EVP_AEAD_CTX_seal, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); goto error; } if (!check_alias(in, in_len, out)) { - OPENSSL_PUT_ERROR(CIPHER, EVP_AEAD_CTX_seal, CIPHER_R_OUTPUT_ALIASES_INPUT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_OUTPUT_ALIASES_INPUT); goto error; } @@ -128,7 +131,7 @@ int EVP_AEAD_CTX_open(const EVP_AEAD_CTX *ctx, uint8_t *out, size_t *out_len, size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *ad, size_t ad_len) { if (!check_alias(in, in_len, out)) { - OPENSSL_PUT_ERROR(CIPHER, EVP_AEAD_CTX_open, CIPHER_R_OUTPUT_ALIASES_INPUT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_OUTPUT_ALIASES_INPUT); goto error; } diff --git a/src/crypto/cipher/aead_test.cc b/src/crypto/cipher/aead_test.cc index e4b75d6..baaee9e 100644 --- a/src/crypto/cipher/aead_test.cc +++ b/src/crypto/cipher/aead_test.cc @@ -22,6 +22,7 @@ #include #include "../test/file_test.h" +#include "../test/scoped_types.h" #include "../test/stl_compat.h" @@ -35,18 +36,6 @@ // CT: 5294265a60 // TAG: 1d45758621762e061368e68868e2f929 -// EVP_AEAD_CTX lacks a zero state, so it doesn't fit easily into -// ScopedOpenSSLContext. -class EVP_AEAD_CTXScoper { - public: - EVP_AEAD_CTXScoper(EVP_AEAD_CTX *ctx) : ctx_(ctx) {} - ~EVP_AEAD_CTXScoper() { - EVP_AEAD_CTX_cleanup(ctx_); - } - private: - EVP_AEAD_CTX *ctx_; -}; - static bool TestAEAD(FileTest *t, void *arg) { const EVP_AEAD *aead = reinterpret_cast(arg); @@ -60,20 +49,19 @@ static bool TestAEAD(FileTest *t, void *arg) { return false; } - EVP_AEAD_CTX ctx; - if (!EVP_AEAD_CTX_init_with_direction(&ctx, aead, bssl::vector_data(&key), - key.size(), tag.size(), - evp_aead_seal)) { + ScopedEVP_AEAD_CTX ctx; + if (!EVP_AEAD_CTX_init_with_direction(ctx.get(), aead, + bssl::vector_data(&key), key.size(), + tag.size(), evp_aead_seal)) { t->PrintLine("Failed to init AEAD."); return false; } - EVP_AEAD_CTXScoper cleanup(&ctx); std::vector out(in.size() + EVP_AEAD_max_overhead(aead)); if (!t->HasAttribute("NO_SEAL")) { size_t out_len; - if (!EVP_AEAD_CTX_seal(&ctx, bssl::vector_data(&out), &out_len, out.size(), - bssl::vector_data(&nonce), nonce.size(), + if (!EVP_AEAD_CTX_seal(ctx.get(), bssl::vector_data(&out), &out_len, + out.size(), bssl::vector_data(&nonce), nonce.size(), bssl::vector_data(&in), in.size(), bssl::vector_data(&ad), ad.size())) { t->PrintLine("Failed to run AEAD."); @@ -101,17 +89,17 @@ static bool TestAEAD(FileTest *t, void *arg) { // The "stateful" AEADs for implementing pre-AEAD cipher suites need to be // reset after each operation. - EVP_AEAD_CTX_cleanup(&ctx); - if (!EVP_AEAD_CTX_init_with_direction(&ctx, aead, bssl::vector_data(&key), - key.size(), tag.size(), - evp_aead_open)) { + ctx.Reset(); + if (!EVP_AEAD_CTX_init_with_direction(ctx.get(), aead, + bssl::vector_data(&key), key.size(), + tag.size(), evp_aead_open)) { t->PrintLine("Failed to init AEAD."); return false; } std::vector out2(out.size()); size_t out2_len; - int ret = EVP_AEAD_CTX_open(&ctx, + int ret = EVP_AEAD_CTX_open(ctx.get(), bssl::vector_data(&out2), &out2_len, out2.size(), bssl::vector_data(&nonce), nonce.size(), bssl::vector_data(&out), out.size(), @@ -137,10 +125,10 @@ static bool TestAEAD(FileTest *t, void *arg) { // The "stateful" AEADs for implementing pre-AEAD cipher suites need to be // reset after each operation. - EVP_AEAD_CTX_cleanup(&ctx); - if (!EVP_AEAD_CTX_init_with_direction(&ctx, aead, bssl::vector_data(&key), - key.size(), tag.size(), - evp_aead_open)) { + ctx.Reset(); + if (!EVP_AEAD_CTX_init_with_direction(ctx.get(), aead, + bssl::vector_data(&key), key.size(), + tag.size(), evp_aead_open)) { t->PrintLine("Failed to init AEAD."); return false; } @@ -148,8 +136,8 @@ static bool TestAEAD(FileTest *t, void *arg) { // Garbage at the end isn't ignored. out.push_back(0); out2.resize(out.size()); - if (EVP_AEAD_CTX_open(&ctx, bssl::vector_data(&out2), &out2_len, out2.size(), - bssl::vector_data(&nonce), nonce.size(), + if (EVP_AEAD_CTX_open(ctx.get(), bssl::vector_data(&out2), &out2_len, + out2.size(), bssl::vector_data(&nonce), nonce.size(), bssl::vector_data(&out), out.size(), bssl::vector_data(&ad), ad.size())) { t->PrintLine("Decrypted bad data with trailing garbage."); @@ -159,10 +147,10 @@ static bool TestAEAD(FileTest *t, void *arg) { // The "stateful" AEADs for implementing pre-AEAD cipher suites need to be // reset after each operation. - EVP_AEAD_CTX_cleanup(&ctx); - if (!EVP_AEAD_CTX_init_with_direction(&ctx, aead, bssl::vector_data(&key), - key.size(), tag.size(), - evp_aead_open)) { + ctx.Reset(); + if (!EVP_AEAD_CTX_init_with_direction(ctx.get(), aead, + bssl::vector_data(&key), key.size(), + tag.size(), evp_aead_open)) { t->PrintLine("Failed to init AEAD."); return false; } @@ -171,8 +159,8 @@ static bool TestAEAD(FileTest *t, void *arg) { out[0] ^= 0x80; out.resize(out.size() - 1); out2.resize(out.size()); - if (EVP_AEAD_CTX_open(&ctx, bssl::vector_data(&out2), &out2_len, out2.size(), - bssl::vector_data(&nonce), nonce.size(), + if (EVP_AEAD_CTX_open(ctx.get(), bssl::vector_data(&out2), &out2_len, + out2.size(), bssl::vector_data(&nonce), nonce.size(), bssl::vector_data(&out), out.size(), bssl::vector_data(&ad), ad.size())) { t->PrintLine("Decrypted bad data with corrupted byte."); @@ -200,6 +188,7 @@ static int TestCleanupAfterInitFailure(const EVP_AEAD *aead) { fprintf(stderr, "A silly tag length didn't trigger an error!\n"); return 0; } + ERR_clear_error(); /* Running a second, failed _init should not cause a memory leak. */ if (EVP_AEAD_CTX_init(&ctx, aead, key, key_len, @@ -208,6 +197,7 @@ static int TestCleanupAfterInitFailure(const EVP_AEAD *aead) { fprintf(stderr, "A silly tag length didn't trigger an error!\n"); return 0; } + ERR_clear_error(); /* Calling _cleanup on an |EVP_AEAD_CTX| after a failed _init should be a * no-op. */ diff --git a/src/crypto/cipher/cipher.c b/src/crypto/cipher/cipher.c index 400c3f5..4401867 100644 --- a/src/crypto/cipher/cipher.c +++ b/src/crypto/cipher/cipher.c @@ -68,12 +68,18 @@ const EVP_CIPHER *EVP_get_cipherbynid(int nid) { switch (nid) { + case NID_rc2_cbc: + return EVP_rc2_cbc(); + case NID_rc2_40_cbc: + return EVP_rc2_40_cbc(); case NID_des_ede3_cbc: return EVP_des_ede3_cbc(); case NID_des_ede_cbc: return EVP_des_cbc(); case NID_aes_128_cbc: return EVP_aes_128_cbc(); + case NID_aes_192_cbc: + return EVP_aes_192_cbc(); case NID_aes_256_cbc: return EVP_aes_256_cbc(); default: @@ -115,7 +121,7 @@ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) { int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) { if (in == NULL || in->cipher == NULL) { - OPENSSL_PUT_ERROR(CIPHER, EVP_CIPHER_CTX_copy, CIPHER_R_INPUT_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INPUT_NOT_INITIALIZED); return 0; } @@ -125,7 +131,7 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) { if (in->cipher_data && in->cipher->ctx_size) { out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size); if (!out->cipher_data) { - OPENSSL_PUT_ERROR(CIPHER, EVP_CIPHER_CTX_copy, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE); return 0; } memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size); @@ -165,7 +171,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ctx->cipher_data = OPENSSL_malloc(ctx->cipher->ctx_size); if (!ctx->cipher_data) { ctx->cipher = NULL; - OPENSSL_PUT_ERROR(CIPHER, EVP_CipherInit_ex, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE); return 0; } } else { @@ -178,12 +184,12 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) { ctx->cipher = NULL; - OPENSSL_PUT_ERROR(CIPHER, EVP_CipherInit_ex, CIPHER_R_INITIALIZATION_ERROR); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INITIALIZATION_ERROR); return 0; } } } else if (!ctx->cipher) { - OPENSSL_PUT_ERROR(CIPHER, EVP_CipherInit_ex, CIPHER_R_NO_CIPHER_SET); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_NO_CIPHER_SET); return 0; } @@ -338,8 +344,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, uint8_t *out, int *out_len) { bl = ctx->buf_len; if (ctx->flags & EVP_CIPH_NO_PADDING) { if (bl) { - OPENSSL_PUT_ERROR(CIPHER, EVP_EncryptFinal_ex, - CIPHER_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); return 0; } *out_len = 0; @@ -434,8 +439,7 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *out_len) { b = ctx->cipher->block_size; if (ctx->flags & EVP_CIPH_NO_PADDING) { if (ctx->buf_len) { - OPENSSL_PUT_ERROR(CIPHER, EVP_DecryptFinal_ex, - CIPHER_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); return 0; } *out_len = 0; @@ -444,8 +448,7 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *out_len) { if (b > 1) { if (ctx->buf_len || !ctx->final_used) { - OPENSSL_PUT_ERROR(CIPHER, EVP_DecryptFinal_ex, - CIPHER_R_WRONG_FINAL_BLOCK_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_WRONG_FINAL_BLOCK_LENGTH); return 0; } assert(b <= sizeof(ctx->final)); @@ -454,13 +457,13 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *out_len) { * Otherwise it provides a padding oracle. */ n = ctx->final[b - 1]; if (n == 0 || n > (int)b) { - OPENSSL_PUT_ERROR(CIPHER, EVP_DecryptFinal_ex, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } for (i = 0; i < n; i++) { if (ctx->final[--b] != n) { - OPENSSL_PUT_ERROR(CIPHER, EVP_DecryptFinal_ex, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } } @@ -538,19 +541,18 @@ uint32_t EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx) { int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int command, int arg, void *ptr) { int ret; if (!ctx->cipher) { - OPENSSL_PUT_ERROR(CIPHER, EVP_CIPHER_CTX_ctrl, CIPHER_R_NO_CIPHER_SET); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_NO_CIPHER_SET); return 0; } if (!ctx->cipher->ctrl) { - OPENSSL_PUT_ERROR(CIPHER, EVP_CIPHER_CTX_ctrl, CIPHER_R_CTRL_NOT_IMPLEMENTED); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_CTRL_NOT_IMPLEMENTED); return 0; } ret = ctx->cipher->ctrl(ctx, command, arg, ptr); if (ret == -1) { - OPENSSL_PUT_ERROR(CIPHER, EVP_CIPHER_CTX_ctrl, - CIPHER_R_CTRL_OPERATION_NOT_IMPLEMENTED); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_CTRL_OPERATION_NOT_IMPLEMENTED); return 0; } @@ -572,8 +574,7 @@ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, unsigned key_len) { } if (key_len == 0 || !(c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH)) { - OPENSSL_PUT_ERROR(CIPHER, EVP_CIPHER_CTX_set_key_length, - CIPHER_R_INVALID_KEY_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_KEY_LENGTH); return 0; } @@ -630,7 +631,7 @@ const EVP_CIPHER *EVP_get_cipherbyname(const char *name) { return EVP_rc4(); } else if (OPENSSL_strcasecmp(name, "des-cbc") == 0) { return EVP_des_cbc(); - } else if (OPENSSL_strcasecmp(name, "3des-cbc") == 0 || + } else if (OPENSSL_strcasecmp(name, "des-ede3-cbc") == 0 || OPENSSL_strcasecmp(name, "3des") == 0) { return EVP_des_ede3_cbc(); } else if (OPENSSL_strcasecmp(name, "aes-128-cbc") == 0) { diff --git a/src/crypto/cipher/cipher_test.cc b/src/crypto/cipher/cipher_test.cc index 97a84e0..5f04178 100644 --- a/src/crypto/cipher/cipher_test.cc +++ b/src/crypto/cipher/cipher_test.cc @@ -69,6 +69,12 @@ static const EVP_CIPHER *GetCipher(const std::string &name) { if (name == "DES-CBC") { return EVP_des_cbc(); + } else if (name == "DES-ECB") { + return EVP_des_ecb(); + } else if (name == "DES-EDE") { + return EVP_des_ede(); + } else if (name == "DES-EDE-CBC") { + return EVP_des_ede_cbc(); } else if (name == "DES-EDE3-CBC") { return EVP_des_ede3_cbc(); } else if (name == "RC4") { @@ -104,6 +110,7 @@ static const EVP_CIPHER *GetCipher(const std::string &name) { static bool TestOperation(FileTest *t, const EVP_CIPHER *cipher, bool encrypt, + bool streaming, const std::vector &key, const std::vector &iv, const std::vector &plaintext, @@ -160,11 +167,29 @@ static bool TestOperation(FileTest *t, (!aad.empty() && !EVP_CipherUpdate(ctx.get(), nullptr, &unused, bssl::vector_data(&aad), aad.size())) || - !EVP_CIPHER_CTX_set_padding(ctx.get(), 0) || - (!in->empty() && - !EVP_CipherUpdate(ctx.get(), bssl::vector_data(&result), &result_len1, - bssl::vector_data(in), in->size())) || - !EVP_CipherFinal_ex(ctx.get(), bssl::vector_data(&result) + result_len1, + !EVP_CIPHER_CTX_set_padding(ctx.get(), 0)) { + t->PrintLine("Operation failed."); + return false; + } + if (streaming) { + for (size_t i = 0; i < in->size(); i++) { + uint8_t c = (*in)[i]; + int len; + if (!EVP_CipherUpdate(ctx.get(), bssl::vector_data(&result) + result_len1, + &len, &c, 1)) { + t->PrintLine("Operation failed."); + return false; + } + result_len1 += len; + } + } else if (!in->empty() && + !EVP_CipherUpdate(ctx.get(), bssl::vector_data(&result), + &result_len1, bssl::vector_data(in), + in->size())) { + t->PrintLine("Operation failed."); + return false; + } + if (!EVP_CipherFinal_ex(ctx.get(), bssl::vector_data(&result) + result_len1, &result_len2)) { t->PrintLine("Operation failed."); return false; @@ -236,15 +261,21 @@ static bool TestCipher(FileTest *t, void *arg) { } // By default, both directions are run, unless overridden by the operation. - if (operation != kDecrypt && - !TestOperation(t, cipher, true /* encrypt */, key, iv, plaintext, - ciphertext, aad, tag)) { - return false; + if (operation != kDecrypt) { + if (!TestOperation(t, cipher, true /* encrypt */, false /* single-shot */, + key, iv, plaintext, ciphertext, aad, tag) || + !TestOperation(t, cipher, true /* encrypt */, true /* streaming */, key, + iv, plaintext, ciphertext, aad, tag)) { + return false; + } } - if (operation != kEncrypt && - !TestOperation(t, cipher, false /* decrypt */, key, iv, plaintext, - ciphertext, aad, tag)) { - return false; + if (operation != kEncrypt) { + if (!TestOperation(t, cipher, false /* decrypt */, false /* single-shot */, + key, iv, plaintext, ciphertext, aad, tag) || + !TestOperation(t, cipher, false /* decrypt */, true /* streaming */, + key, iv, plaintext, ciphertext, aad, tag)) { + return false; + } } return true; diff --git a/src/crypto/cipher/e_aes.c b/src/crypto/cipher/e_aes.c index 41d0aec..e8905f6 100644 --- a/src/crypto/cipher/e_aes.c +++ b/src/crypto/cipher/e_aes.c @@ -64,7 +64,7 @@ #include "../modes/internal.h" #if defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64) -#include "../arm_arch.h" +#include #endif @@ -98,8 +98,6 @@ typedef struct { #if !defined(OPENSSL_NO_ASM) && \ (defined(OPENSSL_X86_64) || defined(OPENSSL_X86)) #define VPAES -extern unsigned int OPENSSL_ia32cap_P[]; - static char vpaes_capable(void) { return (OPENSSL_ia32cap_P[1] & (1 << (41 - 32))) != 0; } @@ -113,7 +111,6 @@ static char bsaes_capable(void) { #elif !defined(OPENSSL_NO_ASM) && \ (defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64)) -#include "../arm_arch.h" #if defined(OPENSSL_ARM) && __ARM_MAX_ARCH__ >= 7 #define BSAES @@ -338,7 +335,7 @@ static int aes_init_key(EVP_CIPHER_CTX *ctx, const uint8_t *key, } if (ret < 0) { - OPENSSL_PUT_ERROR(CIPHER, aes_init_key, CIPHER_R_AES_KEY_SETUP_FAILED); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_AES_KEY_SETUP_FAILED); return 0; } @@ -711,7 +708,7 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, const uint8_t *in, } else { if (!ctx->encrypt) { if (gctx->taglen < 0 || - !CRYPTO_gcm128_finish(&gctx->gcm, ctx->buf, gctx->taglen) != 0) { + !CRYPTO_gcm128_finish(&gctx->gcm, ctx->buf, gctx->taglen)) { return -1; } gctx->iv_set = 0; @@ -853,7 +850,7 @@ static int aesni_init_key(EVP_CIPHER_CTX *ctx, const uint8_t *key, } if (ret < 0) { - OPENSSL_PUT_ERROR(CIPHER, aesni_init_key, CIPHER_R_AES_KEY_SETUP_FAILED); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_AES_KEY_SETUP_FAILED); return 0; } @@ -1066,7 +1063,7 @@ static int aead_aes_gcm_init(EVP_AEAD_CTX *ctx, const uint8_t *key, const size_t key_bits = key_len * 8; if (key_bits != 128 && key_bits != 256) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_init, CIPHER_R_BAD_KEY_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH); return 0; /* EVP_AEAD_CTX_init should catch this. */ } @@ -1075,7 +1072,7 @@ static int aead_aes_gcm_init(EVP_AEAD_CTX *ctx, const uint8_t *key, } if (tag_len > EVP_AEAD_AES_GCM_TAG_LEN) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_init, CIPHER_R_TAG_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TAG_TOO_LARGE); return 0; } @@ -1108,12 +1105,12 @@ static int aead_aes_gcm_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, GCM128_CONTEXT gcm; if (in_len + gcm_ctx->tag_len < in_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_seal, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } if (max_out_len < in_len + gcm_ctx->tag_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_seal, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } @@ -1152,14 +1149,14 @@ static int aead_aes_gcm_open(const EVP_AEAD_CTX *ctx, uint8_t *out, GCM128_CONTEXT gcm; if (in_len < gcm_ctx->tag_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } plaintext_len = in_len - gcm_ctx->tag_len; if (max_out_len < plaintext_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_open, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } @@ -1185,7 +1182,7 @@ static int aead_aes_gcm_open(const EVP_AEAD_CTX *ctx, uint8_t *out, CRYPTO_gcm128_tag(&gcm, tag, gcm_ctx->tag_len); if (CRYPTO_memcmp(tag, in + plaintext_len, gcm_ctx->tag_len) != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } @@ -1239,7 +1236,7 @@ static int aead_aes_key_wrap_init(EVP_AEAD_CTX *ctx, const uint8_t *key, const size_t key_bits = key_len * 8; if (key_bits != 128 && key_bits != 256) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_init, CIPHER_R_BAD_KEY_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH); return 0; /* EVP_AEAD_CTX_init should catch this. */ } @@ -1248,14 +1245,13 @@ static int aead_aes_key_wrap_init(EVP_AEAD_CTX *ctx, const uint8_t *key, } if (tag_len != 8) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_init, - CIPHER_R_UNSUPPORTED_TAG_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_TAG_SIZE); return 0; } kw_ctx = OPENSSL_malloc(sizeof(struct aead_aes_key_wrap_ctx)); if (kw_ctx == NULL) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_init, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE); return 0; } @@ -1293,8 +1289,7 @@ static int aead_aes_key_wrap_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, uint8_t A[AES_BLOCK_SIZE]; if (ad_len != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, - CIPHER_R_UNSUPPORTED_AD_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_AD_SIZE); return 0; } @@ -1304,14 +1299,12 @@ static int aead_aes_key_wrap_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, } if (nonce_len != 8) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, - CIPHER_R_UNSUPPORTED_NONCE_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE); return 0; } if (in_len % 8 != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, - CIPHER_R_UNSUPPORTED_INPUT_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_INPUT_SIZE); return 0; } @@ -1320,32 +1313,29 @@ static int aead_aes_key_wrap_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, * conservatively cap it to 2^32-16 to stop 32-bit platforms complaining that * a comparison is always true. */ if (in_len > 0xfffffff0) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } n = in_len / 8; if (n < 2) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, - CIPHER_R_UNSUPPORTED_INPUT_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_INPUT_SIZE); return 0; } if (in_len + 8 < in_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } if (max_out_len < in_len + 8) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, - CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (AES_set_encrypt_key(kw_ctx->key, kw_ctx->key_bits, &ks.ks) < 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, - CIPHER_R_AES_KEY_SETUP_FAILED); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_AES_KEY_SETUP_FAILED); return 0; } @@ -1388,8 +1378,7 @@ static int aead_aes_key_wrap_open(const EVP_AEAD_CTX *ctx, uint8_t *out, uint8_t A[AES_BLOCK_SIZE]; if (ad_len != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, - CIPHER_R_UNSUPPORTED_AD_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_AD_SIZE); return 0; } @@ -1399,14 +1388,12 @@ static int aead_aes_key_wrap_open(const EVP_AEAD_CTX *ctx, uint8_t *out, } if (nonce_len != 8) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, - CIPHER_R_UNSUPPORTED_NONCE_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE); return 0; } if (in_len % 8 != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, - CIPHER_R_UNSUPPORTED_INPUT_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_INPUT_SIZE); return 0; } @@ -1415,26 +1402,24 @@ static int aead_aes_key_wrap_open(const EVP_AEAD_CTX *ctx, uint8_t *out, * conservatively cap it to 2^32-8 to stop 32-bit platforms complaining that * a comparison is always true. */ if (in_len > 0xfffffff8) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } if (in_len < 24) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } n = (in_len / 8) - 1; if (max_out_len < in_len - 8) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, - CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (AES_set_decrypt_key(kw_ctx->key, kw_ctx->key_bits, &ks.ks) < 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, - CIPHER_R_AES_KEY_SETUP_FAILED); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_AES_KEY_SETUP_FAILED); return 0; } @@ -1457,7 +1442,7 @@ static int aead_aes_key_wrap_open(const EVP_AEAD_CTX *ctx, uint8_t *out, } if (CRYPTO_memcmp(A, nonce, 8) != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } @@ -1541,15 +1526,13 @@ static int aead_aes_ctr_hmac_sha256_init(EVP_AEAD_CTX *ctx, const uint8_t *key, static const size_t hmac_key_len = 32; if (key_len < hmac_key_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_init, - CIPHER_R_BAD_KEY_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH); return 0; /* EVP_AEAD_CTX_init should catch this. */ } const size_t aes_key_len = key_len - hmac_key_len; if (aes_key_len != 16 && aes_key_len != 32) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_init, - CIPHER_R_BAD_KEY_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH); return 0; /* EVP_AEAD_CTX_init should catch this. */ } @@ -1558,15 +1541,13 @@ static int aead_aes_ctr_hmac_sha256_init(EVP_AEAD_CTX *ctx, const uint8_t *key, } if (tag_len > EVP_AEAD_AES_CTR_HMAC_SHA256_TAG_LEN) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_init, - CIPHER_R_TAG_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TAG_TOO_LARGE); return 0; } aes_ctx = OPENSSL_malloc(sizeof(struct aead_aes_ctr_hmac_sha256_ctx)); if (aes_ctx == NULL) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_init, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE); return 0; } @@ -1666,20 +1647,17 @@ static int aead_aes_ctr_hmac_sha256_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, if (in_len + aes_ctx->tag_len < in_len || /* This input is so large it would overflow the 32-bit block counter. */ in_len_64 >= (OPENSSL_U64(1) << 32) * AES_BLOCK_SIZE) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_seal, - CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } if (max_out_len < in_len + aes_ctx->tag_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_seal, - CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (nonce_len != EVP_AEAD_AES_CTR_HMAC_SHA256_NONCE_LEN) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_seal, - CIPHER_R_UNSUPPORTED_NONCE_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE); return 0; } @@ -1703,22 +1681,19 @@ static int aead_aes_ctr_hmac_sha256_open(const EVP_AEAD_CTX *ctx, uint8_t *out, size_t plaintext_len; if (in_len < aes_ctx->tag_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_open, - CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } plaintext_len = in_len - aes_ctx->tag_len; if (max_out_len < plaintext_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_open, - CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (nonce_len != EVP_AEAD_AES_CTR_HMAC_SHA256_NONCE_LEN) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_open, - CIPHER_R_UNSUPPORTED_NONCE_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE); return 0; } @@ -1727,8 +1702,7 @@ static int aead_aes_ctr_hmac_sha256_open(const EVP_AEAD_CTX *ctx, uint8_t *out, &aes_ctx->outer_init_state, ad, ad_len, nonce, in, plaintext_len); if (CRYPTO_memcmp(hmac_result, in + plaintext_len, aes_ctx->tag_len) != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_open, - CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } diff --git a/src/crypto/cipher/e_chacha20poly1305.c b/src/crypto/cipher/e_chacha20poly1305.c index ebf0088..9dda1b0 100644 --- a/src/crypto/cipher/e_chacha20poly1305.c +++ b/src/crypto/cipher/e_chacha20poly1305.c @@ -42,7 +42,7 @@ static int aead_chacha20_poly1305_init(EVP_AEAD_CTX *ctx, const uint8_t *key, } if (tag_len > POLY1305_TAG_LEN) { - OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_init, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } @@ -107,23 +107,22 @@ static int aead_chacha20_poly1305_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, * Casting to uint64_t inside the conditional is not sufficient to stop * the warning. */ if (in_len_64 >= (1ull << 32) * 64 - 64) { - OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_seal, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } if (in_len + c20_ctx->tag_len < in_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_seal, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } if (max_out_len < in_len + c20_ctx->tag_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_seal, - CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (nonce_len != CHACHA20_NONCE_LEN) { - OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_seal, CIPHER_R_IV_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_IV_TOO_LARGE); return 0; } @@ -156,7 +155,7 @@ static int aead_chacha20_poly1305_open(const EVP_AEAD_CTX *ctx, uint8_t *out, const uint64_t in_len_64 = in_len; if (in_len < c20_ctx->tag_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } @@ -168,20 +167,19 @@ static int aead_chacha20_poly1305_open(const EVP_AEAD_CTX *ctx, uint8_t *out, * Casting to uint64_t inside the conditional is not sufficient to stop * the warning. */ if (in_len_64 >= (1ull << 32) * 64 - 64) { - OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_open, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } if (nonce_len != CHACHA20_NONCE_LEN) { - OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_open, CIPHER_R_IV_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_IV_TOO_LARGE); return 0; } plaintext_len = in_len - c20_ctx->tag_len; if (max_out_len < plaintext_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_open, - CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } @@ -195,7 +193,7 @@ static int aead_chacha20_poly1305_open(const EVP_AEAD_CTX *ctx, uint8_t *out, CRYPTO_poly1305_finish(&poly1305, mac); if (CRYPTO_memcmp(mac, in + plaintext_len, c20_ctx->tag_len) != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } diff --git a/src/crypto/cipher/e_des.c b/src/crypto/cipher/e_des.c index 74e1fce..b1d312c 100644 --- a/src/crypto/cipher/e_des.c +++ b/src/crypto/cipher/e_des.c @@ -96,6 +96,31 @@ static const EVP_CIPHER des_cbc = { const EVP_CIPHER *EVP_des_cbc(void) { return &des_cbc; } +static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, const uint8_t *in, + size_t in_len) { + if (in_len < ctx->cipher->block_size) { + return 1; + } + in_len -= ctx->cipher->block_size; + + EVP_DES_KEY *dat = (EVP_DES_KEY *) ctx->cipher_data; + size_t i; + for (i = 0; i <= in_len; i += ctx->cipher->block_size) { + DES_ecb_encrypt((DES_cblock *) (in + i), (DES_cblock *) (out + i), + &dat->ks.ks, ctx->encrypt); + } + return 1; +} + +static const EVP_CIPHER des_ecb = { + NID_des_ecb, 8 /* block_size */, 8 /* key_size */, + 0 /* iv_len */, sizeof(EVP_DES_KEY), EVP_CIPH_ECB_MODE, + NULL /* app_data */, des_init_key, des_ecb_cipher, + NULL /* cleanup */, NULL /* ctrl */, }; + +const EVP_CIPHER *EVP_des_ecb(void) { return &des_ecb; } + + typedef struct { union { double align; @@ -126,10 +151,57 @@ static int des_ede3_cbc_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, return 1; } -static const EVP_CIPHER des3_cbc = { - NID_des_cbc, 8 /* block_size */, 24 /* key_size */, +static const EVP_CIPHER des_ede3_cbc = { + NID_des_ede3_cbc, 8 /* block_size */, 24 /* key_size */, 8 /* iv_len */, sizeof(DES_EDE_KEY), EVP_CIPH_CBC_MODE, NULL /* app_data */, des_ede3_init_key, des_ede3_cbc_cipher, NULL /* cleanup */, NULL /* ctrl */, }; -const EVP_CIPHER *EVP_des_ede3_cbc(void) { return &des3_cbc; } +const EVP_CIPHER *EVP_des_ede3_cbc(void) { return &des_ede3_cbc; } + + +static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const uint8_t *key, + const uint8_t *iv, int enc) { + DES_cblock *deskey = (DES_cblock *) key; + DES_EDE_KEY *dat = (DES_EDE_KEY *) ctx->cipher_data; + + DES_set_key(&deskey[0], &dat->ks.ks[0]); + DES_set_key(&deskey[1], &dat->ks.ks[1]); + DES_set_key(&deskey[0], &dat->ks.ks[2]); + + return 1; +} + +static const EVP_CIPHER des_ede_cbc = { + NID_des_ede_cbc, 8 /* block_size */, 16 /* key_size */, + 8 /* iv_len */, sizeof(DES_EDE_KEY), EVP_CIPH_CBC_MODE, + NULL /* app_data */, des_ede_init_key , des_ede3_cbc_cipher, + NULL /* cleanup */, NULL /* ctrl */, }; + +const EVP_CIPHER *EVP_des_ede_cbc(void) { return &des_ede_cbc; } + + +static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, + const uint8_t *in, size_t in_len) { + if (in_len < ctx->cipher->block_size) { + return 1; + } + in_len -= ctx->cipher->block_size; + + DES_EDE_KEY *dat = (DES_EDE_KEY *) ctx->cipher_data; + size_t i; + for (i = 0; i <= in_len; i += ctx->cipher->block_size) { + DES_ecb3_encrypt((DES_cblock *) (in + i), (DES_cblock *) (out + i), + &dat->ks.ks[0], &dat->ks.ks[1], &dat->ks.ks[2], + ctx->encrypt); + } + return 1; +} + +static const EVP_CIPHER des_ede_ecb = { + NID_des_ede_cbc, 8 /* block_size */, 16 /* key_size */, + 0 /* iv_len */, sizeof(DES_EDE_KEY), EVP_CIPH_ECB_MODE, + NULL /* app_data */, des_ede_init_key , des_ede_ecb_cipher, + NULL /* cleanup */, NULL /* ctrl */, }; + +const EVP_CIPHER *EVP_des_ede(void) { return &des_ede_ecb; } diff --git a/src/crypto/cipher/e_rc2.c b/src/crypto/cipher/e_rc2.c index c90ab93..8ca7bba 100644 --- a/src/crypto/cipher/e_rc2.c +++ b/src/crypto/cipher/e_rc2.c @@ -395,13 +395,18 @@ static int rc2_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) { case EVP_CTRL_INIT: key->key_bits = EVP_CIPHER_CTX_key_length(ctx) * 8; return 1; + case EVP_CTRL_SET_RC2_KEY_BITS: + /* Should be overridden by later call to |EVP_CTRL_INIT|, but + * people call it, so it may as well work. */ + key->key_bits = arg; + return 1; default: return -1; } } -static const EVP_CIPHER rc2_40_cbc_cipher = { +static const EVP_CIPHER rc2_40_cbc = { NID_rc2_40_cbc, 8 /* block size */, 5 /* 40 bit */, @@ -416,5 +421,23 @@ static const EVP_CIPHER rc2_40_cbc_cipher = { }; const EVP_CIPHER *EVP_rc2_40_cbc(void) { - return &rc2_40_cbc_cipher; + return &rc2_40_cbc; +} + +static const EVP_CIPHER rc2_cbc = { + NID_rc2_cbc, + 8 /* block size */, + 16 /* 128 bit */, + 8 /* iv len */, + sizeof(EVP_RC2_KEY), + EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, + NULL /* app_data */, + rc2_init_key, + rc2_cbc_cipher, + NULL, + rc2_ctrl, +}; + +const EVP_CIPHER *EVP_rc2_cbc(void) { + return &rc2_cbc; } diff --git a/src/crypto/cipher/e_rc4.c b/src/crypto/cipher/e_rc4.c index 80dea36..e05b9fd 100644 --- a/src/crypto/cipher/e_rc4.c +++ b/src/crypto/cipher/e_rc4.c @@ -115,20 +115,20 @@ aead_rc4_md5_tls_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len, } if (tag_len > MD5_DIGEST_LENGTH) { - OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_init, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } /* The keys consists of |MD5_DIGEST_LENGTH| bytes of HMAC(MD5) key followed * by some number of bytes of RC4 key. */ if (key_len <= MD5_DIGEST_LENGTH) { - OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_init, CIPHER_R_BAD_KEY_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH); return 0; } rc4_ctx = OPENSSL_malloc(sizeof(struct aead_rc4_md5_tls_ctx)); if (rc4_ctx == NULL) { - OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_init, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE); return 0; } memset(rc4_ctx, 0, sizeof(struct aead_rc4_md5_tls_ctx)); @@ -185,22 +185,22 @@ static int aead_rc4_md5_tls_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, uint8_t digest[MD5_DIGEST_LENGTH]; if (in_len + rc4_ctx->tag_len < in_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_seal, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } if (nonce_len != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_seal, CIPHER_R_IV_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_IV_TOO_LARGE); return 0; } if (max_out_len < in_len + rc4_ctx->tag_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_seal, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (nonce_len != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_seal, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } @@ -288,21 +288,21 @@ static int aead_rc4_md5_tls_open(const EVP_AEAD_CTX *ctx, uint8_t *out, uint8_t digest[MD5_DIGEST_LENGTH]; if (in_len < rc4_ctx->tag_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } plaintext_len = in_len - rc4_ctx->tag_len; if (nonce_len != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_open, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } if (max_out_len < in_len) { /* This requires that the caller provide space for the MAC, even though it * will always be removed on return. */ - OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_open, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } @@ -366,7 +366,7 @@ static int aead_rc4_md5_tls_open(const EVP_AEAD_CTX *ctx, uint8_t *out, MD5_Final(digest, &md); if (CRYPTO_memcmp(out + plaintext_len, digest, rc4_ctx->tag_len)) { - OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } diff --git a/src/crypto/cipher/e_ssl3.c b/src/crypto/cipher/e_ssl3.c index 1031d9b..389c52f 100644 --- a/src/crypto/cipher/e_ssl3.c +++ b/src/crypto/cipher/e_ssl3.c @@ -85,12 +85,12 @@ static int aead_ssl3_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len, const EVP_CIPHER *cipher, const EVP_MD *md) { if (tag_len != EVP_AEAD_DEFAULT_TAG_LENGTH && tag_len != EVP_MD_size(md)) { - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_init, CIPHER_R_UNSUPPORTED_TAG_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_TAG_SIZE); return 0; } if (key_len != EVP_AEAD_key_length(ctx->aead)) { - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_init, CIPHER_R_BAD_KEY_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH); return 0; } @@ -102,7 +102,7 @@ static int aead_ssl3_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len, AEAD_SSL3_CTX *ssl3_ctx = OPENSSL_malloc(sizeof(AEAD_SSL3_CTX)); if (ssl3_ctx == NULL) { - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_init, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE); return 0; } EVP_CIPHER_CTX_init(&ssl3_ctx->cipher_ctx); @@ -133,29 +133,29 @@ static int aead_ssl3_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, if (!ssl3_ctx->cipher_ctx.encrypt) { /* Unlike a normal AEAD, an SSL3 AEAD may only be used in one direction. */ - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_seal, CIPHER_R_INVALID_OPERATION); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_OPERATION); return 0; } if (in_len + EVP_AEAD_max_overhead(ctx->aead) < in_len || in_len > INT_MAX) { /* EVP_CIPHER takes int as input. */ - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_seal, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } if (max_out_len < in_len + EVP_AEAD_max_overhead(ctx->aead)) { - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_seal, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (nonce_len != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_seal, CIPHER_R_IV_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_IV_TOO_LARGE); return 0; } if (ad_len != 11 - 2 /* length bytes */) { - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_seal, CIPHER_R_INVALID_AD_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_AD_SIZE); return 0; } @@ -217,36 +217,36 @@ static int aead_ssl3_open(const EVP_AEAD_CTX *ctx, uint8_t *out, if (ssl3_ctx->cipher_ctx.encrypt) { /* Unlike a normal AEAD, an SSL3 AEAD may only be used in one direction. */ - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_INVALID_OPERATION); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_OPERATION); return 0; } size_t mac_len = EVP_MD_CTX_size(&ssl3_ctx->md_ctx); if (in_len < mac_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } if (max_out_len < in_len) { /* This requires that the caller provide space for the MAC, even though it * will always be removed on return. */ - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (nonce_len != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } if (ad_len != 11 - 2 /* length bytes */) { - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_INVALID_AD_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_AD_SIZE); return 0; } if (in_len > INT_MAX) { /* EVP_CIPHER takes int as input. */ - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } @@ -270,12 +270,12 @@ static int aead_ssl3_open(const EVP_AEAD_CTX *ctx, uint8_t *out, if (EVP_CIPHER_CTX_mode(&ssl3_ctx->cipher_ctx) == EVP_CIPH_CBC_MODE) { unsigned padding_length = out[total - 1]; if (total < padding_length + 1 + mac_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } /* The padding must be minimal. */ if (padding_length + 1 > EVP_CIPHER_CTX_block_size(&ssl3_ctx->cipher_ctx)) { - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } data_len = total - padding_length - 1 - mac_len; @@ -289,7 +289,7 @@ static int aead_ssl3_open(const EVP_AEAD_CTX *ctx, uint8_t *out, return 0; } if (CRYPTO_memcmp(&out[data_len], mac, mac_len) != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } @@ -340,6 +340,13 @@ static int aead_des_ede3_cbc_sha1_ssl3_init(EVP_AEAD_CTX *ctx, EVP_sha1()); } +static int aead_null_sha1_ssl3_init(EVP_AEAD_CTX *ctx, const uint8_t *key, + size_t key_len, size_t tag_len, + enum evp_aead_direction_t dir) { + return aead_ssl3_init(ctx, key, key_len, tag_len, dir, EVP_enc_null(), + EVP_sha1()); +} + static const EVP_AEAD aead_rc4_md5_ssl3 = { MD5_DIGEST_LENGTH + 16, /* key len (MD5 + RC4) */ 0, /* nonce len */ @@ -405,6 +412,19 @@ static const EVP_AEAD aead_des_ede3_cbc_sha1_ssl3 = { NULL, /* get_rc4_state */ }; +static const EVP_AEAD aead_null_sha1_ssl3 = { + SHA_DIGEST_LENGTH, /* key len */ + 0, /* nonce len */ + SHA_DIGEST_LENGTH, /* overhead (SHA1) */ + SHA_DIGEST_LENGTH, /* max tag length */ + NULL, /* init */ + aead_null_sha1_ssl3_init, + aead_ssl3_cleanup, + aead_ssl3_seal, + aead_ssl3_open, + NULL, /* get_rc4_state */ +}; + const EVP_AEAD *EVP_aead_rc4_md5_ssl3(void) { return &aead_rc4_md5_ssl3; } const EVP_AEAD *EVP_aead_rc4_sha1_ssl3(void) { return &aead_rc4_sha1_ssl3; } @@ -420,3 +440,5 @@ const EVP_AEAD *EVP_aead_aes_256_cbc_sha1_ssl3(void) { const EVP_AEAD *EVP_aead_des_ede3_cbc_sha1_ssl3(void) { return &aead_des_ede3_cbc_sha1_ssl3; } + +const EVP_AEAD *EVP_aead_null_sha1_ssl3(void) { return &aead_null_sha1_ssl3; } diff --git a/src/crypto/cipher/e_tls.c b/src/crypto/cipher/e_tls.c index bed02cb..2778881 100644 --- a/src/crypto/cipher/e_tls.c +++ b/src/crypto/cipher/e_tls.c @@ -57,12 +57,12 @@ static int aead_tls_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len, char implicit_iv) { if (tag_len != EVP_AEAD_DEFAULT_TAG_LENGTH && tag_len != EVP_MD_size(md)) { - OPENSSL_PUT_ERROR(CIPHER, aead_tls_init, CIPHER_R_UNSUPPORTED_TAG_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_TAG_SIZE); return 0; } if (key_len != EVP_AEAD_key_length(ctx->aead)) { - OPENSSL_PUT_ERROR(CIPHER, aead_tls_init, CIPHER_R_BAD_KEY_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH); return 0; } @@ -75,7 +75,7 @@ static int aead_tls_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len, AEAD_TLS_CTX *tls_ctx = OPENSSL_malloc(sizeof(AEAD_TLS_CTX)); if (tls_ctx == NULL) { - OPENSSL_PUT_ERROR(CIPHER, aead_tls_init, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE); return 0; } EVP_CIPHER_CTX_init(&tls_ctx->cipher_ctx); @@ -109,7 +109,7 @@ static int aead_tls_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, if (!tls_ctx->cipher_ctx.encrypt) { /* Unlike a normal AEAD, a TLS AEAD may only be used in one direction. */ - OPENSSL_PUT_ERROR(CIPHER, aead_tls_seal, CIPHER_R_INVALID_OPERATION); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_OPERATION); return 0; } @@ -117,22 +117,22 @@ static int aead_tls_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, if (in_len + EVP_AEAD_max_overhead(ctx->aead) < in_len || in_len > INT_MAX) { /* EVP_CIPHER takes int as input. */ - OPENSSL_PUT_ERROR(CIPHER, aead_tls_seal, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } if (max_out_len < in_len + EVP_AEAD_max_overhead(ctx->aead)) { - OPENSSL_PUT_ERROR(CIPHER, aead_tls_seal, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (nonce_len != EVP_AEAD_nonce_length(ctx->aead)) { - OPENSSL_PUT_ERROR(CIPHER, aead_tls_seal, CIPHER_R_INVALID_NONCE_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_NONCE_SIZE); return 0; } if (ad_len != 13 - 2 /* length bytes */) { - OPENSSL_PUT_ERROR(CIPHER, aead_tls_seal, CIPHER_R_INVALID_AD_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_AD_SIZE); return 0; } @@ -214,36 +214,36 @@ static int aead_tls_open(const EVP_AEAD_CTX *ctx, uint8_t *out, if (tls_ctx->cipher_ctx.encrypt) { /* Unlike a normal AEAD, a TLS AEAD may only be used in one direction. */ - OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_INVALID_OPERATION); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_OPERATION); return 0; } if (in_len < HMAC_size(&tls_ctx->hmac_ctx)) { - OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } if (max_out_len < in_len) { /* This requires that the caller provide space for the MAC, even though it * will always be removed on return. */ - OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (nonce_len != EVP_AEAD_nonce_length(ctx->aead)) { - OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_INVALID_NONCE_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_NONCE_SIZE); return 0; } if (ad_len != 13 - 2 /* length bytes */) { - OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_INVALID_AD_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_AD_SIZE); return 0; } if (in_len > INT_MAX) { /* EVP_CIPHER takes int as input. */ - OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } @@ -278,7 +278,7 @@ static int aead_tls_open(const EVP_AEAD_CTX *ctx, uint8_t *out, (unsigned)HMAC_size(&tls_ctx->hmac_ctx)); /* Publicly invalid. This can be rejected in non-constant time. */ if (padding_ok == 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } } else { @@ -312,7 +312,7 @@ static int aead_tls_open(const EVP_AEAD_CTX *ctx, uint8_t *out, if (!EVP_tls_cbc_digest_record(tls_ctx->hmac_ctx.md, mac, &mac_len, ad_fixed, out, data_plus_mac_len, total, tls_ctx->mac_key, tls_ctx->mac_key_len)) { - OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } assert(mac_len == HMAC_size(&tls_ctx->hmac_ctx)); @@ -349,7 +349,7 @@ static int aead_tls_open(const EVP_AEAD_CTX *ctx, uint8_t *out, 0); good &= constant_time_eq_int(padding_ok, 1); if (!good) { - OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } @@ -444,6 +444,13 @@ static int aead_rc4_sha1_tls_get_rc4_state(const EVP_AEAD_CTX *ctx, return 1; } +static int aead_null_sha1_tls_init(EVP_AEAD_CTX *ctx, const uint8_t *key, + size_t key_len, size_t tag_len, + enum evp_aead_direction_t dir) { + return aead_tls_init(ctx, key, key_len, tag_len, dir, EVP_enc_null(), + EVP_sha1(), 1 /* implicit iv */); +} + static const EVP_AEAD aead_rc4_sha1_tls = { SHA_DIGEST_LENGTH + 16, /* key len (SHA1 + RC4) */ 0, /* nonce len */ @@ -574,6 +581,19 @@ static const EVP_AEAD aead_des_ede3_cbc_sha1_tls_implicit_iv = { NULL, /* get_rc4_state */ }; +static const EVP_AEAD aead_null_sha1_tls = { + SHA_DIGEST_LENGTH, /* key len */ + 0, /* nonce len */ + SHA_DIGEST_LENGTH, /* overhead (SHA1) */ + SHA_DIGEST_LENGTH, /* max tag length */ + NULL, /* init */ + aead_null_sha1_tls_init, + aead_tls_cleanup, + aead_tls_seal, + aead_tls_open, + NULL, /* get_rc4_state */ +}; + const EVP_AEAD *EVP_aead_rc4_sha1_tls(void) { return &aead_rc4_sha1_tls; } const EVP_AEAD *EVP_aead_aes_128_cbc_sha1_tls(void) { @@ -611,3 +631,5 @@ const EVP_AEAD *EVP_aead_des_ede3_cbc_sha1_tls(void) { const EVP_AEAD *EVP_aead_des_ede3_cbc_sha1_tls_implicit_iv(void) { return &aead_des_ede3_cbc_sha1_tls_implicit_iv; } + +const EVP_AEAD *EVP_aead_null_sha1_tls(void) { return &aead_null_sha1_tls; } diff --git a/src/crypto/cipher/test/aes_128_gcm_tests.txt b/src/crypto/cipher/test/aes_128_gcm_tests.txt index 5f7ad35..75466fe 100644 --- a/src/crypto/cipher/test/aes_128_gcm_tests.txt +++ b/src/crypto/cipher/test/aes_128_gcm_tests.txt @@ -418,3 +418,9 @@ AD: 18e2ed6d500b176e49f7e1b5074c0b7dbfdefdf00a63d9fa2fea8c5e78a1c4ae00f17b234429 CT: 5f3627bd53f8da0bbe6f3c9246d6f96fe9abb91cdecf66ddd42f833d98f4d4634c2e1e1ad4088c84c22191bdb9d99ef227320e455dd112c4a9e9cca95724fcc9ae024ed12bf60a802d0b87b99d9bf22590786567c2962171d2b05bec9754c627608e9eba7bccc70540aa4da72e1e04b26d8f968b10230f707501c0091a8ac118f86e87aae1ac00257aee29c3345bd3839154977acd378fc1b2197f5c1fd8e12262f9c2974fb92dc481eeb51aadd44a8851f61b93a84ba57f2870df0423d289bfdcfe634f9ecb7d7c6110a95b49418a2dd6663377690275c205b3efa79a0a77c92567fb429d8ee437312a39df7516dc238f7b9414938223d7ec24d256d3fb3a5954a7c75dbd79486d49ba6bb38a7ccce0f58700260b71319adf98ab8684e34913abe2d9d97193e2 TAG: e690e89af39ff367f5d40a1b7c7ccd4f +KEY: 31323334353637383930313233343536 +NONCE: 31323334353637383930313233343536 +IN: 48656c6c6f2c20576f726c64 +AD: +CT: cec189d0e8419b90fb16d555 +TAG: 32893832a8d609224d77c2e56a922282 diff --git a/src/crypto/cipher/test/cipher_test.txt b/src/crypto/cipher/test/cipher_test.txt index 93cb8f3..21fffdb 100644 --- a/src/crypto/cipher/test/cipher_test.txt +++ b/src/crypto/cipher/test/cipher_test.txt @@ -38,6 +38,22 @@ Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000 Ciphertext = 3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675 +# DES EDE CBC tests +Cipher = DES-EDE-CBC +Key = 0123456789abcdeff1e0d3c2b5a49786 +IV = fedcba9876543210 +Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000 +Ciphertext = 7948C0DA4FE91CD815DCA96DBC9B60A857EB954F4DEB08EB98722642AE69257B + + +# DES EDE tests +Cipher = DES-EDE +Key = 0123456789abcdeff1e0d3c2b5a49786 +IV = fedcba9876543210 +Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000 +Ciphertext = 22E889402E28422F8167AD279D90A566DA75B734E12C671FC2669AECB3E4FE8F + + # AES 128 ECB tests (from FIPS-197 test vectors, encrypt) Cipher = AES-128-ECB Key = 000102030405060708090A0B0C0D0E0F @@ -360,6 +376,13 @@ Ciphertext = 6268c6fa2a80b2d137467f092f657ac04d89be2beaa623d61b5a868c8f03ff95d3d AAD = 00000000000000000000000000000000101112131415161718191a1b1c1d1e1f Tag = 3b629ccfbc1119b7319e1dce2cd6fd6d +Cipher = AES-128-GCM +Key = 31323334353637383930313233343536 +IV = 31323334353637383930313233343536 +Plaintext = 48656c6c6f2c20576f726c64 +Ciphertext = cec189d0e8419b90fb16d555 +Tag = 32893832a8d609224d77c2e56a922282 +AAD = # OFB tests from OpenSSL upstream. @@ -535,3 +558,40 @@ Cipher = AES-192-ECB Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 Ciphertext = 9A4B41BA738D6C72FB16691603C18E0E + +# DES ECB tests + +Cipher = DES-ECB +Key = 0000000000000000 +Plaintext = 0000000000000000 +Ciphertext = 8CA64DE9C1B123A7 + +Cipher = DES-ECB +Key = FFFFFFFFFFFFFFFF +Plaintext = FFFFFFFFFFFFFFFF +Ciphertext = 7359B2163E4EDC58 + +Cipher = DES-ECB +Key = 3000000000000000 +Plaintext = 1000000000000001 +Ciphertext = 958E6E627A05557B + +Cipher = DES-ECB +Key = 1111111111111111 +Plaintext = 1111111111111111 +Ciphertext = F40379AB9E0EC533 + +Cipher = DES-ECB +Key = 0123456789ABCDEF +Plaintext = 1111111111111111 +Ciphertext = 17668DFC7292532D + +Cipher = DES-ECB +Key = 1111111111111111 +Plaintext = 0123456789ABCDEF +Ciphertext = 8A5AE1F81AB8F2DD + +Cipher = DES-ECB +Key = FEDCBA9876543210 +Plaintext = 0123456789ABCDEF +Ciphertext = ED39D950FA74BCC4 diff --git a/src/crypto/cmac/CMakeLists.txt b/src/crypto/cmac/CMakeLists.txt index 8ebd80c..bb3abc3 100644 --- a/src/crypto/cmac/CMakeLists.txt +++ b/src/crypto/cmac/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( cmac @@ -12,6 +12,8 @@ add_executable( cmac_test cmac_test.cc + + $ ) target_link_libraries(cmac_test crypto) diff --git a/src/crypto/cmac/cmac_test.cc b/src/crypto/cmac/cmac_test.cc index 0f06860..53f45d1 100644 --- a/src/crypto/cmac/cmac_test.cc +++ b/src/crypto/cmac/cmac_test.cc @@ -19,16 +19,13 @@ #include #include "../test/scoped_types.h" +#include "../test/test_util.h" -static void dump(const uint8_t *got, const uint8_t *expected, size_t len) { - ScopedBIO bio(BIO_new_fp(stderr, 0 /* don't close */)); - - BIO_puts(bio.get(), "\nGot:\n"); - BIO_hexdump(bio.get(), got, len, 2 /* indent */); - BIO_puts(bio.get(), "Expected:\n"); - BIO_hexdump(bio.get(), expected, len, 2 /* indent */); - BIO_flush(bio.get()); +static void dump(const uint8_t *got, const uint8_t *want, size_t len) { + hexdump(stderr, "got :", got, len); + hexdump(stderr, "want:", want, len); + fflush(stderr); } static int test(const char *name, const uint8_t *key, size_t key_len, diff --git a/src/crypto/conf/CMakeLists.txt b/src/crypto/conf/CMakeLists.txt index 8046bb8..0a3c795 100644 --- a/src/crypto/conf/CMakeLists.txt +++ b/src/crypto/conf/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( conf diff --git a/src/crypto/conf/conf.c b/src/crypto/conf/conf.c index 213efc5..e098a2c 100644 --- a/src/crypto/conf/conf.c +++ b/src/crypto/conf/conf.c @@ -111,6 +111,16 @@ CONF *NCONF_new(void *method) { return conf; } +CONF_VALUE *CONF_VALUE_new(void) { + CONF_VALUE *v = OPENSSL_malloc(sizeof(CONF_VALUE)); + if (!v) { + OPENSSL_PUT_ERROR(CONF, ERR_R_MALLOC_FAILURE); + return NULL; + } + memset(v, 0, sizeof(CONF_VALUE)); + return v; +} + static void value_free_contents(CONF_VALUE *value) { if (value->section) { OPENSSL_free(value->section); @@ -137,29 +147,26 @@ void NCONF_free(CONF *conf) { return; } - lh_CONF_VALUE_doall(conf->data, value_free_contents); + lh_CONF_VALUE_doall(conf->data, value_free); lh_CONF_VALUE_free(conf->data); OPENSSL_free(conf); } CONF_VALUE *NCONF_new_section(const CONF *conf, const char *section) { STACK_OF(CONF_VALUE) *sk = NULL; - int ok = 0, i; + int ok = 0; CONF_VALUE *v = NULL, *old_value; sk = sk_CONF_VALUE_new_null(); - v = OPENSSL_malloc(sizeof(CONF_VALUE)); + v = CONF_VALUE_new(); if (sk == NULL || v == NULL) { goto err; } - i = strlen(section) + 1; - v->section = OPENSSL_malloc(i); + v->section = OPENSSL_strdup(section); if (v->section == NULL) { goto err; } - memcpy(v->section, section, i); - v->section[i-1] = 0; v->name = NULL; v->value = (char *)sk; @@ -285,7 +292,7 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from) { rp = e; if (q) { if (r != q) { - OPENSSL_PUT_ERROR(CONF, str_copy, CONF_R_NO_CLOSE_BRACE); + OPENSSL_PUT_ERROR(CONF, CONF_R_NO_CLOSE_BRACE); goto err; } e++; @@ -304,7 +311,7 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from) { } *rp = r; if (p == NULL) { - OPENSSL_PUT_ERROR(CONF, str_copy, CONF_R_VARIABLE_HAS_NO_VALUE); + OPENSSL_PUT_ERROR(CONF, CONF_R_VARIABLE_HAS_NO_VALUE); goto err; } BUF_MEM_grow_clean(buf, (strlen(p) + buf->length - (e - from))); @@ -372,11 +379,12 @@ const char *NCONF_get_string(const CONF *conf, const char *section, return value->value; } -int add_string(const CONF *conf, CONF_VALUE *section, CONF_VALUE *value) { +static int add_string(const CONF *conf, CONF_VALUE *section, + CONF_VALUE *value) { STACK_OF(CONF_VALUE) *section_stack = (STACK_OF(CONF_VALUE)*) section->value; CONF_VALUE *old_value; - value->section = section->section; + value->section = OPENSSL_strdup(section->section); if (!sk_CONF_VALUE_push(section_stack, value)) { return 0; } @@ -505,20 +513,19 @@ static int def_load_bio(CONF *conf, BIO *in, long *out_error_line) { char *start, *psection, *pname; if ((buff = BUF_MEM_new()) == NULL) { - OPENSSL_PUT_ERROR(CONF, def_load_bio, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(CONF, ERR_R_BUF_LIB); goto err; } - section = (char *)OPENSSL_malloc(10); + section = OPENSSL_strdup("default"); if (section == NULL) { - OPENSSL_PUT_ERROR(CONF, def_load_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CONF, ERR_R_MALLOC_FAILURE); goto err; } - BUF_strlcpy(section, "default", 10); sv = NCONF_new_section(conf, section); if (sv == NULL) { - OPENSSL_PUT_ERROR(CONF, def_load_bio, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); + OPENSSL_PUT_ERROR(CONF, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); goto err; } @@ -526,7 +533,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *out_error_line) { again = 0; for (;;) { if (!BUF_MEM_grow(buff, bufnum + CONFBUFSIZE)) { - OPENSSL_PUT_ERROR(CONF, def_load_bio, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(CONF, ERR_R_BUF_LIB); goto err; } p = &(buff->data[bufnum]); @@ -595,7 +602,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *out_error_line) { ss = p; goto again; } - OPENSSL_PUT_ERROR(CONF, def_load_bio, CONF_R_MISSING_CLOSE_SQUARE_BRACKET); + OPENSSL_PUT_ERROR(CONF, CONF_R_MISSING_CLOSE_SQUARE_BRACKET); goto err; } *end = '\0'; @@ -606,7 +613,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *out_error_line) { sv = NCONF_new_section(conf, section); } if (sv == NULL) { - OPENSSL_PUT_ERROR(CONF, def_load_bio, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); + OPENSSL_PUT_ERROR(CONF, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); goto err; } continue; @@ -623,7 +630,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *out_error_line) { } p = eat_ws(conf, end); if (*p != '=') { - OPENSSL_PUT_ERROR(CONF, def_load_bio, CONF_R_MISSING_EQUAL_SIGN); + OPENSSL_PUT_ERROR(CONF, CONF_R_MISSING_EQUAL_SIGN); goto err; } *end = '\0'; @@ -639,20 +646,17 @@ static int def_load_bio(CONF *conf, BIO *in, long *out_error_line) { p++; *p = '\0'; - if (!(v = (CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) { - OPENSSL_PUT_ERROR(CONF, def_load_bio, ERR_R_MALLOC_FAILURE); + if (!(v = CONF_VALUE_new())) { goto err; } if (psection == NULL) { psection = section; } - v->name = (char *)OPENSSL_malloc(strlen(pname) + 1); - v->value = NULL; + v->name = OPENSSL_strdup(pname); if (v->name == NULL) { - OPENSSL_PUT_ERROR(CONF, def_load_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CONF, ERR_R_MALLOC_FAILURE); goto err; } - BUF_strlcpy(v->name, pname, strlen(pname) + 1); if (!str_copy(conf, psection, &(v->value), start)) { goto err; } @@ -662,14 +666,14 @@ static int def_load_bio(CONF *conf, BIO *in, long *out_error_line) { tv = NCONF_new_section(conf, psection); } if (tv == NULL) { - OPENSSL_PUT_ERROR(CONF, def_load_bio, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); + OPENSSL_PUT_ERROR(CONF, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); goto err; } } else { tv = sv; } if (add_string(conf, tv, v) == 0) { - OPENSSL_PUT_ERROR(CONF, def_load_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CONF, ERR_R_MALLOC_FAILURE); goto err; } v = NULL; @@ -715,7 +719,7 @@ int NCONF_load(CONF *conf, const char *filename, long *out_error_line) { int ret; if (in == NULL) { - OPENSSL_PUT_ERROR(CONF, NCONF_load, ERR_R_SYS_LIB); + OPENSSL_PUT_ERROR(CONF, ERR_R_SYS_LIB); return 0; } @@ -736,7 +740,7 @@ int CONF_parse_list(const char *list, char sep, int remove_whitespace, const char *lstart, *tmpend, *p; if (list == NULL) { - OPENSSL_PUT_ERROR(CONF, CONF_parse_list, CONF_R_LIST_CANNOT_BE_NULL); + OPENSSL_PUT_ERROR(CONF, CONF_R_LIST_CANNOT_BE_NULL); return 0; } diff --git a/src/crypto/conf/internal.h b/src/crypto/conf/internal.h new file mode 100644 index 0000000..03d1a8f --- /dev/null +++ b/src/crypto/conf/internal.h @@ -0,0 +1,31 @@ +/* Copyright (c) 2015, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#ifndef OPENSSL_HEADER_CRYPTO_CONF_INTERNAL_H +#define OPENSSL_HEADER_CRYPTO_CONF_INTERNAL_H + +#if defined(__cplusplus) +extern "C" { +#endif + + +/* CONF_VALUE_new returns a freshly allocated and zeroed |CONF_VALUE|. */ +CONF_VALUE *CONF_VALUE_new(void); + + +#if defined(__cplusplus) +} /* extern C */ +#endif + +#endif /* OPENSSL_HEADER_CRYPTO_CONF_INTERNAL_H */ diff --git a/src/crypto/cpu-arm.c b/src/crypto/cpu-arm.c index 74e937b..6e037ab 100644 --- a/src/crypto/cpu-arm.c +++ b/src/crypto/cpu-arm.c @@ -24,7 +24,7 @@ #include #endif -#include "arm_arch.h" +#include /* We can't include because the Android SDK version against which @@ -70,12 +70,12 @@ static void sigill_handler(int signal) { siglongjmp(sigill_jmp, signal); } -void CRYPTO_arm_neon_probe(); +void CRYPTO_arm_neon_probe(void); // probe_for_NEON returns 1 if a NEON instruction runs successfully. Because // getauxval doesn't exist on Android until Jelly Bean, supporting NEON on // older devices requires this. -static int probe_for_NEON() { +static int probe_for_NEON(void) { int supported = 0; sigset_t sigmask; diff --git a/src/crypto/cpu-intel.c b/src/crypto/cpu-intel.c index df0e127..924bab0 100644 --- a/src/crypto/cpu-intel.c +++ b/src/crypto/cpu-intel.c @@ -68,8 +68,58 @@ #include #include -/* OPENSSL_ia32_cpuid is defined in cpu-x86_64-asm.pl. */ -extern uint64_t OPENSSL_ia32_cpuid(uint32_t*); +#if defined(OPENSSL_WINDOWS) +#pragma warning(push, 3) +#include +#include +#pragma warning(pop) +#endif + + +/* OPENSSL_cpuid runs the cpuid instruction. |leaf| is passed in as EAX and ECX + * is set to zero. It writes EAX, EBX, ECX, and EDX to |*out_eax| through + * |*out_edx|. */ +static void OPENSSL_cpuid(uint32_t *out_eax, uint32_t *out_ebx, + uint32_t *out_ecx, uint32_t *out_edx, uint32_t leaf) { +#if defined(OPENSSL_WINDOWS) + int tmp[4]; + __cpuid(tmp, (int)leaf); + *out_eax = (uint32_t)tmp[0]; + *out_ebx = (uint32_t)tmp[1]; + *out_ecx = (uint32_t)tmp[2]; + *out_edx = (uint32_t)tmp[3]; +#elif defined(__pic__) && defined(OPENSSL_32_BIT) + /* Inline assembly may not clobber the PIC register. For 32-bit, this is EBX. + * See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=47602. */ + __asm__ volatile ( + "xor %%ecx, %%ecx\n" + "mov %%ebx, %%edi\n" + "cpuid\n" + "xchg %%edi, %%ebx\n" + : "=a"(*out_eax), "=D"(*out_ebx), "=c"(*out_ecx), "=d"(*out_edx) + : "a"(leaf) + ); +#else + __asm__ volatile ( + "xor %%ecx, %%ecx\n" + "cpuid\n" + : "=a"(*out_eax), "=b"(*out_ebx), "=c"(*out_ecx), "=d"(*out_edx) + : "a"(leaf) + ); +#endif +} + +/* OPENSSL_xgetbv returns the value of an Intel Extended Control Register (XCR). + * Currently only XCR0 is defined by Intel so |xcr| should always be zero. */ +static uint64_t OPENSSL_xgetbv(uint32_t xcr) { +#if defined(OPENSSL_WINDOWS) + return (uint64_t)_xgetbv(xcr); +#else + uint32_t eax, edx; + __asm__ volatile ("xgetbv" : "=a"(eax), "=d"(edx) : "c"(xcr)); + return (((uint64_t)edx) << 32) | eax; +#endif +} /* handle_cpu_env applies the value from |in| to the CPUID values in |out[0]| * and |out[1]|. See the comment in |OPENSSL_cpuid_setup| about this. */ @@ -91,18 +141,101 @@ static void handle_cpu_env(uint32_t *out, const char *in) { } void OPENSSL_cpuid_setup(void) { - const char *env1, *env2; + /* Determine the vendor and maximum input value. */ + uint32_t eax, ebx, ecx, edx; + OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 0); -#if defined(OPENSSL_X86_64) - OPENSSL_ia32_cpuid(OPENSSL_ia32cap_P); -#else - uint64_t vec = OPENSSL_ia32_cpuid(OPENSSL_ia32cap_P); - /* 1<<10 sets a reserved bit to indicate that the variable - * was already initialised. */ - OPENSSL_ia32cap_P[0] = ((uint32_t)vec) | (1 << 10); - OPENSSL_ia32cap_P[1] = vec >> 32; -#endif + uint32_t num_ids = eax; + + int is_intel = ebx == 0x756e6547 /* Genu */ && + edx == 0x49656e69 /* ineI */ && + ecx == 0x6c65746e /* ntel */; + int is_amd = ebx == 0x68747541 /* Auth */ && + edx == 0x69746e65 /* enti */ && + ecx == 0x444d4163 /* cAMD */; + + int has_amd_xop = 0; + if (is_amd) { + /* AMD-specific logic. + * See http://developer.amd.com/wordpress/media/2012/10/254811.pdf */ + OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 0x80000000); + uint32_t num_extended_ids = eax; + if (num_extended_ids >= 0x80000001) { + OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 0x80000001); + if (ecx & (1 << 11)) { + has_amd_xop = 1; + } + } + } + + uint32_t extended_features = 0; + if (num_ids >= 7) { + OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 7); + extended_features = ebx; + } + /* Determine the number of cores sharing an L1 data cache to adjust the + * hyper-threading bit. */ + uint32_t cores_per_cache = 0; + if (is_amd) { + /* AMD CPUs never share an L1 data cache between threads but do set the HTT + * bit on multi-core CPUs. */ + cores_per_cache = 1; + } else if (num_ids >= 4) { + /* TODO(davidben): The Intel manual says this CPUID leaf enumerates all + * caches using ECX and doesn't say which is first. Does this matter? */ + OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 4); + cores_per_cache = 1 + ((eax >> 14) & 0xfff); + } + + OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 1); + + /* Adjust the hyper-threading bit. */ + if (edx & (1 << 28)) { + uint32_t num_logical_cores = (ebx >> 16) & 0xff; + if (cores_per_cache == 1 || num_logical_cores <= 1) { + edx &= ~(1 << 28); + } + } + + /* Reserved bit #20 was historically repurposed to control the in-memory + * representation of RC4 state. Always set it to zero. */ + edx &= ~(1 << 20); + + /* Reserved bit #30 is repurposed to signal an Intel CPU. */ + if (is_intel) { + edx |= (1 << 30); + } else { + edx &= ~(1 << 30); + } + + /* The SDBG bit is repurposed to denote AMD XOP support. */ + if (has_amd_xop) { + ecx |= (1 << 11); + } else { + ecx &= ~(1 << 11); + } + + uint64_t xcr0 = 0; + if (ecx & (1 << 27)) { + /* XCR0 may only be queried if the OSXSAVE bit is set. */ + xcr0 = OPENSSL_xgetbv(0); + } + /* See Intel manual, section 14.3. */ + if ((xcr0 & 6) != 6) { + /* YMM registers cannot be used. */ + ecx &= ~(1 << 28); /* AVX */ + ecx &= ~(1 << 12); /* FMA */ + ecx &= ~(1 << 11); /* AMD XOP */ + extended_features &= ~(1 << 5); /* AVX2 */ + } + + OPENSSL_ia32cap_P[0] = edx; + OPENSSL_ia32cap_P[1] = ecx; + OPENSSL_ia32cap_P[2] = extended_features; + OPENSSL_ia32cap_P[3] = 0; + + const char *env1, *env2; env1 = getenv("OPENSSL_ia32cap"); if (env1 == NULL) { return; diff --git a/src/crypto/cpu-x86-asm.pl b/src/crypto/cpu-x86-asm.pl deleted file mode 100644 index 319c436..0000000 --- a/src/crypto/cpu-x86-asm.pl +++ /dev/null @@ -1,334 +0,0 @@ -#!/usr/bin/env perl - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -push(@INC, "${dir}perlasm", "perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],"crypto/cpu-x86-asm"); - -for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } - -&function_begin("OPENSSL_ia32_cpuid"); - &xor ("edx","edx"); - &pushf (); - &pop ("eax"); - &mov ("ecx","eax"); - &xor ("eax",1<<21); - &push ("eax"); - &popf (); - &pushf (); - &pop ("eax"); - &xor ("ecx","eax"); - &xor ("eax","eax"); - &bt ("ecx",21); - &jnc (&label("nocpuid")); - &mov ("esi",&wparam(0)); - &mov (&DWP(8,"esi"),"eax"); # clear 3rd word - &cpuid (); - &mov ("edi","eax"); # max value for standard query level - - &xor ("eax","eax"); - &cmp ("ebx",0x756e6547); # "Genu" - &setne (&LB("eax")); - &mov ("ebp","eax"); - &cmp ("edx",0x49656e69); # "ineI" - &setne (&LB("eax")); - &or ("ebp","eax"); - &cmp ("ecx",0x6c65746e); # "ntel" - &setne (&LB("eax")); - &or ("ebp","eax"); # 0 indicates Intel CPU - &jz (&label("intel")); - - &cmp ("ebx",0x68747541); # "Auth" - &setne (&LB("eax")); - &mov ("esi","eax"); - &cmp ("edx",0x69746E65); # "enti" - &setne (&LB("eax")); - &or ("esi","eax"); - &cmp ("ecx",0x444D4163); # "cAMD" - &setne (&LB("eax")); - &or ("esi","eax"); # 0 indicates AMD CPU - &jnz (&label("intel")); - - # AMD specific - &mov ("eax",0x80000000); - &cpuid (); - &cmp ("eax",0x80000001); - &jb (&label("intel")); - &mov ("esi","eax"); - &mov ("eax",0x80000001); - &cpuid (); - &or ("ebp","ecx"); - &and ("ebp",1<<11|1); # isolate XOP bit - &cmp ("esi",0x80000008); - &jb (&label("intel")); - - &mov ("eax",0x80000008); - &cpuid (); - &movz ("esi",&LB("ecx")); # number of cores - 1 - &inc ("esi"); # number of cores - - &mov ("eax",1); - &xor ("ecx","ecx"); - &cpuid (); - &bt ("edx",28); - &jnc (&label("generic")); - &shr ("ebx",16); - &and ("ebx",0xff); - &cmp ("ebx","esi"); - &ja (&label("generic")); - &and ("edx",0xefffffff); # clear hyper-threading bit - &jmp (&label("generic")); - -&set_label("intel"); - &cmp ("edi",7); - &jb (&label("cacheinfo")); - - &mov ("esi",&wparam(0)); - &mov ("eax",7); - &xor ("ecx","ecx"); - &cpuid (); - &mov (&DWP(8,"esi"),"ebx"); - -&set_label("cacheinfo"); - &cmp ("edi",4); - &mov ("edi",-1); - &jb (&label("nocacheinfo")); - - &mov ("eax",4); - &mov ("ecx",0); # query L1D - &cpuid (); - &mov ("edi","eax"); - &shr ("edi",14); - &and ("edi",0xfff); # number of cores -1 per L1D - -&set_label("nocacheinfo"); - &mov ("eax",1); - &xor ("ecx","ecx"); - &cpuid (); - &and ("edx",0xbfefffff); # force reserved bits #20, #30 to 0 - &cmp ("ebp",0); - &jne (&label("notintel")); - &or ("edx",1<<30); # set reserved bit#30 on Intel CPUs -&set_label("notintel"); - &bt ("edx",28); # test hyper-threading bit - &jnc (&label("generic")); - &and ("edx",0xefffffff); - &cmp ("edi",0); - &je (&label("generic")); - - &or ("edx",0x10000000); - &shr ("ebx",16); - &cmp (&LB("ebx"),1); - &ja (&label("generic")); - &and ("edx",0xefffffff); # clear hyper-threading bit if not - -&set_label("generic"); - &and ("ebp",1<<11); # isolate AMD XOP flag - &and ("ecx",0xfffff7ff); # force 11th bit to 0 - &mov ("esi","edx"); - &or ("ebp","ecx"); # merge AMD XOP flag - - &bt ("ecx",27); # check OSXSAVE bit - &jnc (&label("clear_avx")); - &xor ("ecx","ecx"); - &data_byte(0x0f,0x01,0xd0); # xgetbv - &and ("eax",6); - &cmp ("eax",6); - &je (&label("done")); - &cmp ("eax",2); - &je (&label("clear_avx")); -&set_label("clear_xmm"); - &and ("ebp",0xfdfffffd); # clear AESNI and PCLMULQDQ bits - &and ("esi",0xfeffffff); # clear FXSR -&set_label("clear_avx"); - &and ("ebp",0xefffe7ff); # clear AVX, FMA and AMD XOP bits - &mov ("edi",&wparam(0)); - &and (&DWP(8,"edi"),0xffffffdf); # clear AVX2 -&set_label("done"); - &mov ("eax","esi"); - &mov ("edx","ebp"); -&set_label("nocpuid"); -&function_end("OPENSSL_ia32_cpuid"); - -&external_label("OPENSSL_ia32cap_P"); - -&function_begin_B("OPENSSL_rdtsc","EXTRN\t_OPENSSL_ia32cap_P:DWORD"); - &xor ("eax","eax"); - &xor ("edx","edx"); - &picmeup("ecx","OPENSSL_ia32cap_P"); - &bt (&DWP(0,"ecx"),4); - &jnc (&label("notsc")); - &rdtsc (); -&set_label("notsc"); - &ret (); -&function_end_B("OPENSSL_rdtsc"); - -# This works in Ring 0 only [read DJGPP+MS-DOS+privileged DPMI host], -# but it's safe to call it on any [supported] 32-bit platform... -# Just check for [non-]zero return value... -&function_begin_B("OPENSSL_instrument_halt","EXTRN\t_OPENSSL_ia32cap_P:DWORD"); - &picmeup("ecx","OPENSSL_ia32cap_P"); - &bt (&DWP(0,"ecx"),4); - &jnc (&label("nohalt")); # no TSC - - &data_word(0x9058900e); # push %cs; pop %eax - &and ("eax",3); - &jnz (&label("nohalt")); # not enough privileges - - &pushf (); - &pop ("eax"); - &bt ("eax",9); - &jnc (&label("nohalt")); # interrupts are disabled - - &rdtsc (); - &push ("edx"); - &push ("eax"); - &halt (); - &rdtsc (); - - &sub ("eax",&DWP(0,"esp")); - &sbb ("edx",&DWP(4,"esp")); - &add ("esp",8); - &ret (); - -&set_label("nohalt"); - &xor ("eax","eax"); - &xor ("edx","edx"); - &ret (); -&function_end_B("OPENSSL_instrument_halt"); - -# Essentially there is only one use for this function. Under DJGPP: -# -# #include -# ... -# i=OPENSSL_far_spin(_dos_ds,0x46c); -# ... -# to obtain the number of spins till closest timer interrupt. - -&function_begin_B("OPENSSL_far_spin"); - &pushf (); - &pop ("eax"); - &bt ("eax",9); - &jnc (&label("nospin")); # interrupts are disabled - - &mov ("eax",&DWP(4,"esp")); - &mov ("ecx",&DWP(8,"esp")); - &data_word (0x90d88e1e); # push %ds, mov %eax,%ds - &xor ("eax","eax"); - &mov ("edx",&DWP(0,"ecx")); - &jmp (&label("spin")); - - &align (16); -&set_label("spin"); - &inc ("eax"); - &cmp ("edx",&DWP(0,"ecx")); - &je (&label("spin")); - - &data_word (0x1f909090); # pop %ds - &ret (); - -&set_label("nospin"); - &xor ("eax","eax"); - &xor ("edx","edx"); - &ret (); -&function_end_B("OPENSSL_far_spin"); - -&function_begin_B("OPENSSL_wipe_cpu","EXTRN\t_OPENSSL_ia32cap_P:DWORD"); - &xor ("eax","eax"); - &xor ("edx","edx"); - &picmeup("ecx","OPENSSL_ia32cap_P"); - &mov ("ecx",&DWP(0,"ecx")); - &bt (&DWP(0,"ecx"),1); - &jnc (&label("no_x87")); - if ($sse2) { - &and ("ecx",1<<26|1<<24); # check SSE2 and FXSR bits - &cmp ("ecx",1<<26|1<<24); - &jne (&label("no_sse2")); - &pxor ("xmm0","xmm0"); - &pxor ("xmm1","xmm1"); - &pxor ("xmm2","xmm2"); - &pxor ("xmm3","xmm3"); - &pxor ("xmm4","xmm4"); - &pxor ("xmm5","xmm5"); - &pxor ("xmm6","xmm6"); - &pxor ("xmm7","xmm7"); - &set_label("no_sse2"); - } - # just a bunch of fldz to zap the fp/mm bank followed by finit... - &data_word(0xeed9eed9,0xeed9eed9,0xeed9eed9,0xeed9eed9,0x90e3db9b); -&set_label("no_x87"); - &lea ("eax",&DWP(4,"esp")); - &ret (); -&function_end_B("OPENSSL_wipe_cpu"); - -&function_begin_B("OPENSSL_atomic_add"); - &mov ("edx",&DWP(4,"esp")); # fetch the pointer, 1st arg - &mov ("ecx",&DWP(8,"esp")); # fetch the increment, 2nd arg - &push ("ebx"); - &nop (); - &mov ("eax",&DWP(0,"edx")); -&set_label("spin"); - &lea ("ebx",&DWP(0,"eax","ecx")); - &nop (); - &data_word(0x1ab10ff0); # lock; cmpxchg %ebx,(%edx) # %eax is envolved and is always reloaded - &jne (&label("spin")); - &mov ("eax","ebx"); # OpenSSL expects the new value - &pop ("ebx"); - &ret (); -&function_end_B("OPENSSL_atomic_add"); - -# This function can become handy under Win32 in situations when -# we don't know which calling convention, __stdcall or __cdecl(*), -# indirect callee is using. In C it can be deployed as -# -#ifdef OPENSSL_CPUID_OBJ -# type OPENSSL_indirect_call(void *f,...); -# ... -# OPENSSL_indirect_call(func,[up to $max arguments]); -#endif -# -# (*) it's designed to work even for __fastcall if number of -# arguments is 1 or 2! -&function_begin_B("OPENSSL_indirect_call"); - { - my ($max,$i)=(7,); # $max has to be chosen as 4*n-1 - # in order to preserve eventual - # stack alignment - &push ("ebp"); - &mov ("ebp","esp"); - &sub ("esp",$max*4); - &mov ("ecx",&DWP(12,"ebp")); - &mov (&DWP(0,"esp"),"ecx"); - &mov ("edx",&DWP(16,"ebp")); - &mov (&DWP(4,"esp"),"edx"); - for($i=2;$i<$max;$i++) - { - # Some copies will be redundant/bogus... - &mov ("eax",&DWP(12+$i*4,"ebp")); - &mov (&DWP(0+$i*4,"esp"),"eax"); - } - &call_ptr (&DWP(8,"ebp"));# make the call... - &mov ("esp","ebp"); # ... and just restore the stack pointer - # without paying attention to what we called, - # (__cdecl *func) or (__stdcall *one). - &pop ("ebp"); - &ret (); - } -&function_end_B("OPENSSL_indirect_call"); - -&function_begin_B("OPENSSL_ia32_rdrand"); - &mov ("ecx",8); -&set_label("loop"); - &rdrand ("eax"); - &jc (&label("break")); - &loop (&label("loop")); -&set_label("break"); - &cmp ("eax",0); - &cmove ("eax","ecx"); - &ret (); -&function_end_B("OPENSSL_ia32_rdrand"); - -&hidden("OPENSSL_ia32cap_P"); - -&asm_finish(); diff --git a/src/crypto/cpu-x86_64-asm.pl b/src/crypto/cpu-x86_64-asm.pl deleted file mode 100644 index 89d7a6c..0000000 --- a/src/crypto/cpu-x86_64-asm.pl +++ /dev/null @@ -1,163 +0,0 @@ -#!/usr/bin/env perl - -$flavour = shift; -$output = shift; -if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } - -$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/); - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or -( $xlate="${dir}perlasm/x86_64-xlate.pl" and -f $xlate) or -die "can't locate x86_64-xlate.pl"; - -open OUT,"| \"$^X\" $xlate $flavour $output"; -*STDOUT=*OUT; - -($arg1,$arg2,$arg3,$arg4)=$win64?("%rcx","%rdx","%r8", "%r9") : # Win64 order - ("%rdi","%rsi","%rdx","%rcx"); # Unix order - -print<<___; -.text - -.globl OPENSSL_ia32_cpuid -.type OPENSSL_ia32_cpuid,\@function,1 -.align 16 -OPENSSL_ia32_cpuid: - # On Windows, $arg1 is rcx, but that will be clobbered. So make Windows - # use the same register as Unix. - mov $arg1,%rdi - mov %rbx,%r8 # save %rbx - - xor %eax,%eax - mov %eax,8(%rdi) # clear 3rd word - cpuid - mov %eax,%r11d # max value for standard query level - - xor %eax,%eax - cmp \$0x756e6547,%ebx # "Genu" - setne %al - mov %eax,%r9d - cmp \$0x49656e69,%edx # "ineI" - setne %al - or %eax,%r9d - cmp \$0x6c65746e,%ecx # "ntel" - setne %al - or %eax,%r9d # 0 indicates Intel CPU - jz .Lintel - - cmp \$0x68747541,%ebx # "Auth" - setne %al - mov %eax,%r10d - cmp \$0x69746E65,%edx # "enti" - setne %al - or %eax,%r10d - cmp \$0x444D4163,%ecx # "cAMD" - setne %al - or %eax,%r10d # 0 indicates AMD CPU - jnz .Lintel - - # AMD specific - # See http://developer.amd.com/wordpress/media/2012/10/254811.pdf (1) - - mov \$0x80000000,%eax - cpuid - # Returns "The largest CPUID extended function input value supported by - # the processor implementation." in EAX. - cmp \$0x80000001,%eax - jb .Lintel - mov %eax,%r10d - mov \$0x80000001,%eax - cpuid - # Returns feature bits in ECX. See page 20 of [1]. - # TODO(fork): I think this should be a MOV. - or %ecx,%r9d - and \$0x00000801,%r9d # isolate AMD XOP bit, 1<<11 - - cmp \$0x80000008,%r10d - jb .Lintel - - mov \$0x80000008,%eax - cpuid - # Returns APIC ID and number of cores in ECX. See page 27 of [1]. - movzb %cl,%r10 # number of cores - 1 - inc %r10 # number of cores - - mov \$1,%eax - cpuid - # See page 13 of [1]. - bt \$28,%edx # test hyper-threading bit - jnc .Lgeneric - shr \$16,%ebx # number of logical processors - cmp %r10b,%bl - ja .Lgeneric - and \$0xefffffff,%edx # Clear hyper-threading bit. - jmp .Lgeneric - -.Lintel: - cmp \$4,%r11d - mov \$-1,%r10d - jb .Lnocacheinfo - - mov \$4,%eax - mov \$0,%ecx # query L1D - cpuid - mov %eax,%r10d - shr \$14,%r10d - and \$0xfff,%r10d # number of cores -1 per L1D - - cmp \$7,%r11d - jb .Lnocacheinfo - - mov \$7,%eax - xor %ecx,%ecx - cpuid - mov %ebx,8(%rdi) - -.Lnocacheinfo: - mov \$1,%eax - cpuid - # Gets feature information. See table 3-21 in the Intel manual. - and \$0xbfefffff,%edx # force reserved bits to 0 - cmp \$0,%r9d - jne .Lnotintel - or \$0x40000000,%edx # set reserved bit#30 on Intel CPUs -.Lnotintel: - bt \$28,%edx # test hyper-threading bit - jnc .Lgeneric - and \$0xefffffff,%edx # ~(1<<28) - clear hyper-threading. - cmp \$0,%r10d - je .Lgeneric - - or \$0x10000000,%edx # 1<<28 - shr \$16,%ebx - cmp \$1,%bl # see if cache is shared - ja .Lgeneric - and \$0xefffffff,%edx # ~(1<<28) -.Lgeneric: - and \$0x00000800,%r9d # isolate AMD XOP flag - and \$0xfffff7ff,%ecx - or %ecx,%r9d # merge AMD XOP flag - - mov %edx,%r10d # %r9d:%r10d is copy of %ecx:%edx - bt \$27,%r9d # check OSXSAVE bit - jnc .Lclear_avx - xor %ecx,%ecx # XCR0 - .byte 0x0f,0x01,0xd0 # xgetbv - and \$6,%eax # isolate XMM and YMM state support - cmp \$6,%eax - je .Ldone -.Lclear_avx: - mov \$0xefffe7ff,%eax # ~(1<<28|1<<12|1<<11) - and %eax,%r9d # clear AVX, FMA and AMD XOP bits - andl \$0xffffffdf,8(%rdi) # cleax AVX2, ~(1<<5) -.Ldone: - movl %r9d,4(%rdi) - movl %r10d,0(%rdi) - mov %r8,%rbx # restore %rbx - ret -.size OPENSSL_ia32_cpuid,.-OPENSSL_ia32_cpuid - -___ - -close STDOUT; # flush diff --git a/src/crypto/crypto.c b/src/crypto/crypto.c index d9bb07e..34d04b4 100644 --- a/src/crypto/crypto.c +++ b/src/crypto/crypto.c @@ -55,7 +55,7 @@ uint32_t OPENSSL_ia32cap_P[4] = {0}; #elif defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64) -#include "arm_arch.h" +#include #if defined(__ARM_NEON__) uint32_t OPENSSL_armcap_P = ARMV7_NEON | ARMV7_NEON_FUNCTIONAL; diff --git a/src/crypto/des/CMakeLists.txt b/src/crypto/des/CMakeLists.txt index 7d49ff3..f61fa14 100644 --- a/src/crypto/des/CMakeLists.txt +++ b/src/crypto/des/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( des diff --git a/src/crypto/des/des.c b/src/crypto/des/des.c index 9cd75f5..a5669a6 100644 --- a/src/crypto/des/des.c +++ b/src/crypto/des/des.c @@ -298,10 +298,8 @@ void DES_set_key(const DES_cblock *key, DES_key_schedule *schedule) { 0, 1, 1, 1, 1, 1, 1, 0}; uint32_t c, d, t, s, t2; const uint8_t *in; - uint32_t *k; int i; - k = &schedule->ks->deslong[0]; in = key->bytes; c2l(in, c); @@ -344,10 +342,10 @@ void DES_set_key(const DES_cblock *key, DES_key_schedule *schedule) { /* table contained 0213 4657 */ t2 = ((t << 16L) | (s & 0x0000ffffL)) & 0xffffffffL; - *(k++) = ROTATE(t2, 30) & 0xffffffffL; + schedule->subkeys[i][0] = ROTATE(t2, 30) & 0xffffffffL; t2 = ((s >> 16L) | (t & 0xffff0000L)); - *(k++) = ROTATE(t2, 26) & 0xffffffffL; + schedule->subkeys[i][1] = ROTATE(t2, 26) & 0xffffffffL; } } @@ -382,7 +380,6 @@ void DES_set_odd_parity(DES_cblock *key) { static void DES_encrypt1(uint32_t *data, const DES_key_schedule *ks, int enc) { uint32_t l, r, t, u; - const uint32_t *s; r = data[0]; l = data[1]; @@ -398,43 +395,42 @@ static void DES_encrypt1(uint32_t *data, const DES_key_schedule *ks, int enc) { r = ROTATE(r, 29) & 0xffffffffL; l = ROTATE(l, 29) & 0xffffffffL; - s = ks->ks->deslong; /* I don't know if it is worth the effort of loop unrolling the * inner loop */ if (enc) { - D_ENCRYPT(l, r, 0); /* 1 */ - D_ENCRYPT(r, l, 2); /* 2 */ - D_ENCRYPT(l, r, 4); /* 3 */ - D_ENCRYPT(r, l, 6); /* 4 */ - D_ENCRYPT(l, r, 8); /* 5 */ - D_ENCRYPT(r, l, 10); /* 6 */ - D_ENCRYPT(l, r, 12); /* 7 */ - D_ENCRYPT(r, l, 14); /* 8 */ - D_ENCRYPT(l, r, 16); /* 9 */ - D_ENCRYPT(r, l, 18); /* 10 */ - D_ENCRYPT(l, r, 20); /* 11 */ - D_ENCRYPT(r, l, 22); /* 12 */ - D_ENCRYPT(l, r, 24); /* 13 */ - D_ENCRYPT(r, l, 26); /* 14 */ - D_ENCRYPT(l, r, 28); /* 15 */ - D_ENCRYPT(r, l, 30); /* 16 */ + D_ENCRYPT(ks, l, r, 0); + D_ENCRYPT(ks, r, l, 1); + D_ENCRYPT(ks, l, r, 2); + D_ENCRYPT(ks, r, l, 3); + D_ENCRYPT(ks, l, r, 4); + D_ENCRYPT(ks, r, l, 5); + D_ENCRYPT(ks, l, r, 6); + D_ENCRYPT(ks, r, l, 7); + D_ENCRYPT(ks, l, r, 8); + D_ENCRYPT(ks, r, l, 9); + D_ENCRYPT(ks, l, r, 10); + D_ENCRYPT(ks, r, l, 11); + D_ENCRYPT(ks, l, r, 12); + D_ENCRYPT(ks, r, l, 13); + D_ENCRYPT(ks, l, r, 14); + D_ENCRYPT(ks, r, l, 15); } else { - D_ENCRYPT(l, r, 30); /* 16 */ - D_ENCRYPT(r, l, 28); /* 15 */ - D_ENCRYPT(l, r, 26); /* 14 */ - D_ENCRYPT(r, l, 24); /* 13 */ - D_ENCRYPT(l, r, 22); /* 12 */ - D_ENCRYPT(r, l, 20); /* 11 */ - D_ENCRYPT(l, r, 18); /* 10 */ - D_ENCRYPT(r, l, 16); /* 9 */ - D_ENCRYPT(l, r, 14); /* 8 */ - D_ENCRYPT(r, l, 12); /* 7 */ - D_ENCRYPT(l, r, 10); /* 6 */ - D_ENCRYPT(r, l, 8); /* 5 */ - D_ENCRYPT(l, r, 6); /* 4 */ - D_ENCRYPT(r, l, 4); /* 3 */ - D_ENCRYPT(l, r, 2); /* 2 */ - D_ENCRYPT(r, l, 0); /* 1 */ + D_ENCRYPT(ks, l, r, 15); + D_ENCRYPT(ks, r, l, 14); + D_ENCRYPT(ks, l, r, 13); + D_ENCRYPT(ks, r, l, 12); + D_ENCRYPT(ks, l, r, 11); + D_ENCRYPT(ks, r, l, 10); + D_ENCRYPT(ks, l, r, 9); + D_ENCRYPT(ks, r, l, 8); + D_ENCRYPT(ks, l, r, 7); + D_ENCRYPT(ks, r, l, 6); + D_ENCRYPT(ks, l, r, 5); + D_ENCRYPT(ks, r, l, 4); + D_ENCRYPT(ks, l, r, 3); + D_ENCRYPT(ks, r, l, 2); + D_ENCRYPT(ks, l, r, 1); + D_ENCRYPT(ks, r, l, 0); } /* rotate and clear the top bits on machines with 8byte longs */ @@ -448,7 +444,6 @@ static void DES_encrypt1(uint32_t *data, const DES_key_schedule *ks, int enc) { static void DES_encrypt2(uint32_t *data, const DES_key_schedule *ks, int enc) { uint32_t l, r, t, u; - const uint32_t *s; r = data[0]; l = data[1]; @@ -462,52 +457,51 @@ static void DES_encrypt2(uint32_t *data, const DES_key_schedule *ks, int enc) { r = ROTATE(r, 29) & 0xffffffffL; l = ROTATE(l, 29) & 0xffffffffL; - s = ks->ks->deslong; /* I don't know if it is worth the effort of loop unrolling the * inner loop */ if (enc) { - D_ENCRYPT(l, r, 0); /* 1 */ - D_ENCRYPT(r, l, 2); /* 2 */ - D_ENCRYPT(l, r, 4); /* 3 */ - D_ENCRYPT(r, l, 6); /* 4 */ - D_ENCRYPT(l, r, 8); /* 5 */ - D_ENCRYPT(r, l, 10); /* 6 */ - D_ENCRYPT(l, r, 12); /* 7 */ - D_ENCRYPT(r, l, 14); /* 8 */ - D_ENCRYPT(l, r, 16); /* 9 */ - D_ENCRYPT(r, l, 18); /* 10 */ - D_ENCRYPT(l, r, 20); /* 11 */ - D_ENCRYPT(r, l, 22); /* 12 */ - D_ENCRYPT(l, r, 24); /* 13 */ - D_ENCRYPT(r, l, 26); /* 14 */ - D_ENCRYPT(l, r, 28); /* 15 */ - D_ENCRYPT(r, l, 30); /* 16 */ + D_ENCRYPT(ks, l, r, 0); + D_ENCRYPT(ks, r, l, 1); + D_ENCRYPT(ks, l, r, 2); + D_ENCRYPT(ks, r, l, 3); + D_ENCRYPT(ks, l, r, 4); + D_ENCRYPT(ks, r, l, 5); + D_ENCRYPT(ks, l, r, 6); + D_ENCRYPT(ks, r, l, 7); + D_ENCRYPT(ks, l, r, 8); + D_ENCRYPT(ks, r, l, 9); + D_ENCRYPT(ks, l, r, 10); + D_ENCRYPT(ks, r, l, 11); + D_ENCRYPT(ks, l, r, 12); + D_ENCRYPT(ks, r, l, 13); + D_ENCRYPT(ks, l, r, 14); + D_ENCRYPT(ks, r, l, 15); } else { - D_ENCRYPT(l, r, 30); /* 16 */ - D_ENCRYPT(r, l, 28); /* 15 */ - D_ENCRYPT(l, r, 26); /* 14 */ - D_ENCRYPT(r, l, 24); /* 13 */ - D_ENCRYPT(l, r, 22); /* 12 */ - D_ENCRYPT(r, l, 20); /* 11 */ - D_ENCRYPT(l, r, 18); /* 10 */ - D_ENCRYPT(r, l, 16); /* 9 */ - D_ENCRYPT(l, r, 14); /* 8 */ - D_ENCRYPT(r, l, 12); /* 7 */ - D_ENCRYPT(l, r, 10); /* 6 */ - D_ENCRYPT(r, l, 8); /* 5 */ - D_ENCRYPT(l, r, 6); /* 4 */ - D_ENCRYPT(r, l, 4); /* 3 */ - D_ENCRYPT(l, r, 2); /* 2 */ - D_ENCRYPT(r, l, 0); /* 1 */ + D_ENCRYPT(ks, l, r, 15); + D_ENCRYPT(ks, r, l, 14); + D_ENCRYPT(ks, l, r, 13); + D_ENCRYPT(ks, r, l, 12); + D_ENCRYPT(ks, l, r, 11); + D_ENCRYPT(ks, r, l, 10); + D_ENCRYPT(ks, l, r, 9); + D_ENCRYPT(ks, r, l, 8); + D_ENCRYPT(ks, l, r, 7); + D_ENCRYPT(ks, r, l, 6); + D_ENCRYPT(ks, l, r, 5); + D_ENCRYPT(ks, r, l, 4); + D_ENCRYPT(ks, l, r, 3); + D_ENCRYPT(ks, r, l, 2); + D_ENCRYPT(ks, l, r, 1); + D_ENCRYPT(ks, r, l, 0); } /* rotate and clear the top bits on machines with 8byte longs */ data[0] = ROTATE(l, 3) & 0xffffffffL; data[1] = ROTATE(r, 3) & 0xffffffffL; } -static void DES_encrypt3(uint32_t *data, const DES_key_schedule *ks1, - const DES_key_schedule *ks2, - const DES_key_schedule *ks3) { +/* DES_encrypt3 is not static because it's used in decrepit. */ +void DES_encrypt3(uint32_t *data, const DES_key_schedule *ks1, + const DES_key_schedule *ks2, const DES_key_schedule *ks3) { uint32_t l, r; l = data[0]; @@ -525,9 +519,9 @@ static void DES_encrypt3(uint32_t *data, const DES_key_schedule *ks1, data[1] = r; } -static void DES_decrypt3(uint32_t *data, const DES_key_schedule *ks1, - const DES_key_schedule *ks2, - const DES_key_schedule *ks3) { +/* DES_decrypt3 is not static because it's used in decrepit. */ +void DES_decrypt3(uint32_t *data, const DES_key_schedule *ks1, + const DES_key_schedule *ks2, const DES_key_schedule *ks3) { uint32_t l, r; l = data[0]; @@ -770,3 +764,10 @@ void DES_ede2_cbc_encrypt(const uint8_t *in, uint8_t *out, size_t len, int enc) { DES_ede3_cbc_encrypt(in, out, len, ks1, ks2, ks1, ivec, enc); } + + +/* Deprecated functions. */ + +void DES_set_key_unchecked(const DES_cblock *key, DES_key_schedule *schedule) { + DES_set_key(key, schedule); +} diff --git a/src/crypto/des/internal.h b/src/crypto/des/internal.h index d3a5cec..91559ff 100644 --- a/src/crypto/des/internal.h +++ b/src/crypto/des/internal.h @@ -183,13 +183,13 @@ how to use xors :-) I got it to its final state. PERM_OP(l, r, tt, 4, 0x0f0f0f0fL); \ } -#define LOAD_DATA(R, S, u, t, E0, E1) \ - u = R ^ s[S]; \ - t = R ^ s[S + 1] +#define LOAD_DATA(ks, R, S, u, t, E0, E1) \ + u = R ^ ks->subkeys[S][0]; \ + t = R ^ ks->subkeys[S][1] -#define D_ENCRYPT(LL, R, S) \ +#define D_ENCRYPT(ks, LL, R, S) \ { \ - LOAD_DATA(R, S, u, t, E0, E1); \ + LOAD_DATA(ks, R, S, u, t, E0, E1); \ t = ROTATE(t, 4); \ LL ^= \ DES_SPtrans[0][(u >> 2L) & 0x3f] ^ DES_SPtrans[2][(u >> 10L) & 0x3f] ^ \ diff --git a/src/crypto/dh/CMakeLists.txt b/src/crypto/dh/CMakeLists.txt index d0c1da7..1a46512 100644 --- a/src/crypto/dh/CMakeLists.txt +++ b/src/crypto/dh/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( dh diff --git a/src/crypto/dh/dh.c b/src/crypto/dh/dh.c index 96b85f3..d25f358 100644 --- a/src/crypto/dh/dh.c +++ b/src/crypto/dh/dh.c @@ -78,7 +78,7 @@ DH *DH_new(void) { return DH_new_method(NULL); } DH *DH_new_method(const ENGINE *engine) { DH *dh = (DH *)OPENSSL_malloc(sizeof(DH)); if (dh == NULL) { - OPENSSL_PUT_ERROR(DH, DH_new_method, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(DH, ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/src/crypto/dh/dh_impl.c b/src/crypto/dh/dh_impl.c index f269412..6cf0abb 100644 --- a/src/crypto/dh/dh_impl.c +++ b/src/crypto/dh/dh_impl.c @@ -117,7 +117,7 @@ static int generate_parameters(DH *ret, int prime_bits, int generator, BN_GENCB } if (generator <= 1) { - OPENSSL_PUT_ERROR(DH, generate_parameters, DH_R_BAD_GENERATOR); + OPENSSL_PUT_ERROR(DH, DH_R_BAD_GENERATOR); goto err; } if (generator == DH_GENERATOR_2) { @@ -165,7 +165,7 @@ static int generate_parameters(DH *ret, int prime_bits, int generator, BN_GENCB err: if (!ok) { - OPENSSL_PUT_ERROR(DH, generate_parameters, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(DH, ERR_R_BN_LIB); } if (ctx != NULL) { @@ -242,7 +242,7 @@ static int generate_key(DH *dh) { err: if (ok != 1) { - OPENSSL_PUT_ERROR(DH, generate_key, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(DH, ERR_R_BN_LIB); } if (dh->pub_key == NULL) { @@ -264,7 +264,7 @@ static int compute_key(DH *dh, unsigned char *out, const BIGNUM *pub_key) { BIGNUM local_priv; if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) { - OPENSSL_PUT_ERROR(DH, compute_key, DH_R_MODULUS_TOO_LARGE); + OPENSSL_PUT_ERROR(DH, DH_R_MODULUS_TOO_LARGE); goto err; } @@ -279,7 +279,7 @@ static int compute_key(DH *dh, unsigned char *out, const BIGNUM *pub_key) { } if (dh->priv_key == NULL) { - OPENSSL_PUT_ERROR(DH, compute_key, DH_R_NO_PRIVATE_VALUE); + OPENSSL_PUT_ERROR(DH, DH_R_NO_PRIVATE_VALUE); goto err; } @@ -290,14 +290,14 @@ static int compute_key(DH *dh, unsigned char *out, const BIGNUM *pub_key) { } if (!DH_check_pub_key(dh, pub_key, &check_result) || check_result) { - OPENSSL_PUT_ERROR(DH, compute_key, DH_R_INVALID_PUBKEY); + OPENSSL_PUT_ERROR(DH, DH_R_INVALID_PUBKEY); goto err; } BN_with_flags(&local_priv, dh->priv_key, BN_FLG_CONSTTIME); if (!BN_mod_exp_mont(shared_key, pub_key, &local_priv, dh->p, ctx, mont)) { - OPENSSL_PUT_ERROR(DH, compute_key, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(DH, ERR_R_BN_LIB); goto err; } diff --git a/src/crypto/digest/CMakeLists.txt b/src/crypto/digest/CMakeLists.txt index 816d116..856e45a 100644 --- a/src/crypto/digest/CMakeLists.txt +++ b/src/crypto/digest/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( digest diff --git a/src/crypto/digest/digest.c b/src/crypto/digest/digest.c index f09948b..eb71b07 100644 --- a/src/crypto/digest/digest.c +++ b/src/crypto/digest/digest.c @@ -116,8 +116,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) { uint8_t *tmp_buf = NULL; if (in == NULL || in->digest == NULL) { - OPENSSL_PUT_ERROR(DIGEST, EVP_MD_CTX_copy_ex, - DIGEST_R_INPUT_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(DIGEST, DIGEST_R_INPUT_NOT_INITIALIZED); return 0; } @@ -130,15 +129,15 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) { } EVP_MD_CTX_cleanup(out); - memcpy(out, in, sizeof(EVP_MD_CTX)); + out->digest = in->digest; if (in->md_data && in->digest->ctx_size) { if (tmp_buf) { out->md_data = tmp_buf; } else { out->md_data = OPENSSL_malloc(in->digest->ctx_size); if (!out->md_data) { - OPENSSL_PUT_ERROR(DIGEST, EVP_MD_CTX_copy_ex, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(DIGEST, ERR_R_MALLOC_FAILURE); return 0; } } @@ -146,6 +145,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) { } assert(in->pctx == NULL || in->pctx_ops != NULL); + out->pctx_ops = in->pctx_ops; if (in->pctx && in->pctx_ops) { out->pctx = in->pctx_ops->dup(in->pctx); if (!out->pctx) { @@ -164,30 +164,20 @@ int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in) { int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *engine) { if (ctx->digest != type) { - if (ctx->digest && ctx->digest->ctx_size) { + if (ctx->digest && ctx->digest->ctx_size > 0) { OPENSSL_free(ctx->md_data); } ctx->digest = type; - if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) { - ctx->update = type->update; + if (type->ctx_size > 0) { ctx->md_data = OPENSSL_malloc(type->ctx_size); if (ctx->md_data == NULL) { - OPENSSL_PUT_ERROR(DIGEST, EVP_DigestInit_ex, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(DIGEST, ERR_R_MALLOC_FAILURE); return 0; } } } assert(ctx->pctx == NULL || ctx->pctx_ops != NULL); - if (ctx->pctx_ops) { - if (!ctx->pctx_ops->begin_digest(ctx)) { - return 0; - } - } - - if (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) { - return 1; - } ctx->digest->init(ctx); return 1; @@ -199,7 +189,7 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) { } int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t len) { - ctx->update(ctx, data, len); + ctx->digest->update(ctx, data, len); return 1; } @@ -214,7 +204,7 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, uint8_t *md_out, unsigned int *size) { } int EVP_DigestFinal(EVP_MD_CTX *ctx, uint8_t *md, unsigned int *size) { - EVP_DigestFinal_ex(ctx, md, size); + (void)EVP_DigestFinal_ex(ctx, md, size); EVP_MD_CTX_cleanup(ctx); return 1; } @@ -253,10 +243,6 @@ int EVP_MD_CTX_type(const EVP_MD_CTX *ctx) { return EVP_MD_type(EVP_MD_CTX_md(ctx)); } -void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, uint32_t flags) { - ctx->flags |= flags; -} - int EVP_add_digest(const EVP_MD *digest) { return 1; } diff --git a/src/crypto/digest/digests.c b/src/crypto/digest/digests.c index f5eda36..3307f26 100644 --- a/src/crypto/digest/digests.c +++ b/src/crypto/digest/digests.c @@ -67,7 +67,7 @@ #include "internal.h" #if defined(NDEBUG) -#define CHECK(x) x +#define CHECK(x) (void) (x) #else #define CHECK(x) assert(x) #endif @@ -262,6 +262,7 @@ struct nid_to_digest { }; static const struct nid_to_digest nid_to_digest_mapping[] = { + { NID_md4, EVP_md4, SN_md4, LN_md4 }, { NID_md5, EVP_md5, SN_md5, LN_md5 }, { NID_sha1, EVP_sha1, SN_sha1, LN_sha1 }, { NID_sha224, EVP_sha224, SN_sha224, LN_sha224 }, diff --git a/src/crypto/digest/internal.h b/src/crypto/digest/internal.h index 1572fa8..e3d812a 100644 --- a/src/crypto/digest/internal.h +++ b/src/crypto/digest/internal.h @@ -92,7 +92,7 @@ struct env_md_st { }; /* evp_md_pctx_ops contains function pointers to allow the |pctx| member of - * |EVP_MD_CTX| to be manipulated without breaking laying by calling EVP + * |EVP_MD_CTX| to be manipulated without breaking layering by calling EVP * functions. */ struct evp_md_pctx_ops { /* free is called when an |EVP_MD_CTX| is being freed and the |pctx| also @@ -102,23 +102,8 @@ struct evp_md_pctx_ops { /* dup is called when an |EVP_MD_CTX| is copied and so the |pctx| also needs * to be copied. */ EVP_PKEY_CTX* (*dup) (EVP_PKEY_CTX *pctx); - - /* begin_digest is called when a new digest operation is started. It returns - * one on success and zero otherwise. */ - int (*begin_digest) (EVP_MD_CTX *ctx); }; -/* EVP_MD_CTX_set_flags ORs |flags| into the flags member of |ctx|. */ -OPENSSL_EXPORT void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, uint32_t flags); - -/* EVP_MD_CTX_FLAG_NO_INIT causes the |EVP_MD|'s |init| function not to be - * called, the |update| member not to be copied from the |EVP_MD| in - * |EVP_DigestInit_ex| and for |md_data| not to be initialised. - * - * TODO(davidben): This is an implementation detail of |EVP_PKEY_HMAC| and can - * be removed when it is gone. */ -#define EVP_MD_CTX_FLAG_NO_INIT 1 - #if defined(__cplusplus) } /* extern C */ diff --git a/src/crypto/dsa/CMakeLists.txt b/src/crypto/dsa/CMakeLists.txt index 1bb8b63..e8b7793 100644 --- a/src/crypto/dsa/CMakeLists.txt +++ b/src/crypto/dsa/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( dsa diff --git a/src/crypto/dsa/dsa.c b/src/crypto/dsa/dsa.c index 65444b1..3ff29c4 100644 --- a/src/crypto/dsa/dsa.c +++ b/src/crypto/dsa/dsa.c @@ -82,7 +82,7 @@ DSA *DSA_new(void) { return DSA_new_method(NULL); } DSA *DSA_new_method(const ENGINE *engine) { DSA *dsa = (DSA *)OPENSSL_malloc(sizeof(DSA)); if (dsa == NULL) { - OPENSSL_PUT_ERROR(DSA, DSA_new_method, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(DSA, ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/src/crypto/dsa/dsa_asn1.c b/src/crypto/dsa/dsa_asn1.c index 933fba7..b6b3fa4 100644 --- a/src/crypto/dsa/dsa_asn1.c +++ b/src/crypto/dsa/dsa_asn1.c @@ -73,7 +73,7 @@ static int dsa_sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, DSA_SIG *sig; sig = OPENSSL_malloc(sizeof(DSA_SIG)); if (!sig) { - OPENSSL_PUT_ERROR(DSA, dsa_sig_cb, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(DSA, ERR_R_MALLOC_FAILURE); return 0; } diff --git a/src/crypto/dsa/dsa_impl.c b/src/crypto/dsa/dsa_impl.c index 2ab8ba8..b10610d 100644 --- a/src/crypto/dsa/dsa_impl.c +++ b/src/crypto/dsa/dsa_impl.c @@ -83,7 +83,7 @@ static int sign_setup(const DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, int ret = 0; if (!dsa->p || !dsa->q || !dsa->g) { - OPENSSL_PUT_ERROR(DSA, sign_setup, DSA_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(DSA, DSA_R_MISSING_PARAMETERS); return 0; } @@ -171,7 +171,7 @@ static int sign_setup(const DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, err: if (!ret) { - OPENSSL_PUT_ERROR(DSA, sign_setup, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(DSA, ERR_R_BN_LIB); if (r != NULL) { BN_clear_free(r); } @@ -269,7 +269,7 @@ redo: err: if (!ret) { - OPENSSL_PUT_ERROR(DSA, sign, reason); + OPENSSL_PUT_ERROR(DSA, reason); BN_free(r); BN_free(s); } @@ -292,19 +292,19 @@ static int verify(int *out_valid, const uint8_t *dgst, size_t digest_len, *out_valid = 0; if (!dsa->p || !dsa->q || !dsa->g) { - OPENSSL_PUT_ERROR(DSA, verify, DSA_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(DSA, DSA_R_MISSING_PARAMETERS); return 0; } i = BN_num_bits(dsa->q); /* fips 186-3 allows only different sizes for q */ if (i != 160 && i != 224 && i != 256) { - OPENSSL_PUT_ERROR(DSA, verify, DSA_R_BAD_Q_VALUE); + OPENSSL_PUT_ERROR(DSA, DSA_R_BAD_Q_VALUE); return 0; } if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) { - OPENSSL_PUT_ERROR(DSA, verify, DSA_R_MODULUS_TOO_LARGE); + OPENSSL_PUT_ERROR(DSA, DSA_R_MODULUS_TOO_LARGE); return 0; } @@ -381,7 +381,7 @@ static int verify(int *out_valid, const uint8_t *dgst, size_t digest_len, err: if (ret != 1) { - OPENSSL_PUT_ERROR(DSA, verify, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(DSA, ERR_R_BN_LIB); } BN_CTX_free(ctx); BN_free(&u1); @@ -487,16 +487,14 @@ static int paramgen(DSA *ret, unsigned bits, const uint8_t *seed_in, bits = (bits + 63) / 64 * 64; - /* NB: seed_len == 0 is special case: copy generated seed to - * seed_in if it is not NULL. */ - if (seed_len && (seed_len < (size_t)qsize)) { - seed_in = NULL; /* seed buffer too small -- ignore */ - } - if (seed_len > (size_t)qsize) { - seed_len = qsize; /* App. 2.2 of FIPS PUB 186 allows larger SEED, - * but our internal buffers are restricted to 160 bits*/ - } if (seed_in != NULL) { + if (seed_len < (size_t)qsize) { + return 0; + } + if (seed_len > (size_t)qsize) { + /* Only consume as much seed as is expected. */ + seed_len = qsize; + } memcpy(seed, seed_in, seed_len); } @@ -527,21 +525,19 @@ static int paramgen(DSA *ret, unsigned bits, const uint8_t *seed_in, for (;;) { /* Find q. */ for (;;) { - int seed_is_random; - /* step 1 */ if (!BN_GENCB_call(cb, 0, m++)) { goto err; } - if (!seed_len) { + int use_random_seed = (seed_in == NULL); + if (use_random_seed) { if (!RAND_bytes(seed, qsize)) { goto err; } - seed_is_random = 1; } else { - seed_is_random = 0; - seed_len = 0; /* use random seed if 'seed_in' turns out to be bad*/ + /* If we come back through, use random seed next time. */ + seed_in = NULL; } memcpy(buf, seed, qsize); memcpy(buf2, seed, qsize); @@ -570,7 +566,7 @@ static int paramgen(DSA *ret, unsigned bits, const uint8_t *seed_in, } /* step 4 */ - r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx, seed_is_random, cb); + r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx, use_random_seed, cb); if (r > 0) { break; } diff --git a/src/crypto/ec/CMakeLists.txt b/src/crypto/ec/CMakeLists.txt index b5ebefa..38a91f8 100644 --- a/src/crypto/ec/CMakeLists.txt +++ b/src/crypto/ec/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( ec diff --git a/src/crypto/ec/ec.c b/src/crypto/ec/ec.c index f38eba6..3117f16 100644 --- a/src/crypto/ec/ec.c +++ b/src/crypto/ec/ec.c @@ -222,7 +222,11 @@ const struct built_in_curve OPENSSL_built_in_curves[] = { {NID_secp224r1, &P224, 0}, { NID_X9_62_prime256v1, &P256, -#if defined(OPENSSL_64_BIT) && !defined(OPENSSL_WINDOWS) + /* MSAN appears to have a bug that causes this P-256 code to be miscompiled + * in opt mode. While that is being looked at, don't run the uint128_t + * P-256 code under MSAN for now. */ +#if defined(OPENSSL_64_BIT) && !defined(OPENSSL_WINDOWS) && \ + !defined(MEMORY_SANITIZER) EC_GFp_nistp256_method, #else 0, @@ -237,18 +241,18 @@ EC_GROUP *ec_group_new(const EC_METHOD *meth) { EC_GROUP *ret; if (meth == NULL) { - OPENSSL_PUT_ERROR(EC, ec_group_new, EC_R_SLOT_FULL); + OPENSSL_PUT_ERROR(EC, EC_R_SLOT_FULL); return NULL; } if (meth->group_init == 0) { - OPENSSL_PUT_ERROR(EC, ec_group_new, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return NULL; } ret = OPENSSL_malloc(sizeof(EC_GROUP)); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, ec_group_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); return NULL; } memset(ret, 0, sizeof(EC_GROUP)); @@ -276,8 +280,7 @@ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, } if (ret->meth->group_set_curve == 0) { - OPENSSL_PUT_ERROR(EC, EC_GROUP_new_curve_GFp, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (!ret->meth->group_set_curve(ret, p, a, b, ctx)) { @@ -329,7 +332,7 @@ static EC_GROUP *ec_group_new_from_data(const struct built_in_curve *curve) { EC_GROUP *group = NULL; EC_POINT *P = NULL; BN_CTX *ctx = NULL; - BIGNUM *p = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL, *order = NULL; + BIGNUM *p = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL; int ok = 0; unsigned param_len; const EC_METHOD *meth; @@ -337,7 +340,7 @@ static EC_GROUP *ec_group_new_from_data(const struct built_in_curve *curve) { const uint8_t *params; if ((ctx = BN_CTX_new()) == NULL) { - OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } @@ -348,7 +351,7 @@ static EC_GROUP *ec_group_new_from_data(const struct built_in_curve *curve) { if (!(p = BN_bin2bn(params + 0 * param_len, param_len, NULL)) || !(a = BN_bin2bn(params + 1 * param_len, param_len, NULL)) || !(b = BN_bin2bn(params + 2 * param_len, param_len, NULL))) { - OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); goto err; } @@ -356,45 +359,39 @@ static EC_GROUP *ec_group_new_from_data(const struct built_in_curve *curve) { meth = curve->method(); if (((group = ec_group_new(meth)) == NULL) || (!(group->meth->group_set_curve(group, p, a, b, ctx)))) { - OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } } else { if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL) { - OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } } if ((P = EC_POINT_new(group)) == NULL) { - OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } if (!(x = BN_bin2bn(params + 3 * param_len, param_len, NULL)) || !(y = BN_bin2bn(params + 4 * param_len, param_len, NULL))) { - OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); goto err; } if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx)) { - OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } - if (!(order = BN_bin2bn(params + 5 * param_len, param_len, NULL)) || - !BN_set_word(x, (BN_ULONG)data->cofactor)) { - OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_BN_LIB); + if (!BN_bin2bn(params + 5 * param_len, param_len, &group->order) || + !BN_set_word(&group->cofactor, (BN_ULONG)data->cofactor)) { + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); goto err; } group->generator = P; P = NULL; - if (!BN_copy(&group->order, order) || - !BN_set_word(&group->cofactor, (BN_ULONG)data->cofactor)) { - OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_BN_LIB); - goto err; - } - ok = 1; err: @@ -407,7 +404,6 @@ err: BN_free(p); BN_free(a); BN_free(b); - BN_free(order); BN_free(x); BN_free(y); return group; @@ -427,7 +423,7 @@ EC_GROUP *EC_GROUP_new_by_curve_name(int nid) { } if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, EC_GROUP_new_by_curve_name, EC_R_UNKNOWN_GROUP); + OPENSSL_PUT_ERROR(EC, EC_R_UNKNOWN_GROUP); return NULL; } @@ -455,11 +451,11 @@ void EC_GROUP_free(EC_GROUP *group) { int ec_group_copy(EC_GROUP *dest, const EC_GROUP *src) { if (dest->meth->group_copy == 0) { - OPENSSL_PUT_ERROR(EC, EC_GROUP_copy, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (dest->meth != src->meth) { - OPENSSL_PUT_ERROR(EC, EC_GROUP_copy, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } if (dest == src) { @@ -554,8 +550,7 @@ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *out_p, BIGNUM *out_a, BIGNUM *out_b, BN_CTX *ctx) { if (group->meth->group_get_curve == 0) { - OPENSSL_PUT_ERROR(EC, EC_GROUP_get_curve_GFp, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } return group->meth->group_get_curve(group, out_p, out_a, out_b, ctx); @@ -565,8 +560,7 @@ int EC_GROUP_get_curve_name(const EC_GROUP *group) { return group->curve_name; } int EC_GROUP_get_degree(const EC_GROUP *group) { if (group->meth->group_get_degree == 0) { - OPENSSL_PUT_ERROR(EC, EC_GROUP_get_degree, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } return group->meth->group_get_degree(group); @@ -602,17 +596,17 @@ EC_POINT *EC_POINT_new(const EC_GROUP *group) { EC_POINT *ret; if (group == NULL) { - OPENSSL_PUT_ERROR(EC, EC_POINT_new, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return NULL; } if (group->meth->point_init == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINT_new, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return NULL; } ret = OPENSSL_malloc(sizeof *ret); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, EC_POINT_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); return NULL; } @@ -653,11 +647,11 @@ void EC_POINT_clear_free(EC_POINT *point) { int EC_POINT_copy(EC_POINT *dest, const EC_POINT *src) { if (dest->meth->point_copy == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINT_copy, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (dest->meth != src->meth) { - OPENSSL_PUT_ERROR(EC, EC_POINT_copy, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } if (dest == src) { @@ -676,7 +670,7 @@ EC_POINT *EC_POINT_dup(const EC_POINT *a, const EC_GROUP *group) { t = EC_POINT_new(group); if (t == NULL) { - OPENSSL_PUT_ERROR(EC, EC_POINT_dup, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); return NULL; } r = EC_POINT_copy(t, a); @@ -690,12 +684,11 @@ EC_POINT *EC_POINT_dup(const EC_POINT *a, const EC_GROUP *group) { int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point) { if (group->meth->point_set_to_infinity == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINT_set_to_infinity, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_POINT_set_to_infinity, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->point_set_to_infinity(group, point); @@ -703,12 +696,11 @@ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point) { int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *point) { if (group->meth->is_at_infinity == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINT_is_at_infinity, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_POINT_is_at_infinity, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->is_at_infinity(group, point); @@ -717,12 +709,11 @@ int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *point) { int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx) { if (group->meth->is_on_curve == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINT_is_on_curve, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_POINT_is_on_curve, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->is_on_curve(group, point, ctx); @@ -731,11 +722,11 @@ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx) { if (group->meth->point_cmp == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINT_cmp, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return -1; } if ((group->meth != a->meth) || (a->meth != b->meth)) { - OPENSSL_PUT_ERROR(EC, EC_POINT_cmp, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return -1; } return group->meth->point_cmp(group, a, b, ctx); @@ -743,12 +734,11 @@ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx) { if (group->meth->make_affine == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINT_make_affine, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_POINT_make_affine, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->make_affine(group, point, ctx); @@ -759,13 +749,12 @@ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], size_t i; if (group->meth->points_make_affine == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINTs_make_affine, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } for (i = 0; i < num; i++) { if (group->meth != points[i]->meth) { - OPENSSL_PUT_ERROR(EC, EC_POINTs_make_affine, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } } @@ -776,13 +765,11 @@ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, const EC_POINT *point, BIGNUM *x, BIGNUM *y, BN_CTX *ctx) { if (group->meth->point_get_affine_coordinates == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINT_get_affine_coordinates_GFp, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_POINT_get_affine_coordinates_GFp, - EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->point_get_affine_coordinates(group, point, x, y, ctx); @@ -792,13 +779,11 @@ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx) { if (group->meth->point_set_affine_coordinates == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINT_set_affine_coordinates_GFp, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_POINT_set_affine_coordinates_GFp, - EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->point_set_affine_coordinates(group, point, x, y, ctx); @@ -807,12 +792,12 @@ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx) { if (group->meth->add == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINT_add, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if ((group->meth != r->meth) || (r->meth != a->meth) || (a->meth != b->meth)) { - OPENSSL_PUT_ERROR(EC, EC_POINT_add, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->add(group, r, a, b, ctx); @@ -822,11 +807,11 @@ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx) { if (group->meth->dbl == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINT_dbl, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if ((group->meth != r->meth) || (r->meth != a->meth)) { - OPENSSL_PUT_ERROR(EC, EC_POINT_dbl, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->dbl(group, r, a, ctx); @@ -835,11 +820,11 @@ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx) { if (group->meth->invert == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINT_invert, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != a->meth) { - OPENSSL_PUT_ERROR(EC, EC_POINT_invert, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->invert(group, a, ctx); @@ -874,13 +859,11 @@ int ec_point_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *po const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx) { if (group->meth->point_set_Jprojective_coordinates_GFp == 0) { - OPENSSL_PUT_ERROR(EC, ec_point_set_Jprojective_coordinates_GFp, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, ec_point_set_Jprojective_coordinates_GFp, - EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->point_set_Jprojective_coordinates_GFp(group, point, x, y, diff --git a/src/crypto/ec/ec_asn1.c b/src/crypto/ec/ec_asn1.c index ff3dca6..31d8944 100644 --- a/src/crypto/ec/ec_asn1.c +++ b/src/crypto/ec/ec_asn1.c @@ -168,7 +168,7 @@ ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *group, if (ret == NULL) { ret = ECPKPARAMETERS_new(); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, ec_asn1_group2pkparameters, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); return NULL; } } else { @@ -196,7 +196,7 @@ EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *params) { int nid = NID_undef; if (params == NULL) { - OPENSSL_PUT_ERROR(EC, ec_asn1_pkparameters2group, EC_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(EC, EC_R_MISSING_PARAMETERS); return NULL; } @@ -222,14 +222,13 @@ EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *params) { } if (nid == NID_undef) { - OPENSSL_PUT_ERROR(EC, ec_asn1_pkparameters2group, EC_R_NON_NAMED_CURVE); + OPENSSL_PUT_ERROR(EC, EC_R_NON_NAMED_CURVE); return NULL; } ret = EC_GROUP_new_by_curve_name(nid); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, ec_asn1_pkparameters2group, - EC_R_EC_GROUP_NEW_BY_NAME_FAILURE); + OPENSSL_PUT_ERROR(EC, EC_R_EC_GROUP_NEW_BY_NAME_FAILURE); return NULL; } @@ -243,14 +242,14 @@ static EC_GROUP *d2i_ECPKParameters(EC_GROUP **groupp, const uint8_t **inp, params = d2i_ECPKPARAMETERS(NULL, inp, len); if (params == NULL) { - OPENSSL_PUT_ERROR(EC, d2i_ECPKParameters, EC_R_D2I_ECPKPARAMETERS_FAILURE); + OPENSSL_PUT_ERROR(EC, EC_R_D2I_ECPKPARAMETERS_FAILURE); ECPKPARAMETERS_free(params); return NULL; } group = ec_asn1_pkparameters2group(params); if (group == NULL) { - OPENSSL_PUT_ERROR(EC, d2i_ECPKParameters, EC_R_PKPARAMETERS2GROUP_FAILURE); + OPENSSL_PUT_ERROR(EC, EC_R_PKPARAMETERS2GROUP_FAILURE); ECPKPARAMETERS_free(params); return NULL; } @@ -268,12 +267,12 @@ static int i2d_ECPKParameters(const EC_GROUP *group, uint8_t **outp) { int ret = 0; ECPKPARAMETERS *tmp = ec_asn1_group2pkparameters(group, NULL); if (tmp == NULL) { - OPENSSL_PUT_ERROR(EC, i2d_ECPKParameters, EC_R_GROUP2PKPARAMETERS_FAILURE); + OPENSSL_PUT_ERROR(EC, EC_R_GROUP2PKPARAMETERS_FAILURE); return 0; } ret = i2d_ECPKPARAMETERS(tmp, outp); if (ret == 0) { - OPENSSL_PUT_ERROR(EC, i2d_ECPKParameters, EC_R_I2D_ECPKPARAMETERS_FAILURE); + OPENSSL_PUT_ERROR(EC, EC_R_I2D_ECPKPARAMETERS_FAILURE); ECPKPARAMETERS_free(tmp); return 0; } @@ -288,14 +287,14 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const uint8_t **in, long len) { priv_key = d2i_EC_PRIVATEKEY(NULL, in, len); if (priv_key == NULL) { - OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); return NULL; } if (a == NULL || *a == NULL) { ret = EC_KEY_new(); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } } else { @@ -308,7 +307,7 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const uint8_t **in, long len) { } if (ret->group == NULL) { - OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } @@ -319,18 +318,18 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const uint8_t **in, long len) { BN_bin2bn(M_ASN1_STRING_data(priv_key->privateKey), M_ASN1_STRING_length(priv_key->privateKey), ret->priv_key); if (ret->priv_key == NULL) { - OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); goto err; } } else { - OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, EC_R_MISSING_PRIVATE_KEY); + OPENSSL_PUT_ERROR(EC, EC_R_MISSING_PRIVATE_KEY); goto err; } EC_POINT_free(ret->pub_key); ret->pub_key = EC_POINT_new(ret->group); if (ret->pub_key == NULL) { - OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } @@ -342,20 +341,20 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const uint8_t **in, long len) { pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey); /* The first byte (the point conversion form) must be present. */ if (pub_oct_len <= 0) { - OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, EC_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EC, EC_R_BUFFER_TOO_SMALL); goto err; } /* Save the point conversion form. */ ret->conv_form = (point_conversion_form_t)(pub_oct[0] & ~0x01); if (!EC_POINT_oct2point(ret->group, ret->pub_key, pub_oct, pub_oct_len, NULL)) { - OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } } else { if (!EC_POINT_mul(ret->group, ret->pub_key, ret->priv_key, NULL, NULL, NULL)) { - OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } /* Remember the original private-key-only encoding. */ @@ -387,13 +386,13 @@ int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { EC_PRIVATEKEY *priv_key = NULL; if (key == NULL || key->group == NULL || key->priv_key == NULL) { - OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); goto err; } priv_key = EC_PRIVATEKEY_new(); if (priv_key == NULL) { - OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } @@ -402,17 +401,17 @@ int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { buf_len = BN_num_bytes(&key->group->order); buffer = OPENSSL_malloc(buf_len); if (buffer == NULL) { - OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } if (!BN_bn2bin_padded(buffer, buf_len, key->priv_key)) { - OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); goto err; } if (!M_ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len)) { - OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_ASN1_LIB); goto err; } @@ -420,7 +419,7 @@ int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { if (!(key->enc_flag & EC_PKEY_NO_PARAMETERS)) { if ((priv_key->parameters = ec_asn1_group2pkparameters( key->group, priv_key->parameters)) == NULL) { - OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } } @@ -429,7 +428,7 @@ int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { if (!(key->enc_flag & EC_PKEY_NO_PUBKEY) && key->pub_key != NULL) { priv_key->publicKey = M_ASN1_BIT_STRING_new(); if (priv_key->publicKey == NULL) { - OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } @@ -439,7 +438,7 @@ int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { if (tmp_len > buf_len) { uint8_t *tmp_buffer = OPENSSL_realloc(buffer, tmp_len); if (!tmp_buffer) { - OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } buffer = tmp_buffer; @@ -448,21 +447,21 @@ int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { if (!EC_POINT_point2oct(key->group, key->pub_key, key->conv_form, buffer, buf_len, NULL)) { - OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } priv_key->publicKey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); priv_key->publicKey->flags |= ASN1_STRING_FLAG_BITS_LEFT; if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer, buf_len)) { - OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_ASN1_LIB); goto err; } } ret = i2d_EC_PRIVATEKEY(priv_key, outp); if (ret == 0) { - OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } ok = 1; @@ -475,7 +474,7 @@ err: int i2d_ECParameters(const EC_KEY *key, uint8_t **outp) { if (key == NULL) { - OPENSSL_PUT_ERROR(EC, i2d_ECParameters, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return 0; } return i2d_ECPKParameters(key->group, outp); @@ -485,14 +484,14 @@ EC_KEY *d2i_ECParameters(EC_KEY **key, const uint8_t **inp, long len) { EC_KEY *ret; if (inp == NULL || *inp == NULL) { - OPENSSL_PUT_ERROR(EC, d2i_ECParameters, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return NULL; } if (key == NULL || *key == NULL) { ret = EC_KEY_new(); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, d2i_ECParameters, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); return NULL; } } else { @@ -500,7 +499,7 @@ EC_KEY *d2i_ECParameters(EC_KEY **key, const uint8_t **inp, long len) { } if (!d2i_ECPKParameters(&ret->group, inp, len)) { - OPENSSL_PUT_ERROR(EC, d2i_ECParameters, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); if (key == NULL || *key == NULL) { EC_KEY_free(ret); } @@ -517,17 +516,17 @@ EC_KEY *o2i_ECPublicKey(EC_KEY **keyp, const uint8_t **inp, long len) { EC_KEY *ret = NULL; if (keyp == NULL || *keyp == NULL || (*keyp)->group == NULL) { - OPENSSL_PUT_ERROR(EC, o2i_ECPublicKey, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return 0; } ret = *keyp; if (ret->pub_key == NULL && (ret->pub_key = EC_POINT_new(ret->group)) == NULL) { - OPENSSL_PUT_ERROR(EC, o2i_ECPublicKey, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); return 0; } if (!EC_POINT_oct2point(ret->group, ret->pub_key, *inp, len, NULL)) { - OPENSSL_PUT_ERROR(EC, o2i_ECPublicKey, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); return 0; } /* save the point conversion form */ @@ -541,7 +540,7 @@ int i2o_ECPublicKey(const EC_KEY *key, uint8_t **outp) { int new_buffer = 0; if (key == NULL) { - OPENSSL_PUT_ERROR(EC, i2o_ECPublicKey, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return 0; } @@ -556,14 +555,14 @@ int i2o_ECPublicKey(const EC_KEY *key, uint8_t **outp) { if (*outp == NULL) { *outp = OPENSSL_malloc(buf_len); if (*outp == NULL) { - OPENSSL_PUT_ERROR(EC, i2o_ECPublicKey, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); return 0; } new_buffer = 1; } if (!EC_POINT_point2oct(key->group, key->pub_key, key->conv_form, *outp, buf_len, NULL)) { - OPENSSL_PUT_ERROR(EC, i2o_ECPublicKey, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); if (new_buffer) { OPENSSL_free(*outp); *outp = NULL; diff --git a/src/crypto/ec/ec_key.c b/src/crypto/ec/ec_key.c index e5cbfed..0defa98 100644 --- a/src/crypto/ec/ec_key.c +++ b/src/crypto/ec/ec_key.c @@ -87,7 +87,7 @@ EC_KEY *EC_KEY_new(void) { return EC_KEY_new_method(NULL); } EC_KEY *EC_KEY_new_method(const ENGINE *engine) { EC_KEY *ret = (EC_KEY *)OPENSSL_malloc(sizeof(EC_KEY)); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, EC_KEY_new_method, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); return NULL; } @@ -127,7 +127,7 @@ err1: EC_KEY *EC_KEY_new_by_curve_name(int nid) { EC_KEY *ret = EC_KEY_new(); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, EC_KEY_new_by_curve_name, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); return NULL; } ret->group = EC_GROUP_new_by_curve_name(nid); @@ -166,7 +166,7 @@ void EC_KEY_free(EC_KEY *r) { EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src) { if (dest == NULL || src == NULL) { - OPENSSL_PUT_ERROR(EC, EC_KEY_copy, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return NULL; } /* Copy the parameters. */ @@ -300,12 +300,12 @@ int EC_KEY_check_key(const EC_KEY *eckey) { EC_POINT *point = NULL; if (!eckey || !eckey->group || !eckey->pub_key) { - OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return 0; } if (EC_POINT_is_at_infinity(eckey->group, eckey->pub_key)) { - OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, EC_R_POINT_AT_INFINITY); + OPENSSL_PUT_ERROR(EC, EC_R_POINT_AT_INFINITY); goto err; } @@ -319,7 +319,7 @@ int EC_KEY_check_key(const EC_KEY *eckey) { /* testing whether the pub_key is on the elliptic curve */ if (!EC_POINT_is_on_curve(eckey->group, eckey->pub_key, ctx)) { - OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, EC_R_POINT_IS_NOT_ON_CURVE); + OPENSSL_PUT_ERROR(EC, EC_R_POINT_IS_NOT_ON_CURVE); goto err; } /* testing whether pub_key * order is the point at infinity */ @@ -327,15 +327,15 @@ int EC_KEY_check_key(const EC_KEY *eckey) { * to check the private key, below? */ order = &eckey->group->order; if (BN_is_zero(order)) { - OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, EC_R_INVALID_GROUP_ORDER); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_GROUP_ORDER); goto err; } if (!EC_POINT_mul(eckey->group, point, NULL, eckey->pub_key, order, ctx)) { - OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } if (!EC_POINT_is_at_infinity(eckey->group, point)) { - OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, EC_R_WRONG_ORDER); + OPENSSL_PUT_ERROR(EC, EC_R_WRONG_ORDER); goto err; } /* in case the priv_key is present : @@ -343,15 +343,15 @@ int EC_KEY_check_key(const EC_KEY *eckey) { */ if (eckey->priv_key) { if (BN_cmp(eckey->priv_key, order) >= 0) { - OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, EC_R_WRONG_ORDER); + OPENSSL_PUT_ERROR(EC, EC_R_WRONG_ORDER); goto err; } if (!EC_POINT_mul(eckey->group, point, eckey->priv_key, NULL, NULL, ctx)) { - OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } if (EC_POINT_cmp(eckey->group, point, eckey->pub_key, ctx) != 0) { - OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, EC_R_INVALID_PRIVATE_KEY); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_PRIVATE_KEY); goto err; } } @@ -371,8 +371,7 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, int ok = 0; if (!key || !key->group || !x || !y) { - OPENSSL_PUT_ERROR(EC, EC_KEY_set_public_key_affine_coordinates, - ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return 0; } ctx = BN_CTX_new(); @@ -394,8 +393,7 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, /* Check if retrieved coordinates match originals: if not values * are out of range. */ if (BN_cmp(x, tx) || BN_cmp(y, ty)) { - OPENSSL_PUT_ERROR(EC, EC_KEY_set_public_key_affine_coordinates, - EC_R_COORDINATES_OUT_OF_RANGE); + OPENSSL_PUT_ERROR(EC, EC_R_COORDINATES_OUT_OF_RANGE); goto err; } @@ -422,7 +420,7 @@ int EC_KEY_generate_key(EC_KEY *eckey) { EC_POINT *pub_key = NULL; if (!eckey || !eckey->group) { - OPENSSL_PUT_ERROR(EC, EC_KEY_generate_key, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return 0; } diff --git a/src/crypto/ec/ec_montgomery.c b/src/crypto/ec/ec_montgomery.c index 74dbc6c..b897000 100644 --- a/src/crypto/ec/ec_montgomery.c +++ b/src/crypto/ec/ec_montgomery.c @@ -200,7 +200,7 @@ int ec_GFp_mont_group_set_curve(EC_GROUP *group, const BIGNUM *p, goto err; } if (!BN_MONT_CTX_set(mont, p, ctx)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_mont_group_set_curve, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); goto err; } one = BN_new(); @@ -232,7 +232,7 @@ err: int ec_GFp_mont_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) { if (group->mont == NULL) { - OPENSSL_PUT_ERROR(EC, ec_GFp_mont_field_mul, EC_R_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EC, EC_R_NOT_INITIALIZED); return 0; } @@ -242,7 +242,7 @@ int ec_GFp_mont_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, int ec_GFp_mont_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) { if (group->mont == NULL) { - OPENSSL_PUT_ERROR(EC, ec_GFp_mont_field_sqr, EC_R_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EC, EC_R_NOT_INITIALIZED); return 0; } @@ -252,7 +252,7 @@ int ec_GFp_mont_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, int ec_GFp_mont_field_encode(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) { if (group->mont == NULL) { - OPENSSL_PUT_ERROR(EC, ec_GFp_mont_field_encode, EC_R_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EC, EC_R_NOT_INITIALIZED); return 0; } @@ -262,7 +262,7 @@ int ec_GFp_mont_field_encode(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, int ec_GFp_mont_field_decode(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) { if (group->mont == NULL) { - OPENSSL_PUT_ERROR(EC, ec_GFp_mont_field_decode, EC_R_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EC, EC_R_NOT_INITIALIZED); return 0; } @@ -272,7 +272,7 @@ int ec_GFp_mont_field_decode(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, int ec_GFp_mont_field_set_to_one(const EC_GROUP *group, BIGNUM *r, BN_CTX *ctx) { if (group->one == NULL) { - OPENSSL_PUT_ERROR(EC, ec_GFp_mont_field_set_to_one, EC_R_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EC, EC_R_NOT_INITIALIZED); return 0; } diff --git a/src/crypto/ec/oct.c b/src/crypto/ec/oct.c index 816a42f..cb50e17 100644 --- a/src/crypto/ec/oct.c +++ b/src/crypto/ec/oct.c @@ -85,7 +85,7 @@ static size_t ec_GFp_simple_point2oct(const EC_GROUP *group, if ((form != POINT_CONVERSION_COMPRESSED) && (form != POINT_CONVERSION_UNCOMPRESSED)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, EC_R_INVALID_FORM); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_FORM); goto err; } @@ -93,7 +93,7 @@ static size_t ec_GFp_simple_point2oct(const EC_GROUP *group, /* encodes to a single 0 octet */ if (buf != NULL) { if (len < 1) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, EC_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EC, EC_R_BUFFER_TOO_SMALL); return 0; } buf[0] = 0; @@ -110,7 +110,7 @@ static size_t ec_GFp_simple_point2oct(const EC_GROUP *group, /* if 'buf' is NULL, just return required length */ if (buf != NULL) { if (len < ret) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, EC_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EC, EC_R_BUFFER_TOO_SMALL); goto err; } @@ -142,21 +142,21 @@ static size_t ec_GFp_simple_point2oct(const EC_GROUP *group, i = 1; if (!BN_bn2bin_padded(buf + i, field_len, x)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } i += field_len; if (form == POINT_CONVERSION_UNCOMPRESSED) { if (!BN_bn2bin_padded(buf + i, field_len, y)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } i += field_len; } if (i != ret) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } } @@ -187,7 +187,7 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, int ret = 0; if (len == 0) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EC, EC_R_BUFFER_TOO_SMALL); return 0; } form = buf[0]; @@ -195,17 +195,17 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, form = form & ~1U; if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED) && (form != POINT_CONVERSION_UNCOMPRESSED)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING); return 0; } if ((form == 0 || form == POINT_CONVERSION_UNCOMPRESSED) && y_bit) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING); return 0; } if (form == 0) { if (len != 1) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING); return 0; } @@ -217,7 +217,7 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, (form == POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len; if (len != enc_len) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING); return 0; } @@ -231,7 +231,7 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, BN_CTX_start(ctx); x = BN_CTX_get(ctx); y = BN_CTX_get(ctx); - if (y == NULL) { + if (x == NULL || y == NULL) { goto err; } @@ -239,7 +239,7 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, goto err; } if (BN_ucmp(x, &group->field) >= 0) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING); goto err; } @@ -252,7 +252,7 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, goto err; } if (BN_ucmp(y, &group->field) >= 0) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING); goto err; } @@ -263,7 +263,7 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, /* test required by X9.62 */ if (!EC_POINT_is_on_curve(group, point, ctx)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_POINT_IS_NOT_ON_CURVE); + OPENSSL_PUT_ERROR(EC, EC_R_POINT_IS_NOT_ON_CURVE); goto err; } @@ -279,12 +279,11 @@ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *point, const uint8_t *buf, size_t len, BN_CTX *ctx) { if (group->meth->oct2point == 0 && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) { - OPENSSL_PUT_ERROR(EC, EC_POINT_oct2point, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_POINT_oct2point, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) { @@ -299,12 +298,11 @@ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *point, size_t len, BN_CTX *ctx) { if (group->meth->point2oct == 0 && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) { - OPENSSL_PUT_ERROR(EC, EC_POINT_point2oct, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_POINT_point2oct, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) { @@ -406,9 +404,9 @@ int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, if (ERR_GET_LIB(err) == ERR_LIB_BN && ERR_GET_REASON(err) == BN_R_NOT_A_SQUARE) { ERR_clear_error(); - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, EC_R_INVALID_COMPRESSED_POINT); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_COMPRESSED_POINT); } else { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); } goto err; } @@ -423,12 +421,10 @@ int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, } if (kron == 1) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, - EC_R_INVALID_COMPRESSION_BIT); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_COMPRESSION_BIT); } else { /* BN_mod_sqrt() should have cought this error (not a square) */ - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, - EC_R_INVALID_COMPRESSED_POINT); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_COMPRESSED_POINT); } goto err; } @@ -437,8 +433,7 @@ int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, } } if (y_bit != BN_is_odd(y)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, - ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } @@ -459,13 +454,11 @@ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, int y_bit, BN_CTX *ctx) { if (group->meth->point_set_compressed_coordinates == 0 && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) { - OPENSSL_PUT_ERROR(EC, EC_POINT_set_compressed_coordinates_GFp, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_POINT_set_compressed_coordinates_GFp, - EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) { diff --git a/src/crypto/ec/p256-64.c b/src/crypto/ec/p256-64.c index fdb942c..3946b29 100644 --- a/src/crypto/ec/p256-64.c +++ b/src/crypto/ec/p256-64.c @@ -125,7 +125,7 @@ static void flip_endian(u8 *out, const u8 *in, unsigned len) { /* BN_to_felem converts an OpenSSL BIGNUM into an felem. */ static int BN_to_felem(felem out, const BIGNUM *bn) { if (BN_is_negative(bn)) { - OPENSSL_PUT_ERROR(EC, BN_to_felem, EC_R_BIGNUM_OUT_OF_RANGE); + OPENSSL_PUT_ERROR(EC, EC_R_BIGNUM_OUT_OF_RANGE); return 0; } @@ -134,7 +134,7 @@ static int BN_to_felem(felem out, const BIGNUM *bn) { memset(b_out, 0, sizeof(b_out)); unsigned num_bytes = BN_num_bytes(bn); if (num_bytes > sizeof(b_out)) { - OPENSSL_PUT_ERROR(EC, BN_to_felem, EC_R_BIGNUM_OUT_OF_RANGE); + OPENSSL_PUT_ERROR(EC, EC_R_BIGNUM_OUT_OF_RANGE); return 0; } @@ -1638,8 +1638,7 @@ int ec_GFp_nistp256_group_set_curve(EC_GROUP *group, const BIGNUM *p, if (BN_cmp(curve_p, p) || BN_cmp(curve_a, a) || BN_cmp(curve_b, b)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_group_set_curve, - EC_R_WRONG_CURVE_PARAMETERS); + OPENSSL_PUT_ERROR(EC, EC_R_WRONG_CURVE_PARAMETERS); goto err; } ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx); @@ -1661,8 +1660,7 @@ int ec_GFp_nistp256_point_get_affine_coordinates(const EC_GROUP *group, longfelem tmp; if (EC_POINT_is_at_infinity(group, point)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_point_get_affine_coordinates, - EC_R_POINT_AT_INFINITY); + OPENSSL_PUT_ERROR(EC, EC_R_POINT_AT_INFINITY); return 0; } if (!BN_to_felem(x_in, &point->X) || @@ -1677,8 +1675,7 @@ int ec_GFp_nistp256_point_get_affine_coordinates(const EC_GROUP *group, felem_reduce(x_in, tmp); felem_contract(x_out, x_in); if (x != NULL && !smallfelem_to_BN(x, x_out)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_point_get_affine_coordinates, - ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); return 0; } felem_mul(tmp, z1, z2); @@ -1687,8 +1684,7 @@ int ec_GFp_nistp256_point_get_affine_coordinates(const EC_GROUP *group, felem_reduce(y_in, tmp); felem_contract(y_out, y_in); if (y != NULL && !smallfelem_to_BN(y, y_out)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_point_get_affine_coordinates, - ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); return 0; } return 1; @@ -1763,7 +1759,7 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, if (!smallfelem_to_BN(x, g_pre_comp[0][1][0]) || !smallfelem_to_BN(y, g_pre_comp[0][1][1]) || !smallfelem_to_BN(z, g_pre_comp[0][1][2])) { - OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_points_mul, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); goto err; } if (!ec_point_set_Jprojective_coordinates_GFp(group, generator, x, y, z, @@ -1794,7 +1790,7 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, } if (secrets == NULL || pre_comp == NULL || (mixed && tmp_smallfelems == NULL)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_points_mul, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } @@ -1818,7 +1814,7 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, /* this is an unusual input, and we don't guarantee * constant-timeness. */ if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_points_mul, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); goto err; } num_bytes = BN_bn2bin(tmp_scalar, tmp); @@ -1863,7 +1859,7 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, /* this is an unusual input, and we don't guarantee * constant-timeness. */ if (!BN_nnmod(tmp_scalar, scalar, &group->order, ctx)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_points_mul, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); goto err; } num_bytes = BN_bn2bin(tmp_scalar, tmp); @@ -1889,7 +1885,7 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, if (!smallfelem_to_BN(x, x_in) || !smallfelem_to_BN(y, y_in) || !smallfelem_to_BN(z, z_in)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_points_mul, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); goto err; } ret = ec_point_set_Jprojective_coordinates_GFp(group, r, x, y, z, ctx); diff --git a/src/crypto/ec/simple.c b/src/crypto/ec/simple.c index 69fd2e4..c62199c 100644 --- a/src/crypto/ec/simple.c +++ b/src/crypto/ec/simple.c @@ -172,7 +172,7 @@ int ec_GFp_simple_group_set_curve(EC_GROUP *group, const BIGNUM *p, /* p must be a prime > 3 */ if (BN_num_bits(p) <= 2 || !BN_is_odd(p)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_group_set_curve, EC_R_INVALID_FIELD); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_FIELD); return 0; } @@ -283,8 +283,7 @@ int ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx) { if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); if (ctx == NULL) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_group_check_discriminant, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } } @@ -492,8 +491,7 @@ int ec_GFp_simple_point_set_affine_coordinates(const EC_GROUP *group, const BIGNUM *y, BN_CTX *ctx) { if (x == NULL || y == NULL) { /* unlike for projective coordinates, we do not tolerate this */ - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point_set_affine_coordinates, - ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return 0; } @@ -510,8 +508,7 @@ int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, int ret = 0; if (EC_POINT_is_at_infinity(group, point)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point_get_affine_coordinates, - EC_R_POINT_AT_INFINITY); + OPENSSL_PUT_ERROR(EC, EC_R_POINT_AT_INFINITY); return 0; } @@ -527,7 +524,7 @@ int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, Z_1 = BN_CTX_get(ctx); Z_2 = BN_CTX_get(ctx); Z_3 = BN_CTX_get(ctx); - if (Z_3 == NULL) { + if (Z == NULL || Z_1 == NULL || Z_2 == NULL || Z_3 == NULL) { goto err; } @@ -560,8 +557,7 @@ int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, } } else { if (!BN_mod_inverse(Z_1, Z_, &group->field, ctx)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point_get_affine_coordinates, - ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); goto err; } @@ -1183,7 +1179,7 @@ int ec_GFp_simple_make_affine(const EC_GROUP *group, EC_POINT *point, goto err; } if (!point->Z_is_one) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_make_affine, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } @@ -1269,7 +1265,7 @@ int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, * non-zero points[i]->Z by its inverse. */ if (!BN_mod_inverse(tmp, prod_Z[num - 1], &group->field, ctx)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_points_make_affine, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); goto err; } diff --git a/src/crypto/ec/wnaf.c b/src/crypto/ec/wnaf.c index ae0d73f..7fa0e1b 100644 --- a/src/crypto/ec/wnaf.c +++ b/src/crypto/ec/wnaf.c @@ -100,7 +100,7 @@ static EC_PRE_COMP *ec_pre_comp_new(void) { ret = (EC_PRE_COMP *)OPENSSL_malloc(sizeof(EC_PRE_COMP)); if (!ret) { - OPENSSL_PUT_ERROR(EC, ec_pre_comp_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); return ret; } ret->blocksize = 8; /* default */ @@ -158,7 +158,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { if (BN_is_zero(scalar)) { r = OPENSSL_malloc(1); if (!r) { - OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } r[0] = 0; @@ -169,7 +169,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { if (w <= 0 || w > 7) /* 'signed char' can represent integers with absolute values less than 2^7 */ { - OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } bit = 1 << w; /* at most 128 */ @@ -181,7 +181,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { } if (scalar->d == NULL || scalar->top == 0) { - OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } @@ -192,7 +192,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { * (*ret_len will be set to the actual length, i.e. at most * BN_num_bits(scalar) + 1) */ if (r == NULL) { - OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } window_val = scalar->d[0] & mask; @@ -225,7 +225,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { } if (digit <= -bit || digit >= bit || !(digit & 1)) { - OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } @@ -235,7 +235,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { * for modified window NAFs, it may also be 2^w */ if (window_val != 0 && window_val != next_bit && window_val != bit) { - OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } } @@ -246,13 +246,13 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { window_val += bit * BN_is_bit_set(scalar, j + w); if (window_val > next_bit) { - OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } } if (j > len + 1) { - OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } len = j; @@ -316,7 +316,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, int ret = 0; if (group->meth != r->meth) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } @@ -326,7 +326,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, for (i = 0; i < num; i++) { if (group->meth != points[i]->meth) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } } @@ -341,7 +341,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, if (scalar != NULL) { generator = EC_GROUP_get0_generator(group); if (generator == NULL) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, EC_R_UNDEFINED_GENERATOR); + OPENSSL_PUT_ERROR(EC, EC_R_UNDEFINED_GENERATOR); goto err; } @@ -366,7 +366,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, /* check that pre_comp looks sane */ if (pre_comp->num != (pre_comp->numblocks * pre_points_per_block)) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } } else { @@ -391,7 +391,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, } if (!wsize || !wNAF_len || !wNAF || !val_sub) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } @@ -420,7 +420,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, if (pre_comp == NULL) { if (num_scalar != 1) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } /* we have already generated a wNAF for 'scalar' */ @@ -429,7 +429,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t tmp_len = 0; if (num_scalar != 0) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } @@ -463,7 +463,8 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, /* possibly we can do with fewer blocks than estimated */ numblocks = (tmp_len + blocksize - 1) / blocksize; if (numblocks > pre_comp->numblocks) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_free(tmp_wNAF); goto err; } totalnum = num + numblocks; @@ -477,7 +478,8 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, if (i < totalnum - 1) { wNAF_len[i] = blocksize; if (tmp_len < blocksize) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_free(tmp_wNAF); goto err; } tmp_len -= blocksize; @@ -490,7 +492,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, wNAF[i + 1] = NULL; wNAF[i] = OPENSSL_malloc(wNAF_len[i]); if (wNAF[i] == NULL) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); OPENSSL_free(tmp_wNAF); goto err; } @@ -500,7 +502,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, } if (*tmp_points == NULL) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); OPENSSL_free(tmp_wNAF); goto err; } @@ -519,7 +521,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, */ val = OPENSSL_malloc((num_val + 1) * sizeof val[0]); if (val == NULL) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } val[num_val] = NULL; /* pivot element */ @@ -537,7 +539,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, } } if (!(v == val + num_val)) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } @@ -695,7 +697,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) { generator = EC_GROUP_get0_generator(group); if (generator == NULL) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_precompute_mult, EC_R_UNDEFINED_GENERATOR); + OPENSSL_PUT_ERROR(EC, EC_R_UNDEFINED_GENERATOR); return 0; } @@ -721,7 +723,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) { goto err; } if (BN_is_zero(order)) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_precompute_mult, EC_R_UNKNOWN_ORDER); + OPENSSL_PUT_ERROR(EC, EC_R_UNKNOWN_ORDER); goto err; } @@ -749,7 +751,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) { points = OPENSSL_malloc(sizeof(EC_POINT *) * (num + 1)); if (!points) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_precompute_mult, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } @@ -757,13 +759,13 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) { var[num] = NULL; /* pivot */ for (i = 0; i < num; i++) { if ((var[i] = EC_POINT_new(group)) == NULL) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_precompute_mult, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } } if (!(tmp_point = EC_POINT_new(group)) || !(base = EC_POINT_new(group))) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_precompute_mult, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } @@ -795,7 +797,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) { size_t k; if (blocksize <= 2) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_precompute_mult, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } diff --git a/src/crypto/ecdh/CMakeLists.txt b/src/crypto/ecdh/CMakeLists.txt index 346e72d..8eaeae5 100644 --- a/src/crypto/ecdh/CMakeLists.txt +++ b/src/crypto/ecdh/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( ecdh diff --git a/src/crypto/ecdh/ecdh.c b/src/crypto/ecdh/ecdh.c index a011bab..14856db 100644 --- a/src/crypto/ecdh/ecdh.c +++ b/src/crypto/ecdh/ecdh.c @@ -95,7 +95,7 @@ int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, priv = EC_KEY_get0_private_key(priv_key); if (priv == NULL) { - OPENSSL_PUT_ERROR(ECDH, ECDH_compute_key, ECDH_R_NO_PRIVATE_VALUE); + OPENSSL_PUT_ERROR(ECDH, ECDH_R_NO_PRIVATE_VALUE); goto err; } @@ -103,35 +103,35 @@ int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, tmp = EC_POINT_new(group); if (tmp == NULL) { - OPENSSL_PUT_ERROR(ECDH, ECDH_compute_key, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDH, ERR_R_MALLOC_FAILURE); goto err; } if (!EC_POINT_mul(group, tmp, NULL, pub_key, priv, ctx)) { - OPENSSL_PUT_ERROR(ECDH, ECDH_compute_key, ECDH_R_POINT_ARITHMETIC_FAILURE); + OPENSSL_PUT_ERROR(ECDH, ECDH_R_POINT_ARITHMETIC_FAILURE); goto err; } if (!EC_POINT_get_affine_coordinates_GFp(group, tmp, x, y, ctx)) { - OPENSSL_PUT_ERROR(ECDH, ECDH_compute_key, ECDH_R_POINT_ARITHMETIC_FAILURE); + OPENSSL_PUT_ERROR(ECDH, ECDH_R_POINT_ARITHMETIC_FAILURE); goto err; } buflen = (EC_GROUP_get_degree(group) + 7) / 8; buf = OPENSSL_malloc(buflen); if (buf == NULL) { - OPENSSL_PUT_ERROR(ECDH, ECDH_compute_key, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDH, ERR_R_MALLOC_FAILURE); goto err; } if (!BN_bn2bin_padded(buf, buflen, x)) { - OPENSSL_PUT_ERROR(ECDH, ECDH_compute_key, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(ECDH, ERR_R_INTERNAL_ERROR); goto err; } if (KDF != 0) { if (KDF(buf, buflen, out, &outlen) == NULL) { - OPENSSL_PUT_ERROR(ECDH, ECDH_compute_key, ECDH_R_KDF_FAILED); + OPENSSL_PUT_ERROR(ECDH, ECDH_R_KDF_FAILED); goto err; } ret = outlen; diff --git a/src/crypto/ecdsa/CMakeLists.txt b/src/crypto/ecdsa/CMakeLists.txt index f431e59..e7581be 100644 --- a/src/crypto/ecdsa/CMakeLists.txt +++ b/src/crypto/ecdsa/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( ecdsa diff --git a/src/crypto/ecdsa/ecdsa.c b/src/crypto/ecdsa/ecdsa.c index b71799e..8403d60 100644 --- a/src/crypto/ecdsa/ecdsa.c +++ b/src/crypto/ecdsa/ecdsa.c @@ -52,9 +52,11 @@ #include +#include #include #include +#include #include #include @@ -81,16 +83,18 @@ int ECDSA_verify(int type, const uint8_t *digest, size_t digest_len, return eckey->ecdsa_meth->verify(digest, digest_len, sig, sig_len, eckey); } - s = ECDSA_SIG_new(); - const uint8_t *sigp = sig; - if (s == NULL || d2i_ECDSA_SIG(&s, &sigp, sig_len) == NULL || - sigp != sig + sig_len) { + /* Decode the ECDSA signature. */ + s = ECDSA_SIG_from_bytes(sig, sig_len); + if (s == NULL) { goto err; } - /* Ensure that the signature uses DER and doesn't have trailing garbage. */ - const int der_len = i2d_ECDSA_SIG(s, &der); - if (der_len < 0 || (size_t) der_len != sig_len || memcmp(sig, der, sig_len)) { + /* Defend against potential laxness in the DER parser. */ + size_t der_len; + if (!ECDSA_SIG_to_bytes(&der, &der_len, s) || + der_len != sig_len || memcmp(sig, der, sig_len) != 0) { + /* This should never happen. crypto/bytestring is strictly DER. */ + OPENSSL_PUT_ERROR(ECDSA, ERR_R_INTERNAL_ERROR); goto err; } @@ -116,14 +120,14 @@ static int digest_to_bn(BIGNUM *out, const uint8_t *digest, size_t digest_len, digest_len = (num_bits + 7) / 8; } if (!BN_bin2bn(digest, digest_len, out)) { - OPENSSL_PUT_ERROR(ECDSA, digest_to_bn, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); return 0; } /* If still too long truncate remaining bits with a shift */ if ((8 * digest_len > num_bits) && !BN_rshift(out, out, 8 - (num_bits & 0x7))) { - OPENSSL_PUT_ERROR(ECDSA, digest_to_bn, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); return 0; } @@ -145,7 +149,7 @@ int ECDSA_do_verify(const uint8_t *digest, size_t digest_len, const EC_POINT *pub_key; if (eckey->ecdsa_meth && eckey->ecdsa_meth->verify) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ECDSA_R_NOT_IMPLEMENTED); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_NOT_IMPLEMENTED); return 0; } @@ -153,13 +157,13 @@ int ECDSA_do_verify(const uint8_t *digest, size_t digest_len, if ((group = EC_KEY_get0_group(eckey)) == NULL || (pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ECDSA_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_MISSING_PARAMETERS); return 0; } ctx = BN_CTX_new(); if (!ctx) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_MALLOC_FAILURE); return 0; } BN_CTX_start(ctx); @@ -168,26 +172,26 @@ int ECDSA_do_verify(const uint8_t *digest, size_t digest_len, u2 = BN_CTX_get(ctx); m = BN_CTX_get(ctx); X = BN_CTX_get(ctx); - if (!X) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_BN_LIB); + if (order == NULL || u1 == NULL || u2 == NULL || m == NULL || X == NULL) { + OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); goto err; } if (!EC_GROUP_get_order(group, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_EC_LIB); goto err; } if (BN_is_zero(sig->r) || BN_is_negative(sig->r) || BN_ucmp(sig->r, order) >= 0 || BN_is_zero(sig->s) || BN_is_negative(sig->s) || BN_ucmp(sig->s, order) >= 0) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ECDSA_R_BAD_SIGNATURE); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_BAD_SIGNATURE); ret = 0; /* signature is invalid */ goto err; } /* calculate tmp1 = inv(S) mod order */ if (!BN_mod_inverse(u2, sig->s, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); goto err; } if (!digest_to_bn(m, digest, digest_len, order)) { @@ -195,30 +199,30 @@ int ECDSA_do_verify(const uint8_t *digest, size_t digest_len, } /* u1 = m * tmp mod order */ if (!BN_mod_mul(u1, m, u2, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); goto err; } /* u2 = r * w mod q */ if (!BN_mod_mul(u2, sig->r, u2, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); goto err; } point = EC_POINT_new(group); if (point == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_MALLOC_FAILURE); goto err; } if (!EC_POINT_mul(group, point, u1, pub_key, u2, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_EC_LIB); goto err; } if (!EC_POINT_get_affine_coordinates_GFp(group, point, X, NULL, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_EC_LIB); goto err; } if (!BN_nnmod(u1, X, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); goto err; } /* if the signature is correct u1 is equal to sig->r */ @@ -241,13 +245,13 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, int ret = 0; if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_PASSED_NULL_PARAMETER); return 0; } if (ctx_in == NULL) { if ((ctx = BN_CTX_new()) == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_MALLOC_FAILURE); return 0; } } else { @@ -259,16 +263,16 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, order = BN_new(); X = BN_new(); if (!k || !r || !order || !X) { - OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_MALLOC_FAILURE); goto err; } tmp_point = EC_POINT_new(group); if (tmp_point == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_EC_LIB); goto err; } if (!EC_GROUP_get_order(group, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_EC_LIB); goto err; } @@ -286,8 +290,7 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, ok = BN_rand_range(k, order); } if (!ok) { - OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, - ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED); goto err; } } while (BN_is_zero(k)); @@ -307,23 +310,23 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, /* compute r the x-coordinate of generator * k */ if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_EC_LIB); goto err; } if (!EC_POINT_get_affine_coordinates_GFp(group, tmp_point, X, NULL, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_EC_LIB); goto err; } if (!BN_nnmod(r, X, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); goto err; } } while (BN_is_zero(r)); /* compute the inverse of k */ if (!BN_mod_inverse(k, k, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); goto err; } /* clear old values if necessary */ @@ -365,7 +368,7 @@ ECDSA_SIG *ECDSA_do_sign_ex(const uint8_t *digest, size_t digest_len, const BIGNUM *priv_key; if (eckey->ecdsa_meth && eckey->ecdsa_meth->sign) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ECDSA_R_NOT_IMPLEMENTED); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_NOT_IMPLEMENTED); return NULL; } @@ -373,25 +376,25 @@ ECDSA_SIG *ECDSA_do_sign_ex(const uint8_t *digest, size_t digest_len, priv_key = EC_KEY_get0_private_key(eckey); if (group == NULL || priv_key == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_PASSED_NULL_PARAMETER); return NULL; } ret = ECDSA_SIG_new(); if (!ret) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_MALLOC_FAILURE); return NULL; } s = ret->s; if ((ctx = BN_CTX_new()) == NULL || (order = BN_new()) == NULL || (tmp = BN_new()) == NULL || (m = BN_new()) == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_MALLOC_FAILURE); goto err; } if (!EC_GROUP_get_order(group, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_EC_LIB); goto err; } if (!digest_to_bn(m, digest, digest_len, order)) { @@ -400,35 +403,35 @@ ECDSA_SIG *ECDSA_do_sign_ex(const uint8_t *digest, size_t digest_len, for (;;) { if (in_kinv == NULL || in_r == NULL) { if (!ecdsa_sign_setup(eckey, ctx, &kinv, &ret->r, digest, digest_len)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_ECDSA_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_ECDSA_LIB); goto err; } ckinv = kinv; } else { ckinv = in_kinv; if (BN_copy(ret->r, in_r) == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_MALLOC_FAILURE); goto err; } } if (!BN_mod_mul(tmp, priv_key, ret->r, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); goto err; } if (!BN_mod_add_quick(s, tmp, m, order)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); goto err; } if (!BN_mod_mul(s, s, ckinv, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); goto err; } if (BN_is_zero(s)) { /* if kinv and r have been supplied by the caller * don't to generate new kinv and r values */ if (in_kinv != NULL && in_r != NULL) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ECDSA_R_NEED_NEW_SETUP_VALUES); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_NEED_NEW_SETUP_VALUES); goto err; } } else { @@ -455,20 +458,36 @@ err: int ECDSA_sign_ex(int type, const uint8_t *digest, size_t digest_len, uint8_t *sig, unsigned int *sig_len, const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey) { + int ret = 0; ECDSA_SIG *s = NULL; if (eckey->ecdsa_meth && eckey->ecdsa_meth->sign) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_sign_ex, ECDSA_R_NOT_IMPLEMENTED); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_NOT_IMPLEMENTED); *sig_len = 0; - return 0; + goto err; } s = ECDSA_do_sign_ex(digest, digest_len, kinv, r, eckey); if (s == NULL) { *sig_len = 0; - return 0; + goto err; } - *sig_len = i2d_ECDSA_SIG(s, &sig); + + CBB cbb; + CBB_zero(&cbb); + size_t len; + if (!CBB_init_fixed(&cbb, sig, ECDSA_size(eckey)) || + !ECDSA_SIG_marshal(&cbb, s) || + !CBB_finish(&cbb, NULL, &len)) { + OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_ENCODE_ERROR); + CBB_cleanup(&cbb); + *sig_len = 0; + goto err; + } + *sig_len = (unsigned)len; + ret = 1; + +err: ECDSA_SIG_free(s); - return 1; + return ret; } diff --git a/src/crypto/ecdsa/ecdsa_asn1.c b/src/crypto/ecdsa/ecdsa_asn1.c index f557ca7..f2d7c36 100644 --- a/src/crypto/ecdsa/ecdsa_asn1.c +++ b/src/crypto/ecdsa/ecdsa_asn1.c @@ -52,45 +52,33 @@ #include -#include -#include +#include +#include + +#include +#include +#include #include #include #include "../ec/internal.h" -DECLARE_ASN1_FUNCTIONS_const(ECDSA_SIG); -DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECDSA_SIG, ECDSA_SIG); - -ASN1_SEQUENCE(ECDSA_SIG) = { - ASN1_SIMPLE(ECDSA_SIG, r, CBIGNUM), - ASN1_SIMPLE(ECDSA_SIG, s, CBIGNUM), -} ASN1_SEQUENCE_END(ECDSA_SIG); - -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ECDSA_SIG, ECDSA_SIG, ECDSA_SIG); - size_t ECDSA_size(const EC_KEY *key) { - size_t ret, i, group_order_size; - ASN1_INTEGER bs; - BIGNUM *order = NULL; - unsigned char buf[4]; - const EC_GROUP *group; + if (key == NULL) { + return 0; + } + size_t group_order_size; if (key->ecdsa_meth && key->ecdsa_meth->group_order_size) { group_order_size = key->ecdsa_meth->group_order_size(key); } else { - size_t num_bits; - - if (key == NULL) { - return 0; - } - group = EC_KEY_get0_group(key); + const EC_GROUP *group = EC_KEY_get0_group(key); if (group == NULL) { return 0; } - order = BN_new(); + BIGNUM *order = BN_new(); if (order == NULL) { return 0; } @@ -99,21 +87,11 @@ size_t ECDSA_size(const EC_KEY *key) { return 0; } - num_bits = BN_num_bits(order); - group_order_size = (num_bits + 7) / 8; + group_order_size = BN_num_bytes(order); + BN_clear_free(order); } - bs.length = group_order_size; - bs.data = buf; - bs.type = V_ASN1_INTEGER; - /* If the top bit is set the ASN.1 encoding is 1 larger. */ - buf[0] = 0xff; - - i = i2d_ASN1_INTEGER(&bs, NULL); - i += i; /* r and s */ - ret = ASN1_object_size(1, i, V_ASN1_SEQUENCE); - BN_clear_free(order); - return ret; + return ECDSA_SIG_max_len(group_order_size); } ECDSA_SIG *ECDSA_SIG_new(void) { @@ -139,3 +117,134 @@ void ECDSA_SIG_free(ECDSA_SIG *sig) { BN_free(sig->s); OPENSSL_free(sig); } + +ECDSA_SIG *ECDSA_SIG_parse(CBS *cbs) { + ECDSA_SIG *ret = ECDSA_SIG_new(); + if (ret == NULL) { + return NULL; + } + CBS child; + if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) || + !BN_cbs2unsigned(&child, ret->r) || + !BN_cbs2unsigned(&child, ret->s) || + CBS_len(&child) != 0) { + OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_BAD_SIGNATURE); + ECDSA_SIG_free(ret); + return NULL; + } + return ret; +} + +ECDSA_SIG *ECDSA_SIG_from_bytes(const uint8_t *in, size_t in_len) { + CBS cbs; + CBS_init(&cbs, in, in_len); + ECDSA_SIG *ret = ECDSA_SIG_parse(&cbs); + if (ret == NULL || CBS_len(&cbs) != 0) { + OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_BAD_SIGNATURE); + ECDSA_SIG_free(ret); + return NULL; + } + return ret; +} + +int ECDSA_SIG_marshal(CBB *cbb, const ECDSA_SIG *sig) { + CBB child; + if (!CBB_add_asn1(cbb, &child, CBS_ASN1_SEQUENCE) || + !BN_bn2cbb(&child, sig->r) || + !BN_bn2cbb(&child, sig->s) || + !CBB_flush(cbb)) { + OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_ENCODE_ERROR); + return 0; + } + return 1; +} + +int ECDSA_SIG_to_bytes(uint8_t **out_bytes, size_t *out_len, + const ECDSA_SIG *sig) { + CBB cbb; + CBB_zero(&cbb); + if (!CBB_init(&cbb, 0) || + !ECDSA_SIG_marshal(&cbb, sig) || + !CBB_finish(&cbb, out_bytes, out_len)) { + OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_ENCODE_ERROR); + CBB_cleanup(&cbb); + return 0; + } + return 1; +} + +/* der_len_len returns the number of bytes needed to represent a length of |len| + * in DER. */ +static size_t der_len_len(size_t len) { + if (len < 0x80) { + return 1; + } + size_t ret = 1; + while (len > 0) { + ret++; + len >>= 8; + } + return ret; +} + +size_t ECDSA_SIG_max_len(size_t order_len) { + /* Compute the maximum length of an |order_len| byte integer. Defensively + * assume that the leading 0x00 is included. */ + size_t integer_len = 1 /* tag */ + der_len_len(order_len + 1) + 1 + order_len; + if (integer_len < order_len) { + return 0; + } + /* An ECDSA signature is two INTEGERs. */ + size_t value_len = 2 * integer_len; + if (value_len < integer_len) { + return 0; + } + /* Add the header. */ + size_t ret = 1 /* tag */ + der_len_len(value_len) + value_len; + if (ret < value_len) { + return 0; + } + return ret; +} + +ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **out, const uint8_t **inp, long len) { + if (len < 0) { + return NULL; + } + CBS cbs; + CBS_init(&cbs, *inp, (size_t)len); + ECDSA_SIG *ret = ECDSA_SIG_parse(&cbs); + if (ret == NULL) { + return NULL; + } + if (out != NULL) { + ECDSA_SIG_free(*out); + *out = ret; + } + *inp += (size_t)len - CBS_len(&cbs); + return ret; +} + +int i2d_ECDSA_SIG(const ECDSA_SIG *sig, uint8_t **outp) { + uint8_t *der; + size_t der_len; + if (!ECDSA_SIG_to_bytes(&der, &der_len, sig)) { + return -1; + } + if (der_len > INT_MAX) { + OPENSSL_PUT_ERROR(ECDSA, ERR_R_OVERFLOW); + OPENSSL_free(der); + return -1; + } + if (outp != NULL) { + if (*outp == NULL) { + *outp = der; + der = NULL; + } else { + memcpy(*outp, der, der_len); + *outp += der_len; + } + } + OPENSSL_free(der); + return (int)der_len; +} diff --git a/src/crypto/ecdsa/ecdsa_test.cc b/src/crypto/ecdsa/ecdsa_test.cc index a6bd7a1..b916509 100644 --- a/src/crypto/ecdsa/ecdsa_test.cc +++ b/src/crypto/ecdsa/ecdsa_test.cc @@ -78,18 +78,13 @@ static bool VerifyECDSASig(Api api, const uint8_t *digest, switch (api) { case kEncodedApi: { - int sig_len = i2d_ECDSA_SIG(ecdsa_sig, NULL); - if (sig_len <= 0) { + uint8_t *der; + size_t der_len; + if (!ECDSA_SIG_to_bytes(&der, &der_len, ecdsa_sig)) { return false; } - std::vector signature(static_cast(sig_len)); - uint8_t *sig_ptr = bssl::vector_data(&signature); - sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr); - if (sig_len <= 0) { - return false; - } - actual_result = ECDSA_verify(0, digest, digest_len, bssl::vector_data(&signature), - signature.size(), eckey); + ScopedOpenSSLBytes delete_der(der); + actual_result = ECDSA_verify(0, digest, digest_len, der, der_len, eckey); break; } @@ -267,8 +262,8 @@ static bool TestBuiltin(FILE *out) { fprintf(out, "."); fflush(out); // Verify a tampered signature. - const uint8_t *sig_ptr = bssl::vector_data(&signature); - ScopedECDSA_SIG ecdsa_sig(d2i_ECDSA_SIG(NULL, &sig_ptr, signature.size())); + ScopedECDSA_SIG ecdsa_sig(ECDSA_SIG_from_bytes( + bssl::vector_data(&signature), signature.size())); if (!ecdsa_sig || !TestTamperedSig(out, kEncodedApi, digest, 20, ecdsa_sig.get(), eckey.get(), order.get())) { @@ -325,11 +320,45 @@ static bool TestBuiltin(FILE *out) { return true; } +static bool TestECDSA_SIG_max_len(size_t order_len) { + /* Create the largest possible |ECDSA_SIG| of the given constraints. */ + ScopedECDSA_SIG sig(ECDSA_SIG_new()); + if (!sig) { + return false; + } + std::vector bytes(order_len, 0xff); + if (!BN_bin2bn(bssl::vector_data(&bytes), bytes.size(), sig->r) || + !BN_bin2bn(bssl::vector_data(&bytes), bytes.size(), sig->s)) { + return false; + } + /* Serialize it. */ + uint8_t *der; + size_t der_len; + if (!ECDSA_SIG_to_bytes(&der, &der_len, sig.get())) { + return false; + } + ScopedOpenSSLBytes delete_der(der); + + size_t max_len = ECDSA_SIG_max_len(order_len); + if (max_len != der_len) { + fprintf(stderr, "ECDSA_SIG_max_len(%u) returned %u, wanted %u\n", + static_cast(order_len), static_cast(max_len), + static_cast(der_len)); + return false; + } + return true; +} + int main(void) { CRYPTO_library_init(); ERR_load_crypto_strings(); - if (!TestBuiltin(stdout)) { + if (!TestBuiltin(stdout) || + !TestECDSA_SIG_max_len(224/8) || + !TestECDSA_SIG_max_len(256/8) || + !TestECDSA_SIG_max_len(384/8) || + !TestECDSA_SIG_max_len(512/8) || + !TestECDSA_SIG_max_len(10000)) { printf("\nECDSA test failed\n"); ERR_print_errors_fp(stdout); return 1; diff --git a/src/crypto/engine/CMakeLists.txt b/src/crypto/engine/CMakeLists.txt index e03650e..5667f02 100644 --- a/src/crypto/engine/CMakeLists.txt +++ b/src/crypto/engine/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( engine diff --git a/src/crypto/err/CMakeLists.txt b/src/crypto/err/CMakeLists.txt index 5215eec..8519e51 100644 --- a/src/crypto/err/CMakeLists.txt +++ b/src/crypto/err/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_custom_command( OUTPUT err_data.c @@ -8,10 +8,8 @@ add_custom_command( asn1.errordata bio.errordata bn.errordata - buf.errordata cipher.errordata conf.errordata - crypto.errordata dh.errordata digest.errordata dsa.errordata diff --git a/src/crypto/err/asn1.errordata b/src/crypto/err/asn1.errordata index 44b9c73..55342a0 100644 --- a/src/crypto/err/asn1.errordata +++ b/src/crypto/err/asn1.errordata @@ -1,152 +1,88 @@ -ASN1,function,100,ASN1_BIT_STRING_set_bit -ASN1,function,101,ASN1_ENUMERATED_set -ASN1,function,102,ASN1_ENUMERATED_to_BN -ASN1,function,103,ASN1_GENERALIZEDTIME_adj -ASN1,function,104,ASN1_INTEGER_set -ASN1,function,105,ASN1_INTEGER_to_BN -ASN1,function,106,ASN1_OBJECT_new -ASN1,function,107,ASN1_PCTX_new -ASN1,function,108,ASN1_STRING_TABLE_add -ASN1,function,109,ASN1_STRING_set -ASN1,function,110,ASN1_STRING_type_new -ASN1,function,111,ASN1_TIME_adj -ASN1,function,112,ASN1_UTCTIME_adj -ASN1,function,113,ASN1_d2i_fp -ASN1,function,114,ASN1_dup -ASN1,function,115,ASN1_generate_v3 -ASN1,function,116,ASN1_get_object -ASN1,function,117,ASN1_i2d_bio -ASN1,function,118,ASN1_i2d_fp -ASN1,function,119,ASN1_item_d2i_fp -ASN1,function,120,ASN1_item_dup -ASN1,function,121,ASN1_item_ex_d2i -ASN1,function,122,ASN1_item_i2d_bio -ASN1,function,123,ASN1_item_i2d_fp -ASN1,function,124,ASN1_item_pack -ASN1,function,125,ASN1_item_unpack -ASN1,function,126,ASN1_mbstring_ncopy -ASN1,function,127,ASN1_template_new -ASN1,function,128,BIO_new_NDEF -ASN1,function,129,BN_to_ASN1_ENUMERATED -ASN1,function,130,BN_to_ASN1_INTEGER -ASN1,function,131,a2d_ASN1_OBJECT -ASN1,function,132,a2i_ASN1_ENUMERATED -ASN1,function,133,a2i_ASN1_INTEGER -ASN1,function,134,a2i_ASN1_STRING -ASN1,function,135,append_exp -ASN1,function,136,asn1_cb -ASN1,function,137,asn1_check_tlen -ASN1,function,138,asn1_collate_primitive -ASN1,function,139,asn1_collect -ASN1,function,140,asn1_d2i_ex_primitive -ASN1,function,141,asn1_d2i_read_bio -ASN1,function,142,asn1_do_adb -ASN1,function,143,asn1_ex_c2i -ASN1,function,144,asn1_find_end -ASN1,function,145,asn1_item_ex_combine_new -ASN1,function,146,asn1_str2type -ASN1,function,147,asn1_template_ex_d2i -ASN1,function,148,asn1_template_noexp_d2i -ASN1,function,149,bitstr_cb -ASN1,function,150,c2i_ASN1_BIT_STRING -ASN1,function,151,c2i_ASN1_INTEGER -ASN1,function,152,c2i_ASN1_OBJECT -ASN1,function,153,collect_data -ASN1,function,154,d2i_ASN1_BOOLEAN -ASN1,function,155,d2i_ASN1_OBJECT -ASN1,function,156,d2i_ASN1_UINTEGER -ASN1,function,157,d2i_ASN1_UTCTIME -ASN1,function,158,d2i_ASN1_bytes -ASN1,function,159,d2i_ASN1_type_bytes -ASN1,function,160,i2d_ASN1_TIME -ASN1,function,161,i2d_PrivateKey -ASN1,function,162,long_c2i -ASN1,function,163,parse_tagging -ASN1,reason,100,ASN1_LENGTH_MISMATCH -ASN1,reason,101,AUX_ERROR -ASN1,reason,102,BAD_GET_ASN1_OBJECT_CALL -ASN1,reason,103,BAD_OBJECT_HEADER -ASN1,reason,104,BMPSTRING_IS_WRONG_LENGTH -ASN1,reason,105,BN_LIB -ASN1,reason,106,BOOLEAN_IS_WRONG_LENGTH -ASN1,reason,107,BUFFER_TOO_SMALL -ASN1,reason,108,DECODE_ERROR -ASN1,reason,109,DEPTH_EXCEEDED -ASN1,reason,110,ENCODE_ERROR -ASN1,reason,111,ERROR_GETTING_TIME -ASN1,reason,112,EXPECTING_AN_ASN1_SEQUENCE -ASN1,reason,113,EXPECTING_AN_INTEGER -ASN1,reason,114,EXPECTING_AN_OBJECT -ASN1,reason,115,EXPECTING_A_BOOLEAN -ASN1,reason,116,EXPECTING_A_TIME -ASN1,reason,117,EXPLICIT_LENGTH_MISMATCH -ASN1,reason,118,EXPLICIT_TAG_NOT_CONSTRUCTED -ASN1,reason,119,FIELD_MISSING -ASN1,reason,120,FIRST_NUM_TOO_LARGE -ASN1,reason,121,HEADER_TOO_LONG -ASN1,reason,122,ILLEGAL_BITSTRING_FORMAT -ASN1,reason,123,ILLEGAL_BOOLEAN -ASN1,reason,124,ILLEGAL_CHARACTERS -ASN1,reason,125,ILLEGAL_FORMAT -ASN1,reason,126,ILLEGAL_HEX -ASN1,reason,127,ILLEGAL_IMPLICIT_TAG -ASN1,reason,128,ILLEGAL_INTEGER -ASN1,reason,129,ILLEGAL_NESTED_TAGGING -ASN1,reason,130,ILLEGAL_NULL -ASN1,reason,131,ILLEGAL_NULL_VALUE -ASN1,reason,132,ILLEGAL_OBJECT -ASN1,reason,133,ILLEGAL_OPTIONAL_ANY -ASN1,reason,134,ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE -ASN1,reason,135,ILLEGAL_TAGGED_ANY -ASN1,reason,136,ILLEGAL_TIME_VALUE -ASN1,reason,137,INTEGER_NOT_ASCII_FORMAT -ASN1,reason,138,INTEGER_TOO_LARGE_FOR_LONG -ASN1,reason,139,INVALID_BIT_STRING_BITS_LEFT -ASN1,reason,140,INVALID_BMPSTRING_LENGTH -ASN1,reason,141,INVALID_DIGIT -ASN1,reason,142,INVALID_MODIFIER -ASN1,reason,143,INVALID_NUMBER -ASN1,reason,144,INVALID_OBJECT_ENCODING -ASN1,reason,145,INVALID_SEPARATOR -ASN1,reason,146,INVALID_TIME_FORMAT -ASN1,reason,147,INVALID_UNIVERSALSTRING_LENGTH -ASN1,reason,148,INVALID_UTF8STRING -ASN1,reason,149,LIST_ERROR -ASN1,reason,150,MALLOC_FAILURE -ASN1,reason,151,MISSING_ASN1_EOS -ASN1,reason,152,MISSING_EOC -ASN1,reason,153,MISSING_SECOND_NUMBER -ASN1,reason,154,MISSING_VALUE -ASN1,reason,155,MSTRING_NOT_UNIVERSAL -ASN1,reason,156,MSTRING_WRONG_TAG -ASN1,reason,157,NESTED_ASN1_ERROR -ASN1,reason,158,NESTED_ASN1_STRING -ASN1,reason,159,NON_HEX_CHARACTERS -ASN1,reason,160,NOT_ASCII_FORMAT -ASN1,reason,161,NOT_ENOUGH_DATA -ASN1,reason,162,NO_MATCHING_CHOICE_TYPE -ASN1,reason,163,NULL_IS_WRONG_LENGTH -ASN1,reason,164,OBJECT_NOT_ASCII_FORMAT -ASN1,reason,165,ODD_NUMBER_OF_CHARS -ASN1,reason,166,SECOND_NUMBER_TOO_LARGE -ASN1,reason,167,SEQUENCE_LENGTH_MISMATCH -ASN1,reason,168,SEQUENCE_NOT_CONSTRUCTED -ASN1,reason,169,SEQUENCE_OR_SET_NEEDS_CONFIG -ASN1,reason,170,SHORT_LINE -ASN1,reason,171,STREAMING_NOT_SUPPORTED -ASN1,reason,172,STRING_TOO_LONG -ASN1,reason,173,STRING_TOO_SHORT -ASN1,reason,174,TAG_VALUE_TOO_HIGH -ASN1,reason,175,TIME_NOT_ASCII_FORMAT -ASN1,reason,176,TOO_LONG -ASN1,reason,177,TYPE_NOT_CONSTRUCTED -ASN1,reason,178,TYPE_NOT_PRIMITIVE -ASN1,reason,179,UNEXPECTED_EOC -ASN1,reason,180,UNIVERSALSTRING_IS_WRONG_LENGTH -ASN1,reason,181,UNKNOWN_FORMAT -ASN1,reason,182,UNKNOWN_TAG -ASN1,reason,183,UNSUPPORTED_ANY_DEFINED_BY_TYPE -ASN1,reason,184,UNSUPPORTED_PUBLIC_KEY_TYPE -ASN1,reason,185,UNSUPPORTED_TYPE -ASN1,reason,186,WRONG_TAG -ASN1,reason,187,WRONG_TYPE +ASN1,100,ASN1_LENGTH_MISMATCH +ASN1,101,AUX_ERROR +ASN1,102,BAD_GET_ASN1_OBJECT_CALL +ASN1,103,BAD_OBJECT_HEADER +ASN1,104,BMPSTRING_IS_WRONG_LENGTH +ASN1,105,BN_LIB +ASN1,106,BOOLEAN_IS_WRONG_LENGTH +ASN1,107,BUFFER_TOO_SMALL +ASN1,108,DECODE_ERROR +ASN1,109,DEPTH_EXCEEDED +ASN1,110,ENCODE_ERROR +ASN1,111,ERROR_GETTING_TIME +ASN1,112,EXPECTING_AN_ASN1_SEQUENCE +ASN1,113,EXPECTING_AN_INTEGER +ASN1,114,EXPECTING_AN_OBJECT +ASN1,115,EXPECTING_A_BOOLEAN +ASN1,116,EXPECTING_A_TIME +ASN1,117,EXPLICIT_LENGTH_MISMATCH +ASN1,118,EXPLICIT_TAG_NOT_CONSTRUCTED +ASN1,119,FIELD_MISSING +ASN1,120,FIRST_NUM_TOO_LARGE +ASN1,121,HEADER_TOO_LONG +ASN1,122,ILLEGAL_BITSTRING_FORMAT +ASN1,123,ILLEGAL_BOOLEAN +ASN1,124,ILLEGAL_CHARACTERS +ASN1,125,ILLEGAL_FORMAT +ASN1,126,ILLEGAL_HEX +ASN1,127,ILLEGAL_IMPLICIT_TAG +ASN1,128,ILLEGAL_INTEGER +ASN1,129,ILLEGAL_NESTED_TAGGING +ASN1,130,ILLEGAL_NULL +ASN1,131,ILLEGAL_NULL_VALUE +ASN1,132,ILLEGAL_OBJECT +ASN1,133,ILLEGAL_OPTIONAL_ANY +ASN1,134,ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE +ASN1,135,ILLEGAL_TAGGED_ANY +ASN1,136,ILLEGAL_TIME_VALUE +ASN1,137,INTEGER_NOT_ASCII_FORMAT +ASN1,138,INTEGER_TOO_LARGE_FOR_LONG +ASN1,139,INVALID_BIT_STRING_BITS_LEFT +ASN1,140,INVALID_BMPSTRING_LENGTH +ASN1,141,INVALID_DIGIT +ASN1,142,INVALID_MODIFIER +ASN1,143,INVALID_NUMBER +ASN1,144,INVALID_OBJECT_ENCODING +ASN1,145,INVALID_SEPARATOR +ASN1,146,INVALID_TIME_FORMAT +ASN1,147,INVALID_UNIVERSALSTRING_LENGTH +ASN1,148,INVALID_UTF8STRING +ASN1,149,LIST_ERROR +ASN1,150,MALLOC_FAILURE +ASN1,151,MISSING_ASN1_EOS +ASN1,152,MISSING_EOC +ASN1,153,MISSING_SECOND_NUMBER +ASN1,154,MISSING_VALUE +ASN1,155,MSTRING_NOT_UNIVERSAL +ASN1,156,MSTRING_WRONG_TAG +ASN1,157,NESTED_ASN1_ERROR +ASN1,158,NESTED_ASN1_STRING +ASN1,159,NON_HEX_CHARACTERS +ASN1,160,NOT_ASCII_FORMAT +ASN1,161,NOT_ENOUGH_DATA +ASN1,162,NO_MATCHING_CHOICE_TYPE +ASN1,163,NULL_IS_WRONG_LENGTH +ASN1,164,OBJECT_NOT_ASCII_FORMAT +ASN1,165,ODD_NUMBER_OF_CHARS +ASN1,166,SECOND_NUMBER_TOO_LARGE +ASN1,167,SEQUENCE_LENGTH_MISMATCH +ASN1,168,SEQUENCE_NOT_CONSTRUCTED +ASN1,169,SEQUENCE_OR_SET_NEEDS_CONFIG +ASN1,170,SHORT_LINE +ASN1,171,STREAMING_NOT_SUPPORTED +ASN1,172,STRING_TOO_LONG +ASN1,173,STRING_TOO_SHORT +ASN1,174,TAG_VALUE_TOO_HIGH +ASN1,175,TIME_NOT_ASCII_FORMAT +ASN1,176,TOO_LONG +ASN1,177,TYPE_NOT_CONSTRUCTED +ASN1,178,TYPE_NOT_PRIMITIVE +ASN1,179,UNEXPECTED_EOC +ASN1,180,UNIVERSALSTRING_IS_WRONG_LENGTH +ASN1,181,UNKNOWN_FORMAT +ASN1,182,UNKNOWN_TAG +ASN1,183,UNSUPPORTED_ANY_DEFINED_BY_TYPE +ASN1,184,UNSUPPORTED_PUBLIC_KEY_TYPE +ASN1,185,UNSUPPORTED_TYPE +ASN1,186,WRONG_TAG +ASN1,187,WRONG_TYPE diff --git a/src/crypto/err/bio.errordata b/src/crypto/err/bio.errordata index 9f2af02..94b3c97 100644 --- a/src/crypto/err/bio.errordata +++ b/src/crypto/err/bio.errordata @@ -1,36 +1,17 @@ -BIO,function,100,BIO_callback_ctrl -BIO,function,101,BIO_ctrl -BIO,function,102,BIO_new -BIO,function,103,BIO_new_file -BIO,function,104,BIO_new_mem_buf -BIO,function,118,BIO_printf -BIO,function,105,BIO_zero_copy_get_read_buf -BIO,function,106,BIO_zero_copy_get_read_buf_done -BIO,function,107,BIO_zero_copy_get_write_buf -BIO,function,108,BIO_zero_copy_get_write_buf_done -BIO,function,109,bio_io -BIO,function,110,bio_make_pair -BIO,function,111,bio_write -BIO,function,112,buffer_ctrl -BIO,function,113,conn_ctrl -BIO,function,114,conn_state -BIO,function,115,file_ctrl -BIO,function,116,file_read -BIO,function,117,mem_write -BIO,reason,100,BAD_FOPEN_MODE -BIO,reason,101,BROKEN_PIPE -BIO,reason,102,CONNECT_ERROR -BIO,reason,103,ERROR_SETTING_NBIO -BIO,reason,104,INVALID_ARGUMENT -BIO,reason,105,IN_USE -BIO,reason,106,KEEPALIVE -BIO,reason,107,NBIO_CONNECT_ERROR -BIO,reason,108,NO_HOSTNAME_SPECIFIED -BIO,reason,109,NO_PORT_SPECIFIED -BIO,reason,110,NO_SUCH_FILE -BIO,reason,111,NULL_PARAMETER -BIO,reason,112,SYS_LIB -BIO,reason,113,UNABLE_TO_CREATE_SOCKET -BIO,reason,114,UNINITIALIZED -BIO,reason,115,UNSUPPORTED_METHOD -BIO,reason,116,WRITE_TO_READ_ONLY_BIO +BIO,100,BAD_FOPEN_MODE +BIO,101,BROKEN_PIPE +BIO,102,CONNECT_ERROR +BIO,103,ERROR_SETTING_NBIO +BIO,104,INVALID_ARGUMENT +BIO,105,IN_USE +BIO,106,KEEPALIVE +BIO,107,NBIO_CONNECT_ERROR +BIO,108,NO_HOSTNAME_SPECIFIED +BIO,109,NO_PORT_SPECIFIED +BIO,110,NO_SUCH_FILE +BIO,111,NULL_PARAMETER +BIO,112,SYS_LIB +BIO,113,UNABLE_TO_CREATE_SOCKET +BIO,114,UNINITIALIZED +BIO,115,UNSUPPORTED_METHOD +BIO,116,WRITE_TO_READ_ONLY_BIO diff --git a/src/crypto/err/bn.errordata b/src/crypto/err/bn.errordata index 6fd4968..76b6392 100644 --- a/src/crypto/err/bn.errordata +++ b/src/crypto/err/bn.errordata @@ -1,44 +1,19 @@ -BN,function,100,BN_CTX_get -BN,function,101,BN_CTX_new -BN,function,102,BN_CTX_start -BN,function,103,BN_bn2dec -BN,function,104,BN_bn2hex -BN,function,105,BN_div -BN,function,106,BN_div_recp -BN,function,107,BN_exp -BN,function,108,BN_generate_dsa_nonce -BN,function,109,BN_generate_prime_ex -BN,function,125,BN_lshift -BN,function,110,BN_mod_exp2_mont -BN,function,111,BN_mod_exp_mont -BN,function,112,BN_mod_exp_mont_consttime -BN,function,113,BN_mod_exp_mont_word -BN,function,114,BN_mod_inverse -BN,function,115,BN_mod_inverse_no_branch -BN,function,116,BN_mod_lshift_quick -BN,function,117,BN_mod_sqrt -BN,function,118,BN_new -BN,function,119,BN_rand -BN,function,120,BN_rand_range -BN,function,126,BN_rshift -BN,function,121,BN_sqrt -BN,function,122,BN_usub -BN,function,123,bn_wexpand -BN,function,124,mod_exp_recp -BN,reason,100,ARG2_LT_ARG3 -BN,reason,101,BAD_RECIPROCAL -BN,reason,102,BIGNUM_TOO_LONG -BN,reason,103,BITS_TOO_SMALL -BN,reason,104,CALLED_WITH_EVEN_MODULUS -BN,reason,105,DIV_BY_ZERO -BN,reason,106,EXPAND_ON_STATIC_BIGNUM_DATA -BN,reason,107,INPUT_NOT_REDUCED -BN,reason,108,INVALID_RANGE -BN,reason,109,NEGATIVE_NUMBER -BN,reason,110,NOT_A_SQUARE -BN,reason,111,NOT_INITIALIZED -BN,reason,112,NO_INVERSE -BN,reason,113,PRIVATE_KEY_TOO_LARGE -BN,reason,114,P_IS_NOT_PRIME -BN,reason,115,TOO_MANY_ITERATIONS -BN,reason,116,TOO_MANY_TEMPORARY_VARIABLES +BN,100,ARG2_LT_ARG3 +BN,117,BAD_ENCODING +BN,101,BAD_RECIPROCAL +BN,102,BIGNUM_TOO_LONG +BN,103,BITS_TOO_SMALL +BN,104,CALLED_WITH_EVEN_MODULUS +BN,105,DIV_BY_ZERO +BN,118,ENCODE_ERROR +BN,106,EXPAND_ON_STATIC_BIGNUM_DATA +BN,107,INPUT_NOT_REDUCED +BN,108,INVALID_RANGE +BN,109,NEGATIVE_NUMBER +BN,110,NOT_A_SQUARE +BN,111,NOT_INITIALIZED +BN,112,NO_INVERSE +BN,113,PRIVATE_KEY_TOO_LARGE +BN,114,P_IS_NOT_PRIME +BN,115,TOO_MANY_ITERATIONS +BN,116,TOO_MANY_TEMPORARY_VARIABLES diff --git a/src/crypto/err/buf.errordata b/src/crypto/err/buf.errordata deleted file mode 100644 index 01b6c9a..0000000 --- a/src/crypto/err/buf.errordata +++ /dev/null @@ -1,4 +0,0 @@ -BUF,function,100,BUF_MEM_new -BUF,function,101,BUF_memdup -BUF,function,102,BUF_strndup -BUF,function,103,buf_mem_grow diff --git a/src/crypto/err/cipher.errordata b/src/crypto/err/cipher.errordata index ce8459b..1037505 100644 --- a/src/crypto/err/cipher.errordata +++ b/src/crypto/err/cipher.errordata @@ -1,60 +1,25 @@ -CIPHER,function,100,EVP_AEAD_CTX_init -CIPHER,function,131,EVP_AEAD_CTX_init_with_direction -CIPHER,function,101,EVP_AEAD_CTX_open -CIPHER,function,102,EVP_AEAD_CTX_seal -CIPHER,function,103,EVP_CIPHER_CTX_copy -CIPHER,function,104,EVP_CIPHER_CTX_ctrl -CIPHER,function,105,EVP_CIPHER_CTX_set_key_length -CIPHER,function,106,EVP_CipherInit_ex -CIPHER,function,107,EVP_DecryptFinal_ex -CIPHER,function,108,EVP_EncryptFinal_ex -CIPHER,function,132,aead_aes_ctr_hmac_sha256_init -CIPHER,function,133,aead_aes_ctr_hmac_sha256_open -CIPHER,function,134,aead_aes_ctr_hmac_sha256_seal -CIPHER,function,109,aead_aes_gcm_init -CIPHER,function,110,aead_aes_gcm_open -CIPHER,function,111,aead_aes_gcm_seal -CIPHER,function,112,aead_aes_key_wrap_init -CIPHER,function,113,aead_aes_key_wrap_open -CIPHER,function,114,aead_aes_key_wrap_seal -CIPHER,function,115,aead_chacha20_poly1305_init -CIPHER,function,116,aead_chacha20_poly1305_open -CIPHER,function,117,aead_chacha20_poly1305_seal -CIPHER,function,118,aead_rc4_md5_tls_init -CIPHER,function,119,aead_rc4_md5_tls_open -CIPHER,function,120,aead_rc4_md5_tls_seal -CIPHER,function,121,aead_ssl3_ensure_cipher_init -CIPHER,function,122,aead_ssl3_init -CIPHER,function,123,aead_ssl3_open -CIPHER,function,124,aead_ssl3_seal -CIPHER,function,125,aead_tls_ensure_cipher_init -CIPHER,function,126,aead_tls_init -CIPHER,function,127,aead_tls_open -CIPHER,function,128,aead_tls_seal -CIPHER,function,129,aes_init_key -CIPHER,function,130,aesni_init_key -CIPHER,reason,100,AES_KEY_SETUP_FAILED -CIPHER,reason,101,BAD_DECRYPT -CIPHER,reason,102,BAD_KEY_LENGTH -CIPHER,reason,103,BUFFER_TOO_SMALL -CIPHER,reason,104,CTRL_NOT_IMPLEMENTED -CIPHER,reason,105,CTRL_OPERATION_NOT_IMPLEMENTED -CIPHER,reason,106,DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH -CIPHER,reason,107,INITIALIZATION_ERROR -CIPHER,reason,108,INPUT_NOT_INITIALIZED -CIPHER,reason,109,INVALID_AD_SIZE -CIPHER,reason,110,INVALID_KEY_LENGTH -CIPHER,reason,111,INVALID_NONCE_SIZE -CIPHER,reason,112,INVALID_OPERATION -CIPHER,reason,113,IV_TOO_LARGE -CIPHER,reason,114,NO_CIPHER_SET -CIPHER,reason,124,NO_DIRECTION_SET -CIPHER,reason,115,OUTPUT_ALIASES_INPUT -CIPHER,reason,116,TAG_TOO_LARGE -CIPHER,reason,117,TOO_LARGE -CIPHER,reason,118,UNSUPPORTED_AD_SIZE -CIPHER,reason,119,UNSUPPORTED_INPUT_SIZE -CIPHER,reason,120,UNSUPPORTED_KEY_SIZE -CIPHER,reason,121,UNSUPPORTED_NONCE_SIZE -CIPHER,reason,122,UNSUPPORTED_TAG_SIZE -CIPHER,reason,123,WRONG_FINAL_BLOCK_LENGTH +CIPHER,100,AES_KEY_SETUP_FAILED +CIPHER,101,BAD_DECRYPT +CIPHER,102,BAD_KEY_LENGTH +CIPHER,103,BUFFER_TOO_SMALL +CIPHER,104,CTRL_NOT_IMPLEMENTED +CIPHER,105,CTRL_OPERATION_NOT_IMPLEMENTED +CIPHER,106,DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH +CIPHER,107,INITIALIZATION_ERROR +CIPHER,108,INPUT_NOT_INITIALIZED +CIPHER,109,INVALID_AD_SIZE +CIPHER,110,INVALID_KEY_LENGTH +CIPHER,111,INVALID_NONCE_SIZE +CIPHER,112,INVALID_OPERATION +CIPHER,113,IV_TOO_LARGE +CIPHER,114,NO_CIPHER_SET +CIPHER,124,NO_DIRECTION_SET +CIPHER,115,OUTPUT_ALIASES_INPUT +CIPHER,116,TAG_TOO_LARGE +CIPHER,117,TOO_LARGE +CIPHER,118,UNSUPPORTED_AD_SIZE +CIPHER,119,UNSUPPORTED_INPUT_SIZE +CIPHER,120,UNSUPPORTED_KEY_SIZE +CIPHER,121,UNSUPPORTED_NONCE_SIZE +CIPHER,122,UNSUPPORTED_TAG_SIZE +CIPHER,123,WRONG_FINAL_BLOCK_LENGTH diff --git a/src/crypto/err/conf.errordata b/src/crypto/err/conf.errordata index 0b96a32..651fabe 100644 --- a/src/crypto/err/conf.errordata +++ b/src/crypto/err/conf.errordata @@ -1,10 +1,6 @@ -CONF,function,100,CONF_parse_list -CONF,function,101,NCONF_load -CONF,function,102,def_load_bio -CONF,function,103,str_copy -CONF,reason,100,LIST_CANNOT_BE_NULL -CONF,reason,101,MISSING_CLOSE_SQUARE_BRACKET -CONF,reason,102,MISSING_EQUAL_SIGN -CONF,reason,103,NO_CLOSE_BRACE -CONF,reason,104,UNABLE_TO_CREATE_NEW_SECTION -CONF,reason,105,VARIABLE_HAS_NO_VALUE +CONF,100,LIST_CANNOT_BE_NULL +CONF,101,MISSING_CLOSE_SQUARE_BRACKET +CONF,102,MISSING_EQUAL_SIGN +CONF,103,NO_CLOSE_BRACE +CONF,104,UNABLE_TO_CREATE_NEW_SECTION +CONF,105,VARIABLE_HAS_NO_VALUE diff --git a/src/crypto/err/crypto.errordata b/src/crypto/err/crypto.errordata deleted file mode 100644 index 1e0e9d5..0000000 --- a/src/crypto/err/crypto.errordata +++ /dev/null @@ -1,4 +0,0 @@ -CRYPTO,function,100,CRYPTO_get_ex_new_index -CRYPTO,function,101,CRYPTO_set_ex_data -CRYPTO,function,102,get_class -CRYPTO,function,103,get_func_pointers diff --git a/src/crypto/err/dh.errordata b/src/crypto/err/dh.errordata index 1fd675b..571e218 100644 --- a/src/crypto/err/dh.errordata +++ b/src/crypto/err/dh.errordata @@ -1,8 +1,4 @@ -DH,function,100,DH_new_method -DH,function,101,compute_key -DH,function,102,generate_key -DH,function,103,generate_parameters -DH,reason,100,BAD_GENERATOR -DH,reason,101,INVALID_PUBKEY -DH,reason,102,MODULUS_TOO_LARGE -DH,reason,103,NO_PRIVATE_VALUE +DH,100,BAD_GENERATOR +DH,101,INVALID_PUBKEY +DH,102,MODULUS_TOO_LARGE +DH,103,NO_PRIVATE_VALUE diff --git a/src/crypto/err/digest.errordata b/src/crypto/err/digest.errordata index 95a3622..411e778 100644 --- a/src/crypto/err/digest.errordata +++ b/src/crypto/err/digest.errordata @@ -1,3 +1 @@ -DIGEST,function,100,EVP_DigestInit_ex -DIGEST,function,101,EVP_MD_CTX_copy_ex -DIGEST,reason,100,INPUT_NOT_INITIALIZED +DIGEST,100,INPUT_NOT_INITIALIZED diff --git a/src/crypto/err/dsa.errordata b/src/crypto/err/dsa.errordata index c2dff23..3c5764a 100644 --- a/src/crypto/err/dsa.errordata +++ b/src/crypto/err/dsa.errordata @@ -1,9 +1,4 @@ -DSA,function,100,DSA_new_method -DSA,function,101,dsa_sig_cb -DSA,function,102,sign -DSA,function,103,sign_setup -DSA,function,104,verify -DSA,reason,100,BAD_Q_VALUE -DSA,reason,101,MISSING_PARAMETERS -DSA,reason,102,MODULUS_TOO_LARGE -DSA,reason,103,NEED_NEW_SETUP_VALUES +DSA,100,BAD_Q_VALUE +DSA,101,MISSING_PARAMETERS +DSA,102,MODULUS_TOO_LARGE +DSA,103,NEED_NEW_SETUP_VALUES diff --git a/src/crypto/err/ec.errordata b/src/crypto/err/ec.errordata index 252f7ab..e7b4175 100644 --- a/src/crypto/err/ec.errordata +++ b/src/crypto/err/ec.errordata @@ -1,95 +1,28 @@ -EC,function,159,BN_to_felem -EC,function,100,EC_GROUP_copy -EC,function,101,EC_GROUP_get_curve_GFp -EC,function,102,EC_GROUP_get_degree -EC,function,103,EC_GROUP_new_by_curve_name -EC,function,166,EC_GROUP_new_curve_GFp -EC,function,104,EC_KEY_check_key -EC,function,105,EC_KEY_copy -EC,function,106,EC_KEY_generate_key -EC,function,165,EC_KEY_new_by_curve_name -EC,function,107,EC_KEY_new_method -EC,function,108,EC_KEY_set_public_key_affine_coordinates -EC,function,109,EC_POINT_add -EC,function,110,EC_POINT_cmp -EC,function,111,EC_POINT_copy -EC,function,112,EC_POINT_dbl -EC,function,113,EC_POINT_dup -EC,function,114,EC_POINT_get_affine_coordinates_GFp -EC,function,115,EC_POINT_invert -EC,function,116,EC_POINT_is_at_infinity -EC,function,117,EC_POINT_is_on_curve -EC,function,118,EC_POINT_make_affine -EC,function,119,EC_POINT_new -EC,function,120,EC_POINT_oct2point -EC,function,121,EC_POINT_point2oct -EC,function,122,EC_POINT_set_affine_coordinates_GFp -EC,function,123,EC_POINT_set_compressed_coordinates_GFp -EC,function,124,EC_POINT_set_to_infinity -EC,function,125,EC_POINTs_make_affine -EC,function,126,compute_wNAF -EC,function,127,d2i_ECPKParameters -EC,function,128,d2i_ECParameters -EC,function,129,d2i_ECPrivateKey -EC,function,130,ec_GFp_mont_field_decode -EC,function,131,ec_GFp_mont_field_encode -EC,function,132,ec_GFp_mont_field_mul -EC,function,133,ec_GFp_mont_field_set_to_one -EC,function,134,ec_GFp_mont_field_sqr -EC,function,135,ec_GFp_mont_group_set_curve -EC,function,160,ec_GFp_nistp256_group_set_curve -EC,function,161,ec_GFp_nistp256_point_get_affine_coordinates -EC,function,162,ec_GFp_nistp256_points_mul -EC,function,136,ec_GFp_simple_group_check_discriminant -EC,function,137,ec_GFp_simple_group_set_curve -EC,function,138,ec_GFp_simple_make_affine -EC,function,139,ec_GFp_simple_oct2point -EC,function,140,ec_GFp_simple_point2oct -EC,function,141,ec_GFp_simple_point_get_affine_coordinates -EC,function,142,ec_GFp_simple_point_set_affine_coordinates -EC,function,143,ec_GFp_simple_points_make_affine -EC,function,144,ec_GFp_simple_set_compressed_coordinates -EC,function,145,ec_asn1_group2pkparameters -EC,function,146,ec_asn1_pkparameters2group -EC,function,163,ec_group_copy -EC,function,147,ec_group_new -EC,function,148,ec_group_new_curve_GFp -EC,function,149,ec_group_new_from_data -EC,function,150,ec_point_set_Jprojective_coordinates_GFp -EC,function,151,ec_pre_comp_new -EC,function,152,ec_wNAF_mul -EC,function,153,ec_wNAF_precompute_mult -EC,function,154,i2d_ECPKParameters -EC,function,155,i2d_ECParameters -EC,function,156,i2d_ECPrivateKey -EC,function,157,i2o_ECPublicKey -EC,function,164,nistp256_pre_comp_new -EC,function,158,o2i_ECPublicKey -EC,reason,126,BIGNUM_OUT_OF_RANGE -EC,reason,100,BUFFER_TOO_SMALL -EC,reason,101,COORDINATES_OUT_OF_RANGE -EC,reason,102,D2I_ECPKPARAMETERS_FAILURE -EC,reason,103,EC_GROUP_NEW_BY_NAME_FAILURE -EC,reason,104,GROUP2PKPARAMETERS_FAILURE -EC,reason,105,I2D_ECPKPARAMETERS_FAILURE -EC,reason,106,INCOMPATIBLE_OBJECTS -EC,reason,107,INVALID_COMPRESSED_POINT -EC,reason,108,INVALID_COMPRESSION_BIT -EC,reason,109,INVALID_ENCODING -EC,reason,110,INVALID_FIELD -EC,reason,111,INVALID_FORM -EC,reason,112,INVALID_GROUP_ORDER -EC,reason,113,INVALID_PRIVATE_KEY -EC,reason,114,MISSING_PARAMETERS -EC,reason,115,MISSING_PRIVATE_KEY -EC,reason,116,NON_NAMED_CURVE -EC,reason,117,NOT_INITIALIZED -EC,reason,118,PKPARAMETERS2GROUP_FAILURE -EC,reason,119,POINT_AT_INFINITY -EC,reason,120,POINT_IS_NOT_ON_CURVE -EC,reason,121,SLOT_FULL -EC,reason,122,UNDEFINED_GENERATOR -EC,reason,123,UNKNOWN_GROUP -EC,reason,124,UNKNOWN_ORDER -EC,reason,127,WRONG_CURVE_PARAMETERS -EC,reason,125,WRONG_ORDER +EC,126,BIGNUM_OUT_OF_RANGE +EC,100,BUFFER_TOO_SMALL +EC,101,COORDINATES_OUT_OF_RANGE +EC,102,D2I_ECPKPARAMETERS_FAILURE +EC,103,EC_GROUP_NEW_BY_NAME_FAILURE +EC,104,GROUP2PKPARAMETERS_FAILURE +EC,105,I2D_ECPKPARAMETERS_FAILURE +EC,106,INCOMPATIBLE_OBJECTS +EC,107,INVALID_COMPRESSED_POINT +EC,108,INVALID_COMPRESSION_BIT +EC,109,INVALID_ENCODING +EC,110,INVALID_FIELD +EC,111,INVALID_FORM +EC,112,INVALID_GROUP_ORDER +EC,113,INVALID_PRIVATE_KEY +EC,114,MISSING_PARAMETERS +EC,115,MISSING_PRIVATE_KEY +EC,116,NON_NAMED_CURVE +EC,117,NOT_INITIALIZED +EC,118,PKPARAMETERS2GROUP_FAILURE +EC,119,POINT_AT_INFINITY +EC,120,POINT_IS_NOT_ON_CURVE +EC,121,SLOT_FULL +EC,122,UNDEFINED_GENERATOR +EC,123,UNKNOWN_GROUP +EC,124,UNKNOWN_ORDER +EC,127,WRONG_CURVE_PARAMETERS +EC,125,WRONG_ORDER diff --git a/src/crypto/err/ecdh.errordata b/src/crypto/err/ecdh.errordata index 0f1215e..f714c30 100644 --- a/src/crypto/err/ecdh.errordata +++ b/src/crypto/err/ecdh.errordata @@ -1,4 +1,3 @@ -ECDH,function,100,ECDH_compute_key -ECDH,reason,100,KDF_FAILED -ECDH,reason,101,NO_PRIVATE_VALUE -ECDH,reason,102,POINT_ARITHMETIC_FAILURE +ECDH,100,KDF_FAILED +ECDH,101,NO_PRIVATE_VALUE +ECDH,102,POINT_ARITHMETIC_FAILURE diff --git a/src/crypto/err/ecdsa.errordata b/src/crypto/err/ecdsa.errordata index 97c213e..58ba591 100644 --- a/src/crypto/err/ecdsa.errordata +++ b/src/crypto/err/ecdsa.errordata @@ -1,10 +1,6 @@ -ECDSA,function,100,ECDSA_do_sign_ex -ECDSA,function,101,ECDSA_do_verify -ECDSA,function,102,ECDSA_sign_ex -ECDSA,function,103,digest_to_bn -ECDSA,function,104,ecdsa_sign_setup -ECDSA,reason,100,BAD_SIGNATURE -ECDSA,reason,101,MISSING_PARAMETERS -ECDSA,reason,102,NEED_NEW_SETUP_VALUES -ECDSA,reason,103,NOT_IMPLEMENTED -ECDSA,reason,104,RANDOM_NUMBER_GENERATION_FAILED +ECDSA,100,BAD_SIGNATURE +ECDSA,105,ENCODE_ERROR +ECDSA,101,MISSING_PARAMETERS +ECDSA,102,NEED_NEW_SETUP_VALUES +ECDSA,103,NOT_IMPLEMENTED +ECDSA,104,RANDOM_NUMBER_GENERATION_FAILED diff --git a/src/crypto/err/engine.errordata b/src/crypto/err/engine.errordata index 1185e88..edbd7b9 100644 --- a/src/crypto/err/engine.errordata +++ b/src/crypto/err/engine.errordata @@ -1 +1 @@ -ENGINE,reason,100,OPERATION_NOT_SUPPORTED +ENGINE,100,OPERATION_NOT_SUPPORTED diff --git a/src/crypto/err/err.c b/src/crypto/err/err.c index de1b4a7..24824e8 100644 --- a/src/crypto/err/err.c +++ b/src/crypto/err/err.c @@ -125,10 +125,6 @@ #include "../internal.h" -extern const uint32_t kOpenSSLFunctionValues[]; -extern const size_t kOpenSSLFunctionValuesLen; -extern const char kOpenSSLFunctionStringData[]; - extern const uint32_t kOpenSSLReasonValues[]; extern const size_t kOpenSSLReasonValuesLen; extern const char kOpenSSLReasonStringData[]; @@ -259,42 +255,51 @@ static uint32_t get_error_values(int inc, int top, const char **file, int *line, } uint32_t ERR_get_error(void) { - return get_error_values(1, 0, NULL, NULL, NULL, NULL); + return get_error_values(1 /* inc */, 0 /* bottom */, NULL, NULL, NULL, NULL); } uint32_t ERR_get_error_line(const char **file, int *line) { - return get_error_values(1, 0, file, line, NULL, NULL); + return get_error_values(1 /* inc */, 0 /* bottom */, file, line, NULL, NULL); } uint32_t ERR_get_error_line_data(const char **file, int *line, const char **data, int *flags) { - return get_error_values(1, 0, file, line, data, flags); + return get_error_values(1 /* inc */, 0 /* bottom */, file, line, data, flags); } uint32_t ERR_peek_error(void) { - return get_error_values(0, 0, NULL, NULL, NULL, NULL); + return get_error_values(0 /* peek */, 0 /* bottom */, NULL, NULL, NULL, NULL); } uint32_t ERR_peek_error_line(const char **file, int *line) { - return get_error_values(0, 0, file, line, NULL, NULL); + return get_error_values(0 /* peek */, 0 /* bottom */, file, line, NULL, NULL); } uint32_t ERR_peek_error_line_data(const char **file, int *line, const char **data, int *flags) { - return get_error_values(0, 0, file, line, data, flags); + return get_error_values(0 /* peek */, 0 /* bottom */, file, line, data, + flags); +} + +const char *ERR_peek_function(void) { + ERR_STATE *state = err_get_state(); + if (state == NULL || state->bottom == state->top) { + return NULL; + } + return state->errors[(state->bottom + 1) % ERR_NUM_ERRORS].function; } uint32_t ERR_peek_last_error(void) { - return get_error_values(0, 1, NULL, NULL, NULL, NULL); + return get_error_values(0 /* peek */, 1 /* top */, NULL, NULL, NULL, NULL); } uint32_t ERR_peek_last_error_line(const char **file, int *line) { - return get_error_values(0, 1, file, line, NULL, NULL); + return get_error_values(0 /* peek */, 1 /* top */, file, line, NULL, NULL); } uint32_t ERR_peek_last_error_line_data(const char **file, int *line, const char **data, int *flags) { - return get_error_values(0, 1, file, line, data, flags); + return get_error_values(0 /* peek */, 1 /* top */, file, line, data, flags); } void ERR_clear_error(void) { @@ -341,40 +346,20 @@ void ERR_clear_system_error(void) { errno = 0; } -char *ERR_error_string(uint32_t packed_error, char *ret) { - static char buf[ERR_ERROR_STRING_BUF_LEN]; - - if (ret == NULL) { - /* TODO(fork): remove this. */ - ret = buf; - } - -#if !defined(NDEBUG) - /* This is aimed to help catch callers who don't provide - * |ERR_ERROR_STRING_BUF_LEN| bytes of space. */ - memset(ret, 0, ERR_ERROR_STRING_BUF_LEN); -#endif - - ERR_error_string_n(packed_error, ret, ERR_ERROR_STRING_BUF_LEN); - - return ret; -} - -void ERR_error_string_n(uint32_t packed_error, char *buf, size_t len) { - char lib_buf[64], func_buf[64], reason_buf[64]; - const char *lib_str, *func_str, *reason_str; - unsigned lib, func, reason; +static void err_error_string(uint32_t packed_error, const char *func_str, + char *buf, size_t len) { + char lib_buf[64], reason_buf[64]; + const char *lib_str, *reason_str; + unsigned lib, reason; if (len == 0) { return; } lib = ERR_GET_LIB(packed_error); - func = ERR_GET_FUNC(packed_error); reason = ERR_GET_REASON(packed_error); lib_str = ERR_lib_error_string(packed_error); - func_str = ERR_func_error_string(packed_error); reason_str = ERR_reason_error_string(packed_error); if (lib_str == NULL) { @@ -383,8 +368,7 @@ void ERR_error_string_n(uint32_t packed_error, char *buf, size_t len) { } if (func_str == NULL) { - BIO_snprintf(func_buf, sizeof(func_buf), "func(%u)", func); - func_str = func_buf; + func_str = "OPENSSL_internal"; } if (reason_str == NULL) { @@ -426,6 +410,29 @@ void ERR_error_string_n(uint32_t packed_error, char *buf, size_t len) { } } +char *ERR_error_string(uint32_t packed_error, char *ret) { + static char buf[ERR_ERROR_STRING_BUF_LEN]; + + if (ret == NULL) { + /* TODO(fork): remove this. */ + ret = buf; + } + +#if !defined(NDEBUG) + /* This is aimed to help catch callers who don't provide + * |ERR_ERROR_STRING_BUF_LEN| bytes of space. */ + memset(ret, 0, ERR_ERROR_STRING_BUF_LEN); +#endif + + ERR_error_string_n(packed_error, ret, ERR_ERROR_STRING_BUF_LEN); + + return ret; +} + +void ERR_error_string_n(uint32_t packed_error, char *buf, size_t len) { + err_error_string(packed_error, NULL, buf, len); +} + // err_string_cmp is a compare function for searching error values with // |bsearch| in |err_string_lookup|. static int err_string_cmp(const void *a, const void *b) { @@ -505,8 +512,8 @@ static const char *const kLibraryNames[ERR_NUM_LIBS] = { "HMAC routines", /* ERR_LIB_HMAC */ "Digest functions", /* ERR_LIB_DIGEST */ "Cipher functions", /* ERR_LIB_CIPHER */ - "User defined functions", /* ERR_LIB_USER */ "HKDF functions", /* ERR_LIB_HKDF */ + "User defined functions", /* ERR_LIB_USER */ }; const char *ERR_lib_error_string(uint32_t packed_error) { @@ -519,36 +526,7 @@ const char *ERR_lib_error_string(uint32_t packed_error) { } const char *ERR_func_error_string(uint32_t packed_error) { - const uint32_t lib = ERR_GET_LIB(packed_error); - const uint32_t func = ERR_GET_FUNC(packed_error); - - if (lib == ERR_LIB_SYS) { - switch (func) { - case SYS_F_fopen: - return "fopen"; - case SYS_F_fclose: - return "fclose"; - case SYS_F_fread: - return "fread"; - case SYS_F_fwrite: - return "fwrite"; - case SYS_F_socket: - return "socket"; - case SYS_F_setsockopt: - return "setsockopt"; - case SYS_F_connect: - return "connect"; - case SYS_F_getaddrinfo: - return "getaddrinfo"; - default: - return NULL; - } - } - - return err_string_lookup(ERR_GET_LIB(packed_error), - ERR_GET_FUNC(packed_error), kOpenSSLFunctionValues, - kOpenSSLFunctionValuesLen, - kOpenSSLFunctionStringData); + return "OPENSSL_internal"; } const char *ERR_reason_error_string(uint32_t packed_error) { @@ -599,12 +577,13 @@ void ERR_print_errors_cb(ERR_print_errors_callback_t callback, void *ctx) { const unsigned long thread_hash = (uintptr_t) err_get_state(); for (;;) { + const char *function = ERR_peek_function(); packed_error = ERR_get_error_line_data(&file, &line, &data, &flags); if (packed_error == 0) { break; } - ERR_error_string_n(packed_error, buf, sizeof(buf)); + err_error_string(packed_error, function, buf, sizeof(buf)); BIO_snprintf(buf2, sizeof(buf2), "%lu:%s:%s:%d:%s\n", thread_hash, buf, file, line, (flags & ERR_FLAG_STRING) ? data : ""); if (callback(buf2, strlen(buf2), ctx) <= 0) { @@ -644,8 +623,8 @@ static void err_set_error_data(char *data, int flags) { error->flags = flags; } -void ERR_put_error(int library, int func, int reason, const char *file, - unsigned line) { +void ERR_put_error(int library, int reason, const char *function, + const char *file, unsigned line) { ERR_STATE *const state = err_get_state(); struct err_error_st *error; @@ -654,7 +633,7 @@ void ERR_put_error(int library, int func, int reason, const char *file, } if (library == ERR_LIB_SYS && reason == 0) { -#if defined(WIN32) +#if defined(OPENSSL_WINDOWS) reason = GetLastError(); #else reason = errno; @@ -668,9 +647,10 @@ void ERR_put_error(int library, int func, int reason, const char *file, error = &state->errors[state->top]; err_clear(error); + error->function = function; error->file = file; error->line = line; - error->packed = ERR_PACK(library, func, reason); + error->packed = ERR_PACK(library, reason); } /* ERR_add_error_data_vdata takes a variable number of const char* pointers, diff --git a/src/crypto/err/err_data_generate.go b/src/crypto/err/err_data_generate.go index a5b4cb5..24e0d66 100644 --- a/src/crypto/err/err_data_generate.go +++ b/src/crypto/err/err_data_generate.go @@ -59,8 +59,8 @@ var libraryNames = []string{ "HMAC", "DIGEST", "CIPHER", - "USER", "HKDF", + "USER", } // stringList is a map from uint32 -> string which can output data for a sorted @@ -69,7 +69,7 @@ type stringList struct { // entries is an array of keys and offsets into |stringData|. The // offsets are in the bottom 15 bits of each uint32 and the key is the // top 17 bits. - entries []uint32 + entries []uint32 // internedStrings contains the same strings as are in |stringData|, // but allows for easy deduplication. It maps a string to its offset in // |stringData|. @@ -146,7 +146,7 @@ func (st *stringList) WriteTo(out stringWriter, name string) { fmt.Fprintf(out, " 0x%x,\n", v) } out.WriteString("};\n\n") - out.WriteString("const size_t " + values + "Len = sizeof(" + values + ") / sizeof(" + values + "[0]);\n\n"); + out.WriteString("const size_t " + values + "Len = sizeof(" + values + ") / sizeof(" + values + "[0]);\n\n") stringData := "kOpenSSL" + name + "StringData" out.WriteString("const char " + stringData + "[] =\n \"") @@ -161,8 +161,8 @@ func (st *stringList) WriteTo(out stringWriter, name string) { } type errorData struct { - functions, reasons *stringList - libraryMap map[string]uint32 + reasons *stringList + libraryMap map[string]uint32 } func (e *errorData) readErrorDataFile(filename string) error { @@ -184,8 +184,8 @@ func (e *errorData) readErrorDataFile(filename string) error { continue } parts := bytes.Split(line, comma) - if len(parts) != 4 { - return fmt.Errorf("bad line %d in %s: found %d values but want 4", lineNo, filename, len(parts)) + if len(parts) != 3 { + return fmt.Errorf("bad line %d in %s: found %d values but want 3", lineNo, filename, len(parts)) } libNum, ok := e.libraryMap[string(parts[0])] if !ok { @@ -194,26 +194,18 @@ func (e *errorData) readErrorDataFile(filename string) error { if libNum >= 64 { return fmt.Errorf("bad line %d in %s: library value too large", lineNo, filename) } - key, err := strconv.ParseUint(string(parts[2]), 10 /* base */, 32 /* bit size */) + key, err := strconv.ParseUint(string(parts[1]), 10 /* base */, 32 /* bit size */) if err != nil { return fmt.Errorf("bad line %d in %s: %s", lineNo, filename, err) } if key >= 2048 { return fmt.Errorf("bad line %d in %s: key too large", lineNo, filename) } - value := string(parts[3]) + value := string(parts[2]) listKey := libNum<<26 | uint32(key)<<15 - switch string(parts[1]) { - case "function": - err = e.functions.Add(listKey, value) - case "reason": - err = e.reasons.Add(listKey, value) - default: - return fmt.Errorf("bad line %d in %s: bad value type", lineNo, filename) - } - + err = e.reasons.Add(listKey, value) if err != nil { return err } @@ -224,7 +216,6 @@ func (e *errorData) readErrorDataFile(filename string) error { func main() { e := &errorData{ - functions: newStringList(), reasons: newStringList(), libraryMap: make(map[string]uint32), } @@ -279,9 +270,8 @@ func main() { for i, name := range libraryNames { fmt.Fprintf(out, "OPENSSL_COMPILE_ASSERT(ERR_LIB_%s == %d, library_values_changed_%d);\n", name, i+1, i+1) } - fmt.Fprintf(out, "OPENSSL_COMPILE_ASSERT(ERR_NUM_LIBS == %d, library_values_changed_num);\n", len(libraryNames) + 1) + fmt.Fprintf(out, "OPENSSL_COMPILE_ASSERT(ERR_NUM_LIBS == %d, library_values_changed_num);\n", len(libraryNames)+1) out.WriteString("\n") - e.functions.WriteTo(out, "Function") e.reasons.WriteTo(out, "Reason") } diff --git a/src/crypto/err/err_test.cc b/src/crypto/err/err_test.cc index 98dfb85..6643c68 100644 --- a/src/crypto/err/err_test.cc +++ b/src/crypto/err/err_test.cc @@ -22,7 +22,7 @@ static bool TestOverflow() { for (unsigned i = 0; i < ERR_NUM_ERRORS*2; i++) { - ERR_put_error(1, 2, i+1, "test", 1); + ERR_put_error(1, i+1, "function", "test", 1); } for (unsigned i = 0; i < ERR_NUM_ERRORS - 1; i++) { @@ -50,7 +50,7 @@ static bool TestPutError() { return false; } - ERR_put_error(1, 2, 3, "test", 4); + ERR_put_error(1, 2, "function", "test", 4); ERR_add_error_data(1, "testing"); int peeked_line, line, peeked_flags, flags; @@ -58,6 +58,7 @@ static bool TestPutError() { uint32_t peeked_packed_error = ERR_peek_error_line_data(&peeked_file, &peeked_line, &peeked_data, &peeked_flags); + const char *function = ERR_peek_function(); uint32_t packed_error = ERR_get_error_line_data(&file, &line, &data, &flags); if (peeked_packed_error != packed_error || @@ -68,12 +69,12 @@ static bool TestPutError() { return false; } - if (strcmp(file, "test") != 0 || + if (strcmp(function, "function") != 0 || + strcmp(file, "test") != 0 || line != 4 || (flags & ERR_FLAG_STRING) == 0 || ERR_GET_LIB(packed_error) != 1 || - ERR_GET_FUNC(packed_error) != 2 || - ERR_GET_REASON(packed_error) != 3 || + ERR_GET_REASON(packed_error) != 2 || strcmp(data, "testing") != 0) { fprintf(stderr, "Bad error data returned.\n"); return false; @@ -88,7 +89,7 @@ static bool TestClearError() { return false; } - ERR_put_error(1, 2, 3, "test", 4); + ERR_put_error(1, 2, "function", "test", 4); ERR_clear_error(); if (ERR_get_error() != 0) { @@ -100,7 +101,7 @@ static bool TestClearError() { } static bool TestPrint() { - ERR_put_error(1, 2, 3, "test", 4); + ERR_put_error(1, 2, "function", "test", 4); ERR_add_error_data(1, "testing"); uint32_t packed_error = ERR_get_error(); @@ -113,11 +114,41 @@ static bool TestPrint() { } static bool TestRelease() { - ERR_put_error(1, 2, 3, "test", 4); + ERR_put_error(1, 2, "function", "test", 4); ERR_remove_thread_state(NULL); return true; } +static bool HasSuffix(const char *str, const char *suffix) { + size_t suffix_len = strlen(suffix); + size_t str_len = strlen(str); + if (str_len < suffix_len) { + return false; + } + return strcmp(str + str_len - suffix_len, suffix) == 0; +} + +static bool TestPutMacro() { + int expected_line = __LINE__ + 1; + OPENSSL_PUT_ERROR(USER, ERR_R_INTERNAL_ERROR); + + int line; + const char *file; + const char *function = ERR_peek_function(); + uint32_t error = ERR_get_error_line(&file, &line); + + if (strcmp(function, "TestPutMacro") != 0 || + !HasSuffix(file, "err_test.cc") || + line != expected_line || + ERR_GET_LIB(error) != ERR_LIB_USER || + ERR_GET_REASON(error) != ERR_R_INTERNAL_ERROR) { + fprintf(stderr, "Bad error data returned.\n"); + return false; + } + + return true; +} + int main() { CRYPTO_library_init(); @@ -125,7 +156,8 @@ int main() { !TestPutError() || !TestClearError() || !TestPrint() || - !TestRelease()) { + !TestRelease() || + !TestPutMacro()) { return 1; } diff --git a/src/crypto/err/evp.errordata b/src/crypto/err/evp.errordata index 14dd27b..8f8dd48 100644 --- a/src/crypto/err/evp.errordata +++ b/src/crypto/err/evp.errordata @@ -1,114 +1,46 @@ -EVP,function,160,EVP_DigestSignAlgorithm -EVP,function,161,EVP_DigestVerifyInitFromAlgorithm -EVP,function,162,EVP_PKEY_CTX_ctrl -EVP,function,163,EVP_PKEY_CTX_dup -EVP,function,159,EVP_PKEY_CTX_get0_rsa_oaep_label -EVP,function,164,EVP_PKEY_copy_parameters -EVP,function,165,EVP_PKEY_decrypt -EVP,function,166,EVP_PKEY_decrypt_init -EVP,function,167,EVP_PKEY_derive -EVP,function,108,EVP_PKEY_derive_init -EVP,function,168,EVP_PKEY_derive_set_peer -EVP,function,110,EVP_PKEY_encrypt -EVP,function,111,EVP_PKEY_encrypt_init -EVP,function,112,EVP_PKEY_get1_DH -EVP,function,169,EVP_PKEY_get1_DSA -EVP,function,114,EVP_PKEY_get1_EC_KEY -EVP,function,115,EVP_PKEY_get1_RSA -EVP,function,116,EVP_PKEY_keygen -EVP,function,170,EVP_PKEY_keygen_init -EVP,function,171,EVP_PKEY_new -EVP,function,172,EVP_PKEY_set_type -EVP,function,120,EVP_PKEY_sign -EVP,function,121,EVP_PKEY_sign_init -EVP,function,122,EVP_PKEY_verify -EVP,function,123,EVP_PKEY_verify_init -EVP,function,173,check_padding_md -EVP,function,125,d2i_AutoPrivateKey -EVP,function,126,d2i_PrivateKey -EVP,function,127,do_EC_KEY_print -EVP,function,174,do_dsa_print -EVP,function,175,do_rsa_print -EVP,function,129,do_sigver_init -EVP,function,176,dsa_param_decode -EVP,function,177,dsa_priv_decode -EVP,function,178,dsa_priv_encode -EVP,function,179,dsa_pub_decode -EVP,function,180,dsa_pub_encode -EVP,function,181,dsa_sig_print -EVP,function,130,eckey_param2type -EVP,function,131,eckey_param_decode -EVP,function,132,eckey_priv_decode -EVP,function,133,eckey_priv_encode -EVP,function,134,eckey_pub_decode -EVP,function,135,eckey_pub_encode -EVP,function,136,eckey_type2param -EVP,function,137,evp_pkey_ctx_new -EVP,function,138,hmac_signctx -EVP,function,139,i2d_PublicKey -EVP,function,182,old_dsa_priv_decode -EVP,function,140,old_ec_priv_decode -EVP,function,141,old_rsa_priv_decode -EVP,function,142,pkey_ec_ctrl -EVP,function,143,pkey_ec_derive -EVP,function,144,pkey_ec_keygen -EVP,function,145,pkey_ec_paramgen -EVP,function,146,pkey_ec_sign -EVP,function,158,pkey_hmac_ctrl -EVP,function,147,pkey_rsa_ctrl -EVP,function,148,pkey_rsa_decrypt -EVP,function,149,pkey_rsa_encrypt -EVP,function,150,pkey_rsa_sign -EVP,function,151,rsa_algor_to_md -EVP,function,152,rsa_digest_verify_init_from_algorithm -EVP,function,153,rsa_mgf1_to_md -EVP,function,154,rsa_priv_decode -EVP,function,155,rsa_priv_encode -EVP,function,156,rsa_pss_to_ctx -EVP,function,157,rsa_pub_decode -EVP,reason,151,BN_DECODE_ERROR -EVP,reason,100,BUFFER_TOO_SMALL -EVP,reason,101,COMMAND_NOT_SUPPORTED -EVP,reason,146,CONTEXT_NOT_INITIALISED -EVP,reason,143,DECODE_ERROR -EVP,reason,104,DIFFERENT_KEY_TYPES -EVP,reason,105,DIFFERENT_PARAMETERS -EVP,reason,147,DIGEST_AND_KEY_TYPE_NOT_SUPPORTED -EVP,reason,107,EXPECTING_AN_EC_KEY_KEY -EVP,reason,141,EXPECTING_AN_RSA_KEY -EVP,reason,109,EXPECTING_A_DH_KEY -EVP,reason,110,EXPECTING_A_DSA_KEY -EVP,reason,111,ILLEGAL_OR_UNSUPPORTED_PADDING_MODE -EVP,reason,112,INVALID_CURVE -EVP,reason,113,INVALID_DIGEST_LENGTH -EVP,reason,114,INVALID_DIGEST_TYPE -EVP,reason,115,INVALID_KEYBITS -EVP,reason,116,INVALID_MGF1_MD -EVP,reason,142,INVALID_OPERATION -EVP,reason,118,INVALID_PADDING_MODE -EVP,reason,119,INVALID_PSS_PARAMETERS -EVP,reason,144,INVALID_PSS_SALTLEN -EVP,reason,121,INVALID_SALT_LENGTH -EVP,reason,122,INVALID_TRAILER -EVP,reason,123,KEYS_NOT_SET -EVP,reason,124,MISSING_PARAMETERS -EVP,reason,125,NO_DEFAULT_DIGEST -EVP,reason,126,NO_KEY_SET -EVP,reason,127,NO_MDC2_SUPPORT -EVP,reason,128,NO_NID_FOR_CURVE -EVP,reason,129,NO_OPERATION_SET -EVP,reason,130,NO_PARAMETERS_SET -EVP,reason,131,OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE -EVP,reason,132,OPERATON_NOT_INITIALIZED -EVP,reason,152,PARAMETER_ENCODING_ERROR -EVP,reason,133,UNKNOWN_DIGEST -EVP,reason,134,UNKNOWN_MASK_DIGEST -EVP,reason,150,UNKNOWN_MESSAGE_DIGEST_ALGORITHM -EVP,reason,145,UNKNOWN_PUBLIC_KEY_TYPE -EVP,reason,149,UNKNOWN_SIGNATURE_ALGORITHM -EVP,reason,138,UNSUPPORTED_ALGORITHM -EVP,reason,139,UNSUPPORTED_MASK_ALGORITHM -EVP,reason,140,UNSUPPORTED_MASK_PARAMETER -EVP,reason,153,UNSUPPORTED_PUBLIC_KEY_TYPE -EVP,reason,154,UNSUPPORTED_SIGNATURE_TYPE -EVP,reason,148,WRONG_PUBLIC_KEY_TYPE +EVP,151,BN_DECODE_ERROR +EVP,100,BUFFER_TOO_SMALL +EVP,101,COMMAND_NOT_SUPPORTED +EVP,146,CONTEXT_NOT_INITIALISED +EVP,143,DECODE_ERROR +EVP,104,DIFFERENT_KEY_TYPES +EVP,105,DIFFERENT_PARAMETERS +EVP,147,DIGEST_AND_KEY_TYPE_NOT_SUPPORTED +EVP,107,EXPECTING_AN_EC_KEY_KEY +EVP,141,EXPECTING_AN_RSA_KEY +EVP,109,EXPECTING_A_DH_KEY +EVP,110,EXPECTING_A_DSA_KEY +EVP,111,ILLEGAL_OR_UNSUPPORTED_PADDING_MODE +EVP,112,INVALID_CURVE +EVP,113,INVALID_DIGEST_LENGTH +EVP,114,INVALID_DIGEST_TYPE +EVP,115,INVALID_KEYBITS +EVP,116,INVALID_MGF1_MD +EVP,142,INVALID_OPERATION +EVP,118,INVALID_PADDING_MODE +EVP,119,INVALID_PSS_PARAMETERS +EVP,144,INVALID_PSS_SALTLEN +EVP,121,INVALID_SALT_LENGTH +EVP,122,INVALID_TRAILER +EVP,123,KEYS_NOT_SET +EVP,124,MISSING_PARAMETERS +EVP,125,NO_DEFAULT_DIGEST +EVP,126,NO_KEY_SET +EVP,127,NO_MDC2_SUPPORT +EVP,128,NO_NID_FOR_CURVE +EVP,129,NO_OPERATION_SET +EVP,130,NO_PARAMETERS_SET +EVP,131,OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE +EVP,132,OPERATON_NOT_INITIALIZED +EVP,152,PARAMETER_ENCODING_ERROR +EVP,133,UNKNOWN_DIGEST +EVP,134,UNKNOWN_MASK_DIGEST +EVP,150,UNKNOWN_MESSAGE_DIGEST_ALGORITHM +EVP,145,UNKNOWN_PUBLIC_KEY_TYPE +EVP,149,UNKNOWN_SIGNATURE_ALGORITHM +EVP,138,UNSUPPORTED_ALGORITHM +EVP,139,UNSUPPORTED_MASK_ALGORITHM +EVP,140,UNSUPPORTED_MASK_PARAMETER +EVP,153,UNSUPPORTED_PUBLIC_KEY_TYPE +EVP,154,UNSUPPORTED_SIGNATURE_TYPE +EVP,148,WRONG_PUBLIC_KEY_TYPE diff --git a/src/crypto/err/hkdf.errordata b/src/crypto/err/hkdf.errordata index 878a802..84866de 100644 --- a/src/crypto/err/hkdf.errordata +++ b/src/crypto/err/hkdf.errordata @@ -1,2 +1 @@ -HKDF,function,100,HKDF -HKDF,reason,100,OUTPUT_TOO_LARGE +HKDF,100,OUTPUT_TOO_LARGE diff --git a/src/crypto/err/obj.errordata b/src/crypto/err/obj.errordata index 74e4629..c54435e 100644 --- a/src/crypto/err/obj.errordata +++ b/src/crypto/err/obj.errordata @@ -1,5 +1 @@ -OBJ,function,100,OBJ_create -OBJ,function,101,OBJ_dup -OBJ,function,102,OBJ_nid2obj -OBJ,function,103,OBJ_txt2obj -OBJ,reason,100,UNKNOWN_NID +OBJ,100,UNKNOWN_NID diff --git a/src/crypto/err/pem.errordata b/src/crypto/err/pem.errordata index 42216a7..2a4b73a 100644 --- a/src/crypto/err/pem.errordata +++ b/src/crypto/err/pem.errordata @@ -1,39 +1,15 @@ -PEM,function,100,PEM_ASN1_read -PEM,function,101,PEM_ASN1_read_bio -PEM,function,102,PEM_ASN1_write -PEM,function,103,PEM_ASN1_write_bio -PEM,function,104,PEM_X509_INFO_read -PEM,function,105,PEM_X509_INFO_read_bio -PEM,function,106,PEM_X509_INFO_write_bio -PEM,function,107,PEM_do_header -PEM,function,108,PEM_get_EVP_CIPHER_INFO -PEM,function,109,PEM_read -PEM,function,110,PEM_read_DHparams -PEM,function,111,PEM_read_PrivateKey -PEM,function,112,PEM_read_bio -PEM,function,113,PEM_read_bio_DHparams -PEM,function,114,PEM_read_bio_Parameters -PEM,function,115,PEM_read_bio_PrivateKey -PEM,function,116,PEM_write -PEM,function,117,PEM_write_PrivateKey -PEM,function,118,PEM_write_bio -PEM,function,119,d2i_PKCS8PrivateKey_bio -PEM,function,120,d2i_PKCS8PrivateKey_fp -PEM,function,121,do_pk8pkey -PEM,function,122,do_pk8pkey_fp -PEM,function,123,load_iv -PEM,reason,100,BAD_BASE64_DECODE -PEM,reason,101,BAD_DECRYPT -PEM,reason,102,BAD_END_LINE -PEM,reason,103,BAD_IV_CHARS -PEM,reason,104,BAD_PASSWORD_READ -PEM,reason,105,CIPHER_IS_NULL -PEM,reason,106,ERROR_CONVERTING_PRIVATE_KEY -PEM,reason,107,NOT_DEK_INFO -PEM,reason,108,NOT_ENCRYPTED -PEM,reason,109,NOT_PROC_TYPE -PEM,reason,110,NO_START_LINE -PEM,reason,111,READ_KEY -PEM,reason,112,SHORT_HEADER -PEM,reason,113,UNSUPPORTED_CIPHER -PEM,reason,114,UNSUPPORTED_ENCRYPTION +PEM,100,BAD_BASE64_DECODE +PEM,101,BAD_DECRYPT +PEM,102,BAD_END_LINE +PEM,103,BAD_IV_CHARS +PEM,104,BAD_PASSWORD_READ +PEM,105,CIPHER_IS_NULL +PEM,106,ERROR_CONVERTING_PRIVATE_KEY +PEM,107,NOT_DEK_INFO +PEM,108,NOT_ENCRYPTED +PEM,109,NOT_PROC_TYPE +PEM,110,NO_START_LINE +PEM,111,READ_KEY +PEM,112,SHORT_HEADER +PEM,113,UNSUPPORTED_CIPHER +PEM,114,UNSUPPORTED_ENCRYPTION diff --git a/src/crypto/err/pkcs8.errordata b/src/crypto/err/pkcs8.errordata index 936f3c5..0eb5083 100644 --- a/src/crypto/err/pkcs8.errordata +++ b/src/crypto/err/pkcs8.errordata @@ -1,43 +1,25 @@ -PKCS8,function,100,EVP_PKCS82PKEY -PKCS8,function,101,EVP_PKEY2PKCS8 -PKCS8,function,102,PKCS12_get_key_and_certs -PKCS8,function,103,PKCS12_handle_content_info -PKCS8,function,104,PKCS12_handle_content_infos -PKCS8,function,105,PKCS5_pbe2_set_iv -PKCS8,function,106,PKCS5_pbe_set -PKCS8,function,107,PKCS5_pbe_set0_algor -PKCS8,function,108,PKCS5_pbkdf2_set -PKCS8,function,109,PKCS8_decrypt -PKCS8,function,110,PKCS8_encrypt -PKCS8,function,111,PKCS8_encrypt_pbe -PKCS8,function,112,pbe_cipher_init -PKCS8,function,113,pbe_crypt -PKCS8,function,114,pkcs12_item_decrypt_d2i -PKCS8,function,115,pkcs12_item_i2d_encrypt -PKCS8,function,116,pkcs12_key_gen_raw -PKCS8,function,117,pkcs12_pbe_keyivgen -PKCS8,reason,100,BAD_PKCS12_DATA -PKCS8,reason,101,BAD_PKCS12_VERSION -PKCS8,reason,102,CIPHER_HAS_NO_OBJECT_IDENTIFIER -PKCS8,reason,103,CRYPT_ERROR -PKCS8,reason,104,DECODE_ERROR -PKCS8,reason,105,ENCODE_ERROR -PKCS8,reason,106,ENCRYPT_ERROR -PKCS8,reason,107,ERROR_SETTING_CIPHER_PARAMS -PKCS8,reason,108,INCORRECT_PASSWORD -PKCS8,reason,109,KEYGEN_FAILURE -PKCS8,reason,110,KEY_GEN_ERROR -PKCS8,reason,111,METHOD_NOT_SUPPORTED -PKCS8,reason,112,MISSING_MAC -PKCS8,reason,113,MULTIPLE_PRIVATE_KEYS_IN_PKCS12 -PKCS8,reason,114,PKCS12_PUBLIC_KEY_INTEGRITY_NOT_SUPPORTED -PKCS8,reason,115,PKCS12_TOO_DEEPLY_NESTED -PKCS8,reason,116,PRIVATE_KEY_DECODE_ERROR -PKCS8,reason,117,PRIVATE_KEY_ENCODE_ERROR -PKCS8,reason,118,TOO_LONG -PKCS8,reason,119,UNKNOWN_ALGORITHM -PKCS8,reason,120,UNKNOWN_CIPHER -PKCS8,reason,121,UNKNOWN_CIPHER_ALGORITHM -PKCS8,reason,122,UNKNOWN_DIGEST -PKCS8,reason,123,UNKNOWN_HASH -PKCS8,reason,124,UNSUPPORTED_PRIVATE_KEY_ALGORITHM +PKCS8,100,BAD_PKCS12_DATA +PKCS8,101,BAD_PKCS12_VERSION +PKCS8,102,CIPHER_HAS_NO_OBJECT_IDENTIFIER +PKCS8,103,CRYPT_ERROR +PKCS8,104,DECODE_ERROR +PKCS8,105,ENCODE_ERROR +PKCS8,106,ENCRYPT_ERROR +PKCS8,107,ERROR_SETTING_CIPHER_PARAMS +PKCS8,108,INCORRECT_PASSWORD +PKCS8,109,KEYGEN_FAILURE +PKCS8,110,KEY_GEN_ERROR +PKCS8,111,METHOD_NOT_SUPPORTED +PKCS8,112,MISSING_MAC +PKCS8,113,MULTIPLE_PRIVATE_KEYS_IN_PKCS12 +PKCS8,114,PKCS12_PUBLIC_KEY_INTEGRITY_NOT_SUPPORTED +PKCS8,115,PKCS12_TOO_DEEPLY_NESTED +PKCS8,116,PRIVATE_KEY_DECODE_ERROR +PKCS8,117,PRIVATE_KEY_ENCODE_ERROR +PKCS8,118,TOO_LONG +PKCS8,119,UNKNOWN_ALGORITHM +PKCS8,120,UNKNOWN_CIPHER +PKCS8,121,UNKNOWN_CIPHER_ALGORITHM +PKCS8,122,UNKNOWN_DIGEST +PKCS8,123,UNKNOWN_HASH +PKCS8,124,UNSUPPORTED_PRIVATE_KEY_ALGORITHM diff --git a/src/crypto/err/rsa.errordata b/src/crypto/err/rsa.errordata index 64b390d..c19f73c 100644 --- a/src/crypto/err/rsa.errordata +++ b/src/crypto/err/rsa.errordata @@ -1,69 +1,46 @@ -RSA,function,100,BN_BLINDING_convert_ex -RSA,function,101,BN_BLINDING_create_param -RSA,function,102,BN_BLINDING_invert_ex -RSA,function,103,BN_BLINDING_new -RSA,function,104,BN_BLINDING_update -RSA,function,105,RSA_check_key -RSA,function,106,RSA_new_method -RSA,function,107,RSA_padding_add_PKCS1_OAEP_mgf1 -RSA,function,108,RSA_padding_add_PKCS1_PSS_mgf1 -RSA,function,109,RSA_padding_add_PKCS1_type_1 -RSA,function,110,RSA_padding_add_PKCS1_type_2 -RSA,function,111,RSA_padding_add_none -RSA,function,112,RSA_padding_check_PKCS1_OAEP_mgf1 -RSA,function,113,RSA_padding_check_PKCS1_type_1 -RSA,function,114,RSA_padding_check_PKCS1_type_2 -RSA,function,115,RSA_padding_check_none -RSA,function,116,RSA_recover_crt_params -RSA,function,117,RSA_sign -RSA,function,118,RSA_verify -RSA,function,119,RSA_verify_PKCS1_PSS_mgf1 -RSA,function,120,decrypt -RSA,function,121,encrypt -RSA,function,122,keygen -RSA,function,123,pkcs1_prefixed_msg -RSA,function,124,private_transform -RSA,function,125,rsa_setup_blinding -RSA,function,126,sign_raw -RSA,function,127,verify_raw -RSA,reason,100,BAD_E_VALUE -RSA,reason,101,BAD_FIXED_HEADER_DECRYPT -RSA,reason,102,BAD_PAD_BYTE_COUNT -RSA,reason,103,BAD_RSA_PARAMETERS -RSA,reason,104,BAD_SIGNATURE -RSA,reason,105,BLOCK_TYPE_IS_NOT_01 -RSA,reason,106,BN_NOT_INITIALIZED -RSA,reason,107,CRT_PARAMS_ALREADY_GIVEN -RSA,reason,108,CRT_VALUES_INCORRECT -RSA,reason,109,DATA_LEN_NOT_EQUAL_TO_MOD_LEN -RSA,reason,110,DATA_TOO_LARGE -RSA,reason,111,DATA_TOO_LARGE_FOR_KEY_SIZE -RSA,reason,112,DATA_TOO_LARGE_FOR_MODULUS -RSA,reason,113,DATA_TOO_SMALL -RSA,reason,114,DATA_TOO_SMALL_FOR_KEY_SIZE -RSA,reason,115,DIGEST_TOO_BIG_FOR_RSA_KEY -RSA,reason,116,D_E_NOT_CONGRUENT_TO_1 -RSA,reason,117,EMPTY_PUBLIC_KEY -RSA,reason,118,FIRST_OCTET_INVALID -RSA,reason,119,INCONSISTENT_SET_OF_CRT_VALUES -RSA,reason,120,INTERNAL_ERROR -RSA,reason,121,INVALID_MESSAGE_LENGTH -RSA,reason,122,KEY_SIZE_TOO_SMALL -RSA,reason,123,LAST_OCTET_INVALID -RSA,reason,124,MODULUS_TOO_LARGE -RSA,reason,125,NO_PUBLIC_EXPONENT -RSA,reason,126,NULL_BEFORE_BLOCK_MISSING -RSA,reason,127,N_NOT_EQUAL_P_Q -RSA,reason,128,OAEP_DECODING_ERROR -RSA,reason,129,ONLY_ONE_OF_P_Q_GIVEN -RSA,reason,130,OUTPUT_BUFFER_TOO_SMALL -RSA,reason,131,PADDING_CHECK_FAILED -RSA,reason,132,PKCS_DECODING_ERROR -RSA,reason,133,SLEN_CHECK_FAILED -RSA,reason,134,SLEN_RECOVERY_FAILED -RSA,reason,135,TOO_LONG -RSA,reason,136,TOO_MANY_ITERATIONS -RSA,reason,137,UNKNOWN_ALGORITHM_TYPE -RSA,reason,138,UNKNOWN_PADDING_TYPE -RSA,reason,139,VALUE_MISSING -RSA,reason,140,WRONG_SIGNATURE_LENGTH +RSA,143,BAD_ENCODING +RSA,100,BAD_E_VALUE +RSA,101,BAD_FIXED_HEADER_DECRYPT +RSA,102,BAD_PAD_BYTE_COUNT +RSA,103,BAD_RSA_PARAMETERS +RSA,104,BAD_SIGNATURE +RSA,145,BAD_VERSION +RSA,105,BLOCK_TYPE_IS_NOT_01 +RSA,106,BN_NOT_INITIALIZED +RSA,142,CANNOT_RECOVER_MULTI_PRIME_KEY +RSA,107,CRT_PARAMS_ALREADY_GIVEN +RSA,108,CRT_VALUES_INCORRECT +RSA,109,DATA_LEN_NOT_EQUAL_TO_MOD_LEN +RSA,110,DATA_TOO_LARGE +RSA,111,DATA_TOO_LARGE_FOR_KEY_SIZE +RSA,112,DATA_TOO_LARGE_FOR_MODULUS +RSA,113,DATA_TOO_SMALL +RSA,114,DATA_TOO_SMALL_FOR_KEY_SIZE +RSA,115,DIGEST_TOO_BIG_FOR_RSA_KEY +RSA,116,D_E_NOT_CONGRUENT_TO_1 +RSA,117,EMPTY_PUBLIC_KEY +RSA,144,ENCODE_ERROR +RSA,118,FIRST_OCTET_INVALID +RSA,119,INCONSISTENT_SET_OF_CRT_VALUES +RSA,120,INTERNAL_ERROR +RSA,121,INVALID_MESSAGE_LENGTH +RSA,122,KEY_SIZE_TOO_SMALL +RSA,123,LAST_OCTET_INVALID +RSA,124,MODULUS_TOO_LARGE +RSA,141,MUST_HAVE_AT_LEAST_TWO_PRIMES +RSA,125,NO_PUBLIC_EXPONENT +RSA,126,NULL_BEFORE_BLOCK_MISSING +RSA,127,N_NOT_EQUAL_P_Q +RSA,128,OAEP_DECODING_ERROR +RSA,129,ONLY_ONE_OF_P_Q_GIVEN +RSA,130,OUTPUT_BUFFER_TOO_SMALL +RSA,131,PADDING_CHECK_FAILED +RSA,132,PKCS_DECODING_ERROR +RSA,133,SLEN_CHECK_FAILED +RSA,134,SLEN_RECOVERY_FAILED +RSA,135,TOO_LONG +RSA,136,TOO_MANY_ITERATIONS +RSA,137,UNKNOWN_ALGORITHM_TYPE +RSA,138,UNKNOWN_PADDING_TYPE +RSA,139,VALUE_MISSING +RSA,140,WRONG_SIGNATURE_LENGTH diff --git a/src/crypto/err/ssl.errordata b/src/crypto/err/ssl.errordata index 9464c3d..0b30b13 100644 --- a/src/crypto/err/ssl.errordata +++ b/src/crypto/err/ssl.errordata @@ -1,387 +1,217 @@ -SSL,function,276,SSL_AEAD_CTX_new -SSL,function,277,SSL_AEAD_CTX_open -SSL,function,278,SSL_AEAD_CTX_seal -SSL,function,100,SSL_CTX_check_private_key -SSL,function,101,SSL_CTX_new -SSL,function,272,SSL_CTX_set1_tls_channel_id -SSL,function,102,SSL_CTX_set_cipher_list -SSL,function,103,SSL_CTX_set_cipher_list_tls11 -SSL,function,104,SSL_CTX_set_session_id_context -SSL,function,268,SSL_CTX_set_tmp_dh -SSL,function,269,SSL_CTX_set_tmp_ecdh -SSL,function,105,SSL_CTX_use_PrivateKey -SSL,function,106,SSL_CTX_use_PrivateKey_ASN1 -SSL,function,107,SSL_CTX_use_PrivateKey_file -SSL,function,108,SSL_CTX_use_RSAPrivateKey -SSL,function,109,SSL_CTX_use_RSAPrivateKey_ASN1 -SSL,function,110,SSL_CTX_use_RSAPrivateKey_file -SSL,function,111,SSL_CTX_use_certificate -SSL,function,112,SSL_CTX_use_certificate_ASN1 -SSL,function,113,SSL_CTX_use_certificate_chain_file -SSL,function,114,SSL_CTX_use_certificate_file -SSL,function,115,SSL_CTX_use_psk_identity_hint -SSL,function,280,SSL_SESSION_from_bytes -SSL,function,116,SSL_SESSION_new -SSL,function,281,SSL_SESSION_parse -SSL,function,150,SSL_SESSION_parse_octet_string -SSL,function,151,SSL_SESSION_parse_string -SSL,function,117,SSL_SESSION_print_fp -SSL,function,118,SSL_SESSION_set1_id_context -SSL,function,119,SSL_SESSION_to_bytes_full -SSL,function,120,SSL_accept -SSL,function,121,SSL_add_dir_cert_subjects_to_stack -SSL,function,122,SSL_add_file_cert_subjects_to_stack -SSL,function,123,SSL_check_private_key -SSL,function,124,SSL_clear -SSL,function,125,SSL_connect -SSL,function,126,SSL_do_handshake -SSL,function,127,SSL_load_client_CA_file -SSL,function,128,SSL_new -SSL,function,129,SSL_peek -SSL,function,130,SSL_read -SSL,function,131,SSL_renegotiate -SSL,function,273,SSL_set1_tls_channel_id -SSL,function,132,SSL_set_cipher_list -SSL,function,133,SSL_set_fd -SSL,function,134,SSL_set_rfd -SSL,function,135,SSL_set_session_id_context -SSL,function,274,SSL_set_tlsext_host_name -SSL,function,270,SSL_set_tmp_dh -SSL,function,271,SSL_set_tmp_ecdh -SSL,function,136,SSL_set_wfd -SSL,function,137,SSL_shutdown -SSL,function,138,SSL_use_PrivateKey -SSL,function,139,SSL_use_PrivateKey_ASN1 -SSL,function,140,SSL_use_PrivateKey_file -SSL,function,141,SSL_use_RSAPrivateKey -SSL,function,142,SSL_use_RSAPrivateKey_ASN1 -SSL,function,143,SSL_use_RSAPrivateKey_file -SSL,function,144,SSL_use_certificate -SSL,function,145,SSL_use_certificate_ASN1 -SSL,function,146,SSL_use_certificate_file -SSL,function,147,SSL_use_psk_identity_hint -SSL,function,148,SSL_write -SSL,function,149,d2i_SSL_SESSION -SSL,function,152,do_ssl3_write -SSL,function,153,dtls1_accept -SSL,function,154,dtls1_buffer_record -SSL,function,155,dtls1_check_timeout_num -SSL,function,156,dtls1_connect -SSL,function,157,dtls1_do_write -SSL,function,263,dtls1_get_buffered_message -SSL,function,158,dtls1_get_hello_verify -SSL,function,159,dtls1_get_message -SSL,function,160,dtls1_get_message_fragment -SSL,function,265,dtls1_hm_fragment_new -SSL,function,161,dtls1_preprocess_fragment -SSL,function,264,dtls1_process_fragment -SSL,function,162,dtls1_process_record -SSL,function,163,dtls1_read_bytes -SSL,function,279,dtls1_seal_record -SSL,function,164,dtls1_send_hello_verify_request -SSL,function,165,dtls1_write_app_data -SSL,function,166,i2d_SSL_SESSION -SSL,function,167,ssl3_accept -SSL,function,169,ssl3_cert_verify_hash -SSL,function,170,ssl3_check_cert_and_algorithm -SSL,function,282,ssl3_check_certificate_for_cipher -SSL,function,171,ssl3_connect -SSL,function,172,ssl3_ctrl -SSL,function,173,ssl3_ctx_ctrl -SSL,function,174,ssl3_digest_cached_records -SSL,function,175,ssl3_do_change_cipher_spec -SSL,function,176,ssl3_expect_change_cipher_spec -SSL,function,177,ssl3_get_cert_status -SSL,function,178,ssl3_get_cert_verify -SSL,function,179,ssl3_get_certificate_request -SSL,function,180,ssl3_get_channel_id -SSL,function,181,ssl3_get_client_certificate -SSL,function,182,ssl3_get_client_hello -SSL,function,183,ssl3_get_client_key_exchange -SSL,function,184,ssl3_get_finished -SSL,function,185,ssl3_get_initial_bytes -SSL,function,186,ssl3_get_message -SSL,function,187,ssl3_get_new_session_ticket -SSL,function,188,ssl3_get_next_proto -SSL,function,189,ssl3_get_record -SSL,function,190,ssl3_get_server_certificate -SSL,function,191,ssl3_get_server_done -SSL,function,192,ssl3_get_server_hello -SSL,function,193,ssl3_get_server_key_exchange -SSL,function,194,ssl3_get_v2_client_hello -SSL,function,195,ssl3_handshake_mac -SSL,function,275,ssl3_output_cert_chain -SSL,function,196,ssl3_prf -SSL,function,197,ssl3_read_bytes -SSL,function,198,ssl3_read_n -SSL,function,267,ssl3_record_sequence_update -SSL,function,266,ssl3_seal_record -SSL,function,199,ssl3_send_cert_verify -SSL,function,200,ssl3_send_certificate_request -SSL,function,201,ssl3_send_channel_id -SSL,function,202,ssl3_send_client_certificate -SSL,function,203,ssl3_send_client_hello -SSL,function,204,ssl3_send_client_key_exchange -SSL,function,205,ssl3_send_server_certificate -SSL,function,206,ssl3_send_server_hello -SSL,function,207,ssl3_send_server_key_exchange -SSL,function,208,ssl3_setup_read_buffer -SSL,function,209,ssl3_setup_write_buffer -SSL,function,210,ssl3_write_bytes -SSL,function,211,ssl3_write_pending -SSL,function,212,ssl_add_cert_chain -SSL,function,213,ssl_add_cert_to_buf -SSL,function,214,ssl_add_clienthello_renegotiate_ext -SSL,function,215,ssl_add_clienthello_tlsext -SSL,function,216,ssl_add_clienthello_use_srtp_ext -SSL,function,217,ssl_add_serverhello_renegotiate_ext -SSL,function,218,ssl_add_serverhello_tlsext -SSL,function,219,ssl_add_serverhello_use_srtp_ext -SSL,function,220,ssl_build_cert_chain -SSL,function,221,ssl_bytes_to_cipher_list -SSL,function,222,ssl_cert_dup -SSL,function,223,ssl_cert_inst -SSL,function,224,ssl_cert_new -SSL,function,225,ssl_check_serverhello_tlsext -SSL,function,226,ssl_check_srvr_ecc_cert_and_alg -SSL,function,227,ssl_cipher_process_rulestr -SSL,function,228,ssl_cipher_strength_sort -SSL,function,229,ssl_create_cipher_list -SSL,function,230,ssl_ctx_log_master_secret -SSL,function,231,ssl_ctx_log_rsa_client_key_exchange -SSL,function,232,ssl_ctx_make_profiles -SSL,function,233,ssl_get_new_session -SSL,function,234,ssl_get_prev_session -SSL,function,235,ssl_get_server_cert_index -SSL,function,236,ssl_get_sign_pkey -SSL,function,237,ssl_init_wbio_buffer -SSL,function,238,ssl_parse_clienthello_renegotiate_ext -SSL,function,239,ssl_parse_clienthello_tlsext -SSL,function,240,ssl_parse_clienthello_use_srtp_ext -SSL,function,241,ssl_parse_serverhello_renegotiate_ext -SSL,function,242,ssl_parse_serverhello_tlsext -SSL,function,243,ssl_parse_serverhello_use_srtp_ext -SSL,function,244,ssl_scan_clienthello_tlsext -SSL,function,245,ssl_scan_serverhello_tlsext -SSL,function,246,ssl_sess_cert_new -SSL,function,247,ssl_set_cert -SSL,function,248,ssl_set_pkey -SSL,function,252,ssl_verify_cert_chain -SSL,function,253,tls12_check_peer_sigalg -SSL,function,254,tls1_aead_ctx_init -SSL,function,255,tls1_cert_verify_mac -SSL,function,256,tls1_change_cipher_state -SSL,function,257,tls1_change_cipher_state_aead -SSL,function,258,tls1_check_duplicate_extensions -SSL,function,259,tls1_enc -SSL,function,260,tls1_export_keying_material -SSL,function,261,tls1_prf -SSL,function,262,tls1_setup_key_block -SSL,reason,100,APP_DATA_IN_HANDSHAKE -SSL,reason,101,ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT -SSL,reason,102,BAD_ALERT -SSL,reason,103,BAD_CHANGE_CIPHER_SPEC -SSL,reason,104,BAD_DATA_RETURNED_BY_CALLBACK -SSL,reason,105,BAD_DH_P_LENGTH -SSL,reason,106,BAD_DIGEST_LENGTH -SSL,reason,107,BAD_ECC_CERT -SSL,reason,108,BAD_ECPOINT -SSL,reason,109,BAD_HANDSHAKE_LENGTH -SSL,reason,110,BAD_HANDSHAKE_RECORD -SSL,reason,111,BAD_HELLO_REQUEST -SSL,reason,112,BAD_LENGTH -SSL,reason,113,BAD_PACKET_LENGTH -SSL,reason,114,BAD_RSA_ENCRYPT -SSL,reason,115,BAD_SIGNATURE -SSL,reason,116,BAD_SRTP_MKI_VALUE -SSL,reason,117,BAD_SRTP_PROTECTION_PROFILE_LIST -SSL,reason,118,BAD_SSL_FILETYPE -SSL,reason,119,BAD_WRITE_RETRY -SSL,reason,120,BIO_NOT_SET -SSL,reason,121,BN_LIB -SSL,reason,272,BUFFER_TOO_SMALL -SSL,reason,122,CANNOT_SERIALIZE_PUBLIC_KEY -SSL,reason,123,CA_DN_LENGTH_MISMATCH -SSL,reason,124,CA_DN_TOO_LONG -SSL,reason,125,CCS_RECEIVED_EARLY -SSL,reason,126,CERTIFICATE_VERIFY_FAILED -SSL,reason,127,CERT_CB_ERROR -SSL,reason,128,CERT_LENGTH_MISMATCH -SSL,reason,129,CHANNEL_ID_NOT_P256 -SSL,reason,130,CHANNEL_ID_SIGNATURE_INVALID -SSL,reason,131,CIPHER_CODE_WRONG_LENGTH -SSL,reason,132,CIPHER_OR_HASH_UNAVAILABLE -SSL,reason,133,CLIENTHELLO_PARSE_FAILED -SSL,reason,134,CLIENTHELLO_TLSEXT -SSL,reason,135,CONNECTION_REJECTED -SSL,reason,136,CONNECTION_TYPE_NOT_SET -SSL,reason,137,COOKIE_MISMATCH -SSL,reason,138,D2I_ECDSA_SIG -SSL,reason,139,DATA_BETWEEN_CCS_AND_FINISHED -SSL,reason,140,DATA_LENGTH_TOO_LONG -SSL,reason,141,DECODE_ERROR -SSL,reason,142,DECRYPTION_FAILED -SSL,reason,143,DECRYPTION_FAILED_OR_BAD_RECORD_MAC -SSL,reason,144,DH_PUBLIC_VALUE_LENGTH_IS_WRONG -SSL,reason,145,DIGEST_CHECK_FAILED -SSL,reason,146,DTLS_MESSAGE_TOO_BIG -SSL,reason,147,ECC_CERT_NOT_FOR_SIGNING -SSL,reason,148,EMPTY_SRTP_PROTECTION_PROFILE_LIST -SSL,reason,276,EMS_STATE_INCONSISTENT -SSL,reason,149,ENCRYPTED_LENGTH_TOO_LONG -SSL,reason,150,ERROR_IN_RECEIVED_CIPHER_LIST -SSL,reason,151,EVP_DIGESTSIGNFINAL_FAILED -SSL,reason,152,EVP_DIGESTSIGNINIT_FAILED -SSL,reason,153,EXCESSIVE_MESSAGE_SIZE -SSL,reason,154,EXTRA_DATA_IN_MESSAGE -SSL,reason,271,FRAGMENT_MISMATCH -SSL,reason,155,GOT_A_FIN_BEFORE_A_CCS -SSL,reason,156,GOT_CHANNEL_ID_BEFORE_A_CCS -SSL,reason,157,GOT_NEXT_PROTO_BEFORE_A_CCS -SSL,reason,158,GOT_NEXT_PROTO_WITHOUT_EXTENSION -SSL,reason,159,HANDSHAKE_FAILURE_ON_CLIENT_HELLO -SSL,reason,160,HANDSHAKE_RECORD_BEFORE_CCS -SSL,reason,161,HTTPS_PROXY_REQUEST -SSL,reason,162,HTTP_REQUEST -SSL,reason,163,INAPPROPRIATE_FALLBACK -SSL,reason,164,INVALID_COMMAND -SSL,reason,165,INVALID_MESSAGE -SSL,reason,166,INVALID_SSL_SESSION -SSL,reason,167,INVALID_TICKET_KEYS_LENGTH -SSL,reason,168,LENGTH_MISMATCH -SSL,reason,169,LIBRARY_HAS_NO_CIPHERS -SSL,reason,170,MISSING_DH_KEY -SSL,reason,171,MISSING_ECDSA_SIGNING_CERT -SSL,reason,172,MISSING_RSA_CERTIFICATE -SSL,reason,173,MISSING_RSA_ENCRYPTING_CERT -SSL,reason,174,MISSING_RSA_SIGNING_CERT -SSL,reason,175,MISSING_TMP_DH_KEY -SSL,reason,176,MISSING_TMP_ECDH_KEY -SSL,reason,177,MIXED_SPECIAL_OPERATOR_WITH_GROUPS -SSL,reason,178,MTU_TOO_SMALL -SSL,reason,179,NESTED_GROUP -SSL,reason,180,NO_CERTIFICATES_RETURNED -SSL,reason,181,NO_CERTIFICATE_ASSIGNED -SSL,reason,182,NO_CERTIFICATE_SET -SSL,reason,183,NO_CIPHERS_AVAILABLE -SSL,reason,184,NO_CIPHERS_PASSED -SSL,reason,185,NO_CIPHERS_SPECIFIED -SSL,reason,186,NO_CIPHER_MATCH -SSL,reason,187,NO_COMPRESSION_SPECIFIED -SSL,reason,188,NO_METHOD_SPECIFIED -SSL,reason,189,NO_P256_SUPPORT -SSL,reason,190,NO_PRIVATE_KEY_ASSIGNED -SSL,reason,191,NO_RENEGOTIATION -SSL,reason,192,NO_REQUIRED_DIGEST -SSL,reason,193,NO_SHARED_CIPHER -SSL,reason,194,NO_SHARED_SIGATURE_ALGORITHMS -SSL,reason,195,NO_SRTP_PROFILES -SSL,reason,196,NULL_SSL_CTX -SSL,reason,197,NULL_SSL_METHOD_PASSED -SSL,reason,198,OLD_SESSION_CIPHER_NOT_RETURNED -SSL,reason,273,OLD_SESSION_VERSION_NOT_RETURNED -SSL,reason,274,OUTPUT_ALIASES_INPUT -SSL,reason,199,PACKET_LENGTH_TOO_LONG -SSL,reason,200,PARSE_TLSEXT -SSL,reason,201,PATH_TOO_LONG -SSL,reason,202,PEER_DID_NOT_RETURN_A_CERTIFICATE -SSL,reason,203,PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE -SSL,reason,204,PROTOCOL_IS_SHUTDOWN -SSL,reason,205,PSK_IDENTITY_NOT_FOUND -SSL,reason,206,PSK_NO_CLIENT_CB -SSL,reason,207,PSK_NO_SERVER_CB -SSL,reason,208,READ_BIO_NOT_SET -SSL,reason,209,READ_TIMEOUT_EXPIRED -SSL,reason,210,RECORD_LENGTH_MISMATCH -SSL,reason,211,RECORD_TOO_LARGE -SSL,reason,212,RENEGOTIATE_EXT_TOO_LONG -SSL,reason,213,RENEGOTIATION_ENCODING_ERR -SSL,reason,214,RENEGOTIATION_MISMATCH -SSL,reason,215,REQUIRED_CIPHER_MISSING -SSL,reason,275,RESUMED_EMS_SESSION_WITHOUT_EMS_EXTENSION -SSL,reason,277,RESUMED_NON_EMS_SESSION_WITH_EMS_EXTENSION -SSL,reason,216,SCSV_RECEIVED_WHEN_RENEGOTIATING -SSL,reason,217,SERVERHELLO_TLSEXT -SSL,reason,218,SESSION_ID_CONTEXT_UNINITIALIZED -SSL,reason,219,SESSION_MAY_NOT_BE_CREATED -SSL,reason,220,SIGNATURE_ALGORITHMS_ERROR -SSL,reason,221,SRTP_COULD_NOT_ALLOCATE_PROFILES -SSL,reason,222,SRTP_PROTECTION_PROFILE_LIST_TOO_LONG -SSL,reason,223,SRTP_UNKNOWN_PROTECTION_PROFILE -SSL,reason,224,SSL3_EXT_INVALID_SERVERNAME -SSL,reason,225,SSL3_EXT_INVALID_SERVERNAME_TYPE -SSL,reason,1042,SSLV3_ALERT_BAD_CERTIFICATE -SSL,reason,1020,SSLV3_ALERT_BAD_RECORD_MAC -SSL,reason,1045,SSLV3_ALERT_CERTIFICATE_EXPIRED -SSL,reason,1044,SSLV3_ALERT_CERTIFICATE_REVOKED -SSL,reason,1046,SSLV3_ALERT_CERTIFICATE_UNKNOWN -SSL,reason,1000,SSLV3_ALERT_CLOSE_NOTIFY -SSL,reason,1030,SSLV3_ALERT_DECOMPRESSION_FAILURE -SSL,reason,1040,SSLV3_ALERT_HANDSHAKE_FAILURE -SSL,reason,1047,SSLV3_ALERT_ILLEGAL_PARAMETER -SSL,reason,1041,SSLV3_ALERT_NO_CERTIFICATE -SSL,reason,1010,SSLV3_ALERT_UNEXPECTED_MESSAGE -SSL,reason,1043,SSLV3_ALERT_UNSUPPORTED_CERTIFICATE -SSL,reason,226,SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION -SSL,reason,227,SSL_HANDSHAKE_FAILURE -SSL,reason,228,SSL_SESSION_ID_CALLBACK_FAILED -SSL,reason,229,SSL_SESSION_ID_CONFLICT -SSL,reason,230,SSL_SESSION_ID_CONTEXT_TOO_LONG -SSL,reason,231,SSL_SESSION_ID_HAS_BAD_LENGTH -SSL,reason,1049,TLSV1_ALERT_ACCESS_DENIED -SSL,reason,1050,TLSV1_ALERT_DECODE_ERROR -SSL,reason,1021,TLSV1_ALERT_DECRYPTION_FAILED -SSL,reason,1051,TLSV1_ALERT_DECRYPT_ERROR -SSL,reason,1060,TLSV1_ALERT_EXPORT_RESTRICTION -SSL,reason,1086,TLSV1_ALERT_INAPPROPRIATE_FALLBACK -SSL,reason,1071,TLSV1_ALERT_INSUFFICIENT_SECURITY -SSL,reason,1080,TLSV1_ALERT_INTERNAL_ERROR -SSL,reason,1100,TLSV1_ALERT_NO_RENEGOTIATION -SSL,reason,1070,TLSV1_ALERT_PROTOCOL_VERSION -SSL,reason,1022,TLSV1_ALERT_RECORD_OVERFLOW -SSL,reason,1048,TLSV1_ALERT_UNKNOWN_CA -SSL,reason,1090,TLSV1_ALERT_USER_CANCELLED -SSL,reason,1114,TLSV1_BAD_CERTIFICATE_HASH_VALUE -SSL,reason,1113,TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE -SSL,reason,1111,TLSV1_CERTIFICATE_UNOBTAINABLE -SSL,reason,1112,TLSV1_UNRECOGNIZED_NAME -SSL,reason,1110,TLSV1_UNSUPPORTED_EXTENSION -SSL,reason,232,TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER -SSL,reason,233,TLS_ILLEGAL_EXPORTER_LABEL -SSL,reason,234,TLS_INVALID_ECPOINTFORMAT_LIST -SSL,reason,235,TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST -SSL,reason,236,TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG -SSL,reason,237,TOO_MANY_EMPTY_FRAGMENTS -SSL,reason,238,UNABLE_TO_FIND_ECDH_PARAMETERS -SSL,reason,239,UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS -SSL,reason,240,UNEXPECTED_GROUP_CLOSE -SSL,reason,241,UNEXPECTED_MESSAGE -SSL,reason,242,UNEXPECTED_OPERATOR_IN_GROUP -SSL,reason,243,UNEXPECTED_RECORD -SSL,reason,244,UNINITIALIZED -SSL,reason,245,UNKNOWN_ALERT_TYPE -SSL,reason,246,UNKNOWN_CERTIFICATE_TYPE -SSL,reason,247,UNKNOWN_CIPHER_RETURNED -SSL,reason,248,UNKNOWN_CIPHER_TYPE -SSL,reason,249,UNKNOWN_DIGEST -SSL,reason,250,UNKNOWN_KEY_EXCHANGE_TYPE -SSL,reason,251,UNKNOWN_PROTOCOL -SSL,reason,252,UNKNOWN_SSL_VERSION -SSL,reason,253,UNKNOWN_STATE -SSL,reason,254,UNPROCESSED_HANDSHAKE_DATA -SSL,reason,255,UNSAFE_LEGACY_RENEGOTIATION_DISABLED -SSL,reason,256,UNSUPPORTED_CIPHER -SSL,reason,257,UNSUPPORTED_COMPRESSION_ALGORITHM -SSL,reason,258,UNSUPPORTED_ELLIPTIC_CURVE -SSL,reason,259,UNSUPPORTED_PROTOCOL -SSL,reason,260,UNSUPPORTED_SSL_VERSION -SSL,reason,261,USE_SRTP_NOT_NEGOTIATED -SSL,reason,262,WRONG_CERTIFICATE_TYPE -SSL,reason,263,WRONG_CIPHER_RETURNED -SSL,reason,264,WRONG_CURVE -SSL,reason,265,WRONG_MESSAGE_TYPE -SSL,reason,266,WRONG_SIGNATURE_TYPE -SSL,reason,267,WRONG_SSL_VERSION -SSL,reason,268,WRONG_VERSION_NUMBER -SSL,reason,269,X509_LIB -SSL,reason,270,X509_VERIFICATION_SETUP_PROBLEMS +SSL,100,APP_DATA_IN_HANDSHAKE +SSL,101,ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT +SSL,102,BAD_ALERT +SSL,103,BAD_CHANGE_CIPHER_SPEC +SSL,104,BAD_DATA_RETURNED_BY_CALLBACK +SSL,105,BAD_DH_P_LENGTH +SSL,106,BAD_DIGEST_LENGTH +SSL,107,BAD_ECC_CERT +SSL,108,BAD_ECPOINT +SSL,109,BAD_HANDSHAKE_LENGTH +SSL,110,BAD_HANDSHAKE_RECORD +SSL,111,BAD_HELLO_REQUEST +SSL,112,BAD_LENGTH +SSL,113,BAD_PACKET_LENGTH +SSL,114,BAD_RSA_ENCRYPT +SSL,115,BAD_SIGNATURE +SSL,116,BAD_SRTP_MKI_VALUE +SSL,117,BAD_SRTP_PROTECTION_PROFILE_LIST +SSL,118,BAD_SSL_FILETYPE +SSL,119,BAD_WRITE_RETRY +SSL,120,BIO_NOT_SET +SSL,121,BN_LIB +SSL,272,BUFFER_TOO_SMALL +SSL,122,CANNOT_SERIALIZE_PUBLIC_KEY +SSL,123,CA_DN_LENGTH_MISMATCH +SSL,124,CA_DN_TOO_LONG +SSL,125,CCS_RECEIVED_EARLY +SSL,126,CERTIFICATE_VERIFY_FAILED +SSL,127,CERT_CB_ERROR +SSL,128,CERT_LENGTH_MISMATCH +SSL,129,CHANNEL_ID_NOT_P256 +SSL,130,CHANNEL_ID_SIGNATURE_INVALID +SSL,131,CIPHER_CODE_WRONG_LENGTH +SSL,132,CIPHER_OR_HASH_UNAVAILABLE +SSL,133,CLIENTHELLO_PARSE_FAILED +SSL,134,CLIENTHELLO_TLSEXT +SSL,135,CONNECTION_REJECTED +SSL,136,CONNECTION_TYPE_NOT_SET +SSL,137,COOKIE_MISMATCH +SSL,284,CUSTOM_EXTENSION_CONTENTS_TOO_LARGE +SSL,285,CUSTOM_EXTENSION_ERROR +SSL,138,D2I_ECDSA_SIG +SSL,139,DATA_BETWEEN_CCS_AND_FINISHED +SSL,140,DATA_LENGTH_TOO_LONG +SSL,141,DECODE_ERROR +SSL,142,DECRYPTION_FAILED +SSL,143,DECRYPTION_FAILED_OR_BAD_RECORD_MAC +SSL,144,DH_PUBLIC_VALUE_LENGTH_IS_WRONG +SSL,145,DIGEST_CHECK_FAILED +SSL,146,DTLS_MESSAGE_TOO_BIG +SSL,147,ECC_CERT_NOT_FOR_SIGNING +SSL,148,EMPTY_SRTP_PROTECTION_PROFILE_LIST +SSL,276,EMS_STATE_INCONSISTENT +SSL,149,ENCRYPTED_LENGTH_TOO_LONG +SSL,281,ERROR_ADDING_EXTENSION +SSL,150,ERROR_IN_RECEIVED_CIPHER_LIST +SSL,282,ERROR_PARSING_EXTENSION +SSL,151,EVP_DIGESTSIGNFINAL_FAILED +SSL,152,EVP_DIGESTSIGNINIT_FAILED +SSL,153,EXCESSIVE_MESSAGE_SIZE +SSL,154,EXTRA_DATA_IN_MESSAGE +SSL,271,FRAGMENT_MISMATCH +SSL,155,GOT_A_FIN_BEFORE_A_CCS +SSL,156,GOT_CHANNEL_ID_BEFORE_A_CCS +SSL,157,GOT_NEXT_PROTO_BEFORE_A_CCS +SSL,158,GOT_NEXT_PROTO_WITHOUT_EXTENSION +SSL,159,HANDSHAKE_FAILURE_ON_CLIENT_HELLO +SSL,160,HANDSHAKE_RECORD_BEFORE_CCS +SSL,161,HTTPS_PROXY_REQUEST +SSL,162,HTTP_REQUEST +SSL,163,INAPPROPRIATE_FALLBACK +SSL,164,INVALID_COMMAND +SSL,165,INVALID_MESSAGE +SSL,166,INVALID_SSL_SESSION +SSL,167,INVALID_TICKET_KEYS_LENGTH +SSL,168,LENGTH_MISMATCH +SSL,169,LIBRARY_HAS_NO_CIPHERS +SSL,170,MISSING_DH_KEY +SSL,171,MISSING_ECDSA_SIGNING_CERT +SSL,283,MISSING_EXTENSION +SSL,172,MISSING_RSA_CERTIFICATE +SSL,173,MISSING_RSA_ENCRYPTING_CERT +SSL,174,MISSING_RSA_SIGNING_CERT +SSL,175,MISSING_TMP_DH_KEY +SSL,176,MISSING_TMP_ECDH_KEY +SSL,177,MIXED_SPECIAL_OPERATOR_WITH_GROUPS +SSL,178,MTU_TOO_SMALL +SSL,286,NEGOTIATED_BOTH_NPN_AND_ALPN +SSL,179,NESTED_GROUP +SSL,180,NO_CERTIFICATES_RETURNED +SSL,181,NO_CERTIFICATE_ASSIGNED +SSL,182,NO_CERTIFICATE_SET +SSL,183,NO_CIPHERS_AVAILABLE +SSL,184,NO_CIPHERS_PASSED +SSL,185,NO_CIPHERS_SPECIFIED +SSL,186,NO_CIPHER_MATCH +SSL,187,NO_COMPRESSION_SPECIFIED +SSL,188,NO_METHOD_SPECIFIED +SSL,189,NO_P256_SUPPORT +SSL,190,NO_PRIVATE_KEY_ASSIGNED +SSL,191,NO_RENEGOTIATION +SSL,192,NO_REQUIRED_DIGEST +SSL,193,NO_SHARED_CIPHER +SSL,194,NO_SHARED_SIGATURE_ALGORITHMS +SSL,195,NO_SRTP_PROFILES +SSL,196,NULL_SSL_CTX +SSL,197,NULL_SSL_METHOD_PASSED +SSL,198,OLD_SESSION_CIPHER_NOT_RETURNED +SSL,273,OLD_SESSION_VERSION_NOT_RETURNED +SSL,274,OUTPUT_ALIASES_INPUT +SSL,199,PACKET_LENGTH_TOO_LONG +SSL,200,PARSE_TLSEXT +SSL,201,PATH_TOO_LONG +SSL,202,PEER_DID_NOT_RETURN_A_CERTIFICATE +SSL,203,PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE +SSL,204,PROTOCOL_IS_SHUTDOWN +SSL,205,PSK_IDENTITY_NOT_FOUND +SSL,206,PSK_NO_CLIENT_CB +SSL,207,PSK_NO_SERVER_CB +SSL,208,READ_BIO_NOT_SET +SSL,209,READ_TIMEOUT_EXPIRED +SSL,210,RECORD_LENGTH_MISMATCH +SSL,211,RECORD_TOO_LARGE +SSL,212,RENEGOTIATE_EXT_TOO_LONG +SSL,213,RENEGOTIATION_ENCODING_ERR +SSL,214,RENEGOTIATION_MISMATCH +SSL,215,REQUIRED_CIPHER_MISSING +SSL,275,RESUMED_EMS_SESSION_WITHOUT_EMS_EXTENSION +SSL,277,RESUMED_NON_EMS_SESSION_WITH_EMS_EXTENSION +SSL,216,SCSV_RECEIVED_WHEN_RENEGOTIATING +SSL,217,SERVERHELLO_TLSEXT +SSL,218,SESSION_ID_CONTEXT_UNINITIALIZED +SSL,219,SESSION_MAY_NOT_BE_CREATED +SSL,220,SIGNATURE_ALGORITHMS_ERROR +SSL,280,SIGNATURE_ALGORITHMS_EXTENSION_SENT_BY_SERVER +SSL,221,SRTP_COULD_NOT_ALLOCATE_PROFILES +SSL,222,SRTP_PROTECTION_PROFILE_LIST_TOO_LONG +SSL,223,SRTP_UNKNOWN_PROTECTION_PROFILE +SSL,224,SSL3_EXT_INVALID_SERVERNAME +SSL,225,SSL3_EXT_INVALID_SERVERNAME_TYPE +SSL,1042,SSLV3_ALERT_BAD_CERTIFICATE +SSL,1020,SSLV3_ALERT_BAD_RECORD_MAC +SSL,1045,SSLV3_ALERT_CERTIFICATE_EXPIRED +SSL,1044,SSLV3_ALERT_CERTIFICATE_REVOKED +SSL,1046,SSLV3_ALERT_CERTIFICATE_UNKNOWN +SSL,1000,SSLV3_ALERT_CLOSE_NOTIFY +SSL,1030,SSLV3_ALERT_DECOMPRESSION_FAILURE +SSL,1040,SSLV3_ALERT_HANDSHAKE_FAILURE +SSL,1047,SSLV3_ALERT_ILLEGAL_PARAMETER +SSL,1041,SSLV3_ALERT_NO_CERTIFICATE +SSL,1010,SSLV3_ALERT_UNEXPECTED_MESSAGE +SSL,1043,SSLV3_ALERT_UNSUPPORTED_CERTIFICATE +SSL,226,SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION +SSL,227,SSL_HANDSHAKE_FAILURE +SSL,228,SSL_SESSION_ID_CALLBACK_FAILED +SSL,229,SSL_SESSION_ID_CONFLICT +SSL,230,SSL_SESSION_ID_CONTEXT_TOO_LONG +SSL,231,SSL_SESSION_ID_HAS_BAD_LENGTH +SSL,1049,TLSV1_ALERT_ACCESS_DENIED +SSL,1050,TLSV1_ALERT_DECODE_ERROR +SSL,1021,TLSV1_ALERT_DECRYPTION_FAILED +SSL,1051,TLSV1_ALERT_DECRYPT_ERROR +SSL,1060,TLSV1_ALERT_EXPORT_RESTRICTION +SSL,1086,TLSV1_ALERT_INAPPROPRIATE_FALLBACK +SSL,1071,TLSV1_ALERT_INSUFFICIENT_SECURITY +SSL,1080,TLSV1_ALERT_INTERNAL_ERROR +SSL,1100,TLSV1_ALERT_NO_RENEGOTIATION +SSL,1070,TLSV1_ALERT_PROTOCOL_VERSION +SSL,1022,TLSV1_ALERT_RECORD_OVERFLOW +SSL,1048,TLSV1_ALERT_UNKNOWN_CA +SSL,1090,TLSV1_ALERT_USER_CANCELLED +SSL,1114,TLSV1_BAD_CERTIFICATE_HASH_VALUE +SSL,1113,TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE +SSL,1111,TLSV1_CERTIFICATE_UNOBTAINABLE +SSL,1112,TLSV1_UNRECOGNIZED_NAME +SSL,1110,TLSV1_UNSUPPORTED_EXTENSION +SSL,232,TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER +SSL,233,TLS_ILLEGAL_EXPORTER_LABEL +SSL,234,TLS_INVALID_ECPOINTFORMAT_LIST +SSL,235,TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST +SSL,236,TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG +SSL,237,TOO_MANY_EMPTY_FRAGMENTS +SSL,278,TOO_MANY_WARNING_ALERTS +SSL,238,UNABLE_TO_FIND_ECDH_PARAMETERS +SSL,239,UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS +SSL,279,UNEXPECTED_EXTENSION +SSL,240,UNEXPECTED_GROUP_CLOSE +SSL,241,UNEXPECTED_MESSAGE +SSL,242,UNEXPECTED_OPERATOR_IN_GROUP +SSL,243,UNEXPECTED_RECORD +SSL,244,UNINITIALIZED +SSL,245,UNKNOWN_ALERT_TYPE +SSL,246,UNKNOWN_CERTIFICATE_TYPE +SSL,247,UNKNOWN_CIPHER_RETURNED +SSL,248,UNKNOWN_CIPHER_TYPE +SSL,249,UNKNOWN_DIGEST +SSL,250,UNKNOWN_KEY_EXCHANGE_TYPE +SSL,251,UNKNOWN_PROTOCOL +SSL,252,UNKNOWN_SSL_VERSION +SSL,253,UNKNOWN_STATE +SSL,254,UNPROCESSED_HANDSHAKE_DATA +SSL,255,UNSAFE_LEGACY_RENEGOTIATION_DISABLED +SSL,256,UNSUPPORTED_CIPHER +SSL,257,UNSUPPORTED_COMPRESSION_ALGORITHM +SSL,258,UNSUPPORTED_ELLIPTIC_CURVE +SSL,259,UNSUPPORTED_PROTOCOL +SSL,260,UNSUPPORTED_SSL_VERSION +SSL,261,USE_SRTP_NOT_NEGOTIATED +SSL,262,WRONG_CERTIFICATE_TYPE +SSL,263,WRONG_CIPHER_RETURNED +SSL,264,WRONG_CURVE +SSL,265,WRONG_MESSAGE_TYPE +SSL,266,WRONG_SIGNATURE_TYPE +SSL,267,WRONG_SSL_VERSION +SSL,268,WRONG_VERSION_NUMBER +SSL,269,X509_LIB +SSL,270,X509_VERIFICATION_SETUP_PROBLEMS diff --git a/src/crypto/err/x509.errordata b/src/crypto/err/x509.errordata index 1b50e36..f4828ce 100644 --- a/src/crypto/err/x509.errordata +++ b/src/crypto/err/x509.errordata @@ -1,96 +1,37 @@ -X509,function,100,ASN1_digest -X509,function,101,ASN1_item_sign_ctx -X509,function,102,ASN1_item_verify -X509,function,103,NETSCAPE_SPKI_b64_decode -X509,function,104,NETSCAPE_SPKI_b64_encode -X509,function,158,PKCS7_get_CRLs -X509,function,105,PKCS7_get_certificates -X509,function,106,X509_ATTRIBUTE_create_by_NID -X509,function,107,X509_ATTRIBUTE_create_by_OBJ -X509,function,108,X509_ATTRIBUTE_create_by_txt -X509,function,109,X509_ATTRIBUTE_get0_data -X509,function,110,X509_ATTRIBUTE_set1_data -X509,function,111,X509_CRL_add0_revoked -X509,function,112,X509_CRL_diff -X509,function,113,X509_CRL_print_fp -X509,function,114,X509_EXTENSION_create_by_NID -X509,function,115,X509_EXTENSION_create_by_OBJ -X509,function,116,X509_INFO_new -X509,function,117,X509_NAME_ENTRY_create_by_NID -X509,function,118,X509_NAME_ENTRY_create_by_txt -X509,function,119,X509_NAME_ENTRY_set_object -X509,function,120,X509_NAME_add_entry -X509,function,121,X509_NAME_oneline -X509,function,122,X509_NAME_print -X509,function,123,X509_PKEY_new -X509,function,124,X509_PUBKEY_get -X509,function,125,X509_PUBKEY_set -X509,function,126,X509_REQ_check_private_key -X509,function,127,X509_REQ_to_X509 -X509,function,128,X509_STORE_CTX_get1_issuer -X509,function,129,X509_STORE_CTX_init -X509,function,130,X509_STORE_CTX_new -X509,function,131,X509_STORE_CTX_purpose_inherit -X509,function,132,X509_STORE_add_cert -X509,function,133,X509_STORE_add_crl -X509,function,134,X509_TRUST_add -X509,function,135,X509_TRUST_set -X509,function,136,X509_check_private_key -X509,function,137,X509_get_pubkey_parameters -X509,function,138,X509_load_cert_crl_file -X509,function,139,X509_load_cert_file -X509,function,140,X509_load_crl_file -X509,function,141,X509_print_ex_fp -X509,function,142,X509_to_X509_REQ -X509,function,143,X509_verify_cert -X509,function,144,X509at_add1_attr -X509,function,145,X509v3_add_ext -X509,function,146,add_cert_dir -X509,function,147,by_file_ctrl -X509,function,148,check_policy -X509,function,149,dir_ctrl -X509,function,150,get_cert_by_subject -X509,function,151,i2d_DSA_PUBKEY -X509,function,152,i2d_EC_PUBKEY -X509,function,153,i2d_RSA_PUBKEY -X509,function,157,pkcs7_parse_header -X509,function,154,x509_name_encode -X509,function,155,x509_name_ex_d2i -X509,function,156,x509_name_ex_new -X509,reason,100,AKID_MISMATCH -X509,reason,101,BAD_PKCS7_VERSION -X509,reason,102,BAD_X509_FILETYPE -X509,reason,103,BASE64_DECODE_ERROR -X509,reason,104,CANT_CHECK_DH_KEY -X509,reason,105,CERT_ALREADY_IN_HASH_TABLE -X509,reason,106,CRL_ALREADY_DELTA -X509,reason,107,CRL_VERIFY_FAILURE -X509,reason,108,IDP_MISMATCH -X509,reason,109,INVALID_BIT_STRING_BITS_LEFT -X509,reason,110,INVALID_DIRECTORY -X509,reason,111,INVALID_FIELD_NAME -X509,reason,112,INVALID_TRUST -X509,reason,113,ISSUER_MISMATCH -X509,reason,114,KEY_TYPE_MISMATCH -X509,reason,115,KEY_VALUES_MISMATCH -X509,reason,116,LOADING_CERT_DIR -X509,reason,117,LOADING_DEFAULTS -X509,reason,118,METHOD_NOT_SUPPORTED -X509,reason,119,NEWER_CRL_NOT_NEWER -X509,reason,120,NOT_PKCS7_SIGNED_DATA -X509,reason,121,NO_CERTIFICATES_INCLUDED -X509,reason,122,NO_CERT_SET_FOR_US_TO_VERIFY -X509,reason,136,NO_CRLS_INCLUDED -X509,reason,123,NO_CRL_NUMBER -X509,reason,124,PUBLIC_KEY_DECODE_ERROR -X509,reason,125,PUBLIC_KEY_ENCODE_ERROR -X509,reason,126,SHOULD_RETRY -X509,reason,127,UNABLE_TO_FIND_PARAMETERS_IN_CHAIN -X509,reason,128,UNABLE_TO_GET_CERTS_PUBLIC_KEY -X509,reason,129,UNKNOWN_KEY_TYPE -X509,reason,130,UNKNOWN_NID -X509,reason,131,UNKNOWN_PURPOSE_ID -X509,reason,132,UNKNOWN_TRUST_ID -X509,reason,133,UNSUPPORTED_ALGORITHM -X509,reason,134,WRONG_LOOKUP_TYPE -X509,reason,135,WRONG_TYPE +X509,100,AKID_MISMATCH +X509,101,BAD_PKCS7_VERSION +X509,102,BAD_X509_FILETYPE +X509,103,BASE64_DECODE_ERROR +X509,104,CANT_CHECK_DH_KEY +X509,105,CERT_ALREADY_IN_HASH_TABLE +X509,106,CRL_ALREADY_DELTA +X509,107,CRL_VERIFY_FAILURE +X509,108,IDP_MISMATCH +X509,109,INVALID_BIT_STRING_BITS_LEFT +X509,110,INVALID_DIRECTORY +X509,111,INVALID_FIELD_NAME +X509,112,INVALID_TRUST +X509,113,ISSUER_MISMATCH +X509,114,KEY_TYPE_MISMATCH +X509,115,KEY_VALUES_MISMATCH +X509,116,LOADING_CERT_DIR +X509,117,LOADING_DEFAULTS +X509,118,METHOD_NOT_SUPPORTED +X509,119,NEWER_CRL_NOT_NEWER +X509,120,NOT_PKCS7_SIGNED_DATA +X509,121,NO_CERTIFICATES_INCLUDED +X509,122,NO_CERT_SET_FOR_US_TO_VERIFY +X509,136,NO_CRLS_INCLUDED +X509,123,NO_CRL_NUMBER +X509,124,PUBLIC_KEY_DECODE_ERROR +X509,125,PUBLIC_KEY_ENCODE_ERROR +X509,126,SHOULD_RETRY +X509,127,UNABLE_TO_FIND_PARAMETERS_IN_CHAIN +X509,128,UNABLE_TO_GET_CERTS_PUBLIC_KEY +X509,129,UNKNOWN_KEY_TYPE +X509,130,UNKNOWN_NID +X509,131,UNKNOWN_PURPOSE_ID +X509,132,UNKNOWN_TRUST_ID +X509,133,UNSUPPORTED_ALGORITHM +X509,134,WRONG_LOOKUP_TYPE +X509,135,WRONG_TYPE diff --git a/src/crypto/err/x509v3.errordata b/src/crypto/err/x509v3.errordata index 059e677..e53b780 100644 --- a/src/crypto/err/x509v3.errordata +++ b/src/crypto/err/x509v3.errordata @@ -1,120 +1,63 @@ -X509V3,function,100,SXNET_add_id_INTEGER -X509V3,function,101,SXNET_add_id_asc -X509V3,function,102,SXNET_add_id_ulong -X509V3,function,103,SXNET_get_id_asc -X509V3,function,104,SXNET_get_id_ulong -X509V3,function,105,X509V3_EXT_add -X509V3,function,106,X509V3_EXT_add_alias -X509V3,function,107,X509V3_EXT_free -X509V3,function,108,X509V3_EXT_i2d -X509V3,function,109,X509V3_EXT_nconf -X509V3,function,110,X509V3_add1_i2d -X509V3,function,111,X509V3_add_value -X509V3,function,112,X509V3_get_section -X509V3,function,113,X509V3_get_string -X509V3,function,114,X509V3_get_value_bool -X509V3,function,115,X509V3_parse_list -X509V3,function,116,X509_PURPOSE_add -X509V3,function,117,X509_PURPOSE_set -X509V3,function,118,a2i_GENERAL_NAME -X509V3,function,119,copy_email -X509V3,function,120,copy_issuer -X509V3,function,121,do_dirname -X509V3,function,122,do_ext_i2d -X509V3,function,123,do_ext_nconf -X509V3,function,124,gnames_from_sectname -X509V3,function,125,hex_to_string -X509V3,function,126,i2s_ASN1_ENUMERATED -X509V3,function,127,i2s_ASN1_IA5STRING -X509V3,function,128,i2s_ASN1_INTEGER -X509V3,function,129,i2v_AUTHORITY_INFO_ACCESS -X509V3,function,130,notice_section -X509V3,function,131,nref_nos -X509V3,function,132,policy_section -X509V3,function,133,process_pci_value -X509V3,function,134,r2i_certpol -X509V3,function,135,r2i_pci -X509V3,function,136,s2i_ASN1_IA5STRING -X509V3,function,137,s2i_ASN1_INTEGER -X509V3,function,138,s2i_ASN1_OCTET_STRING -X509V3,function,139,s2i_skey_id -X509V3,function,140,set_dist_point_name -X509V3,function,141,string_to_hex -X509V3,function,142,v2i_ASN1_BIT_STRING -X509V3,function,143,v2i_AUTHORITY_INFO_ACCESS -X509V3,function,144,v2i_AUTHORITY_KEYID -X509V3,function,145,v2i_BASIC_CONSTRAINTS -X509V3,function,146,v2i_EXTENDED_KEY_USAGE -X509V3,function,147,v2i_GENERAL_NAMES -X509V3,function,148,v2i_GENERAL_NAME_ex -X509V3,function,149,v2i_NAME_CONSTRAINTS -X509V3,function,150,v2i_POLICY_CONSTRAINTS -X509V3,function,151,v2i_POLICY_MAPPINGS -X509V3,function,152,v2i_crld -X509V3,function,153,v2i_idp -X509V3,function,154,v2i_issuer_alt -X509V3,function,155,v2i_subject_alt -X509V3,function,156,v3_generic_extension -X509V3,reason,100,BAD_IP_ADDRESS -X509V3,reason,101,BAD_OBJECT -X509V3,reason,102,BN_DEC2BN_ERROR -X509V3,reason,103,BN_TO_ASN1_INTEGER_ERROR -X509V3,reason,104,CANNOT_FIND_FREE_FUNCTION -X509V3,reason,105,DIRNAME_ERROR -X509V3,reason,106,DISTPOINT_ALREADY_SET -X509V3,reason,107,DUPLICATE_ZONE_ID -X509V3,reason,108,ERROR_CONVERTING_ZONE -X509V3,reason,109,ERROR_CREATING_EXTENSION -X509V3,reason,110,ERROR_IN_EXTENSION -X509V3,reason,111,EXPECTED_A_SECTION_NAME -X509V3,reason,112,EXTENSION_EXISTS -X509V3,reason,113,EXTENSION_NAME_ERROR -X509V3,reason,114,EXTENSION_NOT_FOUND -X509V3,reason,115,EXTENSION_SETTING_NOT_SUPPORTED -X509V3,reason,116,EXTENSION_VALUE_ERROR -X509V3,reason,117,ILLEGAL_EMPTY_EXTENSION -X509V3,reason,118,ILLEGAL_HEX_DIGIT -X509V3,reason,119,INCORRECT_POLICY_SYNTAX_TAG -X509V3,reason,120,INVALID_BOOLEAN_STRING -X509V3,reason,121,INVALID_EXTENSION_STRING -X509V3,reason,122,INVALID_MULTIPLE_RDNS -X509V3,reason,123,INVALID_NAME -X509V3,reason,124,INVALID_NULL_ARGUMENT -X509V3,reason,125,INVALID_NULL_NAME -X509V3,reason,126,INVALID_NULL_VALUE -X509V3,reason,127,INVALID_NUMBER -X509V3,reason,128,INVALID_NUMBERS -X509V3,reason,129,INVALID_OBJECT_IDENTIFIER -X509V3,reason,130,INVALID_OPTION -X509V3,reason,131,INVALID_POLICY_IDENTIFIER -X509V3,reason,132,INVALID_PROXY_POLICY_SETTING -X509V3,reason,133,INVALID_PURPOSE -X509V3,reason,134,INVALID_SECTION -X509V3,reason,135,INVALID_SYNTAX -X509V3,reason,136,ISSUER_DECODE_ERROR -X509V3,reason,137,MISSING_VALUE -X509V3,reason,138,NEED_ORGANIZATION_AND_NUMBERS -X509V3,reason,139,NO_CONFIG_DATABASE -X509V3,reason,140,NO_ISSUER_CERTIFICATE -X509V3,reason,141,NO_ISSUER_DETAILS -X509V3,reason,142,NO_POLICY_IDENTIFIER -X509V3,reason,143,NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED -X509V3,reason,144,NO_PUBLIC_KEY -X509V3,reason,145,NO_SUBJECT_DETAILS -X509V3,reason,146,ODD_NUMBER_OF_DIGITS -X509V3,reason,147,OPERATION_NOT_DEFINED -X509V3,reason,148,OTHERNAME_ERROR -X509V3,reason,149,POLICY_LANGUAGE_ALREADY_DEFINED -X509V3,reason,150,POLICY_PATH_LENGTH -X509V3,reason,151,POLICY_PATH_LENGTH_ALREADY_DEFINED -X509V3,reason,152,POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY -X509V3,reason,153,SECTION_NOT_FOUND -X509V3,reason,154,UNABLE_TO_GET_ISSUER_DETAILS -X509V3,reason,155,UNABLE_TO_GET_ISSUER_KEYID -X509V3,reason,156,UNKNOWN_BIT_STRING_ARGUMENT -X509V3,reason,157,UNKNOWN_EXTENSION -X509V3,reason,158,UNKNOWN_EXTENSION_NAME -X509V3,reason,159,UNKNOWN_OPTION -X509V3,reason,160,UNSUPPORTED_OPTION -X509V3,reason,161,UNSUPPORTED_TYPE -X509V3,reason,162,USER_TOO_LONG +X509V3,100,BAD_IP_ADDRESS +X509V3,101,BAD_OBJECT +X509V3,102,BN_DEC2BN_ERROR +X509V3,103,BN_TO_ASN1_INTEGER_ERROR +X509V3,104,CANNOT_FIND_FREE_FUNCTION +X509V3,105,DIRNAME_ERROR +X509V3,106,DISTPOINT_ALREADY_SET +X509V3,107,DUPLICATE_ZONE_ID +X509V3,108,ERROR_CONVERTING_ZONE +X509V3,109,ERROR_CREATING_EXTENSION +X509V3,110,ERROR_IN_EXTENSION +X509V3,111,EXPECTED_A_SECTION_NAME +X509V3,112,EXTENSION_EXISTS +X509V3,113,EXTENSION_NAME_ERROR +X509V3,114,EXTENSION_NOT_FOUND +X509V3,115,EXTENSION_SETTING_NOT_SUPPORTED +X509V3,116,EXTENSION_VALUE_ERROR +X509V3,117,ILLEGAL_EMPTY_EXTENSION +X509V3,118,ILLEGAL_HEX_DIGIT +X509V3,119,INCORRECT_POLICY_SYNTAX_TAG +X509V3,120,INVALID_BOOLEAN_STRING +X509V3,121,INVALID_EXTENSION_STRING +X509V3,122,INVALID_MULTIPLE_RDNS +X509V3,123,INVALID_NAME +X509V3,124,INVALID_NULL_ARGUMENT +X509V3,125,INVALID_NULL_NAME +X509V3,126,INVALID_NULL_VALUE +X509V3,127,INVALID_NUMBER +X509V3,128,INVALID_NUMBERS +X509V3,129,INVALID_OBJECT_IDENTIFIER +X509V3,130,INVALID_OPTION +X509V3,131,INVALID_POLICY_IDENTIFIER +X509V3,132,INVALID_PROXY_POLICY_SETTING +X509V3,133,INVALID_PURPOSE +X509V3,134,INVALID_SECTION +X509V3,135,INVALID_SYNTAX +X509V3,136,ISSUER_DECODE_ERROR +X509V3,137,MISSING_VALUE +X509V3,138,NEED_ORGANIZATION_AND_NUMBERS +X509V3,139,NO_CONFIG_DATABASE +X509V3,140,NO_ISSUER_CERTIFICATE +X509V3,141,NO_ISSUER_DETAILS +X509V3,142,NO_POLICY_IDENTIFIER +X509V3,143,NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED +X509V3,144,NO_PUBLIC_KEY +X509V3,145,NO_SUBJECT_DETAILS +X509V3,146,ODD_NUMBER_OF_DIGITS +X509V3,147,OPERATION_NOT_DEFINED +X509V3,148,OTHERNAME_ERROR +X509V3,149,POLICY_LANGUAGE_ALREADY_DEFINED +X509V3,150,POLICY_PATH_LENGTH +X509V3,151,POLICY_PATH_LENGTH_ALREADY_DEFINED +X509V3,152,POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY +X509V3,153,SECTION_NOT_FOUND +X509V3,154,UNABLE_TO_GET_ISSUER_DETAILS +X509V3,155,UNABLE_TO_GET_ISSUER_KEYID +X509V3,156,UNKNOWN_BIT_STRING_ARGUMENT +X509V3,157,UNKNOWN_EXTENSION +X509V3,158,UNKNOWN_EXTENSION_NAME +X509V3,159,UNKNOWN_OPTION +X509V3,160,UNSUPPORTED_OPTION +X509V3,161,UNSUPPORTED_TYPE +X509V3,162,USER_TOO_LONG diff --git a/src/crypto/evp/CMakeLists.txt b/src/crypto/evp/CMakeLists.txt index 5769fa4..5d2e918 100644 --- a/src/crypto/evp/CMakeLists.txt +++ b/src/crypto/evp/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( evp @@ -6,15 +6,13 @@ add_library( OBJECT algorithm.c - asn1.c digestsign.c evp.c + evp_asn1.c evp_ctx.c p_dsa_asn1.c p_ec.c p_ec_asn1.c - p_hmac.c - p_hmac_asn1.c p_rsa.c p_rsa_asn1.c pbkdf.c diff --git a/src/crypto/evp/algorithm.c b/src/crypto/evp/algorithm.c index ea28dfa..63bc77a 100644 --- a/src/crypto/evp/algorithm.c +++ b/src/crypto/evp/algorithm.c @@ -74,8 +74,7 @@ int EVP_DigestSignAlgorithm(EVP_MD_CTX *ctx, X509_ALGOR *algor) { digest = EVP_MD_CTX_md(ctx); pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx); if (!digest || !pkey) { - OPENSSL_PUT_ERROR(EVP, EVP_DigestSignAlgorithm, - EVP_R_CONTEXT_NOT_INITIALISED); + OPENSSL_PUT_ERROR(EVP, EVP_R_CONTEXT_NOT_INITIALISED); return 0; } @@ -97,8 +96,7 @@ int EVP_DigestSignAlgorithm(EVP_MD_CTX *ctx, X509_ALGOR *algor) { * that. */ if (!OBJ_find_sigid_by_algs(&sign_nid, EVP_MD_type(digest), pkey->ameth->pkey_id)) { - OPENSSL_PUT_ERROR(EVP, EVP_DigestSignAlgorithm, - EVP_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(EVP, EVP_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); return 0; } @@ -122,24 +120,21 @@ int EVP_DigestVerifyInitFromAlgorithm(EVP_MD_CTX *ctx, /* Convert signature OID into digest and public key OIDs */ if (!OBJ_find_sigid_algs(OBJ_obj2nid(algor->algorithm), &digest_nid, &pkey_nid)) { - OPENSSL_PUT_ERROR(EVP, EVP_DigestVerifyInitFromAlgorithm, - EVP_R_UNKNOWN_SIGNATURE_ALGORITHM); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_SIGNATURE_ALGORITHM); return 0; } /* Check public key OID matches public key type */ ameth = EVP_PKEY_asn1_find(NULL, pkey_nid); if (ameth == NULL || ameth->pkey_id != pkey->ameth->pkey_id) { - OPENSSL_PUT_ERROR(EVP, EVP_DigestVerifyInitFromAlgorithm, - EVP_R_WRONG_PUBLIC_KEY_TYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_WRONG_PUBLIC_KEY_TYPE); return 0; } /* NID_undef signals that there are custom parameters to set. */ if (digest_nid == NID_undef) { if (!pkey->ameth || !pkey->ameth->digest_verify_init_from_algorithm) { - OPENSSL_PUT_ERROR(EVP, EVP_DigestVerifyInitFromAlgorithm, - EVP_R_UNKNOWN_SIGNATURE_ALGORITHM); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_SIGNATURE_ALGORITHM); return 0; } @@ -149,8 +144,7 @@ int EVP_DigestVerifyInitFromAlgorithm(EVP_MD_CTX *ctx, /* Otherwise, initialize with the digest from the OID. */ digest = EVP_get_digestbynid(digest_nid); if (digest == NULL) { - OPENSSL_PUT_ERROR(EVP, EVP_DigestVerifyInitFromAlgorithm, - EVP_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); return 0; } diff --git a/src/crypto/evp/asn1.c b/src/crypto/evp/asn1.c deleted file mode 100644 index 3df9f52..0000000 --- a/src/crypto/evp/asn1.c +++ /dev/null @@ -1,167 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#include - -#include -#include -#include -#include - -#include "internal.h" - - -EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **out, const uint8_t **inp, - long len) { - EVP_PKEY *ret; - - if (out == NULL || *out == NULL) { - ret = EVP_PKEY_new(); - if (ret == NULL) { - OPENSSL_PUT_ERROR(EVP, d2i_PrivateKey, ERR_R_EVP_LIB); - return NULL; - } - } else { - ret = *out; - } - - if (!EVP_PKEY_set_type(ret, type)) { - OPENSSL_PUT_ERROR(EVP, d2i_PrivateKey, EVP_R_UNKNOWN_PUBLIC_KEY_TYPE); - goto err; - } - - if (!ret->ameth->old_priv_decode || - !ret->ameth->old_priv_decode(ret, inp, len)) { - if (ret->ameth->priv_decode) { - PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, inp, len); - if (!p8) { - goto err; - } - EVP_PKEY_free(ret); - ret = EVP_PKCS82PKEY(p8); - PKCS8_PRIV_KEY_INFO_free(p8); - } else { - OPENSSL_PUT_ERROR(EVP, d2i_PrivateKey, ERR_R_ASN1_LIB); - goto err; - } - } - - if (out != NULL) { - *out = ret; - } - return ret; - -err: - if (out == NULL || *out != ret) { - EVP_PKEY_free(ret); - } - return NULL; -} - -EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **out, const uint8_t **inp, long len) { - STACK_OF(ASN1_TYPE) *inkey; - const uint8_t *p; - int keytype; - p = *inp; - - /* Dirty trick: read in the ASN1 data into out STACK_OF(ASN1_TYPE): - * by analyzing it we can determine the passed structure: this - * assumes the input is surrounded by an ASN1 SEQUENCE. */ - inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, len); - /* Since we only need to discern "traditional format" RSA and DSA - * keys we can just count the elements. */ - if (sk_ASN1_TYPE_num(inkey) == 6) { - keytype = EVP_PKEY_DSA; - } else if (sk_ASN1_TYPE_num(inkey) == 4) { - keytype = EVP_PKEY_EC; - } else if (sk_ASN1_TYPE_num(inkey) == 3) { - /* This seems to be PKCS8, not traditional format */ - PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, inp, len); - EVP_PKEY *ret; - - sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); - if (!p8) { - OPENSSL_PUT_ERROR(EVP, d2i_AutoPrivateKey, - EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE); - return NULL; - } - ret = EVP_PKCS82PKEY(p8); - PKCS8_PRIV_KEY_INFO_free(p8); - if (out) { - *out = ret; - } - return ret; - } else { - keytype = EVP_PKEY_RSA; - } - - sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); - return d2i_PrivateKey(keytype, out, inp, len); -} - -int i2d_PublicKey(EVP_PKEY *key, uint8_t **outp) { - switch (key->type) { - case EVP_PKEY_RSA: - return i2d_RSAPublicKey(key->pkey.rsa, outp); - case EVP_PKEY_DSA: - return i2d_DSAPublicKey(key->pkey.dsa, outp); - case EVP_PKEY_EC: - return i2o_ECPublicKey(key->pkey.ec, outp); - default: - OPENSSL_PUT_ERROR(EVP, i2d_PublicKey, EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE); - return -1; - } -} diff --git a/src/crypto/evp/digestsign.c b/src/crypto/evp/digestsign.c index c163d40..ccb4de4 100644 --- a/src/crypto/evp/digestsign.c +++ b/src/crypto/evp/digestsign.c @@ -62,17 +62,9 @@ #include "../digest/internal.h" -/* md_begin_digset is a callback from the |EVP_MD_CTX| code that is called when - * a new digest is begun. */ -static int md_begin_digest(EVP_MD_CTX *ctx) { - return EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG, - EVP_PKEY_CTRL_DIGESTINIT, 0, ctx); -} - static const struct evp_md_pctx_ops md_pctx_ops = { EVP_PKEY_CTX_free, EVP_PKEY_CTX_dup, - md_begin_digest, }; static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, @@ -91,26 +83,16 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, } if (type == NULL) { - OPENSSL_PUT_ERROR(EVP, do_sigver_init, EVP_R_NO_DEFAULT_DIGEST); + OPENSSL_PUT_ERROR(EVP, EVP_R_NO_DEFAULT_DIGEST); return 0; } if (is_verify) { - if (ctx->pctx->pmeth->verifyctx_init) { - if (!ctx->pctx->pmeth->verifyctx_init(ctx->pctx, ctx)) { - return 0; - } - ctx->pctx->operation = EVP_PKEY_OP_VERIFYCTX; - } else if (!EVP_PKEY_verify_init(ctx->pctx)) { + if (!EVP_PKEY_verify_init(ctx->pctx)) { return 0; } } else { - if (ctx->pctx->pmeth->signctx_init) { - if (!ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx)) { - return 0; - } - ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX; - } else if (!EVP_PKEY_sign_init(ctx->pctx)) { + if (!EVP_PKEY_sign_init(ctx->pctx)) { return 0; } } @@ -146,59 +128,37 @@ int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *data, size_t len) { int EVP_DigestSignFinal(EVP_MD_CTX *ctx, uint8_t *out_sig, size_t *out_sig_len) { - int r = 0; - const int has_signctx = ctx->pctx->pmeth->signctx != NULL; - if (out_sig) { EVP_MD_CTX tmp_ctx; + int ret; uint8_t md[EVP_MAX_MD_SIZE]; unsigned int mdlen; EVP_MD_CTX_init(&tmp_ctx); - if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx)) { - return 0; - } - if (has_signctx) { - r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx, out_sig, out_sig_len, &tmp_ctx); - } else { - r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen); - if (r) { - r = EVP_PKEY_sign(ctx->pctx, out_sig, out_sig_len, md, mdlen); - } - } + ret = EVP_MD_CTX_copy_ex(&tmp_ctx, ctx) && + EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen) && + EVP_PKEY_sign(ctx->pctx, out_sig, out_sig_len, md, mdlen); EVP_MD_CTX_cleanup(&tmp_ctx); - return r; + + return ret; } else { - if (has_signctx) { - return ctx->pctx->pmeth->signctx(ctx->pctx, out_sig, out_sig_len, ctx); - } else { - size_t s = EVP_MD_size(ctx->digest); - return EVP_PKEY_sign(ctx->pctx, out_sig, out_sig_len, NULL, s); - } + size_t s = EVP_MD_size(ctx->digest); + return EVP_PKEY_sign(ctx->pctx, out_sig, out_sig_len, NULL, s); } } int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const uint8_t *sig, size_t sig_len) { EVP_MD_CTX tmp_ctx; + int ret; uint8_t md[EVP_MAX_MD_SIZE]; - int r; unsigned int mdlen; EVP_MD_CTX_init(&tmp_ctx); - if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx)) { - return 0; - } - if (ctx->pctx->pmeth->verifyctx) { - r = tmp_ctx.pctx->pmeth->verifyctx(tmp_ctx.pctx, sig, sig_len, &tmp_ctx); - } else { - r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen); - if (r) { - r = EVP_PKEY_verify(ctx->pctx, sig, sig_len, md, mdlen); - } - } - + ret = EVP_MD_CTX_copy_ex(&tmp_ctx, ctx) && + EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen) && + EVP_PKEY_verify(ctx->pctx, sig, sig_len, md, mdlen); EVP_MD_CTX_cleanup(&tmp_ctx); - return r; + return ret; } diff --git a/src/crypto/evp/evp.c b/src/crypto/evp/evp.c index 0ad5c27..5822379 100644 --- a/src/crypto/evp/evp.c +++ b/src/crypto/evp/evp.c @@ -75,7 +75,6 @@ extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meth; extern const EVP_PKEY_ASN1_METHOD ec_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth; extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meth; EVP_PKEY *EVP_PKEY_new(void) { @@ -83,7 +82,7 @@ EVP_PKEY *EVP_PKEY_new(void) { ret = OPENSSL_malloc(sizeof(EVP_PKEY)); if (ret == NULL) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); return NULL; } @@ -159,12 +158,12 @@ int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) { int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) { if (to->type != from->type) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_copy_parameters, EVP_R_DIFFERENT_KEY_TYPES); + OPENSSL_PUT_ERROR(EVP, EVP_R_DIFFERENT_KEY_TYPES); goto err; } if (EVP_PKEY_missing_parameters(from)) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_copy_parameters, EVP_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(EVP, EVP_R_MISSING_PARAMETERS); goto err; } @@ -207,8 +206,6 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pengine, int nid) { case EVP_PKEY_RSA: case EVP_PKEY_RSA2: return &rsa_asn1_meth; - case EVP_PKEY_HMAC: - return &hmac_asn1_meth; case EVP_PKEY_EC: return &ec_asn1_meth; case EVP_PKEY_DSA: @@ -226,32 +223,6 @@ int EVP_PKEY_type(int nid) { return meth->pkey_id; } -EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const uint8_t *mac_key, - size_t mac_key_len) { - EVP_PKEY_CTX *mac_ctx = NULL; - EVP_PKEY *ret = NULL; - - mac_ctx = EVP_PKEY_CTX_new_id(type, e); - if (!mac_ctx) { - return NULL; - } - - if (!EVP_PKEY_keygen_init(mac_ctx) || - !EVP_PKEY_CTX_ctrl(mac_ctx, -1, EVP_PKEY_OP_KEYGEN, - EVP_PKEY_CTRL_SET_MAC_KEY, mac_key_len, - (uint8_t *)mac_key) || - !EVP_PKEY_keygen(mac_ctx, &ret)) { - ret = NULL; - goto merr; - } - -merr: - if (mac_ctx) { - EVP_PKEY_CTX_free(mac_ctx); - } - return ret; -} - int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) { if (EVP_PKEY_assign_RSA(pkey, key)) { RSA_up_ref(key); @@ -266,7 +237,7 @@ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key) { RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_RSA) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_get1_RSA, EVP_R_EXPECTING_AN_RSA_KEY); + OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_AN_RSA_KEY); return NULL; } RSA_up_ref(pkey->pkey.rsa); @@ -287,7 +258,7 @@ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key) { DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_DSA) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_get1_DSA, EVP_R_EXPECTING_A_DSA_KEY); + OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_A_DSA_KEY); return NULL; } DSA_up_ref(pkey->pkey.dsa); @@ -308,7 +279,7 @@ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) { EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_EC) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_get1_EC_KEY, EVP_R_EXPECTING_AN_EC_KEY_KEY); + OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_AN_EC_KEY_KEY); return NULL; } EC_KEY_up_ref(pkey->pkey.ec); @@ -329,7 +300,7 @@ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key) { DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_DH) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_get1_DH, EVP_R_EXPECTING_A_DH_KEY); + OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_A_DH_KEY); return NULL; } DH_up_ref(pkey->pkey.dh); @@ -349,10 +320,10 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pengine, size_t len) { if (len == 3 && memcmp(name, "RSA", 3) == 0) { return &rsa_asn1_meth; - } else if (len == 4 && memcmp(name, "HMAC", 4) == 0) { - return &hmac_asn1_meth; } if (len == 2 && memcmp(name, "EC", 2) == 0) { return &ec_asn1_meth; + } else if (len == 3 && memcmp(name, "DSA", 3) == 0) { + return &dsa_asn1_meth; } return NULL; } @@ -366,7 +337,7 @@ int EVP_PKEY_set_type(EVP_PKEY *pkey, int type) { ameth = EVP_PKEY_asn1_find(NULL, type); if (ameth == NULL) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_set_type, EVP_R_UNSUPPORTED_ALGORITHM); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM); ERR_add_error_dataf("algorithm %d (%s)", type, OBJ_nid2sn(type)); return 0; } @@ -436,10 +407,6 @@ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **out_md) { 0, (void *)out_md); } -EVP_PKEY *EVP_PKEY_dup(EVP_PKEY *pkey) { - return EVP_PKEY_up_ref(pkey); -} - void OpenSSL_add_all_algorithms(void) {} void OpenSSL_add_all_ciphers(void) {} diff --git a/src/crypto/evp/evp_asn1.c b/src/crypto/evp/evp_asn1.c new file mode 100644 index 0000000..356c62b --- /dev/null +++ b/src/crypto/evp/evp_asn1.c @@ -0,0 +1,166 @@ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ + +#include + +#include +#include +#include +#include + +#include "internal.h" + + +EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **out, const uint8_t **inp, + long len) { + EVP_PKEY *ret; + + if (out == NULL || *out == NULL) { + ret = EVP_PKEY_new(); + if (ret == NULL) { + OPENSSL_PUT_ERROR(EVP, ERR_R_EVP_LIB); + return NULL; + } + } else { + ret = *out; + } + + if (!EVP_PKEY_set_type(ret, type)) { + OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_PUBLIC_KEY_TYPE); + goto err; + } + + if (!ret->ameth->old_priv_decode || + !ret->ameth->old_priv_decode(ret, inp, len)) { + if (ret->ameth->priv_decode) { + PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, inp, len); + if (!p8) { + goto err; + } + EVP_PKEY_free(ret); + ret = EVP_PKCS82PKEY(p8); + PKCS8_PRIV_KEY_INFO_free(p8); + } else { + OPENSSL_PUT_ERROR(EVP, ERR_R_ASN1_LIB); + goto err; + } + } + + if (out != NULL) { + *out = ret; + } + return ret; + +err: + if (out == NULL || *out != ret) { + EVP_PKEY_free(ret); + } + return NULL; +} + +EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **out, const uint8_t **inp, long len) { + STACK_OF(ASN1_TYPE) *inkey; + const uint8_t *p; + int keytype; + p = *inp; + + /* Dirty trick: read in the ASN1 data into out STACK_OF(ASN1_TYPE): + * by analyzing it we can determine the passed structure: this + * assumes the input is surrounded by an ASN1 SEQUENCE. */ + inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, len); + /* Since we only need to discern "traditional format" RSA and DSA + * keys we can just count the elements. */ + if (sk_ASN1_TYPE_num(inkey) == 6) { + keytype = EVP_PKEY_DSA; + } else if (sk_ASN1_TYPE_num(inkey) == 4) { + keytype = EVP_PKEY_EC; + } else if (sk_ASN1_TYPE_num(inkey) == 3) { + /* This seems to be PKCS8, not traditional format */ + PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, inp, len); + EVP_PKEY *ret; + + sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); + if (!p8) { + OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE); + return NULL; + } + ret = EVP_PKCS82PKEY(p8); + PKCS8_PRIV_KEY_INFO_free(p8); + if (out) { + *out = ret; + } + return ret; + } else { + keytype = EVP_PKEY_RSA; + } + + sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); + return d2i_PrivateKey(keytype, out, inp, len); +} + +int i2d_PublicKey(EVP_PKEY *key, uint8_t **outp) { + switch (key->type) { + case EVP_PKEY_RSA: + return i2d_RSAPublicKey(key->pkey.rsa, outp); + case EVP_PKEY_DSA: + return i2d_DSAPublicKey(key->pkey.dsa, outp); + case EVP_PKEY_EC: + return i2o_ECPublicKey(key->pkey.ec, outp); + default: + OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE); + return -1; + } +} diff --git a/src/crypto/evp/evp_ctx.c b/src/crypto/evp/evp_ctx.c index 9f42274..a8e71fe 100644 --- a/src/crypto/evp/evp_ctx.c +++ b/src/crypto/evp/evp_ctx.c @@ -67,12 +67,10 @@ extern const EVP_PKEY_METHOD rsa_pkey_meth; -extern const EVP_PKEY_METHOD hmac_pkey_meth; extern const EVP_PKEY_METHOD ec_pkey_meth; static const EVP_PKEY_METHOD *const evp_methods[] = { &rsa_pkey_meth, - &hmac_pkey_meth, &ec_pkey_meth, }; @@ -102,7 +100,7 @@ static EVP_PKEY_CTX *evp_pkey_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) { pmeth = evp_pkey_meth_find(id); if (pmeth == NULL) { - OPENSSL_PUT_ERROR(EVP, evp_pkey_ctx_new, EVP_R_UNSUPPORTED_ALGORITHM); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM); const char *name = OBJ_nid2sn(id); ERR_add_error_dataf("algorithm %d (%s)", id, name); return NULL; @@ -110,7 +108,7 @@ static EVP_PKEY_CTX *evp_pkey_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) { ret = OPENSSL_malloc(sizeof(EVP_PKEY_CTX)); if (!ret) { - OPENSSL_PUT_ERROR(EVP, evp_pkey_ctx_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); return NULL; } memset(ret, 0, sizeof(EVP_PKEY_CTX)); @@ -192,7 +190,7 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx) { err: EVP_PKEY_CTX_free(rctx); - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_CTX_dup, ERR_LIB_EVP); + OPENSSL_PUT_ERROR(EVP, ERR_LIB_EVP); return NULL; } @@ -207,7 +205,7 @@ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx) { return ctx->app_data; } int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd, int p1, void *p2) { if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_CTX_ctrl, EVP_R_COMMAND_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(EVP, EVP_R_COMMAND_NOT_SUPPORTED); return 0; } if (keytype != -1 && ctx->pmeth->pkey_id != keytype) { @@ -215,12 +213,12 @@ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd, } if (ctx->operation == EVP_PKEY_OP_UNDEFINED) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_CTX_ctrl, EVP_R_NO_OPERATION_SET); + OPENSSL_PUT_ERROR(EVP, EVP_R_NO_OPERATION_SET); return 0; } if (optype != -1 && !(ctx->operation & optype)) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_CTX_ctrl, EVP_R_INVALID_OPERATION); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_OPERATION); return 0; } @@ -229,8 +227,7 @@ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd, int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_sign_init, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } @@ -250,12 +247,11 @@ int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx) { int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *sig_len, const uint8_t *data, size_t data_len) { if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_sign, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_SIGN) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_sign, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } return ctx->pmeth->sign(ctx, sig, sig_len, data, data_len); @@ -263,8 +259,7 @@ int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *sig_len, int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_verify_init, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } ctx->operation = EVP_PKEY_OP_VERIFY; @@ -282,12 +277,11 @@ int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx) { int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const uint8_t *sig, size_t sig_len, const uint8_t *data, size_t data_len) { if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_verify, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_VERIFY) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_verify, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } return ctx->pmeth->verify(ctx, sig, sig_len, data, data_len); @@ -295,8 +289,7 @@ int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const uint8_t *sig, size_t sig_len, int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_encrypt_init, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } ctx->operation = EVP_PKEY_OP_ENCRYPT; @@ -313,12 +306,11 @@ int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx) { int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen) { if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_encrypt, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_ENCRYPT) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_encrypt, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen); @@ -326,8 +318,7 @@ int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_decrypt_init, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } ctx->operation = EVP_PKEY_OP_DECRYPT; @@ -344,12 +335,11 @@ int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx) { int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen) { if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_decrypt, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_DECRYPT) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_decrypt, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen); @@ -357,8 +347,7 @@ int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_init, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } ctx->operation = EVP_PKEY_OP_DERIVE; @@ -377,15 +366,13 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) { if (!ctx || !ctx->pmeth || !(ctx->pmeth->derive || ctx->pmeth->encrypt || ctx->pmeth->decrypt) || !ctx->pmeth->ctrl) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_DERIVE && ctx->operation != EVP_PKEY_OP_ENCRYPT && ctx->operation != EVP_PKEY_OP_DECRYPT) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer, - EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } @@ -400,12 +387,12 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) { } if (!ctx->pkey) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer, EVP_R_NO_KEY_SET); + OPENSSL_PUT_ERROR(EVP, EVP_R_NO_KEY_SET); return 0; } if (ctx->pkey->type != peer->type) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer, EVP_R_DIFFERENT_KEY_TYPES); + OPENSSL_PUT_ERROR(EVP, EVP_R_DIFFERENT_KEY_TYPES); return 0; } @@ -416,8 +403,7 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) { * -2 is OK for us here, as well as 1, so we can check for 0 only. */ if (!EVP_PKEY_missing_parameters(peer) && !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer, - EVP_R_DIFFERENT_PARAMETERS); + OPENSSL_PUT_ERROR(EVP, EVP_R_DIFFERENT_PARAMETERS); return 0; } @@ -437,12 +423,11 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) { int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, uint8_t *key, size_t *out_key_len) { if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_DERIVE) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } return ctx->pmeth->derive(ctx, key, out_key_len); @@ -450,8 +435,7 @@ int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, uint8_t *key, size_t *out_key_len) { int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_keygen_init, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } ctx->operation = EVP_PKEY_OP_KEYGEN; @@ -467,12 +451,11 @@ int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx) { int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey) { if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_keygen, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_KEYGEN) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_keygen, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } @@ -483,7 +466,7 @@ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey) { if (!*ppkey) { *ppkey = EVP_PKEY_new(); if (!*ppkey) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_keygen, ERR_LIB_EVP); + OPENSSL_PUT_ERROR(EVP, ERR_LIB_EVP); return 0; } } diff --git a/src/crypto/evp/evp_extra_test.cc b/src/crypto/evp/evp_extra_test.cc index 674547d..9c955fa 100644 --- a/src/crypto/evp/evp_extra_test.cc +++ b/src/crypto/evp/evp_extra_test.cc @@ -322,8 +322,8 @@ static const uint8_t kExampleBadECKeyDER[] = { }; static ScopedEVP_PKEY LoadExampleRSAKey() { - const uint8_t *derp = kExampleRSAKeyDER; - ScopedRSA rsa(d2i_RSAPrivateKey(nullptr, &derp, sizeof(kExampleRSAKeyDER))); + ScopedRSA rsa(RSA_private_key_from_bytes(kExampleRSAKeyDER, + sizeof(kExampleRSAKeyDER))); if (!rsa) { return nullptr; } diff --git a/src/crypto/evp/evp_test.cc b/src/crypto/evp/evp_test.cc index 239f868..c7ac908 100644 --- a/src/crypto/evp/evp_test.cc +++ b/src/crypto/evp/evp_test.cc @@ -56,10 +56,19 @@ #include #include +#if defined(_MSC_VER) +#pragma warning(push) +#pragma warning(disable: 4702) +#endif + #include #include #include +#if defined(_MSC_VER) +#pragma warning(pop) +#endif + #include #include #include @@ -72,11 +81,10 @@ #include "../test/stl_compat.h" -// evp_test dispatches between multiple test types. HMAC tests test the legacy -// EVP_PKEY_HMAC API. PrivateKey tests take a key name parameter and single -// block, decode it as a PEM private key, and save it under that key name. -// Decrypt, Sign, and Verify tests take a previously imported key name as -// parameter and test their respective operations. +// evp_test dispatches between multiple test types. PrivateKey tests take a key +// name parameter and single block, decode it as a PEM private key, and save it +// under that key name. Decrypt, Sign, and Verify tests take a previously +// imported key name as parameter and test their respective operations. static const EVP_MD *GetDigest(FileTest *t, const std::string &name) { if (name == "MD5") { @@ -120,54 +128,10 @@ static bool ImportPrivateKey(FileTest *t, KeyMap *key_map) { return true; } -static bool TestHMAC(FileTest *t) { - std::string digest_str; - if (!t->GetAttribute(&digest_str, "HMAC")) { - return false; - } - const EVP_MD *digest = GetDigest(t, digest_str); - if (digest == nullptr) { - return false; - } - - std::vector key, input, output; - if (!t->GetBytes(&key, "Key") || - !t->GetBytes(&input, "Input") || - !t->GetBytes(&output, "Output")) { - return false; - } - - ScopedEVP_PKEY pkey(EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, nullptr, - bssl::vector_data(&key), - key.size())); - ScopedEVP_MD_CTX mctx; - if (!pkey || - !EVP_DigestSignInit(mctx.get(), nullptr, digest, nullptr, pkey.get()) || - !EVP_DigestSignUpdate(mctx.get(), bssl::vector_data(&input), - input.size())) { - return false; - } - - size_t len; - std::vector actual; - if (!EVP_DigestSignFinal(mctx.get(), nullptr, &len)) { - return false; - } - actual.resize(len); - if (!EVP_DigestSignFinal(mctx.get(), bssl::vector_data(&actual), &len)) { - return false; - } - actual.resize(len); - return t->ExpectBytesEqual(bssl::vector_data(&output), output.size(), - bssl::vector_data(&actual), actual.size()); -} - static bool TestEVP(FileTest *t, void *arg) { KeyMap *key_map = reinterpret_cast(arg); if (t->GetType() == "PrivateKey") { return ImportPrivateKey(t, key_map); - } else if (t->GetType() == "HMAC") { - return TestHMAC(t); } int (*key_op_init)(EVP_PKEY_CTX *ctx); @@ -219,7 +183,7 @@ static bool TestEVP(FileTest *t, void *arg) { bssl::vector_data(&input), input.size())) { // ECDSA sometimes doesn't push an error code. Push one on the error queue // so it's distinguishable from other errors. - ERR_put_error(ERR_LIB_USER, 0, ERR_R_EVP_LIB, __FILE__, __LINE__); + OPENSSL_PUT_ERROR(USER, ERR_R_EVP_LIB); return false; } return true; diff --git a/src/crypto/evp/evp_tests.txt b/src/crypto/evp/evp_tests.txt index cccfa4f..97ddaa0 100644 --- a/src/crypto/evp/evp_tests.txt +++ b/src/crypto/evp/evp_tests.txt @@ -163,12 +163,11 @@ Digest = SHA1 Input = "0123456789ABCDEF1234" Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec800 # This operation fails without an error code, so ERR_R_EVP_LIB is surfaced. -Error = public key routines +Error = BAD_SIGNATURE # BER signature Verify = P-256 Digest = SHA1 Input = "0123456789ABCDEF1234" Output = 3080022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec80000 -# This operation fails without an error code, so ERR_R_EVP_LIB is surfaced. -Error = public key routines +Error = BAD_SIGNATURE diff --git a/src/crypto/evp/internal.h b/src/crypto/evp/internal.h index 08a7bfb..60881e3 100644 --- a/src/crypto/evp/internal.h +++ b/src/crypto/evp/internal.h @@ -89,8 +89,7 @@ struct evp_pkey_asn1_method_st { int pkey_base_id; unsigned long pkey_flags; - char *pem_str; - char *info; + const char *pem_str; int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub); int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk); @@ -115,8 +114,8 @@ struct evp_pkey_asn1_method_st { int (*pkey_size)(const EVP_PKEY *pk); int (*pkey_bits)(const EVP_PKEY *pk); - int (*param_decode)(EVP_PKEY *pkey, const unsigned char **pder, int derlen); - int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder); + int (*param_decode)(EVP_PKEY *pkey, const uint8_t **pder, int derlen); + int (*param_encode)(const EVP_PKEY *pkey, uint8_t **pder); int (*param_missing)(const EVP_PKEY *pk); int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from); int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b); @@ -130,9 +129,9 @@ struct evp_pkey_asn1_method_st { /* Legacy functions for old PEM */ - int (*old_priv_decode)(EVP_PKEY *pkey, const unsigned char **pder, + int (*old_priv_decode)(EVP_PKEY *pkey, const uint8_t **pder, int derlen); - int (*old_priv_encode)(const EVP_PKEY *pkey, unsigned char **pder); + int (*old_priv_encode)(const EVP_PKEY *pkey, uint8_t **pder); /* Converting parameters to/from AlgorithmIdentifier (X509_ALGOR). */ int (*digest_verify_init_from_algorithm)(EVP_MD_CTX *ctx, @@ -153,15 +152,12 @@ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx); #define EVP_PKEY_OP_SIGN (1 << 3) #define EVP_PKEY_OP_VERIFY (1 << 4) #define EVP_PKEY_OP_VERIFYRECOVER (1 << 5) -#define EVP_PKEY_OP_SIGNCTX (1 << 6) -#define EVP_PKEY_OP_VERIFYCTX (1 << 7) -#define EVP_PKEY_OP_ENCRYPT (1 << 8) -#define EVP_PKEY_OP_DECRYPT (1 << 9) -#define EVP_PKEY_OP_DERIVE (1 << 10) +#define EVP_PKEY_OP_ENCRYPT (1 << 6) +#define EVP_PKEY_OP_DECRYPT (1 << 7) +#define EVP_PKEY_OP_DERIVE (1 << 8) #define EVP_PKEY_OP_TYPE_SIG \ - (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER | \ - EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX) + (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER) #define EVP_PKEY_OP_TYPE_CRYPT (EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT) @@ -181,13 +177,8 @@ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx); OPENSSL_EXPORT int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd, int p1, void *p2); -/* EVP_PKEY_CTRL_DIGESTINIT is an internal value. It's called by - * EVP_DigestInit_ex to signal the |EVP_PKEY| that a digest operation is - * starting. - * - * TODO(davidben): This is only needed to support the deprecated HMAC |EVP_PKEY| - * types. */ -#define EVP_PKEY_CTRL_DIGESTINIT 3 +#define EVP_PKEY_CTRL_MD 1 +#define EVP_PKEY_CTRL_GET_MD 2 /* EVP_PKEY_CTRL_PEER_KEY is called with different values of |p1|: * 0: Is called from |EVP_PKEY_derive_set_peer| and |p2| contains a peer key. @@ -198,21 +189,12 @@ OPENSSL_EXPORT int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, * (EC)DH always return one in this case. * 3: Is called with |p2| == NULL to set whether the peer's key was used. * (EC)DH always return one in this case. This was only used for GOST. */ -#define EVP_PKEY_CTRL_PEER_KEY 4 - -/* EVP_PKEY_CTRL_SET_MAC_KEY sets a MAC key. For example, this can be done an - * |EVP_PKEY_CTX| prior to calling |EVP_PKEY_keygen| in order to generate an - * HMAC |EVP_PKEY| with the given key. It returns one on success and zero on - * error. */ -#define EVP_PKEY_CTRL_SET_MAC_KEY 5 +#define EVP_PKEY_CTRL_PEER_KEY 3 /* EVP_PKEY_ALG_CTRL is the base value from which key-type specific ctrl * commands are numbered. */ #define EVP_PKEY_ALG_CTRL 0x1000 -#define EVP_PKEY_CTRL_MD 1 -#define EVP_PKEY_CTRL_GET_MD 2 - #define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1) #define EVP_PKEY_CTRL_GET_RSA_PADDING (EVP_PKEY_ALG_CTRL + 2) #define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 3) @@ -260,34 +242,25 @@ struct evp_pkey_method_st { int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); int (*sign_init)(EVP_PKEY_CTX *ctx); - int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen); + int (*sign)(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *siglen, + const uint8_t *tbs, size_t tbslen); int (*verify_init)(EVP_PKEY_CTX *ctx); - int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, - const unsigned char *tbs, size_t tbslen); - - int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); - int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - EVP_MD_CTX *mctx); - - int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); - int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen, - EVP_MD_CTX *mctx); + int (*verify)(EVP_PKEY_CTX *ctx, const uint8_t *sig, size_t siglen, + const uint8_t *tbs, size_t tbslen); int (*encrypt_init)(EVP_PKEY_CTX *ctx); - int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen); + int (*encrypt)(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, + const uint8_t *in, size_t inlen); int (*decrypt_init)(EVP_PKEY_CTX *ctx); - int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen); + int (*decrypt)(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, + const uint8_t *in, size_t inlen); int (*derive_init)(EVP_PKEY_CTX *ctx); - int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); + int (*derive)(EVP_PKEY_CTX *ctx, uint8_t *key, size_t *keylen); int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2); - int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value); } /* EVP_PKEY_METHOD */; diff --git a/src/crypto/evp/p_dsa_asn1.c b/src/crypto/evp/p_dsa_asn1.c index 826d4e4..4790cf6 100644 --- a/src/crypto/evp/p_dsa_asn1.c +++ b/src/crypto/evp/p_dsa_asn1.c @@ -91,29 +91,29 @@ static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) { dsa = d2i_DSAparams(NULL, &pm, pmlen); if (dsa == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); goto err; } } else if (ptype == V_ASN1_NULL || ptype == V_ASN1_UNDEF) { dsa = DSA_new(); if (dsa == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } } else { - OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, EVP_R_PARAMETER_ENCODING_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_PARAMETER_ENCODING_ERROR); goto err; } public_key = d2i_ASN1_INTEGER(NULL, &p, pklen); if (public_key == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); goto err; } dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL); if (dsa->pub_key == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, EVP_R_BN_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_BN_DECODE_ERROR); goto err; } @@ -140,12 +140,12 @@ static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { if (dsa->p && dsa->q && dsa->g) { pval = ASN1_STRING_new(); if (!pval) { - OPENSSL_PUT_ERROR(EVP, dsa_pub_encode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } pval->length = i2d_DSAparams(dsa, &pval->data); if (pval->length <= 0) { - OPENSSL_PUT_ERROR(EVP, dsa_pub_encode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } ptype = V_ASN1_SEQUENCE; @@ -155,7 +155,7 @@ static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { penclen = i2d_DSAPublicKey(dsa, &penc); if (penclen <= 0) { - OPENSSL_PUT_ERROR(EVP, dsa_pub_encode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } @@ -252,23 +252,23 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { /* We have parameters. Now set private key */ dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL); if (dsa->priv_key == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, ERR_LIB_BN); + OPENSSL_PUT_ERROR(EVP, ERR_LIB_BN); goto dsaerr; } /* Calculate public key. */ dsa->pub_key = BN_new(); if (dsa->pub_key == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto dsaerr; } ctx = BN_CTX_new(); if (ctx == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto dsaerr; } if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) { - OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, ERR_LIB_BN); + OPENSSL_PUT_ERROR(EVP, ERR_LIB_BN); goto dsaerr; } @@ -280,7 +280,7 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { return 1; decerr: - OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); dsaerr: BN_CTX_free(ctx); @@ -297,19 +297,19 @@ static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { int dplen; if (!pkey->pkey.dsa || !pkey->pkey.dsa->priv_key) { - OPENSSL_PUT_ERROR(EVP, dsa_priv_encode, EVP_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(EVP, EVP_R_MISSING_PARAMETERS); goto err; } params = ASN1_STRING_new(); if (!params) { - OPENSSL_PUT_ERROR(EVP, dsa_priv_encode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } params->length = i2d_DSAparams(pkey->pkey.dsa, ¶ms->data); if (params->length <= 0) { - OPENSSL_PUT_ERROR(EVP, dsa_priv_encode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } params->type = V_ASN1_SEQUENCE; @@ -318,13 +318,14 @@ static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL); if (!prkey) { - OPENSSL_PUT_ERROR(EVP, dsa_priv_encode, ERR_LIB_BN); + OPENSSL_PUT_ERROR(EVP, ERR_LIB_BN); goto err; } dplen = i2d_ASN1_INTEGER(prkey, &dp); ASN1_INTEGER_free(prkey); + prkey = NULL; if (!PKCS8_pkey_set0(p8, (ASN1_OBJECT *)OBJ_nid2obj(NID_dsa), 0, V_ASN1_SEQUENCE, params, dp, dplen)) { @@ -437,7 +438,7 @@ static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype) { m = (uint8_t *)OPENSSL_malloc(buf_len + 10); if (m == NULL) { - OPENSSL_PUT_ERROR(EVP, do_dsa_print, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } @@ -466,7 +467,7 @@ static int dsa_param_decode(EVP_PKEY *pkey, const uint8_t **pder, int derlen) { DSA *dsa; dsa = d2i_DSAparams(NULL, pder, derlen); if (dsa == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_param_decode, ERR_R_DSA_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_DSA_LIB); return 0; } EVP_PKEY_assign_DSA(pkey, dsa); @@ -497,7 +498,7 @@ static int old_dsa_priv_decode(EVP_PKEY *pkey, const uint8_t **pder, DSA *dsa; dsa = d2i_DSAPrivateKey(NULL, pder, derlen); if (dsa == NULL) { - OPENSSL_PUT_ERROR(EVP, old_dsa_priv_decode, ERR_R_DSA_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_DSA_LIB); return 0; } EVP_PKEY_assign_DSA(pkey, dsa); @@ -531,7 +532,7 @@ static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, update_buflen(dsa_sig->s, &buf_len); m = OPENSSL_malloc(buf_len + 10); if (m == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_sig_print, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } @@ -554,7 +555,6 @@ const EVP_PKEY_ASN1_METHOD dsa_asn1_meth = { 0, "DSA", - "OpenSSL DSA method", dsa_pub_decode, dsa_pub_encode, diff --git a/src/crypto/evp/p_ec.c b/src/crypto/evp/p_ec.c index 73c00d8..77f213d 100644 --- a/src/crypto/evp/p_ec.c +++ b/src/crypto/evp/p_ec.c @@ -125,25 +125,18 @@ static void pkey_ec_cleanup(EVP_PKEY_CTX *ctx) { static int pkey_ec_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *siglen, const uint8_t *tbs, size_t tbslen) { - int type; unsigned int sltmp; - EC_PKEY_CTX *dctx = ctx->data; EC_KEY *ec = ctx->pkey->pkey.ec; if (!sig) { *siglen = ECDSA_size(ec); return 1; } else if (*siglen < (size_t)ECDSA_size(ec)) { - OPENSSL_PUT_ERROR(EVP, pkey_ec_sign, EVP_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EVP, EVP_R_BUFFER_TOO_SMALL); return 0; } - type = NID_sha1; - if (dctx->md) { - type = EVP_MD_type(dctx->md); - } - - if (!ECDSA_sign(type, tbs, tbslen, sig, &sltmp, ec)) { + if (!ECDSA_sign(0, tbs, tbslen, sig, &sltmp, ec)) { return 0; } *siglen = (size_t)sltmp; @@ -152,16 +145,7 @@ static int pkey_ec_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *siglen, static int pkey_ec_verify(EVP_PKEY_CTX *ctx, const uint8_t *sig, size_t siglen, const uint8_t *tbs, size_t tbslen) { - int type; - EC_PKEY_CTX *dctx = ctx->data; - EC_KEY *ec = ctx->pkey->pkey.ec; - - type = NID_sha1; - if (dctx->md) { - type = EVP_MD_type(dctx->md); - } - - return ECDSA_verify(type, tbs, tbslen, sig, siglen, ec); + return ECDSA_verify(0, tbs, tbslen, sig, siglen, ctx->pkey->pkey.ec); } static int pkey_ec_derive(EVP_PKEY_CTX *ctx, uint8_t *key, @@ -172,7 +156,7 @@ static int pkey_ec_derive(EVP_PKEY_CTX *ctx, uint8_t *key, EC_KEY *eckey; if (!ctx->pkey || !ctx->peerkey) { - OPENSSL_PUT_ERROR(EVP, pkey_ec_derive, EVP_R_KEYS_NOT_SET); + OPENSSL_PUT_ERROR(EVP, EVP_R_KEYS_NOT_SET); return 0; } @@ -207,7 +191,7 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID: group = EC_GROUP_new_by_curve_name(p1); if (group == NULL) { - OPENSSL_PUT_ERROR(EVP, pkey_ec_ctrl, EVP_R_INVALID_CURVE); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_CURVE); return 0; } EC_GROUP_free(dctx->gen_group); @@ -221,7 +205,7 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { EVP_MD_type((const EVP_MD *)p2) != NID_sha256 && EVP_MD_type((const EVP_MD *)p2) != NID_sha384 && EVP_MD_type((const EVP_MD *)p2) != NID_sha512) { - OPENSSL_PUT_ERROR(EVP, pkey_ec_ctrl, EVP_R_INVALID_DIGEST_TYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_DIGEST_TYPE); return 0; } dctx->md = p2; @@ -232,12 +216,11 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { return 1; case EVP_PKEY_CTRL_PEER_KEY: - /* Default behaviour is OK */ - case EVP_PKEY_CTRL_DIGESTINIT: + /* Default behaviour is OK */ return 1; default: - OPENSSL_PUT_ERROR(EVP, pkey_ec_ctrl, EVP_R_COMMAND_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(EVP, EVP_R_COMMAND_NOT_SUPPORTED); return 0; } } @@ -248,7 +231,7 @@ static int pkey_ec_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { int ret = 0; if (dctx->gen_group == NULL) { - OPENSSL_PUT_ERROR(EVP, pkey_ec_paramgen, EVP_R_NO_PARAMETERS_SET); + OPENSSL_PUT_ERROR(EVP, EVP_R_NO_PARAMETERS_SET); return 0; } ec = EC_KEY_new(); @@ -268,7 +251,7 @@ static int pkey_ec_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { EC_KEY *ec = NULL; EC_PKEY_CTX *dctx = ctx->data; if (ctx->pkey == NULL && dctx->gen_group == NULL) { - OPENSSL_PUT_ERROR(EVP, pkey_ec_keygen, EVP_R_NO_PARAMETERS_SET); + OPENSSL_PUT_ERROR(EVP, EVP_R_NO_PARAMETERS_SET); return 0; } ec = EC_KEY_new(); @@ -290,12 +273,11 @@ static int pkey_ec_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { } const EVP_PKEY_METHOD ec_pkey_meth = { - EVP_PKEY_EC, 0 /* flags */, pkey_ec_init, - pkey_ec_copy, pkey_ec_cleanup, 0 /* paramgen_init */, - pkey_ec_paramgen, 0 /* keygen_init */, pkey_ec_keygen, - 0 /* sign_init */, pkey_ec_sign, 0 /* verify_init */, - pkey_ec_verify, 0 /* signctx_init */, 0 /* signctx */, - 0 /* verifyctx_init */, 0 /* verifyctx */, 0 /* encrypt_init */, - 0 /* encrypt */, 0 /* decrypt_init */, 0 /* decrypt */, - 0 /* derive_init */, pkey_ec_derive, pkey_ec_ctrl, + EVP_PKEY_EC, 0 /* flags */, pkey_ec_init, + pkey_ec_copy, pkey_ec_cleanup, 0 /* paramgen_init */, + pkey_ec_paramgen, 0 /* keygen_init */, pkey_ec_keygen, + 0 /* sign_init */, pkey_ec_sign, 0 /* verify_init */, + pkey_ec_verify, 0 /* encrypt_init */, 0 /* encrypt */, + 0 /* decrypt_init */, 0 /* decrypt */, 0 /* derive_init */, + pkey_ec_derive, pkey_ec_ctrl, }; diff --git a/src/crypto/evp/p_ec_asn1.c b/src/crypto/evp/p_ec_asn1.c index fbbf4e7..9867947 100644 --- a/src/crypto/evp/p_ec_asn1.c +++ b/src/crypto/evp/p_ec_asn1.c @@ -71,13 +71,13 @@ static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key) { int nid; if (ec_key == NULL || (group = EC_KEY_get0_group(ec_key)) == NULL) { - OPENSSL_PUT_ERROR(EVP, eckey_param2type, EVP_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(EVP, EVP_R_MISSING_PARAMETERS); return 0; } nid = EC_GROUP_get_curve_name(group); if (nid == NID_undef) { - OPENSSL_PUT_ERROR(EVP, eckey_param2type, EVP_R_NO_NID_FOR_CURVE); + OPENSSL_PUT_ERROR(EVP, EVP_R_NO_NID_FOR_CURVE); return 0; } @@ -94,7 +94,7 @@ static int eckey_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { int penclen; if (!eckey_param2type(&ptype, &pval, ec_key)) { - OPENSSL_PUT_ERROR(EVP, eckey_pub_encode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); return 0; } penclen = i2o_ECPublicKey(ec_key, NULL); @@ -137,7 +137,7 @@ static EC_KEY *eckey_type2param(int ptype, void *pval) { eckey = d2i_ECParameters(NULL, &pm, pmlen); if (eckey == NULL) { - OPENSSL_PUT_ERROR(EVP, eckey_type2param, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); goto err; } } else if (ptype == V_ASN1_OBJECT) { @@ -150,7 +150,7 @@ static EC_KEY *eckey_type2param(int ptype, void *pval) { goto err; } } else { - OPENSSL_PUT_ERROR(EVP, eckey_type2param, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); goto err; } @@ -177,13 +177,13 @@ static int eckey_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) { eckey = eckey_type2param(ptype, pval); if (!eckey) { - OPENSSL_PUT_ERROR(EVP, eckey_pub_decode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); return 0; } /* We have parameters now set public key */ if (!o2i_ECPublicKey(&eckey, &p, pklen)) { - OPENSSL_PUT_ERROR(EVP, eckey_pub_decode, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); goto err; } @@ -232,7 +232,7 @@ static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { /* We have parameters now set private key */ if (!d2i_ECPrivateKey(&eckey, &p, pklen)) { - OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); goto ecerr; } @@ -246,23 +246,23 @@ static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { group = EC_KEY_get0_group(eckey); pub_key = EC_POINT_new(group); if (pub_key == NULL) { - OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); goto ecliberr; } if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group))) { EC_POINT_free(pub_key); - OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); goto ecliberr; } priv_key = EC_KEY_get0_private_key(eckey); if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, NULL)) { EC_POINT_free(pub_key); - OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); goto ecliberr; } if (EC_KEY_set_public_key(eckey, pub_key) == 0) { EC_POINT_free(pub_key); - OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); goto ecliberr; } EC_POINT_free(pub_key); @@ -272,7 +272,7 @@ static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { return 1; ecliberr: - OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); ecerr: if (eckey) { EC_KEY_free(eckey); @@ -290,7 +290,7 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { ec_key = pkey->pkey.ec; if (!eckey_param2type(&ptype, &pval, ec_key)) { - OPENSSL_PUT_ERROR(EVP, eckey_priv_encode, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); return 0; } @@ -304,20 +304,20 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { eplen = i2d_ECPrivateKey(ec_key, NULL); if (!eplen) { EC_KEY_set_enc_flags(ec_key, old_flags); - OPENSSL_PUT_ERROR(EVP, eckey_priv_encode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); return 0; } ep = (uint8_t *)OPENSSL_malloc(eplen); if (!ep) { EC_KEY_set_enc_flags(ec_key, old_flags); - OPENSSL_PUT_ERROR(EVP, eckey_priv_encode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); return 0; } p = ep; if (!i2d_ECPrivateKey(ec_key, &p)) { EC_KEY_set_enc_flags(ec_key, old_flags); OPENSSL_free(ep); - OPENSSL_PUT_ERROR(EVP, eckey_priv_encode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); return 0; } /* restore old encoding flags */ @@ -325,6 +325,7 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { if (!PKCS8_pkey_set0(p8, (ASN1_OBJECT *)OBJ_nid2obj(NID_X9_62_id_ecPublicKey), 0, ptype, pval, ep, eplen)) { + OPENSSL_free(ep); return 0; } @@ -478,7 +479,7 @@ static int do_EC_KEY_print(BIO *bp, const EC_KEY *x, int off, int ktype) { err: if (!ret) { - OPENSSL_PUT_ERROR(EVP, do_EC_KEY_print, reason); + OPENSSL_PUT_ERROR(EVP, reason); } OPENSSL_free(pub_key_bytes); BN_free(order); @@ -491,7 +492,7 @@ static int eckey_param_decode(EVP_PKEY *pkey, const uint8_t **pder, int derlen) { EC_KEY *eckey; if (!(eckey = d2i_ECParameters(NULL, pder, derlen))) { - OPENSSL_PUT_ERROR(EVP, eckey_param_decode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); return 0; } EVP_PKEY_assign_EC_KEY(pkey, eckey); @@ -526,7 +527,7 @@ static int old_ec_priv_decode(EVP_PKEY *pkey, const uint8_t **pder, int derlen) { EC_KEY *ec; if (!(ec = d2i_ECPrivateKey(NULL, pder, derlen))) { - OPENSSL_PUT_ERROR(EVP, old_ec_priv_decode, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); return 0; } EVP_PKEY_assign_EC_KEY(pkey, ec); @@ -542,7 +543,6 @@ const EVP_PKEY_ASN1_METHOD ec_asn1_meth = { EVP_PKEY_EC, 0, "EC", - "OpenSSL EC algorithm", eckey_pub_decode, eckey_pub_encode, diff --git a/src/crypto/evp/p_hmac.c b/src/crypto/evp/p_hmac.c deleted file mode 100644 index 7d3254a..0000000 --- a/src/crypto/evp/p_hmac.c +++ /dev/null @@ -1,223 +0,0 @@ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2007. - */ -/* ==================================================================== - * Copyright (c) 2007 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). */ - -#include - -#include - -#include -#include -#include -#include -#include - -#include "internal.h" -#include "../digest/internal.h" - - -typedef struct { - const EVP_MD *md; /* MD for HMAC use */ - ASN1_OCTET_STRING ktmp; /* Temp storage for key */ - HMAC_CTX ctx; -} HMAC_PKEY_CTX; - -static int pkey_hmac_init(EVP_PKEY_CTX *ctx) { - HMAC_PKEY_CTX *hctx; - hctx = OPENSSL_malloc(sizeof(HMAC_PKEY_CTX)); - if (!hctx) { - return 0; - } - memset(hctx, 0, sizeof(HMAC_PKEY_CTX)); - hctx->ktmp.type = V_ASN1_OCTET_STRING; - HMAC_CTX_init(&hctx->ctx); - - ctx->data = hctx; - - return 1; -} - -static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) { - HMAC_PKEY_CTX *sctx, *dctx; - if (!pkey_hmac_init(dst)) { - return 0; - } - sctx = src->data; - dctx = dst->data; - dctx->md = sctx->md; - HMAC_CTX_init(&dctx->ctx); - if (!HMAC_CTX_copy_ex(&dctx->ctx, &sctx->ctx)) { - return 0; - } - if (sctx->ktmp.data) { - if (!ASN1_OCTET_STRING_set(&dctx->ktmp, sctx->ktmp.data, - sctx->ktmp.length)) { - return 0; - } - } - return 1; -} - -static void pkey_hmac_cleanup(EVP_PKEY_CTX *ctx) { - HMAC_PKEY_CTX *hctx = ctx->data; - - if (hctx == NULL) { - return; - } - - HMAC_CTX_cleanup(&hctx->ctx); - if (hctx->ktmp.data) { - if (hctx->ktmp.length) { - OPENSSL_cleanse(hctx->ktmp.data, hctx->ktmp.length); - } - OPENSSL_free(hctx->ktmp.data); - hctx->ktmp.data = NULL; - } - OPENSSL_free(hctx); -} - -static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { - ASN1_OCTET_STRING *hkey = NULL; - HMAC_PKEY_CTX *hctx = ctx->data; - - if (!hctx->ktmp.data) { - return 0; - } - hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp); - if (!hkey) { - return 0; - } - EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey); - - return 1; -} - -static void int_update(EVP_MD_CTX *ctx, const void *data, size_t count) { - HMAC_PKEY_CTX *hctx = ctx->pctx->data; - HMAC_Update(&hctx->ctx, data, count); -} - -static int hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) { - /* |mctx| gets repurposed as a hook to call |HMAC_Update|. Suppress the - * automatic setting of |mctx->update| and the rest of its initialization. */ - EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT); - mctx->update = int_update; - return 1; -} - -static int hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - EVP_MD_CTX *mctx) { - unsigned int hlen; - HMAC_PKEY_CTX *hctx = ctx->data; - size_t md_size = EVP_MD_CTX_size(mctx); - - if (!sig) { - *siglen = md_size; - return 1; - } else if (*siglen < md_size) { - OPENSSL_PUT_ERROR(EVP, hmac_signctx, EVP_R_BUFFER_TOO_SMALL); - return 0; - } - - if (!HMAC_Final(&hctx->ctx, sig, &hlen)) { - return 0; - } - *siglen = (size_t)hlen; - return 1; -} - -static int pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { - HMAC_PKEY_CTX *hctx = ctx->data; - ASN1_OCTET_STRING *key; - - switch (type) { - case EVP_PKEY_CTRL_SET_MAC_KEY: - if ((!p2 && p1 > 0) || (p1 < -1)) { - return 0; - } - if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1)) { - return 0; - } - break; - - case EVP_PKEY_CTRL_MD: - hctx->md = p2; - break; - - case EVP_PKEY_CTRL_DIGESTINIT: - key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr; - if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md, - ctx->engine)) { - return 0; - } - break; - - default: - OPENSSL_PUT_ERROR(EVP, pkey_hmac_ctrl, EVP_R_COMMAND_NOT_SUPPORTED); - return 0; - } - return 1; -} - -const EVP_PKEY_METHOD hmac_pkey_meth = { - EVP_PKEY_HMAC, 0 /* flags */, pkey_hmac_init, - pkey_hmac_copy, pkey_hmac_cleanup, 0 /* paramgen_init */, - 0 /* paramgen */, 0 /* keygen_init */, pkey_hmac_keygen, - 0 /* sign_init */, 0 /* sign */, 0 /* verify_init */, - 0 /* verify */, hmac_signctx_init, hmac_signctx, - 0 /* verifyctx_init */, 0 /* verifyctx */, 0 /* encrypt_init */, - 0 /* encrypt */, 0 /* decrypt_init */, 0 /* decrypt */, - 0 /* derive_init */, 0 /* derive */, pkey_hmac_ctrl, - 0, -}; diff --git a/src/crypto/evp/p_hmac_asn1.c b/src/crypto/evp/p_hmac_asn1.c deleted file mode 100644 index 8aa6676..0000000 --- a/src/crypto/evp/p_hmac_asn1.c +++ /dev/null @@ -1,89 +0,0 @@ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2007. - */ -/* ==================================================================== - * Copyright (c) 2007 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). */ - -#include - -#include -#include -#include -#include - -#include "internal.h" - - -static int hmac_size(const EVP_PKEY *pkey) { return EVP_MAX_MD_SIZE; } - -static void hmac_key_free(EVP_PKEY *pkey) { - ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr; - if (os) { - if (os->data) { - OPENSSL_cleanse(os->data, os->length); - } - ASN1_OCTET_STRING_free(os); - } -} - -const EVP_PKEY_ASN1_METHOD hmac_asn1_meth = { - EVP_PKEY_HMAC, EVP_PKEY_HMAC, 0 /* flags */, - "HMAC", "OpenSSL HMAC method", 0 /* pub_decode */, - 0 /* pub_encode */, 0 /* pub_cmp */, 0 /* pub_print */, - 0 /*priv_decode */, 0 /* priv_encode */, 0 /* priv_print */, - 0 /* pkey_opaque */, 0 /* pkey_supports_digest */, - hmac_size, 0 /* pkey_bits */, 0 /* param_decode */, - 0 /* param_encode*/, 0 /* param_missing*/, 0 /* param_copy*/, - 0 /* param_cmp*/, 0 /* param_print*/, 0 /* sig_print*/, - hmac_key_free, 0 /* old_priv_decode */, - 0 /* old_priv_encode */ -}; diff --git a/src/crypto/evp/p_rsa.c b/src/crypto/evp/p_rsa.c index 5abc075..cfecbfd 100644 --- a/src/crypto/evp/p_rsa.c +++ b/src/crypto/evp/p_rsa.c @@ -174,7 +174,7 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *siglen, } if (*siglen < key_len) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_sign, EVP_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EVP, EVP_R_BUFFER_TOO_SMALL); return 0; } @@ -182,12 +182,12 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *siglen, unsigned int out_len; if (tbslen != EVP_MD_size(rctx->md)) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_sign, EVP_R_INVALID_DIGEST_LENGTH); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_DIGEST_LENGTH); return 0; } if (EVP_MD_type(rctx->md) == NID_mdc2) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_sign, EVP_R_NO_MDC2_SUPPORT); + OPENSSL_PUT_ERROR(EVP, EVP_R_NO_MDC2_SUPPORT); return 0; } @@ -268,7 +268,7 @@ static int pkey_rsa_encrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, } if (*outlen < key_len) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_encrypt, EVP_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EVP, EVP_R_BUFFER_TOO_SMALL); return 0; } @@ -300,7 +300,7 @@ static int pkey_rsa_decrypt(EVP_PKEY_CTX *ctx, uint8_t *out, } if (*outlen < key_len) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_decrypt, EVP_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EVP, EVP_R_BUFFER_TOO_SMALL); return 0; } @@ -333,7 +333,7 @@ static int check_padding_md(const EVP_MD *md, int padding) { } if (padding == RSA_NO_PADDING) { - OPENSSL_PUT_ERROR(EVP, check_padding_md, EVP_R_INVALID_PADDING_MODE); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PADDING_MODE); return 0; } @@ -361,8 +361,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { 0 == (ctx->operation & (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY))) || (p1 == RSA_PKCS1_OAEP_PADDING && 0 == (ctx->operation & EVP_PKEY_OP_TYPE_CRYPT))) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, - EVP_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE); + OPENSSL_PUT_ERROR(EVP, EVP_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE); return 0; } if ((p1 == RSA_PKCS1_PSS_PADDING || p1 == RSA_PKCS1_OAEP_PADDING) && @@ -379,7 +378,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_RSA_PSS_SALTLEN: case EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN: if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_INVALID_PSS_SALTLEN); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PSS_SALTLEN); return 0; } if (type == EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN) { @@ -394,7 +393,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_RSA_KEYGEN_BITS: if (p1 < 256) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_INVALID_KEYBITS); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_KEYBITS); return 0; } rctx->nbits = p1; @@ -411,7 +410,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_RSA_OAEP_MD: case EVP_PKEY_CTRL_GET_RSA_OAEP_MD: if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_INVALID_PADDING_MODE); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PADDING_MODE); return 0; } if (type == EVP_PKEY_CTRL_GET_RSA_OAEP_MD) { @@ -436,7 +435,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_GET_RSA_MGF1_MD: if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING && rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_INVALID_MGF1_MD); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_MGF1_MD); return 0; } if (type == EVP_PKEY_CTRL_GET_RSA_MGF1_MD) { @@ -452,7 +451,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_RSA_OAEP_LABEL: if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_INVALID_PADDING_MODE); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PADDING_MODE); return 0; } OPENSSL_free(rctx->oaep_label); @@ -469,17 +468,14 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL: if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_INVALID_PADDING_MODE); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PADDING_MODE); return 0; } CBS_init((CBS *)p2, rctx->oaep_label, rctx->oaep_labellen); return 1; - case EVP_PKEY_CTRL_DIGESTINIT: - return 1; - default: - OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_COMMAND_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(EVP, EVP_R_COMMAND_NOT_SUPPORTED); return 0; } } @@ -509,14 +505,13 @@ static int pkey_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { } const EVP_PKEY_METHOD rsa_pkey_meth = { - EVP_PKEY_RSA, 0 /* flags */, pkey_rsa_init, - pkey_rsa_copy, pkey_rsa_cleanup, 0 /* paramgen_init */, - 0 /* paramgen */, 0 /* keygen_init */, pkey_rsa_keygen, - 0 /* sign_init */, pkey_rsa_sign, 0 /* verify_init */, - pkey_rsa_verify, 0 /* signctx_init */, 0 /* signctx */, - 0 /* verifyctx_init */, 0 /* verifyctx */, 0 /* encrypt_init */, - pkey_rsa_encrypt, 0 /* decrypt_init */, pkey_rsa_decrypt, - 0 /* derive_init */, 0 /* derive */, pkey_rsa_ctrl, + EVP_PKEY_RSA, 0 /* flags */, pkey_rsa_init, + pkey_rsa_copy, pkey_rsa_cleanup, 0 /* paramgen_init */, + 0 /* paramgen */, 0 /* keygen_init */, pkey_rsa_keygen, + 0 /* sign_init */, pkey_rsa_sign, 0 /* verify_init */, + pkey_rsa_verify, 0 /* encrypt_init */, pkey_rsa_encrypt, + 0 /* decrypt_init */, pkey_rsa_decrypt, 0 /* derive_init */, + 0 /* derive */, pkey_rsa_ctrl, }; int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int padding) { @@ -593,7 +588,7 @@ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, return -1; } if (CBS_len(&label) > INT_MAX) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_CTX_get0_rsa_oaep_label, ERR_R_OVERFLOW); + OPENSSL_PUT_ERROR(EVP, ERR_R_OVERFLOW); return -1; } *out_label = CBS_data(&label); diff --git a/src/crypto/evp/p_rsa_asn1.c b/src/crypto/evp/p_rsa_asn1.c index 1e2d3f6..f60625b 100644 --- a/src/crypto/evp/p_rsa_asn1.c +++ b/src/crypto/evp/p_rsa_asn1.c @@ -57,6 +57,7 @@ #include #include +#include #include #include #include @@ -69,16 +70,14 @@ static int rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { - uint8_t *encoded = NULL; - int len; - len = i2d_RSAPublicKey(pkey->pkey.rsa, &encoded); - - if (len <= 0) { + uint8_t *encoded; + size_t encoded_len; + if (!RSA_public_key_to_bytes(&encoded, &encoded_len, pkey->pkey.rsa)) { return 0; } if (!X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_RSA), V_ASN1_NULL, NULL, - encoded, len)) { + encoded, encoded_len)) { OPENSSL_free(encoded); return 0; } @@ -89,16 +88,25 @@ static int rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { static int rsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) { const uint8_t *p; int pklen; - RSA *rsa; - if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, NULL, pubkey)) { return 0; } - rsa = d2i_RSAPublicKey(NULL, &p, pklen); - if (rsa == NULL) { - OPENSSL_PUT_ERROR(EVP, rsa_pub_decode, ERR_R_RSA_LIB); + + /* Estonian IDs issued between September 2014 to September 2015 are + * broken. See https://crbug.com/532048 and https://crbug.com/534766. + * + * TODO(davidben): Switch this to the strict version in March 2016 or when + * Chromium can force client certificates down a different codepath, whichever + * comes first. */ + CBS cbs; + CBS_init(&cbs, p, pklen); + RSA *rsa = RSA_parse_public_key_buggy(&cbs); + if (rsa == NULL || CBS_len(&cbs) != 0) { + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); + RSA_free(rsa); return 0; } + EVP_PKEY_assign_RSA(pkey, rsa); return 1; } @@ -109,20 +117,17 @@ static int rsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) { } static int rsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { - uint8_t *rk = NULL; - int rklen; - - rklen = i2d_RSAPrivateKey(pkey->pkey.rsa, &rk); - - if (rklen <= 0) { - OPENSSL_PUT_ERROR(EVP, rsa_priv_encode, ERR_R_MALLOC_FAILURE); + uint8_t *encoded; + size_t encoded_len; + if (!RSA_private_key_to_bytes(&encoded, &encoded_len, pkey->pkey.rsa)) { return 0; } /* TODO(fork): const correctness in next line. */ if (!PKCS8_pkey_set0(p8, (ASN1_OBJECT *)OBJ_nid2obj(NID_rsaEncryption), 0, - V_ASN1_NULL, NULL, rk, rklen)) { - OPENSSL_PUT_ERROR(EVP, rsa_priv_encode, ERR_R_MALLOC_FAILURE); + V_ASN1_NULL, NULL, encoded, encoded_len)) { + OPENSSL_free(encoded); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); return 0; } @@ -132,16 +137,14 @@ static int rsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { static int rsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { const uint8_t *p; int pklen; - RSA *rsa; - if (!PKCS8_pkey_get0(NULL, &p, &pklen, NULL, p8)) { - OPENSSL_PUT_ERROR(EVP, rsa_priv_decode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); return 0; } - rsa = d2i_RSAPrivateKey(NULL, &p, pklen); + RSA *rsa = RSA_private_key_from_bytes(p, pklen); if (rsa == NULL) { - OPENSSL_PUT_ERROR(EVP, rsa_priv_decode, ERR_R_RSA_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_RSA_LIB); return 0; } @@ -198,11 +201,24 @@ static int do_rsa_print(BIO *out, const RSA *rsa, int off, update_buflen(rsa->dmp1, &buf_len); update_buflen(rsa->dmq1, &buf_len); update_buflen(rsa->iqmp, &buf_len); + + if (rsa->additional_primes != NULL) { + size_t i; + + for (i = 0; i < sk_RSA_additional_prime_num(rsa->additional_primes); + i++) { + const RSA_additional_prime *ap = + sk_RSA_additional_prime_value(rsa->additional_primes, i); + update_buflen(ap->prime, &buf_len); + update_buflen(ap->exp, &buf_len); + update_buflen(ap->coeff, &buf_len); + } + } } m = (uint8_t *)OPENSSL_malloc(buf_len + 10); if (m == NULL) { - OPENSSL_PUT_ERROR(EVP, do_rsa_print, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } @@ -241,6 +257,28 @@ static int do_rsa_print(BIO *out, const RSA *rsa, int off, !ASN1_bn_print(out, "coefficient:", rsa->iqmp, m, off)) { goto err; } + + if (rsa->additional_primes != NULL && + sk_RSA_additional_prime_num(rsa->additional_primes) > 0) { + size_t i; + + if (BIO_printf(out, "otherPrimeInfos:\n") <= 0) { + goto err; + } + for (i = 0; i < sk_RSA_additional_prime_num(rsa->additional_primes); + i++) { + const RSA_additional_prime *ap = + sk_RSA_additional_prime_value(rsa->additional_primes, i); + + if (BIO_printf(out, "otherPrimeInfo (prime %u):\n", + (unsigned)(i + 3)) <= 0 || + !ASN1_bn_print(out, "prime:", ap->prime, m, off) || + !ASN1_bn_print(out, "exponent:", ap->exp, m, off) || + !ASN1_bn_print(out, "coeff:", ap->coeff, m, off)) { + goto err; + } + } + } } ret = 1; @@ -407,18 +445,18 @@ static int rsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, return 1; } -static int old_rsa_priv_decode(EVP_PKEY *pkey, const unsigned char **pder, +static int old_rsa_priv_decode(EVP_PKEY *pkey, const uint8_t **pder, int derlen) { RSA *rsa = d2i_RSAPrivateKey(NULL, pder, derlen); if (rsa == NULL) { - OPENSSL_PUT_ERROR(EVP, old_rsa_priv_decode, ERR_R_RSA_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_RSA_LIB); return 0; } EVP_PKEY_assign_RSA(pkey, rsa); return 1; } -static int old_rsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder) { +static int old_rsa_priv_encode(const EVP_PKEY *pkey, uint8_t **pder) { return i2d_RSAPrivateKey(pkey->pkey.rsa, pder); } @@ -474,7 +512,7 @@ static const EVP_MD *rsa_algor_to_md(X509_ALGOR *alg) { } md = EVP_get_digestbyobj(alg->algorithm); if (md == NULL) { - OPENSSL_PUT_ERROR(EVP, rsa_algor_to_md, EVP_R_UNKNOWN_DIGEST); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_DIGEST); } return md; } @@ -487,16 +525,16 @@ static const EVP_MD *rsa_mgf1_to_md(X509_ALGOR *alg, X509_ALGOR *maskHash) { } /* Check mask and lookup mask hash algorithm */ if (OBJ_obj2nid(alg->algorithm) != NID_mgf1) { - OPENSSL_PUT_ERROR(EVP, rsa_mgf1_to_md, EVP_R_UNSUPPORTED_MASK_ALGORITHM); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_MASK_ALGORITHM); return NULL; } if (!maskHash) { - OPENSSL_PUT_ERROR(EVP, rsa_mgf1_to_md, EVP_R_UNSUPPORTED_MASK_PARAMETER); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_MASK_PARAMETER); return NULL; } md = EVP_get_digestbyobj(maskHash->algorithm); if (md == NULL) { - OPENSSL_PUT_ERROR(EVP, rsa_mgf1_to_md, EVP_R_UNKNOWN_MASK_DIGEST); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_MASK_DIGEST); return NULL; } return md; @@ -576,13 +614,13 @@ static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, X509_ALGOR *sigalg, EVP_PKEY *pkey) { /* Sanity check: make sure it is PSS */ if (OBJ_obj2nid(sigalg->algorithm) != NID_rsassaPss) { - OPENSSL_PUT_ERROR(EVP, rsa_pss_to_ctx, EVP_R_UNSUPPORTED_SIGNATURE_TYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_SIGNATURE_TYPE); return 0; } /* Decode PSS parameters */ pss = rsa_pss_decode(sigalg, &maskHash); if (pss == NULL) { - OPENSSL_PUT_ERROR(EVP, rsa_pss_to_ctx, EVP_R_INVALID_PSS_PARAMETERS); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PSS_PARAMETERS); goto err; } @@ -602,7 +640,7 @@ static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, X509_ALGOR *sigalg, EVP_PKEY *pkey) { /* Could perform more salt length sanity checks but the main * RSA routines will trap other invalid values anyway. */ if (saltlen < 0) { - OPENSSL_PUT_ERROR(EVP, rsa_pss_to_ctx, EVP_R_INVALID_SALT_LENGTH); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_SALT_LENGTH); goto err; } } @@ -610,7 +648,7 @@ static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, X509_ALGOR *sigalg, EVP_PKEY *pkey) { /* low-level routines support only trailer field 0xbc (value 1) * and PKCS#1 says we should reject any other value anyway. */ if (pss->trailerField && ASN1_INTEGER_get(pss->trailerField) != 1) { - OPENSSL_PUT_ERROR(EVP, rsa_pss_to_ctx, EVP_R_INVALID_TRAILER); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_TRAILER); goto err; } @@ -638,8 +676,7 @@ static int rsa_digest_verify_init_from_algorithm(EVP_MD_CTX *ctx, EVP_PKEY *pkey) { /* Sanity check: make sure it is PSS */ if (OBJ_obj2nid(sigalg->algorithm) != NID_rsassaPss) { - OPENSSL_PUT_ERROR(EVP, rsa_digest_verify_init_from_algorithm, - EVP_R_UNSUPPORTED_SIGNATURE_TYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_SIGNATURE_TYPE); return 0; } return rsa_pss_to_ctx(ctx, sigalg, pkey); @@ -671,7 +708,6 @@ const EVP_PKEY_ASN1_METHOD rsa_asn1_meth = { ASN1_PKEY_SIGPARAM_NULL, "RSA", - "OpenSSL RSA method", rsa_pub_decode, rsa_pub_encode, diff --git a/src/crypto/ex_data.c b/src/crypto/ex_data.c index 10fefc8..f562f17 100644 --- a/src/crypto/ex_data.c +++ b/src/crypto/ex_data.c @@ -138,7 +138,7 @@ int CRYPTO_get_ex_new_index(CRYPTO_EX_DATA_CLASS *ex_data_class, int *out_index, funcs = OPENSSL_malloc(sizeof(CRYPTO_EX_DATA_FUNCS)); if (funcs == NULL) { - OPENSSL_PUT_ERROR(CRYPTO, CRYPTO_get_ex_new_index, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE); return 0; } @@ -156,12 +156,13 @@ int CRYPTO_get_ex_new_index(CRYPTO_EX_DATA_CLASS *ex_data_class, int *out_index, if (ex_data_class->meth == NULL || !sk_CRYPTO_EX_DATA_FUNCS_push(ex_data_class->meth, funcs)) { - OPENSSL_PUT_ERROR(CRYPTO, CRYPTO_get_ex_new_index, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE); OPENSSL_free(funcs); goto err; } - *out_index = sk_CRYPTO_EX_DATA_FUNCS_num(ex_data_class->meth) - 1; + *out_index = sk_CRYPTO_EX_DATA_FUNCS_num(ex_data_class->meth) - 1 + + ex_data_class->num_reserved; ret = 1; err: @@ -175,7 +176,7 @@ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int index, void *val) { if (ad->sk == NULL) { ad->sk = sk_void_new_null(); if (ad->sk == NULL) { - OPENSSL_PUT_ERROR(CRYPTO, CRYPTO_set_ex_data, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE); return 0; } } @@ -185,7 +186,7 @@ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int index, void *val) { /* Add NULL values until the stack is long enough. */ for (i = n; i <= index; i++) { if (!sk_void_push(ad->sk, NULL)) { - OPENSSL_PUT_ERROR(CRYPTO, CRYPTO_set_ex_data, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE); return 0; } } @@ -222,7 +223,7 @@ static int get_func_pointers(STACK_OF(CRYPTO_EX_DATA_FUNCS) **out, CRYPTO_STATIC_MUTEX_unlock(&ex_data_class->lock); if (n > 0 && *out == NULL) { - OPENSSL_PUT_ERROR(CRYPTO, get_func_pointers, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE); return 0; } @@ -244,8 +245,8 @@ int CRYPTO_new_ex_data(CRYPTO_EX_DATA_CLASS *ex_data_class, void *obj, CRYPTO_EX_DATA_FUNCS *func_pointer = sk_CRYPTO_EX_DATA_FUNCS_value(func_pointers, i); if (func_pointer->new_func) { - func_pointer->new_func(obj, NULL, ad, i, func_pointer->argl, - func_pointer->argp); + func_pointer->new_func(obj, NULL, ad, i + ex_data_class->num_reserved, + func_pointer->argl, func_pointer->argp); } } @@ -272,12 +273,12 @@ int CRYPTO_dup_ex_data(CRYPTO_EX_DATA_CLASS *ex_data_class, CRYPTO_EX_DATA *to, for (i = 0; i < sk_CRYPTO_EX_DATA_FUNCS_num(func_pointers); i++) { CRYPTO_EX_DATA_FUNCS *func_pointer = sk_CRYPTO_EX_DATA_FUNCS_value(func_pointers, i); - void *ptr = CRYPTO_get_ex_data(from, i); + void *ptr = CRYPTO_get_ex_data(from, i + ex_data_class->num_reserved); if (func_pointer->dup_func) { - func_pointer->dup_func(to, from, &ptr, i, func_pointer->argl, - func_pointer->argp); + func_pointer->dup_func(to, from, &ptr, i + ex_data_class->num_reserved, + func_pointer->argl, func_pointer->argp); } - CRYPTO_set_ex_data(to, i, ptr); + CRYPTO_set_ex_data(to, i + ex_data_class->num_reserved, ptr); } sk_CRYPTO_EX_DATA_FUNCS_free(func_pointers); @@ -298,9 +299,9 @@ void CRYPTO_free_ex_data(CRYPTO_EX_DATA_CLASS *ex_data_class, void *obj, CRYPTO_EX_DATA_FUNCS *func_pointer = sk_CRYPTO_EX_DATA_FUNCS_value(func_pointers, i); if (func_pointer->free_func) { - void *ptr = CRYPTO_get_ex_data(ad, i); - func_pointer->free_func(obj, ptr, ad, i, func_pointer->argl, - func_pointer->argp); + void *ptr = CRYPTO_get_ex_data(ad, i + ex_data_class->num_reserved); + func_pointer->free_func(obj, ptr, ad, i + ex_data_class->num_reserved, + func_pointer->argl, func_pointer->argp); } } diff --git a/src/crypto/hkdf/CMakeLists.txt b/src/crypto/hkdf/CMakeLists.txt index 66d680a..53bf558 100644 --- a/src/crypto/hkdf/CMakeLists.txt +++ b/src/crypto/hkdf/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( hkdf diff --git a/src/crypto/hkdf/hkdf.c b/src/crypto/hkdf/hkdf.c index bb7f5a4..f9cdcb0 100644 --- a/src/crypto/hkdf/hkdf.c +++ b/src/crypto/hkdf/hkdf.c @@ -40,7 +40,7 @@ int HKDF(uint8_t *out_key, size_t out_len, /* Expand key material to desired length. */ n = (out_len + digest_len - 1) / digest_len; if (out_len + digest_len < out_len || n > 255) { - OPENSSL_PUT_ERROR(HKDF, HKDF, HKDF_R_OUTPUT_TOO_LARGE); + OPENSSL_PUT_ERROR(HKDF, HKDF_R_OUTPUT_TOO_LARGE); return 0; } @@ -83,7 +83,7 @@ int HKDF(uint8_t *out_key, size_t out_len, out: HMAC_CTX_cleanup(&hmac); if (ret != 1) { - OPENSSL_PUT_ERROR(HKDF, HKDF, ERR_R_HMAC_LIB); + OPENSSL_PUT_ERROR(HKDF, ERR_R_HMAC_LIB); } return ret; } diff --git a/src/crypto/hmac/CMakeLists.txt b/src/crypto/hmac/CMakeLists.txt index 11d267f..392ce01 100644 --- a/src/crypto/hmac/CMakeLists.txt +++ b/src/crypto/hmac/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( hmac diff --git a/src/crypto/hmac/hmac.c b/src/crypto/hmac/hmac.c index 556e7f9..d37a249 100644 --- a/src/crypto/hmac/hmac.c +++ b/src/crypto/hmac/hmac.c @@ -97,7 +97,7 @@ void HMAC_CTX_cleanup(HMAC_CTX *ctx) { EVP_MD_CTX_cleanup(&ctx->i_ctx); EVP_MD_CTX_cleanup(&ctx->o_ctx); EVP_MD_CTX_cleanup(&ctx->md_ctx); - OPENSSL_cleanse(ctx, sizeof(ctx)); + OPENSSL_cleanse(ctx, sizeof(HMAC_CTX)); } int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, size_t key_len, diff --git a/src/crypto/hmac/hmac_tests.txt b/src/crypto/hmac/hmac_tests.txt index 012f593..53f3f8f 100644 --- a/src/crypto/hmac/hmac_tests.txt +++ b/src/crypto/hmac/hmac_tests.txt @@ -1,6 +1,3 @@ -# This test file is shared between evp_test and hmac_test, to test the legacy -# EVP_PKEY_HMAC API. - HMAC = MD5 # Note: The empty key results in passing NULL to HMAC_Init_ex, so this tests # that HMAC_CTX and HMAC treat NULL as the empty key initially. diff --git a/src/crypto/internal.h b/src/crypto/internal.h index 59eddd0..713659d 100644 --- a/src/crypto/internal.h +++ b/src/crypto/internal.h @@ -452,6 +452,7 @@ OPENSSL_EXPORT void CRYPTO_STATIC_MUTEX_unlock( typedef enum { OPENSSL_THREAD_LOCAL_ERR = 0, OPENSSL_THREAD_LOCAL_RAND, + OPENSSL_THREAD_LOCAL_URANDOM_BUF, OPENSSL_THREAD_LOCAL_TEST, NUM_OPENSSL_THREAD_LOCALS, } thread_local_data_t; @@ -493,9 +494,14 @@ typedef struct crypto_ex_data_func_st CRYPTO_EX_DATA_FUNCS; typedef struct { struct CRYPTO_STATIC_MUTEX lock; STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth; + /* num_reserved is one if the ex_data index zero is reserved for legacy + * |TYPE_get_app_data| functions. */ + uint8_t num_reserved; } CRYPTO_EX_DATA_CLASS; -#define CRYPTO_EX_DATA_CLASS_INIT {CRYPTO_STATIC_MUTEX_INIT, NULL} +#define CRYPTO_EX_DATA_CLASS_INIT {CRYPTO_STATIC_MUTEX_INIT, NULL, 0} +#define CRYPTO_EX_DATA_CLASS_INIT_WITH_APP_DATA \ + {CRYPTO_STATIC_MUTEX_INIT, NULL, 1} /* CRYPTO_get_ex_new_index allocates a new index for |ex_data_class| and writes * it to |*out_index|. Each class of object should provide a wrapper function diff --git a/src/crypto/lhash/CMakeLists.txt b/src/crypto/lhash/CMakeLists.txt index c71b8a1..ce785eb 100644 --- a/src/crypto/lhash/CMakeLists.txt +++ b/src/crypto/lhash/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( lhash diff --git a/src/crypto/lhash/lhash.c b/src/crypto/lhash/lhash.c index c282fa8..257900e 100644 --- a/src/crypto/lhash/lhash.c +++ b/src/crypto/lhash/lhash.c @@ -1,4 +1,5 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). diff --git a/src/crypto/md4/CMakeLists.txt b/src/crypto/md4/CMakeLists.txt index db7a187..59140a7 100644 --- a/src/crypto/md4/CMakeLists.txt +++ b/src/crypto/md4/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( md4 diff --git a/src/crypto/md5/CMakeLists.txt b/src/crypto/md5/CMakeLists.txt index 6c5e80f..a37c47e 100644 --- a/src/crypto/md5/CMakeLists.txt +++ b/src/crypto/md5/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) if (${ARCH} STREQUAL "x86_64") set( diff --git a/src/crypto/md5/md5.c b/src/crypto/md5/md5.c index 5575efb..6ad8d12 100644 --- a/src/crypto/md5/md5.c +++ b/src/crypto/md5/md5.c @@ -1,4 +1,5 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). diff --git a/src/crypto/mem.c b/src/crypto/mem.c index ce41440..edd14a8 100644 --- a/src/crypto/mem.c +++ b/src/crypto/mem.c @@ -1,4 +1,5 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). diff --git a/src/crypto/modes/CMakeLists.txt b/src/crypto/modes/CMakeLists.txt index ffb29b6..6da5207 100644 --- a/src/crypto/modes/CMakeLists.txt +++ b/src/crypto/modes/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) if (${ARCH} STREQUAL "x86_64") set( diff --git a/src/crypto/modes/asm/ghash-armv4.pl b/src/crypto/modes/asm/ghash-armv4.pl index 25a4e27..dc5b99e 100644 --- a/src/crypto/modes/asm/ghash-armv4.pl +++ b/src/crypto/modes/asm/ghash-armv4.pl @@ -45,7 +45,7 @@ # processes one byte in 8.45 cycles, A9 - in 10.2, A15 - in 7.63, # Snapdragon S4 - in 9.33. # -# Câmara, D.; Gouvêa, C. P. L.; López, J. & Dahab, R.: Fast Software +# Câmara, D.; Gouvêa, C. P. L.; López, J. & Dahab, R.: Fast Software # Polynomial Multiplication on ARM Processors using the NEON Engine. # # http://conradoplg.cryptoland.net/files/2010/12/mocrysen13.pdf @@ -134,7 +134,7 @@ ___ $code=<<___; #if defined(__arm__) -#include "arm_arch.h" +#include .syntax unified @@ -457,12 +457,12 @@ gcm_ghash_neon: veor $IN,$Xl @ inp^=Xi .Lgmult_neon: ___ - &clmul64x64 ($Xl,$Hlo,"$IN#lo"); # H.lo·Xi.lo + &clmul64x64 ($Xl,$Hlo,"$IN#lo"); # H.lo·Xi.lo $code.=<<___; veor $IN#lo,$IN#lo,$IN#hi @ Karatsuba pre-processing ___ - &clmul64x64 ($Xm,$Hhl,"$IN#lo"); # (H.lo+H.hi)·(Xi.lo+Xi.hi) - &clmul64x64 ($Xh,$Hhi,"$IN#hi"); # H.hi·Xi.hi + &clmul64x64 ($Xm,$Hhl,"$IN#lo"); # (H.lo+H.hi)·(Xi.lo+Xi.hi) + &clmul64x64 ($Xh,$Hhi,"$IN#hi"); # H.hi·Xi.hi $code.=<<___; veor $Xm,$Xm,$Xl @ Karatsuba post-processing veor $Xm,$Xm,$Xh diff --git a/src/crypto/modes/asm/ghash-x86.pl b/src/crypto/modes/asm/ghash-x86.pl index 23a5527..0269169 100644 --- a/src/crypto/modes/asm/ghash-x86.pl +++ b/src/crypto/modes/asm/ghash-x86.pl @@ -358,7 +358,7 @@ $S=12; # shift factor for rem_4bit # effective address calculation and finally merge of value to Z.hi. # Reference to rem_4bit is scheduled so late that I had to >>4 # rem_4bit elements. This resulted in 20-45% procent improvement -# on contemporary µ-archs. +# on contemporary µ-archs. { my $cnt; my $rem_4bit = "eax"; diff --git a/src/crypto/modes/asm/ghash-x86_64.pl b/src/crypto/modes/asm/ghash-x86_64.pl index 6e656ca..5a7ce39 100644 --- a/src/crypto/modes/asm/ghash-x86_64.pl +++ b/src/crypto/modes/asm/ghash-x86_64.pl @@ -576,15 +576,15 @@ $code.=<<___ if (0 || (&reduction_alg9($Xhi,$Xi)&&0)); # experimental alternative. special thing about is that there # no dependency between the two multiplications... mov \$`0xE1<<1`,%eax - mov \$0xA040608020C0E000,%r10 # ((7..0)·0xE0)&0xff + mov \$0xA040608020C0E000,%r10 # ((7..0)·0xE0)&0xff mov \$0x07,%r11d movq %rax,$T1 movq %r10,$T2 movq %r11,$T3 # borrow $T3 pand $Xi,$T3 - pshufb $T3,$T2 # ($Xi&7)·0xE0 + pshufb $T3,$T2 # ($Xi&7)·0xE0 movq %rax,$T3 - pclmulqdq \$0x00,$Xi,$T1 # ·(0xE1<<1) + pclmulqdq \$0x00,$Xi,$T1 # ·(0xE1<<1) pxor $Xi,$T2 pslldq \$15,$T2 paddd $T2,$T2 # <<(64+56+1) @@ -657,7 +657,7 @@ $code.=<<___; je .Lskip4x sub \$0x30,$len - mov \$0xA040608020C0E000,%rax # ((7..0)·0xE0)&0xff + mov \$0xA040608020C0E000,%rax # ((7..0)·0xE0)&0xff movdqu 0x30($Htbl),$Hkey3 movdqu 0x40($Htbl),$Hkey4 diff --git a/src/crypto/modes/asm/ghashv8-armx.pl b/src/crypto/modes/asm/ghashv8-armx.pl index 686951f..3a7b8d8 100644 --- a/src/crypto/modes/asm/ghashv8-armx.pl +++ b/src/crypto/modes/asm/ghashv8-armx.pl @@ -54,7 +54,7 @@ my ($Xl,$Xm,$Xh,$IN)=map("q$_",(0..3)); my ($t0,$t1,$t2,$xC2,$H,$Hhl,$H2)=map("q$_",(8..14)); $code=<<___; -#include "arm_arch.h" +#include .text ___ @@ -148,10 +148,10 @@ gcm_gmult_v8: #endif vext.8 $IN,$t1,$t1,#8 - vpmull.p64 $Xl,$H,$IN @ H.lo·Xi.lo + vpmull.p64 $Xl,$H,$IN @ H.lo·Xi.lo veor $t1,$t1,$IN @ Karatsuba pre-processing - vpmull2.p64 $Xh,$H,$IN @ H.hi·Xi.hi - vpmull.p64 $Xm,$Hhl,$t1 @ (H.lo+H.hi)·(Xi.lo+Xi.hi) + vpmull2.p64 $Xh,$H,$IN @ H.hi·Xi.hi + vpmull.p64 $Xm,$Hhl,$t1 @ (H.lo+H.hi)·(Xi.lo+Xi.hi) vext.8 $t1,$Xl,$Xh,#8 @ Karatsuba post-processing veor $t2,$Xl,$Xh @@ -239,7 +239,7 @@ $code.=<<___; #endif vext.8 $In,$t1,$t1,#8 veor $IN,$IN,$Xl @ I[i]^=Xi - vpmull.p64 $Xln,$H,$In @ H·Ii+1 + vpmull.p64 $Xln,$H,$In @ H·Ii+1 veor $t1,$t1,$In @ Karatsuba pre-processing vpmull2.p64 $Xhn,$H,$In b .Loop_mod2x_v8 @@ -248,14 +248,14 @@ $code.=<<___; .Loop_mod2x_v8: vext.8 $t2,$IN,$IN,#8 subs $len,$len,#32 @ is there more data? - vpmull.p64 $Xl,$H2,$IN @ H^2.lo·Xi.lo + vpmull.p64 $Xl,$H2,$IN @ H^2.lo·Xi.lo cclr $inc,lo @ is it time to zero $inc? vpmull.p64 $Xmn,$Hhl,$t1 veor $t2,$t2,$IN @ Karatsuba pre-processing - vpmull2.p64 $Xh,$H2,$IN @ H^2.hi·Xi.hi + vpmull2.p64 $Xh,$H2,$IN @ H^2.hi·Xi.hi veor $Xl,$Xl,$Xln @ accumulate - vpmull2.p64 $Xm,$Hhl,$t2 @ (H^2.lo+H^2.hi)·(Xi.lo+Xi.hi) + vpmull2.p64 $Xm,$Hhl,$t2 @ (H^2.lo+H^2.hi)·(Xi.lo+Xi.hi) vld1.64 {$t0},[$inp],$inc @ load [rotated] I[i+2] veor $Xh,$Xh,$Xhn @@ -280,7 +280,7 @@ $code.=<<___; vext.8 $In,$t1,$t1,#8 vext.8 $IN,$t0,$t0,#8 veor $Xl,$Xm,$t2 - vpmull.p64 $Xln,$H,$In @ H·Ii+1 + vpmull.p64 $Xln,$H,$In @ H·Ii+1 veor $IN,$IN,$Xh @ accumulate $IN early vext.8 $t2,$Xl,$Xl,#8 @ 2nd phase of reduction @@ -304,10 +304,10 @@ $code.=<<___; veor $IN,$IN,$Xl @ inp^=Xi veor $t1,$t0,$t2 @ $t1 is rotated inp^Xi - vpmull.p64 $Xl,$H,$IN @ H.lo·Xi.lo + vpmull.p64 $Xl,$H,$IN @ H.lo·Xi.lo veor $t1,$t1,$IN @ Karatsuba pre-processing - vpmull2.p64 $Xh,$H,$IN @ H.hi·Xi.hi - vpmull.p64 $Xm,$Hhl,$t1 @ (H.lo+H.hi)·(Xi.lo+Xi.hi) + vpmull2.p64 $Xh,$H,$IN @ H.hi·Xi.hi + vpmull.p64 $Xm,$Hhl,$t1 @ (H.lo+H.hi)·(Xi.lo+Xi.hi) vext.8 $t1,$Xl,$Xh,#8 @ Karatsuba post-processing veor $t2,$Xl,$Xh diff --git a/src/crypto/modes/gcm.c b/src/crypto/modes/gcm.c index b1c10b3..593dce8 100644 --- a/src/crypto/modes/gcm.c +++ b/src/crypto/modes/gcm.c @@ -349,12 +349,12 @@ void gcm_ghash_4bit_x86(uint64_t Xi[2], const u128 Htable[16], const uint8_t *in size_t len); #endif #elif defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64) -#include "../arm_arch.h" +#include #if __ARM_ARCH__ >= 7 #define GHASH_ASM_ARM #define GCM_FUNCREF_4BIT -static int pmull_capable() { +static int pmull_capable(void) { return (OPENSSL_armcap_P & ARMV8_PMULL) != 0; } @@ -365,7 +365,7 @@ void gcm_ghash_v8(uint64_t Xi[2], const u128 Htable[16], const uint8_t *inp, #if defined(OPENSSL_ARM) /* 32-bit ARM also has support for doing GCM with NEON instructions. */ -static int neon_capable() { +static int neon_capable(void) { return CRYPTO_is_NEON_capable(); } @@ -375,7 +375,7 @@ void gcm_ghash_neon(uint64_t Xi[2], const u128 Htable[16], const uint8_t *inp, size_t len); #else /* AArch64 only has the ARMv8 versions of functions. */ -static int neon_capable() { +static int neon_capable(void) { return 0; } void gcm_init_neon(u128 Htable[16], const uint64_t Xi[2]) { diff --git a/src/crypto/modes/gcm_test.c b/src/crypto/modes/gcm_test.c index a8819ea..89ed792 100644 --- a/src/crypto/modes/gcm_test.c +++ b/src/crypto/modes/gcm_test.c @@ -55,6 +55,7 @@ #include #include "internal.h" +#include "../test/test_util.h" struct test_case { @@ -298,17 +299,6 @@ err: return 0; } -void hexdump(const char *msg, const void *in, size_t len) { - const uint8_t *data = in; - size_t i; - - fprintf(stderr, "%s: ", msg); - for (i = 0; i < len; i++) { - fprintf(stderr, "%02x", data[i]); - } - fprintf(stderr, "\n"); -} - static int run_test_case(unsigned test_num, const struct test_case *test) { size_t key_len, plaintext_len, additional_data_len, nonce_len, ciphertext_len, tag_len; @@ -367,8 +357,8 @@ static int run_test_case(unsigned test_num, const struct test_case *test) { if (!CRYPTO_gcm128_finish(&ctx, tag, tag_len) || (ciphertext && memcmp(out, ciphertext, plaintext_len) != 0)) { fprintf(stderr, "%u: encrypt failed.\n", test_num); - hexdump("got ", out, plaintext_len); - hexdump("want", ciphertext, plaintext_len); + hexdump(stderr, "got :", out, plaintext_len); + hexdump(stderr, "want:", ciphertext, plaintext_len); goto out; } diff --git a/src/crypto/modes/internal.h b/src/crypto/modes/internal.h index d12405e..caeac40 100644 --- a/src/crypto/modes/internal.h +++ b/src/crypto/modes/internal.h @@ -173,11 +173,6 @@ struct gcm128_context { void *key; }; -struct xts128_context { - void *key1, *key2; - block128_f block1, block2; -}; - struct ccm128_context { union { uint64_t u[2]; diff --git a/src/crypto/obj/CMakeLists.txt b/src/crypto/obj/CMakeLists.txt index a27e504..b8a4ef3 100644 --- a/src/crypto/obj/CMakeLists.txt +++ b/src/crypto/obj/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( obj diff --git a/src/crypto/obj/obj.c b/src/crypto/obj/obj.c index bf16d17..94f739c 100644 --- a/src/crypto/obj/obj.c +++ b/src/crypto/obj/obj.c @@ -108,7 +108,7 @@ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o) { r = ASN1_OBJECT_new(); if (r == NULL) { - OPENSSL_PUT_ERROR(OBJ, OBJ_dup, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(OBJ, ERR_R_ASN1_LIB); return NULL; } r->ln = r->sn = NULL; @@ -149,7 +149,7 @@ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o) { return r; err: - OPENSSL_PUT_ERROR(OBJ, OBJ_dup, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(OBJ, ERR_R_MALLOC_FAILURE); OPENSSL_free(ln); OPENSSL_free(sn); OPENSSL_free(data); @@ -337,7 +337,7 @@ const ASN1_OBJECT *OBJ_nid2obj(int nid) { CRYPTO_STATIC_MUTEX_unlock(&global_added_lock); err: - OPENSSL_PUT_ERROR(OBJ, OBJ_nid2obj, OBJ_R_UNKNOWN_NID); + OPENSSL_PUT_ERROR(OBJ, OBJ_R_UNKNOWN_NID); return NULL; } @@ -388,7 +388,7 @@ ASN1_OBJECT *OBJ_txt2obj(const char *s, int dont_search_names) { buf = OPENSSL_malloc(total_len); if (buf == NULL) { - OPENSSL_PUT_ERROR(OBJ, OBJ_txt2obj, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(OBJ, ERR_R_MALLOC_FAILURE); return NULL; } @@ -636,7 +636,7 @@ int OBJ_create(const char *oid, const char *short_name, const char *long_name) { buf = OPENSSL_malloc(len); if (buf == NULL) { - OPENSSL_PUT_ERROR(OBJ, OBJ_create, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(OBJ, ERR_R_MALLOC_FAILURE); goto err; } diff --git a/src/crypto/pem/CMakeLists.txt b/src/crypto/pem/CMakeLists.txt index 720ba2f..30dd7c9 100644 --- a/src/crypto/pem/CMakeLists.txt +++ b/src/crypto/pem/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( pem diff --git a/src/crypto/pem/pem_info.c b/src/crypto/pem/pem_info.c index 3f02619..b4ae805 100644 --- a/src/crypto/pem/pem_info.c +++ b/src/crypto/pem/pem_info.c @@ -80,7 +80,7 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_p if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_X509_INFO_read, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); @@ -107,7 +107,7 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pe { if ((ret=sk_X509_INFO_new_null()) == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_X509_INFO_read_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE); goto err; } } @@ -248,13 +248,13 @@ start: { if (!d2i_PrivateKey(ptype, pp, &p, len)) { - OPENSSL_PUT_ERROR(PEM, PEM_X509_INFO_read_bio, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); goto err; } } else if (d2i(pp,&p,len) == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_X509_INFO_read_bio, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); goto err; } } @@ -326,7 +326,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc)); if (objstr == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_X509_INFO_write_bio, PEM_R_UNSUPPORTED_CIPHER); + OPENSSL_PUT_ERROR(PEM, PEM_R_UNSUPPORTED_CIPHER); goto err; } } @@ -342,7 +342,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, { if (enc == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_X509_INFO_write_bio, PEM_R_CIPHER_IS_NULL); + OPENSSL_PUT_ERROR(PEM, PEM_R_CIPHER_IS_NULL); goto err; } @@ -360,7 +360,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, EVP_CIPHER_nid(xi->enc_cipher.cipher)); if (objstr == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_X509_INFO_write_bio, PEM_R_UNSUPPORTED_CIPHER); + OPENSSL_PUT_ERROR(PEM, PEM_R_UNSUPPORTED_CIPHER); goto err; } diff --git a/src/crypto/pem/pem_lib.c b/src/crypto/pem/pem_lib.c index 5201467..5915696 100644 --- a/src/crypto/pem/pem_lib.c +++ b/src/crypto/pem/pem_lib.c @@ -128,7 +128,7 @@ void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x, if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_ASN1_read, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); @@ -275,7 +275,7 @@ int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp, if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_ASN1_write, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); @@ -302,14 +302,14 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc)); if (objstr == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_ASN1_write_bio, PEM_R_UNSUPPORTED_CIPHER); + OPENSSL_PUT_ERROR(PEM, PEM_R_UNSUPPORTED_CIPHER); goto err; } } if ((dsize=i2d(x,NULL)) < 0) { - OPENSSL_PUT_ERROR(PEM, PEM_ASN1_write_bio, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); dsize=0; goto err; } @@ -318,7 +318,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, data=(unsigned char *)OPENSSL_malloc((unsigned int)dsize+20); if (data == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_ASN1_write_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE); goto err; } p=data; @@ -336,7 +336,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, klen=(*callback)(buf,PEM_BUFSIZE,1,u); if (klen <= 0) { - OPENSSL_PUT_ERROR(PEM, PEM_ASN1_write_bio, PEM_R_READ_KEY); + OPENSSL_PUT_ERROR(PEM, PEM_R_READ_KEY); goto err; } kstr=(unsigned char *)buf; @@ -408,7 +408,7 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen, klen=callback(buf,PEM_BUFSIZE,0,u); if (klen <= 0) { - OPENSSL_PUT_ERROR(PEM, PEM_do_header, PEM_R_BAD_PASSWORD_READ); + OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_PASSWORD_READ); return(0); } @@ -428,7 +428,7 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen, OPENSSL_cleanse((char *)key,sizeof(key)); if (!o) { - OPENSSL_PUT_ERROR(PEM, PEM_do_header, PEM_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_DECRYPT); return(0); } j+=i; @@ -437,11 +437,18 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen, } static const EVP_CIPHER* cipher_by_name(const char *name) { - if (strcmp(name, "DES-CBC") == 0) { + /* This is similar to the (deprecated) function |EVP_get_cipherbyname|. */ + if (0 == strcmp(name, SN_rc4)) { + return EVP_rc4(); + } else if (0 == strcmp(name, SN_des_cbc)) { return EVP_des_cbc(); - } else if (strcmp(name, "AES-128-CBC") == 0) { + } else if (0 == strcmp(name, SN_des_ede3_cbc)) { + return EVP_des_ede3_cbc(); + } else if (0 == strcmp(name, SN_aes_128_cbc)) { return EVP_aes_128_cbc(); - } else if (strcmp(name, "AES-256-CBC") == 0) { + } else if (0 == strcmp(name, SN_aes_192_cbc)) { + return EVP_aes_192_cbc(); + } else if (0 == strcmp(name, SN_aes_256_cbc)) { return EVP_aes_256_cbc(); } else { return NULL; @@ -458,19 +465,19 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher) if ((header == NULL) || (*header == '\0') || (*header == '\n')) return(1); if (strncmp(header,"Proc-Type: ",11) != 0) - { OPENSSL_PUT_ERROR(PEM, PEM_get_EVP_CIPHER_INFO, PEM_R_NOT_PROC_TYPE); return(0); } + { OPENSSL_PUT_ERROR(PEM, PEM_R_NOT_PROC_TYPE); return(0); } header+=11; if (*header != '4') return(0); header++; if (*header != ',') return(0); header++; if (strncmp(header,"ENCRYPTED",9) != 0) - { OPENSSL_PUT_ERROR(PEM, PEM_get_EVP_CIPHER_INFO, PEM_R_NOT_ENCRYPTED); return(0); } + { OPENSSL_PUT_ERROR(PEM, PEM_R_NOT_ENCRYPTED); return(0); } for (; (*header != '\n') && (*header != '\0'); header++) ; if (*header == '\0') - { OPENSSL_PUT_ERROR(PEM, PEM_get_EVP_CIPHER_INFO, PEM_R_SHORT_HEADER); return(0); } + { OPENSSL_PUT_ERROR(PEM, PEM_R_SHORT_HEADER); return(0); } header++; if (strncmp(header,"DEK-Info: ",10) != 0) - { OPENSSL_PUT_ERROR(PEM, PEM_get_EVP_CIPHER_INFO, PEM_R_NOT_DEK_INFO); return(0); } + { OPENSSL_PUT_ERROR(PEM, PEM_R_NOT_DEK_INFO); return(0); } header+=10; p=header; @@ -489,7 +496,7 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher) if (enc == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_get_EVP_CIPHER_INFO, PEM_R_UNSUPPORTED_ENCRYPTION); + OPENSSL_PUT_ERROR(PEM, PEM_R_UNSUPPORTED_ENCRYPTION); return(0); } if (!load_iv(header_pp,&(cipher->iv[0]),EVP_CIPHER_iv_length(enc))) @@ -516,7 +523,7 @@ static int load_iv(char **fromp, unsigned char *to, int num) v= *from-'a'+10; else { - OPENSSL_PUT_ERROR(PEM, load_iv, PEM_R_BAD_IV_CHARS); + OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_IV_CHARS); return(0); } from++; @@ -536,7 +543,7 @@ int PEM_write(FILE *fp, const char *name, const char *header, if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_write, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); @@ -603,7 +610,7 @@ err: OPENSSL_cleanse(buf, PEM_BUFSIZE*8); OPENSSL_free(buf); } - OPENSSL_PUT_ERROR(PEM, PEM_write_bio, reason); + OPENSSL_PUT_ERROR(PEM, reason); return(0); } @@ -616,7 +623,7 @@ int PEM_read(FILE *fp, char **name, char **header, unsigned char **data, if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_read, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); @@ -644,7 +651,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, BUF_MEM_free(nameB); BUF_MEM_free(headerB); BUF_MEM_free(dataB); - OPENSSL_PUT_ERROR(PEM, PEM_read_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE); return(0); } @@ -655,7 +662,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, if (i <= 0) { - OPENSSL_PUT_ERROR(PEM, PEM_read_bio, PEM_R_NO_START_LINE); + OPENSSL_PUT_ERROR(PEM, PEM_R_NO_START_LINE); goto err; } @@ -670,7 +677,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, continue; if (!BUF_MEM_grow(nameB,i+9)) { - OPENSSL_PUT_ERROR(PEM, PEM_read_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE); goto err; } memcpy(nameB->data,&(buf[11]),i-6); @@ -680,7 +687,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, } hl=0; if (!BUF_MEM_grow(headerB,256)) - { OPENSSL_PUT_ERROR(PEM, PEM_read_bio, ERR_R_MALLOC_FAILURE); goto err; } + { OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE); goto err; } headerB->data[0]='\0'; for (;;) { @@ -692,7 +699,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, if (buf[0] == '\n') break; if (!BUF_MEM_grow(headerB,hl+i+9)) - { OPENSSL_PUT_ERROR(PEM, PEM_read_bio, ERR_R_MALLOC_FAILURE); goto err; } + { OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE); goto err; } if (strncmp(buf,"-----END ",9) == 0) { nohead=1; @@ -705,7 +712,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, bl=0; if (!BUF_MEM_grow(dataB,1024)) - { OPENSSL_PUT_ERROR(PEM, PEM_read_bio, ERR_R_MALLOC_FAILURE); goto err; } + { OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE); goto err; } dataB->data[0]='\0'; if (!nohead) { @@ -723,7 +730,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, if (i > 65) break; if (!BUF_MEM_grow_clean(dataB,i+bl+9)) { - OPENSSL_PUT_ERROR(PEM, PEM_read_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE); goto err; } memcpy(&(dataB->data[bl]),buf,i); @@ -754,7 +761,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, (strncmp(nameB->data,&(buf[9]),i) != 0) || (strncmp(&(buf[9+i]),"-----\n",6) != 0)) { - OPENSSL_PUT_ERROR(PEM, PEM_read_bio, PEM_R_BAD_END_LINE); + OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_END_LINE); goto err; } @@ -764,13 +771,13 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, (unsigned char *)dataB->data,bl); if (i < 0) { - OPENSSL_PUT_ERROR(PEM, PEM_read_bio, PEM_R_BAD_BASE64_DECODE); + OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_BASE64_DECODE); goto err; } i=EVP_DecodeFinal(&ctx,(unsigned char *)&(dataB->data[bl]),&k); if (i < 0) { - OPENSSL_PUT_ERROR(PEM, PEM_read_bio, PEM_R_BAD_BASE64_DECODE); + OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_BASE64_DECODE); goto err; } bl+=k; diff --git a/src/crypto/pem/pem_oth.c b/src/crypto/pem/pem_oth.c index 20d12b6..3e8f6bd 100644 --- a/src/crypto/pem/pem_oth.c +++ b/src/crypto/pem/pem_oth.c @@ -83,7 +83,7 @@ void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x, p = data; ret=d2i(x,&p,len); if (ret == NULL) - OPENSSL_PUT_ERROR(PEM, PEM_ASN1_read_bio, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); OPENSSL_free(data); return ret; } diff --git a/src/crypto/pem/pem_pk8.c b/src/crypto/pem/pem_pk8.c index 035038e..0824477 100644 --- a/src/crypto/pem/pem_pk8.c +++ b/src/crypto/pem/pem_pk8.c @@ -118,7 +118,7 @@ static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER char buf[PEM_BUFSIZE]; int ret; if(!(p8inf = EVP_PKEY2PKCS8(x))) { - OPENSSL_PUT_ERROR(PEM, do_pk8pkey, PEM_R_ERROR_CONVERTING_PRIVATE_KEY); + OPENSSL_PUT_ERROR(PEM, PEM_R_ERROR_CONVERTING_PRIVATE_KEY); return 0; } if(enc || (nid != -1)) { @@ -127,7 +127,7 @@ static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER if (!cb) cb = PEM_def_callback; klen = cb(buf, PEM_BUFSIZE, 1, u); if(klen <= 0) { - OPENSSL_PUT_ERROR(PEM, do_pk8pkey, PEM_R_READ_KEY); + OPENSSL_PUT_ERROR(PEM, PEM_R_READ_KEY); PKCS8_PRIV_KEY_INFO_free(p8inf); return 0; } @@ -163,7 +163,7 @@ EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo if (!cb) cb = PEM_def_callback; klen=cb(psbuf,PEM_BUFSIZE,0,u); if (klen <= 0) { - OPENSSL_PUT_ERROR(PEM, d2i_PKCS8PrivateKey_bio, PEM_R_BAD_PASSWORD_READ); + OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_PASSWORD_READ); X509_SIG_free(p8); return NULL; } @@ -216,7 +216,7 @@ static int do_pk8pkey_fp(FILE *fp, EVP_PKEY *x, int isder, int nid, const EVP_CI BIO *bp; int ret; if(!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) { - OPENSSL_PUT_ERROR(PEM, do_pk8pkey_fp, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); return(0); } ret = do_pk8pkey(bp, x, isder, nid, enc, kstr, klen, cb, u); @@ -229,7 +229,7 @@ EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, vo BIO *bp; EVP_PKEY *ret; if(!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) { - OPENSSL_PUT_ERROR(PEM, d2i_PKCS8PrivateKey_fp, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); return NULL; } ret = d2i_PKCS8PrivateKey_bio(bp, x, cb, u); diff --git a/src/crypto/pem/pem_pkey.c b/src/crypto/pem/pem_pkey.c index fe58558..c462727 100644 --- a/src/crypto/pem/pem_pkey.c +++ b/src/crypto/pem/pem_pkey.c @@ -109,7 +109,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo if (!cb) cb = PEM_def_callback; klen=cb(psbuf,PEM_BUFSIZE,0,u); if (klen <= 0) { - OPENSSL_PUT_ERROR(PEM, PEM_read_bio_PrivateKey, PEM_R_BAD_PASSWORD_READ); + OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_PASSWORD_READ); X509_SIG_free(p8); goto err; } @@ -132,7 +132,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo } p8err: if (ret == NULL) - OPENSSL_PUT_ERROR(PEM, PEM_read_bio_PrivateKey, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); err: OPENSSL_free(nm); @@ -210,7 +210,7 @@ EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x) } err: if (ret == NULL) - OPENSSL_PUT_ERROR(PEM, PEM_read_bio_Parameters, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); OPENSSL_free(nm); OPENSSL_free(data); return(ret); @@ -236,7 +236,7 @@ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_read_PrivateKey, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); @@ -254,7 +254,7 @@ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, if ((b=BIO_new_fp(fp, BIO_NOCLOSE)) == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_write_PrivateKey, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); return 0; } ret=PEM_write_bio_PrivateKey(b, x, enc, kstr, klen, cb, u); @@ -287,7 +287,7 @@ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u) ret = d2i_DHparams(x, &p, len); if (ret == NULL) - OPENSSL_PUT_ERROR(PEM, PEM_read_bio_DHparams, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); OPENSSL_free(nm); OPENSSL_free(data); return ret; @@ -301,7 +301,7 @@ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u) if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_read_DHparams, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); diff --git a/src/crypto/perlasm/arm-xlate.pl b/src/crypto/perlasm/arm-xlate.pl index 81ceb31..706fa70 100755 --- a/src/crypto/perlasm/arm-xlate.pl +++ b/src/crypto/perlasm/arm-xlate.pl @@ -116,6 +116,9 @@ sub expand_line { return $line; } +print "#if defined(__arm__)\n" if ($flavour eq "linux32"); +print "#if defined(__aarch64__)\n" if ($flavour eq "linux64"); + while($line=<>) { if ($line =~ m/^\s*(#|@|\/\/)/) { print $line; next; } @@ -162,4 +165,6 @@ while($line=<>) { print "\n"; } +print "#endif" if ($flavour eq "linux32" || $flavour eq "linux64"); + close STDOUT; diff --git a/src/crypto/pkcs8/CMakeLists.txt b/src/crypto/pkcs8/CMakeLists.txt index 4426f1e..ce5bce1 100644 --- a/src/crypto/pkcs8/CMakeLists.txt +++ b/src/crypto/pkcs8/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( pkcs8 @@ -19,4 +19,11 @@ add_executable( $ ) +add_executable( + pkcs8_test + + pkcs8_test.cc +) + +target_link_libraries(pkcs8_test crypto) target_link_libraries(pkcs12_test crypto) diff --git a/src/crypto/pkcs8/internal.h b/src/crypto/pkcs8/internal.h index 44ca4f7..7995e78 100644 --- a/src/crypto/pkcs8/internal.h +++ b/src/crypto/pkcs8/internal.h @@ -66,6 +66,15 @@ extern "C" { #define PKCS5_DEFAULT_ITERATIONS 2048 #define PKCS5_SALT_LEN 8 +/* PKCS5_v2_PBE_keyivgen intializes the supplied |ctx| for PBKDF v2, which must + * be specified by |param|. The password is specified by |pass_raw| and + * |pass_raw_len|. |cipher| and |md| are ignored. + * + * It returns one on success and zero on error. */ +int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const uint8_t *pass_raw, + size_t pass_raw_len, ASN1_TYPE *param, + const EVP_CIPHER *cipher, const EVP_MD *md, int enc); + #if defined(__cplusplus) } /* extern C */ diff --git a/src/crypto/pkcs8/p5_pbe.c b/src/crypto/pkcs8/p5_pbe.c index f30ae79..653cabf 100644 --- a/src/crypto/pkcs8/p5_pbe.c +++ b/src/crypto/pkcs8/p5_pbe.c @@ -86,21 +86,21 @@ int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, pbe = PBEPARAM_new(); if (!pbe) { - OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbe_set0_algor, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); goto err; } if(iter <= 0) iter = PKCS5_DEFAULT_ITERATIONS; if (!ASN1_INTEGER_set(pbe->iter, iter)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbe_set0_algor, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); goto err; } if (!saltlen) saltlen = PKCS5_SALT_LEN; if (!ASN1_STRING_set(pbe->salt, NULL, saltlen)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbe_set0_algor, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); goto err; } sstr = ASN1_STRING_data(pbe->salt); @@ -111,7 +111,7 @@ int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, if(!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbe_set0_algor, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); goto err; } @@ -138,7 +138,7 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, ret = X509_ALGOR_new(); if (!ret) { - OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbe_set, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/src/crypto/pkcs8/p5_pbev2.c b/src/crypto/pkcs8/p5_pbev2.c index 9eb9848..f58aae7 100644 --- a/src/crypto/pkcs8/p5_pbev2.c +++ b/src/crypto/pkcs8/p5_pbev2.c @@ -53,6 +53,8 @@ * (eay@cryptsoft.com). This product includes software written by Tim * Hudson (tjh@cryptsoft.com). */ +#include +#include #include #include @@ -124,7 +126,7 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, alg_nid = EVP_CIPHER_nid(cipher); if(alg_nid == NID_undef) { - OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbe2_set_iv, PKCS8_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER); goto err; } obj = OBJ_nid2obj(alg_nid); @@ -152,7 +154,7 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, if (!EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0)) goto err; if(param_to_asn1(&ctx, scheme->parameter) < 0) { - OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbe2_set_iv, PKCS8_R_ERROR_SETTING_CIPHER_PARAMS); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ERROR_SETTING_CIPHER_PARAMS); EVP_CIPHER_CTX_cleanup(&ctx); goto err; } @@ -202,7 +204,7 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, return ret; merr: - OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbe2_set_iv, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); err: PBE2PARAM_free(pbe2); @@ -295,9 +297,143 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, return keyfunc; merr: - OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbkdf2_set, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); PBKDF2PARAM_free(kdf); X509_ALGOR_free(keyfunc); return NULL; } +static int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, + const uint8_t *pass_raw, + size_t pass_raw_len, const ASN1_TYPE *param, + const ASN1_TYPE *iv, int enc) { + int rv = 0; + PBKDF2PARAM *pbkdf2param = NULL; + + if (EVP_CIPHER_CTX_cipher(ctx) == NULL) { + OPENSSL_PUT_ERROR(PKCS8, CIPHER_R_NO_CIPHER_SET); + goto err; + } + + /* Decode parameters. */ + if (param == NULL || param->type != V_ASN1_SEQUENCE) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); + goto err; + } + + const uint8_t *pbuf = param->value.sequence->data; + int plen = param->value.sequence->length; + pbkdf2param = d2i_PBKDF2PARAM(NULL, &pbuf, plen); + if (pbkdf2param == NULL || pbuf != param->value.sequence->data + plen) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); + goto err; + } + + /* Now check the parameters. */ + uint8_t key[EVP_MAX_KEY_LENGTH]; + const size_t key_len = EVP_CIPHER_CTX_key_length(ctx); + assert(key_len <= sizeof(key)); + + if (pbkdf2param->keylength != NULL && + ASN1_INTEGER_get(pbkdf2param->keylength) != (int) key_len) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_KEYLENGTH); + goto err; + } + + if (pbkdf2param->prf != NULL && + OBJ_obj2nid(pbkdf2param->prf->algorithm) != NID_hmacWithSHA1) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_PRF); + goto err; + } + + if (pbkdf2param->salt->type != V_ASN1_OCTET_STRING) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_SALT_TYPE); + goto err; + } + + if (pbkdf2param->iter->type != V_ASN1_INTEGER) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_ITERATION_COUNT); + goto err; + } + long iterations = ASN1_INTEGER_get(pbkdf2param->iter); + if (iterations < 0 || iterations > UINT_MAX) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_ITERATION_COUNT); + goto err; + } + + if (iv->type != V_ASN1_OCTET_STRING || iv->value.octet_string == NULL) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ERROR_SETTING_CIPHER_PARAMS); + goto err; + } + + const size_t iv_len = EVP_CIPHER_CTX_iv_length(ctx); + if (iv->value.octet_string->length != iv_len) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ERROR_SETTING_CIPHER_PARAMS); + goto err; + } + + if (!PKCS5_PBKDF2_HMAC_SHA1((const char *) pass_raw, pass_raw_len, + pbkdf2param->salt->value.octet_string->data, + pbkdf2param->salt->value.octet_string->length, + iterations, key_len, key)) { + goto err; + } + + rv = EVP_CipherInit_ex(ctx, NULL /* cipher */, NULL /* engine */, key, + iv->value.octet_string->data, enc); + + err: + PBKDF2PARAM_free(pbkdf2param); + return rv; +} + +int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const uint8_t *pass_raw, + size_t pass_raw_len, ASN1_TYPE *param, + const EVP_CIPHER *unused, const EVP_MD *unused2, + int enc) { + PBE2PARAM *pbe2param = NULL; + int rv = 0; + + if (param == NULL || + param->type != V_ASN1_SEQUENCE || + param->value.sequence == NULL) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); + goto err; + } + + const uint8_t *pbuf = param->value.sequence->data; + int plen = param->value.sequence->length; + pbe2param = d2i_PBE2PARAM(NULL, &pbuf, plen); + if (pbe2param == NULL || pbuf != param->value.sequence->data + plen) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); + goto err; + } + + /* Check that the key derivation function is PBKDF2. */ + if (OBJ_obj2nid(pbe2param->keyfunc->algorithm) != NID_id_pbkdf2) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION); + goto err; + } + + /* See if we recognise the encryption algorithm. */ + const EVP_CIPHER *cipher = + EVP_get_cipherbynid(OBJ_obj2nid(pbe2param->encryption->algorithm)); + if (cipher == NULL) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_CIPHER); + goto err; + } + + /* Fixup cipher based on AlgorithmIdentifier. */ + if (!EVP_CipherInit_ex(ctx, cipher, NULL /* engine */, NULL /* key */, + NULL /* iv */, enc)) { + goto err; + } + + rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass_raw, pass_raw_len, + pbe2param->keyfunc->parameter, + pbe2param->encryption->parameter, enc); + + err: + PBE2PARAM_free(pbe2param); + return rv; +} diff --git a/src/crypto/pkcs8/pkcs8.c b/src/crypto/pkcs8/pkcs8.c index 843c74d..8067c91 100644 --- a/src/crypto/pkcs8/pkcs8.c +++ b/src/crypto/pkcs8/pkcs8.c @@ -69,6 +69,7 @@ #include #include +#include "internal.h" #include "../bytestring/internal.h" #include "../evp/internal.h" @@ -200,7 +201,7 @@ static int pkcs12_key_gen_raw(const uint8_t *pass_raw, size_t pass_raw_len, } err: - OPENSSL_PUT_ERROR(PKCS8, pkcs12_key_gen_raw, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); end: OPENSSL_free(Ai); @@ -227,14 +228,14 @@ static int pkcs12_pbe_keyivgen(EVP_CIPHER_CTX *ctx, const uint8_t *pass_raw, /* Extract useful info from parameter */ if (param == NULL || param->type != V_ASN1_SEQUENCE || param->value.sequence == NULL) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_pbe_keyivgen, PKCS8_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); return 0; } pbuf = param->value.sequence->data; pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length); if (pbe == NULL) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_pbe_keyivgen, PKCS8_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); return 0; } @@ -247,13 +248,13 @@ static int pkcs12_pbe_keyivgen(EVP_CIPHER_CTX *ctx, const uint8_t *pass_raw, salt_len = pbe->salt->length; if (!pkcs12_key_gen_raw(pass_raw, pass_raw_len, salt, salt_len, PKCS12_KEY_ID, iterations, EVP_CIPHER_key_length(cipher), key, md)) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_pbe_keyivgen, PKCS8_R_KEY_GEN_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_KEY_GEN_ERROR); PBEPARAM_free(pbe); return 0; } if (!pkcs12_key_gen_raw(pass_raw, pass_raw_len, salt, salt_len, PKCS12_IV_ID, iterations, EVP_CIPHER_iv_length(cipher), iv, md)) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_pbe_keyivgen, PKCS8_R_KEY_GEN_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_KEY_GEN_ERROR); PBEPARAM_free(pbe); return 0; } @@ -274,42 +275,93 @@ struct pbe_suite { const EVP_CIPHER* (*cipher_func)(void); const EVP_MD* (*md_func)(void); keygen_func keygen; + int flags; }; +#define PBE_UCS2_CONVERT_PASSWORD 0x1 + static const struct pbe_suite kBuiltinPBE[] = { { - NID_pbe_WithSHA1And40BitRC2_CBC, EVP_rc2_40_cbc, EVP_sha1, pkcs12_pbe_keyivgen, + NID_pbe_WithSHA1And40BitRC2_CBC, EVP_rc2_40_cbc, EVP_sha1, + pkcs12_pbe_keyivgen, PBE_UCS2_CONVERT_PASSWORD }, { NID_pbe_WithSHA1And128BitRC4, EVP_rc4, EVP_sha1, pkcs12_pbe_keyivgen, + PBE_UCS2_CONVERT_PASSWORD }, { NID_pbe_WithSHA1And3_Key_TripleDES_CBC, EVP_des_ede3_cbc, EVP_sha1, - pkcs12_pbe_keyivgen, + pkcs12_pbe_keyivgen, PBE_UCS2_CONVERT_PASSWORD + }, + { + NID_pbes2, NULL, NULL, PKCS5_v2_PBE_keyivgen, 0 }, }; +static const struct pbe_suite *get_pbe_suite(int pbe_nid) { + unsigned i; + for (i = 0; i < sizeof(kBuiltinPBE) / sizeof(kBuiltinPBE[0]); i++) { + if (kBuiltinPBE[i].pbe_nid == pbe_nid) { + return &kBuiltinPBE[i]; + } + } + + return NULL; +} + +/* pass_to_pass_raw performs a password conversion (possibly a no-op) + * appropriate to the supplied |pbe_nid|. The input |pass| is treated as a + * NUL-terminated string if |pass_len| is -1, otherwise it is treated as a + * buffer of the specified length. If the supplied PBE NID sets the + * |PBE_UCS2_CONVERT_PASSWORD| flag, the supplied |pass| will be converted to + * UCS-2. + * + * It sets |*out_pass_raw| to a new buffer that must be freed by the caller. It + * returns one on success and zero on error. */ +static int pass_to_pass_raw(int pbe_nid, const char *pass, int pass_len, + uint8_t **out_pass_raw, size_t *out_pass_raw_len) { + if (pass == NULL) { + *out_pass_raw = NULL; + *out_pass_raw_len = 0; + return 1; + } + + if (pass_len == -1) { + pass_len = strlen(pass); + } else if (pass_len < 0 || pass_len > 2000000000) { + OPENSSL_PUT_ERROR(PKCS8, ERR_R_OVERFLOW); + return 0; + } + + const struct pbe_suite *suite = get_pbe_suite(pbe_nid); + if (suite != NULL && (suite->flags & PBE_UCS2_CONVERT_PASSWORD)) { + if (!ascii_to_ucs2(pass, pass_len, out_pass_raw, out_pass_raw_len)) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); + return 0; + } + } else { + *out_pass_raw = BUF_memdup(pass, pass_len); + if (*out_pass_raw == NULL) { + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); + return 0; + } + *out_pass_raw_len = (size_t)pass_len; + } + + return 1; +} + static int pbe_cipher_init(ASN1_OBJECT *pbe_obj, const uint8_t *pass_raw, size_t pass_raw_len, ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int is_encrypt) { const EVP_CIPHER *cipher; const EVP_MD *md; - unsigned i; - - const struct pbe_suite *suite = NULL; - const int pbe_nid = OBJ_obj2nid(pbe_obj); - - for (i = 0; i < sizeof(kBuiltinPBE) / sizeof(struct pbe_suite); i++) { - if (kBuiltinPBE[i].pbe_nid == pbe_nid) { - suite = &kBuiltinPBE[i]; - break; - } - } + const struct pbe_suite *suite = get_pbe_suite(OBJ_obj2nid(pbe_obj)); if (suite == NULL) { char obj_str[80]; - OPENSSL_PUT_ERROR(PKCS8, pbe_cipher_init, PKCS8_R_UNKNOWN_ALGORITHM); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNKNOWN_ALGORITHM); if (!pbe_obj) { strncpy(obj_str, "NULL", sizeof(obj_str)); } else { @@ -324,7 +376,7 @@ static int pbe_cipher_init(ASN1_OBJECT *pbe_obj, } else { cipher = suite->cipher_func(); if (!cipher) { - OPENSSL_PUT_ERROR(PKCS8, pbe_cipher_init, PKCS8_R_UNKNOWN_CIPHER); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNKNOWN_CIPHER); return 0; } } @@ -334,14 +386,14 @@ static int pbe_cipher_init(ASN1_OBJECT *pbe_obj, } else { md = suite->md_func(); if (!md) { - OPENSSL_PUT_ERROR(PKCS8, pbe_cipher_init, PKCS8_R_UNKNOWN_DIGEST); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNKNOWN_DIGEST); return 0; } } if (!suite->keygen(ctx, pass_raw, pass_raw_len, param, cipher, md, is_encrypt)) { - OPENSSL_PUT_ERROR(PKCS8, pbe_cipher_init, PKCS8_R_KEYGEN_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_KEYGEN_FAILURE); return 0; } @@ -362,32 +414,32 @@ static int pbe_crypt(const X509_ALGOR *algor, if (!pbe_cipher_init(algor->algorithm, pass_raw, pass_raw_len, algor->parameter, &ctx, is_encrypt)) { - OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, PKCS8_R_UNKNOWN_CIPHER_ALGORITHM); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNKNOWN_CIPHER_ALGORITHM); return 0; } block_size = EVP_CIPHER_CTX_block_size(&ctx); if (in_len + block_size < in_len) { - OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, PKCS8_R_TOO_LONG); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_TOO_LONG); goto err; } buf = OPENSSL_malloc(in_len + block_size); if (buf == NULL) { - OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); goto err; } if (!EVP_CipherUpdate(&ctx, buf, &n, in, in_len)) { OPENSSL_free(buf); - OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, ERR_R_EVP_LIB); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_EVP_LIB); goto err; } *out_len = n; if (!EVP_CipherFinal_ex(&ctx, buf + n, &n)) { OPENSSL_free(buf); - OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, ERR_R_EVP_LIB); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_EVP_LIB); goto err; } *out_len += n; @@ -410,14 +462,14 @@ static void *pkcs12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it, if (!pbe_crypt(algor, pass_raw, pass_raw_len, oct->data, oct->length, &out, &out_len, 0 /* decrypt */)) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_item_decrypt_d2i, PKCS8_R_CRYPT_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_CRYPT_ERROR); return NULL; } p = out; ret = ASN1_item_d2i(NULL, &p, out_len, it); OPENSSL_cleanse(out, out_len); if (!ret) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_item_decrypt_d2i, PKCS8_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); } OPENSSL_free(out); return ret; @@ -427,19 +479,12 @@ PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *pkcs8, const char *pass, int pass_len) { uint8_t *pass_raw = NULL; size_t pass_raw_len = 0; - PKCS8_PRIV_KEY_INFO *ret; - - if (pass) { - if (pass_len == -1) { - pass_len = strlen(pass); - } - if (!ascii_to_ucs2(pass, pass_len, &pass_raw, &pass_raw_len)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_decrypt, PKCS8_R_DECODE_ERROR); - return NULL; - } + if (!pass_to_pass_raw(OBJ_obj2nid(pkcs8->algor->algorithm), pass, pass_len, + &pass_raw, &pass_raw_len)) { + return NULL; } - ret = PKCS8_decrypt_pbe(pkcs8, pass_raw, pass_raw_len); + PKCS8_PRIV_KEY_INFO *ret = PKCS8_decrypt_pbe(pkcs8, pass_raw, pass_raw_len); if (pass_raw) { OPENSSL_cleanse(pass_raw, pass_raw_len); @@ -466,17 +511,17 @@ static ASN1_OCTET_STRING *pkcs12_item_i2d_encrypt(X509_ALGOR *algor, oct = M_ASN1_OCTET_STRING_new(); if (oct == NULL) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_item_i2d_encrypt, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); return NULL; } in_len = ASN1_item_i2d(obj, &in, it); if (!in) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_item_i2d_encrypt, PKCS8_R_ENCODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ENCODE_ERROR); return NULL; } if (!pbe_crypt(algor, pass_raw, pass_raw_len, in, in_len, &oct->data, &crypt_len, 1 /* encrypt */)) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_item_i2d_encrypt, PKCS8_R_ENCRYPT_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ENCRYPT_ERROR); OPENSSL_free(in); return NULL; } @@ -491,20 +536,12 @@ X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, const char *pass, int iterations, PKCS8_PRIV_KEY_INFO *p8inf) { uint8_t *pass_raw = NULL; size_t pass_raw_len = 0; - X509_SIG *ret; - - if (pass) { - if (pass_len == -1) { - pass_len = strlen(pass); - } - if (!ascii_to_ucs2(pass, pass_len, &pass_raw, &pass_raw_len)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_encrypt, PKCS8_R_DECODE_ERROR); - return NULL; - } + if (!pass_to_pass_raw(pbe_nid, pass, pass_len, &pass_raw, &pass_raw_len)) { + return NULL; } - ret = PKCS8_encrypt_pbe(pbe_nid, pass_raw, pass_raw_len, - salt, salt_len, iterations, p8inf); + X509_SIG *ret = PKCS8_encrypt_pbe(pbe_nid, cipher, pass_raw, pass_raw_len, + salt, salt_len, iterations, p8inf); if (pass_raw) { OPENSSL_cleanse(pass_raw, pass_raw_len); @@ -513,7 +550,7 @@ X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, const char *pass, return ret; } -X509_SIG *PKCS8_encrypt_pbe(int pbe_nid, +X509_SIG *PKCS8_encrypt_pbe(int pbe_nid, const EVP_CIPHER *cipher, const uint8_t *pass_raw, size_t pass_raw_len, uint8_t *salt, size_t salt_len, int iterations, PKCS8_PRIV_KEY_INFO *p8inf) { @@ -522,13 +559,17 @@ X509_SIG *PKCS8_encrypt_pbe(int pbe_nid, pkcs8 = X509_SIG_new(); if (pkcs8 == NULL) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_encrypt_pbe, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); goto err; } - pbe = PKCS5_pbe_set(pbe_nid, iterations, salt, salt_len); + if (pbe_nid == -1) { + pbe = PKCS5_pbe2_set(cipher, iterations, salt, salt_len); + } else { + pbe = PKCS5_pbe_set(pbe_nid, iterations, salt, salt_len); + } if (!pbe) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_encrypt_pbe, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_ASN1_LIB); goto err; } @@ -538,7 +579,7 @@ X509_SIG *PKCS8_encrypt_pbe(int pbe_nid, pkcs8->digest = pkcs12_item_i2d_encrypt( pbe, ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO), pass_raw, pass_raw_len, p8inf); if (!pkcs8->digest) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_encrypt_pbe, PKCS8_R_ENCRYPT_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ENCRYPT_ERROR); goto err; } @@ -560,13 +601,12 @@ EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) { pkey = EVP_PKEY_new(); if (pkey == NULL) { - OPENSSL_PUT_ERROR(PKCS8, EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); return NULL; } if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(algoid))) { - OPENSSL_PUT_ERROR(PKCS8, EVP_PKCS82PKEY, - PKCS8_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); i2t_ASN1_OBJECT(obj_tmp, 80, algoid); ERR_add_error_data(2, "TYPE=", obj_tmp); goto error; @@ -574,11 +614,11 @@ EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) { if (pkey->ameth->priv_decode) { if (!pkey->ameth->priv_decode(pkey, p8)) { - OPENSSL_PUT_ERROR(PKCS8, EVP_PKCS82PKEY, PKCS8_R_PRIVATE_KEY_DECODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_PRIVATE_KEY_DECODE_ERROR); goto error; } } else { - OPENSSL_PUT_ERROR(PKCS8, EVP_PKCS82PKEY, PKCS8_R_METHOD_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_METHOD_NOT_SUPPORTED); goto error; } @@ -594,7 +634,7 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey) { p8 = PKCS8_PRIV_KEY_INFO_new(); if (p8 == NULL) { - OPENSSL_PUT_ERROR(PKCS8, EVP_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); return NULL; } p8->broken = PKCS8_OK; @@ -602,17 +642,15 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey) { if (pkey->ameth) { if (pkey->ameth->priv_encode) { if (!pkey->ameth->priv_encode(p8, pkey)) { - OPENSSL_PUT_ERROR(PKCS8, EVP_PKEY2PKCS8, - PKCS8_R_PRIVATE_KEY_ENCODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_PRIVATE_KEY_ENCODE_ERROR); goto error; } } else { - OPENSSL_PUT_ERROR(PKCS8, EVP_PKEY2PKCS8, PKCS8_R_METHOD_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_METHOD_NOT_SUPPORTED); goto error; } } else { - OPENSSL_PUT_ERROR(PKCS8, EVP_PKEY2PKCS8, - PKCS8_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); goto error; } return p8; @@ -646,8 +684,7 @@ static int PKCS12_handle_content_infos(CBS *content_infos, * pkcs7-encryptedData and a pkcs7-data) and depth 1 (the various PKCS#12 * bags). */ if (depth > 3) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_infos, - PKCS8_R_PKCS12_TOO_DEEPLY_NESTED); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_PKCS12_TOO_DEEPLY_NESTED); return 0; } @@ -656,6 +693,7 @@ static int PKCS12_handle_content_infos(CBS *content_infos, * conversion cannot see through those wrappings. So each time we step * through one we need to convert to DER again. */ if (!CBS_asn1_ber_to_der(content_infos, &der_bytes, &der_len)) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); return 0; } @@ -666,16 +704,14 @@ static int PKCS12_handle_content_infos(CBS *content_infos, } if (!CBS_get_asn1(&in, &in, CBS_ASN1_SEQUENCE)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_infos, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } while (CBS_len(&in) > 0) { CBS content_info; if (!CBS_get_asn1(&in, &content_info, CBS_ASN1_SEQUENCE)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_infos, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -705,8 +741,7 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, if (!CBS_get_asn1(content_info, &content_type, CBS_ASN1_OBJECT) || !CBS_get_asn1(content_info, &wrapped_contents, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -734,14 +769,12 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, !CBS_get_asn1_element(&eci, &ai, CBS_ASN1_SEQUENCE) || !CBS_get_asn1(&eci, &encrypted_contents, CBS_ASN1_CONTEXT_SPECIFIC | 0)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } if (OBJ_cbs2nid(&contents_type) != NID_pkcs7_data) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -752,8 +785,7 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, } if (inp != CBS_data(&ai) + CBS_len(&ai)) { X509_ALGOR_free(algor); - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -773,8 +805,7 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, if (!CBS_get_asn1(&wrapped_contents, &octet_string_contents, CBS_ASN1_OCTETSTRING)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -787,8 +818,7 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, X509_SIG *encrypted = NULL; if (*ctx->out_key) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_MULTIPLE_PRIVATE_KEYS_IN_PKCS12); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_MULTIPLE_PRIVATE_KEYS_IN_PKCS12); goto err; } @@ -796,13 +826,11 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, * structure as one and so |X509_SIG| is reused to store it. */ encrypted = d2i_X509_SIG(NULL, &inp, CBS_len(&wrapped_contents)); if (encrypted == NULL) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } if (inp != CBS_data(&wrapped_contents) + CBS_len(&wrapped_contents)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); X509_SIG_free(encrypted); goto err; } @@ -828,8 +856,7 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, !CBS_get_asn1(&cert_bag, &wrapped_cert, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0) || !CBS_get_asn1(&wrapped_cert, &cert, CBS_ASN1_OCTETSTRING)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -837,13 +864,11 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, const uint8_t *inp = CBS_data(&cert); X509 *x509 = d2i_X509(NULL, &inp, CBS_len(&cert)); if (!x509) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } if (inp != CBS_data(&cert) + CBS_len(&cert)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); X509_free(x509); goto err; } @@ -875,6 +900,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, /* The input may be in BER format. */ if (!CBS_asn1_ber_to_der(ber_in, &der_bytes, &der_len)) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); return 0; } if (der_bytes != NULL) { @@ -891,28 +917,27 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, if (!CBS_get_asn1(&in, &pfx, CBS_ASN1_SEQUENCE) || CBS_len(&in) != 0 || !CBS_get_asn1_uint64(&pfx, &version)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } if (version < 3) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, - PKCS8_R_BAD_PKCS12_VERSION); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_VERSION); goto err; } if (!CBS_get_asn1(&pfx, &authsafe, CBS_ASN1_SEQUENCE)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } if (CBS_len(&pfx) == 0) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_MISSING_MAC); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_MISSING_MAC); goto err; } if (!CBS_get_asn1(&pfx, &mac_data, CBS_ASN1_SEQUENCE)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -921,7 +946,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, if (!CBS_get_asn1(&authsafe, &content_type, CBS_ASN1_OBJECT) || !CBS_get_asn1(&authsafe, &wrapped_authsafes, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -929,13 +954,12 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, * latter indicates that it's signed by a public key, which isn't * supported. */ if (OBJ_cbs2nid(&content_type) != NID_pkcs7_data) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, - PKCS8_R_PKCS12_PUBLIC_KEY_INTEGRITY_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_PKCS12_PUBLIC_KEY_INTEGRITY_NOT_SUPPORTED); goto err; } if (!CBS_get_asn1(&wrapped_authsafes, &authsafes, CBS_ASN1_OCTETSTRING)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -943,7 +967,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, ctx.out_certs = out_certs; if (!ascii_to_ucs2(password, strlen(password), &ctx.password, &ctx.password_len)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); goto err; } @@ -962,7 +986,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, !CBS_get_asn1(&hash_type_seq, &hash_oid, CBS_ASN1_OBJECT) || !CBS_get_asn1(&mac, &expected_mac, CBS_ASN1_OCTETSTRING) || !CBS_get_asn1(&mac_data, &salt, CBS_ASN1_OCTETSTRING)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -971,8 +995,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, if (CBS_len(&mac_data) > 0) { if (!CBS_get_asn1_uint64(&mac_data, &iterations) || iterations > INT_MAX) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } } @@ -980,7 +1003,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, hash_nid = OBJ_cbs2nid(&hash_oid); if (hash_nid == NID_undef || (md = EVP_get_digestbynid(hash_nid)) == NULL) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_UNKNOWN_HASH); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNKNOWN_HASH); goto err; } @@ -996,8 +1019,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, } if (!CBS_mem_equal(&expected_mac, hmac, hmac_len)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, - PKCS8_R_INCORRECT_PASSWORD); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_INCORRECT_PASSWORD); goto err; } } @@ -1126,6 +1148,7 @@ int PKCS12_parse(const PKCS12 *p12, const char *password, EVP_PKEY **out_pkey, if (!ca_certs) { ca_certs = sk_X509_new_null(); if (ca_certs == NULL) { + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); return 0; } ca_certs_alloced = 1; diff --git a/src/crypto/pkcs8/pkcs8_test.cc b/src/crypto/pkcs8/pkcs8_test.cc new file mode 100644 index 0000000..7a88ddf --- /dev/null +++ b/src/crypto/pkcs8/pkcs8_test.cc @@ -0,0 +1,91 @@ +/* Copyright (c) 2015, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#include +#include +#include + +#include +#include +#include +#include + +#include "../test/scoped_types.h" + + +/* kDER is a PKCS#8 encrypted private key. It was generated with: + * + * openssl genrsa 512 > test.key + * openssl pkcs8 -topk8 -in test.key -out test.key.encrypted -v2 des3 -outform der + * hexdump -Cv test.key.encrypted + * + * The password is "testing". + */ +static const uint8_t kDER[] = { + 0x30, 0x82, 0x01, 0x9e, 0x30, 0x40, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, + 0x0d, 0x30, 0x33, 0x30, 0x1b, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, 0x0c, + 0x30, 0x0e, 0x04, 0x08, 0x06, 0xa5, 0x4b, 0x0c, 0x0c, 0x50, 0x8c, 0x19, 0x02, 0x02, 0x08, 0x00, + 0x30, 0x14, 0x06, 0x08, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x03, 0x07, 0x04, 0x08, 0x3a, 0xd0, + 0x70, 0x4b, 0x26, 0x50, 0x13, 0x7b, 0x04, 0x82, 0x01, 0x58, 0xa6, 0xee, 0x02, 0xf2, 0xf2, 0x7c, + 0x19, 0x91, 0xe3, 0xce, 0x32, 0x85, 0xc5, 0x01, 0xd9, 0xe3, 0x5e, 0x14, 0xb6, 0xb8, 0x78, 0xad, + 0xda, 0x01, 0xec, 0x9e, 0x42, 0xe8, 0xbf, 0x0b, 0x46, 0x03, 0xbc, 0x92, 0x6f, 0xe4, 0x0f, 0x0f, + 0x48, 0x30, 0x10, 0x10, 0x9b, 0xfb, 0x4b, 0xb9, 0x45, 0xf8, 0xcf, 0xab, 0xa1, 0x18, 0xdd, 0x19, + 0xa4, 0xa4, 0xe1, 0xf0, 0xa1, 0x8d, 0xc2, 0x23, 0xe7, 0x0d, 0x7a, 0x64, 0x21, 0x6b, 0xfa, 0x48, + 0xb9, 0x41, 0xc1, 0x0c, 0x4b, 0xce, 0x6f, 0x1a, 0x91, 0x9b, 0x9f, 0xdd, 0xcf, 0xa9, 0x8d, 0x33, + 0x2c, 0x45, 0x81, 0x5c, 0x5e, 0x67, 0xc6, 0x68, 0x43, 0x62, 0xff, 0x5e, 0x9b, 0x1a, 0x15, 0x3a, + 0x9d, 0x71, 0x3f, 0xbe, 0x32, 0x2f, 0xe5, 0x90, 0x65, 0x65, 0x9c, 0x22, 0xf6, 0x29, 0x2e, 0xcf, + 0x26, 0x16, 0x7b, 0x66, 0x48, 0x55, 0xad, 0x9a, 0x8d, 0x89, 0xf4, 0x48, 0x4f, 0x1f, 0x9d, 0xb8, + 0xfa, 0xe1, 0xf1, 0x3b, 0x39, 0x5c, 0x72, 0xc6, 0xb8, 0x3e, 0x98, 0xe8, 0x77, 0xe8, 0xb6, 0x71, + 0x84, 0xa8, 0x6e, 0xca, 0xaf, 0x62, 0x96, 0x49, 0x8a, 0x21, 0x6f, 0x9e, 0x78, 0x07, 0x97, 0x38, + 0x40, 0x66, 0x42, 0x5a, 0x1b, 0xe0, 0x9b, 0xe9, 0x91, 0x82, 0xe4, 0xea, 0x8f, 0x2a, 0xb2, 0x80, + 0xce, 0xe8, 0x57, 0xd3, 0xac, 0x11, 0x9d, 0xb2, 0x39, 0x0f, 0xe1, 0xce, 0x18, 0x96, 0x38, 0xa1, + 0x19, 0x80, 0x88, 0x81, 0x3d, 0xda, 0xaa, 0x8e, 0x15, 0x27, 0x19, 0x73, 0x0c, 0xf3, 0xaf, 0x45, + 0xe9, 0x1b, 0xad, 0x6c, 0x3d, 0xbf, 0x95, 0xf7, 0xa0, 0x87, 0x0e, 0xde, 0xf1, 0xd8, 0xee, 0xaa, + 0x92, 0x76, 0x8d, 0x32, 0x45, 0xa1, 0xe7, 0xf5, 0x05, 0xd6, 0x2c, 0x67, 0x63, 0x10, 0xfa, 0xde, + 0x80, 0xc7, 0x5b, 0x96, 0x0f, 0x24, 0x50, 0x78, 0x30, 0xe5, 0x89, 0xf3, 0x73, 0xfa, 0x40, 0x11, + 0xd5, 0x26, 0xb8, 0x36, 0x96, 0x98, 0xe6, 0xbd, 0x73, 0x62, 0x56, 0xb9, 0xea, 0x28, 0x16, 0x93, + 0x5b, 0x33, 0xae, 0x83, 0xf9, 0x1f, 0xee, 0xef, 0xc8, 0xbf, 0xc7, 0xb1, 0x47, 0x43, 0xa1, 0xc6, + 0x1a, 0x64, 0x47, 0x02, 0x40, 0x3e, 0xbc, 0x0f, 0x80, 0x71, 0x5c, 0x44, 0x60, 0xbc, 0x78, 0x2e, + 0xd2, 0x77, 0xf8, 0x6e, 0x12, 0x51, 0x89, 0xdb, 0x90, 0x64, 0xcd, 0x76, 0x10, 0x29, 0x73, 0xc2, + 0x2f, 0x94, 0x7b, 0x98, 0xcd, 0xbb, 0x61, 0x16, 0x1d, 0x52, 0x11, 0x73, 0x48, 0xe6, 0x39, 0xfc, + 0xd6, 0x2d, +}; + +static bool test(const uint8_t *der, size_t der_len) { + const uint8_t *data = der; + ScopedX509_SIG sig(d2i_X509_SIG(NULL, &data, der_len)); + if (sig.get() == NULL || data != der + der_len) { + fprintf(stderr, "d2i_X509_SIG failed or did not consume all bytes.\n"); + return false; + } + + static const char kPassword[] = "testing"; + ScopedPKCS8_PRIV_KEY_INFO keypair(PKCS8_decrypt(sig.get(), kPassword, -1)); + if (!keypair) { + fprintf(stderr, "PKCS8_decrypt failed.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + return true; +} + +int main(int argc, char **argv) { + if (!test(kDER, sizeof(kDER))) { + return 1; + } + + printf("PASS\n"); + return 0; +} diff --git a/src/crypto/poly1305/CMakeLists.txt b/src/crypto/poly1305/CMakeLists.txt index bb0c1e4..674d9f6 100644 --- a/src/crypto/poly1305/CMakeLists.txt +++ b/src/crypto/poly1305/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) if (${ARCH} STREQUAL "arm") set( @@ -19,3 +19,12 @@ add_library( ${POLY1305_ARCH_SOURCES} ) + +add_executable( + poly1305_test + + poly1305_test.cc + $ +) + +target_link_libraries(poly1305_test crypto) diff --git a/src/crypto/poly1305/poly1305_test.cc b/src/crypto/poly1305/poly1305_test.cc new file mode 100644 index 0000000..0526075 --- /dev/null +++ b/src/crypto/poly1305/poly1305_test.cc @@ -0,0 +1,81 @@ +/* Copyright (c) 2015, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#include +#include + +#include + +#include +#include + +#include "../test/file_test.h" +#include "../test/stl_compat.h" + + +// |CRYPTO_poly1305_finish| requires a 16-byte-aligned output. +#if defined(OPENSSL_WINDOWS) +// MSVC doesn't support C++11 |alignas|. +#define ALIGNED __declspec(align(16)) +#else +#define ALIGNED alignas(16) +#endif + +static bool TestPoly1305(FileTest *t, void *arg) { + std::vector key, in, mac; + if (!t->GetBytes(&key, "Key") || + !t->GetBytes(&in, "Input") || + !t->GetBytes(&mac, "MAC")) { + return false; + } + if (key.size() != 32 || mac.size() != 16) { + t->PrintLine("Invalid test"); + return false; + } + + // Test single-shot operation. + poly1305_state state; + CRYPTO_poly1305_init(&state, bssl::vector_data(&key)); + CRYPTO_poly1305_update(&state, bssl::vector_data(&in), in.size()); + ALIGNED uint8_t out[16]; + CRYPTO_poly1305_finish(&state, out); + if (!t->ExpectBytesEqual(out, 16, bssl::vector_data(&mac), mac.size())) { + t->PrintLine("Single-shot Poly1305 failed."); + return false; + } + + // Test streaming byte-by-byte. + CRYPTO_poly1305_init(&state, bssl::vector_data(&key)); + for (size_t i = 0; i < in.size(); i++) { + CRYPTO_poly1305_update(&state, &in[i], 1); + } + CRYPTO_poly1305_finish(&state, out); + if (!t->ExpectBytesEqual(out, 16, bssl::vector_data(&mac), mac.size())) { + t->PrintLine("Streaming Poly1305 failed."); + return false; + } + + return true; +} + +int main(int argc, char **argv) { + CRYPTO_library_init(); + + if (argc != 2) { + fprintf(stderr, "%s \n", argv[0]); + return 1; + } + + return FileTestMain(TestPoly1305, nullptr, argv[1]); +} diff --git a/src/crypto/poly1305/poly1305_test.txt b/src/crypto/poly1305/poly1305_test.txt new file mode 100644 index 0000000..6c5d403 --- /dev/null +++ b/src/crypto/poly1305/poly1305_test.txt @@ -0,0 +1,52 @@ +# RFC 7359, section 2.5.2. + +Key = 85d6be7857556d337f4452fe42d506a80103808afb0db2fd4abff6af4149f51b +Input = "Cryptographic Forum Research Group" +MAC = a8061dc1305136c6c22b8baf0c0127a9 + + +# RFC 7359, section A.3. + +Key = 0000000000000000000000000000000000000000000000000000000000000000 +Input = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +MAC = 00000000000000000000000000000000 + +Key = 0000000000000000000000000000000036e5f6b5c5e06070f0efca96227a863e +Input = 416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f +MAC = 36e5f6b5c5e06070f0efca96227a863e + +Key = 36e5f6b5c5e06070f0efca96227a863e00000000000000000000000000000000 +Input = 416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f +MAC = f3477e7cd95417af89a6b8794c310cf0 + +Key = 1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0 +Input = 2754776173206272696c6c69672c20616e642074686520736c6974687920746f7665730a446964206779726520616e642067696d626c6520696e2074686520776162653a0a416c6c206d696d737920776572652074686520626f726f676f7665732c0a416e6420746865206d6f6d65207261746873206f757467726162652e +MAC = 4541669a7eaaee61e708dc7cbcc5eb62 + +Key = 0200000000000000000000000000000000000000000000000000000000000000 +Input = ffffffffffffffffffffffffffffffff +MAC = 03000000000000000000000000000000 + +Key = 02000000000000000000000000000000ffffffffffffffffffffffffffffffff +Input = 02000000000000000000000000000000 +MAC = 03000000000000000000000000000000 + +Key = 0100000000000000000000000000000000000000000000000000000000000000 +Input = fffffffffffffffffffffffffffffffff0ffffffffffffffffffffffffffffff11000000000000000000000000000000 +MAC = 05000000000000000000000000000000 + +Key = 0100000000000000000000000000000000000000000000000000000000000000 +Input = fffffffffffffffffffffffffffffffffbfefefefefefefefefefefefefefefe01010101010101010101010101010101 +MAC = 00000000000000000000000000000000 + +Key = 0200000000000000000000000000000000000000000000000000000000000000 +Input = fdffffffffffffffffffffffffffffff +MAC = faffffffffffffffffffffffffffffff + +Key = 0100000000000000040000000000000000000000000000000000000000000000 +Input = e33594d7505e43b900000000000000003394d7505e4379cd01000000000000000000000000000000000000000000000001000000000000000000000000000000 +MAC = 14000000000000005500000000000000 + +Key = 0100000000000000040000000000000000000000000000000000000000000000 +Input = e33594d7505e43b900000000000000003394d7505e4379cd010000000000000000000000000000000000000000000000 +MAC = 13000000000000000000000000000000 diff --git a/src/crypto/rand/CMakeLists.txt b/src/crypto/rand/CMakeLists.txt index 374d8f1..35d5290 100644 --- a/src/crypto/rand/CMakeLists.txt +++ b/src/crypto/rand/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) if (${ARCH} STREQUAL "x86_64") set( diff --git a/src/crypto/rand/hwrand.c b/src/crypto/rand/hwrand.c index 5f81f09..f0bbccd 100644 --- a/src/crypto/rand/hwrand.c +++ b/src/crypto/rand/hwrand.c @@ -15,23 +15,28 @@ #include #include -#include #include #include +#include "internal.h" -#if defined(OPENSSL_X86_64) && !defined(OPENSSL_NO_ASM) -int CRYPTO_have_hwrand(void) { - return (OPENSSL_ia32cap_P[1] & (1u << 30)) != 0; -} +#if defined(OPENSSL_X86_64) && !defined(OPENSSL_NO_ASM) /* These functions are defined in asm/rdrand-x86_64.pl */ extern int CRYPTO_rdrand(uint8_t out[8]); extern int CRYPTO_rdrand_multiple8_buf(uint8_t *buf, size_t len); +static int have_rdrand(void) { + return (OPENSSL_ia32cap_P[1] & (1u << 30)) != 0; +} + int CRYPTO_hwrand(uint8_t *buf, size_t len) { + if (!have_rdrand()) { + return 0; + } + const size_t len_multiple8 = len & ~7; if (!CRYPTO_rdrand_multiple8_buf(buf, len_multiple8)) { return 0; @@ -53,12 +58,8 @@ int CRYPTO_hwrand(uint8_t *buf, size_t len) { #else -int CRYPTO_have_hwrand(void) { +int CRYPTO_hwrand(uint8_t *buf, size_t len) { return 0; } -void CRYPTO_hwrand(uint8_t *buf, size_t len) { - abort(); -} - #endif diff --git a/src/crypto/rand/internal.h b/src/crypto/rand/internal.h index 5e6ea11..f35abbb 100644 --- a/src/crypto/rand/internal.h +++ b/src/crypto/rand/internal.h @@ -24,13 +24,9 @@ extern "C" { * system. */ void CRYPTO_sysrand(uint8_t *buf, size_t len); -/* CRYPTO_have_hwrand returns one iff |CRYPTO_hwrand| can be called to generate - * hardware entropy. */ -int CRYPTO_have_hwrand(void); - -/* CRYPTO_hwrand fills |len| bytes at |buf| with entropy from the hardware. - * This function can only be called if |CRYPTO_have_hwrand| returns one. - * It returns one on success or zero on hardware failure. */ +/* CRYPTO_hwrand fills |len| bytes at |buf| with entropy from the hardware. It + * returns one on success or zero on hardware failure or if hardware support is + * unavailable. */ int CRYPTO_hwrand(uint8_t *buf, size_t len); diff --git a/src/crypto/rand/rand.c b/src/crypto/rand/rand.c index a96ac48..e76a120 100644 --- a/src/crypto/rand/rand.c +++ b/src/crypto/rand/rand.c @@ -17,6 +17,7 @@ #include #include +#include #include #include "internal.h" @@ -69,17 +70,12 @@ static void rand_thread_state_free(void *state) { OPENSSL_free(state); } -extern void CRYPTO_chacha_20(uint8_t *out, const uint8_t *in, size_t in_len, - const uint8_t key[32], const uint8_t nonce[8], - size_t counter); - int RAND_bytes(uint8_t *buf, size_t len) { if (len == 0) { return 1; } - if (!CRYPTO_have_hwrand() || - !CRYPTO_hwrand(buf, len)) { + if (!CRYPTO_hwrand(buf, len)) { /* Without a hardware RNG to save us from address-space duplication, the OS * entropy is used directly. */ CRYPTO_sysrand(buf, len); @@ -162,6 +158,10 @@ int RAND_load_file(const char *path, long num) { void RAND_add(const void *buf, int num, double entropy) {} +int RAND_egd(const char *path) { + return 255; +} + int RAND_poll(void) { return 1; } @@ -169,3 +169,18 @@ int RAND_poll(void) { int RAND_status(void) { return 1; } + +static const struct rand_meth_st kSSLeayMethod = { + RAND_seed, + RAND_bytes, + RAND_cleanup, + RAND_add, + RAND_pseudo_bytes, + RAND_status, +}; + +RAND_METHOD *RAND_SSLeay(void) { + return (RAND_METHOD*) &kSSLeayMethod; +} + +void RAND_set_rand_method(const RAND_METHOD *method) {} diff --git a/src/crypto/rand/urandom.c b/src/crypto/rand/urandom.c index 788a979..1cc5260 100644 --- a/src/crypto/rand/urandom.c +++ b/src/crypto/rand/urandom.c @@ -30,92 +30,126 @@ /* This file implements a PRNG by reading from /dev/urandom, optionally with a - * fork-safe buffer. - * - * If buffering is enabled then it maintains a global, linked list of buffers. - * Threads which need random bytes grab a buffer from the list under a lock and - * copy out the bytes that they need. In the rare case that the buffer is - * empty, it's refilled from /dev/urandom outside of the lock. - * - * Large requests are always serviced from /dev/urandom directly. - * - * Each buffer contains the PID of the process that created it and it's tested - * against the current PID each time. Thus processes that fork will discard all - * the buffers filled by the parent process. There are two problems with this: - * - * 1) glibc maintains a cache of the current PID+PPID and, if this cache isn't - * correctly invalidated, the getpid() will continue to believe that - * it's the old process. Glibc depends on the glibc wrappers for fork, - * vfork and clone being used in order to invalidate the getpid() cache. - * - * 2) If a process forks, dies and then its child forks, it's possible that - * the third process will end up with the same PID as the original process. - * If the second process never used any random values then this will mean - * that the third process has stale, cached values and won't notice. - */ - -/* BUF_SIZE is intended to be a 4K allocation with malloc overhead. struct - * rand_buffer also fits in this space and the remainder is entropy. */ -#define BUF_SIZE (4096 - 16) - -/* rand_buffer contains unused, random bytes. These structures form a linked - * list via the |next| pointer, which is NULL in the final element. */ + * buffer, which is unsafe across |fork|. */ + +#define BUF_SIZE 4096 + +/* rand_buffer contains unused, random bytes, some of which may have been + * consumed already. */ struct rand_buffer { - size_t used; /* used contains the number of bytes of |rand| that have - been consumed. */ - struct rand_buffer *next; - pid_t pid; /* pid contains the pid at the time that the buffer was - created so that data is not duplicated after a fork. */ - pid_t ppid; /* ppid contains the parent pid in order to try and reduce - the possibility of duplicated PID confusing the - detection of a fork. */ - uint8_t rand[]; + size_t used; + uint8_t rand[BUF_SIZE]; }; -/* rand_bytes_per_buf is the number of actual entropy bytes in a buffer. */ -static const size_t rand_bytes_per_buf = BUF_SIZE - sizeof(struct rand_buffer); - -static struct CRYPTO_STATIC_MUTEX global_lock = CRYPTO_STATIC_MUTEX_INIT; +/* requested_lock is used to protect the |*_requested| variables. */ +static struct CRYPTO_STATIC_MUTEX requested_lock = CRYPTO_STATIC_MUTEX_INIT; -/* list_head is the start of a global, linked-list of rand_buffer objects. It's - * protected by |global_lock|. */ -static struct rand_buffer *list_head; +/* urandom_fd_requested is set by |RAND_set_urandom_fd|. It's protected by + * |requested_lock|. */ +static int urandom_fd_requested = -2; -/* urandom_fd is a file descriptor to /dev/urandom. It's protected by - * |global_lock|. */ +/* urandom_fd is a file descriptor to /dev/urandom. It's protected by |once|. */ static int urandom_fd = -2; +/* urandom_buffering_requested is set by |RAND_enable_fork_unsafe_buffering|. + * It's protected by |requested_lock|. */ +static int urandom_buffering_requested = 0; + /* urandom_buffering controls whether buffering is enabled (1) or not (0). This - * is protected by |global_lock|. */ + * is protected by |once|. */ static int urandom_buffering = 0; -/* urandom_get_fd_locked returns a file descriptor to /dev/urandom. The caller - * of this function must hold |global_lock|. */ -static int urandom_get_fd_locked(void) { - if (urandom_fd != -2) { - return urandom_fd; +static CRYPTO_once_t once = CRYPTO_ONCE_INIT; + +/* init_once initializes the state of this module to values previously + * requested. This is the only function that modifies |urandom_fd| and + * |urandom_buffering|, whose values may be read safely after calling the + * once. */ +static void init_once(void) { + CRYPTO_STATIC_MUTEX_lock_read(&requested_lock); + urandom_buffering = urandom_buffering_requested; + int fd = urandom_fd_requested; + CRYPTO_STATIC_MUTEX_unlock(&requested_lock); + + if (fd == -2) { + do { + fd = open("/dev/urandom", O_RDONLY); + } while (fd == -1 && errno == EINTR); } - urandom_fd = open("/dev/urandom", O_RDONLY); - return urandom_fd; + if (fd < 0) { + abort(); + } + + int flags = fcntl(fd, F_GETFD); + if (flags == -1) { + abort(); + } + flags |= FD_CLOEXEC; + if (fcntl(fd, F_SETFD, flags) == -1) { + abort(); + } + urandom_fd = fd; } -/* RAND_cleanup frees all buffers, closes any cached file descriptor - * and resets the global state. */ -void RAND_cleanup(void) { - struct rand_buffer *cur; +void RAND_cleanup(void) {} - CRYPTO_STATIC_MUTEX_lock_write(&global_lock); - while ((cur = list_head)) { - list_head = cur->next; - OPENSSL_free(cur); +void RAND_set_urandom_fd(int fd) { + fd = dup(fd); + if (fd < 0) { + abort(); } - if (urandom_fd >= 0) { - close(urandom_fd); + + CRYPTO_STATIC_MUTEX_lock_write(&requested_lock); + urandom_fd_requested = fd; + CRYPTO_STATIC_MUTEX_unlock(&requested_lock); + + CRYPTO_once(&once, init_once); + if (urandom_fd != fd) { + abort(); // Already initialized. } - urandom_fd = -2; - list_head = NULL; - CRYPTO_STATIC_MUTEX_unlock(&global_lock); +} + +void RAND_enable_fork_unsafe_buffering(int fd) { + if (fd >= 0) { + fd = dup(fd); + if (fd < 0) { + abort(); + } + } else { + fd = -2; + } + + CRYPTO_STATIC_MUTEX_lock_write(&requested_lock); + urandom_buffering_requested = 1; + urandom_fd_requested = fd; + CRYPTO_STATIC_MUTEX_unlock(&requested_lock); + + CRYPTO_once(&once, init_once); + if (urandom_buffering != 1 || (fd >= 0 && urandom_fd != fd)) { + abort(); // Already initialized. + } +} + +static struct rand_buffer *get_thread_local_buffer(void) { + struct rand_buffer *buf = + CRYPTO_get_thread_local(OPENSSL_THREAD_LOCAL_URANDOM_BUF); + if (buf != NULL) { + return buf; + } + + buf = OPENSSL_malloc(sizeof(struct rand_buffer)); + if (buf == NULL) { + return NULL; + } + buf->used = BUF_SIZE; /* To trigger a |read_full| on first use. */ + if (!CRYPTO_set_thread_local(OPENSSL_THREAD_LOCAL_URANDOM_BUF, buf, + OPENSSL_free)) { + OPENSSL_free(buf); + return NULL; + } + + return buf; } /* read_full reads exactly |len| bytes from |fd| into |out| and returns 1. In @@ -138,110 +172,48 @@ static char read_full(int fd, uint8_t *out, size_t len) { return 1; } -/* CRYPTO_sysrand puts |num| random bytes into |out|. */ -void CRYPTO_sysrand(uint8_t *out, size_t requested) { - int fd; - struct rand_buffer *buf; - size_t todo; - pid_t pid, ppid; - - if (requested == 0) { - return; - } +/* read_from_buffer reads |requested| random bytes from the buffer into |out|, + * refilling it if necessary to satisfy the request. */ +static void read_from_buffer(struct rand_buffer *buf, + uint8_t *out, size_t requested) { + size_t remaining = BUF_SIZE - buf->used; - CRYPTO_STATIC_MUTEX_lock_write(&global_lock); - fd = urandom_get_fd_locked(); + while (requested > remaining) { + memcpy(out, &buf->rand[buf->used], remaining); + buf->used += remaining; + out += remaining; + requested -= remaining; - if (fd < 0) { - CRYPTO_STATIC_MUTEX_unlock(&global_lock); - abort(); - return; - } - - /* If buffering is not enabled, or if the request is large, then the - * result comes directly from urandom. */ - if (!urandom_buffering || requested > BUF_SIZE / 2) { - CRYPTO_STATIC_MUTEX_unlock(&global_lock); - if (!read_full(fd, out, requested)) { + if (!read_full(urandom_fd, buf->rand, BUF_SIZE)) { abort(); - } - return; - } - - pid = getpid(); - ppid = getppid(); - - for (;;) { - buf = list_head; - if (buf && buf->pid == pid && buf->ppid == ppid && - rand_bytes_per_buf - buf->used >= requested) { - memcpy(out, &buf->rand[buf->used], requested); - buf->used += requested; - CRYPTO_STATIC_MUTEX_unlock(&global_lock); return; } - - /* If we don't immediately have enough entropy with the correct - * PID, remove the buffer from the list in order to gain - * exclusive access and unlock. */ - if (buf) { - list_head = buf->next; - } - CRYPTO_STATIC_MUTEX_unlock(&global_lock); - - if (!buf) { - buf = (struct rand_buffer *)OPENSSL_malloc(BUF_SIZE); - if (!buf) { - abort(); - return; - } - /* The buffer doesn't contain any random bytes yet - * so we mark it as fully used so that it will be - * filled below. */ - buf->used = rand_bytes_per_buf; - buf->next = NULL; - buf->pid = pid; - buf->ppid = ppid; - } - - if (buf->pid == pid && buf->ppid == ppid) { - break; - } - - /* We have forked and so cannot use these bytes as they - * may have been used in another process. */ - OPENSSL_free(buf); - CRYPTO_STATIC_MUTEX_lock_write(&global_lock); + buf->used = 0; + remaining = BUF_SIZE; } - while (requested > 0) { - todo = rand_bytes_per_buf - buf->used; - if (todo > requested) { - todo = requested; - } - memcpy(out, &buf->rand[buf->used], todo); - requested -= todo; - out += todo; - buf->used += todo; + memcpy(out, &buf->rand[buf->used], requested); + buf->used += requested; +} - if (buf->used < rand_bytes_per_buf) { - break; - } +/* CRYPTO_sysrand puts |requested| random bytes into |out|. */ +void CRYPTO_sysrand(uint8_t *out, size_t requested) { + if (requested == 0) { + return; + } - if (!read_full(fd, buf->rand, rand_bytes_per_buf)) { - OPENSSL_free(buf); - abort(); + CRYPTO_once(&once, init_once); + if (urandom_buffering && requested < BUF_SIZE) { + struct rand_buffer *buf = get_thread_local_buffer(); + if (buf != NULL) { + read_from_buffer(buf, out, requested); return; } - - buf->used = 0; } - CRYPTO_STATIC_MUTEX_lock_write(&global_lock); - assert(list_head != buf); - buf->next = list_head; - list_head = buf; - CRYPTO_STATIC_MUTEX_unlock(&global_lock); + if (!read_full(urandom_fd, out, requested)) { + abort(); + } } #endif /* !OPENSSL_WINDOWS */ diff --git a/src/crypto/rc4/CMakeLists.txt b/src/crypto/rc4/CMakeLists.txt index fe2d0c6..a208e96 100644 --- a/src/crypto/rc4/CMakeLists.txt +++ b/src/crypto/rc4/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) if (${ARCH} STREQUAL "x86_64") set( diff --git a/src/crypto/rc4/asm/rc4-x86_64.pl b/src/crypto/rc4/asm/rc4-x86_64.pl index db46242..cef6268 100644 --- a/src/crypto/rc4/asm/rc4-x86_64.pl +++ b/src/crypto/rc4/asm/rc4-x86_64.pl @@ -56,7 +56,7 @@ # achieves respectful 432MBps on 2.8GHz processor now. For reference. # If executed on Xeon, current RC4_CHAR code-path is 2.7x faster than # RC4_INT code-path. While if executed on Opteron, it's only 25% -# slower than the RC4_INT one [meaning that if CPU µ-arch detection +# slower than the RC4_INT one [meaning that if CPU µ-arch detection # is not implemented, then this final RC4_CHAR code-path should be # preferred, as it provides better *all-round* performance]. diff --git a/src/crypto/rsa/CMakeLists.txt b/src/crypto/rsa/CMakeLists.txt index 0ea12c8..bd8ad3b 100644 --- a/src/crypto/rsa/CMakeLists.txt +++ b/src/crypto/rsa/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( rsa @@ -15,7 +15,7 @@ add_library( add_executable( rsa_test - rsa_test.c + rsa_test.cc $ ) diff --git a/src/crypto/rsa/blinding.c b/src/crypto/rsa/blinding.c index 245142b..c93cee1 100644 --- a/src/crypto/rsa/blinding.c +++ b/src/crypto/rsa/blinding.c @@ -137,7 +137,7 @@ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod) { ret = (BN_BLINDING*) OPENSSL_malloc(sizeof(BN_BLINDING)); if (ret == NULL) { - OPENSSL_PUT_ERROR(RSA, BN_BLINDING_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); return NULL; } memset(ret, 0, sizeof(BN_BLINDING)); @@ -190,7 +190,7 @@ int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx) { int ret = 0; if (b->A == NULL || b->Ai == NULL) { - OPENSSL_PUT_ERROR(RSA, BN_BLINDING_update, RSA_R_BN_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(RSA, RSA_R_BN_NOT_INITIALIZED); goto err; } @@ -230,7 +230,7 @@ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) { int ret = 1; if (b->A == NULL || b->Ai == NULL) { - OPENSSL_PUT_ERROR(RSA, BN_BLINDING_convert_ex, RSA_R_BN_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(RSA, RSA_R_BN_NOT_INITIALIZED); return 0; } @@ -266,7 +266,7 @@ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, ret = BN_mod_mul(n, n, r, b->mod, ctx); } else { if (b->Ai == NULL) { - OPENSSL_PUT_ERROR(RSA, BN_BLINDING_invert_ex, RSA_R_BN_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(RSA, RSA_R_BN_NOT_INITIALIZED); return 0; } ret = BN_mod_mul(n, n, b->Ai, b->mod, ctx); @@ -325,13 +325,13 @@ BN_BLINDING *BN_BLINDING_create_param( if (!BN_rand_range(ret->A, ret->mod)) { goto err; } - if (BN_mod_inverse(ret->Ai, ret->A, ret->mod, ctx) == NULL) { + + int no_inverse; + if (BN_mod_inverse_ex(ret->Ai, &no_inverse, ret->A, ret->mod, ctx) == NULL) { /* this should almost never happen for good RSA keys */ - uint32_t error = ERR_peek_last_error(); - if (ERR_GET_REASON(error) == BN_R_NO_INVERSE) { + if (no_inverse) { if (retry_counter-- == 0) { - OPENSSL_PUT_ERROR(RSA, BN_BLINDING_create_param, - RSA_R_TOO_MANY_ITERATIONS); + OPENSSL_PUT_ERROR(RSA, RSA_R_TOO_MANY_ITERATIONS); goto err; } ERR_clear_error(); @@ -416,14 +416,14 @@ BN_BLINDING *rsa_setup_blinding(RSA *rsa, BN_CTX *in_ctx) { BN_CTX_start(ctx); e = BN_CTX_get(ctx); if (e == NULL) { - OPENSSL_PUT_ERROR(RSA, rsa_setup_blinding, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); goto err; } if (rsa->e == NULL) { e = rsa_get_public_exp(rsa->d, rsa->p, rsa->q, ctx); if (e == NULL) { - OPENSSL_PUT_ERROR(RSA, rsa_setup_blinding, RSA_R_NO_PUBLIC_EXPONENT); + OPENSSL_PUT_ERROR(RSA, RSA_R_NO_PUBLIC_EXPONENT); goto err; } } else { @@ -444,7 +444,7 @@ BN_BLINDING *rsa_setup_blinding(RSA *rsa, BN_CTX *in_ctx) { ret = BN_BLINDING_create_param(NULL, e, n, ctx, rsa->meth->bn_mod_exp, mont_ctx); if (ret == NULL) { - OPENSSL_PUT_ERROR(RSA, rsa_setup_blinding, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(RSA, ERR_R_BN_LIB); goto err; } diff --git a/src/crypto/rsa/internal.h b/src/crypto/rsa/internal.h index d15f2a5..c0044c3 100644 --- a/src/crypto/rsa/internal.h +++ b/src/crypto/rsa/internal.h @@ -59,8 +59,6 @@ #include -#include - #if defined(__cplusplus) extern "C" { @@ -109,8 +107,6 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(uint8_t *to, unsigned to_len, const EVP_MD *md, const EVP_MD *mgf1md); int RSA_padding_add_none(uint8_t *to, unsigned to_len, const uint8_t *from, unsigned from_len); -int RSA_padding_check_none(uint8_t *to, unsigned to_len, const uint8_t *from, - unsigned from_len); /* RSA_private_transform calls either the method-specific |private_transform| * function (if given) or the generic one. See the comment for @@ -118,20 +114,26 @@ int RSA_padding_check_none(uint8_t *to, unsigned to_len, const uint8_t *from, int RSA_private_transform(RSA *rsa, uint8_t *out, const uint8_t *in, size_t len); -typedef struct rsa_pss_params_st { - X509_ALGOR *hashAlgorithm; - X509_ALGOR *maskGenAlgorithm; - ASN1_INTEGER *saltLength; - ASN1_INTEGER *trailerField; -} RSA_PSS_PARAMS; -DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS) +/* RSA_additional_prime contains information about the third, forth etc prime + * in a multi-prime RSA key. */ +typedef struct RSA_additional_prime_st { + BIGNUM *prime; + /* exp is d^{prime-1} mod prime */ + BIGNUM *exp; + /* coeff is such that r×coeff ≡ 1 mod prime. */ + BIGNUM *coeff; + + /* Values below here are not in the ASN.1 serialisation. */ + + /* r is the product of all primes (including p and q) prior to this one. */ + BIGNUM *r; + /* method_mod is managed by the |RSA_METHOD|. */ + BN_MONT_CTX *method_mod; +} RSA_additional_prime; + +void RSA_additional_prime_free(RSA_additional_prime *ap); -typedef struct rsa_oaep_params_st { - X509_ALGOR *hashFunc; - X509_ALGOR *maskGenFunc; - X509_ALGOR *pSourceFunc; -} RSA_OAEP_PARAMS; #if defined(__cplusplus) } /* extern C */ diff --git a/src/crypto/rsa/padding.c b/src/crypto/rsa/padding.c index 0a725f1..5a42e24 100644 --- a/src/crypto/rsa/padding.c +++ b/src/crypto/rsa/padding.c @@ -74,14 +74,12 @@ int RSA_padding_add_PKCS1_type_1(uint8_t *to, unsigned tlen, uint8_t *p; if (tlen < RSA_PKCS1_PADDING_SIZE) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_type_1, - RSA_R_KEY_SIZE_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_R_KEY_SIZE_TOO_SMALL); return 0; } if (flen > tlen - RSA_PKCS1_PADDING_SIZE) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_type_1, - RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); return 0; } @@ -105,15 +103,13 @@ int RSA_padding_check_PKCS1_type_1(uint8_t *to, unsigned tlen, const uint8_t *p; if (flen < 2) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_1, - RSA_R_DATA_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_SMALL); return -1; } p = from; if ((*(p++) != 0) || (*(p++) != 1)) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_1, - RSA_R_BLOCK_TYPE_IS_NOT_01); + OPENSSL_PUT_ERROR(RSA, RSA_R_BLOCK_TYPE_IS_NOT_01); return -1; } @@ -126,8 +122,7 @@ int RSA_padding_check_PKCS1_type_1(uint8_t *to, unsigned tlen, p++; break; } else { - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_1, - RSA_R_BAD_FIXED_HEADER_DECRYPT); + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_FIXED_HEADER_DECRYPT); return -1; } } @@ -135,21 +130,18 @@ int RSA_padding_check_PKCS1_type_1(uint8_t *to, unsigned tlen, } if (i == j) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_1, - RSA_R_NULL_BEFORE_BLOCK_MISSING); + OPENSSL_PUT_ERROR(RSA, RSA_R_NULL_BEFORE_BLOCK_MISSING); return -1; } if (i < 8) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_1, - RSA_R_BAD_PAD_BYTE_COUNT); + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_PAD_BYTE_COUNT); return -1; } i++; /* Skip over the '\0' */ j -= i; if (j > tlen) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_1, - RSA_R_DATA_TOO_LARGE); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE); return -1; } memcpy(to, p, j); @@ -163,14 +155,12 @@ int RSA_padding_add_PKCS1_type_2(uint8_t *to, unsigned tlen, uint8_t *p; if (tlen < RSA_PKCS1_PADDING_SIZE) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_type_2, - RSA_R_KEY_SIZE_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_R_KEY_SIZE_TOO_SMALL); return 0; } if (flen > tlen - RSA_PKCS1_PADDING_SIZE) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_type_2, - RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); return 0; } @@ -271,8 +261,7 @@ int RSA_padding_check_PKCS1_type_2(uint8_t *to, unsigned tlen, size_t msg_index, msg_len; if (flen == 0) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_2, - RSA_R_EMPTY_PUBLIC_KEY); + OPENSSL_PUT_ERROR(RSA, RSA_R_EMPTY_PUBLIC_KEY); return -1; } @@ -281,8 +270,7 @@ int RSA_padding_check_PKCS1_type_2(uint8_t *to, unsigned tlen, * |RSA_PKCS1_PADDING| make it impossible to completely avoid Bleichenbacher's * attack. */ if (!RSA_message_index_PKCS1_type_2(from, flen, &msg_index)) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_2, - RSA_R_PKCS_DECODING_ERROR); + OPENSSL_PUT_ERROR(RSA, RSA_R_PKCS_DECODING_ERROR); return -1; } @@ -290,8 +278,7 @@ int RSA_padding_check_PKCS1_type_2(uint8_t *to, unsigned tlen, if (msg_len > tlen) { /* This shouldn't happen because this function is always called with |tlen| * the key size and |flen| is bounded by the key size. */ - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_2, - RSA_R_PKCS_DECODING_ERROR); + OPENSSL_PUT_ERROR(RSA, RSA_R_PKCS_DECODING_ERROR); return -1; } memcpy(to, &from[msg_index], msg_len); @@ -300,14 +287,12 @@ int RSA_padding_check_PKCS1_type_2(uint8_t *to, unsigned tlen, int RSA_padding_add_none(uint8_t *to, unsigned tlen, const uint8_t *from, unsigned flen) { if (flen > tlen) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_none, - RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); return 0; } if (flen < tlen) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_none, - RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE); return 0; } @@ -315,17 +300,6 @@ int RSA_padding_add_none(uint8_t *to, unsigned tlen, const uint8_t *from, unsign return 1; } -int RSA_padding_check_none(uint8_t *to, unsigned tlen, const uint8_t *from, - unsigned flen) { - if (flen > tlen) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_none, RSA_R_DATA_TOO_LARGE); - return -1; - } - - memcpy(to, from, flen); - return flen; -} - int PKCS1_MGF1(uint8_t *mask, unsigned len, const uint8_t *seed, unsigned seedlen, const EVP_MD *dgst) { unsigned outlen = 0; @@ -388,21 +362,18 @@ int RSA_padding_add_PKCS1_OAEP_mgf1(uint8_t *to, unsigned tlen, mdlen = EVP_MD_size(md); if (tlen < 2 * mdlen + 2) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_OAEP_mgf1, - RSA_R_KEY_SIZE_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_R_KEY_SIZE_TOO_SMALL); return 0; } emlen = tlen - 1; if (flen > emlen - 2 * mdlen - 1) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_OAEP_mgf1, - RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); return 0; } if (emlen < 2 * mdlen + 1) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_OAEP_mgf1, - RSA_R_KEY_SIZE_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_R_KEY_SIZE_TOO_SMALL); return 0; } @@ -422,8 +393,7 @@ int RSA_padding_add_PKCS1_OAEP_mgf1(uint8_t *to, unsigned tlen, dbmask = OPENSSL_malloc(emlen - mdlen); if (dbmask == NULL) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_OAEP_mgf1, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); return 0; } @@ -477,8 +447,7 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(uint8_t *to, unsigned tlen, dblen = flen - mdlen - 1; db = OPENSSL_malloc(dblen); if (db == NULL) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_OAEP_mgf1, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); goto err; } @@ -526,8 +495,7 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(uint8_t *to, unsigned tlen, one_index++; mlen = dblen - one_index; if (tlen < mlen) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_OAEP_mgf1, - RSA_R_DATA_TOO_LARGE); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE); mlen = -1; } else { memcpy(to, db + one_index, mlen); @@ -539,8 +507,7 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(uint8_t *to, unsigned tlen, decoding_err: /* to avoid chosen ciphertext attacks, the error message should not reveal * which kind of decoding error happened */ - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_OAEP_mgf1, - RSA_R_OAEP_DECODING_ERROR); + OPENSSL_PUT_ERROR(RSA, RSA_R_OAEP_DECODING_ERROR); err: OPENSSL_free(db); return -1; @@ -576,15 +543,14 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const uint8_t *mHash, } else if (sLen == -2) { sLen = -2; } else if (sLen < -2) { - OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, RSA_R_SLEN_CHECK_FAILED); + OPENSSL_PUT_ERROR(RSA, RSA_R_SLEN_CHECK_FAILED); goto err; } MSBits = (BN_num_bits(rsa->n) - 1) & 0x7; emLen = RSA_size(rsa); if (EM[0] & (0xFF << MSBits)) { - OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, - RSA_R_FIRST_OCTET_INVALID); + OPENSSL_PUT_ERROR(RSA, RSA_R_FIRST_OCTET_INVALID); goto err; } if (MSBits == 0) { @@ -593,18 +559,18 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const uint8_t *mHash, } if (emLen < ((int)hLen + sLen + 2)) { /* sLen can be small negative */ - OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, RSA_R_DATA_TOO_LARGE); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE); goto err; } if (EM[emLen - 1] != 0xbc) { - OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, RSA_R_LAST_OCTET_INVALID); + OPENSSL_PUT_ERROR(RSA, RSA_R_LAST_OCTET_INVALID); goto err; } maskedDBLen = emLen - hLen - 1; H = EM + maskedDBLen; DB = OPENSSL_malloc(maskedDBLen); if (!DB) { - OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); goto err; } if (PKCS1_MGF1(DB, maskedDBLen, H, hLen, mgf1Hash) < 0) { @@ -620,12 +586,11 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const uint8_t *mHash, ; } if (DB[i++] != 0x1) { - OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, - RSA_R_SLEN_RECOVERY_FAILED); + OPENSSL_PUT_ERROR(RSA, RSA_R_SLEN_RECOVERY_FAILED); goto err; } if (sLen >= 0 && (maskedDBLen - i) != sLen) { - OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, RSA_R_SLEN_CHECK_FAILED); + OPENSSL_PUT_ERROR(RSA, RSA_R_SLEN_CHECK_FAILED); goto err; } if (!EVP_DigestInit_ex(&ctx, Hash, NULL) || @@ -642,7 +607,7 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const uint8_t *mHash, goto err; } if (memcmp(H_, H, hLen)) { - OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, RSA_R_BAD_SIGNATURE); + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_SIGNATURE); ret = 0; } else { ret = 1; @@ -681,14 +646,12 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, } else if (sLen == -2) { sLen = -2; } else if (sLen < -2) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_PSS_mgf1, - RSA_R_SLEN_CHECK_FAILED); + OPENSSL_PUT_ERROR(RSA, RSA_R_SLEN_CHECK_FAILED); goto err; } if (BN_is_zero(rsa->n)) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_PSS_mgf1, - RSA_R_EMPTY_PUBLIC_KEY); + OPENSSL_PUT_ERROR(RSA, RSA_R_EMPTY_PUBLIC_KEY); goto err; } @@ -701,21 +664,18 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, } if (sLen == -2) { if (emLen < hLen + 2) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_PSS_mgf1, - RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); goto err; } sLen = emLen - hLen - 2; } else if (emLen < hLen + sLen + 2) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_PSS_mgf1, - RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); goto err; } if (sLen > 0) { salt = OPENSSL_malloc(sLen); if (!salt) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_PSS_mgf1, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); goto err; } if (!RAND_bytes(salt, sLen)) { diff --git a/src/crypto/rsa/rsa.c b/src/crypto/rsa/rsa.c index 17059b0..2f23165 100644 --- a/src/crypto/rsa/rsa.c +++ b/src/crypto/rsa/rsa.c @@ -79,7 +79,7 @@ RSA *RSA_new(void) { return RSA_new_method(NULL); } RSA *RSA_new_method(const ENGINE *engine) { RSA *rsa = (RSA *)OPENSSL_malloc(sizeof(RSA)); if (rsa == NULL) { - OPENSSL_PUT_ERROR(RSA, RSA_new_method, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); return NULL; } @@ -114,6 +114,18 @@ RSA *RSA_new_method(const ENGINE *engine) { return rsa; } +void RSA_additional_prime_free(RSA_additional_prime *ap) { + if (ap == NULL) { + return; + } + + BN_clear_free(ap->prime); + BN_clear_free(ap->exp); + BN_clear_free(ap->coeff); + BN_clear_free(ap->r); + OPENSSL_free(ap); +} + void RSA_free(RSA *rsa) { unsigned u; @@ -145,6 +157,10 @@ void RSA_free(RSA *rsa) { } OPENSSL_free(rsa->blindings); OPENSSL_free(rsa->blindings_inuse); + if (rsa->additional_primes != NULL) { + sk_RSA_additional_prime_pop_free(rsa->additional_primes, + RSA_additional_prime_free); + } CRYPTO_MUTEX_cleanup(&rsa->lock); OPENSSL_free(rsa); } @@ -162,6 +178,16 @@ int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { return RSA_default_method.keygen(rsa, bits, e_value, cb); } +int RSA_generate_multi_prime_key(RSA *rsa, int bits, int num_primes, + BIGNUM *e_value, BN_GENCB *cb) { + if (rsa->meth->multi_prime_keygen) { + return rsa->meth->multi_prime_keygen(rsa, bits, num_primes, e_value, cb); + } + + return RSA_default_method.multi_prime_keygen(rsa, bits, num_primes, e_value, + cb); +} + int RSA_encrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, const uint8_t *in, size_t in_len, int padding) { if (rsa->meth->encrypt) { @@ -342,20 +368,15 @@ static const struct pkcs1_sig_prefix kPKCS1SigPrefixes[] = { }, }; -/* TODO(fork): mostly new code, needs careful review. */ - -/* pkcs1_prefixed_msg builds a PKCS#1, prefixed version of |msg| for the given - * hash function and sets |out_msg| to point to it. On successful return, - * |*out_msg| may be allocated memory and, if so, |*is_alloced| will be 1. */ -static int pkcs1_prefixed_msg(uint8_t **out_msg, size_t *out_msg_len, - int *is_alloced, int hash_nid, const uint8_t *msg, - size_t msg_len) { +int RSA_add_pkcs1_prefix(uint8_t **out_msg, size_t *out_msg_len, + int *is_alloced, int hash_nid, const uint8_t *msg, + size_t msg_len) { unsigned i; if (hash_nid == NID_md5_sha1) { /* Special case: SSL signature, just check the length. */ if (msg_len != SSL_SIG_LENGTH) { - OPENSSL_PUT_ERROR(RSA, pkcs1_prefixed_msg, RSA_R_INVALID_MESSAGE_LENGTH); + OPENSSL_PUT_ERROR(RSA, RSA_R_INVALID_MESSAGE_LENGTH); return 0; } @@ -378,13 +399,13 @@ static int pkcs1_prefixed_msg(uint8_t **out_msg, size_t *out_msg_len, signed_msg_len = prefix_len + msg_len; if (signed_msg_len < prefix_len) { - OPENSSL_PUT_ERROR(RSA, pkcs1_prefixed_msg, RSA_R_TOO_LONG); + OPENSSL_PUT_ERROR(RSA, RSA_R_TOO_LONG); return 0; } signed_msg = OPENSSL_malloc(signed_msg_len); if (!signed_msg) { - OPENSSL_PUT_ERROR(RSA, pkcs1_prefixed_msg, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); return 0; } @@ -398,7 +419,7 @@ static int pkcs1_prefixed_msg(uint8_t **out_msg, size_t *out_msg_len, return 1; } - OPENSSL_PUT_ERROR(RSA, pkcs1_prefixed_msg, RSA_R_UNKNOWN_ALGORITHM_TYPE); + OPENSSL_PUT_ERROR(RSA, RSA_R_UNKNOWN_ALGORITHM_TYPE); return 0; } @@ -415,14 +436,14 @@ int RSA_sign(int hash_nid, const uint8_t *in, unsigned in_len, uint8_t *out, return rsa->meth->sign(hash_nid, in, in_len, out, out_len, rsa); } - if (!pkcs1_prefixed_msg(&signed_msg, &signed_msg_len, &signed_msg_is_alloced, - hash_nid, in, in_len)) { + if (!RSA_add_pkcs1_prefix(&signed_msg, &signed_msg_len, + &signed_msg_is_alloced, hash_nid, in, in_len)) { return 0; } if (rsa_size < RSA_PKCS1_PADDING_SIZE || signed_msg_len > rsa_size - RSA_PKCS1_PADDING_SIZE) { - OPENSSL_PUT_ERROR(RSA, RSA_sign, RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); + OPENSSL_PUT_ERROR(RSA, RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); goto finish; } @@ -453,18 +474,18 @@ int RSA_verify(int hash_nid, const uint8_t *msg, size_t msg_len, } if (sig_len != rsa_size) { - OPENSSL_PUT_ERROR(RSA, RSA_verify, RSA_R_WRONG_SIGNATURE_LENGTH); + OPENSSL_PUT_ERROR(RSA, RSA_R_WRONG_SIGNATURE_LENGTH); return 0; } if (hash_nid == NID_md5_sha1 && msg_len != SSL_SIG_LENGTH) { - OPENSSL_PUT_ERROR(RSA, RSA_verify, RSA_R_INVALID_MESSAGE_LENGTH); + OPENSSL_PUT_ERROR(RSA, RSA_R_INVALID_MESSAGE_LENGTH); return 0; } buf = OPENSSL_malloc(rsa_size); if (!buf) { - OPENSSL_PUT_ERROR(RSA, RSA_verify, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); return 0; } @@ -473,13 +494,13 @@ int RSA_verify(int hash_nid, const uint8_t *msg, size_t msg_len, goto out; } - if (!pkcs1_prefixed_msg(&signed_msg, &signed_msg_len, &signed_msg_is_alloced, - hash_nid, msg, msg_len)) { + if (!RSA_add_pkcs1_prefix(&signed_msg, &signed_msg_len, + &signed_msg_is_alloced, hash_nid, msg, msg_len)) { goto out; } if (len != signed_msg_len || CRYPTO_memcmp(buf, signed_msg, len) != 0) { - OPENSSL_PUT_ERROR(RSA, RSA_verify, RSA_R_BAD_SIGNATURE); + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_SIGNATURE); goto out; } @@ -509,12 +530,12 @@ int RSA_check_key(const RSA *key) { } if ((key->p != NULL) != (key->q != NULL)) { - OPENSSL_PUT_ERROR(RSA, RSA_check_key, RSA_R_ONLY_ONE_OF_P_Q_GIVEN); + OPENSSL_PUT_ERROR(RSA, RSA_R_ONLY_ONE_OF_P_Q_GIVEN); return 0; } if (!key->n || !key->e) { - OPENSSL_PUT_ERROR(RSA, RSA_check_key, RSA_R_VALUE_MISSING); + OPENSSL_PUT_ERROR(RSA, RSA_R_VALUE_MISSING); return 0; } @@ -526,7 +547,7 @@ int RSA_check_key(const RSA *key) { ctx = BN_CTX_new(); if (ctx == NULL) { - OPENSSL_PUT_ERROR(RSA, RSA_check_key, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); return 0; } @@ -540,52 +561,74 @@ int RSA_check_key(const RSA *key) { BN_init(&dmq1); BN_init(&iqmp); - if (/* n = pq */ - !BN_mul(&n, key->p, key->q, ctx) || - /* lcm = lcm(p-1, q-1) */ + if (!BN_mul(&n, key->p, key->q, ctx) || + /* lcm = lcm(prime-1, for all primes) */ !BN_sub(&pm1, key->p, BN_value_one()) || !BN_sub(&qm1, key->q, BN_value_one()) || !BN_mul(&lcm, &pm1, &qm1, ctx) || + !BN_gcd(&gcd, &pm1, &qm1, ctx)) { + OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN); + goto out; + } + + size_t num_additional_primes = 0; + if (key->additional_primes != NULL) { + num_additional_primes = sk_RSA_additional_prime_num(key->additional_primes); + } + + size_t i; + for (i = 0; i < num_additional_primes; i++) { + const RSA_additional_prime *ap = + sk_RSA_additional_prime_value(key->additional_primes, i); + if (!BN_mul(&n, &n, ap->prime, ctx) || + !BN_sub(&pm1, ap->prime, BN_value_one()) || + !BN_mul(&lcm, &lcm, &pm1, ctx) || + !BN_gcd(&gcd, &gcd, &pm1, ctx)) { + OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN); + goto out; + } + } + + if (!BN_div(&lcm, NULL, &lcm, &gcd, ctx) || !BN_gcd(&gcd, &pm1, &qm1, ctx) || - !BN_div(&lcm, NULL, &lcm, &gcd, ctx) || - /* de = d*e mod lcm(p-1, q-1) */ + /* de = d*e mod lcm(prime-1, for all primes). */ !BN_mod_mul(&de, key->d, key->e, &lcm, ctx)) { - OPENSSL_PUT_ERROR(RSA, RSA_check_key, ERR_LIB_BN); + OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN); goto out; } if (BN_cmp(&n, key->n) != 0) { - OPENSSL_PUT_ERROR(RSA, RSA_check_key, RSA_R_N_NOT_EQUAL_P_Q); + OPENSSL_PUT_ERROR(RSA, RSA_R_N_NOT_EQUAL_P_Q); goto out; } if (!BN_is_one(&de)) { - OPENSSL_PUT_ERROR(RSA, RSA_check_key, RSA_R_D_E_NOT_CONGRUENT_TO_1); + OPENSSL_PUT_ERROR(RSA, RSA_R_D_E_NOT_CONGRUENT_TO_1); goto out; } has_crt_values = key->dmp1 != NULL; if (has_crt_values != (key->dmq1 != NULL) || has_crt_values != (key->iqmp != NULL)) { - OPENSSL_PUT_ERROR(RSA, RSA_check_key, RSA_R_INCONSISTENT_SET_OF_CRT_VALUES); + OPENSSL_PUT_ERROR(RSA, RSA_R_INCONSISTENT_SET_OF_CRT_VALUES); goto out; } - if (has_crt_values) { + if (has_crt_values && num_additional_primes == 0) { if (/* dmp1 = d mod (p-1) */ !BN_mod(&dmp1, key->d, &pm1, ctx) || /* dmq1 = d mod (q-1) */ !BN_mod(&dmq1, key->d, &qm1, ctx) || /* iqmp = q^-1 mod p */ !BN_mod_inverse(&iqmp, key->q, key->p, ctx)) { - OPENSSL_PUT_ERROR(RSA, RSA_check_key, ERR_LIB_BN); + OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN); goto out; } if (BN_cmp(&dmp1, key->dmp1) != 0 || BN_cmp(&dmq1, key->dmq1) != 0 || BN_cmp(&iqmp, key->iqmp) != 0) { - OPENSSL_PUT_ERROR(RSA, RSA_check_key, RSA_R_CRT_VALUES_INCORRECT); + OPENSSL_PUT_ERROR(RSA, RSA_R_CRT_VALUES_INCORRECT); goto out; } } @@ -613,13 +656,17 @@ int RSA_recover_crt_params(RSA *rsa) { int ok = 0; if (rsa->n == NULL || rsa->e == NULL || rsa->d == NULL) { - OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, RSA_R_EMPTY_PUBLIC_KEY); + OPENSSL_PUT_ERROR(RSA, RSA_R_EMPTY_PUBLIC_KEY); return 0; } if (rsa->p || rsa->q || rsa->dmp1 || rsa->dmq1 || rsa->iqmp) { - OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, - RSA_R_CRT_PARAMS_ALREADY_GIVEN); + OPENSSL_PUT_ERROR(RSA, RSA_R_CRT_PARAMS_ALREADY_GIVEN); + return 0; + } + + if (rsa->additional_primes != NULL) { + OPENSSL_PUT_ERROR(RSA, RSA_R_CANNOT_RECOVER_MULTI_PRIME_KEY); return 0; } @@ -628,7 +675,7 @@ int RSA_recover_crt_params(RSA *rsa) { ctx = BN_CTX_new(); if (ctx == NULL) { - OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); return 0; } @@ -641,7 +688,7 @@ int RSA_recover_crt_params(RSA *rsa) { if (totient == NULL || rem == NULL || multiple == NULL || p_plus_q == NULL || p_minus_q == NULL) { - OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); goto err; } @@ -669,12 +716,12 @@ int RSA_recover_crt_params(RSA *rsa) { !BN_div(multiple, NULL, totient, rsa->n, ctx) || !BN_add_word(multiple, 1) || !BN_div(totient, rem, totient, multiple, ctx)) { - OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(RSA, ERR_R_BN_LIB); goto err; } if (!BN_is_zero(rem)) { - OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, RSA_R_BAD_RSA_PARAMETERS); + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_RSA_PARAMETERS); goto err; } @@ -685,7 +732,7 @@ int RSA_recover_crt_params(RSA *rsa) { rsa->iqmp = BN_new(); if (rsa->p == NULL || rsa->q == NULL || rsa->dmp1 == NULL || rsa->dmq1 == NULL || rsa->iqmp == NULL) { - OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); goto err; } @@ -703,12 +750,12 @@ int RSA_recover_crt_params(RSA *rsa) { !BN_rshift1(rsa->q, rsa->q) || !BN_div(rsa->p, NULL, rsa->n, rsa->q, ctx) || !BN_mul(multiple, rsa->p, rsa->q, ctx)) { - OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(RSA, ERR_R_BN_LIB); goto err; } if (BN_cmp(multiple, rsa->n) != 0) { - OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, RSA_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(RSA, RSA_R_INTERNAL_ERROR); goto err; } @@ -717,7 +764,7 @@ int RSA_recover_crt_params(RSA *rsa) { !BN_sub(rem, rsa->q, BN_value_one()) || !BN_mod(rsa->dmq1, rsa->d, rem, ctx) || !BN_mod_inverse(rsa->iqmp, rsa->q, rsa->p, ctx)) { - OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(RSA, ERR_R_BN_LIB); goto err; } diff --git a/src/crypto/rsa/rsa_asn1.c b/src/crypto/rsa/rsa_asn1.c index 924cb8a..e3756ba 100644 --- a/src/crypto/rsa/rsa_asn1.c +++ b/src/crypto/rsa/rsa_asn1.c @@ -55,45 +55,384 @@ #include +#include +#include +#include + #include #include +#include +#include +#include +#include #include "internal.h" -/* Override the default free and new methods */ -static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, - void *exarg) { - if (operation == ASN1_OP_NEW_PRE) { - *pval = (ASN1_VALUE *)RSA_new(); - if (*pval) { - return 2; +static int parse_integer_buggy(CBS *cbs, BIGNUM **out, int buggy) { + assert(*out == NULL); + *out = BN_new(); + if (*out == NULL) { + return 0; + } + if (buggy) { + return BN_cbs2unsigned_buggy(cbs, *out); + } + return BN_cbs2unsigned(cbs, *out); +} + +static int parse_integer(CBS *cbs, BIGNUM **out) { + return parse_integer_buggy(cbs, out, 0 /* not buggy */); +} + +static int marshal_integer(CBB *cbb, BIGNUM *bn) { + if (bn == NULL) { + /* An RSA object may be missing some components. */ + OPENSSL_PUT_ERROR(RSA, RSA_R_VALUE_MISSING); + return 0; + } + return BN_bn2cbb(cbb, bn); +} + +static RSA *parse_public_key(CBS *cbs, int buggy) { + RSA *ret = RSA_new(); + if (ret == NULL) { + return NULL; + } + CBS child; + if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) || + !parse_integer_buggy(&child, &ret->n, buggy) || + !parse_integer(&child, &ret->e) || + CBS_len(&child) != 0) { + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_ENCODING); + RSA_free(ret); + return NULL; + } + return ret; +} + +RSA *RSA_parse_public_key(CBS *cbs) { + return parse_public_key(cbs, 0 /* not buggy */); +} + +RSA *RSA_parse_public_key_buggy(CBS *cbs) { + /* Estonian IDs issued between September 2014 to September 2015 are + * broken. See https://crbug.com/532048 and https://crbug.com/534766. + * + * TODO(davidben): Remove this code and callers in March 2016. */ + return parse_public_key(cbs, 1 /* buggy */); +} + +RSA *RSA_public_key_from_bytes(const uint8_t *in, size_t in_len) { + CBS cbs; + CBS_init(&cbs, in, in_len); + RSA *ret = RSA_parse_public_key(&cbs); + if (ret == NULL || CBS_len(&cbs) != 0) { + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_ENCODING); + RSA_free(ret); + return NULL; + } + return ret; +} + +int RSA_marshal_public_key(CBB *cbb, const RSA *rsa) { + CBB child; + if (!CBB_add_asn1(cbb, &child, CBS_ASN1_SEQUENCE) || + !marshal_integer(&child, rsa->n) || + !marshal_integer(&child, rsa->e) || + !CBB_flush(cbb)) { + OPENSSL_PUT_ERROR(RSA, RSA_R_ENCODE_ERROR); + return 0; + } + return 1; +} + +int RSA_public_key_to_bytes(uint8_t **out_bytes, size_t *out_len, + const RSA *rsa) { + CBB cbb; + CBB_zero(&cbb); + if (!CBB_init(&cbb, 0) || + !RSA_marshal_public_key(&cbb, rsa) || + !CBB_finish(&cbb, out_bytes, out_len)) { + OPENSSL_PUT_ERROR(RSA, RSA_R_ENCODE_ERROR); + CBB_cleanup(&cbb); + return 0; + } + return 1; +} + +/* kVersionTwoPrime and kVersionMulti are the supported values of the version + * field of an RSAPrivateKey structure (RFC 3447). */ +static const uint64_t kVersionTwoPrime = 0; +static const uint64_t kVersionMulti = 1; + +/* rsa_parse_additional_prime parses a DER-encoded OtherPrimeInfo from |cbs| and + * advances |cbs|. It returns a newly-allocated |RSA_additional_prime| on + * success or NULL on error. The |r| and |method_mod| fields of the result are + * set to NULL. */ +static RSA_additional_prime *rsa_parse_additional_prime(CBS *cbs) { + RSA_additional_prime *ret = OPENSSL_malloc(sizeof(RSA_additional_prime)); + if (ret == NULL) { + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + return 0; + } + memset(ret, 0, sizeof(RSA_additional_prime)); + + CBS child; + if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) || + !parse_integer(&child, &ret->prime) || + !parse_integer(&child, &ret->exp) || + !parse_integer(&child, &ret->coeff) || + CBS_len(&child) != 0) { + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_ENCODING); + RSA_additional_prime_free(ret); + return NULL; + } + + return ret; +} + +RSA *RSA_parse_private_key(CBS *cbs) { + BN_CTX *ctx = NULL; + BIGNUM *product_of_primes_so_far = NULL; + RSA *ret = RSA_new(); + if (ret == NULL) { + return NULL; + } + + CBS child; + uint64_t version; + if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) || + !CBS_get_asn1_uint64(&child, &version) || + (version != kVersionTwoPrime && version != kVersionMulti) || + !parse_integer(&child, &ret->n) || + !parse_integer(&child, &ret->e) || + !parse_integer(&child, &ret->d) || + !parse_integer(&child, &ret->p) || + !parse_integer(&child, &ret->q) || + !parse_integer(&child, &ret->dmp1) || + !parse_integer(&child, &ret->dmq1) || + !parse_integer(&child, &ret->iqmp)) { + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_VERSION); + goto err; + } + + /* Multi-prime RSA requires a newer version. */ + if (version == kVersionMulti && + CBS_peek_asn1_tag(&child, CBS_ASN1_SEQUENCE)) { + CBS other_prime_infos; + if (!CBS_get_asn1(&child, &other_prime_infos, CBS_ASN1_SEQUENCE) || + CBS_len(&other_prime_infos) == 0) { + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_ENCODING); + goto err; + } + ret->additional_primes = sk_RSA_additional_prime_new_null(); + if (ret->additional_primes == NULL) { + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + goto err; + } + + ctx = BN_CTX_new(); + product_of_primes_so_far = BN_new(); + if (ctx == NULL || + product_of_primes_so_far == NULL || + !BN_mul(product_of_primes_so_far, ret->p, ret->q, ctx)) { + goto err; + } + + while (CBS_len(&other_prime_infos) > 0) { + RSA_additional_prime *ap = rsa_parse_additional_prime(&other_prime_infos); + if (ap == NULL) { + goto err; + } + if (!sk_RSA_additional_prime_push(ret->additional_primes, ap)) { + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + RSA_additional_prime_free(ap); + goto err; + } + ap->r = BN_dup(product_of_primes_so_far); + if (ap->r == NULL || + !BN_mul(product_of_primes_so_far, product_of_primes_so_far, + ap->prime, ctx)) { + goto err; + } } + } + + if (CBS_len(&child) != 0) { + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_ENCODING); + goto err; + } + + BN_CTX_free(ctx); + BN_free(product_of_primes_so_far); + return ret; + +err: + BN_CTX_free(ctx); + BN_free(product_of_primes_so_far); + RSA_free(ret); + return NULL; +} + +RSA *RSA_private_key_from_bytes(const uint8_t *in, size_t in_len) { + CBS cbs; + CBS_init(&cbs, in, in_len); + RSA *ret = RSA_parse_private_key(&cbs); + if (ret == NULL || CBS_len(&cbs) != 0) { + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_ENCODING); + RSA_free(ret); + return NULL; + } + return ret; +} + +int RSA_marshal_private_key(CBB *cbb, const RSA *rsa) { + const int is_multiprime = + sk_RSA_additional_prime_num(rsa->additional_primes) > 0; + + CBB child; + if (!CBB_add_asn1(cbb, &child, CBS_ASN1_SEQUENCE) || + !CBB_add_asn1_uint64(&child, + is_multiprime ? kVersionMulti : kVersionTwoPrime) || + !marshal_integer(&child, rsa->n) || + !marshal_integer(&child, rsa->e) || + !marshal_integer(&child, rsa->d) || + !marshal_integer(&child, rsa->p) || + !marshal_integer(&child, rsa->q) || + !marshal_integer(&child, rsa->dmp1) || + !marshal_integer(&child, rsa->dmq1) || + !marshal_integer(&child, rsa->iqmp)) { + OPENSSL_PUT_ERROR(RSA, RSA_R_ENCODE_ERROR); + return 0; + } + + if (is_multiprime) { + CBB other_prime_infos; + if (!CBB_add_asn1(&child, &other_prime_infos, CBS_ASN1_SEQUENCE)) { + OPENSSL_PUT_ERROR(RSA, RSA_R_ENCODE_ERROR); + return 0; + } + size_t i; + for (i = 0; i < sk_RSA_additional_prime_num(rsa->additional_primes); i++) { + RSA_additional_prime *ap = + sk_RSA_additional_prime_value(rsa->additional_primes, i); + CBB other_prime_info; + if (!CBB_add_asn1(&other_prime_infos, &other_prime_info, + CBS_ASN1_SEQUENCE) || + !marshal_integer(&other_prime_info, ap->prime) || + !marshal_integer(&other_prime_info, ap->exp) || + !marshal_integer(&other_prime_info, ap->coeff)) { + OPENSSL_PUT_ERROR(RSA, RSA_R_ENCODE_ERROR); + return 0; + } + } + } + + if (!CBB_flush(cbb)) { + OPENSSL_PUT_ERROR(RSA, RSA_R_ENCODE_ERROR); return 0; - } else if (operation == ASN1_OP_FREE_PRE) { - RSA_free((RSA *)*pval); - *pval = NULL; - return 2; } return 1; } -ASN1_SEQUENCE_cb(RSAPrivateKey, rsa_cb) = { - ASN1_SIMPLE(RSA, version, LONG), - ASN1_SIMPLE(RSA, n, BIGNUM), - ASN1_SIMPLE(RSA, e, BIGNUM), - ASN1_SIMPLE(RSA, d, BIGNUM), - ASN1_SIMPLE(RSA, p, BIGNUM), - ASN1_SIMPLE(RSA, q, BIGNUM), - ASN1_SIMPLE(RSA, dmp1, BIGNUM), - ASN1_SIMPLE(RSA, dmq1, BIGNUM), - ASN1_SIMPLE(RSA, iqmp, BIGNUM), -} ASN1_SEQUENCE_END_cb(RSA, RSAPrivateKey); +int RSA_private_key_to_bytes(uint8_t **out_bytes, size_t *out_len, + const RSA *rsa) { + CBB cbb; + CBB_zero(&cbb); + if (!CBB_init(&cbb, 0) || + !RSA_marshal_private_key(&cbb, rsa) || + !CBB_finish(&cbb, out_bytes, out_len)) { + OPENSSL_PUT_ERROR(RSA, RSA_R_ENCODE_ERROR); + CBB_cleanup(&cbb); + return 0; + } + return 1; +} -ASN1_SEQUENCE_cb(RSAPublicKey, rsa_cb) = { - ASN1_SIMPLE(RSA, n, BIGNUM), - ASN1_SIMPLE(RSA, e, BIGNUM), -} ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey); +RSA *d2i_RSAPublicKey(RSA **out, const uint8_t **inp, long len) { + if (len < 0) { + return NULL; + } + CBS cbs; + CBS_init(&cbs, *inp, (size_t)len); + RSA *ret = RSA_parse_public_key(&cbs); + if (ret == NULL) { + return NULL; + } + if (out != NULL) { + RSA_free(*out); + *out = ret; + } + *inp += (size_t)len - CBS_len(&cbs); + return ret; +} + +int i2d_RSAPublicKey(const RSA *in, uint8_t **outp) { + uint8_t *der; + size_t der_len; + if (!RSA_public_key_to_bytes(&der, &der_len, in)) { + return -1; + } + if (der_len > INT_MAX) { + OPENSSL_PUT_ERROR(RSA, ERR_R_OVERFLOW); + OPENSSL_free(der); + return -1; + } + if (outp != NULL) { + if (*outp == NULL) { + *outp = der; + der = NULL; + } else { + memcpy(*outp, der, der_len); + *outp += der_len; + } + } + OPENSSL_free(der); + return (int)der_len; +} + +RSA *d2i_RSAPrivateKey(RSA **out, const uint8_t **inp, long len) { + if (len < 0) { + return NULL; + } + CBS cbs; + CBS_init(&cbs, *inp, (size_t)len); + RSA *ret = RSA_parse_private_key(&cbs); + if (ret == NULL) { + return NULL; + } + if (out != NULL) { + RSA_free(*out); + *out = ret; + } + *inp += (size_t)len - CBS_len(&cbs); + return ret; +} + +int i2d_RSAPrivateKey(const RSA *in, uint8_t **outp) { + uint8_t *der; + size_t der_len; + if (!RSA_private_key_to_bytes(&der, &der_len, in)) { + return -1; + } + if (der_len > INT_MAX) { + OPENSSL_PUT_ERROR(RSA, ERR_R_OVERFLOW); + OPENSSL_free(der); + return -1; + } + if (outp != NULL) { + if (*outp == NULL) { + *outp = der; + der = NULL; + } else { + memcpy(*outp, der, der_len); + *outp += der_len; + } + } + OPENSSL_free(der); + return (int)der_len; +} ASN1_SEQUENCE(RSA_PSS_PARAMS) = { ASN1_EXP_OPT(RSA_PSS_PARAMS, hashAlgorithm, X509_ALGOR,0), @@ -104,22 +443,24 @@ ASN1_SEQUENCE(RSA_PSS_PARAMS) = { IMPLEMENT_ASN1_FUNCTIONS(RSA_PSS_PARAMS); -ASN1_SEQUENCE(RSA_OAEP_PARAMS) = { - ASN1_EXP_OPT(RSA_OAEP_PARAMS, hashFunc, X509_ALGOR, 0), - ASN1_EXP_OPT(RSA_OAEP_PARAMS, maskGenFunc, X509_ALGOR, 1), - ASN1_EXP_OPT(RSA_OAEP_PARAMS, pSourceFunc, X509_ALGOR, 2), -} ASN1_SEQUENCE_END(RSA_OAEP_PARAMS); - -IMPLEMENT_ASN1_FUNCTIONS(RSA_OAEP_PARAMS); - -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPrivateKey, RSAPrivateKey); - -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPublicKey, RSAPublicKey); - RSA *RSAPublicKey_dup(const RSA *rsa) { - return ASN1_item_dup(ASN1_ITEM_rptr(RSAPublicKey), (RSA *) rsa); + uint8_t *der; + size_t der_len; + if (!RSA_public_key_to_bytes(&der, &der_len, rsa)) { + return NULL; + } + RSA *ret = RSA_public_key_from_bytes(der, der_len); + OPENSSL_free(der); + return ret; } RSA *RSAPrivateKey_dup(const RSA *rsa) { - return ASN1_item_dup(ASN1_ITEM_rptr(RSAPrivateKey), (RSA *) rsa); + uint8_t *der; + size_t der_len; + if (!RSA_private_key_to_bytes(&der, &der_len, rsa)) { + return NULL; + } + RSA *ret = RSA_private_key_from_bytes(der, der_len); + OPENSSL_free(der); + return ret; } diff --git a/src/crypto/rsa/rsa_impl.c b/src/crypto/rsa/rsa_impl.c index e14f0f5..eb4a36f 100644 --- a/src/crypto/rsa/rsa_impl.c +++ b/src/crypto/rsa/rsa_impl.c @@ -78,6 +78,15 @@ static int finish(RSA *rsa) { BN_MONT_CTX_free(rsa->_method_mod_p); BN_MONT_CTX_free(rsa->_method_mod_q); + if (rsa->additional_primes != NULL) { + size_t i; + for (i = 0; i < sk_RSA_additional_prime_num(rsa->additional_primes); i++) { + RSA_additional_prime *ap = + sk_RSA_additional_prime_value(rsa->additional_primes, i); + BN_MONT_CTX_free(ap->method_mod); + } + } + return 1; } @@ -94,24 +103,24 @@ static int encrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, int i, ret = 0; if (rsa_size > OPENSSL_RSA_MAX_MODULUS_BITS) { - OPENSSL_PUT_ERROR(RSA, encrypt, RSA_R_MODULUS_TOO_LARGE); + OPENSSL_PUT_ERROR(RSA, RSA_R_MODULUS_TOO_LARGE); return 0; } if (max_out < rsa_size) { - OPENSSL_PUT_ERROR(RSA, encrypt, RSA_R_OUTPUT_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_R_OUTPUT_BUFFER_TOO_SMALL); return 0; } if (BN_ucmp(rsa->n, rsa->e) <= 0) { - OPENSSL_PUT_ERROR(RSA, encrypt, RSA_R_BAD_E_VALUE); + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_E_VALUE); return 0; } /* for large moduli, enforce exponent limit */ if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS && BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) { - OPENSSL_PUT_ERROR(RSA, encrypt, RSA_R_BAD_E_VALUE); + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_E_VALUE); return 0; } @@ -125,7 +134,7 @@ static int encrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, result = BN_CTX_get(ctx); buf = OPENSSL_malloc(rsa_size); if (!f || !result || !buf) { - OPENSSL_PUT_ERROR(RSA, encrypt, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); goto err; } @@ -142,7 +151,7 @@ static int encrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, i = RSA_padding_add_none(buf, rsa_size, in, in_len); break; default: - OPENSSL_PUT_ERROR(RSA, encrypt, RSA_R_UNKNOWN_PADDING_TYPE); + OPENSSL_PUT_ERROR(RSA, RSA_R_UNKNOWN_PADDING_TYPE); goto err; } @@ -156,7 +165,7 @@ static int encrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, if (BN_ucmp(f, rsa->n) >= 0) { /* usually the padding functions would catch this */ - OPENSSL_PUT_ERROR(RSA, encrypt, RSA_R_DATA_TOO_LARGE_FOR_MODULUS); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_MODULUS); goto err; } @@ -175,7 +184,7 @@ static int encrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, /* put in leading 0 bytes if the number is less than the length of the * modulus */ if (!BN_bn2bin_padded(out, rsa_size, result)) { - OPENSSL_PUT_ERROR(RSA, encrypt, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR); goto err; } @@ -309,13 +318,13 @@ static int sign_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, int i, ret = 0; if (max_out < rsa_size) { - OPENSSL_PUT_ERROR(RSA, sign_raw, RSA_R_OUTPUT_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_R_OUTPUT_BUFFER_TOO_SMALL); return 0; } buf = OPENSSL_malloc(rsa_size); if (buf == NULL) { - OPENSSL_PUT_ERROR(RSA, sign_raw, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); goto err; } @@ -327,7 +336,7 @@ static int sign_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, i = RSA_padding_add_none(buf, rsa_size, in, in_len); break; default: - OPENSSL_PUT_ERROR(RSA, sign_raw, RSA_R_UNKNOWN_PADDING_TYPE); + OPENSSL_PUT_ERROR(RSA, RSA_R_UNKNOWN_PADDING_TYPE); goto err; } @@ -359,18 +368,23 @@ static int decrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, int ret = 0; if (max_out < rsa_size) { - OPENSSL_PUT_ERROR(RSA, decrypt, RSA_R_OUTPUT_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_R_OUTPUT_BUFFER_TOO_SMALL); return 0; } - buf = OPENSSL_malloc(rsa_size); - if (buf == NULL) { - OPENSSL_PUT_ERROR(RSA, decrypt, ERR_R_MALLOC_FAILURE); - goto err; + if (padding == RSA_NO_PADDING) { + buf = out; + } else { + /* Allocate a temporary buffer to hold the padded plaintext. */ + buf = OPENSSL_malloc(rsa_size); + if (buf == NULL) { + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + goto err; + } } if (in_len != rsa_size) { - OPENSSL_PUT_ERROR(RSA, decrypt, RSA_R_DATA_LEN_NOT_EQUAL_TO_MOD_LEN); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_LEN_NOT_EQUAL_TO_MOD_LEN); goto err; } @@ -388,22 +402,22 @@ static int decrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, NULL, 0, NULL, NULL); break; case RSA_NO_PADDING: - r = RSA_padding_check_none(out, rsa_size, buf, rsa_size); + r = rsa_size; break; default: - OPENSSL_PUT_ERROR(RSA, decrypt, RSA_R_UNKNOWN_PADDING_TYPE); + OPENSSL_PUT_ERROR(RSA, RSA_R_UNKNOWN_PADDING_TYPE); goto err; } if (r < 0) { - OPENSSL_PUT_ERROR(RSA, decrypt, RSA_R_PADDING_CHECK_FAILED); + OPENSSL_PUT_ERROR(RSA, RSA_R_PADDING_CHECK_FAILED); } else { *out_len = r; ret = 1; } err: - if (buf != NULL) { + if (padding != RSA_NO_PADDING && buf != NULL) { OPENSSL_cleanse(buf, rsa_size); OPENSSL_free(buf); } @@ -421,24 +435,24 @@ static int verify_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, BN_CTX *ctx = NULL; if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) { - OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_MODULUS_TOO_LARGE); + OPENSSL_PUT_ERROR(RSA, RSA_R_MODULUS_TOO_LARGE); return 0; } if (BN_ucmp(rsa->n, rsa->e) <= 0) { - OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_BAD_E_VALUE); + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_E_VALUE); return 0; } if (max_out < rsa_size) { - OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_OUTPUT_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_R_OUTPUT_BUFFER_TOO_SMALL); return 0; } /* for large moduli, enforce exponent limit */ if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS && BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) { - OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_BAD_E_VALUE); + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_E_VALUE); return 0; } @@ -450,14 +464,23 @@ static int verify_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, BN_CTX_start(ctx); f = BN_CTX_get(ctx); result = BN_CTX_get(ctx); - buf = OPENSSL_malloc(rsa_size); - if (!f || !result || !buf) { - OPENSSL_PUT_ERROR(RSA, verify_raw, ERR_R_MALLOC_FAILURE); + if (padding == RSA_NO_PADDING) { + buf = out; + } else { + /* Allocate a temporary buffer to hold the padded plaintext. */ + buf = OPENSSL_malloc(rsa_size); + if (buf == NULL) { + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + goto err; + } + } + if (!f || !result) { + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); goto err; } if (in_len != rsa_size) { - OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_DATA_LEN_NOT_EQUAL_TO_MOD_LEN); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_LEN_NOT_EQUAL_TO_MOD_LEN); goto err; } @@ -466,7 +489,7 @@ static int verify_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, } if (BN_ucmp(f, rsa->n) >= 0) { - OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_DATA_TOO_LARGE_FOR_MODULUS); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_MODULUS); goto err; } @@ -483,7 +506,7 @@ static int verify_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, } if (!BN_bn2bin_padded(buf, rsa_size, result)) { - OPENSSL_PUT_ERROR(RSA, verify_raw, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR); goto err; } @@ -492,15 +515,15 @@ static int verify_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, r = RSA_padding_check_PKCS1_type_1(out, rsa_size, buf, rsa_size); break; case RSA_NO_PADDING: - r = RSA_padding_check_none(out, rsa_size, buf, rsa_size); + r = rsa_size; break; default: - OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_UNKNOWN_PADDING_TYPE); + OPENSSL_PUT_ERROR(RSA, RSA_R_UNKNOWN_PADDING_TYPE); goto err; } if (r < 0) { - OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_PADDING_CHECK_FAILED); + OPENSSL_PUT_ERROR(RSA, RSA_R_PADDING_CHECK_FAILED); } else { *out_len = r; ret = 1; @@ -511,7 +534,7 @@ err: BN_CTX_end(ctx); BN_CTX_free(ctx); } - if (buf != NULL) { + if (padding != RSA_NO_PADDING && buf != NULL) { OPENSSL_cleanse(buf, rsa_size); OPENSSL_free(buf); } @@ -535,7 +558,7 @@ static int private_transform(RSA *rsa, uint8_t *out, const uint8_t *in, result = BN_CTX_get(ctx); if (f == NULL || result == NULL) { - OPENSSL_PUT_ERROR(RSA, private_transform, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); goto err; } @@ -545,14 +568,14 @@ static int private_transform(RSA *rsa, uint8_t *out, const uint8_t *in, if (BN_ucmp(f, rsa->n) >= 0) { /* Usually the padding functions would catch this. */ - OPENSSL_PUT_ERROR(RSA, private_transform, RSA_R_DATA_TOO_LARGE_FOR_MODULUS); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_MODULUS); goto err; } if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) { blinding = rsa_blinding_get(rsa, &blinding_index, ctx); if (blinding == NULL) { - OPENSSL_PUT_ERROR(RSA, private_transform, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR); goto err; } if (!BN_BLINDING_convert_ex(f, NULL, blinding, ctx)) { @@ -593,7 +616,7 @@ static int private_transform(RSA *rsa, uint8_t *out, const uint8_t *in, } if (!BN_bn2bin_padded(out, len, result)) { - OPENSSL_PUT_ERROR(RSA, private_transform, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR); goto err; } @@ -616,6 +639,11 @@ static int mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) { BIGNUM local_dmp1, local_dmq1, local_c, local_r1; BIGNUM *dmp1, *dmq1, *c, *pr1; int ret = 0; + size_t i, num_additional_primes = 0; + + if (rsa->additional_primes != NULL) { + num_additional_primes = sk_RSA_additional_prime_num(rsa->additional_primes); + } BN_CTX_start(ctx); r1 = BN_CTX_get(ctx); @@ -724,6 +752,42 @@ static int mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) { goto err; } + for (i = 0; i < num_additional_primes; i++) { + /* multi-prime RSA. */ + BIGNUM local_exp, local_prime; + BIGNUM *exp = &local_exp, *prime = &local_prime; + RSA_additional_prime *ap = + sk_RSA_additional_prime_value(rsa->additional_primes, i); + + BN_with_flags(exp, ap->exp, BN_FLG_CONSTTIME); + BN_with_flags(prime, ap->prime, BN_FLG_CONSTTIME); + + /* c will already point to a BIGNUM with the correct flags. */ + if (!BN_mod(r1, c, prime, ctx)) { + goto err; + } + + if ((rsa->flags & RSA_FLAG_CACHE_PRIVATE) && + !BN_MONT_CTX_set_locked(&ap->method_mod, &rsa->lock, prime, ctx)) { + goto err; + } + + if (!rsa->meth->bn_mod_exp(m1, r1, exp, prime, ctx, ap->method_mod)) { + goto err; + } + + BN_set_flags(m1, BN_FLG_CONSTTIME); + + if (!BN_sub(m1, m1, r0) || + !BN_mul(m1, m1, ap->coeff, ctx) || + !BN_mod(m1, m1, prime, ctx) || + (BN_is_negative(m1) && !BN_add(m1, m1, prime)) || + !BN_mul(m1, m1, ap->r, ctx) || + !BN_add(r0, r0, m1)) { + goto err; + } + } + if (rsa->e && rsa->n) { if (!rsa->meth->bn_mod_exp(vrfy, r0, rsa->e, rsa->n, ctx, rsa->_method_mod_n)) { @@ -766,12 +830,20 @@ err: return ret; } -static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { +static int keygen_multiprime(RSA *rsa, int bits, int num_primes, + BIGNUM *e_value, BN_GENCB *cb) { BIGNUM *r0 = NULL, *r1 = NULL, *r2 = NULL, *r3 = NULL, *tmp; BIGNUM local_r0, local_d, local_p; BIGNUM *pr0, *d, *p; - int bitsp, bitsq, ok = -1, n = 0; + int prime_bits, ok = -1, n = 0, i, j; BN_CTX *ctx = NULL; + STACK_OF(RSA_additional_prime) *additional_primes = NULL; + + if (num_primes < 2) { + ok = 0; /* we set our own err */ + OPENSSL_PUT_ERROR(RSA, RSA_R_MUST_HAVE_AT_LEAST_TWO_PRIMES); + goto err; + } ctx = BN_CTX_new(); if (ctx == NULL) { @@ -782,12 +854,36 @@ static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { r1 = BN_CTX_get(ctx); r2 = BN_CTX_get(ctx); r3 = BN_CTX_get(ctx); - if (r3 == NULL) { + if (r0 == NULL || r1 == NULL || r2 == NULL || r3 == NULL) { goto err; } - bitsp = (bits + 1) / 2; - bitsq = bits - bitsp; + if (num_primes > 2) { + additional_primes = sk_RSA_additional_prime_new_null(); + if (additional_primes == NULL) { + goto err; + } + } + + for (i = 2; i < num_primes; i++) { + RSA_additional_prime *ap = OPENSSL_malloc(sizeof(RSA_additional_prime)); + if (ap == NULL) { + goto err; + } + memset(ap, 0, sizeof(RSA_additional_prime)); + ap->prime = BN_new(); + ap->exp = BN_new(); + ap->coeff = BN_new(); + ap->r = BN_new(); + if (ap->prime == NULL || + ap->exp == NULL || + ap->coeff == NULL || + ap->r == NULL || + !sk_RSA_additional_prime_push(additional_primes, ap)) { + RSA_additional_prime_free(ap); + goto err; + } + } /* We need the RSA components non-NULL */ if (!rsa->n && ((rsa->n = BN_new()) == NULL)) { @@ -815,11 +911,14 @@ static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { goto err; } - BN_copy(rsa->e, e_value); + if (!BN_copy(rsa->e, e_value)) { + goto err; + } /* generate p and q */ + prime_bits = (bits + (num_primes - 1)) / num_primes; for (;;) { - if (!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb) || + if (!BN_generate_prime_ex(rsa->p, prime_bits, 0, NULL, NULL, cb) || !BN_sub(r2, rsa->p, BN_value_one()) || !BN_gcd(r1, r2, rsa->e, ctx)) { goto err; @@ -834,19 +933,20 @@ static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { if (!BN_GENCB_call(cb, 3, 0)) { goto err; } + prime_bits = ((bits - prime_bits) + (num_primes - 2)) / (num_primes - 1); for (;;) { /* When generating ridiculously small keys, we can get stuck * continually regenerating the same prime values. Check for * this and bail if it happens 3 times. */ unsigned int degenerate = 0; do { - if (!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb)) { + if (!BN_generate_prime_ex(rsa->q, prime_bits, 0, NULL, NULL, cb)) { goto err; } } while ((BN_cmp(rsa->p, rsa->q) == 0) && (++degenerate < 3)); if (degenerate == 3) { ok = 0; /* we set our own err */ - OPENSSL_PUT_ERROR(RSA, keygen, RSA_R_KEY_SIZE_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_R_KEY_SIZE_TOO_SMALL); goto err; } if (!BN_sub(r2, rsa->q, BN_value_one()) || @@ -860,20 +960,91 @@ static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { goto err; } } - if (!BN_GENCB_call(cb, 3, 1)) { + + if (!BN_GENCB_call(cb, 3, 1) || + !BN_mul(rsa->n, rsa->p, rsa->q, ctx)) { goto err; } + + for (i = 2; i < num_primes; i++) { + RSA_additional_prime *ap = + sk_RSA_additional_prime_value(additional_primes, i - 2); + prime_bits = ((bits - BN_num_bits(rsa->n)) + (num_primes - (i + 1))) / + (num_primes - i); + + for (;;) { + if (!BN_generate_prime_ex(ap->prime, prime_bits, 0, NULL, NULL, cb)) { + goto err; + } + if (BN_cmp(rsa->p, ap->prime) == 0 || + BN_cmp(rsa->q, ap->prime) == 0) { + continue; + } + + for (j = 0; j < i - 2; j++) { + if (BN_cmp(sk_RSA_additional_prime_value(additional_primes, j)->prime, + ap->prime) == 0) { + break; + } + } + if (j != i - 2) { + continue; + } + + if (!BN_sub(r2, ap->prime, BN_value_one()) || + !BN_gcd(r1, r2, rsa->e, ctx)) { + goto err; + } + + if (!BN_is_one(r1)) { + continue; + } + if (i != num_primes - 1) { + break; + } + + /* For the last prime we'll check that it makes n large enough. In the + * two prime case this isn't a problem because we generate primes with + * the top two bits set and so the product is always of the expected + * size. In the multi prime case, this doesn't follow. */ + if (!BN_mul(r1, rsa->n, ap->prime, ctx)) { + goto err; + } + if (BN_num_bits(r1) == bits) { + break; + } + + if (!BN_GENCB_call(cb, 2, n++)) { + goto err; + } + } + + /* ap->r is is the product of all the primes prior to the current one + * (including p and q). */ + if (!BN_copy(ap->r, rsa->n)) { + goto err; + } + if (i == num_primes - 1) { + /* In the case of the last prime, we calculated n as |r1| in the loop + * above. */ + if (!BN_copy(rsa->n, r1)) { + goto err; + } + } else if (!BN_mul(rsa->n, rsa->n, ap->prime, ctx)) { + goto err; + } + + if (!BN_GENCB_call(cb, 3, 1)) { + goto err; + } + } + if (BN_cmp(rsa->p, rsa->q) < 0) { tmp = rsa->p; rsa->p = rsa->q; rsa->q = tmp; } - /* calculate n */ - if (!BN_mul(rsa->n, rsa->p, rsa->q, ctx)) { - goto err; - } - /* calculate d */ if (!BN_sub(r1, rsa->p, BN_value_one())) { goto err; /* p-1 */ @@ -884,6 +1055,14 @@ static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { if (!BN_mul(r0, r1, r2, ctx)) { goto err; /* (p-1)(q-1) */ } + for (i = 2; i < num_primes; i++) { + RSA_additional_prime *ap = + sk_RSA_additional_prime_value(additional_primes, i - 2); + if (!BN_sub(r3, ap->prime, BN_value_one()) || + !BN_mul(r0, r0, r3, ctx)) { + goto err; + } + } pr0 = &local_r0; BN_with_flags(pr0, r0, BN_FLG_CONSTTIME); if (!BN_mod_inverse(rsa->d, rsa->e, pr0, ctx)) { @@ -912,21 +1091,38 @@ static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { goto err; } + for (i = 2; i < num_primes; i++) { + RSA_additional_prime *ap = + sk_RSA_additional_prime_value(additional_primes, i - 2); + if (!BN_sub(ap->exp, ap->prime, BN_value_one()) || + !BN_mod(ap->exp, rsa->d, ap->exp, ctx) || + !BN_mod_inverse(ap->coeff, ap->r, ap->prime, ctx)) { + goto err; + } + } + ok = 1; + rsa->additional_primes = additional_primes; + additional_primes = NULL; err: if (ok == -1) { - OPENSSL_PUT_ERROR(RSA, keygen, ERR_LIB_BN); + OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN); ok = 0; } if (ctx != NULL) { BN_CTX_end(ctx); BN_CTX_free(ctx); } - + sk_RSA_additional_prime_pop_free(additional_primes, + RSA_additional_prime_free); return ok; } +static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { + return keygen_multiprime(rsa, bits, 2 /* num primes */, e_value, cb); +} + const struct rsa_meth_st RSA_default_method = { { 0 /* references */, @@ -955,4 +1151,7 @@ const struct rsa_meth_st RSA_default_method = { RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE, keygen, + keygen_multiprime, + + NULL /* supports_digest */, }; diff --git a/src/crypto/rsa/rsa_test.c b/src/crypto/rsa/rsa_test.c deleted file mode 100644 index 318cf3f..0000000 --- a/src/crypto/rsa/rsa_test.c +++ /dev/null @@ -1,511 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#include - -#include -#include - -#include -#include -#include -#include - - -#define SetKey \ - key->n = BN_bin2bn(n, sizeof(n) - 1, key->n); \ - key->e = BN_bin2bn(e, sizeof(e) - 1, key->e); \ - key->d = BN_bin2bn(d, sizeof(d) - 1, key->d); \ - key->p = BN_bin2bn(p, sizeof(p) - 1, key->p); \ - key->q = BN_bin2bn(q, sizeof(q) - 1, key->q); \ - key->dmp1 = BN_bin2bn(dmp1, sizeof(dmp1) - 1, key->dmp1); \ - key->dmq1 = BN_bin2bn(dmq1, sizeof(dmq1) - 1, key->dmq1); \ - key->iqmp = BN_bin2bn(iqmp, sizeof(iqmp) - 1, key->iqmp); \ - memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \ - return (sizeof(ctext_ex) - 1); - -static int key1(RSA *key, unsigned char *c) { - static unsigned char n[] = - "\x00\xAA\x36\xAB\xCE\x88\xAC\xFD\xFF\x55\x52\x3C\x7F\xC4\x52\x3F" - "\x90\xEF\xA0\x0D\xF3\x77\x4A\x25\x9F\x2E\x62\xB4\xC5\xD9\x9C\xB5" - "\xAD\xB3\x00\xA0\x28\x5E\x53\x01\x93\x0E\x0C\x70\xFB\x68\x76\x93" - "\x9C\xE6\x16\xCE\x62\x4A\x11\xE0\x08\x6D\x34\x1E\xBC\xAC\xA0\xA1" - "\xF5"; - - static unsigned char e[] = "\x11"; - - static unsigned char d[] = - "\x0A\x03\x37\x48\x62\x64\x87\x69\x5F\x5F\x30\xBC\x38\xB9\x8B\x44" - "\xC2\xCD\x2D\xFF\x43\x40\x98\xCD\x20\xD8\xA1\x38\xD0\x90\xBF\x64" - "\x79\x7C\x3F\xA7\xA2\xCD\xCB\x3C\xD1\xE0\xBD\xBA\x26\x54\xB4\xF9" - "\xDF\x8E\x8A\xE5\x9D\x73\x3D\x9F\x33\xB3\x01\x62\x4A\xFD\x1D\x51"; - - static unsigned char p[] = - "\x00\xD8\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5" - "\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x12" - "\x0D"; - - static unsigned char q[] = - "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9" - "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D" - "\x89"; - - static unsigned char dmp1[] = - "\x59\x0B\x95\x72\xA2\xC2\xA9\xC4\x06\x05\x9D\xC2\xAB\x2F\x1D\xAF" - "\xEB\x7E\x8B\x4F\x10\xA7\x54\x9E\x8E\xED\xF5\xB4\xFC\xE0\x9E\x05"; - - static unsigned char dmq1[] = - "\x00\x8E\x3C\x05\x21\xFE\x15\xE0\xEA\x06\xA3\x6F\xF0\xF1\x0C\x99" - "\x52\xC3\x5B\x7A\x75\x14\xFD\x32\x38\xB8\x0A\xAD\x52\x98\x62\x8D" - "\x51"; - - static unsigned char iqmp[] = - "\x36\x3F\xF7\x18\x9D\xA8\xE9\x0B\x1D\x34\x1F\x71\xD0\x9B\x76\xA8" - "\xA9\x43\xE1\x1D\x10\xB2\x4D\x24\x9F\x2D\xEA\xFE\xF8\x0C\x18\x26"; - - static unsigned char ctext_ex[] = - "\x1b\x8f\x05\xf9\xca\x1a\x79\x52\x6e\x53\xf3\xcc\x51\x4f\xdb\x89" - "\x2b\xfb\x91\x93\x23\x1e\x78\xb9\x92\xe6\x8d\x50\xa4\x80\xcb\x52" - "\x33\x89\x5c\x74\x95\x8d\x5d\x02\xab\x8c\x0f\xd0\x40\xeb\x58\x44" - "\xb0\x05\xc3\x9e\xd8\x27\x4a\x9d\xbf\xa8\x06\x71\x40\x94\x39\xd2"; - - SetKey; -} - -static int key2(RSA *key, unsigned char *c) { - static unsigned char n[] = - "\x00\xA3\x07\x9A\x90\xDF\x0D\xFD\x72\xAC\x09\x0C\xCC\x2A\x78\xB8" - "\x74\x13\x13\x3E\x40\x75\x9C\x98\xFA\xF8\x20\x4F\x35\x8A\x0B\x26" - "\x3C\x67\x70\xE7\x83\xA9\x3B\x69\x71\xB7\x37\x79\xD2\x71\x7B\xE8" - "\x34\x77\xCF"; - - static unsigned char e[] = "\x3"; - - static unsigned char d[] = - "\x6C\xAF\xBC\x60\x94\xB3\xFE\x4C\x72\xB0\xB3\x32\xC6\xFB\x25\xA2" - "\xB7\x62\x29\x80\x4E\x68\x65\xFC\xA4\x5A\x74\xDF\x0F\x8F\xB8\x41" - "\x3B\x52\xC0\xD0\xE5\x3D\x9B\x59\x0F\xF1\x9B\xE7\x9F\x49\xDD\x21" - "\xE5\xEB"; - - static unsigned char p[] = - "\x00\xCF\x20\x35\x02\x8B\x9D\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92" - "\xEA\x0D\xA3\xB4\x32\x04\xB5\xCF\xCE\x91"; - - static unsigned char q[] = - "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9" - "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5F"; - - static unsigned char dmp1[] = - "\x00\x8A\x15\x78\xAC\x5D\x13\xAF\x10\x2B\x22\xB9\x99\xCD\x74\x61" - "\xF1\x5E\x6D\x22\xCC\x03\x23\xDF\xDF\x0B"; - - static unsigned char dmq1[] = - "\x00\x86\x55\x21\x4A\xC5\x4D\x8D\x4E\xCD\x61\x77\xF1\xC7\x36\x90" - "\xCE\x2A\x48\x2C\x8B\x05\x99\xCB\xE0\x3F"; - - static unsigned char iqmp[] = - "\x00\x83\xEF\xEF\xB8\xA9\xA4\x0D\x1D\xB6\xED\x98\xAD\x84\xED\x13" - "\x35\xDC\xC1\x08\xF3\x22\xD0\x57\xCF\x8D"; - - static unsigned char ctext_ex[] = - "\x14\xbd\xdd\x28\xc9\x83\x35\x19\x23\x80\xe8\xe5\x49\xb1\x58\x2a" - "\x8b\x40\xb4\x48\x6d\x03\xa6\xa5\x31\x1f\x1f\xd5\xf0\xa1\x80\xe4" - "\x17\x53\x03\x29\xa9\x34\x90\x74\xb1\x52\x13\x54\x29\x08\x24\x52" - "\x62\x51"; - - SetKey; -} - -static int key3(RSA *key, unsigned char *c) { - static unsigned char n[] = - "\x00\xBB\xF8\x2F\x09\x06\x82\xCE\x9C\x23\x38\xAC\x2B\x9D\xA8\x71" - "\xF7\x36\x8D\x07\xEE\xD4\x10\x43\xA4\x40\xD6\xB6\xF0\x74\x54\xF5" - "\x1F\xB8\xDF\xBA\xAF\x03\x5C\x02\xAB\x61\xEA\x48\xCE\xEB\x6F\xCD" - "\x48\x76\xED\x52\x0D\x60\xE1\xEC\x46\x19\x71\x9D\x8A\x5B\x8B\x80" - "\x7F\xAF\xB8\xE0\xA3\xDF\xC7\x37\x72\x3E\xE6\xB4\xB7\xD9\x3A\x25" - "\x84\xEE\x6A\x64\x9D\x06\x09\x53\x74\x88\x34\xB2\x45\x45\x98\x39" - "\x4E\xE0\xAA\xB1\x2D\x7B\x61\xA5\x1F\x52\x7A\x9A\x41\xF6\xC1\x68" - "\x7F\xE2\x53\x72\x98\xCA\x2A\x8F\x59\x46\xF8\xE5\xFD\x09\x1D\xBD" - "\xCB"; - - static unsigned char e[] = "\x11"; - - static unsigned char d[] = - "\x00\xA5\xDA\xFC\x53\x41\xFA\xF2\x89\xC4\xB9\x88\xDB\x30\xC1\xCD" - "\xF8\x3F\x31\x25\x1E\x06\x68\xB4\x27\x84\x81\x38\x01\x57\x96\x41" - "\xB2\x94\x10\xB3\xC7\x99\x8D\x6B\xC4\x65\x74\x5E\x5C\x39\x26\x69" - "\xD6\x87\x0D\xA2\xC0\x82\xA9\x39\xE3\x7F\xDC\xB8\x2E\xC9\x3E\xDA" - "\xC9\x7F\xF3\xAD\x59\x50\xAC\xCF\xBC\x11\x1C\x76\xF1\xA9\x52\x94" - "\x44\xE5\x6A\xAF\x68\xC5\x6C\x09\x2C\xD3\x8D\xC3\xBE\xF5\xD2\x0A" - "\x93\x99\x26\xED\x4F\x74\xA1\x3E\xDD\xFB\xE1\xA1\xCE\xCC\x48\x94" - "\xAF\x94\x28\xC2\xB7\xB8\x88\x3F\xE4\x46\x3A\x4B\xC8\x5B\x1C\xB3" - "\xC1"; - - static unsigned char p[] = - "\x00\xEE\xCF\xAE\x81\xB1\xB9\xB3\xC9\x08\x81\x0B\x10\xA1\xB5\x60" - "\x01\x99\xEB\x9F\x44\xAE\xF4\xFD\xA4\x93\xB8\x1A\x9E\x3D\x84\xF6" - "\x32\x12\x4E\xF0\x23\x6E\x5D\x1E\x3B\x7E\x28\xFA\xE7\xAA\x04\x0A" - "\x2D\x5B\x25\x21\x76\x45\x9D\x1F\x39\x75\x41\xBA\x2A\x58\xFB\x65" - "\x99"; - - static unsigned char q[] = - "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9" - "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D" - "\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5" - "\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x15" - "\x03"; - - static unsigned char dmp1[] = - "\x54\x49\x4C\xA6\x3E\xBA\x03\x37\xE4\xE2\x40\x23\xFC\xD6\x9A\x5A" - "\xEB\x07\xDD\xDC\x01\x83\xA4\xD0\xAC\x9B\x54\xB0\x51\xF2\xB1\x3E" - "\xD9\x49\x09\x75\xEA\xB7\x74\x14\xFF\x59\xC1\xF7\x69\x2E\x9A\x2E" - "\x20\x2B\x38\xFC\x91\x0A\x47\x41\x74\xAD\xC9\x3C\x1F\x67\xC9\x81"; - - static unsigned char dmq1[] = - "\x47\x1E\x02\x90\xFF\x0A\xF0\x75\x03\x51\xB7\xF8\x78\x86\x4C\xA9" - "\x61\xAD\xBD\x3A\x8A\x7E\x99\x1C\x5C\x05\x56\xA9\x4C\x31\x46\xA7" - "\xF9\x80\x3F\x8F\x6F\x8A\xE3\x42\xE9\x31\xFD\x8A\xE4\x7A\x22\x0D" - "\x1B\x99\xA4\x95\x84\x98\x07\xFE\x39\xF9\x24\x5A\x98\x36\xDA\x3D"; - - static unsigned char iqmp[] = - "\x00\xB0\x6C\x4F\xDA\xBB\x63\x01\x19\x8D\x26\x5B\xDB\xAE\x94\x23" - "\xB3\x80\xF2\x71\xF7\x34\x53\x88\x50\x93\x07\x7F\xCD\x39\xE2\x11" - "\x9F\xC9\x86\x32\x15\x4F\x58\x83\xB1\x67\xA9\x67\xBF\x40\x2B\x4E" - "\x9E\x2E\x0F\x96\x56\xE6\x98\xEA\x36\x66\xED\xFB\x25\x79\x80\x39" - "\xF7"; - - static unsigned char ctext_ex[] = - "\xb8\x24\x6b\x56\xa6\xed\x58\x81\xae\xb5\x85\xd9\xa2\x5b\x2a\xd7" - "\x90\xc4\x17\xe0\x80\x68\x1b\xf1\xac\x2b\xc3\xde\xb6\x9d\x8b\xce" - "\xf0\xc4\x36\x6f\xec\x40\x0a\xf0\x52\xa7\x2e\x9b\x0e\xff\xb5\xb3" - "\xf2\xf1\x92\xdb\xea\xca\x03\xc1\x27\x40\x05\x71\x13\xbf\x1f\x06" - "\x69\xac\x22\xe9\xf3\xa7\x85\x2e\x3c\x15\xd9\x13\xca\xb0\xb8\x86" - "\x3a\x95\xc9\x92\x94\xce\x86\x74\x21\x49\x54\x61\x03\x46\xf4\xd4" - "\x74\xb2\x6f\x7c\x48\xb4\x2e\xe6\x8e\x1f\x57\x2a\x1f\xc4\x02\x6a" - "\xc4\x56\xb4\xf5\x9f\x7b\x62\x1e\xa1\xb9\xd8\x8f\x64\x20\x2f\xb1"; - - SetKey; -} - -static int test_bad_key(void) { - RSA *key = RSA_new(); - BIGNUM e; - - BN_init(&e); - BN_set_word(&e, RSA_F4); - - if (!RSA_generate_key_ex(key, 512, &e, NULL)) { - fprintf(stderr, "RSA_generate_key_ex failed.\n"); - ERR_print_errors_fp(stderr); - return 0; - } - - if (!BN_add(key->p, key->p, BN_value_one())) { - fprintf(stderr, "BN error.\n"); - ERR_print_errors_fp(stderr); - return 0; - } - - if (RSA_check_key(key)) { - fprintf(stderr, "RSA_check_key passed with invalid key!\n"); - return 0; - } - - ERR_clear_error(); - BN_free(&e); - RSA_free(key); - return 1; -} - -static int test_only_d_given(void) { - RSA *key = RSA_new(); - uint8_t buf[64]; - unsigned buf_len = sizeof(buf); - const uint8_t kDummyHash[16] = {0}; - int ret = 0; - - if (!BN_hex2bn(&key->n, - "00e77bbf3889d4ef36a9a25d4d69f3f632eb4362214c74517da6d6aeaa9bd" - "09ac42b26621cd88f3a6eb013772fc3bf9f83914b6467231c630202c35b3e" - "5808c659") || - !BN_hex2bn(&key->e, "010001") || - !BN_hex2bn(&key->d, - "0365db9eb6d73b53b015c40cd8db4de7dd7035c68b5ac1bf786d7a4ee2cea" - "316eaeca21a73ac365e58713195f2ae9849348525ca855386b6d028e437a9" - "495a01") || - RSA_size(key) > sizeof(buf)) { - goto err; - } - - if (!RSA_check_key(key)) { - fprintf(stderr, "RSA_check_key failed with only d given.\n"); - ERR_print_errors_fp(stderr); - goto err; - } - - if (!RSA_sign(NID_sha256, kDummyHash, sizeof(kDummyHash), buf, &buf_len, - key)) { - fprintf(stderr, "RSA_sign failed with only d given.\n"); - ERR_print_errors_fp(stderr); - goto err; - } - - if (!RSA_verify(NID_sha256, kDummyHash, sizeof(kDummyHash), buf, buf_len, - key)) { - fprintf(stderr, "RSA_verify failed with only d given.\n"); - ERR_print_errors_fp(stderr); - goto err; - } - - ret = 1; - -err: - RSA_free(key); - return ret; -} - -static int test_recover_crt_params(void) { - RSA *key1, *key2; - BIGNUM *e = BN_new(); - uint8_t buf[128]; - unsigned buf_len = sizeof(buf); - const uint8_t kDummyHash[16] = {0}; - unsigned i; - - BN_set_word(e, RSA_F4); - - ERR_clear_error(); - - for (i = 0; i < 1; i++) { - key1 = RSA_new(); - if (!RSA_generate_key_ex(key1, 512, e, NULL)) { - fprintf(stderr, "RSA_generate_key_ex failed.\n"); - ERR_print_errors_fp(stderr); - return 0; - } - - if (!RSA_check_key(key1)) { - fprintf(stderr, "RSA_check_key failed with original key.\n"); - ERR_print_errors_fp(stderr); - return 0; - } - - key2 = RSA_new(); - key2->n = BN_dup(key1->n); - key2->e = BN_dup(key1->e); - key2->d = BN_dup(key1->d); - RSA_free(key1); - - if (!RSA_recover_crt_params(key2)) { - fprintf(stderr, "RSA_recover_crt_params failed.\n"); - ERR_print_errors_fp(stderr); - return 0; - } - - if (RSA_size(key2) > buf_len) { - return 0; - } - - if (!RSA_check_key(key2)) { - fprintf(stderr, "RSA_check_key failed with recovered key.\n"); - ERR_print_errors_fp(stderr); - return 0; - } - - if (!RSA_sign(NID_sha256, kDummyHash, sizeof(kDummyHash), buf, &buf_len, - key2)) { - fprintf(stderr, "RSA_sign failed with recovered key.\n"); - ERR_print_errors_fp(stderr); - return 0; - } - - if (!RSA_verify(NID_sha256, kDummyHash, sizeof(kDummyHash), buf, buf_len, - key2)) { - fprintf(stderr, "RSA_verify failed with recovered key.\n"); - ERR_print_errors_fp(stderr); - return 0; - } - - RSA_free(key2); - } - - BN_free(e); - return 1; -} - -int main(int argc, char *argv[]) { - int err = 0; - int v; - RSA *key; - unsigned char ptext[256]; - unsigned char ctext[256]; - static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a"; - unsigned char ctext_ex[256]; - int plen; - int clen = 0; - int num; - int n; - - CRYPTO_library_init(); - - plen = sizeof(ptext_ex) - 1; - - for (v = 0; v < 3; v++) { - key = RSA_new(); - switch (v) { - case 0: - clen = key1(key, ctext_ex); - break; - case 1: - clen = key2(key, ctext_ex); - break; - case 2: - clen = key3(key, ctext_ex); - break; - default: - abort(); - } - - if (!RSA_check_key(key)) { - printf("%d: RSA_check_key failed\n", v); - err = 1; - goto oaep; - } - - num = RSA_public_encrypt(plen, ptext_ex, ctext, key, RSA_PKCS1_PADDING); - if (num != clen) { - printf("PKCS#1 v1.5 encryption failed!\n"); - err = 1; - goto oaep; - } - - num = RSA_private_decrypt(num, ctext, ptext, key, RSA_PKCS1_PADDING); - if (num != plen || memcmp(ptext, ptext_ex, num) != 0) { - printf("PKCS#1 v1.5 decryption failed!\n"); - err = 1; - } else { - printf("PKCS #1 v1.5 encryption/decryption ok\n"); - } - - oaep: - ERR_clear_error(); - num = - RSA_public_encrypt(plen, ptext_ex, ctext, key, RSA_PKCS1_OAEP_PADDING); - if (num == -1) { - printf("No OAEP support\n"); - goto next; - } - if (num != clen) { - printf("OAEP encryption failed!\n"); - err = 1; - goto next; - } - - num = RSA_private_decrypt(num, ctext, ptext, key, RSA_PKCS1_OAEP_PADDING); - if (num != plen || memcmp(ptext, ptext_ex, num) != 0) { - printf("OAEP decryption (encrypted data) failed!\n"); - err = 1; - } else if (memcmp(ctext, ctext_ex, num) == 0) { - printf("OAEP test vector %d passed!\n", v); - } - - /* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT). - Try decrypting ctext_ex */ - - num = - RSA_private_decrypt(clen, ctext_ex, ptext, key, RSA_PKCS1_OAEP_PADDING); - - if (num != plen || memcmp(ptext, ptext_ex, num) != 0) { - printf("OAEP decryption (test vector data) failed!\n"); - err = 1; - } else { - printf("OAEP encryption/decryption ok\n"); - } - - /* Try decrypting corrupted ciphertexts */ - for (n = 0; n < clen; ++n) { - int b; - unsigned char saved = ctext[n]; - for (b = 0; b < 256; ++b) { - if (b == saved) { - continue; - } - ctext[n] = b; - num = - RSA_private_decrypt(num, ctext, ptext, key, RSA_PKCS1_OAEP_PADDING); - if (num > 0) { - printf("Corrupt data decrypted!\n"); - err = 1; - } - } - } - - next: - RSA_free(key); - } - - if (err != 0 || - !test_only_d_given() || - !test_recover_crt_params() || - !test_bad_key()) { - err = 1; - } - - if (err == 0) { - printf("PASS\n"); - } - return err; -} diff --git a/src/crypto/rsa/rsa_test.cc b/src/crypto/rsa/rsa_test.cc new file mode 100644 index 0000000..d52b78b --- /dev/null +++ b/src/crypto/rsa/rsa_test.cc @@ -0,0 +1,869 @@ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ + +#include + +#include +#include + +#include +#include +#include +#include +#include + +#include "../test/scoped_types.h" + + +// kPlaintext is a sample plaintext. +static const uint8_t kPlaintext[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a"; +static const size_t kPlaintextLen = sizeof(kPlaintext) - 1; + +// kKey1 is a DER-encoded RSAPrivateKey. +static const uint8_t kKey1[] = + "\x30\x82\x01\x38\x02\x01\x00\x02\x41\x00\xaa\x36\xab\xce\x88\xac\xfd\xff" + "\x55\x52\x3c\x7f\xc4\x52\x3f\x90\xef\xa0\x0d\xf3\x77\x4a\x25\x9f\x2e\x62" + "\xb4\xc5\xd9\x9c\xb5\xad\xb3\x00\xa0\x28\x5e\x53\x01\x93\x0e\x0c\x70\xfb" + "\x68\x76\x93\x9c\xe6\x16\xce\x62\x4a\x11\xe0\x08\x6d\x34\x1e\xbc\xac\xa0" + "\xa1\xf5\x02\x01\x11\x02\x40\x0a\x03\x37\x48\x62\x64\x87\x69\x5f\x5f\x30" + "\xbc\x38\xb9\x8b\x44\xc2\xcd\x2d\xff\x43\x40\x98\xcd\x20\xd8\xa1\x38\xd0" + "\x90\xbf\x64\x79\x7c\x3f\xa7\xa2\xcd\xcb\x3c\xd1\xe0\xbd\xba\x26\x54\xb4" + "\xf9\xdf\x8e\x8a\xe5\x9d\x73\x3d\x9f\x33\xb3\x01\x62\x4a\xfd\x1d\x51\x02" + "\x21\x00\xd8\x40\xb4\x16\x66\xb4\x2e\x92\xea\x0d\xa3\xb4\x32\x04\xb5\xcf" + "\xce\x33\x52\x52\x4d\x04\x16\xa5\xa4\x41\xe7\x00\xaf\x46\x12\x0d\x02\x21" + "\x00\xc9\x7f\xb1\xf0\x27\xf4\x53\xf6\x34\x12\x33\xea\xaa\xd1\xd9\x35\x3f" + "\x6c\x42\xd0\x88\x66\xb1\xd0\x5a\x0f\x20\x35\x02\x8b\x9d\x89\x02\x20\x59" + "\x0b\x95\x72\xa2\xc2\xa9\xc4\x06\x05\x9d\xc2\xab\x2f\x1d\xaf\xeb\x7e\x8b" + "\x4f\x10\xa7\x54\x9e\x8e\xed\xf5\xb4\xfc\xe0\x9e\x05\x02\x21\x00\x8e\x3c" + "\x05\x21\xfe\x15\xe0\xea\x06\xa3\x6f\xf0\xf1\x0c\x99\x52\xc3\x5b\x7a\x75" + "\x14\xfd\x32\x38\xb8\x0a\xad\x52\x98\x62\x8d\x51\x02\x20\x36\x3f\xf7\x18" + "\x9d\xa8\xe9\x0b\x1d\x34\x1f\x71\xd0\x9b\x76\xa8\xa9\x43\xe1\x1d\x10\xb2" + "\x4d\x24\x9f\x2d\xea\xfe\xf8\x0c\x18\x26"; + +// kOAEPCiphertext1 is a sample encryption of |kPlaintext| with |kKey1| using +// RSA OAEP. +static const uint8_t kOAEPCiphertext1[] = + "\x1b\x8f\x05\xf9\xca\x1a\x79\x52\x6e\x53\xf3\xcc\x51\x4f\xdb\x89\x2b\xfb" + "\x91\x93\x23\x1e\x78\xb9\x92\xe6\x8d\x50\xa4\x80\xcb\x52\x33\x89\x5c\x74" + "\x95\x8d\x5d\x02\xab\x8c\x0f\xd0\x40\xeb\x58\x44\xb0\x05\xc3\x9e\xd8\x27" + "\x4a\x9d\xbf\xa8\x06\x71\x40\x94\x39\xd2"; + +// kKey2 is a DER-encoded RSAPrivateKey. +static const uint8_t kKey2[] = + "\x30\x81\xfb\x02\x01\x00\x02\x33\x00\xa3\x07\x9a\x90\xdf\x0d\xfd\x72\xac" + "\x09\x0c\xcc\x2a\x78\xb8\x74\x13\x13\x3e\x40\x75\x9c\x98\xfa\xf8\x20\x4f" + "\x35\x8a\x0b\x26\x3c\x67\x70\xe7\x83\xa9\x3b\x69\x71\xb7\x37\x79\xd2\x71" + "\x7b\xe8\x34\x77\xcf\x02\x01\x03\x02\x32\x6c\xaf\xbc\x60\x94\xb3\xfe\x4c" + "\x72\xb0\xb3\x32\xc6\xfb\x25\xa2\xb7\x62\x29\x80\x4e\x68\x65\xfc\xa4\x5a" + "\x74\xdf\x0f\x8f\xb8\x41\x3b\x52\xc0\xd0\xe5\x3d\x9b\x59\x0f\xf1\x9b\xe7" + "\x9f\x49\xdd\x21\xe5\xeb\x02\x1a\x00\xcf\x20\x35\x02\x8b\x9d\x86\x98\x40" + "\xb4\x16\x66\xb4\x2e\x92\xea\x0d\xa3\xb4\x32\x04\xb5\xcf\xce\x91\x02\x1a" + "\x00\xc9\x7f\xb1\xf0\x27\xf4\x53\xf6\x34\x12\x33\xea\xaa\xd1\xd9\x35\x3f" + "\x6c\x42\xd0\x88\x66\xb1\xd0\x5f\x02\x1a\x00\x8a\x15\x78\xac\x5d\x13\xaf" + "\x10\x2b\x22\xb9\x99\xcd\x74\x61\xf1\x5e\x6d\x22\xcc\x03\x23\xdf\xdf\x0b" + "\x02\x1a\x00\x86\x55\x21\x4a\xc5\x4d\x8d\x4e\xcd\x61\x77\xf1\xc7\x36\x90" + "\xce\x2a\x48\x2c\x8b\x05\x99\xcb\xe0\x3f\x02\x1a\x00\x83\xef\xef\xb8\xa9" + "\xa4\x0d\x1d\xb6\xed\x98\xad\x84\xed\x13\x35\xdc\xc1\x08\xf3\x22\xd0\x57" + "\xcf\x8d"; + +// kOAEPCiphertext2 is a sample encryption of |kPlaintext| with |kKey2| using +// RSA OAEP. +static const uint8_t kOAEPCiphertext2[] = + "\x14\xbd\xdd\x28\xc9\x83\x35\x19\x23\x80\xe8\xe5\x49\xb1\x58\x2a\x8b\x40" + "\xb4\x48\x6d\x03\xa6\xa5\x31\x1f\x1f\xd5\xf0\xa1\x80\xe4\x17\x53\x03\x29" + "\xa9\x34\x90\x74\xb1\x52\x13\x54\x29\x08\x24\x52\x62\x51"; + +// kKey3 is a DER-encoded RSAPrivateKey. +static const uint8_t kKey3[] = + "\x30\x82\x02\x5b\x02\x01\x00\x02\x81\x81\x00\xbb\xf8\x2f\x09\x06\x82\xce" + "\x9c\x23\x38\xac\x2b\x9d\xa8\x71\xf7\x36\x8d\x07\xee\xd4\x10\x43\xa4\x40" + "\xd6\xb6\xf0\x74\x54\xf5\x1f\xb8\xdf\xba\xaf\x03\x5c\x02\xab\x61\xea\x48" + "\xce\xeb\x6f\xcd\x48\x76\xed\x52\x0d\x60\xe1\xec\x46\x19\x71\x9d\x8a\x5b" + "\x8b\x80\x7f\xaf\xb8\xe0\xa3\xdf\xc7\x37\x72\x3e\xe6\xb4\xb7\xd9\x3a\x25" + "\x84\xee\x6a\x64\x9d\x06\x09\x53\x74\x88\x34\xb2\x45\x45\x98\x39\x4e\xe0" + "\xaa\xb1\x2d\x7b\x61\xa5\x1f\x52\x7a\x9a\x41\xf6\xc1\x68\x7f\xe2\x53\x72" + "\x98\xca\x2a\x8f\x59\x46\xf8\xe5\xfd\x09\x1d\xbd\xcb\x02\x01\x11\x02\x81" + "\x81\x00\xa5\xda\xfc\x53\x41\xfa\xf2\x89\xc4\xb9\x88\xdb\x30\xc1\xcd\xf8" + "\x3f\x31\x25\x1e\x06\x68\xb4\x27\x84\x81\x38\x01\x57\x96\x41\xb2\x94\x10" + "\xb3\xc7\x99\x8d\x6b\xc4\x65\x74\x5e\x5c\x39\x26\x69\xd6\x87\x0d\xa2\xc0" + "\x82\xa9\x39\xe3\x7f\xdc\xb8\x2e\xc9\x3e\xda\xc9\x7f\xf3\xad\x59\x50\xac" + "\xcf\xbc\x11\x1c\x76\xf1\xa9\x52\x94\x44\xe5\x6a\xaf\x68\xc5\x6c\x09\x2c" + "\xd3\x8d\xc3\xbe\xf5\xd2\x0a\x93\x99\x26\xed\x4f\x74\xa1\x3e\xdd\xfb\xe1" + "\xa1\xce\xcc\x48\x94\xaf\x94\x28\xc2\xb7\xb8\x88\x3f\xe4\x46\x3a\x4b\xc8" + "\x5b\x1c\xb3\xc1\x02\x41\x00\xee\xcf\xae\x81\xb1\xb9\xb3\xc9\x08\x81\x0b" + "\x10\xa1\xb5\x60\x01\x99\xeb\x9f\x44\xae\xf4\xfd\xa4\x93\xb8\x1a\x9e\x3d" + "\x84\xf6\x32\x12\x4e\xf0\x23\x6e\x5d\x1e\x3b\x7e\x28\xfa\xe7\xaa\x04\x0a" + "\x2d\x5b\x25\x21\x76\x45\x9d\x1f\x39\x75\x41\xba\x2a\x58\xfb\x65\x99\x02" + "\x41\x00\xc9\x7f\xb1\xf0\x27\xf4\x53\xf6\x34\x12\x33\xea\xaa\xd1\xd9\x35" + "\x3f\x6c\x42\xd0\x88\x66\xb1\xd0\x5a\x0f\x20\x35\x02\x8b\x9d\x86\x98\x40" + "\xb4\x16\x66\xb4\x2e\x92\xea\x0d\xa3\xb4\x32\x04\xb5\xcf\xce\x33\x52\x52" + "\x4d\x04\x16\xa5\xa4\x41\xe7\x00\xaf\x46\x15\x03\x02\x40\x54\x49\x4c\xa6" + "\x3e\xba\x03\x37\xe4\xe2\x40\x23\xfc\xd6\x9a\x5a\xeb\x07\xdd\xdc\x01\x83" + "\xa4\xd0\xac\x9b\x54\xb0\x51\xf2\xb1\x3e\xd9\x49\x09\x75\xea\xb7\x74\x14" + "\xff\x59\xc1\xf7\x69\x2e\x9a\x2e\x20\x2b\x38\xfc\x91\x0a\x47\x41\x74\xad" + "\xc9\x3c\x1f\x67\xc9\x81\x02\x40\x47\x1e\x02\x90\xff\x0a\xf0\x75\x03\x51" + "\xb7\xf8\x78\x86\x4c\xa9\x61\xad\xbd\x3a\x8a\x7e\x99\x1c\x5c\x05\x56\xa9" + "\x4c\x31\x46\xa7\xf9\x80\x3f\x8f\x6f\x8a\xe3\x42\xe9\x31\xfd\x8a\xe4\x7a" + "\x22\x0d\x1b\x99\xa4\x95\x84\x98\x07\xfe\x39\xf9\x24\x5a\x98\x36\xda\x3d" + "\x02\x41\x00\xb0\x6c\x4f\xda\xbb\x63\x01\x19\x8d\x26\x5b\xdb\xae\x94\x23" + "\xb3\x80\xf2\x71\xf7\x34\x53\x88\x50\x93\x07\x7f\xcd\x39\xe2\x11\x9f\xc9" + "\x86\x32\x15\x4f\x58\x83\xb1\x67\xa9\x67\xbf\x40\x2b\x4e\x9e\x2e\x0f\x96" + "\x56\xe6\x98\xea\x36\x66\xed\xfb\x25\x79\x80\x39\xf7"; + +// kOAEPCiphertext3 is a sample encryption of |kPlaintext| with |kKey3| using +// RSA OAEP. +static const uint8_t kOAEPCiphertext3[] = + "\xb8\x24\x6b\x56\xa6\xed\x58\x81\xae\xb5\x85\xd9\xa2\x5b\x2a\xd7\x90\xc4" + "\x17\xe0\x80\x68\x1b\xf1\xac\x2b\xc3\xde\xb6\x9d\x8b\xce\xf0\xc4\x36\x6f" + "\xec\x40\x0a\xf0\x52\xa7\x2e\x9b\x0e\xff\xb5\xb3\xf2\xf1\x92\xdb\xea\xca" + "\x03\xc1\x27\x40\x05\x71\x13\xbf\x1f\x06\x69\xac\x22\xe9\xf3\xa7\x85\x2e" + "\x3c\x15\xd9\x13\xca\xb0\xb8\x86\x3a\x95\xc9\x92\x94\xce\x86\x74\x21\x49" + "\x54\x61\x03\x46\xf4\xd4\x74\xb2\x6f\x7c\x48\xb4\x2e\xe6\x8e\x1f\x57\x2a" + "\x1f\xc4\x02\x6a\xc4\x56\xb4\xf5\x9f\x7b\x62\x1e\xa1\xb9\xd8\x8f\x64\x20" + "\x2f\xb1"; + +static const uint8_t kTwoPrimeKey[] = + "\x30\x82\x04\xa1\x02\x01\x00\x02\x82\x01\x01\x00\x93\x3a\x4f\xc9\x6a\x0a" + "\x6b\x28\x04\xfa\xb7\x05\x56\xdf\xa0\xaa\x4f\xaa\xab\x94\xa0\xa9\x25\xef" + "\xc5\x96\xd2\xd4\x66\x16\x62\x2c\x13\x7b\x91\xd0\x36\x0a\x10\x11\x6d\x7a" + "\x91\xb6\xe4\x74\x57\xc1\x3d\x7a\xbe\x24\x05\x3a\x04\x0b\x73\x91\x53\xb1" + "\x74\x10\xe1\x87\xdc\x91\x28\x9c\x1e\xe5\xf2\xb9\xfc\xa2\x48\x34\xb6\x78" + "\xed\x6d\x95\xfb\xf2\xc0\x4e\x1c\xa4\x15\x00\x3c\x8a\x68\x2b\xd6\xce\xd5" + "\xb3\x9f\x66\x02\xa7\x0d\x08\xa3\x23\x9b\xe5\x36\x96\x13\x22\xf9\x69\xa6" + "\x87\x88\x9b\x85\x3f\x83\x9c\xab\x1a\x1b\x6d\x8d\x16\xf4\x5e\xbd\xee\x4b" + "\x59\x56\xf8\x9d\x58\xcd\xd2\x83\x85\x59\x43\x84\x63\x4f\xe6\x1a\x86\x66" + "\x0d\xb5\xa0\x87\x89\xb6\x13\x82\x43\xda\x34\x92\x3b\x68\xc4\x95\x71\x2f" + "\x15\xc2\xe0\x43\x67\x3c\x08\x00\x36\x10\xc3\xb4\x46\x4c\x4e\x6e\xf5\x44" + "\xa9\x04\x44\x9d\xce\xc7\x05\x79\xee\x11\xcf\xaf\x2c\xd7\x9a\x32\xd3\xa5" + "\x30\xd4\x3a\x78\x43\x37\x74\x22\x90\x24\x04\x11\xd7\x95\x08\x52\xa4\x71" + "\x41\x68\x94\xb0\xa0\xc3\xec\x4e\xd2\xc4\x30\x71\x98\x64\x9c\xe3\x7c\x76" + "\xef\x33\xa3\x2b\xb1\x87\x63\xd2\x5c\x09\xfc\x90\x2d\x92\xf4\x57\x02\x01" + "\x03\x02\x82\x01\x00\x62\x26\xdf\xdb\x9c\x06\xf2\x1a\xad\xfc\x7a\x03\x8f" + "\x3f\xc0\x71\x8a\x71\xc7\xb8\x6b\x1b\x6e\x9f\xd9\x0f\x37\x38\x44\x0e\xec" + "\x1d\x62\x52\x61\x35\x79\x5c\x0a\xb6\x48\xfc\x61\x24\x98\x4d\x8f\xd6\x28" + "\xfc\x7e\xc2\xae\x26\xad\x5c\xf7\xb6\x37\xcb\xa2\xb5\xeb\xaf\xe8\x60\xc5" + "\xbd\x69\xee\xa1\xd1\x53\x16\xda\xcd\xce\xfb\x48\xf3\xb9\x52\xa1\xd5\x89" + "\x68\x6d\x63\x55\x7d\xb1\x9a\xc7\xe4\x89\xe3\xcd\x14\xee\xac\x6f\x5e\x05" + "\xc2\x17\xbd\x43\x79\xb9\x62\x17\x50\xf1\x19\xaf\xb0\x67\xae\x2a\x57\xbd" + "\xc7\x66\xbc\xf3\xb3\x64\xa1\xe3\x16\x74\x9e\xea\x02\x5c\xab\x94\xd8\x97" + "\x02\x42\x0c\x2c\xba\x54\xb9\xaf\xe0\x45\x93\xad\x7f\xb3\x10\x6a\x96\x50" + "\x4b\xaf\xcf\xc8\x27\x62\x2d\x83\xe9\x26\xc6\x94\xc1\xef\x5c\x8e\x06\x42" + "\x53\xe5\x56\xaf\xc2\x99\x01\xaa\x9a\x71\xbc\xe8\x21\x33\x2a\x2d\xa3\x36" + "\xac\x1b\x86\x19\xf8\xcd\x1f\x80\xa4\x26\x98\xb8\x9f\x62\x62\xd5\x1a\x7f" + "\xee\xdb\xdf\x81\xd3\x21\xdb\x33\x92\xee\xff\xe2\x2f\x32\x77\x73\x6a\x58" + "\xab\x21\xf3\xe3\xe1\xbc\x4f\x12\x72\xa6\xb5\xc2\xfb\x27\x9e\xc8\xca\xab" + "\x64\xa0\x87\x07\x9d\xef\xca\x0f\xdb\x02\x81\x81\x00\xe6\xd3\x4d\xc0\xa1" + "\x91\x0e\x62\xfd\xb0\xdd\xc6\x30\xb8\x8c\xcb\x14\xc1\x4b\x69\x30\xdd\xcd" + "\x86\x67\xcb\x37\x14\xc5\x03\xd2\xb4\x69\xab\x3d\xe5\x16\x81\x0f\xe5\x50" + "\xf4\x18\xb1\xec\xbc\x71\xe9\x80\x99\x06\xe4\xa3\xfe\x44\x84\x4a\x2d\x1e" + "\x07\x7f\x22\x70\x6d\x4f\xd4\x93\x0b\x8b\x99\xce\x1e\xab\xcd\x4c\xd2\xd3" + "\x10\x47\x5c\x09\x9f\x6d\x82\xc0\x08\x75\xe3\x3d\x83\xc2\x19\x50\x29\xec" + "\x1f\x84\x29\xcc\xf1\x56\xee\xbd\x54\x5d\xe6\x19\xdf\x0d\x1c\xa4\xbb\x0a" + "\xfe\x84\x44\x29\x1d\xf9\x5c\x80\x96\x5b\x24\xb4\xf7\x02\x1b\x02\x81\x81" + "\x00\xa3\x48\xf1\x9c\x58\xc2\x5f\x38\xfb\xd8\x12\x39\xf1\x8e\x73\xa1\xcf" + "\x78\x12\xe0\xed\x2a\xbb\xef\xac\x23\xb2\xbf\xd6\x0c\xe9\x6e\x1e\xab\xea" + "\x3f\x68\x36\xa7\x1f\xe5\xab\xe0\x86\xa5\x76\x32\x98\xdd\x75\xb5\x2b\xbc" + "\xcb\x8a\x03\x00\x7c\x2e\xca\xf8\xbc\x19\xe4\xe3\xa3\x31\xbd\x1d\x20\x2b" + "\x09\xad\x6f\x4c\xed\x48\xd4\xdf\x87\xf9\xf0\x46\xb9\x86\x4c\x4b\x71\xe7" + "\x48\x78\xdc\xed\xc7\x82\x02\x44\xd3\xa6\xb3\x10\x5f\x62\x81\xfc\xb8\xe4" + "\x0e\xf4\x1a\xdd\xab\x3f\xbc\x63\x79\x5b\x39\x69\x5e\xea\xa9\x15\xfe\x90" + "\xec\xda\x75\x02\x81\x81\x00\x99\xe2\x33\xd5\xc1\x0b\x5e\xec\xa9\x20\x93" + "\xd9\x75\xd0\x5d\xdc\xb8\x80\xdc\xf0\xcb\x3e\x89\x04\x45\x32\x24\xb8\x83" + "\x57\xe1\xcd\x9b\xc7\x7e\x98\xb9\xab\x5f\xee\x35\xf8\x10\x76\x9d\xd2\xf6" + "\x9b\xab\x10\xaf\x43\x17\xfe\xd8\x58\x31\x73\x69\x5a\x54\xc1\xa0\x48\xdf" + "\xe3\x0c\xb2\x5d\x11\x34\x14\x72\x88\xdd\xe1\xe2\x0a\xda\x3d\x5b\xbf\x9e" + "\x57\x2a\xb0\x4e\x97\x7e\x57\xd6\xbb\x8a\xc6\x9d\x6a\x58\x1b\xdd\xf6\x39" + "\xf4\x7e\x38\x3e\x99\x66\x94\xb3\x68\x6d\xd2\x07\x54\x58\x2d\x70\xbe\xa6" + "\x3d\xab\x0e\xe7\x6d\xcd\xfa\x01\x67\x02\x81\x80\x6c\xdb\x4b\xbd\x90\x81" + "\x94\xd0\xa7\xe5\x61\x7b\xf6\x5e\xf7\xc1\x34\xfa\xb7\x40\x9e\x1c\x7d\x4a" + "\x72\xc2\x77\x2a\x8e\xb3\x46\x49\x69\xc7\xf1\x7f\x9a\xcf\x1a\x15\x43\xc7" + "\xeb\x04\x6e\x4e\xcc\x65\xe8\xf9\x23\x72\x7d\xdd\x06\xac\xaa\xfd\x74\x87" + "\x50\x7d\x66\x98\x97\xc2\x21\x28\xbe\x15\x72\x06\x73\x9f\x88\x9e\x30\x8d" + "\xea\x5a\xa6\xa0\x2f\x26\x59\x88\x32\x4b\xef\x85\xa5\xe8\x9e\x85\x01\x56" + "\xd8\x8d\x19\xcc\xb5\x94\xec\x56\xa8\x7b\x42\xb4\xa2\xbc\x93\xc7\x7f\xd2" + "\xec\xfb\x92\x26\x46\x3f\x47\x1b\x63\xff\x0b\x48\x91\xa3\x02\x81\x80\x2c" + "\x4a\xb9\xa4\x46\x7b\xff\x50\x7e\xbf\x60\x47\x3b\x2b\x66\x82\xdc\x0e\x53" + "\x65\x71\xe9\xda\x2a\xb8\x32\x93\x42\xb7\xff\xea\x67\x66\xf1\xbc\x87\x28" + "\x65\x29\x79\xca\xab\x93\x56\xda\x95\xc1\x26\x44\x3d\x27\xc1\x91\xc6\x9b" + "\xd9\xec\x9d\xb7\x49\xe7\x16\xee\x99\x87\x50\x95\x81\xd4\x5c\x5b\x5a\x5d" + "\x0a\x43\xa5\xa7\x8f\x5a\x80\x49\xa0\xb7\x10\x85\xc7\xf4\x42\x34\x86\xb6" + "\x5f\x3f\x88\x9e\xc7\xf5\x59\x29\x39\x68\x48\xf2\xd7\x08\x5b\x92\x8e\x6b" + "\xea\xa5\x63\x5f\xc0\xfb\xe4\xe1\xb2\x7d\xb7\x40\xe9\x55\x06\xbf\x58\x25" + "\x6f"; + +static const uint8_t kTwoPrimeEncryptedMessage[] = { + 0x63, 0x0a, 0x30, 0x45, 0x43, 0x11, 0x45, 0xb7, 0x99, 0x67, 0x90, 0x35, + 0x37, 0x27, 0xff, 0xbc, 0xe0, 0xbf, 0xa6, 0xd1, 0x47, 0x50, 0xbb, 0x6c, + 0x1c, 0xaa, 0x66, 0xf2, 0xff, 0x9d, 0x9a, 0xa6, 0xb4, 0x16, 0x63, 0xb0, + 0xa1, 0x7c, 0x7c, 0x0c, 0xef, 0xb3, 0x66, 0x52, 0x42, 0xd7, 0x5e, 0xf3, + 0xa4, 0x15, 0x33, 0x40, 0x43, 0xe8, 0xb1, 0xfc, 0xe0, 0x42, 0x83, 0x46, + 0x28, 0xce, 0xde, 0x7b, 0x01, 0xeb, 0x28, 0x92, 0x70, 0xdf, 0x8d, 0x54, + 0x9e, 0xed, 0x23, 0xb4, 0x78, 0xc3, 0xca, 0x85, 0x53, 0x48, 0xd6, 0x8a, + 0x87, 0xf7, 0x69, 0xcd, 0x82, 0x8c, 0x4f, 0x5c, 0x05, 0x55, 0xa6, 0x78, + 0x89, 0xab, 0x4c, 0xd8, 0xa9, 0xd6, 0xa5, 0xf4, 0x29, 0x4c, 0x23, 0xc8, + 0xcf, 0xf0, 0x4c, 0x64, 0x6b, 0x4e, 0x02, 0x17, 0x69, 0xd6, 0x47, 0x83, + 0x30, 0x43, 0x02, 0x29, 0xda, 0xda, 0x75, 0x3b, 0xd7, 0xa7, 0x2b, 0x31, + 0xb3, 0xe9, 0x71, 0xa4, 0x41, 0xf7, 0x26, 0x9b, 0xcd, 0x23, 0xfa, 0x45, + 0x3c, 0x9b, 0x7d, 0x28, 0xf7, 0xf9, 0x67, 0x04, 0xba, 0xfc, 0x46, 0x75, + 0x11, 0x3c, 0xd5, 0x27, 0x43, 0x53, 0xb1, 0xb6, 0x9e, 0x18, 0xeb, 0x11, + 0xb4, 0x25, 0x20, 0x30, 0x0b, 0xe0, 0x1c, 0x17, 0x36, 0x22, 0x10, 0x0f, + 0x99, 0xb5, 0x50, 0x14, 0x73, 0x07, 0xf0, 0x2f, 0x5d, 0x4c, 0xe3, 0xf2, + 0x86, 0xc2, 0x05, 0xc8, 0x38, 0xed, 0xeb, 0x2a, 0x4a, 0xab, 0x76, 0xe3, + 0x1a, 0x75, 0x44, 0xf7, 0x6e, 0x94, 0xdc, 0x25, 0x62, 0x7e, 0x31, 0xca, + 0xc2, 0x73, 0x51, 0xb5, 0x03, 0xfb, 0xf9, 0xf6, 0xb5, 0x8d, 0x4e, 0x6c, + 0x21, 0x0e, 0xf9, 0x97, 0x26, 0x57, 0xf3, 0x52, 0x72, 0x07, 0xf8, 0xb4, + 0xcd, 0xb4, 0x39, 0xcf, 0xbf, 0x78, 0xcc, 0xb6, 0x87, 0xf9, 0xb7, 0x8b, + 0x6a, 0xce, 0x9f, 0xc8, +}; + +static const uint8_t kThreePrimeKey[] = + "\x30\x82\x04\xd7\x02\x01\x01\x02\x82\x01\x00\x62\x91\xe9\xea\xb3\x5d\x6c" + "\x29\xae\x21\x83\xbb\xb5\x82\xb1\x9e\xea\xe0\x64\x5b\x1e\x2f\x5e\x2c\x0a" + "\x80\x3d\x29\xd4\xfa\x9a\xe7\x44\xe6\x21\xbd\x98\xc0\x3d\xe0\x53\x59\xae" + "\xd3\x3e\xfe\xc4\xc2\xc4\x5a\x5a\x89\x07\xf4\x4f\xdc\xb0\x6a\xd4\x3e\x99" + "\x7d\x7a\x97\x26\x4e\xe1\x93\xca\x6e\xed\x07\xfc\xb4\xfa\x95\x1e\x73\x7b" + "\x86\x08\x6a\xb9\xd4\x29\xb0\x7e\x59\xb7\x9d\x7b\xeb\x67\x6e\xf0\xbb\x5e" + "\xcf\xb9\xcd\x58\x93\xf0\xe7\x88\x17\x6c\x0d\x76\x1e\xb9\x27\x9a\x4d\x02" + "\x16\xb6\x49\x6d\xa7\x83\x23\x4d\x02\x48\x0c\x0c\x1f\x0e\x85\x21\xe3\x06" + "\x76\x0a\x73\xe6\xc1\x21\xfa\x30\x18\x78\x29\x5c\x31\xd0\x29\xae\x6f\x7d" + "\x87\xd8\x2f\x16\xfa\xbc\x67\x8a\x94\x71\x59\x9b\xec\x22\x40\x55\x9f\xc2" + "\x94\xb5\xbd\x78\x01\xc9\xef\x18\xc8\x6d\x0d\xdc\x53\x42\xb2\x5c\xab\x65" + "\x05\xbd\x35\x08\x85\x1b\xf8\xe9\x47\xbc\xfe\xc5\xae\x47\x29\x63\x44\x8e" + "\x4d\xb7\x47\xab\x0d\xd8\x76\x68\x4f\xc7\x07\x02\xe4\x86\xb0\xcf\xd8\x19" + "\xad\xf4\x85\x76\x8b\x3b\x4e\x40\x8d\x29\x7a\x8a\x07\x36\xf3\x78\xae\x17" + "\xa6\x8f\x53\x58\x65\x4c\x86\x9e\xd7\x8b\xec\x38\x4f\x99\xc7\x02\x01\x03" + "\x02\x82\x01\x00\x41\xb6\x9b\xf1\xcc\xe8\xf2\xc6\x74\x16\x57\xd2\x79\x01" + "\xcb\xbf\x47\x40\x42\xe7\x69\x74\xe9\x72\xb1\xaa\xd3\x71\x38\xa7\x11\xef" + "\x83\x44\x16\x7e\x65\xd5\x7e\x95\x8c\xe6\x74\x8c\xd4\xa9\xd8\x81\xd8\x3c" + "\x3c\x5b\x5a\xa2\xdf\xe8\x75\x9c\x8d\x7f\x10\xfe\x51\xba\x19\x89\xeb\xb7" + "\xdc\x49\xf3\x5a\xa8\x78\xa7\x0e\x14\x4c\xfd\x04\x05\x9c\x7b\xe2\xc5\xa3" + "\x04\xee\xd9\x4c\xfd\x7d\x47\xb0\x0d\x9b\x3d\x70\x91\x81\x2c\xab\x2b\x87" + "\xad\x11\x68\x24\xfc\x2b\xd4\xee\x5e\x28\xeb\x6d\xab\xde\x0f\x77\x15\x58" + "\x76\x39\xc9\x59\x3a\x7f\x19\x9d\xc6\x7e\x86\xe4\xd5\x38\x70\x9e\xae\xb9" + "\xfb\x33\x33\xd1\x0c\x2d\xab\x01\x20\xe1\x8b\x29\x99\xd3\xeb\x87\x05\x72" + "\xaa\x43\x58\x64\x8e\x9e\x31\xdb\x45\x9b\x2b\xac\x58\x80\x5d\x33\xa2\x43" + "\x05\x96\xcc\xca\x2d\x04\x5f\xd6\xb7\x3d\x8b\x8f\x2d\xa3\xa5\xf8\x73\xf5" + "\xd7\xc0\x19\xff\x10\xe6\xee\x3a\x26\x2f\xe1\x64\x3d\x11\xcd\x2d\xe4\x0a" + "\x84\x27\xe3\xcb\x16\x62\x19\xe7\xe3\x0d\x13\xe8\x09\x5a\x53\xd0\x20\x56" + "\x15\xf5\xb3\x67\xac\xa1\xb5\x94\x6b\xab\xdc\x71\xc7\xbf\x0a\xde\x76\xf5" + "\x03\xa0\x30\xd8\x27\x9d\x00\x2b\x02\x57\x00\xf1\x4f\xc2\x86\x13\x06\x17" + "\xf7\x69\x7e\x37\xdf\x67\xc5\x32\xa0\x74\x1c\x32\x69\x0f\x9f\x08\x88\x24" + "\xb1\x51\xbc\xbc\x92\xba\x73\x1f\x9c\x75\xc2\x14\x6d\x4f\xc4\x5a\xcf\xda" + "\x44\x35\x00\x6b\x42\x3b\x9f\x14\xf1\x05\xb3\x51\x22\xb6\xbe\x9c\xe0\xc1" + "\x5c\x48\x61\xdf\x4e\x4c\x72\xb8\x05\x35\x7c\xac\xf1\xbb\xa0\x3b\x2a\xea" + "\xf7\x86\xe9\xd2\xff\x1e\x1d\x02\x56\x00\xca\xb1\x39\xf6\xa2\xc6\x3b\x65" + "\x45\x2f\x39\x00\xcd\x6e\xd6\x55\xf7\x71\x37\x89\xc2\xe7\x7a\xc0\x1a\xa6" + "\x2f\xea\x17\x7c\xaa\x2a\x91\x8f\xd4\xc7\x50\x8b\xab\x8e\x99\x3b\x33\x91" + "\xbc\x02\x10\x58\x4b\x58\x40\x9b\xc4\x8f\x48\x2b\xa7\x44\xfd\x07\x04\xf0" + "\x98\x67\x56\xea\x25\x92\x8b\x2e\x4b\x4a\xa1\xd3\xc2\xa4\xb4\x9b\x59\x70" + "\x32\xa6\xd8\x8b\xd9\x02\x57\x00\xa0\xdf\xd7\x04\x0c\xae\xba\xa4\xf0\xfe" + "\xcf\xea\x45\x2e\x21\xc0\x4d\x68\x21\x9b\x5f\xbf\x5b\x05\x6d\xcb\x8b\xd3" + "\x28\x61\xd1\xa2\x15\x12\xf9\x2c\x0d\x9e\x35\x2d\x91\xdf\xe6\xd8\x23\x55" + "\x9c\xd6\xd2\x6a\x0d\xf6\x03\xcc\xe0\xc1\xcf\x29\xbd\xeb\x2b\x92\xda\xeb" + "\xea\x34\x32\xf7\x25\x58\xce\x53\x1d\xf6\x7d\x15\x7c\xc7\x47\x4f\xaf\x46" + "\x8c\xaa\x14\x13\x02\x56\x00\x87\x20\xd1\x4f\x17\x2e\xd2\x43\x83\x74\xd0" + "\xab\x33\x9f\x39\x8e\xa4\xf6\x25\x06\x81\xef\xa7\x2a\xbc\x6e\xca\x9c\x0f" + "\xa8\x71\x71\xb6\x5f\xe3\x2f\x8b\x07\xc7\xb4\x66\x27\x77\xb6\x7d\x56\xb5" + "\x90\x32\x3a\xd5\xbd\x2d\xb4\xda\xc7\xc4\xd8\xa8\xaf\x58\xa0\x65\x9a\x39" + "\xf1\x6e\x61\xb2\x1e\xdc\xdc\x6b\xe2\x81\xc3\x23\x12\x3b\xa0\x21\xc4\x90" + "\x5d\x3b\x02\x57\x00\xe6\x8a\xaa\xb8\x6d\x2c\x81\x43\xb5\xd6\xa0\x2b\x42" + "\x49\xa9\x0a\x51\xfa\x18\xc8\x32\xea\x54\x18\xf3\x60\xc2\xb5\x4a\x43\x05" + "\x93\x9c\x01\xd9\x28\xed\x73\xfa\x82\xbc\x12\x64\xcb\xc4\x24\xa9\x3e\xae" + "\x7c\x4b\x8f\x94\x57\x7b\x14\x10\x41\xdc\x62\x12\x8c\xb2\x4a\x7c\xf6\x53" + "\xd4\xc6\xe4\xda\xd1\xa2\x00\x0e\x3d\x30\xf7\x05\x4f\x1d\x82\xbc\x52\xd9" + "\xb1\x30\x82\x01\x0a\x30\x82\x01\x06\x02\x56\x00\x84\x12\x4f\xf7\x3b\x65" + "\x53\x34\x6c\x6c\x4d\x77\xdf\xfd\x1f\xb6\x16\xe2\x25\x15\xca\xc9\xc1\x41" + "\x9a\x50\xda\xeb\x88\x4f\x3d\xb3\x01\x00\x44\xc4\xac\xe7\x14\x62\xa6\x56" + "\xde\xc5\xb7\xc3\x1d\x07\xbd\x7d\x64\xc5\x7e\x45\x25\x56\xed\x7a\xd2\x14" + "\xdb\x4e\x27\xd4\x1f\xf8\x94\xa7\xef\x07\xce\xdb\x24\xb7\xdd\x71\x5c\x63" + "\xc9\x33\xfe\xde\x40\x52\xeb\x02\x55\x58\x0c\x35\x4f\x7c\xee\x37\x78\x48" + "\x48\x33\xa5\x3f\xfe\x15\x24\x0f\x41\x6e\x0e\x87\x31\x2b\x81\x11\x8b\x3c" + "\x9d\x05\x8a\x29\x22\x00\xaa\xd8\x83\x1d\xef\x62\xec\x6e\xe4\x94\x83\xcf" + "\xd7\x68\xaf\xd3\xa8\xed\xd8\xfe\xd8\xc3\x8f\x48\xfc\x8c\x0d\xe7\x89\x6f" + "\xe2\xbf\xfb\x0d\xc5\x4a\x05\x34\x92\x18\x7a\x93\xa0\xe8\x42\x86\x22\xa9" + "\xe9\x80\x37\x47\x02\x55\x60\x76\xab\xde\x2b\xf5\xa2\x2c\xaa\x0c\x99\x81" + "\xee\x72\x2c\x7d\x22\x59\x2a\x35\xea\x50\x4e\x47\x6b\x92\x2d\x30\xa1\x01" + "\xa5\x9e\x26\x6e\x27\xca\xf5\xf2\x87\x5d\x31\xaf\xe9\x32\xcd\x10\xfd\x4d" + "\xdb\xf9\x86\x05\x12\x1b\x01\x84\x55\x97\x5f\xe2\x78\x27\xd9\xe4\x26\x7d" + "\xab\x0e\xe0\x1b\x6f\xcb\x4b\x14\xdd\xdc\xdc\x8b\xe8\x9f\xd0\x62\x96\xca" + "\xcf"; + +static const uint8_t kThreePrimeEncryptedMessage[] = { + 0x58, 0xd9, 0xea, 0x8a, 0xf6, 0x3d, 0xb4, 0xd9, 0xf7, 0xbb, 0x02, 0xc5, + 0x58, 0xd2, 0xa9, 0x46, 0x80, 0x70, 0x70, 0x16, 0x07, 0x64, 0x32, 0x4c, + 0x4e, 0x92, 0x61, 0xb7, 0xff, 0x92, 0xdc, 0xfc, 0xf8, 0xf0, 0x2c, 0x84, + 0x56, 0xbc, 0xe5, 0x93, 0x76, 0xe5, 0xa3, 0x72, 0x98, 0xf2, 0xdf, 0xef, + 0x99, 0x53, 0xf6, 0xd8, 0x4b, 0x09, 0xac, 0xa9, 0xa3, 0xdb, 0x63, 0xa1, + 0xb5, 0x09, 0x8e, 0x40, 0x84, 0x8f, 0x4d, 0xd5, 0x1d, 0xac, 0x6c, 0xaa, + 0x6b, 0x15, 0xe7, 0xb1, 0x0c, 0x67, 0xd2, 0xb2, 0x81, 0x58, 0x30, 0x0e, + 0x18, 0x27, 0xa1, 0x9b, 0x96, 0xad, 0xae, 0x76, 0x1a, 0x32, 0xf7, 0x10, + 0x0b, 0x53, 0x85, 0x31, 0xd6, 0x2a, 0xf6, 0x1c, 0x9f, 0xc2, 0xc7, 0xb1, + 0x05, 0x63, 0x0b, 0xa5, 0x07, 0x1f, 0x1c, 0x01, 0xf0, 0xe0, 0x06, 0xea, + 0x20, 0x69, 0x41, 0x19, 0x57, 0x92, 0x17, 0xf7, 0x0c, 0x5c, 0x66, 0x75, + 0x0e, 0xe5, 0xb3, 0xf1, 0x67, 0x3b, 0x27, 0x47, 0xb2, 0x8e, 0x1c, 0xb6, + 0x3f, 0xdd, 0x76, 0x42, 0x31, 0x13, 0x68, 0x96, 0xdf, 0x3b, 0xd4, 0x87, + 0xd9, 0x16, 0x44, 0x71, 0x52, 0x2e, 0x54, 0x3e, 0x09, 0xcd, 0x71, 0xc1, + 0x1e, 0x5e, 0x96, 0x13, 0xc9, 0x1e, 0xa4, 0xe6, 0xe6, 0x97, 0x2c, 0x6b, + 0xf2, 0xa9, 0x5c, 0xc6, 0x60, 0x2a, 0xbc, 0x82, 0xf8, 0xcb, 0xd4, 0xd7, + 0xea, 0x8a, 0xa1, 0x8a, 0xd9, 0xa5, 0x14, 0x8b, 0x9e, 0xf9, 0x25, 0x02, + 0xd2, 0xab, 0x0c, 0x42, 0xca, 0x2d, 0x45, 0xa3, 0x56, 0x5e, 0xa2, 0x2a, + 0xc8, 0x60, 0xa5, 0x87, 0x5d, 0x85, 0x5c, 0xde, 0xc7, 0xa2, 0x47, 0xc3, + 0x99, 0x29, 0x23, 0x79, 0x36, 0x88, 0xad, 0x40, 0x3e, 0x27, 0x7d, 0xf0, + 0xb6, 0xfa, 0x95, 0x20, 0x3c, 0xec, 0xfc, 0x56, 0x3b, 0x20, 0x91, 0xee, + 0x98, 0x10, 0x2c, 0x82, +}; + +static const uint8_t kSixPrimeKey[] = + "\x30\x82\x05\x20\x02\x01\x01\x02\x82\x01\x00\x1c\x04\x39\x44\xb9\xb8\x71" + "\x1c\x1c\xf7\xdc\x11\x1b\x85\x3b\x2b\xe8\xa6\xeb\xeb\xe9\xb6\x86\x97\x73" + "\x5d\x75\x46\xd1\x35\x25\xf8\x30\x9a\xc3\x57\x44\x89\xa6\x44\x59\xe3\x3a" + "\x60\xb5\x33\x84\x72\xa4\x03\xc5\x1a\x20\x98\x70\xbd\xe8\x3b\xc1\x9b\x8a" + "\x3a\x24\x45\xb6\x6a\x73\xb4\xd0\x6c\x18\xc6\xa7\x94\xd3\x24\x70\xf0\x2d" + "\x0c\xa5\xb2\x3b\xc5\x33\x90\x9d\x56\x8d\x33\xf6\x93\x7d\xa7\x95\x88\x05" + "\xdf\xf5\x65\x58\xb9\x5b\xd3\x07\x9c\x16\x8e\x74\xfc\xb8\x76\xaf\x62\x99" + "\x6c\xd4\xc5\xb3\x69\xe5\x64\xdf\x38\x00\x25\x24\xe9\xb1\x4a\x85\xa6\xf4" + "\xb6\x23\x68\x67\x4a\x2c\xbd\x9d\x01\x3b\x04\x8c\x70\x94\x82\x76\x45\x0c" + "\x8b\x95\x8a\x07\x1c\x32\xe7\x09\x97\x3a\xfd\xca\x57\xe9\x57\x0c\xae\x2b" + "\xa3\x25\xd1\xf2\x0d\x34\xa1\xe6\x2f\x7b\x1b\x36\x53\x83\x95\xb9\x26\x6e" + "\x4f\x36\x26\xf8\x47\xae\xdf\xe8\x4d\xf6\xb2\xff\x03\x23\x74\xfa\xa5\x6d" + "\xcb\xcb\x80\x12\xc3\x77\xf0\x19\xb7\xf2\x6b\x19\x5c\xde\x0a\xd7\xee\x8c" + "\x48\x2f\x50\x24\xa5\x2e\xcc\x2a\xed\xc2\x35\xe0\x3d\x29\x31\x17\xd6\x8f" + "\x44\xaa\x5b\x33\xbd\xb4\x88\x87\xd9\x29\x3f\x94\xe7\x75\xe3\x02\x01\x03" + "\x02\x82\x01\x00\x12\xad\x7b\x83\x26\x7a\xf6\x12\xbd\xfa\x92\xb6\x12\x58" + "\xd2\x1d\x45\xc4\x9d\x47\xf1\x24\x59\xba\x4c\xe8\xf8\xd9\xe0\xce\x19\x50" + "\x20\x67\x2c\xe4\xd8\x5b\xc4\x2d\x91\x41\xeb\x05\x4f\xf4\xb4\x20\xc7\xbc" + "\xd6\xe2\x5c\xa0\x27\xcf\xb8\xb3\x3b\x5c\xeb\x5e\x96\xb7\x99\x4b\x8a\xc3" + "\x70\xaf\x7f\xd8\x5f\xeb\xcb\x1a\x79\x44\x68\x97\x84\xd8\x29\x87\x64\xba" + "\x18\x2e\x95\x66\x1a\x7d\xd9\x35\x3a\x5c\x92\x7a\x81\x1b\x6c\xa9\xf8\xfa" + "\x05\x23\x18\x5b\xb2\xf8\x77\x1c\xc5\x1b\x7d\x26\x5f\x48\x69\x1b\xc4\x34" + "\xef\x6e\xa1\x15\xd2\xb2\xac\xb8\xa8\xed\x1e\xee\xdc\xb5\xb9\x5c\x79\x25" + "\x48\xbb\xe5\x9d\xd8\xe5\xe2\x94\xdf\xd5\x32\x22\x84\xbf\xc2\xaa\xa4\x54" + "\xbb\x29\xdb\x13\x4a\x28\x3d\x83\x3a\xff\xa3\xae\x38\x08\xfc\x36\x84\x91" + "\x30\xd1\xfd\x82\x64\xf1\x0f\xae\xba\xd7\x9a\x43\x58\x03\x5e\x5f\x01\xcb" + "\x8b\x90\x8d\x77\x34\x6f\x37\x40\xb6\x6d\x22\x23\x90\xb2\xfd\x32\xb5\x96" + "\x45\xbf\xae\x8c\xc4\x62\x03\x6c\x68\x90\x59\x31\x1a\xcb\xfb\xa4\x0b\x94" + "\x15\x13\xda\x1a\x8d\xa7\x0b\x34\x62\x93\xea\xbe\x6e\x71\xc2\x1d\xc8\x9d" + "\xac\x66\xcc\x31\x87\xff\x99\xab\x02\x2c\x00\xa5\x57\x41\x66\x87\x68\x02" + "\x6a\xdf\x97\xb0\xfe\x6b\x34\xc4\x33\x88\x2b\xce\x82\xaf\x2d\x33\x5a\xad" + "\x75\x2d\xac\xa5\xd6\x3a\x2d\x65\x43\x68\xfb\x44\x9e\xb8\x25\x05\xed\x97" + "\x02\x2c\x00\xd2\x77\x34\x24\xac\x60\x9a\xc4\x68\x34\xe5\x6a\xa3\xdc\xe2" + "\xb0\x58\x5c\x35\x83\x5a\xc7\xa7\xc1\x0b\x7e\x9e\xa5\x85\x32\x47\x93\x22" + "\xee\xb6\x59\xe9\xe3\x61\x94\xd0\x0e\xcb\x02\x2b\x6e\x3a\x2b\x99\xaf\x9a" + "\xac\x47\x3f\xba\x75\xfe\xf2\x23\x2d\x77\xb0\x1d\x34\x57\x1f\x73\x77\x91" + "\xc8\xf8\xc9\x1d\xc3\xe4\x26\xc8\xee\x2c\xf0\xa7\x83\x14\x7a\xc3\x59\x49" + "\x0f\x02\x2c\x00\x8c\x4f\x78\x18\x72\xeb\x11\xd8\x45\x78\x98\xf1\xc2\x93" + "\x41\xca\xe5\x92\xce\x57\x91\xda\x6f\xd6\x07\xa9\xbf\x19\x03\x76\xda\x62" + "\x17\x49\xce\xe6\x9b\xec\xeb\xb8\x8a\xb4\x87\x02\x2c\x00\xa3\xc2\x29\xa6" + "\xa7\xe1\x3c\xe9\xcf\x0f\x50\x51\x1c\xcc\xc8\x5b\x08\x9c\x97\x24\x3a\x86" + "\x23\xa8\x0b\xbb\x54\xa6\xb9\x70\x3d\x1d\xd0\x1b\xa3\xac\xd9\xb2\x03\x80" + "\xd7\x67\xec\x30\x82\x02\x29\x30\x81\x88\x02\x2c\x00\x97\x5d\x3b\xf2\xcc" + "\xba\xd9\x77\x67\xaa\xd2\x22\xa7\xa3\x49\x08\xc7\xb8\x27\xa1\x59\x4b\xa7" + "\xa5\xd2\x74\x05\xe7\x5a\x35\xd7\x25\x79\x18\x20\x8a\x25\xec\x3b\x52\xaf" + "\xcb\xdb\x02\x2b\x64\xe8\xd2\xa1\xdd\xd1\xe6\x4f\x9a\x71\xe1\x6c\x6f\xc2" + "\x30\xb0\x85\x25\x6f\xc0\xe6\x32\x6f\xc3\xe1\xa2\xae\x9a\x3c\x23\xe4\xc3" + "\xa6\x10\x15\xb1\x6e\x9d\x7c\xe1\xca\x87\xe7\x02\x2b\x5e\xef\x25\x29\xed" + "\xf6\x52\x15\xd3\x60\xb6\x88\xcf\x0f\xe2\x24\xa4\x04\x97\x9c\x9d\x58\x13" + "\xbb\x00\x6d\x39\xf6\xad\x21\x7e\x56\x2c\x2e\x06\x06\xc4\x6d\x44\xac\x79" + "\x1f\xe5\x30\x81\x89\x02\x2c\x00\xdb\xf1\x78\xf9\xa4\x94\xea\x39\x8a\x3f" + "\x23\x48\x2a\x23\x8f\xd2\x18\x97\xd2\xdf\x0f\xb8\x2b\x33\xa0\xe8\x8f\xbc" + "\x4e\x42\xfd\x54\xc7\x0f\xde\xba\x6d\xba\x96\xa7\xce\x67\x3d\x02\x2c\x00" + "\x92\xa0\xfb\x51\x18\x63\x46\xd1\x06\xd4\xc2\x30\x1c\x17\xb5\x36\xbb\x0f" + "\xe1\xea\x0a\x7a\xc7\x77\xc0\x9b\x0a\x7d\x89\x81\xfe\x38\x84\xb5\x3f\x26" + "\xf3\xd1\xb9\xc5\x34\x44\xd3\x02\x2b\x4c\xbd\x1d\x44\xc8\x19\x23\xd8\xb3" + "\x96\x66\x4b\x62\xcb\x3e\xe6\x6c\x11\xdf\xb2\x92\xd3\xc8\x34\xb9\xa6\x5a" + "\x2f\x19\xf4\x0b\xb2\xe6\x8e\xa6\xaf\xa3\xae\xa4\xb3\x92\xc4\x79\x30\x81" + "\x85\x02\x2b\x00\x89\xab\x30\xfc\x7b\x37\x94\x11\x9f\x4d\x31\x3b\xac\x09" + "\x57\xe6\x64\xec\xa0\xc8\xf8\x04\x1a\xf9\x2a\xa4\x4b\x36\x18\xbb\x5f\xdc" + "\xcd\xf0\xc8\xcb\x97\xd1\xdf\x13\x12\x3f\x02\x2a\x5b\xc7\x75\xfd\xa7\x7a" + "\x62\xb6\x6a\x33\x76\x27\xc8\x06\x3a\x99\x98\x9d\xc0\x85\xfa\xad\x67\x50" + "\xc7\x18\x32\x24\x10\x7c\xea\x93\x33\xf5\xdb\x32\x65\x36\x94\xb7\x61\x7f" + "\x02\x2a\x16\x6c\x96\xa1\x50\x6f\x3a\x92\xc0\x75\x43\xb5\x6b\x9c\x17\x09" + "\xd3\xf0\x67\x69\x45\x92\xfb\x7b\x50\xa8\x42\x9b\x33\x92\xab\xd5\xe6\x49" + "\xb3\x26\x99\x55\x16\x3a\x39\x63\x30\x81\x87\x02\x2b\x00\xc1\x25\x19\x1d" + "\x6e\x18\xcb\x2d\x64\xe2\xe6\xb6\x1c\xe4\xaa\x9c\xb9\xee\x18\xd4\xf7\x5f" + "\x66\x40\xf0\xe1\x31\x38\xf2\x53\x00\x8b\xcc\xe4\x0d\xb7\x81\xb4\xe6\x1c" + "\x19\xaf\x02\x2b\x00\x80\xc3\x66\x13\x9e\xbb\x32\x1e\x43\x41\xef\x24\x13" + "\x43\x1c\x68\x7b\xf4\x10\x8d\xfa\x3f\x99\x80\xa0\x96\x20\xd0\xa1\x8c\xab" + "\x07\xdd\xed\x5e\x7a\x56\x78\x99\x68\x11\x1f\x02\x2b\x00\xb0\x59\xea\x67" + "\x93\x42\xbf\x07\x54\x38\x41\xcb\x73\xa4\x0e\xc2\xae\x56\x19\x41\xc9\x8a" + "\xb2\x2f\xa8\x0a\xb1\x4e\x12\x39\x2e\xc0\x94\x9a\xc6\xa3\xe4\xaf\x8a\x16" + "\x06\xb8"; + +static const uint8_t kSixPrimeEncryptedMessage[] = { + 0x0a, 0xcb, 0x6c, 0x02, 0x9d, 0x1a, 0x7c, 0xf3, 0x4e, 0xff, 0x16, 0x88, + 0xee, 0x22, 0x1d, 0x8d, 0xd2, 0xfd, 0xde, 0x83, 0xb3, 0xd9, 0x35, 0x2c, + 0x82, 0xe0, 0xff, 0xe6, 0x79, 0x6d, 0x06, 0x21, 0x74, 0xa8, 0x04, 0x0c, + 0xe2, 0xd3, 0x98, 0x3f, 0xbf, 0xd0, 0xe9, 0x88, 0x24, 0xe2, 0x05, 0xa4, + 0x45, 0x51, 0x87, 0x6b, 0x1c, 0xef, 0x5f, 0x2d, 0x61, 0xb6, 0xf1, 0x4c, + 0x1f, 0x3d, 0xbf, 0x4b, 0xf2, 0xda, 0x09, 0x97, 0x81, 0xde, 0x91, 0xb7, + 0x0d, 0xb4, 0xc2, 0xab, 0x41, 0x64, 0x9d, 0xd9, 0x39, 0x46, 0x79, 0x66, + 0x43, 0xf1, 0x34, 0x21, 0x56, 0x2f, 0xc6, 0x68, 0x40, 0x4a, 0x2d, 0x73, + 0x96, 0x50, 0xe1, 0xb0, 0xaf, 0x49, 0x39, 0xb4, 0xf0, 0x3a, 0x78, 0x38, + 0x70, 0xa9, 0x91, 0x5d, 0x5e, 0x07, 0xf4, 0xec, 0xbb, 0xc4, 0xe5, 0x8a, + 0xb8, 0x06, 0xba, 0xdf, 0xc6, 0x48, 0x78, 0x4b, 0xca, 0x2a, 0x8a, 0x92, + 0x64, 0xe3, 0xa6, 0xae, 0x87, 0x97, 0x12, 0x16, 0x46, 0x67, 0x59, 0xdf, + 0xf2, 0xf3, 0x89, 0x6f, 0xe8, 0xa9, 0x13, 0x57, 0x63, 0x4e, 0x07, 0x98, + 0xcc, 0x73, 0xa0, 0x84, 0x9d, 0xe8, 0xb3, 0x50, 0x59, 0xb5, 0x51, 0xb3, + 0x41, 0x7d, 0x55, 0xfe, 0xd9, 0xf0, 0xc6, 0xff, 0x6e, 0x96, 0x4f, 0x22, + 0xb2, 0x0d, 0x6b, 0xc9, 0x83, 0x2d, 0x98, 0x98, 0xb2, 0xd1, 0xb7, 0xe4, + 0x50, 0x83, 0x1a, 0xa9, 0x02, 0x9f, 0xaf, 0x54, 0x74, 0x2a, 0x2c, 0x63, + 0x10, 0x79, 0x45, 0x5c, 0x95, 0x0d, 0xa1, 0x9b, 0x55, 0xf3, 0x1e, 0xb7, + 0x56, 0x59, 0xf1, 0x59, 0x8d, 0xd6, 0x15, 0x89, 0xf6, 0xfe, 0xc0, 0x00, + 0xdd, 0x1f, 0x2b, 0xf0, 0xf7, 0x5d, 0x64, 0x84, 0x76, 0xd3, 0xc2, 0x92, + 0x35, 0xac, 0xb5, 0xf9, 0xf6, 0xa8, 0x05, 0x89, 0x4c, 0x95, 0x41, 0x4e, + 0x34, 0x25, 0x11, 0x14, +}; + +// kEstonianRSAKey is an RSAPublicKey encoded with a negative modulus. See +// https://crbug.com/532048. +static const uint8_t kEstonianRSAKey[] = { + 0x30, 0x82, 0x01, 0x09, 0x02, 0x82, 0x01, 0x00, 0x96, 0xa6, 0x2e, 0x9c, + 0x4e, 0x6a, 0xc3, 0xcc, 0xcd, 0x8f, 0x70, 0xc3, 0x55, 0xbf, 0x5e, 0x9c, + 0xd4, 0xf3, 0x17, 0xc3, 0x97, 0x70, 0xae, 0xdf, 0x12, 0x5c, 0x15, 0x80, + 0x03, 0xef, 0x2b, 0x18, 0x9d, 0x6a, 0xcb, 0x52, 0x22, 0xc1, 0x81, 0xb8, + 0x7e, 0x61, 0xe8, 0x0f, 0x79, 0x24, 0x0f, 0x82, 0x70, 0x24, 0x4e, 0x29, + 0x20, 0x05, 0x54, 0xeb, 0xd4, 0xa9, 0x65, 0x59, 0xb6, 0x3c, 0x75, 0x95, + 0x2f, 0x4c, 0xf6, 0x9d, 0xd1, 0xaf, 0x5f, 0x14, 0x14, 0xe7, 0x25, 0xea, + 0xa5, 0x47, 0x5d, 0xc6, 0x3e, 0x28, 0x8d, 0xdc, 0x54, 0x87, 0x2a, 0x7c, + 0x10, 0xe9, 0xc6, 0x76, 0x2d, 0xe7, 0x79, 0xd8, 0x0e, 0xbb, 0xa9, 0xac, + 0xb5, 0x18, 0x98, 0xd6, 0x47, 0x6e, 0x06, 0x70, 0xbf, 0x9e, 0x82, 0x25, + 0x95, 0x4e, 0xfd, 0x70, 0xd7, 0x73, 0x45, 0x2e, 0xc1, 0x1f, 0x7a, 0x9a, + 0x9d, 0x60, 0xc0, 0x1f, 0x67, 0x06, 0x2a, 0x4e, 0x87, 0x3f, 0x19, 0x88, + 0x69, 0x64, 0x4d, 0x9f, 0x75, 0xf5, 0xd3, 0x1a, 0x41, 0x3d, 0x35, 0x17, + 0xb6, 0xd1, 0x44, 0x0d, 0x25, 0x8b, 0xe7, 0x94, 0x39, 0xb0, 0x7c, 0xaf, + 0x3e, 0x6a, 0xfa, 0x8d, 0x90, 0x21, 0x0f, 0x8a, 0x43, 0x94, 0x37, 0x7c, + 0x2a, 0x15, 0x4c, 0xa0, 0xfa, 0xa9, 0x2f, 0x21, 0xa6, 0x6f, 0x8e, 0x2f, + 0x89, 0xbc, 0xbb, 0x33, 0xf8, 0x31, 0xfc, 0xdf, 0xcd, 0x68, 0x9a, 0xbc, + 0x75, 0x06, 0x95, 0xf1, 0x3d, 0xef, 0xca, 0x76, 0x27, 0xd2, 0xba, 0x8e, + 0x0e, 0x1c, 0x43, 0xd7, 0x70, 0xb9, 0xc6, 0x15, 0xca, 0xd5, 0x4d, 0x87, + 0xb9, 0xd1, 0xae, 0xde, 0x69, 0x73, 0x00, 0x2a, 0x97, 0x51, 0x4b, 0x30, + 0x01, 0xc2, 0x85, 0xd0, 0x05, 0xcc, 0x2e, 0xe8, 0xc7, 0x42, 0xe7, 0x94, + 0x51, 0xe3, 0xf5, 0x19, 0x35, 0xdc, 0x57, 0x96, 0xe7, 0xd9, 0xb4, 0x49, + 0x02, 0x03, 0x01, 0x00, 0x01, +}; + +static bool TestRSA(const uint8_t *der, size_t der_len, + const uint8_t *oaep_ciphertext, + size_t oaep_ciphertext_len) { + ScopedRSA key(d2i_RSAPrivateKey(nullptr, &der, der_len)); + if (!key) { + return false; + } + + if (!RSA_check_key(key.get())) { + fprintf(stderr, "RSA_check_key failed\n"); + return false; + } + + uint8_t ciphertext[256]; + + int num = RSA_public_encrypt(kPlaintextLen, kPlaintext, ciphertext, key.get(), + RSA_PKCS1_PADDING); + if (num < 0 || (size_t)num != RSA_size(key.get())) { + fprintf(stderr, "PKCS#1 v1.5 encryption failed!\n"); + return false; + } + + uint8_t plaintext[256]; + num = RSA_private_decrypt(num, ciphertext, plaintext, key.get(), + RSA_PKCS1_PADDING); + if (num < 0 || + (size_t)num != kPlaintextLen || memcmp(plaintext, kPlaintext, num) != 0) { + fprintf(stderr, "PKCS#1 v1.5 decryption failed!\n"); + return false; + } + + num = RSA_public_encrypt(kPlaintextLen, kPlaintext, ciphertext, key.get(), + RSA_PKCS1_OAEP_PADDING); + if (num < 0 || (size_t)num != RSA_size(key.get())) { + fprintf(stderr, "OAEP encryption failed!\n"); + return false; + } + + num = RSA_private_decrypt(num, ciphertext, plaintext, key.get(), + RSA_PKCS1_OAEP_PADDING); + if (num < 0 || + (size_t)num != kPlaintextLen || memcmp(plaintext, kPlaintext, num) != 0) { + fprintf(stderr, "OAEP decryption (encrypted data) failed!\n"); + return false; + } + + // |oaep_ciphertext| should decrypt to |kPlaintext|. + num = RSA_private_decrypt(oaep_ciphertext_len, oaep_ciphertext, plaintext, + key.get(), RSA_PKCS1_OAEP_PADDING); + + if (num < 0 || + (size_t)num != kPlaintextLen || memcmp(plaintext, kPlaintext, num) != 0) { + fprintf(stderr, "OAEP decryption (test vector data) failed!\n"); + return false; + } + + // Try decrypting corrupted ciphertexts. + memcpy(ciphertext, oaep_ciphertext, oaep_ciphertext_len); + for (size_t i = 0; i < oaep_ciphertext_len; i++) { + uint8_t saved = ciphertext[i]; + for (unsigned b = 0; b < 256; b++) { + if (b == saved) { + continue; + } + ciphertext[i] = b; + num = RSA_private_decrypt(num, ciphertext, plaintext, key.get(), + RSA_PKCS1_OAEP_PADDING); + if (num > 0) { + fprintf(stderr, "Corrupt data decrypted!\n"); + return false; + } + } + ciphertext[i] = saved; + } + + return true; +} + +static bool TestMultiPrimeKey(int nprimes, const uint8_t *der, size_t der_size, + const uint8_t *enc, size_t enc_size) { + ScopedRSA rsa(d2i_RSAPrivateKey(nullptr, &der, der_size)); + if (!rsa) { + fprintf(stderr, "%d-prime key failed to parse.\n", nprimes); + ERR_print_errors_fp(stderr); + return false; + } + + if (!RSA_check_key(rsa.get())) { + fprintf(stderr, "RSA_check_key failed for %d-prime key.\n", nprimes); + ERR_print_errors_fp(stderr); + return false; + } + + uint8_t out[256]; + size_t out_len; + if (!RSA_decrypt(rsa.get(), &out_len, out, sizeof(out), enc, enc_size, + RSA_PKCS1_PADDING) || + out_len != 11 || + memcmp(out, "hello world", 11) != 0) { + fprintf(stderr, "%d-prime key failed to decrypt.\n", nprimes); + ERR_print_errors_fp(stderr); + return false; + } + + return true; +} + +static bool TestMultiPrimeKeygen() { + static const char kMessage[] = "Hello world."; + static const size_t kBits = 1024; + uint8_t encrypted[kBits / 8], decrypted[kBits / 8]; + size_t encrypted_len, decrypted_len; + + ScopedRSA rsa(RSA_new()); + ScopedBIGNUM e(BN_new()); + if (!rsa || !e || + !BN_set_word(e.get(), RSA_F4) || + !RSA_generate_multi_prime_key(rsa.get(), kBits, 3, e.get(), nullptr) || + !RSA_check_key(rsa.get()) || + !RSA_encrypt(rsa.get(), &encrypted_len, encrypted, sizeof(encrypted), + (const uint8_t *)kMessage, sizeof(kMessage), + RSA_PKCS1_PADDING) || + !RSA_decrypt(rsa.get(), &decrypted_len, decrypted, sizeof(decrypted), + encrypted, encrypted_len, RSA_PKCS1_PADDING) || + decrypted_len != sizeof(kMessage) || + memcmp(decrypted, kMessage, sizeof(kMessage)) != 0) { + ERR_print_errors_fp(stderr); + return false; + } + + return true; +} + +static bool TestBadKey() { + ScopedRSA key(RSA_new()); + ScopedBIGNUM e(BN_new()); + + if (!key || !e || !BN_set_word(e.get(), RSA_F4)) { + return false; + } + + if (!RSA_generate_key_ex(key.get(), 512, e.get(), nullptr)) { + fprintf(stderr, "RSA_generate_key_ex failed.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + if (!BN_add(key->p, key->p, BN_value_one())) { + fprintf(stderr, "BN error.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + if (RSA_check_key(key.get())) { + fprintf(stderr, "RSA_check_key passed with invalid key!\n"); + return false; + } + + ERR_clear_error(); + return true; +} + +static bool TestOnlyDGiven() { + uint8_t buf[64]; + unsigned buf_len = sizeof(buf); + ScopedRSA key(RSA_new()); + if (!key || + !BN_hex2bn(&key->n, + "00e77bbf3889d4ef36a9a25d4d69f3f632eb4362214c74517da6d6aeaa9bd" + "09ac42b26621cd88f3a6eb013772fc3bf9f83914b6467231c630202c35b3e" + "5808c659") || + !BN_hex2bn(&key->e, "010001") || + !BN_hex2bn(&key->d, + "0365db9eb6d73b53b015c40cd8db4de7dd7035c68b5ac1bf786d7a4ee2cea" + "316eaeca21a73ac365e58713195f2ae9849348525ca855386b6d028e437a9" + "495a01") || + RSA_size(key.get()) > sizeof(buf)) { + return false; + } + + if (!RSA_check_key(key.get())) { + fprintf(stderr, "RSA_check_key failed with only d given.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + const uint8_t kDummyHash[16] = {0}; + + if (!RSA_sign(NID_sha256, kDummyHash, sizeof(kDummyHash), buf, &buf_len, + key.get())) { + fprintf(stderr, "RSA_sign failed with only d given.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + if (!RSA_verify(NID_sha256, kDummyHash, sizeof(kDummyHash), buf, buf_len, + key.get())) { + fprintf(stderr, "RSA_verify failed with only d given.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + return true; +} + +static bool TestRecoverCRTParams() { + ScopedBIGNUM e(BN_new()); + if (!e || !BN_set_word(e.get(), RSA_F4)) { + return false; + } + + ERR_clear_error(); + + for (unsigned i = 0; i < 1; i++) { + ScopedRSA key1(RSA_new()); + if (!key1 || + !RSA_generate_key_ex(key1.get(), 512, e.get(), nullptr)) { + fprintf(stderr, "RSA_generate_key_ex failed.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + if (!RSA_check_key(key1.get())) { + fprintf(stderr, "RSA_check_key failed with original key.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + ScopedRSA key2(RSA_new()); + if (!key2) { + return false; + } + key2->n = BN_dup(key1->n); + key2->e = BN_dup(key1->e); + key2->d = BN_dup(key1->d); + if (key2->n == nullptr || key2->e == nullptr || key2->d == nullptr) { + return false; + } + + if (!RSA_recover_crt_params(key2.get())) { + fprintf(stderr, "RSA_recover_crt_params failed.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + uint8_t buf[128]; + unsigned buf_len = sizeof(buf); + if (RSA_size(key2.get()) > buf_len) { + return false; + } + + if (!RSA_check_key(key2.get())) { + fprintf(stderr, "RSA_check_key failed with recovered key.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + const uint8_t kDummyHash[16] = {0}; + if (!RSA_sign(NID_sha256, kDummyHash, sizeof(kDummyHash), buf, &buf_len, + key2.get())) { + fprintf(stderr, "RSA_sign failed with recovered key.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + if (!RSA_verify(NID_sha256, kDummyHash, sizeof(kDummyHash), buf, buf_len, + key2.get())) { + fprintf(stderr, "RSA_verify failed with recovered key.\n"); + ERR_print_errors_fp(stderr); + return false; + } + } + + return true; +} + +static bool TestASN1() { + // Test that private keys may be decoded. + ScopedRSA rsa(RSA_private_key_from_bytes(kKey1, sizeof(kKey1) - 1)); + if (!rsa) { + return false; + } + + // Test that the serialization round-trips. + uint8_t *der; + size_t der_len; + if (!RSA_private_key_to_bytes(&der, &der_len, rsa.get())) { + return false; + } + ScopedOpenSSLBytes delete_der(der); + if (der_len != sizeof(kKey1) - 1 || memcmp(der, kKey1, der_len) != 0) { + return false; + } + + // Test that serializing public keys works. + if (!RSA_public_key_to_bytes(&der, &der_len, rsa.get())) { + return false; + } + delete_der.reset(der); + + // Public keys may be parsed back out. + rsa.reset(RSA_public_key_from_bytes(der, der_len)); + if (!rsa || rsa->p != NULL || rsa->q != NULL) { + return false; + } + + // Serializing the result round-trips. + uint8_t *der2; + size_t der2_len; + if (!RSA_public_key_to_bytes(&der2, &der2_len, rsa.get())) { + return false; + } + ScopedOpenSSLBytes delete_der2(der2); + if (der_len != der2_len || memcmp(der, der2, der_len) != 0) { + return false; + } + + // Public keys cannot be serialized as private keys. + if (RSA_private_key_to_bytes(&der, &der_len, rsa.get())) { + OPENSSL_free(der); + return false; + } + ERR_clear_error(); + + // Public keys with negative moduli are invalid. + rsa.reset(RSA_public_key_from_bytes(kEstonianRSAKey, + sizeof(kEstonianRSAKey))); + if (rsa) { + return false; + } + ERR_clear_error(); + + // But |RSA_parse_public_key_buggy| will accept it. + CBS cbs; + CBS_init(&cbs, kEstonianRSAKey, sizeof(kEstonianRSAKey)); + rsa.reset(RSA_parse_public_key_buggy(&cbs)); + if (!rsa || CBS_len(&cbs) != 0) { + return false; + } + + return true; +} + +int main(int argc, char *argv[]) { + CRYPTO_library_init(); + + if (!TestRSA(kKey1, sizeof(kKey1) - 1, kOAEPCiphertext1, + sizeof(kOAEPCiphertext1) - 1) || + !TestRSA(kKey2, sizeof(kKey2) - 1, kOAEPCiphertext2, + sizeof(kOAEPCiphertext2) - 1) || + !TestRSA(kKey3, sizeof(kKey3) - 1, kOAEPCiphertext3, + sizeof(kOAEPCiphertext3) - 1) || + !TestOnlyDGiven() || + !TestRecoverCRTParams() || + !TestBadKey() || + !TestMultiPrimeKey(2, kTwoPrimeKey, sizeof(kTwoPrimeKey) - 1, + kTwoPrimeEncryptedMessage, + sizeof(kTwoPrimeEncryptedMessage)) || + !TestMultiPrimeKey(3, kThreePrimeKey, sizeof(kThreePrimeKey) - 1, + kThreePrimeEncryptedMessage, + sizeof(kThreePrimeEncryptedMessage)) || + !TestMultiPrimeKey(6, kSixPrimeKey, sizeof(kSixPrimeKey) - 1, + kSixPrimeEncryptedMessage, + sizeof(kSixPrimeEncryptedMessage)) || + !TestMultiPrimeKeygen() || + !TestASN1()) { + return 1; + } + + printf("PASS\n"); + return 0; +} diff --git a/src/crypto/sha/CMakeLists.txt b/src/crypto/sha/CMakeLists.txt index 5a10c85..ecff09b 100644 --- a/src/crypto/sha/CMakeLists.txt +++ b/src/crypto/sha/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) if (${ARCH} STREQUAL "x86_64") set( diff --git a/src/crypto/sha/asm/sha1-586.pl b/src/crypto/sha/asm/sha1-586.pl index 4895eb3..e0b5d83 100644 --- a/src/crypto/sha/asm/sha1-586.pl +++ b/src/crypto/sha/asm/sha1-586.pl @@ -66,9 +66,9 @@ # switch to AVX alone improves performance by as little as 4% in # comparison to SSSE3 code path. But below result doesn't look like # 4% improvement... Trouble is that Sandy Bridge decodes 'ro[rl]' as -# pair of µ-ops, and it's the additional µ-ops, two per round, that +# pair of µ-ops, and it's the additional µ-ops, two per round, that # make it run slower than Core2 and Westmere. But 'sh[rl]d' is decoded -# as single µ-op by Sandy Bridge and it's replacing 'ro[rl]' with +# as single µ-op by Sandy Bridge and it's replacing 'ro[rl]' with # equivalent 'sh[rl]d' that is responsible for the impressive 5.1 # cycles per processed byte. But 'sh[rl]d' is not something that used # to be fast, nor does it appear to be fast in upcoming Bulldozer diff --git a/src/crypto/sha/asm/sha1-armv4-large.pl b/src/crypto/sha/asm/sha1-armv4-large.pl index a20d336..64e2ed6 100644 --- a/src/crypto/sha/asm/sha1-armv4-large.pl +++ b/src/crypto/sha/asm/sha1-armv4-large.pl @@ -178,7 +178,7 @@ ___ } $code=<<___; -#include "arm_arch.h" +#include .text .code 32 diff --git a/src/crypto/sha/asm/sha1-armv8.pl b/src/crypto/sha/asm/sha1-armv8.pl index a8c08c2..1c4fe4a 100644 --- a/src/crypto/sha/asm/sha1-armv8.pl +++ b/src/crypto/sha/asm/sha1-armv8.pl @@ -162,7 +162,7 @@ ___ } $code.=<<___; -#include "arm_arch.h" +#include .text diff --git a/src/crypto/sha/asm/sha256-586.pl b/src/crypto/sha/asm/sha256-586.pl index 6462e45..e907714 100644 --- a/src/crypto/sha/asm/sha256-586.pl +++ b/src/crypto/sha/asm/sha256-586.pl @@ -10,7 +10,7 @@ # SHA256 block transform for x86. September 2007. # # Performance improvement over compiler generated code varies from -# 10% to 40% [see below]. Not very impressive on some µ-archs, but +# 10% to 40% [see below]. Not very impressive on some µ-archs, but # it's 5 times smaller and optimizies amount of writes. # # May 2012. diff --git a/src/crypto/sha/asm/sha256-armv4.pl b/src/crypto/sha/asm/sha256-armv4.pl index df71676..7e07147 100644 --- a/src/crypto/sha/asm/sha256-armv4.pl +++ b/src/crypto/sha/asm/sha256-armv4.pl @@ -168,7 +168,7 @@ ___ $code=<<___; #ifndef __KERNEL__ -# include "arm_arch.h" +# include #else # define __ARM_ARCH__ __LINUX_ARM_ARCH__ # define __ARM_MAX_ARCH__ 7 diff --git a/src/crypto/sha/asm/sha512-586.pl b/src/crypto/sha/asm/sha512-586.pl index e96ec00..2f6a202 100644 --- a/src/crypto/sha/asm/sha512-586.pl +++ b/src/crypto/sha/asm/sha512-586.pl @@ -37,7 +37,7 @@ # # IALU code-path is optimized for elder Pentiums. On vanilla Pentium # performance improvement over compiler generated code reaches ~60%, -# while on PIII - ~35%. On newer µ-archs improvement varies from 15% +# while on PIII - ~35%. On newer µ-archs improvement varies from 15% # to 50%, but it's less important as they are expected to execute SSE2 # code-path, which is commonly ~2-3x faster [than compiler generated # code]. SSE2 code-path is as fast as original sha512-sse2.pl, even diff --git a/src/crypto/sha/asm/sha512-armv4.pl b/src/crypto/sha/asm/sha512-armv4.pl index 2964a39..cd3662a 100644 --- a/src/crypto/sha/asm/sha512-armv4.pl +++ b/src/crypto/sha/asm/sha512-armv4.pl @@ -191,7 +191,7 @@ ___ } $code=<<___; #ifndef __KERNEL__ -# include "arm_arch.h" +# include # define VFP_ABI_PUSH vstmdb sp!,{d8-d15} # define VFP_ABI_POP vldmia sp!,{d8-d15} #else diff --git a/src/crypto/sha/asm/sha512-armv8.pl b/src/crypto/sha/asm/sha512-armv8.pl index 43e7293..40eb17a 100644 --- a/src/crypto/sha/asm/sha512-armv8.pl +++ b/src/crypto/sha/asm/sha512-armv8.pl @@ -164,7 +164,7 @@ ___ } $code.=<<___; -#include "arm_arch.h" +#include .text diff --git a/src/crypto/stack/CMakeLists.txt b/src/crypto/stack/CMakeLists.txt index bdb0599..dcd8ef4 100644 --- a/src/crypto/stack/CMakeLists.txt +++ b/src/crypto/stack/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( stack diff --git a/src/crypto/test/CMakeLists.txt b/src/crypto/test/CMakeLists.txt index 84a6174..8c75314 100644 --- a/src/crypto/test/CMakeLists.txt +++ b/src/crypto/test/CMakeLists.txt @@ -5,4 +5,5 @@ add_library( file_test.cc malloc.cc + test_util.cc ) diff --git a/src/crypto/test/file_test.cc b/src/crypto/test/file_test.cc index 8df6f9a..6723350 100644 --- a/src/crypto/test/file_test.cc +++ b/src/crypto/test/file_test.cc @@ -128,6 +128,7 @@ FileTest::ReadResult FileTest::ReadNext() { const char *delimiter = FindDelimiter(buf); if (delimiter == nullptr) { fprintf(stderr, "Line %u: Could not parse attribute.\n", line_); + return kReadError; } std::string key = StripSpace(buf, delimiter - buf); std::string value = StripSpace(delimiter + 1, diff --git a/src/crypto/test/file_test.h b/src/crypto/test/file_test.h index 7303d8a..24651ab 100644 --- a/src/crypto/test/file_test.h +++ b/src/crypto/test/file_test.h @@ -18,11 +18,19 @@ #include #include +#if defined(_MSC_VER) +#pragma warning(push) +#pragma warning(disable: 4702) +#endif + #include #include #include #include +#if defined(_MSC_VER) +#pragma warning(pop) +#endif // File-based test framework. // diff --git a/src/crypto/test/malloc.cc b/src/crypto/test/malloc.cc index 9ffdf01..898f2a7 100644 --- a/src/crypto/test/malloc.cc +++ b/src/crypto/test/malloc.cc @@ -34,6 +34,8 @@ #if defined(__linux__) && defined(OPENSSL_GLIBC) && !defined(OPENSSL_ARM) && \ !defined(OPENSSL_AARCH64) && !defined(OPENSSL_ASAN) +#include +#include #include #include #include @@ -45,14 +47,14 @@ /* This file defines overrides for the standard allocation functions that allow * a given allocation to be made to fail for testing. If the program is run * with MALLOC_NUMBER_TO_FAIL set to a base-10 number then that allocation will - * return NULL. If MALLOC_ABORT_ON_FAIL is also defined then the allocation - * will abort() rather than return NULL. + * return NULL. If MALLOC_BREAK_ON_FAIL is also defined then the allocation + * will signal SIGTRAP rather than return NULL. * * This code is not thread safe. */ static uint64_t current_malloc_count = 0; static uint64_t malloc_number_to_fail = 0; -static char failure_enabled = 0, abort_on_fail = 0; +static char failure_enabled = 0, break_on_fail = 0; static int in_call = 0; extern "C" { @@ -95,7 +97,7 @@ static int should_fail_allocation() { std::set_new_handler(cpp_new_handler); } } - abort_on_fail = (NULL != getenv("MALLOC_ABORT_ON_FAIL")); + break_on_fail = (NULL != getenv("MALLOC_BREAK_ON_FAIL")); init = 1; } @@ -108,8 +110,8 @@ static int should_fail_allocation() { should_fail = (current_malloc_count == malloc_number_to_fail); current_malloc_count++; - if (should_fail && abort_on_fail) { - abort(); + if (should_fail && break_on_fail) { + raise(SIGTRAP); } return should_fail; } @@ -118,6 +120,7 @@ extern "C" { void *malloc(size_t size) { if (should_fail_allocation()) { + errno = ENOMEM; return NULL; } @@ -126,6 +129,7 @@ void *malloc(size_t size) { void *calloc(size_t num_elems, size_t size) { if (should_fail_allocation()) { + errno = ENOMEM; return NULL; } @@ -134,6 +138,7 @@ void *calloc(size_t num_elems, size_t size) { void *realloc(void *ptr, size_t size) { if (should_fail_allocation()) { + errno = ENOMEM; return NULL; } diff --git a/src/crypto/test/scoped_types.h b/src/crypto/test/scoped_types.h index c5c8cfe..e44c6ed 100644 --- a/src/crypto/test/scoped_types.h +++ b/src/crypto/test/scoped_types.h @@ -18,6 +18,7 @@ #include #include +#include #include #include #include @@ -112,9 +113,13 @@ using ScopedPKCS12 = ScopedOpenSSLType; using ScopedRSA = ScopedOpenSSLType; using ScopedX509 = ScopedOpenSSLType; using ScopedX509_ALGOR = ScopedOpenSSLType; +using ScopedX509_SIG = ScopedOpenSSLType; using ScopedX509Stack = ScopedOpenSSLStack; +using ScopedEVP_AEAD_CTX = ScopedOpenSSLContext; using ScopedEVP_CIPHER_CTX = ScopedOpenSSLContext; diff --git a/src/crypto/test/test_util.cc b/src/crypto/test/test_util.cc new file mode 100644 index 0000000..8021aaa --- /dev/null +++ b/src/crypto/test/test_util.cc @@ -0,0 +1,30 @@ +/* Copyright (c) 2015, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#include +#include + +#include "test_util.h" + + +void hexdump(FILE *fp, const char *msg, const void *in, size_t len) { + const uint8_t *data = reinterpret_cast(in); + size_t i; + + fputs(msg, fp); + for (i = 0; i < len; i++) { + fprintf(fp, "%02x", data[i]); + } + fputs("\n", fp); +} diff --git a/src/crypto/test/test_util.h b/src/crypto/test/test_util.h new file mode 100644 index 0000000..972e206 --- /dev/null +++ b/src/crypto/test/test_util.h @@ -0,0 +1,35 @@ +/* Copyright (c) 2015, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#ifndef OPENSSL_HEADER_CRYPTO_TEST_TEST_UTIL_H +#define OPENSSL_HEADER_CRYPTO_TEST_TEST_UTIL_H + +#include +#include + +#if defined(__cplusplus) +extern "C" { +#endif + + +/* hexdump writes |msg| to |fp| followed by the hex encoding of |len| bytes + * from |in|. */ +void hexdump(FILE *fp, const char *msg, const void *in, size_t len); + + +#if defined(__cplusplus) +} +#endif + +#endif /* OPENSSL_HEADER_CRYPTO_TEST_TEST_UTIL_H */ diff --git a/src/crypto/x509/CMakeLists.txt b/src/crypto/x509/CMakeLists.txt index 3bb5704..258c263 100644 --- a/src/crypto/x509/CMakeLists.txt +++ b/src/crypto/x509/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( x509 @@ -15,6 +15,7 @@ add_library( i2d_pr.c pkcs7.c t_crl.c + t_req.c t_x509.c t_x509a.c x509.c diff --git a/src/crypto/x509/a_digest.c b/src/crypto/x509/a_digest.c index 6060bbd..430e2e6 100644 --- a/src/crypto/x509/a_digest.c +++ b/src/crypto/x509/a_digest.c @@ -71,7 +71,7 @@ int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data, i=i2d(data,NULL); if ((str=(unsigned char *)OPENSSL_malloc(i)) == NULL) { - OPENSSL_PUT_ERROR(X509, ASN1_digest, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return(0); } p=str; diff --git a/src/crypto/x509/a_sign.c b/src/crypto/x509/a_sign.c index f219c23..4e9be8a 100644 --- a/src/crypto/x509/a_sign.c +++ b/src/crypto/x509/a_sign.c @@ -106,7 +106,7 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, if ((buf_in == NULL) || (buf_out == NULL)) { outl=0; - OPENSSL_PUT_ERROR(X509, ASN1_item_sign_ctx, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); goto err; } @@ -114,7 +114,7 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, || !EVP_DigestSignFinal(ctx, buf_out, &outl)) { outl=0; - OPENSSL_PUT_ERROR(X509, ASN1_item_sign_ctx, ERR_R_EVP_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_EVP_LIB); goto err; } if (signature->data != NULL) OPENSSL_free(signature->data); diff --git a/src/crypto/x509/a_verify.c b/src/crypto/x509/a_verify.c index 72e0a62..572a139 100644 --- a/src/crypto/x509/a_verify.c +++ b/src/crypto/x509/a_verify.c @@ -80,13 +80,13 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, if (!pkey) { - OPENSSL_PUT_ERROR(X509, ASN1_item_verify, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(X509, ERR_R_PASSED_NULL_PARAMETER); return 0; } if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7) { - OPENSSL_PUT_ERROR(X509, ASN1_item_verify, X509_R_INVALID_BIT_STRING_BITS_LEFT); + OPENSSL_PUT_ERROR(X509, X509_R_INVALID_BIT_STRING_BITS_LEFT); return 0; } @@ -101,7 +101,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, if (buf_in == NULL) { - OPENSSL_PUT_ERROR(X509, ASN1_item_verify, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); goto err; } @@ -109,7 +109,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, { OPENSSL_cleanse(buf_in,(unsigned int)inl); OPENSSL_free(buf_in); - OPENSSL_PUT_ERROR(X509, ASN1_item_verify, ERR_R_EVP_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_EVP_LIB); goto err; } @@ -119,7 +119,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, if (EVP_DigestVerifyFinal(&ctx,signature->data, (size_t)signature->length) <= 0) { - OPENSSL_PUT_ERROR(X509, ASN1_item_verify, ERR_R_EVP_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_EVP_LIB); goto err; } /* we don't need to zero the 'ctx' because we just checked diff --git a/src/crypto/x509/asn1_gen.c b/src/crypto/x509/asn1_gen.c index d4d1ee6..850a816 100644 --- a/src/crypto/x509/asn1_gen.c +++ b/src/crypto/x509/asn1_gen.c @@ -171,7 +171,7 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf) { if (!cnf) { - OPENSSL_PUT_ERROR(ASN1, ASN1_generate_v3, ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG); return NULL; } ret = asn1_multi(asn1_tags.utype, asn1_tags.str, cnf); @@ -314,7 +314,7 @@ static int asn1_cb(const char *elem, int len, void *bitstr) if (utype == -1) { - OPENSSL_PUT_ERROR(ASN1, asn1_cb, ASN1_R_UNKNOWN_TAG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNKNOWN_TAG); ERR_add_error_data(2, "tag=", elem); return -1; } @@ -327,7 +327,7 @@ static int asn1_cb(const char *elem, int len, void *bitstr) /* If no value and not end of string, error */ if (!vstart && elem[len]) { - OPENSSL_PUT_ERROR(ASN1, asn1_cb, ASN1_R_MISSING_VALUE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_VALUE); return -1; } return 0; @@ -340,7 +340,7 @@ static int asn1_cb(const char *elem, int len, void *bitstr) /* Check for illegal multiple IMPLICIT tagging */ if (arg->imp_tag != -1) { - OPENSSL_PUT_ERROR(ASN1, asn1_cb, ASN1_R_ILLEGAL_NESTED_TAGGING); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_NESTED_TAGGING); return -1; } if (!parse_tagging(vstart, vlen, &arg->imp_tag, &arg->imp_class)) @@ -378,7 +378,7 @@ static int asn1_cb(const char *elem, int len, void *bitstr) case ASN1_GEN_FLAG_FORMAT: if (!vstart) { - OPENSSL_PUT_ERROR(ASN1, asn1_cb, ASN1_R_UNKNOWN_FORMAT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNKNOWN_FORMAT); return -1; } if (!strncmp(vstart, "ASCII", 5)) @@ -391,7 +391,7 @@ static int asn1_cb(const char *elem, int len, void *bitstr) arg->format = ASN1_GEN_FORMAT_BITLIST; else { - OPENSSL_PUT_ERROR(ASN1, asn1_cb, ASN1_R_UNKNOWN_FORMAT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNKNOWN_FORMAT); return -1; } break; @@ -415,7 +415,7 @@ static int parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass) return 0; if (tag_num < 0) { - OPENSSL_PUT_ERROR(ASN1, parse_tagging, ASN1_R_INVALID_NUMBER); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_NUMBER); return 0; } *ptag = tag_num; @@ -448,7 +448,7 @@ static int parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass) default: erch[0] = *eptr; erch[1] = 0; - OPENSSL_PUT_ERROR(ASN1, parse_tagging, ASN1_R_INVALID_MODIFIER); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_MODIFIER); ERR_add_error_data(2, "Char=", erch); return 0; break; @@ -534,13 +534,13 @@ static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class, int exp_cons /* Can only have IMPLICIT if permitted */ if ((arg->imp_tag != -1) && !imp_ok) { - OPENSSL_PUT_ERROR(ASN1, append_exp, ASN1_R_ILLEGAL_IMPLICIT_TAG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_IMPLICIT_TAG); return 0; } if (arg->exp_count == ASN1_FLAG_EXP_MAX) { - OPENSSL_PUT_ERROR(ASN1, append_exp, ASN1_R_DEPTH_EXCEEDED); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_DEPTH_EXCEEDED); return 0; } @@ -658,7 +658,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) if (!(atmp = ASN1_TYPE_new())) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return NULL; } @@ -671,7 +671,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) case V_ASN1_NULL: if (str && *str) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_ILLEGAL_NULL_VALUE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_NULL_VALUE); goto bad_form; } break; @@ -679,7 +679,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) case V_ASN1_BOOLEAN: if (format != ASN1_GEN_FORMAT_ASCII) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_NOT_ASCII_FORMAT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NOT_ASCII_FORMAT); goto bad_form; } vtmp.name = NULL; @@ -687,7 +687,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) vtmp.value = (char *)str; if (!X509V3_get_value_bool(&vtmp, &atmp->value.boolean)) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_ILLEGAL_BOOLEAN); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_BOOLEAN); goto bad_str; } break; @@ -696,12 +696,12 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) case V_ASN1_ENUMERATED: if (format != ASN1_GEN_FORMAT_ASCII) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_INTEGER_NOT_ASCII_FORMAT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INTEGER_NOT_ASCII_FORMAT); goto bad_form; } if (!(atmp->value.integer = s2i_ASN1_INTEGER(NULL, (char *)str))) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_ILLEGAL_INTEGER); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_INTEGER); goto bad_str; } break; @@ -709,12 +709,12 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) case V_ASN1_OBJECT: if (format != ASN1_GEN_FORMAT_ASCII) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_OBJECT_NOT_ASCII_FORMAT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_OBJECT_NOT_ASCII_FORMAT); goto bad_form; } if (!(atmp->value.object = OBJ_txt2obj(str, 0))) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_ILLEGAL_OBJECT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_OBJECT); goto bad_str; } break; @@ -723,23 +723,23 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) case V_ASN1_GENERALIZEDTIME: if (format != ASN1_GEN_FORMAT_ASCII) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_TIME_NOT_ASCII_FORMAT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_TIME_NOT_ASCII_FORMAT); goto bad_form; } if (!(atmp->value.asn1_string = ASN1_STRING_new())) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto bad_str; } if (!ASN1_STRING_set(atmp->value.asn1_string, str, -1)) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto bad_str; } atmp->value.asn1_string->type = utype; if (!ASN1_TIME_check(atmp->value.asn1_string)) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_ILLEGAL_TIME_VALUE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_TIME_VALUE); goto bad_str; } @@ -761,7 +761,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) format = MBSTRING_UTF8; else { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_ILLEGAL_FORMAT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_FORMAT); goto bad_form; } @@ -769,7 +769,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) if (ASN1_mbstring_copy(&atmp->value.asn1_string, (unsigned char *)str, -1, format, ASN1_tag2bit(utype)) <= 0) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto bad_str; } @@ -782,7 +782,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) if (!(atmp->value.asn1_string = ASN1_STRING_new())) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto bad_form; } @@ -791,7 +791,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) if (!(rdata = string_to_hex((char *)str, &rdlen))) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_ILLEGAL_HEX); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_HEX); goto bad_str; } @@ -806,7 +806,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) { if (!CONF_parse_list(str, ',', 1, bitstr_cb, atmp->value.bit_string)) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_LIST_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_LIST_ERROR); goto bad_str; } no_unused = 0; @@ -814,7 +814,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) } else { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_ILLEGAL_BITSTRING_FORMAT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_BITSTRING_FORMAT); goto bad_form; } @@ -830,7 +830,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) break; default: - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_UNSUPPORTED_TYPE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNSUPPORTED_TYPE); goto bad_str; break; } @@ -860,12 +860,12 @@ static int bitstr_cb(const char *elem, int len, void *bitstr) return 0; if (bitnum < 0) { - OPENSSL_PUT_ERROR(ASN1, bitstr_cb, ASN1_R_INVALID_NUMBER); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_NUMBER); return 0; } if (!ASN1_BIT_STRING_set_bit(bitstr, bitnum, 1)) { - OPENSSL_PUT_ERROR(ASN1, bitstr_cb, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return 0; } return 1; diff --git a/src/crypto/x509/by_dir.c b/src/crypto/x509/by_dir.c index 34bb1e4..3393dfa 100644 --- a/src/crypto/x509/by_dir.c +++ b/src/crypto/x509/by_dir.c @@ -139,7 +139,7 @@ static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, X509_FILETYPE_PEM); if (!ret) { - OPENSSL_PUT_ERROR(X509, dir_ctrl, X509_R_LOADING_CERT_DIR); + OPENSSL_PUT_ERROR(X509, X509_R_LOADING_CERT_DIR); } } else @@ -208,7 +208,7 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) if (dir == NULL || !*dir) { - OPENSSL_PUT_ERROR(X509, add_cert_dir, X509_R_INVALID_DIRECTORY); + OPENSSL_PUT_ERROR(X509, X509_R_INVALID_DIRECTORY); return 0; } @@ -237,7 +237,7 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) ctx->dirs = sk_BY_DIR_ENTRY_new_null(); if (!ctx->dirs) { - OPENSSL_PUT_ERROR(X509, add_cert_dir, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return 0; } } @@ -311,13 +311,13 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, } else { - OPENSSL_PUT_ERROR(X509, get_cert_by_subject, X509_R_WRONG_LOOKUP_TYPE); + OPENSSL_PUT_ERROR(X509, X509_R_WRONG_LOOKUP_TYPE); goto finish; } if ((b=BUF_MEM_new()) == NULL) { - OPENSSL_PUT_ERROR(X509, get_cert_by_subject, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_BUF_LIB); goto finish; } @@ -337,7 +337,7 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, j=strlen(ent->dir)+1+8+6+1+1; if (!BUF_MEM_grow(b,j)) { - OPENSSL_PUT_ERROR(X509, get_cert_by_subject, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); goto finish; } if (type == X509_LU_CRL && ent->hashes) diff --git a/src/crypto/x509/by_file.c b/src/crypto/x509/by_file.c index 2fdbce4..f1d6194 100644 --- a/src/crypto/x509/by_file.c +++ b/src/crypto/x509/by_file.c @@ -109,7 +109,7 @@ static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, if (!ok) { - OPENSSL_PUT_ERROR(X509, by_file_ctrl, X509_R_LOADING_DEFAULTS); + OPENSSL_PUT_ERROR(X509, X509_R_LOADING_DEFAULTS); } } else @@ -137,7 +137,7 @@ int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type) if ((in == NULL) || (BIO_read_filename(in,file) <= 0)) { - OPENSSL_PUT_ERROR(X509, X509_load_cert_file, ERR_R_SYS_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_SYS_LIB); goto err; } @@ -156,7 +156,7 @@ int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type) } else { - OPENSSL_PUT_ERROR(X509, X509_load_cert_file, ERR_R_PEM_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_PEM_LIB); goto err; } } @@ -173,7 +173,7 @@ int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type) x=d2i_X509_bio(in,NULL); if (x == NULL) { - OPENSSL_PUT_ERROR(X509, X509_load_cert_file, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_ASN1_LIB); goto err; } i=X509_STORE_add_cert(ctx->store_ctx,x); @@ -182,7 +182,7 @@ int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type) } else { - OPENSSL_PUT_ERROR(X509, X509_load_cert_file, X509_R_BAD_X509_FILETYPE); + OPENSSL_PUT_ERROR(X509, X509_R_BAD_X509_FILETYPE); goto err; } err: @@ -203,7 +203,7 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type) if ((in == NULL) || (BIO_read_filename(in,file) <= 0)) { - OPENSSL_PUT_ERROR(X509, X509_load_crl_file, ERR_R_SYS_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_SYS_LIB); goto err; } @@ -222,7 +222,7 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type) } else { - OPENSSL_PUT_ERROR(X509, X509_load_crl_file, ERR_R_PEM_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_PEM_LIB); goto err; } } @@ -239,7 +239,7 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type) x=d2i_X509_CRL_bio(in,NULL); if (x == NULL) { - OPENSSL_PUT_ERROR(X509, X509_load_crl_file, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_ASN1_LIB); goto err; } i=X509_STORE_add_crl(ctx->store_ctx,x); @@ -248,7 +248,7 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type) } else { - OPENSSL_PUT_ERROR(X509, X509_load_crl_file, X509_R_BAD_X509_FILETYPE); + OPENSSL_PUT_ERROR(X509, X509_R_BAD_X509_FILETYPE); goto err; } err: @@ -268,13 +268,13 @@ int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type) return X509_load_cert_file(ctx, file, type); in = BIO_new_file(file, "r"); if(!in) { - OPENSSL_PUT_ERROR(X509, X509_load_cert_crl_file, ERR_R_SYS_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_SYS_LIB); return 0; } inf = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL); BIO_free(in); if(!inf) { - OPENSSL_PUT_ERROR(X509, X509_load_cert_crl_file, ERR_R_PEM_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_PEM_LIB); return 0; } for(i = 0; i < sk_X509_INFO_num(inf); i++) { diff --git a/src/crypto/x509/i2d_pr.c b/src/crypto/x509/i2d_pr.c index 443ca53..e7f4269 100644 --- a/src/crypto/x509/i2d_pr.c +++ b/src/crypto/x509/i2d_pr.c @@ -78,7 +78,7 @@ int i2d_PrivateKey(const EVP_PKEY *a, unsigned char **pp) } /* Although this file is in crypto/x509 for layering reasons, it emits * an error code from ASN1 for OpenSSL compatibility. */ - OPENSSL_PUT_ERROR(ASN1, i2d_PrivateKey, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); return -1; } diff --git a/src/crypto/x509/pkcs7.c b/src/crypto/x509/pkcs7.c index 99ee3da..2087f94 100644 --- a/src/crypto/x509/pkcs7.c +++ b/src/crypto/x509/pkcs7.c @@ -57,8 +57,7 @@ static int pkcs7_parse_header(uint8_t **der_bytes, CBS *out, CBS *cbs) { } if (OBJ_cbs2nid(&content_type) != NID_pkcs7_signed) { - OPENSSL_PUT_ERROR(X509, pkcs7_parse_header, - X509_R_NOT_PKCS7_SIGNED_DATA); + OPENSSL_PUT_ERROR(X509, X509_R_NOT_PKCS7_SIGNED_DATA); goto err; } @@ -73,8 +72,7 @@ static int pkcs7_parse_header(uint8_t **der_bytes, CBS *out, CBS *cbs) { } if (version < 1) { - OPENSSL_PUT_ERROR(X509, pkcs7_parse_header, - X509_R_BAD_PKCS7_VERSION); + OPENSSL_PUT_ERROR(X509, X509_R_BAD_PKCS7_VERSION); goto err; } @@ -103,8 +101,7 @@ int PKCS7_get_certificates(STACK_OF(X509) *out_certs, CBS *cbs) { /* See https://tools.ietf.org/html/rfc2315#section-9.1 */ if (!CBS_get_asn1(&signed_data, &certificates, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0)) { - OPENSSL_PUT_ERROR(X509, PKCS7_get_certificates, - X509_R_NO_CERTIFICATES_INCLUDED); + OPENSSL_PUT_ERROR(X509, X509_R_NO_CERTIFICATES_INCLUDED); goto err; } @@ -171,8 +168,7 @@ int PKCS7_get_CRLs(STACK_OF(X509_CRL) *out_crls, CBS *cbs) { if (!CBS_get_asn1(&signed_data, &crls, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 1)) { - OPENSSL_PUT_ERROR(X509, PKCS7_get_CRLs, - X509_R_NO_CRLS_INCLUDED); + OPENSSL_PUT_ERROR(X509, X509_R_NO_CRLS_INCLUDED); goto err; } diff --git a/src/crypto/x509/t_crl.c b/src/crypto/x509/t_crl.c index 93a7afb..a2d8bc7 100644 --- a/src/crypto/x509/t_crl.c +++ b/src/crypto/x509/t_crl.c @@ -70,7 +70,7 @@ int X509_CRL_print_fp(FILE *fp, X509_CRL *x) if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(X509, X509_CRL_print_fp, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); diff --git a/src/crypto/x509/t_req.c b/src/crypto/x509/t_req.c new file mode 100644 index 0000000..39c836c --- /dev/null +++ b/src/crypto/x509/t_req.c @@ -0,0 +1,246 @@ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ + +#include + +#include +#include +#include +#include +#include +#include + + +int X509_REQ_print_fp(FILE *fp, X509_REQ *x) { + BIO *bio = BIO_new(BIO_s_file()); + if (bio == NULL) { + OPENSSL_PUT_ERROR(X509, ERR_R_BUF_LIB); + return 0; + } + + BIO_set_fp(bio, fp, BIO_NOCLOSE); + int ret = X509_REQ_print(bio, x); + BIO_free(bio); + return ret; +} + +int X509_REQ_print_ex(BIO *bio, X509_REQ *x, unsigned long nmflags, + unsigned long cflag) { + long l; + EVP_PKEY *pkey; + STACK_OF(X509_ATTRIBUTE) * sk; + char mlch = ' '; + + int nmindent = 0; + + if ((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) { + mlch = '\n'; + nmindent = 12; + } + + if (nmflags == X509_FLAG_COMPAT) { + nmindent = 16; + } + + X509_REQ_INFO *ri = x->req_info; + if (!(cflag & X509_FLAG_NO_HEADER)) { + if (BIO_write(bio, "Certificate Request:\n", 21) <= 0 || + BIO_write(bio, " Data:\n", 10) <= 0) { + goto err; + } + } + if (!(cflag & X509_FLAG_NO_VERSION)) { + l = X509_REQ_get_version(x); + if (BIO_printf(bio, "%8sVersion: %ld (0x%lx)\n", "", l + 1, l) <= 0) { + goto err; + } + } + if (!(cflag & X509_FLAG_NO_SUBJECT)) { + if (BIO_printf(bio, " Subject:%c", mlch) <= 0 || + X509_NAME_print_ex(bio, ri->subject, nmindent, nmflags) < 0 || + BIO_write(bio, "\n", 1) <= 0) { + goto err; + } + } + if (!(cflag & X509_FLAG_NO_PUBKEY)) { + if (BIO_write(bio, " Subject Public Key Info:\n", 33) <= 0 || + BIO_printf(bio, "%12sPublic Key Algorithm: ", "") <= 0 || + i2a_ASN1_OBJECT(bio, ri->pubkey->algor->algorithm) <= 0 || + BIO_puts(bio, "\n") <= 0) { + goto err; + } + + pkey = X509_REQ_get_pubkey(x); + if (pkey == NULL) { + BIO_printf(bio, "%12sUnable to load Public Key\n", ""); + ERR_print_errors(bio); + } else { + EVP_PKEY_print_public(bio, pkey, 16, NULL); + EVP_PKEY_free(pkey); + } + } + + if (!(cflag & X509_FLAG_NO_ATTRIBUTES)) { + if (BIO_printf(bio, "%8sAttributes:\n", "") <= 0) { + goto err; + } + + sk = x->req_info->attributes; + if (sk_X509_ATTRIBUTE_num(sk) == 0) { + if (BIO_printf(bio, "%12sa0:00\n", "") <= 0) { + goto err; + } + } else { + size_t i; + for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) { + X509_ATTRIBUTE *a = sk_X509_ATTRIBUTE_value(sk, i); + ASN1_OBJECT *aobj = X509_ATTRIBUTE_get0_object(a); + + if (X509_REQ_extension_nid(OBJ_obj2nid(aobj))) { + continue; + } + + if (BIO_printf(bio, "%12s", "") <= 0) { + goto err; + } + + const int num_attrs = X509_ATTRIBUTE_count(a); + const int obj_str_len = i2a_ASN1_OBJECT(bio, aobj); + if (obj_str_len <= 0) { + if (BIO_puts(bio, "(Unable to print attribute ID.)\n") < 0) { + goto err; + } else { + continue; + } + } + + int j; + for (j = 0; j < num_attrs; j++) { + const ASN1_TYPE *at = X509_ATTRIBUTE_get0_type(a, j); + const int type = at->type; + ASN1_BIT_STRING *bs = at->value.asn1_string; + + int k; + for (k = 25 - obj_str_len; k > 0; k--) { + if (BIO_write(bio, " ", 1) != 1) { + goto err; + } + } + + if (BIO_puts(bio, ":") <= 0) { + goto err; + } + + if (type == V_ASN1_PRINTABLESTRING || + type == V_ASN1_UTF8STRING || + type == V_ASN1_IA5STRING || + type == V_ASN1_T61STRING) { + if (BIO_write(bio, (char *)bs->data, bs->length) != bs->length) { + goto err; + } + BIO_puts(bio, "\n"); + } else { + BIO_puts(bio, "unable to print attribute\n"); + } + } + } + } + } + + if (!(cflag & X509_FLAG_NO_EXTENSIONS)) { + STACK_OF(X509_EXTENSION) *exts = X509_REQ_get_extensions(x); + if (exts) { + BIO_printf(bio, "%8sRequested Extensions:\n", ""); + + size_t i; + for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) { + X509_EXTENSION *ex = sk_X509_EXTENSION_value(exts, i); + if (BIO_printf(bio, "%12s", "") <= 0) { + goto err; + } + ASN1_OBJECT *obj = X509_EXTENSION_get_object(ex); + i2a_ASN1_OBJECT(bio, obj); + const int is_critical = X509_EXTENSION_get_critical(ex); + if (BIO_printf(bio, ": %s\n", is_critical ? "critical" : "") <= 0) { + goto err; + } + if (!X509V3_EXT_print(bio, ex, cflag, 16)) { + BIO_printf(bio, "%16s", ""); + ASN1_STRING_print(bio, X509_EXTENSION_get_data(ex)); + } + if (BIO_write(bio, "\n", 1) <= 0) { + goto err; + } + } + sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); + } + } + + if (!(cflag & X509_FLAG_NO_SIGDUMP) && + !X509_signature_print(bio, x->sig_alg, x->signature)) { + goto err; + } + + return 1; + +err: + OPENSSL_PUT_ERROR(X509, ERR_R_BUF_LIB); + return 0; +} + +int X509_REQ_print(BIO *bio, X509_REQ *req) { + return X509_REQ_print_ex(bio, req, XN_FLAG_COMPAT, X509_FLAG_COMPAT); +} diff --git a/src/crypto/x509/t_x509.c b/src/crypto/x509/t_x509.c index 2b9a421..7785ebf 100644 --- a/src/crypto/x509/t_x509.c +++ b/src/crypto/x509/t_x509.c @@ -74,7 +74,7 @@ int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag, unsigned long cfla if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(X509, X509_print_ex_fp, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); @@ -493,7 +493,7 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) if (0) { err: - OPENSSL_PUT_ERROR(X509, X509_NAME_print, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_BUF_LIB); } OPENSSL_free(b); return(ret); diff --git a/src/crypto/x509/x509_att.c b/src/crypto/x509/x509_att.c index 90e7810..1491484 100644 --- a/src/crypto/x509/x509_att.c +++ b/src/crypto/x509/x509_att.c @@ -124,7 +124,7 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, if (x == NULL) { - OPENSSL_PUT_ERROR(X509, X509at_add1_attr, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(X509, ERR_R_PASSED_NULL_PARAMETER); goto err2; } @@ -144,7 +144,7 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, *x=sk; return(sk); err: - OPENSSL_PUT_ERROR(X509, X509at_add1_attr, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); err2: if (new_attr != NULL) X509_ATTRIBUTE_free(new_attr); if (sk != NULL) sk_X509_ATTRIBUTE_free(sk); @@ -214,7 +214,7 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, obj=OBJ_nid2obj(nid); if (obj == NULL) { - OPENSSL_PUT_ERROR(X509, X509_ATTRIBUTE_create_by_NID, X509_R_UNKNOWN_NID); + OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_NID); return(NULL); } return X509_ATTRIBUTE_create_by_OBJ(attr,obj,atrtype,data,len); @@ -229,7 +229,7 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, { if ((ret=X509_ATTRIBUTE_new()) == NULL) { - OPENSSL_PUT_ERROR(X509, X509_ATTRIBUTE_create_by_OBJ, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return(NULL); } } @@ -258,7 +258,7 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, obj=OBJ_txt2obj(atrname, 0); if (obj == NULL) { - OPENSSL_PUT_ERROR(X509, X509_ATTRIBUTE_create_by_txt, X509_R_INVALID_FIELD_NAME); + OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_NAME); ERR_add_error_data(2, "name=", atrname); return(NULL); } @@ -286,7 +286,7 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *dat stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype, OBJ_obj2nid(attr->object)); if(!stmp) { - OPENSSL_PUT_ERROR(X509, X509_ATTRIBUTE_set1_data, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_ASN1_LIB); return 0; } atype = stmp->type; @@ -314,7 +314,7 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *dat if(!sk_ASN1_TYPE_push(attr->value.set, ttmp)) goto err; return 1; err: - OPENSSL_PUT_ERROR(X509, X509_ATTRIBUTE_set1_data, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return 0; } @@ -338,7 +338,7 @@ void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, ttmp = X509_ATTRIBUTE_get0_type(attr, idx); if(!ttmp) return NULL; if(atrtype != ASN1_TYPE_get(ttmp)){ - OPENSSL_PUT_ERROR(X509, X509_ATTRIBUTE_get0_data, X509_R_WRONG_TYPE); + OPENSSL_PUT_ERROR(X509, X509_R_WRONG_TYPE); return NULL; } return ttmp->value.ptr; diff --git a/src/crypto/x509/x509_cmp.c b/src/crypto/x509/x509_cmp.c index 712e36b..0e35f3e 100644 --- a/src/crypto/x509/x509_cmp.c +++ b/src/crypto/x509/x509_cmp.c @@ -333,13 +333,13 @@ int X509_check_private_key(X509 *x, EVP_PKEY *k) case 1: break; case 0: - OPENSSL_PUT_ERROR(X509, X509_check_private_key, X509_R_KEY_VALUES_MISMATCH); + OPENSSL_PUT_ERROR(X509, X509_R_KEY_VALUES_MISMATCH); break; case -1: - OPENSSL_PUT_ERROR(X509, X509_check_private_key, X509_R_KEY_TYPE_MISMATCH); + OPENSSL_PUT_ERROR(X509, X509_R_KEY_TYPE_MISMATCH); break; case -2: - OPENSSL_PUT_ERROR(X509, X509_check_private_key, X509_R_UNKNOWN_KEY_TYPE); + OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_KEY_TYPE); } if (xk) EVP_PKEY_free(xk); diff --git a/src/crypto/x509/x509_lu.c b/src/crypto/x509/x509_lu.c index a662305..6d7bc26 100644 --- a/src/crypto/x509/x509_lu.c +++ b/src/crypto/x509/x509_lu.c @@ -345,7 +345,7 @@ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x) obj=(X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT)); if (obj == NULL) { - OPENSSL_PUT_ERROR(X509, X509_STORE_add_cert, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return 0; } obj->type=X509_LU_X509; @@ -359,7 +359,7 @@ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x) { X509_OBJECT_free_contents(obj); OPENSSL_free(obj); - OPENSSL_PUT_ERROR(X509, X509_STORE_add_cert, X509_R_CERT_ALREADY_IN_HASH_TABLE); + OPENSSL_PUT_ERROR(X509, X509_R_CERT_ALREADY_IN_HASH_TABLE); ret=0; } else sk_X509_OBJECT_push(ctx->objs, obj); @@ -378,7 +378,7 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x) obj=(X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT)); if (obj == NULL) { - OPENSSL_PUT_ERROR(X509, X509_STORE_add_crl, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return 0; } obj->type=X509_LU_CRL; @@ -392,7 +392,7 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x) { X509_OBJECT_free_contents(obj); OPENSSL_free(obj); - OPENSSL_PUT_ERROR(X509, X509_STORE_add_crl, X509_R_CERT_ALREADY_IN_HASH_TABLE); + OPENSSL_PUT_ERROR(X509, X509_R_CERT_ALREADY_IN_HASH_TABLE); ret=0; } else sk_X509_OBJECT_push(ctx->objs, obj); @@ -410,7 +410,7 @@ void X509_OBJECT_up_ref_count(X509_OBJECT *a) X509_up_ref(a->data.x509); break; case X509_LU_CRL: - CRYPTO_refcount_inc(&a->data.crl->references); + X509_CRL_up_ref(a->data.crl); break; } } @@ -572,7 +572,7 @@ STACK_OF(X509_CRL)* X509_STORE_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm) { obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx); x = obj->data.crl; - CRYPTO_refcount_inc(&x->references); + X509_CRL_up_ref(x); if (!sk_X509_CRL_push(sk, x)) { CRYPTO_MUTEX_unlock(&ctx->ctx->objs_lock); @@ -641,7 +641,7 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) if (ok == X509_LU_RETRY) { X509_OBJECT_free_contents(&obj); - OPENSSL_PUT_ERROR(X509, X509_STORE_CTX_get1_issuer, X509_R_SHOULD_RETRY); + OPENSSL_PUT_ERROR(X509, X509_R_SHOULD_RETRY); return -1; } else if (ok != X509_LU_FAIL) diff --git a/src/crypto/x509/x509_obj.c b/src/crypto/x509/x509_obj.c index 914e0de..b6f0816 100644 --- a/src/crypto/x509/x509_obj.c +++ b/src/crypto/x509/x509_obj.c @@ -184,7 +184,7 @@ char *X509_NAME_oneline(X509_NAME *a, char *buf, int len) *p = '\0'; return(p); err: - OPENSSL_PUT_ERROR(X509, X509_NAME_oneline, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); if (b != NULL) BUF_MEM_free(b); return(NULL); } diff --git a/src/crypto/x509/x509_r2x.c b/src/crypto/x509/x509_r2x.c index 3c8e9c0..85979ac 100644 --- a/src/crypto/x509/x509_r2x.c +++ b/src/crypto/x509/x509_r2x.c @@ -72,7 +72,7 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey) if ((ret=X509_new()) == NULL) { - OPENSSL_PUT_ERROR(X509, X509_REQ_to_X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); goto err; } diff --git a/src/crypto/x509/x509_req.c b/src/crypto/x509/x509_req.c index 2732d6e..01c5113 100644 --- a/src/crypto/x509/x509_req.c +++ b/src/crypto/x509/x509_req.c @@ -77,7 +77,7 @@ X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) ret=X509_REQ_new(); if (ret == NULL) { - OPENSSL_PUT_ERROR(X509, X509_to_X509_REQ, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); goto err; } @@ -128,24 +128,24 @@ int X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k) ok=1; break; case 0: - OPENSSL_PUT_ERROR(X509, X509_REQ_check_private_key, X509_R_KEY_VALUES_MISMATCH); + OPENSSL_PUT_ERROR(X509, X509_R_KEY_VALUES_MISMATCH); break; case -1: - OPENSSL_PUT_ERROR(X509, X509_REQ_check_private_key, X509_R_KEY_TYPE_MISMATCH); + OPENSSL_PUT_ERROR(X509, X509_R_KEY_TYPE_MISMATCH); break; case -2: if (k->type == EVP_PKEY_EC) { - OPENSSL_PUT_ERROR(X509, X509_REQ_check_private_key, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_EC_LIB); break; } if (k->type == EVP_PKEY_DH) { /* No idea */ - OPENSSL_PUT_ERROR(X509, X509_REQ_check_private_key, X509_R_CANT_CHECK_DH_KEY); + OPENSSL_PUT_ERROR(X509, X509_R_CANT_CHECK_DH_KEY); break; } - OPENSSL_PUT_ERROR(X509, X509_REQ_check_private_key, X509_R_UNKNOWN_KEY_TYPE); + OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_KEY_TYPE); } EVP_PKEY_free(xk); diff --git a/src/crypto/x509/x509_trs.c b/src/crypto/x509/x509_trs.c index 9b7cc9c..820e605 100644 --- a/src/crypto/x509/x509_trs.c +++ b/src/crypto/x509/x509_trs.c @@ -156,7 +156,7 @@ int X509_TRUST_get_by_id(int id) int X509_TRUST_set(int *t, int trust) { if(X509_TRUST_get_by_id(trust) == -1) { - OPENSSL_PUT_ERROR(X509, X509_TRUST_set, X509_R_INVALID_TRUST); + OPENSSL_PUT_ERROR(X509, X509_R_INVALID_TRUST); return 0; } *t = trust; @@ -179,7 +179,7 @@ int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), /* Need a new entry */ if(idx == -1) { if(!(trtmp = OPENSSL_malloc(sizeof(X509_TRUST)))) { - OPENSSL_PUT_ERROR(X509, X509_TRUST_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return 0; } trtmp->flags = X509_TRUST_DYNAMIC; @@ -188,7 +188,7 @@ int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), /* Duplicate the supplied name. */ name_dup = BUF_strdup(name); if (name_dup == NULL) { - OPENSSL_PUT_ERROR(X509, X509_TRUST_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); if (idx == -1) OPENSSL_free(trtmp); return 0; @@ -210,12 +210,12 @@ int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), /* If its a new entry manage the dynamic table */ if(idx == -1) { if(!trtable && !(trtable = sk_X509_TRUST_new(tr_cmp))) { - OPENSSL_PUT_ERROR(X509, X509_TRUST_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); trtable_free(trtmp); return 0; } if (!sk_X509_TRUST_push(trtable, trtmp)) { - OPENSSL_PUT_ERROR(X509, X509_TRUST_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); trtable_free(trtmp); return 0; } diff --git a/src/crypto/x509/x509_v3.c b/src/crypto/x509/x509_v3.c index 0fc9a9a..b042985 100644 --- a/src/crypto/x509/x509_v3.c +++ b/src/crypto/x509/x509_v3.c @@ -147,7 +147,7 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, if (x == NULL) { - OPENSSL_PUT_ERROR(X509, X509v3_add_ext, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(X509, ERR_R_PASSED_NULL_PARAMETER); goto err2; } @@ -171,7 +171,7 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, *x=sk; return(sk); err: - OPENSSL_PUT_ERROR(X509, X509v3_add_ext, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); err2: if (new_ex != NULL) X509_EXTENSION_free(new_ex); if (sk != NULL) sk_X509_EXTENSION_free(sk); @@ -187,7 +187,7 @@ X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, int nid, obj=OBJ_nid2obj(nid); if (obj == NULL) { - OPENSSL_PUT_ERROR(X509, X509_EXTENSION_create_by_NID, X509_R_UNKNOWN_NID); + OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_NID); return(NULL); } ret=X509_EXTENSION_create_by_OBJ(ex,obj,crit,data); @@ -203,7 +203,7 @@ X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, { if ((ret=X509_EXTENSION_new()) == NULL) { - OPENSSL_PUT_ERROR(X509, X509_EXTENSION_create_by_OBJ, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return(NULL); } } diff --git a/src/crypto/x509/x509_vfy.c b/src/crypto/x509/x509_vfy.c index f53f279..5d856f0 100644 --- a/src/crypto/x509/x509_vfy.c +++ b/src/crypto/x509/x509_vfy.c @@ -72,7 +72,8 @@ #include "../internal.h" -static CRYPTO_EX_DATA_CLASS g_ex_data_class = CRYPTO_EX_DATA_CLASS_INIT; +static CRYPTO_EX_DATA_CLASS g_ex_data_class = + CRYPTO_EX_DATA_CLASS_INIT_WITH_APP_DATA; /* CRL score values */ @@ -201,7 +202,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) STACK_OF(X509) *sktmp=NULL; if (ctx->cert == NULL) { - OPENSSL_PUT_ERROR(X509, X509_verify_cert, X509_R_NO_CERT_SET_FOR_US_TO_VERIFY); + OPENSSL_PUT_ERROR(X509, X509_R_NO_CERT_SET_FOR_US_TO_VERIFY); return -1; } @@ -214,7 +215,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) if ( ((ctx->chain=sk_X509_new_null()) == NULL) || (!sk_X509_push(ctx->chain,ctx->cert))) { - OPENSSL_PUT_ERROR(X509, X509_verify_cert, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); goto end; } X509_up_ref(ctx->cert); @@ -225,7 +226,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) if (ctx->untrusted != NULL && (sktmp=sk_X509_dup(ctx->untrusted)) == NULL) { - OPENSSL_PUT_ERROR(X509, X509_verify_cert, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); goto end; } @@ -251,7 +252,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) { ok = ctx->get_issuer(&xtmp, ctx, x); if (ok < 0) - return ok; + goto end; /* If successful for now free up cert so it * will be picked up again later. */ @@ -270,10 +271,10 @@ int X509_verify_cert(X509_STORE_CTX *ctx) { if (!sk_X509_push(ctx->chain,xtmp)) { - OPENSSL_PUT_ERROR(X509, X509_verify_cert, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); goto end; } - CRYPTO_refcount_inc(&xtmp->references); + X509_up_ref(xtmp); (void)sk_X509_delete_ptr(sktmp,xtmp); ctx->last_untrusted++; x=xtmp; @@ -349,15 +350,16 @@ int X509_verify_cert(X509_STORE_CTX *ctx) ok = ctx->get_issuer(&xtmp, ctx, x); - if (ok < 0) return ok; + if (ok < 0) goto end; if (ok == 0) break; x = xtmp; if (!sk_X509_push(ctx->chain,x)) { X509_free(xtmp); - OPENSSL_PUT_ERROR(X509, X509_verify_cert, ERR_R_MALLOC_FAILURE); - return 0; + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + ok = 0; + goto end; } num++; } @@ -990,7 +992,7 @@ static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl, *pissuer = best_crl_issuer; *pscore = best_score; *preasons = best_reasons; - CRYPTO_refcount_inc(&best_crl->references); + X509_CRL_up_ref(best_crl); if (*pdcrl) { X509_CRL_free(*pdcrl); @@ -1097,7 +1099,7 @@ static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pscore, { if (check_crl_time(ctx, delta, 0)) *pscore |= CRL_SCORE_TIME_DELTA; - CRYPTO_refcount_inc(&delta->references); + X509_CRL_up_ref(delta); *dcrl = delta; return; } @@ -1634,7 +1636,7 @@ static int check_policy(X509_STORE_CTX *ctx) ctx->param->policies, ctx->param->flags); if (ret == 0) { - OPENSSL_PUT_ERROR(X509, check_policy, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return 0; } /* Invalid or inconsistent extensions */ @@ -1983,44 +1985,44 @@ X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer, /* CRLs can't be delta already */ if (base->base_crl_number || newer->base_crl_number) { - OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_CRL_ALREADY_DELTA); + OPENSSL_PUT_ERROR(X509, X509_R_CRL_ALREADY_DELTA); return NULL; } /* Base and new CRL must have a CRL number */ if (!base->crl_number || !newer->crl_number) { - OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_NO_CRL_NUMBER); + OPENSSL_PUT_ERROR(X509, X509_R_NO_CRL_NUMBER); return NULL; } /* Issuer names must match */ if (X509_NAME_cmp(X509_CRL_get_issuer(base), X509_CRL_get_issuer(newer))) { - OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_ISSUER_MISMATCH); + OPENSSL_PUT_ERROR(X509, X509_R_ISSUER_MISMATCH); return NULL; } /* AKID and IDP must match */ if (!crl_extension_match(base, newer, NID_authority_key_identifier)) { - OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_AKID_MISMATCH); + OPENSSL_PUT_ERROR(X509, X509_R_AKID_MISMATCH); return NULL; } if (!crl_extension_match(base, newer, NID_issuing_distribution_point)) { - OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_IDP_MISMATCH); + OPENSSL_PUT_ERROR(X509, X509_R_IDP_MISMATCH); return NULL; } /* Newer CRL number must exceed full CRL number */ if (ASN1_INTEGER_cmp(newer->crl_number, base->crl_number) <= 0) { - OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_NEWER_CRL_NOT_NEWER); + OPENSSL_PUT_ERROR(X509, X509_R_NEWER_CRL_NOT_NEWER); return NULL; } /* CRLs must verify */ if (skey && (X509_CRL_verify(base, skey) <= 0 || X509_CRL_verify(newer, skey) <= 0)) { - OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_CRL_VERIFY_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_R_CRL_VERIFY_FAILURE); return NULL; } /* Create new CRL */ @@ -2085,7 +2087,7 @@ X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer, return crl; memerr: - OPENSSL_PUT_ERROR(X509, X509_CRL_diff, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); if (crl) X509_CRL_free(crl); return NULL; @@ -2210,7 +2212,7 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, idx = X509_PURPOSE_get_by_id(purpose); if (idx == -1) { - OPENSSL_PUT_ERROR(X509, X509_STORE_CTX_purpose_inherit, X509_R_UNKNOWN_PURPOSE_ID); + OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_PURPOSE_ID); return 0; } ptmp = X509_PURPOSE_get0(idx); @@ -2219,7 +2221,7 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, idx = X509_PURPOSE_get_by_id(def_purpose); if (idx == -1) { - OPENSSL_PUT_ERROR(X509, X509_STORE_CTX_purpose_inherit, X509_R_UNKNOWN_PURPOSE_ID); + OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_PURPOSE_ID); return 0; } ptmp = X509_PURPOSE_get0(idx); @@ -2232,7 +2234,7 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, idx = X509_TRUST_get_by_id(trust); if (idx == -1) { - OPENSSL_PUT_ERROR(X509, X509_STORE_CTX_purpose_inherit, X509_R_UNKNOWN_TRUST_ID); + OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_TRUST_ID); return 0; } } @@ -2248,7 +2250,7 @@ X509_STORE_CTX *X509_STORE_CTX_new(void) ctx = (X509_STORE_CTX *)OPENSSL_malloc(sizeof(X509_STORE_CTX)); if (!ctx) { - OPENSSL_PUT_ERROR(X509, X509_STORE_CTX_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return NULL; } memset(ctx, 0, sizeof(X509_STORE_CTX)); @@ -2371,7 +2373,7 @@ err: } memset(ctx, 0, sizeof(X509_STORE_CTX)); - OPENSSL_PUT_ERROR(X509, X509_STORE_CTX_init, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return 0; } diff --git a/src/crypto/x509/x509cset.c b/src/crypto/x509/x509cset.c index b526c69..82d61d0 100644 --- a/src/crypto/x509/x509cset.c +++ b/src/crypto/x509/x509cset.c @@ -57,6 +57,8 @@ #include #include +#include "../internal.h" + int X509_CRL_set_version(X509_CRL *x, long version) { @@ -128,6 +130,11 @@ int X509_CRL_sort(X509_CRL *c) return 1; } +void X509_CRL_up_ref(X509_CRL *crl) + { + CRYPTO_refcount_inc(&crl->references); + } + int X509_REVOKED_set_revocationDate(X509_REVOKED *x, ASN1_TIME *tm) { ASN1_TIME *in; diff --git a/src/crypto/x509/x509name.c b/src/crypto/x509/x509name.c index 042d18b..7bb3aa1 100644 --- a/src/crypto/x509/x509name.c +++ b/src/crypto/x509/x509name.c @@ -254,7 +254,7 @@ int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne, int loc, new_name->set=set; if (!sk_X509_NAME_ENTRY_insert(sk,new_name,loc)) { - OPENSSL_PUT_ERROR(X509, X509_NAME_add_entry, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); goto err; } if (inc) @@ -279,7 +279,7 @@ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, obj=OBJ_txt2obj(field, 0); if (obj == NULL) { - OPENSSL_PUT_ERROR(X509, X509_NAME_ENTRY_create_by_txt, X509_R_INVALID_FIELD_NAME); + OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_NAME); ERR_add_error_data(2, "name=", field); return(NULL); } @@ -297,7 +297,7 @@ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, obj=OBJ_nid2obj(nid); if (obj == NULL) { - OPENSSL_PUT_ERROR(X509, X509_NAME_ENTRY_create_by_NID, X509_R_UNKNOWN_NID); + OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_NID); return(NULL); } nentry = X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len); @@ -336,7 +336,7 @@ int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, const ASN1_OBJECT *obj) { if ((ne == NULL) || (obj == NULL)) { - OPENSSL_PUT_ERROR(X509, X509_NAME_ENTRY_set_object, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(X509, ERR_R_PASSED_NULL_PARAMETER); return(0); } ASN1_OBJECT_free(ne->object); diff --git a/src/crypto/x509/x509spki.c b/src/crypto/x509/x509spki.c index 9bab957..ccf93e0 100644 --- a/src/crypto/x509/x509spki.c +++ b/src/crypto/x509/x509spki.c @@ -84,15 +84,15 @@ NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len) if (len <= 0) len = strlen(str); if (!EVP_DecodedLength(&spki_len, len)) { - OPENSSL_PUT_ERROR(X509, NETSCAPE_SPKI_b64_decode, X509_R_BASE64_DECODE_ERROR); + OPENSSL_PUT_ERROR(X509, X509_R_BASE64_DECODE_ERROR); return NULL; } if (!(spki_der = OPENSSL_malloc(spki_len))) { - OPENSSL_PUT_ERROR(X509, NETSCAPE_SPKI_b64_decode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return NULL; } if (!EVP_DecodeBase64(spki_der, &spki_len, spki_len, (const uint8_t *)str, len)) { - OPENSSL_PUT_ERROR(X509, NETSCAPE_SPKI_b64_decode, X509_R_BASE64_DECODE_ERROR); + OPENSSL_PUT_ERROR(X509, X509_R_BASE64_DECODE_ERROR); OPENSSL_free(spki_der); return NULL; } @@ -113,18 +113,18 @@ char * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki) der_len = i2d_NETSCAPE_SPKI(spki, NULL); if (!EVP_EncodedLength(&b64_len, der_len)) { - OPENSSL_PUT_ERROR(X509, NETSCAPE_SPKI_b64_encode, ERR_R_OVERFLOW); + OPENSSL_PUT_ERROR(X509, ERR_R_OVERFLOW); return NULL; } der_spki = OPENSSL_malloc(der_len); if (der_spki == NULL) { - OPENSSL_PUT_ERROR(X509, NETSCAPE_SPKI_b64_encode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return NULL; } b64_str = OPENSSL_malloc(b64_len); if (b64_str == NULL) { OPENSSL_free(der_spki); - OPENSSL_PUT_ERROR(X509, NETSCAPE_SPKI_b64_encode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return NULL; } p = der_spki; diff --git a/src/crypto/x509/x_all.c b/src/crypto/x509/x_all.c index 785fd1e..d7f2d29 100644 --- a/src/crypto/x509/x_all.c +++ b/src/crypto/x509/x_all.c @@ -64,9 +64,6 @@ #include -extern const ASN1_ITEM RSAPrivateKey_it; -extern const ASN1_ITEM RSAPublicKey_it; - int X509_verify(X509 *a, EVP_PKEY *r) { if (X509_ALGOR_cmp(a->sig_alg, a->cert_info->signature)) @@ -144,6 +141,12 @@ int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md) x->signature, x->spkac,pkey,md)); } +int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *x, EVP_PKEY *pkey) + { + return (ASN1_item_verify(ASN1_ITEM_rptr(NETSCAPE_SPKAC), x->sig_algor, + x->signature, x->spkac, pkey)); + } + #ifndef OPENSSL_NO_FP_API X509 *d2i_X509_fp(FILE *fp, X509 **x509) { @@ -239,17 +242,17 @@ int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req) #ifndef OPENSSL_NO_FP_API RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa) { - return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa); + return ASN1_d2i_fp_of(RSA, RSA_new, d2i_RSAPrivateKey, fp, rsa); } int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa) { - return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa); + return ASN1_i2d_fp_of_const(RSA, i2d_RSAPrivateKey, fp, rsa); } RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa) { - return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa); + return ASN1_d2i_fp_of(RSA, RSA_new, d2i_RSAPublicKey, fp, rsa); } RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa) @@ -261,7 +264,7 @@ RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa) int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa) { - return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa); + return ASN1_i2d_fp_of_const(RSA, i2d_RSAPublicKey, fp, rsa); } int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa) @@ -272,17 +275,17 @@ int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa) RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa) { - return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa); + return ASN1_d2i_bio_of(RSA, RSA_new, d2i_RSAPrivateKey, bp, rsa); } int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa) { - return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa); + return ASN1_i2d_bio_of_const(RSA, i2d_RSAPrivateKey, bp, rsa); } RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa) { - return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa); + return ASN1_d2i_bio_of(RSA, RSA_new, d2i_RSAPublicKey, bp, rsa); } @@ -293,7 +296,7 @@ RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa) int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa) { - return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa); + return ASN1_i2d_bio_of_const(RSA, i2d_RSAPublicKey, bp, rsa); } int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa) diff --git a/src/crypto/x509/x_crl.c b/src/crypto/x509/x_crl.c index 2f41bb1..d516872 100644 --- a/src/crypto/x509/x_crl.c +++ b/src/crypto/x509/x_crl.c @@ -400,7 +400,7 @@ int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev) if(!inf->revoked) inf->revoked = sk_X509_REVOKED_new(X509_REVOKED_cmp); if(!inf->revoked || !sk_X509_REVOKED_push(inf->revoked, rev)) { - OPENSSL_PUT_ERROR(X509, X509_CRL_add0_revoked, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return 0; } inf->enc.modified = 1; diff --git a/src/crypto/x509/x_info.c b/src/crypto/x509/x_info.c index f9e9ab8..be579d7 100644 --- a/src/crypto/x509/x_info.c +++ b/src/crypto/x509/x_info.c @@ -69,7 +69,7 @@ X509_INFO *X509_INFO_new(void) ret=(X509_INFO *)OPENSSL_malloc(sizeof(X509_INFO)); if (ret == NULL) { - OPENSSL_PUT_ERROR(X509, X509_INFO_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return(NULL); } diff --git a/src/crypto/x509/x_name.c b/src/crypto/x509/x_name.c index 5cfb3ae..762756b 100644 --- a/src/crypto/x509/x_name.c +++ b/src/crypto/x509/x_name.c @@ -150,7 +150,7 @@ static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it) return 1; memerr: - OPENSSL_PUT_ERROR(X509, x509_name_ex_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); if (ret) { if (ret->entries) @@ -239,7 +239,7 @@ static int x509_name_ex_d2i(ASN1_VALUE **val, err: if (nm.x != NULL) X509_NAME_free(nm.x); - OPENSSL_PUT_ERROR(X509, x509_name_ex_d2i, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_ASN1_LIB); return 0; } @@ -300,7 +300,7 @@ static int x509_name_encode(X509_NAME *a) memerr: sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s, local_sk_X509_NAME_ENTRY_free); - OPENSSL_PUT_ERROR(X509, x509_name_encode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return -1; } diff --git a/src/crypto/x509/x_pkey.c b/src/crypto/x509/x_pkey.c index 5bc6415..f5e98b8 100644 --- a/src/crypto/x509/x_pkey.c +++ b/src/crypto/x509/x_pkey.c @@ -69,7 +69,7 @@ X509_PKEY *X509_PKEY_new(void) X509_PKEY *ret = OPENSSL_malloc(sizeof(X509_PKEY)); if (ret == NULL) { - OPENSSL_PUT_ERROR(X509, X509_PKEY_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); goto err; } memset(ret, 0, sizeof(X509_PKEY)); diff --git a/src/crypto/x509/x_pubkey.c b/src/crypto/x509/x_pubkey.c index c2e0863..a16edca 100644 --- a/src/crypto/x509/x_pubkey.c +++ b/src/crypto/x509/x_pubkey.c @@ -100,19 +100,19 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) { if (!pkey->ameth->pub_encode(pk, pkey)) { - OPENSSL_PUT_ERROR(X509, X509_PUBKEY_set, X509_R_PUBLIC_KEY_ENCODE_ERROR); + OPENSSL_PUT_ERROR(X509, X509_R_PUBLIC_KEY_ENCODE_ERROR); goto error; } } else { - OPENSSL_PUT_ERROR(X509, X509_PUBKEY_set, X509_R_METHOD_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(X509, X509_R_METHOD_NOT_SUPPORTED); goto error; } } else { - OPENSSL_PUT_ERROR(X509, X509_PUBKEY_set, X509_R_UNSUPPORTED_ALGORITHM); + OPENSSL_PUT_ERROR(X509, X509_R_UNSUPPORTED_ALGORITHM); goto error; } @@ -151,13 +151,13 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) if ((ret = EVP_PKEY_new()) == NULL) { - OPENSSL_PUT_ERROR(X509, X509_PUBKEY_get, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); goto error; } if (!EVP_PKEY_set_type(ret, OBJ_obj2nid(key->algor->algorithm))) { - OPENSSL_PUT_ERROR(X509, X509_PUBKEY_get, X509_R_UNSUPPORTED_ALGORITHM); + OPENSSL_PUT_ERROR(X509, X509_R_UNSUPPORTED_ALGORITHM); goto error; } @@ -165,13 +165,13 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) { if (!ret->ameth->pub_decode(ret, key)) { - OPENSSL_PUT_ERROR(X509, X509_PUBKEY_get, X509_R_PUBLIC_KEY_DECODE_ERROR); + OPENSSL_PUT_ERROR(X509, X509_R_PUBLIC_KEY_DECODE_ERROR); goto error; } } else { - OPENSSL_PUT_ERROR(X509, X509_PUBKEY_get, X509_R_METHOD_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(X509, X509_R_METHOD_NOT_SUPPORTED); goto error; } @@ -262,7 +262,7 @@ int i2d_RSA_PUBKEY(const RSA *a, unsigned char **pp) pktmp = EVP_PKEY_new(); if (!pktmp) { - OPENSSL_PUT_ERROR(X509, i2d_RSA_PUBKEY, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return 0; } EVP_PKEY_set1_RSA(pktmp, (RSA*) a); @@ -301,7 +301,7 @@ int i2d_DSA_PUBKEY(const DSA *a, unsigned char **pp) pktmp = EVP_PKEY_new(); if(!pktmp) { - OPENSSL_PUT_ERROR(X509, i2d_DSA_PUBKEY, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return 0; } EVP_PKEY_set1_DSA(pktmp, (DSA*) a); @@ -338,7 +338,7 @@ int i2d_EC_PUBKEY(const EC_KEY *a, unsigned char **pp) if (!a) return(0); if ((pktmp = EVP_PKEY_new()) == NULL) { - OPENSSL_PUT_ERROR(X509, i2d_EC_PUBKEY, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return(0); } EVP_PKEY_set1_EC_KEY(pktmp, (EC_KEY*) a); diff --git a/src/crypto/x509/x_x509a.c b/src/crypto/x509/x_x509a.c index e13204b..fb7172b 100644 --- a/src/crypto/x509/x_x509a.c +++ b/src/crypto/x509/x_x509a.c @@ -133,24 +133,44 @@ unsigned char *X509_keyid_get0(X509 *x, int *len) int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj) { - X509_CERT_AUX *aux; - ASN1_OBJECT *objtmp; - if(!(objtmp = OBJ_dup(obj))) return 0; - if(!(aux = aux_get(x))) return 0; - if(!aux->trust - && !(aux->trust = sk_ASN1_OBJECT_new_null())) return 0; - return sk_ASN1_OBJECT_push(aux->trust, objtmp); + ASN1_OBJECT *objtmp = OBJ_dup(obj); + if (objtmp == NULL) + goto err; + X509_CERT_AUX *aux = aux_get(x); + if (aux->trust == NULL) + { + aux->trust = sk_ASN1_OBJECT_new_null(); + if (aux->trust == NULL) + goto err; + } + if (!sk_ASN1_OBJECT_push(aux->trust, objtmp)) + goto err; + return 1; + +err: + ASN1_OBJECT_free(objtmp); + return 0; } int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj) { - X509_CERT_AUX *aux; - ASN1_OBJECT *objtmp; - if(!(objtmp = OBJ_dup(obj))) return 0; - if(!(aux = aux_get(x))) return 0; - if(!aux->reject - && !(aux->reject = sk_ASN1_OBJECT_new_null())) return 0; - return sk_ASN1_OBJECT_push(aux->reject, objtmp); + ASN1_OBJECT *objtmp = OBJ_dup(obj); + if (objtmp == NULL) + goto err; + X509_CERT_AUX *aux = aux_get(x); + if (aux->reject == NULL) + { + aux->reject = sk_ASN1_OBJECT_new_null(); + if (aux->reject == NULL) + goto err; + } + if (!sk_ASN1_OBJECT_push(aux->reject, objtmp)) + goto err; + return 1; + +err: + ASN1_OBJECT_free(objtmp); + return 0; } void X509_trust_clear(X509 *x) diff --git a/src/crypto/x509v3/CMakeLists.txt b/src/crypto/x509v3/CMakeLists.txt index c7e6054..5cc1b49 100644 --- a/src/crypto/x509v3/CMakeLists.txt +++ b/src/crypto/x509v3/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( x509v3 @@ -46,7 +46,7 @@ add_library( add_executable( v3name_test - v3nametest.c + v3name_test.c $ ) @@ -56,7 +56,7 @@ target_link_libraries(v3name_test crypto) add_executable( tab_test - tabtest.c + tab_test.c $ ) diff --git a/src/crypto/x509v3/tab_test.c b/src/crypto/x509v3/tab_test.c new file mode 100644 index 0000000..6b97e91 --- /dev/null +++ b/src/crypto/x509v3/tab_test.c @@ -0,0 +1,103 @@ +/* tabtest.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL + * project 1999. + */ +/* ==================================================================== + * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +/* Simple program to check the ext_dat.h is correct and print out + * problems if it is not. + */ + +#include + +#include +#include +#include + +#if !defined(BORINGSSL_SHARED_LIBRARY) +#include "ext_dat.h" +#endif + +int main(void) +{ +#if !defined(BORINGSSL_SHARED_LIBRARY) + int i, prev = -1, bad = 0; + const X509V3_EXT_METHOD *const *tmp; + CRYPTO_library_init(); + i = sizeof(standard_exts) / sizeof(X509V3_EXT_METHOD *); + if(i != STANDARD_EXTENSION_COUNT) + fprintf(stderr, "Extension number invalid expecting %d\n", i); + tmp = standard_exts; + for(i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++) { + if((*tmp)->ext_nid < prev) bad = 1; + prev = (*tmp)->ext_nid; + + } + if(bad) { + tmp = standard_exts; + fprintf(stderr, "Extensions out of order!\n"); + for(i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++) + printf("%d : %s\n", (*tmp)->ext_nid, OBJ_nid2sn((*tmp)->ext_nid)); + return 1; + } else { + printf("PASS\n"); + return 0; + } +#else + /* TODO(davidben): Fix this test in the shared library build. */ + printf("PASS\n"); + return 0; +#endif +} diff --git a/src/crypto/x509v3/tabtest.c b/src/crypto/x509v3/tabtest.c deleted file mode 100644 index 6b97e91..0000000 --- a/src/crypto/x509v3/tabtest.c +++ /dev/null @@ -1,103 +0,0 @@ -/* tabtest.c */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* Simple program to check the ext_dat.h is correct and print out - * problems if it is not. - */ - -#include - -#include -#include -#include - -#if !defined(BORINGSSL_SHARED_LIBRARY) -#include "ext_dat.h" -#endif - -int main(void) -{ -#if !defined(BORINGSSL_SHARED_LIBRARY) - int i, prev = -1, bad = 0; - const X509V3_EXT_METHOD *const *tmp; - CRYPTO_library_init(); - i = sizeof(standard_exts) / sizeof(X509V3_EXT_METHOD *); - if(i != STANDARD_EXTENSION_COUNT) - fprintf(stderr, "Extension number invalid expecting %d\n", i); - tmp = standard_exts; - for(i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++) { - if((*tmp)->ext_nid < prev) bad = 1; - prev = (*tmp)->ext_nid; - - } - if(bad) { - tmp = standard_exts; - fprintf(stderr, "Extensions out of order!\n"); - for(i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++) - printf("%d : %s\n", (*tmp)->ext_nid, OBJ_nid2sn((*tmp)->ext_nid)); - return 1; - } else { - printf("PASS\n"); - return 0; - } -#else - /* TODO(davidben): Fix this test in the shared library build. */ - printf("PASS\n"); - return 0; -#endif -} diff --git a/src/crypto/x509v3/v3_akey.c b/src/crypto/x509v3/v3_akey.c index f6e6b69..9578a57 100644 --- a/src/crypto/x509v3/v3_akey.c +++ b/src/crypto/x509v3/v3_akey.c @@ -144,7 +144,7 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, } else { - OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_KEYID, X509V3_R_UNKNOWN_OPTION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_OPTION); ERR_add_error_data(2, "name=", cnf->name); return NULL; } @@ -154,7 +154,7 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, { if(ctx && (ctx->flags==CTX_TEST)) return AUTHORITY_KEYID_new(); - OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_KEYID, X509V3_R_NO_ISSUER_CERTIFICATE); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_ISSUER_CERTIFICATE); return NULL; } @@ -167,7 +167,7 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, ikeyid = X509V3_EXT_d2i(ext); if(keyid==2 && !ikeyid) { - OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_KEYID, X509V3_R_UNABLE_TO_GET_ISSUER_KEYID); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNABLE_TO_GET_ISSUER_KEYID); return NULL; } } @@ -178,7 +178,7 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, serial = M_ASN1_INTEGER_dup(X509_get_serialNumber(cert)); if(!isname || !serial) { - OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_KEYID, X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS); goto err; } } @@ -191,7 +191,7 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, || !(gen = GENERAL_NAME_new()) || !sk_GENERAL_NAME_push(gens, gen)) { - OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_KEYID, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); goto err; } gen->type = GEN_DIRNAME; diff --git a/src/crypto/x509v3/v3_alt.c b/src/crypto/x509v3/v3_alt.c index f547316..e639f45 100644 --- a/src/crypto/x509v3/v3_alt.c +++ b/src/crypto/x509v3/v3_alt.c @@ -250,7 +250,7 @@ static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method, CONF_VALUE *cnf; size_t i; if(!(gens = sk_GENERAL_NAME_new_null())) { - OPENSSL_PUT_ERROR(X509V3, v2i_issuer_alt, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { @@ -282,21 +282,21 @@ static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens) size_t j; if(ctx && (ctx->flags == CTX_TEST)) return 1; if(!ctx || !ctx->issuer_cert) { - OPENSSL_PUT_ERROR(X509V3, copy_issuer, X509V3_R_NO_ISSUER_DETAILS); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_ISSUER_DETAILS); goto err; } i = X509_get_ext_by_NID(ctx->issuer_cert, NID_subject_alt_name, -1); if(i < 0) return 1; if(!(ext = X509_get_ext(ctx->issuer_cert, i)) || !(ialt = X509V3_EXT_d2i(ext)) ) { - OPENSSL_PUT_ERROR(X509V3, copy_issuer, X509V3_R_ISSUER_DECODE_ERROR); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_ISSUER_DECODE_ERROR); goto err; } for(j = 0; j < sk_GENERAL_NAME_num(ialt); j++) { gen = sk_GENERAL_NAME_value(ialt, j); if(!sk_GENERAL_NAME_push(gens, gen)) { - OPENSSL_PUT_ERROR(X509V3, copy_issuer, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); goto err; } } @@ -316,7 +316,7 @@ static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method, CONF_VALUE *cnf; size_t i; if(!(gens = sk_GENERAL_NAME_new_null())) { - OPENSSL_PUT_ERROR(X509V3, v2i_subject_alt, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { @@ -354,7 +354,7 @@ static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p) if(ctx != NULL && ctx->flags == CTX_TEST) return 1; if(!ctx || (!ctx->subject_cert && !ctx->subject_req)) { - OPENSSL_PUT_ERROR(X509V3, copy_email, X509V3_R_NO_SUBJECT_DETAILS); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_SUBJECT_DETAILS); goto err; } /* Find the subject name */ @@ -374,14 +374,14 @@ static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p) i--; } if(!email || !(gen = GENERAL_NAME_new())) { - OPENSSL_PUT_ERROR(X509V3, copy_email, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); goto err; } gen->d.ia5 = email; email = NULL; gen->type = GEN_EMAIL; if(!sk_GENERAL_NAME_push(gens, gen)) { - OPENSSL_PUT_ERROR(X509V3, copy_email, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); goto err; } gen = NULL; @@ -405,7 +405,7 @@ GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method, CONF_VALUE *cnf; size_t i; if(!(gens = sk_GENERAL_NAME_new_null())) { - OPENSSL_PUT_ERROR(X509V3, v2i_GENERAL_NAMES, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { @@ -434,7 +434,7 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, if(!value) { - OPENSSL_PUT_ERROR(X509V3, a2i_GENERAL_NAME, X509V3_R_MISSING_VALUE); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_MISSING_VALUE); return NULL; } @@ -445,7 +445,7 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, gen = GENERAL_NAME_new(); if(gen == NULL) { - OPENSSL_PUT_ERROR(X509V3, a2i_GENERAL_NAME, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } } @@ -463,7 +463,7 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, ASN1_OBJECT *obj; if(!(obj = OBJ_txt2obj(value,0))) { - OPENSSL_PUT_ERROR(X509V3, a2i_GENERAL_NAME, X509V3_R_BAD_OBJECT); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_BAD_OBJECT); ERR_add_error_data(2, "value=", value); goto err; } @@ -478,7 +478,7 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, gen->d.ip = a2i_IPADDRESS(value); if(gen->d.ip == NULL) { - OPENSSL_PUT_ERROR(X509V3, a2i_GENERAL_NAME, X509V3_R_BAD_IP_ADDRESS); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_BAD_IP_ADDRESS); ERR_add_error_data(2, "value=", value); goto err; } @@ -487,7 +487,7 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, case GEN_DIRNAME: if (!do_dirname(gen, value, ctx)) { - OPENSSL_PUT_ERROR(X509V3, a2i_GENERAL_NAME, X509V3_R_DIRNAME_ERROR); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_DIRNAME_ERROR); goto err; } break; @@ -495,12 +495,12 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, case GEN_OTHERNAME: if (!do_othername(gen, value, ctx)) { - OPENSSL_PUT_ERROR(X509V3, a2i_GENERAL_NAME, X509V3_R_OTHERNAME_ERROR); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_OTHERNAME_ERROR); goto err; } break; default: - OPENSSL_PUT_ERROR(X509V3, a2i_GENERAL_NAME, X509V3_R_UNSUPPORTED_TYPE); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNSUPPORTED_TYPE); goto err; } @@ -510,7 +510,7 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value, strlen(value))) { - OPENSSL_PUT_ERROR(X509V3, a2i_GENERAL_NAME, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); goto err; } } @@ -538,7 +538,7 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, if(!value) { - OPENSSL_PUT_ERROR(X509V3, v2i_GENERAL_NAME_ex, X509V3_R_MISSING_VALUE); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_MISSING_VALUE); return NULL; } @@ -558,7 +558,7 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, type = GEN_OTHERNAME; else { - OPENSSL_PUT_ERROR(X509V3, v2i_GENERAL_NAME_ex, X509V3_R_UNSUPPORTED_OPTION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNSUPPORTED_OPTION); ERR_add_error_data(2, "name=", name); return NULL; } @@ -604,7 +604,7 @@ static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx) sk = X509V3_get_section(ctx, value); if (!sk) { - OPENSSL_PUT_ERROR(X509V3, do_dirname, X509V3_R_SECTION_NOT_FOUND); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_SECTION_NOT_FOUND); ERR_add_error_data(2, "section=", value); X509_NAME_free(nm); return 0; diff --git a/src/crypto/x509v3/v3_bcons.c b/src/crypto/x509v3/v3_bcons.c index a1381b4..73ef21e 100644 --- a/src/crypto/x509v3/v3_bcons.c +++ b/src/crypto/x509v3/v3_bcons.c @@ -103,7 +103,7 @@ static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, CONF_VALUE *val; size_t i; if(!(bcons = BASIC_CONSTRAINTS_new())) { - OPENSSL_PUT_ERROR(X509V3, v2i_BASIC_CONSTRAINTS, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(values); i++) { @@ -113,7 +113,7 @@ static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, } else if(!strcmp(val->name, "pathlen")) { if(!X509V3_get_value_int(val, &bcons->pathlen)) goto err; } else { - OPENSSL_PUT_ERROR(X509V3, v2i_BASIC_CONSTRAINTS, X509V3_R_INVALID_NAME); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NAME); X509V3_conf_err(val); goto err; } diff --git a/src/crypto/x509v3/v3_bitst.c b/src/crypto/x509v3/v3_bitst.c index 15e9859..e1e2087 100644 --- a/src/crypto/x509v3/v3_bitst.c +++ b/src/crypto/x509v3/v3_bitst.c @@ -112,7 +112,7 @@ ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, size_t i; const BIT_STRING_BITNAME *bnam; if(!(bs = M_ASN1_BIT_STRING_new())) { - OPENSSL_PUT_ERROR(X509V3, v2i_ASN1_BIT_STRING, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { @@ -121,7 +121,7 @@ ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, if(!strcmp(bnam->sname, val->name) || !strcmp(bnam->lname, val->name) ) { if(!ASN1_BIT_STRING_set_bit(bs, bnam->bitnum, 1)) { - OPENSSL_PUT_ERROR(X509V3, v2i_ASN1_BIT_STRING, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); M_ASN1_BIT_STRING_free(bs); return NULL; } @@ -129,7 +129,7 @@ ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, } } if(!bnam->lname) { - OPENSSL_PUT_ERROR(X509V3, v2i_ASN1_BIT_STRING, X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT); X509V3_conf_err(val); M_ASN1_BIT_STRING_free(bs); return NULL; diff --git a/src/crypto/x509v3/v3_conf.c b/src/crypto/x509v3/v3_conf.c index cb6569f..fe71566 100644 --- a/src/crypto/x509v3/v3_conf.c +++ b/src/crypto/x509v3/v3_conf.c @@ -92,7 +92,7 @@ X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name, ret = do_ext_nconf(conf, ctx, OBJ_sn2nid(name), crit, value); if (!ret) { - OPENSSL_PUT_ERROR(X509V3, X509V3_EXT_nconf, X509V3_R_ERROR_IN_EXTENSION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_ERROR_IN_EXTENSION); ERR_add_error_data(4,"name=", name, ", value=", value); } return ret; @@ -123,12 +123,12 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, void *ext_struc; if (ext_nid == NID_undef) { - OPENSSL_PUT_ERROR(X509V3, do_ext_nconf, X509V3_R_UNKNOWN_EXTENSION_NAME); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_EXTENSION_NAME); return NULL; } if (!(method = X509V3_EXT_get_nid(ext_nid))) { - OPENSSL_PUT_ERROR(X509V3, do_ext_nconf, X509V3_R_UNKNOWN_EXTENSION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_EXTENSION); return NULL; } /* Now get internal extension representation based on type */ @@ -138,7 +138,7 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, else nval = X509V3_parse_list(value); if(sk_CONF_VALUE_num(nval) <= 0) { - OPENSSL_PUT_ERROR(X509V3, do_ext_nconf, X509V3_R_INVALID_EXTENSION_STRING); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_EXTENSION_STRING); ERR_add_error_data(4, "name=", OBJ_nid2sn(ext_nid), ",section=", value); return NULL; } @@ -155,14 +155,14 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, { if(!ctx->db || !ctx->db_meth) { - OPENSSL_PUT_ERROR(X509V3, do_ext_nconf, X509V3_R_NO_CONFIG_DATABASE); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_CONFIG_DATABASE); return NULL; } if(!(ext_struc = method->r2i(method, ctx, value))) return NULL; } else { - OPENSSL_PUT_ERROR(X509V3, do_ext_nconf, X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED); ERR_add_error_data(2, "name=", OBJ_nid2sn(ext_nid)); return NULL; } @@ -207,7 +207,7 @@ static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method, int ext_nid, return ext; merr: - OPENSSL_PUT_ERROR(X509V3, do_ext_i2d, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } @@ -218,7 +218,7 @@ X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc) { const X509V3_EXT_METHOD *method; if (!(method = X509V3_EXT_get_nid(ext_nid))) { - OPENSSL_PUT_ERROR(X509V3, X509V3_EXT_i2d, X509V3_R_UNKNOWN_EXTENSION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_EXTENSION); return NULL; } return do_ext_i2d(method, ext_nid, crit, ext_struc); @@ -271,7 +271,7 @@ static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, X509_EXTENSION *extension=NULL; if (!(obj = OBJ_txt2obj(ext, 0))) { - OPENSSL_PUT_ERROR(X509V3, v3_generic_extension, X509V3_R_EXTENSION_NAME_ERROR); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_EXTENSION_NAME_ERROR); ERR_add_error_data(2, "name=", ext); goto err; } @@ -283,14 +283,14 @@ static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, if (ext_der == NULL) { - OPENSSL_PUT_ERROR(X509V3, v3_generic_extension, X509V3_R_EXTENSION_VALUE_ERROR); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_EXTENSION_VALUE_ERROR); ERR_add_error_data(2, "value=", value); goto err; } if (!(oct = M_ASN1_OCTET_STRING_new())) { - OPENSSL_PUT_ERROR(X509V3, v3_generic_extension, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); goto err; } @@ -389,7 +389,7 @@ char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section) { if(!ctx->db || !ctx->db_meth || !ctx->db_meth->get_string) { - OPENSSL_PUT_ERROR(X509V3, X509V3_get_string, X509V3_R_OPERATION_NOT_DEFINED); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_OPERATION_NOT_DEFINED); return NULL; } if (ctx->db_meth->get_string) @@ -401,7 +401,7 @@ STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section) { if(!ctx->db || !ctx->db_meth || !ctx->db_meth->get_section) { - OPENSSL_PUT_ERROR(X509V3, X509V3_get_section, X509V3_R_OPERATION_NOT_DEFINED); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_OPERATION_NOT_DEFINED); return NULL; } if (ctx->db_meth->get_section) diff --git a/src/crypto/x509v3/v3_cpols.c b/src/crypto/x509v3/v3_cpols.c index cbe596b..0b58676 100644 --- a/src/crypto/x509v3/v3_cpols.c +++ b/src/crypto/x509v3/v3_cpols.c @@ -146,19 +146,19 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, int ia5org; pols = sk_POLICYINFO_new_null(); if (pols == NULL) { - OPENSSL_PUT_ERROR(X509V3, r2i_certpol, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } vals = X509V3_parse_list(value); if (vals == NULL) { - OPENSSL_PUT_ERROR(X509V3, r2i_certpol, ERR_R_X509V3_LIB); + OPENSSL_PUT_ERROR(X509V3, ERR_R_X509V3_LIB); goto err; } ia5org = 0; for(i = 0; i < sk_CONF_VALUE_num(vals); i++) { cnf = sk_CONF_VALUE_value(vals, i); if(cnf->value || !cnf->name ) { - OPENSSL_PUT_ERROR(X509V3, r2i_certpol, X509V3_R_INVALID_POLICY_IDENTIFIER); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_POLICY_IDENTIFIER); X509V3_conf_err(cnf); goto err; } @@ -170,7 +170,7 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, STACK_OF(CONF_VALUE) *polsect; polsect = X509V3_get_section(ctx, pstr + 1); if(!polsect) { - OPENSSL_PUT_ERROR(X509V3, r2i_certpol, X509V3_R_INVALID_SECTION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_SECTION); X509V3_conf_err(cnf); goto err; @@ -180,7 +180,7 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, if(!pol) goto err; } else { if(!(pobj = OBJ_txt2obj(cnf->name, 0))) { - OPENSSL_PUT_ERROR(X509V3, r2i_certpol, X509V3_R_INVALID_OBJECT_IDENTIFIER); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(cnf); goto err; } @@ -189,7 +189,7 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, } if (!sk_POLICYINFO_push(pols, pol)){ POLICYINFO_free(pol); - OPENSSL_PUT_ERROR(X509V3, r2i_certpol, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); goto err; } } @@ -214,7 +214,7 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx, if(!strcmp(cnf->name, "policyIdentifier")) { ASN1_OBJECT *pobj; if(!(pobj = OBJ_txt2obj(cnf->value, 0))) { - OPENSSL_PUT_ERROR(X509V3, policy_section, X509V3_R_INVALID_OBJECT_IDENTIFIER); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(cnf); goto err; } @@ -229,7 +229,7 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx, /* TODO(fork): const correctness */ qual->pqualid = (ASN1_OBJECT*) OBJ_nid2obj(NID_id_qt_cps); if (qual->pqualid == NULL) { - OPENSSL_PUT_ERROR(X509V3, policy_section, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(X509V3, ERR_R_INTERNAL_ERROR); goto err; } qual->d.cpsuri = M_ASN1_IA5STRING_new(); @@ -241,13 +241,13 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx, } else if(!name_cmp(cnf->name, "userNotice")) { STACK_OF(CONF_VALUE) *unot; if(*cnf->value != '@') { - OPENSSL_PUT_ERROR(X509V3, policy_section, X509V3_R_EXPECTED_A_SECTION_NAME); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_EXPECTED_A_SECTION_NAME); X509V3_conf_err(cnf); goto err; } unot = X509V3_get_section(ctx, cnf->value + 1); if(!unot) { - OPENSSL_PUT_ERROR(X509V3, policy_section, X509V3_R_INVALID_SECTION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_SECTION); X509V3_conf_err(cnf); goto err; @@ -260,21 +260,21 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx, if(!sk_POLICYQUALINFO_push(pol->qualifiers, qual)) goto merr; } else { - OPENSSL_PUT_ERROR(X509V3, policy_section, X509V3_R_INVALID_OPTION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OPTION); X509V3_conf_err(cnf); goto err; } } if(!pol->policyid) { - OPENSSL_PUT_ERROR(X509V3, policy_section, X509V3_R_NO_POLICY_IDENTIFIER); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_POLICY_IDENTIFIER); goto err; } return pol; merr: - OPENSSL_PUT_ERROR(X509V3, policy_section, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); err: POLICYINFO_free(pol); @@ -296,7 +296,7 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, qual->pqualid = (ASN1_OBJECT *) OBJ_nid2obj(NID_id_qt_unotice); if (qual->pqualid == NULL) { - OPENSSL_PUT_ERROR(X509V3, notice_section, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(X509V3, ERR_R_INTERNAL_ERROR); goto err; } if(!(not = USERNOTICE_new())) goto merr; @@ -328,7 +328,7 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, } else nref = not->noticeref; nos = X509V3_parse_list(cnf->value); if(!nos || !sk_CONF_VALUE_num(nos)) { - OPENSSL_PUT_ERROR(X509V3, notice_section, X509V3_R_INVALID_NUMBERS); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NUMBERS); X509V3_conf_err(cnf); goto err; } @@ -337,7 +337,7 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, if (!ret) goto err; } else { - OPENSSL_PUT_ERROR(X509V3, notice_section, X509V3_R_INVALID_OPTION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OPTION); X509V3_conf_err(cnf); goto err; } @@ -345,14 +345,14 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, if(not->noticeref && (!not->noticeref->noticenos || !not->noticeref->organization)) { - OPENSSL_PUT_ERROR(X509V3, notice_section, X509V3_R_NEED_ORGANIZATION_AND_NUMBERS); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_NEED_ORGANIZATION_AND_NUMBERS); goto err; } return qual; merr: - OPENSSL_PUT_ERROR(X509V3, notice_section, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); err: POLICYQUALINFO_free(qual); @@ -369,7 +369,7 @@ static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos) for(i = 0; i < sk_CONF_VALUE_num(nos); i++) { cnf = sk_CONF_VALUE_value(nos, i); if(!(aint = s2i_ASN1_INTEGER(NULL, cnf->name))) { - OPENSSL_PUT_ERROR(X509V3, nref_nos, X509V3_R_INVALID_NUMBER); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NUMBER); goto err; } if(!sk_ASN1_INTEGER_push(nnums, aint)) goto merr; @@ -377,7 +377,7 @@ static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos) return 1; merr: - OPENSSL_PUT_ERROR(X509V3, nref_nos, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); err: sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free); diff --git a/src/crypto/x509v3/v3_crld.c b/src/crypto/x509v3/v3_crld.c index e41dd65..3984c31 100644 --- a/src/crypto/x509v3/v3_crld.c +++ b/src/crypto/x509v3/v3_crld.c @@ -103,7 +103,7 @@ static STACK_OF(GENERAL_NAME) *gnames_from_sectname(X509V3_CTX *ctx, char *sect) gnsect = X509V3_parse_list(sect); if (!gnsect) { - OPENSSL_PUT_ERROR(X509V3, gnames_from_sectname, X509V3_R_SECTION_NOT_FOUND); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_SECTION_NOT_FOUND); return NULL; } gens = v2i_GENERAL_NAMES(NULL, ctx, gnsect); @@ -136,7 +136,7 @@ static int set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, dnsect = X509V3_get_section(ctx, cnf->value); if (!dnsect) { - OPENSSL_PUT_ERROR(X509V3, set_dist_point_name, X509V3_R_SECTION_NOT_FOUND); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_SECTION_NOT_FOUND); return -1; } ret = X509V3_NAME_from_section(nm, dnsect, MBSTRING_ASC); @@ -152,7 +152,7 @@ static int set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, if (sk_X509_NAME_ENTRY_value(rnm, sk_X509_NAME_ENTRY_num(rnm) - 1)->set) { - OPENSSL_PUT_ERROR(X509V3, set_dist_point_name, X509V3_R_INVALID_MULTIPLE_RDNS); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_MULTIPLE_RDNS); goto err; } } @@ -161,7 +161,7 @@ static int set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, if (*pdp) { - OPENSSL_PUT_ERROR(X509V3, set_dist_point_name, X509V3_R_DISTPOINT_ALREADY_SET); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_DISTPOINT_ALREADY_SET); goto err; } @@ -362,7 +362,7 @@ static void *v2i_crld(const X509V3_EXT_METHOD *method, return crld; merr: - OPENSSL_PUT_ERROR(X509V3, v2i_crld, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); err: GENERAL_NAME_free(gen); GENERAL_NAMES_free(gens); @@ -490,7 +490,7 @@ static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, } else { - OPENSSL_PUT_ERROR(X509V3, v2i_idp, X509V3_R_INVALID_NAME); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NAME); X509V3_conf_err(cnf); goto err; } @@ -498,7 +498,7 @@ static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, return idp; merr: - OPENSSL_PUT_ERROR(X509V3, v2i_idp, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); err: ISSUING_DIST_POINT_free(idp); return NULL; diff --git a/src/crypto/x509v3/v3_extku.c b/src/crypto/x509v3/v3_extku.c index f4b8af8..d64eb9c 100644 --- a/src/crypto/x509v3/v3_extku.c +++ b/src/crypto/x509v3/v3_extku.c @@ -125,7 +125,7 @@ static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, size_t i; if(!(extku = sk_ASN1_OBJECT_new_null())) { - OPENSSL_PUT_ERROR(X509V3, v2i_EXTENDED_KEY_USAGE, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } @@ -135,7 +135,7 @@ static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, else extval = val->name; if(!(objtmp = OBJ_txt2obj(extval, 0))) { sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free); - OPENSSL_PUT_ERROR(X509V3, v2i_EXTENDED_KEY_USAGE, X509V3_R_INVALID_OBJECT_IDENTIFIER); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(val); return NULL; } diff --git a/src/crypto/x509v3/v3_ia5.c b/src/crypto/x509v3/v3_ia5.c index ec57e9b..5a27233 100644 --- a/src/crypto/x509v3/v3_ia5.c +++ b/src/crypto/x509v3/v3_ia5.c @@ -87,7 +87,7 @@ static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, char *tmp; if(!ia5 || !ia5->length) return NULL; if(!(tmp = OPENSSL_malloc(ia5->length + 1))) { - OPENSSL_PUT_ERROR(X509V3, i2s_ASN1_IA5STRING, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } memcpy(tmp, ia5->data, ia5->length); @@ -100,7 +100,7 @@ static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, { ASN1_IA5STRING *ia5; if(!str) { - OPENSSL_PUT_ERROR(X509V3, s2i_ASN1_IA5STRING, X509V3_R_INVALID_NULL_ARGUMENT); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_ARGUMENT); return NULL; } if(!(ia5 = M_ASN1_IA5STRING_new())) goto err; @@ -111,7 +111,7 @@ static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, } return ia5; err: - OPENSSL_PUT_ERROR(X509V3, s2i_ASN1_IA5STRING, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/src/crypto/x509v3/v3_info.c b/src/crypto/x509v3/v3_info.c index 7558b2d..475c56f 100644 --- a/src/crypto/x509v3/v3_info.c +++ b/src/crypto/x509v3/v3_info.c @@ -124,7 +124,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method nlen = strlen(objtmp) + strlen(vtmp->name) + 5; ntmp = OPENSSL_malloc(nlen); if(!ntmp) { - OPENSSL_PUT_ERROR(X509V3, i2v_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } BUF_strlcpy(ntmp, objtmp, nlen); @@ -148,19 +148,19 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *metho int objlen; char *objtmp, *ptmp; if(!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) { - OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { cnf = sk_CONF_VALUE_value(nval, i); if(!(acc = ACCESS_DESCRIPTION_new()) || !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) { - OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); goto err; } ptmp = strchr(cnf->name, ';'); if(!ptmp) { - OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_INFO_ACCESS, X509V3_R_INVALID_SYNTAX); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_SYNTAX); goto err; } objlen = ptmp - cnf->name; @@ -169,14 +169,14 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *metho if(!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0)) goto err; if(!(objtmp = OPENSSL_malloc(objlen + 1))) { - OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); goto err; } strncpy(objtmp, cnf->name, objlen); objtmp[objlen] = 0; acc->method = OBJ_txt2obj(objtmp, 0); if(!acc->method) { - OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_INFO_ACCESS, X509V3_R_BAD_OBJECT); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_BAD_OBJECT); ERR_add_error_data(2, "value=", objtmp); OPENSSL_free(objtmp); goto err; diff --git a/src/crypto/x509v3/v3_lib.c b/src/crypto/x509v3/v3_lib.c index d4e4e78..f8e5531 100644 --- a/src/crypto/x509v3/v3_lib.c +++ b/src/crypto/x509v3/v3_lib.c @@ -78,12 +78,12 @@ static int ext_stack_cmp(const X509V3_EXT_METHOD **a, const X509V3_EXT_METHOD ** int X509V3_EXT_add(X509V3_EXT_METHOD *ext) { if(!ext_list && !(ext_list = sk_X509V3_EXT_METHOD_new(ext_stack_cmp))) { - OPENSSL_PUT_ERROR(X509V3, X509V3_EXT_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); ext_list_free(ext); return 0; } if(!sk_X509V3_EXT_METHOD_push(ext_list, ext)) { - OPENSSL_PUT_ERROR(X509V3, X509V3_EXT_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); ext_list_free(ext); return 0; } @@ -127,7 +127,7 @@ int X509V3_EXT_free(int nid, void *ext_data) const X509V3_EXT_METHOD *ext_method = X509V3_EXT_get_nid(nid); if (ext_method == NULL) { - OPENSSL_PUT_ERROR(X509V3, X509V3_EXT_free, X509V3_R_CANNOT_FIND_FREE_FUNCTION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_CANNOT_FIND_FREE_FUNCTION); return 0; } @@ -137,7 +137,7 @@ int X509V3_EXT_free(int nid, void *ext_data) ext_method->ext_free(ext_data); else { - OPENSSL_PUT_ERROR(X509V3, X509V3_EXT_free, X509V3_R_CANNOT_FIND_FREE_FUNCTION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_CANNOT_FIND_FREE_FUNCTION); return 0; } @@ -157,11 +157,11 @@ int X509V3_EXT_add_alias(int nid_to, int nid_from) X509V3_EXT_METHOD *tmpext; if(!(ext = X509V3_EXT_get_nid(nid_from))) { - OPENSSL_PUT_ERROR(X509V3, X509V3_EXT_add_alias, X509V3_R_EXTENSION_NOT_FOUND); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_EXTENSION_NOT_FOUND); return 0; } if(!(tmpext = (X509V3_EXT_METHOD *)OPENSSL_malloc(sizeof(X509V3_EXT_METHOD)))) { - OPENSSL_PUT_ERROR(X509V3, X509V3_EXT_add_alias, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return 0; } *tmpext = *ext; @@ -311,7 +311,7 @@ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, ext = X509V3_EXT_i2d(nid, crit, value); if(!ext) { - OPENSSL_PUT_ERROR(X509V3, X509V3_add1_i2d, X509V3_R_ERROR_CREATING_EXTENSION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_ERROR_CREATING_EXTENSION); return 0; } @@ -330,6 +330,6 @@ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, err: if(!(flags & X509V3_ADD_SILENT)) - OPENSSL_PUT_ERROR(X509V3, X509V3_add1_i2d, errcode); + OPENSSL_PUT_ERROR(X509V3, errcode); return 0; } diff --git a/src/crypto/x509v3/v3_ncons.c b/src/crypto/x509v3/v3_ncons.c index c42a665..19f5e94 100644 --- a/src/crypto/x509v3/v3_ncons.c +++ b/src/crypto/x509v3/v3_ncons.c @@ -135,7 +135,7 @@ static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, } else { - OPENSSL_PUT_ERROR(X509V3, v2i_NAME_CONSTRAINTS, X509V3_R_INVALID_SYNTAX); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_SYNTAX); goto err; } tval.value = val->value; @@ -152,7 +152,7 @@ static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, return ncons; memerr: - OPENSSL_PUT_ERROR(X509V3, v2i_NAME_CONSTRAINTS, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); err: if (ncons) NAME_CONSTRAINTS_free(ncons); diff --git a/src/crypto/x509v3/v3_pci.c b/src/crypto/x509v3/v3_pci.c index aa93891..f19a37a 100644 --- a/src/crypto/x509v3/v3_pci.c +++ b/src/crypto/x509v3/v3_pci.c @@ -87,13 +87,13 @@ static int process_pci_value(CONF_VALUE *val, { if (*language) { - OPENSSL_PUT_ERROR(X509V3, process_pci_value, X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED); X509V3_conf_err(val); return 0; } if (!(*language = OBJ_txt2obj(val->value, 0))) { - OPENSSL_PUT_ERROR(X509V3, process_pci_value, X509V3_R_INVALID_OBJECT_IDENTIFIER); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(val); return 0; } @@ -102,13 +102,13 @@ static int process_pci_value(CONF_VALUE *val, { if (*pathlen) { - OPENSSL_PUT_ERROR(X509V3, process_pci_value, X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED); X509V3_conf_err(val); return 0; } if (!X509V3_get_value_int(val, pathlen)) { - OPENSSL_PUT_ERROR(X509V3, process_pci_value, X509V3_R_POLICY_PATH_LENGTH); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_POLICY_PATH_LENGTH); X509V3_conf_err(val); return 0; } @@ -122,7 +122,7 @@ static int process_pci_value(CONF_VALUE *val, *policy = ASN1_OCTET_STRING_new(); if (!*policy) { - OPENSSL_PUT_ERROR(X509V3, process_pci_value, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); X509V3_conf_err(val); return 0; } @@ -135,7 +135,7 @@ static int process_pci_value(CONF_VALUE *val, if (!tmp_data2) { - OPENSSL_PUT_ERROR(X509V3, process_pci_value, X509V3_R_ILLEGAL_HEX_DIGIT); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_ILLEGAL_HEX_DIGIT); X509V3_conf_err(val); goto err; } @@ -156,7 +156,7 @@ static int process_pci_value(CONF_VALUE *val, /* realloc failure implies the original data space is b0rked too! */ (*policy)->data = NULL; (*policy)->length = 0; - OPENSSL_PUT_ERROR(X509V3, process_pci_value, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); X509V3_conf_err(val); goto err; } @@ -169,7 +169,7 @@ static int process_pci_value(CONF_VALUE *val, BIO *b = BIO_new_file(val->value + 5, "r"); if (!b) { - OPENSSL_PUT_ERROR(X509V3, process_pci_value, ERR_R_BIO_LIB); + OPENSSL_PUT_ERROR(X509V3, ERR_R_BIO_LIB); X509V3_conf_err(val); goto err; } @@ -194,7 +194,7 @@ static int process_pci_value(CONF_VALUE *val, if (n < 0) { - OPENSSL_PUT_ERROR(X509V3, process_pci_value, ERR_R_BIO_LIB); + OPENSSL_PUT_ERROR(X509V3, ERR_R_BIO_LIB); X509V3_conf_err(val); goto err; } @@ -217,20 +217,20 @@ static int process_pci_value(CONF_VALUE *val, /* realloc failure implies the original data space is b0rked too! */ (*policy)->data = NULL; (*policy)->length = 0; - OPENSSL_PUT_ERROR(X509V3, process_pci_value, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); X509V3_conf_err(val); goto err; } } else { - OPENSSL_PUT_ERROR(X509V3, process_pci_value, X509V3_R_INCORRECT_POLICY_SYNTAX_TAG); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INCORRECT_POLICY_SYNTAX_TAG); X509V3_conf_err(val); goto err; } if (!tmp_data) { - OPENSSL_PUT_ERROR(X509V3, process_pci_value, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); X509V3_conf_err(val); goto err; } @@ -262,7 +262,7 @@ static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method, CONF_VALUE *cnf = sk_CONF_VALUE_value(vals, i); if (!cnf->name || (*cnf->name != '@' && !cnf->value)) { - OPENSSL_PUT_ERROR(X509V3, r2i_pci, X509V3_R_INVALID_PROXY_POLICY_SETTING); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_PROXY_POLICY_SETTING); X509V3_conf_err(cnf); goto err; } @@ -274,7 +274,7 @@ static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method, sect = X509V3_get_section(ctx, cnf->name + 1); if (!sect) { - OPENSSL_PUT_ERROR(X509V3, r2i_pci, X509V3_R_INVALID_SECTION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_SECTION); X509V3_conf_err(cnf); goto err; } @@ -302,20 +302,21 @@ static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method, /* Language is mandatory */ if (!language) { - OPENSSL_PUT_ERROR(X509V3, r2i_pci, X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED); goto err; } nid = OBJ_obj2nid(language); if ((nid == NID_Independent || nid == NID_id_ppl_inheritAll) && policy) { - OPENSSL_PUT_ERROR(X509V3, r2i_pci, X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY); + OPENSSL_PUT_ERROR(X509V3, + X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY); goto err; } pci = PROXY_CERT_INFO_EXTENSION_new(); if (!pci) { - OPENSSL_PUT_ERROR(X509V3, r2i_pci, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); goto err; } diff --git a/src/crypto/x509v3/v3_pcons.c b/src/crypto/x509v3/v3_pcons.c index f87c6a0..b752290 100644 --- a/src/crypto/x509v3/v3_pcons.c +++ b/src/crypto/x509v3/v3_pcons.c @@ -112,7 +112,7 @@ static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method, CONF_VALUE *val; size_t i; if(!(pcons = POLICY_CONSTRAINTS_new())) { - OPENSSL_PUT_ERROR(X509V3, v2i_POLICY_CONSTRAINTS, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(values); i++) { @@ -124,13 +124,13 @@ static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method, if(!X509V3_get_value_int(val, &pcons->inhibitPolicyMapping)) goto err; } else { - OPENSSL_PUT_ERROR(X509V3, v2i_POLICY_CONSTRAINTS, X509V3_R_INVALID_NAME); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NAME); X509V3_conf_err(val); goto err; } } if (!pcons->inhibitPolicyMapping && !pcons->requireExplicitPolicy) { - OPENSSL_PUT_ERROR(X509V3, v2i_POLICY_CONSTRAINTS, X509V3_R_ILLEGAL_EMPTY_EXTENSION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_ILLEGAL_EMPTY_EXTENSION); goto err; } diff --git a/src/crypto/x509v3/v3_pmaps.c b/src/crypto/x509v3/v3_pmaps.c index fbc169d..5b90977 100644 --- a/src/crypto/x509v3/v3_pmaps.c +++ b/src/crypto/x509v3/v3_pmaps.c @@ -122,7 +122,7 @@ static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, size_t i; if(!(pmaps = sk_POLICY_MAPPING_new_null())) { - OPENSSL_PUT_ERROR(X509V3, v2i_POLICY_MAPPINGS, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } @@ -130,7 +130,7 @@ static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, val = sk_CONF_VALUE_value(nval, i); if(!val->value || !val->name) { sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); - OPENSSL_PUT_ERROR(X509V3, v2i_POLICY_MAPPINGS, X509V3_R_INVALID_OBJECT_IDENTIFIER); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(val); return NULL; } @@ -138,14 +138,14 @@ static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, obj2 = OBJ_txt2obj(val->value, 0); if(!obj1 || !obj2) { sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); - OPENSSL_PUT_ERROR(X509V3, v2i_POLICY_MAPPINGS, X509V3_R_INVALID_OBJECT_IDENTIFIER); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(val); return NULL; } pmap = POLICY_MAPPING_new(); if (!pmap) { sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); - OPENSSL_PUT_ERROR(X509V3, v2i_POLICY_MAPPINGS, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } pmap->issuerDomainPolicy = obj1; diff --git a/src/crypto/x509v3/v3_purp.c b/src/crypto/x509v3/v3_purp.c index 8ae8a06..f53c0f1 100644 --- a/src/crypto/x509v3/v3_purp.c +++ b/src/crypto/x509v3/v3_purp.c @@ -128,7 +128,7 @@ int X509_check_purpose(X509 *x, int id, int ca) int X509_PURPOSE_set(int *p, int purpose) { if(X509_PURPOSE_get_by_id(purpose) == -1) { - OPENSSL_PUT_ERROR(X509V3, X509_PURPOSE_set, X509V3_R_INVALID_PURPOSE); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_PURPOSE); return 0; } *p = purpose; @@ -191,7 +191,7 @@ int X509_PURPOSE_add(int id, int trust, int flags, /* Need a new entry */ if(idx == -1) { if(!(ptmp = OPENSSL_malloc(sizeof(X509_PURPOSE)))) { - OPENSSL_PUT_ERROR(X509V3, X509_PURPOSE_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return 0; } ptmp->flags = X509_PURPOSE_DYNAMIC; @@ -201,7 +201,7 @@ int X509_PURPOSE_add(int id, int trust, int flags, name_dup = BUF_strdup(name); sname_dup = BUF_strdup(sname); if (name_dup == NULL || sname_dup == NULL) { - OPENSSL_PUT_ERROR(X509V3, X509_PURPOSE_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); if (name_dup != NULL) OPENSSL_free(name_dup); if (sname_dup != NULL) @@ -232,12 +232,12 @@ int X509_PURPOSE_add(int id, int trust, int flags, /* If its a new entry manage the dynamic table */ if(idx == -1) { if(!xptable && !(xptable = sk_X509_PURPOSE_new(xp_cmp))) { - OPENSSL_PUT_ERROR(X509V3, X509_PURPOSE_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); xptable_free(ptmp); return 0; } if (!sk_X509_PURPOSE_push(xptable, ptmp)) { - OPENSSL_PUT_ERROR(X509V3, X509_PURPOSE_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); xptable_free(ptmp); return 0; } diff --git a/src/crypto/x509v3/v3_skey.c b/src/crypto/x509v3/v3_skey.c index 471a1ab..e396f05 100644 --- a/src/crypto/x509v3/v3_skey.c +++ b/src/crypto/x509v3/v3_skey.c @@ -86,7 +86,7 @@ ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, long length; if(!(oct = M_ASN1_OCTET_STRING_new())) { - OPENSSL_PUT_ERROR(X509V3, s2i_ASN1_OCTET_STRING, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } @@ -112,14 +112,14 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, if(strcmp(str, "hash")) return s2i_ASN1_OCTET_STRING(method, ctx, str); if(!(oct = M_ASN1_OCTET_STRING_new())) { - OPENSSL_PUT_ERROR(X509V3, s2i_skey_id, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } if(ctx && (ctx->flags == CTX_TEST)) return oct; if(!ctx || (!ctx->subject_req && !ctx->subject_cert)) { - OPENSSL_PUT_ERROR(X509V3, s2i_skey_id, X509V3_R_NO_PUBLIC_KEY); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_PUBLIC_KEY); goto err; } @@ -128,7 +128,7 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, else pk = ctx->subject_cert->cert_info->key->public_key; if(!pk) { - OPENSSL_PUT_ERROR(X509V3, s2i_skey_id, X509V3_R_NO_PUBLIC_KEY); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_PUBLIC_KEY); goto err; } @@ -136,7 +136,7 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, goto err; if(!M_ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) { - OPENSSL_PUT_ERROR(X509V3, s2i_skey_id, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); goto err; } diff --git a/src/crypto/x509v3/v3_sxnet.c b/src/crypto/x509v3/v3_sxnet.c index bb5e214..4dd5bfc 100644 --- a/src/crypto/x509v3/v3_sxnet.c +++ b/src/crypto/x509v3/v3_sxnet.c @@ -159,7 +159,7 @@ int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, { ASN1_INTEGER *izone = NULL; if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) { - OPENSSL_PUT_ERROR(X509V3, SXNET_add_id_asc, X509V3_R_ERROR_CONVERTING_ZONE); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_ERROR_CONVERTING_ZONE); return 0; } return SXNET_add_id_INTEGER(psx, izone, user, userlen); @@ -172,7 +172,7 @@ int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user, { ASN1_INTEGER *izone = NULL; if(!(izone = M_ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) { - OPENSSL_PUT_ERROR(X509V3, SXNET_add_id_ulong, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); M_ASN1_INTEGER_free(izone); return 0; } @@ -191,12 +191,12 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user, SXNET *sx = NULL; SXNETID *id = NULL; if(!psx || !zone || !user) { - OPENSSL_PUT_ERROR(X509V3, SXNET_add_id_INTEGER, X509V3_R_INVALID_NULL_ARGUMENT); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_ARGUMENT); return 0; } if(userlen == -1) userlen = strlen(user); if(userlen > 64) { - OPENSSL_PUT_ERROR(X509V3, SXNET_add_id_INTEGER, X509V3_R_USER_TOO_LONG); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_USER_TOO_LONG); return 0; } if(!*psx) { @@ -205,7 +205,7 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user, *psx = sx; } else sx = *psx; if(SXNET_get_id_INTEGER(sx, zone)) { - OPENSSL_PUT_ERROR(X509V3, SXNET_add_id_INTEGER, X509V3_R_DUPLICATE_ZONE_ID); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_DUPLICATE_ZONE_ID); return 0; } @@ -218,7 +218,7 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user, return 1; err: - OPENSSL_PUT_ERROR(X509V3, SXNET_add_id_INTEGER, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); SXNETID_free(id); SXNET_free(sx); *psx = NULL; @@ -230,7 +230,7 @@ ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone) ASN1_INTEGER *izone = NULL; ASN1_OCTET_STRING *oct; if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) { - OPENSSL_PUT_ERROR(X509V3, SXNET_get_id_asc, X509V3_R_ERROR_CONVERTING_ZONE); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_ERROR_CONVERTING_ZONE); return NULL; } oct = SXNET_get_id_INTEGER(sx, izone); @@ -243,7 +243,7 @@ ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone) ASN1_INTEGER *izone = NULL; ASN1_OCTET_STRING *oct; if(!(izone = M_ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) { - OPENSSL_PUT_ERROR(X509V3, SXNET_get_id_ulong, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); M_ASN1_INTEGER_free(izone); return NULL; } diff --git a/src/crypto/x509v3/v3_utl.c b/src/crypto/x509v3/v3_utl.c index 77fc65c..aa65c79 100644 --- a/src/crypto/x509v3/v3_utl.c +++ b/src/crypto/x509v3/v3_utl.c @@ -70,6 +70,8 @@ #include #include +#include "../conf/internal.h" + static char *strip_spaces(char *name); static int sk_strcmp(const OPENSSL_STRING *a, const OPENSSL_STRING *b); @@ -91,7 +93,7 @@ int X509V3_add_value(const char *name, const char *value, char *tname = NULL, *tvalue = NULL; if(name && !(tname = BUF_strdup(name))) goto err; if(value && !(tvalue = BUF_strdup(value))) goto err; - if(!(vtmp = (CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) goto err; + if(!(vtmp = CONF_VALUE_new())) goto err; if(!*extlist && !(*extlist = sk_CONF_VALUE_new_null())) goto err; vtmp->section = NULL; vtmp->name = tname; @@ -99,7 +101,7 @@ int X509V3_add_value(const char *name, const char *value, if(!sk_CONF_VALUE_push(*extlist, vtmp)) goto err; return 1; err: - OPENSSL_PUT_ERROR(X509V3, X509V3_add_value, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); if(vtmp) OPENSSL_free(vtmp); if(tname) OPENSSL_free(tname); if(tvalue) OPENSSL_free(tvalue); @@ -145,7 +147,7 @@ char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *a) if(!a) return NULL; if(!(bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) || !(strtmp = BN_bn2dec(bntmp)) ) - OPENSSL_PUT_ERROR(X509V3, i2s_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); BN_free(bntmp); return strtmp; } @@ -157,7 +159,7 @@ char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, ASN1_INTEGER *a) if(!a) return NULL; if(!(bntmp = ASN1_INTEGER_to_BN(a, NULL)) || !(strtmp = BN_bn2dec(bntmp)) ) - OPENSSL_PUT_ERROR(X509V3, i2s_ASN1_INTEGER, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); BN_free(bntmp); return strtmp; } @@ -169,7 +171,7 @@ ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value) int isneg, ishex; int ret; if (!value) { - OPENSSL_PUT_ERROR(X509V3, s2i_ASN1_INTEGER, X509V3_R_INVALID_NULL_VALUE); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_VALUE); return 0; } bn = BN_new(); @@ -188,7 +190,7 @@ ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value) if (!ret || value[ret]) { BN_free(bn); - OPENSSL_PUT_ERROR(X509V3, s2i_ASN1_INTEGER, X509V3_R_BN_DEC2BN_ERROR); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_BN_DEC2BN_ERROR); return 0; } @@ -197,7 +199,7 @@ ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value) aint = BN_to_ASN1_INTEGER(bn, NULL); BN_free(bn); if (!aint) { - OPENSSL_PUT_ERROR(X509V3, s2i_ASN1_INTEGER, X509V3_R_BN_TO_ASN1_INTEGER_ERROR); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_BN_TO_ASN1_INTEGER_ERROR); return 0; } if (isneg) aint->type |= V_ASN1_NEG; @@ -232,7 +234,7 @@ int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool) return 1; } err: - OPENSSL_PUT_ERROR(X509V3, X509V3_get_value_bool, X509V3_R_INVALID_BOOLEAN_STRING); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_BOOLEAN_STRING); X509V3_conf_err(value); return 0; } @@ -264,7 +266,7 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) linebuf = BUF_strdup(line); if (linebuf == NULL) { - OPENSSL_PUT_ERROR(X509V3, X509V3_parse_list, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); goto err; } state = HDR_NAME; @@ -279,7 +281,7 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) *p = 0; ntmp = strip_spaces(q); if(!ntmp) { - OPENSSL_PUT_ERROR(X509V3, X509V3_parse_list, X509V3_R_INVALID_NULL_NAME); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_NAME); goto err; } q = p + 1; @@ -291,7 +293,7 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) printf("%s\n", ntmp); #endif if(!ntmp) { - OPENSSL_PUT_ERROR(X509V3, X509V3_parse_list, X509V3_R_INVALID_NULL_NAME); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_NAME); goto err; } X509V3_add_value(ntmp, NULL, &values); @@ -307,7 +309,7 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) printf("%s\n", ntmp); #endif if(!vtmp) { - OPENSSL_PUT_ERROR(X509V3, X509V3_parse_list, X509V3_R_INVALID_NULL_VALUE); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_VALUE); goto err; } X509V3_add_value(ntmp, vtmp, &values); @@ -324,7 +326,7 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) printf("%s=%s\n", ntmp, vtmp); #endif if(!vtmp) { - OPENSSL_PUT_ERROR(X509V3, X509V3_parse_list, X509V3_R_INVALID_NULL_VALUE); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_VALUE); goto err; } X509V3_add_value(ntmp, vtmp, &values); @@ -334,7 +336,7 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) printf("%s\n", ntmp); #endif if(!ntmp) { - OPENSSL_PUT_ERROR(X509V3, X509V3_parse_list, X509V3_R_INVALID_NULL_NAME); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_NAME); goto err; } X509V3_add_value(ntmp, NULL, &values); @@ -379,7 +381,7 @@ char *hex_to_string(const unsigned char *buffer, long len) static const char hexdig[] = "0123456789ABCDEF"; if(!buffer || !len) return NULL; if(!(tmp = OPENSSL_malloc(len * 3 + 1))) { - OPENSSL_PUT_ERROR(X509V3, hex_to_string, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } q = tmp; @@ -402,7 +404,7 @@ unsigned char *string_to_hex(const char *str, long *len) unsigned char *hexbuf, *q; unsigned char ch, cl, *p; if(!str) { - OPENSSL_PUT_ERROR(X509V3, string_to_hex, X509V3_R_INVALID_NULL_ARGUMENT); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_ARGUMENT); return NULL; } if(!(hexbuf = OPENSSL_malloc(strlen(str) >> 1))) goto err; @@ -411,7 +413,7 @@ unsigned char *string_to_hex(const char *str, long *len) if(ch == ':') continue; cl = *p++; if(!cl) { - OPENSSL_PUT_ERROR(X509V3, string_to_hex, X509V3_R_ODD_NUMBER_OF_DIGITS); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_ODD_NUMBER_OF_DIGITS); OPENSSL_free(hexbuf); return NULL; } @@ -435,12 +437,12 @@ unsigned char *string_to_hex(const char *str, long *len) err: if(hexbuf) OPENSSL_free(hexbuf); - OPENSSL_PUT_ERROR(X509V3, string_to_hex, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; badhex: OPENSSL_free(hexbuf); - OPENSSL_PUT_ERROR(X509V3, string_to_hex, X509V3_R_ILLEGAL_HEX_DIGIT); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_ILLEGAL_HEX_DIGIT); return NULL; } diff --git a/src/crypto/x509v3/v3name_test.c b/src/crypto/x509v3/v3name_test.c new file mode 100644 index 0000000..a3197e6 --- /dev/null +++ b/src/crypto/x509v3/v3name_test.c @@ -0,0 +1,422 @@ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL + * project 1999. */ +/* ==================================================================== + * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). */ + +#include +#include + +#include +#include +#include +#include + + +static const char *const names[] = + { + "a", "b", ".", "*", "@", + ".a", "a.", ".b", "b.", ".*", "*.", "*@", "@*", "a@", "@a", "b@", "..", + "@@", "**", "*.com", "*com", "*.*.com", "*com", "com*", "*example.com", + "*@example.com", "test@*.example.com", "example.com", "www.example.com", + "test.www.example.com", "*.example.com", "*.www.example.com", + "test.*.example.com", "www.*.com", + ".www.example.com", "*www.example.com", + "example.net", "xn--rger-koa.example.com", + "a.example.com", "b.example.com", + "postmaster@example.com", "Postmaster@example.com", + "postmaster@EXAMPLE.COM", + NULL + }; + +static const char *const exceptions[] = + { + "set CN: host: [*.example.com] matches [a.example.com]", + "set CN: host: [*.example.com] matches [b.example.com]", + "set CN: host: [*.example.com] matches [www.example.com]", + "set CN: host: [*.example.com] matches [xn--rger-koa.example.com]", + "set CN: host: [*.www.example.com] matches [test.www.example.com]", + "set CN: host: [*.www.example.com] matches [.www.example.com]", + "set CN: host: [*www.example.com] matches [www.example.com]", + "set CN: host: [test.www.example.com] matches [.www.example.com]", + "set CN: host-no-wildcards: [*.www.example.com] matches [.www.example.com]", + "set CN: host-no-wildcards: [test.www.example.com] matches [.www.example.com]", + "set emailAddress: email: [postmaster@example.com] does not match [Postmaster@example.com]", + "set emailAddress: email: [postmaster@EXAMPLE.COM] does not match [Postmaster@example.com]", + "set emailAddress: email: [Postmaster@example.com] does not match [postmaster@example.com]", + "set emailAddress: email: [Postmaster@example.com] does not match [postmaster@EXAMPLE.COM]", + "set dnsName: host: [*.example.com] matches [www.example.com]", + "set dnsName: host: [*.example.com] matches [a.example.com]", + "set dnsName: host: [*.example.com] matches [b.example.com]", + "set dnsName: host: [*.example.com] matches [xn--rger-koa.example.com]", + "set dnsName: host: [*.www.example.com] matches [test.www.example.com]", + "set dnsName: host-no-wildcards: [*.www.example.com] matches [.www.example.com]", + "set dnsName: host-no-wildcards: [test.www.example.com] matches [.www.example.com]", + "set dnsName: host: [*.www.example.com] matches [.www.example.com]", + "set dnsName: host: [*www.example.com] matches [www.example.com]", + "set dnsName: host: [test.www.example.com] matches [.www.example.com]", + "set rfc822Name: email: [postmaster@example.com] does not match [Postmaster@example.com]", + "set rfc822Name: email: [Postmaster@example.com] does not match [postmaster@example.com]", + "set rfc822Name: email: [Postmaster@example.com] does not match [postmaster@EXAMPLE.COM]", + "set rfc822Name: email: [postmaster@EXAMPLE.COM] does not match [Postmaster@example.com]", + NULL + }; + +static int is_exception(const char *msg) + { + const char *const *p; + for (p = exceptions; *p; ++p) + if (strcmp(msg, *p) == 0) + return 1; + return 0; + } + +static int set_cn(X509 *crt, ...) + { + int ret = 0; + X509_NAME *n = NULL; + va_list ap; + va_start(ap, crt); + n = X509_NAME_new(); + if (n == NULL) + goto out; + while (1) { + int nid; + const char *name; + nid = va_arg(ap, int); + if (nid == 0) + break; + name = va_arg(ap, const char *); + if (!X509_NAME_add_entry_by_NID(n, nid, MBSTRING_ASC, + (unsigned char *)name, + -1, -1, 1)) + goto out; + } + if (!X509_set_subject_name(crt, n)) + goto out; + ret = 1; + out: + X509_NAME_free(n); + va_end(ap); + return ret; + } + +/* +int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); +X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, + int nid, int crit, ASN1_OCTET_STRING *data); +int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); +*/ + +static int set_altname(X509 *crt, ...) + { + int ret = 0; + GENERAL_NAMES *gens = NULL; + GENERAL_NAME *gen = NULL; + ASN1_IA5STRING *ia5 = NULL; + va_list ap; + va_start(ap, crt); + gens = sk_GENERAL_NAME_new_null(); + if (gens == NULL) + goto out; + while (1) { + int type; + const char *name; + type = va_arg(ap, int); + if (type == 0) + break; + name = va_arg(ap, const char *); + + gen = GENERAL_NAME_new(); + if (gen == NULL) + goto out; + ia5 = ASN1_IA5STRING_new(); + if (ia5 == NULL) + goto out; + if (!ASN1_STRING_set(ia5, name, -1)) + goto out; + switch (type) + { + case GEN_EMAIL: + case GEN_DNS: + GENERAL_NAME_set0_value(gen, type, ia5); + ia5 = NULL; + break; + default: + abort(); + } + sk_GENERAL_NAME_push(gens, gen); + gen = NULL; + } + if (!X509_add1_ext_i2d(crt, NID_subject_alt_name, gens, 0, 0)) + goto out; + ret = 1; + out: + ASN1_IA5STRING_free(ia5); + GENERAL_NAME_free(gen); + GENERAL_NAMES_free(gens); + va_end(ap); + return ret; + } + +static int set_cn1(X509 *crt, const char *name) + { + return set_cn(crt, NID_commonName, name, 0); + } + + +static int set_cn_and_email(X509 *crt, const char *name) + { + return set_cn(crt, NID_commonName, name, + NID_pkcs9_emailAddress, "dummy@example.com", 0); + } + +static int set_cn2(X509 *crt, const char *name) + { + return set_cn(crt, NID_commonName, "dummy value", + NID_commonName, name, 0); + } + +static int set_cn3(X509 *crt, const char *name) + { + return set_cn(crt, NID_commonName, name, + NID_commonName, "dummy value", 0); + } + +static int set_email1(X509 *crt, const char *name) + { + return set_cn(crt, NID_pkcs9_emailAddress, name, 0); + } + +static int set_email2(X509 *crt, const char *name) + { + return set_cn(crt, NID_pkcs9_emailAddress, "dummy@example.com", + NID_pkcs9_emailAddress, name, 0); + } + +static int set_email3(X509 *crt, const char *name) + { + return set_cn(crt, NID_pkcs9_emailAddress, name, + NID_pkcs9_emailAddress, "dummy@example.com", 0); + } + +static int set_email_and_cn(X509 *crt, const char *name) + { + return set_cn(crt, NID_pkcs9_emailAddress, name, + NID_commonName, "www.example.org", 0); + } + +static int set_altname_dns(X509 *crt, const char *name) + { + return set_altname(crt, GEN_DNS, name, 0); + } + +static int set_altname_email(X509 *crt, const char *name) + { + return set_altname(crt, GEN_EMAIL, name, 0); + } + +struct set_name_fn + { + int (*fn)(X509 *, const char *); + const char *name; + int host; + int email; + }; + +static const struct set_name_fn name_fns[] = + { + {set_cn1, "set CN", 1, 0}, + {set_cn2, "set CN", 1, 0}, + {set_cn3, "set CN", 1, 0}, + {set_cn_and_email, "set CN", 1, 0}, + {set_email1, "set emailAddress", 0, 1}, + {set_email2, "set emailAddress", 0, 1}, + {set_email3, "set emailAddress", 0, 1}, + {set_email_and_cn, "set emailAddress", 0, 1}, + {set_altname_dns, "set dnsName", 1, 0}, + {set_altname_email, "set rfc822Name", 0, 1}, + {NULL, NULL, 0} + }; + +static X509 *make_cert(void) + { + X509 *ret = NULL; + X509 *crt = NULL; + X509_NAME *issuer = NULL; + crt = X509_new(); + if (crt == NULL) + goto out; + if (!X509_set_version(crt, 3)) + goto out; + ret = crt; + crt = NULL; + out: + X509_NAME_free(issuer); + return ret; + } + +static int errors; + +static void check_message(const struct set_name_fn *fn, const char *op, + const char *nameincert, int match, const char *name) + { + char msg[1024]; + if (match < 0) + return; + BIO_snprintf(msg, sizeof(msg), "%s: %s: [%s] %s [%s]", + fn->name, op, nameincert, + match ? "matches" : "does not match", name); + if (is_exception(msg)) + return; + puts(msg); + ++errors; + } + +static void run_cert(X509 *crt, const char *nameincert, + const struct set_name_fn *fn) + { + const char *const *pname = names; + while (*pname) + { + int samename = OPENSSL_strcasecmp(nameincert, *pname) == 0; + size_t namelen = strlen(*pname); + char *name = malloc(namelen); + int match, ret; + memcpy(name, *pname, namelen); + + ret = X509_check_host(crt, name, namelen, 0, NULL); + match = -1; + if (ret < 0) + { + fprintf(stderr, "internal error in X509_check_host"); + ++errors; + } + else if (fn->host) + { + if (ret == 1 && !samename) + match = 1; + if (ret == 0 && samename) + match = 0; + } + else if (ret == 1) + match = 1; + check_message(fn, "host", nameincert, match, *pname); + + ret = X509_check_host(crt, name, namelen, + X509_CHECK_FLAG_NO_WILDCARDS, NULL); + match = -1; + if (ret < 0) + { + fprintf(stderr, "internal error in X509_check_host"); + ++errors; + } + else if (fn->host) + { + if (ret == 1 && !samename) + match = 1; + if (ret == 0 && samename) + match = 0; + } + else if (ret == 1) + match = 1; + check_message(fn, "host-no-wildcards", + nameincert, match, *pname); + + ret = X509_check_email(crt, name, namelen, 0); + match = -1; + if (fn->email) + { + if (ret && !samename) + match = 1; + if (!ret && samename && strchr(nameincert, '@') != NULL) + match = 0; + } + else if (ret) + match = 1; + check_message(fn, "email", nameincert, match, *pname); + ++pname; + free(name); + } + } + +int +main(void) + { + CRYPTO_library_init(); + + const struct set_name_fn *pfn = name_fns; + while (pfn->name) { + const char *const *pname = names; + while (*pname) + { + X509 *crt = make_cert(); + if (crt == NULL) + { + fprintf(stderr, "make_cert failed\n"); + return 1; + } + if (!pfn->fn(crt, *pname)) + { + fprintf(stderr, "X509 name setting failed\n"); + return 1; + } + run_cert(crt, *pname, pfn); + X509_free(crt); + ++pname; + } + ++pfn; + } + if (errors == 0) { + printf("PASS\n"); + } + return errors > 0 ? 1 : 0; + } diff --git a/src/crypto/x509v3/v3nametest.c b/src/crypto/x509v3/v3nametest.c deleted file mode 100644 index a3197e6..0000000 --- a/src/crypto/x509v3/v3nametest.c +++ /dev/null @@ -1,422 +0,0 @@ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. */ -/* ==================================================================== - * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). */ - -#include -#include - -#include -#include -#include -#include - - -static const char *const names[] = - { - "a", "b", ".", "*", "@", - ".a", "a.", ".b", "b.", ".*", "*.", "*@", "@*", "a@", "@a", "b@", "..", - "@@", "**", "*.com", "*com", "*.*.com", "*com", "com*", "*example.com", - "*@example.com", "test@*.example.com", "example.com", "www.example.com", - "test.www.example.com", "*.example.com", "*.www.example.com", - "test.*.example.com", "www.*.com", - ".www.example.com", "*www.example.com", - "example.net", "xn--rger-koa.example.com", - "a.example.com", "b.example.com", - "postmaster@example.com", "Postmaster@example.com", - "postmaster@EXAMPLE.COM", - NULL - }; - -static const char *const exceptions[] = - { - "set CN: host: [*.example.com] matches [a.example.com]", - "set CN: host: [*.example.com] matches [b.example.com]", - "set CN: host: [*.example.com] matches [www.example.com]", - "set CN: host: [*.example.com] matches [xn--rger-koa.example.com]", - "set CN: host: [*.www.example.com] matches [test.www.example.com]", - "set CN: host: [*.www.example.com] matches [.www.example.com]", - "set CN: host: [*www.example.com] matches [www.example.com]", - "set CN: host: [test.www.example.com] matches [.www.example.com]", - "set CN: host-no-wildcards: [*.www.example.com] matches [.www.example.com]", - "set CN: host-no-wildcards: [test.www.example.com] matches [.www.example.com]", - "set emailAddress: email: [postmaster@example.com] does not match [Postmaster@example.com]", - "set emailAddress: email: [postmaster@EXAMPLE.COM] does not match [Postmaster@example.com]", - "set emailAddress: email: [Postmaster@example.com] does not match [postmaster@example.com]", - "set emailAddress: email: [Postmaster@example.com] does not match [postmaster@EXAMPLE.COM]", - "set dnsName: host: [*.example.com] matches [www.example.com]", - "set dnsName: host: [*.example.com] matches [a.example.com]", - "set dnsName: host: [*.example.com] matches [b.example.com]", - "set dnsName: host: [*.example.com] matches [xn--rger-koa.example.com]", - "set dnsName: host: [*.www.example.com] matches [test.www.example.com]", - "set dnsName: host-no-wildcards: [*.www.example.com] matches [.www.example.com]", - "set dnsName: host-no-wildcards: [test.www.example.com] matches [.www.example.com]", - "set dnsName: host: [*.www.example.com] matches [.www.example.com]", - "set dnsName: host: [*www.example.com] matches [www.example.com]", - "set dnsName: host: [test.www.example.com] matches [.www.example.com]", - "set rfc822Name: email: [postmaster@example.com] does not match [Postmaster@example.com]", - "set rfc822Name: email: [Postmaster@example.com] does not match [postmaster@example.com]", - "set rfc822Name: email: [Postmaster@example.com] does not match [postmaster@EXAMPLE.COM]", - "set rfc822Name: email: [postmaster@EXAMPLE.COM] does not match [Postmaster@example.com]", - NULL - }; - -static int is_exception(const char *msg) - { - const char *const *p; - for (p = exceptions; *p; ++p) - if (strcmp(msg, *p) == 0) - return 1; - return 0; - } - -static int set_cn(X509 *crt, ...) - { - int ret = 0; - X509_NAME *n = NULL; - va_list ap; - va_start(ap, crt); - n = X509_NAME_new(); - if (n == NULL) - goto out; - while (1) { - int nid; - const char *name; - nid = va_arg(ap, int); - if (nid == 0) - break; - name = va_arg(ap, const char *); - if (!X509_NAME_add_entry_by_NID(n, nid, MBSTRING_ASC, - (unsigned char *)name, - -1, -1, 1)) - goto out; - } - if (!X509_set_subject_name(crt, n)) - goto out; - ret = 1; - out: - X509_NAME_free(n); - va_end(ap); - return ret; - } - -/* -int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); -X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, - int nid, int crit, ASN1_OCTET_STRING *data); -int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); -*/ - -static int set_altname(X509 *crt, ...) - { - int ret = 0; - GENERAL_NAMES *gens = NULL; - GENERAL_NAME *gen = NULL; - ASN1_IA5STRING *ia5 = NULL; - va_list ap; - va_start(ap, crt); - gens = sk_GENERAL_NAME_new_null(); - if (gens == NULL) - goto out; - while (1) { - int type; - const char *name; - type = va_arg(ap, int); - if (type == 0) - break; - name = va_arg(ap, const char *); - - gen = GENERAL_NAME_new(); - if (gen == NULL) - goto out; - ia5 = ASN1_IA5STRING_new(); - if (ia5 == NULL) - goto out; - if (!ASN1_STRING_set(ia5, name, -1)) - goto out; - switch (type) - { - case GEN_EMAIL: - case GEN_DNS: - GENERAL_NAME_set0_value(gen, type, ia5); - ia5 = NULL; - break; - default: - abort(); - } - sk_GENERAL_NAME_push(gens, gen); - gen = NULL; - } - if (!X509_add1_ext_i2d(crt, NID_subject_alt_name, gens, 0, 0)) - goto out; - ret = 1; - out: - ASN1_IA5STRING_free(ia5); - GENERAL_NAME_free(gen); - GENERAL_NAMES_free(gens); - va_end(ap); - return ret; - } - -static int set_cn1(X509 *crt, const char *name) - { - return set_cn(crt, NID_commonName, name, 0); - } - - -static int set_cn_and_email(X509 *crt, const char *name) - { - return set_cn(crt, NID_commonName, name, - NID_pkcs9_emailAddress, "dummy@example.com", 0); - } - -static int set_cn2(X509 *crt, const char *name) - { - return set_cn(crt, NID_commonName, "dummy value", - NID_commonName, name, 0); - } - -static int set_cn3(X509 *crt, const char *name) - { - return set_cn(crt, NID_commonName, name, - NID_commonName, "dummy value", 0); - } - -static int set_email1(X509 *crt, const char *name) - { - return set_cn(crt, NID_pkcs9_emailAddress, name, 0); - } - -static int set_email2(X509 *crt, const char *name) - { - return set_cn(crt, NID_pkcs9_emailAddress, "dummy@example.com", - NID_pkcs9_emailAddress, name, 0); - } - -static int set_email3(X509 *crt, const char *name) - { - return set_cn(crt, NID_pkcs9_emailAddress, name, - NID_pkcs9_emailAddress, "dummy@example.com", 0); - } - -static int set_email_and_cn(X509 *crt, const char *name) - { - return set_cn(crt, NID_pkcs9_emailAddress, name, - NID_commonName, "www.example.org", 0); - } - -static int set_altname_dns(X509 *crt, const char *name) - { - return set_altname(crt, GEN_DNS, name, 0); - } - -static int set_altname_email(X509 *crt, const char *name) - { - return set_altname(crt, GEN_EMAIL, name, 0); - } - -struct set_name_fn - { - int (*fn)(X509 *, const char *); - const char *name; - int host; - int email; - }; - -static const struct set_name_fn name_fns[] = - { - {set_cn1, "set CN", 1, 0}, - {set_cn2, "set CN", 1, 0}, - {set_cn3, "set CN", 1, 0}, - {set_cn_and_email, "set CN", 1, 0}, - {set_email1, "set emailAddress", 0, 1}, - {set_email2, "set emailAddress", 0, 1}, - {set_email3, "set emailAddress", 0, 1}, - {set_email_and_cn, "set emailAddress", 0, 1}, - {set_altname_dns, "set dnsName", 1, 0}, - {set_altname_email, "set rfc822Name", 0, 1}, - {NULL, NULL, 0} - }; - -static X509 *make_cert(void) - { - X509 *ret = NULL; - X509 *crt = NULL; - X509_NAME *issuer = NULL; - crt = X509_new(); - if (crt == NULL) - goto out; - if (!X509_set_version(crt, 3)) - goto out; - ret = crt; - crt = NULL; - out: - X509_NAME_free(issuer); - return ret; - } - -static int errors; - -static void check_message(const struct set_name_fn *fn, const char *op, - const char *nameincert, int match, const char *name) - { - char msg[1024]; - if (match < 0) - return; - BIO_snprintf(msg, sizeof(msg), "%s: %s: [%s] %s [%s]", - fn->name, op, nameincert, - match ? "matches" : "does not match", name); - if (is_exception(msg)) - return; - puts(msg); - ++errors; - } - -static void run_cert(X509 *crt, const char *nameincert, - const struct set_name_fn *fn) - { - const char *const *pname = names; - while (*pname) - { - int samename = OPENSSL_strcasecmp(nameincert, *pname) == 0; - size_t namelen = strlen(*pname); - char *name = malloc(namelen); - int match, ret; - memcpy(name, *pname, namelen); - - ret = X509_check_host(crt, name, namelen, 0, NULL); - match = -1; - if (ret < 0) - { - fprintf(stderr, "internal error in X509_check_host"); - ++errors; - } - else if (fn->host) - { - if (ret == 1 && !samename) - match = 1; - if (ret == 0 && samename) - match = 0; - } - else if (ret == 1) - match = 1; - check_message(fn, "host", nameincert, match, *pname); - - ret = X509_check_host(crt, name, namelen, - X509_CHECK_FLAG_NO_WILDCARDS, NULL); - match = -1; - if (ret < 0) - { - fprintf(stderr, "internal error in X509_check_host"); - ++errors; - } - else if (fn->host) - { - if (ret == 1 && !samename) - match = 1; - if (ret == 0 && samename) - match = 0; - } - else if (ret == 1) - match = 1; - check_message(fn, "host-no-wildcards", - nameincert, match, *pname); - - ret = X509_check_email(crt, name, namelen, 0); - match = -1; - if (fn->email) - { - if (ret && !samename) - match = 1; - if (!ret && samename && strchr(nameincert, '@') != NULL) - match = 0; - } - else if (ret) - match = 1; - check_message(fn, "email", nameincert, match, *pname); - ++pname; - free(name); - } - } - -int -main(void) - { - CRYPTO_library_init(); - - const struct set_name_fn *pfn = name_fns; - while (pfn->name) { - const char *const *pname = names; - while (*pname) - { - X509 *crt = make_cert(); - if (crt == NULL) - { - fprintf(stderr, "make_cert failed\n"); - return 1; - } - if (!pfn->fn(crt, *pname)) - { - fprintf(stderr, "X509 name setting failed\n"); - return 1; - } - run_cert(crt, *pname, pfn); - X509_free(crt); - ++pname; - } - ++pfn; - } - if (errors == 0) { - printf("PASS\n"); - } - return errors > 0 ? 1 : 0; - } -- cgit v1.1 From a04d78d392463df4e69a64360c952ffa5abd22f7 Mon Sep 17 00:00:00 2001 From: Kenny Root Date: Fri, 25 Sep 2015 00:26:37 +0000 Subject: Revert "external/boringssl: sync with upstream." This reverts commit 1e4884f615b20946411a74e41eb9c6aa65e2d5f3. This breaks some x86 builds. Change-Id: I4d4310663ce52bc0a130e6b9dbc22b868ff4fb25 --- src/crypto/CMakeLists.txt | 7 +- src/crypto/aes/CMakeLists.txt | 11 +- src/crypto/aes/aes_test.cc | 102 ---- src/crypto/aes/asm/aes-586.pl | 6 +- src/crypto/aes/asm/aes-armv4.pl | 2 +- src/crypto/aes/asm/aesv8-armx.pl | 2 +- src/crypto/aes/asm/bsaes-armv7.pl | 2 +- src/crypto/arm_arch.h | 136 +++++ src/crypto/asn1/CMakeLists.txt | 2 +- src/crypto/asn1/a_bitstr.c | 11 +- src/crypto/asn1/a_bool.c | 2 +- src/crypto/asn1/a_bytes.c | 6 +- src/crypto/asn1/a_d2i_fp.c | 24 +- src/crypto/asn1/a_dup.c | 4 +- src/crypto/asn1/a_enum.c | 8 +- src/crypto/asn1/a_gentm.c | 2 +- src/crypto/asn1/a_i2d_fp.c | 10 +- src/crypto/asn1/a_int.c | 12 +- src/crypto/asn1/a_mbstr.c | 20 +- src/crypto/asn1/a_object.c | 22 +- src/crypto/asn1/a_strnid.c | 4 +- src/crypto/asn1/a_time.c | 4 +- src/crypto/asn1/a_utctm.c | 6 +- src/crypto/asn1/asn1_lib.c | 15 +- src/crypto/asn1/asn_pack.c | 8 +- src/crypto/asn1/bio_ndef.c | 2 +- src/crypto/asn1/f_enum.c | 8 +- src/crypto/asn1/f_int.c | 8 +- src/crypto/asn1/f_string.c | 8 +- src/crypto/asn1/tasn_dec.c | 111 ++-- src/crypto/asn1/tasn_new.c | 6 +- src/crypto/asn1/tasn_prn.c | 2 +- src/crypto/asn1/tasn_utl.c | 3 +- src/crypto/asn1/x_long.c | 4 +- src/crypto/base64/CMakeLists.txt | 2 +- src/crypto/bio/CMakeLists.txt | 2 +- src/crypto/bio/bio.c | 14 +- src/crypto/bio/bio_mem.c | 4 +- src/crypto/bio/buffer.c | 2 +- src/crypto/bio/connect.c | 16 +- src/crypto/bio/file.c | 21 +- src/crypto/bio/pair.c | 62 +- src/crypto/bio/printf.c | 2 +- src/crypto/bio/socket_helper.c | 5 +- src/crypto/bn/CMakeLists.txt | 3 +- src/crypto/bn/add.c | 2 +- src/crypto/bn/asm/armv4-mont.pl | 2 +- src/crypto/bn/bn.c | 20 +- src/crypto/bn/bn_asn1.c | 93 --- src/crypto/bn/bn_test.cc | 376 ++---------- src/crypto/bn/convert.c | 178 ++---- src/crypto/bn/ctx.c | 6 +- src/crypto/bn/div.c | 6 +- src/crypto/bn/exponentiation.c | 30 +- src/crypto/bn/gcd.c | 32 +- src/crypto/bn/internal.h | 4 +- src/crypto/bn/montgomery.c | 6 - src/crypto/bn/mul.c | 8 +- src/crypto/bn/prime.c | 9 +- src/crypto/bn/random.c | 14 +- src/crypto/bn/rsaz_exp.h | 68 +-- src/crypto/bn/shift.c | 4 +- src/crypto/bn/sqrt.c | 24 +- src/crypto/buf/CMakeLists.txt | 2 +- src/crypto/buf/buf.c | 14 +- src/crypto/bytestring/CMakeLists.txt | 2 +- src/crypto/bytestring/bytestring_test.cc | 13 +- src/crypto/bytestring/cbb.c | 9 - src/crypto/bytestring/cbs.c | 20 +- src/crypto/bytestring/internal.h | 8 + src/crypto/chacha/CMakeLists.txt | 2 +- src/crypto/chacha/chacha_vec_arm.S | 2 - src/crypto/chacha/chacha_vec_arm_generate.go | 4 +- src/crypto/cipher/CMakeLists.txt | 2 +- src/crypto/cipher/aead.c | 15 +- src/crypto/cipher/aead_test.cc | 62 +- src/crypto/cipher/cipher.c | 41 +- src/crypto/cipher/cipher_test.cc | 57 +- src/crypto/cipher/e_aes.c | 108 ++-- src/crypto/cipher/e_chacha20poly1305.c | 22 +- src/crypto/cipher/e_des.c | 78 +-- src/crypto/cipher/e_rc2.c | 27 +- src/crypto/cipher/e_rc4.c | 22 +- src/crypto/cipher/e_ssl3.c | 56 +- src/crypto/cipher/e_tls.c | 56 +- src/crypto/cipher/test/aes_128_gcm_tests.txt | 6 - src/crypto/cipher/test/cipher_test.txt | 60 -- src/crypto/cmac/CMakeLists.txt | 4 +- src/crypto/cmac/cmac_test.cc | 13 +- src/crypto/conf/CMakeLists.txt | 2 +- src/crypto/conf/conf.c | 64 +- src/crypto/conf/internal.h | 31 - src/crypto/cpu-arm.c | 6 +- src/crypto/cpu-intel.c | 157 +---- src/crypto/cpu-x86-asm.pl | 334 ++++++++++ src/crypto/cpu-x86_64-asm.pl | 163 +++++ src/crypto/crypto.c | 2 +- src/crypto/des/CMakeLists.txt | 2 +- src/crypto/des/des.c | 157 +++-- src/crypto/des/internal.h | 10 +- src/crypto/dh/CMakeLists.txt | 2 +- src/crypto/dh/dh.c | 2 +- src/crypto/dh/dh_impl.c | 14 +- src/crypto/digest/CMakeLists.txt | 2 +- src/crypto/digest/digest.c | 32 +- src/crypto/digest/digests.c | 3 +- src/crypto/digest/internal.h | 17 +- src/crypto/dsa/CMakeLists.txt | 2 +- src/crypto/dsa/dsa.c | 2 +- src/crypto/dsa/dsa_asn1.c | 2 +- src/crypto/dsa/dsa_impl.c | 42 +- src/crypto/ec/CMakeLists.txt | 2 +- src/crypto/ec/ec.c | 127 ++-- src/crypto/ec/ec_asn1.c | 77 +-- src/crypto/ec/ec_key.c | 32 +- src/crypto/ec/ec_montgomery.c | 12 +- src/crypto/ec/oct.c | 59 +- src/crypto/ec/p256-64.c | 26 +- src/crypto/ec/simple.c | 20 +- src/crypto/ec/wnaf.c | 58 +- src/crypto/ecdh/CMakeLists.txt | 2 +- src/crypto/ecdh/ecdh.c | 14 +- src/crypto/ecdsa/CMakeLists.txt | 2 +- src/crypto/ecdsa/ecdsa.c | 119 ++-- src/crypto/ecdsa/ecdsa_asn1.c | 183 ++---- src/crypto/ecdsa/ecdsa_test.cc | 55 +- src/crypto/engine/CMakeLists.txt | 2 +- src/crypto/err/CMakeLists.txt | 4 +- src/crypto/err/asn1.errordata | 240 +++++--- src/crypto/err/bio.errordata | 53 +- src/crypto/err/bn.errordata | 63 +- src/crypto/err/buf.errordata | 4 + src/crypto/err/cipher.errordata | 85 ++- src/crypto/err/conf.errordata | 16 +- src/crypto/err/crypto.errordata | 4 + src/crypto/err/dh.errordata | 12 +- src/crypto/err/digest.errordata | 4 +- src/crypto/err/dsa.errordata | 13 +- src/crypto/err/ec.errordata | 123 +++- src/crypto/err/ecdh.errordata | 7 +- src/crypto/err/ecdsa.errordata | 16 +- src/crypto/err/engine.errordata | 2 +- src/crypto/err/err.c | 132 ++-- src/crypto/err/err_data_generate.go | 32 +- src/crypto/err/err_test.cc | 50 +- src/crypto/err/evp.errordata | 160 +++-- src/crypto/err/hkdf.errordata | 3 +- src/crypto/err/obj.errordata | 6 +- src/crypto/err/pem.errordata | 54 +- src/crypto/err/pkcs8.errordata | 68 ++- src/crypto/err/rsa.errordata | 115 ++-- src/crypto/err/ssl.errordata | 604 ++++++++++++------- src/crypto/err/x509.errordata | 133 ++-- src/crypto/err/x509v3.errordata | 183 ++++-- src/crypto/evp/CMakeLists.txt | 6 +- src/crypto/evp/algorithm.c | 18 +- src/crypto/evp/asn1.c | 167 +++++ src/crypto/evp/digestsign.c | 72 ++- src/crypto/evp/evp.c | 53 +- src/crypto/evp/evp_asn1.c | 166 ----- src/crypto/evp/evp_ctx.c | 77 ++- src/crypto/evp/evp_extra_test.cc | 4 +- src/crypto/evp/evp_test.cc | 64 +- src/crypto/evp/evp_tests.txt | 5 +- src/crypto/evp/internal.h | 69 ++- src/crypto/evp/p_dsa_asn1.c | 44 +- src/crypto/evp/p_ec.c | 52 +- src/crypto/evp/p_ec_asn1.c | 42 +- src/crypto/evp/p_hmac.c | 223 +++++++ src/crypto/evp/p_hmac_asn1.c | 89 +++ src/crypto/evp/p_rsa.c | 49 +- src/crypto/evp/p_rsa_asn1.c | 116 ++-- src/crypto/ex_data.c | 31 +- src/crypto/hkdf/CMakeLists.txt | 2 +- src/crypto/hkdf/hkdf.c | 4 +- src/crypto/hmac/CMakeLists.txt | 2 +- src/crypto/hmac/hmac.c | 2 +- src/crypto/hmac/hmac_tests.txt | 3 + src/crypto/internal.h | 8 +- src/crypto/lhash/CMakeLists.txt | 2 +- src/crypto/lhash/lhash.c | 3 +- src/crypto/md4/CMakeLists.txt | 2 +- src/crypto/md5/CMakeLists.txt | 2 +- src/crypto/md5/md5.c | 3 +- src/crypto/mem.c | 3 +- src/crypto/modes/CMakeLists.txt | 2 +- src/crypto/modes/asm/ghash-armv4.pl | 10 +- src/crypto/modes/asm/ghash-x86.pl | 2 +- src/crypto/modes/asm/ghash-x86_64.pl | 8 +- src/crypto/modes/asm/ghashv8-armx.pl | 24 +- src/crypto/modes/gcm.c | 8 +- src/crypto/modes/gcm_test.c | 16 +- src/crypto/modes/internal.h | 5 + src/crypto/obj/CMakeLists.txt | 2 +- src/crypto/obj/obj.c | 10 +- src/crypto/pem/CMakeLists.txt | 2 +- src/crypto/pem/pem_info.c | 14 +- src/crypto/pem/pem_lib.c | 67 +-- src/crypto/pem/pem_oth.c | 2 +- src/crypto/pem/pem_pk8.c | 10 +- src/crypto/pem/pem_pkey.c | 14 +- src/crypto/perlasm/arm-xlate.pl | 5 - src/crypto/pkcs8/CMakeLists.txt | 9 +- src/crypto/pkcs8/internal.h | 9 - src/crypto/pkcs8/p5_pbe.c | 10 +- src/crypto/pkcs8/p5_pbev2.c | 144 +---- src/crypto/pkcs8/pkcs8.c | 255 ++++---- src/crypto/pkcs8/pkcs8_test.cc | 91 --- src/crypto/poly1305/CMakeLists.txt | 11 +- src/crypto/poly1305/poly1305_test.cc | 81 --- src/crypto/poly1305/poly1305_test.txt | 52 -- src/crypto/rand/CMakeLists.txt | 2 +- src/crypto/rand/hwrand.c | 21 +- src/crypto/rand/internal.h | 10 +- src/crypto/rand/rand.c | 27 +- src/crypto/rand/urandom.c | 292 +++++---- src/crypto/rc4/CMakeLists.txt | 2 +- src/crypto/rc4/asm/rc4-x86_64.pl | 2 +- src/crypto/rsa/CMakeLists.txt | 4 +- src/crypto/rsa/blinding.c | 24 +- src/crypto/rsa/internal.h | 34 +- src/crypto/rsa/padding.c | 110 ++-- src/crypto/rsa/rsa.c | 143 ++--- src/crypto/rsa/rsa_asn1.c | 421 ++----------- src/crypto/rsa/rsa_impl.c | 311 ++-------- src/crypto/rsa/rsa_test.c | 511 ++++++++++++++++ src/crypto/rsa/rsa_test.cc | 869 --------------------------- src/crypto/sha/CMakeLists.txt | 2 +- src/crypto/sha/asm/sha1-586.pl | 4 +- src/crypto/sha/asm/sha1-armv4-large.pl | 2 +- src/crypto/sha/asm/sha1-armv8.pl | 2 +- src/crypto/sha/asm/sha256-586.pl | 2 +- src/crypto/sha/asm/sha256-armv4.pl | 2 +- src/crypto/sha/asm/sha512-586.pl | 2 +- src/crypto/sha/asm/sha512-armv4.pl | 2 +- src/crypto/sha/asm/sha512-armv8.pl | 2 +- src/crypto/stack/CMakeLists.txt | 2 +- src/crypto/test/CMakeLists.txt | 1 - src/crypto/test/file_test.cc | 1 - src/crypto/test/file_test.h | 8 - src/crypto/test/malloc.cc | 17 +- src/crypto/test/scoped_types.h | 5 - src/crypto/test/test_util.cc | 30 - src/crypto/test/test_util.h | 35 -- src/crypto/x509/CMakeLists.txt | 3 +- src/crypto/x509/a_digest.c | 2 +- src/crypto/x509/a_sign.c | 4 +- src/crypto/x509/a_verify.c | 10 +- src/crypto/x509/asn1_gen.c | 62 +- src/crypto/x509/by_dir.c | 12 +- src/crypto/x509/by_file.c | 22 +- src/crypto/x509/i2d_pr.c | 2 +- src/crypto/x509/pkcs7.c | 12 +- src/crypto/x509/t_crl.c | 2 +- src/crypto/x509/t_req.c | 246 -------- src/crypto/x509/t_x509.c | 4 +- src/crypto/x509/x509_att.c | 16 +- src/crypto/x509/x509_cmp.c | 6 +- src/crypto/x509/x509_lu.c | 14 +- src/crypto/x509/x509_obj.c | 2 +- src/crypto/x509/x509_r2x.c | 2 +- src/crypto/x509/x509_req.c | 12 +- src/crypto/x509/x509_trs.c | 10 +- src/crypto/x509/x509_v3.c | 8 +- src/crypto/x509/x509_vfy.c | 54 +- src/crypto/x509/x509cset.c | 7 - src/crypto/x509/x509name.c | 8 +- src/crypto/x509/x509spki.c | 12 +- src/crypto/x509/x_all.c | 25 +- src/crypto/x509/x_crl.c | 2 +- src/crypto/x509/x_info.c | 2 +- src/crypto/x509/x_name.c | 6 +- src/crypto/x509/x_pkey.c | 2 +- src/crypto/x509/x_pubkey.c | 20 +- src/crypto/x509/x_x509a.c | 48 +- src/crypto/x509v3/CMakeLists.txt | 6 +- src/crypto/x509v3/tab_test.c | 103 ---- src/crypto/x509v3/tabtest.c | 103 ++++ src/crypto/x509v3/v3_akey.c | 10 +- src/crypto/x509v3/v3_alt.c | 40 +- src/crypto/x509v3/v3_bcons.c | 4 +- src/crypto/x509v3/v3_bitst.c | 6 +- src/crypto/x509v3/v3_conf.c | 26 +- src/crypto/x509v3/v3_cpols.c | 40 +- src/crypto/x509v3/v3_crld.c | 14 +- src/crypto/x509v3/v3_extku.c | 4 +- src/crypto/x509v3/v3_ia5.c | 6 +- src/crypto/x509v3/v3_info.c | 12 +- src/crypto/x509v3/v3_lib.c | 16 +- src/crypto/x509v3/v3_ncons.c | 4 +- src/crypto/x509v3/v3_pci.c | 35 +- src/crypto/x509v3/v3_pcons.c | 6 +- src/crypto/x509v3/v3_pmaps.c | 8 +- src/crypto/x509v3/v3_purp.c | 10 +- src/crypto/x509v3/v3_skey.c | 10 +- src/crypto/x509v3/v3_sxnet.c | 16 +- src/crypto/x509v3/v3_utl.c | 40 +- src/crypto/x509v3/v3name_test.c | 422 ------------- src/crypto/x509v3/v3nametest.c | 422 +++++++++++++ 299 files changed, 6241 insertions(+), 7231 deletions(-) delete mode 100644 src/crypto/aes/aes_test.cc create mode 100644 src/crypto/arm_arch.h delete mode 100644 src/crypto/bn/bn_asn1.c delete mode 100644 src/crypto/conf/internal.h create mode 100644 src/crypto/cpu-x86-asm.pl create mode 100644 src/crypto/cpu-x86_64-asm.pl create mode 100644 src/crypto/err/buf.errordata create mode 100644 src/crypto/err/crypto.errordata create mode 100644 src/crypto/evp/asn1.c delete mode 100644 src/crypto/evp/evp_asn1.c create mode 100644 src/crypto/evp/p_hmac.c create mode 100644 src/crypto/evp/p_hmac_asn1.c delete mode 100644 src/crypto/pkcs8/pkcs8_test.cc delete mode 100644 src/crypto/poly1305/poly1305_test.cc delete mode 100644 src/crypto/poly1305/poly1305_test.txt create mode 100644 src/crypto/rsa/rsa_test.c delete mode 100644 src/crypto/rsa/rsa_test.cc delete mode 100644 src/crypto/test/test_util.cc delete mode 100644 src/crypto/test/test_util.h delete mode 100644 src/crypto/x509/t_req.c delete mode 100644 src/crypto/x509v3/tab_test.c create mode 100644 src/crypto/x509v3/tabtest.c delete mode 100644 src/crypto/x509v3/v3name_test.c create mode 100644 src/crypto/x509v3/v3nametest.c (limited to 'src/crypto') diff --git a/src/crypto/CMakeLists.txt b/src/crypto/CMakeLists.txt index 3115279..6858cbb 100644 --- a/src/crypto/CMakeLists.txt +++ b/src/crypto/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../include) +include_directories(. ../include) if(APPLE) if (${ARCH} STREQUAL "x86") @@ -57,6 +57,7 @@ if (${ARCH} STREQUAL "x86_64") set( CRYPTO_ARCH_SOURCES + cpu-x86_64-asm.${ASM_EXT} cpu-intel.c ) endif() @@ -65,6 +66,7 @@ if (${ARCH} STREQUAL "x86") set( CRYPTO_ARCH_SOURCES + cpu-x86-asm.${ASM_EXT} cpu-intel.c ) endif() @@ -228,3 +230,6 @@ add_executable( ) target_link_libraries(refcount_test crypto) + +perlasm(cpu-x86_64-asm.${ASM_EXT} cpu-x86_64-asm.pl) +perlasm(cpu-x86-asm.${ASM_EXT} cpu-x86-asm.pl) diff --git a/src/crypto/aes/CMakeLists.txt b/src/crypto/aes/CMakeLists.txt index c82d99a..490f40a 100644 --- a/src/crypto/aes/CMakeLists.txt +++ b/src/crypto/aes/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) if (${ARCH} STREQUAL "x86_64") set( @@ -60,12 +60,3 @@ perlasm(aesni-x86.${ASM_EXT} asm/aesni-x86.pl) perlasm(aes-armv4.${ASM_EXT} asm/aes-armv4.pl) perlasm(bsaes-armv7.${ASM_EXT} asm/bsaes-armv7.pl) perlasm(aesv8-armx.${ASM_EXT} asm/aesv8-armx.pl) - -add_executable( - aes_test - - aes_test.cc - $ -) - -target_link_libraries(aes_test crypto) diff --git a/src/crypto/aes/aes_test.cc b/src/crypto/aes/aes_test.cc deleted file mode 100644 index e488d81..0000000 --- a/src/crypto/aes/aes_test.cc +++ /dev/null @@ -1,102 +0,0 @@ -/* Copyright (c) 2015, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -#include -#include - -#include -#include - - -static bool TestAES(const uint8_t *key, size_t key_len, - const uint8_t plaintext[AES_BLOCK_SIZE], - const uint8_t ciphertext[AES_BLOCK_SIZE]) { - AES_KEY aes_key; - if (AES_set_encrypt_key(key, key_len * 8, &aes_key) != 0) { - fprintf(stderr, "AES_set_encrypt_key failed\n"); - return false; - } - - // Test encryption. - uint8_t block[AES_BLOCK_SIZE]; - AES_encrypt(plaintext, block, &aes_key); - if (memcmp(block, ciphertext, AES_BLOCK_SIZE) != 0) { - fprintf(stderr, "AES_encrypt gave the wrong output\n"); - return false; - } - - // Test in-place encryption. - memcpy(block, plaintext, AES_BLOCK_SIZE); - AES_encrypt(block, block, &aes_key); - if (memcmp(block, ciphertext, AES_BLOCK_SIZE) != 0) { - fprintf(stderr, "AES_encrypt gave the wrong output\n"); - return false; - } - - if (AES_set_decrypt_key(key, key_len * 8, &aes_key) != 0) { - fprintf(stderr, "AES_set_decrypt_key failed\n"); - return false; - } - - // Test decryption. - AES_decrypt(ciphertext, block, &aes_key); - if (memcmp(block, plaintext, AES_BLOCK_SIZE) != 0) { - fprintf(stderr, "AES_decrypt gave the wrong output\n"); - return false; - } - - // Test in-place decryption. - memcpy(block, ciphertext, AES_BLOCK_SIZE); - AES_decrypt(block, block, &aes_key); - if (memcmp(block, plaintext, AES_BLOCK_SIZE) != 0) { - fprintf(stderr, "AES_decrypt gave the wrong output\n"); - return false; - } - return true; -} - -int main() { - CRYPTO_library_init(); - - // Test vectors from FIPS-197, Appendix C. - if (!TestAES((const uint8_t *)"\x00\x01\x02\x03\x04\x05\x06\x07" - "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", - 128 / 8, - (const uint8_t *)"\x00\x11\x22\x33\x44\x55\x66\x77" - "\x88\x99\xaa\xbb\xcc\xdd\xee\xff", - (const uint8_t *)"\x69\xc4\xe0\xd8\x6a\x7b\x04\x30" - "\xd8\xcd\xb7\x80\x70\xb4\xc5\x5a") || - !TestAES((const uint8_t *)"\x00\x01\x02\x03\x04\x05\x06\x07" - "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" - "\x10\x11\x12\x13\x14\x15\x16\x17", - 192 / 8, - (const uint8_t *)"\x00\x11\x22\x33\x44\x55\x66\x77" - "\x88\x99\xaa\xbb\xcc\xdd\xee\xff", - (const uint8_t *)"\xdd\xa9\x7c\xa4\x86\x4c\xdf\xe0" - "\x6e\xaf\x70\xa0\xec\x0d\x71\x91") || - !TestAES((const uint8_t *)"\x00\x01\x02\x03\x04\x05\x06\x07" - "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" - "\x10\x11\x12\x13\x14\x15\x16\x17" - "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", - 256 / 8, - (const uint8_t *)"\x00\x11\x22\x33\x44\x55\x66\x77" - "\x88\x99\xaa\xbb\xcc\xdd\xee\xff", - (const uint8_t *)"\x8e\xa2\xb7\xca\x51\x67\x45\xbf" - "\xea\xfc\x49\x90\x4b\x49\x60\x89")) { - return false; - } - - printf("PASS\n"); - return 0; -} diff --git a/src/crypto/aes/asm/aes-586.pl b/src/crypto/aes/asm/aes-586.pl index 6e8a6a8..07fb94c 100755 --- a/src/crypto/aes/asm/aes-586.pl +++ b/src/crypto/aes/asm/aes-586.pl @@ -45,7 +45,7 @@ # the undertaken effort was that it appeared that in tight IA-32 # register window little-endian flavor could achieve slightly higher # Instruction Level Parallelism, and it indeed resulted in up to 15% -# better performance on most recent µ-archs... +# better performance on most recent µ-archs... # # Third version adds AES_cbc_encrypt implementation, which resulted in # up to 40% performance imrovement of CBC benchmark results. 40% was @@ -224,7 +224,7 @@ sub _data_word() { my $i; while(defined($i=shift)) { &data_word($i,$i); } } $speed_limit=512; # chunks smaller than $speed_limit are # processed with compact routine in CBC mode $small_footprint=1; # $small_footprint=1 code is ~5% slower [on - # recent µ-archs], but ~5 times smaller! + # recent µ-archs], but ~5 times smaller! # I favor compact code to minimize cache # contention and in hope to "collect" 5% back # in real-life applications... @@ -565,7 +565,7 @@ sub enctransform() # Performance is not actually extraordinary in comparison to pure # x86 code. In particular encrypt performance is virtually the same. # Decrypt performance on the other hand is 15-20% better on newer -# µ-archs [but we're thankful for *any* improvement here], and ~50% +# µ-archs [but we're thankful for *any* improvement here], and ~50% # better on PIII:-) And additionally on the pros side this code # eliminates redundant references to stack and thus relieves/ # minimizes the pressure on the memory bus. diff --git a/src/crypto/aes/asm/aes-armv4.pl b/src/crypto/aes/asm/aes-armv4.pl index 882017a..36cd3b6 100644 --- a/src/crypto/aes/asm/aes-armv4.pl +++ b/src/crypto/aes/asm/aes-armv4.pl @@ -65,7 +65,7 @@ $rounds="r12"; $code=<<___; #if defined(__arm__) #ifndef __KERNEL__ -# include +# include "arm_arch.h" #else # define __ARM_ARCH__ __LINUX_ARM_ARCH__ #endif diff --git a/src/crypto/aes/asm/aesv8-armx.pl b/src/crypto/aes/asm/aesv8-armx.pl index 121154a..b0916f6 100644 --- a/src/crypto/aes/asm/aesv8-armx.pl +++ b/src/crypto/aes/asm/aesv8-armx.pl @@ -45,7 +45,7 @@ open OUT,"| \"$^X\" $xlate $flavour $output"; $prefix="aes_v8"; $code=<<___; -#include +#include "arm_arch.h" #if __ARM_MAX_ARCH__>=7 .text diff --git a/src/crypto/aes/asm/bsaes-armv7.pl b/src/crypto/aes/asm/bsaes-armv7.pl index 7fe349a..273f0b9 100644 --- a/src/crypto/aes/asm/bsaes-armv7.pl +++ b/src/crypto/aes/asm/bsaes-armv7.pl @@ -703,7 +703,7 @@ ___ $code.=<<___; #if defined(__arm__) #ifndef __KERNEL__ -# include +# include "arm_arch.h" # define VFP_ABI_PUSH vstmdb sp!,{d8-d15} # define VFP_ABI_POP vldmia sp!,{d8-d15} diff --git a/src/crypto/arm_arch.h b/src/crypto/arm_arch.h new file mode 100644 index 0000000..0600fbb --- /dev/null +++ b/src/crypto/arm_arch.h @@ -0,0 +1,136 @@ +/* ==================================================================== + * Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). */ + +#ifndef OPENSSL_HEADER_ARM_ARCH_H +#define OPENSSL_HEADER_ARM_ARCH_H + +#if !defined(__ARM_ARCH__) +# if defined(__CC_ARM) +# define __ARM_ARCH__ __TARGET_ARCH_ARM +# if defined(__BIG_ENDIAN) +# define __ARMEB__ +# else +# define __ARMEL__ +# endif +# elif defined(__GNUC__) +# if defined(__aarch64__) +# define __ARM_ARCH__ 8 +# if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ +# define __ARMEB__ +# else +# define __ARMEL__ +# endif + /* Why doesn't gcc define __ARM_ARCH__? Instead it defines + * bunch of below macros. See all_architectires[] table in + * gcc/config/arm/arm.c. On a side note it defines + * __ARMEL__/__ARMEB__ for little-/big-endian. */ +# elif defined(__ARM_ARCH) +# define __ARM_ARCH__ __ARM_ARCH +# elif defined(__ARM_ARCH_8A__) +# define __ARM_ARCH__ 8 +# elif defined(__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__) || \ + defined(__ARM_ARCH_7R__)|| defined(__ARM_ARCH_7M__) || \ + defined(__ARM_ARCH_7EM__) +# define __ARM_ARCH__ 7 +# elif defined(__ARM_ARCH_6__) || defined(__ARM_ARCH_6J__) || \ + defined(__ARM_ARCH_6K__)|| defined(__ARM_ARCH_6M__) || \ + defined(__ARM_ARCH_6Z__)|| defined(__ARM_ARCH_6ZK__) || \ + defined(__ARM_ARCH_6T2__) +# define __ARM_ARCH__ 6 +# elif defined(__ARM_ARCH_5__) || defined(__ARM_ARCH_5T__) || \ + defined(__ARM_ARCH_5E__)|| defined(__ARM_ARCH_5TE__) || \ + defined(__ARM_ARCH_5TEJ__) +# define __ARM_ARCH__ 5 +# elif defined(__ARM_ARCH_4__) || defined(__ARM_ARCH_4T__) +# define __ARM_ARCH__ 4 +# else +# error "unsupported ARM architecture" +# endif +# endif +#endif + +/* Even when building for 32-bit ARM, support for aarch64 crypto instructions + * will be included. */ +#define __ARM_MAX_ARCH__ 8 + +#if !__ASSEMBLER__ + +/* OPENSSL_armcap_P contains flags describing the capabilities of the CPU and + * is easy for assembly code to acesss. For C code, see the functions in + * |cpu.h|. */ +extern uint32_t OPENSSL_armcap_P; + +#endif /* !__ASSEMBLER__ */ + +/* ARMV7_NEON is true when a NEON unit is present in the current CPU. */ +#define ARMV7_NEON (1 << 0) + +/* ARMV7_NEON_FUNCTIONAL is true when the NEON unit doesn't contain subtle bugs. + * The Poly1305 NEON code is known to trigger bugs in the NEON units of some + * phones. If this bit isn't set then the Poly1305 NEON code won't be used. + * See https://code.google.com/p/chromium/issues/detail?id=341598. */ +#define ARMV7_NEON_FUNCTIONAL (1 << 10) + +/* ARMV8_AES indicates support for hardware AES instructions. */ +#define ARMV8_AES (1 << 2) + +/* ARMV8_SHA1 indicates support for hardware SHA-1 instructions. */ +#define ARMV8_SHA1 (1 << 3) + +/* ARMV8_SHA256 indicates support for hardware SHA-256 instructions. */ +#define ARMV8_SHA256 (1 << 4) + +/* ARMV8_PMULL indicates support for carryless multiplication. */ +#define ARMV8_PMULL (1 << 5) + + +#endif /* OPENSSL_HEADER_THREAD_H */ diff --git a/src/crypto/asn1/CMakeLists.txt b/src/crypto/asn1/CMakeLists.txt index 41e3122..283636e 100644 --- a/src/crypto/asn1/CMakeLists.txt +++ b/src/crypto/asn1/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( asn1 diff --git a/src/crypto/asn1/a_bitstr.c b/src/crypto/asn1/a_bitstr.c index 8bad339..8055f0c 100644 --- a/src/crypto/asn1/a_bitstr.c +++ b/src/crypto/asn1/a_bitstr.c @@ -125,7 +125,8 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, if (len < 1) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_STRING_TOO_SHORT); + OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_BIT_STRING, + ASN1_R_STRING_TOO_SHORT); goto err; } @@ -140,7 +141,8 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, padding = *(p++); if (padding > 7) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_BIT_STRING_BITS_LEFT); + OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_BIT_STRING, + ASN1_R_INVALID_BIT_STRING_BITS_LEFT); goto err; } @@ -155,7 +157,8 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, s=(unsigned char *)OPENSSL_malloc((int)len); if (s == NULL) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_BIT_STRING, + ERR_R_MALLOC_FAILURE); goto err; } memcpy(s,p,(int)len); @@ -206,7 +209,7 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) w+1); if (c == NULL) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ASN1_BIT_STRING_set_bit, ERR_R_MALLOC_FAILURE); return 0; } if (w+1-a->length > 0) memset(c+a->length, 0, w+1-a->length); diff --git a/src/crypto/asn1/a_bool.c b/src/crypto/asn1/a_bool.c index 826bcf4..c30ee48 100644 --- a/src/crypto/asn1/a_bool.c +++ b/src/crypto/asn1/a_bool.c @@ -107,6 +107,6 @@ int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length) *pp=p; return(ret); err: - OPENSSL_PUT_ERROR(ASN1, i); + OPENSSL_PUT_ERROR(ASN1, d2i_ASN1_BOOLEAN, i); return(ret); } diff --git a/src/crypto/asn1/a_bytes.c b/src/crypto/asn1/a_bytes.c index 1904375..8874f48 100644 --- a/src/crypto/asn1/a_bytes.c +++ b/src/crypto/asn1/a_bytes.c @@ -125,7 +125,7 @@ ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp, *pp=p; return(ret); err: - OPENSSL_PUT_ERROR(ASN1, i); + OPENSSL_PUT_ERROR(ASN1, d2i_ASN1_type_bytes, i); if ((ret != NULL) && ((a == NULL) || (*a != ret))) ASN1_STRING_free(ret); return(NULL); @@ -243,7 +243,7 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp, err: if ((ret != NULL) && ((a == NULL) || (*a != ret))) ASN1_STRING_free(ret); - OPENSSL_PUT_ERROR(ASN1, i); + OPENSSL_PUT_ERROR(ASN1, d2i_ASN1_bytes, i); return(NULL); } @@ -309,7 +309,7 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c) if (os != NULL) ASN1_STRING_free(os); return(1); err: - OPENSSL_PUT_ERROR(ASN1, c->error); + OPENSSL_PUT_ERROR(ASN1, asn1_collate_primitive, c->error); if (os != NULL) ASN1_STRING_free(os); if (b.data != NULL) OPENSSL_free(b.data); return(0); diff --git a/src/crypto/asn1/a_d2i_fp.c b/src/crypto/asn1/a_d2i_fp.c index 97ec75b..6022c74 100644 --- a/src/crypto/asn1/a_d2i_fp.c +++ b/src/crypto/asn1/a_d2i_fp.c @@ -75,7 +75,7 @@ void *ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x) if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(ASN1, ASN1_d2i_fp, ERR_R_BUF_LIB); return(NULL); } BIO_set_fp(b,in,BIO_NOCLOSE); @@ -129,7 +129,7 @@ void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x) if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_d2i_fp, ERR_R_BUF_LIB); return(NULL); } BIO_set_fp(b,in,BIO_NOCLOSE); @@ -154,7 +154,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) b=BUF_MEM_new(); if (b == NULL) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ERR_R_MALLOC_FAILURE); return -1; } @@ -167,20 +167,20 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) if (len + want < len || !BUF_MEM_grow_clean(b,len+want)) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ERR_R_MALLOC_FAILURE); goto err; } i=BIO_read(in,&(b->data[len]),want); if ((i < 0) && ((len-off) == 0)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NOT_ENOUGH_DATA); + OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ASN1_R_NOT_ENOUGH_DATA); goto err; } if (i > 0) { if (len+i < len) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ASN1_R_TOO_LONG); goto err; } len+=i; @@ -211,7 +211,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) eos++; if (eos < 0) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_HEADER_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ASN1_R_HEADER_TOO_LONG); goto err; } want=HEADER_SIZE; @@ -235,12 +235,12 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) if (want > INT_MAX /* BIO_read takes an int length */ || len+want < len) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ASN1_R_TOO_LONG); goto err; } if (!BUF_MEM_grow_clean(b,len+want)) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ERR_R_MALLOC_FAILURE); goto err; } while (want > 0) @@ -248,7 +248,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) i=BIO_read(in,&(b->data[len]),want); if (i <= 0) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NOT_ENOUGH_DATA); + OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ASN1_R_NOT_ENOUGH_DATA); goto err; } /* This can't overflow because @@ -259,7 +259,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) } if (off + c.slen < off) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ASN1_R_TOO_LONG); goto err; } off+=c.slen; @@ -274,7 +274,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) if (off > INT_MAX) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ASN1_R_TOO_LONG); goto err; } diff --git a/src/crypto/asn1/a_dup.c b/src/crypto/asn1/a_dup.c index 5e87457..8ec1c5f 100644 --- a/src/crypto/asn1/a_dup.c +++ b/src/crypto/asn1/a_dup.c @@ -72,7 +72,7 @@ void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x) i=i2d(x,NULL); b=OPENSSL_malloc(i+10); if (b == NULL) - { OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return(NULL); } + { OPENSSL_PUT_ERROR(ASN1, ASN1_dup, ERR_R_MALLOC_FAILURE); return(NULL); } p= b; i=i2d(x,&p); p2= b; @@ -95,7 +95,7 @@ void *ASN1_item_dup(const ASN1_ITEM *it, void *x) i=ASN1_item_i2d(x,&b,it); if (b == NULL) - { OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return(NULL); } + { OPENSSL_PUT_ERROR(ASN1, ASN1_item_dup, ERR_R_MALLOC_FAILURE); return(NULL); } p= b; ret=ASN1_item_d2i(NULL,&p,i, it); OPENSSL_free(b); diff --git a/src/crypto/asn1/a_enum.c b/src/crypto/asn1/a_enum.c index 579dafd..a581a34 100644 --- a/src/crypto/asn1/a_enum.c +++ b/src/crypto/asn1/a_enum.c @@ -84,7 +84,7 @@ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v) } if (a->data == NULL) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ASN1_ENUMERATED_set, ERR_R_MALLOC_FAILURE); return(0); } d=v; @@ -147,7 +147,7 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai) ret=ai; if (ret == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, BN_to_ASN1_ENUMERATED, ASN1_R_NESTED_ASN1_ERROR); goto err; } if(BN_is_negative(bn)) ret->type = V_ASN1_NEG_ENUMERATED; @@ -159,7 +159,7 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai) unsigned char *new_data=OPENSSL_realloc(ret->data, len+4); if (!new_data) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, BN_to_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE); goto err; } ret->data=new_data; @@ -177,7 +177,7 @@ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn) BIGNUM *ret; if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL) - OPENSSL_PUT_ERROR(ASN1, ASN1_R_BN_LIB); + OPENSSL_PUT_ERROR(ASN1, ASN1_ENUMERATED_to_BN, ASN1_R_BN_LIB); else if(ai->type == V_ASN1_NEG_ENUMERATED) BN_set_negative(ret,1); return(ret); } diff --git a/src/crypto/asn1/a_gentm.c b/src/crypto/asn1/a_gentm.c index 7cb18a9..be093a4 100644 --- a/src/crypto/asn1/a_gentm.c +++ b/src/crypto/asn1/a_gentm.c @@ -239,7 +239,7 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s, p=OPENSSL_malloc(len); if (p == NULL) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ASN1_GENERALIZEDTIME_adj, ERR_R_MALLOC_FAILURE); return(NULL); } if (s->data != NULL) diff --git a/src/crypto/asn1/a_i2d_fp.c b/src/crypto/asn1/a_i2d_fp.c index 74ded78..11e40d3 100644 --- a/src/crypto/asn1/a_i2d_fp.c +++ b/src/crypto/asn1/a_i2d_fp.c @@ -67,7 +67,7 @@ int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x) if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(ASN1, ASN1_i2d_fp, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,out,BIO_NOCLOSE); @@ -76,7 +76,7 @@ int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x) return(ret); } -int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, void *x) +int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x) { char *b; unsigned char *p; @@ -86,7 +86,7 @@ int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, void *x) b=(char *)OPENSSL_malloc(n); if (b == NULL) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ASN1_i2d_bio, ERR_R_MALLOC_FAILURE); return(0); } @@ -116,7 +116,7 @@ int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x) if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_i2d_fp, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,out,BIO_NOCLOSE); @@ -133,7 +133,7 @@ int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x) n = ASN1_item_i2d(x, &b, it); if (b == NULL) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_i2d_bio, ERR_R_MALLOC_FAILURE); return(0); } diff --git a/src/crypto/asn1/a_int.c b/src/crypto/asn1/a_int.c index 9a56534..2ecccc5 100644 --- a/src/crypto/asn1/a_int.c +++ b/src/crypto/asn1/a_int.c @@ -257,7 +257,7 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, *pp=pend; return(ret); err: - OPENSSL_PUT_ERROR(ASN1, i); + OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_INTEGER, i); if ((ret != NULL) && ((a == NULL) || (*a != ret))) M_ASN1_INTEGER_free(ret); return(NULL); @@ -327,7 +327,7 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, *pp=p; return(ret); err: - OPENSSL_PUT_ERROR(ASN1, i); + OPENSSL_PUT_ERROR(ASN1, d2i_ASN1_UINTEGER, i); if ((ret != NULL) && ((a == NULL) || (*a != ret))) M_ASN1_INTEGER_free(ret); return(NULL); @@ -350,7 +350,7 @@ int ASN1_INTEGER_set(ASN1_INTEGER *a, long v) } if (a->data == NULL) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ASN1_INTEGER_set, ERR_R_MALLOC_FAILURE); return(0); } d=v; @@ -413,7 +413,7 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai) ret=ai; if (ret == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, BN_to_ASN1_INTEGER, ASN1_R_NESTED_ASN1_ERROR); goto err; } if (BN_is_negative(bn) && !BN_is_zero(bn)) @@ -426,7 +426,7 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai) unsigned char *new_data=OPENSSL_realloc(ret->data, len+4); if (!new_data) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, BN_to_ASN1_INTEGER, ERR_R_MALLOC_FAILURE); goto err; } ret->data=new_data; @@ -449,7 +449,7 @@ BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn) BIGNUM *ret; if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL) - OPENSSL_PUT_ERROR(ASN1, ASN1_R_BN_LIB); + OPENSSL_PUT_ERROR(ASN1, ASN1_INTEGER_to_BN, ASN1_R_BN_LIB); else if(ai->type == V_ASN1_NEG_INTEGER) BN_set_negative(ret, 1); return(ret); diff --git a/src/crypto/asn1/a_mbstr.c b/src/crypto/asn1/a_mbstr.c index 42806d1..9abe659 100644 --- a/src/crypto/asn1/a_mbstr.c +++ b/src/crypto/asn1/a_mbstr.c @@ -108,7 +108,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, case MBSTRING_BMP: if(len & 1) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_BMPSTRING_LENGTH); + OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ASN1_R_INVALID_BMPSTRING_LENGTH); return -1; } nchar = len >> 1; @@ -116,7 +116,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, case MBSTRING_UNIV: if(len & 3) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH); + OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH); return -1; } nchar = len >> 2; @@ -127,7 +127,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, /* This counts the characters and does utf8 syntax checking */ ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar); if(ret < 0) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_UTF8STRING); + OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ASN1_R_INVALID_UTF8STRING); return -1; } break; @@ -137,19 +137,19 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, break; default: - OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNKNOWN_FORMAT); + OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ASN1_R_UNKNOWN_FORMAT); return -1; } if((minsize > 0) && (nchar < minsize)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_STRING_TOO_SHORT); + OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ASN1_R_STRING_TOO_SHORT); BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize); ERR_add_error_data(2, "minsize=", strbuf); return -1; } if((maxsize > 0) && (nchar > maxsize)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_STRING_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ASN1_R_STRING_TOO_LONG); BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize); ERR_add_error_data(2, "maxsize=", strbuf); return -1; @@ -157,7 +157,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, /* Now work out minimal type (if any) */ if(traverse_string(in, len, inform, type_str, &mask) < 0) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_CHARACTERS); + OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ASN1_R_ILLEGAL_CHARACTERS); return -1; } @@ -191,7 +191,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, free_out = 1; dest = ASN1_STRING_type_new(str_type); if(!dest) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ERR_R_MALLOC_FAILURE); return -1; } *out = dest; @@ -199,7 +199,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, /* If both the same type just copy across */ if(inform == outform) { if(!ASN1_STRING_set(dest, in, len)) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ERR_R_MALLOC_FAILURE); return -1; } return str_type; @@ -230,7 +230,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, } if(!(p = OPENSSL_malloc(outlen + 1))) { if(free_out) ASN1_STRING_free(dest); - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ERR_R_MALLOC_FAILURE); return -1; } dest->length = outlen; diff --git a/src/crypto/asn1/a_object.c b/src/crypto/asn1/a_object.c index 6ddfca9..189886c 100644 --- a/src/crypto/asn1/a_object.c +++ b/src/crypto/asn1/a_object.c @@ -106,13 +106,13 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) } else { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_FIRST_NUM_TOO_LARGE); + OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_FIRST_NUM_TOO_LARGE); goto err; } if (num <= 0) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_SECOND_NUMBER); + OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_MISSING_SECOND_NUMBER); goto err; } c= *(p++); @@ -122,7 +122,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) if (num <= 0) break; if ((c != '.') && (c != ' ')) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_SEPARATOR); + OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_INVALID_SEPARATOR); goto err; } l=0; @@ -136,7 +136,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) break; if ((c < '0') || (c > '9')) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_DIGIT); + OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_INVALID_DIGIT); goto err; } if (!use_bn && l >= ((ULONG_MAX - 80) / 10L)) @@ -160,7 +160,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) { if ((first < 2) && (l >= 40)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_SECOND_NUMBER_TOO_LARGE); + OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_SECOND_NUMBER_TOO_LARGE); goto err; } if (use_bn) @@ -204,7 +204,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) { if (len+i > olen) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_BUFFER_TOO_SMALL); goto err; } while (--i > 0) @@ -280,7 +280,7 @@ ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, if(ret) *pp = p; return ret; err: - OPENSSL_PUT_ERROR(ASN1, i); + OPENSSL_PUT_ERROR(ASN1, d2i_ASN1_OBJECT, i); return(NULL); } @@ -300,7 +300,7 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, if (len <= 0 || len > INT_MAX || pp == NULL || (p = *pp) == NULL || p[len - 1] & 0x80) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_OBJECT_ENCODING); + OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING); return NULL; } /* Now 0 < len <= INT_MAX, so the cast is safe. */ @@ -309,7 +309,7 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, { if (*p == 0x80 && (!i || !(p[-1] & 0x80))) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_OBJECT_ENCODING); + OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING); return NULL; } } @@ -350,7 +350,7 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, *pp=p; return(ret); err: - OPENSSL_PUT_ERROR(ASN1, i); + OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_OBJECT, i); if ((ret != NULL) && ((a == NULL) || (*a != ret))) ASN1_OBJECT_free(ret); return(NULL); @@ -363,7 +363,7 @@ ASN1_OBJECT *ASN1_OBJECT_new(void) ret=(ASN1_OBJECT *)OPENSSL_malloc(sizeof(ASN1_OBJECT)); if (ret == NULL) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ASN1_OBJECT_new, ERR_R_MALLOC_FAILURE); return(NULL); } ret->length=0; diff --git a/src/crypto/asn1/a_strnid.c b/src/crypto/asn1/a_strnid.c index d4316f7..df849e1 100644 --- a/src/crypto/asn1/a_strnid.c +++ b/src/crypto/asn1/a_strnid.c @@ -215,13 +215,13 @@ int ASN1_STRING_TABLE_add(int nid, flags &= ~STABLE_FLAGS_MALLOC; if(!stable) stable = sk_ASN1_STRING_TABLE_new(sk_table_cmp); if(!stable) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ASN1_STRING_TABLE_add, ERR_R_MALLOC_FAILURE); return 0; } if(!(tmp = ASN1_STRING_TABLE_get(nid))) { tmp = OPENSSL_malloc(sizeof(ASN1_STRING_TABLE)); if(!tmp) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ASN1_STRING_TABLE_add, ERR_R_MALLOC_FAILURE); return 0; } tmp->flags = flags | STABLE_FLAGS_MALLOC; diff --git a/src/crypto/asn1/a_time.c b/src/crypto/asn1/a_time.c index ac2cb48..e02e858 100644 --- a/src/crypto/asn1/a_time.c +++ b/src/crypto/asn1/a_time.c @@ -85,7 +85,7 @@ int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp) if(a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME) return(i2d_ASN1_bytes((ASN1_STRING *)a,pp, a->type ,V_ASN1_UNIVERSAL)); - OPENSSL_PUT_ERROR(ASN1, ASN1_R_EXPECTING_A_TIME); + OPENSSL_PUT_ERROR(ASN1, XXX, ASN1_R_EXPECTING_A_TIME); return -1; } #endif @@ -105,7 +105,7 @@ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, ts=OPENSSL_gmtime(&t,&data); if (ts == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_ERROR_GETTING_TIME); + OPENSSL_PUT_ERROR(ASN1, ASN1_TIME_adj, ASN1_R_ERROR_GETTING_TIME); return NULL; } if (offset_day || offset_sec) diff --git a/src/crypto/asn1/a_utctm.c b/src/crypto/asn1/a_utctm.c index dbbbecb..52b010f 100644 --- a/src/crypto/asn1/a_utctm.c +++ b/src/crypto/asn1/a_utctm.c @@ -81,12 +81,12 @@ ASN1_UTCTIME *d2i_ASN1_UTCTIME(ASN1_UTCTIME **a, unsigned char **pp, V_ASN1_UTCTIME,V_ASN1_UNIVERSAL); if (ret == NULL) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, XXX, ERR_R_NESTED_ASN1_ERROR); return(NULL); } if (!ASN1_UTCTIME_check(ret)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_TIME_FORMAT); + OPENSSL_PUT_ERROR(ASN1, XXX, ASN1_R_INVALID_TIME_FORMAT); goto err; } @@ -257,7 +257,7 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, p=OPENSSL_malloc(len); if (p == NULL) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ASN1_UTCTIME_adj, ERR_R_MALLOC_FAILURE); goto err; } if (s->data != NULL) diff --git a/src/crypto/asn1/asn1_lib.c b/src/crypto/asn1/asn1_lib.c index a109749..9aa2678 100644 --- a/src/crypto/asn1/asn1_lib.c +++ b/src/crypto/asn1/asn1_lib.c @@ -69,10 +69,17 @@ OPENSSL_DECLARE_ERROR_REASON(ASN1, MALLOC_FAILURE); /* Cross-module errors from crypto/x509/i2d_pr.c */ +OPENSSL_DECLARE_ERROR_FUNCTION(ASN1, i2d_PrivateKey); OPENSSL_DECLARE_ERROR_REASON(ASN1, UNSUPPORTED_PUBLIC_KEY_TYPE); /* Cross-module errors from crypto/x509/asn1_gen.c. * TODO(davidben): Remove these once asn1_gen.c is gone. */ +OPENSSL_DECLARE_ERROR_FUNCTION(ASN1, ASN1_generate_v3); +OPENSSL_DECLARE_ERROR_FUNCTION(ASN1, asn1_cb); +OPENSSL_DECLARE_ERROR_FUNCTION(ASN1, parse_tagging); +OPENSSL_DECLARE_ERROR_FUNCTION(ASN1, append_exp); +OPENSSL_DECLARE_ERROR_FUNCTION(ASN1, asn1_str2type); +OPENSSL_DECLARE_ERROR_FUNCTION(ASN1, bitstr_cb); OPENSSL_DECLARE_ERROR_REASON(ASN1, DEPTH_EXCEEDED); OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_BITSTRING_FORMAT); OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_BOOLEAN); @@ -176,7 +183,7 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, #endif if (*plength > (omax - (p - *pp))) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_get_object, ASN1_R_TOO_LONG); /* Set this so that even if things are not long enough * the values are set correctly */ ret|=0x80; @@ -184,7 +191,7 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, *pp=p; return(ret|inf); err: - OPENSSL_PUT_ERROR(ASN1, ASN1_R_HEADER_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_get_object, ASN1_R_HEADER_TOO_LONG); return(0x80); } @@ -426,7 +433,7 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len) if (str->data == NULL) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ASN1_STRING_set, ERR_R_MALLOC_FAILURE); str->data=c; return(0); } @@ -462,7 +469,7 @@ ASN1_STRING *ASN1_STRING_type_new(int type) ret=(ASN1_STRING *)OPENSSL_malloc(sizeof(ASN1_STRING)); if (ret == NULL) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ASN1_STRING_type_new, ERR_R_MALLOC_FAILURE); return(NULL); } ret->length=0; diff --git a/src/crypto/asn1/asn_pack.c b/src/crypto/asn1/asn_pack.c index e842a10..ee58fa5 100644 --- a/src/crypto/asn1/asn_pack.c +++ b/src/crypto/asn1/asn_pack.c @@ -68,7 +68,7 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct) if (!oct || !*oct) { if (!(octmp = ASN1_STRING_new ())) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_pack, ERR_R_MALLOC_FAILURE); return NULL; } if (oct) *oct = octmp; @@ -80,11 +80,11 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct) } if (!(octmp->length = ASN1_item_i2d(obj, &octmp->data, it))) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_ENCODE_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_pack, ASN1_R_ENCODE_ERROR); return NULL; } if (!octmp->data) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_pack, ERR_R_MALLOC_FAILURE); return NULL; } return octmp; @@ -99,6 +99,6 @@ void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it) p = oct->data; if(!(ret = ASN1_item_d2i(NULL, &p, oct->length, it))) - OPENSSL_PUT_ERROR(ASN1, ASN1_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_unpack, ASN1_R_DECODE_ERROR); return ret; } diff --git a/src/crypto/asn1/bio_ndef.c b/src/crypto/asn1/bio_ndef.c index f07d3de..2f7105d 100644 --- a/src/crypto/asn1/bio_ndef.c +++ b/src/crypto/asn1/bio_ndef.c @@ -112,7 +112,7 @@ BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it) if (!aux || !aux->asn1_cb) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_STREAMING_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(ASN1, BIO_new_NDEF, ASN1_R_STREAMING_NOT_SUPPORTED); return NULL; } ndef_aux = OPENSSL_malloc(sizeof(NDEF_SUPPORT)); diff --git a/src/crypto/asn1/f_enum.c b/src/crypto/asn1/f_enum.c index bcdb773..530afe5 100644 --- a/src/crypto/asn1/f_enum.c +++ b/src/crypto/asn1/f_enum.c @@ -144,7 +144,7 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size) i-=again; if (i%2 != 0) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_ODD_NUMBER_OF_CHARS); + OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_ENUMERATED, ASN1_R_ODD_NUMBER_OF_CHARS); goto err; } i/=2; @@ -158,7 +158,7 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size) (unsigned int)num+i*2); if (sp == NULL) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE); goto err; } s=sp; @@ -177,7 +177,7 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size) m=m-'A'+10; else { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NON_HEX_CHARACTERS); + OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_ENUMERATED, ASN1_R_NON_HEX_CHARACTERS); goto err; } s[num+j]<<=4; @@ -197,7 +197,7 @@ err: if (0) { err_sl: - OPENSSL_PUT_ERROR(ASN1, ASN1_R_SHORT_LINE); + OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_ENUMERATED, ASN1_R_SHORT_LINE); } if (s != NULL) OPENSSL_free(s); diff --git a/src/crypto/asn1/f_int.c b/src/crypto/asn1/f_int.c index 5186304..2c4fe6f 100644 --- a/src/crypto/asn1/f_int.c +++ b/src/crypto/asn1/f_int.c @@ -149,7 +149,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size) i-=again; if (i%2 != 0) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_ODD_NUMBER_OF_CHARS); + OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_INTEGER, ASN1_R_ODD_NUMBER_OF_CHARS); goto err; } i/=2; @@ -162,7 +162,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size) sp=OPENSSL_realloc_clean(s,slen,num+i*2); if (sp == NULL) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_INTEGER, ERR_R_MALLOC_FAILURE); goto err; } s=sp; @@ -181,7 +181,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size) m=m-'A'+10; else { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NON_HEX_CHARACTERS); + OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_INTEGER, ASN1_R_NON_HEX_CHARACTERS); goto err; } s[num+j]<<=4; @@ -201,7 +201,7 @@ err: if (0) { err_sl: - OPENSSL_PUT_ERROR(ASN1, ASN1_R_SHORT_LINE); + OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_INTEGER, ASN1_R_SHORT_LINE); } if (s != NULL) OPENSSL_free(s); diff --git a/src/crypto/asn1/f_string.c b/src/crypto/asn1/f_string.c index 5a7fe36..2f53670 100644 --- a/src/crypto/asn1/f_string.c +++ b/src/crypto/asn1/f_string.c @@ -142,7 +142,7 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size) i-=again; if (i%2 != 0) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_ODD_NUMBER_OF_CHARS); + OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_STRING, ASN1_R_ODD_NUMBER_OF_CHARS); goto err; } i/=2; @@ -156,7 +156,7 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size) (unsigned int)num+i*2); if (sp == NULL) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_STRING, ERR_R_MALLOC_FAILURE); goto err; } s=sp; @@ -175,7 +175,7 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size) m=m-'A'+10; else { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NON_HEX_CHARACTERS); + OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_STRING, ASN1_R_NON_HEX_CHARACTERS); goto err; } s[num+j]<<=4; @@ -195,7 +195,7 @@ err: if (0) { err_sl: - OPENSSL_PUT_ERROR(ASN1, ASN1_R_SHORT_LINE); + OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_STRING, ASN1_R_SHORT_LINE); } if (s != NULL) OPENSSL_free(s); diff --git a/src/crypto/asn1/tasn_dec.c b/src/crypto/asn1/tasn_dec.c index 507a842..73d3bb3 100644 --- a/src/crypto/asn1/tasn_dec.c +++ b/src/crypto/asn1/tasn_dec.c @@ -189,7 +189,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, */ if ((tag != -1) || opt) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE); goto err; } return asn1_template_ex_d2i(pval, in, len, @@ -206,7 +206,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, &p, len, -1, 0, 1, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); goto err; } @@ -215,7 +215,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, { /* If OPTIONAL, assume this is OK */ if (opt) return -1; - OPENSSL_PUT_ERROR(ASN1, ASN1_R_MSTRING_NOT_UNIVERSAL); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_MSTRING_NOT_UNIVERSAL); goto err; } /* Check tag matches bit map */ @@ -224,7 +224,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, /* If OPTIONAL, assume this is OK */ if (opt) return -1; - OPENSSL_PUT_ERROR(ASN1, ASN1_R_MSTRING_WRONG_TAG); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_MSTRING_WRONG_TAG); goto err; } return asn1_d2i_ex_primitive(pval, in, len, @@ -255,7 +255,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, &p, len, exptag, aclass, 1, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); goto err; } if (ret == -1) @@ -283,7 +283,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, imphack = *wp; if (p == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); goto err; } *wp = (unsigned char)((*p & V_ASN1_CONSTRUCTED) @@ -298,7 +298,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, if (ptmpval) return 1; - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); goto err; @@ -320,7 +320,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, } else if (!ASN1_item_ex_new(pval, it)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); goto err; } /* CHOICE type, try each possibility in turn */ @@ -340,7 +340,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, break; /* Otherwise must be an ASN1 parsing error */ errtt = tt; - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); goto err; } @@ -354,7 +354,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, ASN1_item_ex_free(pval, it); return -1; } - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NO_MATCHING_CHOICE_TYPE); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NO_MATCHING_CHOICE_TYPE); goto err; } @@ -380,7 +380,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, &p, len, tag, aclass, opt, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); goto err; } else if (ret == -1) @@ -394,13 +394,13 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, else seq_nolen = seq_eoc; if (!cst) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_SEQUENCE_NOT_CONSTRUCTED); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_SEQUENCE_NOT_CONSTRUCTED); goto err; } if (!*pval && !ASN1_item_ex_new(pval, it)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); goto err; } @@ -437,7 +437,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, { if (!seq_eoc) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNEXPECTED_EOC); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_UNEXPECTED_EOC); goto err; } len -= p - q; @@ -479,13 +479,13 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, /* Check for EOC if expecting one */ if (seq_eoc && !asn1_check_eoc(&p, len)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_EOC); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_MISSING_EOC); goto err; } /* Check all data read */ if (!seq_nolen && len) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_SEQUENCE_LENGTH_MISMATCH); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_SEQUENCE_LENGTH_MISMATCH); goto err; } @@ -508,7 +508,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, else { errtt = seqtt; - OPENSSL_PUT_ERROR(ASN1, ASN1_R_FIELD_MISSING); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_FIELD_MISSING); goto err; } } @@ -524,7 +524,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, return 0; } auxerr: - OPENSSL_PUT_ERROR(ASN1, ASN1_R_AUX_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_AUX_ERROR); err: ASN1_item_ex_free(pval, it); if (errtt) @@ -569,21 +569,21 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val, q = p; if (!ret) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, asn1_template_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); return 0; } else if (ret == -1) return -1; if (!cst) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED); + OPENSSL_PUT_ERROR(ASN1, asn1_template_ex_d2i, ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED); return 0; } /* We've found the field so it can't be OPTIONAL now */ ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, asn1_template_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); return 0; } /* We read the field in OK so update length */ @@ -593,7 +593,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val, /* If NDEF we must have an EOC here */ if (!asn1_check_eoc(&p, len)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_EOC); + OPENSSL_PUT_ERROR(ASN1, asn1_template_ex_d2i, ASN1_R_MISSING_EOC); goto err; } } @@ -603,7 +603,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val, * an error */ if (len) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_EXPLICIT_LENGTH_MISMATCH); + OPENSSL_PUT_ERROR(ASN1, asn1_template_ex_d2i, ASN1_R_EXPLICIT_LENGTH_MISMATCH); goto err; } } @@ -659,7 +659,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, &p, len, sktag, skaclass, opt, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, asn1_template_noexp_d2i, ASN1_R_NESTED_ASN1_ERROR); return 0; } else if (ret == -1) @@ -682,7 +682,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, if (!*val) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, asn1_template_noexp_d2i, ERR_R_MALLOC_FAILURE); goto err; } @@ -696,7 +696,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, { if (!sk_eoc) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNEXPECTED_EOC); + OPENSSL_PUT_ERROR(ASN1, asn1_template_noexp_d2i, ASN1_R_UNEXPECTED_EOC); goto err; } len -= p - q; @@ -708,20 +708,20 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, asn1_template_noexp_d2i, ASN1_R_NESTED_ASN1_ERROR); goto err; } len -= p - q; if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val, skfield)) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, asn1_template_noexp_d2i, ERR_R_MALLOC_FAILURE); goto err; } } if (sk_eoc) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_EOC); + OPENSSL_PUT_ERROR(ASN1, asn1_template_noexp_d2i, ASN1_R_MISSING_EOC); goto err; } } @@ -732,7 +732,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, asn1_template_noexp_d2i, ASN1_R_NESTED_ASN1_ERROR); goto err; } else if (ret == -1) @@ -745,7 +745,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, -1, 0, opt, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, asn1_template_noexp_d2i, ASN1_R_NESTED_ASN1_ERROR); goto err; } else if (ret == -1) @@ -775,7 +775,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, long len; if (!pval) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_NULL); + OPENSSL_PUT_ERROR(ASN1, asn1_d2i_ex_primitive, ASN1_R_ILLEGAL_NULL); return 0; /* Should never happen */ } @@ -793,12 +793,12 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char oclass; if (tag >= 0) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_TAGGED_ANY); + OPENSSL_PUT_ERROR(ASN1, asn1_d2i_ex_primitive, ASN1_R_ILLEGAL_TAGGED_ANY); return 0; } if (opt) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_OPTIONAL_ANY); + OPENSSL_PUT_ERROR(ASN1, asn1_d2i_ex_primitive, ASN1_R_ILLEGAL_OPTIONAL_ANY); return 0; } p = *in; @@ -806,7 +806,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, &p, inlen, -1, 0, 0, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, asn1_d2i_ex_primitive, ASN1_R_NESTED_ASN1_ERROR); return 0; } if (oclass != V_ASN1_UNIVERSAL) @@ -823,7 +823,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, &p, inlen, tag, aclass, opt, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, asn1_d2i_ex_primitive, ASN1_R_NESTED_ASN1_ERROR); return 0; } else if (ret == -1) @@ -843,7 +843,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, /* SEQUENCE and SET must be constructed */ else if (!cst) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_TYPE_NOT_CONSTRUCTED); + OPENSSL_PUT_ERROR(ASN1, asn1_d2i_ex_primitive, ASN1_R_TYPE_NOT_CONSTRUCTED); return 0; } @@ -869,7 +869,8 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, || utype == V_ASN1_ENUMERATED) { /* These types only have primitive encodings. */ - OPENSSL_PUT_ERROR(ASN1, ASN1_R_TYPE_NOT_PRIMITIVE); + OPENSSL_PUT_ERROR(ASN1, asn1_d2i_ex_primitive, + ASN1_R_TYPE_NOT_PRIMITIVE); return 0; } @@ -891,7 +892,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, /* Append a final null to string */ if (!BUF_MEM_grow_clean(&buf, len + 1)) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, asn1_d2i_ex_primitive, ERR_R_MALLOC_FAILURE); return 0; } buf.data[len] = 0; @@ -959,7 +960,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, case V_ASN1_NULL: if (len) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NULL_IS_WRONG_LENGTH); + OPENSSL_PUT_ERROR(ASN1, asn1_ex_c2i, ASN1_R_NULL_IS_WRONG_LENGTH); goto err; } *pval = (ASN1_VALUE *)1; @@ -968,7 +969,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, case V_ASN1_BOOLEAN: if (len != 1) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_BOOLEAN_IS_WRONG_LENGTH); + OPENSSL_PUT_ERROR(ASN1, asn1_ex_c2i, ASN1_R_BOOLEAN_IS_WRONG_LENGTH); goto err; } else @@ -1015,12 +1016,12 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, default: if (utype == V_ASN1_BMPSTRING && (len & 1)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_BMPSTRING_IS_WRONG_LENGTH); + OPENSSL_PUT_ERROR(ASN1, asn1_ex_c2i, ASN1_R_BMPSTRING_IS_WRONG_LENGTH); goto err; } if (utype == V_ASN1_UNIVERSALSTRING && (len & 3)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH); + OPENSSL_PUT_ERROR(ASN1, asn1_ex_c2i, ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH); goto err; } /* All based on ASN1_STRING and handled the same */ @@ -1029,7 +1030,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, stmp = ASN1_STRING_type_new(utype); if (!stmp) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, asn1_ex_c2i, ERR_R_MALLOC_FAILURE); goto err; } *pval = (ASN1_VALUE *)stmp; @@ -1052,7 +1053,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, { if (!ASN1_STRING_set(stmp, cont, len)) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, asn1_ex_c2i, ERR_R_MALLOC_FAILURE); ASN1_STRING_free(stmp); *pval = NULL; goto err; @@ -1114,7 +1115,7 @@ static int asn1_find_end(const unsigned char **in, long len, char inf) if(!asn1_check_tlen(&plen, NULL, NULL, &inf, NULL, &p, len, -1, 0, 0, NULL)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, asn1_find_end, ASN1_R_NESTED_ASN1_ERROR); return 0; } if (inf) @@ -1125,7 +1126,7 @@ static int asn1_find_end(const unsigned char **in, long len, char inf) } if (expected_eoc) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_EOC); + OPENSSL_PUT_ERROR(ASN1, asn1_find_end, ASN1_R_MISSING_EOC); return 0; } *in = p; @@ -1172,7 +1173,7 @@ static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, * constructed form */ if (!inf) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNEXPECTED_EOC); + OPENSSL_PUT_ERROR(ASN1, asn1_collect, ASN1_R_UNEXPECTED_EOC); return 0; } inf = 0; @@ -1182,7 +1183,7 @@ static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, if (!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p, len, tag, aclass, 0, NULL)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, asn1_collect, ASN1_R_NESTED_ASN1_ERROR); return 0; } @@ -1191,7 +1192,7 @@ static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, { if (depth >= ASN1_MAX_STRING_NEST) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_STRING); + OPENSSL_PUT_ERROR(ASN1, asn1_collect, ASN1_R_NESTED_ASN1_STRING); return 0; } if (!asn1_collect(buf, &p, plen, ininf, tag, aclass, @@ -1204,7 +1205,7 @@ static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, } if (inf) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_EOC); + OPENSSL_PUT_ERROR(ASN1, asn1_collect, ASN1_R_MISSING_EOC); return 0; } *in = p; @@ -1219,7 +1220,7 @@ static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen) len = buf->length; if (!BUF_MEM_grow_clean(buf, len + plen)) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, collect_data, ERR_R_MALLOC_FAILURE); return 0; } memcpy(buf->data + len, *p, plen); @@ -1287,7 +1288,7 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, */ if (!(i & 0x81) && ((plen + ctx->hdrlen) > len)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, asn1_check_tlen, ASN1_R_TOO_LONG); asn1_tlc_clear(ctx); return 0; } @@ -1296,7 +1297,7 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, if (i & 0x80) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_BAD_OBJECT_HEADER); + OPENSSL_PUT_ERROR(ASN1, asn1_check_tlen, ASN1_R_BAD_OBJECT_HEADER); asn1_tlc_clear(ctx); return 0; } @@ -1309,7 +1310,7 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, */ if (opt) return -1; asn1_tlc_clear(ctx); - OPENSSL_PUT_ERROR(ASN1, ASN1_R_WRONG_TAG); + OPENSSL_PUT_ERROR(ASN1, asn1_check_tlen, ASN1_R_WRONG_TAG); return 0; } /* We have a tag and class match: diff --git a/src/crypto/asn1/tasn_new.c b/src/crypto/asn1/tasn_new.c index c68fe06..6d69dcb 100644 --- a/src/crypto/asn1/tasn_new.c +++ b/src/crypto/asn1/tasn_new.c @@ -209,7 +209,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, return 1; memerr: - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, asn1_item_ex_combine_new, ERR_R_MALLOC_FAILURE); ASN1_item_ex_free(pval, it); #ifdef CRYPTO_MDEBUG if (it->sname) CRYPTO_pop_info(); @@ -217,7 +217,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, return 0; auxerr: - OPENSSL_PUT_ERROR(ASN1, ASN1_R_AUX_ERROR); + OPENSSL_PUT_ERROR(ASN1, asn1_item_ex_combine_new, ASN1_R_AUX_ERROR); ASN1_item_ex_free(pval, it); #ifdef CRYPTO_MDEBUG if (it->sname) CRYPTO_pop_info(); @@ -289,7 +289,7 @@ int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) skval = sk_ASN1_VALUE_new_null(); if (!skval) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ASN1_template_new, ERR_R_MALLOC_FAILURE); ret = 0; goto done; } diff --git a/src/crypto/asn1/tasn_prn.c b/src/crypto/asn1/tasn_prn.c index 6a097a1..df19ff0 100644 --- a/src/crypto/asn1/tasn_prn.c +++ b/src/crypto/asn1/tasn_prn.c @@ -88,7 +88,7 @@ ASN1_PCTX *ASN1_PCTX_new(void) ret = OPENSSL_malloc(sizeof(ASN1_PCTX)); if (ret == NULL) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ASN1_PCTX_new, ERR_R_MALLOC_FAILURE); return NULL; } ret->flags = 0; diff --git a/src/crypto/asn1/tasn_utl.c b/src/crypto/asn1/tasn_utl.c index 960cdbb..ff3764e 100644 --- a/src/crypto/asn1/tasn_utl.c +++ b/src/crypto/asn1/tasn_utl.c @@ -260,7 +260,8 @@ const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, err: /* FIXME: should log the value or OID of unsupported type */ if (nullerr) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE); + OPENSSL_PUT_ERROR(ASN1, asn1_do_adb, + ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE); } return NULL; } diff --git a/src/crypto/asn1/x_long.c b/src/crypto/asn1/x_long.c index 7b1a6fe..5c2f96e 100644 --- a/src/crypto/asn1/x_long.c +++ b/src/crypto/asn1/x_long.c @@ -150,7 +150,7 @@ static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, unsigned long utmp = 0; char *cp = (char *)pval; if(len > (int)sizeof(long)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG); + OPENSSL_PUT_ERROR(ASN1, long_c2i, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG); return 0; } /* Is it negative? */ @@ -168,7 +168,7 @@ static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, ltmp = -ltmp; } if(ltmp == it->size) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG); + OPENSSL_PUT_ERROR(ASN1, long_c2i, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG); return 0; } memcpy(cp, <mp, sizeof(long)); diff --git a/src/crypto/base64/CMakeLists.txt b/src/crypto/base64/CMakeLists.txt index f1dba6c..42037a5 100644 --- a/src/crypto/base64/CMakeLists.txt +++ b/src/crypto/base64/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( base64 diff --git a/src/crypto/bio/CMakeLists.txt b/src/crypto/bio/CMakeLists.txt index 8de090a..dbf5951 100644 --- a/src/crypto/bio/CMakeLists.txt +++ b/src/crypto/bio/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( bio diff --git a/src/crypto/bio/bio.c b/src/crypto/bio/bio.c index 4bc98ba..5ac5911 100644 --- a/src/crypto/bio/bio.c +++ b/src/crypto/bio/bio.c @@ -90,7 +90,7 @@ static int bio_set(BIO *bio, const BIO_METHOD *method) { BIO *BIO_new(const BIO_METHOD *method) { BIO *ret = OPENSSL_malloc(sizeof(BIO)); if (ret == NULL) { - OPENSSL_PUT_ERROR(BIO, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BIO, BIO_new, ERR_R_MALLOC_FAILURE); return NULL; } @@ -153,7 +153,7 @@ static int bio_io(BIO *bio, void *buf, int len, size_t method_offset, } if (io_func == NULL) { - OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, bio_io, BIO_R_UNSUPPORTED_METHOD); return -2; } @@ -165,7 +165,7 @@ static int bio_io(BIO *bio, void *buf, int len, size_t method_offset, } if (!bio->init) { - OPENSSL_PUT_ERROR(BIO, BIO_R_UNINITIALIZED); + OPENSSL_PUT_ERROR(BIO, bio_io, BIO_R_UNINITIALIZED); return -2; } @@ -217,7 +217,7 @@ long BIO_ctrl(BIO *bio, int cmd, long larg, void *parg) { } if (bio->method == NULL || bio->method->ctrl == NULL) { - OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_ctrl, BIO_R_UNSUPPORTED_METHOD); return -2; } @@ -323,7 +323,7 @@ long BIO_callback_ctrl(BIO *bio, int cmd, bio_info_cb fp) { } if (bio->method == NULL || bio->method->callback_ctrl == NULL) { - OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_callback_ctrl, BIO_R_UNSUPPORTED_METHOD); return 0; } @@ -462,10 +462,6 @@ void BIO_print_errors(BIO *bio) { ERR_print_errors_cb(print_bio, bio); } -void ERR_print_errors(BIO *bio) { - BIO_print_errors(bio); -} - /* bio_read_all reads everything from |bio| and prepends |prefix| to it. On * success, |*out| is set to an allocated buffer (which should be freed with * |OPENSSL_free|), |*out_len| is set to its length and one is returned. The diff --git a/src/crypto/bio/bio_mem.c b/src/crypto/bio/bio_mem.c index ef56111..f3aad6f 100644 --- a/src/crypto/bio/bio_mem.c +++ b/src/crypto/bio/bio_mem.c @@ -70,7 +70,7 @@ BIO *BIO_new_mem_buf(void *buf, int len) { const size_t size = len < 0 ? strlen((char *)buf) : (size_t)len; if (!buf && len != 0) { - OPENSSL_PUT_ERROR(BIO, BIO_R_NULL_PARAMETER); + OPENSSL_PUT_ERROR(BIO, BIO_new_mem_buf, BIO_R_NULL_PARAMETER); return NULL; } @@ -167,7 +167,7 @@ static int mem_write(BIO *bio, const char *in, int inl) { b = (BUF_MEM *)bio->ptr; if (bio->flags & BIO_FLAGS_MEM_RDONLY) { - OPENSSL_PUT_ERROR(BIO, BIO_R_WRITE_TO_READ_ONLY_BIO); + OPENSSL_PUT_ERROR(BIO, mem_write, BIO_R_WRITE_TO_READ_ONLY_BIO); goto err; } diff --git a/src/crypto/bio/buffer.c b/src/crypto/bio/buffer.c index 9d0cb3c..3fc0685 100644 --- a/src/crypto/bio/buffer.c +++ b/src/crypto/bio/buffer.c @@ -406,7 +406,7 @@ static long buffer_ctrl(BIO *b, int cmd, long num, void *ptr) { return ret; malloc_error: - OPENSSL_PUT_ERROR(BIO, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BIO, buffer_ctrl, ERR_R_MALLOC_FAILURE); return 0; } diff --git a/src/crypto/bio/connect.c b/src/crypto/bio/connect.c index 2ed2def..32361bf 100644 --- a/src/crypto/bio/connect.c +++ b/src/crypto/bio/connect.c @@ -142,7 +142,7 @@ static int conn_state(BIO *bio, BIO_CONNECT *c) { case BIO_CONN_S_BEFORE: p = c->param_hostname; if (p == NULL) { - OPENSSL_PUT_ERROR(BIO, BIO_R_NO_HOSTNAME_SPECIFIED); + OPENSSL_PUT_ERROR(BIO, conn_state, BIO_R_NO_HOSTNAME_SPECIFIED); goto exit_loop; } for (; *p != 0; p++) { @@ -167,7 +167,7 @@ static int conn_state(BIO *bio, BIO_CONNECT *c) { } if (c->param_port == NULL) { - OPENSSL_PUT_ERROR(BIO, BIO_R_NO_PORT_SPECIFIED); + OPENSSL_PUT_ERROR(BIO, conn_state, BIO_R_NO_PORT_SPECIFIED); ERR_add_error_data(2, "host=", c->param_hostname); goto exit_loop; } @@ -175,7 +175,7 @@ static int conn_state(BIO *bio, BIO_CONNECT *c) { if (!bio_ip_and_port_to_socket_and_addr( &bio->num, &c->them, &c->them_length, c->param_hostname, c->param_port)) { - OPENSSL_PUT_ERROR(BIO, BIO_R_UNABLE_TO_CREATE_SOCKET); + OPENSSL_PUT_ERROR(BIO, conn_state, BIO_R_UNABLE_TO_CREATE_SOCKET); ERR_add_error_data(4, "host=", c->param_hostname, ":", c->param_port); goto exit_loop; } @@ -185,7 +185,7 @@ static int conn_state(BIO *bio, BIO_CONNECT *c) { if (c->nbio) { if (!bio_socket_nbio(bio->num, 1)) { - OPENSSL_PUT_ERROR(BIO, BIO_R_ERROR_SETTING_NBIO); + OPENSSL_PUT_ERROR(BIO, conn_state, BIO_R_ERROR_SETTING_NBIO); ERR_add_error_data(4, "host=", c->param_hostname, ":", c->param_port); goto exit_loop; @@ -197,7 +197,7 @@ static int conn_state(BIO *bio, BIO_CONNECT *c) { sizeof(i)); if (ret < 0) { OPENSSL_PUT_SYSTEM_ERROR(setsockopt); - OPENSSL_PUT_ERROR(BIO, BIO_R_KEEPALIVE); + OPENSSL_PUT_ERROR(BIO, conn_state, BIO_R_KEEPALIVE); ERR_add_error_data(4, "host=", c->param_hostname, ":", c->param_port); goto exit_loop; } @@ -211,7 +211,7 @@ static int conn_state(BIO *bio, BIO_CONNECT *c) { bio->retry_reason = BIO_RR_CONNECT; } else { OPENSSL_PUT_SYSTEM_ERROR(connect); - OPENSSL_PUT_ERROR(BIO, BIO_R_CONNECT_ERROR); + OPENSSL_PUT_ERROR(BIO, conn_state, BIO_R_CONNECT_ERROR); ERR_add_error_data(4, "host=", c->param_hostname, ":", c->param_port); } @@ -232,7 +232,7 @@ static int conn_state(BIO *bio, BIO_CONNECT *c) { } else { BIO_clear_retry_flags(bio); OPENSSL_PUT_SYSTEM_ERROR(connect); - OPENSSL_PUT_ERROR(BIO, BIO_R_NBIO_CONNECT_ERROR); + OPENSSL_PUT_ERROR(BIO, conn_state, BIO_R_NBIO_CONNECT_ERROR); ERR_add_error_data(4, "host=", c->param_hostname, ":", c->param_port); ret = 0; } @@ -464,7 +464,7 @@ static long conn_ctrl(BIO *bio, int cmd, long num, void *ptr) { break; case BIO_CTRL_SET_CALLBACK: { #if 0 /* FIXME: Should this be used? -- Richard Levitte */ - OPENSSL_PUT_ERROR(BIO, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(BIO, XXX, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); ret = -1; #else ret = 0; diff --git a/src/crypto/bio/file.c b/src/crypto/bio/file.c index 2d3ccfe..7f57aad 100644 --- a/src/crypto/bio/file.c +++ b/src/crypto/bio/file.c @@ -88,7 +88,7 @@ #define BIO_FP_APPEND 0x08 static FILE *open_file(const char *filename, const char *mode) { -#if defined(OPENSSL_WINDOWS) && defined(CP_UTF8) +#if defined(_WIN32) && defined(CP_UTF8) int sz, len_0 = (int)strlen(filename) + 1; DWORD flags; @@ -133,9 +133,9 @@ BIO *BIO_new_file(const char *filename, const char *mode) { ERR_add_error_data(5, "fopen('", filename, "','", mode, "')"); if (errno == ENOENT) { - OPENSSL_PUT_ERROR(BIO, BIO_R_NO_SUCH_FILE); + OPENSSL_PUT_ERROR(BIO, BIO_new_file, BIO_R_NO_SUCH_FILE); } else { - OPENSSL_PUT_ERROR(BIO, BIO_R_SYS_LIB); + OPENSSL_PUT_ERROR(BIO, BIO_new_file, BIO_R_SYS_LIB); } return NULL; } @@ -182,19 +182,20 @@ static int file_free(BIO *bio) { } static int file_read(BIO *b, char *out, int outl) { + int ret = 0; + if (!b->init) { return 0; } - size_t ret = fread(out, 1, outl, (FILE *)b->ptr); + ret = fread(out, 1, outl, (FILE *)b->ptr); if (ret == 0 && ferror((FILE *)b->ptr)) { OPENSSL_PUT_SYSTEM_ERROR(fread); - OPENSSL_PUT_ERROR(BIO, ERR_R_SYS_LIB); - return -1; + OPENSSL_PUT_ERROR(BIO, file_read, ERR_R_SYS_LIB); + ret = -1; } - /* fread reads at most |outl| bytes, so |ret| fits in an int. */ - return (int)ret; + return ret; } static int file_write(BIO *b, const char *in, int inl) { @@ -252,7 +253,7 @@ static long file_ctrl(BIO *b, int cmd, long num, void *ptr) { } else if (num & BIO_FP_READ) { BUF_strlcpy(p, "r", sizeof(p)); } else { - OPENSSL_PUT_ERROR(BIO, BIO_R_BAD_FOPEN_MODE); + OPENSSL_PUT_ERROR(BIO, file_ctrl, BIO_R_BAD_FOPEN_MODE); ret = 0; break; } @@ -260,7 +261,7 @@ static long file_ctrl(BIO *b, int cmd, long num, void *ptr) { if (fp == NULL) { OPENSSL_PUT_SYSTEM_ERROR(fopen); ERR_add_error_data(5, "fopen('", ptr, "','", p, "')"); - OPENSSL_PUT_ERROR(BIO, ERR_R_SYS_LIB); + OPENSSL_PUT_ERROR(BIO, file_ctrl, ERR_R_SYS_LIB); ret = 0; break; } diff --git a/src/crypto/bio/pair.c b/src/crypto/bio/pair.c index 6f78890..cc55950 100644 --- a/src/crypto/bio/pair.c +++ b/src/crypto/bio/pair.c @@ -181,25 +181,27 @@ int BIO_zero_copy_get_read_buf(BIO* bio, uint8_t** out_read_buf, BIO_clear_retry_flags(bio); if (!bio->init) { - OPENSSL_PUT_ERROR(BIO, BIO_R_UNINITIALIZED); + OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf, BIO_R_UNINITIALIZED); return 0; } b = bio->ptr; if (!b || !b->peer) { - OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf, + BIO_R_UNSUPPORTED_METHOD); return 0; } peer_b = b->peer->ptr; if (!peer_b || !peer_b->peer || peer_b->peer->ptr != b) { - OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf, + BIO_R_UNSUPPORTED_METHOD); return 0; } if (peer_b->zero_copy_read_lock) { - OPENSSL_PUT_ERROR(BIO, BIO_R_INVALID_ARGUMENT); + OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf, BIO_R_INVALID_ARGUMENT); return 0; } @@ -227,32 +229,37 @@ int BIO_zero_copy_get_read_buf_done(BIO* bio, size_t bytes_read) { assert(BIO_get_retry_flags(bio) == 0); if (!bio->init) { - OPENSSL_PUT_ERROR(BIO, BIO_R_UNINITIALIZED); + OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf_done, + BIO_R_UNINITIALIZED); return 0; } b = bio->ptr; if (!b || !b->peer) { - OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf_done, + BIO_R_UNSUPPORTED_METHOD); return 0; } peer_b = b->peer->ptr; if (!peer_b || !peer_b->peer || peer_b->peer->ptr != b) { - OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf_done, + BIO_R_UNSUPPORTED_METHOD); return 0; } if (!peer_b->zero_copy_read_lock) { - OPENSSL_PUT_ERROR(BIO, BIO_R_INVALID_ARGUMENT); + OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf_done, + BIO_R_INVALID_ARGUMENT); return 0; } max_available = bio_zero_copy_get_read_buf(peer_b, &dummy_read_buf, &dummy_read_offset); if (bytes_read > max_available) { - OPENSSL_PUT_ERROR(BIO, BIO_R_INVALID_ARGUMENT); + OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf_done, + BIO_R_INVALID_ARGUMENT); return 0; } @@ -311,33 +318,35 @@ int BIO_zero_copy_get_write_buf(BIO* bio, uint8_t** out_write_buf, BIO_clear_retry_flags(bio); if (!bio->init) { - OPENSSL_PUT_ERROR(BIO, BIO_R_UNINITIALIZED); + OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf, BIO_R_UNINITIALIZED); return 0; } b = bio->ptr; if (!b || !b->buf || !b->peer) { - OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf, + BIO_R_UNSUPPORTED_METHOD); return 0; } peer_b = b->peer->ptr; if (!peer_b || !peer_b->peer || peer_b->peer->ptr != b) { - OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf, + BIO_R_UNSUPPORTED_METHOD); return 0; } assert(b->buf != NULL); if (b->zero_copy_write_lock) { - OPENSSL_PUT_ERROR(BIO, BIO_R_INVALID_ARGUMENT); + OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf, BIO_R_INVALID_ARGUMENT); return 0; } b->request = 0; if (b->closed) { /* Bio is already closed. */ - OPENSSL_PUT_ERROR(BIO, BIO_R_BROKEN_PIPE); + OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf, BIO_R_BROKEN_PIPE); return 0; } @@ -360,38 +369,43 @@ int BIO_zero_copy_get_write_buf_done(BIO* bio, size_t bytes_written) { uint8_t* dummy_write_buf; if (!bio->init) { - OPENSSL_PUT_ERROR(BIO, BIO_R_UNINITIALIZED); + OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf_done, + BIO_R_UNINITIALIZED); return 0; } b = bio->ptr; if (!b || !b->buf || !b->peer) { - OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf_done, + BIO_R_UNSUPPORTED_METHOD); return 0; } peer_b = b->peer->ptr; if (!peer_b || !peer_b->peer || peer_b->peer->ptr != b) { - OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf_done, + BIO_R_UNSUPPORTED_METHOD); return 0; } b->request = 0; if (b->closed) { /* BIO is already closed. */ - OPENSSL_PUT_ERROR(BIO, BIO_R_BROKEN_PIPE); + OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf_done, BIO_R_BROKEN_PIPE); return 0; } if (!b->zero_copy_write_lock) { - OPENSSL_PUT_ERROR(BIO, BIO_R_INVALID_ARGUMENT); + OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf_done, + BIO_R_INVALID_ARGUMENT); return 0; } rest = bio_zero_copy_get_write_buf(b, &dummy_write_buf, &dummy_write_offset); if (bytes_written > rest) { - OPENSSL_PUT_ERROR(BIO, BIO_R_INVALID_ARGUMENT); + OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf_done, + BIO_R_INVALID_ARGUMENT); return 0; } @@ -511,7 +525,7 @@ static int bio_write(BIO *bio, const char *buf, int num_) { b->request = 0; if (b->closed) { /* we already closed */ - OPENSSL_PUT_ERROR(BIO, BIO_R_BROKEN_PIPE); + OPENSSL_PUT_ERROR(BIO, bio_write, BIO_R_BROKEN_PIPE); return -1; } @@ -576,7 +590,7 @@ static int bio_make_pair(BIO* bio1, BIO* bio2, b2 = bio2->ptr; if (b1->peer != NULL || b2->peer != NULL) { - OPENSSL_PUT_ERROR(BIO, BIO_R_IN_USE); + OPENSSL_PUT_ERROR(BIO, bio_make_pair, BIO_R_IN_USE); return 0; } @@ -591,7 +605,7 @@ static int bio_make_pair(BIO* bio1, BIO* bio2, b1->buf_externally_allocated = 0; b1->buf = OPENSSL_malloc(b1->size); if (b1->buf == NULL) { - OPENSSL_PUT_ERROR(BIO, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BIO, bio_make_pair, ERR_R_MALLOC_FAILURE); return 0; } } else { @@ -610,7 +624,7 @@ static int bio_make_pair(BIO* bio1, BIO* bio2, b2->buf_externally_allocated = 0; b2->buf = OPENSSL_malloc(b2->size); if (b2->buf == NULL) { - OPENSSL_PUT_ERROR(BIO, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BIO, bio_make_pair, ERR_R_MALLOC_FAILURE); return 0; } } else { diff --git a/src/crypto/bio/printf.c b/src/crypto/bio/printf.c index 2f5ae4a..f51b396 100644 --- a/src/crypto/bio/printf.c +++ b/src/crypto/bio/printf.c @@ -95,7 +95,7 @@ int BIO_printf(BIO *bio, const char *format, ...) { out = OPENSSL_malloc(requested_len + 1); out_malloced = 1; if (out == NULL) { - OPENSSL_PUT_ERROR(BIO, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BIO, BIO_printf, ERR_R_MALLOC_FAILURE); return -1; } va_start(args, format); diff --git a/src/crypto/bio/socket_helper.c b/src/crypto/bio/socket_helper.c index 01f635e..b1cdd1a 100644 --- a/src/crypto/bio/socket_helper.c +++ b/src/crypto/bio/socket_helper.c @@ -12,8 +12,7 @@ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -#undef _POSIX_C_SOURCE -#define _POSIX_C_SOURCE 200112L +#define _POSIX_SOURCE #include #include @@ -51,7 +50,7 @@ int bio_ip_and_port_to_socket_and_addr(int *out_sock, ret = getaddrinfo(hostname, port_str, &hint, &result); if (ret != 0) { - OPENSSL_PUT_ERROR(SYS, 0); + OPENSSL_PUT_ERROR(SYS, getaddrinfo, 0); ERR_add_error_data(1, gai_strerror(ret)); return 0; } diff --git a/src/crypto/bn/CMakeLists.txt b/src/crypto/bn/CMakeLists.txt index 232e40a..2e0cb45 100644 --- a/src/crypto/bn/CMakeLists.txt +++ b/src/crypto/bn/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) if (${ARCH} STREQUAL "x86_64") set( @@ -39,7 +39,6 @@ add_library( add.c asm/x86_64-gcc.c bn.c - bn_asn1.c cmp.c convert.c ctx.c diff --git a/src/crypto/bn/add.c b/src/crypto/bn/add.c index a043d83..1c6b2d7 100644 --- a/src/crypto/bn/add.c +++ b/src/crypto/bn/add.c @@ -267,7 +267,7 @@ int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) { if (dif < 0) /* hmm... should not be happening */ { - OPENSSL_PUT_ERROR(BN, BN_R_ARG2_LT_ARG3); + OPENSSL_PUT_ERROR(BN, BN_usub, BN_R_ARG2_LT_ARG3); return 0; } diff --git a/src/crypto/bn/asm/armv4-mont.pl b/src/crypto/bn/asm/armv4-mont.pl index 4206fd8..0f1b6a9 100644 --- a/src/crypto/bn/asm/armv4-mont.pl +++ b/src/crypto/bn/asm/armv4-mont.pl @@ -79,7 +79,7 @@ $_n0="$num,#14*4"; $_num="$num,#15*4"; $_bpend=$_num; $code=<<___; -#include +#include "arm_arch.h" .text .code 32 diff --git a/src/crypto/bn/bn.c b/src/crypto/bn/bn.c index b342749..f32d6b0 100644 --- a/src/crypto/bn/bn.c +++ b/src/crypto/bn/bn.c @@ -69,7 +69,7 @@ BIGNUM *BN_new(void) { BIGNUM *bn = OPENSSL_malloc(sizeof(BIGNUM)); if (bn == NULL) { - OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BN, BN_new, ERR_R_MALLOC_FAILURE); return NULL; } @@ -279,26 +279,26 @@ void BN_set_negative(BIGNUM *bn, int sign) { } } -BIGNUM *bn_wexpand(BIGNUM *bn, size_t words) { +BIGNUM *bn_wexpand(BIGNUM *bn, unsigned words) { BN_ULONG *a; - if (words <= (size_t)bn->dmax) { + if (words <= (unsigned) bn->dmax) { return bn; } if (words > (INT_MAX / (4 * BN_BITS2))) { - OPENSSL_PUT_ERROR(BN, BN_R_BIGNUM_TOO_LONG); + OPENSSL_PUT_ERROR(BN, bn_wexpand, BN_R_BIGNUM_TOO_LONG); return NULL; } if (bn->flags & BN_FLG_STATIC_DATA) { - OPENSSL_PUT_ERROR(BN, BN_R_EXPAND_ON_STATIC_BIGNUM_DATA); + OPENSSL_PUT_ERROR(BN, bn_wexpand, BN_R_EXPAND_ON_STATIC_BIGNUM_DATA); return NULL; } a = (BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG) * words); if (a == NULL) { - OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BN, bn_wexpand, ERR_R_MALLOC_FAILURE); return NULL; } @@ -306,16 +306,12 @@ BIGNUM *bn_wexpand(BIGNUM *bn, size_t words) { OPENSSL_free(bn->d); bn->d = a; - bn->dmax = (int)words; + bn->dmax = words; return bn; } -BIGNUM *bn_expand(BIGNUM *bn, size_t bits) { - if (bits + BN_BITS2 - 1 < bits) { - OPENSSL_PUT_ERROR(BN, BN_R_BIGNUM_TOO_LONG); - return NULL; - } +BIGNUM *bn_expand(BIGNUM *bn, unsigned bits) { return bn_wexpand(bn, (bits+BN_BITS2-1)/BN_BITS2); } diff --git a/src/crypto/bn/bn_asn1.c b/src/crypto/bn/bn_asn1.c deleted file mode 100644 index 9d70ba8..0000000 --- a/src/crypto/bn/bn_asn1.c +++ /dev/null @@ -1,93 +0,0 @@ -/* Copyright (c) 2015, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -#include - -#include -#include - - -int BN_cbs2unsigned(CBS *cbs, BIGNUM *ret) { - CBS child; - if (!CBS_get_asn1(cbs, &child, CBS_ASN1_INTEGER) || - CBS_len(&child) == 0) { - OPENSSL_PUT_ERROR(BN, BN_R_BAD_ENCODING); - return 0; - } - - if (CBS_data(&child)[0] & 0x80) { - OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER); - return 0; - } - - /* INTEGERs must be minimal. */ - if (CBS_data(&child)[0] == 0x00 && - CBS_len(&child) > 1 && - !(CBS_data(&child)[1] & 0x80)) { - OPENSSL_PUT_ERROR(BN, BN_R_BAD_ENCODING); - return 0; - } - - return BN_bin2bn(CBS_data(&child), CBS_len(&child), ret) != NULL; -} - -int BN_cbs2unsigned_buggy(CBS *cbs, BIGNUM *ret) { - CBS child; - if (!CBS_get_asn1(cbs, &child, CBS_ASN1_INTEGER) || - CBS_len(&child) == 0) { - OPENSSL_PUT_ERROR(BN, BN_R_BAD_ENCODING); - return 0; - } - - /* This function intentionally does not reject negative numbers or non-minimal - * encodings. Estonian IDs issued between September 2014 to September 2015 are - * broken. See https://crbug.com/532048 and https://crbug.com/534766. - * - * TODO(davidben): Remove this code and callers in March 2016. */ - return BN_bin2bn(CBS_data(&child), CBS_len(&child), ret) != NULL; -} - -int BN_bn2cbb(CBB *cbb, const BIGNUM *bn) { - /* Negative numbers are unsupported. */ - if (BN_is_negative(bn)) { - OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER); - return 0; - } - - CBB child; - if (!CBB_add_asn1(cbb, &child, CBS_ASN1_INTEGER)) { - OPENSSL_PUT_ERROR(BN, BN_R_ENCODE_ERROR); - return 0; - } - - /* The number must be padded with a leading zero if the high bit would - * otherwise be set (or |bn| is zero). */ - if (BN_num_bits(bn) % 8 == 0 && - !CBB_add_u8(&child, 0x00)) { - OPENSSL_PUT_ERROR(BN, BN_R_ENCODE_ERROR); - return 0; - } - - uint8_t *out; - if (!CBB_add_space(&child, &out, BN_num_bytes(bn))) { - OPENSSL_PUT_ERROR(BN, BN_R_ENCODE_ERROR); - return 0; - } - BN_bn2bin(bn, out); - if (!CBB_flush(cbb)) { - OPENSSL_PUT_ERROR(BN, BN_R_ENCODE_ERROR); - return 0; - } - return 1; -} diff --git a/src/crypto/bn/bn_test.cc b/src/crypto/bn/bn_test.cc index 47093a7..6a7d48c 100644 --- a/src/crypto/bn/bn_test.cc +++ b/src/crypto/bn/bn_test.cc @@ -82,7 +82,6 @@ #include #include "../crypto/test/scoped_types.h" -#include "../crypto/test/test_util.h" // This program tests the BIGNUM implementation. It takes an optional -bc @@ -118,13 +117,11 @@ static bool test_exp_mod_zero(void); static bool test_small_prime(FILE *fp, BN_CTX *ctx); static bool test_mod_exp_mont5(FILE *fp, BN_CTX *ctx); static bool test_sqrt(FILE *fp, BN_CTX *ctx); -static bool test_bn2bin_padded(BN_CTX *ctx); -static bool test_dec2bn(BN_CTX *ctx); -static bool test_hex2bn(BN_CTX *ctx); -static bool test_asc2bn(BN_CTX *ctx); -static bool test_mpi(); +static bool test_bn2bin_padded(FILE *fp, BN_CTX *ctx); +static bool test_dec2bn(FILE *fp, BN_CTX *ctx); +static bool test_hex2bn(FILE *fp, BN_CTX *ctx); +static bool test_asc2bn(FILE *fp, BN_CTX *ctx); static bool test_rand(); -static bool test_asn1(); static const uint8_t kSample[] = "\xC6\x4F\x43\x04\x2A\xEA\xCA\x6E\x58\x36\x80\x5B\xE8\xC9" @@ -314,15 +311,35 @@ int main(int argc, char *argv[]) { } flush_fp(bc_file.get()); - if (!test_bn2bin_padded(ctx.get()) || - !test_dec2bn(ctx.get()) || - !test_hex2bn(ctx.get()) || - !test_asc2bn(ctx.get()) || - !test_mpi() || - !test_rand() || - !test_asn1()) { + message(bc_file.get(), "BN_bn2bin_padded"); + if (!test_bn2bin_padded(bc_file.get(), ctx.get())) { return 1; } + flush_fp(bc_file.get()); + + message(bc_file.get(), "BN_dec2bn"); + if (!test_dec2bn(bc_file.get(), ctx.get())) { + return 1; + } + flush_fp(bc_file.get()); + + message(bc_file.get(), "BN_hex2bn"); + if (!test_hex2bn(bc_file.get(), ctx.get())) { + return 1; + } + flush_fp(bc_file.get()); + + message(bc_file.get(), "BN_asc2bn"); + if (!test_asc2bn(bc_file.get(), ctx.get())) { + return 1; + } + flush_fp(bc_file.get()); + + message(bc_file.get(), "BN_rand"); + if (!test_rand()) { + return 1; + } + flush_fp(bc_file.get()); printf("PASS\n"); return 0; @@ -423,16 +440,6 @@ static bool test_div(FILE *fp, BN_CTX *ctx) { return false; } - if (!BN_one(a.get())) { - return false; - } - BN_zero(b.get()); - if (BN_div(d.get(), c.get(), a.get(), b.get(), ctx)) { - fprintf(stderr, "Division by zero succeeded!\n"); - return false; - } - ERR_clear_error(); - for (int i = 0; i < num0 + num1; i++) { if (i < num1) { if (!BN_rand(a.get(), 400, 0, 0) || @@ -830,17 +837,18 @@ static bool test_div_word(FILE *fp) { } for (int i = 0; i < num0; i++) { + BN_ULONG s; do { if (!BN_rand(a.get(), 512, -1, 0) || !BN_rand(b.get(), BN_BITS2, -1, 0)) { return false; } - } while (BN_is_zero(b.get())); + s = b->d[0]; + } while (!s); if (!BN_copy(b.get(), a.get())) { return false; } - BN_ULONG s = b->d[0]; BN_ULONG r = BN_div_word(b.get(), s); if (r == (BN_ULONG)-1) { return false; @@ -883,27 +891,8 @@ static bool test_mont(FILE *fp, BN_CTX *ctx) { ScopedBIGNUM B(BN_new()); ScopedBIGNUM n(BN_new()); ScopedBN_MONT_CTX mont(BN_MONT_CTX_new()); - if (!a || !b || !c || !d || !A || !B || !n || !mont) { - return false; - } - - BN_zero(n.get()); - if (BN_MONT_CTX_set(mont.get(), n.get(), ctx)) { - fprintf(stderr, "BN_MONT_CTX_set succeeded for zero modulus!\n"); - return false; - } - ERR_clear_error(); - - if (!BN_set_word(n.get(), 16)) { - return false; - } - if (BN_MONT_CTX_set(mont.get(), n.get(), ctx)) { - fprintf(stderr, "BN_MONT_CTX_set succeeded for even modulus!\n"); - return false; - } - ERR_clear_error(); - - if (!BN_rand(a.get(), 100, 0, 0) || + if (!a || !b || !c || !d || !A || !B || !n || !mont || + !BN_rand(a.get(), 100, 0, 0) || !BN_rand(b.get(), 100, 0, 0)) { return false; } @@ -943,7 +932,6 @@ static bool test_mont(FILE *fp, BN_CTX *ctx) { return false; } } - return true; } @@ -997,16 +985,6 @@ static bool test_mod_mul(FILE *fp, BN_CTX *ctx) { return false; } - if (!BN_one(a.get()) || !BN_one(b.get())) { - return false; - } - BN_zero(c.get()); - if (BN_mod_mul(e.get(), a.get(), b.get(), c.get(), ctx)) { - fprintf(stderr, "BN_mod_mul with zero modulus succeeded!\n"); - return false; - } - ERR_clear_error(); - for (int j = 0; j < 3; j++) { if (!BN_rand(c.get(), 1024, 0, 0)) { return false; @@ -1061,21 +1039,8 @@ static bool test_mod_exp(FILE *fp, BN_CTX *ctx) { ScopedBIGNUM c(BN_new()); ScopedBIGNUM d(BN_new()); ScopedBIGNUM e(BN_new()); - if (!a || !b || !c || !d || !e) { - return false; - } - - if (!BN_one(a.get()) || !BN_one(b.get())) { - return false; - } - BN_zero(c.get()); - if (BN_mod_exp(d.get(), a.get(), b.get(), c.get(), ctx)) { - fprintf(stderr, "BN_mod_exp with zero modulus succeeded!\n"); - return 0; - } - ERR_clear_error(); - - if (!BN_rand(c.get(), 30, 0, 1)) { // must be odd for montgomery + if (!a || !b || !c || !d || !e || + !BN_rand(c.get(), 30, 0, 1)) { // must be odd for montgomery return false; } for (int i = 0; i < num2; i++) { @@ -1114,32 +1079,8 @@ static bool test_mod_exp_mont_consttime(FILE *fp, BN_CTX *ctx) { ScopedBIGNUM c(BN_new()); ScopedBIGNUM d(BN_new()); ScopedBIGNUM e(BN_new()); - if (!a || !b || !c || !d || !e) { - return false; - } - - if (!BN_one(a.get()) || !BN_one(b.get())) { - return false; - } - BN_zero(c.get()); - if (BN_mod_exp_mont_consttime(d.get(), a.get(), b.get(), c.get(), ctx, - nullptr)) { - fprintf(stderr, "BN_mod_exp_mont_consttime with zero modulus succeeded!\n"); - return 0; - } - ERR_clear_error(); - - if (!BN_set_word(c.get(), 16)) { - return false; - } - if (BN_mod_exp_mont_consttime(d.get(), a.get(), b.get(), c.get(), ctx, - nullptr)) { - fprintf(stderr, "BN_mod_exp_mont_consttime with even modulus succeeded!\n"); - return 0; - } - ERR_clear_error(); - - if (!BN_rand(c.get(), 30, 0, 1)) { // must be odd for montgomery + if (!a || !b || !c || !d || !e || + !BN_rand(c.get(), 30, 0, 1)) { // must be odd for montgomery return false; } for (int i = 0; i < num2; i++) { @@ -1267,9 +1208,8 @@ static bool test_exp(FILE *fp, BN_CTX *ctx) { if (!BN_one(e.get())) { return false; } - while (!BN_is_zero(b.get())) { - if (!BN_mul(e.get(), e.get(), a.get(), ctx) || - !BN_sub(b.get(), b.get(), BN_value_one())) { + for (; !BN_is_zero(b.get()); BN_sub(b.get(), b.get(), BN_value_one())) { + if (!BN_mul(e.get(), e.get(), a.get(), ctx)) { return false; } } @@ -1431,7 +1371,7 @@ static bool test_sqrt(FILE *fp, BN_CTX *ctx) { return true; } -static bool test_bn2bin_padded(BN_CTX *ctx) { +static bool test_bn2bin_padded(FILE *fp, BN_CTX *ctx) { uint8_t zeros[256], out[256], reference[128]; memset(zeros, 0, sizeof(zeros)); @@ -1508,7 +1448,7 @@ static int DecimalToBIGNUM(ScopedBIGNUM *out, const char *in) { return ret; } -static bool test_dec2bn(BN_CTX *ctx) { +static bool test_dec2bn(FILE *fp, BN_CTX *ctx) { ScopedBIGNUM bn; int ret = DecimalToBIGNUM(&bn, "0"); if (ret != 1 || !BN_is_zero(bn.get()) || BN_is_negative(bn.get())) { @@ -1550,7 +1490,7 @@ static int HexToBIGNUM(ScopedBIGNUM *out, const char *in) { return ret; } -static bool test_hex2bn(BN_CTX *ctx) { +static bool test_hex2bn(FILE *fp, BN_CTX *ctx) { ScopedBIGNUM bn; int ret = HexToBIGNUM(&bn, "0"); if (ret != 1 || !BN_is_zero(bn.get()) || BN_is_negative(bn.get())) { @@ -1593,7 +1533,7 @@ static ScopedBIGNUM ASCIIToBIGNUM(const char *in) { return ScopedBIGNUM(raw); } -static bool test_asc2bn(BN_CTX *ctx) { +static bool test_asc2bn(FILE *fp, BN_CTX *ctx) { ScopedBIGNUM bn = ASCIIToBIGNUM("0"); if (!bn || !BN_is_zero(bn.get()) || BN_is_negative(bn.get())) { fprintf(stderr, "BN_asc2bn gave a bad result.\n"); @@ -1645,63 +1585,6 @@ static bool test_asc2bn(BN_CTX *ctx) { return true; } -struct MPITest { - const char *base10; - const char *mpi; - size_t mpi_len; -}; - -static const MPITest kMPITests[] = { - { "0", "\x00\x00\x00\x00", 4 }, - { "1", "\x00\x00\x00\x01\x01", 5 }, - { "-1", "\x00\x00\x00\x01\x81", 5 }, - { "128", "\x00\x00\x00\x02\x00\x80", 6 }, - { "256", "\x00\x00\x00\x02\x01\x00", 6 }, - { "-256", "\x00\x00\x00\x02\x81\x00", 6 }, -}; - -static bool test_mpi() { - uint8_t scratch[8]; - - for (size_t i = 0; i < sizeof(kMPITests) / sizeof(kMPITests[0]); i++) { - const MPITest &test = kMPITests[i]; - ScopedBIGNUM bn(ASCIIToBIGNUM(test.base10)); - const size_t mpi_len = BN_bn2mpi(bn.get(), NULL); - if (mpi_len > sizeof(scratch)) { - fprintf(stderr, "MPI test #%u: MPI size is too large to test.\n", - (unsigned)i); - return false; - } - - const size_t mpi_len2 = BN_bn2mpi(bn.get(), scratch); - if (mpi_len != mpi_len2) { - fprintf(stderr, "MPI test #%u: length changes.\n", (unsigned)i); - return false; - } - - if (mpi_len != test.mpi_len || - memcmp(test.mpi, scratch, mpi_len) != 0) { - fprintf(stderr, "MPI test #%u failed:\n", (unsigned)i); - hexdump(stderr, "Expected: ", test.mpi, test.mpi_len); - hexdump(stderr, "Got: ", scratch, mpi_len); - return false; - } - - ScopedBIGNUM bn2(BN_mpi2bn(scratch, mpi_len, NULL)); - if (bn2.get() == nullptr) { - fprintf(stderr, "MPI test #%u: failed to parse\n", (unsigned)i); - return false; - } - - if (BN_cmp(bn.get(), bn2.get()) != 0) { - fprintf(stderr, "MPI test #%u: wrong result\n", (unsigned)i); - return false; - } - } - - return true; -} - static bool test_rand() { ScopedBIGNUM bn(BN_new()); if (!bn) { @@ -1745,170 +1628,3 @@ static bool test_rand() { return true; } - -struct ASN1Test { - const char *value_ascii; - const char *der; - size_t der_len; -}; - -static const ASN1Test kASN1Tests[] = { - {"0", "\x02\x01\x00", 3}, - {"1", "\x02\x01\x01", 3}, - {"127", "\x02\x01\x7f", 3}, - {"128", "\x02\x02\x00\x80", 4}, - {"0xdeadbeef", "\x02\x05\x00\xde\xad\xbe\xef", 7}, - {"0x0102030405060708", - "\x02\x08\x01\x02\x03\x04\x05\x06\x07\x08", 10}, - {"0xffffffffffffffff", - "\x02\x09\x00\xff\xff\xff\xff\xff\xff\xff\xff", 11}, -}; - -struct ASN1InvalidTest { - const char *der; - size_t der_len; -}; - -static const ASN1InvalidTest kASN1InvalidTests[] = { - // Bad tag. - {"\x03\x01\x00", 3}, - // Empty contents. - {"\x02\x00", 2}, -}; - -// kASN1BuggyTests are incorrect encodings and how |BN_cbs2unsigned_buggy| -// should interpret them. -static const ASN1Test kASN1BuggyTests[] = { - // Negative numbers. - {"128", "\x02\x01\x80", 3}, - {"255", "\x02\x01\xff", 3}, - // Unnecessary leading zeros. - {"1", "\x02\x02\x00\x01", 4}, -}; - -static bool test_asn1() { - for (const ASN1Test &test : kASN1Tests) { - ScopedBIGNUM bn = ASCIIToBIGNUM(test.value_ascii); - if (!bn) { - return false; - } - - // Test that the input is correctly parsed. - ScopedBIGNUM bn2(BN_new()); - if (!bn2) { - return false; - } - CBS cbs; - CBS_init(&cbs, reinterpret_cast(test.der), test.der_len); - if (!BN_cbs2unsigned(&cbs, bn2.get()) || CBS_len(&cbs) != 0) { - fprintf(stderr, "Parsing ASN.1 INTEGER failed.\n"); - return false; - } - if (BN_cmp(bn.get(), bn2.get()) != 0) { - fprintf(stderr, "Bad parse.\n"); - return false; - } - - // Test the value serializes correctly. - CBB cbb; - uint8_t *der; - size_t der_len; - CBB_zero(&cbb); - if (!CBB_init(&cbb, 0) || - !BN_bn2cbb(&cbb, bn.get()) || - !CBB_finish(&cbb, &der, &der_len)) { - CBB_cleanup(&cbb); - return false; - } - ScopedOpenSSLBytes delete_der(der); - if (der_len != test.der_len || - memcmp(der, reinterpret_cast(test.der), der_len) != 0) { - fprintf(stderr, "Bad serialization.\n"); - return false; - } - - // |BN_cbs2unsigned_buggy| parses all valid input. - CBS_init(&cbs, reinterpret_cast(test.der), test.der_len); - if (!BN_cbs2unsigned_buggy(&cbs, bn2.get()) || CBS_len(&cbs) != 0) { - fprintf(stderr, "Parsing ASN.1 INTEGER failed.\n"); - return false; - } - if (BN_cmp(bn.get(), bn2.get()) != 0) { - fprintf(stderr, "Bad parse.\n"); - return false; - } - } - - for (const ASN1InvalidTest &test : kASN1InvalidTests) { - ScopedBIGNUM bn(BN_new()); - if (!bn) { - return false; - } - CBS cbs; - CBS_init(&cbs, reinterpret_cast(test.der), test.der_len); - if (BN_cbs2unsigned(&cbs, bn.get())) { - fprintf(stderr, "Parsed invalid input.\n"); - return false; - } - ERR_clear_error(); - - // All tests in kASN1InvalidTests are also rejected by - // |BN_cbs2unsigned_buggy|. - CBS_init(&cbs, reinterpret_cast(test.der), test.der_len); - if (BN_cbs2unsigned_buggy(&cbs, bn.get())) { - fprintf(stderr, "Parsed invalid input.\n"); - return false; - } - ERR_clear_error(); - } - - for (const ASN1Test &test : kASN1BuggyTests) { - // These broken encodings are rejected by |BN_cbs2unsigned|. - ScopedBIGNUM bn(BN_new()); - if (!bn) { - return false; - } - - CBS cbs; - CBS_init(&cbs, reinterpret_cast(test.der), test.der_len); - if (BN_cbs2unsigned(&cbs, bn.get())) { - fprintf(stderr, "Parsed invalid input.\n"); - return false; - } - ERR_clear_error(); - - // However |BN_cbs2unsigned_buggy| accepts them. - ScopedBIGNUM bn2 = ASCIIToBIGNUM(test.value_ascii); - if (!bn2) { - return false; - } - - CBS_init(&cbs, reinterpret_cast(test.der), test.der_len); - if (!BN_cbs2unsigned_buggy(&cbs, bn.get()) || CBS_len(&cbs) != 0) { - fprintf(stderr, "Parsing (invalid) ASN.1 INTEGER failed.\n"); - return false; - } - - if (BN_cmp(bn.get(), bn2.get()) != 0) { - fprintf(stderr, "\"Bad\" parse.\n"); - return false; - } - } - - // Serializing negative numbers is not supported. - ScopedBIGNUM bn = ASCIIToBIGNUM("-1"); - if (!bn) { - return false; - } - CBB cbb; - CBB_zero(&cbb); - if (!CBB_init(&cbb, 0) || - BN_bn2cbb(&cbb, bn.get())) { - fprintf(stderr, "Serialized negative number.\n"); - CBB_cleanup(&cbb); - return false; - } - CBB_cleanup(&cbb); - - return true; -} diff --git a/src/crypto/bn/convert.c b/src/crypto/bn/convert.c index 0122709..531b661 100644 --- a/src/crypto/bn/convert.c +++ b/src/crypto/bn/convert.c @@ -56,9 +56,7 @@ #include -#include #include -#include #include #include @@ -69,8 +67,7 @@ #include "internal.h" BIGNUM *BN_bin2bn(const uint8_t *in, size_t len, BIGNUM *ret) { - size_t num_words; - unsigned m; + unsigned num_words, m; BN_ULONG word = 0; BIGNUM *bn = NULL; @@ -96,10 +93,7 @@ BIGNUM *BN_bin2bn(const uint8_t *in, size_t len, BIGNUM *ret) { return NULL; } - /* |bn_wexpand| must check bounds on |num_words| to write it into - * |ret->dmax|. */ - assert(num_words <= INT_MAX); - ret->top = (int)num_words; + ret->top = num_words; ret->neg = 0; while (len--) { @@ -204,7 +198,7 @@ char *BN_bn2hex(const BIGNUM *bn) { buf = (char *)OPENSSL_malloc(bn->top * BN_BYTES * 2 + 2); if (buf == NULL) { - OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BN, BN_bn2hex, ERR_R_MALLOC_FAILURE); return NULL; } @@ -233,59 +227,47 @@ char *BN_bn2hex(const BIGNUM *bn) { return buf; } -/* decode_hex decodes |in_len| bytes of hex data from |in| and updates |bn|. */ -static int decode_hex(BIGNUM *bn, const char *in, int in_len) { - if (in_len > INT_MAX/4) { - OPENSSL_PUT_ERROR(BN, BN_R_BIGNUM_TOO_LONG); - return 0; - } - /* |in_len| is the number of hex digits. */ - if (bn_expand(bn, in_len * 4) == NULL) { - return 0; - } +/* decode_hex decodes |i| bytes of hex data from |in| and updates |bn|. */ +static void decode_hex(BIGNUM *bn, const char *in, int i) { + int h, m, j, k, c; + BN_ULONG l=0; + + j = i; /* least significant 'hex' */ + h = 0; + while (j > 0) { + m = ((BN_BYTES * 2) <= j) ? (BN_BYTES * 2) : j; + l = 0; + for (;;) { + c = in[j - m]; + if ((c >= '0') && (c <= '9')) { + k = c - '0'; + } else if ((c >= 'a') && (c <= 'f')) { + k = c - 'a' + 10; + } else if ((c >= 'A') && (c <= 'F')) { + k = c - 'A' + 10; + } else { + k = 0; /* paranoia */ + } - int i = 0; - while (in_len > 0) { - /* Decode one |BN_ULONG| at a time. */ - int todo = BN_BYTES * 2; - if (todo > in_len) { - todo = in_len; - } + l = (l << 4) | k; - BN_ULONG word = 0; - int j; - for (j = todo; j > 0; j--) { - char c = in[in_len - j]; - - BN_ULONG hex; - if (c >= '0' && c <= '9') { - hex = c - '0'; - } else if (c >= 'a' && c <= 'f') { - hex = c - 'a' + 10; - } else if (c >= 'A' && c <= 'F') { - hex = c - 'A' + 10; - } else { - hex = 0; - /* This shouldn't happen. The caller checks |isxdigit|. */ - assert(0); + if (--m <= 0) { + bn->d[h++] = l; + break; } - word = (word << 4) | hex; } - bn->d[i++] = word; - in_len -= todo; + j -= (BN_BYTES * 2); } - assert(i <= bn->dmax); - bn->top = i; - return 1; + + bn->top = h; } /* decode_dec decodes |in_len| bytes of decimal data from |in| and updates |bn|. */ -static int decode_dec(BIGNUM *bn, const char *in, int in_len) { +static void decode_dec(BIGNUM *bn, const char *in, int in_len) { int i, j; BN_ULONG l = 0; - /* Decode |BN_DEC_NUM| digits at a time. */ j = BN_DEC_NUM - (in_len % BN_DEC_NUM); if (j == BN_DEC_NUM) { j = 0; @@ -295,18 +277,15 @@ static int decode_dec(BIGNUM *bn, const char *in, int in_len) { l *= 10; l += in[i] - '0'; if (++j == BN_DEC_NUM) { - if (!BN_mul_word(bn, BN_DEC_CONV) || - !BN_add_word(bn, l)) { - return 0; - } + BN_mul_word(bn, BN_DEC_CONV); + BN_add_word(bn, l); l = 0; j = 0; } } - return 1; } -typedef int (*decode_func) (BIGNUM *bn, const char *in, int in_len); +typedef void (*decode_func) (BIGNUM *bn, const char *in, int i); typedef int (*char_test_func) (int c); static int bn_x2bn(BIGNUM **outp, const char *in, decode_func decode, char_test_func want_char) { @@ -323,7 +302,7 @@ static int bn_x2bn(BIGNUM **outp, const char *in, decode_func decode, char_test_ in++; } - for (i = 0; want_char((unsigned char)in[i]) && i + neg < INT_MAX; i++) {} + for (i = 0; want_char((unsigned char)in[i]); i++) {} num = i + neg; if (outp == NULL) { @@ -341,10 +320,13 @@ static int bn_x2bn(BIGNUM **outp, const char *in, decode_func decode, char_test_ BN_zero(ret); } - if (!decode(ret, in, i)) { + /* i is the number of hex digests; */ + if (bn_expand(ret, i * 4) == NULL) { goto err; } + decode(ret, in, i); + bn_correct_top(ret); if (!BN_is_zero(ret)) { ret->neg = neg; @@ -383,7 +365,7 @@ char *BN_bn2dec(const BIGNUM *a) { (BN_ULONG *)OPENSSL_malloc((num / BN_DEC_NUM + 1) * sizeof(BN_ULONG)); buf = (char *)OPENSSL_malloc(num + 3); if ((buf == NULL) || (bn_data == NULL)) { - OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BN, BN_bn2dec, ERR_R_MALLOC_FAILURE); goto err; } t = BN_dup(a); @@ -517,81 +499,3 @@ BN_ULONG BN_get_word(const BIGNUM *bn) { return BN_MASK2; } } - -size_t BN_bn2mpi(const BIGNUM *in, uint8_t *out) { - const size_t bits = BN_num_bits(in); - const size_t bytes = (bits + 7) / 8; - /* If the number of bits is a multiple of 8, i.e. if the MSB is set, - * prefix with a zero byte. */ - int extend = 0; - if (bytes != 0 && (bits & 0x07) == 0) { - extend = 1; - } - - const size_t len = bytes + extend; - if (len < bytes || - 4 + len < len || - (len & 0xffffffff) != len) { - /* If we cannot represent the number then we emit zero as the interface - * doesn't allow an error to be signalled. */ - if (out) { - memset(out, 0, 4); - } - return 4; - } - - if (out == NULL) { - return 4 + len; - } - - out[0] = len >> 24; - out[1] = len >> 16; - out[2] = len >> 8; - out[3] = len; - if (extend) { - out[4] = 0; - } - BN_bn2bin(in, out + 4 + extend); - if (in->neg && len > 0) { - out[4] |= 0x80; - } - return len + 4; -} - -BIGNUM *BN_mpi2bn(const uint8_t *in, size_t len, BIGNUM *out) { - if (len < 4) { - OPENSSL_PUT_ERROR(BN, BN_R_BAD_ENCODING); - return NULL; - } - const size_t in_len = ((size_t)in[0] << 24) | - ((size_t)in[1] << 16) | - ((size_t)in[2] << 8) | - ((size_t)in[3]); - if (in_len != len - 4) { - OPENSSL_PUT_ERROR(BN, BN_R_BAD_ENCODING); - return NULL; - } - - if (out == NULL) { - out = BN_new(); - } - if (out == NULL) { - OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); - return NULL; - } - - if (in_len == 0) { - BN_zero(out); - return out; - } - - in += 4; - if (BN_bin2bn(in, in_len, out) == NULL) { - return NULL; - } - out->neg = ((*in) & 0x80) != 0; - if (out->neg) { - BN_clear_bit(out, BN_num_bits(out) - 1); - } - return out; -} diff --git a/src/crypto/bn/ctx.c b/src/crypto/bn/ctx.c index 48d9adf..0578376 100644 --- a/src/crypto/bn/ctx.c +++ b/src/crypto/bn/ctx.c @@ -124,7 +124,7 @@ struct bignum_ctx { BN_CTX *BN_CTX_new(void) { BN_CTX *ret = OPENSSL_malloc(sizeof(BN_CTX)); if (!ret) { - OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BN, BN_CTX_new, ERR_R_MALLOC_FAILURE); return NULL; } @@ -153,7 +153,7 @@ void BN_CTX_start(BN_CTX *ctx) { ctx->err_stack++; } else if (!BN_STACK_push(&ctx->stack, ctx->used)) { /* (Try to) get a new frame pointer */ - OPENSSL_PUT_ERROR(BN, BN_R_TOO_MANY_TEMPORARY_VARIABLES); + OPENSSL_PUT_ERROR(BN, BN_CTX_start, BN_R_TOO_MANY_TEMPORARY_VARIABLES); ctx->err_stack++; } } @@ -169,7 +169,7 @@ BIGNUM *BN_CTX_get(BN_CTX *ctx) { /* Setting too_many prevents repeated "get" attempts from * cluttering the error stack. */ ctx->too_many = 1; - OPENSSL_PUT_ERROR(BN, BN_R_TOO_MANY_TEMPORARY_VARIABLES); + OPENSSL_PUT_ERROR(BN, BN_CTX_get, BN_R_TOO_MANY_TEMPORARY_VARIABLES); return NULL; } diff --git a/src/crypto/bn/div.c b/src/crypto/bn/div.c index 779dda2..3588ea1 100644 --- a/src/crypto/bn/div.c +++ b/src/crypto/bn/div.c @@ -125,7 +125,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, * so don't just rely on bn_check_top() here */ if ((num->top > 0 && num->d[num->top - 1] == 0) || (divisor->top > 0 && divisor->d[divisor->top - 1] == 0)) { - OPENSSL_PUT_ERROR(BN, BN_R_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(BN, BN_div, BN_R_NOT_INITIALIZED); return 0; } @@ -135,7 +135,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, } if (BN_is_zero(divisor)) { - OPENSSL_PUT_ERROR(BN, BN_R_DIV_BY_ZERO); + OPENSSL_PUT_ERROR(BN, BN_div, BN_R_DIV_BY_ZERO); return 0; } @@ -511,7 +511,7 @@ int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m) { /* max_shift >= 0 */ if (max_shift < 0) { - OPENSSL_PUT_ERROR(BN, BN_R_INPUT_NOT_REDUCED); + OPENSSL_PUT_ERROR(BN, BN_mod_lshift_quick, BN_R_INPUT_NOT_REDUCED); return 0; } diff --git a/src/crypto/bn/exponentiation.c b/src/crypto/bn/exponentiation.c index 6c5e11b..d3063c9 100644 --- a/src/crypto/bn/exponentiation.c +++ b/src/crypto/bn/exponentiation.c @@ -131,7 +131,7 @@ int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { if ((p->flags & BN_FLG_CONSTTIME) != 0) { /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */ - OPENSSL_PUT_ERROR(BN, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(BN, BN_exp, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } @@ -173,8 +173,8 @@ int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { } } - if (r != rr && !BN_copy(r, rr)) { - goto err; + if (r != rr) { + BN_copy(r, rr); } ret = 1; @@ -333,7 +333,7 @@ static int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, j = 0; while (BN_ucmp(r, &(recp->N)) >= 0) { if (j++ > 2) { - OPENSSL_PUT_ERROR(BN, BN_R_BAD_RECIPROCAL); + OPENSSL_PUT_ERROR(BN, BN_div_recp, BN_R_BAD_RECIPROCAL); goto err; } if (!BN_usub(r, r, &(recp->N))) { @@ -427,7 +427,7 @@ static int mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) { /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */ - OPENSSL_PUT_ERROR(BN, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(BN, mod_exp_recp, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } @@ -616,7 +616,7 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, } if (!BN_is_odd(m)) { - OPENSSL_PUT_ERROR(BN, BN_R_CALLED_WITH_EVEN_MODULUS); + OPENSSL_PUT_ERROR(BN, BN_mod_exp_mont, BN_R_CALLED_WITH_EVEN_MODULUS); return 0; } bits = BN_num_bits(p); @@ -862,13 +862,13 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, unsigned char *powerbuf = NULL; BIGNUM tmp, am; - if (!BN_is_odd(m)) { - OPENSSL_PUT_ERROR(BN, BN_R_CALLED_WITH_EVEN_MODULUS); - return 0; - } - top = m->top; + if (!(m->d[0] & 1)) { + OPENSSL_PUT_ERROR(BN, BN_mod_exp_mont_consttime, + BN_R_CALLED_WITH_EVEN_MODULUS); + return 0; + } bits = BN_num_bits(p); if (bits == 0) { ret = BN_one(rr); @@ -926,6 +926,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, } } #endif + (void)0; /* Allocate a buffer large enough to hold all of the pre-computed * powers of am, am itself and tmp. @@ -1222,12 +1223,13 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) { /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */ - OPENSSL_PUT_ERROR(BN, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(BN, BN_mod_exp_mont_word, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (!BN_is_odd(m)) { - OPENSSL_PUT_ERROR(BN, BN_R_CALLED_WITH_EVEN_MODULUS); + OPENSSL_PUT_ERROR(BN, BN_mod_exp_mont_word, BN_R_CALLED_WITH_EVEN_MODULUS); return 0; } @@ -1370,7 +1372,7 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1, BN_MONT_CTX *mont = NULL; if (!(m->d[0] & 1)) { - OPENSSL_PUT_ERROR(BN, BN_R_CALLED_WITH_EVEN_MODULUS); + OPENSSL_PUT_ERROR(BN, BN_mod_exp2_mont, BN_R_CALLED_WITH_EVEN_MODULUS); return 0; } bits1 = BN_num_bits(p1); diff --git a/src/crypto/bn/gcd.c b/src/crypto/bn/gcd.c index e106149..3132c29 100644 --- a/src/crypto/bn/gcd.c +++ b/src/crypto/bn/gcd.c @@ -223,23 +223,20 @@ err: } /* solves ax == 1 (mod n) */ -static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *out, int *out_no_inverse, - const BIGNUM *a, const BIGNUM *n, - BN_CTX *ctx); +static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *out, const BIGNUM *a, + const BIGNUM *n, BN_CTX *ctx); -BIGNUM *BN_mod_inverse_ex(BIGNUM *out, int *out_no_inverse, const BIGNUM *a, - const BIGNUM *n, BN_CTX *ctx) { +BIGNUM *BN_mod_inverse(BIGNUM *out, const BIGNUM *a, const BIGNUM *n, + BN_CTX *ctx) { BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL; BIGNUM *ret = NULL; int sign; if ((a->flags & BN_FLG_CONSTTIME) != 0 || (n->flags & BN_FLG_CONSTTIME) != 0) { - return BN_mod_inverse_no_branch(out, out_no_inverse, a, n, ctx); + return BN_mod_inverse_no_branch(out, a, n, ctx); } - *out_no_inverse = 0; - BN_CTX_start(ctx); A = BN_CTX_get(ctx); B = BN_CTX_get(ctx); @@ -525,8 +522,7 @@ BIGNUM *BN_mod_inverse_ex(BIGNUM *out, int *out_no_inverse, const BIGNUM *a, } } } else { - *out_no_inverse = 1; - OPENSSL_PUT_ERROR(BN, BN_R_NO_INVERSE); + OPENSSL_PUT_ERROR(BN, BN_mod_inverse, BN_R_NO_INVERSE); goto err; } ret = R; @@ -539,25 +535,16 @@ err: return ret; } -BIGNUM *BN_mod_inverse(BIGNUM *out, const BIGNUM *a, const BIGNUM *n, - BN_CTX *ctx) { - int no_inverse; - return BN_mod_inverse_ex(out, &no_inverse, a, n, ctx); -} - /* BN_mod_inverse_no_branch is a special version of BN_mod_inverse. * It does not contain branches that may leak sensitive information. */ -static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *out, int *out_no_inverse, - const BIGNUM *a, const BIGNUM *n, - BN_CTX *ctx) { +static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *out, const BIGNUM *a, + const BIGNUM *n, BN_CTX *ctx) { BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL; BIGNUM local_A, local_B; BIGNUM *pA, *pB; BIGNUM *ret = NULL; int sign; - *out_no_inverse = 0; - BN_CTX_start(ctx); A = BN_CTX_get(ctx); B = BN_CTX_get(ctx); @@ -695,8 +682,7 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *out, int *out_no_inverse, } } } else { - *out_no_inverse = 1; - OPENSSL_PUT_ERROR(BN, BN_R_NO_INVERSE); + OPENSSL_PUT_ERROR(BN, BN_mod_inverse_no_branch, BN_R_NO_INVERSE); goto err; } ret = R; diff --git a/src/crypto/bn/internal.h b/src/crypto/bn/internal.h index 0d0eb44..2674b3c 100644 --- a/src/crypto/bn/internal.h +++ b/src/crypto/bn/internal.h @@ -136,9 +136,9 @@ extern "C" { #endif -/* bn_expand acts the same as |bn_wexpand|, but takes a number of bits rather +/* bn_expand acts the same as |BN_wexpand|, but takes a number of bits rather * than a number of words. */ -BIGNUM *bn_expand(BIGNUM *bn, size_t bits); +BIGNUM *bn_expand(BIGNUM *bn, unsigned bits); #if defined(OPENSSL_64_BIT) diff --git a/src/crypto/bn/montgomery.c b/src/crypto/bn/montgomery.c index c6c9c88..152cf2d 100644 --- a/src/crypto/bn/montgomery.c +++ b/src/crypto/bn/montgomery.c @@ -110,7 +110,6 @@ #include -#include #include #include @@ -177,11 +176,6 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx) { BIGNUM tmod; BN_ULONG buf[2]; - if (BN_is_zero(mod)) { - OPENSSL_PUT_ERROR(BN, BN_R_DIV_BY_ZERO); - return 0; - } - BN_CTX_start(ctx); Ri = BN_CTX_get(ctx); if (Ri == NULL) { diff --git a/src/crypto/bn/mul.c b/src/crypto/bn/mul.c index 029a59e..a17d766 100644 --- a/src/crypto/bn/mul.c +++ b/src/crypto/bn/mul.c @@ -666,8 +666,8 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) { end: bn_correct_top(rr); - if (r != rr && !BN_copy(r, rr)) { - goto err; + if (r != rr) { + BN_copy(r, rr); } ret = 1; @@ -877,8 +877,8 @@ int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) { rr->top = max; } - if (rr != r && !BN_copy(r, rr)) { - goto err; + if (rr != r) { + BN_copy(r, rr); } ret = 1; diff --git a/src/crypto/bn/prime.c b/src/crypto/bn/prime.c index bbb8fe0..cf3afcf 100644 --- a/src/crypto/bn/prime.c +++ b/src/crypto/bn/prime.c @@ -362,11 +362,11 @@ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add, if (bits < 2) { /* There are no prime numbers this small. */ - OPENSSL_PUT_ERROR(BN, BN_R_BITS_TOO_SMALL); + OPENSSL_PUT_ERROR(BN, BN_generate_prime_ex, BN_R_BITS_TOO_SMALL); return 0; } else if (bits == 2 && safe) { /* The smallest safe prime (7) is three bits. */ - OPENSSL_PUT_ERROR(BN, BN_R_BITS_TOO_SMALL); + OPENSSL_PUT_ERROR(BN, BN_generate_prime_ex, BN_R_BITS_TOO_SMALL); return 0; } @@ -515,10 +515,11 @@ int BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, /* A := abs(a) */ if (a->neg) { - BIGNUM *t = BN_CTX_get(ctx); - if (t == NULL || !BN_copy(t, a)) { + BIGNUM *t; + if ((t = BN_CTX_get(ctx)) == NULL) { goto err; } + BN_copy(t, a); t->neg = 0; A = t; } else { diff --git a/src/crypto/bn/random.c b/src/crypto/bn/random.c index 3116e54..549ac48 100644 --- a/src/crypto/bn/random.c +++ b/src/crypto/bn/random.c @@ -134,7 +134,7 @@ int BN_rand(BIGNUM *rnd, int bits, int top, int bottom) { buf = OPENSSL_malloc(bytes); if (buf == NULL) { - OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BN, BN_rand, ERR_R_MALLOC_FAILURE); goto err; } @@ -186,7 +186,7 @@ int BN_rand_range(BIGNUM *r, const BIGNUM *range) { unsigned count = 100; if (range->neg || BN_is_zero(range)) { - OPENSSL_PUT_ERROR(BN, BN_R_INVALID_RANGE); + OPENSSL_PUT_ERROR(BN, BN_rand_range, BN_R_INVALID_RANGE); return 0; } @@ -219,7 +219,7 @@ int BN_rand_range(BIGNUM *r, const BIGNUM *range) { } if (!--count) { - OPENSSL_PUT_ERROR(BN, BN_R_TOO_MANY_ITERATIONS); + OPENSSL_PUT_ERROR(BN, BN_rand_range, BN_R_TOO_MANY_ITERATIONS); return 0; } } while (BN_cmp(r, range) >= 0); @@ -231,7 +231,7 @@ int BN_rand_range(BIGNUM *r, const BIGNUM *range) { } if (!--count) { - OPENSSL_PUT_ERROR(BN, BN_R_TOO_MANY_ITERATIONS); + OPENSSL_PUT_ERROR(BN, BN_rand_range, BN_R_TOO_MANY_ITERATIONS); return 0; } } while (BN_cmp(r, range) >= 0); @@ -264,13 +264,13 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range, const BIGNUM *priv, } if (BN_is_zero(range)) { - OPENSSL_PUT_ERROR(BN, BN_R_DIV_BY_ZERO); + OPENSSL_PUT_ERROR(BN, BN_generate_dsa_nonce, BN_R_DIV_BY_ZERO); goto err; } k_bytes = OPENSSL_malloc(num_k_bytes); if (!k_bytes) { - OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BN, BN_generate_dsa_nonce, ERR_R_MALLOC_FAILURE); goto err; } @@ -281,7 +281,7 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range, const BIGNUM *priv, /* No reasonable DSA or ECDSA key should have a private key * this large and we don't handle this case in order to avoid * leaking the length of the private key. */ - OPENSSL_PUT_ERROR(BN, BN_R_PRIVATE_KEY_TOO_LARGE); + OPENSSL_PUT_ERROR(BN, BN_generate_dsa_nonce, BN_R_PRIVATE_KEY_TOO_LARGE); goto err; } memcpy(private_bytes, priv->d, todo); diff --git a/src/crypto/bn/rsaz_exp.h b/src/crypto/bn/rsaz_exp.h index c752b45..0bb6b0c 100644 --- a/src/crypto/bn/rsaz_exp.h +++ b/src/crypto/bn/rsaz_exp.h @@ -1,44 +1,32 @@ -/***************************************************************************** -* * -* Copyright (c) 2012, Intel Corporation * -* * -* All rights reserved. * -* * -* Redistribution and use in source and binary forms, with or without * -* modification, are permitted provided that the following conditions are * -* met: * -* * -* * Redistributions of source code must retain the above copyright * -* notice, this list of conditions and the following disclaimer. * -* * -* * Redistributions in binary form must reproduce the above copyright * -* notice, this list of conditions and the following disclaimer in the * -* documentation and/or other materials provided with the * -* distribution. * -* * -* * Neither the name of the Intel Corporation nor the names of its * -* contributors may be used to endorse or promote products derived from * -* this software without specific prior written permission. * -* * -* * -* THIS SOFTWARE IS PROVIDED BY INTEL CORPORATION ""AS IS"" AND ANY * -* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * -* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * -* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL INTEL CORPORATION OR * -* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, * -* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * -* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * -* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * -* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * -* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * -* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * -* * +/****************************************************************************** +* Copyright(c) 2012, Intel Corp. +* Developers and authors: +* Shay Gueron (1, 2), and Vlad Krasnov (1) +* (1) Intel Corporation, Israel Development Center, Haifa, Israel +* (2) University of Haifa, Israel ****************************************************************************** -* Developers and authors: * -* Shay Gueron (1, 2), and Vlad Krasnov (1) * -* (1) Intel Corporation, Israel Development Center, Haifa, Israel * -* (2) University of Haifa, Israel * -*****************************************************************************/ +* LICENSE: +* This submission to OpenSSL is to be made available under the OpenSSL +* license, and only to the OpenSSL project, in order to allow integration +* into the publicly distributed code. +* The use of this code, or portions of this code, or concepts embedded in +* this code, or modification of this code and/or algorithm(s) in it, or the +* use of this code for any other purpose than stated above, requires special +* licensing. +****************************************************************************** +* DISCLAIMER: +* THIS SOFTWARE IS PROVIDED BY THE CONTRIBUTORS AND THE COPYRIGHT OWNERS +* ``AS IS''. ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS OR THE COPYRIGHT +* OWNERS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, +* OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +* POSSIBILITY OF SUCH DAMAGE. +******************************************************************************/ #ifndef RSAZ_EXP_H #define RSAZ_EXP_H diff --git a/src/crypto/bn/shift.c b/src/crypto/bn/shift.c index defec92..f143996 100644 --- a/src/crypto/bn/shift.c +++ b/src/crypto/bn/shift.c @@ -69,7 +69,7 @@ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n) { BN_ULONG l; if (n < 0) { - OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER); + OPENSSL_PUT_ERROR(BN, BN_lshift, BN_R_NEGATIVE_NUMBER); return 0; } @@ -138,7 +138,7 @@ int BN_rshift(BIGNUM *r, const BIGNUM *a, int n) { BN_ULONG l, tmp; if (n < 0) { - OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER); + OPENSSL_PUT_ERROR(BN, BN_rshift, BN_R_NEGATIVE_NUMBER); return 0; } diff --git a/src/crypto/bn/sqrt.c b/src/crypto/bn/sqrt.c index 2ed66c2..e71a818 100644 --- a/src/crypto/bn/sqrt.c +++ b/src/crypto/bn/sqrt.c @@ -86,7 +86,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { return ret; } - OPENSSL_PUT_ERROR(BN, BN_R_P_IS_NOT_PRIME); + OPENSSL_PUT_ERROR(BN, BN_mod_sqrt, BN_R_P_IS_NOT_PRIME); return (NULL); } @@ -260,7 +260,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { } if (r == 0) { /* m divides p */ - OPENSSL_PUT_ERROR(BN, BN_R_P_IS_NOT_PRIME); + OPENSSL_PUT_ERROR(BN, BN_mod_sqrt, BN_R_P_IS_NOT_PRIME); goto end; } } while (r == 1 && ++i < 82); @@ -271,7 +271,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { * Even if p is not prime, we should have found some y * such that r == -1. */ - OPENSSL_PUT_ERROR(BN, BN_R_TOO_MANY_ITERATIONS); + OPENSSL_PUT_ERROR(BN, BN_mod_sqrt, BN_R_TOO_MANY_ITERATIONS); goto end; } @@ -286,7 +286,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { goto end; } if (BN_is_one(y)) { - OPENSSL_PUT_ERROR(BN, BN_R_P_IS_NOT_PRIME); + OPENSSL_PUT_ERROR(BN, BN_mod_sqrt, BN_R_P_IS_NOT_PRIME); goto end; } @@ -377,7 +377,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { while (!BN_is_one(t)) { i++; if (i == e) { - OPENSSL_PUT_ERROR(BN, BN_R_NOT_A_SQUARE); + OPENSSL_PUT_ERROR(BN, BN_mod_sqrt, BN_R_NOT_A_SQUARE); goto end; } if (!BN_mod_mul(t, t, t, p, ctx)) { @@ -413,7 +413,7 @@ vrfy: } if (!err && 0 != BN_cmp(x, A)) { - OPENSSL_PUT_ERROR(BN, BN_R_NOT_A_SQUARE); + OPENSSL_PUT_ERROR(BN, BN_mod_sqrt, BN_R_NOT_A_SQUARE); err = 1; } } @@ -434,7 +434,7 @@ int BN_sqrt(BIGNUM *out_sqrt, const BIGNUM *in, BN_CTX *ctx) { int ok = 0, last_delta_valid = 0; if (in->neg) { - OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER); + OPENSSL_PUT_ERROR(BN, BN_sqrt, BN_R_NEGATIVE_NUMBER); return 0; } if (BN_is_zero(in)) { @@ -452,7 +452,7 @@ int BN_sqrt(BIGNUM *out_sqrt, const BIGNUM *in, BN_CTX *ctx) { last_delta = BN_CTX_get(ctx); delta = BN_CTX_get(ctx); if (estimate == NULL || tmp == NULL || last_delta == NULL || delta == NULL) { - OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BN, BN_sqrt, ERR_R_MALLOC_FAILURE); goto err; } @@ -470,7 +470,7 @@ int BN_sqrt(BIGNUM *out_sqrt, const BIGNUM *in, BN_CTX *ctx) { !BN_sqr(tmp, estimate, ctx) || /* |delta| = |in| - |tmp| */ !BN_sub(delta, in, tmp)) { - OPENSSL_PUT_ERROR(BN, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(BN, BN_sqrt, ERR_R_BN_LIB); goto err; } @@ -490,15 +490,15 @@ int BN_sqrt(BIGNUM *out_sqrt, const BIGNUM *in, BN_CTX *ctx) { } if (BN_cmp(tmp, in) != 0) { - OPENSSL_PUT_ERROR(BN, BN_R_NOT_A_SQUARE); + OPENSSL_PUT_ERROR(BN, BN_sqrt, BN_R_NOT_A_SQUARE); goto err; } ok = 1; err: - if (ok && out_sqrt == in && !BN_copy(out_sqrt, estimate)) { - ok = 0; + if (ok && out_sqrt == in) { + BN_copy(out_sqrt, estimate); } BN_CTX_end(ctx); return ok; diff --git a/src/crypto/buf/CMakeLists.txt b/src/crypto/buf/CMakeLists.txt index 63f1025..19edf7d 100644 --- a/src/crypto/buf/CMakeLists.txt +++ b/src/crypto/buf/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( buf diff --git a/src/crypto/buf/buf.c b/src/crypto/buf/buf.c index 13b5ceb..5769e77 100644 --- a/src/crypto/buf/buf.c +++ b/src/crypto/buf/buf.c @@ -67,7 +67,7 @@ BUF_MEM *BUF_MEM_new(void) { ret = OPENSSL_malloc(sizeof(BUF_MEM)); if (ret == NULL) { - OPENSSL_PUT_ERROR(BUF, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BUF, BUF_MEM_new, ERR_R_MALLOC_FAILURE); return NULL; } @@ -105,14 +105,14 @@ static size_t buf_mem_grow(BUF_MEM *buf, size_t len, char clean) { n = len + 3; if (n < len) { /* overflow */ - OPENSSL_PUT_ERROR(BUF, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BUF, buf_mem_grow, ERR_R_MALLOC_FAILURE); return 0; } n = n / 3; alloc_size = n * 4; if (alloc_size / 4 != n) { /* overflow */ - OPENSSL_PUT_ERROR(BUF, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BUF, buf_mem_grow, ERR_R_MALLOC_FAILURE); return 0; } @@ -127,7 +127,7 @@ static size_t buf_mem_grow(BUF_MEM *buf, size_t len, char clean) { } if (new_buf == NULL) { - OPENSSL_PUT_ERROR(BUF, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BUF, buf_mem_grow, ERR_R_MALLOC_FAILURE); len = 0; } else { buf->data = new_buf; @@ -180,12 +180,12 @@ char *BUF_strndup(const char *buf, size_t size) { alloc_size = size + 1; if (alloc_size < size) { /* overflow */ - OPENSSL_PUT_ERROR(BUF, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BUF, BUF_strndup, ERR_R_MALLOC_FAILURE); return NULL; } ret = OPENSSL_malloc(alloc_size); if (ret == NULL) { - OPENSSL_PUT_ERROR(BUF, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BUF, BUF_strndup, ERR_R_MALLOC_FAILURE); return NULL; } @@ -226,7 +226,7 @@ void *BUF_memdup(const void *data, size_t dst_size) { ret = OPENSSL_malloc(dst_size); if (ret == NULL) { - OPENSSL_PUT_ERROR(BUF, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BUF, BUF_memdup, ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/src/crypto/bytestring/CMakeLists.txt b/src/crypto/bytestring/CMakeLists.txt index 3462aee..cbbacf2 100644 --- a/src/crypto/bytestring/CMakeLists.txt +++ b/src/crypto/bytestring/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( bytestring diff --git a/src/crypto/bytestring/bytestring_test.cc b/src/crypto/bytestring/bytestring_test.cc index e987e1b..66e9c1e 100644 --- a/src/crypto/bytestring/bytestring_test.cc +++ b/src/crypto/bytestring/bytestring_test.cc @@ -109,7 +109,7 @@ static bool TestGetASN1() { static const uint8_t kData2[] = {0x30, 3, 1, 2}; static const uint8_t kData3[] = {0x30, 0x80}; static const uint8_t kData4[] = {0x30, 0x81, 1, 1}; - static const uint8_t kData5[4 + 0x80] = {0x30, 0x82, 0, 0x80}; + static const uint8_t kData5[] = {0x30, 0x82, 0, 1, 1}; static const uint8_t kData6[] = {0xa1, 3, 0x4, 1, 1}; static const uint8_t kData7[] = {0xa1, 3, 0x4, 2, 1}; static const uint8_t kData8[] = {0xa1, 3, 0x2, 1, 1}; @@ -649,14 +649,6 @@ static bool TestASN1Uint64() { return true; } -static int TestZero() { - CBB cbb; - CBB_zero(&cbb); - // Calling |CBB_cleanup| on a zero-state |CBB| must not crash. - CBB_cleanup(&cbb); - return 1; -} - int main(void) { CRYPTO_library_init(); @@ -673,8 +665,7 @@ int main(void) { !TestCBBASN1() || !TestBerConvert() || !TestASN1Uint64() || - !TestGetOptionalASN1Bool() || - !TestZero()) { + !TestGetOptionalASN1Bool()) { return 1; } diff --git a/src/crypto/bytestring/cbb.c b/src/crypto/bytestring/cbb.c index 1da6a21..f1e09a2 100644 --- a/src/crypto/bytestring/cbb.c +++ b/src/crypto/bytestring/cbb.c @@ -20,10 +20,6 @@ #include -void CBB_zero(CBB *cbb) { - memset(cbb, 0, sizeof(CBB)); -} - static int cbb_init(CBB *cbb, uint8_t *buf, size_t cap) { struct cbb_buffer_st *base; @@ -247,11 +243,6 @@ int CBB_flush(CBB *cbb) { return 1; } -size_t CBB_len(const CBB *cbb) { - assert(cbb->child == NULL); - - return cbb->base->len; -} static int cbb_add_length_prefixed(CBB *cbb, CBB *out_contents, size_t len_len) { diff --git a/src/crypto/bytestring/cbs.c b/src/crypto/bytestring/cbs.c index 5e0c538..b8caedd 100644 --- a/src/crypto/bytestring/cbs.c +++ b/src/crypto/bytestring/cbs.c @@ -137,15 +137,6 @@ int CBS_get_bytes(CBS *cbs, CBS *out, size_t len) { return 1; } -int CBS_copy_bytes(CBS *cbs, uint8_t *out, size_t len) { - const uint8_t *v; - if (!cbs_get(cbs, &v, len)) { - return 0; - } - memcpy(out, v, len); - return 1; -} - static int cbs_get_length_prefixed(CBS *cbs, CBS *out, size_t len_len) { uint32_t len; if (!cbs_get_u(cbs, &len, len_len)) { @@ -329,19 +320,14 @@ int CBS_get_asn1_uint64(CBS *cbs, uint64_t *out) { } int CBS_get_optional_asn1(CBS *cbs, CBS *out, int *out_present, unsigned tag) { - int present = 0; - if (CBS_peek_asn1_tag(cbs, tag)) { if (!CBS_get_asn1(cbs, out, tag)) { return 0; } - present = 1; - } - - if (out_present != NULL) { - *out_present = present; + *out_present = 1; + } else { + *out_present = 0; } - return 1; } diff --git a/src/crypto/bytestring/internal.h b/src/crypto/bytestring/internal.h index b4ea7e5..391ad19 100644 --- a/src/crypto/bytestring/internal.h +++ b/src/crypto/bytestring/internal.h @@ -38,6 +38,14 @@ extern "C" { * It returns one on success and zero otherwise. */ OPENSSL_EXPORT int CBS_asn1_ber_to_der(CBS *in, uint8_t **out, size_t *out_len); +/* CBS_get_any_ber_asn1_element acts the same as |CBS_get_any_asn1_element| but + * also allows indefinite-length elements to be returned. In that case, + * |*out_header_len| and |CBS_len(out)| will both be two as only the header is + * returned. */ +OPENSSL_EXPORT int CBS_get_any_ber_asn1_element(CBS *cbs, CBS *out, + unsigned *out_tag, + size_t *out_header_len); + #if defined(__cplusplus) } /* extern C */ diff --git a/src/crypto/chacha/CMakeLists.txt b/src/crypto/chacha/CMakeLists.txt index 266e869..6c3f87e 100644 --- a/src/crypto/chacha/CMakeLists.txt +++ b/src/crypto/chacha/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) if (${ARCH} STREQUAL "arm") set( diff --git a/src/crypto/chacha/chacha_vec_arm.S b/src/crypto/chacha/chacha_vec_arm.S index 0f82627..ddc374e 100644 --- a/src/crypto/chacha/chacha_vec_arm.S +++ b/src/crypto/chacha/chacha_vec_arm.S @@ -23,7 +23,6 @@ # /opt/gcc-linaro-4.9-2014.11-x86_64_arm-linux-gnueabihf/bin/arm-linux-gnueabihf-gcc -O3 -mcpu=cortex-a8 -mfpu=neon -fpic -DASM_GEN -I ../../include -S chacha_vec.c -o - #if !defined(OPENSSL_NO_ASM) -#if defined(__arm__) || defined(__aarch64__) .syntax unified .cpu cortex-a8 @@ -1424,5 +1423,4 @@ CRYPTO_chacha_20_neon: .ident "GCC: (Linaro GCC 2014.11) 4.9.3 20141031 (prerelease)" .section .note.GNU-stack,"",%progbits -#endif /* __arm__ || __aarch64__ */ #endif /* !OPENSSL_NO_ASM */ diff --git a/src/crypto/chacha/chacha_vec_arm_generate.go b/src/crypto/chacha/chacha_vec_arm_generate.go index 6d167b9..d681e8a 100644 --- a/src/crypto/chacha/chacha_vec_arm_generate.go +++ b/src/crypto/chacha/chacha_vec_arm_generate.go @@ -52,8 +52,7 @@ func main() { output.WriteString(compiler) output.WriteString(" ") output.WriteString(strings.Join(args, " ")) - output.WriteString("\n\n#if !defined(OPENSSL_NO_ASM)\n") - output.WriteString("#if defined(__arm__) || defined(__aarch64__)\n\n") + output.WriteString("\n\n#if !defined(OPENSSL_NO_ASM)\n\n") cmd := exec.Command(compiler, args...) cmd.Stderr = os.Stderr @@ -145,6 +144,5 @@ const attr28Block = ` ` const trailer = ` -#endif /* __arm__ || __aarch64__ */ #endif /* !OPENSSL_NO_ASM */ ` diff --git a/src/crypto/cipher/CMakeLists.txt b/src/crypto/cipher/CMakeLists.txt index 6b4c729..2775698 100644 --- a/src/crypto/cipher/CMakeLists.txt +++ b/src/crypto/cipher/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( cipher diff --git a/src/crypto/cipher/aead.c b/src/crypto/cipher/aead.c index 7e747f8..20d699d 100644 --- a/src/crypto/cipher/aead.c +++ b/src/crypto/cipher/aead.c @@ -30,15 +30,11 @@ size_t EVP_AEAD_max_overhead(const EVP_AEAD *aead) { return aead->overhead; } size_t EVP_AEAD_max_tag_len(const EVP_AEAD *aead) { return aead->max_tag_len; } -void EVP_AEAD_CTX_zero(EVP_AEAD_CTX *ctx) { - memset(ctx, 0, sizeof(EVP_AEAD_CTX)); -} - int EVP_AEAD_CTX_init(EVP_AEAD_CTX *ctx, const EVP_AEAD *aead, const uint8_t *key, size_t key_len, size_t tag_len, ENGINE *impl) { if (!aead->init) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_NO_DIRECTION_SET); + OPENSSL_PUT_ERROR(CIPHER, EVP_AEAD_CTX_init, CIPHER_R_NO_DIRECTION_SET); ctx->aead = NULL; return 0; } @@ -51,7 +47,8 @@ int EVP_AEAD_CTX_init_with_direction(EVP_AEAD_CTX *ctx, const EVP_AEAD *aead, size_t tag_len, enum evp_aead_direction_t dir) { if (key_len != aead->key_len) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_KEY_SIZE); + OPENSSL_PUT_ERROR(CIPHER, EVP_AEAD_CTX_init_with_direction, + CIPHER_R_UNSUPPORTED_KEY_SIZE); ctx->aead = NULL; return 0; } @@ -104,12 +101,12 @@ int EVP_AEAD_CTX_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, size_t *out_len, size_t possible_out_len = in_len + ctx->aead->overhead; if (possible_out_len < in_len /* overflow */) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, EVP_AEAD_CTX_seal, CIPHER_R_TOO_LARGE); goto error; } if (!check_alias(in, in_len, out)) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_OUTPUT_ALIASES_INPUT); + OPENSSL_PUT_ERROR(CIPHER, EVP_AEAD_CTX_seal, CIPHER_R_OUTPUT_ALIASES_INPUT); goto error; } @@ -131,7 +128,7 @@ int EVP_AEAD_CTX_open(const EVP_AEAD_CTX *ctx, uint8_t *out, size_t *out_len, size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *ad, size_t ad_len) { if (!check_alias(in, in_len, out)) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_OUTPUT_ALIASES_INPUT); + OPENSSL_PUT_ERROR(CIPHER, EVP_AEAD_CTX_open, CIPHER_R_OUTPUT_ALIASES_INPUT); goto error; } diff --git a/src/crypto/cipher/aead_test.cc b/src/crypto/cipher/aead_test.cc index baaee9e..e4b75d6 100644 --- a/src/crypto/cipher/aead_test.cc +++ b/src/crypto/cipher/aead_test.cc @@ -22,7 +22,6 @@ #include #include "../test/file_test.h" -#include "../test/scoped_types.h" #include "../test/stl_compat.h" @@ -36,6 +35,18 @@ // CT: 5294265a60 // TAG: 1d45758621762e061368e68868e2f929 +// EVP_AEAD_CTX lacks a zero state, so it doesn't fit easily into +// ScopedOpenSSLContext. +class EVP_AEAD_CTXScoper { + public: + EVP_AEAD_CTXScoper(EVP_AEAD_CTX *ctx) : ctx_(ctx) {} + ~EVP_AEAD_CTXScoper() { + EVP_AEAD_CTX_cleanup(ctx_); + } + private: + EVP_AEAD_CTX *ctx_; +}; + static bool TestAEAD(FileTest *t, void *arg) { const EVP_AEAD *aead = reinterpret_cast(arg); @@ -49,19 +60,20 @@ static bool TestAEAD(FileTest *t, void *arg) { return false; } - ScopedEVP_AEAD_CTX ctx; - if (!EVP_AEAD_CTX_init_with_direction(ctx.get(), aead, - bssl::vector_data(&key), key.size(), - tag.size(), evp_aead_seal)) { + EVP_AEAD_CTX ctx; + if (!EVP_AEAD_CTX_init_with_direction(&ctx, aead, bssl::vector_data(&key), + key.size(), tag.size(), + evp_aead_seal)) { t->PrintLine("Failed to init AEAD."); return false; } + EVP_AEAD_CTXScoper cleanup(&ctx); std::vector out(in.size() + EVP_AEAD_max_overhead(aead)); if (!t->HasAttribute("NO_SEAL")) { size_t out_len; - if (!EVP_AEAD_CTX_seal(ctx.get(), bssl::vector_data(&out), &out_len, - out.size(), bssl::vector_data(&nonce), nonce.size(), + if (!EVP_AEAD_CTX_seal(&ctx, bssl::vector_data(&out), &out_len, out.size(), + bssl::vector_data(&nonce), nonce.size(), bssl::vector_data(&in), in.size(), bssl::vector_data(&ad), ad.size())) { t->PrintLine("Failed to run AEAD."); @@ -89,17 +101,17 @@ static bool TestAEAD(FileTest *t, void *arg) { // The "stateful" AEADs for implementing pre-AEAD cipher suites need to be // reset after each operation. - ctx.Reset(); - if (!EVP_AEAD_CTX_init_with_direction(ctx.get(), aead, - bssl::vector_data(&key), key.size(), - tag.size(), evp_aead_open)) { + EVP_AEAD_CTX_cleanup(&ctx); + if (!EVP_AEAD_CTX_init_with_direction(&ctx, aead, bssl::vector_data(&key), + key.size(), tag.size(), + evp_aead_open)) { t->PrintLine("Failed to init AEAD."); return false; } std::vector out2(out.size()); size_t out2_len; - int ret = EVP_AEAD_CTX_open(ctx.get(), + int ret = EVP_AEAD_CTX_open(&ctx, bssl::vector_data(&out2), &out2_len, out2.size(), bssl::vector_data(&nonce), nonce.size(), bssl::vector_data(&out), out.size(), @@ -125,10 +137,10 @@ static bool TestAEAD(FileTest *t, void *arg) { // The "stateful" AEADs for implementing pre-AEAD cipher suites need to be // reset after each operation. - ctx.Reset(); - if (!EVP_AEAD_CTX_init_with_direction(ctx.get(), aead, - bssl::vector_data(&key), key.size(), - tag.size(), evp_aead_open)) { + EVP_AEAD_CTX_cleanup(&ctx); + if (!EVP_AEAD_CTX_init_with_direction(&ctx, aead, bssl::vector_data(&key), + key.size(), tag.size(), + evp_aead_open)) { t->PrintLine("Failed to init AEAD."); return false; } @@ -136,8 +148,8 @@ static bool TestAEAD(FileTest *t, void *arg) { // Garbage at the end isn't ignored. out.push_back(0); out2.resize(out.size()); - if (EVP_AEAD_CTX_open(ctx.get(), bssl::vector_data(&out2), &out2_len, - out2.size(), bssl::vector_data(&nonce), nonce.size(), + if (EVP_AEAD_CTX_open(&ctx, bssl::vector_data(&out2), &out2_len, out2.size(), + bssl::vector_data(&nonce), nonce.size(), bssl::vector_data(&out), out.size(), bssl::vector_data(&ad), ad.size())) { t->PrintLine("Decrypted bad data with trailing garbage."); @@ -147,10 +159,10 @@ static bool TestAEAD(FileTest *t, void *arg) { // The "stateful" AEADs for implementing pre-AEAD cipher suites need to be // reset after each operation. - ctx.Reset(); - if (!EVP_AEAD_CTX_init_with_direction(ctx.get(), aead, - bssl::vector_data(&key), key.size(), - tag.size(), evp_aead_open)) { + EVP_AEAD_CTX_cleanup(&ctx); + if (!EVP_AEAD_CTX_init_with_direction(&ctx, aead, bssl::vector_data(&key), + key.size(), tag.size(), + evp_aead_open)) { t->PrintLine("Failed to init AEAD."); return false; } @@ -159,8 +171,8 @@ static bool TestAEAD(FileTest *t, void *arg) { out[0] ^= 0x80; out.resize(out.size() - 1); out2.resize(out.size()); - if (EVP_AEAD_CTX_open(ctx.get(), bssl::vector_data(&out2), &out2_len, - out2.size(), bssl::vector_data(&nonce), nonce.size(), + if (EVP_AEAD_CTX_open(&ctx, bssl::vector_data(&out2), &out2_len, out2.size(), + bssl::vector_data(&nonce), nonce.size(), bssl::vector_data(&out), out.size(), bssl::vector_data(&ad), ad.size())) { t->PrintLine("Decrypted bad data with corrupted byte."); @@ -188,7 +200,6 @@ static int TestCleanupAfterInitFailure(const EVP_AEAD *aead) { fprintf(stderr, "A silly tag length didn't trigger an error!\n"); return 0; } - ERR_clear_error(); /* Running a second, failed _init should not cause a memory leak. */ if (EVP_AEAD_CTX_init(&ctx, aead, key, key_len, @@ -197,7 +208,6 @@ static int TestCleanupAfterInitFailure(const EVP_AEAD *aead) { fprintf(stderr, "A silly tag length didn't trigger an error!\n"); return 0; } - ERR_clear_error(); /* Calling _cleanup on an |EVP_AEAD_CTX| after a failed _init should be a * no-op. */ diff --git a/src/crypto/cipher/cipher.c b/src/crypto/cipher/cipher.c index 4401867..400c3f5 100644 --- a/src/crypto/cipher/cipher.c +++ b/src/crypto/cipher/cipher.c @@ -68,18 +68,12 @@ const EVP_CIPHER *EVP_get_cipherbynid(int nid) { switch (nid) { - case NID_rc2_cbc: - return EVP_rc2_cbc(); - case NID_rc2_40_cbc: - return EVP_rc2_40_cbc(); case NID_des_ede3_cbc: return EVP_des_ede3_cbc(); case NID_des_ede_cbc: return EVP_des_cbc(); case NID_aes_128_cbc: return EVP_aes_128_cbc(); - case NID_aes_192_cbc: - return EVP_aes_192_cbc(); case NID_aes_256_cbc: return EVP_aes_256_cbc(); default: @@ -121,7 +115,7 @@ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) { int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) { if (in == NULL || in->cipher == NULL) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INPUT_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(CIPHER, EVP_CIPHER_CTX_copy, CIPHER_R_INPUT_NOT_INITIALIZED); return 0; } @@ -131,7 +125,7 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) { if (in->cipher_data && in->cipher->ctx_size) { out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size); if (!out->cipher_data) { - OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CIPHER, EVP_CIPHER_CTX_copy, ERR_R_MALLOC_FAILURE); return 0; } memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size); @@ -171,7 +165,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ctx->cipher_data = OPENSSL_malloc(ctx->cipher->ctx_size); if (!ctx->cipher_data) { ctx->cipher = NULL; - OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CIPHER, EVP_CipherInit_ex, ERR_R_MALLOC_FAILURE); return 0; } } else { @@ -184,12 +178,12 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) { ctx->cipher = NULL; - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INITIALIZATION_ERROR); + OPENSSL_PUT_ERROR(CIPHER, EVP_CipherInit_ex, CIPHER_R_INITIALIZATION_ERROR); return 0; } } } else if (!ctx->cipher) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_NO_CIPHER_SET); + OPENSSL_PUT_ERROR(CIPHER, EVP_CipherInit_ex, CIPHER_R_NO_CIPHER_SET); return 0; } @@ -344,7 +338,8 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, uint8_t *out, int *out_len) { bl = ctx->buf_len; if (ctx->flags & EVP_CIPH_NO_PADDING) { if (bl) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, EVP_EncryptFinal_ex, + CIPHER_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); return 0; } *out_len = 0; @@ -439,7 +434,8 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *out_len) { b = ctx->cipher->block_size; if (ctx->flags & EVP_CIPH_NO_PADDING) { if (ctx->buf_len) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, EVP_DecryptFinal_ex, + CIPHER_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); return 0; } *out_len = 0; @@ -448,7 +444,8 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *out_len) { if (b > 1) { if (ctx->buf_len || !ctx->final_used) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_WRONG_FINAL_BLOCK_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, EVP_DecryptFinal_ex, + CIPHER_R_WRONG_FINAL_BLOCK_LENGTH); return 0; } assert(b <= sizeof(ctx->final)); @@ -457,13 +454,13 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *out_len) { * Otherwise it provides a padding oracle. */ n = ctx->final[b - 1]; if (n == 0 || n > (int)b) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, EVP_DecryptFinal_ex, CIPHER_R_BAD_DECRYPT); return 0; } for (i = 0; i < n; i++) { if (ctx->final[--b] != n) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, EVP_DecryptFinal_ex, CIPHER_R_BAD_DECRYPT); return 0; } } @@ -541,18 +538,19 @@ uint32_t EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx) { int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int command, int arg, void *ptr) { int ret; if (!ctx->cipher) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_NO_CIPHER_SET); + OPENSSL_PUT_ERROR(CIPHER, EVP_CIPHER_CTX_ctrl, CIPHER_R_NO_CIPHER_SET); return 0; } if (!ctx->cipher->ctrl) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_CTRL_NOT_IMPLEMENTED); + OPENSSL_PUT_ERROR(CIPHER, EVP_CIPHER_CTX_ctrl, CIPHER_R_CTRL_NOT_IMPLEMENTED); return 0; } ret = ctx->cipher->ctrl(ctx, command, arg, ptr); if (ret == -1) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_CTRL_OPERATION_NOT_IMPLEMENTED); + OPENSSL_PUT_ERROR(CIPHER, EVP_CIPHER_CTX_ctrl, + CIPHER_R_CTRL_OPERATION_NOT_IMPLEMENTED); return 0; } @@ -574,7 +572,8 @@ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, unsigned key_len) { } if (key_len == 0 || !(c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH)) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_KEY_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, EVP_CIPHER_CTX_set_key_length, + CIPHER_R_INVALID_KEY_LENGTH); return 0; } @@ -631,7 +630,7 @@ const EVP_CIPHER *EVP_get_cipherbyname(const char *name) { return EVP_rc4(); } else if (OPENSSL_strcasecmp(name, "des-cbc") == 0) { return EVP_des_cbc(); - } else if (OPENSSL_strcasecmp(name, "des-ede3-cbc") == 0 || + } else if (OPENSSL_strcasecmp(name, "3des-cbc") == 0 || OPENSSL_strcasecmp(name, "3des") == 0) { return EVP_des_ede3_cbc(); } else if (OPENSSL_strcasecmp(name, "aes-128-cbc") == 0) { diff --git a/src/crypto/cipher/cipher_test.cc b/src/crypto/cipher/cipher_test.cc index 5f04178..97a84e0 100644 --- a/src/crypto/cipher/cipher_test.cc +++ b/src/crypto/cipher/cipher_test.cc @@ -69,12 +69,6 @@ static const EVP_CIPHER *GetCipher(const std::string &name) { if (name == "DES-CBC") { return EVP_des_cbc(); - } else if (name == "DES-ECB") { - return EVP_des_ecb(); - } else if (name == "DES-EDE") { - return EVP_des_ede(); - } else if (name == "DES-EDE-CBC") { - return EVP_des_ede_cbc(); } else if (name == "DES-EDE3-CBC") { return EVP_des_ede3_cbc(); } else if (name == "RC4") { @@ -110,7 +104,6 @@ static const EVP_CIPHER *GetCipher(const std::string &name) { static bool TestOperation(FileTest *t, const EVP_CIPHER *cipher, bool encrypt, - bool streaming, const std::vector &key, const std::vector &iv, const std::vector &plaintext, @@ -167,29 +160,11 @@ static bool TestOperation(FileTest *t, (!aad.empty() && !EVP_CipherUpdate(ctx.get(), nullptr, &unused, bssl::vector_data(&aad), aad.size())) || - !EVP_CIPHER_CTX_set_padding(ctx.get(), 0)) { - t->PrintLine("Operation failed."); - return false; - } - if (streaming) { - for (size_t i = 0; i < in->size(); i++) { - uint8_t c = (*in)[i]; - int len; - if (!EVP_CipherUpdate(ctx.get(), bssl::vector_data(&result) + result_len1, - &len, &c, 1)) { - t->PrintLine("Operation failed."); - return false; - } - result_len1 += len; - } - } else if (!in->empty() && - !EVP_CipherUpdate(ctx.get(), bssl::vector_data(&result), - &result_len1, bssl::vector_data(in), - in->size())) { - t->PrintLine("Operation failed."); - return false; - } - if (!EVP_CipherFinal_ex(ctx.get(), bssl::vector_data(&result) + result_len1, + !EVP_CIPHER_CTX_set_padding(ctx.get(), 0) || + (!in->empty() && + !EVP_CipherUpdate(ctx.get(), bssl::vector_data(&result), &result_len1, + bssl::vector_data(in), in->size())) || + !EVP_CipherFinal_ex(ctx.get(), bssl::vector_data(&result) + result_len1, &result_len2)) { t->PrintLine("Operation failed."); return false; @@ -261,21 +236,15 @@ static bool TestCipher(FileTest *t, void *arg) { } // By default, both directions are run, unless overridden by the operation. - if (operation != kDecrypt) { - if (!TestOperation(t, cipher, true /* encrypt */, false /* single-shot */, - key, iv, plaintext, ciphertext, aad, tag) || - !TestOperation(t, cipher, true /* encrypt */, true /* streaming */, key, - iv, plaintext, ciphertext, aad, tag)) { - return false; - } + if (operation != kDecrypt && + !TestOperation(t, cipher, true /* encrypt */, key, iv, plaintext, + ciphertext, aad, tag)) { + return false; } - if (operation != kEncrypt) { - if (!TestOperation(t, cipher, false /* decrypt */, false /* single-shot */, - key, iv, plaintext, ciphertext, aad, tag) || - !TestOperation(t, cipher, false /* decrypt */, true /* streaming */, - key, iv, plaintext, ciphertext, aad, tag)) { - return false; - } + if (operation != kEncrypt && + !TestOperation(t, cipher, false /* decrypt */, key, iv, plaintext, + ciphertext, aad, tag)) { + return false; } return true; diff --git a/src/crypto/cipher/e_aes.c b/src/crypto/cipher/e_aes.c index e8905f6..41d0aec 100644 --- a/src/crypto/cipher/e_aes.c +++ b/src/crypto/cipher/e_aes.c @@ -64,7 +64,7 @@ #include "../modes/internal.h" #if defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64) -#include +#include "../arm_arch.h" #endif @@ -98,6 +98,8 @@ typedef struct { #if !defined(OPENSSL_NO_ASM) && \ (defined(OPENSSL_X86_64) || defined(OPENSSL_X86)) #define VPAES +extern unsigned int OPENSSL_ia32cap_P[]; + static char vpaes_capable(void) { return (OPENSSL_ia32cap_P[1] & (1 << (41 - 32))) != 0; } @@ -111,6 +113,7 @@ static char bsaes_capable(void) { #elif !defined(OPENSSL_NO_ASM) && \ (defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64)) +#include "../arm_arch.h" #if defined(OPENSSL_ARM) && __ARM_MAX_ARCH__ >= 7 #define BSAES @@ -335,7 +338,7 @@ static int aes_init_key(EVP_CIPHER_CTX *ctx, const uint8_t *key, } if (ret < 0) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_AES_KEY_SETUP_FAILED); + OPENSSL_PUT_ERROR(CIPHER, aes_init_key, CIPHER_R_AES_KEY_SETUP_FAILED); return 0; } @@ -708,7 +711,7 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, const uint8_t *in, } else { if (!ctx->encrypt) { if (gctx->taglen < 0 || - !CRYPTO_gcm128_finish(&gctx->gcm, ctx->buf, gctx->taglen)) { + !CRYPTO_gcm128_finish(&gctx->gcm, ctx->buf, gctx->taglen) != 0) { return -1; } gctx->iv_set = 0; @@ -850,7 +853,7 @@ static int aesni_init_key(EVP_CIPHER_CTX *ctx, const uint8_t *key, } if (ret < 0) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_AES_KEY_SETUP_FAILED); + OPENSSL_PUT_ERROR(CIPHER, aesni_init_key, CIPHER_R_AES_KEY_SETUP_FAILED); return 0; } @@ -1063,7 +1066,7 @@ static int aead_aes_gcm_init(EVP_AEAD_CTX *ctx, const uint8_t *key, const size_t key_bits = key_len * 8; if (key_bits != 128 && key_bits != 256) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_init, CIPHER_R_BAD_KEY_LENGTH); return 0; /* EVP_AEAD_CTX_init should catch this. */ } @@ -1072,7 +1075,7 @@ static int aead_aes_gcm_init(EVP_AEAD_CTX *ctx, const uint8_t *key, } if (tag_len > EVP_AEAD_AES_GCM_TAG_LEN) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TAG_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_init, CIPHER_R_TAG_TOO_LARGE); return 0; } @@ -1105,12 +1108,12 @@ static int aead_aes_gcm_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, GCM128_CONTEXT gcm; if (in_len + gcm_ctx->tag_len < in_len) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_seal, CIPHER_R_TOO_LARGE); return 0; } if (max_out_len < in_len + gcm_ctx->tag_len) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_seal, CIPHER_R_BUFFER_TOO_SMALL); return 0; } @@ -1149,14 +1152,14 @@ static int aead_aes_gcm_open(const EVP_AEAD_CTX *ctx, uint8_t *out, GCM128_CONTEXT gcm; if (in_len < gcm_ctx->tag_len) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_open, CIPHER_R_BAD_DECRYPT); return 0; } plaintext_len = in_len - gcm_ctx->tag_len; if (max_out_len < plaintext_len) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_open, CIPHER_R_BUFFER_TOO_SMALL); return 0; } @@ -1182,7 +1185,7 @@ static int aead_aes_gcm_open(const EVP_AEAD_CTX *ctx, uint8_t *out, CRYPTO_gcm128_tag(&gcm, tag, gcm_ctx->tag_len); if (CRYPTO_memcmp(tag, in + plaintext_len, gcm_ctx->tag_len) != 0) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_open, CIPHER_R_BAD_DECRYPT); return 0; } @@ -1236,7 +1239,7 @@ static int aead_aes_key_wrap_init(EVP_AEAD_CTX *ctx, const uint8_t *key, const size_t key_bits = key_len * 8; if (key_bits != 128 && key_bits != 256) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_init, CIPHER_R_BAD_KEY_LENGTH); return 0; /* EVP_AEAD_CTX_init should catch this. */ } @@ -1245,13 +1248,14 @@ static int aead_aes_key_wrap_init(EVP_AEAD_CTX *ctx, const uint8_t *key, } if (tag_len != 8) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_TAG_SIZE); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_init, + CIPHER_R_UNSUPPORTED_TAG_SIZE); return 0; } kw_ctx = OPENSSL_malloc(sizeof(struct aead_aes_key_wrap_ctx)); if (kw_ctx == NULL) { - OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_init, ERR_R_MALLOC_FAILURE); return 0; } @@ -1289,7 +1293,8 @@ static int aead_aes_key_wrap_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, uint8_t A[AES_BLOCK_SIZE]; if (ad_len != 0) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_AD_SIZE); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, + CIPHER_R_UNSUPPORTED_AD_SIZE); return 0; } @@ -1299,12 +1304,14 @@ static int aead_aes_key_wrap_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, } if (nonce_len != 8) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, + CIPHER_R_UNSUPPORTED_NONCE_SIZE); return 0; } if (in_len % 8 != 0) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_INPUT_SIZE); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, + CIPHER_R_UNSUPPORTED_INPUT_SIZE); return 0; } @@ -1313,29 +1320,32 @@ static int aead_aes_key_wrap_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, * conservatively cap it to 2^32-16 to stop 32-bit platforms complaining that * a comparison is always true. */ if (in_len > 0xfffffff0) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, CIPHER_R_TOO_LARGE); return 0; } n = in_len / 8; if (n < 2) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_INPUT_SIZE); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, + CIPHER_R_UNSUPPORTED_INPUT_SIZE); return 0; } if (in_len + 8 < in_len) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, CIPHER_R_TOO_LARGE); return 0; } if (max_out_len < in_len + 8) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, + CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (AES_set_encrypt_key(kw_ctx->key, kw_ctx->key_bits, &ks.ks) < 0) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_AES_KEY_SETUP_FAILED); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, + CIPHER_R_AES_KEY_SETUP_FAILED); return 0; } @@ -1378,7 +1388,8 @@ static int aead_aes_key_wrap_open(const EVP_AEAD_CTX *ctx, uint8_t *out, uint8_t A[AES_BLOCK_SIZE]; if (ad_len != 0) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_AD_SIZE); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, + CIPHER_R_UNSUPPORTED_AD_SIZE); return 0; } @@ -1388,12 +1399,14 @@ static int aead_aes_key_wrap_open(const EVP_AEAD_CTX *ctx, uint8_t *out, } if (nonce_len != 8) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, + CIPHER_R_UNSUPPORTED_NONCE_SIZE); return 0; } if (in_len % 8 != 0) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_INPUT_SIZE); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, + CIPHER_R_UNSUPPORTED_INPUT_SIZE); return 0; } @@ -1402,24 +1415,26 @@ static int aead_aes_key_wrap_open(const EVP_AEAD_CTX *ctx, uint8_t *out, * conservatively cap it to 2^32-8 to stop 32-bit platforms complaining that * a comparison is always true. */ if (in_len > 0xfffffff8) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, CIPHER_R_TOO_LARGE); return 0; } if (in_len < 24) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, CIPHER_R_BAD_DECRYPT); return 0; } n = (in_len / 8) - 1; if (max_out_len < in_len - 8) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, + CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (AES_set_decrypt_key(kw_ctx->key, kw_ctx->key_bits, &ks.ks) < 0) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_AES_KEY_SETUP_FAILED); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, + CIPHER_R_AES_KEY_SETUP_FAILED); return 0; } @@ -1442,7 +1457,7 @@ static int aead_aes_key_wrap_open(const EVP_AEAD_CTX *ctx, uint8_t *out, } if (CRYPTO_memcmp(A, nonce, 8) != 0) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, CIPHER_R_BAD_DECRYPT); return 0; } @@ -1526,13 +1541,15 @@ static int aead_aes_ctr_hmac_sha256_init(EVP_AEAD_CTX *ctx, const uint8_t *key, static const size_t hmac_key_len = 32; if (key_len < hmac_key_len) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_init, + CIPHER_R_BAD_KEY_LENGTH); return 0; /* EVP_AEAD_CTX_init should catch this. */ } const size_t aes_key_len = key_len - hmac_key_len; if (aes_key_len != 16 && aes_key_len != 32) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_init, + CIPHER_R_BAD_KEY_LENGTH); return 0; /* EVP_AEAD_CTX_init should catch this. */ } @@ -1541,13 +1558,15 @@ static int aead_aes_ctr_hmac_sha256_init(EVP_AEAD_CTX *ctx, const uint8_t *key, } if (tag_len > EVP_AEAD_AES_CTR_HMAC_SHA256_TAG_LEN) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TAG_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_init, + CIPHER_R_TAG_TOO_LARGE); return 0; } aes_ctx = OPENSSL_malloc(sizeof(struct aead_aes_ctr_hmac_sha256_ctx)); if (aes_ctx == NULL) { - OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_init, + ERR_R_MALLOC_FAILURE); return 0; } @@ -1647,17 +1666,20 @@ static int aead_aes_ctr_hmac_sha256_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, if (in_len + aes_ctx->tag_len < in_len || /* This input is so large it would overflow the 32-bit block counter. */ in_len_64 >= (OPENSSL_U64(1) << 32) * AES_BLOCK_SIZE) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_seal, + CIPHER_R_TOO_LARGE); return 0; } if (max_out_len < in_len + aes_ctx->tag_len) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_seal, + CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (nonce_len != EVP_AEAD_AES_CTR_HMAC_SHA256_NONCE_LEN) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_seal, + CIPHER_R_UNSUPPORTED_NONCE_SIZE); return 0; } @@ -1681,19 +1703,22 @@ static int aead_aes_ctr_hmac_sha256_open(const EVP_AEAD_CTX *ctx, uint8_t *out, size_t plaintext_len; if (in_len < aes_ctx->tag_len) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_open, + CIPHER_R_BAD_DECRYPT); return 0; } plaintext_len = in_len - aes_ctx->tag_len; if (max_out_len < plaintext_len) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_open, + CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (nonce_len != EVP_AEAD_AES_CTR_HMAC_SHA256_NONCE_LEN) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_open, + CIPHER_R_UNSUPPORTED_NONCE_SIZE); return 0; } @@ -1702,7 +1727,8 @@ static int aead_aes_ctr_hmac_sha256_open(const EVP_AEAD_CTX *ctx, uint8_t *out, &aes_ctx->outer_init_state, ad, ad_len, nonce, in, plaintext_len); if (CRYPTO_memcmp(hmac_result, in + plaintext_len, aes_ctx->tag_len) != 0) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_open, + CIPHER_R_BAD_DECRYPT); return 0; } diff --git a/src/crypto/cipher/e_chacha20poly1305.c b/src/crypto/cipher/e_chacha20poly1305.c index 9dda1b0..ebf0088 100644 --- a/src/crypto/cipher/e_chacha20poly1305.c +++ b/src/crypto/cipher/e_chacha20poly1305.c @@ -42,7 +42,7 @@ static int aead_chacha20_poly1305_init(EVP_AEAD_CTX *ctx, const uint8_t *key, } if (tag_len > POLY1305_TAG_LEN) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_init, CIPHER_R_TOO_LARGE); return 0; } @@ -107,22 +107,23 @@ static int aead_chacha20_poly1305_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, * Casting to uint64_t inside the conditional is not sufficient to stop * the warning. */ if (in_len_64 >= (1ull << 32) * 64 - 64) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_seal, CIPHER_R_TOO_LARGE); return 0; } if (in_len + c20_ctx->tag_len < in_len) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_seal, CIPHER_R_TOO_LARGE); return 0; } if (max_out_len < in_len + c20_ctx->tag_len) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_seal, + CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (nonce_len != CHACHA20_NONCE_LEN) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_IV_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_seal, CIPHER_R_IV_TOO_LARGE); return 0; } @@ -155,7 +156,7 @@ static int aead_chacha20_poly1305_open(const EVP_AEAD_CTX *ctx, uint8_t *out, const uint64_t in_len_64 = in_len; if (in_len < c20_ctx->tag_len) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_open, CIPHER_R_BAD_DECRYPT); return 0; } @@ -167,19 +168,20 @@ static int aead_chacha20_poly1305_open(const EVP_AEAD_CTX *ctx, uint8_t *out, * Casting to uint64_t inside the conditional is not sufficient to stop * the warning. */ if (in_len_64 >= (1ull << 32) * 64 - 64) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_open, CIPHER_R_TOO_LARGE); return 0; } if (nonce_len != CHACHA20_NONCE_LEN) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_IV_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_open, CIPHER_R_IV_TOO_LARGE); return 0; } plaintext_len = in_len - c20_ctx->tag_len; if (max_out_len < plaintext_len) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_open, + CIPHER_R_BUFFER_TOO_SMALL); return 0; } @@ -193,7 +195,7 @@ static int aead_chacha20_poly1305_open(const EVP_AEAD_CTX *ctx, uint8_t *out, CRYPTO_poly1305_finish(&poly1305, mac); if (CRYPTO_memcmp(mac, in + plaintext_len, c20_ctx->tag_len) != 0) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_open, CIPHER_R_BAD_DECRYPT); return 0; } diff --git a/src/crypto/cipher/e_des.c b/src/crypto/cipher/e_des.c index b1d312c..74e1fce 100644 --- a/src/crypto/cipher/e_des.c +++ b/src/crypto/cipher/e_des.c @@ -96,31 +96,6 @@ static const EVP_CIPHER des_cbc = { const EVP_CIPHER *EVP_des_cbc(void) { return &des_cbc; } -static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, const uint8_t *in, - size_t in_len) { - if (in_len < ctx->cipher->block_size) { - return 1; - } - in_len -= ctx->cipher->block_size; - - EVP_DES_KEY *dat = (EVP_DES_KEY *) ctx->cipher_data; - size_t i; - for (i = 0; i <= in_len; i += ctx->cipher->block_size) { - DES_ecb_encrypt((DES_cblock *) (in + i), (DES_cblock *) (out + i), - &dat->ks.ks, ctx->encrypt); - } - return 1; -} - -static const EVP_CIPHER des_ecb = { - NID_des_ecb, 8 /* block_size */, 8 /* key_size */, - 0 /* iv_len */, sizeof(EVP_DES_KEY), EVP_CIPH_ECB_MODE, - NULL /* app_data */, des_init_key, des_ecb_cipher, - NULL /* cleanup */, NULL /* ctrl */, }; - -const EVP_CIPHER *EVP_des_ecb(void) { return &des_ecb; } - - typedef struct { union { double align; @@ -151,57 +126,10 @@ static int des_ede3_cbc_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, return 1; } -static const EVP_CIPHER des_ede3_cbc = { - NID_des_ede3_cbc, 8 /* block_size */, 24 /* key_size */, +static const EVP_CIPHER des3_cbc = { + NID_des_cbc, 8 /* block_size */, 24 /* key_size */, 8 /* iv_len */, sizeof(DES_EDE_KEY), EVP_CIPH_CBC_MODE, NULL /* app_data */, des_ede3_init_key, des_ede3_cbc_cipher, NULL /* cleanup */, NULL /* ctrl */, }; -const EVP_CIPHER *EVP_des_ede3_cbc(void) { return &des_ede3_cbc; } - - -static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const uint8_t *key, - const uint8_t *iv, int enc) { - DES_cblock *deskey = (DES_cblock *) key; - DES_EDE_KEY *dat = (DES_EDE_KEY *) ctx->cipher_data; - - DES_set_key(&deskey[0], &dat->ks.ks[0]); - DES_set_key(&deskey[1], &dat->ks.ks[1]); - DES_set_key(&deskey[0], &dat->ks.ks[2]); - - return 1; -} - -static const EVP_CIPHER des_ede_cbc = { - NID_des_ede_cbc, 8 /* block_size */, 16 /* key_size */, - 8 /* iv_len */, sizeof(DES_EDE_KEY), EVP_CIPH_CBC_MODE, - NULL /* app_data */, des_ede_init_key , des_ede3_cbc_cipher, - NULL /* cleanup */, NULL /* ctrl */, }; - -const EVP_CIPHER *EVP_des_ede_cbc(void) { return &des_ede_cbc; } - - -static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, - const uint8_t *in, size_t in_len) { - if (in_len < ctx->cipher->block_size) { - return 1; - } - in_len -= ctx->cipher->block_size; - - DES_EDE_KEY *dat = (DES_EDE_KEY *) ctx->cipher_data; - size_t i; - for (i = 0; i <= in_len; i += ctx->cipher->block_size) { - DES_ecb3_encrypt((DES_cblock *) (in + i), (DES_cblock *) (out + i), - &dat->ks.ks[0], &dat->ks.ks[1], &dat->ks.ks[2], - ctx->encrypt); - } - return 1; -} - -static const EVP_CIPHER des_ede_ecb = { - NID_des_ede_cbc, 8 /* block_size */, 16 /* key_size */, - 0 /* iv_len */, sizeof(DES_EDE_KEY), EVP_CIPH_ECB_MODE, - NULL /* app_data */, des_ede_init_key , des_ede_ecb_cipher, - NULL /* cleanup */, NULL /* ctrl */, }; - -const EVP_CIPHER *EVP_des_ede(void) { return &des_ede_ecb; } +const EVP_CIPHER *EVP_des_ede3_cbc(void) { return &des3_cbc; } diff --git a/src/crypto/cipher/e_rc2.c b/src/crypto/cipher/e_rc2.c index 8ca7bba..c90ab93 100644 --- a/src/crypto/cipher/e_rc2.c +++ b/src/crypto/cipher/e_rc2.c @@ -395,18 +395,13 @@ static int rc2_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) { case EVP_CTRL_INIT: key->key_bits = EVP_CIPHER_CTX_key_length(ctx) * 8; return 1; - case EVP_CTRL_SET_RC2_KEY_BITS: - /* Should be overridden by later call to |EVP_CTRL_INIT|, but - * people call it, so it may as well work. */ - key->key_bits = arg; - return 1; default: return -1; } } -static const EVP_CIPHER rc2_40_cbc = { +static const EVP_CIPHER rc2_40_cbc_cipher = { NID_rc2_40_cbc, 8 /* block size */, 5 /* 40 bit */, @@ -421,23 +416,5 @@ static const EVP_CIPHER rc2_40_cbc = { }; const EVP_CIPHER *EVP_rc2_40_cbc(void) { - return &rc2_40_cbc; -} - -static const EVP_CIPHER rc2_cbc = { - NID_rc2_cbc, - 8 /* block size */, - 16 /* 128 bit */, - 8 /* iv len */, - sizeof(EVP_RC2_KEY), - EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, - NULL /* app_data */, - rc2_init_key, - rc2_cbc_cipher, - NULL, - rc2_ctrl, -}; - -const EVP_CIPHER *EVP_rc2_cbc(void) { - return &rc2_cbc; + return &rc2_40_cbc_cipher; } diff --git a/src/crypto/cipher/e_rc4.c b/src/crypto/cipher/e_rc4.c index e05b9fd..80dea36 100644 --- a/src/crypto/cipher/e_rc4.c +++ b/src/crypto/cipher/e_rc4.c @@ -115,20 +115,20 @@ aead_rc4_md5_tls_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len, } if (tag_len > MD5_DIGEST_LENGTH) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_init, CIPHER_R_TOO_LARGE); return 0; } /* The keys consists of |MD5_DIGEST_LENGTH| bytes of HMAC(MD5) key followed * by some number of bytes of RC4 key. */ if (key_len <= MD5_DIGEST_LENGTH) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_init, CIPHER_R_BAD_KEY_LENGTH); return 0; } rc4_ctx = OPENSSL_malloc(sizeof(struct aead_rc4_md5_tls_ctx)); if (rc4_ctx == NULL) { - OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_init, ERR_R_MALLOC_FAILURE); return 0; } memset(rc4_ctx, 0, sizeof(struct aead_rc4_md5_tls_ctx)); @@ -185,22 +185,22 @@ static int aead_rc4_md5_tls_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, uint8_t digest[MD5_DIGEST_LENGTH]; if (in_len + rc4_ctx->tag_len < in_len) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_seal, CIPHER_R_TOO_LARGE); return 0; } if (nonce_len != 0) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_IV_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_seal, CIPHER_R_IV_TOO_LARGE); return 0; } if (max_out_len < in_len + rc4_ctx->tag_len) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_seal, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (nonce_len != 0) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_seal, CIPHER_R_TOO_LARGE); return 0; } @@ -288,21 +288,21 @@ static int aead_rc4_md5_tls_open(const EVP_AEAD_CTX *ctx, uint8_t *out, uint8_t digest[MD5_DIGEST_LENGTH]; if (in_len < rc4_ctx->tag_len) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_open, CIPHER_R_BAD_DECRYPT); return 0; } plaintext_len = in_len - rc4_ctx->tag_len; if (nonce_len != 0) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_open, CIPHER_R_TOO_LARGE); return 0; } if (max_out_len < in_len) { /* This requires that the caller provide space for the MAC, even though it * will always be removed on return. */ - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_open, CIPHER_R_BUFFER_TOO_SMALL); return 0; } @@ -366,7 +366,7 @@ static int aead_rc4_md5_tls_open(const EVP_AEAD_CTX *ctx, uint8_t *out, MD5_Final(digest, &md); if (CRYPTO_memcmp(out + plaintext_len, digest, rc4_ctx->tag_len)) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_open, CIPHER_R_BAD_DECRYPT); return 0; } diff --git a/src/crypto/cipher/e_ssl3.c b/src/crypto/cipher/e_ssl3.c index 389c52f..1031d9b 100644 --- a/src/crypto/cipher/e_ssl3.c +++ b/src/crypto/cipher/e_ssl3.c @@ -85,12 +85,12 @@ static int aead_ssl3_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len, const EVP_CIPHER *cipher, const EVP_MD *md) { if (tag_len != EVP_AEAD_DEFAULT_TAG_LENGTH && tag_len != EVP_MD_size(md)) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_TAG_SIZE); + OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_init, CIPHER_R_UNSUPPORTED_TAG_SIZE); return 0; } if (key_len != EVP_AEAD_key_length(ctx->aead)) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_init, CIPHER_R_BAD_KEY_LENGTH); return 0; } @@ -102,7 +102,7 @@ static int aead_ssl3_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len, AEAD_SSL3_CTX *ssl3_ctx = OPENSSL_malloc(sizeof(AEAD_SSL3_CTX)); if (ssl3_ctx == NULL) { - OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_init, ERR_R_MALLOC_FAILURE); return 0; } EVP_CIPHER_CTX_init(&ssl3_ctx->cipher_ctx); @@ -133,29 +133,29 @@ static int aead_ssl3_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, if (!ssl3_ctx->cipher_ctx.encrypt) { /* Unlike a normal AEAD, an SSL3 AEAD may only be used in one direction. */ - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_OPERATION); + OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_seal, CIPHER_R_INVALID_OPERATION); return 0; } if (in_len + EVP_AEAD_max_overhead(ctx->aead) < in_len || in_len > INT_MAX) { /* EVP_CIPHER takes int as input. */ - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_seal, CIPHER_R_TOO_LARGE); return 0; } if (max_out_len < in_len + EVP_AEAD_max_overhead(ctx->aead)) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_seal, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (nonce_len != 0) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_IV_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_seal, CIPHER_R_IV_TOO_LARGE); return 0; } if (ad_len != 11 - 2 /* length bytes */) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_AD_SIZE); + OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_seal, CIPHER_R_INVALID_AD_SIZE); return 0; } @@ -217,36 +217,36 @@ static int aead_ssl3_open(const EVP_AEAD_CTX *ctx, uint8_t *out, if (ssl3_ctx->cipher_ctx.encrypt) { /* Unlike a normal AEAD, an SSL3 AEAD may only be used in one direction. */ - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_OPERATION); + OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_INVALID_OPERATION); return 0; } size_t mac_len = EVP_MD_CTX_size(&ssl3_ctx->md_ctx); if (in_len < mac_len) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_BAD_DECRYPT); return 0; } if (max_out_len < in_len) { /* This requires that the caller provide space for the MAC, even though it * will always be removed on return. */ - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (nonce_len != 0) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_TOO_LARGE); return 0; } if (ad_len != 11 - 2 /* length bytes */) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_AD_SIZE); + OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_INVALID_AD_SIZE); return 0; } if (in_len > INT_MAX) { /* EVP_CIPHER takes int as input. */ - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_TOO_LARGE); return 0; } @@ -270,12 +270,12 @@ static int aead_ssl3_open(const EVP_AEAD_CTX *ctx, uint8_t *out, if (EVP_CIPHER_CTX_mode(&ssl3_ctx->cipher_ctx) == EVP_CIPH_CBC_MODE) { unsigned padding_length = out[total - 1]; if (total < padding_length + 1 + mac_len) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_BAD_DECRYPT); return 0; } /* The padding must be minimal. */ if (padding_length + 1 > EVP_CIPHER_CTX_block_size(&ssl3_ctx->cipher_ctx)) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_BAD_DECRYPT); return 0; } data_len = total - padding_length - 1 - mac_len; @@ -289,7 +289,7 @@ static int aead_ssl3_open(const EVP_AEAD_CTX *ctx, uint8_t *out, return 0; } if (CRYPTO_memcmp(&out[data_len], mac, mac_len) != 0) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_BAD_DECRYPT); return 0; } @@ -340,13 +340,6 @@ static int aead_des_ede3_cbc_sha1_ssl3_init(EVP_AEAD_CTX *ctx, EVP_sha1()); } -static int aead_null_sha1_ssl3_init(EVP_AEAD_CTX *ctx, const uint8_t *key, - size_t key_len, size_t tag_len, - enum evp_aead_direction_t dir) { - return aead_ssl3_init(ctx, key, key_len, tag_len, dir, EVP_enc_null(), - EVP_sha1()); -} - static const EVP_AEAD aead_rc4_md5_ssl3 = { MD5_DIGEST_LENGTH + 16, /* key len (MD5 + RC4) */ 0, /* nonce len */ @@ -412,19 +405,6 @@ static const EVP_AEAD aead_des_ede3_cbc_sha1_ssl3 = { NULL, /* get_rc4_state */ }; -static const EVP_AEAD aead_null_sha1_ssl3 = { - SHA_DIGEST_LENGTH, /* key len */ - 0, /* nonce len */ - SHA_DIGEST_LENGTH, /* overhead (SHA1) */ - SHA_DIGEST_LENGTH, /* max tag length */ - NULL, /* init */ - aead_null_sha1_ssl3_init, - aead_ssl3_cleanup, - aead_ssl3_seal, - aead_ssl3_open, - NULL, /* get_rc4_state */ -}; - const EVP_AEAD *EVP_aead_rc4_md5_ssl3(void) { return &aead_rc4_md5_ssl3; } const EVP_AEAD *EVP_aead_rc4_sha1_ssl3(void) { return &aead_rc4_sha1_ssl3; } @@ -440,5 +420,3 @@ const EVP_AEAD *EVP_aead_aes_256_cbc_sha1_ssl3(void) { const EVP_AEAD *EVP_aead_des_ede3_cbc_sha1_ssl3(void) { return &aead_des_ede3_cbc_sha1_ssl3; } - -const EVP_AEAD *EVP_aead_null_sha1_ssl3(void) { return &aead_null_sha1_ssl3; } diff --git a/src/crypto/cipher/e_tls.c b/src/crypto/cipher/e_tls.c index 2778881..bed02cb 100644 --- a/src/crypto/cipher/e_tls.c +++ b/src/crypto/cipher/e_tls.c @@ -57,12 +57,12 @@ static int aead_tls_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len, char implicit_iv) { if (tag_len != EVP_AEAD_DEFAULT_TAG_LENGTH && tag_len != EVP_MD_size(md)) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_TAG_SIZE); + OPENSSL_PUT_ERROR(CIPHER, aead_tls_init, CIPHER_R_UNSUPPORTED_TAG_SIZE); return 0; } if (key_len != EVP_AEAD_key_length(ctx->aead)) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, aead_tls_init, CIPHER_R_BAD_KEY_LENGTH); return 0; } @@ -75,7 +75,7 @@ static int aead_tls_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len, AEAD_TLS_CTX *tls_ctx = OPENSSL_malloc(sizeof(AEAD_TLS_CTX)); if (tls_ctx == NULL) { - OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CIPHER, aead_tls_init, ERR_R_MALLOC_FAILURE); return 0; } EVP_CIPHER_CTX_init(&tls_ctx->cipher_ctx); @@ -109,7 +109,7 @@ static int aead_tls_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, if (!tls_ctx->cipher_ctx.encrypt) { /* Unlike a normal AEAD, a TLS AEAD may only be used in one direction. */ - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_OPERATION); + OPENSSL_PUT_ERROR(CIPHER, aead_tls_seal, CIPHER_R_INVALID_OPERATION); return 0; } @@ -117,22 +117,22 @@ static int aead_tls_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, if (in_len + EVP_AEAD_max_overhead(ctx->aead) < in_len || in_len > INT_MAX) { /* EVP_CIPHER takes int as input. */ - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, aead_tls_seal, CIPHER_R_TOO_LARGE); return 0; } if (max_out_len < in_len + EVP_AEAD_max_overhead(ctx->aead)) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, aead_tls_seal, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (nonce_len != EVP_AEAD_nonce_length(ctx->aead)) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_NONCE_SIZE); + OPENSSL_PUT_ERROR(CIPHER, aead_tls_seal, CIPHER_R_INVALID_NONCE_SIZE); return 0; } if (ad_len != 13 - 2 /* length bytes */) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_AD_SIZE); + OPENSSL_PUT_ERROR(CIPHER, aead_tls_seal, CIPHER_R_INVALID_AD_SIZE); return 0; } @@ -214,36 +214,36 @@ static int aead_tls_open(const EVP_AEAD_CTX *ctx, uint8_t *out, if (tls_ctx->cipher_ctx.encrypt) { /* Unlike a normal AEAD, a TLS AEAD may only be used in one direction. */ - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_OPERATION); + OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_INVALID_OPERATION); return 0; } if (in_len < HMAC_size(&tls_ctx->hmac_ctx)) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_BAD_DECRYPT); return 0; } if (max_out_len < in_len) { /* This requires that the caller provide space for the MAC, even though it * will always be removed on return. */ - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (nonce_len != EVP_AEAD_nonce_length(ctx->aead)) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_NONCE_SIZE); + OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_INVALID_NONCE_SIZE); return 0; } if (ad_len != 13 - 2 /* length bytes */) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_AD_SIZE); + OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_INVALID_AD_SIZE); return 0; } if (in_len > INT_MAX) { /* EVP_CIPHER takes int as input. */ - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_TOO_LARGE); return 0; } @@ -278,7 +278,7 @@ static int aead_tls_open(const EVP_AEAD_CTX *ctx, uint8_t *out, (unsigned)HMAC_size(&tls_ctx->hmac_ctx)); /* Publicly invalid. This can be rejected in non-constant time. */ if (padding_ok == 0) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_BAD_DECRYPT); return 0; } } else { @@ -312,7 +312,7 @@ static int aead_tls_open(const EVP_AEAD_CTX *ctx, uint8_t *out, if (!EVP_tls_cbc_digest_record(tls_ctx->hmac_ctx.md, mac, &mac_len, ad_fixed, out, data_plus_mac_len, total, tls_ctx->mac_key, tls_ctx->mac_key_len)) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_BAD_DECRYPT); return 0; } assert(mac_len == HMAC_size(&tls_ctx->hmac_ctx)); @@ -349,7 +349,7 @@ static int aead_tls_open(const EVP_AEAD_CTX *ctx, uint8_t *out, 0); good &= constant_time_eq_int(padding_ok, 1); if (!good) { - OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_BAD_DECRYPT); return 0; } @@ -444,13 +444,6 @@ static int aead_rc4_sha1_tls_get_rc4_state(const EVP_AEAD_CTX *ctx, return 1; } -static int aead_null_sha1_tls_init(EVP_AEAD_CTX *ctx, const uint8_t *key, - size_t key_len, size_t tag_len, - enum evp_aead_direction_t dir) { - return aead_tls_init(ctx, key, key_len, tag_len, dir, EVP_enc_null(), - EVP_sha1(), 1 /* implicit iv */); -} - static const EVP_AEAD aead_rc4_sha1_tls = { SHA_DIGEST_LENGTH + 16, /* key len (SHA1 + RC4) */ 0, /* nonce len */ @@ -581,19 +574,6 @@ static const EVP_AEAD aead_des_ede3_cbc_sha1_tls_implicit_iv = { NULL, /* get_rc4_state */ }; -static const EVP_AEAD aead_null_sha1_tls = { - SHA_DIGEST_LENGTH, /* key len */ - 0, /* nonce len */ - SHA_DIGEST_LENGTH, /* overhead (SHA1) */ - SHA_DIGEST_LENGTH, /* max tag length */ - NULL, /* init */ - aead_null_sha1_tls_init, - aead_tls_cleanup, - aead_tls_seal, - aead_tls_open, - NULL, /* get_rc4_state */ -}; - const EVP_AEAD *EVP_aead_rc4_sha1_tls(void) { return &aead_rc4_sha1_tls; } const EVP_AEAD *EVP_aead_aes_128_cbc_sha1_tls(void) { @@ -631,5 +611,3 @@ const EVP_AEAD *EVP_aead_des_ede3_cbc_sha1_tls(void) { const EVP_AEAD *EVP_aead_des_ede3_cbc_sha1_tls_implicit_iv(void) { return &aead_des_ede3_cbc_sha1_tls_implicit_iv; } - -const EVP_AEAD *EVP_aead_null_sha1_tls(void) { return &aead_null_sha1_tls; } diff --git a/src/crypto/cipher/test/aes_128_gcm_tests.txt b/src/crypto/cipher/test/aes_128_gcm_tests.txt index 75466fe..5f7ad35 100644 --- a/src/crypto/cipher/test/aes_128_gcm_tests.txt +++ b/src/crypto/cipher/test/aes_128_gcm_tests.txt @@ -418,9 +418,3 @@ AD: 18e2ed6d500b176e49f7e1b5074c0b7dbfdefdf00a63d9fa2fea8c5e78a1c4ae00f17b234429 CT: 5f3627bd53f8da0bbe6f3c9246d6f96fe9abb91cdecf66ddd42f833d98f4d4634c2e1e1ad4088c84c22191bdb9d99ef227320e455dd112c4a9e9cca95724fcc9ae024ed12bf60a802d0b87b99d9bf22590786567c2962171d2b05bec9754c627608e9eba7bccc70540aa4da72e1e04b26d8f968b10230f707501c0091a8ac118f86e87aae1ac00257aee29c3345bd3839154977acd378fc1b2197f5c1fd8e12262f9c2974fb92dc481eeb51aadd44a8851f61b93a84ba57f2870df0423d289bfdcfe634f9ecb7d7c6110a95b49418a2dd6663377690275c205b3efa79a0a77c92567fb429d8ee437312a39df7516dc238f7b9414938223d7ec24d256d3fb3a5954a7c75dbd79486d49ba6bb38a7ccce0f58700260b71319adf98ab8684e34913abe2d9d97193e2 TAG: e690e89af39ff367f5d40a1b7c7ccd4f -KEY: 31323334353637383930313233343536 -NONCE: 31323334353637383930313233343536 -IN: 48656c6c6f2c20576f726c64 -AD: -CT: cec189d0e8419b90fb16d555 -TAG: 32893832a8d609224d77c2e56a922282 diff --git a/src/crypto/cipher/test/cipher_test.txt b/src/crypto/cipher/test/cipher_test.txt index 21fffdb..93cb8f3 100644 --- a/src/crypto/cipher/test/cipher_test.txt +++ b/src/crypto/cipher/test/cipher_test.txt @@ -38,22 +38,6 @@ Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000 Ciphertext = 3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675 -# DES EDE CBC tests -Cipher = DES-EDE-CBC -Key = 0123456789abcdeff1e0d3c2b5a49786 -IV = fedcba9876543210 -Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000 -Ciphertext = 7948C0DA4FE91CD815DCA96DBC9B60A857EB954F4DEB08EB98722642AE69257B - - -# DES EDE tests -Cipher = DES-EDE -Key = 0123456789abcdeff1e0d3c2b5a49786 -IV = fedcba9876543210 -Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000 -Ciphertext = 22E889402E28422F8167AD279D90A566DA75B734E12C671FC2669AECB3E4FE8F - - # AES 128 ECB tests (from FIPS-197 test vectors, encrypt) Cipher = AES-128-ECB Key = 000102030405060708090A0B0C0D0E0F @@ -376,13 +360,6 @@ Ciphertext = 6268c6fa2a80b2d137467f092f657ac04d89be2beaa623d61b5a868c8f03ff95d3d AAD = 00000000000000000000000000000000101112131415161718191a1b1c1d1e1f Tag = 3b629ccfbc1119b7319e1dce2cd6fd6d -Cipher = AES-128-GCM -Key = 31323334353637383930313233343536 -IV = 31323334353637383930313233343536 -Plaintext = 48656c6c6f2c20576f726c64 -Ciphertext = cec189d0e8419b90fb16d555 -Tag = 32893832a8d609224d77c2e56a922282 -AAD = # OFB tests from OpenSSL upstream. @@ -558,40 +535,3 @@ Cipher = AES-192-ECB Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 Ciphertext = 9A4B41BA738D6C72FB16691603C18E0E - -# DES ECB tests - -Cipher = DES-ECB -Key = 0000000000000000 -Plaintext = 0000000000000000 -Ciphertext = 8CA64DE9C1B123A7 - -Cipher = DES-ECB -Key = FFFFFFFFFFFFFFFF -Plaintext = FFFFFFFFFFFFFFFF -Ciphertext = 7359B2163E4EDC58 - -Cipher = DES-ECB -Key = 3000000000000000 -Plaintext = 1000000000000001 -Ciphertext = 958E6E627A05557B - -Cipher = DES-ECB -Key = 1111111111111111 -Plaintext = 1111111111111111 -Ciphertext = F40379AB9E0EC533 - -Cipher = DES-ECB -Key = 0123456789ABCDEF -Plaintext = 1111111111111111 -Ciphertext = 17668DFC7292532D - -Cipher = DES-ECB -Key = 1111111111111111 -Plaintext = 0123456789ABCDEF -Ciphertext = 8A5AE1F81AB8F2DD - -Cipher = DES-ECB -Key = FEDCBA9876543210 -Plaintext = 0123456789ABCDEF -Ciphertext = ED39D950FA74BCC4 diff --git a/src/crypto/cmac/CMakeLists.txt b/src/crypto/cmac/CMakeLists.txt index bb3abc3..8ebd80c 100644 --- a/src/crypto/cmac/CMakeLists.txt +++ b/src/crypto/cmac/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( cmac @@ -12,8 +12,6 @@ add_executable( cmac_test cmac_test.cc - - $ ) target_link_libraries(cmac_test crypto) diff --git a/src/crypto/cmac/cmac_test.cc b/src/crypto/cmac/cmac_test.cc index 53f45d1..0f06860 100644 --- a/src/crypto/cmac/cmac_test.cc +++ b/src/crypto/cmac/cmac_test.cc @@ -19,13 +19,16 @@ #include #include "../test/scoped_types.h" -#include "../test/test_util.h" -static void dump(const uint8_t *got, const uint8_t *want, size_t len) { - hexdump(stderr, "got :", got, len); - hexdump(stderr, "want:", want, len); - fflush(stderr); +static void dump(const uint8_t *got, const uint8_t *expected, size_t len) { + ScopedBIO bio(BIO_new_fp(stderr, 0 /* don't close */)); + + BIO_puts(bio.get(), "\nGot:\n"); + BIO_hexdump(bio.get(), got, len, 2 /* indent */); + BIO_puts(bio.get(), "Expected:\n"); + BIO_hexdump(bio.get(), expected, len, 2 /* indent */); + BIO_flush(bio.get()); } static int test(const char *name, const uint8_t *key, size_t key_len, diff --git a/src/crypto/conf/CMakeLists.txt b/src/crypto/conf/CMakeLists.txt index 0a3c795..8046bb8 100644 --- a/src/crypto/conf/CMakeLists.txt +++ b/src/crypto/conf/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( conf diff --git a/src/crypto/conf/conf.c b/src/crypto/conf/conf.c index e098a2c..213efc5 100644 --- a/src/crypto/conf/conf.c +++ b/src/crypto/conf/conf.c @@ -111,16 +111,6 @@ CONF *NCONF_new(void *method) { return conf; } -CONF_VALUE *CONF_VALUE_new(void) { - CONF_VALUE *v = OPENSSL_malloc(sizeof(CONF_VALUE)); - if (!v) { - OPENSSL_PUT_ERROR(CONF, ERR_R_MALLOC_FAILURE); - return NULL; - } - memset(v, 0, sizeof(CONF_VALUE)); - return v; -} - static void value_free_contents(CONF_VALUE *value) { if (value->section) { OPENSSL_free(value->section); @@ -147,26 +137,29 @@ void NCONF_free(CONF *conf) { return; } - lh_CONF_VALUE_doall(conf->data, value_free); + lh_CONF_VALUE_doall(conf->data, value_free_contents); lh_CONF_VALUE_free(conf->data); OPENSSL_free(conf); } CONF_VALUE *NCONF_new_section(const CONF *conf, const char *section) { STACK_OF(CONF_VALUE) *sk = NULL; - int ok = 0; + int ok = 0, i; CONF_VALUE *v = NULL, *old_value; sk = sk_CONF_VALUE_new_null(); - v = CONF_VALUE_new(); + v = OPENSSL_malloc(sizeof(CONF_VALUE)); if (sk == NULL || v == NULL) { goto err; } - v->section = OPENSSL_strdup(section); + i = strlen(section) + 1; + v->section = OPENSSL_malloc(i); if (v->section == NULL) { goto err; } + memcpy(v->section, section, i); + v->section[i-1] = 0; v->name = NULL; v->value = (char *)sk; @@ -292,7 +285,7 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from) { rp = e; if (q) { if (r != q) { - OPENSSL_PUT_ERROR(CONF, CONF_R_NO_CLOSE_BRACE); + OPENSSL_PUT_ERROR(CONF, str_copy, CONF_R_NO_CLOSE_BRACE); goto err; } e++; @@ -311,7 +304,7 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from) { } *rp = r; if (p == NULL) { - OPENSSL_PUT_ERROR(CONF, CONF_R_VARIABLE_HAS_NO_VALUE); + OPENSSL_PUT_ERROR(CONF, str_copy, CONF_R_VARIABLE_HAS_NO_VALUE); goto err; } BUF_MEM_grow_clean(buf, (strlen(p) + buf->length - (e - from))); @@ -379,12 +372,11 @@ const char *NCONF_get_string(const CONF *conf, const char *section, return value->value; } -static int add_string(const CONF *conf, CONF_VALUE *section, - CONF_VALUE *value) { +int add_string(const CONF *conf, CONF_VALUE *section, CONF_VALUE *value) { STACK_OF(CONF_VALUE) *section_stack = (STACK_OF(CONF_VALUE)*) section->value; CONF_VALUE *old_value; - value->section = OPENSSL_strdup(section->section); + value->section = section->section; if (!sk_CONF_VALUE_push(section_stack, value)) { return 0; } @@ -513,19 +505,20 @@ static int def_load_bio(CONF *conf, BIO *in, long *out_error_line) { char *start, *psection, *pname; if ((buff = BUF_MEM_new()) == NULL) { - OPENSSL_PUT_ERROR(CONF, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(CONF, def_load_bio, ERR_R_BUF_LIB); goto err; } - section = OPENSSL_strdup("default"); + section = (char *)OPENSSL_malloc(10); if (section == NULL) { - OPENSSL_PUT_ERROR(CONF, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CONF, def_load_bio, ERR_R_MALLOC_FAILURE); goto err; } + BUF_strlcpy(section, "default", 10); sv = NCONF_new_section(conf, section); if (sv == NULL) { - OPENSSL_PUT_ERROR(CONF, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); + OPENSSL_PUT_ERROR(CONF, def_load_bio, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); goto err; } @@ -533,7 +526,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *out_error_line) { again = 0; for (;;) { if (!BUF_MEM_grow(buff, bufnum + CONFBUFSIZE)) { - OPENSSL_PUT_ERROR(CONF, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(CONF, def_load_bio, ERR_R_BUF_LIB); goto err; } p = &(buff->data[bufnum]); @@ -602,7 +595,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *out_error_line) { ss = p; goto again; } - OPENSSL_PUT_ERROR(CONF, CONF_R_MISSING_CLOSE_SQUARE_BRACKET); + OPENSSL_PUT_ERROR(CONF, def_load_bio, CONF_R_MISSING_CLOSE_SQUARE_BRACKET); goto err; } *end = '\0'; @@ -613,7 +606,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *out_error_line) { sv = NCONF_new_section(conf, section); } if (sv == NULL) { - OPENSSL_PUT_ERROR(CONF, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); + OPENSSL_PUT_ERROR(CONF, def_load_bio, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); goto err; } continue; @@ -630,7 +623,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *out_error_line) { } p = eat_ws(conf, end); if (*p != '=') { - OPENSSL_PUT_ERROR(CONF, CONF_R_MISSING_EQUAL_SIGN); + OPENSSL_PUT_ERROR(CONF, def_load_bio, CONF_R_MISSING_EQUAL_SIGN); goto err; } *end = '\0'; @@ -646,17 +639,20 @@ static int def_load_bio(CONF *conf, BIO *in, long *out_error_line) { p++; *p = '\0'; - if (!(v = CONF_VALUE_new())) { + if (!(v = (CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) { + OPENSSL_PUT_ERROR(CONF, def_load_bio, ERR_R_MALLOC_FAILURE); goto err; } if (psection == NULL) { psection = section; } - v->name = OPENSSL_strdup(pname); + v->name = (char *)OPENSSL_malloc(strlen(pname) + 1); + v->value = NULL; if (v->name == NULL) { - OPENSSL_PUT_ERROR(CONF, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CONF, def_load_bio, ERR_R_MALLOC_FAILURE); goto err; } + BUF_strlcpy(v->name, pname, strlen(pname) + 1); if (!str_copy(conf, psection, &(v->value), start)) { goto err; } @@ -666,14 +662,14 @@ static int def_load_bio(CONF *conf, BIO *in, long *out_error_line) { tv = NCONF_new_section(conf, psection); } if (tv == NULL) { - OPENSSL_PUT_ERROR(CONF, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); + OPENSSL_PUT_ERROR(CONF, def_load_bio, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); goto err; } } else { tv = sv; } if (add_string(conf, tv, v) == 0) { - OPENSSL_PUT_ERROR(CONF, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CONF, def_load_bio, ERR_R_MALLOC_FAILURE); goto err; } v = NULL; @@ -719,7 +715,7 @@ int NCONF_load(CONF *conf, const char *filename, long *out_error_line) { int ret; if (in == NULL) { - OPENSSL_PUT_ERROR(CONF, ERR_R_SYS_LIB); + OPENSSL_PUT_ERROR(CONF, NCONF_load, ERR_R_SYS_LIB); return 0; } @@ -740,7 +736,7 @@ int CONF_parse_list(const char *list, char sep, int remove_whitespace, const char *lstart, *tmpend, *p; if (list == NULL) { - OPENSSL_PUT_ERROR(CONF, CONF_R_LIST_CANNOT_BE_NULL); + OPENSSL_PUT_ERROR(CONF, CONF_parse_list, CONF_R_LIST_CANNOT_BE_NULL); return 0; } diff --git a/src/crypto/conf/internal.h b/src/crypto/conf/internal.h deleted file mode 100644 index 03d1a8f..0000000 --- a/src/crypto/conf/internal.h +++ /dev/null @@ -1,31 +0,0 @@ -/* Copyright (c) 2015, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -#ifndef OPENSSL_HEADER_CRYPTO_CONF_INTERNAL_H -#define OPENSSL_HEADER_CRYPTO_CONF_INTERNAL_H - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* CONF_VALUE_new returns a freshly allocated and zeroed |CONF_VALUE|. */ -CONF_VALUE *CONF_VALUE_new(void); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_CRYPTO_CONF_INTERNAL_H */ diff --git a/src/crypto/cpu-arm.c b/src/crypto/cpu-arm.c index 6e037ab..74e937b 100644 --- a/src/crypto/cpu-arm.c +++ b/src/crypto/cpu-arm.c @@ -24,7 +24,7 @@ #include #endif -#include +#include "arm_arch.h" /* We can't include because the Android SDK version against which @@ -70,12 +70,12 @@ static void sigill_handler(int signal) { siglongjmp(sigill_jmp, signal); } -void CRYPTO_arm_neon_probe(void); +void CRYPTO_arm_neon_probe(); // probe_for_NEON returns 1 if a NEON instruction runs successfully. Because // getauxval doesn't exist on Android until Jelly Bean, supporting NEON on // older devices requires this. -static int probe_for_NEON(void) { +static int probe_for_NEON() { int supported = 0; sigset_t sigmask; diff --git a/src/crypto/cpu-intel.c b/src/crypto/cpu-intel.c index 924bab0..df0e127 100644 --- a/src/crypto/cpu-intel.c +++ b/src/crypto/cpu-intel.c @@ -68,58 +68,8 @@ #include #include -#if defined(OPENSSL_WINDOWS) -#pragma warning(push, 3) -#include -#include -#pragma warning(pop) -#endif - - -/* OPENSSL_cpuid runs the cpuid instruction. |leaf| is passed in as EAX and ECX - * is set to zero. It writes EAX, EBX, ECX, and EDX to |*out_eax| through - * |*out_edx|. */ -static void OPENSSL_cpuid(uint32_t *out_eax, uint32_t *out_ebx, - uint32_t *out_ecx, uint32_t *out_edx, uint32_t leaf) { -#if defined(OPENSSL_WINDOWS) - int tmp[4]; - __cpuid(tmp, (int)leaf); - *out_eax = (uint32_t)tmp[0]; - *out_ebx = (uint32_t)tmp[1]; - *out_ecx = (uint32_t)tmp[2]; - *out_edx = (uint32_t)tmp[3]; -#elif defined(__pic__) && defined(OPENSSL_32_BIT) - /* Inline assembly may not clobber the PIC register. For 32-bit, this is EBX. - * See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=47602. */ - __asm__ volatile ( - "xor %%ecx, %%ecx\n" - "mov %%ebx, %%edi\n" - "cpuid\n" - "xchg %%edi, %%ebx\n" - : "=a"(*out_eax), "=D"(*out_ebx), "=c"(*out_ecx), "=d"(*out_edx) - : "a"(leaf) - ); -#else - __asm__ volatile ( - "xor %%ecx, %%ecx\n" - "cpuid\n" - : "=a"(*out_eax), "=b"(*out_ebx), "=c"(*out_ecx), "=d"(*out_edx) - : "a"(leaf) - ); -#endif -} - -/* OPENSSL_xgetbv returns the value of an Intel Extended Control Register (XCR). - * Currently only XCR0 is defined by Intel so |xcr| should always be zero. */ -static uint64_t OPENSSL_xgetbv(uint32_t xcr) { -#if defined(OPENSSL_WINDOWS) - return (uint64_t)_xgetbv(xcr); -#else - uint32_t eax, edx; - __asm__ volatile ("xgetbv" : "=a"(eax), "=d"(edx) : "c"(xcr)); - return (((uint64_t)edx) << 32) | eax; -#endif -} +/* OPENSSL_ia32_cpuid is defined in cpu-x86_64-asm.pl. */ +extern uint64_t OPENSSL_ia32_cpuid(uint32_t*); /* handle_cpu_env applies the value from |in| to the CPUID values in |out[0]| * and |out[1]|. See the comment in |OPENSSL_cpuid_setup| about this. */ @@ -141,101 +91,18 @@ static void handle_cpu_env(uint32_t *out, const char *in) { } void OPENSSL_cpuid_setup(void) { - /* Determine the vendor and maximum input value. */ - uint32_t eax, ebx, ecx, edx; - OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 0); - - uint32_t num_ids = eax; - - int is_intel = ebx == 0x756e6547 /* Genu */ && - edx == 0x49656e69 /* ineI */ && - ecx == 0x6c65746e /* ntel */; - int is_amd = ebx == 0x68747541 /* Auth */ && - edx == 0x69746e65 /* enti */ && - ecx == 0x444d4163 /* cAMD */; - - int has_amd_xop = 0; - if (is_amd) { - /* AMD-specific logic. - * See http://developer.amd.com/wordpress/media/2012/10/254811.pdf */ - OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 0x80000000); - uint32_t num_extended_ids = eax; - if (num_extended_ids >= 0x80000001) { - OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 0x80000001); - if (ecx & (1 << 11)) { - has_amd_xop = 1; - } - } - } - - uint32_t extended_features = 0; - if (num_ids >= 7) { - OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 7); - extended_features = ebx; - } - - /* Determine the number of cores sharing an L1 data cache to adjust the - * hyper-threading bit. */ - uint32_t cores_per_cache = 0; - if (is_amd) { - /* AMD CPUs never share an L1 data cache between threads but do set the HTT - * bit on multi-core CPUs. */ - cores_per_cache = 1; - } else if (num_ids >= 4) { - /* TODO(davidben): The Intel manual says this CPUID leaf enumerates all - * caches using ECX and doesn't say which is first. Does this matter? */ - OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 4); - cores_per_cache = 1 + ((eax >> 14) & 0xfff); - } - - OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 1); - - /* Adjust the hyper-threading bit. */ - if (edx & (1 << 28)) { - uint32_t num_logical_cores = (ebx >> 16) & 0xff; - if (cores_per_cache == 1 || num_logical_cores <= 1) { - edx &= ~(1 << 28); - } - } - - /* Reserved bit #20 was historically repurposed to control the in-memory - * representation of RC4 state. Always set it to zero. */ - edx &= ~(1 << 20); - - /* Reserved bit #30 is repurposed to signal an Intel CPU. */ - if (is_intel) { - edx |= (1 << 30); - } else { - edx &= ~(1 << 30); - } - - /* The SDBG bit is repurposed to denote AMD XOP support. */ - if (has_amd_xop) { - ecx |= (1 << 11); - } else { - ecx &= ~(1 << 11); - } - - uint64_t xcr0 = 0; - if (ecx & (1 << 27)) { - /* XCR0 may only be queried if the OSXSAVE bit is set. */ - xcr0 = OPENSSL_xgetbv(0); - } - /* See Intel manual, section 14.3. */ - if ((xcr0 & 6) != 6) { - /* YMM registers cannot be used. */ - ecx &= ~(1 << 28); /* AVX */ - ecx &= ~(1 << 12); /* FMA */ - ecx &= ~(1 << 11); /* AMD XOP */ - extended_features &= ~(1 << 5); /* AVX2 */ - } + const char *env1, *env2; - OPENSSL_ia32cap_P[0] = edx; - OPENSSL_ia32cap_P[1] = ecx; - OPENSSL_ia32cap_P[2] = extended_features; - OPENSSL_ia32cap_P[3] = 0; +#if defined(OPENSSL_X86_64) + OPENSSL_ia32_cpuid(OPENSSL_ia32cap_P); +#else + uint64_t vec = OPENSSL_ia32_cpuid(OPENSSL_ia32cap_P); + /* 1<<10 sets a reserved bit to indicate that the variable + * was already initialised. */ + OPENSSL_ia32cap_P[0] = ((uint32_t)vec) | (1 << 10); + OPENSSL_ia32cap_P[1] = vec >> 32; +#endif - const char *env1, *env2; env1 = getenv("OPENSSL_ia32cap"); if (env1 == NULL) { return; diff --git a/src/crypto/cpu-x86-asm.pl b/src/crypto/cpu-x86-asm.pl new file mode 100644 index 0000000..319c436 --- /dev/null +++ b/src/crypto/cpu-x86-asm.pl @@ -0,0 +1,334 @@ +#!/usr/bin/env perl + +$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; +push(@INC, "${dir}perlasm", "perlasm"); +require "x86asm.pl"; + +&asm_init($ARGV[0],"crypto/cpu-x86-asm"); + +for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } + +&function_begin("OPENSSL_ia32_cpuid"); + &xor ("edx","edx"); + &pushf (); + &pop ("eax"); + &mov ("ecx","eax"); + &xor ("eax",1<<21); + &push ("eax"); + &popf (); + &pushf (); + &pop ("eax"); + &xor ("ecx","eax"); + &xor ("eax","eax"); + &bt ("ecx",21); + &jnc (&label("nocpuid")); + &mov ("esi",&wparam(0)); + &mov (&DWP(8,"esi"),"eax"); # clear 3rd word + &cpuid (); + &mov ("edi","eax"); # max value for standard query level + + &xor ("eax","eax"); + &cmp ("ebx",0x756e6547); # "Genu" + &setne (&LB("eax")); + &mov ("ebp","eax"); + &cmp ("edx",0x49656e69); # "ineI" + &setne (&LB("eax")); + &or ("ebp","eax"); + &cmp ("ecx",0x6c65746e); # "ntel" + &setne (&LB("eax")); + &or ("ebp","eax"); # 0 indicates Intel CPU + &jz (&label("intel")); + + &cmp ("ebx",0x68747541); # "Auth" + &setne (&LB("eax")); + &mov ("esi","eax"); + &cmp ("edx",0x69746E65); # "enti" + &setne (&LB("eax")); + &or ("esi","eax"); + &cmp ("ecx",0x444D4163); # "cAMD" + &setne (&LB("eax")); + &or ("esi","eax"); # 0 indicates AMD CPU + &jnz (&label("intel")); + + # AMD specific + &mov ("eax",0x80000000); + &cpuid (); + &cmp ("eax",0x80000001); + &jb (&label("intel")); + &mov ("esi","eax"); + &mov ("eax",0x80000001); + &cpuid (); + &or ("ebp","ecx"); + &and ("ebp",1<<11|1); # isolate XOP bit + &cmp ("esi",0x80000008); + &jb (&label("intel")); + + &mov ("eax",0x80000008); + &cpuid (); + &movz ("esi",&LB("ecx")); # number of cores - 1 + &inc ("esi"); # number of cores + + &mov ("eax",1); + &xor ("ecx","ecx"); + &cpuid (); + &bt ("edx",28); + &jnc (&label("generic")); + &shr ("ebx",16); + &and ("ebx",0xff); + &cmp ("ebx","esi"); + &ja (&label("generic")); + &and ("edx",0xefffffff); # clear hyper-threading bit + &jmp (&label("generic")); + +&set_label("intel"); + &cmp ("edi",7); + &jb (&label("cacheinfo")); + + &mov ("esi",&wparam(0)); + &mov ("eax",7); + &xor ("ecx","ecx"); + &cpuid (); + &mov (&DWP(8,"esi"),"ebx"); + +&set_label("cacheinfo"); + &cmp ("edi",4); + &mov ("edi",-1); + &jb (&label("nocacheinfo")); + + &mov ("eax",4); + &mov ("ecx",0); # query L1D + &cpuid (); + &mov ("edi","eax"); + &shr ("edi",14); + &and ("edi",0xfff); # number of cores -1 per L1D + +&set_label("nocacheinfo"); + &mov ("eax",1); + &xor ("ecx","ecx"); + &cpuid (); + &and ("edx",0xbfefffff); # force reserved bits #20, #30 to 0 + &cmp ("ebp",0); + &jne (&label("notintel")); + &or ("edx",1<<30); # set reserved bit#30 on Intel CPUs +&set_label("notintel"); + &bt ("edx",28); # test hyper-threading bit + &jnc (&label("generic")); + &and ("edx",0xefffffff); + &cmp ("edi",0); + &je (&label("generic")); + + &or ("edx",0x10000000); + &shr ("ebx",16); + &cmp (&LB("ebx"),1); + &ja (&label("generic")); + &and ("edx",0xefffffff); # clear hyper-threading bit if not + +&set_label("generic"); + &and ("ebp",1<<11); # isolate AMD XOP flag + &and ("ecx",0xfffff7ff); # force 11th bit to 0 + &mov ("esi","edx"); + &or ("ebp","ecx"); # merge AMD XOP flag + + &bt ("ecx",27); # check OSXSAVE bit + &jnc (&label("clear_avx")); + &xor ("ecx","ecx"); + &data_byte(0x0f,0x01,0xd0); # xgetbv + &and ("eax",6); + &cmp ("eax",6); + &je (&label("done")); + &cmp ("eax",2); + &je (&label("clear_avx")); +&set_label("clear_xmm"); + &and ("ebp",0xfdfffffd); # clear AESNI and PCLMULQDQ bits + &and ("esi",0xfeffffff); # clear FXSR +&set_label("clear_avx"); + &and ("ebp",0xefffe7ff); # clear AVX, FMA and AMD XOP bits + &mov ("edi",&wparam(0)); + &and (&DWP(8,"edi"),0xffffffdf); # clear AVX2 +&set_label("done"); + &mov ("eax","esi"); + &mov ("edx","ebp"); +&set_label("nocpuid"); +&function_end("OPENSSL_ia32_cpuid"); + +&external_label("OPENSSL_ia32cap_P"); + +&function_begin_B("OPENSSL_rdtsc","EXTRN\t_OPENSSL_ia32cap_P:DWORD"); + &xor ("eax","eax"); + &xor ("edx","edx"); + &picmeup("ecx","OPENSSL_ia32cap_P"); + &bt (&DWP(0,"ecx"),4); + &jnc (&label("notsc")); + &rdtsc (); +&set_label("notsc"); + &ret (); +&function_end_B("OPENSSL_rdtsc"); + +# This works in Ring 0 only [read DJGPP+MS-DOS+privileged DPMI host], +# but it's safe to call it on any [supported] 32-bit platform... +# Just check for [non-]zero return value... +&function_begin_B("OPENSSL_instrument_halt","EXTRN\t_OPENSSL_ia32cap_P:DWORD"); + &picmeup("ecx","OPENSSL_ia32cap_P"); + &bt (&DWP(0,"ecx"),4); + &jnc (&label("nohalt")); # no TSC + + &data_word(0x9058900e); # push %cs; pop %eax + &and ("eax",3); + &jnz (&label("nohalt")); # not enough privileges + + &pushf (); + &pop ("eax"); + &bt ("eax",9); + &jnc (&label("nohalt")); # interrupts are disabled + + &rdtsc (); + &push ("edx"); + &push ("eax"); + &halt (); + &rdtsc (); + + &sub ("eax",&DWP(0,"esp")); + &sbb ("edx",&DWP(4,"esp")); + &add ("esp",8); + &ret (); + +&set_label("nohalt"); + &xor ("eax","eax"); + &xor ("edx","edx"); + &ret (); +&function_end_B("OPENSSL_instrument_halt"); + +# Essentially there is only one use for this function. Under DJGPP: +# +# #include +# ... +# i=OPENSSL_far_spin(_dos_ds,0x46c); +# ... +# to obtain the number of spins till closest timer interrupt. + +&function_begin_B("OPENSSL_far_spin"); + &pushf (); + &pop ("eax"); + &bt ("eax",9); + &jnc (&label("nospin")); # interrupts are disabled + + &mov ("eax",&DWP(4,"esp")); + &mov ("ecx",&DWP(8,"esp")); + &data_word (0x90d88e1e); # push %ds, mov %eax,%ds + &xor ("eax","eax"); + &mov ("edx",&DWP(0,"ecx")); + &jmp (&label("spin")); + + &align (16); +&set_label("spin"); + &inc ("eax"); + &cmp ("edx",&DWP(0,"ecx")); + &je (&label("spin")); + + &data_word (0x1f909090); # pop %ds + &ret (); + +&set_label("nospin"); + &xor ("eax","eax"); + &xor ("edx","edx"); + &ret (); +&function_end_B("OPENSSL_far_spin"); + +&function_begin_B("OPENSSL_wipe_cpu","EXTRN\t_OPENSSL_ia32cap_P:DWORD"); + &xor ("eax","eax"); + &xor ("edx","edx"); + &picmeup("ecx","OPENSSL_ia32cap_P"); + &mov ("ecx",&DWP(0,"ecx")); + &bt (&DWP(0,"ecx"),1); + &jnc (&label("no_x87")); + if ($sse2) { + &and ("ecx",1<<26|1<<24); # check SSE2 and FXSR bits + &cmp ("ecx",1<<26|1<<24); + &jne (&label("no_sse2")); + &pxor ("xmm0","xmm0"); + &pxor ("xmm1","xmm1"); + &pxor ("xmm2","xmm2"); + &pxor ("xmm3","xmm3"); + &pxor ("xmm4","xmm4"); + &pxor ("xmm5","xmm5"); + &pxor ("xmm6","xmm6"); + &pxor ("xmm7","xmm7"); + &set_label("no_sse2"); + } + # just a bunch of fldz to zap the fp/mm bank followed by finit... + &data_word(0xeed9eed9,0xeed9eed9,0xeed9eed9,0xeed9eed9,0x90e3db9b); +&set_label("no_x87"); + &lea ("eax",&DWP(4,"esp")); + &ret (); +&function_end_B("OPENSSL_wipe_cpu"); + +&function_begin_B("OPENSSL_atomic_add"); + &mov ("edx",&DWP(4,"esp")); # fetch the pointer, 1st arg + &mov ("ecx",&DWP(8,"esp")); # fetch the increment, 2nd arg + &push ("ebx"); + &nop (); + &mov ("eax",&DWP(0,"edx")); +&set_label("spin"); + &lea ("ebx",&DWP(0,"eax","ecx")); + &nop (); + &data_word(0x1ab10ff0); # lock; cmpxchg %ebx,(%edx) # %eax is envolved and is always reloaded + &jne (&label("spin")); + &mov ("eax","ebx"); # OpenSSL expects the new value + &pop ("ebx"); + &ret (); +&function_end_B("OPENSSL_atomic_add"); + +# This function can become handy under Win32 in situations when +# we don't know which calling convention, __stdcall or __cdecl(*), +# indirect callee is using. In C it can be deployed as +# +#ifdef OPENSSL_CPUID_OBJ +# type OPENSSL_indirect_call(void *f,...); +# ... +# OPENSSL_indirect_call(func,[up to $max arguments]); +#endif +# +# (*) it's designed to work even for __fastcall if number of +# arguments is 1 or 2! +&function_begin_B("OPENSSL_indirect_call"); + { + my ($max,$i)=(7,); # $max has to be chosen as 4*n-1 + # in order to preserve eventual + # stack alignment + &push ("ebp"); + &mov ("ebp","esp"); + &sub ("esp",$max*4); + &mov ("ecx",&DWP(12,"ebp")); + &mov (&DWP(0,"esp"),"ecx"); + &mov ("edx",&DWP(16,"ebp")); + &mov (&DWP(4,"esp"),"edx"); + for($i=2;$i<$max;$i++) + { + # Some copies will be redundant/bogus... + &mov ("eax",&DWP(12+$i*4,"ebp")); + &mov (&DWP(0+$i*4,"esp"),"eax"); + } + &call_ptr (&DWP(8,"ebp"));# make the call... + &mov ("esp","ebp"); # ... and just restore the stack pointer + # without paying attention to what we called, + # (__cdecl *func) or (__stdcall *one). + &pop ("ebp"); + &ret (); + } +&function_end_B("OPENSSL_indirect_call"); + +&function_begin_B("OPENSSL_ia32_rdrand"); + &mov ("ecx",8); +&set_label("loop"); + &rdrand ("eax"); + &jc (&label("break")); + &loop (&label("loop")); +&set_label("break"); + &cmp ("eax",0); + &cmove ("eax","ecx"); + &ret (); +&function_end_B("OPENSSL_ia32_rdrand"); + +&hidden("OPENSSL_ia32cap_P"); + +&asm_finish(); diff --git a/src/crypto/cpu-x86_64-asm.pl b/src/crypto/cpu-x86_64-asm.pl new file mode 100644 index 0000000..89d7a6c --- /dev/null +++ b/src/crypto/cpu-x86_64-asm.pl @@ -0,0 +1,163 @@ +#!/usr/bin/env perl + +$flavour = shift; +$output = shift; +if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } + +$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/); + +$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; +( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or +( $xlate="${dir}perlasm/x86_64-xlate.pl" and -f $xlate) or +die "can't locate x86_64-xlate.pl"; + +open OUT,"| \"$^X\" $xlate $flavour $output"; +*STDOUT=*OUT; + +($arg1,$arg2,$arg3,$arg4)=$win64?("%rcx","%rdx","%r8", "%r9") : # Win64 order + ("%rdi","%rsi","%rdx","%rcx"); # Unix order + +print<<___; +.text + +.globl OPENSSL_ia32_cpuid +.type OPENSSL_ia32_cpuid,\@function,1 +.align 16 +OPENSSL_ia32_cpuid: + # On Windows, $arg1 is rcx, but that will be clobbered. So make Windows + # use the same register as Unix. + mov $arg1,%rdi + mov %rbx,%r8 # save %rbx + + xor %eax,%eax + mov %eax,8(%rdi) # clear 3rd word + cpuid + mov %eax,%r11d # max value for standard query level + + xor %eax,%eax + cmp \$0x756e6547,%ebx # "Genu" + setne %al + mov %eax,%r9d + cmp \$0x49656e69,%edx # "ineI" + setne %al + or %eax,%r9d + cmp \$0x6c65746e,%ecx # "ntel" + setne %al + or %eax,%r9d # 0 indicates Intel CPU + jz .Lintel + + cmp \$0x68747541,%ebx # "Auth" + setne %al + mov %eax,%r10d + cmp \$0x69746E65,%edx # "enti" + setne %al + or %eax,%r10d + cmp \$0x444D4163,%ecx # "cAMD" + setne %al + or %eax,%r10d # 0 indicates AMD CPU + jnz .Lintel + + # AMD specific + # See http://developer.amd.com/wordpress/media/2012/10/254811.pdf (1) + + mov \$0x80000000,%eax + cpuid + # Returns "The largest CPUID extended function input value supported by + # the processor implementation." in EAX. + cmp \$0x80000001,%eax + jb .Lintel + mov %eax,%r10d + mov \$0x80000001,%eax + cpuid + # Returns feature bits in ECX. See page 20 of [1]. + # TODO(fork): I think this should be a MOV. + or %ecx,%r9d + and \$0x00000801,%r9d # isolate AMD XOP bit, 1<<11 + + cmp \$0x80000008,%r10d + jb .Lintel + + mov \$0x80000008,%eax + cpuid + # Returns APIC ID and number of cores in ECX. See page 27 of [1]. + movzb %cl,%r10 # number of cores - 1 + inc %r10 # number of cores + + mov \$1,%eax + cpuid + # See page 13 of [1]. + bt \$28,%edx # test hyper-threading bit + jnc .Lgeneric + shr \$16,%ebx # number of logical processors + cmp %r10b,%bl + ja .Lgeneric + and \$0xefffffff,%edx # Clear hyper-threading bit. + jmp .Lgeneric + +.Lintel: + cmp \$4,%r11d + mov \$-1,%r10d + jb .Lnocacheinfo + + mov \$4,%eax + mov \$0,%ecx # query L1D + cpuid + mov %eax,%r10d + shr \$14,%r10d + and \$0xfff,%r10d # number of cores -1 per L1D + + cmp \$7,%r11d + jb .Lnocacheinfo + + mov \$7,%eax + xor %ecx,%ecx + cpuid + mov %ebx,8(%rdi) + +.Lnocacheinfo: + mov \$1,%eax + cpuid + # Gets feature information. See table 3-21 in the Intel manual. + and \$0xbfefffff,%edx # force reserved bits to 0 + cmp \$0,%r9d + jne .Lnotintel + or \$0x40000000,%edx # set reserved bit#30 on Intel CPUs +.Lnotintel: + bt \$28,%edx # test hyper-threading bit + jnc .Lgeneric + and \$0xefffffff,%edx # ~(1<<28) - clear hyper-threading. + cmp \$0,%r10d + je .Lgeneric + + or \$0x10000000,%edx # 1<<28 + shr \$16,%ebx + cmp \$1,%bl # see if cache is shared + ja .Lgeneric + and \$0xefffffff,%edx # ~(1<<28) +.Lgeneric: + and \$0x00000800,%r9d # isolate AMD XOP flag + and \$0xfffff7ff,%ecx + or %ecx,%r9d # merge AMD XOP flag + + mov %edx,%r10d # %r9d:%r10d is copy of %ecx:%edx + bt \$27,%r9d # check OSXSAVE bit + jnc .Lclear_avx + xor %ecx,%ecx # XCR0 + .byte 0x0f,0x01,0xd0 # xgetbv + and \$6,%eax # isolate XMM and YMM state support + cmp \$6,%eax + je .Ldone +.Lclear_avx: + mov \$0xefffe7ff,%eax # ~(1<<28|1<<12|1<<11) + and %eax,%r9d # clear AVX, FMA and AMD XOP bits + andl \$0xffffffdf,8(%rdi) # cleax AVX2, ~(1<<5) +.Ldone: + movl %r9d,4(%rdi) + movl %r10d,0(%rdi) + mov %r8,%rbx # restore %rbx + ret +.size OPENSSL_ia32_cpuid,.-OPENSSL_ia32_cpuid + +___ + +close STDOUT; # flush diff --git a/src/crypto/crypto.c b/src/crypto/crypto.c index 34d04b4..d9bb07e 100644 --- a/src/crypto/crypto.c +++ b/src/crypto/crypto.c @@ -55,7 +55,7 @@ uint32_t OPENSSL_ia32cap_P[4] = {0}; #elif defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64) -#include +#include "arm_arch.h" #if defined(__ARM_NEON__) uint32_t OPENSSL_armcap_P = ARMV7_NEON | ARMV7_NEON_FUNCTIONAL; diff --git a/src/crypto/des/CMakeLists.txt b/src/crypto/des/CMakeLists.txt index f61fa14..7d49ff3 100644 --- a/src/crypto/des/CMakeLists.txt +++ b/src/crypto/des/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( des diff --git a/src/crypto/des/des.c b/src/crypto/des/des.c index a5669a6..9cd75f5 100644 --- a/src/crypto/des/des.c +++ b/src/crypto/des/des.c @@ -298,8 +298,10 @@ void DES_set_key(const DES_cblock *key, DES_key_schedule *schedule) { 0, 1, 1, 1, 1, 1, 1, 0}; uint32_t c, d, t, s, t2; const uint8_t *in; + uint32_t *k; int i; + k = &schedule->ks->deslong[0]; in = key->bytes; c2l(in, c); @@ -342,10 +344,10 @@ void DES_set_key(const DES_cblock *key, DES_key_schedule *schedule) { /* table contained 0213 4657 */ t2 = ((t << 16L) | (s & 0x0000ffffL)) & 0xffffffffL; - schedule->subkeys[i][0] = ROTATE(t2, 30) & 0xffffffffL; + *(k++) = ROTATE(t2, 30) & 0xffffffffL; t2 = ((s >> 16L) | (t & 0xffff0000L)); - schedule->subkeys[i][1] = ROTATE(t2, 26) & 0xffffffffL; + *(k++) = ROTATE(t2, 26) & 0xffffffffL; } } @@ -380,6 +382,7 @@ void DES_set_odd_parity(DES_cblock *key) { static void DES_encrypt1(uint32_t *data, const DES_key_schedule *ks, int enc) { uint32_t l, r, t, u; + const uint32_t *s; r = data[0]; l = data[1]; @@ -395,42 +398,43 @@ static void DES_encrypt1(uint32_t *data, const DES_key_schedule *ks, int enc) { r = ROTATE(r, 29) & 0xffffffffL; l = ROTATE(l, 29) & 0xffffffffL; + s = ks->ks->deslong; /* I don't know if it is worth the effort of loop unrolling the * inner loop */ if (enc) { - D_ENCRYPT(ks, l, r, 0); - D_ENCRYPT(ks, r, l, 1); - D_ENCRYPT(ks, l, r, 2); - D_ENCRYPT(ks, r, l, 3); - D_ENCRYPT(ks, l, r, 4); - D_ENCRYPT(ks, r, l, 5); - D_ENCRYPT(ks, l, r, 6); - D_ENCRYPT(ks, r, l, 7); - D_ENCRYPT(ks, l, r, 8); - D_ENCRYPT(ks, r, l, 9); - D_ENCRYPT(ks, l, r, 10); - D_ENCRYPT(ks, r, l, 11); - D_ENCRYPT(ks, l, r, 12); - D_ENCRYPT(ks, r, l, 13); - D_ENCRYPT(ks, l, r, 14); - D_ENCRYPT(ks, r, l, 15); + D_ENCRYPT(l, r, 0); /* 1 */ + D_ENCRYPT(r, l, 2); /* 2 */ + D_ENCRYPT(l, r, 4); /* 3 */ + D_ENCRYPT(r, l, 6); /* 4 */ + D_ENCRYPT(l, r, 8); /* 5 */ + D_ENCRYPT(r, l, 10); /* 6 */ + D_ENCRYPT(l, r, 12); /* 7 */ + D_ENCRYPT(r, l, 14); /* 8 */ + D_ENCRYPT(l, r, 16); /* 9 */ + D_ENCRYPT(r, l, 18); /* 10 */ + D_ENCRYPT(l, r, 20); /* 11 */ + D_ENCRYPT(r, l, 22); /* 12 */ + D_ENCRYPT(l, r, 24); /* 13 */ + D_ENCRYPT(r, l, 26); /* 14 */ + D_ENCRYPT(l, r, 28); /* 15 */ + D_ENCRYPT(r, l, 30); /* 16 */ } else { - D_ENCRYPT(ks, l, r, 15); - D_ENCRYPT(ks, r, l, 14); - D_ENCRYPT(ks, l, r, 13); - D_ENCRYPT(ks, r, l, 12); - D_ENCRYPT(ks, l, r, 11); - D_ENCRYPT(ks, r, l, 10); - D_ENCRYPT(ks, l, r, 9); - D_ENCRYPT(ks, r, l, 8); - D_ENCRYPT(ks, l, r, 7); - D_ENCRYPT(ks, r, l, 6); - D_ENCRYPT(ks, l, r, 5); - D_ENCRYPT(ks, r, l, 4); - D_ENCRYPT(ks, l, r, 3); - D_ENCRYPT(ks, r, l, 2); - D_ENCRYPT(ks, l, r, 1); - D_ENCRYPT(ks, r, l, 0); + D_ENCRYPT(l, r, 30); /* 16 */ + D_ENCRYPT(r, l, 28); /* 15 */ + D_ENCRYPT(l, r, 26); /* 14 */ + D_ENCRYPT(r, l, 24); /* 13 */ + D_ENCRYPT(l, r, 22); /* 12 */ + D_ENCRYPT(r, l, 20); /* 11 */ + D_ENCRYPT(l, r, 18); /* 10 */ + D_ENCRYPT(r, l, 16); /* 9 */ + D_ENCRYPT(l, r, 14); /* 8 */ + D_ENCRYPT(r, l, 12); /* 7 */ + D_ENCRYPT(l, r, 10); /* 6 */ + D_ENCRYPT(r, l, 8); /* 5 */ + D_ENCRYPT(l, r, 6); /* 4 */ + D_ENCRYPT(r, l, 4); /* 3 */ + D_ENCRYPT(l, r, 2); /* 2 */ + D_ENCRYPT(r, l, 0); /* 1 */ } /* rotate and clear the top bits on machines with 8byte longs */ @@ -444,6 +448,7 @@ static void DES_encrypt1(uint32_t *data, const DES_key_schedule *ks, int enc) { static void DES_encrypt2(uint32_t *data, const DES_key_schedule *ks, int enc) { uint32_t l, r, t, u; + const uint32_t *s; r = data[0]; l = data[1]; @@ -457,51 +462,52 @@ static void DES_encrypt2(uint32_t *data, const DES_key_schedule *ks, int enc) { r = ROTATE(r, 29) & 0xffffffffL; l = ROTATE(l, 29) & 0xffffffffL; + s = ks->ks->deslong; /* I don't know if it is worth the effort of loop unrolling the * inner loop */ if (enc) { - D_ENCRYPT(ks, l, r, 0); - D_ENCRYPT(ks, r, l, 1); - D_ENCRYPT(ks, l, r, 2); - D_ENCRYPT(ks, r, l, 3); - D_ENCRYPT(ks, l, r, 4); - D_ENCRYPT(ks, r, l, 5); - D_ENCRYPT(ks, l, r, 6); - D_ENCRYPT(ks, r, l, 7); - D_ENCRYPT(ks, l, r, 8); - D_ENCRYPT(ks, r, l, 9); - D_ENCRYPT(ks, l, r, 10); - D_ENCRYPT(ks, r, l, 11); - D_ENCRYPT(ks, l, r, 12); - D_ENCRYPT(ks, r, l, 13); - D_ENCRYPT(ks, l, r, 14); - D_ENCRYPT(ks, r, l, 15); + D_ENCRYPT(l, r, 0); /* 1 */ + D_ENCRYPT(r, l, 2); /* 2 */ + D_ENCRYPT(l, r, 4); /* 3 */ + D_ENCRYPT(r, l, 6); /* 4 */ + D_ENCRYPT(l, r, 8); /* 5 */ + D_ENCRYPT(r, l, 10); /* 6 */ + D_ENCRYPT(l, r, 12); /* 7 */ + D_ENCRYPT(r, l, 14); /* 8 */ + D_ENCRYPT(l, r, 16); /* 9 */ + D_ENCRYPT(r, l, 18); /* 10 */ + D_ENCRYPT(l, r, 20); /* 11 */ + D_ENCRYPT(r, l, 22); /* 12 */ + D_ENCRYPT(l, r, 24); /* 13 */ + D_ENCRYPT(r, l, 26); /* 14 */ + D_ENCRYPT(l, r, 28); /* 15 */ + D_ENCRYPT(r, l, 30); /* 16 */ } else { - D_ENCRYPT(ks, l, r, 15); - D_ENCRYPT(ks, r, l, 14); - D_ENCRYPT(ks, l, r, 13); - D_ENCRYPT(ks, r, l, 12); - D_ENCRYPT(ks, l, r, 11); - D_ENCRYPT(ks, r, l, 10); - D_ENCRYPT(ks, l, r, 9); - D_ENCRYPT(ks, r, l, 8); - D_ENCRYPT(ks, l, r, 7); - D_ENCRYPT(ks, r, l, 6); - D_ENCRYPT(ks, l, r, 5); - D_ENCRYPT(ks, r, l, 4); - D_ENCRYPT(ks, l, r, 3); - D_ENCRYPT(ks, r, l, 2); - D_ENCRYPT(ks, l, r, 1); - D_ENCRYPT(ks, r, l, 0); + D_ENCRYPT(l, r, 30); /* 16 */ + D_ENCRYPT(r, l, 28); /* 15 */ + D_ENCRYPT(l, r, 26); /* 14 */ + D_ENCRYPT(r, l, 24); /* 13 */ + D_ENCRYPT(l, r, 22); /* 12 */ + D_ENCRYPT(r, l, 20); /* 11 */ + D_ENCRYPT(l, r, 18); /* 10 */ + D_ENCRYPT(r, l, 16); /* 9 */ + D_ENCRYPT(l, r, 14); /* 8 */ + D_ENCRYPT(r, l, 12); /* 7 */ + D_ENCRYPT(l, r, 10); /* 6 */ + D_ENCRYPT(r, l, 8); /* 5 */ + D_ENCRYPT(l, r, 6); /* 4 */ + D_ENCRYPT(r, l, 4); /* 3 */ + D_ENCRYPT(l, r, 2); /* 2 */ + D_ENCRYPT(r, l, 0); /* 1 */ } /* rotate and clear the top bits on machines with 8byte longs */ data[0] = ROTATE(l, 3) & 0xffffffffL; data[1] = ROTATE(r, 3) & 0xffffffffL; } -/* DES_encrypt3 is not static because it's used in decrepit. */ -void DES_encrypt3(uint32_t *data, const DES_key_schedule *ks1, - const DES_key_schedule *ks2, const DES_key_schedule *ks3) { +static void DES_encrypt3(uint32_t *data, const DES_key_schedule *ks1, + const DES_key_schedule *ks2, + const DES_key_schedule *ks3) { uint32_t l, r; l = data[0]; @@ -519,9 +525,9 @@ void DES_encrypt3(uint32_t *data, const DES_key_schedule *ks1, data[1] = r; } -/* DES_decrypt3 is not static because it's used in decrepit. */ -void DES_decrypt3(uint32_t *data, const DES_key_schedule *ks1, - const DES_key_schedule *ks2, const DES_key_schedule *ks3) { +static void DES_decrypt3(uint32_t *data, const DES_key_schedule *ks1, + const DES_key_schedule *ks2, + const DES_key_schedule *ks3) { uint32_t l, r; l = data[0]; @@ -764,10 +770,3 @@ void DES_ede2_cbc_encrypt(const uint8_t *in, uint8_t *out, size_t len, int enc) { DES_ede3_cbc_encrypt(in, out, len, ks1, ks2, ks1, ivec, enc); } - - -/* Deprecated functions. */ - -void DES_set_key_unchecked(const DES_cblock *key, DES_key_schedule *schedule) { - DES_set_key(key, schedule); -} diff --git a/src/crypto/des/internal.h b/src/crypto/des/internal.h index 91559ff..d3a5cec 100644 --- a/src/crypto/des/internal.h +++ b/src/crypto/des/internal.h @@ -183,13 +183,13 @@ how to use xors :-) I got it to its final state. PERM_OP(l, r, tt, 4, 0x0f0f0f0fL); \ } -#define LOAD_DATA(ks, R, S, u, t, E0, E1) \ - u = R ^ ks->subkeys[S][0]; \ - t = R ^ ks->subkeys[S][1] +#define LOAD_DATA(R, S, u, t, E0, E1) \ + u = R ^ s[S]; \ + t = R ^ s[S + 1] -#define D_ENCRYPT(ks, LL, R, S) \ +#define D_ENCRYPT(LL, R, S) \ { \ - LOAD_DATA(ks, R, S, u, t, E0, E1); \ + LOAD_DATA(R, S, u, t, E0, E1); \ t = ROTATE(t, 4); \ LL ^= \ DES_SPtrans[0][(u >> 2L) & 0x3f] ^ DES_SPtrans[2][(u >> 10L) & 0x3f] ^ \ diff --git a/src/crypto/dh/CMakeLists.txt b/src/crypto/dh/CMakeLists.txt index 1a46512..d0c1da7 100644 --- a/src/crypto/dh/CMakeLists.txt +++ b/src/crypto/dh/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( dh diff --git a/src/crypto/dh/dh.c b/src/crypto/dh/dh.c index d25f358..96b85f3 100644 --- a/src/crypto/dh/dh.c +++ b/src/crypto/dh/dh.c @@ -78,7 +78,7 @@ DH *DH_new(void) { return DH_new_method(NULL); } DH *DH_new_method(const ENGINE *engine) { DH *dh = (DH *)OPENSSL_malloc(sizeof(DH)); if (dh == NULL) { - OPENSSL_PUT_ERROR(DH, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(DH, DH_new_method, ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/src/crypto/dh/dh_impl.c b/src/crypto/dh/dh_impl.c index 6cf0abb..f269412 100644 --- a/src/crypto/dh/dh_impl.c +++ b/src/crypto/dh/dh_impl.c @@ -117,7 +117,7 @@ static int generate_parameters(DH *ret, int prime_bits, int generator, BN_GENCB } if (generator <= 1) { - OPENSSL_PUT_ERROR(DH, DH_R_BAD_GENERATOR); + OPENSSL_PUT_ERROR(DH, generate_parameters, DH_R_BAD_GENERATOR); goto err; } if (generator == DH_GENERATOR_2) { @@ -165,7 +165,7 @@ static int generate_parameters(DH *ret, int prime_bits, int generator, BN_GENCB err: if (!ok) { - OPENSSL_PUT_ERROR(DH, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(DH, generate_parameters, ERR_R_BN_LIB); } if (ctx != NULL) { @@ -242,7 +242,7 @@ static int generate_key(DH *dh) { err: if (ok != 1) { - OPENSSL_PUT_ERROR(DH, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(DH, generate_key, ERR_R_BN_LIB); } if (dh->pub_key == NULL) { @@ -264,7 +264,7 @@ static int compute_key(DH *dh, unsigned char *out, const BIGNUM *pub_key) { BIGNUM local_priv; if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) { - OPENSSL_PUT_ERROR(DH, DH_R_MODULUS_TOO_LARGE); + OPENSSL_PUT_ERROR(DH, compute_key, DH_R_MODULUS_TOO_LARGE); goto err; } @@ -279,7 +279,7 @@ static int compute_key(DH *dh, unsigned char *out, const BIGNUM *pub_key) { } if (dh->priv_key == NULL) { - OPENSSL_PUT_ERROR(DH, DH_R_NO_PRIVATE_VALUE); + OPENSSL_PUT_ERROR(DH, compute_key, DH_R_NO_PRIVATE_VALUE); goto err; } @@ -290,14 +290,14 @@ static int compute_key(DH *dh, unsigned char *out, const BIGNUM *pub_key) { } if (!DH_check_pub_key(dh, pub_key, &check_result) || check_result) { - OPENSSL_PUT_ERROR(DH, DH_R_INVALID_PUBKEY); + OPENSSL_PUT_ERROR(DH, compute_key, DH_R_INVALID_PUBKEY); goto err; } BN_with_flags(&local_priv, dh->priv_key, BN_FLG_CONSTTIME); if (!BN_mod_exp_mont(shared_key, pub_key, &local_priv, dh->p, ctx, mont)) { - OPENSSL_PUT_ERROR(DH, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(DH, compute_key, ERR_R_BN_LIB); goto err; } diff --git a/src/crypto/digest/CMakeLists.txt b/src/crypto/digest/CMakeLists.txt index 856e45a..816d116 100644 --- a/src/crypto/digest/CMakeLists.txt +++ b/src/crypto/digest/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( digest diff --git a/src/crypto/digest/digest.c b/src/crypto/digest/digest.c index eb71b07..f09948b 100644 --- a/src/crypto/digest/digest.c +++ b/src/crypto/digest/digest.c @@ -116,7 +116,8 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) { uint8_t *tmp_buf = NULL; if (in == NULL || in->digest == NULL) { - OPENSSL_PUT_ERROR(DIGEST, DIGEST_R_INPUT_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(DIGEST, EVP_MD_CTX_copy_ex, + DIGEST_R_INPUT_NOT_INITIALIZED); return 0; } @@ -129,15 +130,15 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) { } EVP_MD_CTX_cleanup(out); + memcpy(out, in, sizeof(EVP_MD_CTX)); - out->digest = in->digest; if (in->md_data && in->digest->ctx_size) { if (tmp_buf) { out->md_data = tmp_buf; } else { out->md_data = OPENSSL_malloc(in->digest->ctx_size); if (!out->md_data) { - OPENSSL_PUT_ERROR(DIGEST, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(DIGEST, EVP_MD_CTX_copy_ex, ERR_R_MALLOC_FAILURE); return 0; } } @@ -145,7 +146,6 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) { } assert(in->pctx == NULL || in->pctx_ops != NULL); - out->pctx_ops = in->pctx_ops; if (in->pctx && in->pctx_ops) { out->pctx = in->pctx_ops->dup(in->pctx); if (!out->pctx) { @@ -164,20 +164,30 @@ int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in) { int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *engine) { if (ctx->digest != type) { - if (ctx->digest && ctx->digest->ctx_size > 0) { + if (ctx->digest && ctx->digest->ctx_size) { OPENSSL_free(ctx->md_data); } ctx->digest = type; - if (type->ctx_size > 0) { + if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) { + ctx->update = type->update; ctx->md_data = OPENSSL_malloc(type->ctx_size); if (ctx->md_data == NULL) { - OPENSSL_PUT_ERROR(DIGEST, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(DIGEST, EVP_DigestInit_ex, ERR_R_MALLOC_FAILURE); return 0; } } } assert(ctx->pctx == NULL || ctx->pctx_ops != NULL); + if (ctx->pctx_ops) { + if (!ctx->pctx_ops->begin_digest(ctx)) { + return 0; + } + } + + if (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) { + return 1; + } ctx->digest->init(ctx); return 1; @@ -189,7 +199,7 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) { } int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t len) { - ctx->digest->update(ctx, data, len); + ctx->update(ctx, data, len); return 1; } @@ -204,7 +214,7 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, uint8_t *md_out, unsigned int *size) { } int EVP_DigestFinal(EVP_MD_CTX *ctx, uint8_t *md, unsigned int *size) { - (void)EVP_DigestFinal_ex(ctx, md, size); + EVP_DigestFinal_ex(ctx, md, size); EVP_MD_CTX_cleanup(ctx); return 1; } @@ -243,6 +253,10 @@ int EVP_MD_CTX_type(const EVP_MD_CTX *ctx) { return EVP_MD_type(EVP_MD_CTX_md(ctx)); } +void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, uint32_t flags) { + ctx->flags |= flags; +} + int EVP_add_digest(const EVP_MD *digest) { return 1; } diff --git a/src/crypto/digest/digests.c b/src/crypto/digest/digests.c index 3307f26..f5eda36 100644 --- a/src/crypto/digest/digests.c +++ b/src/crypto/digest/digests.c @@ -67,7 +67,7 @@ #include "internal.h" #if defined(NDEBUG) -#define CHECK(x) (void) (x) +#define CHECK(x) x #else #define CHECK(x) assert(x) #endif @@ -262,7 +262,6 @@ struct nid_to_digest { }; static const struct nid_to_digest nid_to_digest_mapping[] = { - { NID_md4, EVP_md4, SN_md4, LN_md4 }, { NID_md5, EVP_md5, SN_md5, LN_md5 }, { NID_sha1, EVP_sha1, SN_sha1, LN_sha1 }, { NID_sha224, EVP_sha224, SN_sha224, LN_sha224 }, diff --git a/src/crypto/digest/internal.h b/src/crypto/digest/internal.h index e3d812a..1572fa8 100644 --- a/src/crypto/digest/internal.h +++ b/src/crypto/digest/internal.h @@ -92,7 +92,7 @@ struct env_md_st { }; /* evp_md_pctx_ops contains function pointers to allow the |pctx| member of - * |EVP_MD_CTX| to be manipulated without breaking layering by calling EVP + * |EVP_MD_CTX| to be manipulated without breaking laying by calling EVP * functions. */ struct evp_md_pctx_ops { /* free is called when an |EVP_MD_CTX| is being freed and the |pctx| also @@ -102,8 +102,23 @@ struct evp_md_pctx_ops { /* dup is called when an |EVP_MD_CTX| is copied and so the |pctx| also needs * to be copied. */ EVP_PKEY_CTX* (*dup) (EVP_PKEY_CTX *pctx); + + /* begin_digest is called when a new digest operation is started. It returns + * one on success and zero otherwise. */ + int (*begin_digest) (EVP_MD_CTX *ctx); }; +/* EVP_MD_CTX_set_flags ORs |flags| into the flags member of |ctx|. */ +OPENSSL_EXPORT void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, uint32_t flags); + +/* EVP_MD_CTX_FLAG_NO_INIT causes the |EVP_MD|'s |init| function not to be + * called, the |update| member not to be copied from the |EVP_MD| in + * |EVP_DigestInit_ex| and for |md_data| not to be initialised. + * + * TODO(davidben): This is an implementation detail of |EVP_PKEY_HMAC| and can + * be removed when it is gone. */ +#define EVP_MD_CTX_FLAG_NO_INIT 1 + #if defined(__cplusplus) } /* extern C */ diff --git a/src/crypto/dsa/CMakeLists.txt b/src/crypto/dsa/CMakeLists.txt index e8b7793..1bb8b63 100644 --- a/src/crypto/dsa/CMakeLists.txt +++ b/src/crypto/dsa/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( dsa diff --git a/src/crypto/dsa/dsa.c b/src/crypto/dsa/dsa.c index 3ff29c4..65444b1 100644 --- a/src/crypto/dsa/dsa.c +++ b/src/crypto/dsa/dsa.c @@ -82,7 +82,7 @@ DSA *DSA_new(void) { return DSA_new_method(NULL); } DSA *DSA_new_method(const ENGINE *engine) { DSA *dsa = (DSA *)OPENSSL_malloc(sizeof(DSA)); if (dsa == NULL) { - OPENSSL_PUT_ERROR(DSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(DSA, DSA_new_method, ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/src/crypto/dsa/dsa_asn1.c b/src/crypto/dsa/dsa_asn1.c index b6b3fa4..933fba7 100644 --- a/src/crypto/dsa/dsa_asn1.c +++ b/src/crypto/dsa/dsa_asn1.c @@ -73,7 +73,7 @@ static int dsa_sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, DSA_SIG *sig; sig = OPENSSL_malloc(sizeof(DSA_SIG)); if (!sig) { - OPENSSL_PUT_ERROR(DSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(DSA, dsa_sig_cb, ERR_R_MALLOC_FAILURE); return 0; } diff --git a/src/crypto/dsa/dsa_impl.c b/src/crypto/dsa/dsa_impl.c index b10610d..2ab8ba8 100644 --- a/src/crypto/dsa/dsa_impl.c +++ b/src/crypto/dsa/dsa_impl.c @@ -83,7 +83,7 @@ static int sign_setup(const DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, int ret = 0; if (!dsa->p || !dsa->q || !dsa->g) { - OPENSSL_PUT_ERROR(DSA, DSA_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(DSA, sign_setup, DSA_R_MISSING_PARAMETERS); return 0; } @@ -171,7 +171,7 @@ static int sign_setup(const DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, err: if (!ret) { - OPENSSL_PUT_ERROR(DSA, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(DSA, sign_setup, ERR_R_BN_LIB); if (r != NULL) { BN_clear_free(r); } @@ -269,7 +269,7 @@ redo: err: if (!ret) { - OPENSSL_PUT_ERROR(DSA, reason); + OPENSSL_PUT_ERROR(DSA, sign, reason); BN_free(r); BN_free(s); } @@ -292,19 +292,19 @@ static int verify(int *out_valid, const uint8_t *dgst, size_t digest_len, *out_valid = 0; if (!dsa->p || !dsa->q || !dsa->g) { - OPENSSL_PUT_ERROR(DSA, DSA_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(DSA, verify, DSA_R_MISSING_PARAMETERS); return 0; } i = BN_num_bits(dsa->q); /* fips 186-3 allows only different sizes for q */ if (i != 160 && i != 224 && i != 256) { - OPENSSL_PUT_ERROR(DSA, DSA_R_BAD_Q_VALUE); + OPENSSL_PUT_ERROR(DSA, verify, DSA_R_BAD_Q_VALUE); return 0; } if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) { - OPENSSL_PUT_ERROR(DSA, DSA_R_MODULUS_TOO_LARGE); + OPENSSL_PUT_ERROR(DSA, verify, DSA_R_MODULUS_TOO_LARGE); return 0; } @@ -381,7 +381,7 @@ static int verify(int *out_valid, const uint8_t *dgst, size_t digest_len, err: if (ret != 1) { - OPENSSL_PUT_ERROR(DSA, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(DSA, verify, ERR_R_BN_LIB); } BN_CTX_free(ctx); BN_free(&u1); @@ -487,14 +487,16 @@ static int paramgen(DSA *ret, unsigned bits, const uint8_t *seed_in, bits = (bits + 63) / 64 * 64; + /* NB: seed_len == 0 is special case: copy generated seed to + * seed_in if it is not NULL. */ + if (seed_len && (seed_len < (size_t)qsize)) { + seed_in = NULL; /* seed buffer too small -- ignore */ + } + if (seed_len > (size_t)qsize) { + seed_len = qsize; /* App. 2.2 of FIPS PUB 186 allows larger SEED, + * but our internal buffers are restricted to 160 bits*/ + } if (seed_in != NULL) { - if (seed_len < (size_t)qsize) { - return 0; - } - if (seed_len > (size_t)qsize) { - /* Only consume as much seed as is expected. */ - seed_len = qsize; - } memcpy(seed, seed_in, seed_len); } @@ -525,19 +527,21 @@ static int paramgen(DSA *ret, unsigned bits, const uint8_t *seed_in, for (;;) { /* Find q. */ for (;;) { + int seed_is_random; + /* step 1 */ if (!BN_GENCB_call(cb, 0, m++)) { goto err; } - int use_random_seed = (seed_in == NULL); - if (use_random_seed) { + if (!seed_len) { if (!RAND_bytes(seed, qsize)) { goto err; } + seed_is_random = 1; } else { - /* If we come back through, use random seed next time. */ - seed_in = NULL; + seed_is_random = 0; + seed_len = 0; /* use random seed if 'seed_in' turns out to be bad*/ } memcpy(buf, seed, qsize); memcpy(buf2, seed, qsize); @@ -566,7 +570,7 @@ static int paramgen(DSA *ret, unsigned bits, const uint8_t *seed_in, } /* step 4 */ - r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx, use_random_seed, cb); + r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx, seed_is_random, cb); if (r > 0) { break; } diff --git a/src/crypto/ec/CMakeLists.txt b/src/crypto/ec/CMakeLists.txt index 38a91f8..b5ebefa 100644 --- a/src/crypto/ec/CMakeLists.txt +++ b/src/crypto/ec/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( ec diff --git a/src/crypto/ec/ec.c b/src/crypto/ec/ec.c index 3117f16..f38eba6 100644 --- a/src/crypto/ec/ec.c +++ b/src/crypto/ec/ec.c @@ -222,11 +222,7 @@ const struct built_in_curve OPENSSL_built_in_curves[] = { {NID_secp224r1, &P224, 0}, { NID_X9_62_prime256v1, &P256, - /* MSAN appears to have a bug that causes this P-256 code to be miscompiled - * in opt mode. While that is being looked at, don't run the uint128_t - * P-256 code under MSAN for now. */ -#if defined(OPENSSL_64_BIT) && !defined(OPENSSL_WINDOWS) && \ - !defined(MEMORY_SANITIZER) +#if defined(OPENSSL_64_BIT) && !defined(OPENSSL_WINDOWS) EC_GFp_nistp256_method, #else 0, @@ -241,18 +237,18 @@ EC_GROUP *ec_group_new(const EC_METHOD *meth) { EC_GROUP *ret; if (meth == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_SLOT_FULL); + OPENSSL_PUT_ERROR(EC, ec_group_new, EC_R_SLOT_FULL); return NULL; } if (meth->group_init == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ec_group_new, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return NULL; } ret = OPENSSL_malloc(sizeof(EC_GROUP)); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_group_new, ERR_R_MALLOC_FAILURE); return NULL; } memset(ret, 0, sizeof(EC_GROUP)); @@ -280,7 +276,8 @@ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, } if (ret->meth->group_set_curve == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_GROUP_new_curve_GFp, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (!ret->meth->group_set_curve(ret, p, a, b, ctx)) { @@ -332,7 +329,7 @@ static EC_GROUP *ec_group_new_from_data(const struct built_in_curve *curve) { EC_GROUP *group = NULL; EC_POINT *P = NULL; BN_CTX *ctx = NULL; - BIGNUM *p = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL; + BIGNUM *p = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL, *order = NULL; int ok = 0; unsigned param_len; const EC_METHOD *meth; @@ -340,7 +337,7 @@ static EC_GROUP *ec_group_new_from_data(const struct built_in_curve *curve) { const uint8_t *params; if ((ctx = BN_CTX_new()) == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_MALLOC_FAILURE); goto err; } @@ -351,7 +348,7 @@ static EC_GROUP *ec_group_new_from_data(const struct built_in_curve *curve) { if (!(p = BN_bin2bn(params + 0 * param_len, param_len, NULL)) || !(a = BN_bin2bn(params + 1 * param_len, param_len, NULL)) || !(b = BN_bin2bn(params + 2 * param_len, param_len, NULL))) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_BN_LIB); goto err; } @@ -359,39 +356,45 @@ static EC_GROUP *ec_group_new_from_data(const struct built_in_curve *curve) { meth = curve->method(); if (((group = ec_group_new(meth)) == NULL) || (!(group->meth->group_set_curve(group, p, a, b, ctx)))) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_EC_LIB); goto err; } } else { if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_EC_LIB); goto err; } } if ((P = EC_POINT_new(group)) == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_EC_LIB); goto err; } if (!(x = BN_bin2bn(params + 3 * param_len, param_len, NULL)) || !(y = BN_bin2bn(params + 4 * param_len, param_len, NULL))) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_BN_LIB); goto err; } if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx)) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_EC_LIB); goto err; } - if (!BN_bin2bn(params + 5 * param_len, param_len, &group->order) || - !BN_set_word(&group->cofactor, (BN_ULONG)data->cofactor)) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + if (!(order = BN_bin2bn(params + 5 * param_len, param_len, NULL)) || + !BN_set_word(x, (BN_ULONG)data->cofactor)) { + OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_BN_LIB); goto err; } group->generator = P; P = NULL; + if (!BN_copy(&group->order, order) || + !BN_set_word(&group->cofactor, (BN_ULONG)data->cofactor)) { + OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_BN_LIB); + goto err; + } + ok = 1; err: @@ -404,6 +407,7 @@ err: BN_free(p); BN_free(a); BN_free(b); + BN_free(order); BN_free(x); BN_free(y); return group; @@ -423,7 +427,7 @@ EC_GROUP *EC_GROUP_new_by_curve_name(int nid) { } if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_UNKNOWN_GROUP); + OPENSSL_PUT_ERROR(EC, EC_GROUP_new_by_curve_name, EC_R_UNKNOWN_GROUP); return NULL; } @@ -451,11 +455,11 @@ void EC_GROUP_free(EC_GROUP *group) { int ec_group_copy(EC_GROUP *dest, const EC_GROUP *src) { if (dest->meth->group_copy == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_GROUP_copy, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (dest->meth != src->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_GROUP_copy, EC_R_INCOMPATIBLE_OBJECTS); return 0; } if (dest == src) { @@ -550,7 +554,8 @@ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *out_p, BIGNUM *out_a, BIGNUM *out_b, BN_CTX *ctx) { if (group->meth->group_get_curve == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_GROUP_get_curve_GFp, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } return group->meth->group_get_curve(group, out_p, out_a, out_b, ctx); @@ -560,7 +565,8 @@ int EC_GROUP_get_curve_name(const EC_GROUP *group) { return group->curve_name; } int EC_GROUP_get_degree(const EC_GROUP *group) { if (group->meth->group_get_degree == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_GROUP_get_degree, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } return group->meth->group_get_degree(group); @@ -596,17 +602,17 @@ EC_POINT *EC_POINT_new(const EC_GROUP *group) { EC_POINT *ret; if (group == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, EC_POINT_new, ERR_R_PASSED_NULL_PARAMETER); return NULL; } if (group->meth->point_init == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_new, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return NULL; } ret = OPENSSL_malloc(sizeof *ret); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, EC_POINT_new, ERR_R_MALLOC_FAILURE); return NULL; } @@ -647,11 +653,11 @@ void EC_POINT_clear_free(EC_POINT *point) { int EC_POINT_copy(EC_POINT *dest, const EC_POINT *src) { if (dest->meth->point_copy == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_copy, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (dest->meth != src->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_copy, EC_R_INCOMPATIBLE_OBJECTS); return 0; } if (dest == src) { @@ -670,7 +676,7 @@ EC_POINT *EC_POINT_dup(const EC_POINT *a, const EC_GROUP *group) { t = EC_POINT_new(group); if (t == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, EC_POINT_dup, ERR_R_MALLOC_FAILURE); return NULL; } r = EC_POINT_copy(t, a); @@ -684,11 +690,12 @@ EC_POINT *EC_POINT_dup(const EC_POINT *a, const EC_GROUP *group) { int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point) { if (group->meth->point_set_to_infinity == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_set_to_infinity, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_set_to_infinity, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->point_set_to_infinity(group, point); @@ -696,11 +703,12 @@ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point) { int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *point) { if (group->meth->is_at_infinity == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_is_at_infinity, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_is_at_infinity, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->is_at_infinity(group, point); @@ -709,11 +717,12 @@ int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *point) { int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx) { if (group->meth->is_on_curve == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_is_on_curve, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_is_on_curve, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->is_on_curve(group, point, ctx); @@ -722,11 +731,11 @@ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx) { if (group->meth->point_cmp == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_cmp, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return -1; } if ((group->meth != a->meth) || (a->meth != b->meth)) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_cmp, EC_R_INCOMPATIBLE_OBJECTS); return -1; } return group->meth->point_cmp(group, a, b, ctx); @@ -734,11 +743,12 @@ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx) { if (group->meth->make_affine == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_make_affine, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_make_affine, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->make_affine(group, point, ctx); @@ -749,12 +759,13 @@ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], size_t i; if (group->meth->points_make_affine == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINTs_make_affine, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } for (i = 0; i < num; i++) { if (group->meth != points[i]->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINTs_make_affine, EC_R_INCOMPATIBLE_OBJECTS); return 0; } } @@ -765,11 +776,13 @@ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, const EC_POINT *point, BIGNUM *x, BIGNUM *y, BN_CTX *ctx) { if (group->meth->point_get_affine_coordinates == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_get_affine_coordinates_GFp, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_get_affine_coordinates_GFp, + EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->point_get_affine_coordinates(group, point, x, y, ctx); @@ -779,11 +792,13 @@ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx) { if (group->meth->point_set_affine_coordinates == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_set_affine_coordinates_GFp, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_set_affine_coordinates_GFp, + EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->point_set_affine_coordinates(group, point, x, y, ctx); @@ -792,12 +807,12 @@ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx) { if (group->meth->add == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_add, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if ((group->meth != r->meth) || (r->meth != a->meth) || (a->meth != b->meth)) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_add, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->add(group, r, a, b, ctx); @@ -807,11 +822,11 @@ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx) { if (group->meth->dbl == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_dbl, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if ((group->meth != r->meth) || (r->meth != a->meth)) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_dbl, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->dbl(group, r, a, ctx); @@ -820,11 +835,11 @@ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx) { if (group->meth->invert == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_invert, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != a->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_invert, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->invert(group, a, ctx); @@ -859,11 +874,13 @@ int ec_point_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *po const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx) { if (group->meth->point_set_Jprojective_coordinates_GFp == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ec_point_set_Jprojective_coordinates_GFp, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, ec_point_set_Jprojective_coordinates_GFp, + EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->point_set_Jprojective_coordinates_GFp(group, point, x, y, diff --git a/src/crypto/ec/ec_asn1.c b/src/crypto/ec/ec_asn1.c index 31d8944..ff3dca6 100644 --- a/src/crypto/ec/ec_asn1.c +++ b/src/crypto/ec/ec_asn1.c @@ -168,7 +168,7 @@ ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *group, if (ret == NULL) { ret = ECPKPARAMETERS_new(); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_asn1_group2pkparameters, ERR_R_MALLOC_FAILURE); return NULL; } } else { @@ -196,7 +196,7 @@ EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *params) { int nid = NID_undef; if (params == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(EC, ec_asn1_pkparameters2group, EC_R_MISSING_PARAMETERS); return NULL; } @@ -222,13 +222,14 @@ EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *params) { } if (nid == NID_undef) { - OPENSSL_PUT_ERROR(EC, EC_R_NON_NAMED_CURVE); + OPENSSL_PUT_ERROR(EC, ec_asn1_pkparameters2group, EC_R_NON_NAMED_CURVE); return NULL; } ret = EC_GROUP_new_by_curve_name(nid); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_EC_GROUP_NEW_BY_NAME_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_asn1_pkparameters2group, + EC_R_EC_GROUP_NEW_BY_NAME_FAILURE); return NULL; } @@ -242,14 +243,14 @@ static EC_GROUP *d2i_ECPKParameters(EC_GROUP **groupp, const uint8_t **inp, params = d2i_ECPKPARAMETERS(NULL, inp, len); if (params == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_D2I_ECPKPARAMETERS_FAILURE); + OPENSSL_PUT_ERROR(EC, d2i_ECPKParameters, EC_R_D2I_ECPKPARAMETERS_FAILURE); ECPKPARAMETERS_free(params); return NULL; } group = ec_asn1_pkparameters2group(params); if (group == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_PKPARAMETERS2GROUP_FAILURE); + OPENSSL_PUT_ERROR(EC, d2i_ECPKParameters, EC_R_PKPARAMETERS2GROUP_FAILURE); ECPKPARAMETERS_free(params); return NULL; } @@ -267,12 +268,12 @@ static int i2d_ECPKParameters(const EC_GROUP *group, uint8_t **outp) { int ret = 0; ECPKPARAMETERS *tmp = ec_asn1_group2pkparameters(group, NULL); if (tmp == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_GROUP2PKPARAMETERS_FAILURE); + OPENSSL_PUT_ERROR(EC, i2d_ECPKParameters, EC_R_GROUP2PKPARAMETERS_FAILURE); return 0; } ret = i2d_ECPKPARAMETERS(tmp, outp); if (ret == 0) { - OPENSSL_PUT_ERROR(EC, EC_R_I2D_ECPKPARAMETERS_FAILURE); + OPENSSL_PUT_ERROR(EC, i2d_ECPKParameters, EC_R_I2D_ECPKPARAMETERS_FAILURE); ECPKPARAMETERS_free(tmp); return 0; } @@ -287,14 +288,14 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const uint8_t **in, long len) { priv_key = d2i_EC_PRIVATEKEY(NULL, in, len); if (priv_key == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_EC_LIB); return NULL; } if (a == NULL || *a == NULL) { ret = EC_KEY_new(); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_MALLOC_FAILURE); goto err; } } else { @@ -307,7 +308,7 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const uint8_t **in, long len) { } if (ret->group == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_EC_LIB); goto err; } @@ -318,18 +319,18 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const uint8_t **in, long len) { BN_bin2bn(M_ASN1_STRING_data(priv_key->privateKey), M_ASN1_STRING_length(priv_key->privateKey), ret->priv_key); if (ret->priv_key == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_BN_LIB); goto err; } } else { - OPENSSL_PUT_ERROR(EC, EC_R_MISSING_PRIVATE_KEY); + OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, EC_R_MISSING_PRIVATE_KEY); goto err; } EC_POINT_free(ret->pub_key); ret->pub_key = EC_POINT_new(ret->group); if (ret->pub_key == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_EC_LIB); goto err; } @@ -341,20 +342,20 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const uint8_t **in, long len) { pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey); /* The first byte (the point conversion form) must be present. */ if (pub_oct_len <= 0) { - OPENSSL_PUT_ERROR(EC, EC_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, EC_R_BUFFER_TOO_SMALL); goto err; } /* Save the point conversion form. */ ret->conv_form = (point_conversion_form_t)(pub_oct[0] & ~0x01); if (!EC_POINT_oct2point(ret->group, ret->pub_key, pub_oct, pub_oct_len, NULL)) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_EC_LIB); goto err; } } else { if (!EC_POINT_mul(ret->group, ret->pub_key, ret->priv_key, NULL, NULL, NULL)) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_EC_LIB); goto err; } /* Remember the original private-key-only encoding. */ @@ -386,13 +387,13 @@ int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { EC_PRIVATEKEY *priv_key = NULL; if (key == NULL || key->group == NULL || key->priv_key == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_PASSED_NULL_PARAMETER); goto err; } priv_key = EC_PRIVATEKEY_new(); if (priv_key == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_MALLOC_FAILURE); goto err; } @@ -401,17 +402,17 @@ int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { buf_len = BN_num_bytes(&key->group->order); buffer = OPENSSL_malloc(buf_len); if (buffer == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_MALLOC_FAILURE); goto err; } if (!BN_bn2bin_padded(buffer, buf_len, key->priv_key)) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_BN_LIB); goto err; } if (!M_ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len)) { - OPENSSL_PUT_ERROR(EC, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_ASN1_LIB); goto err; } @@ -419,7 +420,7 @@ int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { if (!(key->enc_flag & EC_PKEY_NO_PARAMETERS)) { if ((priv_key->parameters = ec_asn1_group2pkparameters( key->group, priv_key->parameters)) == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_EC_LIB); goto err; } } @@ -428,7 +429,7 @@ int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { if (!(key->enc_flag & EC_PKEY_NO_PUBKEY) && key->pub_key != NULL) { priv_key->publicKey = M_ASN1_BIT_STRING_new(); if (priv_key->publicKey == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_MALLOC_FAILURE); goto err; } @@ -438,7 +439,7 @@ int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { if (tmp_len > buf_len) { uint8_t *tmp_buffer = OPENSSL_realloc(buffer, tmp_len); if (!tmp_buffer) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_MALLOC_FAILURE); goto err; } buffer = tmp_buffer; @@ -447,21 +448,21 @@ int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { if (!EC_POINT_point2oct(key->group, key->pub_key, key->conv_form, buffer, buf_len, NULL)) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_EC_LIB); goto err; } priv_key->publicKey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); priv_key->publicKey->flags |= ASN1_STRING_FLAG_BITS_LEFT; if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer, buf_len)) { - OPENSSL_PUT_ERROR(EC, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_ASN1_LIB); goto err; } } ret = i2d_EC_PRIVATEKEY(priv_key, outp); if (ret == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_EC_LIB); goto err; } ok = 1; @@ -474,7 +475,7 @@ err: int i2d_ECParameters(const EC_KEY *key, uint8_t **outp) { if (key == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, i2d_ECParameters, ERR_R_PASSED_NULL_PARAMETER); return 0; } return i2d_ECPKParameters(key->group, outp); @@ -484,14 +485,14 @@ EC_KEY *d2i_ECParameters(EC_KEY **key, const uint8_t **inp, long len) { EC_KEY *ret; if (inp == NULL || *inp == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, d2i_ECParameters, ERR_R_PASSED_NULL_PARAMETER); return NULL; } if (key == NULL || *key == NULL) { ret = EC_KEY_new(); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, d2i_ECParameters, ERR_R_MALLOC_FAILURE); return NULL; } } else { @@ -499,7 +500,7 @@ EC_KEY *d2i_ECParameters(EC_KEY **key, const uint8_t **inp, long len) { } if (!d2i_ECPKParameters(&ret->group, inp, len)) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, d2i_ECParameters, ERR_R_EC_LIB); if (key == NULL || *key == NULL) { EC_KEY_free(ret); } @@ -516,17 +517,17 @@ EC_KEY *o2i_ECPublicKey(EC_KEY **keyp, const uint8_t **inp, long len) { EC_KEY *ret = NULL; if (keyp == NULL || *keyp == NULL || (*keyp)->group == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, o2i_ECPublicKey, ERR_R_PASSED_NULL_PARAMETER); return 0; } ret = *keyp; if (ret->pub_key == NULL && (ret->pub_key = EC_POINT_new(ret->group)) == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, o2i_ECPublicKey, ERR_R_MALLOC_FAILURE); return 0; } if (!EC_POINT_oct2point(ret->group, ret->pub_key, *inp, len, NULL)) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, o2i_ECPublicKey, ERR_R_EC_LIB); return 0; } /* save the point conversion form */ @@ -540,7 +541,7 @@ int i2o_ECPublicKey(const EC_KEY *key, uint8_t **outp) { int new_buffer = 0; if (key == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, i2o_ECPublicKey, ERR_R_PASSED_NULL_PARAMETER); return 0; } @@ -555,14 +556,14 @@ int i2o_ECPublicKey(const EC_KEY *key, uint8_t **outp) { if (*outp == NULL) { *outp = OPENSSL_malloc(buf_len); if (*outp == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, i2o_ECPublicKey, ERR_R_MALLOC_FAILURE); return 0; } new_buffer = 1; } if (!EC_POINT_point2oct(key->group, key->pub_key, key->conv_form, *outp, buf_len, NULL)) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, i2o_ECPublicKey, ERR_R_EC_LIB); if (new_buffer) { OPENSSL_free(*outp); *outp = NULL; diff --git a/src/crypto/ec/ec_key.c b/src/crypto/ec/ec_key.c index 0defa98..e5cbfed 100644 --- a/src/crypto/ec/ec_key.c +++ b/src/crypto/ec/ec_key.c @@ -87,7 +87,7 @@ EC_KEY *EC_KEY_new(void) { return EC_KEY_new_method(NULL); } EC_KEY *EC_KEY_new_method(const ENGINE *engine) { EC_KEY *ret = (EC_KEY *)OPENSSL_malloc(sizeof(EC_KEY)); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, EC_KEY_new_method, ERR_R_MALLOC_FAILURE); return NULL; } @@ -127,7 +127,7 @@ err1: EC_KEY *EC_KEY_new_by_curve_name(int nid) { EC_KEY *ret = EC_KEY_new(); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, EC_KEY_new_by_curve_name, ERR_R_MALLOC_FAILURE); return NULL; } ret->group = EC_GROUP_new_by_curve_name(nid); @@ -166,7 +166,7 @@ void EC_KEY_free(EC_KEY *r) { EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src) { if (dest == NULL || src == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, EC_KEY_copy, ERR_R_PASSED_NULL_PARAMETER); return NULL; } /* Copy the parameters. */ @@ -300,12 +300,12 @@ int EC_KEY_check_key(const EC_KEY *eckey) { EC_POINT *point = NULL; if (!eckey || !eckey->group || !eckey->pub_key) { - OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, ERR_R_PASSED_NULL_PARAMETER); return 0; } if (EC_POINT_is_at_infinity(eckey->group, eckey->pub_key)) { - OPENSSL_PUT_ERROR(EC, EC_R_POINT_AT_INFINITY); + OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, EC_R_POINT_AT_INFINITY); goto err; } @@ -319,7 +319,7 @@ int EC_KEY_check_key(const EC_KEY *eckey) { /* testing whether the pub_key is on the elliptic curve */ if (!EC_POINT_is_on_curve(eckey->group, eckey->pub_key, ctx)) { - OPENSSL_PUT_ERROR(EC, EC_R_POINT_IS_NOT_ON_CURVE); + OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, EC_R_POINT_IS_NOT_ON_CURVE); goto err; } /* testing whether pub_key * order is the point at infinity */ @@ -327,15 +327,15 @@ int EC_KEY_check_key(const EC_KEY *eckey) { * to check the private key, below? */ order = &eckey->group->order; if (BN_is_zero(order)) { - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_GROUP_ORDER); + OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, EC_R_INVALID_GROUP_ORDER); goto err; } if (!EC_POINT_mul(eckey->group, point, NULL, eckey->pub_key, order, ctx)) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, ERR_R_EC_LIB); goto err; } if (!EC_POINT_is_at_infinity(eckey->group, point)) { - OPENSSL_PUT_ERROR(EC, EC_R_WRONG_ORDER); + OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, EC_R_WRONG_ORDER); goto err; } /* in case the priv_key is present : @@ -343,15 +343,15 @@ int EC_KEY_check_key(const EC_KEY *eckey) { */ if (eckey->priv_key) { if (BN_cmp(eckey->priv_key, order) >= 0) { - OPENSSL_PUT_ERROR(EC, EC_R_WRONG_ORDER); + OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, EC_R_WRONG_ORDER); goto err; } if (!EC_POINT_mul(eckey->group, point, eckey->priv_key, NULL, NULL, ctx)) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, ERR_R_EC_LIB); goto err; } if (EC_POINT_cmp(eckey->group, point, eckey->pub_key, ctx) != 0) { - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_PRIVATE_KEY); + OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, EC_R_INVALID_PRIVATE_KEY); goto err; } } @@ -371,7 +371,8 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, int ok = 0; if (!key || !key->group || !x || !y) { - OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, EC_KEY_set_public_key_affine_coordinates, + ERR_R_PASSED_NULL_PARAMETER); return 0; } ctx = BN_CTX_new(); @@ -393,7 +394,8 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, /* Check if retrieved coordinates match originals: if not values * are out of range. */ if (BN_cmp(x, tx) || BN_cmp(y, ty)) { - OPENSSL_PUT_ERROR(EC, EC_R_COORDINATES_OUT_OF_RANGE); + OPENSSL_PUT_ERROR(EC, EC_KEY_set_public_key_affine_coordinates, + EC_R_COORDINATES_OUT_OF_RANGE); goto err; } @@ -420,7 +422,7 @@ int EC_KEY_generate_key(EC_KEY *eckey) { EC_POINT *pub_key = NULL; if (!eckey || !eckey->group) { - OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, EC_KEY_generate_key, ERR_R_PASSED_NULL_PARAMETER); return 0; } diff --git a/src/crypto/ec/ec_montgomery.c b/src/crypto/ec/ec_montgomery.c index b897000..74dbc6c 100644 --- a/src/crypto/ec/ec_montgomery.c +++ b/src/crypto/ec/ec_montgomery.c @@ -200,7 +200,7 @@ int ec_GFp_mont_group_set_curve(EC_GROUP *group, const BIGNUM *p, goto err; } if (!BN_MONT_CTX_set(mont, p, ctx)) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ec_GFp_mont_group_set_curve, ERR_R_BN_LIB); goto err; } one = BN_new(); @@ -232,7 +232,7 @@ err: int ec_GFp_mont_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) { if (group->mont == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EC, ec_GFp_mont_field_mul, EC_R_NOT_INITIALIZED); return 0; } @@ -242,7 +242,7 @@ int ec_GFp_mont_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, int ec_GFp_mont_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) { if (group->mont == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EC, ec_GFp_mont_field_sqr, EC_R_NOT_INITIALIZED); return 0; } @@ -252,7 +252,7 @@ int ec_GFp_mont_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, int ec_GFp_mont_field_encode(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) { if (group->mont == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EC, ec_GFp_mont_field_encode, EC_R_NOT_INITIALIZED); return 0; } @@ -262,7 +262,7 @@ int ec_GFp_mont_field_encode(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, int ec_GFp_mont_field_decode(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) { if (group->mont == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EC, ec_GFp_mont_field_decode, EC_R_NOT_INITIALIZED); return 0; } @@ -272,7 +272,7 @@ int ec_GFp_mont_field_decode(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, int ec_GFp_mont_field_set_to_one(const EC_GROUP *group, BIGNUM *r, BN_CTX *ctx) { if (group->one == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EC, ec_GFp_mont_field_set_to_one, EC_R_NOT_INITIALIZED); return 0; } diff --git a/src/crypto/ec/oct.c b/src/crypto/ec/oct.c index cb50e17..816a42f 100644 --- a/src/crypto/ec/oct.c +++ b/src/crypto/ec/oct.c @@ -85,7 +85,7 @@ static size_t ec_GFp_simple_point2oct(const EC_GROUP *group, if ((form != POINT_CONVERSION_COMPRESSED) && (form != POINT_CONVERSION_UNCOMPRESSED)) { - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_FORM); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, EC_R_INVALID_FORM); goto err; } @@ -93,7 +93,7 @@ static size_t ec_GFp_simple_point2oct(const EC_GROUP *group, /* encodes to a single 0 octet */ if (buf != NULL) { if (len < 1) { - OPENSSL_PUT_ERROR(EC, EC_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, EC_R_BUFFER_TOO_SMALL); return 0; } buf[0] = 0; @@ -110,7 +110,7 @@ static size_t ec_GFp_simple_point2oct(const EC_GROUP *group, /* if 'buf' is NULL, just return required length */ if (buf != NULL) { if (len < ret) { - OPENSSL_PUT_ERROR(EC, EC_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, EC_R_BUFFER_TOO_SMALL); goto err; } @@ -142,21 +142,21 @@ static size_t ec_GFp_simple_point2oct(const EC_GROUP *group, i = 1; if (!BN_bn2bin_padded(buf + i, field_len, x)) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, ERR_R_INTERNAL_ERROR); goto err; } i += field_len; if (form == POINT_CONVERSION_UNCOMPRESSED) { if (!BN_bn2bin_padded(buf + i, field_len, y)) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, ERR_R_INTERNAL_ERROR); goto err; } i += field_len; } if (i != ret) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, ERR_R_INTERNAL_ERROR); goto err; } } @@ -187,7 +187,7 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, int ret = 0; if (len == 0) { - OPENSSL_PUT_ERROR(EC, EC_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_BUFFER_TOO_SMALL); return 0; } form = buf[0]; @@ -195,17 +195,17 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, form = form & ~1U; if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED) && (form != POINT_CONVERSION_UNCOMPRESSED)) { - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); return 0; } if ((form == 0 || form == POINT_CONVERSION_UNCOMPRESSED) && y_bit) { - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); return 0; } if (form == 0) { if (len != 1) { - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); return 0; } @@ -217,7 +217,7 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, (form == POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len; if (len != enc_len) { - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); return 0; } @@ -231,7 +231,7 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, BN_CTX_start(ctx); x = BN_CTX_get(ctx); y = BN_CTX_get(ctx); - if (x == NULL || y == NULL) { + if (y == NULL) { goto err; } @@ -239,7 +239,7 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, goto err; } if (BN_ucmp(x, &group->field) >= 0) { - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); goto err; } @@ -252,7 +252,7 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, goto err; } if (BN_ucmp(y, &group->field) >= 0) { - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); goto err; } @@ -263,7 +263,7 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, /* test required by X9.62 */ if (!EC_POINT_is_on_curve(group, point, ctx)) { - OPENSSL_PUT_ERROR(EC, EC_R_POINT_IS_NOT_ON_CURVE); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_POINT_IS_NOT_ON_CURVE); goto err; } @@ -279,11 +279,12 @@ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *point, const uint8_t *buf, size_t len, BN_CTX *ctx) { if (group->meth->oct2point == 0 && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_oct2point, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_oct2point, EC_R_INCOMPATIBLE_OBJECTS); return 0; } if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) { @@ -298,11 +299,12 @@ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *point, size_t len, BN_CTX *ctx) { if (group->meth->point2oct == 0 && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_point2oct, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_point2oct, EC_R_INCOMPATIBLE_OBJECTS); return 0; } if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) { @@ -404,9 +406,9 @@ int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, if (ERR_GET_LIB(err) == ERR_LIB_BN && ERR_GET_REASON(err) == BN_R_NOT_A_SQUARE) { ERR_clear_error(); - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_COMPRESSED_POINT); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, EC_R_INVALID_COMPRESSED_POINT); } else { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, ERR_R_BN_LIB); } goto err; } @@ -421,10 +423,12 @@ int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, } if (kron == 1) { - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_COMPRESSION_BIT); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, + EC_R_INVALID_COMPRESSION_BIT); } else { /* BN_mod_sqrt() should have cought this error (not a square) */ - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_COMPRESSED_POINT); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, + EC_R_INVALID_COMPRESSED_POINT); } goto err; } @@ -433,7 +437,8 @@ int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, } } if (y_bit != BN_is_odd(y)) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, + ERR_R_INTERNAL_ERROR); goto err; } @@ -454,11 +459,13 @@ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, int y_bit, BN_CTX *ctx) { if (group->meth->point_set_compressed_coordinates == 0 && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_set_compressed_coordinates_GFp, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_set_compressed_coordinates_GFp, + EC_R_INCOMPATIBLE_OBJECTS); return 0; } if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) { diff --git a/src/crypto/ec/p256-64.c b/src/crypto/ec/p256-64.c index 3946b29..fdb942c 100644 --- a/src/crypto/ec/p256-64.c +++ b/src/crypto/ec/p256-64.c @@ -125,7 +125,7 @@ static void flip_endian(u8 *out, const u8 *in, unsigned len) { /* BN_to_felem converts an OpenSSL BIGNUM into an felem. */ static int BN_to_felem(felem out, const BIGNUM *bn) { if (BN_is_negative(bn)) { - OPENSSL_PUT_ERROR(EC, EC_R_BIGNUM_OUT_OF_RANGE); + OPENSSL_PUT_ERROR(EC, BN_to_felem, EC_R_BIGNUM_OUT_OF_RANGE); return 0; } @@ -134,7 +134,7 @@ static int BN_to_felem(felem out, const BIGNUM *bn) { memset(b_out, 0, sizeof(b_out)); unsigned num_bytes = BN_num_bytes(bn); if (num_bytes > sizeof(b_out)) { - OPENSSL_PUT_ERROR(EC, EC_R_BIGNUM_OUT_OF_RANGE); + OPENSSL_PUT_ERROR(EC, BN_to_felem, EC_R_BIGNUM_OUT_OF_RANGE); return 0; } @@ -1638,7 +1638,8 @@ int ec_GFp_nistp256_group_set_curve(EC_GROUP *group, const BIGNUM *p, if (BN_cmp(curve_p, p) || BN_cmp(curve_a, a) || BN_cmp(curve_b, b)) { - OPENSSL_PUT_ERROR(EC, EC_R_WRONG_CURVE_PARAMETERS); + OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_group_set_curve, + EC_R_WRONG_CURVE_PARAMETERS); goto err; } ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx); @@ -1660,7 +1661,8 @@ int ec_GFp_nistp256_point_get_affine_coordinates(const EC_GROUP *group, longfelem tmp; if (EC_POINT_is_at_infinity(group, point)) { - OPENSSL_PUT_ERROR(EC, EC_R_POINT_AT_INFINITY); + OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_point_get_affine_coordinates, + EC_R_POINT_AT_INFINITY); return 0; } if (!BN_to_felem(x_in, &point->X) || @@ -1675,7 +1677,8 @@ int ec_GFp_nistp256_point_get_affine_coordinates(const EC_GROUP *group, felem_reduce(x_in, tmp); felem_contract(x_out, x_in); if (x != NULL && !smallfelem_to_BN(x, x_out)) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_point_get_affine_coordinates, + ERR_R_BN_LIB); return 0; } felem_mul(tmp, z1, z2); @@ -1684,7 +1687,8 @@ int ec_GFp_nistp256_point_get_affine_coordinates(const EC_GROUP *group, felem_reduce(y_in, tmp); felem_contract(y_out, y_in); if (y != NULL && !smallfelem_to_BN(y, y_out)) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_point_get_affine_coordinates, + ERR_R_BN_LIB); return 0; } return 1; @@ -1759,7 +1763,7 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, if (!smallfelem_to_BN(x, g_pre_comp[0][1][0]) || !smallfelem_to_BN(y, g_pre_comp[0][1][1]) || !smallfelem_to_BN(z, g_pre_comp[0][1][2])) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_points_mul, ERR_R_BN_LIB); goto err; } if (!ec_point_set_Jprojective_coordinates_GFp(group, generator, x, y, z, @@ -1790,7 +1794,7 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, } if (secrets == NULL || pre_comp == NULL || (mixed && tmp_smallfelems == NULL)) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_points_mul, ERR_R_MALLOC_FAILURE); goto err; } @@ -1814,7 +1818,7 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, /* this is an unusual input, and we don't guarantee * constant-timeness. */ if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_points_mul, ERR_R_BN_LIB); goto err; } num_bytes = BN_bn2bin(tmp_scalar, tmp); @@ -1859,7 +1863,7 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, /* this is an unusual input, and we don't guarantee * constant-timeness. */ if (!BN_nnmod(tmp_scalar, scalar, &group->order, ctx)) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_points_mul, ERR_R_BN_LIB); goto err; } num_bytes = BN_bn2bin(tmp_scalar, tmp); @@ -1885,7 +1889,7 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, if (!smallfelem_to_BN(x, x_in) || !smallfelem_to_BN(y, y_in) || !smallfelem_to_BN(z, z_in)) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_points_mul, ERR_R_BN_LIB); goto err; } ret = ec_point_set_Jprojective_coordinates_GFp(group, r, x, y, z, ctx); diff --git a/src/crypto/ec/simple.c b/src/crypto/ec/simple.c index c62199c..69fd2e4 100644 --- a/src/crypto/ec/simple.c +++ b/src/crypto/ec/simple.c @@ -172,7 +172,7 @@ int ec_GFp_simple_group_set_curve(EC_GROUP *group, const BIGNUM *p, /* p must be a prime > 3 */ if (BN_num_bits(p) <= 2 || !BN_is_odd(p)) { - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_FIELD); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_group_set_curve, EC_R_INVALID_FIELD); return 0; } @@ -283,7 +283,8 @@ int ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx) { if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); if (ctx == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_group_check_discriminant, + ERR_R_MALLOC_FAILURE); goto err; } } @@ -491,7 +492,8 @@ int ec_GFp_simple_point_set_affine_coordinates(const EC_GROUP *group, const BIGNUM *y, BN_CTX *ctx) { if (x == NULL || y == NULL) { /* unlike for projective coordinates, we do not tolerate this */ - OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point_set_affine_coordinates, + ERR_R_PASSED_NULL_PARAMETER); return 0; } @@ -508,7 +510,8 @@ int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, int ret = 0; if (EC_POINT_is_at_infinity(group, point)) { - OPENSSL_PUT_ERROR(EC, EC_R_POINT_AT_INFINITY); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point_get_affine_coordinates, + EC_R_POINT_AT_INFINITY); return 0; } @@ -524,7 +527,7 @@ int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, Z_1 = BN_CTX_get(ctx); Z_2 = BN_CTX_get(ctx); Z_3 = BN_CTX_get(ctx); - if (Z == NULL || Z_1 == NULL || Z_2 == NULL || Z_3 == NULL) { + if (Z_3 == NULL) { goto err; } @@ -557,7 +560,8 @@ int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, } } else { if (!BN_mod_inverse(Z_1, Z_, &group->field, ctx)) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point_get_affine_coordinates, + ERR_R_BN_LIB); goto err; } @@ -1179,7 +1183,7 @@ int ec_GFp_simple_make_affine(const EC_GROUP *group, EC_POINT *point, goto err; } if (!point->Z_is_one) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_make_affine, ERR_R_INTERNAL_ERROR); goto err; } @@ -1265,7 +1269,7 @@ int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, * non-zero points[i]->Z by its inverse. */ if (!BN_mod_inverse(tmp, prod_Z[num - 1], &group->field, ctx)) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_points_make_affine, ERR_R_BN_LIB); goto err; } diff --git a/src/crypto/ec/wnaf.c b/src/crypto/ec/wnaf.c index 7fa0e1b..ae0d73f 100644 --- a/src/crypto/ec/wnaf.c +++ b/src/crypto/ec/wnaf.c @@ -100,7 +100,7 @@ static EC_PRE_COMP *ec_pre_comp_new(void) { ret = (EC_PRE_COMP *)OPENSSL_malloc(sizeof(EC_PRE_COMP)); if (!ret) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_pre_comp_new, ERR_R_MALLOC_FAILURE); return ret; } ret->blocksize = 8; /* default */ @@ -158,7 +158,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { if (BN_is_zero(scalar)) { r = OPENSSL_malloc(1); if (!r) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_MALLOC_FAILURE); goto err; } r[0] = 0; @@ -169,7 +169,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { if (w <= 0 || w > 7) /* 'signed char' can represent integers with absolute values less than 2^7 */ { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_INTERNAL_ERROR); goto err; } bit = 1 << w; /* at most 128 */ @@ -181,7 +181,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { } if (scalar->d == NULL || scalar->top == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_INTERNAL_ERROR); goto err; } @@ -192,7 +192,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { * (*ret_len will be set to the actual length, i.e. at most * BN_num_bits(scalar) + 1) */ if (r == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_MALLOC_FAILURE); goto err; } window_val = scalar->d[0] & mask; @@ -225,7 +225,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { } if (digit <= -bit || digit >= bit || !(digit & 1)) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_INTERNAL_ERROR); goto err; } @@ -235,7 +235,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { * for modified window NAFs, it may also be 2^w */ if (window_val != 0 && window_val != next_bit && window_val != bit) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_INTERNAL_ERROR); goto err; } } @@ -246,13 +246,13 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { window_val += bit * BN_is_bit_set(scalar, j + w); if (window_val > next_bit) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_INTERNAL_ERROR); goto err; } } if (j > len + 1) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_INTERNAL_ERROR); goto err; } len = j; @@ -316,7 +316,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, int ret = 0; if (group->meth != r->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, EC_R_INCOMPATIBLE_OBJECTS); return 0; } @@ -326,7 +326,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, for (i = 0; i < num; i++) { if (group->meth != points[i]->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, EC_R_INCOMPATIBLE_OBJECTS); return 0; } } @@ -341,7 +341,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, if (scalar != NULL) { generator = EC_GROUP_get0_generator(group); if (generator == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_UNDEFINED_GENERATOR); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, EC_R_UNDEFINED_GENERATOR); goto err; } @@ -366,7 +366,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, /* check that pre_comp looks sane */ if (pre_comp->num != (pre_comp->numblocks * pre_points_per_block)) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); goto err; } } else { @@ -391,7 +391,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, } if (!wsize || !wNAF_len || !wNAF || !val_sub) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_MALLOC_FAILURE); goto err; } @@ -420,7 +420,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, if (pre_comp == NULL) { if (num_scalar != 1) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); goto err; } /* we have already generated a wNAF for 'scalar' */ @@ -429,7 +429,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t tmp_len = 0; if (num_scalar != 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); goto err; } @@ -463,8 +463,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, /* possibly we can do with fewer blocks than estimated */ numblocks = (tmp_len + blocksize - 1) / blocksize; if (numblocks > pre_comp->numblocks) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); - OPENSSL_free(tmp_wNAF); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); goto err; } totalnum = num + numblocks; @@ -478,8 +477,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, if (i < totalnum - 1) { wNAF_len[i] = blocksize; if (tmp_len < blocksize) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); - OPENSSL_free(tmp_wNAF); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); goto err; } tmp_len -= blocksize; @@ -492,7 +490,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, wNAF[i + 1] = NULL; wNAF[i] = OPENSSL_malloc(wNAF_len[i]); if (wNAF[i] == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_MALLOC_FAILURE); OPENSSL_free(tmp_wNAF); goto err; } @@ -502,7 +500,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, } if (*tmp_points == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); OPENSSL_free(tmp_wNAF); goto err; } @@ -521,7 +519,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, */ val = OPENSSL_malloc((num_val + 1) * sizeof val[0]); if (val == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_MALLOC_FAILURE); goto err; } val[num_val] = NULL; /* pivot element */ @@ -539,7 +537,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, } } if (!(v == val + num_val)) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); goto err; } @@ -697,7 +695,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) { generator = EC_GROUP_get0_generator(group); if (generator == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_UNDEFINED_GENERATOR); + OPENSSL_PUT_ERROR(EC, ec_wNAF_precompute_mult, EC_R_UNDEFINED_GENERATOR); return 0; } @@ -723,7 +721,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) { goto err; } if (BN_is_zero(order)) { - OPENSSL_PUT_ERROR(EC, EC_R_UNKNOWN_ORDER); + OPENSSL_PUT_ERROR(EC, ec_wNAF_precompute_mult, EC_R_UNKNOWN_ORDER); goto err; } @@ -751,7 +749,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) { points = OPENSSL_malloc(sizeof(EC_POINT *) * (num + 1)); if (!points) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_wNAF_precompute_mult, ERR_R_MALLOC_FAILURE); goto err; } @@ -759,13 +757,13 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) { var[num] = NULL; /* pivot */ for (i = 0; i < num; i++) { if ((var[i] = EC_POINT_new(group)) == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_wNAF_precompute_mult, ERR_R_MALLOC_FAILURE); goto err; } } if (!(tmp_point = EC_POINT_new(group)) || !(base = EC_POINT_new(group))) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_wNAF_precompute_mult, ERR_R_MALLOC_FAILURE); goto err; } @@ -797,7 +795,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) { size_t k; if (blocksize <= 2) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ec_wNAF_precompute_mult, ERR_R_INTERNAL_ERROR); goto err; } diff --git a/src/crypto/ecdh/CMakeLists.txt b/src/crypto/ecdh/CMakeLists.txt index 8eaeae5..346e72d 100644 --- a/src/crypto/ecdh/CMakeLists.txt +++ b/src/crypto/ecdh/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( ecdh diff --git a/src/crypto/ecdh/ecdh.c b/src/crypto/ecdh/ecdh.c index 14856db..a011bab 100644 --- a/src/crypto/ecdh/ecdh.c +++ b/src/crypto/ecdh/ecdh.c @@ -95,7 +95,7 @@ int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, priv = EC_KEY_get0_private_key(priv_key); if (priv == NULL) { - OPENSSL_PUT_ERROR(ECDH, ECDH_R_NO_PRIVATE_VALUE); + OPENSSL_PUT_ERROR(ECDH, ECDH_compute_key, ECDH_R_NO_PRIVATE_VALUE); goto err; } @@ -103,35 +103,35 @@ int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, tmp = EC_POINT_new(group); if (tmp == NULL) { - OPENSSL_PUT_ERROR(ECDH, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDH, ECDH_compute_key, ERR_R_MALLOC_FAILURE); goto err; } if (!EC_POINT_mul(group, tmp, NULL, pub_key, priv, ctx)) { - OPENSSL_PUT_ERROR(ECDH, ECDH_R_POINT_ARITHMETIC_FAILURE); + OPENSSL_PUT_ERROR(ECDH, ECDH_compute_key, ECDH_R_POINT_ARITHMETIC_FAILURE); goto err; } if (!EC_POINT_get_affine_coordinates_GFp(group, tmp, x, y, ctx)) { - OPENSSL_PUT_ERROR(ECDH, ECDH_R_POINT_ARITHMETIC_FAILURE); + OPENSSL_PUT_ERROR(ECDH, ECDH_compute_key, ECDH_R_POINT_ARITHMETIC_FAILURE); goto err; } buflen = (EC_GROUP_get_degree(group) + 7) / 8; buf = OPENSSL_malloc(buflen); if (buf == NULL) { - OPENSSL_PUT_ERROR(ECDH, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDH, ECDH_compute_key, ERR_R_MALLOC_FAILURE); goto err; } if (!BN_bn2bin_padded(buf, buflen, x)) { - OPENSSL_PUT_ERROR(ECDH, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(ECDH, ECDH_compute_key, ERR_R_INTERNAL_ERROR); goto err; } if (KDF != 0) { if (KDF(buf, buflen, out, &outlen) == NULL) { - OPENSSL_PUT_ERROR(ECDH, ECDH_R_KDF_FAILED); + OPENSSL_PUT_ERROR(ECDH, ECDH_compute_key, ECDH_R_KDF_FAILED); goto err; } ret = outlen; diff --git a/src/crypto/ecdsa/CMakeLists.txt b/src/crypto/ecdsa/CMakeLists.txt index e7581be..f431e59 100644 --- a/src/crypto/ecdsa/CMakeLists.txt +++ b/src/crypto/ecdsa/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( ecdsa diff --git a/src/crypto/ecdsa/ecdsa.c b/src/crypto/ecdsa/ecdsa.c index 8403d60..b71799e 100644 --- a/src/crypto/ecdsa/ecdsa.c +++ b/src/crypto/ecdsa/ecdsa.c @@ -52,11 +52,9 @@ #include -#include #include #include -#include #include #include @@ -83,18 +81,16 @@ int ECDSA_verify(int type, const uint8_t *digest, size_t digest_len, return eckey->ecdsa_meth->verify(digest, digest_len, sig, sig_len, eckey); } - /* Decode the ECDSA signature. */ - s = ECDSA_SIG_from_bytes(sig, sig_len); - if (s == NULL) { + s = ECDSA_SIG_new(); + const uint8_t *sigp = sig; + if (s == NULL || d2i_ECDSA_SIG(&s, &sigp, sig_len) == NULL || + sigp != sig + sig_len) { goto err; } - /* Defend against potential laxness in the DER parser. */ - size_t der_len; - if (!ECDSA_SIG_to_bytes(&der, &der_len, s) || - der_len != sig_len || memcmp(sig, der, sig_len) != 0) { - /* This should never happen. crypto/bytestring is strictly DER. */ - OPENSSL_PUT_ERROR(ECDSA, ERR_R_INTERNAL_ERROR); + /* Ensure that the signature uses DER and doesn't have trailing garbage. */ + const int der_len = i2d_ECDSA_SIG(s, &der); + if (der_len < 0 || (size_t) der_len != sig_len || memcmp(sig, der, sig_len)) { goto err; } @@ -120,14 +116,14 @@ static int digest_to_bn(BIGNUM *out, const uint8_t *digest, size_t digest_len, digest_len = (num_bits + 7) / 8; } if (!BN_bin2bn(digest, digest_len, out)) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, digest_to_bn, ERR_R_BN_LIB); return 0; } /* If still too long truncate remaining bits with a shift */ if ((8 * digest_len > num_bits) && !BN_rshift(out, out, 8 - (num_bits & 0x7))) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, digest_to_bn, ERR_R_BN_LIB); return 0; } @@ -149,7 +145,7 @@ int ECDSA_do_verify(const uint8_t *digest, size_t digest_len, const EC_POINT *pub_key; if (eckey->ecdsa_meth && eckey->ecdsa_meth->verify) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_NOT_IMPLEMENTED); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ECDSA_R_NOT_IMPLEMENTED); return 0; } @@ -157,13 +153,13 @@ int ECDSA_do_verify(const uint8_t *digest, size_t digest_len, if ((group = EC_KEY_get0_group(eckey)) == NULL || (pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ECDSA_R_MISSING_PARAMETERS); return 0; } ctx = BN_CTX_new(); if (!ctx) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_MALLOC_FAILURE); return 0; } BN_CTX_start(ctx); @@ -172,26 +168,26 @@ int ECDSA_do_verify(const uint8_t *digest, size_t digest_len, u2 = BN_CTX_get(ctx); m = BN_CTX_get(ctx); X = BN_CTX_get(ctx); - if (order == NULL || u1 == NULL || u2 == NULL || m == NULL || X == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); + if (!X) { + OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_BN_LIB); goto err; } if (!EC_GROUP_get_order(group, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_EC_LIB); goto err; } if (BN_is_zero(sig->r) || BN_is_negative(sig->r) || BN_ucmp(sig->r, order) >= 0 || BN_is_zero(sig->s) || BN_is_negative(sig->s) || BN_ucmp(sig->s, order) >= 0) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_BAD_SIGNATURE); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ECDSA_R_BAD_SIGNATURE); ret = 0; /* signature is invalid */ goto err; } /* calculate tmp1 = inv(S) mod order */ if (!BN_mod_inverse(u2, sig->s, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_BN_LIB); goto err; } if (!digest_to_bn(m, digest, digest_len, order)) { @@ -199,30 +195,30 @@ int ECDSA_do_verify(const uint8_t *digest, size_t digest_len, } /* u1 = m * tmp mod order */ if (!BN_mod_mul(u1, m, u2, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_BN_LIB); goto err; } /* u2 = r * w mod q */ if (!BN_mod_mul(u2, sig->r, u2, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_BN_LIB); goto err; } point = EC_POINT_new(group); if (point == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_MALLOC_FAILURE); goto err; } if (!EC_POINT_mul(group, point, u1, pub_key, u2, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_EC_LIB); goto err; } if (!EC_POINT_get_affine_coordinates_GFp(group, point, X, NULL, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_EC_LIB); goto err; } if (!BN_nnmod(u1, X, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_BN_LIB); goto err; } /* if the signature is correct u1 is equal to sig->r */ @@ -245,13 +241,13 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, int ret = 0; if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_PASSED_NULL_PARAMETER); return 0; } if (ctx_in == NULL) { if ((ctx = BN_CTX_new()) == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_MALLOC_FAILURE); return 0; } } else { @@ -263,16 +259,16 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, order = BN_new(); X = BN_new(); if (!k || !r || !order || !X) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_MALLOC_FAILURE); goto err; } tmp_point = EC_POINT_new(group); if (tmp_point == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_EC_LIB); goto err; } if (!EC_GROUP_get_order(group, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_EC_LIB); goto err; } @@ -290,7 +286,8 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, ok = BN_rand_range(k, order); } if (!ok) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED); + OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, + ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED); goto err; } } while (BN_is_zero(k)); @@ -310,23 +307,23 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, /* compute r the x-coordinate of generator * k */ if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_EC_LIB); goto err; } if (!EC_POINT_get_affine_coordinates_GFp(group, tmp_point, X, NULL, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_EC_LIB); goto err; } if (!BN_nnmod(r, X, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_BN_LIB); goto err; } } while (BN_is_zero(r)); /* compute the inverse of k */ if (!BN_mod_inverse(k, k, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_BN_LIB); goto err; } /* clear old values if necessary */ @@ -368,7 +365,7 @@ ECDSA_SIG *ECDSA_do_sign_ex(const uint8_t *digest, size_t digest_len, const BIGNUM *priv_key; if (eckey->ecdsa_meth && eckey->ecdsa_meth->sign) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_NOT_IMPLEMENTED); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ECDSA_R_NOT_IMPLEMENTED); return NULL; } @@ -376,25 +373,25 @@ ECDSA_SIG *ECDSA_do_sign_ex(const uint8_t *digest, size_t digest_len, priv_key = EC_KEY_get0_private_key(eckey); if (group == NULL || priv_key == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_PASSED_NULL_PARAMETER); return NULL; } ret = ECDSA_SIG_new(); if (!ret) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_MALLOC_FAILURE); return NULL; } s = ret->s; if ((ctx = BN_CTX_new()) == NULL || (order = BN_new()) == NULL || (tmp = BN_new()) == NULL || (m = BN_new()) == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_MALLOC_FAILURE); goto err; } if (!EC_GROUP_get_order(group, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_EC_LIB); goto err; } if (!digest_to_bn(m, digest, digest_len, order)) { @@ -403,35 +400,35 @@ ECDSA_SIG *ECDSA_do_sign_ex(const uint8_t *digest, size_t digest_len, for (;;) { if (in_kinv == NULL || in_r == NULL) { if (!ecdsa_sign_setup(eckey, ctx, &kinv, &ret->r, digest, digest_len)) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_ECDSA_LIB); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_ECDSA_LIB); goto err; } ckinv = kinv; } else { ckinv = in_kinv; if (BN_copy(ret->r, in_r) == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_MALLOC_FAILURE); goto err; } } if (!BN_mod_mul(tmp, priv_key, ret->r, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_BN_LIB); goto err; } if (!BN_mod_add_quick(s, tmp, m, order)) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_BN_LIB); goto err; } if (!BN_mod_mul(s, s, ckinv, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_BN_LIB); goto err; } if (BN_is_zero(s)) { /* if kinv and r have been supplied by the caller * don't to generate new kinv and r values */ if (in_kinv != NULL && in_r != NULL) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_NEED_NEW_SETUP_VALUES); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ECDSA_R_NEED_NEW_SETUP_VALUES); goto err; } } else { @@ -458,36 +455,20 @@ err: int ECDSA_sign_ex(int type, const uint8_t *digest, size_t digest_len, uint8_t *sig, unsigned int *sig_len, const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey) { - int ret = 0; ECDSA_SIG *s = NULL; if (eckey->ecdsa_meth && eckey->ecdsa_meth->sign) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_NOT_IMPLEMENTED); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_sign_ex, ECDSA_R_NOT_IMPLEMENTED); *sig_len = 0; - goto err; + return 0; } s = ECDSA_do_sign_ex(digest, digest_len, kinv, r, eckey); if (s == NULL) { *sig_len = 0; - goto err; - } - - CBB cbb; - CBB_zero(&cbb); - size_t len; - if (!CBB_init_fixed(&cbb, sig, ECDSA_size(eckey)) || - !ECDSA_SIG_marshal(&cbb, s) || - !CBB_finish(&cbb, NULL, &len)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_ENCODE_ERROR); - CBB_cleanup(&cbb); - *sig_len = 0; - goto err; + return 0; } - *sig_len = (unsigned)len; - ret = 1; - -err: + *sig_len = i2d_ECDSA_SIG(s, &sig); ECDSA_SIG_free(s); - return ret; + return 1; } diff --git a/src/crypto/ecdsa/ecdsa_asn1.c b/src/crypto/ecdsa/ecdsa_asn1.c index f2d7c36..f557ca7 100644 --- a/src/crypto/ecdsa/ecdsa_asn1.c +++ b/src/crypto/ecdsa/ecdsa_asn1.c @@ -52,33 +52,45 @@ #include -#include -#include - -#include -#include -#include +#include +#include #include #include #include "../ec/internal.h" +DECLARE_ASN1_FUNCTIONS_const(ECDSA_SIG); +DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECDSA_SIG, ECDSA_SIG); + +ASN1_SEQUENCE(ECDSA_SIG) = { + ASN1_SIMPLE(ECDSA_SIG, r, CBIGNUM), + ASN1_SIMPLE(ECDSA_SIG, s, CBIGNUM), +} ASN1_SEQUENCE_END(ECDSA_SIG); + +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ECDSA_SIG, ECDSA_SIG, ECDSA_SIG); + size_t ECDSA_size(const EC_KEY *key) { - if (key == NULL) { - return 0; - } + size_t ret, i, group_order_size; + ASN1_INTEGER bs; + BIGNUM *order = NULL; + unsigned char buf[4]; + const EC_GROUP *group; - size_t group_order_size; if (key->ecdsa_meth && key->ecdsa_meth->group_order_size) { group_order_size = key->ecdsa_meth->group_order_size(key); } else { - const EC_GROUP *group = EC_KEY_get0_group(key); + size_t num_bits; + + if (key == NULL) { + return 0; + } + group = EC_KEY_get0_group(key); if (group == NULL) { return 0; } - BIGNUM *order = BN_new(); + order = BN_new(); if (order == NULL) { return 0; } @@ -87,11 +99,21 @@ size_t ECDSA_size(const EC_KEY *key) { return 0; } - group_order_size = BN_num_bytes(order); - BN_clear_free(order); + num_bits = BN_num_bits(order); + group_order_size = (num_bits + 7) / 8; } - return ECDSA_SIG_max_len(group_order_size); + bs.length = group_order_size; + bs.data = buf; + bs.type = V_ASN1_INTEGER; + /* If the top bit is set the ASN.1 encoding is 1 larger. */ + buf[0] = 0xff; + + i = i2d_ASN1_INTEGER(&bs, NULL); + i += i; /* r and s */ + ret = ASN1_object_size(1, i, V_ASN1_SEQUENCE); + BN_clear_free(order); + return ret; } ECDSA_SIG *ECDSA_SIG_new(void) { @@ -117,134 +139,3 @@ void ECDSA_SIG_free(ECDSA_SIG *sig) { BN_free(sig->s); OPENSSL_free(sig); } - -ECDSA_SIG *ECDSA_SIG_parse(CBS *cbs) { - ECDSA_SIG *ret = ECDSA_SIG_new(); - if (ret == NULL) { - return NULL; - } - CBS child; - if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) || - !BN_cbs2unsigned(&child, ret->r) || - !BN_cbs2unsigned(&child, ret->s) || - CBS_len(&child) != 0) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_BAD_SIGNATURE); - ECDSA_SIG_free(ret); - return NULL; - } - return ret; -} - -ECDSA_SIG *ECDSA_SIG_from_bytes(const uint8_t *in, size_t in_len) { - CBS cbs; - CBS_init(&cbs, in, in_len); - ECDSA_SIG *ret = ECDSA_SIG_parse(&cbs); - if (ret == NULL || CBS_len(&cbs) != 0) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_BAD_SIGNATURE); - ECDSA_SIG_free(ret); - return NULL; - } - return ret; -} - -int ECDSA_SIG_marshal(CBB *cbb, const ECDSA_SIG *sig) { - CBB child; - if (!CBB_add_asn1(cbb, &child, CBS_ASN1_SEQUENCE) || - !BN_bn2cbb(&child, sig->r) || - !BN_bn2cbb(&child, sig->s) || - !CBB_flush(cbb)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_ENCODE_ERROR); - return 0; - } - return 1; -} - -int ECDSA_SIG_to_bytes(uint8_t **out_bytes, size_t *out_len, - const ECDSA_SIG *sig) { - CBB cbb; - CBB_zero(&cbb); - if (!CBB_init(&cbb, 0) || - !ECDSA_SIG_marshal(&cbb, sig) || - !CBB_finish(&cbb, out_bytes, out_len)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_ENCODE_ERROR); - CBB_cleanup(&cbb); - return 0; - } - return 1; -} - -/* der_len_len returns the number of bytes needed to represent a length of |len| - * in DER. */ -static size_t der_len_len(size_t len) { - if (len < 0x80) { - return 1; - } - size_t ret = 1; - while (len > 0) { - ret++; - len >>= 8; - } - return ret; -} - -size_t ECDSA_SIG_max_len(size_t order_len) { - /* Compute the maximum length of an |order_len| byte integer. Defensively - * assume that the leading 0x00 is included. */ - size_t integer_len = 1 /* tag */ + der_len_len(order_len + 1) + 1 + order_len; - if (integer_len < order_len) { - return 0; - } - /* An ECDSA signature is two INTEGERs. */ - size_t value_len = 2 * integer_len; - if (value_len < integer_len) { - return 0; - } - /* Add the header. */ - size_t ret = 1 /* tag */ + der_len_len(value_len) + value_len; - if (ret < value_len) { - return 0; - } - return ret; -} - -ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **out, const uint8_t **inp, long len) { - if (len < 0) { - return NULL; - } - CBS cbs; - CBS_init(&cbs, *inp, (size_t)len); - ECDSA_SIG *ret = ECDSA_SIG_parse(&cbs); - if (ret == NULL) { - return NULL; - } - if (out != NULL) { - ECDSA_SIG_free(*out); - *out = ret; - } - *inp += (size_t)len - CBS_len(&cbs); - return ret; -} - -int i2d_ECDSA_SIG(const ECDSA_SIG *sig, uint8_t **outp) { - uint8_t *der; - size_t der_len; - if (!ECDSA_SIG_to_bytes(&der, &der_len, sig)) { - return -1; - } - if (der_len > INT_MAX) { - OPENSSL_PUT_ERROR(ECDSA, ERR_R_OVERFLOW); - OPENSSL_free(der); - return -1; - } - if (outp != NULL) { - if (*outp == NULL) { - *outp = der; - der = NULL; - } else { - memcpy(*outp, der, der_len); - *outp += der_len; - } - } - OPENSSL_free(der); - return (int)der_len; -} diff --git a/src/crypto/ecdsa/ecdsa_test.cc b/src/crypto/ecdsa/ecdsa_test.cc index b916509..a6bd7a1 100644 --- a/src/crypto/ecdsa/ecdsa_test.cc +++ b/src/crypto/ecdsa/ecdsa_test.cc @@ -78,13 +78,18 @@ static bool VerifyECDSASig(Api api, const uint8_t *digest, switch (api) { case kEncodedApi: { - uint8_t *der; - size_t der_len; - if (!ECDSA_SIG_to_bytes(&der, &der_len, ecdsa_sig)) { + int sig_len = i2d_ECDSA_SIG(ecdsa_sig, NULL); + if (sig_len <= 0) { return false; } - ScopedOpenSSLBytes delete_der(der); - actual_result = ECDSA_verify(0, digest, digest_len, der, der_len, eckey); + std::vector signature(static_cast(sig_len)); + uint8_t *sig_ptr = bssl::vector_data(&signature); + sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr); + if (sig_len <= 0) { + return false; + } + actual_result = ECDSA_verify(0, digest, digest_len, bssl::vector_data(&signature), + signature.size(), eckey); break; } @@ -262,8 +267,8 @@ static bool TestBuiltin(FILE *out) { fprintf(out, "."); fflush(out); // Verify a tampered signature. - ScopedECDSA_SIG ecdsa_sig(ECDSA_SIG_from_bytes( - bssl::vector_data(&signature), signature.size())); + const uint8_t *sig_ptr = bssl::vector_data(&signature); + ScopedECDSA_SIG ecdsa_sig(d2i_ECDSA_SIG(NULL, &sig_ptr, signature.size())); if (!ecdsa_sig || !TestTamperedSig(out, kEncodedApi, digest, 20, ecdsa_sig.get(), eckey.get(), order.get())) { @@ -320,45 +325,11 @@ static bool TestBuiltin(FILE *out) { return true; } -static bool TestECDSA_SIG_max_len(size_t order_len) { - /* Create the largest possible |ECDSA_SIG| of the given constraints. */ - ScopedECDSA_SIG sig(ECDSA_SIG_new()); - if (!sig) { - return false; - } - std::vector bytes(order_len, 0xff); - if (!BN_bin2bn(bssl::vector_data(&bytes), bytes.size(), sig->r) || - !BN_bin2bn(bssl::vector_data(&bytes), bytes.size(), sig->s)) { - return false; - } - /* Serialize it. */ - uint8_t *der; - size_t der_len; - if (!ECDSA_SIG_to_bytes(&der, &der_len, sig.get())) { - return false; - } - ScopedOpenSSLBytes delete_der(der); - - size_t max_len = ECDSA_SIG_max_len(order_len); - if (max_len != der_len) { - fprintf(stderr, "ECDSA_SIG_max_len(%u) returned %u, wanted %u\n", - static_cast(order_len), static_cast(max_len), - static_cast(der_len)); - return false; - } - return true; -} - int main(void) { CRYPTO_library_init(); ERR_load_crypto_strings(); - if (!TestBuiltin(stdout) || - !TestECDSA_SIG_max_len(224/8) || - !TestECDSA_SIG_max_len(256/8) || - !TestECDSA_SIG_max_len(384/8) || - !TestECDSA_SIG_max_len(512/8) || - !TestECDSA_SIG_max_len(10000)) { + if (!TestBuiltin(stdout)) { printf("\nECDSA test failed\n"); ERR_print_errors_fp(stdout); return 1; diff --git a/src/crypto/engine/CMakeLists.txt b/src/crypto/engine/CMakeLists.txt index 5667f02..e03650e 100644 --- a/src/crypto/engine/CMakeLists.txt +++ b/src/crypto/engine/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( engine diff --git a/src/crypto/err/CMakeLists.txt b/src/crypto/err/CMakeLists.txt index 8519e51..5215eec 100644 --- a/src/crypto/err/CMakeLists.txt +++ b/src/crypto/err/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_custom_command( OUTPUT err_data.c @@ -8,8 +8,10 @@ add_custom_command( asn1.errordata bio.errordata bn.errordata + buf.errordata cipher.errordata conf.errordata + crypto.errordata dh.errordata digest.errordata dsa.errordata diff --git a/src/crypto/err/asn1.errordata b/src/crypto/err/asn1.errordata index 55342a0..44b9c73 100644 --- a/src/crypto/err/asn1.errordata +++ b/src/crypto/err/asn1.errordata @@ -1,88 +1,152 @@ -ASN1,100,ASN1_LENGTH_MISMATCH -ASN1,101,AUX_ERROR -ASN1,102,BAD_GET_ASN1_OBJECT_CALL -ASN1,103,BAD_OBJECT_HEADER -ASN1,104,BMPSTRING_IS_WRONG_LENGTH -ASN1,105,BN_LIB -ASN1,106,BOOLEAN_IS_WRONG_LENGTH -ASN1,107,BUFFER_TOO_SMALL -ASN1,108,DECODE_ERROR -ASN1,109,DEPTH_EXCEEDED -ASN1,110,ENCODE_ERROR -ASN1,111,ERROR_GETTING_TIME -ASN1,112,EXPECTING_AN_ASN1_SEQUENCE -ASN1,113,EXPECTING_AN_INTEGER -ASN1,114,EXPECTING_AN_OBJECT -ASN1,115,EXPECTING_A_BOOLEAN -ASN1,116,EXPECTING_A_TIME -ASN1,117,EXPLICIT_LENGTH_MISMATCH -ASN1,118,EXPLICIT_TAG_NOT_CONSTRUCTED -ASN1,119,FIELD_MISSING -ASN1,120,FIRST_NUM_TOO_LARGE -ASN1,121,HEADER_TOO_LONG -ASN1,122,ILLEGAL_BITSTRING_FORMAT -ASN1,123,ILLEGAL_BOOLEAN -ASN1,124,ILLEGAL_CHARACTERS -ASN1,125,ILLEGAL_FORMAT -ASN1,126,ILLEGAL_HEX -ASN1,127,ILLEGAL_IMPLICIT_TAG -ASN1,128,ILLEGAL_INTEGER -ASN1,129,ILLEGAL_NESTED_TAGGING -ASN1,130,ILLEGAL_NULL -ASN1,131,ILLEGAL_NULL_VALUE -ASN1,132,ILLEGAL_OBJECT -ASN1,133,ILLEGAL_OPTIONAL_ANY -ASN1,134,ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE -ASN1,135,ILLEGAL_TAGGED_ANY -ASN1,136,ILLEGAL_TIME_VALUE -ASN1,137,INTEGER_NOT_ASCII_FORMAT -ASN1,138,INTEGER_TOO_LARGE_FOR_LONG -ASN1,139,INVALID_BIT_STRING_BITS_LEFT -ASN1,140,INVALID_BMPSTRING_LENGTH -ASN1,141,INVALID_DIGIT -ASN1,142,INVALID_MODIFIER -ASN1,143,INVALID_NUMBER -ASN1,144,INVALID_OBJECT_ENCODING -ASN1,145,INVALID_SEPARATOR -ASN1,146,INVALID_TIME_FORMAT -ASN1,147,INVALID_UNIVERSALSTRING_LENGTH -ASN1,148,INVALID_UTF8STRING -ASN1,149,LIST_ERROR -ASN1,150,MALLOC_FAILURE -ASN1,151,MISSING_ASN1_EOS -ASN1,152,MISSING_EOC -ASN1,153,MISSING_SECOND_NUMBER -ASN1,154,MISSING_VALUE -ASN1,155,MSTRING_NOT_UNIVERSAL -ASN1,156,MSTRING_WRONG_TAG -ASN1,157,NESTED_ASN1_ERROR -ASN1,158,NESTED_ASN1_STRING -ASN1,159,NON_HEX_CHARACTERS -ASN1,160,NOT_ASCII_FORMAT -ASN1,161,NOT_ENOUGH_DATA -ASN1,162,NO_MATCHING_CHOICE_TYPE -ASN1,163,NULL_IS_WRONG_LENGTH -ASN1,164,OBJECT_NOT_ASCII_FORMAT -ASN1,165,ODD_NUMBER_OF_CHARS -ASN1,166,SECOND_NUMBER_TOO_LARGE -ASN1,167,SEQUENCE_LENGTH_MISMATCH -ASN1,168,SEQUENCE_NOT_CONSTRUCTED -ASN1,169,SEQUENCE_OR_SET_NEEDS_CONFIG -ASN1,170,SHORT_LINE -ASN1,171,STREAMING_NOT_SUPPORTED -ASN1,172,STRING_TOO_LONG -ASN1,173,STRING_TOO_SHORT -ASN1,174,TAG_VALUE_TOO_HIGH -ASN1,175,TIME_NOT_ASCII_FORMAT -ASN1,176,TOO_LONG -ASN1,177,TYPE_NOT_CONSTRUCTED -ASN1,178,TYPE_NOT_PRIMITIVE -ASN1,179,UNEXPECTED_EOC -ASN1,180,UNIVERSALSTRING_IS_WRONG_LENGTH -ASN1,181,UNKNOWN_FORMAT -ASN1,182,UNKNOWN_TAG -ASN1,183,UNSUPPORTED_ANY_DEFINED_BY_TYPE -ASN1,184,UNSUPPORTED_PUBLIC_KEY_TYPE -ASN1,185,UNSUPPORTED_TYPE -ASN1,186,WRONG_TAG -ASN1,187,WRONG_TYPE +ASN1,function,100,ASN1_BIT_STRING_set_bit +ASN1,function,101,ASN1_ENUMERATED_set +ASN1,function,102,ASN1_ENUMERATED_to_BN +ASN1,function,103,ASN1_GENERALIZEDTIME_adj +ASN1,function,104,ASN1_INTEGER_set +ASN1,function,105,ASN1_INTEGER_to_BN +ASN1,function,106,ASN1_OBJECT_new +ASN1,function,107,ASN1_PCTX_new +ASN1,function,108,ASN1_STRING_TABLE_add +ASN1,function,109,ASN1_STRING_set +ASN1,function,110,ASN1_STRING_type_new +ASN1,function,111,ASN1_TIME_adj +ASN1,function,112,ASN1_UTCTIME_adj +ASN1,function,113,ASN1_d2i_fp +ASN1,function,114,ASN1_dup +ASN1,function,115,ASN1_generate_v3 +ASN1,function,116,ASN1_get_object +ASN1,function,117,ASN1_i2d_bio +ASN1,function,118,ASN1_i2d_fp +ASN1,function,119,ASN1_item_d2i_fp +ASN1,function,120,ASN1_item_dup +ASN1,function,121,ASN1_item_ex_d2i +ASN1,function,122,ASN1_item_i2d_bio +ASN1,function,123,ASN1_item_i2d_fp +ASN1,function,124,ASN1_item_pack +ASN1,function,125,ASN1_item_unpack +ASN1,function,126,ASN1_mbstring_ncopy +ASN1,function,127,ASN1_template_new +ASN1,function,128,BIO_new_NDEF +ASN1,function,129,BN_to_ASN1_ENUMERATED +ASN1,function,130,BN_to_ASN1_INTEGER +ASN1,function,131,a2d_ASN1_OBJECT +ASN1,function,132,a2i_ASN1_ENUMERATED +ASN1,function,133,a2i_ASN1_INTEGER +ASN1,function,134,a2i_ASN1_STRING +ASN1,function,135,append_exp +ASN1,function,136,asn1_cb +ASN1,function,137,asn1_check_tlen +ASN1,function,138,asn1_collate_primitive +ASN1,function,139,asn1_collect +ASN1,function,140,asn1_d2i_ex_primitive +ASN1,function,141,asn1_d2i_read_bio +ASN1,function,142,asn1_do_adb +ASN1,function,143,asn1_ex_c2i +ASN1,function,144,asn1_find_end +ASN1,function,145,asn1_item_ex_combine_new +ASN1,function,146,asn1_str2type +ASN1,function,147,asn1_template_ex_d2i +ASN1,function,148,asn1_template_noexp_d2i +ASN1,function,149,bitstr_cb +ASN1,function,150,c2i_ASN1_BIT_STRING +ASN1,function,151,c2i_ASN1_INTEGER +ASN1,function,152,c2i_ASN1_OBJECT +ASN1,function,153,collect_data +ASN1,function,154,d2i_ASN1_BOOLEAN +ASN1,function,155,d2i_ASN1_OBJECT +ASN1,function,156,d2i_ASN1_UINTEGER +ASN1,function,157,d2i_ASN1_UTCTIME +ASN1,function,158,d2i_ASN1_bytes +ASN1,function,159,d2i_ASN1_type_bytes +ASN1,function,160,i2d_ASN1_TIME +ASN1,function,161,i2d_PrivateKey +ASN1,function,162,long_c2i +ASN1,function,163,parse_tagging +ASN1,reason,100,ASN1_LENGTH_MISMATCH +ASN1,reason,101,AUX_ERROR +ASN1,reason,102,BAD_GET_ASN1_OBJECT_CALL +ASN1,reason,103,BAD_OBJECT_HEADER +ASN1,reason,104,BMPSTRING_IS_WRONG_LENGTH +ASN1,reason,105,BN_LIB +ASN1,reason,106,BOOLEAN_IS_WRONG_LENGTH +ASN1,reason,107,BUFFER_TOO_SMALL +ASN1,reason,108,DECODE_ERROR +ASN1,reason,109,DEPTH_EXCEEDED +ASN1,reason,110,ENCODE_ERROR +ASN1,reason,111,ERROR_GETTING_TIME +ASN1,reason,112,EXPECTING_AN_ASN1_SEQUENCE +ASN1,reason,113,EXPECTING_AN_INTEGER +ASN1,reason,114,EXPECTING_AN_OBJECT +ASN1,reason,115,EXPECTING_A_BOOLEAN +ASN1,reason,116,EXPECTING_A_TIME +ASN1,reason,117,EXPLICIT_LENGTH_MISMATCH +ASN1,reason,118,EXPLICIT_TAG_NOT_CONSTRUCTED +ASN1,reason,119,FIELD_MISSING +ASN1,reason,120,FIRST_NUM_TOO_LARGE +ASN1,reason,121,HEADER_TOO_LONG +ASN1,reason,122,ILLEGAL_BITSTRING_FORMAT +ASN1,reason,123,ILLEGAL_BOOLEAN +ASN1,reason,124,ILLEGAL_CHARACTERS +ASN1,reason,125,ILLEGAL_FORMAT +ASN1,reason,126,ILLEGAL_HEX +ASN1,reason,127,ILLEGAL_IMPLICIT_TAG +ASN1,reason,128,ILLEGAL_INTEGER +ASN1,reason,129,ILLEGAL_NESTED_TAGGING +ASN1,reason,130,ILLEGAL_NULL +ASN1,reason,131,ILLEGAL_NULL_VALUE +ASN1,reason,132,ILLEGAL_OBJECT +ASN1,reason,133,ILLEGAL_OPTIONAL_ANY +ASN1,reason,134,ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE +ASN1,reason,135,ILLEGAL_TAGGED_ANY +ASN1,reason,136,ILLEGAL_TIME_VALUE +ASN1,reason,137,INTEGER_NOT_ASCII_FORMAT +ASN1,reason,138,INTEGER_TOO_LARGE_FOR_LONG +ASN1,reason,139,INVALID_BIT_STRING_BITS_LEFT +ASN1,reason,140,INVALID_BMPSTRING_LENGTH +ASN1,reason,141,INVALID_DIGIT +ASN1,reason,142,INVALID_MODIFIER +ASN1,reason,143,INVALID_NUMBER +ASN1,reason,144,INVALID_OBJECT_ENCODING +ASN1,reason,145,INVALID_SEPARATOR +ASN1,reason,146,INVALID_TIME_FORMAT +ASN1,reason,147,INVALID_UNIVERSALSTRING_LENGTH +ASN1,reason,148,INVALID_UTF8STRING +ASN1,reason,149,LIST_ERROR +ASN1,reason,150,MALLOC_FAILURE +ASN1,reason,151,MISSING_ASN1_EOS +ASN1,reason,152,MISSING_EOC +ASN1,reason,153,MISSING_SECOND_NUMBER +ASN1,reason,154,MISSING_VALUE +ASN1,reason,155,MSTRING_NOT_UNIVERSAL +ASN1,reason,156,MSTRING_WRONG_TAG +ASN1,reason,157,NESTED_ASN1_ERROR +ASN1,reason,158,NESTED_ASN1_STRING +ASN1,reason,159,NON_HEX_CHARACTERS +ASN1,reason,160,NOT_ASCII_FORMAT +ASN1,reason,161,NOT_ENOUGH_DATA +ASN1,reason,162,NO_MATCHING_CHOICE_TYPE +ASN1,reason,163,NULL_IS_WRONG_LENGTH +ASN1,reason,164,OBJECT_NOT_ASCII_FORMAT +ASN1,reason,165,ODD_NUMBER_OF_CHARS +ASN1,reason,166,SECOND_NUMBER_TOO_LARGE +ASN1,reason,167,SEQUENCE_LENGTH_MISMATCH +ASN1,reason,168,SEQUENCE_NOT_CONSTRUCTED +ASN1,reason,169,SEQUENCE_OR_SET_NEEDS_CONFIG +ASN1,reason,170,SHORT_LINE +ASN1,reason,171,STREAMING_NOT_SUPPORTED +ASN1,reason,172,STRING_TOO_LONG +ASN1,reason,173,STRING_TOO_SHORT +ASN1,reason,174,TAG_VALUE_TOO_HIGH +ASN1,reason,175,TIME_NOT_ASCII_FORMAT +ASN1,reason,176,TOO_LONG +ASN1,reason,177,TYPE_NOT_CONSTRUCTED +ASN1,reason,178,TYPE_NOT_PRIMITIVE +ASN1,reason,179,UNEXPECTED_EOC +ASN1,reason,180,UNIVERSALSTRING_IS_WRONG_LENGTH +ASN1,reason,181,UNKNOWN_FORMAT +ASN1,reason,182,UNKNOWN_TAG +ASN1,reason,183,UNSUPPORTED_ANY_DEFINED_BY_TYPE +ASN1,reason,184,UNSUPPORTED_PUBLIC_KEY_TYPE +ASN1,reason,185,UNSUPPORTED_TYPE +ASN1,reason,186,WRONG_TAG +ASN1,reason,187,WRONG_TYPE diff --git a/src/crypto/err/bio.errordata b/src/crypto/err/bio.errordata index 94b3c97..9f2af02 100644 --- a/src/crypto/err/bio.errordata +++ b/src/crypto/err/bio.errordata @@ -1,17 +1,36 @@ -BIO,100,BAD_FOPEN_MODE -BIO,101,BROKEN_PIPE -BIO,102,CONNECT_ERROR -BIO,103,ERROR_SETTING_NBIO -BIO,104,INVALID_ARGUMENT -BIO,105,IN_USE -BIO,106,KEEPALIVE -BIO,107,NBIO_CONNECT_ERROR -BIO,108,NO_HOSTNAME_SPECIFIED -BIO,109,NO_PORT_SPECIFIED -BIO,110,NO_SUCH_FILE -BIO,111,NULL_PARAMETER -BIO,112,SYS_LIB -BIO,113,UNABLE_TO_CREATE_SOCKET -BIO,114,UNINITIALIZED -BIO,115,UNSUPPORTED_METHOD -BIO,116,WRITE_TO_READ_ONLY_BIO +BIO,function,100,BIO_callback_ctrl +BIO,function,101,BIO_ctrl +BIO,function,102,BIO_new +BIO,function,103,BIO_new_file +BIO,function,104,BIO_new_mem_buf +BIO,function,118,BIO_printf +BIO,function,105,BIO_zero_copy_get_read_buf +BIO,function,106,BIO_zero_copy_get_read_buf_done +BIO,function,107,BIO_zero_copy_get_write_buf +BIO,function,108,BIO_zero_copy_get_write_buf_done +BIO,function,109,bio_io +BIO,function,110,bio_make_pair +BIO,function,111,bio_write +BIO,function,112,buffer_ctrl +BIO,function,113,conn_ctrl +BIO,function,114,conn_state +BIO,function,115,file_ctrl +BIO,function,116,file_read +BIO,function,117,mem_write +BIO,reason,100,BAD_FOPEN_MODE +BIO,reason,101,BROKEN_PIPE +BIO,reason,102,CONNECT_ERROR +BIO,reason,103,ERROR_SETTING_NBIO +BIO,reason,104,INVALID_ARGUMENT +BIO,reason,105,IN_USE +BIO,reason,106,KEEPALIVE +BIO,reason,107,NBIO_CONNECT_ERROR +BIO,reason,108,NO_HOSTNAME_SPECIFIED +BIO,reason,109,NO_PORT_SPECIFIED +BIO,reason,110,NO_SUCH_FILE +BIO,reason,111,NULL_PARAMETER +BIO,reason,112,SYS_LIB +BIO,reason,113,UNABLE_TO_CREATE_SOCKET +BIO,reason,114,UNINITIALIZED +BIO,reason,115,UNSUPPORTED_METHOD +BIO,reason,116,WRITE_TO_READ_ONLY_BIO diff --git a/src/crypto/err/bn.errordata b/src/crypto/err/bn.errordata index 76b6392..6fd4968 100644 --- a/src/crypto/err/bn.errordata +++ b/src/crypto/err/bn.errordata @@ -1,19 +1,44 @@ -BN,100,ARG2_LT_ARG3 -BN,117,BAD_ENCODING -BN,101,BAD_RECIPROCAL -BN,102,BIGNUM_TOO_LONG -BN,103,BITS_TOO_SMALL -BN,104,CALLED_WITH_EVEN_MODULUS -BN,105,DIV_BY_ZERO -BN,118,ENCODE_ERROR -BN,106,EXPAND_ON_STATIC_BIGNUM_DATA -BN,107,INPUT_NOT_REDUCED -BN,108,INVALID_RANGE -BN,109,NEGATIVE_NUMBER -BN,110,NOT_A_SQUARE -BN,111,NOT_INITIALIZED -BN,112,NO_INVERSE -BN,113,PRIVATE_KEY_TOO_LARGE -BN,114,P_IS_NOT_PRIME -BN,115,TOO_MANY_ITERATIONS -BN,116,TOO_MANY_TEMPORARY_VARIABLES +BN,function,100,BN_CTX_get +BN,function,101,BN_CTX_new +BN,function,102,BN_CTX_start +BN,function,103,BN_bn2dec +BN,function,104,BN_bn2hex +BN,function,105,BN_div +BN,function,106,BN_div_recp +BN,function,107,BN_exp +BN,function,108,BN_generate_dsa_nonce +BN,function,109,BN_generate_prime_ex +BN,function,125,BN_lshift +BN,function,110,BN_mod_exp2_mont +BN,function,111,BN_mod_exp_mont +BN,function,112,BN_mod_exp_mont_consttime +BN,function,113,BN_mod_exp_mont_word +BN,function,114,BN_mod_inverse +BN,function,115,BN_mod_inverse_no_branch +BN,function,116,BN_mod_lshift_quick +BN,function,117,BN_mod_sqrt +BN,function,118,BN_new +BN,function,119,BN_rand +BN,function,120,BN_rand_range +BN,function,126,BN_rshift +BN,function,121,BN_sqrt +BN,function,122,BN_usub +BN,function,123,bn_wexpand +BN,function,124,mod_exp_recp +BN,reason,100,ARG2_LT_ARG3 +BN,reason,101,BAD_RECIPROCAL +BN,reason,102,BIGNUM_TOO_LONG +BN,reason,103,BITS_TOO_SMALL +BN,reason,104,CALLED_WITH_EVEN_MODULUS +BN,reason,105,DIV_BY_ZERO +BN,reason,106,EXPAND_ON_STATIC_BIGNUM_DATA +BN,reason,107,INPUT_NOT_REDUCED +BN,reason,108,INVALID_RANGE +BN,reason,109,NEGATIVE_NUMBER +BN,reason,110,NOT_A_SQUARE +BN,reason,111,NOT_INITIALIZED +BN,reason,112,NO_INVERSE +BN,reason,113,PRIVATE_KEY_TOO_LARGE +BN,reason,114,P_IS_NOT_PRIME +BN,reason,115,TOO_MANY_ITERATIONS +BN,reason,116,TOO_MANY_TEMPORARY_VARIABLES diff --git a/src/crypto/err/buf.errordata b/src/crypto/err/buf.errordata new file mode 100644 index 0000000..01b6c9a --- /dev/null +++ b/src/crypto/err/buf.errordata @@ -0,0 +1,4 @@ +BUF,function,100,BUF_MEM_new +BUF,function,101,BUF_memdup +BUF,function,102,BUF_strndup +BUF,function,103,buf_mem_grow diff --git a/src/crypto/err/cipher.errordata b/src/crypto/err/cipher.errordata index 1037505..ce8459b 100644 --- a/src/crypto/err/cipher.errordata +++ b/src/crypto/err/cipher.errordata @@ -1,25 +1,60 @@ -CIPHER,100,AES_KEY_SETUP_FAILED -CIPHER,101,BAD_DECRYPT -CIPHER,102,BAD_KEY_LENGTH -CIPHER,103,BUFFER_TOO_SMALL -CIPHER,104,CTRL_NOT_IMPLEMENTED -CIPHER,105,CTRL_OPERATION_NOT_IMPLEMENTED -CIPHER,106,DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH -CIPHER,107,INITIALIZATION_ERROR -CIPHER,108,INPUT_NOT_INITIALIZED -CIPHER,109,INVALID_AD_SIZE -CIPHER,110,INVALID_KEY_LENGTH -CIPHER,111,INVALID_NONCE_SIZE -CIPHER,112,INVALID_OPERATION -CIPHER,113,IV_TOO_LARGE -CIPHER,114,NO_CIPHER_SET -CIPHER,124,NO_DIRECTION_SET -CIPHER,115,OUTPUT_ALIASES_INPUT -CIPHER,116,TAG_TOO_LARGE -CIPHER,117,TOO_LARGE -CIPHER,118,UNSUPPORTED_AD_SIZE -CIPHER,119,UNSUPPORTED_INPUT_SIZE -CIPHER,120,UNSUPPORTED_KEY_SIZE -CIPHER,121,UNSUPPORTED_NONCE_SIZE -CIPHER,122,UNSUPPORTED_TAG_SIZE -CIPHER,123,WRONG_FINAL_BLOCK_LENGTH +CIPHER,function,100,EVP_AEAD_CTX_init +CIPHER,function,131,EVP_AEAD_CTX_init_with_direction +CIPHER,function,101,EVP_AEAD_CTX_open +CIPHER,function,102,EVP_AEAD_CTX_seal +CIPHER,function,103,EVP_CIPHER_CTX_copy +CIPHER,function,104,EVP_CIPHER_CTX_ctrl +CIPHER,function,105,EVP_CIPHER_CTX_set_key_length +CIPHER,function,106,EVP_CipherInit_ex +CIPHER,function,107,EVP_DecryptFinal_ex +CIPHER,function,108,EVP_EncryptFinal_ex +CIPHER,function,132,aead_aes_ctr_hmac_sha256_init +CIPHER,function,133,aead_aes_ctr_hmac_sha256_open +CIPHER,function,134,aead_aes_ctr_hmac_sha256_seal +CIPHER,function,109,aead_aes_gcm_init +CIPHER,function,110,aead_aes_gcm_open +CIPHER,function,111,aead_aes_gcm_seal +CIPHER,function,112,aead_aes_key_wrap_init +CIPHER,function,113,aead_aes_key_wrap_open +CIPHER,function,114,aead_aes_key_wrap_seal +CIPHER,function,115,aead_chacha20_poly1305_init +CIPHER,function,116,aead_chacha20_poly1305_open +CIPHER,function,117,aead_chacha20_poly1305_seal +CIPHER,function,118,aead_rc4_md5_tls_init +CIPHER,function,119,aead_rc4_md5_tls_open +CIPHER,function,120,aead_rc4_md5_tls_seal +CIPHER,function,121,aead_ssl3_ensure_cipher_init +CIPHER,function,122,aead_ssl3_init +CIPHER,function,123,aead_ssl3_open +CIPHER,function,124,aead_ssl3_seal +CIPHER,function,125,aead_tls_ensure_cipher_init +CIPHER,function,126,aead_tls_init +CIPHER,function,127,aead_tls_open +CIPHER,function,128,aead_tls_seal +CIPHER,function,129,aes_init_key +CIPHER,function,130,aesni_init_key +CIPHER,reason,100,AES_KEY_SETUP_FAILED +CIPHER,reason,101,BAD_DECRYPT +CIPHER,reason,102,BAD_KEY_LENGTH +CIPHER,reason,103,BUFFER_TOO_SMALL +CIPHER,reason,104,CTRL_NOT_IMPLEMENTED +CIPHER,reason,105,CTRL_OPERATION_NOT_IMPLEMENTED +CIPHER,reason,106,DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH +CIPHER,reason,107,INITIALIZATION_ERROR +CIPHER,reason,108,INPUT_NOT_INITIALIZED +CIPHER,reason,109,INVALID_AD_SIZE +CIPHER,reason,110,INVALID_KEY_LENGTH +CIPHER,reason,111,INVALID_NONCE_SIZE +CIPHER,reason,112,INVALID_OPERATION +CIPHER,reason,113,IV_TOO_LARGE +CIPHER,reason,114,NO_CIPHER_SET +CIPHER,reason,124,NO_DIRECTION_SET +CIPHER,reason,115,OUTPUT_ALIASES_INPUT +CIPHER,reason,116,TAG_TOO_LARGE +CIPHER,reason,117,TOO_LARGE +CIPHER,reason,118,UNSUPPORTED_AD_SIZE +CIPHER,reason,119,UNSUPPORTED_INPUT_SIZE +CIPHER,reason,120,UNSUPPORTED_KEY_SIZE +CIPHER,reason,121,UNSUPPORTED_NONCE_SIZE +CIPHER,reason,122,UNSUPPORTED_TAG_SIZE +CIPHER,reason,123,WRONG_FINAL_BLOCK_LENGTH diff --git a/src/crypto/err/conf.errordata b/src/crypto/err/conf.errordata index 651fabe..0b96a32 100644 --- a/src/crypto/err/conf.errordata +++ b/src/crypto/err/conf.errordata @@ -1,6 +1,10 @@ -CONF,100,LIST_CANNOT_BE_NULL -CONF,101,MISSING_CLOSE_SQUARE_BRACKET -CONF,102,MISSING_EQUAL_SIGN -CONF,103,NO_CLOSE_BRACE -CONF,104,UNABLE_TO_CREATE_NEW_SECTION -CONF,105,VARIABLE_HAS_NO_VALUE +CONF,function,100,CONF_parse_list +CONF,function,101,NCONF_load +CONF,function,102,def_load_bio +CONF,function,103,str_copy +CONF,reason,100,LIST_CANNOT_BE_NULL +CONF,reason,101,MISSING_CLOSE_SQUARE_BRACKET +CONF,reason,102,MISSING_EQUAL_SIGN +CONF,reason,103,NO_CLOSE_BRACE +CONF,reason,104,UNABLE_TO_CREATE_NEW_SECTION +CONF,reason,105,VARIABLE_HAS_NO_VALUE diff --git a/src/crypto/err/crypto.errordata b/src/crypto/err/crypto.errordata new file mode 100644 index 0000000..1e0e9d5 --- /dev/null +++ b/src/crypto/err/crypto.errordata @@ -0,0 +1,4 @@ +CRYPTO,function,100,CRYPTO_get_ex_new_index +CRYPTO,function,101,CRYPTO_set_ex_data +CRYPTO,function,102,get_class +CRYPTO,function,103,get_func_pointers diff --git a/src/crypto/err/dh.errordata b/src/crypto/err/dh.errordata index 571e218..1fd675b 100644 --- a/src/crypto/err/dh.errordata +++ b/src/crypto/err/dh.errordata @@ -1,4 +1,8 @@ -DH,100,BAD_GENERATOR -DH,101,INVALID_PUBKEY -DH,102,MODULUS_TOO_LARGE -DH,103,NO_PRIVATE_VALUE +DH,function,100,DH_new_method +DH,function,101,compute_key +DH,function,102,generate_key +DH,function,103,generate_parameters +DH,reason,100,BAD_GENERATOR +DH,reason,101,INVALID_PUBKEY +DH,reason,102,MODULUS_TOO_LARGE +DH,reason,103,NO_PRIVATE_VALUE diff --git a/src/crypto/err/digest.errordata b/src/crypto/err/digest.errordata index 411e778..95a3622 100644 --- a/src/crypto/err/digest.errordata +++ b/src/crypto/err/digest.errordata @@ -1 +1,3 @@ -DIGEST,100,INPUT_NOT_INITIALIZED +DIGEST,function,100,EVP_DigestInit_ex +DIGEST,function,101,EVP_MD_CTX_copy_ex +DIGEST,reason,100,INPUT_NOT_INITIALIZED diff --git a/src/crypto/err/dsa.errordata b/src/crypto/err/dsa.errordata index 3c5764a..c2dff23 100644 --- a/src/crypto/err/dsa.errordata +++ b/src/crypto/err/dsa.errordata @@ -1,4 +1,9 @@ -DSA,100,BAD_Q_VALUE -DSA,101,MISSING_PARAMETERS -DSA,102,MODULUS_TOO_LARGE -DSA,103,NEED_NEW_SETUP_VALUES +DSA,function,100,DSA_new_method +DSA,function,101,dsa_sig_cb +DSA,function,102,sign +DSA,function,103,sign_setup +DSA,function,104,verify +DSA,reason,100,BAD_Q_VALUE +DSA,reason,101,MISSING_PARAMETERS +DSA,reason,102,MODULUS_TOO_LARGE +DSA,reason,103,NEED_NEW_SETUP_VALUES diff --git a/src/crypto/err/ec.errordata b/src/crypto/err/ec.errordata index e7b4175..252f7ab 100644 --- a/src/crypto/err/ec.errordata +++ b/src/crypto/err/ec.errordata @@ -1,28 +1,95 @@ -EC,126,BIGNUM_OUT_OF_RANGE -EC,100,BUFFER_TOO_SMALL -EC,101,COORDINATES_OUT_OF_RANGE -EC,102,D2I_ECPKPARAMETERS_FAILURE -EC,103,EC_GROUP_NEW_BY_NAME_FAILURE -EC,104,GROUP2PKPARAMETERS_FAILURE -EC,105,I2D_ECPKPARAMETERS_FAILURE -EC,106,INCOMPATIBLE_OBJECTS -EC,107,INVALID_COMPRESSED_POINT -EC,108,INVALID_COMPRESSION_BIT -EC,109,INVALID_ENCODING -EC,110,INVALID_FIELD -EC,111,INVALID_FORM -EC,112,INVALID_GROUP_ORDER -EC,113,INVALID_PRIVATE_KEY -EC,114,MISSING_PARAMETERS -EC,115,MISSING_PRIVATE_KEY -EC,116,NON_NAMED_CURVE -EC,117,NOT_INITIALIZED -EC,118,PKPARAMETERS2GROUP_FAILURE -EC,119,POINT_AT_INFINITY -EC,120,POINT_IS_NOT_ON_CURVE -EC,121,SLOT_FULL -EC,122,UNDEFINED_GENERATOR -EC,123,UNKNOWN_GROUP -EC,124,UNKNOWN_ORDER -EC,127,WRONG_CURVE_PARAMETERS -EC,125,WRONG_ORDER +EC,function,159,BN_to_felem +EC,function,100,EC_GROUP_copy +EC,function,101,EC_GROUP_get_curve_GFp +EC,function,102,EC_GROUP_get_degree +EC,function,103,EC_GROUP_new_by_curve_name +EC,function,166,EC_GROUP_new_curve_GFp +EC,function,104,EC_KEY_check_key +EC,function,105,EC_KEY_copy +EC,function,106,EC_KEY_generate_key +EC,function,165,EC_KEY_new_by_curve_name +EC,function,107,EC_KEY_new_method +EC,function,108,EC_KEY_set_public_key_affine_coordinates +EC,function,109,EC_POINT_add +EC,function,110,EC_POINT_cmp +EC,function,111,EC_POINT_copy +EC,function,112,EC_POINT_dbl +EC,function,113,EC_POINT_dup +EC,function,114,EC_POINT_get_affine_coordinates_GFp +EC,function,115,EC_POINT_invert +EC,function,116,EC_POINT_is_at_infinity +EC,function,117,EC_POINT_is_on_curve +EC,function,118,EC_POINT_make_affine +EC,function,119,EC_POINT_new +EC,function,120,EC_POINT_oct2point +EC,function,121,EC_POINT_point2oct +EC,function,122,EC_POINT_set_affine_coordinates_GFp +EC,function,123,EC_POINT_set_compressed_coordinates_GFp +EC,function,124,EC_POINT_set_to_infinity +EC,function,125,EC_POINTs_make_affine +EC,function,126,compute_wNAF +EC,function,127,d2i_ECPKParameters +EC,function,128,d2i_ECParameters +EC,function,129,d2i_ECPrivateKey +EC,function,130,ec_GFp_mont_field_decode +EC,function,131,ec_GFp_mont_field_encode +EC,function,132,ec_GFp_mont_field_mul +EC,function,133,ec_GFp_mont_field_set_to_one +EC,function,134,ec_GFp_mont_field_sqr +EC,function,135,ec_GFp_mont_group_set_curve +EC,function,160,ec_GFp_nistp256_group_set_curve +EC,function,161,ec_GFp_nistp256_point_get_affine_coordinates +EC,function,162,ec_GFp_nistp256_points_mul +EC,function,136,ec_GFp_simple_group_check_discriminant +EC,function,137,ec_GFp_simple_group_set_curve +EC,function,138,ec_GFp_simple_make_affine +EC,function,139,ec_GFp_simple_oct2point +EC,function,140,ec_GFp_simple_point2oct +EC,function,141,ec_GFp_simple_point_get_affine_coordinates +EC,function,142,ec_GFp_simple_point_set_affine_coordinates +EC,function,143,ec_GFp_simple_points_make_affine +EC,function,144,ec_GFp_simple_set_compressed_coordinates +EC,function,145,ec_asn1_group2pkparameters +EC,function,146,ec_asn1_pkparameters2group +EC,function,163,ec_group_copy +EC,function,147,ec_group_new +EC,function,148,ec_group_new_curve_GFp +EC,function,149,ec_group_new_from_data +EC,function,150,ec_point_set_Jprojective_coordinates_GFp +EC,function,151,ec_pre_comp_new +EC,function,152,ec_wNAF_mul +EC,function,153,ec_wNAF_precompute_mult +EC,function,154,i2d_ECPKParameters +EC,function,155,i2d_ECParameters +EC,function,156,i2d_ECPrivateKey +EC,function,157,i2o_ECPublicKey +EC,function,164,nistp256_pre_comp_new +EC,function,158,o2i_ECPublicKey +EC,reason,126,BIGNUM_OUT_OF_RANGE +EC,reason,100,BUFFER_TOO_SMALL +EC,reason,101,COORDINATES_OUT_OF_RANGE +EC,reason,102,D2I_ECPKPARAMETERS_FAILURE +EC,reason,103,EC_GROUP_NEW_BY_NAME_FAILURE +EC,reason,104,GROUP2PKPARAMETERS_FAILURE +EC,reason,105,I2D_ECPKPARAMETERS_FAILURE +EC,reason,106,INCOMPATIBLE_OBJECTS +EC,reason,107,INVALID_COMPRESSED_POINT +EC,reason,108,INVALID_COMPRESSION_BIT +EC,reason,109,INVALID_ENCODING +EC,reason,110,INVALID_FIELD +EC,reason,111,INVALID_FORM +EC,reason,112,INVALID_GROUP_ORDER +EC,reason,113,INVALID_PRIVATE_KEY +EC,reason,114,MISSING_PARAMETERS +EC,reason,115,MISSING_PRIVATE_KEY +EC,reason,116,NON_NAMED_CURVE +EC,reason,117,NOT_INITIALIZED +EC,reason,118,PKPARAMETERS2GROUP_FAILURE +EC,reason,119,POINT_AT_INFINITY +EC,reason,120,POINT_IS_NOT_ON_CURVE +EC,reason,121,SLOT_FULL +EC,reason,122,UNDEFINED_GENERATOR +EC,reason,123,UNKNOWN_GROUP +EC,reason,124,UNKNOWN_ORDER +EC,reason,127,WRONG_CURVE_PARAMETERS +EC,reason,125,WRONG_ORDER diff --git a/src/crypto/err/ecdh.errordata b/src/crypto/err/ecdh.errordata index f714c30..0f1215e 100644 --- a/src/crypto/err/ecdh.errordata +++ b/src/crypto/err/ecdh.errordata @@ -1,3 +1,4 @@ -ECDH,100,KDF_FAILED -ECDH,101,NO_PRIVATE_VALUE -ECDH,102,POINT_ARITHMETIC_FAILURE +ECDH,function,100,ECDH_compute_key +ECDH,reason,100,KDF_FAILED +ECDH,reason,101,NO_PRIVATE_VALUE +ECDH,reason,102,POINT_ARITHMETIC_FAILURE diff --git a/src/crypto/err/ecdsa.errordata b/src/crypto/err/ecdsa.errordata index 58ba591..97c213e 100644 --- a/src/crypto/err/ecdsa.errordata +++ b/src/crypto/err/ecdsa.errordata @@ -1,6 +1,10 @@ -ECDSA,100,BAD_SIGNATURE -ECDSA,105,ENCODE_ERROR -ECDSA,101,MISSING_PARAMETERS -ECDSA,102,NEED_NEW_SETUP_VALUES -ECDSA,103,NOT_IMPLEMENTED -ECDSA,104,RANDOM_NUMBER_GENERATION_FAILED +ECDSA,function,100,ECDSA_do_sign_ex +ECDSA,function,101,ECDSA_do_verify +ECDSA,function,102,ECDSA_sign_ex +ECDSA,function,103,digest_to_bn +ECDSA,function,104,ecdsa_sign_setup +ECDSA,reason,100,BAD_SIGNATURE +ECDSA,reason,101,MISSING_PARAMETERS +ECDSA,reason,102,NEED_NEW_SETUP_VALUES +ECDSA,reason,103,NOT_IMPLEMENTED +ECDSA,reason,104,RANDOM_NUMBER_GENERATION_FAILED diff --git a/src/crypto/err/engine.errordata b/src/crypto/err/engine.errordata index edbd7b9..1185e88 100644 --- a/src/crypto/err/engine.errordata +++ b/src/crypto/err/engine.errordata @@ -1 +1 @@ -ENGINE,100,OPERATION_NOT_SUPPORTED +ENGINE,reason,100,OPERATION_NOT_SUPPORTED diff --git a/src/crypto/err/err.c b/src/crypto/err/err.c index 24824e8..de1b4a7 100644 --- a/src/crypto/err/err.c +++ b/src/crypto/err/err.c @@ -125,6 +125,10 @@ #include "../internal.h" +extern const uint32_t kOpenSSLFunctionValues[]; +extern const size_t kOpenSSLFunctionValuesLen; +extern const char kOpenSSLFunctionStringData[]; + extern const uint32_t kOpenSSLReasonValues[]; extern const size_t kOpenSSLReasonValuesLen; extern const char kOpenSSLReasonStringData[]; @@ -255,51 +259,42 @@ static uint32_t get_error_values(int inc, int top, const char **file, int *line, } uint32_t ERR_get_error(void) { - return get_error_values(1 /* inc */, 0 /* bottom */, NULL, NULL, NULL, NULL); + return get_error_values(1, 0, NULL, NULL, NULL, NULL); } uint32_t ERR_get_error_line(const char **file, int *line) { - return get_error_values(1 /* inc */, 0 /* bottom */, file, line, NULL, NULL); + return get_error_values(1, 0, file, line, NULL, NULL); } uint32_t ERR_get_error_line_data(const char **file, int *line, const char **data, int *flags) { - return get_error_values(1 /* inc */, 0 /* bottom */, file, line, data, flags); + return get_error_values(1, 0, file, line, data, flags); } uint32_t ERR_peek_error(void) { - return get_error_values(0 /* peek */, 0 /* bottom */, NULL, NULL, NULL, NULL); + return get_error_values(0, 0, NULL, NULL, NULL, NULL); } uint32_t ERR_peek_error_line(const char **file, int *line) { - return get_error_values(0 /* peek */, 0 /* bottom */, file, line, NULL, NULL); + return get_error_values(0, 0, file, line, NULL, NULL); } uint32_t ERR_peek_error_line_data(const char **file, int *line, const char **data, int *flags) { - return get_error_values(0 /* peek */, 0 /* bottom */, file, line, data, - flags); -} - -const char *ERR_peek_function(void) { - ERR_STATE *state = err_get_state(); - if (state == NULL || state->bottom == state->top) { - return NULL; - } - return state->errors[(state->bottom + 1) % ERR_NUM_ERRORS].function; + return get_error_values(0, 0, file, line, data, flags); } uint32_t ERR_peek_last_error(void) { - return get_error_values(0 /* peek */, 1 /* top */, NULL, NULL, NULL, NULL); + return get_error_values(0, 1, NULL, NULL, NULL, NULL); } uint32_t ERR_peek_last_error_line(const char **file, int *line) { - return get_error_values(0 /* peek */, 1 /* top */, file, line, NULL, NULL); + return get_error_values(0, 1, file, line, NULL, NULL); } uint32_t ERR_peek_last_error_line_data(const char **file, int *line, const char **data, int *flags) { - return get_error_values(0 /* peek */, 1 /* top */, file, line, data, flags); + return get_error_values(0, 1, file, line, data, flags); } void ERR_clear_error(void) { @@ -346,20 +341,40 @@ void ERR_clear_system_error(void) { errno = 0; } -static void err_error_string(uint32_t packed_error, const char *func_str, - char *buf, size_t len) { - char lib_buf[64], reason_buf[64]; - const char *lib_str, *reason_str; - unsigned lib, reason; +char *ERR_error_string(uint32_t packed_error, char *ret) { + static char buf[ERR_ERROR_STRING_BUF_LEN]; + + if (ret == NULL) { + /* TODO(fork): remove this. */ + ret = buf; + } + +#if !defined(NDEBUG) + /* This is aimed to help catch callers who don't provide + * |ERR_ERROR_STRING_BUF_LEN| bytes of space. */ + memset(ret, 0, ERR_ERROR_STRING_BUF_LEN); +#endif + + ERR_error_string_n(packed_error, ret, ERR_ERROR_STRING_BUF_LEN); + + return ret; +} + +void ERR_error_string_n(uint32_t packed_error, char *buf, size_t len) { + char lib_buf[64], func_buf[64], reason_buf[64]; + const char *lib_str, *func_str, *reason_str; + unsigned lib, func, reason; if (len == 0) { return; } lib = ERR_GET_LIB(packed_error); + func = ERR_GET_FUNC(packed_error); reason = ERR_GET_REASON(packed_error); lib_str = ERR_lib_error_string(packed_error); + func_str = ERR_func_error_string(packed_error); reason_str = ERR_reason_error_string(packed_error); if (lib_str == NULL) { @@ -368,7 +383,8 @@ static void err_error_string(uint32_t packed_error, const char *func_str, } if (func_str == NULL) { - func_str = "OPENSSL_internal"; + BIO_snprintf(func_buf, sizeof(func_buf), "func(%u)", func); + func_str = func_buf; } if (reason_str == NULL) { @@ -410,29 +426,6 @@ static void err_error_string(uint32_t packed_error, const char *func_str, } } -char *ERR_error_string(uint32_t packed_error, char *ret) { - static char buf[ERR_ERROR_STRING_BUF_LEN]; - - if (ret == NULL) { - /* TODO(fork): remove this. */ - ret = buf; - } - -#if !defined(NDEBUG) - /* This is aimed to help catch callers who don't provide - * |ERR_ERROR_STRING_BUF_LEN| bytes of space. */ - memset(ret, 0, ERR_ERROR_STRING_BUF_LEN); -#endif - - ERR_error_string_n(packed_error, ret, ERR_ERROR_STRING_BUF_LEN); - - return ret; -} - -void ERR_error_string_n(uint32_t packed_error, char *buf, size_t len) { - err_error_string(packed_error, NULL, buf, len); -} - // err_string_cmp is a compare function for searching error values with // |bsearch| in |err_string_lookup|. static int err_string_cmp(const void *a, const void *b) { @@ -512,8 +505,8 @@ static const char *const kLibraryNames[ERR_NUM_LIBS] = { "HMAC routines", /* ERR_LIB_HMAC */ "Digest functions", /* ERR_LIB_DIGEST */ "Cipher functions", /* ERR_LIB_CIPHER */ - "HKDF functions", /* ERR_LIB_HKDF */ "User defined functions", /* ERR_LIB_USER */ + "HKDF functions", /* ERR_LIB_HKDF */ }; const char *ERR_lib_error_string(uint32_t packed_error) { @@ -526,7 +519,36 @@ const char *ERR_lib_error_string(uint32_t packed_error) { } const char *ERR_func_error_string(uint32_t packed_error) { - return "OPENSSL_internal"; + const uint32_t lib = ERR_GET_LIB(packed_error); + const uint32_t func = ERR_GET_FUNC(packed_error); + + if (lib == ERR_LIB_SYS) { + switch (func) { + case SYS_F_fopen: + return "fopen"; + case SYS_F_fclose: + return "fclose"; + case SYS_F_fread: + return "fread"; + case SYS_F_fwrite: + return "fwrite"; + case SYS_F_socket: + return "socket"; + case SYS_F_setsockopt: + return "setsockopt"; + case SYS_F_connect: + return "connect"; + case SYS_F_getaddrinfo: + return "getaddrinfo"; + default: + return NULL; + } + } + + return err_string_lookup(ERR_GET_LIB(packed_error), + ERR_GET_FUNC(packed_error), kOpenSSLFunctionValues, + kOpenSSLFunctionValuesLen, + kOpenSSLFunctionStringData); } const char *ERR_reason_error_string(uint32_t packed_error) { @@ -577,13 +599,12 @@ void ERR_print_errors_cb(ERR_print_errors_callback_t callback, void *ctx) { const unsigned long thread_hash = (uintptr_t) err_get_state(); for (;;) { - const char *function = ERR_peek_function(); packed_error = ERR_get_error_line_data(&file, &line, &data, &flags); if (packed_error == 0) { break; } - err_error_string(packed_error, function, buf, sizeof(buf)); + ERR_error_string_n(packed_error, buf, sizeof(buf)); BIO_snprintf(buf2, sizeof(buf2), "%lu:%s:%s:%d:%s\n", thread_hash, buf, file, line, (flags & ERR_FLAG_STRING) ? data : ""); if (callback(buf2, strlen(buf2), ctx) <= 0) { @@ -623,8 +644,8 @@ static void err_set_error_data(char *data, int flags) { error->flags = flags; } -void ERR_put_error(int library, int reason, const char *function, - const char *file, unsigned line) { +void ERR_put_error(int library, int func, int reason, const char *file, + unsigned line) { ERR_STATE *const state = err_get_state(); struct err_error_st *error; @@ -633,7 +654,7 @@ void ERR_put_error(int library, int reason, const char *function, } if (library == ERR_LIB_SYS && reason == 0) { -#if defined(OPENSSL_WINDOWS) +#if defined(WIN32) reason = GetLastError(); #else reason = errno; @@ -647,10 +668,9 @@ void ERR_put_error(int library, int reason, const char *function, error = &state->errors[state->top]; err_clear(error); - error->function = function; error->file = file; error->line = line; - error->packed = ERR_PACK(library, reason); + error->packed = ERR_PACK(library, func, reason); } /* ERR_add_error_data_vdata takes a variable number of const char* pointers, diff --git a/src/crypto/err/err_data_generate.go b/src/crypto/err/err_data_generate.go index 24e0d66..a5b4cb5 100644 --- a/src/crypto/err/err_data_generate.go +++ b/src/crypto/err/err_data_generate.go @@ -59,8 +59,8 @@ var libraryNames = []string{ "HMAC", "DIGEST", "CIPHER", - "HKDF", "USER", + "HKDF", } // stringList is a map from uint32 -> string which can output data for a sorted @@ -69,7 +69,7 @@ type stringList struct { // entries is an array of keys and offsets into |stringData|. The // offsets are in the bottom 15 bits of each uint32 and the key is the // top 17 bits. - entries []uint32 + entries []uint32 // internedStrings contains the same strings as are in |stringData|, // but allows for easy deduplication. It maps a string to its offset in // |stringData|. @@ -146,7 +146,7 @@ func (st *stringList) WriteTo(out stringWriter, name string) { fmt.Fprintf(out, " 0x%x,\n", v) } out.WriteString("};\n\n") - out.WriteString("const size_t " + values + "Len = sizeof(" + values + ") / sizeof(" + values + "[0]);\n\n") + out.WriteString("const size_t " + values + "Len = sizeof(" + values + ") / sizeof(" + values + "[0]);\n\n"); stringData := "kOpenSSL" + name + "StringData" out.WriteString("const char " + stringData + "[] =\n \"") @@ -161,8 +161,8 @@ func (st *stringList) WriteTo(out stringWriter, name string) { } type errorData struct { - reasons *stringList - libraryMap map[string]uint32 + functions, reasons *stringList + libraryMap map[string]uint32 } func (e *errorData) readErrorDataFile(filename string) error { @@ -184,8 +184,8 @@ func (e *errorData) readErrorDataFile(filename string) error { continue } parts := bytes.Split(line, comma) - if len(parts) != 3 { - return fmt.Errorf("bad line %d in %s: found %d values but want 3", lineNo, filename, len(parts)) + if len(parts) != 4 { + return fmt.Errorf("bad line %d in %s: found %d values but want 4", lineNo, filename, len(parts)) } libNum, ok := e.libraryMap[string(parts[0])] if !ok { @@ -194,18 +194,26 @@ func (e *errorData) readErrorDataFile(filename string) error { if libNum >= 64 { return fmt.Errorf("bad line %d in %s: library value too large", lineNo, filename) } - key, err := strconv.ParseUint(string(parts[1]), 10 /* base */, 32 /* bit size */) + key, err := strconv.ParseUint(string(parts[2]), 10 /* base */, 32 /* bit size */) if err != nil { return fmt.Errorf("bad line %d in %s: %s", lineNo, filename, err) } if key >= 2048 { return fmt.Errorf("bad line %d in %s: key too large", lineNo, filename) } - value := string(parts[2]) + value := string(parts[3]) listKey := libNum<<26 | uint32(key)<<15 - err = e.reasons.Add(listKey, value) + switch string(parts[1]) { + case "function": + err = e.functions.Add(listKey, value) + case "reason": + err = e.reasons.Add(listKey, value) + default: + return fmt.Errorf("bad line %d in %s: bad value type", lineNo, filename) + } + if err != nil { return err } @@ -216,6 +224,7 @@ func (e *errorData) readErrorDataFile(filename string) error { func main() { e := &errorData{ + functions: newStringList(), reasons: newStringList(), libraryMap: make(map[string]uint32), } @@ -270,8 +279,9 @@ func main() { for i, name := range libraryNames { fmt.Fprintf(out, "OPENSSL_COMPILE_ASSERT(ERR_LIB_%s == %d, library_values_changed_%d);\n", name, i+1, i+1) } - fmt.Fprintf(out, "OPENSSL_COMPILE_ASSERT(ERR_NUM_LIBS == %d, library_values_changed_num);\n", len(libraryNames)+1) + fmt.Fprintf(out, "OPENSSL_COMPILE_ASSERT(ERR_NUM_LIBS == %d, library_values_changed_num);\n", len(libraryNames) + 1) out.WriteString("\n") + e.functions.WriteTo(out, "Function") e.reasons.WriteTo(out, "Reason") } diff --git a/src/crypto/err/err_test.cc b/src/crypto/err/err_test.cc index 6643c68..98dfb85 100644 --- a/src/crypto/err/err_test.cc +++ b/src/crypto/err/err_test.cc @@ -22,7 +22,7 @@ static bool TestOverflow() { for (unsigned i = 0; i < ERR_NUM_ERRORS*2; i++) { - ERR_put_error(1, i+1, "function", "test", 1); + ERR_put_error(1, 2, i+1, "test", 1); } for (unsigned i = 0; i < ERR_NUM_ERRORS - 1; i++) { @@ -50,7 +50,7 @@ static bool TestPutError() { return false; } - ERR_put_error(1, 2, "function", "test", 4); + ERR_put_error(1, 2, 3, "test", 4); ERR_add_error_data(1, "testing"); int peeked_line, line, peeked_flags, flags; @@ -58,7 +58,6 @@ static bool TestPutError() { uint32_t peeked_packed_error = ERR_peek_error_line_data(&peeked_file, &peeked_line, &peeked_data, &peeked_flags); - const char *function = ERR_peek_function(); uint32_t packed_error = ERR_get_error_line_data(&file, &line, &data, &flags); if (peeked_packed_error != packed_error || @@ -69,12 +68,12 @@ static bool TestPutError() { return false; } - if (strcmp(function, "function") != 0 || - strcmp(file, "test") != 0 || + if (strcmp(file, "test") != 0 || line != 4 || (flags & ERR_FLAG_STRING) == 0 || ERR_GET_LIB(packed_error) != 1 || - ERR_GET_REASON(packed_error) != 2 || + ERR_GET_FUNC(packed_error) != 2 || + ERR_GET_REASON(packed_error) != 3 || strcmp(data, "testing") != 0) { fprintf(stderr, "Bad error data returned.\n"); return false; @@ -89,7 +88,7 @@ static bool TestClearError() { return false; } - ERR_put_error(1, 2, "function", "test", 4); + ERR_put_error(1, 2, 3, "test", 4); ERR_clear_error(); if (ERR_get_error() != 0) { @@ -101,7 +100,7 @@ static bool TestClearError() { } static bool TestPrint() { - ERR_put_error(1, 2, "function", "test", 4); + ERR_put_error(1, 2, 3, "test", 4); ERR_add_error_data(1, "testing"); uint32_t packed_error = ERR_get_error(); @@ -114,41 +113,11 @@ static bool TestPrint() { } static bool TestRelease() { - ERR_put_error(1, 2, "function", "test", 4); + ERR_put_error(1, 2, 3, "test", 4); ERR_remove_thread_state(NULL); return true; } -static bool HasSuffix(const char *str, const char *suffix) { - size_t suffix_len = strlen(suffix); - size_t str_len = strlen(str); - if (str_len < suffix_len) { - return false; - } - return strcmp(str + str_len - suffix_len, suffix) == 0; -} - -static bool TestPutMacro() { - int expected_line = __LINE__ + 1; - OPENSSL_PUT_ERROR(USER, ERR_R_INTERNAL_ERROR); - - int line; - const char *file; - const char *function = ERR_peek_function(); - uint32_t error = ERR_get_error_line(&file, &line); - - if (strcmp(function, "TestPutMacro") != 0 || - !HasSuffix(file, "err_test.cc") || - line != expected_line || - ERR_GET_LIB(error) != ERR_LIB_USER || - ERR_GET_REASON(error) != ERR_R_INTERNAL_ERROR) { - fprintf(stderr, "Bad error data returned.\n"); - return false; - } - - return true; -} - int main() { CRYPTO_library_init(); @@ -156,8 +125,7 @@ int main() { !TestPutError() || !TestClearError() || !TestPrint() || - !TestRelease() || - !TestPutMacro()) { + !TestRelease()) { return 1; } diff --git a/src/crypto/err/evp.errordata b/src/crypto/err/evp.errordata index 8f8dd48..14dd27b 100644 --- a/src/crypto/err/evp.errordata +++ b/src/crypto/err/evp.errordata @@ -1,46 +1,114 @@ -EVP,151,BN_DECODE_ERROR -EVP,100,BUFFER_TOO_SMALL -EVP,101,COMMAND_NOT_SUPPORTED -EVP,146,CONTEXT_NOT_INITIALISED -EVP,143,DECODE_ERROR -EVP,104,DIFFERENT_KEY_TYPES -EVP,105,DIFFERENT_PARAMETERS -EVP,147,DIGEST_AND_KEY_TYPE_NOT_SUPPORTED -EVP,107,EXPECTING_AN_EC_KEY_KEY -EVP,141,EXPECTING_AN_RSA_KEY -EVP,109,EXPECTING_A_DH_KEY -EVP,110,EXPECTING_A_DSA_KEY -EVP,111,ILLEGAL_OR_UNSUPPORTED_PADDING_MODE -EVP,112,INVALID_CURVE -EVP,113,INVALID_DIGEST_LENGTH -EVP,114,INVALID_DIGEST_TYPE -EVP,115,INVALID_KEYBITS -EVP,116,INVALID_MGF1_MD -EVP,142,INVALID_OPERATION -EVP,118,INVALID_PADDING_MODE -EVP,119,INVALID_PSS_PARAMETERS -EVP,144,INVALID_PSS_SALTLEN -EVP,121,INVALID_SALT_LENGTH -EVP,122,INVALID_TRAILER -EVP,123,KEYS_NOT_SET -EVP,124,MISSING_PARAMETERS -EVP,125,NO_DEFAULT_DIGEST -EVP,126,NO_KEY_SET -EVP,127,NO_MDC2_SUPPORT -EVP,128,NO_NID_FOR_CURVE -EVP,129,NO_OPERATION_SET -EVP,130,NO_PARAMETERS_SET -EVP,131,OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE -EVP,132,OPERATON_NOT_INITIALIZED -EVP,152,PARAMETER_ENCODING_ERROR -EVP,133,UNKNOWN_DIGEST -EVP,134,UNKNOWN_MASK_DIGEST -EVP,150,UNKNOWN_MESSAGE_DIGEST_ALGORITHM -EVP,145,UNKNOWN_PUBLIC_KEY_TYPE -EVP,149,UNKNOWN_SIGNATURE_ALGORITHM -EVP,138,UNSUPPORTED_ALGORITHM -EVP,139,UNSUPPORTED_MASK_ALGORITHM -EVP,140,UNSUPPORTED_MASK_PARAMETER -EVP,153,UNSUPPORTED_PUBLIC_KEY_TYPE -EVP,154,UNSUPPORTED_SIGNATURE_TYPE -EVP,148,WRONG_PUBLIC_KEY_TYPE +EVP,function,160,EVP_DigestSignAlgorithm +EVP,function,161,EVP_DigestVerifyInitFromAlgorithm +EVP,function,162,EVP_PKEY_CTX_ctrl +EVP,function,163,EVP_PKEY_CTX_dup +EVP,function,159,EVP_PKEY_CTX_get0_rsa_oaep_label +EVP,function,164,EVP_PKEY_copy_parameters +EVP,function,165,EVP_PKEY_decrypt +EVP,function,166,EVP_PKEY_decrypt_init +EVP,function,167,EVP_PKEY_derive +EVP,function,108,EVP_PKEY_derive_init +EVP,function,168,EVP_PKEY_derive_set_peer +EVP,function,110,EVP_PKEY_encrypt +EVP,function,111,EVP_PKEY_encrypt_init +EVP,function,112,EVP_PKEY_get1_DH +EVP,function,169,EVP_PKEY_get1_DSA +EVP,function,114,EVP_PKEY_get1_EC_KEY +EVP,function,115,EVP_PKEY_get1_RSA +EVP,function,116,EVP_PKEY_keygen +EVP,function,170,EVP_PKEY_keygen_init +EVP,function,171,EVP_PKEY_new +EVP,function,172,EVP_PKEY_set_type +EVP,function,120,EVP_PKEY_sign +EVP,function,121,EVP_PKEY_sign_init +EVP,function,122,EVP_PKEY_verify +EVP,function,123,EVP_PKEY_verify_init +EVP,function,173,check_padding_md +EVP,function,125,d2i_AutoPrivateKey +EVP,function,126,d2i_PrivateKey +EVP,function,127,do_EC_KEY_print +EVP,function,174,do_dsa_print +EVP,function,175,do_rsa_print +EVP,function,129,do_sigver_init +EVP,function,176,dsa_param_decode +EVP,function,177,dsa_priv_decode +EVP,function,178,dsa_priv_encode +EVP,function,179,dsa_pub_decode +EVP,function,180,dsa_pub_encode +EVP,function,181,dsa_sig_print +EVP,function,130,eckey_param2type +EVP,function,131,eckey_param_decode +EVP,function,132,eckey_priv_decode +EVP,function,133,eckey_priv_encode +EVP,function,134,eckey_pub_decode +EVP,function,135,eckey_pub_encode +EVP,function,136,eckey_type2param +EVP,function,137,evp_pkey_ctx_new +EVP,function,138,hmac_signctx +EVP,function,139,i2d_PublicKey +EVP,function,182,old_dsa_priv_decode +EVP,function,140,old_ec_priv_decode +EVP,function,141,old_rsa_priv_decode +EVP,function,142,pkey_ec_ctrl +EVP,function,143,pkey_ec_derive +EVP,function,144,pkey_ec_keygen +EVP,function,145,pkey_ec_paramgen +EVP,function,146,pkey_ec_sign +EVP,function,158,pkey_hmac_ctrl +EVP,function,147,pkey_rsa_ctrl +EVP,function,148,pkey_rsa_decrypt +EVP,function,149,pkey_rsa_encrypt +EVP,function,150,pkey_rsa_sign +EVP,function,151,rsa_algor_to_md +EVP,function,152,rsa_digest_verify_init_from_algorithm +EVP,function,153,rsa_mgf1_to_md +EVP,function,154,rsa_priv_decode +EVP,function,155,rsa_priv_encode +EVP,function,156,rsa_pss_to_ctx +EVP,function,157,rsa_pub_decode +EVP,reason,151,BN_DECODE_ERROR +EVP,reason,100,BUFFER_TOO_SMALL +EVP,reason,101,COMMAND_NOT_SUPPORTED +EVP,reason,146,CONTEXT_NOT_INITIALISED +EVP,reason,143,DECODE_ERROR +EVP,reason,104,DIFFERENT_KEY_TYPES +EVP,reason,105,DIFFERENT_PARAMETERS +EVP,reason,147,DIGEST_AND_KEY_TYPE_NOT_SUPPORTED +EVP,reason,107,EXPECTING_AN_EC_KEY_KEY +EVP,reason,141,EXPECTING_AN_RSA_KEY +EVP,reason,109,EXPECTING_A_DH_KEY +EVP,reason,110,EXPECTING_A_DSA_KEY +EVP,reason,111,ILLEGAL_OR_UNSUPPORTED_PADDING_MODE +EVP,reason,112,INVALID_CURVE +EVP,reason,113,INVALID_DIGEST_LENGTH +EVP,reason,114,INVALID_DIGEST_TYPE +EVP,reason,115,INVALID_KEYBITS +EVP,reason,116,INVALID_MGF1_MD +EVP,reason,142,INVALID_OPERATION +EVP,reason,118,INVALID_PADDING_MODE +EVP,reason,119,INVALID_PSS_PARAMETERS +EVP,reason,144,INVALID_PSS_SALTLEN +EVP,reason,121,INVALID_SALT_LENGTH +EVP,reason,122,INVALID_TRAILER +EVP,reason,123,KEYS_NOT_SET +EVP,reason,124,MISSING_PARAMETERS +EVP,reason,125,NO_DEFAULT_DIGEST +EVP,reason,126,NO_KEY_SET +EVP,reason,127,NO_MDC2_SUPPORT +EVP,reason,128,NO_NID_FOR_CURVE +EVP,reason,129,NO_OPERATION_SET +EVP,reason,130,NO_PARAMETERS_SET +EVP,reason,131,OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE +EVP,reason,132,OPERATON_NOT_INITIALIZED +EVP,reason,152,PARAMETER_ENCODING_ERROR +EVP,reason,133,UNKNOWN_DIGEST +EVP,reason,134,UNKNOWN_MASK_DIGEST +EVP,reason,150,UNKNOWN_MESSAGE_DIGEST_ALGORITHM +EVP,reason,145,UNKNOWN_PUBLIC_KEY_TYPE +EVP,reason,149,UNKNOWN_SIGNATURE_ALGORITHM +EVP,reason,138,UNSUPPORTED_ALGORITHM +EVP,reason,139,UNSUPPORTED_MASK_ALGORITHM +EVP,reason,140,UNSUPPORTED_MASK_PARAMETER +EVP,reason,153,UNSUPPORTED_PUBLIC_KEY_TYPE +EVP,reason,154,UNSUPPORTED_SIGNATURE_TYPE +EVP,reason,148,WRONG_PUBLIC_KEY_TYPE diff --git a/src/crypto/err/hkdf.errordata b/src/crypto/err/hkdf.errordata index 84866de..878a802 100644 --- a/src/crypto/err/hkdf.errordata +++ b/src/crypto/err/hkdf.errordata @@ -1 +1,2 @@ -HKDF,100,OUTPUT_TOO_LARGE +HKDF,function,100,HKDF +HKDF,reason,100,OUTPUT_TOO_LARGE diff --git a/src/crypto/err/obj.errordata b/src/crypto/err/obj.errordata index c54435e..74e4629 100644 --- a/src/crypto/err/obj.errordata +++ b/src/crypto/err/obj.errordata @@ -1 +1,5 @@ -OBJ,100,UNKNOWN_NID +OBJ,function,100,OBJ_create +OBJ,function,101,OBJ_dup +OBJ,function,102,OBJ_nid2obj +OBJ,function,103,OBJ_txt2obj +OBJ,reason,100,UNKNOWN_NID diff --git a/src/crypto/err/pem.errordata b/src/crypto/err/pem.errordata index 2a4b73a..42216a7 100644 --- a/src/crypto/err/pem.errordata +++ b/src/crypto/err/pem.errordata @@ -1,15 +1,39 @@ -PEM,100,BAD_BASE64_DECODE -PEM,101,BAD_DECRYPT -PEM,102,BAD_END_LINE -PEM,103,BAD_IV_CHARS -PEM,104,BAD_PASSWORD_READ -PEM,105,CIPHER_IS_NULL -PEM,106,ERROR_CONVERTING_PRIVATE_KEY -PEM,107,NOT_DEK_INFO -PEM,108,NOT_ENCRYPTED -PEM,109,NOT_PROC_TYPE -PEM,110,NO_START_LINE -PEM,111,READ_KEY -PEM,112,SHORT_HEADER -PEM,113,UNSUPPORTED_CIPHER -PEM,114,UNSUPPORTED_ENCRYPTION +PEM,function,100,PEM_ASN1_read +PEM,function,101,PEM_ASN1_read_bio +PEM,function,102,PEM_ASN1_write +PEM,function,103,PEM_ASN1_write_bio +PEM,function,104,PEM_X509_INFO_read +PEM,function,105,PEM_X509_INFO_read_bio +PEM,function,106,PEM_X509_INFO_write_bio +PEM,function,107,PEM_do_header +PEM,function,108,PEM_get_EVP_CIPHER_INFO +PEM,function,109,PEM_read +PEM,function,110,PEM_read_DHparams +PEM,function,111,PEM_read_PrivateKey +PEM,function,112,PEM_read_bio +PEM,function,113,PEM_read_bio_DHparams +PEM,function,114,PEM_read_bio_Parameters +PEM,function,115,PEM_read_bio_PrivateKey +PEM,function,116,PEM_write +PEM,function,117,PEM_write_PrivateKey +PEM,function,118,PEM_write_bio +PEM,function,119,d2i_PKCS8PrivateKey_bio +PEM,function,120,d2i_PKCS8PrivateKey_fp +PEM,function,121,do_pk8pkey +PEM,function,122,do_pk8pkey_fp +PEM,function,123,load_iv +PEM,reason,100,BAD_BASE64_DECODE +PEM,reason,101,BAD_DECRYPT +PEM,reason,102,BAD_END_LINE +PEM,reason,103,BAD_IV_CHARS +PEM,reason,104,BAD_PASSWORD_READ +PEM,reason,105,CIPHER_IS_NULL +PEM,reason,106,ERROR_CONVERTING_PRIVATE_KEY +PEM,reason,107,NOT_DEK_INFO +PEM,reason,108,NOT_ENCRYPTED +PEM,reason,109,NOT_PROC_TYPE +PEM,reason,110,NO_START_LINE +PEM,reason,111,READ_KEY +PEM,reason,112,SHORT_HEADER +PEM,reason,113,UNSUPPORTED_CIPHER +PEM,reason,114,UNSUPPORTED_ENCRYPTION diff --git a/src/crypto/err/pkcs8.errordata b/src/crypto/err/pkcs8.errordata index 0eb5083..936f3c5 100644 --- a/src/crypto/err/pkcs8.errordata +++ b/src/crypto/err/pkcs8.errordata @@ -1,25 +1,43 @@ -PKCS8,100,BAD_PKCS12_DATA -PKCS8,101,BAD_PKCS12_VERSION -PKCS8,102,CIPHER_HAS_NO_OBJECT_IDENTIFIER -PKCS8,103,CRYPT_ERROR -PKCS8,104,DECODE_ERROR -PKCS8,105,ENCODE_ERROR -PKCS8,106,ENCRYPT_ERROR -PKCS8,107,ERROR_SETTING_CIPHER_PARAMS -PKCS8,108,INCORRECT_PASSWORD -PKCS8,109,KEYGEN_FAILURE -PKCS8,110,KEY_GEN_ERROR -PKCS8,111,METHOD_NOT_SUPPORTED -PKCS8,112,MISSING_MAC -PKCS8,113,MULTIPLE_PRIVATE_KEYS_IN_PKCS12 -PKCS8,114,PKCS12_PUBLIC_KEY_INTEGRITY_NOT_SUPPORTED -PKCS8,115,PKCS12_TOO_DEEPLY_NESTED -PKCS8,116,PRIVATE_KEY_DECODE_ERROR -PKCS8,117,PRIVATE_KEY_ENCODE_ERROR -PKCS8,118,TOO_LONG -PKCS8,119,UNKNOWN_ALGORITHM -PKCS8,120,UNKNOWN_CIPHER -PKCS8,121,UNKNOWN_CIPHER_ALGORITHM -PKCS8,122,UNKNOWN_DIGEST -PKCS8,123,UNKNOWN_HASH -PKCS8,124,UNSUPPORTED_PRIVATE_KEY_ALGORITHM +PKCS8,function,100,EVP_PKCS82PKEY +PKCS8,function,101,EVP_PKEY2PKCS8 +PKCS8,function,102,PKCS12_get_key_and_certs +PKCS8,function,103,PKCS12_handle_content_info +PKCS8,function,104,PKCS12_handle_content_infos +PKCS8,function,105,PKCS5_pbe2_set_iv +PKCS8,function,106,PKCS5_pbe_set +PKCS8,function,107,PKCS5_pbe_set0_algor +PKCS8,function,108,PKCS5_pbkdf2_set +PKCS8,function,109,PKCS8_decrypt +PKCS8,function,110,PKCS8_encrypt +PKCS8,function,111,PKCS8_encrypt_pbe +PKCS8,function,112,pbe_cipher_init +PKCS8,function,113,pbe_crypt +PKCS8,function,114,pkcs12_item_decrypt_d2i +PKCS8,function,115,pkcs12_item_i2d_encrypt +PKCS8,function,116,pkcs12_key_gen_raw +PKCS8,function,117,pkcs12_pbe_keyivgen +PKCS8,reason,100,BAD_PKCS12_DATA +PKCS8,reason,101,BAD_PKCS12_VERSION +PKCS8,reason,102,CIPHER_HAS_NO_OBJECT_IDENTIFIER +PKCS8,reason,103,CRYPT_ERROR +PKCS8,reason,104,DECODE_ERROR +PKCS8,reason,105,ENCODE_ERROR +PKCS8,reason,106,ENCRYPT_ERROR +PKCS8,reason,107,ERROR_SETTING_CIPHER_PARAMS +PKCS8,reason,108,INCORRECT_PASSWORD +PKCS8,reason,109,KEYGEN_FAILURE +PKCS8,reason,110,KEY_GEN_ERROR +PKCS8,reason,111,METHOD_NOT_SUPPORTED +PKCS8,reason,112,MISSING_MAC +PKCS8,reason,113,MULTIPLE_PRIVATE_KEYS_IN_PKCS12 +PKCS8,reason,114,PKCS12_PUBLIC_KEY_INTEGRITY_NOT_SUPPORTED +PKCS8,reason,115,PKCS12_TOO_DEEPLY_NESTED +PKCS8,reason,116,PRIVATE_KEY_DECODE_ERROR +PKCS8,reason,117,PRIVATE_KEY_ENCODE_ERROR +PKCS8,reason,118,TOO_LONG +PKCS8,reason,119,UNKNOWN_ALGORITHM +PKCS8,reason,120,UNKNOWN_CIPHER +PKCS8,reason,121,UNKNOWN_CIPHER_ALGORITHM +PKCS8,reason,122,UNKNOWN_DIGEST +PKCS8,reason,123,UNKNOWN_HASH +PKCS8,reason,124,UNSUPPORTED_PRIVATE_KEY_ALGORITHM diff --git a/src/crypto/err/rsa.errordata b/src/crypto/err/rsa.errordata index c19f73c..64b390d 100644 --- a/src/crypto/err/rsa.errordata +++ b/src/crypto/err/rsa.errordata @@ -1,46 +1,69 @@ -RSA,143,BAD_ENCODING -RSA,100,BAD_E_VALUE -RSA,101,BAD_FIXED_HEADER_DECRYPT -RSA,102,BAD_PAD_BYTE_COUNT -RSA,103,BAD_RSA_PARAMETERS -RSA,104,BAD_SIGNATURE -RSA,145,BAD_VERSION -RSA,105,BLOCK_TYPE_IS_NOT_01 -RSA,106,BN_NOT_INITIALIZED -RSA,142,CANNOT_RECOVER_MULTI_PRIME_KEY -RSA,107,CRT_PARAMS_ALREADY_GIVEN -RSA,108,CRT_VALUES_INCORRECT -RSA,109,DATA_LEN_NOT_EQUAL_TO_MOD_LEN -RSA,110,DATA_TOO_LARGE -RSA,111,DATA_TOO_LARGE_FOR_KEY_SIZE -RSA,112,DATA_TOO_LARGE_FOR_MODULUS -RSA,113,DATA_TOO_SMALL -RSA,114,DATA_TOO_SMALL_FOR_KEY_SIZE -RSA,115,DIGEST_TOO_BIG_FOR_RSA_KEY -RSA,116,D_E_NOT_CONGRUENT_TO_1 -RSA,117,EMPTY_PUBLIC_KEY -RSA,144,ENCODE_ERROR -RSA,118,FIRST_OCTET_INVALID -RSA,119,INCONSISTENT_SET_OF_CRT_VALUES -RSA,120,INTERNAL_ERROR -RSA,121,INVALID_MESSAGE_LENGTH -RSA,122,KEY_SIZE_TOO_SMALL -RSA,123,LAST_OCTET_INVALID -RSA,124,MODULUS_TOO_LARGE -RSA,141,MUST_HAVE_AT_LEAST_TWO_PRIMES -RSA,125,NO_PUBLIC_EXPONENT -RSA,126,NULL_BEFORE_BLOCK_MISSING -RSA,127,N_NOT_EQUAL_P_Q -RSA,128,OAEP_DECODING_ERROR -RSA,129,ONLY_ONE_OF_P_Q_GIVEN -RSA,130,OUTPUT_BUFFER_TOO_SMALL -RSA,131,PADDING_CHECK_FAILED -RSA,132,PKCS_DECODING_ERROR -RSA,133,SLEN_CHECK_FAILED -RSA,134,SLEN_RECOVERY_FAILED -RSA,135,TOO_LONG -RSA,136,TOO_MANY_ITERATIONS -RSA,137,UNKNOWN_ALGORITHM_TYPE -RSA,138,UNKNOWN_PADDING_TYPE -RSA,139,VALUE_MISSING -RSA,140,WRONG_SIGNATURE_LENGTH +RSA,function,100,BN_BLINDING_convert_ex +RSA,function,101,BN_BLINDING_create_param +RSA,function,102,BN_BLINDING_invert_ex +RSA,function,103,BN_BLINDING_new +RSA,function,104,BN_BLINDING_update +RSA,function,105,RSA_check_key +RSA,function,106,RSA_new_method +RSA,function,107,RSA_padding_add_PKCS1_OAEP_mgf1 +RSA,function,108,RSA_padding_add_PKCS1_PSS_mgf1 +RSA,function,109,RSA_padding_add_PKCS1_type_1 +RSA,function,110,RSA_padding_add_PKCS1_type_2 +RSA,function,111,RSA_padding_add_none +RSA,function,112,RSA_padding_check_PKCS1_OAEP_mgf1 +RSA,function,113,RSA_padding_check_PKCS1_type_1 +RSA,function,114,RSA_padding_check_PKCS1_type_2 +RSA,function,115,RSA_padding_check_none +RSA,function,116,RSA_recover_crt_params +RSA,function,117,RSA_sign +RSA,function,118,RSA_verify +RSA,function,119,RSA_verify_PKCS1_PSS_mgf1 +RSA,function,120,decrypt +RSA,function,121,encrypt +RSA,function,122,keygen +RSA,function,123,pkcs1_prefixed_msg +RSA,function,124,private_transform +RSA,function,125,rsa_setup_blinding +RSA,function,126,sign_raw +RSA,function,127,verify_raw +RSA,reason,100,BAD_E_VALUE +RSA,reason,101,BAD_FIXED_HEADER_DECRYPT +RSA,reason,102,BAD_PAD_BYTE_COUNT +RSA,reason,103,BAD_RSA_PARAMETERS +RSA,reason,104,BAD_SIGNATURE +RSA,reason,105,BLOCK_TYPE_IS_NOT_01 +RSA,reason,106,BN_NOT_INITIALIZED +RSA,reason,107,CRT_PARAMS_ALREADY_GIVEN +RSA,reason,108,CRT_VALUES_INCORRECT +RSA,reason,109,DATA_LEN_NOT_EQUAL_TO_MOD_LEN +RSA,reason,110,DATA_TOO_LARGE +RSA,reason,111,DATA_TOO_LARGE_FOR_KEY_SIZE +RSA,reason,112,DATA_TOO_LARGE_FOR_MODULUS +RSA,reason,113,DATA_TOO_SMALL +RSA,reason,114,DATA_TOO_SMALL_FOR_KEY_SIZE +RSA,reason,115,DIGEST_TOO_BIG_FOR_RSA_KEY +RSA,reason,116,D_E_NOT_CONGRUENT_TO_1 +RSA,reason,117,EMPTY_PUBLIC_KEY +RSA,reason,118,FIRST_OCTET_INVALID +RSA,reason,119,INCONSISTENT_SET_OF_CRT_VALUES +RSA,reason,120,INTERNAL_ERROR +RSA,reason,121,INVALID_MESSAGE_LENGTH +RSA,reason,122,KEY_SIZE_TOO_SMALL +RSA,reason,123,LAST_OCTET_INVALID +RSA,reason,124,MODULUS_TOO_LARGE +RSA,reason,125,NO_PUBLIC_EXPONENT +RSA,reason,126,NULL_BEFORE_BLOCK_MISSING +RSA,reason,127,N_NOT_EQUAL_P_Q +RSA,reason,128,OAEP_DECODING_ERROR +RSA,reason,129,ONLY_ONE_OF_P_Q_GIVEN +RSA,reason,130,OUTPUT_BUFFER_TOO_SMALL +RSA,reason,131,PADDING_CHECK_FAILED +RSA,reason,132,PKCS_DECODING_ERROR +RSA,reason,133,SLEN_CHECK_FAILED +RSA,reason,134,SLEN_RECOVERY_FAILED +RSA,reason,135,TOO_LONG +RSA,reason,136,TOO_MANY_ITERATIONS +RSA,reason,137,UNKNOWN_ALGORITHM_TYPE +RSA,reason,138,UNKNOWN_PADDING_TYPE +RSA,reason,139,VALUE_MISSING +RSA,reason,140,WRONG_SIGNATURE_LENGTH diff --git a/src/crypto/err/ssl.errordata b/src/crypto/err/ssl.errordata index 0b30b13..9464c3d 100644 --- a/src/crypto/err/ssl.errordata +++ b/src/crypto/err/ssl.errordata @@ -1,217 +1,387 @@ -SSL,100,APP_DATA_IN_HANDSHAKE -SSL,101,ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT -SSL,102,BAD_ALERT -SSL,103,BAD_CHANGE_CIPHER_SPEC -SSL,104,BAD_DATA_RETURNED_BY_CALLBACK -SSL,105,BAD_DH_P_LENGTH -SSL,106,BAD_DIGEST_LENGTH -SSL,107,BAD_ECC_CERT -SSL,108,BAD_ECPOINT -SSL,109,BAD_HANDSHAKE_LENGTH -SSL,110,BAD_HANDSHAKE_RECORD -SSL,111,BAD_HELLO_REQUEST -SSL,112,BAD_LENGTH -SSL,113,BAD_PACKET_LENGTH -SSL,114,BAD_RSA_ENCRYPT -SSL,115,BAD_SIGNATURE -SSL,116,BAD_SRTP_MKI_VALUE -SSL,117,BAD_SRTP_PROTECTION_PROFILE_LIST -SSL,118,BAD_SSL_FILETYPE -SSL,119,BAD_WRITE_RETRY -SSL,120,BIO_NOT_SET -SSL,121,BN_LIB -SSL,272,BUFFER_TOO_SMALL -SSL,122,CANNOT_SERIALIZE_PUBLIC_KEY -SSL,123,CA_DN_LENGTH_MISMATCH -SSL,124,CA_DN_TOO_LONG -SSL,125,CCS_RECEIVED_EARLY -SSL,126,CERTIFICATE_VERIFY_FAILED -SSL,127,CERT_CB_ERROR -SSL,128,CERT_LENGTH_MISMATCH -SSL,129,CHANNEL_ID_NOT_P256 -SSL,130,CHANNEL_ID_SIGNATURE_INVALID -SSL,131,CIPHER_CODE_WRONG_LENGTH -SSL,132,CIPHER_OR_HASH_UNAVAILABLE -SSL,133,CLIENTHELLO_PARSE_FAILED -SSL,134,CLIENTHELLO_TLSEXT -SSL,135,CONNECTION_REJECTED -SSL,136,CONNECTION_TYPE_NOT_SET -SSL,137,COOKIE_MISMATCH -SSL,284,CUSTOM_EXTENSION_CONTENTS_TOO_LARGE -SSL,285,CUSTOM_EXTENSION_ERROR -SSL,138,D2I_ECDSA_SIG -SSL,139,DATA_BETWEEN_CCS_AND_FINISHED -SSL,140,DATA_LENGTH_TOO_LONG -SSL,141,DECODE_ERROR -SSL,142,DECRYPTION_FAILED -SSL,143,DECRYPTION_FAILED_OR_BAD_RECORD_MAC -SSL,144,DH_PUBLIC_VALUE_LENGTH_IS_WRONG -SSL,145,DIGEST_CHECK_FAILED -SSL,146,DTLS_MESSAGE_TOO_BIG -SSL,147,ECC_CERT_NOT_FOR_SIGNING -SSL,148,EMPTY_SRTP_PROTECTION_PROFILE_LIST -SSL,276,EMS_STATE_INCONSISTENT -SSL,149,ENCRYPTED_LENGTH_TOO_LONG -SSL,281,ERROR_ADDING_EXTENSION -SSL,150,ERROR_IN_RECEIVED_CIPHER_LIST -SSL,282,ERROR_PARSING_EXTENSION -SSL,151,EVP_DIGESTSIGNFINAL_FAILED -SSL,152,EVP_DIGESTSIGNINIT_FAILED -SSL,153,EXCESSIVE_MESSAGE_SIZE -SSL,154,EXTRA_DATA_IN_MESSAGE -SSL,271,FRAGMENT_MISMATCH -SSL,155,GOT_A_FIN_BEFORE_A_CCS -SSL,156,GOT_CHANNEL_ID_BEFORE_A_CCS -SSL,157,GOT_NEXT_PROTO_BEFORE_A_CCS -SSL,158,GOT_NEXT_PROTO_WITHOUT_EXTENSION -SSL,159,HANDSHAKE_FAILURE_ON_CLIENT_HELLO -SSL,160,HANDSHAKE_RECORD_BEFORE_CCS -SSL,161,HTTPS_PROXY_REQUEST -SSL,162,HTTP_REQUEST -SSL,163,INAPPROPRIATE_FALLBACK -SSL,164,INVALID_COMMAND -SSL,165,INVALID_MESSAGE -SSL,166,INVALID_SSL_SESSION -SSL,167,INVALID_TICKET_KEYS_LENGTH -SSL,168,LENGTH_MISMATCH -SSL,169,LIBRARY_HAS_NO_CIPHERS -SSL,170,MISSING_DH_KEY -SSL,171,MISSING_ECDSA_SIGNING_CERT -SSL,283,MISSING_EXTENSION -SSL,172,MISSING_RSA_CERTIFICATE -SSL,173,MISSING_RSA_ENCRYPTING_CERT -SSL,174,MISSING_RSA_SIGNING_CERT -SSL,175,MISSING_TMP_DH_KEY -SSL,176,MISSING_TMP_ECDH_KEY -SSL,177,MIXED_SPECIAL_OPERATOR_WITH_GROUPS -SSL,178,MTU_TOO_SMALL -SSL,286,NEGOTIATED_BOTH_NPN_AND_ALPN -SSL,179,NESTED_GROUP -SSL,180,NO_CERTIFICATES_RETURNED -SSL,181,NO_CERTIFICATE_ASSIGNED -SSL,182,NO_CERTIFICATE_SET -SSL,183,NO_CIPHERS_AVAILABLE -SSL,184,NO_CIPHERS_PASSED -SSL,185,NO_CIPHERS_SPECIFIED -SSL,186,NO_CIPHER_MATCH -SSL,187,NO_COMPRESSION_SPECIFIED -SSL,188,NO_METHOD_SPECIFIED -SSL,189,NO_P256_SUPPORT -SSL,190,NO_PRIVATE_KEY_ASSIGNED -SSL,191,NO_RENEGOTIATION -SSL,192,NO_REQUIRED_DIGEST -SSL,193,NO_SHARED_CIPHER -SSL,194,NO_SHARED_SIGATURE_ALGORITHMS -SSL,195,NO_SRTP_PROFILES -SSL,196,NULL_SSL_CTX -SSL,197,NULL_SSL_METHOD_PASSED -SSL,198,OLD_SESSION_CIPHER_NOT_RETURNED -SSL,273,OLD_SESSION_VERSION_NOT_RETURNED -SSL,274,OUTPUT_ALIASES_INPUT -SSL,199,PACKET_LENGTH_TOO_LONG -SSL,200,PARSE_TLSEXT -SSL,201,PATH_TOO_LONG -SSL,202,PEER_DID_NOT_RETURN_A_CERTIFICATE -SSL,203,PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE -SSL,204,PROTOCOL_IS_SHUTDOWN -SSL,205,PSK_IDENTITY_NOT_FOUND -SSL,206,PSK_NO_CLIENT_CB -SSL,207,PSK_NO_SERVER_CB -SSL,208,READ_BIO_NOT_SET -SSL,209,READ_TIMEOUT_EXPIRED -SSL,210,RECORD_LENGTH_MISMATCH -SSL,211,RECORD_TOO_LARGE -SSL,212,RENEGOTIATE_EXT_TOO_LONG -SSL,213,RENEGOTIATION_ENCODING_ERR -SSL,214,RENEGOTIATION_MISMATCH -SSL,215,REQUIRED_CIPHER_MISSING -SSL,275,RESUMED_EMS_SESSION_WITHOUT_EMS_EXTENSION -SSL,277,RESUMED_NON_EMS_SESSION_WITH_EMS_EXTENSION -SSL,216,SCSV_RECEIVED_WHEN_RENEGOTIATING -SSL,217,SERVERHELLO_TLSEXT -SSL,218,SESSION_ID_CONTEXT_UNINITIALIZED -SSL,219,SESSION_MAY_NOT_BE_CREATED -SSL,220,SIGNATURE_ALGORITHMS_ERROR -SSL,280,SIGNATURE_ALGORITHMS_EXTENSION_SENT_BY_SERVER -SSL,221,SRTP_COULD_NOT_ALLOCATE_PROFILES -SSL,222,SRTP_PROTECTION_PROFILE_LIST_TOO_LONG -SSL,223,SRTP_UNKNOWN_PROTECTION_PROFILE -SSL,224,SSL3_EXT_INVALID_SERVERNAME -SSL,225,SSL3_EXT_INVALID_SERVERNAME_TYPE -SSL,1042,SSLV3_ALERT_BAD_CERTIFICATE -SSL,1020,SSLV3_ALERT_BAD_RECORD_MAC -SSL,1045,SSLV3_ALERT_CERTIFICATE_EXPIRED -SSL,1044,SSLV3_ALERT_CERTIFICATE_REVOKED -SSL,1046,SSLV3_ALERT_CERTIFICATE_UNKNOWN -SSL,1000,SSLV3_ALERT_CLOSE_NOTIFY -SSL,1030,SSLV3_ALERT_DECOMPRESSION_FAILURE -SSL,1040,SSLV3_ALERT_HANDSHAKE_FAILURE -SSL,1047,SSLV3_ALERT_ILLEGAL_PARAMETER -SSL,1041,SSLV3_ALERT_NO_CERTIFICATE -SSL,1010,SSLV3_ALERT_UNEXPECTED_MESSAGE -SSL,1043,SSLV3_ALERT_UNSUPPORTED_CERTIFICATE -SSL,226,SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION -SSL,227,SSL_HANDSHAKE_FAILURE -SSL,228,SSL_SESSION_ID_CALLBACK_FAILED -SSL,229,SSL_SESSION_ID_CONFLICT -SSL,230,SSL_SESSION_ID_CONTEXT_TOO_LONG -SSL,231,SSL_SESSION_ID_HAS_BAD_LENGTH -SSL,1049,TLSV1_ALERT_ACCESS_DENIED -SSL,1050,TLSV1_ALERT_DECODE_ERROR -SSL,1021,TLSV1_ALERT_DECRYPTION_FAILED -SSL,1051,TLSV1_ALERT_DECRYPT_ERROR -SSL,1060,TLSV1_ALERT_EXPORT_RESTRICTION -SSL,1086,TLSV1_ALERT_INAPPROPRIATE_FALLBACK -SSL,1071,TLSV1_ALERT_INSUFFICIENT_SECURITY -SSL,1080,TLSV1_ALERT_INTERNAL_ERROR -SSL,1100,TLSV1_ALERT_NO_RENEGOTIATION -SSL,1070,TLSV1_ALERT_PROTOCOL_VERSION -SSL,1022,TLSV1_ALERT_RECORD_OVERFLOW -SSL,1048,TLSV1_ALERT_UNKNOWN_CA -SSL,1090,TLSV1_ALERT_USER_CANCELLED -SSL,1114,TLSV1_BAD_CERTIFICATE_HASH_VALUE -SSL,1113,TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE -SSL,1111,TLSV1_CERTIFICATE_UNOBTAINABLE -SSL,1112,TLSV1_UNRECOGNIZED_NAME -SSL,1110,TLSV1_UNSUPPORTED_EXTENSION -SSL,232,TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER -SSL,233,TLS_ILLEGAL_EXPORTER_LABEL -SSL,234,TLS_INVALID_ECPOINTFORMAT_LIST -SSL,235,TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST -SSL,236,TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG -SSL,237,TOO_MANY_EMPTY_FRAGMENTS -SSL,278,TOO_MANY_WARNING_ALERTS -SSL,238,UNABLE_TO_FIND_ECDH_PARAMETERS -SSL,239,UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS -SSL,279,UNEXPECTED_EXTENSION -SSL,240,UNEXPECTED_GROUP_CLOSE -SSL,241,UNEXPECTED_MESSAGE -SSL,242,UNEXPECTED_OPERATOR_IN_GROUP -SSL,243,UNEXPECTED_RECORD -SSL,244,UNINITIALIZED -SSL,245,UNKNOWN_ALERT_TYPE -SSL,246,UNKNOWN_CERTIFICATE_TYPE -SSL,247,UNKNOWN_CIPHER_RETURNED -SSL,248,UNKNOWN_CIPHER_TYPE -SSL,249,UNKNOWN_DIGEST -SSL,250,UNKNOWN_KEY_EXCHANGE_TYPE -SSL,251,UNKNOWN_PROTOCOL -SSL,252,UNKNOWN_SSL_VERSION -SSL,253,UNKNOWN_STATE -SSL,254,UNPROCESSED_HANDSHAKE_DATA -SSL,255,UNSAFE_LEGACY_RENEGOTIATION_DISABLED -SSL,256,UNSUPPORTED_CIPHER -SSL,257,UNSUPPORTED_COMPRESSION_ALGORITHM -SSL,258,UNSUPPORTED_ELLIPTIC_CURVE -SSL,259,UNSUPPORTED_PROTOCOL -SSL,260,UNSUPPORTED_SSL_VERSION -SSL,261,USE_SRTP_NOT_NEGOTIATED -SSL,262,WRONG_CERTIFICATE_TYPE -SSL,263,WRONG_CIPHER_RETURNED -SSL,264,WRONG_CURVE -SSL,265,WRONG_MESSAGE_TYPE -SSL,266,WRONG_SIGNATURE_TYPE -SSL,267,WRONG_SSL_VERSION -SSL,268,WRONG_VERSION_NUMBER -SSL,269,X509_LIB -SSL,270,X509_VERIFICATION_SETUP_PROBLEMS +SSL,function,276,SSL_AEAD_CTX_new +SSL,function,277,SSL_AEAD_CTX_open +SSL,function,278,SSL_AEAD_CTX_seal +SSL,function,100,SSL_CTX_check_private_key +SSL,function,101,SSL_CTX_new +SSL,function,272,SSL_CTX_set1_tls_channel_id +SSL,function,102,SSL_CTX_set_cipher_list +SSL,function,103,SSL_CTX_set_cipher_list_tls11 +SSL,function,104,SSL_CTX_set_session_id_context +SSL,function,268,SSL_CTX_set_tmp_dh +SSL,function,269,SSL_CTX_set_tmp_ecdh +SSL,function,105,SSL_CTX_use_PrivateKey +SSL,function,106,SSL_CTX_use_PrivateKey_ASN1 +SSL,function,107,SSL_CTX_use_PrivateKey_file +SSL,function,108,SSL_CTX_use_RSAPrivateKey +SSL,function,109,SSL_CTX_use_RSAPrivateKey_ASN1 +SSL,function,110,SSL_CTX_use_RSAPrivateKey_file +SSL,function,111,SSL_CTX_use_certificate +SSL,function,112,SSL_CTX_use_certificate_ASN1 +SSL,function,113,SSL_CTX_use_certificate_chain_file +SSL,function,114,SSL_CTX_use_certificate_file +SSL,function,115,SSL_CTX_use_psk_identity_hint +SSL,function,280,SSL_SESSION_from_bytes +SSL,function,116,SSL_SESSION_new +SSL,function,281,SSL_SESSION_parse +SSL,function,150,SSL_SESSION_parse_octet_string +SSL,function,151,SSL_SESSION_parse_string +SSL,function,117,SSL_SESSION_print_fp +SSL,function,118,SSL_SESSION_set1_id_context +SSL,function,119,SSL_SESSION_to_bytes_full +SSL,function,120,SSL_accept +SSL,function,121,SSL_add_dir_cert_subjects_to_stack +SSL,function,122,SSL_add_file_cert_subjects_to_stack +SSL,function,123,SSL_check_private_key +SSL,function,124,SSL_clear +SSL,function,125,SSL_connect +SSL,function,126,SSL_do_handshake +SSL,function,127,SSL_load_client_CA_file +SSL,function,128,SSL_new +SSL,function,129,SSL_peek +SSL,function,130,SSL_read +SSL,function,131,SSL_renegotiate +SSL,function,273,SSL_set1_tls_channel_id +SSL,function,132,SSL_set_cipher_list +SSL,function,133,SSL_set_fd +SSL,function,134,SSL_set_rfd +SSL,function,135,SSL_set_session_id_context +SSL,function,274,SSL_set_tlsext_host_name +SSL,function,270,SSL_set_tmp_dh +SSL,function,271,SSL_set_tmp_ecdh +SSL,function,136,SSL_set_wfd +SSL,function,137,SSL_shutdown +SSL,function,138,SSL_use_PrivateKey +SSL,function,139,SSL_use_PrivateKey_ASN1 +SSL,function,140,SSL_use_PrivateKey_file +SSL,function,141,SSL_use_RSAPrivateKey +SSL,function,142,SSL_use_RSAPrivateKey_ASN1 +SSL,function,143,SSL_use_RSAPrivateKey_file +SSL,function,144,SSL_use_certificate +SSL,function,145,SSL_use_certificate_ASN1 +SSL,function,146,SSL_use_certificate_file +SSL,function,147,SSL_use_psk_identity_hint +SSL,function,148,SSL_write +SSL,function,149,d2i_SSL_SESSION +SSL,function,152,do_ssl3_write +SSL,function,153,dtls1_accept +SSL,function,154,dtls1_buffer_record +SSL,function,155,dtls1_check_timeout_num +SSL,function,156,dtls1_connect +SSL,function,157,dtls1_do_write +SSL,function,263,dtls1_get_buffered_message +SSL,function,158,dtls1_get_hello_verify +SSL,function,159,dtls1_get_message +SSL,function,160,dtls1_get_message_fragment +SSL,function,265,dtls1_hm_fragment_new +SSL,function,161,dtls1_preprocess_fragment +SSL,function,264,dtls1_process_fragment +SSL,function,162,dtls1_process_record +SSL,function,163,dtls1_read_bytes +SSL,function,279,dtls1_seal_record +SSL,function,164,dtls1_send_hello_verify_request +SSL,function,165,dtls1_write_app_data +SSL,function,166,i2d_SSL_SESSION +SSL,function,167,ssl3_accept +SSL,function,169,ssl3_cert_verify_hash +SSL,function,170,ssl3_check_cert_and_algorithm +SSL,function,282,ssl3_check_certificate_for_cipher +SSL,function,171,ssl3_connect +SSL,function,172,ssl3_ctrl +SSL,function,173,ssl3_ctx_ctrl +SSL,function,174,ssl3_digest_cached_records +SSL,function,175,ssl3_do_change_cipher_spec +SSL,function,176,ssl3_expect_change_cipher_spec +SSL,function,177,ssl3_get_cert_status +SSL,function,178,ssl3_get_cert_verify +SSL,function,179,ssl3_get_certificate_request +SSL,function,180,ssl3_get_channel_id +SSL,function,181,ssl3_get_client_certificate +SSL,function,182,ssl3_get_client_hello +SSL,function,183,ssl3_get_client_key_exchange +SSL,function,184,ssl3_get_finished +SSL,function,185,ssl3_get_initial_bytes +SSL,function,186,ssl3_get_message +SSL,function,187,ssl3_get_new_session_ticket +SSL,function,188,ssl3_get_next_proto +SSL,function,189,ssl3_get_record +SSL,function,190,ssl3_get_server_certificate +SSL,function,191,ssl3_get_server_done +SSL,function,192,ssl3_get_server_hello +SSL,function,193,ssl3_get_server_key_exchange +SSL,function,194,ssl3_get_v2_client_hello +SSL,function,195,ssl3_handshake_mac +SSL,function,275,ssl3_output_cert_chain +SSL,function,196,ssl3_prf +SSL,function,197,ssl3_read_bytes +SSL,function,198,ssl3_read_n +SSL,function,267,ssl3_record_sequence_update +SSL,function,266,ssl3_seal_record +SSL,function,199,ssl3_send_cert_verify +SSL,function,200,ssl3_send_certificate_request +SSL,function,201,ssl3_send_channel_id +SSL,function,202,ssl3_send_client_certificate +SSL,function,203,ssl3_send_client_hello +SSL,function,204,ssl3_send_client_key_exchange +SSL,function,205,ssl3_send_server_certificate +SSL,function,206,ssl3_send_server_hello +SSL,function,207,ssl3_send_server_key_exchange +SSL,function,208,ssl3_setup_read_buffer +SSL,function,209,ssl3_setup_write_buffer +SSL,function,210,ssl3_write_bytes +SSL,function,211,ssl3_write_pending +SSL,function,212,ssl_add_cert_chain +SSL,function,213,ssl_add_cert_to_buf +SSL,function,214,ssl_add_clienthello_renegotiate_ext +SSL,function,215,ssl_add_clienthello_tlsext +SSL,function,216,ssl_add_clienthello_use_srtp_ext +SSL,function,217,ssl_add_serverhello_renegotiate_ext +SSL,function,218,ssl_add_serverhello_tlsext +SSL,function,219,ssl_add_serverhello_use_srtp_ext +SSL,function,220,ssl_build_cert_chain +SSL,function,221,ssl_bytes_to_cipher_list +SSL,function,222,ssl_cert_dup +SSL,function,223,ssl_cert_inst +SSL,function,224,ssl_cert_new +SSL,function,225,ssl_check_serverhello_tlsext +SSL,function,226,ssl_check_srvr_ecc_cert_and_alg +SSL,function,227,ssl_cipher_process_rulestr +SSL,function,228,ssl_cipher_strength_sort +SSL,function,229,ssl_create_cipher_list +SSL,function,230,ssl_ctx_log_master_secret +SSL,function,231,ssl_ctx_log_rsa_client_key_exchange +SSL,function,232,ssl_ctx_make_profiles +SSL,function,233,ssl_get_new_session +SSL,function,234,ssl_get_prev_session +SSL,function,235,ssl_get_server_cert_index +SSL,function,236,ssl_get_sign_pkey +SSL,function,237,ssl_init_wbio_buffer +SSL,function,238,ssl_parse_clienthello_renegotiate_ext +SSL,function,239,ssl_parse_clienthello_tlsext +SSL,function,240,ssl_parse_clienthello_use_srtp_ext +SSL,function,241,ssl_parse_serverhello_renegotiate_ext +SSL,function,242,ssl_parse_serverhello_tlsext +SSL,function,243,ssl_parse_serverhello_use_srtp_ext +SSL,function,244,ssl_scan_clienthello_tlsext +SSL,function,245,ssl_scan_serverhello_tlsext +SSL,function,246,ssl_sess_cert_new +SSL,function,247,ssl_set_cert +SSL,function,248,ssl_set_pkey +SSL,function,252,ssl_verify_cert_chain +SSL,function,253,tls12_check_peer_sigalg +SSL,function,254,tls1_aead_ctx_init +SSL,function,255,tls1_cert_verify_mac +SSL,function,256,tls1_change_cipher_state +SSL,function,257,tls1_change_cipher_state_aead +SSL,function,258,tls1_check_duplicate_extensions +SSL,function,259,tls1_enc +SSL,function,260,tls1_export_keying_material +SSL,function,261,tls1_prf +SSL,function,262,tls1_setup_key_block +SSL,reason,100,APP_DATA_IN_HANDSHAKE +SSL,reason,101,ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT +SSL,reason,102,BAD_ALERT +SSL,reason,103,BAD_CHANGE_CIPHER_SPEC +SSL,reason,104,BAD_DATA_RETURNED_BY_CALLBACK +SSL,reason,105,BAD_DH_P_LENGTH +SSL,reason,106,BAD_DIGEST_LENGTH +SSL,reason,107,BAD_ECC_CERT +SSL,reason,108,BAD_ECPOINT +SSL,reason,109,BAD_HANDSHAKE_LENGTH +SSL,reason,110,BAD_HANDSHAKE_RECORD +SSL,reason,111,BAD_HELLO_REQUEST +SSL,reason,112,BAD_LENGTH +SSL,reason,113,BAD_PACKET_LENGTH +SSL,reason,114,BAD_RSA_ENCRYPT +SSL,reason,115,BAD_SIGNATURE +SSL,reason,116,BAD_SRTP_MKI_VALUE +SSL,reason,117,BAD_SRTP_PROTECTION_PROFILE_LIST +SSL,reason,118,BAD_SSL_FILETYPE +SSL,reason,119,BAD_WRITE_RETRY +SSL,reason,120,BIO_NOT_SET +SSL,reason,121,BN_LIB +SSL,reason,272,BUFFER_TOO_SMALL +SSL,reason,122,CANNOT_SERIALIZE_PUBLIC_KEY +SSL,reason,123,CA_DN_LENGTH_MISMATCH +SSL,reason,124,CA_DN_TOO_LONG +SSL,reason,125,CCS_RECEIVED_EARLY +SSL,reason,126,CERTIFICATE_VERIFY_FAILED +SSL,reason,127,CERT_CB_ERROR +SSL,reason,128,CERT_LENGTH_MISMATCH +SSL,reason,129,CHANNEL_ID_NOT_P256 +SSL,reason,130,CHANNEL_ID_SIGNATURE_INVALID +SSL,reason,131,CIPHER_CODE_WRONG_LENGTH +SSL,reason,132,CIPHER_OR_HASH_UNAVAILABLE +SSL,reason,133,CLIENTHELLO_PARSE_FAILED +SSL,reason,134,CLIENTHELLO_TLSEXT +SSL,reason,135,CONNECTION_REJECTED +SSL,reason,136,CONNECTION_TYPE_NOT_SET +SSL,reason,137,COOKIE_MISMATCH +SSL,reason,138,D2I_ECDSA_SIG +SSL,reason,139,DATA_BETWEEN_CCS_AND_FINISHED +SSL,reason,140,DATA_LENGTH_TOO_LONG +SSL,reason,141,DECODE_ERROR +SSL,reason,142,DECRYPTION_FAILED +SSL,reason,143,DECRYPTION_FAILED_OR_BAD_RECORD_MAC +SSL,reason,144,DH_PUBLIC_VALUE_LENGTH_IS_WRONG +SSL,reason,145,DIGEST_CHECK_FAILED +SSL,reason,146,DTLS_MESSAGE_TOO_BIG +SSL,reason,147,ECC_CERT_NOT_FOR_SIGNING +SSL,reason,148,EMPTY_SRTP_PROTECTION_PROFILE_LIST +SSL,reason,276,EMS_STATE_INCONSISTENT +SSL,reason,149,ENCRYPTED_LENGTH_TOO_LONG +SSL,reason,150,ERROR_IN_RECEIVED_CIPHER_LIST +SSL,reason,151,EVP_DIGESTSIGNFINAL_FAILED +SSL,reason,152,EVP_DIGESTSIGNINIT_FAILED +SSL,reason,153,EXCESSIVE_MESSAGE_SIZE +SSL,reason,154,EXTRA_DATA_IN_MESSAGE +SSL,reason,271,FRAGMENT_MISMATCH +SSL,reason,155,GOT_A_FIN_BEFORE_A_CCS +SSL,reason,156,GOT_CHANNEL_ID_BEFORE_A_CCS +SSL,reason,157,GOT_NEXT_PROTO_BEFORE_A_CCS +SSL,reason,158,GOT_NEXT_PROTO_WITHOUT_EXTENSION +SSL,reason,159,HANDSHAKE_FAILURE_ON_CLIENT_HELLO +SSL,reason,160,HANDSHAKE_RECORD_BEFORE_CCS +SSL,reason,161,HTTPS_PROXY_REQUEST +SSL,reason,162,HTTP_REQUEST +SSL,reason,163,INAPPROPRIATE_FALLBACK +SSL,reason,164,INVALID_COMMAND +SSL,reason,165,INVALID_MESSAGE +SSL,reason,166,INVALID_SSL_SESSION +SSL,reason,167,INVALID_TICKET_KEYS_LENGTH +SSL,reason,168,LENGTH_MISMATCH +SSL,reason,169,LIBRARY_HAS_NO_CIPHERS +SSL,reason,170,MISSING_DH_KEY +SSL,reason,171,MISSING_ECDSA_SIGNING_CERT +SSL,reason,172,MISSING_RSA_CERTIFICATE +SSL,reason,173,MISSING_RSA_ENCRYPTING_CERT +SSL,reason,174,MISSING_RSA_SIGNING_CERT +SSL,reason,175,MISSING_TMP_DH_KEY +SSL,reason,176,MISSING_TMP_ECDH_KEY +SSL,reason,177,MIXED_SPECIAL_OPERATOR_WITH_GROUPS +SSL,reason,178,MTU_TOO_SMALL +SSL,reason,179,NESTED_GROUP +SSL,reason,180,NO_CERTIFICATES_RETURNED +SSL,reason,181,NO_CERTIFICATE_ASSIGNED +SSL,reason,182,NO_CERTIFICATE_SET +SSL,reason,183,NO_CIPHERS_AVAILABLE +SSL,reason,184,NO_CIPHERS_PASSED +SSL,reason,185,NO_CIPHERS_SPECIFIED +SSL,reason,186,NO_CIPHER_MATCH +SSL,reason,187,NO_COMPRESSION_SPECIFIED +SSL,reason,188,NO_METHOD_SPECIFIED +SSL,reason,189,NO_P256_SUPPORT +SSL,reason,190,NO_PRIVATE_KEY_ASSIGNED +SSL,reason,191,NO_RENEGOTIATION +SSL,reason,192,NO_REQUIRED_DIGEST +SSL,reason,193,NO_SHARED_CIPHER +SSL,reason,194,NO_SHARED_SIGATURE_ALGORITHMS +SSL,reason,195,NO_SRTP_PROFILES +SSL,reason,196,NULL_SSL_CTX +SSL,reason,197,NULL_SSL_METHOD_PASSED +SSL,reason,198,OLD_SESSION_CIPHER_NOT_RETURNED +SSL,reason,273,OLD_SESSION_VERSION_NOT_RETURNED +SSL,reason,274,OUTPUT_ALIASES_INPUT +SSL,reason,199,PACKET_LENGTH_TOO_LONG +SSL,reason,200,PARSE_TLSEXT +SSL,reason,201,PATH_TOO_LONG +SSL,reason,202,PEER_DID_NOT_RETURN_A_CERTIFICATE +SSL,reason,203,PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE +SSL,reason,204,PROTOCOL_IS_SHUTDOWN +SSL,reason,205,PSK_IDENTITY_NOT_FOUND +SSL,reason,206,PSK_NO_CLIENT_CB +SSL,reason,207,PSK_NO_SERVER_CB +SSL,reason,208,READ_BIO_NOT_SET +SSL,reason,209,READ_TIMEOUT_EXPIRED +SSL,reason,210,RECORD_LENGTH_MISMATCH +SSL,reason,211,RECORD_TOO_LARGE +SSL,reason,212,RENEGOTIATE_EXT_TOO_LONG +SSL,reason,213,RENEGOTIATION_ENCODING_ERR +SSL,reason,214,RENEGOTIATION_MISMATCH +SSL,reason,215,REQUIRED_CIPHER_MISSING +SSL,reason,275,RESUMED_EMS_SESSION_WITHOUT_EMS_EXTENSION +SSL,reason,277,RESUMED_NON_EMS_SESSION_WITH_EMS_EXTENSION +SSL,reason,216,SCSV_RECEIVED_WHEN_RENEGOTIATING +SSL,reason,217,SERVERHELLO_TLSEXT +SSL,reason,218,SESSION_ID_CONTEXT_UNINITIALIZED +SSL,reason,219,SESSION_MAY_NOT_BE_CREATED +SSL,reason,220,SIGNATURE_ALGORITHMS_ERROR +SSL,reason,221,SRTP_COULD_NOT_ALLOCATE_PROFILES +SSL,reason,222,SRTP_PROTECTION_PROFILE_LIST_TOO_LONG +SSL,reason,223,SRTP_UNKNOWN_PROTECTION_PROFILE +SSL,reason,224,SSL3_EXT_INVALID_SERVERNAME +SSL,reason,225,SSL3_EXT_INVALID_SERVERNAME_TYPE +SSL,reason,1042,SSLV3_ALERT_BAD_CERTIFICATE +SSL,reason,1020,SSLV3_ALERT_BAD_RECORD_MAC +SSL,reason,1045,SSLV3_ALERT_CERTIFICATE_EXPIRED +SSL,reason,1044,SSLV3_ALERT_CERTIFICATE_REVOKED +SSL,reason,1046,SSLV3_ALERT_CERTIFICATE_UNKNOWN +SSL,reason,1000,SSLV3_ALERT_CLOSE_NOTIFY +SSL,reason,1030,SSLV3_ALERT_DECOMPRESSION_FAILURE +SSL,reason,1040,SSLV3_ALERT_HANDSHAKE_FAILURE +SSL,reason,1047,SSLV3_ALERT_ILLEGAL_PARAMETER +SSL,reason,1041,SSLV3_ALERT_NO_CERTIFICATE +SSL,reason,1010,SSLV3_ALERT_UNEXPECTED_MESSAGE +SSL,reason,1043,SSLV3_ALERT_UNSUPPORTED_CERTIFICATE +SSL,reason,226,SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION +SSL,reason,227,SSL_HANDSHAKE_FAILURE +SSL,reason,228,SSL_SESSION_ID_CALLBACK_FAILED +SSL,reason,229,SSL_SESSION_ID_CONFLICT +SSL,reason,230,SSL_SESSION_ID_CONTEXT_TOO_LONG +SSL,reason,231,SSL_SESSION_ID_HAS_BAD_LENGTH +SSL,reason,1049,TLSV1_ALERT_ACCESS_DENIED +SSL,reason,1050,TLSV1_ALERT_DECODE_ERROR +SSL,reason,1021,TLSV1_ALERT_DECRYPTION_FAILED +SSL,reason,1051,TLSV1_ALERT_DECRYPT_ERROR +SSL,reason,1060,TLSV1_ALERT_EXPORT_RESTRICTION +SSL,reason,1086,TLSV1_ALERT_INAPPROPRIATE_FALLBACK +SSL,reason,1071,TLSV1_ALERT_INSUFFICIENT_SECURITY +SSL,reason,1080,TLSV1_ALERT_INTERNAL_ERROR +SSL,reason,1100,TLSV1_ALERT_NO_RENEGOTIATION +SSL,reason,1070,TLSV1_ALERT_PROTOCOL_VERSION +SSL,reason,1022,TLSV1_ALERT_RECORD_OVERFLOW +SSL,reason,1048,TLSV1_ALERT_UNKNOWN_CA +SSL,reason,1090,TLSV1_ALERT_USER_CANCELLED +SSL,reason,1114,TLSV1_BAD_CERTIFICATE_HASH_VALUE +SSL,reason,1113,TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE +SSL,reason,1111,TLSV1_CERTIFICATE_UNOBTAINABLE +SSL,reason,1112,TLSV1_UNRECOGNIZED_NAME +SSL,reason,1110,TLSV1_UNSUPPORTED_EXTENSION +SSL,reason,232,TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER +SSL,reason,233,TLS_ILLEGAL_EXPORTER_LABEL +SSL,reason,234,TLS_INVALID_ECPOINTFORMAT_LIST +SSL,reason,235,TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST +SSL,reason,236,TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG +SSL,reason,237,TOO_MANY_EMPTY_FRAGMENTS +SSL,reason,238,UNABLE_TO_FIND_ECDH_PARAMETERS +SSL,reason,239,UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS +SSL,reason,240,UNEXPECTED_GROUP_CLOSE +SSL,reason,241,UNEXPECTED_MESSAGE +SSL,reason,242,UNEXPECTED_OPERATOR_IN_GROUP +SSL,reason,243,UNEXPECTED_RECORD +SSL,reason,244,UNINITIALIZED +SSL,reason,245,UNKNOWN_ALERT_TYPE +SSL,reason,246,UNKNOWN_CERTIFICATE_TYPE +SSL,reason,247,UNKNOWN_CIPHER_RETURNED +SSL,reason,248,UNKNOWN_CIPHER_TYPE +SSL,reason,249,UNKNOWN_DIGEST +SSL,reason,250,UNKNOWN_KEY_EXCHANGE_TYPE +SSL,reason,251,UNKNOWN_PROTOCOL +SSL,reason,252,UNKNOWN_SSL_VERSION +SSL,reason,253,UNKNOWN_STATE +SSL,reason,254,UNPROCESSED_HANDSHAKE_DATA +SSL,reason,255,UNSAFE_LEGACY_RENEGOTIATION_DISABLED +SSL,reason,256,UNSUPPORTED_CIPHER +SSL,reason,257,UNSUPPORTED_COMPRESSION_ALGORITHM +SSL,reason,258,UNSUPPORTED_ELLIPTIC_CURVE +SSL,reason,259,UNSUPPORTED_PROTOCOL +SSL,reason,260,UNSUPPORTED_SSL_VERSION +SSL,reason,261,USE_SRTP_NOT_NEGOTIATED +SSL,reason,262,WRONG_CERTIFICATE_TYPE +SSL,reason,263,WRONG_CIPHER_RETURNED +SSL,reason,264,WRONG_CURVE +SSL,reason,265,WRONG_MESSAGE_TYPE +SSL,reason,266,WRONG_SIGNATURE_TYPE +SSL,reason,267,WRONG_SSL_VERSION +SSL,reason,268,WRONG_VERSION_NUMBER +SSL,reason,269,X509_LIB +SSL,reason,270,X509_VERIFICATION_SETUP_PROBLEMS diff --git a/src/crypto/err/x509.errordata b/src/crypto/err/x509.errordata index f4828ce..1b50e36 100644 --- a/src/crypto/err/x509.errordata +++ b/src/crypto/err/x509.errordata @@ -1,37 +1,96 @@ -X509,100,AKID_MISMATCH -X509,101,BAD_PKCS7_VERSION -X509,102,BAD_X509_FILETYPE -X509,103,BASE64_DECODE_ERROR -X509,104,CANT_CHECK_DH_KEY -X509,105,CERT_ALREADY_IN_HASH_TABLE -X509,106,CRL_ALREADY_DELTA -X509,107,CRL_VERIFY_FAILURE -X509,108,IDP_MISMATCH -X509,109,INVALID_BIT_STRING_BITS_LEFT -X509,110,INVALID_DIRECTORY -X509,111,INVALID_FIELD_NAME -X509,112,INVALID_TRUST -X509,113,ISSUER_MISMATCH -X509,114,KEY_TYPE_MISMATCH -X509,115,KEY_VALUES_MISMATCH -X509,116,LOADING_CERT_DIR -X509,117,LOADING_DEFAULTS -X509,118,METHOD_NOT_SUPPORTED -X509,119,NEWER_CRL_NOT_NEWER -X509,120,NOT_PKCS7_SIGNED_DATA -X509,121,NO_CERTIFICATES_INCLUDED -X509,122,NO_CERT_SET_FOR_US_TO_VERIFY -X509,136,NO_CRLS_INCLUDED -X509,123,NO_CRL_NUMBER -X509,124,PUBLIC_KEY_DECODE_ERROR -X509,125,PUBLIC_KEY_ENCODE_ERROR -X509,126,SHOULD_RETRY -X509,127,UNABLE_TO_FIND_PARAMETERS_IN_CHAIN -X509,128,UNABLE_TO_GET_CERTS_PUBLIC_KEY -X509,129,UNKNOWN_KEY_TYPE -X509,130,UNKNOWN_NID -X509,131,UNKNOWN_PURPOSE_ID -X509,132,UNKNOWN_TRUST_ID -X509,133,UNSUPPORTED_ALGORITHM -X509,134,WRONG_LOOKUP_TYPE -X509,135,WRONG_TYPE +X509,function,100,ASN1_digest +X509,function,101,ASN1_item_sign_ctx +X509,function,102,ASN1_item_verify +X509,function,103,NETSCAPE_SPKI_b64_decode +X509,function,104,NETSCAPE_SPKI_b64_encode +X509,function,158,PKCS7_get_CRLs +X509,function,105,PKCS7_get_certificates +X509,function,106,X509_ATTRIBUTE_create_by_NID +X509,function,107,X509_ATTRIBUTE_create_by_OBJ +X509,function,108,X509_ATTRIBUTE_create_by_txt +X509,function,109,X509_ATTRIBUTE_get0_data +X509,function,110,X509_ATTRIBUTE_set1_data +X509,function,111,X509_CRL_add0_revoked +X509,function,112,X509_CRL_diff +X509,function,113,X509_CRL_print_fp +X509,function,114,X509_EXTENSION_create_by_NID +X509,function,115,X509_EXTENSION_create_by_OBJ +X509,function,116,X509_INFO_new +X509,function,117,X509_NAME_ENTRY_create_by_NID +X509,function,118,X509_NAME_ENTRY_create_by_txt +X509,function,119,X509_NAME_ENTRY_set_object +X509,function,120,X509_NAME_add_entry +X509,function,121,X509_NAME_oneline +X509,function,122,X509_NAME_print +X509,function,123,X509_PKEY_new +X509,function,124,X509_PUBKEY_get +X509,function,125,X509_PUBKEY_set +X509,function,126,X509_REQ_check_private_key +X509,function,127,X509_REQ_to_X509 +X509,function,128,X509_STORE_CTX_get1_issuer +X509,function,129,X509_STORE_CTX_init +X509,function,130,X509_STORE_CTX_new +X509,function,131,X509_STORE_CTX_purpose_inherit +X509,function,132,X509_STORE_add_cert +X509,function,133,X509_STORE_add_crl +X509,function,134,X509_TRUST_add +X509,function,135,X509_TRUST_set +X509,function,136,X509_check_private_key +X509,function,137,X509_get_pubkey_parameters +X509,function,138,X509_load_cert_crl_file +X509,function,139,X509_load_cert_file +X509,function,140,X509_load_crl_file +X509,function,141,X509_print_ex_fp +X509,function,142,X509_to_X509_REQ +X509,function,143,X509_verify_cert +X509,function,144,X509at_add1_attr +X509,function,145,X509v3_add_ext +X509,function,146,add_cert_dir +X509,function,147,by_file_ctrl +X509,function,148,check_policy +X509,function,149,dir_ctrl +X509,function,150,get_cert_by_subject +X509,function,151,i2d_DSA_PUBKEY +X509,function,152,i2d_EC_PUBKEY +X509,function,153,i2d_RSA_PUBKEY +X509,function,157,pkcs7_parse_header +X509,function,154,x509_name_encode +X509,function,155,x509_name_ex_d2i +X509,function,156,x509_name_ex_new +X509,reason,100,AKID_MISMATCH +X509,reason,101,BAD_PKCS7_VERSION +X509,reason,102,BAD_X509_FILETYPE +X509,reason,103,BASE64_DECODE_ERROR +X509,reason,104,CANT_CHECK_DH_KEY +X509,reason,105,CERT_ALREADY_IN_HASH_TABLE +X509,reason,106,CRL_ALREADY_DELTA +X509,reason,107,CRL_VERIFY_FAILURE +X509,reason,108,IDP_MISMATCH +X509,reason,109,INVALID_BIT_STRING_BITS_LEFT +X509,reason,110,INVALID_DIRECTORY +X509,reason,111,INVALID_FIELD_NAME +X509,reason,112,INVALID_TRUST +X509,reason,113,ISSUER_MISMATCH +X509,reason,114,KEY_TYPE_MISMATCH +X509,reason,115,KEY_VALUES_MISMATCH +X509,reason,116,LOADING_CERT_DIR +X509,reason,117,LOADING_DEFAULTS +X509,reason,118,METHOD_NOT_SUPPORTED +X509,reason,119,NEWER_CRL_NOT_NEWER +X509,reason,120,NOT_PKCS7_SIGNED_DATA +X509,reason,121,NO_CERTIFICATES_INCLUDED +X509,reason,122,NO_CERT_SET_FOR_US_TO_VERIFY +X509,reason,136,NO_CRLS_INCLUDED +X509,reason,123,NO_CRL_NUMBER +X509,reason,124,PUBLIC_KEY_DECODE_ERROR +X509,reason,125,PUBLIC_KEY_ENCODE_ERROR +X509,reason,126,SHOULD_RETRY +X509,reason,127,UNABLE_TO_FIND_PARAMETERS_IN_CHAIN +X509,reason,128,UNABLE_TO_GET_CERTS_PUBLIC_KEY +X509,reason,129,UNKNOWN_KEY_TYPE +X509,reason,130,UNKNOWN_NID +X509,reason,131,UNKNOWN_PURPOSE_ID +X509,reason,132,UNKNOWN_TRUST_ID +X509,reason,133,UNSUPPORTED_ALGORITHM +X509,reason,134,WRONG_LOOKUP_TYPE +X509,reason,135,WRONG_TYPE diff --git a/src/crypto/err/x509v3.errordata b/src/crypto/err/x509v3.errordata index e53b780..059e677 100644 --- a/src/crypto/err/x509v3.errordata +++ b/src/crypto/err/x509v3.errordata @@ -1,63 +1,120 @@ -X509V3,100,BAD_IP_ADDRESS -X509V3,101,BAD_OBJECT -X509V3,102,BN_DEC2BN_ERROR -X509V3,103,BN_TO_ASN1_INTEGER_ERROR -X509V3,104,CANNOT_FIND_FREE_FUNCTION -X509V3,105,DIRNAME_ERROR -X509V3,106,DISTPOINT_ALREADY_SET -X509V3,107,DUPLICATE_ZONE_ID -X509V3,108,ERROR_CONVERTING_ZONE -X509V3,109,ERROR_CREATING_EXTENSION -X509V3,110,ERROR_IN_EXTENSION -X509V3,111,EXPECTED_A_SECTION_NAME -X509V3,112,EXTENSION_EXISTS -X509V3,113,EXTENSION_NAME_ERROR -X509V3,114,EXTENSION_NOT_FOUND -X509V3,115,EXTENSION_SETTING_NOT_SUPPORTED -X509V3,116,EXTENSION_VALUE_ERROR -X509V3,117,ILLEGAL_EMPTY_EXTENSION -X509V3,118,ILLEGAL_HEX_DIGIT -X509V3,119,INCORRECT_POLICY_SYNTAX_TAG -X509V3,120,INVALID_BOOLEAN_STRING -X509V3,121,INVALID_EXTENSION_STRING -X509V3,122,INVALID_MULTIPLE_RDNS -X509V3,123,INVALID_NAME -X509V3,124,INVALID_NULL_ARGUMENT -X509V3,125,INVALID_NULL_NAME -X509V3,126,INVALID_NULL_VALUE -X509V3,127,INVALID_NUMBER -X509V3,128,INVALID_NUMBERS -X509V3,129,INVALID_OBJECT_IDENTIFIER -X509V3,130,INVALID_OPTION -X509V3,131,INVALID_POLICY_IDENTIFIER -X509V3,132,INVALID_PROXY_POLICY_SETTING -X509V3,133,INVALID_PURPOSE -X509V3,134,INVALID_SECTION -X509V3,135,INVALID_SYNTAX -X509V3,136,ISSUER_DECODE_ERROR -X509V3,137,MISSING_VALUE -X509V3,138,NEED_ORGANIZATION_AND_NUMBERS -X509V3,139,NO_CONFIG_DATABASE -X509V3,140,NO_ISSUER_CERTIFICATE -X509V3,141,NO_ISSUER_DETAILS -X509V3,142,NO_POLICY_IDENTIFIER -X509V3,143,NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED -X509V3,144,NO_PUBLIC_KEY -X509V3,145,NO_SUBJECT_DETAILS -X509V3,146,ODD_NUMBER_OF_DIGITS -X509V3,147,OPERATION_NOT_DEFINED -X509V3,148,OTHERNAME_ERROR -X509V3,149,POLICY_LANGUAGE_ALREADY_DEFINED -X509V3,150,POLICY_PATH_LENGTH -X509V3,151,POLICY_PATH_LENGTH_ALREADY_DEFINED -X509V3,152,POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY -X509V3,153,SECTION_NOT_FOUND -X509V3,154,UNABLE_TO_GET_ISSUER_DETAILS -X509V3,155,UNABLE_TO_GET_ISSUER_KEYID -X509V3,156,UNKNOWN_BIT_STRING_ARGUMENT -X509V3,157,UNKNOWN_EXTENSION -X509V3,158,UNKNOWN_EXTENSION_NAME -X509V3,159,UNKNOWN_OPTION -X509V3,160,UNSUPPORTED_OPTION -X509V3,161,UNSUPPORTED_TYPE -X509V3,162,USER_TOO_LONG +X509V3,function,100,SXNET_add_id_INTEGER +X509V3,function,101,SXNET_add_id_asc +X509V3,function,102,SXNET_add_id_ulong +X509V3,function,103,SXNET_get_id_asc +X509V3,function,104,SXNET_get_id_ulong +X509V3,function,105,X509V3_EXT_add +X509V3,function,106,X509V3_EXT_add_alias +X509V3,function,107,X509V3_EXT_free +X509V3,function,108,X509V3_EXT_i2d +X509V3,function,109,X509V3_EXT_nconf +X509V3,function,110,X509V3_add1_i2d +X509V3,function,111,X509V3_add_value +X509V3,function,112,X509V3_get_section +X509V3,function,113,X509V3_get_string +X509V3,function,114,X509V3_get_value_bool +X509V3,function,115,X509V3_parse_list +X509V3,function,116,X509_PURPOSE_add +X509V3,function,117,X509_PURPOSE_set +X509V3,function,118,a2i_GENERAL_NAME +X509V3,function,119,copy_email +X509V3,function,120,copy_issuer +X509V3,function,121,do_dirname +X509V3,function,122,do_ext_i2d +X509V3,function,123,do_ext_nconf +X509V3,function,124,gnames_from_sectname +X509V3,function,125,hex_to_string +X509V3,function,126,i2s_ASN1_ENUMERATED +X509V3,function,127,i2s_ASN1_IA5STRING +X509V3,function,128,i2s_ASN1_INTEGER +X509V3,function,129,i2v_AUTHORITY_INFO_ACCESS +X509V3,function,130,notice_section +X509V3,function,131,nref_nos +X509V3,function,132,policy_section +X509V3,function,133,process_pci_value +X509V3,function,134,r2i_certpol +X509V3,function,135,r2i_pci +X509V3,function,136,s2i_ASN1_IA5STRING +X509V3,function,137,s2i_ASN1_INTEGER +X509V3,function,138,s2i_ASN1_OCTET_STRING +X509V3,function,139,s2i_skey_id +X509V3,function,140,set_dist_point_name +X509V3,function,141,string_to_hex +X509V3,function,142,v2i_ASN1_BIT_STRING +X509V3,function,143,v2i_AUTHORITY_INFO_ACCESS +X509V3,function,144,v2i_AUTHORITY_KEYID +X509V3,function,145,v2i_BASIC_CONSTRAINTS +X509V3,function,146,v2i_EXTENDED_KEY_USAGE +X509V3,function,147,v2i_GENERAL_NAMES +X509V3,function,148,v2i_GENERAL_NAME_ex +X509V3,function,149,v2i_NAME_CONSTRAINTS +X509V3,function,150,v2i_POLICY_CONSTRAINTS +X509V3,function,151,v2i_POLICY_MAPPINGS +X509V3,function,152,v2i_crld +X509V3,function,153,v2i_idp +X509V3,function,154,v2i_issuer_alt +X509V3,function,155,v2i_subject_alt +X509V3,function,156,v3_generic_extension +X509V3,reason,100,BAD_IP_ADDRESS +X509V3,reason,101,BAD_OBJECT +X509V3,reason,102,BN_DEC2BN_ERROR +X509V3,reason,103,BN_TO_ASN1_INTEGER_ERROR +X509V3,reason,104,CANNOT_FIND_FREE_FUNCTION +X509V3,reason,105,DIRNAME_ERROR +X509V3,reason,106,DISTPOINT_ALREADY_SET +X509V3,reason,107,DUPLICATE_ZONE_ID +X509V3,reason,108,ERROR_CONVERTING_ZONE +X509V3,reason,109,ERROR_CREATING_EXTENSION +X509V3,reason,110,ERROR_IN_EXTENSION +X509V3,reason,111,EXPECTED_A_SECTION_NAME +X509V3,reason,112,EXTENSION_EXISTS +X509V3,reason,113,EXTENSION_NAME_ERROR +X509V3,reason,114,EXTENSION_NOT_FOUND +X509V3,reason,115,EXTENSION_SETTING_NOT_SUPPORTED +X509V3,reason,116,EXTENSION_VALUE_ERROR +X509V3,reason,117,ILLEGAL_EMPTY_EXTENSION +X509V3,reason,118,ILLEGAL_HEX_DIGIT +X509V3,reason,119,INCORRECT_POLICY_SYNTAX_TAG +X509V3,reason,120,INVALID_BOOLEAN_STRING +X509V3,reason,121,INVALID_EXTENSION_STRING +X509V3,reason,122,INVALID_MULTIPLE_RDNS +X509V3,reason,123,INVALID_NAME +X509V3,reason,124,INVALID_NULL_ARGUMENT +X509V3,reason,125,INVALID_NULL_NAME +X509V3,reason,126,INVALID_NULL_VALUE +X509V3,reason,127,INVALID_NUMBER +X509V3,reason,128,INVALID_NUMBERS +X509V3,reason,129,INVALID_OBJECT_IDENTIFIER +X509V3,reason,130,INVALID_OPTION +X509V3,reason,131,INVALID_POLICY_IDENTIFIER +X509V3,reason,132,INVALID_PROXY_POLICY_SETTING +X509V3,reason,133,INVALID_PURPOSE +X509V3,reason,134,INVALID_SECTION +X509V3,reason,135,INVALID_SYNTAX +X509V3,reason,136,ISSUER_DECODE_ERROR +X509V3,reason,137,MISSING_VALUE +X509V3,reason,138,NEED_ORGANIZATION_AND_NUMBERS +X509V3,reason,139,NO_CONFIG_DATABASE +X509V3,reason,140,NO_ISSUER_CERTIFICATE +X509V3,reason,141,NO_ISSUER_DETAILS +X509V3,reason,142,NO_POLICY_IDENTIFIER +X509V3,reason,143,NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED +X509V3,reason,144,NO_PUBLIC_KEY +X509V3,reason,145,NO_SUBJECT_DETAILS +X509V3,reason,146,ODD_NUMBER_OF_DIGITS +X509V3,reason,147,OPERATION_NOT_DEFINED +X509V3,reason,148,OTHERNAME_ERROR +X509V3,reason,149,POLICY_LANGUAGE_ALREADY_DEFINED +X509V3,reason,150,POLICY_PATH_LENGTH +X509V3,reason,151,POLICY_PATH_LENGTH_ALREADY_DEFINED +X509V3,reason,152,POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY +X509V3,reason,153,SECTION_NOT_FOUND +X509V3,reason,154,UNABLE_TO_GET_ISSUER_DETAILS +X509V3,reason,155,UNABLE_TO_GET_ISSUER_KEYID +X509V3,reason,156,UNKNOWN_BIT_STRING_ARGUMENT +X509V3,reason,157,UNKNOWN_EXTENSION +X509V3,reason,158,UNKNOWN_EXTENSION_NAME +X509V3,reason,159,UNKNOWN_OPTION +X509V3,reason,160,UNSUPPORTED_OPTION +X509V3,reason,161,UNSUPPORTED_TYPE +X509V3,reason,162,USER_TOO_LONG diff --git a/src/crypto/evp/CMakeLists.txt b/src/crypto/evp/CMakeLists.txt index 5d2e918..5769fa4 100644 --- a/src/crypto/evp/CMakeLists.txt +++ b/src/crypto/evp/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( evp @@ -6,13 +6,15 @@ add_library( OBJECT algorithm.c + asn1.c digestsign.c evp.c - evp_asn1.c evp_ctx.c p_dsa_asn1.c p_ec.c p_ec_asn1.c + p_hmac.c + p_hmac_asn1.c p_rsa.c p_rsa_asn1.c pbkdf.c diff --git a/src/crypto/evp/algorithm.c b/src/crypto/evp/algorithm.c index 63bc77a..ea28dfa 100644 --- a/src/crypto/evp/algorithm.c +++ b/src/crypto/evp/algorithm.c @@ -74,7 +74,8 @@ int EVP_DigestSignAlgorithm(EVP_MD_CTX *ctx, X509_ALGOR *algor) { digest = EVP_MD_CTX_md(ctx); pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx); if (!digest || !pkey) { - OPENSSL_PUT_ERROR(EVP, EVP_R_CONTEXT_NOT_INITIALISED); + OPENSSL_PUT_ERROR(EVP, EVP_DigestSignAlgorithm, + EVP_R_CONTEXT_NOT_INITIALISED); return 0; } @@ -96,7 +97,8 @@ int EVP_DigestSignAlgorithm(EVP_MD_CTX *ctx, X509_ALGOR *algor) { * that. */ if (!OBJ_find_sigid_by_algs(&sign_nid, EVP_MD_type(digest), pkey->ameth->pkey_id)) { - OPENSSL_PUT_ERROR(EVP, EVP_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(EVP, EVP_DigestSignAlgorithm, + EVP_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); return 0; } @@ -120,21 +122,24 @@ int EVP_DigestVerifyInitFromAlgorithm(EVP_MD_CTX *ctx, /* Convert signature OID into digest and public key OIDs */ if (!OBJ_find_sigid_algs(OBJ_obj2nid(algor->algorithm), &digest_nid, &pkey_nid)) { - OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_SIGNATURE_ALGORITHM); + OPENSSL_PUT_ERROR(EVP, EVP_DigestVerifyInitFromAlgorithm, + EVP_R_UNKNOWN_SIGNATURE_ALGORITHM); return 0; } /* Check public key OID matches public key type */ ameth = EVP_PKEY_asn1_find(NULL, pkey_nid); if (ameth == NULL || ameth->pkey_id != pkey->ameth->pkey_id) { - OPENSSL_PUT_ERROR(EVP, EVP_R_WRONG_PUBLIC_KEY_TYPE); + OPENSSL_PUT_ERROR(EVP, EVP_DigestVerifyInitFromAlgorithm, + EVP_R_WRONG_PUBLIC_KEY_TYPE); return 0; } /* NID_undef signals that there are custom parameters to set. */ if (digest_nid == NID_undef) { if (!pkey->ameth || !pkey->ameth->digest_verify_init_from_algorithm) { - OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_SIGNATURE_ALGORITHM); + OPENSSL_PUT_ERROR(EVP, EVP_DigestVerifyInitFromAlgorithm, + EVP_R_UNKNOWN_SIGNATURE_ALGORITHM); return 0; } @@ -144,7 +149,8 @@ int EVP_DigestVerifyInitFromAlgorithm(EVP_MD_CTX *ctx, /* Otherwise, initialize with the digest from the OID. */ digest = EVP_get_digestbynid(digest_nid); if (digest == NULL) { - OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); + OPENSSL_PUT_ERROR(EVP, EVP_DigestVerifyInitFromAlgorithm, + EVP_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); return 0; } diff --git a/src/crypto/evp/asn1.c b/src/crypto/evp/asn1.c new file mode 100644 index 0000000..3df9f52 --- /dev/null +++ b/src/crypto/evp/asn1.c @@ -0,0 +1,167 @@ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ + +#include + +#include +#include +#include +#include + +#include "internal.h" + + +EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **out, const uint8_t **inp, + long len) { + EVP_PKEY *ret; + + if (out == NULL || *out == NULL) { + ret = EVP_PKEY_new(); + if (ret == NULL) { + OPENSSL_PUT_ERROR(EVP, d2i_PrivateKey, ERR_R_EVP_LIB); + return NULL; + } + } else { + ret = *out; + } + + if (!EVP_PKEY_set_type(ret, type)) { + OPENSSL_PUT_ERROR(EVP, d2i_PrivateKey, EVP_R_UNKNOWN_PUBLIC_KEY_TYPE); + goto err; + } + + if (!ret->ameth->old_priv_decode || + !ret->ameth->old_priv_decode(ret, inp, len)) { + if (ret->ameth->priv_decode) { + PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, inp, len); + if (!p8) { + goto err; + } + EVP_PKEY_free(ret); + ret = EVP_PKCS82PKEY(p8); + PKCS8_PRIV_KEY_INFO_free(p8); + } else { + OPENSSL_PUT_ERROR(EVP, d2i_PrivateKey, ERR_R_ASN1_LIB); + goto err; + } + } + + if (out != NULL) { + *out = ret; + } + return ret; + +err: + if (out == NULL || *out != ret) { + EVP_PKEY_free(ret); + } + return NULL; +} + +EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **out, const uint8_t **inp, long len) { + STACK_OF(ASN1_TYPE) *inkey; + const uint8_t *p; + int keytype; + p = *inp; + + /* Dirty trick: read in the ASN1 data into out STACK_OF(ASN1_TYPE): + * by analyzing it we can determine the passed structure: this + * assumes the input is surrounded by an ASN1 SEQUENCE. */ + inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, len); + /* Since we only need to discern "traditional format" RSA and DSA + * keys we can just count the elements. */ + if (sk_ASN1_TYPE_num(inkey) == 6) { + keytype = EVP_PKEY_DSA; + } else if (sk_ASN1_TYPE_num(inkey) == 4) { + keytype = EVP_PKEY_EC; + } else if (sk_ASN1_TYPE_num(inkey) == 3) { + /* This seems to be PKCS8, not traditional format */ + PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, inp, len); + EVP_PKEY *ret; + + sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); + if (!p8) { + OPENSSL_PUT_ERROR(EVP, d2i_AutoPrivateKey, + EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE); + return NULL; + } + ret = EVP_PKCS82PKEY(p8); + PKCS8_PRIV_KEY_INFO_free(p8); + if (out) { + *out = ret; + } + return ret; + } else { + keytype = EVP_PKEY_RSA; + } + + sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); + return d2i_PrivateKey(keytype, out, inp, len); +} + +int i2d_PublicKey(EVP_PKEY *key, uint8_t **outp) { + switch (key->type) { + case EVP_PKEY_RSA: + return i2d_RSAPublicKey(key->pkey.rsa, outp); + case EVP_PKEY_DSA: + return i2d_DSAPublicKey(key->pkey.dsa, outp); + case EVP_PKEY_EC: + return i2o_ECPublicKey(key->pkey.ec, outp); + default: + OPENSSL_PUT_ERROR(EVP, i2d_PublicKey, EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE); + return -1; + } +} diff --git a/src/crypto/evp/digestsign.c b/src/crypto/evp/digestsign.c index ccb4de4..c163d40 100644 --- a/src/crypto/evp/digestsign.c +++ b/src/crypto/evp/digestsign.c @@ -62,9 +62,17 @@ #include "../digest/internal.h" +/* md_begin_digset is a callback from the |EVP_MD_CTX| code that is called when + * a new digest is begun. */ +static int md_begin_digest(EVP_MD_CTX *ctx) { + return EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG, + EVP_PKEY_CTRL_DIGESTINIT, 0, ctx); +} + static const struct evp_md_pctx_ops md_pctx_ops = { EVP_PKEY_CTX_free, EVP_PKEY_CTX_dup, + md_begin_digest, }; static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, @@ -83,16 +91,26 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, } if (type == NULL) { - OPENSSL_PUT_ERROR(EVP, EVP_R_NO_DEFAULT_DIGEST); + OPENSSL_PUT_ERROR(EVP, do_sigver_init, EVP_R_NO_DEFAULT_DIGEST); return 0; } if (is_verify) { - if (!EVP_PKEY_verify_init(ctx->pctx)) { + if (ctx->pctx->pmeth->verifyctx_init) { + if (!ctx->pctx->pmeth->verifyctx_init(ctx->pctx, ctx)) { + return 0; + } + ctx->pctx->operation = EVP_PKEY_OP_VERIFYCTX; + } else if (!EVP_PKEY_verify_init(ctx->pctx)) { return 0; } } else { - if (!EVP_PKEY_sign_init(ctx->pctx)) { + if (ctx->pctx->pmeth->signctx_init) { + if (!ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx)) { + return 0; + } + ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX; + } else if (!EVP_PKEY_sign_init(ctx->pctx)) { return 0; } } @@ -128,37 +146,59 @@ int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *data, size_t len) { int EVP_DigestSignFinal(EVP_MD_CTX *ctx, uint8_t *out_sig, size_t *out_sig_len) { + int r = 0; + const int has_signctx = ctx->pctx->pmeth->signctx != NULL; + if (out_sig) { EVP_MD_CTX tmp_ctx; - int ret; uint8_t md[EVP_MAX_MD_SIZE]; unsigned int mdlen; EVP_MD_CTX_init(&tmp_ctx); - ret = EVP_MD_CTX_copy_ex(&tmp_ctx, ctx) && - EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen) && - EVP_PKEY_sign(ctx->pctx, out_sig, out_sig_len, md, mdlen); + if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx)) { + return 0; + } + if (has_signctx) { + r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx, out_sig, out_sig_len, &tmp_ctx); + } else { + r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen); + if (r) { + r = EVP_PKEY_sign(ctx->pctx, out_sig, out_sig_len, md, mdlen); + } + } EVP_MD_CTX_cleanup(&tmp_ctx); - - return ret; + return r; } else { - size_t s = EVP_MD_size(ctx->digest); - return EVP_PKEY_sign(ctx->pctx, out_sig, out_sig_len, NULL, s); + if (has_signctx) { + return ctx->pctx->pmeth->signctx(ctx->pctx, out_sig, out_sig_len, ctx); + } else { + size_t s = EVP_MD_size(ctx->digest); + return EVP_PKEY_sign(ctx->pctx, out_sig, out_sig_len, NULL, s); + } } } int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const uint8_t *sig, size_t sig_len) { EVP_MD_CTX tmp_ctx; - int ret; uint8_t md[EVP_MAX_MD_SIZE]; + int r; unsigned int mdlen; EVP_MD_CTX_init(&tmp_ctx); - ret = EVP_MD_CTX_copy_ex(&tmp_ctx, ctx) && - EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen) && - EVP_PKEY_verify(ctx->pctx, sig, sig_len, md, mdlen); + if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx)) { + return 0; + } + if (ctx->pctx->pmeth->verifyctx) { + r = tmp_ctx.pctx->pmeth->verifyctx(tmp_ctx.pctx, sig, sig_len, &tmp_ctx); + } else { + r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen); + if (r) { + r = EVP_PKEY_verify(ctx->pctx, sig, sig_len, md, mdlen); + } + } + EVP_MD_CTX_cleanup(&tmp_ctx); - return ret; + return r; } diff --git a/src/crypto/evp/evp.c b/src/crypto/evp/evp.c index 5822379..0ad5c27 100644 --- a/src/crypto/evp/evp.c +++ b/src/crypto/evp/evp.c @@ -75,6 +75,7 @@ extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meth; extern const EVP_PKEY_ASN1_METHOD ec_asn1_meth; +extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth; extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meth; EVP_PKEY *EVP_PKEY_new(void) { @@ -82,7 +83,7 @@ EVP_PKEY *EVP_PKEY_new(void) { ret = OPENSSL_malloc(sizeof(EVP_PKEY)); if (ret == NULL) { - OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_new, ERR_R_MALLOC_FAILURE); return NULL; } @@ -158,12 +159,12 @@ int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) { int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) { if (to->type != from->type) { - OPENSSL_PUT_ERROR(EVP, EVP_R_DIFFERENT_KEY_TYPES); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_copy_parameters, EVP_R_DIFFERENT_KEY_TYPES); goto err; } if (EVP_PKEY_missing_parameters(from)) { - OPENSSL_PUT_ERROR(EVP, EVP_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_copy_parameters, EVP_R_MISSING_PARAMETERS); goto err; } @@ -206,6 +207,8 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pengine, int nid) { case EVP_PKEY_RSA: case EVP_PKEY_RSA2: return &rsa_asn1_meth; + case EVP_PKEY_HMAC: + return &hmac_asn1_meth; case EVP_PKEY_EC: return &ec_asn1_meth; case EVP_PKEY_DSA: @@ -223,6 +226,32 @@ int EVP_PKEY_type(int nid) { return meth->pkey_id; } +EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const uint8_t *mac_key, + size_t mac_key_len) { + EVP_PKEY_CTX *mac_ctx = NULL; + EVP_PKEY *ret = NULL; + + mac_ctx = EVP_PKEY_CTX_new_id(type, e); + if (!mac_ctx) { + return NULL; + } + + if (!EVP_PKEY_keygen_init(mac_ctx) || + !EVP_PKEY_CTX_ctrl(mac_ctx, -1, EVP_PKEY_OP_KEYGEN, + EVP_PKEY_CTRL_SET_MAC_KEY, mac_key_len, + (uint8_t *)mac_key) || + !EVP_PKEY_keygen(mac_ctx, &ret)) { + ret = NULL; + goto merr; + } + +merr: + if (mac_ctx) { + EVP_PKEY_CTX_free(mac_ctx); + } + return ret; +} + int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) { if (EVP_PKEY_assign_RSA(pkey, key)) { RSA_up_ref(key); @@ -237,7 +266,7 @@ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key) { RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_RSA) { - OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_AN_RSA_KEY); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_get1_RSA, EVP_R_EXPECTING_AN_RSA_KEY); return NULL; } RSA_up_ref(pkey->pkey.rsa); @@ -258,7 +287,7 @@ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key) { DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_DSA) { - OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_A_DSA_KEY); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_get1_DSA, EVP_R_EXPECTING_A_DSA_KEY); return NULL; } DSA_up_ref(pkey->pkey.dsa); @@ -279,7 +308,7 @@ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) { EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_EC) { - OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_AN_EC_KEY_KEY); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_get1_EC_KEY, EVP_R_EXPECTING_AN_EC_KEY_KEY); return NULL; } EC_KEY_up_ref(pkey->pkey.ec); @@ -300,7 +329,7 @@ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key) { DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_DH) { - OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_A_DH_KEY); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_get1_DH, EVP_R_EXPECTING_A_DH_KEY); return NULL; } DH_up_ref(pkey->pkey.dh); @@ -320,10 +349,10 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pengine, size_t len) { if (len == 3 && memcmp(name, "RSA", 3) == 0) { return &rsa_asn1_meth; + } else if (len == 4 && memcmp(name, "HMAC", 4) == 0) { + return &hmac_asn1_meth; } if (len == 2 && memcmp(name, "EC", 2) == 0) { return &ec_asn1_meth; - } else if (len == 3 && memcmp(name, "DSA", 3) == 0) { - return &dsa_asn1_meth; } return NULL; } @@ -337,7 +366,7 @@ int EVP_PKEY_set_type(EVP_PKEY *pkey, int type) { ameth = EVP_PKEY_asn1_find(NULL, type); if (ameth == NULL) { - OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_set_type, EVP_R_UNSUPPORTED_ALGORITHM); ERR_add_error_dataf("algorithm %d (%s)", type, OBJ_nid2sn(type)); return 0; } @@ -407,6 +436,10 @@ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **out_md) { 0, (void *)out_md); } +EVP_PKEY *EVP_PKEY_dup(EVP_PKEY *pkey) { + return EVP_PKEY_up_ref(pkey); +} + void OpenSSL_add_all_algorithms(void) {} void OpenSSL_add_all_ciphers(void) {} diff --git a/src/crypto/evp/evp_asn1.c b/src/crypto/evp/evp_asn1.c deleted file mode 100644 index 356c62b..0000000 --- a/src/crypto/evp/evp_asn1.c +++ /dev/null @@ -1,166 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#include - -#include -#include -#include -#include - -#include "internal.h" - - -EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **out, const uint8_t **inp, - long len) { - EVP_PKEY *ret; - - if (out == NULL || *out == NULL) { - ret = EVP_PKEY_new(); - if (ret == NULL) { - OPENSSL_PUT_ERROR(EVP, ERR_R_EVP_LIB); - return NULL; - } - } else { - ret = *out; - } - - if (!EVP_PKEY_set_type(ret, type)) { - OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_PUBLIC_KEY_TYPE); - goto err; - } - - if (!ret->ameth->old_priv_decode || - !ret->ameth->old_priv_decode(ret, inp, len)) { - if (ret->ameth->priv_decode) { - PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, inp, len); - if (!p8) { - goto err; - } - EVP_PKEY_free(ret); - ret = EVP_PKCS82PKEY(p8); - PKCS8_PRIV_KEY_INFO_free(p8); - } else { - OPENSSL_PUT_ERROR(EVP, ERR_R_ASN1_LIB); - goto err; - } - } - - if (out != NULL) { - *out = ret; - } - return ret; - -err: - if (out == NULL || *out != ret) { - EVP_PKEY_free(ret); - } - return NULL; -} - -EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **out, const uint8_t **inp, long len) { - STACK_OF(ASN1_TYPE) *inkey; - const uint8_t *p; - int keytype; - p = *inp; - - /* Dirty trick: read in the ASN1 data into out STACK_OF(ASN1_TYPE): - * by analyzing it we can determine the passed structure: this - * assumes the input is surrounded by an ASN1 SEQUENCE. */ - inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, len); - /* Since we only need to discern "traditional format" RSA and DSA - * keys we can just count the elements. */ - if (sk_ASN1_TYPE_num(inkey) == 6) { - keytype = EVP_PKEY_DSA; - } else if (sk_ASN1_TYPE_num(inkey) == 4) { - keytype = EVP_PKEY_EC; - } else if (sk_ASN1_TYPE_num(inkey) == 3) { - /* This seems to be PKCS8, not traditional format */ - PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, inp, len); - EVP_PKEY *ret; - - sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); - if (!p8) { - OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE); - return NULL; - } - ret = EVP_PKCS82PKEY(p8); - PKCS8_PRIV_KEY_INFO_free(p8); - if (out) { - *out = ret; - } - return ret; - } else { - keytype = EVP_PKEY_RSA; - } - - sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); - return d2i_PrivateKey(keytype, out, inp, len); -} - -int i2d_PublicKey(EVP_PKEY *key, uint8_t **outp) { - switch (key->type) { - case EVP_PKEY_RSA: - return i2d_RSAPublicKey(key->pkey.rsa, outp); - case EVP_PKEY_DSA: - return i2d_DSAPublicKey(key->pkey.dsa, outp); - case EVP_PKEY_EC: - return i2o_ECPublicKey(key->pkey.ec, outp); - default: - OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE); - return -1; - } -} diff --git a/src/crypto/evp/evp_ctx.c b/src/crypto/evp/evp_ctx.c index a8e71fe..9f42274 100644 --- a/src/crypto/evp/evp_ctx.c +++ b/src/crypto/evp/evp_ctx.c @@ -67,10 +67,12 @@ extern const EVP_PKEY_METHOD rsa_pkey_meth; +extern const EVP_PKEY_METHOD hmac_pkey_meth; extern const EVP_PKEY_METHOD ec_pkey_meth; static const EVP_PKEY_METHOD *const evp_methods[] = { &rsa_pkey_meth, + &hmac_pkey_meth, &ec_pkey_meth, }; @@ -100,7 +102,7 @@ static EVP_PKEY_CTX *evp_pkey_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) { pmeth = evp_pkey_meth_find(id); if (pmeth == NULL) { - OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM); + OPENSSL_PUT_ERROR(EVP, evp_pkey_ctx_new, EVP_R_UNSUPPORTED_ALGORITHM); const char *name = OBJ_nid2sn(id); ERR_add_error_dataf("algorithm %d (%s)", id, name); return NULL; @@ -108,7 +110,7 @@ static EVP_PKEY_CTX *evp_pkey_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) { ret = OPENSSL_malloc(sizeof(EVP_PKEY_CTX)); if (!ret) { - OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, evp_pkey_ctx_new, ERR_R_MALLOC_FAILURE); return NULL; } memset(ret, 0, sizeof(EVP_PKEY_CTX)); @@ -190,7 +192,7 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx) { err: EVP_PKEY_CTX_free(rctx); - OPENSSL_PUT_ERROR(EVP, ERR_LIB_EVP); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_CTX_dup, ERR_LIB_EVP); return NULL; } @@ -205,7 +207,7 @@ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx) { return ctx->app_data; } int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd, int p1, void *p2) { if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl) { - OPENSSL_PUT_ERROR(EVP, EVP_R_COMMAND_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_CTX_ctrl, EVP_R_COMMAND_NOT_SUPPORTED); return 0; } if (keytype != -1 && ctx->pmeth->pkey_id != keytype) { @@ -213,12 +215,12 @@ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd, } if (ctx->operation == EVP_PKEY_OP_UNDEFINED) { - OPENSSL_PUT_ERROR(EVP, EVP_R_NO_OPERATION_SET); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_CTX_ctrl, EVP_R_NO_OPERATION_SET); return 0; } if (optype != -1 && !(ctx->operation & optype)) { - OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_OPERATION); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_CTX_ctrl, EVP_R_INVALID_OPERATION); return 0; } @@ -227,7 +229,8 @@ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd, int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) { - OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_sign_init, + EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } @@ -247,11 +250,12 @@ int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx) { int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *sig_len, const uint8_t *data, size_t data_len) { if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) { - OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_sign, + EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_SIGN) { - OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_sign, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } return ctx->pmeth->sign(ctx, sig, sig_len, data, data_len); @@ -259,7 +263,8 @@ int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *sig_len, int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) { - OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_verify_init, + EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } ctx->operation = EVP_PKEY_OP_VERIFY; @@ -277,11 +282,12 @@ int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx) { int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const uint8_t *sig, size_t sig_len, const uint8_t *data, size_t data_len) { if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) { - OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_verify, + EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_VERIFY) { - OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_verify, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } return ctx->pmeth->verify(ctx, sig, sig_len, data, data_len); @@ -289,7 +295,8 @@ int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const uint8_t *sig, size_t sig_len, int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) { - OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_encrypt_init, + EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } ctx->operation = EVP_PKEY_OP_ENCRYPT; @@ -306,11 +313,12 @@ int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx) { int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen) { if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) { - OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_encrypt, + EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_ENCRYPT) { - OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_encrypt, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen); @@ -318,7 +326,8 @@ int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) { - OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_decrypt_init, + EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } ctx->operation = EVP_PKEY_OP_DECRYPT; @@ -335,11 +344,12 @@ int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx) { int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen) { if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) { - OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_decrypt, + EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_DECRYPT) { - OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_decrypt, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen); @@ -347,7 +357,8 @@ int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) { - OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_init, + EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } ctx->operation = EVP_PKEY_OP_DERIVE; @@ -366,13 +377,15 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) { if (!ctx || !ctx->pmeth || !(ctx->pmeth->derive || ctx->pmeth->encrypt || ctx->pmeth->decrypt) || !ctx->pmeth->ctrl) { - OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer, + EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_DERIVE && ctx->operation != EVP_PKEY_OP_ENCRYPT && ctx->operation != EVP_PKEY_OP_DECRYPT) { - OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer, + EVP_R_OPERATON_NOT_INITIALIZED); return 0; } @@ -387,12 +400,12 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) { } if (!ctx->pkey) { - OPENSSL_PUT_ERROR(EVP, EVP_R_NO_KEY_SET); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer, EVP_R_NO_KEY_SET); return 0; } if (ctx->pkey->type != peer->type) { - OPENSSL_PUT_ERROR(EVP, EVP_R_DIFFERENT_KEY_TYPES); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer, EVP_R_DIFFERENT_KEY_TYPES); return 0; } @@ -403,7 +416,8 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) { * -2 is OK for us here, as well as 1, so we can check for 0 only. */ if (!EVP_PKEY_missing_parameters(peer) && !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) { - OPENSSL_PUT_ERROR(EVP, EVP_R_DIFFERENT_PARAMETERS); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer, + EVP_R_DIFFERENT_PARAMETERS); return 0; } @@ -423,11 +437,12 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) { int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, uint8_t *key, size_t *out_key_len) { if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) { - OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive, + EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_DERIVE) { - OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } return ctx->pmeth->derive(ctx, key, out_key_len); @@ -435,7 +450,8 @@ int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, uint8_t *key, size_t *out_key_len) { int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) { - OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_keygen_init, + EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } ctx->operation = EVP_PKEY_OP_KEYGEN; @@ -451,11 +467,12 @@ int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx) { int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey) { if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) { - OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_keygen, + EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_KEYGEN) { - OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_keygen, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } @@ -466,7 +483,7 @@ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey) { if (!*ppkey) { *ppkey = EVP_PKEY_new(); if (!*ppkey) { - OPENSSL_PUT_ERROR(EVP, ERR_LIB_EVP); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_keygen, ERR_LIB_EVP); return 0; } } diff --git a/src/crypto/evp/evp_extra_test.cc b/src/crypto/evp/evp_extra_test.cc index 9c955fa..674547d 100644 --- a/src/crypto/evp/evp_extra_test.cc +++ b/src/crypto/evp/evp_extra_test.cc @@ -322,8 +322,8 @@ static const uint8_t kExampleBadECKeyDER[] = { }; static ScopedEVP_PKEY LoadExampleRSAKey() { - ScopedRSA rsa(RSA_private_key_from_bytes(kExampleRSAKeyDER, - sizeof(kExampleRSAKeyDER))); + const uint8_t *derp = kExampleRSAKeyDER; + ScopedRSA rsa(d2i_RSAPrivateKey(nullptr, &derp, sizeof(kExampleRSAKeyDER))); if (!rsa) { return nullptr; } diff --git a/src/crypto/evp/evp_test.cc b/src/crypto/evp/evp_test.cc index c7ac908..239f868 100644 --- a/src/crypto/evp/evp_test.cc +++ b/src/crypto/evp/evp_test.cc @@ -56,19 +56,10 @@ #include #include -#if defined(_MSC_VER) -#pragma warning(push) -#pragma warning(disable: 4702) -#endif - #include #include #include -#if defined(_MSC_VER) -#pragma warning(pop) -#endif - #include #include #include @@ -81,10 +72,11 @@ #include "../test/stl_compat.h" -// evp_test dispatches between multiple test types. PrivateKey tests take a key -// name parameter and single block, decode it as a PEM private key, and save it -// under that key name. Decrypt, Sign, and Verify tests take a previously -// imported key name as parameter and test their respective operations. +// evp_test dispatches between multiple test types. HMAC tests test the legacy +// EVP_PKEY_HMAC API. PrivateKey tests take a key name parameter and single +// block, decode it as a PEM private key, and save it under that key name. +// Decrypt, Sign, and Verify tests take a previously imported key name as +// parameter and test their respective operations. static const EVP_MD *GetDigest(FileTest *t, const std::string &name) { if (name == "MD5") { @@ -128,10 +120,54 @@ static bool ImportPrivateKey(FileTest *t, KeyMap *key_map) { return true; } +static bool TestHMAC(FileTest *t) { + std::string digest_str; + if (!t->GetAttribute(&digest_str, "HMAC")) { + return false; + } + const EVP_MD *digest = GetDigest(t, digest_str); + if (digest == nullptr) { + return false; + } + + std::vector key, input, output; + if (!t->GetBytes(&key, "Key") || + !t->GetBytes(&input, "Input") || + !t->GetBytes(&output, "Output")) { + return false; + } + + ScopedEVP_PKEY pkey(EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, nullptr, + bssl::vector_data(&key), + key.size())); + ScopedEVP_MD_CTX mctx; + if (!pkey || + !EVP_DigestSignInit(mctx.get(), nullptr, digest, nullptr, pkey.get()) || + !EVP_DigestSignUpdate(mctx.get(), bssl::vector_data(&input), + input.size())) { + return false; + } + + size_t len; + std::vector actual; + if (!EVP_DigestSignFinal(mctx.get(), nullptr, &len)) { + return false; + } + actual.resize(len); + if (!EVP_DigestSignFinal(mctx.get(), bssl::vector_data(&actual), &len)) { + return false; + } + actual.resize(len); + return t->ExpectBytesEqual(bssl::vector_data(&output), output.size(), + bssl::vector_data(&actual), actual.size()); +} + static bool TestEVP(FileTest *t, void *arg) { KeyMap *key_map = reinterpret_cast(arg); if (t->GetType() == "PrivateKey") { return ImportPrivateKey(t, key_map); + } else if (t->GetType() == "HMAC") { + return TestHMAC(t); } int (*key_op_init)(EVP_PKEY_CTX *ctx); @@ -183,7 +219,7 @@ static bool TestEVP(FileTest *t, void *arg) { bssl::vector_data(&input), input.size())) { // ECDSA sometimes doesn't push an error code. Push one on the error queue // so it's distinguishable from other errors. - OPENSSL_PUT_ERROR(USER, ERR_R_EVP_LIB); + ERR_put_error(ERR_LIB_USER, 0, ERR_R_EVP_LIB, __FILE__, __LINE__); return false; } return true; diff --git a/src/crypto/evp/evp_tests.txt b/src/crypto/evp/evp_tests.txt index 97ddaa0..cccfa4f 100644 --- a/src/crypto/evp/evp_tests.txt +++ b/src/crypto/evp/evp_tests.txt @@ -163,11 +163,12 @@ Digest = SHA1 Input = "0123456789ABCDEF1234" Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec800 # This operation fails without an error code, so ERR_R_EVP_LIB is surfaced. -Error = BAD_SIGNATURE +Error = public key routines # BER signature Verify = P-256 Digest = SHA1 Input = "0123456789ABCDEF1234" Output = 3080022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec80000 -Error = BAD_SIGNATURE +# This operation fails without an error code, so ERR_R_EVP_LIB is surfaced. +Error = public key routines diff --git a/src/crypto/evp/internal.h b/src/crypto/evp/internal.h index 60881e3..08a7bfb 100644 --- a/src/crypto/evp/internal.h +++ b/src/crypto/evp/internal.h @@ -89,7 +89,8 @@ struct evp_pkey_asn1_method_st { int pkey_base_id; unsigned long pkey_flags; - const char *pem_str; + char *pem_str; + char *info; int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub); int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk); @@ -114,8 +115,8 @@ struct evp_pkey_asn1_method_st { int (*pkey_size)(const EVP_PKEY *pk); int (*pkey_bits)(const EVP_PKEY *pk); - int (*param_decode)(EVP_PKEY *pkey, const uint8_t **pder, int derlen); - int (*param_encode)(const EVP_PKEY *pkey, uint8_t **pder); + int (*param_decode)(EVP_PKEY *pkey, const unsigned char **pder, int derlen); + int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder); int (*param_missing)(const EVP_PKEY *pk); int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from); int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b); @@ -129,9 +130,9 @@ struct evp_pkey_asn1_method_st { /* Legacy functions for old PEM */ - int (*old_priv_decode)(EVP_PKEY *pkey, const uint8_t **pder, + int (*old_priv_decode)(EVP_PKEY *pkey, const unsigned char **pder, int derlen); - int (*old_priv_encode)(const EVP_PKEY *pkey, uint8_t **pder); + int (*old_priv_encode)(const EVP_PKEY *pkey, unsigned char **pder); /* Converting parameters to/from AlgorithmIdentifier (X509_ALGOR). */ int (*digest_verify_init_from_algorithm)(EVP_MD_CTX *ctx, @@ -152,12 +153,15 @@ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx); #define EVP_PKEY_OP_SIGN (1 << 3) #define EVP_PKEY_OP_VERIFY (1 << 4) #define EVP_PKEY_OP_VERIFYRECOVER (1 << 5) -#define EVP_PKEY_OP_ENCRYPT (1 << 6) -#define EVP_PKEY_OP_DECRYPT (1 << 7) -#define EVP_PKEY_OP_DERIVE (1 << 8) +#define EVP_PKEY_OP_SIGNCTX (1 << 6) +#define EVP_PKEY_OP_VERIFYCTX (1 << 7) +#define EVP_PKEY_OP_ENCRYPT (1 << 8) +#define EVP_PKEY_OP_DECRYPT (1 << 9) +#define EVP_PKEY_OP_DERIVE (1 << 10) #define EVP_PKEY_OP_TYPE_SIG \ - (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER) + (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER | \ + EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX) #define EVP_PKEY_OP_TYPE_CRYPT (EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT) @@ -177,8 +181,13 @@ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx); OPENSSL_EXPORT int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd, int p1, void *p2); -#define EVP_PKEY_CTRL_MD 1 -#define EVP_PKEY_CTRL_GET_MD 2 +/* EVP_PKEY_CTRL_DIGESTINIT is an internal value. It's called by + * EVP_DigestInit_ex to signal the |EVP_PKEY| that a digest operation is + * starting. + * + * TODO(davidben): This is only needed to support the deprecated HMAC |EVP_PKEY| + * types. */ +#define EVP_PKEY_CTRL_DIGESTINIT 3 /* EVP_PKEY_CTRL_PEER_KEY is called with different values of |p1|: * 0: Is called from |EVP_PKEY_derive_set_peer| and |p2| contains a peer key. @@ -189,12 +198,21 @@ OPENSSL_EXPORT int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, * (EC)DH always return one in this case. * 3: Is called with |p2| == NULL to set whether the peer's key was used. * (EC)DH always return one in this case. This was only used for GOST. */ -#define EVP_PKEY_CTRL_PEER_KEY 3 +#define EVP_PKEY_CTRL_PEER_KEY 4 + +/* EVP_PKEY_CTRL_SET_MAC_KEY sets a MAC key. For example, this can be done an + * |EVP_PKEY_CTX| prior to calling |EVP_PKEY_keygen| in order to generate an + * HMAC |EVP_PKEY| with the given key. It returns one on success and zero on + * error. */ +#define EVP_PKEY_CTRL_SET_MAC_KEY 5 /* EVP_PKEY_ALG_CTRL is the base value from which key-type specific ctrl * commands are numbered. */ #define EVP_PKEY_ALG_CTRL 0x1000 +#define EVP_PKEY_CTRL_MD 1 +#define EVP_PKEY_CTRL_GET_MD 2 + #define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1) #define EVP_PKEY_CTRL_GET_RSA_PADDING (EVP_PKEY_ALG_CTRL + 2) #define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 3) @@ -242,25 +260,34 @@ struct evp_pkey_method_st { int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); int (*sign_init)(EVP_PKEY_CTX *ctx); - int (*sign)(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *siglen, - const uint8_t *tbs, size_t tbslen); + int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, + const unsigned char *tbs, size_t tbslen); int (*verify_init)(EVP_PKEY_CTX *ctx); - int (*verify)(EVP_PKEY_CTX *ctx, const uint8_t *sig, size_t siglen, - const uint8_t *tbs, size_t tbslen); + int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, + const unsigned char *tbs, size_t tbslen); + + int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); + int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, + EVP_MD_CTX *mctx); + + int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); + int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen, + EVP_MD_CTX *mctx); int (*encrypt_init)(EVP_PKEY_CTX *ctx); - int (*encrypt)(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, - const uint8_t *in, size_t inlen); + int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, + const unsigned char *in, size_t inlen); int (*decrypt_init)(EVP_PKEY_CTX *ctx); - int (*decrypt)(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, - const uint8_t *in, size_t inlen); + int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, + const unsigned char *in, size_t inlen); int (*derive_init)(EVP_PKEY_CTX *ctx); - int (*derive)(EVP_PKEY_CTX *ctx, uint8_t *key, size_t *keylen); + int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2); + int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value); } /* EVP_PKEY_METHOD */; diff --git a/src/crypto/evp/p_dsa_asn1.c b/src/crypto/evp/p_dsa_asn1.c index 4790cf6..826d4e4 100644 --- a/src/crypto/evp/p_dsa_asn1.c +++ b/src/crypto/evp/p_dsa_asn1.c @@ -91,29 +91,29 @@ static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) { dsa = d2i_DSAparams(NULL, &pm, pmlen); if (dsa == NULL) { - OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, EVP_R_DECODE_ERROR); goto err; } } else if (ptype == V_ASN1_NULL || ptype == V_ASN1_UNDEF) { dsa = DSA_new(); if (dsa == NULL) { - OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, ERR_R_MALLOC_FAILURE); goto err; } } else { - OPENSSL_PUT_ERROR(EVP, EVP_R_PARAMETER_ENCODING_ERROR); + OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, EVP_R_PARAMETER_ENCODING_ERROR); goto err; } public_key = d2i_ASN1_INTEGER(NULL, &p, pklen); if (public_key == NULL) { - OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, EVP_R_DECODE_ERROR); goto err; } dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL); if (dsa->pub_key == NULL) { - OPENSSL_PUT_ERROR(EVP, EVP_R_BN_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, EVP_R_BN_DECODE_ERROR); goto err; } @@ -140,12 +140,12 @@ static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { if (dsa->p && dsa->q && dsa->g) { pval = ASN1_STRING_new(); if (!pval) { - OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, dsa_pub_encode, ERR_R_MALLOC_FAILURE); goto err; } pval->length = i2d_DSAparams(dsa, &pval->data); if (pval->length <= 0) { - OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, dsa_pub_encode, ERR_R_MALLOC_FAILURE); goto err; } ptype = V_ASN1_SEQUENCE; @@ -155,7 +155,7 @@ static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { penclen = i2d_DSAPublicKey(dsa, &penc); if (penclen <= 0) { - OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, dsa_pub_encode, ERR_R_MALLOC_FAILURE); goto err; } @@ -252,23 +252,23 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { /* We have parameters. Now set private key */ dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL); if (dsa->priv_key == NULL) { - OPENSSL_PUT_ERROR(EVP, ERR_LIB_BN); + OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, ERR_LIB_BN); goto dsaerr; } /* Calculate public key. */ dsa->pub_key = BN_new(); if (dsa->pub_key == NULL) { - OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, ERR_R_MALLOC_FAILURE); goto dsaerr; } ctx = BN_CTX_new(); if (ctx == NULL) { - OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, ERR_R_MALLOC_FAILURE); goto dsaerr; } if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) { - OPENSSL_PUT_ERROR(EVP, ERR_LIB_BN); + OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, ERR_LIB_BN); goto dsaerr; } @@ -280,7 +280,7 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { return 1; decerr: - OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, EVP_R_DECODE_ERROR); dsaerr: BN_CTX_free(ctx); @@ -297,19 +297,19 @@ static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { int dplen; if (!pkey->pkey.dsa || !pkey->pkey.dsa->priv_key) { - OPENSSL_PUT_ERROR(EVP, EVP_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(EVP, dsa_priv_encode, EVP_R_MISSING_PARAMETERS); goto err; } params = ASN1_STRING_new(); if (!params) { - OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, dsa_priv_encode, ERR_R_MALLOC_FAILURE); goto err; } params->length = i2d_DSAparams(pkey->pkey.dsa, ¶ms->data); if (params->length <= 0) { - OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, dsa_priv_encode, ERR_R_MALLOC_FAILURE); goto err; } params->type = V_ASN1_SEQUENCE; @@ -318,14 +318,13 @@ static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL); if (!prkey) { - OPENSSL_PUT_ERROR(EVP, ERR_LIB_BN); + OPENSSL_PUT_ERROR(EVP, dsa_priv_encode, ERR_LIB_BN); goto err; } dplen = i2d_ASN1_INTEGER(prkey, &dp); ASN1_INTEGER_free(prkey); - prkey = NULL; if (!PKCS8_pkey_set0(p8, (ASN1_OBJECT *)OBJ_nid2obj(NID_dsa), 0, V_ASN1_SEQUENCE, params, dp, dplen)) { @@ -438,7 +437,7 @@ static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype) { m = (uint8_t *)OPENSSL_malloc(buf_len + 10); if (m == NULL) { - OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, do_dsa_print, ERR_R_MALLOC_FAILURE); goto err; } @@ -467,7 +466,7 @@ static int dsa_param_decode(EVP_PKEY *pkey, const uint8_t **pder, int derlen) { DSA *dsa; dsa = d2i_DSAparams(NULL, pder, derlen); if (dsa == NULL) { - OPENSSL_PUT_ERROR(EVP, ERR_R_DSA_LIB); + OPENSSL_PUT_ERROR(EVP, dsa_param_decode, ERR_R_DSA_LIB); return 0; } EVP_PKEY_assign_DSA(pkey, dsa); @@ -498,7 +497,7 @@ static int old_dsa_priv_decode(EVP_PKEY *pkey, const uint8_t **pder, DSA *dsa; dsa = d2i_DSAPrivateKey(NULL, pder, derlen); if (dsa == NULL) { - OPENSSL_PUT_ERROR(EVP, ERR_R_DSA_LIB); + OPENSSL_PUT_ERROR(EVP, old_dsa_priv_decode, ERR_R_DSA_LIB); return 0; } EVP_PKEY_assign_DSA(pkey, dsa); @@ -532,7 +531,7 @@ static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, update_buflen(dsa_sig->s, &buf_len); m = OPENSSL_malloc(buf_len + 10); if (m == NULL) { - OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, dsa_sig_print, ERR_R_MALLOC_FAILURE); goto err; } @@ -555,6 +554,7 @@ const EVP_PKEY_ASN1_METHOD dsa_asn1_meth = { 0, "DSA", + "OpenSSL DSA method", dsa_pub_decode, dsa_pub_encode, diff --git a/src/crypto/evp/p_ec.c b/src/crypto/evp/p_ec.c index 77f213d..73c00d8 100644 --- a/src/crypto/evp/p_ec.c +++ b/src/crypto/evp/p_ec.c @@ -125,18 +125,25 @@ static void pkey_ec_cleanup(EVP_PKEY_CTX *ctx) { static int pkey_ec_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *siglen, const uint8_t *tbs, size_t tbslen) { + int type; unsigned int sltmp; + EC_PKEY_CTX *dctx = ctx->data; EC_KEY *ec = ctx->pkey->pkey.ec; if (!sig) { *siglen = ECDSA_size(ec); return 1; } else if (*siglen < (size_t)ECDSA_size(ec)) { - OPENSSL_PUT_ERROR(EVP, EVP_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EVP, pkey_ec_sign, EVP_R_BUFFER_TOO_SMALL); return 0; } - if (!ECDSA_sign(0, tbs, tbslen, sig, &sltmp, ec)) { + type = NID_sha1; + if (dctx->md) { + type = EVP_MD_type(dctx->md); + } + + if (!ECDSA_sign(type, tbs, tbslen, sig, &sltmp, ec)) { return 0; } *siglen = (size_t)sltmp; @@ -145,7 +152,16 @@ static int pkey_ec_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *siglen, static int pkey_ec_verify(EVP_PKEY_CTX *ctx, const uint8_t *sig, size_t siglen, const uint8_t *tbs, size_t tbslen) { - return ECDSA_verify(0, tbs, tbslen, sig, siglen, ctx->pkey->pkey.ec); + int type; + EC_PKEY_CTX *dctx = ctx->data; + EC_KEY *ec = ctx->pkey->pkey.ec; + + type = NID_sha1; + if (dctx->md) { + type = EVP_MD_type(dctx->md); + } + + return ECDSA_verify(type, tbs, tbslen, sig, siglen, ec); } static int pkey_ec_derive(EVP_PKEY_CTX *ctx, uint8_t *key, @@ -156,7 +172,7 @@ static int pkey_ec_derive(EVP_PKEY_CTX *ctx, uint8_t *key, EC_KEY *eckey; if (!ctx->pkey || !ctx->peerkey) { - OPENSSL_PUT_ERROR(EVP, EVP_R_KEYS_NOT_SET); + OPENSSL_PUT_ERROR(EVP, pkey_ec_derive, EVP_R_KEYS_NOT_SET); return 0; } @@ -191,7 +207,7 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID: group = EC_GROUP_new_by_curve_name(p1); if (group == NULL) { - OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_CURVE); + OPENSSL_PUT_ERROR(EVP, pkey_ec_ctrl, EVP_R_INVALID_CURVE); return 0; } EC_GROUP_free(dctx->gen_group); @@ -205,7 +221,7 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { EVP_MD_type((const EVP_MD *)p2) != NID_sha256 && EVP_MD_type((const EVP_MD *)p2) != NID_sha384 && EVP_MD_type((const EVP_MD *)p2) != NID_sha512) { - OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_DIGEST_TYPE); + OPENSSL_PUT_ERROR(EVP, pkey_ec_ctrl, EVP_R_INVALID_DIGEST_TYPE); return 0; } dctx->md = p2; @@ -216,11 +232,12 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { return 1; case EVP_PKEY_CTRL_PEER_KEY: - /* Default behaviour is OK */ + /* Default behaviour is OK */ + case EVP_PKEY_CTRL_DIGESTINIT: return 1; default: - OPENSSL_PUT_ERROR(EVP, EVP_R_COMMAND_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(EVP, pkey_ec_ctrl, EVP_R_COMMAND_NOT_SUPPORTED); return 0; } } @@ -231,7 +248,7 @@ static int pkey_ec_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { int ret = 0; if (dctx->gen_group == NULL) { - OPENSSL_PUT_ERROR(EVP, EVP_R_NO_PARAMETERS_SET); + OPENSSL_PUT_ERROR(EVP, pkey_ec_paramgen, EVP_R_NO_PARAMETERS_SET); return 0; } ec = EC_KEY_new(); @@ -251,7 +268,7 @@ static int pkey_ec_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { EC_KEY *ec = NULL; EC_PKEY_CTX *dctx = ctx->data; if (ctx->pkey == NULL && dctx->gen_group == NULL) { - OPENSSL_PUT_ERROR(EVP, EVP_R_NO_PARAMETERS_SET); + OPENSSL_PUT_ERROR(EVP, pkey_ec_keygen, EVP_R_NO_PARAMETERS_SET); return 0; } ec = EC_KEY_new(); @@ -273,11 +290,12 @@ static int pkey_ec_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { } const EVP_PKEY_METHOD ec_pkey_meth = { - EVP_PKEY_EC, 0 /* flags */, pkey_ec_init, - pkey_ec_copy, pkey_ec_cleanup, 0 /* paramgen_init */, - pkey_ec_paramgen, 0 /* keygen_init */, pkey_ec_keygen, - 0 /* sign_init */, pkey_ec_sign, 0 /* verify_init */, - pkey_ec_verify, 0 /* encrypt_init */, 0 /* encrypt */, - 0 /* decrypt_init */, 0 /* decrypt */, 0 /* derive_init */, - pkey_ec_derive, pkey_ec_ctrl, + EVP_PKEY_EC, 0 /* flags */, pkey_ec_init, + pkey_ec_copy, pkey_ec_cleanup, 0 /* paramgen_init */, + pkey_ec_paramgen, 0 /* keygen_init */, pkey_ec_keygen, + 0 /* sign_init */, pkey_ec_sign, 0 /* verify_init */, + pkey_ec_verify, 0 /* signctx_init */, 0 /* signctx */, + 0 /* verifyctx_init */, 0 /* verifyctx */, 0 /* encrypt_init */, + 0 /* encrypt */, 0 /* decrypt_init */, 0 /* decrypt */, + 0 /* derive_init */, pkey_ec_derive, pkey_ec_ctrl, }; diff --git a/src/crypto/evp/p_ec_asn1.c b/src/crypto/evp/p_ec_asn1.c index 9867947..fbbf4e7 100644 --- a/src/crypto/evp/p_ec_asn1.c +++ b/src/crypto/evp/p_ec_asn1.c @@ -71,13 +71,13 @@ static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key) { int nid; if (ec_key == NULL || (group = EC_KEY_get0_group(ec_key)) == NULL) { - OPENSSL_PUT_ERROR(EVP, EVP_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(EVP, eckey_param2type, EVP_R_MISSING_PARAMETERS); return 0; } nid = EC_GROUP_get_curve_name(group); if (nid == NID_undef) { - OPENSSL_PUT_ERROR(EVP, EVP_R_NO_NID_FOR_CURVE); + OPENSSL_PUT_ERROR(EVP, eckey_param2type, EVP_R_NO_NID_FOR_CURVE); return 0; } @@ -94,7 +94,7 @@ static int eckey_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { int penclen; if (!eckey_param2type(&ptype, &pval, ec_key)) { - OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, eckey_pub_encode, ERR_R_EC_LIB); return 0; } penclen = i2o_ECPublicKey(ec_key, NULL); @@ -137,7 +137,7 @@ static EC_KEY *eckey_type2param(int ptype, void *pval) { eckey = d2i_ECParameters(NULL, &pm, pmlen); if (eckey == NULL) { - OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, eckey_type2param, EVP_R_DECODE_ERROR); goto err; } } else if (ptype == V_ASN1_OBJECT) { @@ -150,7 +150,7 @@ static EC_KEY *eckey_type2param(int ptype, void *pval) { goto err; } } else { - OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, eckey_type2param, EVP_R_DECODE_ERROR); goto err; } @@ -177,13 +177,13 @@ static int eckey_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) { eckey = eckey_type2param(ptype, pval); if (!eckey) { - OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, eckey_pub_decode, ERR_R_EC_LIB); return 0; } /* We have parameters now set public key */ if (!o2i_ECPublicKey(&eckey, &p, pklen)) { - OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, eckey_pub_decode, EVP_R_DECODE_ERROR); goto err; } @@ -232,7 +232,7 @@ static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { /* We have parameters now set private key */ if (!d2i_ECPrivateKey(&eckey, &p, pklen)) { - OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, EVP_R_DECODE_ERROR); goto ecerr; } @@ -246,23 +246,23 @@ static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { group = EC_KEY_get0_group(eckey); pub_key = EC_POINT_new(group); if (pub_key == NULL) { - OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, ERR_R_EC_LIB); goto ecliberr; } if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group))) { EC_POINT_free(pub_key); - OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, ERR_R_EC_LIB); goto ecliberr; } priv_key = EC_KEY_get0_private_key(eckey); if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, NULL)) { EC_POINT_free(pub_key); - OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, ERR_R_EC_LIB); goto ecliberr; } if (EC_KEY_set_public_key(eckey, pub_key) == 0) { EC_POINT_free(pub_key); - OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, ERR_R_EC_LIB); goto ecliberr; } EC_POINT_free(pub_key); @@ -272,7 +272,7 @@ static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { return 1; ecliberr: - OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, ERR_R_EC_LIB); ecerr: if (eckey) { EC_KEY_free(eckey); @@ -290,7 +290,7 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { ec_key = pkey->pkey.ec; if (!eckey_param2type(&ptype, &pval, ec_key)) { - OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, eckey_priv_encode, EVP_R_DECODE_ERROR); return 0; } @@ -304,20 +304,20 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { eplen = i2d_ECPrivateKey(ec_key, NULL); if (!eplen) { EC_KEY_set_enc_flags(ec_key, old_flags); - OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, eckey_priv_encode, ERR_R_EC_LIB); return 0; } ep = (uint8_t *)OPENSSL_malloc(eplen); if (!ep) { EC_KEY_set_enc_flags(ec_key, old_flags); - OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, eckey_priv_encode, ERR_R_MALLOC_FAILURE); return 0; } p = ep; if (!i2d_ECPrivateKey(ec_key, &p)) { EC_KEY_set_enc_flags(ec_key, old_flags); OPENSSL_free(ep); - OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, eckey_priv_encode, ERR_R_EC_LIB); return 0; } /* restore old encoding flags */ @@ -325,7 +325,6 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { if (!PKCS8_pkey_set0(p8, (ASN1_OBJECT *)OBJ_nid2obj(NID_X9_62_id_ecPublicKey), 0, ptype, pval, ep, eplen)) { - OPENSSL_free(ep); return 0; } @@ -479,7 +478,7 @@ static int do_EC_KEY_print(BIO *bp, const EC_KEY *x, int off, int ktype) { err: if (!ret) { - OPENSSL_PUT_ERROR(EVP, reason); + OPENSSL_PUT_ERROR(EVP, do_EC_KEY_print, reason); } OPENSSL_free(pub_key_bytes); BN_free(order); @@ -492,7 +491,7 @@ static int eckey_param_decode(EVP_PKEY *pkey, const uint8_t **pder, int derlen) { EC_KEY *eckey; if (!(eckey = d2i_ECParameters(NULL, pder, derlen))) { - OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, eckey_param_decode, ERR_R_EC_LIB); return 0; } EVP_PKEY_assign_EC_KEY(pkey, eckey); @@ -527,7 +526,7 @@ static int old_ec_priv_decode(EVP_PKEY *pkey, const uint8_t **pder, int derlen) { EC_KEY *ec; if (!(ec = d2i_ECPrivateKey(NULL, pder, derlen))) { - OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, old_ec_priv_decode, EVP_R_DECODE_ERROR); return 0; } EVP_PKEY_assign_EC_KEY(pkey, ec); @@ -543,6 +542,7 @@ const EVP_PKEY_ASN1_METHOD ec_asn1_meth = { EVP_PKEY_EC, 0, "EC", + "OpenSSL EC algorithm", eckey_pub_decode, eckey_pub_encode, diff --git a/src/crypto/evp/p_hmac.c b/src/crypto/evp/p_hmac.c new file mode 100644 index 0000000..7d3254a --- /dev/null +++ b/src/crypto/evp/p_hmac.c @@ -0,0 +1,223 @@ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL + * project 2007. + */ +/* ==================================================================== + * Copyright (c) 2007 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). */ + +#include + +#include + +#include +#include +#include +#include +#include + +#include "internal.h" +#include "../digest/internal.h" + + +typedef struct { + const EVP_MD *md; /* MD for HMAC use */ + ASN1_OCTET_STRING ktmp; /* Temp storage for key */ + HMAC_CTX ctx; +} HMAC_PKEY_CTX; + +static int pkey_hmac_init(EVP_PKEY_CTX *ctx) { + HMAC_PKEY_CTX *hctx; + hctx = OPENSSL_malloc(sizeof(HMAC_PKEY_CTX)); + if (!hctx) { + return 0; + } + memset(hctx, 0, sizeof(HMAC_PKEY_CTX)); + hctx->ktmp.type = V_ASN1_OCTET_STRING; + HMAC_CTX_init(&hctx->ctx); + + ctx->data = hctx; + + return 1; +} + +static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) { + HMAC_PKEY_CTX *sctx, *dctx; + if (!pkey_hmac_init(dst)) { + return 0; + } + sctx = src->data; + dctx = dst->data; + dctx->md = sctx->md; + HMAC_CTX_init(&dctx->ctx); + if (!HMAC_CTX_copy_ex(&dctx->ctx, &sctx->ctx)) { + return 0; + } + if (sctx->ktmp.data) { + if (!ASN1_OCTET_STRING_set(&dctx->ktmp, sctx->ktmp.data, + sctx->ktmp.length)) { + return 0; + } + } + return 1; +} + +static void pkey_hmac_cleanup(EVP_PKEY_CTX *ctx) { + HMAC_PKEY_CTX *hctx = ctx->data; + + if (hctx == NULL) { + return; + } + + HMAC_CTX_cleanup(&hctx->ctx); + if (hctx->ktmp.data) { + if (hctx->ktmp.length) { + OPENSSL_cleanse(hctx->ktmp.data, hctx->ktmp.length); + } + OPENSSL_free(hctx->ktmp.data); + hctx->ktmp.data = NULL; + } + OPENSSL_free(hctx); +} + +static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { + ASN1_OCTET_STRING *hkey = NULL; + HMAC_PKEY_CTX *hctx = ctx->data; + + if (!hctx->ktmp.data) { + return 0; + } + hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp); + if (!hkey) { + return 0; + } + EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey); + + return 1; +} + +static void int_update(EVP_MD_CTX *ctx, const void *data, size_t count) { + HMAC_PKEY_CTX *hctx = ctx->pctx->data; + HMAC_Update(&hctx->ctx, data, count); +} + +static int hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) { + /* |mctx| gets repurposed as a hook to call |HMAC_Update|. Suppress the + * automatic setting of |mctx->update| and the rest of its initialization. */ + EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT); + mctx->update = int_update; + return 1; +} + +static int hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, + EVP_MD_CTX *mctx) { + unsigned int hlen; + HMAC_PKEY_CTX *hctx = ctx->data; + size_t md_size = EVP_MD_CTX_size(mctx); + + if (!sig) { + *siglen = md_size; + return 1; + } else if (*siglen < md_size) { + OPENSSL_PUT_ERROR(EVP, hmac_signctx, EVP_R_BUFFER_TOO_SMALL); + return 0; + } + + if (!HMAC_Final(&hctx->ctx, sig, &hlen)) { + return 0; + } + *siglen = (size_t)hlen; + return 1; +} + +static int pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { + HMAC_PKEY_CTX *hctx = ctx->data; + ASN1_OCTET_STRING *key; + + switch (type) { + case EVP_PKEY_CTRL_SET_MAC_KEY: + if ((!p2 && p1 > 0) || (p1 < -1)) { + return 0; + } + if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1)) { + return 0; + } + break; + + case EVP_PKEY_CTRL_MD: + hctx->md = p2; + break; + + case EVP_PKEY_CTRL_DIGESTINIT: + key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr; + if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md, + ctx->engine)) { + return 0; + } + break; + + default: + OPENSSL_PUT_ERROR(EVP, pkey_hmac_ctrl, EVP_R_COMMAND_NOT_SUPPORTED); + return 0; + } + return 1; +} + +const EVP_PKEY_METHOD hmac_pkey_meth = { + EVP_PKEY_HMAC, 0 /* flags */, pkey_hmac_init, + pkey_hmac_copy, pkey_hmac_cleanup, 0 /* paramgen_init */, + 0 /* paramgen */, 0 /* keygen_init */, pkey_hmac_keygen, + 0 /* sign_init */, 0 /* sign */, 0 /* verify_init */, + 0 /* verify */, hmac_signctx_init, hmac_signctx, + 0 /* verifyctx_init */, 0 /* verifyctx */, 0 /* encrypt_init */, + 0 /* encrypt */, 0 /* decrypt_init */, 0 /* decrypt */, + 0 /* derive_init */, 0 /* derive */, pkey_hmac_ctrl, + 0, +}; diff --git a/src/crypto/evp/p_hmac_asn1.c b/src/crypto/evp/p_hmac_asn1.c new file mode 100644 index 0000000..8aa6676 --- /dev/null +++ b/src/crypto/evp/p_hmac_asn1.c @@ -0,0 +1,89 @@ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL + * project 2007. + */ +/* ==================================================================== + * Copyright (c) 2007 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). */ + +#include + +#include +#include +#include +#include + +#include "internal.h" + + +static int hmac_size(const EVP_PKEY *pkey) { return EVP_MAX_MD_SIZE; } + +static void hmac_key_free(EVP_PKEY *pkey) { + ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr; + if (os) { + if (os->data) { + OPENSSL_cleanse(os->data, os->length); + } + ASN1_OCTET_STRING_free(os); + } +} + +const EVP_PKEY_ASN1_METHOD hmac_asn1_meth = { + EVP_PKEY_HMAC, EVP_PKEY_HMAC, 0 /* flags */, + "HMAC", "OpenSSL HMAC method", 0 /* pub_decode */, + 0 /* pub_encode */, 0 /* pub_cmp */, 0 /* pub_print */, + 0 /*priv_decode */, 0 /* priv_encode */, 0 /* priv_print */, + 0 /* pkey_opaque */, 0 /* pkey_supports_digest */, + hmac_size, 0 /* pkey_bits */, 0 /* param_decode */, + 0 /* param_encode*/, 0 /* param_missing*/, 0 /* param_copy*/, + 0 /* param_cmp*/, 0 /* param_print*/, 0 /* sig_print*/, + hmac_key_free, 0 /* old_priv_decode */, + 0 /* old_priv_encode */ +}; diff --git a/src/crypto/evp/p_rsa.c b/src/crypto/evp/p_rsa.c index cfecbfd..5abc075 100644 --- a/src/crypto/evp/p_rsa.c +++ b/src/crypto/evp/p_rsa.c @@ -174,7 +174,7 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *siglen, } if (*siglen < key_len) { - OPENSSL_PUT_ERROR(EVP, EVP_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EVP, pkey_rsa_sign, EVP_R_BUFFER_TOO_SMALL); return 0; } @@ -182,12 +182,12 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *siglen, unsigned int out_len; if (tbslen != EVP_MD_size(rctx->md)) { - OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_DIGEST_LENGTH); + OPENSSL_PUT_ERROR(EVP, pkey_rsa_sign, EVP_R_INVALID_DIGEST_LENGTH); return 0; } if (EVP_MD_type(rctx->md) == NID_mdc2) { - OPENSSL_PUT_ERROR(EVP, EVP_R_NO_MDC2_SUPPORT); + OPENSSL_PUT_ERROR(EVP, pkey_rsa_sign, EVP_R_NO_MDC2_SUPPORT); return 0; } @@ -268,7 +268,7 @@ static int pkey_rsa_encrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, } if (*outlen < key_len) { - OPENSSL_PUT_ERROR(EVP, EVP_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EVP, pkey_rsa_encrypt, EVP_R_BUFFER_TOO_SMALL); return 0; } @@ -300,7 +300,7 @@ static int pkey_rsa_decrypt(EVP_PKEY_CTX *ctx, uint8_t *out, } if (*outlen < key_len) { - OPENSSL_PUT_ERROR(EVP, EVP_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EVP, pkey_rsa_decrypt, EVP_R_BUFFER_TOO_SMALL); return 0; } @@ -333,7 +333,7 @@ static int check_padding_md(const EVP_MD *md, int padding) { } if (padding == RSA_NO_PADDING) { - OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PADDING_MODE); + OPENSSL_PUT_ERROR(EVP, check_padding_md, EVP_R_INVALID_PADDING_MODE); return 0; } @@ -361,7 +361,8 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { 0 == (ctx->operation & (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY))) || (p1 == RSA_PKCS1_OAEP_PADDING && 0 == (ctx->operation & EVP_PKEY_OP_TYPE_CRYPT))) { - OPENSSL_PUT_ERROR(EVP, EVP_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE); + OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, + EVP_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE); return 0; } if ((p1 == RSA_PKCS1_PSS_PADDING || p1 == RSA_PKCS1_OAEP_PADDING) && @@ -378,7 +379,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_RSA_PSS_SALTLEN: case EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN: if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING) { - OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PSS_SALTLEN); + OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_INVALID_PSS_SALTLEN); return 0; } if (type == EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN) { @@ -393,7 +394,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_RSA_KEYGEN_BITS: if (p1 < 256) { - OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_KEYBITS); + OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_INVALID_KEYBITS); return 0; } rctx->nbits = p1; @@ -410,7 +411,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_RSA_OAEP_MD: case EVP_PKEY_CTRL_GET_RSA_OAEP_MD: if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) { - OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PADDING_MODE); + OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_INVALID_PADDING_MODE); return 0; } if (type == EVP_PKEY_CTRL_GET_RSA_OAEP_MD) { @@ -435,7 +436,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_GET_RSA_MGF1_MD: if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING && rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) { - OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_MGF1_MD); + OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_INVALID_MGF1_MD); return 0; } if (type == EVP_PKEY_CTRL_GET_RSA_MGF1_MD) { @@ -451,7 +452,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_RSA_OAEP_LABEL: if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) { - OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PADDING_MODE); + OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_INVALID_PADDING_MODE); return 0; } OPENSSL_free(rctx->oaep_label); @@ -468,14 +469,17 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL: if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) { - OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PADDING_MODE); + OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_INVALID_PADDING_MODE); return 0; } CBS_init((CBS *)p2, rctx->oaep_label, rctx->oaep_labellen); return 1; + case EVP_PKEY_CTRL_DIGESTINIT: + return 1; + default: - OPENSSL_PUT_ERROR(EVP, EVP_R_COMMAND_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_COMMAND_NOT_SUPPORTED); return 0; } } @@ -505,13 +509,14 @@ static int pkey_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { } const EVP_PKEY_METHOD rsa_pkey_meth = { - EVP_PKEY_RSA, 0 /* flags */, pkey_rsa_init, - pkey_rsa_copy, pkey_rsa_cleanup, 0 /* paramgen_init */, - 0 /* paramgen */, 0 /* keygen_init */, pkey_rsa_keygen, - 0 /* sign_init */, pkey_rsa_sign, 0 /* verify_init */, - pkey_rsa_verify, 0 /* encrypt_init */, pkey_rsa_encrypt, - 0 /* decrypt_init */, pkey_rsa_decrypt, 0 /* derive_init */, - 0 /* derive */, pkey_rsa_ctrl, + EVP_PKEY_RSA, 0 /* flags */, pkey_rsa_init, + pkey_rsa_copy, pkey_rsa_cleanup, 0 /* paramgen_init */, + 0 /* paramgen */, 0 /* keygen_init */, pkey_rsa_keygen, + 0 /* sign_init */, pkey_rsa_sign, 0 /* verify_init */, + pkey_rsa_verify, 0 /* signctx_init */, 0 /* signctx */, + 0 /* verifyctx_init */, 0 /* verifyctx */, 0 /* encrypt_init */, + pkey_rsa_encrypt, 0 /* decrypt_init */, pkey_rsa_decrypt, + 0 /* derive_init */, 0 /* derive */, pkey_rsa_ctrl, }; int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int padding) { @@ -588,7 +593,7 @@ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, return -1; } if (CBS_len(&label) > INT_MAX) { - OPENSSL_PUT_ERROR(EVP, ERR_R_OVERFLOW); + OPENSSL_PUT_ERROR(EVP, EVP_PKEY_CTX_get0_rsa_oaep_label, ERR_R_OVERFLOW); return -1; } *out_label = CBS_data(&label); diff --git a/src/crypto/evp/p_rsa_asn1.c b/src/crypto/evp/p_rsa_asn1.c index f60625b..1e2d3f6 100644 --- a/src/crypto/evp/p_rsa_asn1.c +++ b/src/crypto/evp/p_rsa_asn1.c @@ -57,7 +57,6 @@ #include #include -#include #include #include #include @@ -70,14 +69,16 @@ static int rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { - uint8_t *encoded; - size_t encoded_len; - if (!RSA_public_key_to_bytes(&encoded, &encoded_len, pkey->pkey.rsa)) { + uint8_t *encoded = NULL; + int len; + len = i2d_RSAPublicKey(pkey->pkey.rsa, &encoded); + + if (len <= 0) { return 0; } if (!X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_RSA), V_ASN1_NULL, NULL, - encoded, encoded_len)) { + encoded, len)) { OPENSSL_free(encoded); return 0; } @@ -88,25 +89,16 @@ static int rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { static int rsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) { const uint8_t *p; int pklen; + RSA *rsa; + if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, NULL, pubkey)) { return 0; } - - /* Estonian IDs issued between September 2014 to September 2015 are - * broken. See https://crbug.com/532048 and https://crbug.com/534766. - * - * TODO(davidben): Switch this to the strict version in March 2016 or when - * Chromium can force client certificates down a different codepath, whichever - * comes first. */ - CBS cbs; - CBS_init(&cbs, p, pklen); - RSA *rsa = RSA_parse_public_key_buggy(&cbs); - if (rsa == NULL || CBS_len(&cbs) != 0) { - OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); - RSA_free(rsa); + rsa = d2i_RSAPublicKey(NULL, &p, pklen); + if (rsa == NULL) { + OPENSSL_PUT_ERROR(EVP, rsa_pub_decode, ERR_R_RSA_LIB); return 0; } - EVP_PKEY_assign_RSA(pkey, rsa); return 1; } @@ -117,17 +109,20 @@ static int rsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) { } static int rsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { - uint8_t *encoded; - size_t encoded_len; - if (!RSA_private_key_to_bytes(&encoded, &encoded_len, pkey->pkey.rsa)) { + uint8_t *rk = NULL; + int rklen; + + rklen = i2d_RSAPrivateKey(pkey->pkey.rsa, &rk); + + if (rklen <= 0) { + OPENSSL_PUT_ERROR(EVP, rsa_priv_encode, ERR_R_MALLOC_FAILURE); return 0; } /* TODO(fork): const correctness in next line. */ if (!PKCS8_pkey_set0(p8, (ASN1_OBJECT *)OBJ_nid2obj(NID_rsaEncryption), 0, - V_ASN1_NULL, NULL, encoded, encoded_len)) { - OPENSSL_free(encoded); - OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); + V_ASN1_NULL, NULL, rk, rklen)) { + OPENSSL_PUT_ERROR(EVP, rsa_priv_encode, ERR_R_MALLOC_FAILURE); return 0; } @@ -137,14 +132,16 @@ static int rsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { static int rsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { const uint8_t *p; int pklen; + RSA *rsa; + if (!PKCS8_pkey_get0(NULL, &p, &pklen, NULL, p8)) { - OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, rsa_priv_decode, ERR_R_MALLOC_FAILURE); return 0; } - RSA *rsa = RSA_private_key_from_bytes(p, pklen); + rsa = d2i_RSAPrivateKey(NULL, &p, pklen); if (rsa == NULL) { - OPENSSL_PUT_ERROR(EVP, ERR_R_RSA_LIB); + OPENSSL_PUT_ERROR(EVP, rsa_priv_decode, ERR_R_RSA_LIB); return 0; } @@ -201,24 +198,11 @@ static int do_rsa_print(BIO *out, const RSA *rsa, int off, update_buflen(rsa->dmp1, &buf_len); update_buflen(rsa->dmq1, &buf_len); update_buflen(rsa->iqmp, &buf_len); - - if (rsa->additional_primes != NULL) { - size_t i; - - for (i = 0; i < sk_RSA_additional_prime_num(rsa->additional_primes); - i++) { - const RSA_additional_prime *ap = - sk_RSA_additional_prime_value(rsa->additional_primes, i); - update_buflen(ap->prime, &buf_len); - update_buflen(ap->exp, &buf_len); - update_buflen(ap->coeff, &buf_len); - } - } } m = (uint8_t *)OPENSSL_malloc(buf_len + 10); if (m == NULL) { - OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, do_rsa_print, ERR_R_MALLOC_FAILURE); goto err; } @@ -257,28 +241,6 @@ static int do_rsa_print(BIO *out, const RSA *rsa, int off, !ASN1_bn_print(out, "coefficient:", rsa->iqmp, m, off)) { goto err; } - - if (rsa->additional_primes != NULL && - sk_RSA_additional_prime_num(rsa->additional_primes) > 0) { - size_t i; - - if (BIO_printf(out, "otherPrimeInfos:\n") <= 0) { - goto err; - } - for (i = 0; i < sk_RSA_additional_prime_num(rsa->additional_primes); - i++) { - const RSA_additional_prime *ap = - sk_RSA_additional_prime_value(rsa->additional_primes, i); - - if (BIO_printf(out, "otherPrimeInfo (prime %u):\n", - (unsigned)(i + 3)) <= 0 || - !ASN1_bn_print(out, "prime:", ap->prime, m, off) || - !ASN1_bn_print(out, "exponent:", ap->exp, m, off) || - !ASN1_bn_print(out, "coeff:", ap->coeff, m, off)) { - goto err; - } - } - } } ret = 1; @@ -445,18 +407,18 @@ static int rsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, return 1; } -static int old_rsa_priv_decode(EVP_PKEY *pkey, const uint8_t **pder, +static int old_rsa_priv_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen) { RSA *rsa = d2i_RSAPrivateKey(NULL, pder, derlen); if (rsa == NULL) { - OPENSSL_PUT_ERROR(EVP, ERR_R_RSA_LIB); + OPENSSL_PUT_ERROR(EVP, old_rsa_priv_decode, ERR_R_RSA_LIB); return 0; } EVP_PKEY_assign_RSA(pkey, rsa); return 1; } -static int old_rsa_priv_encode(const EVP_PKEY *pkey, uint8_t **pder) { +static int old_rsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder) { return i2d_RSAPrivateKey(pkey->pkey.rsa, pder); } @@ -512,7 +474,7 @@ static const EVP_MD *rsa_algor_to_md(X509_ALGOR *alg) { } md = EVP_get_digestbyobj(alg->algorithm); if (md == NULL) { - OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_DIGEST); + OPENSSL_PUT_ERROR(EVP, rsa_algor_to_md, EVP_R_UNKNOWN_DIGEST); } return md; } @@ -525,16 +487,16 @@ static const EVP_MD *rsa_mgf1_to_md(X509_ALGOR *alg, X509_ALGOR *maskHash) { } /* Check mask and lookup mask hash algorithm */ if (OBJ_obj2nid(alg->algorithm) != NID_mgf1) { - OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_MASK_ALGORITHM); + OPENSSL_PUT_ERROR(EVP, rsa_mgf1_to_md, EVP_R_UNSUPPORTED_MASK_ALGORITHM); return NULL; } if (!maskHash) { - OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_MASK_PARAMETER); + OPENSSL_PUT_ERROR(EVP, rsa_mgf1_to_md, EVP_R_UNSUPPORTED_MASK_PARAMETER); return NULL; } md = EVP_get_digestbyobj(maskHash->algorithm); if (md == NULL) { - OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_MASK_DIGEST); + OPENSSL_PUT_ERROR(EVP, rsa_mgf1_to_md, EVP_R_UNKNOWN_MASK_DIGEST); return NULL; } return md; @@ -614,13 +576,13 @@ static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, X509_ALGOR *sigalg, EVP_PKEY *pkey) { /* Sanity check: make sure it is PSS */ if (OBJ_obj2nid(sigalg->algorithm) != NID_rsassaPss) { - OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_SIGNATURE_TYPE); + OPENSSL_PUT_ERROR(EVP, rsa_pss_to_ctx, EVP_R_UNSUPPORTED_SIGNATURE_TYPE); return 0; } /* Decode PSS parameters */ pss = rsa_pss_decode(sigalg, &maskHash); if (pss == NULL) { - OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PSS_PARAMETERS); + OPENSSL_PUT_ERROR(EVP, rsa_pss_to_ctx, EVP_R_INVALID_PSS_PARAMETERS); goto err; } @@ -640,7 +602,7 @@ static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, X509_ALGOR *sigalg, EVP_PKEY *pkey) { /* Could perform more salt length sanity checks but the main * RSA routines will trap other invalid values anyway. */ if (saltlen < 0) { - OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_SALT_LENGTH); + OPENSSL_PUT_ERROR(EVP, rsa_pss_to_ctx, EVP_R_INVALID_SALT_LENGTH); goto err; } } @@ -648,7 +610,7 @@ static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, X509_ALGOR *sigalg, EVP_PKEY *pkey) { /* low-level routines support only trailer field 0xbc (value 1) * and PKCS#1 says we should reject any other value anyway. */ if (pss->trailerField && ASN1_INTEGER_get(pss->trailerField) != 1) { - OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_TRAILER); + OPENSSL_PUT_ERROR(EVP, rsa_pss_to_ctx, EVP_R_INVALID_TRAILER); goto err; } @@ -676,7 +638,8 @@ static int rsa_digest_verify_init_from_algorithm(EVP_MD_CTX *ctx, EVP_PKEY *pkey) { /* Sanity check: make sure it is PSS */ if (OBJ_obj2nid(sigalg->algorithm) != NID_rsassaPss) { - OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_SIGNATURE_TYPE); + OPENSSL_PUT_ERROR(EVP, rsa_digest_verify_init_from_algorithm, + EVP_R_UNSUPPORTED_SIGNATURE_TYPE); return 0; } return rsa_pss_to_ctx(ctx, sigalg, pkey); @@ -708,6 +671,7 @@ const EVP_PKEY_ASN1_METHOD rsa_asn1_meth = { ASN1_PKEY_SIGPARAM_NULL, "RSA", + "OpenSSL RSA method", rsa_pub_decode, rsa_pub_encode, diff --git a/src/crypto/ex_data.c b/src/crypto/ex_data.c index f562f17..10fefc8 100644 --- a/src/crypto/ex_data.c +++ b/src/crypto/ex_data.c @@ -138,7 +138,7 @@ int CRYPTO_get_ex_new_index(CRYPTO_EX_DATA_CLASS *ex_data_class, int *out_index, funcs = OPENSSL_malloc(sizeof(CRYPTO_EX_DATA_FUNCS)); if (funcs == NULL) { - OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CRYPTO, CRYPTO_get_ex_new_index, ERR_R_MALLOC_FAILURE); return 0; } @@ -156,13 +156,12 @@ int CRYPTO_get_ex_new_index(CRYPTO_EX_DATA_CLASS *ex_data_class, int *out_index, if (ex_data_class->meth == NULL || !sk_CRYPTO_EX_DATA_FUNCS_push(ex_data_class->meth, funcs)) { - OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CRYPTO, CRYPTO_get_ex_new_index, ERR_R_MALLOC_FAILURE); OPENSSL_free(funcs); goto err; } - *out_index = sk_CRYPTO_EX_DATA_FUNCS_num(ex_data_class->meth) - 1 + - ex_data_class->num_reserved; + *out_index = sk_CRYPTO_EX_DATA_FUNCS_num(ex_data_class->meth) - 1; ret = 1; err: @@ -176,7 +175,7 @@ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int index, void *val) { if (ad->sk == NULL) { ad->sk = sk_void_new_null(); if (ad->sk == NULL) { - OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CRYPTO, CRYPTO_set_ex_data, ERR_R_MALLOC_FAILURE); return 0; } } @@ -186,7 +185,7 @@ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int index, void *val) { /* Add NULL values until the stack is long enough. */ for (i = n; i <= index; i++) { if (!sk_void_push(ad->sk, NULL)) { - OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CRYPTO, CRYPTO_set_ex_data, ERR_R_MALLOC_FAILURE); return 0; } } @@ -223,7 +222,7 @@ static int get_func_pointers(STACK_OF(CRYPTO_EX_DATA_FUNCS) **out, CRYPTO_STATIC_MUTEX_unlock(&ex_data_class->lock); if (n > 0 && *out == NULL) { - OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CRYPTO, get_func_pointers, ERR_R_MALLOC_FAILURE); return 0; } @@ -245,8 +244,8 @@ int CRYPTO_new_ex_data(CRYPTO_EX_DATA_CLASS *ex_data_class, void *obj, CRYPTO_EX_DATA_FUNCS *func_pointer = sk_CRYPTO_EX_DATA_FUNCS_value(func_pointers, i); if (func_pointer->new_func) { - func_pointer->new_func(obj, NULL, ad, i + ex_data_class->num_reserved, - func_pointer->argl, func_pointer->argp); + func_pointer->new_func(obj, NULL, ad, i, func_pointer->argl, + func_pointer->argp); } } @@ -273,12 +272,12 @@ int CRYPTO_dup_ex_data(CRYPTO_EX_DATA_CLASS *ex_data_class, CRYPTO_EX_DATA *to, for (i = 0; i < sk_CRYPTO_EX_DATA_FUNCS_num(func_pointers); i++) { CRYPTO_EX_DATA_FUNCS *func_pointer = sk_CRYPTO_EX_DATA_FUNCS_value(func_pointers, i); - void *ptr = CRYPTO_get_ex_data(from, i + ex_data_class->num_reserved); + void *ptr = CRYPTO_get_ex_data(from, i); if (func_pointer->dup_func) { - func_pointer->dup_func(to, from, &ptr, i + ex_data_class->num_reserved, - func_pointer->argl, func_pointer->argp); + func_pointer->dup_func(to, from, &ptr, i, func_pointer->argl, + func_pointer->argp); } - CRYPTO_set_ex_data(to, i + ex_data_class->num_reserved, ptr); + CRYPTO_set_ex_data(to, i, ptr); } sk_CRYPTO_EX_DATA_FUNCS_free(func_pointers); @@ -299,9 +298,9 @@ void CRYPTO_free_ex_data(CRYPTO_EX_DATA_CLASS *ex_data_class, void *obj, CRYPTO_EX_DATA_FUNCS *func_pointer = sk_CRYPTO_EX_DATA_FUNCS_value(func_pointers, i); if (func_pointer->free_func) { - void *ptr = CRYPTO_get_ex_data(ad, i + ex_data_class->num_reserved); - func_pointer->free_func(obj, ptr, ad, i + ex_data_class->num_reserved, - func_pointer->argl, func_pointer->argp); + void *ptr = CRYPTO_get_ex_data(ad, i); + func_pointer->free_func(obj, ptr, ad, i, func_pointer->argl, + func_pointer->argp); } } diff --git a/src/crypto/hkdf/CMakeLists.txt b/src/crypto/hkdf/CMakeLists.txt index 53bf558..66d680a 100644 --- a/src/crypto/hkdf/CMakeLists.txt +++ b/src/crypto/hkdf/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( hkdf diff --git a/src/crypto/hkdf/hkdf.c b/src/crypto/hkdf/hkdf.c index f9cdcb0..bb7f5a4 100644 --- a/src/crypto/hkdf/hkdf.c +++ b/src/crypto/hkdf/hkdf.c @@ -40,7 +40,7 @@ int HKDF(uint8_t *out_key, size_t out_len, /* Expand key material to desired length. */ n = (out_len + digest_len - 1) / digest_len; if (out_len + digest_len < out_len || n > 255) { - OPENSSL_PUT_ERROR(HKDF, HKDF_R_OUTPUT_TOO_LARGE); + OPENSSL_PUT_ERROR(HKDF, HKDF, HKDF_R_OUTPUT_TOO_LARGE); return 0; } @@ -83,7 +83,7 @@ int HKDF(uint8_t *out_key, size_t out_len, out: HMAC_CTX_cleanup(&hmac); if (ret != 1) { - OPENSSL_PUT_ERROR(HKDF, ERR_R_HMAC_LIB); + OPENSSL_PUT_ERROR(HKDF, HKDF, ERR_R_HMAC_LIB); } return ret; } diff --git a/src/crypto/hmac/CMakeLists.txt b/src/crypto/hmac/CMakeLists.txt index 392ce01..11d267f 100644 --- a/src/crypto/hmac/CMakeLists.txt +++ b/src/crypto/hmac/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( hmac diff --git a/src/crypto/hmac/hmac.c b/src/crypto/hmac/hmac.c index d37a249..556e7f9 100644 --- a/src/crypto/hmac/hmac.c +++ b/src/crypto/hmac/hmac.c @@ -97,7 +97,7 @@ void HMAC_CTX_cleanup(HMAC_CTX *ctx) { EVP_MD_CTX_cleanup(&ctx->i_ctx); EVP_MD_CTX_cleanup(&ctx->o_ctx); EVP_MD_CTX_cleanup(&ctx->md_ctx); - OPENSSL_cleanse(ctx, sizeof(HMAC_CTX)); + OPENSSL_cleanse(ctx, sizeof(ctx)); } int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, size_t key_len, diff --git a/src/crypto/hmac/hmac_tests.txt b/src/crypto/hmac/hmac_tests.txt index 53f3f8f..012f593 100644 --- a/src/crypto/hmac/hmac_tests.txt +++ b/src/crypto/hmac/hmac_tests.txt @@ -1,3 +1,6 @@ +# This test file is shared between evp_test and hmac_test, to test the legacy +# EVP_PKEY_HMAC API. + HMAC = MD5 # Note: The empty key results in passing NULL to HMAC_Init_ex, so this tests # that HMAC_CTX and HMAC treat NULL as the empty key initially. diff --git a/src/crypto/internal.h b/src/crypto/internal.h index 713659d..59eddd0 100644 --- a/src/crypto/internal.h +++ b/src/crypto/internal.h @@ -452,7 +452,6 @@ OPENSSL_EXPORT void CRYPTO_STATIC_MUTEX_unlock( typedef enum { OPENSSL_THREAD_LOCAL_ERR = 0, OPENSSL_THREAD_LOCAL_RAND, - OPENSSL_THREAD_LOCAL_URANDOM_BUF, OPENSSL_THREAD_LOCAL_TEST, NUM_OPENSSL_THREAD_LOCALS, } thread_local_data_t; @@ -494,14 +493,9 @@ typedef struct crypto_ex_data_func_st CRYPTO_EX_DATA_FUNCS; typedef struct { struct CRYPTO_STATIC_MUTEX lock; STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth; - /* num_reserved is one if the ex_data index zero is reserved for legacy - * |TYPE_get_app_data| functions. */ - uint8_t num_reserved; } CRYPTO_EX_DATA_CLASS; -#define CRYPTO_EX_DATA_CLASS_INIT {CRYPTO_STATIC_MUTEX_INIT, NULL, 0} -#define CRYPTO_EX_DATA_CLASS_INIT_WITH_APP_DATA \ - {CRYPTO_STATIC_MUTEX_INIT, NULL, 1} +#define CRYPTO_EX_DATA_CLASS_INIT {CRYPTO_STATIC_MUTEX_INIT, NULL} /* CRYPTO_get_ex_new_index allocates a new index for |ex_data_class| and writes * it to |*out_index|. Each class of object should provide a wrapper function diff --git a/src/crypto/lhash/CMakeLists.txt b/src/crypto/lhash/CMakeLists.txt index ce785eb..c71b8a1 100644 --- a/src/crypto/lhash/CMakeLists.txt +++ b/src/crypto/lhash/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( lhash diff --git a/src/crypto/lhash/lhash.c b/src/crypto/lhash/lhash.c index 257900e..c282fa8 100644 --- a/src/crypto/lhash/lhash.c +++ b/src/crypto/lhash/lhash.c @@ -1,5 +1,4 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). diff --git a/src/crypto/md4/CMakeLists.txt b/src/crypto/md4/CMakeLists.txt index 59140a7..db7a187 100644 --- a/src/crypto/md4/CMakeLists.txt +++ b/src/crypto/md4/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( md4 diff --git a/src/crypto/md5/CMakeLists.txt b/src/crypto/md5/CMakeLists.txt index a37c47e..6c5e80f 100644 --- a/src/crypto/md5/CMakeLists.txt +++ b/src/crypto/md5/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) if (${ARCH} STREQUAL "x86_64") set( diff --git a/src/crypto/md5/md5.c b/src/crypto/md5/md5.c index 6ad8d12..5575efb 100644 --- a/src/crypto/md5/md5.c +++ b/src/crypto/md5/md5.c @@ -1,5 +1,4 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). diff --git a/src/crypto/mem.c b/src/crypto/mem.c index edd14a8..ce41440 100644 --- a/src/crypto/mem.c +++ b/src/crypto/mem.c @@ -1,5 +1,4 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). diff --git a/src/crypto/modes/CMakeLists.txt b/src/crypto/modes/CMakeLists.txt index 6da5207..ffb29b6 100644 --- a/src/crypto/modes/CMakeLists.txt +++ b/src/crypto/modes/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) if (${ARCH} STREQUAL "x86_64") set( diff --git a/src/crypto/modes/asm/ghash-armv4.pl b/src/crypto/modes/asm/ghash-armv4.pl index dc5b99e..25a4e27 100644 --- a/src/crypto/modes/asm/ghash-armv4.pl +++ b/src/crypto/modes/asm/ghash-armv4.pl @@ -45,7 +45,7 @@ # processes one byte in 8.45 cycles, A9 - in 10.2, A15 - in 7.63, # Snapdragon S4 - in 9.33. # -# Câmara, D.; Gouvêa, C. P. L.; López, J. & Dahab, R.: Fast Software +# Câmara, D.; Gouvêa, C. P. L.; López, J. & Dahab, R.: Fast Software # Polynomial Multiplication on ARM Processors using the NEON Engine. # # http://conradoplg.cryptoland.net/files/2010/12/mocrysen13.pdf @@ -134,7 +134,7 @@ ___ $code=<<___; #if defined(__arm__) -#include +#include "arm_arch.h" .syntax unified @@ -457,12 +457,12 @@ gcm_ghash_neon: veor $IN,$Xl @ inp^=Xi .Lgmult_neon: ___ - &clmul64x64 ($Xl,$Hlo,"$IN#lo"); # H.lo·Xi.lo + &clmul64x64 ($Xl,$Hlo,"$IN#lo"); # H.lo·Xi.lo $code.=<<___; veor $IN#lo,$IN#lo,$IN#hi @ Karatsuba pre-processing ___ - &clmul64x64 ($Xm,$Hhl,"$IN#lo"); # (H.lo+H.hi)·(Xi.lo+Xi.hi) - &clmul64x64 ($Xh,$Hhi,"$IN#hi"); # H.hi·Xi.hi + &clmul64x64 ($Xm,$Hhl,"$IN#lo"); # (H.lo+H.hi)·(Xi.lo+Xi.hi) + &clmul64x64 ($Xh,$Hhi,"$IN#hi"); # H.hi·Xi.hi $code.=<<___; veor $Xm,$Xm,$Xl @ Karatsuba post-processing veor $Xm,$Xm,$Xh diff --git a/src/crypto/modes/asm/ghash-x86.pl b/src/crypto/modes/asm/ghash-x86.pl index 0269169..23a5527 100644 --- a/src/crypto/modes/asm/ghash-x86.pl +++ b/src/crypto/modes/asm/ghash-x86.pl @@ -358,7 +358,7 @@ $S=12; # shift factor for rem_4bit # effective address calculation and finally merge of value to Z.hi. # Reference to rem_4bit is scheduled so late that I had to >>4 # rem_4bit elements. This resulted in 20-45% procent improvement -# on contemporary µ-archs. +# on contemporary µ-archs. { my $cnt; my $rem_4bit = "eax"; diff --git a/src/crypto/modes/asm/ghash-x86_64.pl b/src/crypto/modes/asm/ghash-x86_64.pl index 5a7ce39..6e656ca 100644 --- a/src/crypto/modes/asm/ghash-x86_64.pl +++ b/src/crypto/modes/asm/ghash-x86_64.pl @@ -576,15 +576,15 @@ $code.=<<___ if (0 || (&reduction_alg9($Xhi,$Xi)&&0)); # experimental alternative. special thing about is that there # no dependency between the two multiplications... mov \$`0xE1<<1`,%eax - mov \$0xA040608020C0E000,%r10 # ((7..0)·0xE0)&0xff + mov \$0xA040608020C0E000,%r10 # ((7..0)·0xE0)&0xff mov \$0x07,%r11d movq %rax,$T1 movq %r10,$T2 movq %r11,$T3 # borrow $T3 pand $Xi,$T3 - pshufb $T3,$T2 # ($Xi&7)·0xE0 + pshufb $T3,$T2 # ($Xi&7)·0xE0 movq %rax,$T3 - pclmulqdq \$0x00,$Xi,$T1 # ·(0xE1<<1) + pclmulqdq \$0x00,$Xi,$T1 # ·(0xE1<<1) pxor $Xi,$T2 pslldq \$15,$T2 paddd $T2,$T2 # <<(64+56+1) @@ -657,7 +657,7 @@ $code.=<<___; je .Lskip4x sub \$0x30,$len - mov \$0xA040608020C0E000,%rax # ((7..0)·0xE0)&0xff + mov \$0xA040608020C0E000,%rax # ((7..0)·0xE0)&0xff movdqu 0x30($Htbl),$Hkey3 movdqu 0x40($Htbl),$Hkey4 diff --git a/src/crypto/modes/asm/ghashv8-armx.pl b/src/crypto/modes/asm/ghashv8-armx.pl index 3a7b8d8..686951f 100644 --- a/src/crypto/modes/asm/ghashv8-armx.pl +++ b/src/crypto/modes/asm/ghashv8-armx.pl @@ -54,7 +54,7 @@ my ($Xl,$Xm,$Xh,$IN)=map("q$_",(0..3)); my ($t0,$t1,$t2,$xC2,$H,$Hhl,$H2)=map("q$_",(8..14)); $code=<<___; -#include +#include "arm_arch.h" .text ___ @@ -148,10 +148,10 @@ gcm_gmult_v8: #endif vext.8 $IN,$t1,$t1,#8 - vpmull.p64 $Xl,$H,$IN @ H.lo·Xi.lo + vpmull.p64 $Xl,$H,$IN @ H.lo·Xi.lo veor $t1,$t1,$IN @ Karatsuba pre-processing - vpmull2.p64 $Xh,$H,$IN @ H.hi·Xi.hi - vpmull.p64 $Xm,$Hhl,$t1 @ (H.lo+H.hi)·(Xi.lo+Xi.hi) + vpmull2.p64 $Xh,$H,$IN @ H.hi·Xi.hi + vpmull.p64 $Xm,$Hhl,$t1 @ (H.lo+H.hi)·(Xi.lo+Xi.hi) vext.8 $t1,$Xl,$Xh,#8 @ Karatsuba post-processing veor $t2,$Xl,$Xh @@ -239,7 +239,7 @@ $code.=<<___; #endif vext.8 $In,$t1,$t1,#8 veor $IN,$IN,$Xl @ I[i]^=Xi - vpmull.p64 $Xln,$H,$In @ H·Ii+1 + vpmull.p64 $Xln,$H,$In @ H·Ii+1 veor $t1,$t1,$In @ Karatsuba pre-processing vpmull2.p64 $Xhn,$H,$In b .Loop_mod2x_v8 @@ -248,14 +248,14 @@ $code.=<<___; .Loop_mod2x_v8: vext.8 $t2,$IN,$IN,#8 subs $len,$len,#32 @ is there more data? - vpmull.p64 $Xl,$H2,$IN @ H^2.lo·Xi.lo + vpmull.p64 $Xl,$H2,$IN @ H^2.lo·Xi.lo cclr $inc,lo @ is it time to zero $inc? vpmull.p64 $Xmn,$Hhl,$t1 veor $t2,$t2,$IN @ Karatsuba pre-processing - vpmull2.p64 $Xh,$H2,$IN @ H^2.hi·Xi.hi + vpmull2.p64 $Xh,$H2,$IN @ H^2.hi·Xi.hi veor $Xl,$Xl,$Xln @ accumulate - vpmull2.p64 $Xm,$Hhl,$t2 @ (H^2.lo+H^2.hi)·(Xi.lo+Xi.hi) + vpmull2.p64 $Xm,$Hhl,$t2 @ (H^2.lo+H^2.hi)·(Xi.lo+Xi.hi) vld1.64 {$t0},[$inp],$inc @ load [rotated] I[i+2] veor $Xh,$Xh,$Xhn @@ -280,7 +280,7 @@ $code.=<<___; vext.8 $In,$t1,$t1,#8 vext.8 $IN,$t0,$t0,#8 veor $Xl,$Xm,$t2 - vpmull.p64 $Xln,$H,$In @ H·Ii+1 + vpmull.p64 $Xln,$H,$In @ H·Ii+1 veor $IN,$IN,$Xh @ accumulate $IN early vext.8 $t2,$Xl,$Xl,#8 @ 2nd phase of reduction @@ -304,10 +304,10 @@ $code.=<<___; veor $IN,$IN,$Xl @ inp^=Xi veor $t1,$t0,$t2 @ $t1 is rotated inp^Xi - vpmull.p64 $Xl,$H,$IN @ H.lo·Xi.lo + vpmull.p64 $Xl,$H,$IN @ H.lo·Xi.lo veor $t1,$t1,$IN @ Karatsuba pre-processing - vpmull2.p64 $Xh,$H,$IN @ H.hi·Xi.hi - vpmull.p64 $Xm,$Hhl,$t1 @ (H.lo+H.hi)·(Xi.lo+Xi.hi) + vpmull2.p64 $Xh,$H,$IN @ H.hi·Xi.hi + vpmull.p64 $Xm,$Hhl,$t1 @ (H.lo+H.hi)·(Xi.lo+Xi.hi) vext.8 $t1,$Xl,$Xh,#8 @ Karatsuba post-processing veor $t2,$Xl,$Xh diff --git a/src/crypto/modes/gcm.c b/src/crypto/modes/gcm.c index 593dce8..b1c10b3 100644 --- a/src/crypto/modes/gcm.c +++ b/src/crypto/modes/gcm.c @@ -349,12 +349,12 @@ void gcm_ghash_4bit_x86(uint64_t Xi[2], const u128 Htable[16], const uint8_t *in size_t len); #endif #elif defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64) -#include +#include "../arm_arch.h" #if __ARM_ARCH__ >= 7 #define GHASH_ASM_ARM #define GCM_FUNCREF_4BIT -static int pmull_capable(void) { +static int pmull_capable() { return (OPENSSL_armcap_P & ARMV8_PMULL) != 0; } @@ -365,7 +365,7 @@ void gcm_ghash_v8(uint64_t Xi[2], const u128 Htable[16], const uint8_t *inp, #if defined(OPENSSL_ARM) /* 32-bit ARM also has support for doing GCM with NEON instructions. */ -static int neon_capable(void) { +static int neon_capable() { return CRYPTO_is_NEON_capable(); } @@ -375,7 +375,7 @@ void gcm_ghash_neon(uint64_t Xi[2], const u128 Htable[16], const uint8_t *inp, size_t len); #else /* AArch64 only has the ARMv8 versions of functions. */ -static int neon_capable(void) { +static int neon_capable() { return 0; } void gcm_init_neon(u128 Htable[16], const uint64_t Xi[2]) { diff --git a/src/crypto/modes/gcm_test.c b/src/crypto/modes/gcm_test.c index 89ed792..a8819ea 100644 --- a/src/crypto/modes/gcm_test.c +++ b/src/crypto/modes/gcm_test.c @@ -55,7 +55,6 @@ #include #include "internal.h" -#include "../test/test_util.h" struct test_case { @@ -299,6 +298,17 @@ err: return 0; } +void hexdump(const char *msg, const void *in, size_t len) { + const uint8_t *data = in; + size_t i; + + fprintf(stderr, "%s: ", msg); + for (i = 0; i < len; i++) { + fprintf(stderr, "%02x", data[i]); + } + fprintf(stderr, "\n"); +} + static int run_test_case(unsigned test_num, const struct test_case *test) { size_t key_len, plaintext_len, additional_data_len, nonce_len, ciphertext_len, tag_len; @@ -357,8 +367,8 @@ static int run_test_case(unsigned test_num, const struct test_case *test) { if (!CRYPTO_gcm128_finish(&ctx, tag, tag_len) || (ciphertext && memcmp(out, ciphertext, plaintext_len) != 0)) { fprintf(stderr, "%u: encrypt failed.\n", test_num); - hexdump(stderr, "got :", out, plaintext_len); - hexdump(stderr, "want:", ciphertext, plaintext_len); + hexdump("got ", out, plaintext_len); + hexdump("want", ciphertext, plaintext_len); goto out; } diff --git a/src/crypto/modes/internal.h b/src/crypto/modes/internal.h index caeac40..d12405e 100644 --- a/src/crypto/modes/internal.h +++ b/src/crypto/modes/internal.h @@ -173,6 +173,11 @@ struct gcm128_context { void *key; }; +struct xts128_context { + void *key1, *key2; + block128_f block1, block2; +}; + struct ccm128_context { union { uint64_t u[2]; diff --git a/src/crypto/obj/CMakeLists.txt b/src/crypto/obj/CMakeLists.txt index b8a4ef3..a27e504 100644 --- a/src/crypto/obj/CMakeLists.txt +++ b/src/crypto/obj/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( obj diff --git a/src/crypto/obj/obj.c b/src/crypto/obj/obj.c index 94f739c..bf16d17 100644 --- a/src/crypto/obj/obj.c +++ b/src/crypto/obj/obj.c @@ -108,7 +108,7 @@ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o) { r = ASN1_OBJECT_new(); if (r == NULL) { - OPENSSL_PUT_ERROR(OBJ, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(OBJ, OBJ_dup, ERR_R_ASN1_LIB); return NULL; } r->ln = r->sn = NULL; @@ -149,7 +149,7 @@ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o) { return r; err: - OPENSSL_PUT_ERROR(OBJ, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(OBJ, OBJ_dup, ERR_R_MALLOC_FAILURE); OPENSSL_free(ln); OPENSSL_free(sn); OPENSSL_free(data); @@ -337,7 +337,7 @@ const ASN1_OBJECT *OBJ_nid2obj(int nid) { CRYPTO_STATIC_MUTEX_unlock(&global_added_lock); err: - OPENSSL_PUT_ERROR(OBJ, OBJ_R_UNKNOWN_NID); + OPENSSL_PUT_ERROR(OBJ, OBJ_nid2obj, OBJ_R_UNKNOWN_NID); return NULL; } @@ -388,7 +388,7 @@ ASN1_OBJECT *OBJ_txt2obj(const char *s, int dont_search_names) { buf = OPENSSL_malloc(total_len); if (buf == NULL) { - OPENSSL_PUT_ERROR(OBJ, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(OBJ, OBJ_txt2obj, ERR_R_MALLOC_FAILURE); return NULL; } @@ -636,7 +636,7 @@ int OBJ_create(const char *oid, const char *short_name, const char *long_name) { buf = OPENSSL_malloc(len); if (buf == NULL) { - OPENSSL_PUT_ERROR(OBJ, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(OBJ, OBJ_create, ERR_R_MALLOC_FAILURE); goto err; } diff --git a/src/crypto/pem/CMakeLists.txt b/src/crypto/pem/CMakeLists.txt index 30dd7c9..720ba2f 100644 --- a/src/crypto/pem/CMakeLists.txt +++ b/src/crypto/pem/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( pem diff --git a/src/crypto/pem/pem_info.c b/src/crypto/pem/pem_info.c index b4ae805..3f02619 100644 --- a/src/crypto/pem/pem_info.c +++ b/src/crypto/pem/pem_info.c @@ -80,7 +80,7 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_p if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, PEM_X509_INFO_read, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); @@ -107,7 +107,7 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pe { if ((ret=sk_X509_INFO_new_null()) == NULL) { - OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PEM, PEM_X509_INFO_read_bio, ERR_R_MALLOC_FAILURE); goto err; } } @@ -248,13 +248,13 @@ start: { if (!d2i_PrivateKey(ptype, pp, &p, len)) { - OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PEM, PEM_X509_INFO_read_bio, ERR_R_ASN1_LIB); goto err; } } else if (d2i(pp,&p,len) == NULL) { - OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PEM, PEM_X509_INFO_read_bio, ERR_R_ASN1_LIB); goto err; } } @@ -326,7 +326,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc)); if (objstr == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_R_UNSUPPORTED_CIPHER); + OPENSSL_PUT_ERROR(PEM, PEM_X509_INFO_write_bio, PEM_R_UNSUPPORTED_CIPHER); goto err; } } @@ -342,7 +342,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, { if (enc == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_R_CIPHER_IS_NULL); + OPENSSL_PUT_ERROR(PEM, PEM_X509_INFO_write_bio, PEM_R_CIPHER_IS_NULL); goto err; } @@ -360,7 +360,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, EVP_CIPHER_nid(xi->enc_cipher.cipher)); if (objstr == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_R_UNSUPPORTED_CIPHER); + OPENSSL_PUT_ERROR(PEM, PEM_X509_INFO_write_bio, PEM_R_UNSUPPORTED_CIPHER); goto err; } diff --git a/src/crypto/pem/pem_lib.c b/src/crypto/pem/pem_lib.c index 5915696..5201467 100644 --- a/src/crypto/pem/pem_lib.c +++ b/src/crypto/pem/pem_lib.c @@ -128,7 +128,7 @@ void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x, if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, PEM_ASN1_read, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); @@ -275,7 +275,7 @@ int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp, if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, PEM_ASN1_write, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); @@ -302,14 +302,14 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc)); if (objstr == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_R_UNSUPPORTED_CIPHER); + OPENSSL_PUT_ERROR(PEM, PEM_ASN1_write_bio, PEM_R_UNSUPPORTED_CIPHER); goto err; } } if ((dsize=i2d(x,NULL)) < 0) { - OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PEM, PEM_ASN1_write_bio, ERR_R_ASN1_LIB); dsize=0; goto err; } @@ -318,7 +318,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, data=(unsigned char *)OPENSSL_malloc((unsigned int)dsize+20); if (data == NULL) { - OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PEM, PEM_ASN1_write_bio, ERR_R_MALLOC_FAILURE); goto err; } p=data; @@ -336,7 +336,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, klen=(*callback)(buf,PEM_BUFSIZE,1,u); if (klen <= 0) { - OPENSSL_PUT_ERROR(PEM, PEM_R_READ_KEY); + OPENSSL_PUT_ERROR(PEM, PEM_ASN1_write_bio, PEM_R_READ_KEY); goto err; } kstr=(unsigned char *)buf; @@ -408,7 +408,7 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen, klen=callback(buf,PEM_BUFSIZE,0,u); if (klen <= 0) { - OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_PASSWORD_READ); + OPENSSL_PUT_ERROR(PEM, PEM_do_header, PEM_R_BAD_PASSWORD_READ); return(0); } @@ -428,7 +428,7 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen, OPENSSL_cleanse((char *)key,sizeof(key)); if (!o) { - OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(PEM, PEM_do_header, PEM_R_BAD_DECRYPT); return(0); } j+=i; @@ -437,18 +437,11 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen, } static const EVP_CIPHER* cipher_by_name(const char *name) { - /* This is similar to the (deprecated) function |EVP_get_cipherbyname|. */ - if (0 == strcmp(name, SN_rc4)) { - return EVP_rc4(); - } else if (0 == strcmp(name, SN_des_cbc)) { + if (strcmp(name, "DES-CBC") == 0) { return EVP_des_cbc(); - } else if (0 == strcmp(name, SN_des_ede3_cbc)) { - return EVP_des_ede3_cbc(); - } else if (0 == strcmp(name, SN_aes_128_cbc)) { + } else if (strcmp(name, "AES-128-CBC") == 0) { return EVP_aes_128_cbc(); - } else if (0 == strcmp(name, SN_aes_192_cbc)) { - return EVP_aes_192_cbc(); - } else if (0 == strcmp(name, SN_aes_256_cbc)) { + } else if (strcmp(name, "AES-256-CBC") == 0) { return EVP_aes_256_cbc(); } else { return NULL; @@ -465,19 +458,19 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher) if ((header == NULL) || (*header == '\0') || (*header == '\n')) return(1); if (strncmp(header,"Proc-Type: ",11) != 0) - { OPENSSL_PUT_ERROR(PEM, PEM_R_NOT_PROC_TYPE); return(0); } + { OPENSSL_PUT_ERROR(PEM, PEM_get_EVP_CIPHER_INFO, PEM_R_NOT_PROC_TYPE); return(0); } header+=11; if (*header != '4') return(0); header++; if (*header != ',') return(0); header++; if (strncmp(header,"ENCRYPTED",9) != 0) - { OPENSSL_PUT_ERROR(PEM, PEM_R_NOT_ENCRYPTED); return(0); } + { OPENSSL_PUT_ERROR(PEM, PEM_get_EVP_CIPHER_INFO, PEM_R_NOT_ENCRYPTED); return(0); } for (; (*header != '\n') && (*header != '\0'); header++) ; if (*header == '\0') - { OPENSSL_PUT_ERROR(PEM, PEM_R_SHORT_HEADER); return(0); } + { OPENSSL_PUT_ERROR(PEM, PEM_get_EVP_CIPHER_INFO, PEM_R_SHORT_HEADER); return(0); } header++; if (strncmp(header,"DEK-Info: ",10) != 0) - { OPENSSL_PUT_ERROR(PEM, PEM_R_NOT_DEK_INFO); return(0); } + { OPENSSL_PUT_ERROR(PEM, PEM_get_EVP_CIPHER_INFO, PEM_R_NOT_DEK_INFO); return(0); } header+=10; p=header; @@ -496,7 +489,7 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher) if (enc == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_R_UNSUPPORTED_ENCRYPTION); + OPENSSL_PUT_ERROR(PEM, PEM_get_EVP_CIPHER_INFO, PEM_R_UNSUPPORTED_ENCRYPTION); return(0); } if (!load_iv(header_pp,&(cipher->iv[0]),EVP_CIPHER_iv_length(enc))) @@ -523,7 +516,7 @@ static int load_iv(char **fromp, unsigned char *to, int num) v= *from-'a'+10; else { - OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_IV_CHARS); + OPENSSL_PUT_ERROR(PEM, load_iv, PEM_R_BAD_IV_CHARS); return(0); } from++; @@ -543,7 +536,7 @@ int PEM_write(FILE *fp, const char *name, const char *header, if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, PEM_write, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); @@ -610,7 +603,7 @@ err: OPENSSL_cleanse(buf, PEM_BUFSIZE*8); OPENSSL_free(buf); } - OPENSSL_PUT_ERROR(PEM, reason); + OPENSSL_PUT_ERROR(PEM, PEM_write_bio, reason); return(0); } @@ -623,7 +616,7 @@ int PEM_read(FILE *fp, char **name, char **header, unsigned char **data, if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, PEM_read, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); @@ -651,7 +644,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, BUF_MEM_free(nameB); BUF_MEM_free(headerB); BUF_MEM_free(dataB); - OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PEM, PEM_read_bio, ERR_R_MALLOC_FAILURE); return(0); } @@ -662,7 +655,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, if (i <= 0) { - OPENSSL_PUT_ERROR(PEM, PEM_R_NO_START_LINE); + OPENSSL_PUT_ERROR(PEM, PEM_read_bio, PEM_R_NO_START_LINE); goto err; } @@ -677,7 +670,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, continue; if (!BUF_MEM_grow(nameB,i+9)) { - OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PEM, PEM_read_bio, ERR_R_MALLOC_FAILURE); goto err; } memcpy(nameB->data,&(buf[11]),i-6); @@ -687,7 +680,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, } hl=0; if (!BUF_MEM_grow(headerB,256)) - { OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE); goto err; } + { OPENSSL_PUT_ERROR(PEM, PEM_read_bio, ERR_R_MALLOC_FAILURE); goto err; } headerB->data[0]='\0'; for (;;) { @@ -699,7 +692,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, if (buf[0] == '\n') break; if (!BUF_MEM_grow(headerB,hl+i+9)) - { OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE); goto err; } + { OPENSSL_PUT_ERROR(PEM, PEM_read_bio, ERR_R_MALLOC_FAILURE); goto err; } if (strncmp(buf,"-----END ",9) == 0) { nohead=1; @@ -712,7 +705,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, bl=0; if (!BUF_MEM_grow(dataB,1024)) - { OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE); goto err; } + { OPENSSL_PUT_ERROR(PEM, PEM_read_bio, ERR_R_MALLOC_FAILURE); goto err; } dataB->data[0]='\0'; if (!nohead) { @@ -730,7 +723,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, if (i > 65) break; if (!BUF_MEM_grow_clean(dataB,i+bl+9)) { - OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PEM, PEM_read_bio, ERR_R_MALLOC_FAILURE); goto err; } memcpy(&(dataB->data[bl]),buf,i); @@ -761,7 +754,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, (strncmp(nameB->data,&(buf[9]),i) != 0) || (strncmp(&(buf[9+i]),"-----\n",6) != 0)) { - OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_END_LINE); + OPENSSL_PUT_ERROR(PEM, PEM_read_bio, PEM_R_BAD_END_LINE); goto err; } @@ -771,13 +764,13 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, (unsigned char *)dataB->data,bl); if (i < 0) { - OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_BASE64_DECODE); + OPENSSL_PUT_ERROR(PEM, PEM_read_bio, PEM_R_BAD_BASE64_DECODE); goto err; } i=EVP_DecodeFinal(&ctx,(unsigned char *)&(dataB->data[bl]),&k); if (i < 0) { - OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_BASE64_DECODE); + OPENSSL_PUT_ERROR(PEM, PEM_read_bio, PEM_R_BAD_BASE64_DECODE); goto err; } bl+=k; diff --git a/src/crypto/pem/pem_oth.c b/src/crypto/pem/pem_oth.c index 3e8f6bd..20d12b6 100644 --- a/src/crypto/pem/pem_oth.c +++ b/src/crypto/pem/pem_oth.c @@ -83,7 +83,7 @@ void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x, p = data; ret=d2i(x,&p,len); if (ret == NULL) - OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PEM, PEM_ASN1_read_bio, ERR_R_ASN1_LIB); OPENSSL_free(data); return ret; } diff --git a/src/crypto/pem/pem_pk8.c b/src/crypto/pem/pem_pk8.c index 0824477..035038e 100644 --- a/src/crypto/pem/pem_pk8.c +++ b/src/crypto/pem/pem_pk8.c @@ -118,7 +118,7 @@ static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER char buf[PEM_BUFSIZE]; int ret; if(!(p8inf = EVP_PKEY2PKCS8(x))) { - OPENSSL_PUT_ERROR(PEM, PEM_R_ERROR_CONVERTING_PRIVATE_KEY); + OPENSSL_PUT_ERROR(PEM, do_pk8pkey, PEM_R_ERROR_CONVERTING_PRIVATE_KEY); return 0; } if(enc || (nid != -1)) { @@ -127,7 +127,7 @@ static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER if (!cb) cb = PEM_def_callback; klen = cb(buf, PEM_BUFSIZE, 1, u); if(klen <= 0) { - OPENSSL_PUT_ERROR(PEM, PEM_R_READ_KEY); + OPENSSL_PUT_ERROR(PEM, do_pk8pkey, PEM_R_READ_KEY); PKCS8_PRIV_KEY_INFO_free(p8inf); return 0; } @@ -163,7 +163,7 @@ EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo if (!cb) cb = PEM_def_callback; klen=cb(psbuf,PEM_BUFSIZE,0,u); if (klen <= 0) { - OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_PASSWORD_READ); + OPENSSL_PUT_ERROR(PEM, d2i_PKCS8PrivateKey_bio, PEM_R_BAD_PASSWORD_READ); X509_SIG_free(p8); return NULL; } @@ -216,7 +216,7 @@ static int do_pk8pkey_fp(FILE *fp, EVP_PKEY *x, int isder, int nid, const EVP_CI BIO *bp; int ret; if(!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) { - OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, do_pk8pkey_fp, ERR_R_BUF_LIB); return(0); } ret = do_pk8pkey(bp, x, isder, nid, enc, kstr, klen, cb, u); @@ -229,7 +229,7 @@ EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, vo BIO *bp; EVP_PKEY *ret; if(!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) { - OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, d2i_PKCS8PrivateKey_fp, ERR_R_BUF_LIB); return NULL; } ret = d2i_PKCS8PrivateKey_bio(bp, x, cb, u); diff --git a/src/crypto/pem/pem_pkey.c b/src/crypto/pem/pem_pkey.c index c462727..fe58558 100644 --- a/src/crypto/pem/pem_pkey.c +++ b/src/crypto/pem/pem_pkey.c @@ -109,7 +109,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo if (!cb) cb = PEM_def_callback; klen=cb(psbuf,PEM_BUFSIZE,0,u); if (klen <= 0) { - OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_PASSWORD_READ); + OPENSSL_PUT_ERROR(PEM, PEM_read_bio_PrivateKey, PEM_R_BAD_PASSWORD_READ); X509_SIG_free(p8); goto err; } @@ -132,7 +132,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo } p8err: if (ret == NULL) - OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PEM, PEM_read_bio_PrivateKey, ERR_R_ASN1_LIB); err: OPENSSL_free(nm); @@ -210,7 +210,7 @@ EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x) } err: if (ret == NULL) - OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PEM, PEM_read_bio_Parameters, ERR_R_ASN1_LIB); OPENSSL_free(nm); OPENSSL_free(data); return(ret); @@ -236,7 +236,7 @@ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, PEM_read_PrivateKey, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); @@ -254,7 +254,7 @@ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, if ((b=BIO_new_fp(fp, BIO_NOCLOSE)) == NULL) { - OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, PEM_write_PrivateKey, ERR_R_BUF_LIB); return 0; } ret=PEM_write_bio_PrivateKey(b, x, enc, kstr, klen, cb, u); @@ -287,7 +287,7 @@ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u) ret = d2i_DHparams(x, &p, len); if (ret == NULL) - OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PEM, PEM_read_bio_DHparams, ERR_R_ASN1_LIB); OPENSSL_free(nm); OPENSSL_free(data); return ret; @@ -301,7 +301,7 @@ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u) if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, PEM_read_DHparams, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); diff --git a/src/crypto/perlasm/arm-xlate.pl b/src/crypto/perlasm/arm-xlate.pl index 706fa70..81ceb31 100755 --- a/src/crypto/perlasm/arm-xlate.pl +++ b/src/crypto/perlasm/arm-xlate.pl @@ -116,9 +116,6 @@ sub expand_line { return $line; } -print "#if defined(__arm__)\n" if ($flavour eq "linux32"); -print "#if defined(__aarch64__)\n" if ($flavour eq "linux64"); - while($line=<>) { if ($line =~ m/^\s*(#|@|\/\/)/) { print $line; next; } @@ -165,6 +162,4 @@ while($line=<>) { print "\n"; } -print "#endif" if ($flavour eq "linux32" || $flavour eq "linux64"); - close STDOUT; diff --git a/src/crypto/pkcs8/CMakeLists.txt b/src/crypto/pkcs8/CMakeLists.txt index ce5bce1..4426f1e 100644 --- a/src/crypto/pkcs8/CMakeLists.txt +++ b/src/crypto/pkcs8/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( pkcs8 @@ -19,11 +19,4 @@ add_executable( $ ) -add_executable( - pkcs8_test - - pkcs8_test.cc -) - -target_link_libraries(pkcs8_test crypto) target_link_libraries(pkcs12_test crypto) diff --git a/src/crypto/pkcs8/internal.h b/src/crypto/pkcs8/internal.h index 7995e78..44ca4f7 100644 --- a/src/crypto/pkcs8/internal.h +++ b/src/crypto/pkcs8/internal.h @@ -66,15 +66,6 @@ extern "C" { #define PKCS5_DEFAULT_ITERATIONS 2048 #define PKCS5_SALT_LEN 8 -/* PKCS5_v2_PBE_keyivgen intializes the supplied |ctx| for PBKDF v2, which must - * be specified by |param|. The password is specified by |pass_raw| and - * |pass_raw_len|. |cipher| and |md| are ignored. - * - * It returns one on success and zero on error. */ -int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const uint8_t *pass_raw, - size_t pass_raw_len, ASN1_TYPE *param, - const EVP_CIPHER *cipher, const EVP_MD *md, int enc); - #if defined(__cplusplus) } /* extern C */ diff --git a/src/crypto/pkcs8/p5_pbe.c b/src/crypto/pkcs8/p5_pbe.c index 653cabf..f30ae79 100644 --- a/src/crypto/pkcs8/p5_pbe.c +++ b/src/crypto/pkcs8/p5_pbe.c @@ -86,21 +86,21 @@ int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, pbe = PBEPARAM_new(); if (!pbe) { - OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbe_set0_algor, ERR_R_MALLOC_FAILURE); goto err; } if(iter <= 0) iter = PKCS5_DEFAULT_ITERATIONS; if (!ASN1_INTEGER_set(pbe->iter, iter)) { - OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbe_set0_algor, ERR_R_MALLOC_FAILURE); goto err; } if (!saltlen) saltlen = PKCS5_SALT_LEN; if (!ASN1_STRING_set(pbe->salt, NULL, saltlen)) { - OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbe_set0_algor, ERR_R_MALLOC_FAILURE); goto err; } sstr = ASN1_STRING_data(pbe->salt); @@ -111,7 +111,7 @@ int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, if(!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) { - OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbe_set0_algor, ERR_R_MALLOC_FAILURE); goto err; } @@ -138,7 +138,7 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, ret = X509_ALGOR_new(); if (!ret) { - OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbe_set, ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/src/crypto/pkcs8/p5_pbev2.c b/src/crypto/pkcs8/p5_pbev2.c index f58aae7..9eb9848 100644 --- a/src/crypto/pkcs8/p5_pbev2.c +++ b/src/crypto/pkcs8/p5_pbev2.c @@ -53,8 +53,6 @@ * (eay@cryptsoft.com). This product includes software written by Tim * Hudson (tjh@cryptsoft.com). */ -#include -#include #include #include @@ -126,7 +124,7 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, alg_nid = EVP_CIPHER_nid(cipher); if(alg_nid == NID_undef) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER); + OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbe2_set_iv, PKCS8_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER); goto err; } obj = OBJ_nid2obj(alg_nid); @@ -154,7 +152,7 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, if (!EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0)) goto err; if(param_to_asn1(&ctx, scheme->parameter) < 0) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ERROR_SETTING_CIPHER_PARAMS); + OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbe2_set_iv, PKCS8_R_ERROR_SETTING_CIPHER_PARAMS); EVP_CIPHER_CTX_cleanup(&ctx); goto err; } @@ -204,7 +202,7 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, return ret; merr: - OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbe2_set_iv, ERR_R_MALLOC_FAILURE); err: PBE2PARAM_free(pbe2); @@ -297,143 +295,9 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, return keyfunc; merr: - OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbkdf2_set, ERR_R_MALLOC_FAILURE); PBKDF2PARAM_free(kdf); X509_ALGOR_free(keyfunc); return NULL; } -static int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, - const uint8_t *pass_raw, - size_t pass_raw_len, const ASN1_TYPE *param, - const ASN1_TYPE *iv, int enc) { - int rv = 0; - PBKDF2PARAM *pbkdf2param = NULL; - - if (EVP_CIPHER_CTX_cipher(ctx) == NULL) { - OPENSSL_PUT_ERROR(PKCS8, CIPHER_R_NO_CIPHER_SET); - goto err; - } - - /* Decode parameters. */ - if (param == NULL || param->type != V_ASN1_SEQUENCE) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); - goto err; - } - - const uint8_t *pbuf = param->value.sequence->data; - int plen = param->value.sequence->length; - pbkdf2param = d2i_PBKDF2PARAM(NULL, &pbuf, plen); - if (pbkdf2param == NULL || pbuf != param->value.sequence->data + plen) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); - goto err; - } - - /* Now check the parameters. */ - uint8_t key[EVP_MAX_KEY_LENGTH]; - const size_t key_len = EVP_CIPHER_CTX_key_length(ctx); - assert(key_len <= sizeof(key)); - - if (pbkdf2param->keylength != NULL && - ASN1_INTEGER_get(pbkdf2param->keylength) != (int) key_len) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_KEYLENGTH); - goto err; - } - - if (pbkdf2param->prf != NULL && - OBJ_obj2nid(pbkdf2param->prf->algorithm) != NID_hmacWithSHA1) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_PRF); - goto err; - } - - if (pbkdf2param->salt->type != V_ASN1_OCTET_STRING) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_SALT_TYPE); - goto err; - } - - if (pbkdf2param->iter->type != V_ASN1_INTEGER) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_ITERATION_COUNT); - goto err; - } - long iterations = ASN1_INTEGER_get(pbkdf2param->iter); - if (iterations < 0 || iterations > UINT_MAX) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_ITERATION_COUNT); - goto err; - } - - if (iv->type != V_ASN1_OCTET_STRING || iv->value.octet_string == NULL) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ERROR_SETTING_CIPHER_PARAMS); - goto err; - } - - const size_t iv_len = EVP_CIPHER_CTX_iv_length(ctx); - if (iv->value.octet_string->length != iv_len) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ERROR_SETTING_CIPHER_PARAMS); - goto err; - } - - if (!PKCS5_PBKDF2_HMAC_SHA1((const char *) pass_raw, pass_raw_len, - pbkdf2param->salt->value.octet_string->data, - pbkdf2param->salt->value.octet_string->length, - iterations, key_len, key)) { - goto err; - } - - rv = EVP_CipherInit_ex(ctx, NULL /* cipher */, NULL /* engine */, key, - iv->value.octet_string->data, enc); - - err: - PBKDF2PARAM_free(pbkdf2param); - return rv; -} - -int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const uint8_t *pass_raw, - size_t pass_raw_len, ASN1_TYPE *param, - const EVP_CIPHER *unused, const EVP_MD *unused2, - int enc) { - PBE2PARAM *pbe2param = NULL; - int rv = 0; - - if (param == NULL || - param->type != V_ASN1_SEQUENCE || - param->value.sequence == NULL) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); - goto err; - } - - const uint8_t *pbuf = param->value.sequence->data; - int plen = param->value.sequence->length; - pbe2param = d2i_PBE2PARAM(NULL, &pbuf, plen); - if (pbe2param == NULL || pbuf != param->value.sequence->data + plen) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); - goto err; - } - - /* Check that the key derivation function is PBKDF2. */ - if (OBJ_obj2nid(pbe2param->keyfunc->algorithm) != NID_id_pbkdf2) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION); - goto err; - } - - /* See if we recognise the encryption algorithm. */ - const EVP_CIPHER *cipher = - EVP_get_cipherbynid(OBJ_obj2nid(pbe2param->encryption->algorithm)); - if (cipher == NULL) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_CIPHER); - goto err; - } - - /* Fixup cipher based on AlgorithmIdentifier. */ - if (!EVP_CipherInit_ex(ctx, cipher, NULL /* engine */, NULL /* key */, - NULL /* iv */, enc)) { - goto err; - } - - rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass_raw, pass_raw_len, - pbe2param->keyfunc->parameter, - pbe2param->encryption->parameter, enc); - - err: - PBE2PARAM_free(pbe2param); - return rv; -} diff --git a/src/crypto/pkcs8/pkcs8.c b/src/crypto/pkcs8/pkcs8.c index 8067c91..843c74d 100644 --- a/src/crypto/pkcs8/pkcs8.c +++ b/src/crypto/pkcs8/pkcs8.c @@ -69,7 +69,6 @@ #include #include -#include "internal.h" #include "../bytestring/internal.h" #include "../evp/internal.h" @@ -201,7 +200,7 @@ static int pkcs12_key_gen_raw(const uint8_t *pass_raw, size_t pass_raw_len, } err: - OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, pkcs12_key_gen_raw, ERR_R_MALLOC_FAILURE); end: OPENSSL_free(Ai); @@ -228,14 +227,14 @@ static int pkcs12_pbe_keyivgen(EVP_CIPHER_CTX *ctx, const uint8_t *pass_raw, /* Extract useful info from parameter */ if (param == NULL || param->type != V_ASN1_SEQUENCE || param->value.sequence == NULL) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, pkcs12_pbe_keyivgen, PKCS8_R_DECODE_ERROR); return 0; } pbuf = param->value.sequence->data; pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length); if (pbe == NULL) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, pkcs12_pbe_keyivgen, PKCS8_R_DECODE_ERROR); return 0; } @@ -248,13 +247,13 @@ static int pkcs12_pbe_keyivgen(EVP_CIPHER_CTX *ctx, const uint8_t *pass_raw, salt_len = pbe->salt->length; if (!pkcs12_key_gen_raw(pass_raw, pass_raw_len, salt, salt_len, PKCS12_KEY_ID, iterations, EVP_CIPHER_key_length(cipher), key, md)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_KEY_GEN_ERROR); + OPENSSL_PUT_ERROR(PKCS8, pkcs12_pbe_keyivgen, PKCS8_R_KEY_GEN_ERROR); PBEPARAM_free(pbe); return 0; } if (!pkcs12_key_gen_raw(pass_raw, pass_raw_len, salt, salt_len, PKCS12_IV_ID, iterations, EVP_CIPHER_iv_length(cipher), iv, md)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_KEY_GEN_ERROR); + OPENSSL_PUT_ERROR(PKCS8, pkcs12_pbe_keyivgen, PKCS8_R_KEY_GEN_ERROR); PBEPARAM_free(pbe); return 0; } @@ -275,93 +274,42 @@ struct pbe_suite { const EVP_CIPHER* (*cipher_func)(void); const EVP_MD* (*md_func)(void); keygen_func keygen; - int flags; }; -#define PBE_UCS2_CONVERT_PASSWORD 0x1 - static const struct pbe_suite kBuiltinPBE[] = { { - NID_pbe_WithSHA1And40BitRC2_CBC, EVP_rc2_40_cbc, EVP_sha1, - pkcs12_pbe_keyivgen, PBE_UCS2_CONVERT_PASSWORD + NID_pbe_WithSHA1And40BitRC2_CBC, EVP_rc2_40_cbc, EVP_sha1, pkcs12_pbe_keyivgen, }, { NID_pbe_WithSHA1And128BitRC4, EVP_rc4, EVP_sha1, pkcs12_pbe_keyivgen, - PBE_UCS2_CONVERT_PASSWORD }, { NID_pbe_WithSHA1And3_Key_TripleDES_CBC, EVP_des_ede3_cbc, EVP_sha1, - pkcs12_pbe_keyivgen, PBE_UCS2_CONVERT_PASSWORD - }, - { - NID_pbes2, NULL, NULL, PKCS5_v2_PBE_keyivgen, 0 + pkcs12_pbe_keyivgen, }, }; -static const struct pbe_suite *get_pbe_suite(int pbe_nid) { - unsigned i; - for (i = 0; i < sizeof(kBuiltinPBE) / sizeof(kBuiltinPBE[0]); i++) { - if (kBuiltinPBE[i].pbe_nid == pbe_nid) { - return &kBuiltinPBE[i]; - } - } - - return NULL; -} - -/* pass_to_pass_raw performs a password conversion (possibly a no-op) - * appropriate to the supplied |pbe_nid|. The input |pass| is treated as a - * NUL-terminated string if |pass_len| is -1, otherwise it is treated as a - * buffer of the specified length. If the supplied PBE NID sets the - * |PBE_UCS2_CONVERT_PASSWORD| flag, the supplied |pass| will be converted to - * UCS-2. - * - * It sets |*out_pass_raw| to a new buffer that must be freed by the caller. It - * returns one on success and zero on error. */ -static int pass_to_pass_raw(int pbe_nid, const char *pass, int pass_len, - uint8_t **out_pass_raw, size_t *out_pass_raw_len) { - if (pass == NULL) { - *out_pass_raw = NULL; - *out_pass_raw_len = 0; - return 1; - } - - if (pass_len == -1) { - pass_len = strlen(pass); - } else if (pass_len < 0 || pass_len > 2000000000) { - OPENSSL_PUT_ERROR(PKCS8, ERR_R_OVERFLOW); - return 0; - } - - const struct pbe_suite *suite = get_pbe_suite(pbe_nid); - if (suite != NULL && (suite->flags & PBE_UCS2_CONVERT_PASSWORD)) { - if (!ascii_to_ucs2(pass, pass_len, out_pass_raw, out_pass_raw_len)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); - return 0; - } - } else { - *out_pass_raw = BUF_memdup(pass, pass_len); - if (*out_pass_raw == NULL) { - OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); - return 0; - } - *out_pass_raw_len = (size_t)pass_len; - } - - return 1; -} - static int pbe_cipher_init(ASN1_OBJECT *pbe_obj, const uint8_t *pass_raw, size_t pass_raw_len, ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int is_encrypt) { const EVP_CIPHER *cipher; const EVP_MD *md; + unsigned i; + + const struct pbe_suite *suite = NULL; + const int pbe_nid = OBJ_obj2nid(pbe_obj); + + for (i = 0; i < sizeof(kBuiltinPBE) / sizeof(struct pbe_suite); i++) { + if (kBuiltinPBE[i].pbe_nid == pbe_nid) { + suite = &kBuiltinPBE[i]; + break; + } + } - const struct pbe_suite *suite = get_pbe_suite(OBJ_obj2nid(pbe_obj)); if (suite == NULL) { char obj_str[80]; - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNKNOWN_ALGORITHM); + OPENSSL_PUT_ERROR(PKCS8, pbe_cipher_init, PKCS8_R_UNKNOWN_ALGORITHM); if (!pbe_obj) { strncpy(obj_str, "NULL", sizeof(obj_str)); } else { @@ -376,7 +324,7 @@ static int pbe_cipher_init(ASN1_OBJECT *pbe_obj, } else { cipher = suite->cipher_func(); if (!cipher) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNKNOWN_CIPHER); + OPENSSL_PUT_ERROR(PKCS8, pbe_cipher_init, PKCS8_R_UNKNOWN_CIPHER); return 0; } } @@ -386,14 +334,14 @@ static int pbe_cipher_init(ASN1_OBJECT *pbe_obj, } else { md = suite->md_func(); if (!md) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNKNOWN_DIGEST); + OPENSSL_PUT_ERROR(PKCS8, pbe_cipher_init, PKCS8_R_UNKNOWN_DIGEST); return 0; } } if (!suite->keygen(ctx, pass_raw, pass_raw_len, param, cipher, md, is_encrypt)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_KEYGEN_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, pbe_cipher_init, PKCS8_R_KEYGEN_FAILURE); return 0; } @@ -414,32 +362,32 @@ static int pbe_crypt(const X509_ALGOR *algor, if (!pbe_cipher_init(algor->algorithm, pass_raw, pass_raw_len, algor->parameter, &ctx, is_encrypt)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNKNOWN_CIPHER_ALGORITHM); + OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, PKCS8_R_UNKNOWN_CIPHER_ALGORITHM); return 0; } block_size = EVP_CIPHER_CTX_block_size(&ctx); if (in_len + block_size < in_len) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_TOO_LONG); + OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, PKCS8_R_TOO_LONG); goto err; } buf = OPENSSL_malloc(in_len + block_size); if (buf == NULL) { - OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, ERR_R_MALLOC_FAILURE); goto err; } if (!EVP_CipherUpdate(&ctx, buf, &n, in, in_len)) { OPENSSL_free(buf); - OPENSSL_PUT_ERROR(PKCS8, ERR_R_EVP_LIB); + OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, ERR_R_EVP_LIB); goto err; } *out_len = n; if (!EVP_CipherFinal_ex(&ctx, buf + n, &n)) { OPENSSL_free(buf); - OPENSSL_PUT_ERROR(PKCS8, ERR_R_EVP_LIB); + OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, ERR_R_EVP_LIB); goto err; } *out_len += n; @@ -462,14 +410,14 @@ static void *pkcs12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it, if (!pbe_crypt(algor, pass_raw, pass_raw_len, oct->data, oct->length, &out, &out_len, 0 /* decrypt */)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_CRYPT_ERROR); + OPENSSL_PUT_ERROR(PKCS8, pkcs12_item_decrypt_d2i, PKCS8_R_CRYPT_ERROR); return NULL; } p = out; ret = ASN1_item_d2i(NULL, &p, out_len, it); OPENSSL_cleanse(out, out_len); if (!ret) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, pkcs12_item_decrypt_d2i, PKCS8_R_DECODE_ERROR); } OPENSSL_free(out); return ret; @@ -479,12 +427,19 @@ PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *pkcs8, const char *pass, int pass_len) { uint8_t *pass_raw = NULL; size_t pass_raw_len = 0; - if (!pass_to_pass_raw(OBJ_obj2nid(pkcs8->algor->algorithm), pass, pass_len, - &pass_raw, &pass_raw_len)) { - return NULL; + PKCS8_PRIV_KEY_INFO *ret; + + if (pass) { + if (pass_len == -1) { + pass_len = strlen(pass); + } + if (!ascii_to_ucs2(pass, pass_len, &pass_raw, &pass_raw_len)) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_decrypt, PKCS8_R_DECODE_ERROR); + return NULL; + } } - PKCS8_PRIV_KEY_INFO *ret = PKCS8_decrypt_pbe(pkcs8, pass_raw, pass_raw_len); + ret = PKCS8_decrypt_pbe(pkcs8, pass_raw, pass_raw_len); if (pass_raw) { OPENSSL_cleanse(pass_raw, pass_raw_len); @@ -511,17 +466,17 @@ static ASN1_OCTET_STRING *pkcs12_item_i2d_encrypt(X509_ALGOR *algor, oct = M_ASN1_OCTET_STRING_new(); if (oct == NULL) { - OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, pkcs12_item_i2d_encrypt, ERR_R_MALLOC_FAILURE); return NULL; } in_len = ASN1_item_i2d(obj, &in, it); if (!in) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ENCODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, pkcs12_item_i2d_encrypt, PKCS8_R_ENCODE_ERROR); return NULL; } if (!pbe_crypt(algor, pass_raw, pass_raw_len, in, in_len, &oct->data, &crypt_len, 1 /* encrypt */)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ENCRYPT_ERROR); + OPENSSL_PUT_ERROR(PKCS8, pkcs12_item_i2d_encrypt, PKCS8_R_ENCRYPT_ERROR); OPENSSL_free(in); return NULL; } @@ -536,12 +491,20 @@ X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, const char *pass, int iterations, PKCS8_PRIV_KEY_INFO *p8inf) { uint8_t *pass_raw = NULL; size_t pass_raw_len = 0; - if (!pass_to_pass_raw(pbe_nid, pass, pass_len, &pass_raw, &pass_raw_len)) { - return NULL; + X509_SIG *ret; + + if (pass) { + if (pass_len == -1) { + pass_len = strlen(pass); + } + if (!ascii_to_ucs2(pass, pass_len, &pass_raw, &pass_raw_len)) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_encrypt, PKCS8_R_DECODE_ERROR); + return NULL; + } } - X509_SIG *ret = PKCS8_encrypt_pbe(pbe_nid, cipher, pass_raw, pass_raw_len, - salt, salt_len, iterations, p8inf); + ret = PKCS8_encrypt_pbe(pbe_nid, pass_raw, pass_raw_len, + salt, salt_len, iterations, p8inf); if (pass_raw) { OPENSSL_cleanse(pass_raw, pass_raw_len); @@ -550,7 +513,7 @@ X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, const char *pass, return ret; } -X509_SIG *PKCS8_encrypt_pbe(int pbe_nid, const EVP_CIPHER *cipher, +X509_SIG *PKCS8_encrypt_pbe(int pbe_nid, const uint8_t *pass_raw, size_t pass_raw_len, uint8_t *salt, size_t salt_len, int iterations, PKCS8_PRIV_KEY_INFO *p8inf) { @@ -559,17 +522,13 @@ X509_SIG *PKCS8_encrypt_pbe(int pbe_nid, const EVP_CIPHER *cipher, pkcs8 = X509_SIG_new(); if (pkcs8 == NULL) { - OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_encrypt_pbe, ERR_R_MALLOC_FAILURE); goto err; } - if (pbe_nid == -1) { - pbe = PKCS5_pbe2_set(cipher, iterations, salt, salt_len); - } else { - pbe = PKCS5_pbe_set(pbe_nid, iterations, salt, salt_len); - } + pbe = PKCS5_pbe_set(pbe_nid, iterations, salt, salt_len); if (!pbe) { - OPENSSL_PUT_ERROR(PKCS8, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_encrypt_pbe, ERR_R_ASN1_LIB); goto err; } @@ -579,7 +538,7 @@ X509_SIG *PKCS8_encrypt_pbe(int pbe_nid, const EVP_CIPHER *cipher, pkcs8->digest = pkcs12_item_i2d_encrypt( pbe, ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO), pass_raw, pass_raw_len, p8inf); if (!pkcs8->digest) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ENCRYPT_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_encrypt_pbe, PKCS8_R_ENCRYPT_ERROR); goto err; } @@ -601,12 +560,13 @@ EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) { pkey = EVP_PKEY_new(); if (pkey == NULL) { - OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE); return NULL; } if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(algoid))) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); + OPENSSL_PUT_ERROR(PKCS8, EVP_PKCS82PKEY, + PKCS8_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); i2t_ASN1_OBJECT(obj_tmp, 80, algoid); ERR_add_error_data(2, "TYPE=", obj_tmp); goto error; @@ -614,11 +574,11 @@ EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) { if (pkey->ameth->priv_decode) { if (!pkey->ameth->priv_decode(pkey, p8)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_PRIVATE_KEY_DECODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, EVP_PKCS82PKEY, PKCS8_R_PRIVATE_KEY_DECODE_ERROR); goto error; } } else { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_METHOD_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(PKCS8, EVP_PKCS82PKEY, PKCS8_R_METHOD_NOT_SUPPORTED); goto error; } @@ -634,7 +594,7 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey) { p8 = PKCS8_PRIV_KEY_INFO_new(); if (p8 == NULL) { - OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, EVP_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); return NULL; } p8->broken = PKCS8_OK; @@ -642,15 +602,17 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey) { if (pkey->ameth) { if (pkey->ameth->priv_encode) { if (!pkey->ameth->priv_encode(p8, pkey)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_PRIVATE_KEY_ENCODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, EVP_PKEY2PKCS8, + PKCS8_R_PRIVATE_KEY_ENCODE_ERROR); goto error; } } else { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_METHOD_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(PKCS8, EVP_PKEY2PKCS8, PKCS8_R_METHOD_NOT_SUPPORTED); goto error; } } else { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); + OPENSSL_PUT_ERROR(PKCS8, EVP_PKEY2PKCS8, + PKCS8_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); goto error; } return p8; @@ -684,7 +646,8 @@ static int PKCS12_handle_content_infos(CBS *content_infos, * pkcs7-encryptedData and a pkcs7-data) and depth 1 (the various PKCS#12 * bags). */ if (depth > 3) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_PKCS12_TOO_DEEPLY_NESTED); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_infos, + PKCS8_R_PKCS12_TOO_DEEPLY_NESTED); return 0; } @@ -693,7 +656,6 @@ static int PKCS12_handle_content_infos(CBS *content_infos, * conversion cannot see through those wrappings. So each time we step * through one we need to convert to DER again. */ if (!CBS_asn1_ber_to_der(content_infos, &der_bytes, &der_len)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); return 0; } @@ -704,14 +666,16 @@ static int PKCS12_handle_content_infos(CBS *content_infos, } if (!CBS_get_asn1(&in, &in, CBS_ASN1_SEQUENCE)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_infos, + PKCS8_R_BAD_PKCS12_DATA); goto err; } while (CBS_len(&in) > 0) { CBS content_info; if (!CBS_get_asn1(&in, &content_info, CBS_ASN1_SEQUENCE)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_infos, + PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -741,7 +705,8 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, if (!CBS_get_asn1(content_info, &content_type, CBS_ASN1_OBJECT) || !CBS_get_asn1(content_info, &wrapped_contents, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, + PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -769,12 +734,14 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, !CBS_get_asn1_element(&eci, &ai, CBS_ASN1_SEQUENCE) || !CBS_get_asn1(&eci, &encrypted_contents, CBS_ASN1_CONTEXT_SPECIFIC | 0)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, + PKCS8_R_BAD_PKCS12_DATA); goto err; } if (OBJ_cbs2nid(&contents_type) != NID_pkcs7_data) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, + PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -785,7 +752,8 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, } if (inp != CBS_data(&ai) + CBS_len(&ai)) { X509_ALGOR_free(algor); - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, + PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -805,7 +773,8 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, if (!CBS_get_asn1(&wrapped_contents, &octet_string_contents, CBS_ASN1_OCTETSTRING)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, + PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -818,7 +787,8 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, X509_SIG *encrypted = NULL; if (*ctx->out_key) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_MULTIPLE_PRIVATE_KEYS_IN_PKCS12); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, + PKCS8_R_MULTIPLE_PRIVATE_KEYS_IN_PKCS12); goto err; } @@ -826,11 +796,13 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, * structure as one and so |X509_SIG| is reused to store it. */ encrypted = d2i_X509_SIG(NULL, &inp, CBS_len(&wrapped_contents)); if (encrypted == NULL) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, + PKCS8_R_BAD_PKCS12_DATA); goto err; } if (inp != CBS_data(&wrapped_contents) + CBS_len(&wrapped_contents)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, + PKCS8_R_BAD_PKCS12_DATA); X509_SIG_free(encrypted); goto err; } @@ -856,7 +828,8 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, !CBS_get_asn1(&cert_bag, &wrapped_cert, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0) || !CBS_get_asn1(&wrapped_cert, &cert, CBS_ASN1_OCTETSTRING)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, + PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -864,11 +837,13 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, const uint8_t *inp = CBS_data(&cert); X509 *x509 = d2i_X509(NULL, &inp, CBS_len(&cert)); if (!x509) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, + PKCS8_R_BAD_PKCS12_DATA); goto err; } if (inp != CBS_data(&cert) + CBS_len(&cert)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, + PKCS8_R_BAD_PKCS12_DATA); X509_free(x509); goto err; } @@ -900,7 +875,6 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, /* The input may be in BER format. */ if (!CBS_asn1_ber_to_der(ber_in, &der_bytes, &der_len)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); return 0; } if (der_bytes != NULL) { @@ -917,27 +891,28 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, if (!CBS_get_asn1(&in, &pfx, CBS_ASN1_SEQUENCE) || CBS_len(&in) != 0 || !CBS_get_asn1_uint64(&pfx, &version)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_BAD_PKCS12_DATA); goto err; } if (version < 3) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_VERSION); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, + PKCS8_R_BAD_PKCS12_VERSION); goto err; } if (!CBS_get_asn1(&pfx, &authsafe, CBS_ASN1_SEQUENCE)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_BAD_PKCS12_DATA); goto err; } if (CBS_len(&pfx) == 0) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_MISSING_MAC); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_MISSING_MAC); goto err; } if (!CBS_get_asn1(&pfx, &mac_data, CBS_ASN1_SEQUENCE)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -946,7 +921,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, if (!CBS_get_asn1(&authsafe, &content_type, CBS_ASN1_OBJECT) || !CBS_get_asn1(&authsafe, &wrapped_authsafes, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -954,12 +929,13 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, * latter indicates that it's signed by a public key, which isn't * supported. */ if (OBJ_cbs2nid(&content_type) != NID_pkcs7_data) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_PKCS12_PUBLIC_KEY_INTEGRITY_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, + PKCS8_R_PKCS12_PUBLIC_KEY_INTEGRITY_NOT_SUPPORTED); goto err; } if (!CBS_get_asn1(&wrapped_authsafes, &authsafes, CBS_ASN1_OCTETSTRING)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -967,7 +943,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, ctx.out_certs = out_certs; if (!ascii_to_ucs2(password, strlen(password), &ctx.password, &ctx.password_len)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_DECODE_ERROR); goto err; } @@ -986,7 +962,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, !CBS_get_asn1(&hash_type_seq, &hash_oid, CBS_ASN1_OBJECT) || !CBS_get_asn1(&mac, &expected_mac, CBS_ASN1_OCTETSTRING) || !CBS_get_asn1(&mac_data, &salt, CBS_ASN1_OCTETSTRING)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -995,7 +971,8 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, if (CBS_len(&mac_data) > 0) { if (!CBS_get_asn1_uint64(&mac_data, &iterations) || iterations > INT_MAX) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, + PKCS8_R_BAD_PKCS12_DATA); goto err; } } @@ -1003,7 +980,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, hash_nid = OBJ_cbs2nid(&hash_oid); if (hash_nid == NID_undef || (md = EVP_get_digestbynid(hash_nid)) == NULL) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNKNOWN_HASH); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_UNKNOWN_HASH); goto err; } @@ -1019,7 +996,8 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, } if (!CBS_mem_equal(&expected_mac, hmac, hmac_len)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_INCORRECT_PASSWORD); + OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, + PKCS8_R_INCORRECT_PASSWORD); goto err; } } @@ -1148,7 +1126,6 @@ int PKCS12_parse(const PKCS12 *p12, const char *password, EVP_PKEY **out_pkey, if (!ca_certs) { ca_certs = sk_X509_new_null(); if (ca_certs == NULL) { - OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); return 0; } ca_certs_alloced = 1; diff --git a/src/crypto/pkcs8/pkcs8_test.cc b/src/crypto/pkcs8/pkcs8_test.cc deleted file mode 100644 index 7a88ddf..0000000 --- a/src/crypto/pkcs8/pkcs8_test.cc +++ /dev/null @@ -1,91 +0,0 @@ -/* Copyright (c) 2015, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -#include -#include -#include - -#include -#include -#include -#include - -#include "../test/scoped_types.h" - - -/* kDER is a PKCS#8 encrypted private key. It was generated with: - * - * openssl genrsa 512 > test.key - * openssl pkcs8 -topk8 -in test.key -out test.key.encrypted -v2 des3 -outform der - * hexdump -Cv test.key.encrypted - * - * The password is "testing". - */ -static const uint8_t kDER[] = { - 0x30, 0x82, 0x01, 0x9e, 0x30, 0x40, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, - 0x0d, 0x30, 0x33, 0x30, 0x1b, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, 0x0c, - 0x30, 0x0e, 0x04, 0x08, 0x06, 0xa5, 0x4b, 0x0c, 0x0c, 0x50, 0x8c, 0x19, 0x02, 0x02, 0x08, 0x00, - 0x30, 0x14, 0x06, 0x08, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x03, 0x07, 0x04, 0x08, 0x3a, 0xd0, - 0x70, 0x4b, 0x26, 0x50, 0x13, 0x7b, 0x04, 0x82, 0x01, 0x58, 0xa6, 0xee, 0x02, 0xf2, 0xf2, 0x7c, - 0x19, 0x91, 0xe3, 0xce, 0x32, 0x85, 0xc5, 0x01, 0xd9, 0xe3, 0x5e, 0x14, 0xb6, 0xb8, 0x78, 0xad, - 0xda, 0x01, 0xec, 0x9e, 0x42, 0xe8, 0xbf, 0x0b, 0x46, 0x03, 0xbc, 0x92, 0x6f, 0xe4, 0x0f, 0x0f, - 0x48, 0x30, 0x10, 0x10, 0x9b, 0xfb, 0x4b, 0xb9, 0x45, 0xf8, 0xcf, 0xab, 0xa1, 0x18, 0xdd, 0x19, - 0xa4, 0xa4, 0xe1, 0xf0, 0xa1, 0x8d, 0xc2, 0x23, 0xe7, 0x0d, 0x7a, 0x64, 0x21, 0x6b, 0xfa, 0x48, - 0xb9, 0x41, 0xc1, 0x0c, 0x4b, 0xce, 0x6f, 0x1a, 0x91, 0x9b, 0x9f, 0xdd, 0xcf, 0xa9, 0x8d, 0x33, - 0x2c, 0x45, 0x81, 0x5c, 0x5e, 0x67, 0xc6, 0x68, 0x43, 0x62, 0xff, 0x5e, 0x9b, 0x1a, 0x15, 0x3a, - 0x9d, 0x71, 0x3f, 0xbe, 0x32, 0x2f, 0xe5, 0x90, 0x65, 0x65, 0x9c, 0x22, 0xf6, 0x29, 0x2e, 0xcf, - 0x26, 0x16, 0x7b, 0x66, 0x48, 0x55, 0xad, 0x9a, 0x8d, 0x89, 0xf4, 0x48, 0x4f, 0x1f, 0x9d, 0xb8, - 0xfa, 0xe1, 0xf1, 0x3b, 0x39, 0x5c, 0x72, 0xc6, 0xb8, 0x3e, 0x98, 0xe8, 0x77, 0xe8, 0xb6, 0x71, - 0x84, 0xa8, 0x6e, 0xca, 0xaf, 0x62, 0x96, 0x49, 0x8a, 0x21, 0x6f, 0x9e, 0x78, 0x07, 0x97, 0x38, - 0x40, 0x66, 0x42, 0x5a, 0x1b, 0xe0, 0x9b, 0xe9, 0x91, 0x82, 0xe4, 0xea, 0x8f, 0x2a, 0xb2, 0x80, - 0xce, 0xe8, 0x57, 0xd3, 0xac, 0x11, 0x9d, 0xb2, 0x39, 0x0f, 0xe1, 0xce, 0x18, 0x96, 0x38, 0xa1, - 0x19, 0x80, 0x88, 0x81, 0x3d, 0xda, 0xaa, 0x8e, 0x15, 0x27, 0x19, 0x73, 0x0c, 0xf3, 0xaf, 0x45, - 0xe9, 0x1b, 0xad, 0x6c, 0x3d, 0xbf, 0x95, 0xf7, 0xa0, 0x87, 0x0e, 0xde, 0xf1, 0xd8, 0xee, 0xaa, - 0x92, 0x76, 0x8d, 0x32, 0x45, 0xa1, 0xe7, 0xf5, 0x05, 0xd6, 0x2c, 0x67, 0x63, 0x10, 0xfa, 0xde, - 0x80, 0xc7, 0x5b, 0x96, 0x0f, 0x24, 0x50, 0x78, 0x30, 0xe5, 0x89, 0xf3, 0x73, 0xfa, 0x40, 0x11, - 0xd5, 0x26, 0xb8, 0x36, 0x96, 0x98, 0xe6, 0xbd, 0x73, 0x62, 0x56, 0xb9, 0xea, 0x28, 0x16, 0x93, - 0x5b, 0x33, 0xae, 0x83, 0xf9, 0x1f, 0xee, 0xef, 0xc8, 0xbf, 0xc7, 0xb1, 0x47, 0x43, 0xa1, 0xc6, - 0x1a, 0x64, 0x47, 0x02, 0x40, 0x3e, 0xbc, 0x0f, 0x80, 0x71, 0x5c, 0x44, 0x60, 0xbc, 0x78, 0x2e, - 0xd2, 0x77, 0xf8, 0x6e, 0x12, 0x51, 0x89, 0xdb, 0x90, 0x64, 0xcd, 0x76, 0x10, 0x29, 0x73, 0xc2, - 0x2f, 0x94, 0x7b, 0x98, 0xcd, 0xbb, 0x61, 0x16, 0x1d, 0x52, 0x11, 0x73, 0x48, 0xe6, 0x39, 0xfc, - 0xd6, 0x2d, -}; - -static bool test(const uint8_t *der, size_t der_len) { - const uint8_t *data = der; - ScopedX509_SIG sig(d2i_X509_SIG(NULL, &data, der_len)); - if (sig.get() == NULL || data != der + der_len) { - fprintf(stderr, "d2i_X509_SIG failed or did not consume all bytes.\n"); - return false; - } - - static const char kPassword[] = "testing"; - ScopedPKCS8_PRIV_KEY_INFO keypair(PKCS8_decrypt(sig.get(), kPassword, -1)); - if (!keypair) { - fprintf(stderr, "PKCS8_decrypt failed.\n"); - ERR_print_errors_fp(stderr); - return false; - } - - return true; -} - -int main(int argc, char **argv) { - if (!test(kDER, sizeof(kDER))) { - return 1; - } - - printf("PASS\n"); - return 0; -} diff --git a/src/crypto/poly1305/CMakeLists.txt b/src/crypto/poly1305/CMakeLists.txt index 674d9f6..bb0c1e4 100644 --- a/src/crypto/poly1305/CMakeLists.txt +++ b/src/crypto/poly1305/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) if (${ARCH} STREQUAL "arm") set( @@ -19,12 +19,3 @@ add_library( ${POLY1305_ARCH_SOURCES} ) - -add_executable( - poly1305_test - - poly1305_test.cc - $ -) - -target_link_libraries(poly1305_test crypto) diff --git a/src/crypto/poly1305/poly1305_test.cc b/src/crypto/poly1305/poly1305_test.cc deleted file mode 100644 index 0526075..0000000 --- a/src/crypto/poly1305/poly1305_test.cc +++ /dev/null @@ -1,81 +0,0 @@ -/* Copyright (c) 2015, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -#include -#include - -#include - -#include -#include - -#include "../test/file_test.h" -#include "../test/stl_compat.h" - - -// |CRYPTO_poly1305_finish| requires a 16-byte-aligned output. -#if defined(OPENSSL_WINDOWS) -// MSVC doesn't support C++11 |alignas|. -#define ALIGNED __declspec(align(16)) -#else -#define ALIGNED alignas(16) -#endif - -static bool TestPoly1305(FileTest *t, void *arg) { - std::vector key, in, mac; - if (!t->GetBytes(&key, "Key") || - !t->GetBytes(&in, "Input") || - !t->GetBytes(&mac, "MAC")) { - return false; - } - if (key.size() != 32 || mac.size() != 16) { - t->PrintLine("Invalid test"); - return false; - } - - // Test single-shot operation. - poly1305_state state; - CRYPTO_poly1305_init(&state, bssl::vector_data(&key)); - CRYPTO_poly1305_update(&state, bssl::vector_data(&in), in.size()); - ALIGNED uint8_t out[16]; - CRYPTO_poly1305_finish(&state, out); - if (!t->ExpectBytesEqual(out, 16, bssl::vector_data(&mac), mac.size())) { - t->PrintLine("Single-shot Poly1305 failed."); - return false; - } - - // Test streaming byte-by-byte. - CRYPTO_poly1305_init(&state, bssl::vector_data(&key)); - for (size_t i = 0; i < in.size(); i++) { - CRYPTO_poly1305_update(&state, &in[i], 1); - } - CRYPTO_poly1305_finish(&state, out); - if (!t->ExpectBytesEqual(out, 16, bssl::vector_data(&mac), mac.size())) { - t->PrintLine("Streaming Poly1305 failed."); - return false; - } - - return true; -} - -int main(int argc, char **argv) { - CRYPTO_library_init(); - - if (argc != 2) { - fprintf(stderr, "%s \n", argv[0]); - return 1; - } - - return FileTestMain(TestPoly1305, nullptr, argv[1]); -} diff --git a/src/crypto/poly1305/poly1305_test.txt b/src/crypto/poly1305/poly1305_test.txt deleted file mode 100644 index 6c5d403..0000000 --- a/src/crypto/poly1305/poly1305_test.txt +++ /dev/null @@ -1,52 +0,0 @@ -# RFC 7359, section 2.5.2. - -Key = 85d6be7857556d337f4452fe42d506a80103808afb0db2fd4abff6af4149f51b -Input = "Cryptographic Forum Research Group" -MAC = a8061dc1305136c6c22b8baf0c0127a9 - - -# RFC 7359, section A.3. - -Key = 0000000000000000000000000000000000000000000000000000000000000000 -Input = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -MAC = 00000000000000000000000000000000 - -Key = 0000000000000000000000000000000036e5f6b5c5e06070f0efca96227a863e -Input = 416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f -MAC = 36e5f6b5c5e06070f0efca96227a863e - -Key = 36e5f6b5c5e06070f0efca96227a863e00000000000000000000000000000000 -Input = 416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f -MAC = f3477e7cd95417af89a6b8794c310cf0 - -Key = 1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0 -Input = 2754776173206272696c6c69672c20616e642074686520736c6974687920746f7665730a446964206779726520616e642067696d626c6520696e2074686520776162653a0a416c6c206d696d737920776572652074686520626f726f676f7665732c0a416e6420746865206d6f6d65207261746873206f757467726162652e -MAC = 4541669a7eaaee61e708dc7cbcc5eb62 - -Key = 0200000000000000000000000000000000000000000000000000000000000000 -Input = ffffffffffffffffffffffffffffffff -MAC = 03000000000000000000000000000000 - -Key = 02000000000000000000000000000000ffffffffffffffffffffffffffffffff -Input = 02000000000000000000000000000000 -MAC = 03000000000000000000000000000000 - -Key = 0100000000000000000000000000000000000000000000000000000000000000 -Input = fffffffffffffffffffffffffffffffff0ffffffffffffffffffffffffffffff11000000000000000000000000000000 -MAC = 05000000000000000000000000000000 - -Key = 0100000000000000000000000000000000000000000000000000000000000000 -Input = fffffffffffffffffffffffffffffffffbfefefefefefefefefefefefefefefe01010101010101010101010101010101 -MAC = 00000000000000000000000000000000 - -Key = 0200000000000000000000000000000000000000000000000000000000000000 -Input = fdffffffffffffffffffffffffffffff -MAC = faffffffffffffffffffffffffffffff - -Key = 0100000000000000040000000000000000000000000000000000000000000000 -Input = e33594d7505e43b900000000000000003394d7505e4379cd01000000000000000000000000000000000000000000000001000000000000000000000000000000 -MAC = 14000000000000005500000000000000 - -Key = 0100000000000000040000000000000000000000000000000000000000000000 -Input = e33594d7505e43b900000000000000003394d7505e4379cd010000000000000000000000000000000000000000000000 -MAC = 13000000000000000000000000000000 diff --git a/src/crypto/rand/CMakeLists.txt b/src/crypto/rand/CMakeLists.txt index 35d5290..374d8f1 100644 --- a/src/crypto/rand/CMakeLists.txt +++ b/src/crypto/rand/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) if (${ARCH} STREQUAL "x86_64") set( diff --git a/src/crypto/rand/hwrand.c b/src/crypto/rand/hwrand.c index f0bbccd..5f81f09 100644 --- a/src/crypto/rand/hwrand.c +++ b/src/crypto/rand/hwrand.c @@ -15,28 +15,23 @@ #include #include +#include #include #include -#include "internal.h" - #if defined(OPENSSL_X86_64) && !defined(OPENSSL_NO_ASM) +int CRYPTO_have_hwrand(void) { + return (OPENSSL_ia32cap_P[1] & (1u << 30)) != 0; +} + /* These functions are defined in asm/rdrand-x86_64.pl */ extern int CRYPTO_rdrand(uint8_t out[8]); extern int CRYPTO_rdrand_multiple8_buf(uint8_t *buf, size_t len); -static int have_rdrand(void) { - return (OPENSSL_ia32cap_P[1] & (1u << 30)) != 0; -} - int CRYPTO_hwrand(uint8_t *buf, size_t len) { - if (!have_rdrand()) { - return 0; - } - const size_t len_multiple8 = len & ~7; if (!CRYPTO_rdrand_multiple8_buf(buf, len_multiple8)) { return 0; @@ -58,8 +53,12 @@ int CRYPTO_hwrand(uint8_t *buf, size_t len) { #else -int CRYPTO_hwrand(uint8_t *buf, size_t len) { +int CRYPTO_have_hwrand(void) { return 0; } +void CRYPTO_hwrand(uint8_t *buf, size_t len) { + abort(); +} + #endif diff --git a/src/crypto/rand/internal.h b/src/crypto/rand/internal.h index f35abbb..5e6ea11 100644 --- a/src/crypto/rand/internal.h +++ b/src/crypto/rand/internal.h @@ -24,9 +24,13 @@ extern "C" { * system. */ void CRYPTO_sysrand(uint8_t *buf, size_t len); -/* CRYPTO_hwrand fills |len| bytes at |buf| with entropy from the hardware. It - * returns one on success or zero on hardware failure or if hardware support is - * unavailable. */ +/* CRYPTO_have_hwrand returns one iff |CRYPTO_hwrand| can be called to generate + * hardware entropy. */ +int CRYPTO_have_hwrand(void); + +/* CRYPTO_hwrand fills |len| bytes at |buf| with entropy from the hardware. + * This function can only be called if |CRYPTO_have_hwrand| returns one. + * It returns one on success or zero on hardware failure. */ int CRYPTO_hwrand(uint8_t *buf, size_t len); diff --git a/src/crypto/rand/rand.c b/src/crypto/rand/rand.c index e76a120..a96ac48 100644 --- a/src/crypto/rand/rand.c +++ b/src/crypto/rand/rand.c @@ -17,7 +17,6 @@ #include #include -#include #include #include "internal.h" @@ -70,12 +69,17 @@ static void rand_thread_state_free(void *state) { OPENSSL_free(state); } +extern void CRYPTO_chacha_20(uint8_t *out, const uint8_t *in, size_t in_len, + const uint8_t key[32], const uint8_t nonce[8], + size_t counter); + int RAND_bytes(uint8_t *buf, size_t len) { if (len == 0) { return 1; } - if (!CRYPTO_hwrand(buf, len)) { + if (!CRYPTO_have_hwrand() || + !CRYPTO_hwrand(buf, len)) { /* Without a hardware RNG to save us from address-space duplication, the OS * entropy is used directly. */ CRYPTO_sysrand(buf, len); @@ -158,10 +162,6 @@ int RAND_load_file(const char *path, long num) { void RAND_add(const void *buf, int num, double entropy) {} -int RAND_egd(const char *path) { - return 255; -} - int RAND_poll(void) { return 1; } @@ -169,18 +169,3 @@ int RAND_poll(void) { int RAND_status(void) { return 1; } - -static const struct rand_meth_st kSSLeayMethod = { - RAND_seed, - RAND_bytes, - RAND_cleanup, - RAND_add, - RAND_pseudo_bytes, - RAND_status, -}; - -RAND_METHOD *RAND_SSLeay(void) { - return (RAND_METHOD*) &kSSLeayMethod; -} - -void RAND_set_rand_method(const RAND_METHOD *method) {} diff --git a/src/crypto/rand/urandom.c b/src/crypto/rand/urandom.c index 1cc5260..788a979 100644 --- a/src/crypto/rand/urandom.c +++ b/src/crypto/rand/urandom.c @@ -30,126 +30,92 @@ /* This file implements a PRNG by reading from /dev/urandom, optionally with a - * buffer, which is unsafe across |fork|. */ - -#define BUF_SIZE 4096 - -/* rand_buffer contains unused, random bytes, some of which may have been - * consumed already. */ + * fork-safe buffer. + * + * If buffering is enabled then it maintains a global, linked list of buffers. + * Threads which need random bytes grab a buffer from the list under a lock and + * copy out the bytes that they need. In the rare case that the buffer is + * empty, it's refilled from /dev/urandom outside of the lock. + * + * Large requests are always serviced from /dev/urandom directly. + * + * Each buffer contains the PID of the process that created it and it's tested + * against the current PID each time. Thus processes that fork will discard all + * the buffers filled by the parent process. There are two problems with this: + * + * 1) glibc maintains a cache of the current PID+PPID and, if this cache isn't + * correctly invalidated, the getpid() will continue to believe that + * it's the old process. Glibc depends on the glibc wrappers for fork, + * vfork and clone being used in order to invalidate the getpid() cache. + * + * 2) If a process forks, dies and then its child forks, it's possible that + * the third process will end up with the same PID as the original process. + * If the second process never used any random values then this will mean + * that the third process has stale, cached values and won't notice. + */ + +/* BUF_SIZE is intended to be a 4K allocation with malloc overhead. struct + * rand_buffer also fits in this space and the remainder is entropy. */ +#define BUF_SIZE (4096 - 16) + +/* rand_buffer contains unused, random bytes. These structures form a linked + * list via the |next| pointer, which is NULL in the final element. */ struct rand_buffer { - size_t used; - uint8_t rand[BUF_SIZE]; + size_t used; /* used contains the number of bytes of |rand| that have + been consumed. */ + struct rand_buffer *next; + pid_t pid; /* pid contains the pid at the time that the buffer was + created so that data is not duplicated after a fork. */ + pid_t ppid; /* ppid contains the parent pid in order to try and reduce + the possibility of duplicated PID confusing the + detection of a fork. */ + uint8_t rand[]; }; -/* requested_lock is used to protect the |*_requested| variables. */ -static struct CRYPTO_STATIC_MUTEX requested_lock = CRYPTO_STATIC_MUTEX_INIT; +/* rand_bytes_per_buf is the number of actual entropy bytes in a buffer. */ +static const size_t rand_bytes_per_buf = BUF_SIZE - sizeof(struct rand_buffer); -/* urandom_fd_requested is set by |RAND_set_urandom_fd|. It's protected by - * |requested_lock|. */ -static int urandom_fd_requested = -2; +static struct CRYPTO_STATIC_MUTEX global_lock = CRYPTO_STATIC_MUTEX_INIT; -/* urandom_fd is a file descriptor to /dev/urandom. It's protected by |once|. */ -static int urandom_fd = -2; +/* list_head is the start of a global, linked-list of rand_buffer objects. It's + * protected by |global_lock|. */ +static struct rand_buffer *list_head; -/* urandom_buffering_requested is set by |RAND_enable_fork_unsafe_buffering|. - * It's protected by |requested_lock|. */ -static int urandom_buffering_requested = 0; +/* urandom_fd is a file descriptor to /dev/urandom. It's protected by + * |global_lock|. */ +static int urandom_fd = -2; /* urandom_buffering controls whether buffering is enabled (1) or not (0). This - * is protected by |once|. */ + * is protected by |global_lock|. */ static int urandom_buffering = 0; -static CRYPTO_once_t once = CRYPTO_ONCE_INIT; - -/* init_once initializes the state of this module to values previously - * requested. This is the only function that modifies |urandom_fd| and - * |urandom_buffering|, whose values may be read safely after calling the - * once. */ -static void init_once(void) { - CRYPTO_STATIC_MUTEX_lock_read(&requested_lock); - urandom_buffering = urandom_buffering_requested; - int fd = urandom_fd_requested; - CRYPTO_STATIC_MUTEX_unlock(&requested_lock); - - if (fd == -2) { - do { - fd = open("/dev/urandom", O_RDONLY); - } while (fd == -1 && errno == EINTR); +/* urandom_get_fd_locked returns a file descriptor to /dev/urandom. The caller + * of this function must hold |global_lock|. */ +static int urandom_get_fd_locked(void) { + if (urandom_fd != -2) { + return urandom_fd; } - if (fd < 0) { - abort(); - } - - int flags = fcntl(fd, F_GETFD); - if (flags == -1) { - abort(); - } - flags |= FD_CLOEXEC; - if (fcntl(fd, F_SETFD, flags) == -1) { - abort(); - } - urandom_fd = fd; + urandom_fd = open("/dev/urandom", O_RDONLY); + return urandom_fd; } -void RAND_cleanup(void) {} +/* RAND_cleanup frees all buffers, closes any cached file descriptor + * and resets the global state. */ +void RAND_cleanup(void) { + struct rand_buffer *cur; -void RAND_set_urandom_fd(int fd) { - fd = dup(fd); - if (fd < 0) { - abort(); + CRYPTO_STATIC_MUTEX_lock_write(&global_lock); + while ((cur = list_head)) { + list_head = cur->next; + OPENSSL_free(cur); } - - CRYPTO_STATIC_MUTEX_lock_write(&requested_lock); - urandom_fd_requested = fd; - CRYPTO_STATIC_MUTEX_unlock(&requested_lock); - - CRYPTO_once(&once, init_once); - if (urandom_fd != fd) { - abort(); // Already initialized. + if (urandom_fd >= 0) { + close(urandom_fd); } -} - -void RAND_enable_fork_unsafe_buffering(int fd) { - if (fd >= 0) { - fd = dup(fd); - if (fd < 0) { - abort(); - } - } else { - fd = -2; - } - - CRYPTO_STATIC_MUTEX_lock_write(&requested_lock); - urandom_buffering_requested = 1; - urandom_fd_requested = fd; - CRYPTO_STATIC_MUTEX_unlock(&requested_lock); - - CRYPTO_once(&once, init_once); - if (urandom_buffering != 1 || (fd >= 0 && urandom_fd != fd)) { - abort(); // Already initialized. - } -} - -static struct rand_buffer *get_thread_local_buffer(void) { - struct rand_buffer *buf = - CRYPTO_get_thread_local(OPENSSL_THREAD_LOCAL_URANDOM_BUF); - if (buf != NULL) { - return buf; - } - - buf = OPENSSL_malloc(sizeof(struct rand_buffer)); - if (buf == NULL) { - return NULL; - } - buf->used = BUF_SIZE; /* To trigger a |read_full| on first use. */ - if (!CRYPTO_set_thread_local(OPENSSL_THREAD_LOCAL_URANDOM_BUF, buf, - OPENSSL_free)) { - OPENSSL_free(buf); - return NULL; - } - - return buf; + urandom_fd = -2; + list_head = NULL; + CRYPTO_STATIC_MUTEX_unlock(&global_lock); } /* read_full reads exactly |len| bytes from |fd| into |out| and returns 1. In @@ -172,48 +138,110 @@ static char read_full(int fd, uint8_t *out, size_t len) { return 1; } -/* read_from_buffer reads |requested| random bytes from the buffer into |out|, - * refilling it if necessary to satisfy the request. */ -static void read_from_buffer(struct rand_buffer *buf, - uint8_t *out, size_t requested) { - size_t remaining = BUF_SIZE - buf->used; +/* CRYPTO_sysrand puts |num| random bytes into |out|. */ +void CRYPTO_sysrand(uint8_t *out, size_t requested) { + int fd; + struct rand_buffer *buf; + size_t todo; + pid_t pid, ppid; + + if (requested == 0) { + return; + } - while (requested > remaining) { - memcpy(out, &buf->rand[buf->used], remaining); - buf->used += remaining; - out += remaining; - requested -= remaining; + CRYPTO_STATIC_MUTEX_lock_write(&global_lock); + fd = urandom_get_fd_locked(); - if (!read_full(urandom_fd, buf->rand, BUF_SIZE)) { + if (fd < 0) { + CRYPTO_STATIC_MUTEX_unlock(&global_lock); + abort(); + return; + } + + /* If buffering is not enabled, or if the request is large, then the + * result comes directly from urandom. */ + if (!urandom_buffering || requested > BUF_SIZE / 2) { + CRYPTO_STATIC_MUTEX_unlock(&global_lock); + if (!read_full(fd, out, requested)) { abort(); - return; } - buf->used = 0; - remaining = BUF_SIZE; + return; } - memcpy(out, &buf->rand[buf->used], requested); - buf->used += requested; -} + pid = getpid(); + ppid = getppid(); -/* CRYPTO_sysrand puts |requested| random bytes into |out|. */ -void CRYPTO_sysrand(uint8_t *out, size_t requested) { - if (requested == 0) { - return; + for (;;) { + buf = list_head; + if (buf && buf->pid == pid && buf->ppid == ppid && + rand_bytes_per_buf - buf->used >= requested) { + memcpy(out, &buf->rand[buf->used], requested); + buf->used += requested; + CRYPTO_STATIC_MUTEX_unlock(&global_lock); + return; + } + + /* If we don't immediately have enough entropy with the correct + * PID, remove the buffer from the list in order to gain + * exclusive access and unlock. */ + if (buf) { + list_head = buf->next; + } + CRYPTO_STATIC_MUTEX_unlock(&global_lock); + + if (!buf) { + buf = (struct rand_buffer *)OPENSSL_malloc(BUF_SIZE); + if (!buf) { + abort(); + return; + } + /* The buffer doesn't contain any random bytes yet + * so we mark it as fully used so that it will be + * filled below. */ + buf->used = rand_bytes_per_buf; + buf->next = NULL; + buf->pid = pid; + buf->ppid = ppid; + } + + if (buf->pid == pid && buf->ppid == ppid) { + break; + } + + /* We have forked and so cannot use these bytes as they + * may have been used in another process. */ + OPENSSL_free(buf); + CRYPTO_STATIC_MUTEX_lock_write(&global_lock); } - CRYPTO_once(&once, init_once); - if (urandom_buffering && requested < BUF_SIZE) { - struct rand_buffer *buf = get_thread_local_buffer(); - if (buf != NULL) { - read_from_buffer(buf, out, requested); + while (requested > 0) { + todo = rand_bytes_per_buf - buf->used; + if (todo > requested) { + todo = requested; + } + memcpy(out, &buf->rand[buf->used], todo); + requested -= todo; + out += todo; + buf->used += todo; + + if (buf->used < rand_bytes_per_buf) { + break; + } + + if (!read_full(fd, buf->rand, rand_bytes_per_buf)) { + OPENSSL_free(buf); + abort(); return; } - } - if (!read_full(urandom_fd, out, requested)) { - abort(); + buf->used = 0; } + + CRYPTO_STATIC_MUTEX_lock_write(&global_lock); + assert(list_head != buf); + buf->next = list_head; + list_head = buf; + CRYPTO_STATIC_MUTEX_unlock(&global_lock); } #endif /* !OPENSSL_WINDOWS */ diff --git a/src/crypto/rc4/CMakeLists.txt b/src/crypto/rc4/CMakeLists.txt index a208e96..fe2d0c6 100644 --- a/src/crypto/rc4/CMakeLists.txt +++ b/src/crypto/rc4/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) if (${ARCH} STREQUAL "x86_64") set( diff --git a/src/crypto/rc4/asm/rc4-x86_64.pl b/src/crypto/rc4/asm/rc4-x86_64.pl index cef6268..db46242 100644 --- a/src/crypto/rc4/asm/rc4-x86_64.pl +++ b/src/crypto/rc4/asm/rc4-x86_64.pl @@ -56,7 +56,7 @@ # achieves respectful 432MBps on 2.8GHz processor now. For reference. # If executed on Xeon, current RC4_CHAR code-path is 2.7x faster than # RC4_INT code-path. While if executed on Opteron, it's only 25% -# slower than the RC4_INT one [meaning that if CPU µ-arch detection +# slower than the RC4_INT one [meaning that if CPU µ-arch detection # is not implemented, then this final RC4_CHAR code-path should be # preferred, as it provides better *all-round* performance]. diff --git a/src/crypto/rsa/CMakeLists.txt b/src/crypto/rsa/CMakeLists.txt index bd8ad3b..0ea12c8 100644 --- a/src/crypto/rsa/CMakeLists.txt +++ b/src/crypto/rsa/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( rsa @@ -15,7 +15,7 @@ add_library( add_executable( rsa_test - rsa_test.cc + rsa_test.c $ ) diff --git a/src/crypto/rsa/blinding.c b/src/crypto/rsa/blinding.c index c93cee1..245142b 100644 --- a/src/crypto/rsa/blinding.c +++ b/src/crypto/rsa/blinding.c @@ -137,7 +137,7 @@ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod) { ret = (BN_BLINDING*) OPENSSL_malloc(sizeof(BN_BLINDING)); if (ret == NULL) { - OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, BN_BLINDING_new, ERR_R_MALLOC_FAILURE); return NULL; } memset(ret, 0, sizeof(BN_BLINDING)); @@ -190,7 +190,7 @@ int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx) { int ret = 0; if (b->A == NULL || b->Ai == NULL) { - OPENSSL_PUT_ERROR(RSA, RSA_R_BN_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(RSA, BN_BLINDING_update, RSA_R_BN_NOT_INITIALIZED); goto err; } @@ -230,7 +230,7 @@ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) { int ret = 1; if (b->A == NULL || b->Ai == NULL) { - OPENSSL_PUT_ERROR(RSA, RSA_R_BN_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(RSA, BN_BLINDING_convert_ex, RSA_R_BN_NOT_INITIALIZED); return 0; } @@ -266,7 +266,7 @@ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, ret = BN_mod_mul(n, n, r, b->mod, ctx); } else { if (b->Ai == NULL) { - OPENSSL_PUT_ERROR(RSA, RSA_R_BN_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(RSA, BN_BLINDING_invert_ex, RSA_R_BN_NOT_INITIALIZED); return 0; } ret = BN_mod_mul(n, n, b->Ai, b->mod, ctx); @@ -325,13 +325,13 @@ BN_BLINDING *BN_BLINDING_create_param( if (!BN_rand_range(ret->A, ret->mod)) { goto err; } - - int no_inverse; - if (BN_mod_inverse_ex(ret->Ai, &no_inverse, ret->A, ret->mod, ctx) == NULL) { + if (BN_mod_inverse(ret->Ai, ret->A, ret->mod, ctx) == NULL) { /* this should almost never happen for good RSA keys */ - if (no_inverse) { + uint32_t error = ERR_peek_last_error(); + if (ERR_GET_REASON(error) == BN_R_NO_INVERSE) { if (retry_counter-- == 0) { - OPENSSL_PUT_ERROR(RSA, RSA_R_TOO_MANY_ITERATIONS); + OPENSSL_PUT_ERROR(RSA, BN_BLINDING_create_param, + RSA_R_TOO_MANY_ITERATIONS); goto err; } ERR_clear_error(); @@ -416,14 +416,14 @@ BN_BLINDING *rsa_setup_blinding(RSA *rsa, BN_CTX *in_ctx) { BN_CTX_start(ctx); e = BN_CTX_get(ctx); if (e == NULL) { - OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, rsa_setup_blinding, ERR_R_MALLOC_FAILURE); goto err; } if (rsa->e == NULL) { e = rsa_get_public_exp(rsa->d, rsa->p, rsa->q, ctx); if (e == NULL) { - OPENSSL_PUT_ERROR(RSA, RSA_R_NO_PUBLIC_EXPONENT); + OPENSSL_PUT_ERROR(RSA, rsa_setup_blinding, RSA_R_NO_PUBLIC_EXPONENT); goto err; } } else { @@ -444,7 +444,7 @@ BN_BLINDING *rsa_setup_blinding(RSA *rsa, BN_CTX *in_ctx) { ret = BN_BLINDING_create_param(NULL, e, n, ctx, rsa->meth->bn_mod_exp, mont_ctx); if (ret == NULL) { - OPENSSL_PUT_ERROR(RSA, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(RSA, rsa_setup_blinding, ERR_R_BN_LIB); goto err; } diff --git a/src/crypto/rsa/internal.h b/src/crypto/rsa/internal.h index c0044c3..d15f2a5 100644 --- a/src/crypto/rsa/internal.h +++ b/src/crypto/rsa/internal.h @@ -59,6 +59,8 @@ #include +#include + #if defined(__cplusplus) extern "C" { @@ -107,6 +109,8 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(uint8_t *to, unsigned to_len, const EVP_MD *md, const EVP_MD *mgf1md); int RSA_padding_add_none(uint8_t *to, unsigned to_len, const uint8_t *from, unsigned from_len); +int RSA_padding_check_none(uint8_t *to, unsigned to_len, const uint8_t *from, + unsigned from_len); /* RSA_private_transform calls either the method-specific |private_transform| * function (if given) or the generic one. See the comment for @@ -114,26 +118,20 @@ int RSA_padding_add_none(uint8_t *to, unsigned to_len, const uint8_t *from, int RSA_private_transform(RSA *rsa, uint8_t *out, const uint8_t *in, size_t len); +typedef struct rsa_pss_params_st { + X509_ALGOR *hashAlgorithm; + X509_ALGOR *maskGenAlgorithm; + ASN1_INTEGER *saltLength; + ASN1_INTEGER *trailerField; +} RSA_PSS_PARAMS; -/* RSA_additional_prime contains information about the third, forth etc prime - * in a multi-prime RSA key. */ -typedef struct RSA_additional_prime_st { - BIGNUM *prime; - /* exp is d^{prime-1} mod prime */ - BIGNUM *exp; - /* coeff is such that r×coeff ≡ 1 mod prime. */ - BIGNUM *coeff; - - /* Values below here are not in the ASN.1 serialisation. */ - - /* r is the product of all primes (including p and q) prior to this one. */ - BIGNUM *r; - /* method_mod is managed by the |RSA_METHOD|. */ - BN_MONT_CTX *method_mod; -} RSA_additional_prime; - -void RSA_additional_prime_free(RSA_additional_prime *ap); +DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS) +typedef struct rsa_oaep_params_st { + X509_ALGOR *hashFunc; + X509_ALGOR *maskGenFunc; + X509_ALGOR *pSourceFunc; +} RSA_OAEP_PARAMS; #if defined(__cplusplus) } /* extern C */ diff --git a/src/crypto/rsa/padding.c b/src/crypto/rsa/padding.c index 5a42e24..0a725f1 100644 --- a/src/crypto/rsa/padding.c +++ b/src/crypto/rsa/padding.c @@ -74,12 +74,14 @@ int RSA_padding_add_PKCS1_type_1(uint8_t *to, unsigned tlen, uint8_t *p; if (tlen < RSA_PKCS1_PADDING_SIZE) { - OPENSSL_PUT_ERROR(RSA, RSA_R_KEY_SIZE_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_type_1, + RSA_R_KEY_SIZE_TOO_SMALL); return 0; } if (flen > tlen - RSA_PKCS1_PADDING_SIZE) { - OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_type_1, + RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); return 0; } @@ -103,13 +105,15 @@ int RSA_padding_check_PKCS1_type_1(uint8_t *to, unsigned tlen, const uint8_t *p; if (flen < 2) { - OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_1, + RSA_R_DATA_TOO_SMALL); return -1; } p = from; if ((*(p++) != 0) || (*(p++) != 1)) { - OPENSSL_PUT_ERROR(RSA, RSA_R_BLOCK_TYPE_IS_NOT_01); + OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_1, + RSA_R_BLOCK_TYPE_IS_NOT_01); return -1; } @@ -122,7 +126,8 @@ int RSA_padding_check_PKCS1_type_1(uint8_t *to, unsigned tlen, p++; break; } else { - OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_FIXED_HEADER_DECRYPT); + OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_1, + RSA_R_BAD_FIXED_HEADER_DECRYPT); return -1; } } @@ -130,18 +135,21 @@ int RSA_padding_check_PKCS1_type_1(uint8_t *to, unsigned tlen, } if (i == j) { - OPENSSL_PUT_ERROR(RSA, RSA_R_NULL_BEFORE_BLOCK_MISSING); + OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_1, + RSA_R_NULL_BEFORE_BLOCK_MISSING); return -1; } if (i < 8) { - OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_PAD_BYTE_COUNT); + OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_1, + RSA_R_BAD_PAD_BYTE_COUNT); return -1; } i++; /* Skip over the '\0' */ j -= i; if (j > tlen) { - OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE); + OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_1, + RSA_R_DATA_TOO_LARGE); return -1; } memcpy(to, p, j); @@ -155,12 +163,14 @@ int RSA_padding_add_PKCS1_type_2(uint8_t *to, unsigned tlen, uint8_t *p; if (tlen < RSA_PKCS1_PADDING_SIZE) { - OPENSSL_PUT_ERROR(RSA, RSA_R_KEY_SIZE_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_type_2, + RSA_R_KEY_SIZE_TOO_SMALL); return 0; } if (flen > tlen - RSA_PKCS1_PADDING_SIZE) { - OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_type_2, + RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); return 0; } @@ -261,7 +271,8 @@ int RSA_padding_check_PKCS1_type_2(uint8_t *to, unsigned tlen, size_t msg_index, msg_len; if (flen == 0) { - OPENSSL_PUT_ERROR(RSA, RSA_R_EMPTY_PUBLIC_KEY); + OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_2, + RSA_R_EMPTY_PUBLIC_KEY); return -1; } @@ -270,7 +281,8 @@ int RSA_padding_check_PKCS1_type_2(uint8_t *to, unsigned tlen, * |RSA_PKCS1_PADDING| make it impossible to completely avoid Bleichenbacher's * attack. */ if (!RSA_message_index_PKCS1_type_2(from, flen, &msg_index)) { - OPENSSL_PUT_ERROR(RSA, RSA_R_PKCS_DECODING_ERROR); + OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_2, + RSA_R_PKCS_DECODING_ERROR); return -1; } @@ -278,7 +290,8 @@ int RSA_padding_check_PKCS1_type_2(uint8_t *to, unsigned tlen, if (msg_len > tlen) { /* This shouldn't happen because this function is always called with |tlen| * the key size and |flen| is bounded by the key size. */ - OPENSSL_PUT_ERROR(RSA, RSA_R_PKCS_DECODING_ERROR); + OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_2, + RSA_R_PKCS_DECODING_ERROR); return -1; } memcpy(to, &from[msg_index], msg_len); @@ -287,12 +300,14 @@ int RSA_padding_check_PKCS1_type_2(uint8_t *to, unsigned tlen, int RSA_padding_add_none(uint8_t *to, unsigned tlen, const uint8_t *from, unsigned flen) { if (flen > tlen) { - OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + OPENSSL_PUT_ERROR(RSA, RSA_padding_add_none, + RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); return 0; } if (flen < tlen) { - OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE); + OPENSSL_PUT_ERROR(RSA, RSA_padding_add_none, + RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE); return 0; } @@ -300,6 +315,17 @@ int RSA_padding_add_none(uint8_t *to, unsigned tlen, const uint8_t *from, unsign return 1; } +int RSA_padding_check_none(uint8_t *to, unsigned tlen, const uint8_t *from, + unsigned flen) { + if (flen > tlen) { + OPENSSL_PUT_ERROR(RSA, RSA_padding_check_none, RSA_R_DATA_TOO_LARGE); + return -1; + } + + memcpy(to, from, flen); + return flen; +} + int PKCS1_MGF1(uint8_t *mask, unsigned len, const uint8_t *seed, unsigned seedlen, const EVP_MD *dgst) { unsigned outlen = 0; @@ -362,18 +388,21 @@ int RSA_padding_add_PKCS1_OAEP_mgf1(uint8_t *to, unsigned tlen, mdlen = EVP_MD_size(md); if (tlen < 2 * mdlen + 2) { - OPENSSL_PUT_ERROR(RSA, RSA_R_KEY_SIZE_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_OAEP_mgf1, + RSA_R_KEY_SIZE_TOO_SMALL); return 0; } emlen = tlen - 1; if (flen > emlen - 2 * mdlen - 1) { - OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_OAEP_mgf1, + RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); return 0; } if (emlen < 2 * mdlen + 1) { - OPENSSL_PUT_ERROR(RSA, RSA_R_KEY_SIZE_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_OAEP_mgf1, + RSA_R_KEY_SIZE_TOO_SMALL); return 0; } @@ -393,7 +422,8 @@ int RSA_padding_add_PKCS1_OAEP_mgf1(uint8_t *to, unsigned tlen, dbmask = OPENSSL_malloc(emlen - mdlen); if (dbmask == NULL) { - OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_OAEP_mgf1, + ERR_R_MALLOC_FAILURE); return 0; } @@ -447,7 +477,8 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(uint8_t *to, unsigned tlen, dblen = flen - mdlen - 1; db = OPENSSL_malloc(dblen); if (db == NULL) { - OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_OAEP_mgf1, + ERR_R_MALLOC_FAILURE); goto err; } @@ -495,7 +526,8 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(uint8_t *to, unsigned tlen, one_index++; mlen = dblen - one_index; if (tlen < mlen) { - OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE); + OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_OAEP_mgf1, + RSA_R_DATA_TOO_LARGE); mlen = -1; } else { memcpy(to, db + one_index, mlen); @@ -507,7 +539,8 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(uint8_t *to, unsigned tlen, decoding_err: /* to avoid chosen ciphertext attacks, the error message should not reveal * which kind of decoding error happened */ - OPENSSL_PUT_ERROR(RSA, RSA_R_OAEP_DECODING_ERROR); + OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_OAEP_mgf1, + RSA_R_OAEP_DECODING_ERROR); err: OPENSSL_free(db); return -1; @@ -543,14 +576,15 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const uint8_t *mHash, } else if (sLen == -2) { sLen = -2; } else if (sLen < -2) { - OPENSSL_PUT_ERROR(RSA, RSA_R_SLEN_CHECK_FAILED); + OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, RSA_R_SLEN_CHECK_FAILED); goto err; } MSBits = (BN_num_bits(rsa->n) - 1) & 0x7; emLen = RSA_size(rsa); if (EM[0] & (0xFF << MSBits)) { - OPENSSL_PUT_ERROR(RSA, RSA_R_FIRST_OCTET_INVALID); + OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, + RSA_R_FIRST_OCTET_INVALID); goto err; } if (MSBits == 0) { @@ -559,18 +593,18 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const uint8_t *mHash, } if (emLen < ((int)hLen + sLen + 2)) { /* sLen can be small negative */ - OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE); + OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, RSA_R_DATA_TOO_LARGE); goto err; } if (EM[emLen - 1] != 0xbc) { - OPENSSL_PUT_ERROR(RSA, RSA_R_LAST_OCTET_INVALID); + OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, RSA_R_LAST_OCTET_INVALID); goto err; } maskedDBLen = emLen - hLen - 1; H = EM + maskedDBLen; DB = OPENSSL_malloc(maskedDBLen); if (!DB) { - OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, ERR_R_MALLOC_FAILURE); goto err; } if (PKCS1_MGF1(DB, maskedDBLen, H, hLen, mgf1Hash) < 0) { @@ -586,11 +620,12 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const uint8_t *mHash, ; } if (DB[i++] != 0x1) { - OPENSSL_PUT_ERROR(RSA, RSA_R_SLEN_RECOVERY_FAILED); + OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, + RSA_R_SLEN_RECOVERY_FAILED); goto err; } if (sLen >= 0 && (maskedDBLen - i) != sLen) { - OPENSSL_PUT_ERROR(RSA, RSA_R_SLEN_CHECK_FAILED); + OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, RSA_R_SLEN_CHECK_FAILED); goto err; } if (!EVP_DigestInit_ex(&ctx, Hash, NULL) || @@ -607,7 +642,7 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const uint8_t *mHash, goto err; } if (memcmp(H_, H, hLen)) { - OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_SIGNATURE); + OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, RSA_R_BAD_SIGNATURE); ret = 0; } else { ret = 1; @@ -646,12 +681,14 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, } else if (sLen == -2) { sLen = -2; } else if (sLen < -2) { - OPENSSL_PUT_ERROR(RSA, RSA_R_SLEN_CHECK_FAILED); + OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_PSS_mgf1, + RSA_R_SLEN_CHECK_FAILED); goto err; } if (BN_is_zero(rsa->n)) { - OPENSSL_PUT_ERROR(RSA, RSA_R_EMPTY_PUBLIC_KEY); + OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_PSS_mgf1, + RSA_R_EMPTY_PUBLIC_KEY); goto err; } @@ -664,18 +701,21 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, } if (sLen == -2) { if (emLen < hLen + 2) { - OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_PSS_mgf1, + RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); goto err; } sLen = emLen - hLen - 2; } else if (emLen < hLen + sLen + 2) { - OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_PSS_mgf1, + RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); goto err; } if (sLen > 0) { salt = OPENSSL_malloc(sLen); if (!salt) { - OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_PSS_mgf1, + ERR_R_MALLOC_FAILURE); goto err; } if (!RAND_bytes(salt, sLen)) { diff --git a/src/crypto/rsa/rsa.c b/src/crypto/rsa/rsa.c index 2f23165..17059b0 100644 --- a/src/crypto/rsa/rsa.c +++ b/src/crypto/rsa/rsa.c @@ -79,7 +79,7 @@ RSA *RSA_new(void) { return RSA_new_method(NULL); } RSA *RSA_new_method(const ENGINE *engine) { RSA *rsa = (RSA *)OPENSSL_malloc(sizeof(RSA)); if (rsa == NULL) { - OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, RSA_new_method, ERR_R_MALLOC_FAILURE); return NULL; } @@ -114,18 +114,6 @@ RSA *RSA_new_method(const ENGINE *engine) { return rsa; } -void RSA_additional_prime_free(RSA_additional_prime *ap) { - if (ap == NULL) { - return; - } - - BN_clear_free(ap->prime); - BN_clear_free(ap->exp); - BN_clear_free(ap->coeff); - BN_clear_free(ap->r); - OPENSSL_free(ap); -} - void RSA_free(RSA *rsa) { unsigned u; @@ -157,10 +145,6 @@ void RSA_free(RSA *rsa) { } OPENSSL_free(rsa->blindings); OPENSSL_free(rsa->blindings_inuse); - if (rsa->additional_primes != NULL) { - sk_RSA_additional_prime_pop_free(rsa->additional_primes, - RSA_additional_prime_free); - } CRYPTO_MUTEX_cleanup(&rsa->lock); OPENSSL_free(rsa); } @@ -178,16 +162,6 @@ int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { return RSA_default_method.keygen(rsa, bits, e_value, cb); } -int RSA_generate_multi_prime_key(RSA *rsa, int bits, int num_primes, - BIGNUM *e_value, BN_GENCB *cb) { - if (rsa->meth->multi_prime_keygen) { - return rsa->meth->multi_prime_keygen(rsa, bits, num_primes, e_value, cb); - } - - return RSA_default_method.multi_prime_keygen(rsa, bits, num_primes, e_value, - cb); -} - int RSA_encrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, const uint8_t *in, size_t in_len, int padding) { if (rsa->meth->encrypt) { @@ -368,15 +342,20 @@ static const struct pkcs1_sig_prefix kPKCS1SigPrefixes[] = { }, }; -int RSA_add_pkcs1_prefix(uint8_t **out_msg, size_t *out_msg_len, - int *is_alloced, int hash_nid, const uint8_t *msg, - size_t msg_len) { +/* TODO(fork): mostly new code, needs careful review. */ + +/* pkcs1_prefixed_msg builds a PKCS#1, prefixed version of |msg| for the given + * hash function and sets |out_msg| to point to it. On successful return, + * |*out_msg| may be allocated memory and, if so, |*is_alloced| will be 1. */ +static int pkcs1_prefixed_msg(uint8_t **out_msg, size_t *out_msg_len, + int *is_alloced, int hash_nid, const uint8_t *msg, + size_t msg_len) { unsigned i; if (hash_nid == NID_md5_sha1) { /* Special case: SSL signature, just check the length. */ if (msg_len != SSL_SIG_LENGTH) { - OPENSSL_PUT_ERROR(RSA, RSA_R_INVALID_MESSAGE_LENGTH); + OPENSSL_PUT_ERROR(RSA, pkcs1_prefixed_msg, RSA_R_INVALID_MESSAGE_LENGTH); return 0; } @@ -399,13 +378,13 @@ int RSA_add_pkcs1_prefix(uint8_t **out_msg, size_t *out_msg_len, signed_msg_len = prefix_len + msg_len; if (signed_msg_len < prefix_len) { - OPENSSL_PUT_ERROR(RSA, RSA_R_TOO_LONG); + OPENSSL_PUT_ERROR(RSA, pkcs1_prefixed_msg, RSA_R_TOO_LONG); return 0; } signed_msg = OPENSSL_malloc(signed_msg_len); if (!signed_msg) { - OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, pkcs1_prefixed_msg, ERR_R_MALLOC_FAILURE); return 0; } @@ -419,7 +398,7 @@ int RSA_add_pkcs1_prefix(uint8_t **out_msg, size_t *out_msg_len, return 1; } - OPENSSL_PUT_ERROR(RSA, RSA_R_UNKNOWN_ALGORITHM_TYPE); + OPENSSL_PUT_ERROR(RSA, pkcs1_prefixed_msg, RSA_R_UNKNOWN_ALGORITHM_TYPE); return 0; } @@ -436,14 +415,14 @@ int RSA_sign(int hash_nid, const uint8_t *in, unsigned in_len, uint8_t *out, return rsa->meth->sign(hash_nid, in, in_len, out, out_len, rsa); } - if (!RSA_add_pkcs1_prefix(&signed_msg, &signed_msg_len, - &signed_msg_is_alloced, hash_nid, in, in_len)) { + if (!pkcs1_prefixed_msg(&signed_msg, &signed_msg_len, &signed_msg_is_alloced, + hash_nid, in, in_len)) { return 0; } if (rsa_size < RSA_PKCS1_PADDING_SIZE || signed_msg_len > rsa_size - RSA_PKCS1_PADDING_SIZE) { - OPENSSL_PUT_ERROR(RSA, RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); + OPENSSL_PUT_ERROR(RSA, RSA_sign, RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); goto finish; } @@ -474,18 +453,18 @@ int RSA_verify(int hash_nid, const uint8_t *msg, size_t msg_len, } if (sig_len != rsa_size) { - OPENSSL_PUT_ERROR(RSA, RSA_R_WRONG_SIGNATURE_LENGTH); + OPENSSL_PUT_ERROR(RSA, RSA_verify, RSA_R_WRONG_SIGNATURE_LENGTH); return 0; } if (hash_nid == NID_md5_sha1 && msg_len != SSL_SIG_LENGTH) { - OPENSSL_PUT_ERROR(RSA, RSA_R_INVALID_MESSAGE_LENGTH); + OPENSSL_PUT_ERROR(RSA, RSA_verify, RSA_R_INVALID_MESSAGE_LENGTH); return 0; } buf = OPENSSL_malloc(rsa_size); if (!buf) { - OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, RSA_verify, ERR_R_MALLOC_FAILURE); return 0; } @@ -494,13 +473,13 @@ int RSA_verify(int hash_nid, const uint8_t *msg, size_t msg_len, goto out; } - if (!RSA_add_pkcs1_prefix(&signed_msg, &signed_msg_len, - &signed_msg_is_alloced, hash_nid, msg, msg_len)) { + if (!pkcs1_prefixed_msg(&signed_msg, &signed_msg_len, &signed_msg_is_alloced, + hash_nid, msg, msg_len)) { goto out; } if (len != signed_msg_len || CRYPTO_memcmp(buf, signed_msg, len) != 0) { - OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_SIGNATURE); + OPENSSL_PUT_ERROR(RSA, RSA_verify, RSA_R_BAD_SIGNATURE); goto out; } @@ -530,12 +509,12 @@ int RSA_check_key(const RSA *key) { } if ((key->p != NULL) != (key->q != NULL)) { - OPENSSL_PUT_ERROR(RSA, RSA_R_ONLY_ONE_OF_P_Q_GIVEN); + OPENSSL_PUT_ERROR(RSA, RSA_check_key, RSA_R_ONLY_ONE_OF_P_Q_GIVEN); return 0; } if (!key->n || !key->e) { - OPENSSL_PUT_ERROR(RSA, RSA_R_VALUE_MISSING); + OPENSSL_PUT_ERROR(RSA, RSA_check_key, RSA_R_VALUE_MISSING); return 0; } @@ -547,7 +526,7 @@ int RSA_check_key(const RSA *key) { ctx = BN_CTX_new(); if (ctx == NULL) { - OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, RSA_check_key, ERR_R_MALLOC_FAILURE); return 0; } @@ -561,74 +540,52 @@ int RSA_check_key(const RSA *key) { BN_init(&dmq1); BN_init(&iqmp); - if (!BN_mul(&n, key->p, key->q, ctx) || - /* lcm = lcm(prime-1, for all primes) */ + if (/* n = pq */ + !BN_mul(&n, key->p, key->q, ctx) || + /* lcm = lcm(p-1, q-1) */ !BN_sub(&pm1, key->p, BN_value_one()) || !BN_sub(&qm1, key->q, BN_value_one()) || !BN_mul(&lcm, &pm1, &qm1, ctx) || - !BN_gcd(&gcd, &pm1, &qm1, ctx)) { - OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN); - goto out; - } - - size_t num_additional_primes = 0; - if (key->additional_primes != NULL) { - num_additional_primes = sk_RSA_additional_prime_num(key->additional_primes); - } - - size_t i; - for (i = 0; i < num_additional_primes; i++) { - const RSA_additional_prime *ap = - sk_RSA_additional_prime_value(key->additional_primes, i); - if (!BN_mul(&n, &n, ap->prime, ctx) || - !BN_sub(&pm1, ap->prime, BN_value_one()) || - !BN_mul(&lcm, &lcm, &pm1, ctx) || - !BN_gcd(&gcd, &gcd, &pm1, ctx)) { - OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN); - goto out; - } - } - - if (!BN_div(&lcm, NULL, &lcm, &gcd, ctx) || !BN_gcd(&gcd, &pm1, &qm1, ctx) || - /* de = d*e mod lcm(prime-1, for all primes). */ + !BN_div(&lcm, NULL, &lcm, &gcd, ctx) || + /* de = d*e mod lcm(p-1, q-1) */ !BN_mod_mul(&de, key->d, key->e, &lcm, ctx)) { - OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN); + OPENSSL_PUT_ERROR(RSA, RSA_check_key, ERR_LIB_BN); goto out; } if (BN_cmp(&n, key->n) != 0) { - OPENSSL_PUT_ERROR(RSA, RSA_R_N_NOT_EQUAL_P_Q); + OPENSSL_PUT_ERROR(RSA, RSA_check_key, RSA_R_N_NOT_EQUAL_P_Q); goto out; } if (!BN_is_one(&de)) { - OPENSSL_PUT_ERROR(RSA, RSA_R_D_E_NOT_CONGRUENT_TO_1); + OPENSSL_PUT_ERROR(RSA, RSA_check_key, RSA_R_D_E_NOT_CONGRUENT_TO_1); goto out; } has_crt_values = key->dmp1 != NULL; if (has_crt_values != (key->dmq1 != NULL) || has_crt_values != (key->iqmp != NULL)) { - OPENSSL_PUT_ERROR(RSA, RSA_R_INCONSISTENT_SET_OF_CRT_VALUES); + OPENSSL_PUT_ERROR(RSA, RSA_check_key, RSA_R_INCONSISTENT_SET_OF_CRT_VALUES); goto out; } - if (has_crt_values && num_additional_primes == 0) { + if (has_crt_values) { if (/* dmp1 = d mod (p-1) */ !BN_mod(&dmp1, key->d, &pm1, ctx) || /* dmq1 = d mod (q-1) */ !BN_mod(&dmq1, key->d, &qm1, ctx) || /* iqmp = q^-1 mod p */ !BN_mod_inverse(&iqmp, key->q, key->p, ctx)) { - OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN); + OPENSSL_PUT_ERROR(RSA, RSA_check_key, ERR_LIB_BN); goto out; } if (BN_cmp(&dmp1, key->dmp1) != 0 || BN_cmp(&dmq1, key->dmq1) != 0 || BN_cmp(&iqmp, key->iqmp) != 0) { - OPENSSL_PUT_ERROR(RSA, RSA_R_CRT_VALUES_INCORRECT); + OPENSSL_PUT_ERROR(RSA, RSA_check_key, RSA_R_CRT_VALUES_INCORRECT); goto out; } } @@ -656,17 +613,13 @@ int RSA_recover_crt_params(RSA *rsa) { int ok = 0; if (rsa->n == NULL || rsa->e == NULL || rsa->d == NULL) { - OPENSSL_PUT_ERROR(RSA, RSA_R_EMPTY_PUBLIC_KEY); + OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, RSA_R_EMPTY_PUBLIC_KEY); return 0; } if (rsa->p || rsa->q || rsa->dmp1 || rsa->dmq1 || rsa->iqmp) { - OPENSSL_PUT_ERROR(RSA, RSA_R_CRT_PARAMS_ALREADY_GIVEN); - return 0; - } - - if (rsa->additional_primes != NULL) { - OPENSSL_PUT_ERROR(RSA, RSA_R_CANNOT_RECOVER_MULTI_PRIME_KEY); + OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, + RSA_R_CRT_PARAMS_ALREADY_GIVEN); return 0; } @@ -675,7 +628,7 @@ int RSA_recover_crt_params(RSA *rsa) { ctx = BN_CTX_new(); if (ctx == NULL) { - OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, ERR_R_MALLOC_FAILURE); return 0; } @@ -688,7 +641,7 @@ int RSA_recover_crt_params(RSA *rsa) { if (totient == NULL || rem == NULL || multiple == NULL || p_plus_q == NULL || p_minus_q == NULL) { - OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, ERR_R_MALLOC_FAILURE); goto err; } @@ -716,12 +669,12 @@ int RSA_recover_crt_params(RSA *rsa) { !BN_div(multiple, NULL, totient, rsa->n, ctx) || !BN_add_word(multiple, 1) || !BN_div(totient, rem, totient, multiple, ctx)) { - OPENSSL_PUT_ERROR(RSA, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, ERR_R_BN_LIB); goto err; } if (!BN_is_zero(rem)) { - OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_RSA_PARAMETERS); + OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, RSA_R_BAD_RSA_PARAMETERS); goto err; } @@ -732,7 +685,7 @@ int RSA_recover_crt_params(RSA *rsa) { rsa->iqmp = BN_new(); if (rsa->p == NULL || rsa->q == NULL || rsa->dmp1 == NULL || rsa->dmq1 == NULL || rsa->iqmp == NULL) { - OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, ERR_R_MALLOC_FAILURE); goto err; } @@ -750,12 +703,12 @@ int RSA_recover_crt_params(RSA *rsa) { !BN_rshift1(rsa->q, rsa->q) || !BN_div(rsa->p, NULL, rsa->n, rsa->q, ctx) || !BN_mul(multiple, rsa->p, rsa->q, ctx)) { - OPENSSL_PUT_ERROR(RSA, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, ERR_R_BN_LIB); goto err; } if (BN_cmp(multiple, rsa->n) != 0) { - OPENSSL_PUT_ERROR(RSA, RSA_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, RSA_R_INTERNAL_ERROR); goto err; } @@ -764,7 +717,7 @@ int RSA_recover_crt_params(RSA *rsa) { !BN_sub(rem, rsa->q, BN_value_one()) || !BN_mod(rsa->dmq1, rsa->d, rem, ctx) || !BN_mod_inverse(rsa->iqmp, rsa->q, rsa->p, ctx)) { - OPENSSL_PUT_ERROR(RSA, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, ERR_R_BN_LIB); goto err; } diff --git a/src/crypto/rsa/rsa_asn1.c b/src/crypto/rsa/rsa_asn1.c index e3756ba..924cb8a 100644 --- a/src/crypto/rsa/rsa_asn1.c +++ b/src/crypto/rsa/rsa_asn1.c @@ -55,384 +55,45 @@ #include -#include -#include -#include - #include #include -#include -#include -#include -#include #include "internal.h" -static int parse_integer_buggy(CBS *cbs, BIGNUM **out, int buggy) { - assert(*out == NULL); - *out = BN_new(); - if (*out == NULL) { - return 0; - } - if (buggy) { - return BN_cbs2unsigned_buggy(cbs, *out); - } - return BN_cbs2unsigned(cbs, *out); -} - -static int parse_integer(CBS *cbs, BIGNUM **out) { - return parse_integer_buggy(cbs, out, 0 /* not buggy */); -} - -static int marshal_integer(CBB *cbb, BIGNUM *bn) { - if (bn == NULL) { - /* An RSA object may be missing some components. */ - OPENSSL_PUT_ERROR(RSA, RSA_R_VALUE_MISSING); - return 0; - } - return BN_bn2cbb(cbb, bn); -} - -static RSA *parse_public_key(CBS *cbs, int buggy) { - RSA *ret = RSA_new(); - if (ret == NULL) { - return NULL; - } - CBS child; - if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) || - !parse_integer_buggy(&child, &ret->n, buggy) || - !parse_integer(&child, &ret->e) || - CBS_len(&child) != 0) { - OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_ENCODING); - RSA_free(ret); - return NULL; - } - return ret; -} - -RSA *RSA_parse_public_key(CBS *cbs) { - return parse_public_key(cbs, 0 /* not buggy */); -} - -RSA *RSA_parse_public_key_buggy(CBS *cbs) { - /* Estonian IDs issued between September 2014 to September 2015 are - * broken. See https://crbug.com/532048 and https://crbug.com/534766. - * - * TODO(davidben): Remove this code and callers in March 2016. */ - return parse_public_key(cbs, 1 /* buggy */); -} - -RSA *RSA_public_key_from_bytes(const uint8_t *in, size_t in_len) { - CBS cbs; - CBS_init(&cbs, in, in_len); - RSA *ret = RSA_parse_public_key(&cbs); - if (ret == NULL || CBS_len(&cbs) != 0) { - OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_ENCODING); - RSA_free(ret); - return NULL; - } - return ret; -} - -int RSA_marshal_public_key(CBB *cbb, const RSA *rsa) { - CBB child; - if (!CBB_add_asn1(cbb, &child, CBS_ASN1_SEQUENCE) || - !marshal_integer(&child, rsa->n) || - !marshal_integer(&child, rsa->e) || - !CBB_flush(cbb)) { - OPENSSL_PUT_ERROR(RSA, RSA_R_ENCODE_ERROR); - return 0; - } - return 1; -} - -int RSA_public_key_to_bytes(uint8_t **out_bytes, size_t *out_len, - const RSA *rsa) { - CBB cbb; - CBB_zero(&cbb); - if (!CBB_init(&cbb, 0) || - !RSA_marshal_public_key(&cbb, rsa) || - !CBB_finish(&cbb, out_bytes, out_len)) { - OPENSSL_PUT_ERROR(RSA, RSA_R_ENCODE_ERROR); - CBB_cleanup(&cbb); - return 0; - } - return 1; -} - -/* kVersionTwoPrime and kVersionMulti are the supported values of the version - * field of an RSAPrivateKey structure (RFC 3447). */ -static const uint64_t kVersionTwoPrime = 0; -static const uint64_t kVersionMulti = 1; - -/* rsa_parse_additional_prime parses a DER-encoded OtherPrimeInfo from |cbs| and - * advances |cbs|. It returns a newly-allocated |RSA_additional_prime| on - * success or NULL on error. The |r| and |method_mod| fields of the result are - * set to NULL. */ -static RSA_additional_prime *rsa_parse_additional_prime(CBS *cbs) { - RSA_additional_prime *ret = OPENSSL_malloc(sizeof(RSA_additional_prime)); - if (ret == NULL) { - OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); - return 0; - } - memset(ret, 0, sizeof(RSA_additional_prime)); - - CBS child; - if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) || - !parse_integer(&child, &ret->prime) || - !parse_integer(&child, &ret->exp) || - !parse_integer(&child, &ret->coeff) || - CBS_len(&child) != 0) { - OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_ENCODING); - RSA_additional_prime_free(ret); - return NULL; - } - - return ret; -} - -RSA *RSA_parse_private_key(CBS *cbs) { - BN_CTX *ctx = NULL; - BIGNUM *product_of_primes_so_far = NULL; - RSA *ret = RSA_new(); - if (ret == NULL) { - return NULL; - } - - CBS child; - uint64_t version; - if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) || - !CBS_get_asn1_uint64(&child, &version) || - (version != kVersionTwoPrime && version != kVersionMulti) || - !parse_integer(&child, &ret->n) || - !parse_integer(&child, &ret->e) || - !parse_integer(&child, &ret->d) || - !parse_integer(&child, &ret->p) || - !parse_integer(&child, &ret->q) || - !parse_integer(&child, &ret->dmp1) || - !parse_integer(&child, &ret->dmq1) || - !parse_integer(&child, &ret->iqmp)) { - OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_VERSION); - goto err; - } - - /* Multi-prime RSA requires a newer version. */ - if (version == kVersionMulti && - CBS_peek_asn1_tag(&child, CBS_ASN1_SEQUENCE)) { - CBS other_prime_infos; - if (!CBS_get_asn1(&child, &other_prime_infos, CBS_ASN1_SEQUENCE) || - CBS_len(&other_prime_infos) == 0) { - OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_ENCODING); - goto err; - } - ret->additional_primes = sk_RSA_additional_prime_new_null(); - if (ret->additional_primes == NULL) { - OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); - goto err; - } - - ctx = BN_CTX_new(); - product_of_primes_so_far = BN_new(); - if (ctx == NULL || - product_of_primes_so_far == NULL || - !BN_mul(product_of_primes_so_far, ret->p, ret->q, ctx)) { - goto err; - } - - while (CBS_len(&other_prime_infos) > 0) { - RSA_additional_prime *ap = rsa_parse_additional_prime(&other_prime_infos); - if (ap == NULL) { - goto err; - } - if (!sk_RSA_additional_prime_push(ret->additional_primes, ap)) { - OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); - RSA_additional_prime_free(ap); - goto err; - } - ap->r = BN_dup(product_of_primes_so_far); - if (ap->r == NULL || - !BN_mul(product_of_primes_so_far, product_of_primes_so_far, - ap->prime, ctx)) { - goto err; - } +/* Override the default free and new methods */ +static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, + void *exarg) { + if (operation == ASN1_OP_NEW_PRE) { + *pval = (ASN1_VALUE *)RSA_new(); + if (*pval) { + return 2; } - } - - if (CBS_len(&child) != 0) { - OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_ENCODING); - goto err; - } - - BN_CTX_free(ctx); - BN_free(product_of_primes_so_far); - return ret; - -err: - BN_CTX_free(ctx); - BN_free(product_of_primes_so_far); - RSA_free(ret); - return NULL; -} - -RSA *RSA_private_key_from_bytes(const uint8_t *in, size_t in_len) { - CBS cbs; - CBS_init(&cbs, in, in_len); - RSA *ret = RSA_parse_private_key(&cbs); - if (ret == NULL || CBS_len(&cbs) != 0) { - OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_ENCODING); - RSA_free(ret); - return NULL; - } - return ret; -} - -int RSA_marshal_private_key(CBB *cbb, const RSA *rsa) { - const int is_multiprime = - sk_RSA_additional_prime_num(rsa->additional_primes) > 0; - - CBB child; - if (!CBB_add_asn1(cbb, &child, CBS_ASN1_SEQUENCE) || - !CBB_add_asn1_uint64(&child, - is_multiprime ? kVersionMulti : kVersionTwoPrime) || - !marshal_integer(&child, rsa->n) || - !marshal_integer(&child, rsa->e) || - !marshal_integer(&child, rsa->d) || - !marshal_integer(&child, rsa->p) || - !marshal_integer(&child, rsa->q) || - !marshal_integer(&child, rsa->dmp1) || - !marshal_integer(&child, rsa->dmq1) || - !marshal_integer(&child, rsa->iqmp)) { - OPENSSL_PUT_ERROR(RSA, RSA_R_ENCODE_ERROR); - return 0; - } - - if (is_multiprime) { - CBB other_prime_infos; - if (!CBB_add_asn1(&child, &other_prime_infos, CBS_ASN1_SEQUENCE)) { - OPENSSL_PUT_ERROR(RSA, RSA_R_ENCODE_ERROR); - return 0; - } - size_t i; - for (i = 0; i < sk_RSA_additional_prime_num(rsa->additional_primes); i++) { - RSA_additional_prime *ap = - sk_RSA_additional_prime_value(rsa->additional_primes, i); - CBB other_prime_info; - if (!CBB_add_asn1(&other_prime_infos, &other_prime_info, - CBS_ASN1_SEQUENCE) || - !marshal_integer(&other_prime_info, ap->prime) || - !marshal_integer(&other_prime_info, ap->exp) || - !marshal_integer(&other_prime_info, ap->coeff)) { - OPENSSL_PUT_ERROR(RSA, RSA_R_ENCODE_ERROR); - return 0; - } - } - } - - if (!CBB_flush(cbb)) { - OPENSSL_PUT_ERROR(RSA, RSA_R_ENCODE_ERROR); return 0; + } else if (operation == ASN1_OP_FREE_PRE) { + RSA_free((RSA *)*pval); + *pval = NULL; + return 2; } return 1; } -int RSA_private_key_to_bytes(uint8_t **out_bytes, size_t *out_len, - const RSA *rsa) { - CBB cbb; - CBB_zero(&cbb); - if (!CBB_init(&cbb, 0) || - !RSA_marshal_private_key(&cbb, rsa) || - !CBB_finish(&cbb, out_bytes, out_len)) { - OPENSSL_PUT_ERROR(RSA, RSA_R_ENCODE_ERROR); - CBB_cleanup(&cbb); - return 0; - } - return 1; -} +ASN1_SEQUENCE_cb(RSAPrivateKey, rsa_cb) = { + ASN1_SIMPLE(RSA, version, LONG), + ASN1_SIMPLE(RSA, n, BIGNUM), + ASN1_SIMPLE(RSA, e, BIGNUM), + ASN1_SIMPLE(RSA, d, BIGNUM), + ASN1_SIMPLE(RSA, p, BIGNUM), + ASN1_SIMPLE(RSA, q, BIGNUM), + ASN1_SIMPLE(RSA, dmp1, BIGNUM), + ASN1_SIMPLE(RSA, dmq1, BIGNUM), + ASN1_SIMPLE(RSA, iqmp, BIGNUM), +} ASN1_SEQUENCE_END_cb(RSA, RSAPrivateKey); -RSA *d2i_RSAPublicKey(RSA **out, const uint8_t **inp, long len) { - if (len < 0) { - return NULL; - } - CBS cbs; - CBS_init(&cbs, *inp, (size_t)len); - RSA *ret = RSA_parse_public_key(&cbs); - if (ret == NULL) { - return NULL; - } - if (out != NULL) { - RSA_free(*out); - *out = ret; - } - *inp += (size_t)len - CBS_len(&cbs); - return ret; -} - -int i2d_RSAPublicKey(const RSA *in, uint8_t **outp) { - uint8_t *der; - size_t der_len; - if (!RSA_public_key_to_bytes(&der, &der_len, in)) { - return -1; - } - if (der_len > INT_MAX) { - OPENSSL_PUT_ERROR(RSA, ERR_R_OVERFLOW); - OPENSSL_free(der); - return -1; - } - if (outp != NULL) { - if (*outp == NULL) { - *outp = der; - der = NULL; - } else { - memcpy(*outp, der, der_len); - *outp += der_len; - } - } - OPENSSL_free(der); - return (int)der_len; -} - -RSA *d2i_RSAPrivateKey(RSA **out, const uint8_t **inp, long len) { - if (len < 0) { - return NULL; - } - CBS cbs; - CBS_init(&cbs, *inp, (size_t)len); - RSA *ret = RSA_parse_private_key(&cbs); - if (ret == NULL) { - return NULL; - } - if (out != NULL) { - RSA_free(*out); - *out = ret; - } - *inp += (size_t)len - CBS_len(&cbs); - return ret; -} - -int i2d_RSAPrivateKey(const RSA *in, uint8_t **outp) { - uint8_t *der; - size_t der_len; - if (!RSA_private_key_to_bytes(&der, &der_len, in)) { - return -1; - } - if (der_len > INT_MAX) { - OPENSSL_PUT_ERROR(RSA, ERR_R_OVERFLOW); - OPENSSL_free(der); - return -1; - } - if (outp != NULL) { - if (*outp == NULL) { - *outp = der; - der = NULL; - } else { - memcpy(*outp, der, der_len); - *outp += der_len; - } - } - OPENSSL_free(der); - return (int)der_len; -} +ASN1_SEQUENCE_cb(RSAPublicKey, rsa_cb) = { + ASN1_SIMPLE(RSA, n, BIGNUM), + ASN1_SIMPLE(RSA, e, BIGNUM), +} ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey); ASN1_SEQUENCE(RSA_PSS_PARAMS) = { ASN1_EXP_OPT(RSA_PSS_PARAMS, hashAlgorithm, X509_ALGOR,0), @@ -443,24 +104,22 @@ ASN1_SEQUENCE(RSA_PSS_PARAMS) = { IMPLEMENT_ASN1_FUNCTIONS(RSA_PSS_PARAMS); +ASN1_SEQUENCE(RSA_OAEP_PARAMS) = { + ASN1_EXP_OPT(RSA_OAEP_PARAMS, hashFunc, X509_ALGOR, 0), + ASN1_EXP_OPT(RSA_OAEP_PARAMS, maskGenFunc, X509_ALGOR, 1), + ASN1_EXP_OPT(RSA_OAEP_PARAMS, pSourceFunc, X509_ALGOR, 2), +} ASN1_SEQUENCE_END(RSA_OAEP_PARAMS); + +IMPLEMENT_ASN1_FUNCTIONS(RSA_OAEP_PARAMS); + +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPrivateKey, RSAPrivateKey); + +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPublicKey, RSAPublicKey); + RSA *RSAPublicKey_dup(const RSA *rsa) { - uint8_t *der; - size_t der_len; - if (!RSA_public_key_to_bytes(&der, &der_len, rsa)) { - return NULL; - } - RSA *ret = RSA_public_key_from_bytes(der, der_len); - OPENSSL_free(der); - return ret; + return ASN1_item_dup(ASN1_ITEM_rptr(RSAPublicKey), (RSA *) rsa); } RSA *RSAPrivateKey_dup(const RSA *rsa) { - uint8_t *der; - size_t der_len; - if (!RSA_private_key_to_bytes(&der, &der_len, rsa)) { - return NULL; - } - RSA *ret = RSA_private_key_from_bytes(der, der_len); - OPENSSL_free(der); - return ret; + return ASN1_item_dup(ASN1_ITEM_rptr(RSAPrivateKey), (RSA *) rsa); } diff --git a/src/crypto/rsa/rsa_impl.c b/src/crypto/rsa/rsa_impl.c index eb4a36f..e14f0f5 100644 --- a/src/crypto/rsa/rsa_impl.c +++ b/src/crypto/rsa/rsa_impl.c @@ -78,15 +78,6 @@ static int finish(RSA *rsa) { BN_MONT_CTX_free(rsa->_method_mod_p); BN_MONT_CTX_free(rsa->_method_mod_q); - if (rsa->additional_primes != NULL) { - size_t i; - for (i = 0; i < sk_RSA_additional_prime_num(rsa->additional_primes); i++) { - RSA_additional_prime *ap = - sk_RSA_additional_prime_value(rsa->additional_primes, i); - BN_MONT_CTX_free(ap->method_mod); - } - } - return 1; } @@ -103,24 +94,24 @@ static int encrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, int i, ret = 0; if (rsa_size > OPENSSL_RSA_MAX_MODULUS_BITS) { - OPENSSL_PUT_ERROR(RSA, RSA_R_MODULUS_TOO_LARGE); + OPENSSL_PUT_ERROR(RSA, encrypt, RSA_R_MODULUS_TOO_LARGE); return 0; } if (max_out < rsa_size) { - OPENSSL_PUT_ERROR(RSA, RSA_R_OUTPUT_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, encrypt, RSA_R_OUTPUT_BUFFER_TOO_SMALL); return 0; } if (BN_ucmp(rsa->n, rsa->e) <= 0) { - OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_E_VALUE); + OPENSSL_PUT_ERROR(RSA, encrypt, RSA_R_BAD_E_VALUE); return 0; } /* for large moduli, enforce exponent limit */ if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS && BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) { - OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_E_VALUE); + OPENSSL_PUT_ERROR(RSA, encrypt, RSA_R_BAD_E_VALUE); return 0; } @@ -134,7 +125,7 @@ static int encrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, result = BN_CTX_get(ctx); buf = OPENSSL_malloc(rsa_size); if (!f || !result || !buf) { - OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, encrypt, ERR_R_MALLOC_FAILURE); goto err; } @@ -151,7 +142,7 @@ static int encrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, i = RSA_padding_add_none(buf, rsa_size, in, in_len); break; default: - OPENSSL_PUT_ERROR(RSA, RSA_R_UNKNOWN_PADDING_TYPE); + OPENSSL_PUT_ERROR(RSA, encrypt, RSA_R_UNKNOWN_PADDING_TYPE); goto err; } @@ -165,7 +156,7 @@ static int encrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, if (BN_ucmp(f, rsa->n) >= 0) { /* usually the padding functions would catch this */ - OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_MODULUS); + OPENSSL_PUT_ERROR(RSA, encrypt, RSA_R_DATA_TOO_LARGE_FOR_MODULUS); goto err; } @@ -184,7 +175,7 @@ static int encrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, /* put in leading 0 bytes if the number is less than the length of the * modulus */ if (!BN_bn2bin_padded(out, rsa_size, result)) { - OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(RSA, encrypt, ERR_R_INTERNAL_ERROR); goto err; } @@ -318,13 +309,13 @@ static int sign_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, int i, ret = 0; if (max_out < rsa_size) { - OPENSSL_PUT_ERROR(RSA, RSA_R_OUTPUT_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, sign_raw, RSA_R_OUTPUT_BUFFER_TOO_SMALL); return 0; } buf = OPENSSL_malloc(rsa_size); if (buf == NULL) { - OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, sign_raw, ERR_R_MALLOC_FAILURE); goto err; } @@ -336,7 +327,7 @@ static int sign_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, i = RSA_padding_add_none(buf, rsa_size, in, in_len); break; default: - OPENSSL_PUT_ERROR(RSA, RSA_R_UNKNOWN_PADDING_TYPE); + OPENSSL_PUT_ERROR(RSA, sign_raw, RSA_R_UNKNOWN_PADDING_TYPE); goto err; } @@ -368,23 +359,18 @@ static int decrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, int ret = 0; if (max_out < rsa_size) { - OPENSSL_PUT_ERROR(RSA, RSA_R_OUTPUT_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, decrypt, RSA_R_OUTPUT_BUFFER_TOO_SMALL); return 0; } - if (padding == RSA_NO_PADDING) { - buf = out; - } else { - /* Allocate a temporary buffer to hold the padded plaintext. */ - buf = OPENSSL_malloc(rsa_size); - if (buf == NULL) { - OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); - goto err; - } + buf = OPENSSL_malloc(rsa_size); + if (buf == NULL) { + OPENSSL_PUT_ERROR(RSA, decrypt, ERR_R_MALLOC_FAILURE); + goto err; } if (in_len != rsa_size) { - OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_LEN_NOT_EQUAL_TO_MOD_LEN); + OPENSSL_PUT_ERROR(RSA, decrypt, RSA_R_DATA_LEN_NOT_EQUAL_TO_MOD_LEN); goto err; } @@ -402,22 +388,22 @@ static int decrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, NULL, 0, NULL, NULL); break; case RSA_NO_PADDING: - r = rsa_size; + r = RSA_padding_check_none(out, rsa_size, buf, rsa_size); break; default: - OPENSSL_PUT_ERROR(RSA, RSA_R_UNKNOWN_PADDING_TYPE); + OPENSSL_PUT_ERROR(RSA, decrypt, RSA_R_UNKNOWN_PADDING_TYPE); goto err; } if (r < 0) { - OPENSSL_PUT_ERROR(RSA, RSA_R_PADDING_CHECK_FAILED); + OPENSSL_PUT_ERROR(RSA, decrypt, RSA_R_PADDING_CHECK_FAILED); } else { *out_len = r; ret = 1; } err: - if (padding != RSA_NO_PADDING && buf != NULL) { + if (buf != NULL) { OPENSSL_cleanse(buf, rsa_size); OPENSSL_free(buf); } @@ -435,24 +421,24 @@ static int verify_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, BN_CTX *ctx = NULL; if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) { - OPENSSL_PUT_ERROR(RSA, RSA_R_MODULUS_TOO_LARGE); + OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_MODULUS_TOO_LARGE); return 0; } if (BN_ucmp(rsa->n, rsa->e) <= 0) { - OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_E_VALUE); + OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_BAD_E_VALUE); return 0; } if (max_out < rsa_size) { - OPENSSL_PUT_ERROR(RSA, RSA_R_OUTPUT_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_OUTPUT_BUFFER_TOO_SMALL); return 0; } /* for large moduli, enforce exponent limit */ if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS && BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) { - OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_E_VALUE); + OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_BAD_E_VALUE); return 0; } @@ -464,23 +450,14 @@ static int verify_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, BN_CTX_start(ctx); f = BN_CTX_get(ctx); result = BN_CTX_get(ctx); - if (padding == RSA_NO_PADDING) { - buf = out; - } else { - /* Allocate a temporary buffer to hold the padded plaintext. */ - buf = OPENSSL_malloc(rsa_size); - if (buf == NULL) { - OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); - goto err; - } - } - if (!f || !result) { - OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + buf = OPENSSL_malloc(rsa_size); + if (!f || !result || !buf) { + OPENSSL_PUT_ERROR(RSA, verify_raw, ERR_R_MALLOC_FAILURE); goto err; } if (in_len != rsa_size) { - OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_LEN_NOT_EQUAL_TO_MOD_LEN); + OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_DATA_LEN_NOT_EQUAL_TO_MOD_LEN); goto err; } @@ -489,7 +466,7 @@ static int verify_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, } if (BN_ucmp(f, rsa->n) >= 0) { - OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_MODULUS); + OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_DATA_TOO_LARGE_FOR_MODULUS); goto err; } @@ -506,7 +483,7 @@ static int verify_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, } if (!BN_bn2bin_padded(buf, rsa_size, result)) { - OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(RSA, verify_raw, ERR_R_INTERNAL_ERROR); goto err; } @@ -515,15 +492,15 @@ static int verify_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, r = RSA_padding_check_PKCS1_type_1(out, rsa_size, buf, rsa_size); break; case RSA_NO_PADDING: - r = rsa_size; + r = RSA_padding_check_none(out, rsa_size, buf, rsa_size); break; default: - OPENSSL_PUT_ERROR(RSA, RSA_R_UNKNOWN_PADDING_TYPE); + OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_UNKNOWN_PADDING_TYPE); goto err; } if (r < 0) { - OPENSSL_PUT_ERROR(RSA, RSA_R_PADDING_CHECK_FAILED); + OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_PADDING_CHECK_FAILED); } else { *out_len = r; ret = 1; @@ -534,7 +511,7 @@ err: BN_CTX_end(ctx); BN_CTX_free(ctx); } - if (padding != RSA_NO_PADDING && buf != NULL) { + if (buf != NULL) { OPENSSL_cleanse(buf, rsa_size); OPENSSL_free(buf); } @@ -558,7 +535,7 @@ static int private_transform(RSA *rsa, uint8_t *out, const uint8_t *in, result = BN_CTX_get(ctx); if (f == NULL || result == NULL) { - OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, private_transform, ERR_R_MALLOC_FAILURE); goto err; } @@ -568,14 +545,14 @@ static int private_transform(RSA *rsa, uint8_t *out, const uint8_t *in, if (BN_ucmp(f, rsa->n) >= 0) { /* Usually the padding functions would catch this. */ - OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_MODULUS); + OPENSSL_PUT_ERROR(RSA, private_transform, RSA_R_DATA_TOO_LARGE_FOR_MODULUS); goto err; } if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) { blinding = rsa_blinding_get(rsa, &blinding_index, ctx); if (blinding == NULL) { - OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(RSA, private_transform, ERR_R_INTERNAL_ERROR); goto err; } if (!BN_BLINDING_convert_ex(f, NULL, blinding, ctx)) { @@ -616,7 +593,7 @@ static int private_transform(RSA *rsa, uint8_t *out, const uint8_t *in, } if (!BN_bn2bin_padded(out, len, result)) { - OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(RSA, private_transform, ERR_R_INTERNAL_ERROR); goto err; } @@ -639,11 +616,6 @@ static int mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) { BIGNUM local_dmp1, local_dmq1, local_c, local_r1; BIGNUM *dmp1, *dmq1, *c, *pr1; int ret = 0; - size_t i, num_additional_primes = 0; - - if (rsa->additional_primes != NULL) { - num_additional_primes = sk_RSA_additional_prime_num(rsa->additional_primes); - } BN_CTX_start(ctx); r1 = BN_CTX_get(ctx); @@ -752,42 +724,6 @@ static int mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) { goto err; } - for (i = 0; i < num_additional_primes; i++) { - /* multi-prime RSA. */ - BIGNUM local_exp, local_prime; - BIGNUM *exp = &local_exp, *prime = &local_prime; - RSA_additional_prime *ap = - sk_RSA_additional_prime_value(rsa->additional_primes, i); - - BN_with_flags(exp, ap->exp, BN_FLG_CONSTTIME); - BN_with_flags(prime, ap->prime, BN_FLG_CONSTTIME); - - /* c will already point to a BIGNUM with the correct flags. */ - if (!BN_mod(r1, c, prime, ctx)) { - goto err; - } - - if ((rsa->flags & RSA_FLAG_CACHE_PRIVATE) && - !BN_MONT_CTX_set_locked(&ap->method_mod, &rsa->lock, prime, ctx)) { - goto err; - } - - if (!rsa->meth->bn_mod_exp(m1, r1, exp, prime, ctx, ap->method_mod)) { - goto err; - } - - BN_set_flags(m1, BN_FLG_CONSTTIME); - - if (!BN_sub(m1, m1, r0) || - !BN_mul(m1, m1, ap->coeff, ctx) || - !BN_mod(m1, m1, prime, ctx) || - (BN_is_negative(m1) && !BN_add(m1, m1, prime)) || - !BN_mul(m1, m1, ap->r, ctx) || - !BN_add(r0, r0, m1)) { - goto err; - } - } - if (rsa->e && rsa->n) { if (!rsa->meth->bn_mod_exp(vrfy, r0, rsa->e, rsa->n, ctx, rsa->_method_mod_n)) { @@ -830,20 +766,12 @@ err: return ret; } -static int keygen_multiprime(RSA *rsa, int bits, int num_primes, - BIGNUM *e_value, BN_GENCB *cb) { +static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { BIGNUM *r0 = NULL, *r1 = NULL, *r2 = NULL, *r3 = NULL, *tmp; BIGNUM local_r0, local_d, local_p; BIGNUM *pr0, *d, *p; - int prime_bits, ok = -1, n = 0, i, j; + int bitsp, bitsq, ok = -1, n = 0; BN_CTX *ctx = NULL; - STACK_OF(RSA_additional_prime) *additional_primes = NULL; - - if (num_primes < 2) { - ok = 0; /* we set our own err */ - OPENSSL_PUT_ERROR(RSA, RSA_R_MUST_HAVE_AT_LEAST_TWO_PRIMES); - goto err; - } ctx = BN_CTX_new(); if (ctx == NULL) { @@ -854,36 +782,12 @@ static int keygen_multiprime(RSA *rsa, int bits, int num_primes, r1 = BN_CTX_get(ctx); r2 = BN_CTX_get(ctx); r3 = BN_CTX_get(ctx); - if (r0 == NULL || r1 == NULL || r2 == NULL || r3 == NULL) { + if (r3 == NULL) { goto err; } - if (num_primes > 2) { - additional_primes = sk_RSA_additional_prime_new_null(); - if (additional_primes == NULL) { - goto err; - } - } - - for (i = 2; i < num_primes; i++) { - RSA_additional_prime *ap = OPENSSL_malloc(sizeof(RSA_additional_prime)); - if (ap == NULL) { - goto err; - } - memset(ap, 0, sizeof(RSA_additional_prime)); - ap->prime = BN_new(); - ap->exp = BN_new(); - ap->coeff = BN_new(); - ap->r = BN_new(); - if (ap->prime == NULL || - ap->exp == NULL || - ap->coeff == NULL || - ap->r == NULL || - !sk_RSA_additional_prime_push(additional_primes, ap)) { - RSA_additional_prime_free(ap); - goto err; - } - } + bitsp = (bits + 1) / 2; + bitsq = bits - bitsp; /* We need the RSA components non-NULL */ if (!rsa->n && ((rsa->n = BN_new()) == NULL)) { @@ -911,14 +815,11 @@ static int keygen_multiprime(RSA *rsa, int bits, int num_primes, goto err; } - if (!BN_copy(rsa->e, e_value)) { - goto err; - } + BN_copy(rsa->e, e_value); /* generate p and q */ - prime_bits = (bits + (num_primes - 1)) / num_primes; for (;;) { - if (!BN_generate_prime_ex(rsa->p, prime_bits, 0, NULL, NULL, cb) || + if (!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb) || !BN_sub(r2, rsa->p, BN_value_one()) || !BN_gcd(r1, r2, rsa->e, ctx)) { goto err; @@ -933,20 +834,19 @@ static int keygen_multiprime(RSA *rsa, int bits, int num_primes, if (!BN_GENCB_call(cb, 3, 0)) { goto err; } - prime_bits = ((bits - prime_bits) + (num_primes - 2)) / (num_primes - 1); for (;;) { /* When generating ridiculously small keys, we can get stuck * continually regenerating the same prime values. Check for * this and bail if it happens 3 times. */ unsigned int degenerate = 0; do { - if (!BN_generate_prime_ex(rsa->q, prime_bits, 0, NULL, NULL, cb)) { + if (!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb)) { goto err; } } while ((BN_cmp(rsa->p, rsa->q) == 0) && (++degenerate < 3)); if (degenerate == 3) { ok = 0; /* we set our own err */ - OPENSSL_PUT_ERROR(RSA, RSA_R_KEY_SIZE_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, keygen, RSA_R_KEY_SIZE_TOO_SMALL); goto err; } if (!BN_sub(r2, rsa->q, BN_value_one()) || @@ -960,91 +860,20 @@ static int keygen_multiprime(RSA *rsa, int bits, int num_primes, goto err; } } - - if (!BN_GENCB_call(cb, 3, 1) || - !BN_mul(rsa->n, rsa->p, rsa->q, ctx)) { + if (!BN_GENCB_call(cb, 3, 1)) { goto err; } - - for (i = 2; i < num_primes; i++) { - RSA_additional_prime *ap = - sk_RSA_additional_prime_value(additional_primes, i - 2); - prime_bits = ((bits - BN_num_bits(rsa->n)) + (num_primes - (i + 1))) / - (num_primes - i); - - for (;;) { - if (!BN_generate_prime_ex(ap->prime, prime_bits, 0, NULL, NULL, cb)) { - goto err; - } - if (BN_cmp(rsa->p, ap->prime) == 0 || - BN_cmp(rsa->q, ap->prime) == 0) { - continue; - } - - for (j = 0; j < i - 2; j++) { - if (BN_cmp(sk_RSA_additional_prime_value(additional_primes, j)->prime, - ap->prime) == 0) { - break; - } - } - if (j != i - 2) { - continue; - } - - if (!BN_sub(r2, ap->prime, BN_value_one()) || - !BN_gcd(r1, r2, rsa->e, ctx)) { - goto err; - } - - if (!BN_is_one(r1)) { - continue; - } - if (i != num_primes - 1) { - break; - } - - /* For the last prime we'll check that it makes n large enough. In the - * two prime case this isn't a problem because we generate primes with - * the top two bits set and so the product is always of the expected - * size. In the multi prime case, this doesn't follow. */ - if (!BN_mul(r1, rsa->n, ap->prime, ctx)) { - goto err; - } - if (BN_num_bits(r1) == bits) { - break; - } - - if (!BN_GENCB_call(cb, 2, n++)) { - goto err; - } - } - - /* ap->r is is the product of all the primes prior to the current one - * (including p and q). */ - if (!BN_copy(ap->r, rsa->n)) { - goto err; - } - if (i == num_primes - 1) { - /* In the case of the last prime, we calculated n as |r1| in the loop - * above. */ - if (!BN_copy(rsa->n, r1)) { - goto err; - } - } else if (!BN_mul(rsa->n, rsa->n, ap->prime, ctx)) { - goto err; - } - - if (!BN_GENCB_call(cb, 3, 1)) { - goto err; - } - } - if (BN_cmp(rsa->p, rsa->q) < 0) { tmp = rsa->p; rsa->p = rsa->q; rsa->q = tmp; } + /* calculate n */ + if (!BN_mul(rsa->n, rsa->p, rsa->q, ctx)) { + goto err; + } + /* calculate d */ if (!BN_sub(r1, rsa->p, BN_value_one())) { goto err; /* p-1 */ @@ -1055,14 +884,6 @@ static int keygen_multiprime(RSA *rsa, int bits, int num_primes, if (!BN_mul(r0, r1, r2, ctx)) { goto err; /* (p-1)(q-1) */ } - for (i = 2; i < num_primes; i++) { - RSA_additional_prime *ap = - sk_RSA_additional_prime_value(additional_primes, i - 2); - if (!BN_sub(r3, ap->prime, BN_value_one()) || - !BN_mul(r0, r0, r3, ctx)) { - goto err; - } - } pr0 = &local_r0; BN_with_flags(pr0, r0, BN_FLG_CONSTTIME); if (!BN_mod_inverse(rsa->d, rsa->e, pr0, ctx)) { @@ -1091,36 +912,19 @@ static int keygen_multiprime(RSA *rsa, int bits, int num_primes, goto err; } - for (i = 2; i < num_primes; i++) { - RSA_additional_prime *ap = - sk_RSA_additional_prime_value(additional_primes, i - 2); - if (!BN_sub(ap->exp, ap->prime, BN_value_one()) || - !BN_mod(ap->exp, rsa->d, ap->exp, ctx) || - !BN_mod_inverse(ap->coeff, ap->r, ap->prime, ctx)) { - goto err; - } - } - ok = 1; - rsa->additional_primes = additional_primes; - additional_primes = NULL; err: if (ok == -1) { - OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN); + OPENSSL_PUT_ERROR(RSA, keygen, ERR_LIB_BN); ok = 0; } if (ctx != NULL) { BN_CTX_end(ctx); BN_CTX_free(ctx); } - sk_RSA_additional_prime_pop_free(additional_primes, - RSA_additional_prime_free); - return ok; -} -static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { - return keygen_multiprime(rsa, bits, 2 /* num primes */, e_value, cb); + return ok; } const struct rsa_meth_st RSA_default_method = { @@ -1151,7 +955,4 @@ const struct rsa_meth_st RSA_default_method = { RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE, keygen, - keygen_multiprime, - - NULL /* supports_digest */, }; diff --git a/src/crypto/rsa/rsa_test.c b/src/crypto/rsa/rsa_test.c new file mode 100644 index 0000000..318cf3f --- /dev/null +++ b/src/crypto/rsa/rsa_test.c @@ -0,0 +1,511 @@ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ + +#include + +#include +#include + +#include +#include +#include +#include + + +#define SetKey \ + key->n = BN_bin2bn(n, sizeof(n) - 1, key->n); \ + key->e = BN_bin2bn(e, sizeof(e) - 1, key->e); \ + key->d = BN_bin2bn(d, sizeof(d) - 1, key->d); \ + key->p = BN_bin2bn(p, sizeof(p) - 1, key->p); \ + key->q = BN_bin2bn(q, sizeof(q) - 1, key->q); \ + key->dmp1 = BN_bin2bn(dmp1, sizeof(dmp1) - 1, key->dmp1); \ + key->dmq1 = BN_bin2bn(dmq1, sizeof(dmq1) - 1, key->dmq1); \ + key->iqmp = BN_bin2bn(iqmp, sizeof(iqmp) - 1, key->iqmp); \ + memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \ + return (sizeof(ctext_ex) - 1); + +static int key1(RSA *key, unsigned char *c) { + static unsigned char n[] = + "\x00\xAA\x36\xAB\xCE\x88\xAC\xFD\xFF\x55\x52\x3C\x7F\xC4\x52\x3F" + "\x90\xEF\xA0\x0D\xF3\x77\x4A\x25\x9F\x2E\x62\xB4\xC5\xD9\x9C\xB5" + "\xAD\xB3\x00\xA0\x28\x5E\x53\x01\x93\x0E\x0C\x70\xFB\x68\x76\x93" + "\x9C\xE6\x16\xCE\x62\x4A\x11\xE0\x08\x6D\x34\x1E\xBC\xAC\xA0\xA1" + "\xF5"; + + static unsigned char e[] = "\x11"; + + static unsigned char d[] = + "\x0A\x03\x37\x48\x62\x64\x87\x69\x5F\x5F\x30\xBC\x38\xB9\x8B\x44" + "\xC2\xCD\x2D\xFF\x43\x40\x98\xCD\x20\xD8\xA1\x38\xD0\x90\xBF\x64" + "\x79\x7C\x3F\xA7\xA2\xCD\xCB\x3C\xD1\xE0\xBD\xBA\x26\x54\xB4\xF9" + "\xDF\x8E\x8A\xE5\x9D\x73\x3D\x9F\x33\xB3\x01\x62\x4A\xFD\x1D\x51"; + + static unsigned char p[] = + "\x00\xD8\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5" + "\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x12" + "\x0D"; + + static unsigned char q[] = + "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9" + "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D" + "\x89"; + + static unsigned char dmp1[] = + "\x59\x0B\x95\x72\xA2\xC2\xA9\xC4\x06\x05\x9D\xC2\xAB\x2F\x1D\xAF" + "\xEB\x7E\x8B\x4F\x10\xA7\x54\x9E\x8E\xED\xF5\xB4\xFC\xE0\x9E\x05"; + + static unsigned char dmq1[] = + "\x00\x8E\x3C\x05\x21\xFE\x15\xE0\xEA\x06\xA3\x6F\xF0\xF1\x0C\x99" + "\x52\xC3\x5B\x7A\x75\x14\xFD\x32\x38\xB8\x0A\xAD\x52\x98\x62\x8D" + "\x51"; + + static unsigned char iqmp[] = + "\x36\x3F\xF7\x18\x9D\xA8\xE9\x0B\x1D\x34\x1F\x71\xD0\x9B\x76\xA8" + "\xA9\x43\xE1\x1D\x10\xB2\x4D\x24\x9F\x2D\xEA\xFE\xF8\x0C\x18\x26"; + + static unsigned char ctext_ex[] = + "\x1b\x8f\x05\xf9\xca\x1a\x79\x52\x6e\x53\xf3\xcc\x51\x4f\xdb\x89" + "\x2b\xfb\x91\x93\x23\x1e\x78\xb9\x92\xe6\x8d\x50\xa4\x80\xcb\x52" + "\x33\x89\x5c\x74\x95\x8d\x5d\x02\xab\x8c\x0f\xd0\x40\xeb\x58\x44" + "\xb0\x05\xc3\x9e\xd8\x27\x4a\x9d\xbf\xa8\x06\x71\x40\x94\x39\xd2"; + + SetKey; +} + +static int key2(RSA *key, unsigned char *c) { + static unsigned char n[] = + "\x00\xA3\x07\x9A\x90\xDF\x0D\xFD\x72\xAC\x09\x0C\xCC\x2A\x78\xB8" + "\x74\x13\x13\x3E\x40\x75\x9C\x98\xFA\xF8\x20\x4F\x35\x8A\x0B\x26" + "\x3C\x67\x70\xE7\x83\xA9\x3B\x69\x71\xB7\x37\x79\xD2\x71\x7B\xE8" + "\x34\x77\xCF"; + + static unsigned char e[] = "\x3"; + + static unsigned char d[] = + "\x6C\xAF\xBC\x60\x94\xB3\xFE\x4C\x72\xB0\xB3\x32\xC6\xFB\x25\xA2" + "\xB7\x62\x29\x80\x4E\x68\x65\xFC\xA4\x5A\x74\xDF\x0F\x8F\xB8\x41" + "\x3B\x52\xC0\xD0\xE5\x3D\x9B\x59\x0F\xF1\x9B\xE7\x9F\x49\xDD\x21" + "\xE5\xEB"; + + static unsigned char p[] = + "\x00\xCF\x20\x35\x02\x8B\x9D\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92" + "\xEA\x0D\xA3\xB4\x32\x04\xB5\xCF\xCE\x91"; + + static unsigned char q[] = + "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9" + "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5F"; + + static unsigned char dmp1[] = + "\x00\x8A\x15\x78\xAC\x5D\x13\xAF\x10\x2B\x22\xB9\x99\xCD\x74\x61" + "\xF1\x5E\x6D\x22\xCC\x03\x23\xDF\xDF\x0B"; + + static unsigned char dmq1[] = + "\x00\x86\x55\x21\x4A\xC5\x4D\x8D\x4E\xCD\x61\x77\xF1\xC7\x36\x90" + "\xCE\x2A\x48\x2C\x8B\x05\x99\xCB\xE0\x3F"; + + static unsigned char iqmp[] = + "\x00\x83\xEF\xEF\xB8\xA9\xA4\x0D\x1D\xB6\xED\x98\xAD\x84\xED\x13" + "\x35\xDC\xC1\x08\xF3\x22\xD0\x57\xCF\x8D"; + + static unsigned char ctext_ex[] = + "\x14\xbd\xdd\x28\xc9\x83\x35\x19\x23\x80\xe8\xe5\x49\xb1\x58\x2a" + "\x8b\x40\xb4\x48\x6d\x03\xa6\xa5\x31\x1f\x1f\xd5\xf0\xa1\x80\xe4" + "\x17\x53\x03\x29\xa9\x34\x90\x74\xb1\x52\x13\x54\x29\x08\x24\x52" + "\x62\x51"; + + SetKey; +} + +static int key3(RSA *key, unsigned char *c) { + static unsigned char n[] = + "\x00\xBB\xF8\x2F\x09\x06\x82\xCE\x9C\x23\x38\xAC\x2B\x9D\xA8\x71" + "\xF7\x36\x8D\x07\xEE\xD4\x10\x43\xA4\x40\xD6\xB6\xF0\x74\x54\xF5" + "\x1F\xB8\xDF\xBA\xAF\x03\x5C\x02\xAB\x61\xEA\x48\xCE\xEB\x6F\xCD" + "\x48\x76\xED\x52\x0D\x60\xE1\xEC\x46\x19\x71\x9D\x8A\x5B\x8B\x80" + "\x7F\xAF\xB8\xE0\xA3\xDF\xC7\x37\x72\x3E\xE6\xB4\xB7\xD9\x3A\x25" + "\x84\xEE\x6A\x64\x9D\x06\x09\x53\x74\x88\x34\xB2\x45\x45\x98\x39" + "\x4E\xE0\xAA\xB1\x2D\x7B\x61\xA5\x1F\x52\x7A\x9A\x41\xF6\xC1\x68" + "\x7F\xE2\x53\x72\x98\xCA\x2A\x8F\x59\x46\xF8\xE5\xFD\x09\x1D\xBD" + "\xCB"; + + static unsigned char e[] = "\x11"; + + static unsigned char d[] = + "\x00\xA5\xDA\xFC\x53\x41\xFA\xF2\x89\xC4\xB9\x88\xDB\x30\xC1\xCD" + "\xF8\x3F\x31\x25\x1E\x06\x68\xB4\x27\x84\x81\x38\x01\x57\x96\x41" + "\xB2\x94\x10\xB3\xC7\x99\x8D\x6B\xC4\x65\x74\x5E\x5C\x39\x26\x69" + "\xD6\x87\x0D\xA2\xC0\x82\xA9\x39\xE3\x7F\xDC\xB8\x2E\xC9\x3E\xDA" + "\xC9\x7F\xF3\xAD\x59\x50\xAC\xCF\xBC\x11\x1C\x76\xF1\xA9\x52\x94" + "\x44\xE5\x6A\xAF\x68\xC5\x6C\x09\x2C\xD3\x8D\xC3\xBE\xF5\xD2\x0A" + "\x93\x99\x26\xED\x4F\x74\xA1\x3E\xDD\xFB\xE1\xA1\xCE\xCC\x48\x94" + "\xAF\x94\x28\xC2\xB7\xB8\x88\x3F\xE4\x46\x3A\x4B\xC8\x5B\x1C\xB3" + "\xC1"; + + static unsigned char p[] = + "\x00\xEE\xCF\xAE\x81\xB1\xB9\xB3\xC9\x08\x81\x0B\x10\xA1\xB5\x60" + "\x01\x99\xEB\x9F\x44\xAE\xF4\xFD\xA4\x93\xB8\x1A\x9E\x3D\x84\xF6" + "\x32\x12\x4E\xF0\x23\x6E\x5D\x1E\x3B\x7E\x28\xFA\xE7\xAA\x04\x0A" + "\x2D\x5B\x25\x21\x76\x45\x9D\x1F\x39\x75\x41\xBA\x2A\x58\xFB\x65" + "\x99"; + + static unsigned char q[] = + "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9" + "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D" + "\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5" + "\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x15" + "\x03"; + + static unsigned char dmp1[] = + "\x54\x49\x4C\xA6\x3E\xBA\x03\x37\xE4\xE2\x40\x23\xFC\xD6\x9A\x5A" + "\xEB\x07\xDD\xDC\x01\x83\xA4\xD0\xAC\x9B\x54\xB0\x51\xF2\xB1\x3E" + "\xD9\x49\x09\x75\xEA\xB7\x74\x14\xFF\x59\xC1\xF7\x69\x2E\x9A\x2E" + "\x20\x2B\x38\xFC\x91\x0A\x47\x41\x74\xAD\xC9\x3C\x1F\x67\xC9\x81"; + + static unsigned char dmq1[] = + "\x47\x1E\x02\x90\xFF\x0A\xF0\x75\x03\x51\xB7\xF8\x78\x86\x4C\xA9" + "\x61\xAD\xBD\x3A\x8A\x7E\x99\x1C\x5C\x05\x56\xA9\x4C\x31\x46\xA7" + "\xF9\x80\x3F\x8F\x6F\x8A\xE3\x42\xE9\x31\xFD\x8A\xE4\x7A\x22\x0D" + "\x1B\x99\xA4\x95\x84\x98\x07\xFE\x39\xF9\x24\x5A\x98\x36\xDA\x3D"; + + static unsigned char iqmp[] = + "\x00\xB0\x6C\x4F\xDA\xBB\x63\x01\x19\x8D\x26\x5B\xDB\xAE\x94\x23" + "\xB3\x80\xF2\x71\xF7\x34\x53\x88\x50\x93\x07\x7F\xCD\x39\xE2\x11" + "\x9F\xC9\x86\x32\x15\x4F\x58\x83\xB1\x67\xA9\x67\xBF\x40\x2B\x4E" + "\x9E\x2E\x0F\x96\x56\xE6\x98\xEA\x36\x66\xED\xFB\x25\x79\x80\x39" + "\xF7"; + + static unsigned char ctext_ex[] = + "\xb8\x24\x6b\x56\xa6\xed\x58\x81\xae\xb5\x85\xd9\xa2\x5b\x2a\xd7" + "\x90\xc4\x17\xe0\x80\x68\x1b\xf1\xac\x2b\xc3\xde\xb6\x9d\x8b\xce" + "\xf0\xc4\x36\x6f\xec\x40\x0a\xf0\x52\xa7\x2e\x9b\x0e\xff\xb5\xb3" + "\xf2\xf1\x92\xdb\xea\xca\x03\xc1\x27\x40\x05\x71\x13\xbf\x1f\x06" + "\x69\xac\x22\xe9\xf3\xa7\x85\x2e\x3c\x15\xd9\x13\xca\xb0\xb8\x86" + "\x3a\x95\xc9\x92\x94\xce\x86\x74\x21\x49\x54\x61\x03\x46\xf4\xd4" + "\x74\xb2\x6f\x7c\x48\xb4\x2e\xe6\x8e\x1f\x57\x2a\x1f\xc4\x02\x6a" + "\xc4\x56\xb4\xf5\x9f\x7b\x62\x1e\xa1\xb9\xd8\x8f\x64\x20\x2f\xb1"; + + SetKey; +} + +static int test_bad_key(void) { + RSA *key = RSA_new(); + BIGNUM e; + + BN_init(&e); + BN_set_word(&e, RSA_F4); + + if (!RSA_generate_key_ex(key, 512, &e, NULL)) { + fprintf(stderr, "RSA_generate_key_ex failed.\n"); + ERR_print_errors_fp(stderr); + return 0; + } + + if (!BN_add(key->p, key->p, BN_value_one())) { + fprintf(stderr, "BN error.\n"); + ERR_print_errors_fp(stderr); + return 0; + } + + if (RSA_check_key(key)) { + fprintf(stderr, "RSA_check_key passed with invalid key!\n"); + return 0; + } + + ERR_clear_error(); + BN_free(&e); + RSA_free(key); + return 1; +} + +static int test_only_d_given(void) { + RSA *key = RSA_new(); + uint8_t buf[64]; + unsigned buf_len = sizeof(buf); + const uint8_t kDummyHash[16] = {0}; + int ret = 0; + + if (!BN_hex2bn(&key->n, + "00e77bbf3889d4ef36a9a25d4d69f3f632eb4362214c74517da6d6aeaa9bd" + "09ac42b26621cd88f3a6eb013772fc3bf9f83914b6467231c630202c35b3e" + "5808c659") || + !BN_hex2bn(&key->e, "010001") || + !BN_hex2bn(&key->d, + "0365db9eb6d73b53b015c40cd8db4de7dd7035c68b5ac1bf786d7a4ee2cea" + "316eaeca21a73ac365e58713195f2ae9849348525ca855386b6d028e437a9" + "495a01") || + RSA_size(key) > sizeof(buf)) { + goto err; + } + + if (!RSA_check_key(key)) { + fprintf(stderr, "RSA_check_key failed with only d given.\n"); + ERR_print_errors_fp(stderr); + goto err; + } + + if (!RSA_sign(NID_sha256, kDummyHash, sizeof(kDummyHash), buf, &buf_len, + key)) { + fprintf(stderr, "RSA_sign failed with only d given.\n"); + ERR_print_errors_fp(stderr); + goto err; + } + + if (!RSA_verify(NID_sha256, kDummyHash, sizeof(kDummyHash), buf, buf_len, + key)) { + fprintf(stderr, "RSA_verify failed with only d given.\n"); + ERR_print_errors_fp(stderr); + goto err; + } + + ret = 1; + +err: + RSA_free(key); + return ret; +} + +static int test_recover_crt_params(void) { + RSA *key1, *key2; + BIGNUM *e = BN_new(); + uint8_t buf[128]; + unsigned buf_len = sizeof(buf); + const uint8_t kDummyHash[16] = {0}; + unsigned i; + + BN_set_word(e, RSA_F4); + + ERR_clear_error(); + + for (i = 0; i < 1; i++) { + key1 = RSA_new(); + if (!RSA_generate_key_ex(key1, 512, e, NULL)) { + fprintf(stderr, "RSA_generate_key_ex failed.\n"); + ERR_print_errors_fp(stderr); + return 0; + } + + if (!RSA_check_key(key1)) { + fprintf(stderr, "RSA_check_key failed with original key.\n"); + ERR_print_errors_fp(stderr); + return 0; + } + + key2 = RSA_new(); + key2->n = BN_dup(key1->n); + key2->e = BN_dup(key1->e); + key2->d = BN_dup(key1->d); + RSA_free(key1); + + if (!RSA_recover_crt_params(key2)) { + fprintf(stderr, "RSA_recover_crt_params failed.\n"); + ERR_print_errors_fp(stderr); + return 0; + } + + if (RSA_size(key2) > buf_len) { + return 0; + } + + if (!RSA_check_key(key2)) { + fprintf(stderr, "RSA_check_key failed with recovered key.\n"); + ERR_print_errors_fp(stderr); + return 0; + } + + if (!RSA_sign(NID_sha256, kDummyHash, sizeof(kDummyHash), buf, &buf_len, + key2)) { + fprintf(stderr, "RSA_sign failed with recovered key.\n"); + ERR_print_errors_fp(stderr); + return 0; + } + + if (!RSA_verify(NID_sha256, kDummyHash, sizeof(kDummyHash), buf, buf_len, + key2)) { + fprintf(stderr, "RSA_verify failed with recovered key.\n"); + ERR_print_errors_fp(stderr); + return 0; + } + + RSA_free(key2); + } + + BN_free(e); + return 1; +} + +int main(int argc, char *argv[]) { + int err = 0; + int v; + RSA *key; + unsigned char ptext[256]; + unsigned char ctext[256]; + static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a"; + unsigned char ctext_ex[256]; + int plen; + int clen = 0; + int num; + int n; + + CRYPTO_library_init(); + + plen = sizeof(ptext_ex) - 1; + + for (v = 0; v < 3; v++) { + key = RSA_new(); + switch (v) { + case 0: + clen = key1(key, ctext_ex); + break; + case 1: + clen = key2(key, ctext_ex); + break; + case 2: + clen = key3(key, ctext_ex); + break; + default: + abort(); + } + + if (!RSA_check_key(key)) { + printf("%d: RSA_check_key failed\n", v); + err = 1; + goto oaep; + } + + num = RSA_public_encrypt(plen, ptext_ex, ctext, key, RSA_PKCS1_PADDING); + if (num != clen) { + printf("PKCS#1 v1.5 encryption failed!\n"); + err = 1; + goto oaep; + } + + num = RSA_private_decrypt(num, ctext, ptext, key, RSA_PKCS1_PADDING); + if (num != plen || memcmp(ptext, ptext_ex, num) != 0) { + printf("PKCS#1 v1.5 decryption failed!\n"); + err = 1; + } else { + printf("PKCS #1 v1.5 encryption/decryption ok\n"); + } + + oaep: + ERR_clear_error(); + num = + RSA_public_encrypt(plen, ptext_ex, ctext, key, RSA_PKCS1_OAEP_PADDING); + if (num == -1) { + printf("No OAEP support\n"); + goto next; + } + if (num != clen) { + printf("OAEP encryption failed!\n"); + err = 1; + goto next; + } + + num = RSA_private_decrypt(num, ctext, ptext, key, RSA_PKCS1_OAEP_PADDING); + if (num != plen || memcmp(ptext, ptext_ex, num) != 0) { + printf("OAEP decryption (encrypted data) failed!\n"); + err = 1; + } else if (memcmp(ctext, ctext_ex, num) == 0) { + printf("OAEP test vector %d passed!\n", v); + } + + /* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT). + Try decrypting ctext_ex */ + + num = + RSA_private_decrypt(clen, ctext_ex, ptext, key, RSA_PKCS1_OAEP_PADDING); + + if (num != plen || memcmp(ptext, ptext_ex, num) != 0) { + printf("OAEP decryption (test vector data) failed!\n"); + err = 1; + } else { + printf("OAEP encryption/decryption ok\n"); + } + + /* Try decrypting corrupted ciphertexts */ + for (n = 0; n < clen; ++n) { + int b; + unsigned char saved = ctext[n]; + for (b = 0; b < 256; ++b) { + if (b == saved) { + continue; + } + ctext[n] = b; + num = + RSA_private_decrypt(num, ctext, ptext, key, RSA_PKCS1_OAEP_PADDING); + if (num > 0) { + printf("Corrupt data decrypted!\n"); + err = 1; + } + } + } + + next: + RSA_free(key); + } + + if (err != 0 || + !test_only_d_given() || + !test_recover_crt_params() || + !test_bad_key()) { + err = 1; + } + + if (err == 0) { + printf("PASS\n"); + } + return err; +} diff --git a/src/crypto/rsa/rsa_test.cc b/src/crypto/rsa/rsa_test.cc deleted file mode 100644 index d52b78b..0000000 --- a/src/crypto/rsa/rsa_test.cc +++ /dev/null @@ -1,869 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#include - -#include -#include - -#include -#include -#include -#include -#include - -#include "../test/scoped_types.h" - - -// kPlaintext is a sample plaintext. -static const uint8_t kPlaintext[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a"; -static const size_t kPlaintextLen = sizeof(kPlaintext) - 1; - -// kKey1 is a DER-encoded RSAPrivateKey. -static const uint8_t kKey1[] = - "\x30\x82\x01\x38\x02\x01\x00\x02\x41\x00\xaa\x36\xab\xce\x88\xac\xfd\xff" - "\x55\x52\x3c\x7f\xc4\x52\x3f\x90\xef\xa0\x0d\xf3\x77\x4a\x25\x9f\x2e\x62" - "\xb4\xc5\xd9\x9c\xb5\xad\xb3\x00\xa0\x28\x5e\x53\x01\x93\x0e\x0c\x70\xfb" - "\x68\x76\x93\x9c\xe6\x16\xce\x62\x4a\x11\xe0\x08\x6d\x34\x1e\xbc\xac\xa0" - "\xa1\xf5\x02\x01\x11\x02\x40\x0a\x03\x37\x48\x62\x64\x87\x69\x5f\x5f\x30" - "\xbc\x38\xb9\x8b\x44\xc2\xcd\x2d\xff\x43\x40\x98\xcd\x20\xd8\xa1\x38\xd0" - "\x90\xbf\x64\x79\x7c\x3f\xa7\xa2\xcd\xcb\x3c\xd1\xe0\xbd\xba\x26\x54\xb4" - "\xf9\xdf\x8e\x8a\xe5\x9d\x73\x3d\x9f\x33\xb3\x01\x62\x4a\xfd\x1d\x51\x02" - "\x21\x00\xd8\x40\xb4\x16\x66\xb4\x2e\x92\xea\x0d\xa3\xb4\x32\x04\xb5\xcf" - "\xce\x33\x52\x52\x4d\x04\x16\xa5\xa4\x41\xe7\x00\xaf\x46\x12\x0d\x02\x21" - "\x00\xc9\x7f\xb1\xf0\x27\xf4\x53\xf6\x34\x12\x33\xea\xaa\xd1\xd9\x35\x3f" - "\x6c\x42\xd0\x88\x66\xb1\xd0\x5a\x0f\x20\x35\x02\x8b\x9d\x89\x02\x20\x59" - "\x0b\x95\x72\xa2\xc2\xa9\xc4\x06\x05\x9d\xc2\xab\x2f\x1d\xaf\xeb\x7e\x8b" - "\x4f\x10\xa7\x54\x9e\x8e\xed\xf5\xb4\xfc\xe0\x9e\x05\x02\x21\x00\x8e\x3c" - "\x05\x21\xfe\x15\xe0\xea\x06\xa3\x6f\xf0\xf1\x0c\x99\x52\xc3\x5b\x7a\x75" - "\x14\xfd\x32\x38\xb8\x0a\xad\x52\x98\x62\x8d\x51\x02\x20\x36\x3f\xf7\x18" - "\x9d\xa8\xe9\x0b\x1d\x34\x1f\x71\xd0\x9b\x76\xa8\xa9\x43\xe1\x1d\x10\xb2" - "\x4d\x24\x9f\x2d\xea\xfe\xf8\x0c\x18\x26"; - -// kOAEPCiphertext1 is a sample encryption of |kPlaintext| with |kKey1| using -// RSA OAEP. -static const uint8_t kOAEPCiphertext1[] = - "\x1b\x8f\x05\xf9\xca\x1a\x79\x52\x6e\x53\xf3\xcc\x51\x4f\xdb\x89\x2b\xfb" - "\x91\x93\x23\x1e\x78\xb9\x92\xe6\x8d\x50\xa4\x80\xcb\x52\x33\x89\x5c\x74" - "\x95\x8d\x5d\x02\xab\x8c\x0f\xd0\x40\xeb\x58\x44\xb0\x05\xc3\x9e\xd8\x27" - "\x4a\x9d\xbf\xa8\x06\x71\x40\x94\x39\xd2"; - -// kKey2 is a DER-encoded RSAPrivateKey. -static const uint8_t kKey2[] = - "\x30\x81\xfb\x02\x01\x00\x02\x33\x00\xa3\x07\x9a\x90\xdf\x0d\xfd\x72\xac" - "\x09\x0c\xcc\x2a\x78\xb8\x74\x13\x13\x3e\x40\x75\x9c\x98\xfa\xf8\x20\x4f" - "\x35\x8a\x0b\x26\x3c\x67\x70\xe7\x83\xa9\x3b\x69\x71\xb7\x37\x79\xd2\x71" - "\x7b\xe8\x34\x77\xcf\x02\x01\x03\x02\x32\x6c\xaf\xbc\x60\x94\xb3\xfe\x4c" - "\x72\xb0\xb3\x32\xc6\xfb\x25\xa2\xb7\x62\x29\x80\x4e\x68\x65\xfc\xa4\x5a" - "\x74\xdf\x0f\x8f\xb8\x41\x3b\x52\xc0\xd0\xe5\x3d\x9b\x59\x0f\xf1\x9b\xe7" - "\x9f\x49\xdd\x21\xe5\xeb\x02\x1a\x00\xcf\x20\x35\x02\x8b\x9d\x86\x98\x40" - "\xb4\x16\x66\xb4\x2e\x92\xea\x0d\xa3\xb4\x32\x04\xb5\xcf\xce\x91\x02\x1a" - "\x00\xc9\x7f\xb1\xf0\x27\xf4\x53\xf6\x34\x12\x33\xea\xaa\xd1\xd9\x35\x3f" - "\x6c\x42\xd0\x88\x66\xb1\xd0\x5f\x02\x1a\x00\x8a\x15\x78\xac\x5d\x13\xaf" - "\x10\x2b\x22\xb9\x99\xcd\x74\x61\xf1\x5e\x6d\x22\xcc\x03\x23\xdf\xdf\x0b" - "\x02\x1a\x00\x86\x55\x21\x4a\xc5\x4d\x8d\x4e\xcd\x61\x77\xf1\xc7\x36\x90" - "\xce\x2a\x48\x2c\x8b\x05\x99\xcb\xe0\x3f\x02\x1a\x00\x83\xef\xef\xb8\xa9" - "\xa4\x0d\x1d\xb6\xed\x98\xad\x84\xed\x13\x35\xdc\xc1\x08\xf3\x22\xd0\x57" - "\xcf\x8d"; - -// kOAEPCiphertext2 is a sample encryption of |kPlaintext| with |kKey2| using -// RSA OAEP. -static const uint8_t kOAEPCiphertext2[] = - "\x14\xbd\xdd\x28\xc9\x83\x35\x19\x23\x80\xe8\xe5\x49\xb1\x58\x2a\x8b\x40" - "\xb4\x48\x6d\x03\xa6\xa5\x31\x1f\x1f\xd5\xf0\xa1\x80\xe4\x17\x53\x03\x29" - "\xa9\x34\x90\x74\xb1\x52\x13\x54\x29\x08\x24\x52\x62\x51"; - -// kKey3 is a DER-encoded RSAPrivateKey. -static const uint8_t kKey3[] = - "\x30\x82\x02\x5b\x02\x01\x00\x02\x81\x81\x00\xbb\xf8\x2f\x09\x06\x82\xce" - "\x9c\x23\x38\xac\x2b\x9d\xa8\x71\xf7\x36\x8d\x07\xee\xd4\x10\x43\xa4\x40" - "\xd6\xb6\xf0\x74\x54\xf5\x1f\xb8\xdf\xba\xaf\x03\x5c\x02\xab\x61\xea\x48" - "\xce\xeb\x6f\xcd\x48\x76\xed\x52\x0d\x60\xe1\xec\x46\x19\x71\x9d\x8a\x5b" - "\x8b\x80\x7f\xaf\xb8\xe0\xa3\xdf\xc7\x37\x72\x3e\xe6\xb4\xb7\xd9\x3a\x25" - "\x84\xee\x6a\x64\x9d\x06\x09\x53\x74\x88\x34\xb2\x45\x45\x98\x39\x4e\xe0" - "\xaa\xb1\x2d\x7b\x61\xa5\x1f\x52\x7a\x9a\x41\xf6\xc1\x68\x7f\xe2\x53\x72" - "\x98\xca\x2a\x8f\x59\x46\xf8\xe5\xfd\x09\x1d\xbd\xcb\x02\x01\x11\x02\x81" - "\x81\x00\xa5\xda\xfc\x53\x41\xfa\xf2\x89\xc4\xb9\x88\xdb\x30\xc1\xcd\xf8" - "\x3f\x31\x25\x1e\x06\x68\xb4\x27\x84\x81\x38\x01\x57\x96\x41\xb2\x94\x10" - "\xb3\xc7\x99\x8d\x6b\xc4\x65\x74\x5e\x5c\x39\x26\x69\xd6\x87\x0d\xa2\xc0" - "\x82\xa9\x39\xe3\x7f\xdc\xb8\x2e\xc9\x3e\xda\xc9\x7f\xf3\xad\x59\x50\xac" - "\xcf\xbc\x11\x1c\x76\xf1\xa9\x52\x94\x44\xe5\x6a\xaf\x68\xc5\x6c\x09\x2c" - "\xd3\x8d\xc3\xbe\xf5\xd2\x0a\x93\x99\x26\xed\x4f\x74\xa1\x3e\xdd\xfb\xe1" - "\xa1\xce\xcc\x48\x94\xaf\x94\x28\xc2\xb7\xb8\x88\x3f\xe4\x46\x3a\x4b\xc8" - "\x5b\x1c\xb3\xc1\x02\x41\x00\xee\xcf\xae\x81\xb1\xb9\xb3\xc9\x08\x81\x0b" - "\x10\xa1\xb5\x60\x01\x99\xeb\x9f\x44\xae\xf4\xfd\xa4\x93\xb8\x1a\x9e\x3d" - "\x84\xf6\x32\x12\x4e\xf0\x23\x6e\x5d\x1e\x3b\x7e\x28\xfa\xe7\xaa\x04\x0a" - "\x2d\x5b\x25\x21\x76\x45\x9d\x1f\x39\x75\x41\xba\x2a\x58\xfb\x65\x99\x02" - "\x41\x00\xc9\x7f\xb1\xf0\x27\xf4\x53\xf6\x34\x12\x33\xea\xaa\xd1\xd9\x35" - "\x3f\x6c\x42\xd0\x88\x66\xb1\xd0\x5a\x0f\x20\x35\x02\x8b\x9d\x86\x98\x40" - "\xb4\x16\x66\xb4\x2e\x92\xea\x0d\xa3\xb4\x32\x04\xb5\xcf\xce\x33\x52\x52" - "\x4d\x04\x16\xa5\xa4\x41\xe7\x00\xaf\x46\x15\x03\x02\x40\x54\x49\x4c\xa6" - "\x3e\xba\x03\x37\xe4\xe2\x40\x23\xfc\xd6\x9a\x5a\xeb\x07\xdd\xdc\x01\x83" - "\xa4\xd0\xac\x9b\x54\xb0\x51\xf2\xb1\x3e\xd9\x49\x09\x75\xea\xb7\x74\x14" - "\xff\x59\xc1\xf7\x69\x2e\x9a\x2e\x20\x2b\x38\xfc\x91\x0a\x47\x41\x74\xad" - "\xc9\x3c\x1f\x67\xc9\x81\x02\x40\x47\x1e\x02\x90\xff\x0a\xf0\x75\x03\x51" - "\xb7\xf8\x78\x86\x4c\xa9\x61\xad\xbd\x3a\x8a\x7e\x99\x1c\x5c\x05\x56\xa9" - "\x4c\x31\x46\xa7\xf9\x80\x3f\x8f\x6f\x8a\xe3\x42\xe9\x31\xfd\x8a\xe4\x7a" - "\x22\x0d\x1b\x99\xa4\x95\x84\x98\x07\xfe\x39\xf9\x24\x5a\x98\x36\xda\x3d" - "\x02\x41\x00\xb0\x6c\x4f\xda\xbb\x63\x01\x19\x8d\x26\x5b\xdb\xae\x94\x23" - "\xb3\x80\xf2\x71\xf7\x34\x53\x88\x50\x93\x07\x7f\xcd\x39\xe2\x11\x9f\xc9" - "\x86\x32\x15\x4f\x58\x83\xb1\x67\xa9\x67\xbf\x40\x2b\x4e\x9e\x2e\x0f\x96" - "\x56\xe6\x98\xea\x36\x66\xed\xfb\x25\x79\x80\x39\xf7"; - -// kOAEPCiphertext3 is a sample encryption of |kPlaintext| with |kKey3| using -// RSA OAEP. -static const uint8_t kOAEPCiphertext3[] = - "\xb8\x24\x6b\x56\xa6\xed\x58\x81\xae\xb5\x85\xd9\xa2\x5b\x2a\xd7\x90\xc4" - "\x17\xe0\x80\x68\x1b\xf1\xac\x2b\xc3\xde\xb6\x9d\x8b\xce\xf0\xc4\x36\x6f" - "\xec\x40\x0a\xf0\x52\xa7\x2e\x9b\x0e\xff\xb5\xb3\xf2\xf1\x92\xdb\xea\xca" - "\x03\xc1\x27\x40\x05\x71\x13\xbf\x1f\x06\x69\xac\x22\xe9\xf3\xa7\x85\x2e" - "\x3c\x15\xd9\x13\xca\xb0\xb8\x86\x3a\x95\xc9\x92\x94\xce\x86\x74\x21\x49" - "\x54\x61\x03\x46\xf4\xd4\x74\xb2\x6f\x7c\x48\xb4\x2e\xe6\x8e\x1f\x57\x2a" - "\x1f\xc4\x02\x6a\xc4\x56\xb4\xf5\x9f\x7b\x62\x1e\xa1\xb9\xd8\x8f\x64\x20" - "\x2f\xb1"; - -static const uint8_t kTwoPrimeKey[] = - "\x30\x82\x04\xa1\x02\x01\x00\x02\x82\x01\x01\x00\x93\x3a\x4f\xc9\x6a\x0a" - "\x6b\x28\x04\xfa\xb7\x05\x56\xdf\xa0\xaa\x4f\xaa\xab\x94\xa0\xa9\x25\xef" - "\xc5\x96\xd2\xd4\x66\x16\x62\x2c\x13\x7b\x91\xd0\x36\x0a\x10\x11\x6d\x7a" - "\x91\xb6\xe4\x74\x57\xc1\x3d\x7a\xbe\x24\x05\x3a\x04\x0b\x73\x91\x53\xb1" - "\x74\x10\xe1\x87\xdc\x91\x28\x9c\x1e\xe5\xf2\xb9\xfc\xa2\x48\x34\xb6\x78" - "\xed\x6d\x95\xfb\xf2\xc0\x4e\x1c\xa4\x15\x00\x3c\x8a\x68\x2b\xd6\xce\xd5" - "\xb3\x9f\x66\x02\xa7\x0d\x08\xa3\x23\x9b\xe5\x36\x96\x13\x22\xf9\x69\xa6" - "\x87\x88\x9b\x85\x3f\x83\x9c\xab\x1a\x1b\x6d\x8d\x16\xf4\x5e\xbd\xee\x4b" - "\x59\x56\xf8\x9d\x58\xcd\xd2\x83\x85\x59\x43\x84\x63\x4f\xe6\x1a\x86\x66" - "\x0d\xb5\xa0\x87\x89\xb6\x13\x82\x43\xda\x34\x92\x3b\x68\xc4\x95\x71\x2f" - "\x15\xc2\xe0\x43\x67\x3c\x08\x00\x36\x10\xc3\xb4\x46\x4c\x4e\x6e\xf5\x44" - "\xa9\x04\x44\x9d\xce\xc7\x05\x79\xee\x11\xcf\xaf\x2c\xd7\x9a\x32\xd3\xa5" - "\x30\xd4\x3a\x78\x43\x37\x74\x22\x90\x24\x04\x11\xd7\x95\x08\x52\xa4\x71" - "\x41\x68\x94\xb0\xa0\xc3\xec\x4e\xd2\xc4\x30\x71\x98\x64\x9c\xe3\x7c\x76" - "\xef\x33\xa3\x2b\xb1\x87\x63\xd2\x5c\x09\xfc\x90\x2d\x92\xf4\x57\x02\x01" - "\x03\x02\x82\x01\x00\x62\x26\xdf\xdb\x9c\x06\xf2\x1a\xad\xfc\x7a\x03\x8f" - "\x3f\xc0\x71\x8a\x71\xc7\xb8\x6b\x1b\x6e\x9f\xd9\x0f\x37\x38\x44\x0e\xec" - "\x1d\x62\x52\x61\x35\x79\x5c\x0a\xb6\x48\xfc\x61\x24\x98\x4d\x8f\xd6\x28" - "\xfc\x7e\xc2\xae\x26\xad\x5c\xf7\xb6\x37\xcb\xa2\xb5\xeb\xaf\xe8\x60\xc5" - "\xbd\x69\xee\xa1\xd1\x53\x16\xda\xcd\xce\xfb\x48\xf3\xb9\x52\xa1\xd5\x89" - "\x68\x6d\x63\x55\x7d\xb1\x9a\xc7\xe4\x89\xe3\xcd\x14\xee\xac\x6f\x5e\x05" - "\xc2\x17\xbd\x43\x79\xb9\x62\x17\x50\xf1\x19\xaf\xb0\x67\xae\x2a\x57\xbd" - "\xc7\x66\xbc\xf3\xb3\x64\xa1\xe3\x16\x74\x9e\xea\x02\x5c\xab\x94\xd8\x97" - "\x02\x42\x0c\x2c\xba\x54\xb9\xaf\xe0\x45\x93\xad\x7f\xb3\x10\x6a\x96\x50" - "\x4b\xaf\xcf\xc8\x27\x62\x2d\x83\xe9\x26\xc6\x94\xc1\xef\x5c\x8e\x06\x42" - "\x53\xe5\x56\xaf\xc2\x99\x01\xaa\x9a\x71\xbc\xe8\x21\x33\x2a\x2d\xa3\x36" - "\xac\x1b\x86\x19\xf8\xcd\x1f\x80\xa4\x26\x98\xb8\x9f\x62\x62\xd5\x1a\x7f" - "\xee\xdb\xdf\x81\xd3\x21\xdb\x33\x92\xee\xff\xe2\x2f\x32\x77\x73\x6a\x58" - "\xab\x21\xf3\xe3\xe1\xbc\x4f\x12\x72\xa6\xb5\xc2\xfb\x27\x9e\xc8\xca\xab" - "\x64\xa0\x87\x07\x9d\xef\xca\x0f\xdb\x02\x81\x81\x00\xe6\xd3\x4d\xc0\xa1" - "\x91\x0e\x62\xfd\xb0\xdd\xc6\x30\xb8\x8c\xcb\x14\xc1\x4b\x69\x30\xdd\xcd" - "\x86\x67\xcb\x37\x14\xc5\x03\xd2\xb4\x69\xab\x3d\xe5\x16\x81\x0f\xe5\x50" - "\xf4\x18\xb1\xec\xbc\x71\xe9\x80\x99\x06\xe4\xa3\xfe\x44\x84\x4a\x2d\x1e" - "\x07\x7f\x22\x70\x6d\x4f\xd4\x93\x0b\x8b\x99\xce\x1e\xab\xcd\x4c\xd2\xd3" - "\x10\x47\x5c\x09\x9f\x6d\x82\xc0\x08\x75\xe3\x3d\x83\xc2\x19\x50\x29\xec" - "\x1f\x84\x29\xcc\xf1\x56\xee\xbd\x54\x5d\xe6\x19\xdf\x0d\x1c\xa4\xbb\x0a" - "\xfe\x84\x44\x29\x1d\xf9\x5c\x80\x96\x5b\x24\xb4\xf7\x02\x1b\x02\x81\x81" - "\x00\xa3\x48\xf1\x9c\x58\xc2\x5f\x38\xfb\xd8\x12\x39\xf1\x8e\x73\xa1\xcf" - "\x78\x12\xe0\xed\x2a\xbb\xef\xac\x23\xb2\xbf\xd6\x0c\xe9\x6e\x1e\xab\xea" - "\x3f\x68\x36\xa7\x1f\xe5\xab\xe0\x86\xa5\x76\x32\x98\xdd\x75\xb5\x2b\xbc" - "\xcb\x8a\x03\x00\x7c\x2e\xca\xf8\xbc\x19\xe4\xe3\xa3\x31\xbd\x1d\x20\x2b" - "\x09\xad\x6f\x4c\xed\x48\xd4\xdf\x87\xf9\xf0\x46\xb9\x86\x4c\x4b\x71\xe7" - "\x48\x78\xdc\xed\xc7\x82\x02\x44\xd3\xa6\xb3\x10\x5f\x62\x81\xfc\xb8\xe4" - "\x0e\xf4\x1a\xdd\xab\x3f\xbc\x63\x79\x5b\x39\x69\x5e\xea\xa9\x15\xfe\x90" - "\xec\xda\x75\x02\x81\x81\x00\x99\xe2\x33\xd5\xc1\x0b\x5e\xec\xa9\x20\x93" - "\xd9\x75\xd0\x5d\xdc\xb8\x80\xdc\xf0\xcb\x3e\x89\x04\x45\x32\x24\xb8\x83" - "\x57\xe1\xcd\x9b\xc7\x7e\x98\xb9\xab\x5f\xee\x35\xf8\x10\x76\x9d\xd2\xf6" - "\x9b\xab\x10\xaf\x43\x17\xfe\xd8\x58\x31\x73\x69\x5a\x54\xc1\xa0\x48\xdf" - "\xe3\x0c\xb2\x5d\x11\x34\x14\x72\x88\xdd\xe1\xe2\x0a\xda\x3d\x5b\xbf\x9e" - "\x57\x2a\xb0\x4e\x97\x7e\x57\xd6\xbb\x8a\xc6\x9d\x6a\x58\x1b\xdd\xf6\x39" - "\xf4\x7e\x38\x3e\x99\x66\x94\xb3\x68\x6d\xd2\x07\x54\x58\x2d\x70\xbe\xa6" - "\x3d\xab\x0e\xe7\x6d\xcd\xfa\x01\x67\x02\x81\x80\x6c\xdb\x4b\xbd\x90\x81" - "\x94\xd0\xa7\xe5\x61\x7b\xf6\x5e\xf7\xc1\x34\xfa\xb7\x40\x9e\x1c\x7d\x4a" - "\x72\xc2\x77\x2a\x8e\xb3\x46\x49\x69\xc7\xf1\x7f\x9a\xcf\x1a\x15\x43\xc7" - "\xeb\x04\x6e\x4e\xcc\x65\xe8\xf9\x23\x72\x7d\xdd\x06\xac\xaa\xfd\x74\x87" - "\x50\x7d\x66\x98\x97\xc2\x21\x28\xbe\x15\x72\x06\x73\x9f\x88\x9e\x30\x8d" - "\xea\x5a\xa6\xa0\x2f\x26\x59\x88\x32\x4b\xef\x85\xa5\xe8\x9e\x85\x01\x56" - "\xd8\x8d\x19\xcc\xb5\x94\xec\x56\xa8\x7b\x42\xb4\xa2\xbc\x93\xc7\x7f\xd2" - "\xec\xfb\x92\x26\x46\x3f\x47\x1b\x63\xff\x0b\x48\x91\xa3\x02\x81\x80\x2c" - "\x4a\xb9\xa4\x46\x7b\xff\x50\x7e\xbf\x60\x47\x3b\x2b\x66\x82\xdc\x0e\x53" - "\x65\x71\xe9\xda\x2a\xb8\x32\x93\x42\xb7\xff\xea\x67\x66\xf1\xbc\x87\x28" - "\x65\x29\x79\xca\xab\x93\x56\xda\x95\xc1\x26\x44\x3d\x27\xc1\x91\xc6\x9b" - "\xd9\xec\x9d\xb7\x49\xe7\x16\xee\x99\x87\x50\x95\x81\xd4\x5c\x5b\x5a\x5d" - "\x0a\x43\xa5\xa7\x8f\x5a\x80\x49\xa0\xb7\x10\x85\xc7\xf4\x42\x34\x86\xb6" - "\x5f\x3f\x88\x9e\xc7\xf5\x59\x29\x39\x68\x48\xf2\xd7\x08\x5b\x92\x8e\x6b" - "\xea\xa5\x63\x5f\xc0\xfb\xe4\xe1\xb2\x7d\xb7\x40\xe9\x55\x06\xbf\x58\x25" - "\x6f"; - -static const uint8_t kTwoPrimeEncryptedMessage[] = { - 0x63, 0x0a, 0x30, 0x45, 0x43, 0x11, 0x45, 0xb7, 0x99, 0x67, 0x90, 0x35, - 0x37, 0x27, 0xff, 0xbc, 0xe0, 0xbf, 0xa6, 0xd1, 0x47, 0x50, 0xbb, 0x6c, - 0x1c, 0xaa, 0x66, 0xf2, 0xff, 0x9d, 0x9a, 0xa6, 0xb4, 0x16, 0x63, 0xb0, - 0xa1, 0x7c, 0x7c, 0x0c, 0xef, 0xb3, 0x66, 0x52, 0x42, 0xd7, 0x5e, 0xf3, - 0xa4, 0x15, 0x33, 0x40, 0x43, 0xe8, 0xb1, 0xfc, 0xe0, 0x42, 0x83, 0x46, - 0x28, 0xce, 0xde, 0x7b, 0x01, 0xeb, 0x28, 0x92, 0x70, 0xdf, 0x8d, 0x54, - 0x9e, 0xed, 0x23, 0xb4, 0x78, 0xc3, 0xca, 0x85, 0x53, 0x48, 0xd6, 0x8a, - 0x87, 0xf7, 0x69, 0xcd, 0x82, 0x8c, 0x4f, 0x5c, 0x05, 0x55, 0xa6, 0x78, - 0x89, 0xab, 0x4c, 0xd8, 0xa9, 0xd6, 0xa5, 0xf4, 0x29, 0x4c, 0x23, 0xc8, - 0xcf, 0xf0, 0x4c, 0x64, 0x6b, 0x4e, 0x02, 0x17, 0x69, 0xd6, 0x47, 0x83, - 0x30, 0x43, 0x02, 0x29, 0xda, 0xda, 0x75, 0x3b, 0xd7, 0xa7, 0x2b, 0x31, - 0xb3, 0xe9, 0x71, 0xa4, 0x41, 0xf7, 0x26, 0x9b, 0xcd, 0x23, 0xfa, 0x45, - 0x3c, 0x9b, 0x7d, 0x28, 0xf7, 0xf9, 0x67, 0x04, 0xba, 0xfc, 0x46, 0x75, - 0x11, 0x3c, 0xd5, 0x27, 0x43, 0x53, 0xb1, 0xb6, 0x9e, 0x18, 0xeb, 0x11, - 0xb4, 0x25, 0x20, 0x30, 0x0b, 0xe0, 0x1c, 0x17, 0x36, 0x22, 0x10, 0x0f, - 0x99, 0xb5, 0x50, 0x14, 0x73, 0x07, 0xf0, 0x2f, 0x5d, 0x4c, 0xe3, 0xf2, - 0x86, 0xc2, 0x05, 0xc8, 0x38, 0xed, 0xeb, 0x2a, 0x4a, 0xab, 0x76, 0xe3, - 0x1a, 0x75, 0x44, 0xf7, 0x6e, 0x94, 0xdc, 0x25, 0x62, 0x7e, 0x31, 0xca, - 0xc2, 0x73, 0x51, 0xb5, 0x03, 0xfb, 0xf9, 0xf6, 0xb5, 0x8d, 0x4e, 0x6c, - 0x21, 0x0e, 0xf9, 0x97, 0x26, 0x57, 0xf3, 0x52, 0x72, 0x07, 0xf8, 0xb4, - 0xcd, 0xb4, 0x39, 0xcf, 0xbf, 0x78, 0xcc, 0xb6, 0x87, 0xf9, 0xb7, 0x8b, - 0x6a, 0xce, 0x9f, 0xc8, -}; - -static const uint8_t kThreePrimeKey[] = - "\x30\x82\x04\xd7\x02\x01\x01\x02\x82\x01\x00\x62\x91\xe9\xea\xb3\x5d\x6c" - "\x29\xae\x21\x83\xbb\xb5\x82\xb1\x9e\xea\xe0\x64\x5b\x1e\x2f\x5e\x2c\x0a" - "\x80\x3d\x29\xd4\xfa\x9a\xe7\x44\xe6\x21\xbd\x98\xc0\x3d\xe0\x53\x59\xae" - "\xd3\x3e\xfe\xc4\xc2\xc4\x5a\x5a\x89\x07\xf4\x4f\xdc\xb0\x6a\xd4\x3e\x99" - "\x7d\x7a\x97\x26\x4e\xe1\x93\xca\x6e\xed\x07\xfc\xb4\xfa\x95\x1e\x73\x7b" - "\x86\x08\x6a\xb9\xd4\x29\xb0\x7e\x59\xb7\x9d\x7b\xeb\x67\x6e\xf0\xbb\x5e" - "\xcf\xb9\xcd\x58\x93\xf0\xe7\x88\x17\x6c\x0d\x76\x1e\xb9\x27\x9a\x4d\x02" - "\x16\xb6\x49\x6d\xa7\x83\x23\x4d\x02\x48\x0c\x0c\x1f\x0e\x85\x21\xe3\x06" - "\x76\x0a\x73\xe6\xc1\x21\xfa\x30\x18\x78\x29\x5c\x31\xd0\x29\xae\x6f\x7d" - "\x87\xd8\x2f\x16\xfa\xbc\x67\x8a\x94\x71\x59\x9b\xec\x22\x40\x55\x9f\xc2" - "\x94\xb5\xbd\x78\x01\xc9\xef\x18\xc8\x6d\x0d\xdc\x53\x42\xb2\x5c\xab\x65" - "\x05\xbd\x35\x08\x85\x1b\xf8\xe9\x47\xbc\xfe\xc5\xae\x47\x29\x63\x44\x8e" - "\x4d\xb7\x47\xab\x0d\xd8\x76\x68\x4f\xc7\x07\x02\xe4\x86\xb0\xcf\xd8\x19" - "\xad\xf4\x85\x76\x8b\x3b\x4e\x40\x8d\x29\x7a\x8a\x07\x36\xf3\x78\xae\x17" - "\xa6\x8f\x53\x58\x65\x4c\x86\x9e\xd7\x8b\xec\x38\x4f\x99\xc7\x02\x01\x03" - "\x02\x82\x01\x00\x41\xb6\x9b\xf1\xcc\xe8\xf2\xc6\x74\x16\x57\xd2\x79\x01" - "\xcb\xbf\x47\x40\x42\xe7\x69\x74\xe9\x72\xb1\xaa\xd3\x71\x38\xa7\x11\xef" - "\x83\x44\x16\x7e\x65\xd5\x7e\x95\x8c\xe6\x74\x8c\xd4\xa9\xd8\x81\xd8\x3c" - "\x3c\x5b\x5a\xa2\xdf\xe8\x75\x9c\x8d\x7f\x10\xfe\x51\xba\x19\x89\xeb\xb7" - "\xdc\x49\xf3\x5a\xa8\x78\xa7\x0e\x14\x4c\xfd\x04\x05\x9c\x7b\xe2\xc5\xa3" - "\x04\xee\xd9\x4c\xfd\x7d\x47\xb0\x0d\x9b\x3d\x70\x91\x81\x2c\xab\x2b\x87" - "\xad\x11\x68\x24\xfc\x2b\xd4\xee\x5e\x28\xeb\x6d\xab\xde\x0f\x77\x15\x58" - "\x76\x39\xc9\x59\x3a\x7f\x19\x9d\xc6\x7e\x86\xe4\xd5\x38\x70\x9e\xae\xb9" - "\xfb\x33\x33\xd1\x0c\x2d\xab\x01\x20\xe1\x8b\x29\x99\xd3\xeb\x87\x05\x72" - "\xaa\x43\x58\x64\x8e\x9e\x31\xdb\x45\x9b\x2b\xac\x58\x80\x5d\x33\xa2\x43" - "\x05\x96\xcc\xca\x2d\x04\x5f\xd6\xb7\x3d\x8b\x8f\x2d\xa3\xa5\xf8\x73\xf5" - "\xd7\xc0\x19\xff\x10\xe6\xee\x3a\x26\x2f\xe1\x64\x3d\x11\xcd\x2d\xe4\x0a" - "\x84\x27\xe3\xcb\x16\x62\x19\xe7\xe3\x0d\x13\xe8\x09\x5a\x53\xd0\x20\x56" - "\x15\xf5\xb3\x67\xac\xa1\xb5\x94\x6b\xab\xdc\x71\xc7\xbf\x0a\xde\x76\xf5" - "\x03\xa0\x30\xd8\x27\x9d\x00\x2b\x02\x57\x00\xf1\x4f\xc2\x86\x13\x06\x17" - "\xf7\x69\x7e\x37\xdf\x67\xc5\x32\xa0\x74\x1c\x32\x69\x0f\x9f\x08\x88\x24" - "\xb1\x51\xbc\xbc\x92\xba\x73\x1f\x9c\x75\xc2\x14\x6d\x4f\xc4\x5a\xcf\xda" - "\x44\x35\x00\x6b\x42\x3b\x9f\x14\xf1\x05\xb3\x51\x22\xb6\xbe\x9c\xe0\xc1" - "\x5c\x48\x61\xdf\x4e\x4c\x72\xb8\x05\x35\x7c\xac\xf1\xbb\xa0\x3b\x2a\xea" - "\xf7\x86\xe9\xd2\xff\x1e\x1d\x02\x56\x00\xca\xb1\x39\xf6\xa2\xc6\x3b\x65" - "\x45\x2f\x39\x00\xcd\x6e\xd6\x55\xf7\x71\x37\x89\xc2\xe7\x7a\xc0\x1a\xa6" - "\x2f\xea\x17\x7c\xaa\x2a\x91\x8f\xd4\xc7\x50\x8b\xab\x8e\x99\x3b\x33\x91" - "\xbc\x02\x10\x58\x4b\x58\x40\x9b\xc4\x8f\x48\x2b\xa7\x44\xfd\x07\x04\xf0" - "\x98\x67\x56\xea\x25\x92\x8b\x2e\x4b\x4a\xa1\xd3\xc2\xa4\xb4\x9b\x59\x70" - "\x32\xa6\xd8\x8b\xd9\x02\x57\x00\xa0\xdf\xd7\x04\x0c\xae\xba\xa4\xf0\xfe" - "\xcf\xea\x45\x2e\x21\xc0\x4d\x68\x21\x9b\x5f\xbf\x5b\x05\x6d\xcb\x8b\xd3" - "\x28\x61\xd1\xa2\x15\x12\xf9\x2c\x0d\x9e\x35\x2d\x91\xdf\xe6\xd8\x23\x55" - "\x9c\xd6\xd2\x6a\x0d\xf6\x03\xcc\xe0\xc1\xcf\x29\xbd\xeb\x2b\x92\xda\xeb" - "\xea\x34\x32\xf7\x25\x58\xce\x53\x1d\xf6\x7d\x15\x7c\xc7\x47\x4f\xaf\x46" - "\x8c\xaa\x14\x13\x02\x56\x00\x87\x20\xd1\x4f\x17\x2e\xd2\x43\x83\x74\xd0" - "\xab\x33\x9f\x39\x8e\xa4\xf6\x25\x06\x81\xef\xa7\x2a\xbc\x6e\xca\x9c\x0f" - "\xa8\x71\x71\xb6\x5f\xe3\x2f\x8b\x07\xc7\xb4\x66\x27\x77\xb6\x7d\x56\xb5" - "\x90\x32\x3a\xd5\xbd\x2d\xb4\xda\xc7\xc4\xd8\xa8\xaf\x58\xa0\x65\x9a\x39" - "\xf1\x6e\x61\xb2\x1e\xdc\xdc\x6b\xe2\x81\xc3\x23\x12\x3b\xa0\x21\xc4\x90" - "\x5d\x3b\x02\x57\x00\xe6\x8a\xaa\xb8\x6d\x2c\x81\x43\xb5\xd6\xa0\x2b\x42" - "\x49\xa9\x0a\x51\xfa\x18\xc8\x32\xea\x54\x18\xf3\x60\xc2\xb5\x4a\x43\x05" - "\x93\x9c\x01\xd9\x28\xed\x73\xfa\x82\xbc\x12\x64\xcb\xc4\x24\xa9\x3e\xae" - "\x7c\x4b\x8f\x94\x57\x7b\x14\x10\x41\xdc\x62\x12\x8c\xb2\x4a\x7c\xf6\x53" - "\xd4\xc6\xe4\xda\xd1\xa2\x00\x0e\x3d\x30\xf7\x05\x4f\x1d\x82\xbc\x52\xd9" - "\xb1\x30\x82\x01\x0a\x30\x82\x01\x06\x02\x56\x00\x84\x12\x4f\xf7\x3b\x65" - "\x53\x34\x6c\x6c\x4d\x77\xdf\xfd\x1f\xb6\x16\xe2\x25\x15\xca\xc9\xc1\x41" - "\x9a\x50\xda\xeb\x88\x4f\x3d\xb3\x01\x00\x44\xc4\xac\xe7\x14\x62\xa6\x56" - "\xde\xc5\xb7\xc3\x1d\x07\xbd\x7d\x64\xc5\x7e\x45\x25\x56\xed\x7a\xd2\x14" - "\xdb\x4e\x27\xd4\x1f\xf8\x94\xa7\xef\x07\xce\xdb\x24\xb7\xdd\x71\x5c\x63" - "\xc9\x33\xfe\xde\x40\x52\xeb\x02\x55\x58\x0c\x35\x4f\x7c\xee\x37\x78\x48" - "\x48\x33\xa5\x3f\xfe\x15\x24\x0f\x41\x6e\x0e\x87\x31\x2b\x81\x11\x8b\x3c" - "\x9d\x05\x8a\x29\x22\x00\xaa\xd8\x83\x1d\xef\x62\xec\x6e\xe4\x94\x83\xcf" - "\xd7\x68\xaf\xd3\xa8\xed\xd8\xfe\xd8\xc3\x8f\x48\xfc\x8c\x0d\xe7\x89\x6f" - "\xe2\xbf\xfb\x0d\xc5\x4a\x05\x34\x92\x18\x7a\x93\xa0\xe8\x42\x86\x22\xa9" - "\xe9\x80\x37\x47\x02\x55\x60\x76\xab\xde\x2b\xf5\xa2\x2c\xaa\x0c\x99\x81" - "\xee\x72\x2c\x7d\x22\x59\x2a\x35\xea\x50\x4e\x47\x6b\x92\x2d\x30\xa1\x01" - "\xa5\x9e\x26\x6e\x27\xca\xf5\xf2\x87\x5d\x31\xaf\xe9\x32\xcd\x10\xfd\x4d" - "\xdb\xf9\x86\x05\x12\x1b\x01\x84\x55\x97\x5f\xe2\x78\x27\xd9\xe4\x26\x7d" - "\xab\x0e\xe0\x1b\x6f\xcb\x4b\x14\xdd\xdc\xdc\x8b\xe8\x9f\xd0\x62\x96\xca" - "\xcf"; - -static const uint8_t kThreePrimeEncryptedMessage[] = { - 0x58, 0xd9, 0xea, 0x8a, 0xf6, 0x3d, 0xb4, 0xd9, 0xf7, 0xbb, 0x02, 0xc5, - 0x58, 0xd2, 0xa9, 0x46, 0x80, 0x70, 0x70, 0x16, 0x07, 0x64, 0x32, 0x4c, - 0x4e, 0x92, 0x61, 0xb7, 0xff, 0x92, 0xdc, 0xfc, 0xf8, 0xf0, 0x2c, 0x84, - 0x56, 0xbc, 0xe5, 0x93, 0x76, 0xe5, 0xa3, 0x72, 0x98, 0xf2, 0xdf, 0xef, - 0x99, 0x53, 0xf6, 0xd8, 0x4b, 0x09, 0xac, 0xa9, 0xa3, 0xdb, 0x63, 0xa1, - 0xb5, 0x09, 0x8e, 0x40, 0x84, 0x8f, 0x4d, 0xd5, 0x1d, 0xac, 0x6c, 0xaa, - 0x6b, 0x15, 0xe7, 0xb1, 0x0c, 0x67, 0xd2, 0xb2, 0x81, 0x58, 0x30, 0x0e, - 0x18, 0x27, 0xa1, 0x9b, 0x96, 0xad, 0xae, 0x76, 0x1a, 0x32, 0xf7, 0x10, - 0x0b, 0x53, 0x85, 0x31, 0xd6, 0x2a, 0xf6, 0x1c, 0x9f, 0xc2, 0xc7, 0xb1, - 0x05, 0x63, 0x0b, 0xa5, 0x07, 0x1f, 0x1c, 0x01, 0xf0, 0xe0, 0x06, 0xea, - 0x20, 0x69, 0x41, 0x19, 0x57, 0x92, 0x17, 0xf7, 0x0c, 0x5c, 0x66, 0x75, - 0x0e, 0xe5, 0xb3, 0xf1, 0x67, 0x3b, 0x27, 0x47, 0xb2, 0x8e, 0x1c, 0xb6, - 0x3f, 0xdd, 0x76, 0x42, 0x31, 0x13, 0x68, 0x96, 0xdf, 0x3b, 0xd4, 0x87, - 0xd9, 0x16, 0x44, 0x71, 0x52, 0x2e, 0x54, 0x3e, 0x09, 0xcd, 0x71, 0xc1, - 0x1e, 0x5e, 0x96, 0x13, 0xc9, 0x1e, 0xa4, 0xe6, 0xe6, 0x97, 0x2c, 0x6b, - 0xf2, 0xa9, 0x5c, 0xc6, 0x60, 0x2a, 0xbc, 0x82, 0xf8, 0xcb, 0xd4, 0xd7, - 0xea, 0x8a, 0xa1, 0x8a, 0xd9, 0xa5, 0x14, 0x8b, 0x9e, 0xf9, 0x25, 0x02, - 0xd2, 0xab, 0x0c, 0x42, 0xca, 0x2d, 0x45, 0xa3, 0x56, 0x5e, 0xa2, 0x2a, - 0xc8, 0x60, 0xa5, 0x87, 0x5d, 0x85, 0x5c, 0xde, 0xc7, 0xa2, 0x47, 0xc3, - 0x99, 0x29, 0x23, 0x79, 0x36, 0x88, 0xad, 0x40, 0x3e, 0x27, 0x7d, 0xf0, - 0xb6, 0xfa, 0x95, 0x20, 0x3c, 0xec, 0xfc, 0x56, 0x3b, 0x20, 0x91, 0xee, - 0x98, 0x10, 0x2c, 0x82, -}; - -static const uint8_t kSixPrimeKey[] = - "\x30\x82\x05\x20\x02\x01\x01\x02\x82\x01\x00\x1c\x04\x39\x44\xb9\xb8\x71" - "\x1c\x1c\xf7\xdc\x11\x1b\x85\x3b\x2b\xe8\xa6\xeb\xeb\xe9\xb6\x86\x97\x73" - "\x5d\x75\x46\xd1\x35\x25\xf8\x30\x9a\xc3\x57\x44\x89\xa6\x44\x59\xe3\x3a" - "\x60\xb5\x33\x84\x72\xa4\x03\xc5\x1a\x20\x98\x70\xbd\xe8\x3b\xc1\x9b\x8a" - "\x3a\x24\x45\xb6\x6a\x73\xb4\xd0\x6c\x18\xc6\xa7\x94\xd3\x24\x70\xf0\x2d" - "\x0c\xa5\xb2\x3b\xc5\x33\x90\x9d\x56\x8d\x33\xf6\x93\x7d\xa7\x95\x88\x05" - "\xdf\xf5\x65\x58\xb9\x5b\xd3\x07\x9c\x16\x8e\x74\xfc\xb8\x76\xaf\x62\x99" - "\x6c\xd4\xc5\xb3\x69\xe5\x64\xdf\x38\x00\x25\x24\xe9\xb1\x4a\x85\xa6\xf4" - "\xb6\x23\x68\x67\x4a\x2c\xbd\x9d\x01\x3b\x04\x8c\x70\x94\x82\x76\x45\x0c" - "\x8b\x95\x8a\x07\x1c\x32\xe7\x09\x97\x3a\xfd\xca\x57\xe9\x57\x0c\xae\x2b" - "\xa3\x25\xd1\xf2\x0d\x34\xa1\xe6\x2f\x7b\x1b\x36\x53\x83\x95\xb9\x26\x6e" - "\x4f\x36\x26\xf8\x47\xae\xdf\xe8\x4d\xf6\xb2\xff\x03\x23\x74\xfa\xa5\x6d" - "\xcb\xcb\x80\x12\xc3\x77\xf0\x19\xb7\xf2\x6b\x19\x5c\xde\x0a\xd7\xee\x8c" - "\x48\x2f\x50\x24\xa5\x2e\xcc\x2a\xed\xc2\x35\xe0\x3d\x29\x31\x17\xd6\x8f" - "\x44\xaa\x5b\x33\xbd\xb4\x88\x87\xd9\x29\x3f\x94\xe7\x75\xe3\x02\x01\x03" - "\x02\x82\x01\x00\x12\xad\x7b\x83\x26\x7a\xf6\x12\xbd\xfa\x92\xb6\x12\x58" - "\xd2\x1d\x45\xc4\x9d\x47\xf1\x24\x59\xba\x4c\xe8\xf8\xd9\xe0\xce\x19\x50" - "\x20\x67\x2c\xe4\xd8\x5b\xc4\x2d\x91\x41\xeb\x05\x4f\xf4\xb4\x20\xc7\xbc" - "\xd6\xe2\x5c\xa0\x27\xcf\xb8\xb3\x3b\x5c\xeb\x5e\x96\xb7\x99\x4b\x8a\xc3" - "\x70\xaf\x7f\xd8\x5f\xeb\xcb\x1a\x79\x44\x68\x97\x84\xd8\x29\x87\x64\xba" - "\x18\x2e\x95\x66\x1a\x7d\xd9\x35\x3a\x5c\x92\x7a\x81\x1b\x6c\xa9\xf8\xfa" - "\x05\x23\x18\x5b\xb2\xf8\x77\x1c\xc5\x1b\x7d\x26\x5f\x48\x69\x1b\xc4\x34" - "\xef\x6e\xa1\x15\xd2\xb2\xac\xb8\xa8\xed\x1e\xee\xdc\xb5\xb9\x5c\x79\x25" - "\x48\xbb\xe5\x9d\xd8\xe5\xe2\x94\xdf\xd5\x32\x22\x84\xbf\xc2\xaa\xa4\x54" - "\xbb\x29\xdb\x13\x4a\x28\x3d\x83\x3a\xff\xa3\xae\x38\x08\xfc\x36\x84\x91" - "\x30\xd1\xfd\x82\x64\xf1\x0f\xae\xba\xd7\x9a\x43\x58\x03\x5e\x5f\x01\xcb" - "\x8b\x90\x8d\x77\x34\x6f\x37\x40\xb6\x6d\x22\x23\x90\xb2\xfd\x32\xb5\x96" - "\x45\xbf\xae\x8c\xc4\x62\x03\x6c\x68\x90\x59\x31\x1a\xcb\xfb\xa4\x0b\x94" - "\x15\x13\xda\x1a\x8d\xa7\x0b\x34\x62\x93\xea\xbe\x6e\x71\xc2\x1d\xc8\x9d" - "\xac\x66\xcc\x31\x87\xff\x99\xab\x02\x2c\x00\xa5\x57\x41\x66\x87\x68\x02" - "\x6a\xdf\x97\xb0\xfe\x6b\x34\xc4\x33\x88\x2b\xce\x82\xaf\x2d\x33\x5a\xad" - "\x75\x2d\xac\xa5\xd6\x3a\x2d\x65\x43\x68\xfb\x44\x9e\xb8\x25\x05\xed\x97" - "\x02\x2c\x00\xd2\x77\x34\x24\xac\x60\x9a\xc4\x68\x34\xe5\x6a\xa3\xdc\xe2" - "\xb0\x58\x5c\x35\x83\x5a\xc7\xa7\xc1\x0b\x7e\x9e\xa5\x85\x32\x47\x93\x22" - "\xee\xb6\x59\xe9\xe3\x61\x94\xd0\x0e\xcb\x02\x2b\x6e\x3a\x2b\x99\xaf\x9a" - "\xac\x47\x3f\xba\x75\xfe\xf2\x23\x2d\x77\xb0\x1d\x34\x57\x1f\x73\x77\x91" - "\xc8\xf8\xc9\x1d\xc3\xe4\x26\xc8\xee\x2c\xf0\xa7\x83\x14\x7a\xc3\x59\x49" - "\x0f\x02\x2c\x00\x8c\x4f\x78\x18\x72\xeb\x11\xd8\x45\x78\x98\xf1\xc2\x93" - "\x41\xca\xe5\x92\xce\x57\x91\xda\x6f\xd6\x07\xa9\xbf\x19\x03\x76\xda\x62" - "\x17\x49\xce\xe6\x9b\xec\xeb\xb8\x8a\xb4\x87\x02\x2c\x00\xa3\xc2\x29\xa6" - "\xa7\xe1\x3c\xe9\xcf\x0f\x50\x51\x1c\xcc\xc8\x5b\x08\x9c\x97\x24\x3a\x86" - "\x23\xa8\x0b\xbb\x54\xa6\xb9\x70\x3d\x1d\xd0\x1b\xa3\xac\xd9\xb2\x03\x80" - "\xd7\x67\xec\x30\x82\x02\x29\x30\x81\x88\x02\x2c\x00\x97\x5d\x3b\xf2\xcc" - "\xba\xd9\x77\x67\xaa\xd2\x22\xa7\xa3\x49\x08\xc7\xb8\x27\xa1\x59\x4b\xa7" - "\xa5\xd2\x74\x05\xe7\x5a\x35\xd7\x25\x79\x18\x20\x8a\x25\xec\x3b\x52\xaf" - "\xcb\xdb\x02\x2b\x64\xe8\xd2\xa1\xdd\xd1\xe6\x4f\x9a\x71\xe1\x6c\x6f\xc2" - "\x30\xb0\x85\x25\x6f\xc0\xe6\x32\x6f\xc3\xe1\xa2\xae\x9a\x3c\x23\xe4\xc3" - "\xa6\x10\x15\xb1\x6e\x9d\x7c\xe1\xca\x87\xe7\x02\x2b\x5e\xef\x25\x29\xed" - "\xf6\x52\x15\xd3\x60\xb6\x88\xcf\x0f\xe2\x24\xa4\x04\x97\x9c\x9d\x58\x13" - "\xbb\x00\x6d\x39\xf6\xad\x21\x7e\x56\x2c\x2e\x06\x06\xc4\x6d\x44\xac\x79" - "\x1f\xe5\x30\x81\x89\x02\x2c\x00\xdb\xf1\x78\xf9\xa4\x94\xea\x39\x8a\x3f" - "\x23\x48\x2a\x23\x8f\xd2\x18\x97\xd2\xdf\x0f\xb8\x2b\x33\xa0\xe8\x8f\xbc" - "\x4e\x42\xfd\x54\xc7\x0f\xde\xba\x6d\xba\x96\xa7\xce\x67\x3d\x02\x2c\x00" - "\x92\xa0\xfb\x51\x18\x63\x46\xd1\x06\xd4\xc2\x30\x1c\x17\xb5\x36\xbb\x0f" - "\xe1\xea\x0a\x7a\xc7\x77\xc0\x9b\x0a\x7d\x89\x81\xfe\x38\x84\xb5\x3f\x26" - "\xf3\xd1\xb9\xc5\x34\x44\xd3\x02\x2b\x4c\xbd\x1d\x44\xc8\x19\x23\xd8\xb3" - "\x96\x66\x4b\x62\xcb\x3e\xe6\x6c\x11\xdf\xb2\x92\xd3\xc8\x34\xb9\xa6\x5a" - "\x2f\x19\xf4\x0b\xb2\xe6\x8e\xa6\xaf\xa3\xae\xa4\xb3\x92\xc4\x79\x30\x81" - "\x85\x02\x2b\x00\x89\xab\x30\xfc\x7b\x37\x94\x11\x9f\x4d\x31\x3b\xac\x09" - "\x57\xe6\x64\xec\xa0\xc8\xf8\x04\x1a\xf9\x2a\xa4\x4b\x36\x18\xbb\x5f\xdc" - "\xcd\xf0\xc8\xcb\x97\xd1\xdf\x13\x12\x3f\x02\x2a\x5b\xc7\x75\xfd\xa7\x7a" - "\x62\xb6\x6a\x33\x76\x27\xc8\x06\x3a\x99\x98\x9d\xc0\x85\xfa\xad\x67\x50" - "\xc7\x18\x32\x24\x10\x7c\xea\x93\x33\xf5\xdb\x32\x65\x36\x94\xb7\x61\x7f" - "\x02\x2a\x16\x6c\x96\xa1\x50\x6f\x3a\x92\xc0\x75\x43\xb5\x6b\x9c\x17\x09" - "\xd3\xf0\x67\x69\x45\x92\xfb\x7b\x50\xa8\x42\x9b\x33\x92\xab\xd5\xe6\x49" - "\xb3\x26\x99\x55\x16\x3a\x39\x63\x30\x81\x87\x02\x2b\x00\xc1\x25\x19\x1d" - "\x6e\x18\xcb\x2d\x64\xe2\xe6\xb6\x1c\xe4\xaa\x9c\xb9\xee\x18\xd4\xf7\x5f" - "\x66\x40\xf0\xe1\x31\x38\xf2\x53\x00\x8b\xcc\xe4\x0d\xb7\x81\xb4\xe6\x1c" - "\x19\xaf\x02\x2b\x00\x80\xc3\x66\x13\x9e\xbb\x32\x1e\x43\x41\xef\x24\x13" - "\x43\x1c\x68\x7b\xf4\x10\x8d\xfa\x3f\x99\x80\xa0\x96\x20\xd0\xa1\x8c\xab" - "\x07\xdd\xed\x5e\x7a\x56\x78\x99\x68\x11\x1f\x02\x2b\x00\xb0\x59\xea\x67" - "\x93\x42\xbf\x07\x54\x38\x41\xcb\x73\xa4\x0e\xc2\xae\x56\x19\x41\xc9\x8a" - "\xb2\x2f\xa8\x0a\xb1\x4e\x12\x39\x2e\xc0\x94\x9a\xc6\xa3\xe4\xaf\x8a\x16" - "\x06\xb8"; - -static const uint8_t kSixPrimeEncryptedMessage[] = { - 0x0a, 0xcb, 0x6c, 0x02, 0x9d, 0x1a, 0x7c, 0xf3, 0x4e, 0xff, 0x16, 0x88, - 0xee, 0x22, 0x1d, 0x8d, 0xd2, 0xfd, 0xde, 0x83, 0xb3, 0xd9, 0x35, 0x2c, - 0x82, 0xe0, 0xff, 0xe6, 0x79, 0x6d, 0x06, 0x21, 0x74, 0xa8, 0x04, 0x0c, - 0xe2, 0xd3, 0x98, 0x3f, 0xbf, 0xd0, 0xe9, 0x88, 0x24, 0xe2, 0x05, 0xa4, - 0x45, 0x51, 0x87, 0x6b, 0x1c, 0xef, 0x5f, 0x2d, 0x61, 0xb6, 0xf1, 0x4c, - 0x1f, 0x3d, 0xbf, 0x4b, 0xf2, 0xda, 0x09, 0x97, 0x81, 0xde, 0x91, 0xb7, - 0x0d, 0xb4, 0xc2, 0xab, 0x41, 0x64, 0x9d, 0xd9, 0x39, 0x46, 0x79, 0x66, - 0x43, 0xf1, 0x34, 0x21, 0x56, 0x2f, 0xc6, 0x68, 0x40, 0x4a, 0x2d, 0x73, - 0x96, 0x50, 0xe1, 0xb0, 0xaf, 0x49, 0x39, 0xb4, 0xf0, 0x3a, 0x78, 0x38, - 0x70, 0xa9, 0x91, 0x5d, 0x5e, 0x07, 0xf4, 0xec, 0xbb, 0xc4, 0xe5, 0x8a, - 0xb8, 0x06, 0xba, 0xdf, 0xc6, 0x48, 0x78, 0x4b, 0xca, 0x2a, 0x8a, 0x92, - 0x64, 0xe3, 0xa6, 0xae, 0x87, 0x97, 0x12, 0x16, 0x46, 0x67, 0x59, 0xdf, - 0xf2, 0xf3, 0x89, 0x6f, 0xe8, 0xa9, 0x13, 0x57, 0x63, 0x4e, 0x07, 0x98, - 0xcc, 0x73, 0xa0, 0x84, 0x9d, 0xe8, 0xb3, 0x50, 0x59, 0xb5, 0x51, 0xb3, - 0x41, 0x7d, 0x55, 0xfe, 0xd9, 0xf0, 0xc6, 0xff, 0x6e, 0x96, 0x4f, 0x22, - 0xb2, 0x0d, 0x6b, 0xc9, 0x83, 0x2d, 0x98, 0x98, 0xb2, 0xd1, 0xb7, 0xe4, - 0x50, 0x83, 0x1a, 0xa9, 0x02, 0x9f, 0xaf, 0x54, 0x74, 0x2a, 0x2c, 0x63, - 0x10, 0x79, 0x45, 0x5c, 0x95, 0x0d, 0xa1, 0x9b, 0x55, 0xf3, 0x1e, 0xb7, - 0x56, 0x59, 0xf1, 0x59, 0x8d, 0xd6, 0x15, 0x89, 0xf6, 0xfe, 0xc0, 0x00, - 0xdd, 0x1f, 0x2b, 0xf0, 0xf7, 0x5d, 0x64, 0x84, 0x76, 0xd3, 0xc2, 0x92, - 0x35, 0xac, 0xb5, 0xf9, 0xf6, 0xa8, 0x05, 0x89, 0x4c, 0x95, 0x41, 0x4e, - 0x34, 0x25, 0x11, 0x14, -}; - -// kEstonianRSAKey is an RSAPublicKey encoded with a negative modulus. See -// https://crbug.com/532048. -static const uint8_t kEstonianRSAKey[] = { - 0x30, 0x82, 0x01, 0x09, 0x02, 0x82, 0x01, 0x00, 0x96, 0xa6, 0x2e, 0x9c, - 0x4e, 0x6a, 0xc3, 0xcc, 0xcd, 0x8f, 0x70, 0xc3, 0x55, 0xbf, 0x5e, 0x9c, - 0xd4, 0xf3, 0x17, 0xc3, 0x97, 0x70, 0xae, 0xdf, 0x12, 0x5c, 0x15, 0x80, - 0x03, 0xef, 0x2b, 0x18, 0x9d, 0x6a, 0xcb, 0x52, 0x22, 0xc1, 0x81, 0xb8, - 0x7e, 0x61, 0xe8, 0x0f, 0x79, 0x24, 0x0f, 0x82, 0x70, 0x24, 0x4e, 0x29, - 0x20, 0x05, 0x54, 0xeb, 0xd4, 0xa9, 0x65, 0x59, 0xb6, 0x3c, 0x75, 0x95, - 0x2f, 0x4c, 0xf6, 0x9d, 0xd1, 0xaf, 0x5f, 0x14, 0x14, 0xe7, 0x25, 0xea, - 0xa5, 0x47, 0x5d, 0xc6, 0x3e, 0x28, 0x8d, 0xdc, 0x54, 0x87, 0x2a, 0x7c, - 0x10, 0xe9, 0xc6, 0x76, 0x2d, 0xe7, 0x79, 0xd8, 0x0e, 0xbb, 0xa9, 0xac, - 0xb5, 0x18, 0x98, 0xd6, 0x47, 0x6e, 0x06, 0x70, 0xbf, 0x9e, 0x82, 0x25, - 0x95, 0x4e, 0xfd, 0x70, 0xd7, 0x73, 0x45, 0x2e, 0xc1, 0x1f, 0x7a, 0x9a, - 0x9d, 0x60, 0xc0, 0x1f, 0x67, 0x06, 0x2a, 0x4e, 0x87, 0x3f, 0x19, 0x88, - 0x69, 0x64, 0x4d, 0x9f, 0x75, 0xf5, 0xd3, 0x1a, 0x41, 0x3d, 0x35, 0x17, - 0xb6, 0xd1, 0x44, 0x0d, 0x25, 0x8b, 0xe7, 0x94, 0x39, 0xb0, 0x7c, 0xaf, - 0x3e, 0x6a, 0xfa, 0x8d, 0x90, 0x21, 0x0f, 0x8a, 0x43, 0x94, 0x37, 0x7c, - 0x2a, 0x15, 0x4c, 0xa0, 0xfa, 0xa9, 0x2f, 0x21, 0xa6, 0x6f, 0x8e, 0x2f, - 0x89, 0xbc, 0xbb, 0x33, 0xf8, 0x31, 0xfc, 0xdf, 0xcd, 0x68, 0x9a, 0xbc, - 0x75, 0x06, 0x95, 0xf1, 0x3d, 0xef, 0xca, 0x76, 0x27, 0xd2, 0xba, 0x8e, - 0x0e, 0x1c, 0x43, 0xd7, 0x70, 0xb9, 0xc6, 0x15, 0xca, 0xd5, 0x4d, 0x87, - 0xb9, 0xd1, 0xae, 0xde, 0x69, 0x73, 0x00, 0x2a, 0x97, 0x51, 0x4b, 0x30, - 0x01, 0xc2, 0x85, 0xd0, 0x05, 0xcc, 0x2e, 0xe8, 0xc7, 0x42, 0xe7, 0x94, - 0x51, 0xe3, 0xf5, 0x19, 0x35, 0xdc, 0x57, 0x96, 0xe7, 0xd9, 0xb4, 0x49, - 0x02, 0x03, 0x01, 0x00, 0x01, -}; - -static bool TestRSA(const uint8_t *der, size_t der_len, - const uint8_t *oaep_ciphertext, - size_t oaep_ciphertext_len) { - ScopedRSA key(d2i_RSAPrivateKey(nullptr, &der, der_len)); - if (!key) { - return false; - } - - if (!RSA_check_key(key.get())) { - fprintf(stderr, "RSA_check_key failed\n"); - return false; - } - - uint8_t ciphertext[256]; - - int num = RSA_public_encrypt(kPlaintextLen, kPlaintext, ciphertext, key.get(), - RSA_PKCS1_PADDING); - if (num < 0 || (size_t)num != RSA_size(key.get())) { - fprintf(stderr, "PKCS#1 v1.5 encryption failed!\n"); - return false; - } - - uint8_t plaintext[256]; - num = RSA_private_decrypt(num, ciphertext, plaintext, key.get(), - RSA_PKCS1_PADDING); - if (num < 0 || - (size_t)num != kPlaintextLen || memcmp(plaintext, kPlaintext, num) != 0) { - fprintf(stderr, "PKCS#1 v1.5 decryption failed!\n"); - return false; - } - - num = RSA_public_encrypt(kPlaintextLen, kPlaintext, ciphertext, key.get(), - RSA_PKCS1_OAEP_PADDING); - if (num < 0 || (size_t)num != RSA_size(key.get())) { - fprintf(stderr, "OAEP encryption failed!\n"); - return false; - } - - num = RSA_private_decrypt(num, ciphertext, plaintext, key.get(), - RSA_PKCS1_OAEP_PADDING); - if (num < 0 || - (size_t)num != kPlaintextLen || memcmp(plaintext, kPlaintext, num) != 0) { - fprintf(stderr, "OAEP decryption (encrypted data) failed!\n"); - return false; - } - - // |oaep_ciphertext| should decrypt to |kPlaintext|. - num = RSA_private_decrypt(oaep_ciphertext_len, oaep_ciphertext, plaintext, - key.get(), RSA_PKCS1_OAEP_PADDING); - - if (num < 0 || - (size_t)num != kPlaintextLen || memcmp(plaintext, kPlaintext, num) != 0) { - fprintf(stderr, "OAEP decryption (test vector data) failed!\n"); - return false; - } - - // Try decrypting corrupted ciphertexts. - memcpy(ciphertext, oaep_ciphertext, oaep_ciphertext_len); - for (size_t i = 0; i < oaep_ciphertext_len; i++) { - uint8_t saved = ciphertext[i]; - for (unsigned b = 0; b < 256; b++) { - if (b == saved) { - continue; - } - ciphertext[i] = b; - num = RSA_private_decrypt(num, ciphertext, plaintext, key.get(), - RSA_PKCS1_OAEP_PADDING); - if (num > 0) { - fprintf(stderr, "Corrupt data decrypted!\n"); - return false; - } - } - ciphertext[i] = saved; - } - - return true; -} - -static bool TestMultiPrimeKey(int nprimes, const uint8_t *der, size_t der_size, - const uint8_t *enc, size_t enc_size) { - ScopedRSA rsa(d2i_RSAPrivateKey(nullptr, &der, der_size)); - if (!rsa) { - fprintf(stderr, "%d-prime key failed to parse.\n", nprimes); - ERR_print_errors_fp(stderr); - return false; - } - - if (!RSA_check_key(rsa.get())) { - fprintf(stderr, "RSA_check_key failed for %d-prime key.\n", nprimes); - ERR_print_errors_fp(stderr); - return false; - } - - uint8_t out[256]; - size_t out_len; - if (!RSA_decrypt(rsa.get(), &out_len, out, sizeof(out), enc, enc_size, - RSA_PKCS1_PADDING) || - out_len != 11 || - memcmp(out, "hello world", 11) != 0) { - fprintf(stderr, "%d-prime key failed to decrypt.\n", nprimes); - ERR_print_errors_fp(stderr); - return false; - } - - return true; -} - -static bool TestMultiPrimeKeygen() { - static const char kMessage[] = "Hello world."; - static const size_t kBits = 1024; - uint8_t encrypted[kBits / 8], decrypted[kBits / 8]; - size_t encrypted_len, decrypted_len; - - ScopedRSA rsa(RSA_new()); - ScopedBIGNUM e(BN_new()); - if (!rsa || !e || - !BN_set_word(e.get(), RSA_F4) || - !RSA_generate_multi_prime_key(rsa.get(), kBits, 3, e.get(), nullptr) || - !RSA_check_key(rsa.get()) || - !RSA_encrypt(rsa.get(), &encrypted_len, encrypted, sizeof(encrypted), - (const uint8_t *)kMessage, sizeof(kMessage), - RSA_PKCS1_PADDING) || - !RSA_decrypt(rsa.get(), &decrypted_len, decrypted, sizeof(decrypted), - encrypted, encrypted_len, RSA_PKCS1_PADDING) || - decrypted_len != sizeof(kMessage) || - memcmp(decrypted, kMessage, sizeof(kMessage)) != 0) { - ERR_print_errors_fp(stderr); - return false; - } - - return true; -} - -static bool TestBadKey() { - ScopedRSA key(RSA_new()); - ScopedBIGNUM e(BN_new()); - - if (!key || !e || !BN_set_word(e.get(), RSA_F4)) { - return false; - } - - if (!RSA_generate_key_ex(key.get(), 512, e.get(), nullptr)) { - fprintf(stderr, "RSA_generate_key_ex failed.\n"); - ERR_print_errors_fp(stderr); - return false; - } - - if (!BN_add(key->p, key->p, BN_value_one())) { - fprintf(stderr, "BN error.\n"); - ERR_print_errors_fp(stderr); - return false; - } - - if (RSA_check_key(key.get())) { - fprintf(stderr, "RSA_check_key passed with invalid key!\n"); - return false; - } - - ERR_clear_error(); - return true; -} - -static bool TestOnlyDGiven() { - uint8_t buf[64]; - unsigned buf_len = sizeof(buf); - ScopedRSA key(RSA_new()); - if (!key || - !BN_hex2bn(&key->n, - "00e77bbf3889d4ef36a9a25d4d69f3f632eb4362214c74517da6d6aeaa9bd" - "09ac42b26621cd88f3a6eb013772fc3bf9f83914b6467231c630202c35b3e" - "5808c659") || - !BN_hex2bn(&key->e, "010001") || - !BN_hex2bn(&key->d, - "0365db9eb6d73b53b015c40cd8db4de7dd7035c68b5ac1bf786d7a4ee2cea" - "316eaeca21a73ac365e58713195f2ae9849348525ca855386b6d028e437a9" - "495a01") || - RSA_size(key.get()) > sizeof(buf)) { - return false; - } - - if (!RSA_check_key(key.get())) { - fprintf(stderr, "RSA_check_key failed with only d given.\n"); - ERR_print_errors_fp(stderr); - return false; - } - - const uint8_t kDummyHash[16] = {0}; - - if (!RSA_sign(NID_sha256, kDummyHash, sizeof(kDummyHash), buf, &buf_len, - key.get())) { - fprintf(stderr, "RSA_sign failed with only d given.\n"); - ERR_print_errors_fp(stderr); - return false; - } - - if (!RSA_verify(NID_sha256, kDummyHash, sizeof(kDummyHash), buf, buf_len, - key.get())) { - fprintf(stderr, "RSA_verify failed with only d given.\n"); - ERR_print_errors_fp(stderr); - return false; - } - - return true; -} - -static bool TestRecoverCRTParams() { - ScopedBIGNUM e(BN_new()); - if (!e || !BN_set_word(e.get(), RSA_F4)) { - return false; - } - - ERR_clear_error(); - - for (unsigned i = 0; i < 1; i++) { - ScopedRSA key1(RSA_new()); - if (!key1 || - !RSA_generate_key_ex(key1.get(), 512, e.get(), nullptr)) { - fprintf(stderr, "RSA_generate_key_ex failed.\n"); - ERR_print_errors_fp(stderr); - return false; - } - - if (!RSA_check_key(key1.get())) { - fprintf(stderr, "RSA_check_key failed with original key.\n"); - ERR_print_errors_fp(stderr); - return false; - } - - ScopedRSA key2(RSA_new()); - if (!key2) { - return false; - } - key2->n = BN_dup(key1->n); - key2->e = BN_dup(key1->e); - key2->d = BN_dup(key1->d); - if (key2->n == nullptr || key2->e == nullptr || key2->d == nullptr) { - return false; - } - - if (!RSA_recover_crt_params(key2.get())) { - fprintf(stderr, "RSA_recover_crt_params failed.\n"); - ERR_print_errors_fp(stderr); - return false; - } - - uint8_t buf[128]; - unsigned buf_len = sizeof(buf); - if (RSA_size(key2.get()) > buf_len) { - return false; - } - - if (!RSA_check_key(key2.get())) { - fprintf(stderr, "RSA_check_key failed with recovered key.\n"); - ERR_print_errors_fp(stderr); - return false; - } - - const uint8_t kDummyHash[16] = {0}; - if (!RSA_sign(NID_sha256, kDummyHash, sizeof(kDummyHash), buf, &buf_len, - key2.get())) { - fprintf(stderr, "RSA_sign failed with recovered key.\n"); - ERR_print_errors_fp(stderr); - return false; - } - - if (!RSA_verify(NID_sha256, kDummyHash, sizeof(kDummyHash), buf, buf_len, - key2.get())) { - fprintf(stderr, "RSA_verify failed with recovered key.\n"); - ERR_print_errors_fp(stderr); - return false; - } - } - - return true; -} - -static bool TestASN1() { - // Test that private keys may be decoded. - ScopedRSA rsa(RSA_private_key_from_bytes(kKey1, sizeof(kKey1) - 1)); - if (!rsa) { - return false; - } - - // Test that the serialization round-trips. - uint8_t *der; - size_t der_len; - if (!RSA_private_key_to_bytes(&der, &der_len, rsa.get())) { - return false; - } - ScopedOpenSSLBytes delete_der(der); - if (der_len != sizeof(kKey1) - 1 || memcmp(der, kKey1, der_len) != 0) { - return false; - } - - // Test that serializing public keys works. - if (!RSA_public_key_to_bytes(&der, &der_len, rsa.get())) { - return false; - } - delete_der.reset(der); - - // Public keys may be parsed back out. - rsa.reset(RSA_public_key_from_bytes(der, der_len)); - if (!rsa || rsa->p != NULL || rsa->q != NULL) { - return false; - } - - // Serializing the result round-trips. - uint8_t *der2; - size_t der2_len; - if (!RSA_public_key_to_bytes(&der2, &der2_len, rsa.get())) { - return false; - } - ScopedOpenSSLBytes delete_der2(der2); - if (der_len != der2_len || memcmp(der, der2, der_len) != 0) { - return false; - } - - // Public keys cannot be serialized as private keys. - if (RSA_private_key_to_bytes(&der, &der_len, rsa.get())) { - OPENSSL_free(der); - return false; - } - ERR_clear_error(); - - // Public keys with negative moduli are invalid. - rsa.reset(RSA_public_key_from_bytes(kEstonianRSAKey, - sizeof(kEstonianRSAKey))); - if (rsa) { - return false; - } - ERR_clear_error(); - - // But |RSA_parse_public_key_buggy| will accept it. - CBS cbs; - CBS_init(&cbs, kEstonianRSAKey, sizeof(kEstonianRSAKey)); - rsa.reset(RSA_parse_public_key_buggy(&cbs)); - if (!rsa || CBS_len(&cbs) != 0) { - return false; - } - - return true; -} - -int main(int argc, char *argv[]) { - CRYPTO_library_init(); - - if (!TestRSA(kKey1, sizeof(kKey1) - 1, kOAEPCiphertext1, - sizeof(kOAEPCiphertext1) - 1) || - !TestRSA(kKey2, sizeof(kKey2) - 1, kOAEPCiphertext2, - sizeof(kOAEPCiphertext2) - 1) || - !TestRSA(kKey3, sizeof(kKey3) - 1, kOAEPCiphertext3, - sizeof(kOAEPCiphertext3) - 1) || - !TestOnlyDGiven() || - !TestRecoverCRTParams() || - !TestBadKey() || - !TestMultiPrimeKey(2, kTwoPrimeKey, sizeof(kTwoPrimeKey) - 1, - kTwoPrimeEncryptedMessage, - sizeof(kTwoPrimeEncryptedMessage)) || - !TestMultiPrimeKey(3, kThreePrimeKey, sizeof(kThreePrimeKey) - 1, - kThreePrimeEncryptedMessage, - sizeof(kThreePrimeEncryptedMessage)) || - !TestMultiPrimeKey(6, kSixPrimeKey, sizeof(kSixPrimeKey) - 1, - kSixPrimeEncryptedMessage, - sizeof(kSixPrimeEncryptedMessage)) || - !TestMultiPrimeKeygen() || - !TestASN1()) { - return 1; - } - - printf("PASS\n"); - return 0; -} diff --git a/src/crypto/sha/CMakeLists.txt b/src/crypto/sha/CMakeLists.txt index ecff09b..5a10c85 100644 --- a/src/crypto/sha/CMakeLists.txt +++ b/src/crypto/sha/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) if (${ARCH} STREQUAL "x86_64") set( diff --git a/src/crypto/sha/asm/sha1-586.pl b/src/crypto/sha/asm/sha1-586.pl index e0b5d83..4895eb3 100644 --- a/src/crypto/sha/asm/sha1-586.pl +++ b/src/crypto/sha/asm/sha1-586.pl @@ -66,9 +66,9 @@ # switch to AVX alone improves performance by as little as 4% in # comparison to SSSE3 code path. But below result doesn't look like # 4% improvement... Trouble is that Sandy Bridge decodes 'ro[rl]' as -# pair of µ-ops, and it's the additional µ-ops, two per round, that +# pair of µ-ops, and it's the additional µ-ops, two per round, that # make it run slower than Core2 and Westmere. But 'sh[rl]d' is decoded -# as single µ-op by Sandy Bridge and it's replacing 'ro[rl]' with +# as single µ-op by Sandy Bridge and it's replacing 'ro[rl]' with # equivalent 'sh[rl]d' that is responsible for the impressive 5.1 # cycles per processed byte. But 'sh[rl]d' is not something that used # to be fast, nor does it appear to be fast in upcoming Bulldozer diff --git a/src/crypto/sha/asm/sha1-armv4-large.pl b/src/crypto/sha/asm/sha1-armv4-large.pl index 64e2ed6..a20d336 100644 --- a/src/crypto/sha/asm/sha1-armv4-large.pl +++ b/src/crypto/sha/asm/sha1-armv4-large.pl @@ -178,7 +178,7 @@ ___ } $code=<<___; -#include +#include "arm_arch.h" .text .code 32 diff --git a/src/crypto/sha/asm/sha1-armv8.pl b/src/crypto/sha/asm/sha1-armv8.pl index 1c4fe4a..a8c08c2 100644 --- a/src/crypto/sha/asm/sha1-armv8.pl +++ b/src/crypto/sha/asm/sha1-armv8.pl @@ -162,7 +162,7 @@ ___ } $code.=<<___; -#include +#include "arm_arch.h" .text diff --git a/src/crypto/sha/asm/sha256-586.pl b/src/crypto/sha/asm/sha256-586.pl index e907714..6462e45 100644 --- a/src/crypto/sha/asm/sha256-586.pl +++ b/src/crypto/sha/asm/sha256-586.pl @@ -10,7 +10,7 @@ # SHA256 block transform for x86. September 2007. # # Performance improvement over compiler generated code varies from -# 10% to 40% [see below]. Not very impressive on some µ-archs, but +# 10% to 40% [see below]. Not very impressive on some µ-archs, but # it's 5 times smaller and optimizies amount of writes. # # May 2012. diff --git a/src/crypto/sha/asm/sha256-armv4.pl b/src/crypto/sha/asm/sha256-armv4.pl index 7e07147..df71676 100644 --- a/src/crypto/sha/asm/sha256-armv4.pl +++ b/src/crypto/sha/asm/sha256-armv4.pl @@ -168,7 +168,7 @@ ___ $code=<<___; #ifndef __KERNEL__ -# include +# include "arm_arch.h" #else # define __ARM_ARCH__ __LINUX_ARM_ARCH__ # define __ARM_MAX_ARCH__ 7 diff --git a/src/crypto/sha/asm/sha512-586.pl b/src/crypto/sha/asm/sha512-586.pl index 2f6a202..e96ec00 100644 --- a/src/crypto/sha/asm/sha512-586.pl +++ b/src/crypto/sha/asm/sha512-586.pl @@ -37,7 +37,7 @@ # # IALU code-path is optimized for elder Pentiums. On vanilla Pentium # performance improvement over compiler generated code reaches ~60%, -# while on PIII - ~35%. On newer µ-archs improvement varies from 15% +# while on PIII - ~35%. On newer µ-archs improvement varies from 15% # to 50%, but it's less important as they are expected to execute SSE2 # code-path, which is commonly ~2-3x faster [than compiler generated # code]. SSE2 code-path is as fast as original sha512-sse2.pl, even diff --git a/src/crypto/sha/asm/sha512-armv4.pl b/src/crypto/sha/asm/sha512-armv4.pl index cd3662a..2964a39 100644 --- a/src/crypto/sha/asm/sha512-armv4.pl +++ b/src/crypto/sha/asm/sha512-armv4.pl @@ -191,7 +191,7 @@ ___ } $code=<<___; #ifndef __KERNEL__ -# include +# include "arm_arch.h" # define VFP_ABI_PUSH vstmdb sp!,{d8-d15} # define VFP_ABI_POP vldmia sp!,{d8-d15} #else diff --git a/src/crypto/sha/asm/sha512-armv8.pl b/src/crypto/sha/asm/sha512-armv8.pl index 40eb17a..43e7293 100644 --- a/src/crypto/sha/asm/sha512-armv8.pl +++ b/src/crypto/sha/asm/sha512-armv8.pl @@ -164,7 +164,7 @@ ___ } $code.=<<___; -#include +#include "arm_arch.h" .text diff --git a/src/crypto/stack/CMakeLists.txt b/src/crypto/stack/CMakeLists.txt index dcd8ef4..bdb0599 100644 --- a/src/crypto/stack/CMakeLists.txt +++ b/src/crypto/stack/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( stack diff --git a/src/crypto/test/CMakeLists.txt b/src/crypto/test/CMakeLists.txt index 8c75314..84a6174 100644 --- a/src/crypto/test/CMakeLists.txt +++ b/src/crypto/test/CMakeLists.txt @@ -5,5 +5,4 @@ add_library( file_test.cc malloc.cc - test_util.cc ) diff --git a/src/crypto/test/file_test.cc b/src/crypto/test/file_test.cc index 6723350..8df6f9a 100644 --- a/src/crypto/test/file_test.cc +++ b/src/crypto/test/file_test.cc @@ -128,7 +128,6 @@ FileTest::ReadResult FileTest::ReadNext() { const char *delimiter = FindDelimiter(buf); if (delimiter == nullptr) { fprintf(stderr, "Line %u: Could not parse attribute.\n", line_); - return kReadError; } std::string key = StripSpace(buf, delimiter - buf); std::string value = StripSpace(delimiter + 1, diff --git a/src/crypto/test/file_test.h b/src/crypto/test/file_test.h index 24651ab..7303d8a 100644 --- a/src/crypto/test/file_test.h +++ b/src/crypto/test/file_test.h @@ -18,19 +18,11 @@ #include #include -#if defined(_MSC_VER) -#pragma warning(push) -#pragma warning(disable: 4702) -#endif - #include #include #include #include -#if defined(_MSC_VER) -#pragma warning(pop) -#endif // File-based test framework. // diff --git a/src/crypto/test/malloc.cc b/src/crypto/test/malloc.cc index 898f2a7..9ffdf01 100644 --- a/src/crypto/test/malloc.cc +++ b/src/crypto/test/malloc.cc @@ -34,8 +34,6 @@ #if defined(__linux__) && defined(OPENSSL_GLIBC) && !defined(OPENSSL_ARM) && \ !defined(OPENSSL_AARCH64) && !defined(OPENSSL_ASAN) -#include -#include #include #include #include @@ -47,14 +45,14 @@ /* This file defines overrides for the standard allocation functions that allow * a given allocation to be made to fail for testing. If the program is run * with MALLOC_NUMBER_TO_FAIL set to a base-10 number then that allocation will - * return NULL. If MALLOC_BREAK_ON_FAIL is also defined then the allocation - * will signal SIGTRAP rather than return NULL. + * return NULL. If MALLOC_ABORT_ON_FAIL is also defined then the allocation + * will abort() rather than return NULL. * * This code is not thread safe. */ static uint64_t current_malloc_count = 0; static uint64_t malloc_number_to_fail = 0; -static char failure_enabled = 0, break_on_fail = 0; +static char failure_enabled = 0, abort_on_fail = 0; static int in_call = 0; extern "C" { @@ -97,7 +95,7 @@ static int should_fail_allocation() { std::set_new_handler(cpp_new_handler); } } - break_on_fail = (NULL != getenv("MALLOC_BREAK_ON_FAIL")); + abort_on_fail = (NULL != getenv("MALLOC_ABORT_ON_FAIL")); init = 1; } @@ -110,8 +108,8 @@ static int should_fail_allocation() { should_fail = (current_malloc_count == malloc_number_to_fail); current_malloc_count++; - if (should_fail && break_on_fail) { - raise(SIGTRAP); + if (should_fail && abort_on_fail) { + abort(); } return should_fail; } @@ -120,7 +118,6 @@ extern "C" { void *malloc(size_t size) { if (should_fail_allocation()) { - errno = ENOMEM; return NULL; } @@ -129,7 +126,6 @@ void *malloc(size_t size) { void *calloc(size_t num_elems, size_t size) { if (should_fail_allocation()) { - errno = ENOMEM; return NULL; } @@ -138,7 +134,6 @@ void *calloc(size_t num_elems, size_t size) { void *realloc(void *ptr, size_t size) { if (should_fail_allocation()) { - errno = ENOMEM; return NULL; } diff --git a/src/crypto/test/scoped_types.h b/src/crypto/test/scoped_types.h index e44c6ed..c5c8cfe 100644 --- a/src/crypto/test/scoped_types.h +++ b/src/crypto/test/scoped_types.h @@ -18,7 +18,6 @@ #include #include -#include #include #include #include @@ -113,13 +112,9 @@ using ScopedPKCS12 = ScopedOpenSSLType; using ScopedRSA = ScopedOpenSSLType; using ScopedX509 = ScopedOpenSSLType; using ScopedX509_ALGOR = ScopedOpenSSLType; -using ScopedX509_SIG = ScopedOpenSSLType; using ScopedX509Stack = ScopedOpenSSLStack; -using ScopedEVP_AEAD_CTX = ScopedOpenSSLContext; using ScopedEVP_CIPHER_CTX = ScopedOpenSSLContext; diff --git a/src/crypto/test/test_util.cc b/src/crypto/test/test_util.cc deleted file mode 100644 index 8021aaa..0000000 --- a/src/crypto/test/test_util.cc +++ /dev/null @@ -1,30 +0,0 @@ -/* Copyright (c) 2015, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -#include -#include - -#include "test_util.h" - - -void hexdump(FILE *fp, const char *msg, const void *in, size_t len) { - const uint8_t *data = reinterpret_cast(in); - size_t i; - - fputs(msg, fp); - for (i = 0; i < len; i++) { - fprintf(fp, "%02x", data[i]); - } - fputs("\n", fp); -} diff --git a/src/crypto/test/test_util.h b/src/crypto/test/test_util.h deleted file mode 100644 index 972e206..0000000 --- a/src/crypto/test/test_util.h +++ /dev/null @@ -1,35 +0,0 @@ -/* Copyright (c) 2015, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -#ifndef OPENSSL_HEADER_CRYPTO_TEST_TEST_UTIL_H -#define OPENSSL_HEADER_CRYPTO_TEST_TEST_UTIL_H - -#include -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* hexdump writes |msg| to |fp| followed by the hex encoding of |len| bytes - * from |in|. */ -void hexdump(FILE *fp, const char *msg, const void *in, size_t len); - - -#if defined(__cplusplus) -} -#endif - -#endif /* OPENSSL_HEADER_CRYPTO_TEST_TEST_UTIL_H */ diff --git a/src/crypto/x509/CMakeLists.txt b/src/crypto/x509/CMakeLists.txt index 258c263..3bb5704 100644 --- a/src/crypto/x509/CMakeLists.txt +++ b/src/crypto/x509/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( x509 @@ -15,7 +15,6 @@ add_library( i2d_pr.c pkcs7.c t_crl.c - t_req.c t_x509.c t_x509a.c x509.c diff --git a/src/crypto/x509/a_digest.c b/src/crypto/x509/a_digest.c index 430e2e6..6060bbd 100644 --- a/src/crypto/x509/a_digest.c +++ b/src/crypto/x509/a_digest.c @@ -71,7 +71,7 @@ int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data, i=i2d(data,NULL); if ((str=(unsigned char *)OPENSSL_malloc(i)) == NULL) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ASN1_digest, ERR_R_MALLOC_FAILURE); return(0); } p=str; diff --git a/src/crypto/x509/a_sign.c b/src/crypto/x509/a_sign.c index 4e9be8a..f219c23 100644 --- a/src/crypto/x509/a_sign.c +++ b/src/crypto/x509/a_sign.c @@ -106,7 +106,7 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, if ((buf_in == NULL) || (buf_out == NULL)) { outl=0; - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ASN1_item_sign_ctx, ERR_R_MALLOC_FAILURE); goto err; } @@ -114,7 +114,7 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, || !EVP_DigestSignFinal(ctx, buf_out, &outl)) { outl=0; - OPENSSL_PUT_ERROR(X509, ERR_R_EVP_LIB); + OPENSSL_PUT_ERROR(X509, ASN1_item_sign_ctx, ERR_R_EVP_LIB); goto err; } if (signature->data != NULL) OPENSSL_free(signature->data); diff --git a/src/crypto/x509/a_verify.c b/src/crypto/x509/a_verify.c index 572a139..72e0a62 100644 --- a/src/crypto/x509/a_verify.c +++ b/src/crypto/x509/a_verify.c @@ -80,13 +80,13 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, if (!pkey) { - OPENSSL_PUT_ERROR(X509, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(X509, ASN1_item_verify, ERR_R_PASSED_NULL_PARAMETER); return 0; } if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7) { - OPENSSL_PUT_ERROR(X509, X509_R_INVALID_BIT_STRING_BITS_LEFT); + OPENSSL_PUT_ERROR(X509, ASN1_item_verify, X509_R_INVALID_BIT_STRING_BITS_LEFT); return 0; } @@ -101,7 +101,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, if (buf_in == NULL) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ASN1_item_verify, ERR_R_MALLOC_FAILURE); goto err; } @@ -109,7 +109,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, { OPENSSL_cleanse(buf_in,(unsigned int)inl); OPENSSL_free(buf_in); - OPENSSL_PUT_ERROR(X509, ERR_R_EVP_LIB); + OPENSSL_PUT_ERROR(X509, ASN1_item_verify, ERR_R_EVP_LIB); goto err; } @@ -119,7 +119,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, if (EVP_DigestVerifyFinal(&ctx,signature->data, (size_t)signature->length) <= 0) { - OPENSSL_PUT_ERROR(X509, ERR_R_EVP_LIB); + OPENSSL_PUT_ERROR(X509, ASN1_item_verify, ERR_R_EVP_LIB); goto err; } /* we don't need to zero the 'ctx' because we just checked diff --git a/src/crypto/x509/asn1_gen.c b/src/crypto/x509/asn1_gen.c index 850a816..d4d1ee6 100644 --- a/src/crypto/x509/asn1_gen.c +++ b/src/crypto/x509/asn1_gen.c @@ -171,7 +171,7 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf) { if (!cnf) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG); + OPENSSL_PUT_ERROR(ASN1, ASN1_generate_v3, ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG); return NULL; } ret = asn1_multi(asn1_tags.utype, asn1_tags.str, cnf); @@ -314,7 +314,7 @@ static int asn1_cb(const char *elem, int len, void *bitstr) if (utype == -1) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNKNOWN_TAG); + OPENSSL_PUT_ERROR(ASN1, asn1_cb, ASN1_R_UNKNOWN_TAG); ERR_add_error_data(2, "tag=", elem); return -1; } @@ -327,7 +327,7 @@ static int asn1_cb(const char *elem, int len, void *bitstr) /* If no value and not end of string, error */ if (!vstart && elem[len]) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_VALUE); + OPENSSL_PUT_ERROR(ASN1, asn1_cb, ASN1_R_MISSING_VALUE); return -1; } return 0; @@ -340,7 +340,7 @@ static int asn1_cb(const char *elem, int len, void *bitstr) /* Check for illegal multiple IMPLICIT tagging */ if (arg->imp_tag != -1) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_NESTED_TAGGING); + OPENSSL_PUT_ERROR(ASN1, asn1_cb, ASN1_R_ILLEGAL_NESTED_TAGGING); return -1; } if (!parse_tagging(vstart, vlen, &arg->imp_tag, &arg->imp_class)) @@ -378,7 +378,7 @@ static int asn1_cb(const char *elem, int len, void *bitstr) case ASN1_GEN_FLAG_FORMAT: if (!vstart) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNKNOWN_FORMAT); + OPENSSL_PUT_ERROR(ASN1, asn1_cb, ASN1_R_UNKNOWN_FORMAT); return -1; } if (!strncmp(vstart, "ASCII", 5)) @@ -391,7 +391,7 @@ static int asn1_cb(const char *elem, int len, void *bitstr) arg->format = ASN1_GEN_FORMAT_BITLIST; else { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNKNOWN_FORMAT); + OPENSSL_PUT_ERROR(ASN1, asn1_cb, ASN1_R_UNKNOWN_FORMAT); return -1; } break; @@ -415,7 +415,7 @@ static int parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass) return 0; if (tag_num < 0) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_NUMBER); + OPENSSL_PUT_ERROR(ASN1, parse_tagging, ASN1_R_INVALID_NUMBER); return 0; } *ptag = tag_num; @@ -448,7 +448,7 @@ static int parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass) default: erch[0] = *eptr; erch[1] = 0; - OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_MODIFIER); + OPENSSL_PUT_ERROR(ASN1, parse_tagging, ASN1_R_INVALID_MODIFIER); ERR_add_error_data(2, "Char=", erch); return 0; break; @@ -534,13 +534,13 @@ static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class, int exp_cons /* Can only have IMPLICIT if permitted */ if ((arg->imp_tag != -1) && !imp_ok) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_IMPLICIT_TAG); + OPENSSL_PUT_ERROR(ASN1, append_exp, ASN1_R_ILLEGAL_IMPLICIT_TAG); return 0; } if (arg->exp_count == ASN1_FLAG_EXP_MAX) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_DEPTH_EXCEEDED); + OPENSSL_PUT_ERROR(ASN1, append_exp, ASN1_R_DEPTH_EXCEEDED); return 0; } @@ -658,7 +658,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) if (!(atmp = ASN1_TYPE_new())) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ERR_R_MALLOC_FAILURE); return NULL; } @@ -671,7 +671,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) case V_ASN1_NULL: if (str && *str) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_NULL_VALUE); + OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_ILLEGAL_NULL_VALUE); goto bad_form; } break; @@ -679,7 +679,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) case V_ASN1_BOOLEAN: if (format != ASN1_GEN_FORMAT_ASCII) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NOT_ASCII_FORMAT); + OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_NOT_ASCII_FORMAT); goto bad_form; } vtmp.name = NULL; @@ -687,7 +687,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) vtmp.value = (char *)str; if (!X509V3_get_value_bool(&vtmp, &atmp->value.boolean)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_BOOLEAN); + OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_ILLEGAL_BOOLEAN); goto bad_str; } break; @@ -696,12 +696,12 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) case V_ASN1_ENUMERATED: if (format != ASN1_GEN_FORMAT_ASCII) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_INTEGER_NOT_ASCII_FORMAT); + OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_INTEGER_NOT_ASCII_FORMAT); goto bad_form; } if (!(atmp->value.integer = s2i_ASN1_INTEGER(NULL, (char *)str))) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_INTEGER); + OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_ILLEGAL_INTEGER); goto bad_str; } break; @@ -709,12 +709,12 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) case V_ASN1_OBJECT: if (format != ASN1_GEN_FORMAT_ASCII) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_OBJECT_NOT_ASCII_FORMAT); + OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_OBJECT_NOT_ASCII_FORMAT); goto bad_form; } if (!(atmp->value.object = OBJ_txt2obj(str, 0))) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_OBJECT); + OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_ILLEGAL_OBJECT); goto bad_str; } break; @@ -723,23 +723,23 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) case V_ASN1_GENERALIZEDTIME: if (format != ASN1_GEN_FORMAT_ASCII) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_TIME_NOT_ASCII_FORMAT); + OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_TIME_NOT_ASCII_FORMAT); goto bad_form; } if (!(atmp->value.asn1_string = ASN1_STRING_new())) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ERR_R_MALLOC_FAILURE); goto bad_str; } if (!ASN1_STRING_set(atmp->value.asn1_string, str, -1)) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ERR_R_MALLOC_FAILURE); goto bad_str; } atmp->value.asn1_string->type = utype; if (!ASN1_TIME_check(atmp->value.asn1_string)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_TIME_VALUE); + OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_ILLEGAL_TIME_VALUE); goto bad_str; } @@ -761,7 +761,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) format = MBSTRING_UTF8; else { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_FORMAT); + OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_ILLEGAL_FORMAT); goto bad_form; } @@ -769,7 +769,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) if (ASN1_mbstring_copy(&atmp->value.asn1_string, (unsigned char *)str, -1, format, ASN1_tag2bit(utype)) <= 0) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ERR_R_MALLOC_FAILURE); goto bad_str; } @@ -782,7 +782,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) if (!(atmp->value.asn1_string = ASN1_STRING_new())) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ERR_R_MALLOC_FAILURE); goto bad_form; } @@ -791,7 +791,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) if (!(rdata = string_to_hex((char *)str, &rdlen))) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_HEX); + OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_ILLEGAL_HEX); goto bad_str; } @@ -806,7 +806,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) { if (!CONF_parse_list(str, ',', 1, bitstr_cb, atmp->value.bit_string)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_LIST_ERROR); + OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_LIST_ERROR); goto bad_str; } no_unused = 0; @@ -814,7 +814,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) } else { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_BITSTRING_FORMAT); + OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_ILLEGAL_BITSTRING_FORMAT); goto bad_form; } @@ -830,7 +830,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) break; default: - OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNSUPPORTED_TYPE); + OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_UNSUPPORTED_TYPE); goto bad_str; break; } @@ -860,12 +860,12 @@ static int bitstr_cb(const char *elem, int len, void *bitstr) return 0; if (bitnum < 0) { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_NUMBER); + OPENSSL_PUT_ERROR(ASN1, bitstr_cb, ASN1_R_INVALID_NUMBER); return 0; } if (!ASN1_BIT_STRING_set_bit(bitstr, bitnum, 1)) { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, bitstr_cb, ERR_R_MALLOC_FAILURE); return 0; } return 1; diff --git a/src/crypto/x509/by_dir.c b/src/crypto/x509/by_dir.c index 3393dfa..34bb1e4 100644 --- a/src/crypto/x509/by_dir.c +++ b/src/crypto/x509/by_dir.c @@ -139,7 +139,7 @@ static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, X509_FILETYPE_PEM); if (!ret) { - OPENSSL_PUT_ERROR(X509, X509_R_LOADING_CERT_DIR); + OPENSSL_PUT_ERROR(X509, dir_ctrl, X509_R_LOADING_CERT_DIR); } } else @@ -208,7 +208,7 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) if (dir == NULL || !*dir) { - OPENSSL_PUT_ERROR(X509, X509_R_INVALID_DIRECTORY); + OPENSSL_PUT_ERROR(X509, add_cert_dir, X509_R_INVALID_DIRECTORY); return 0; } @@ -237,7 +237,7 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) ctx->dirs = sk_BY_DIR_ENTRY_new_null(); if (!ctx->dirs) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, add_cert_dir, ERR_R_MALLOC_FAILURE); return 0; } } @@ -311,13 +311,13 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, } else { - OPENSSL_PUT_ERROR(X509, X509_R_WRONG_LOOKUP_TYPE); + OPENSSL_PUT_ERROR(X509, get_cert_by_subject, X509_R_WRONG_LOOKUP_TYPE); goto finish; } if ((b=BUF_MEM_new()) == NULL) { - OPENSSL_PUT_ERROR(X509, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(X509, get_cert_by_subject, ERR_R_BUF_LIB); goto finish; } @@ -337,7 +337,7 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, j=strlen(ent->dir)+1+8+6+1+1; if (!BUF_MEM_grow(b,j)) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, get_cert_by_subject, ERR_R_MALLOC_FAILURE); goto finish; } if (type == X509_LU_CRL && ent->hashes) diff --git a/src/crypto/x509/by_file.c b/src/crypto/x509/by_file.c index f1d6194..2fdbce4 100644 --- a/src/crypto/x509/by_file.c +++ b/src/crypto/x509/by_file.c @@ -109,7 +109,7 @@ static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, if (!ok) { - OPENSSL_PUT_ERROR(X509, X509_R_LOADING_DEFAULTS); + OPENSSL_PUT_ERROR(X509, by_file_ctrl, X509_R_LOADING_DEFAULTS); } } else @@ -137,7 +137,7 @@ int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type) if ((in == NULL) || (BIO_read_filename(in,file) <= 0)) { - OPENSSL_PUT_ERROR(X509, ERR_R_SYS_LIB); + OPENSSL_PUT_ERROR(X509, X509_load_cert_file, ERR_R_SYS_LIB); goto err; } @@ -156,7 +156,7 @@ int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type) } else { - OPENSSL_PUT_ERROR(X509, ERR_R_PEM_LIB); + OPENSSL_PUT_ERROR(X509, X509_load_cert_file, ERR_R_PEM_LIB); goto err; } } @@ -173,7 +173,7 @@ int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type) x=d2i_X509_bio(in,NULL); if (x == NULL) { - OPENSSL_PUT_ERROR(X509, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(X509, X509_load_cert_file, ERR_R_ASN1_LIB); goto err; } i=X509_STORE_add_cert(ctx->store_ctx,x); @@ -182,7 +182,7 @@ int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type) } else { - OPENSSL_PUT_ERROR(X509, X509_R_BAD_X509_FILETYPE); + OPENSSL_PUT_ERROR(X509, X509_load_cert_file, X509_R_BAD_X509_FILETYPE); goto err; } err: @@ -203,7 +203,7 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type) if ((in == NULL) || (BIO_read_filename(in,file) <= 0)) { - OPENSSL_PUT_ERROR(X509, ERR_R_SYS_LIB); + OPENSSL_PUT_ERROR(X509, X509_load_crl_file, ERR_R_SYS_LIB); goto err; } @@ -222,7 +222,7 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type) } else { - OPENSSL_PUT_ERROR(X509, ERR_R_PEM_LIB); + OPENSSL_PUT_ERROR(X509, X509_load_crl_file, ERR_R_PEM_LIB); goto err; } } @@ -239,7 +239,7 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type) x=d2i_X509_CRL_bio(in,NULL); if (x == NULL) { - OPENSSL_PUT_ERROR(X509, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(X509, X509_load_crl_file, ERR_R_ASN1_LIB); goto err; } i=X509_STORE_add_crl(ctx->store_ctx,x); @@ -248,7 +248,7 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type) } else { - OPENSSL_PUT_ERROR(X509, X509_R_BAD_X509_FILETYPE); + OPENSSL_PUT_ERROR(X509, X509_load_crl_file, X509_R_BAD_X509_FILETYPE); goto err; } err: @@ -268,13 +268,13 @@ int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type) return X509_load_cert_file(ctx, file, type); in = BIO_new_file(file, "r"); if(!in) { - OPENSSL_PUT_ERROR(X509, ERR_R_SYS_LIB); + OPENSSL_PUT_ERROR(X509, X509_load_cert_crl_file, ERR_R_SYS_LIB); return 0; } inf = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL); BIO_free(in); if(!inf) { - OPENSSL_PUT_ERROR(X509, ERR_R_PEM_LIB); + OPENSSL_PUT_ERROR(X509, X509_load_cert_crl_file, ERR_R_PEM_LIB); return 0; } for(i = 0; i < sk_X509_INFO_num(inf); i++) { diff --git a/src/crypto/x509/i2d_pr.c b/src/crypto/x509/i2d_pr.c index e7f4269..443ca53 100644 --- a/src/crypto/x509/i2d_pr.c +++ b/src/crypto/x509/i2d_pr.c @@ -78,7 +78,7 @@ int i2d_PrivateKey(const EVP_PKEY *a, unsigned char **pp) } /* Although this file is in crypto/x509 for layering reasons, it emits * an error code from ASN1 for OpenSSL compatibility. */ - OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); + OPENSSL_PUT_ERROR(ASN1, i2d_PrivateKey, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); return -1; } diff --git a/src/crypto/x509/pkcs7.c b/src/crypto/x509/pkcs7.c index 2087f94..99ee3da 100644 --- a/src/crypto/x509/pkcs7.c +++ b/src/crypto/x509/pkcs7.c @@ -57,7 +57,8 @@ static int pkcs7_parse_header(uint8_t **der_bytes, CBS *out, CBS *cbs) { } if (OBJ_cbs2nid(&content_type) != NID_pkcs7_signed) { - OPENSSL_PUT_ERROR(X509, X509_R_NOT_PKCS7_SIGNED_DATA); + OPENSSL_PUT_ERROR(X509, pkcs7_parse_header, + X509_R_NOT_PKCS7_SIGNED_DATA); goto err; } @@ -72,7 +73,8 @@ static int pkcs7_parse_header(uint8_t **der_bytes, CBS *out, CBS *cbs) { } if (version < 1) { - OPENSSL_PUT_ERROR(X509, X509_R_BAD_PKCS7_VERSION); + OPENSSL_PUT_ERROR(X509, pkcs7_parse_header, + X509_R_BAD_PKCS7_VERSION); goto err; } @@ -101,7 +103,8 @@ int PKCS7_get_certificates(STACK_OF(X509) *out_certs, CBS *cbs) { /* See https://tools.ietf.org/html/rfc2315#section-9.1 */ if (!CBS_get_asn1(&signed_data, &certificates, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0)) { - OPENSSL_PUT_ERROR(X509, X509_R_NO_CERTIFICATES_INCLUDED); + OPENSSL_PUT_ERROR(X509, PKCS7_get_certificates, + X509_R_NO_CERTIFICATES_INCLUDED); goto err; } @@ -168,7 +171,8 @@ int PKCS7_get_CRLs(STACK_OF(X509_CRL) *out_crls, CBS *cbs) { if (!CBS_get_asn1(&signed_data, &crls, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 1)) { - OPENSSL_PUT_ERROR(X509, X509_R_NO_CRLS_INCLUDED); + OPENSSL_PUT_ERROR(X509, PKCS7_get_CRLs, + X509_R_NO_CRLS_INCLUDED); goto err; } diff --git a/src/crypto/x509/t_crl.c b/src/crypto/x509/t_crl.c index a2d8bc7..93a7afb 100644 --- a/src/crypto/x509/t_crl.c +++ b/src/crypto/x509/t_crl.c @@ -70,7 +70,7 @@ int X509_CRL_print_fp(FILE *fp, X509_CRL *x) if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(X509, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(X509, X509_CRL_print_fp, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); diff --git a/src/crypto/x509/t_req.c b/src/crypto/x509/t_req.c deleted file mode 100644 index 39c836c..0000000 --- a/src/crypto/x509/t_req.c +++ /dev/null @@ -1,246 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#include - -#include -#include -#include -#include -#include -#include - - -int X509_REQ_print_fp(FILE *fp, X509_REQ *x) { - BIO *bio = BIO_new(BIO_s_file()); - if (bio == NULL) { - OPENSSL_PUT_ERROR(X509, ERR_R_BUF_LIB); - return 0; - } - - BIO_set_fp(bio, fp, BIO_NOCLOSE); - int ret = X509_REQ_print(bio, x); - BIO_free(bio); - return ret; -} - -int X509_REQ_print_ex(BIO *bio, X509_REQ *x, unsigned long nmflags, - unsigned long cflag) { - long l; - EVP_PKEY *pkey; - STACK_OF(X509_ATTRIBUTE) * sk; - char mlch = ' '; - - int nmindent = 0; - - if ((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) { - mlch = '\n'; - nmindent = 12; - } - - if (nmflags == X509_FLAG_COMPAT) { - nmindent = 16; - } - - X509_REQ_INFO *ri = x->req_info; - if (!(cflag & X509_FLAG_NO_HEADER)) { - if (BIO_write(bio, "Certificate Request:\n", 21) <= 0 || - BIO_write(bio, " Data:\n", 10) <= 0) { - goto err; - } - } - if (!(cflag & X509_FLAG_NO_VERSION)) { - l = X509_REQ_get_version(x); - if (BIO_printf(bio, "%8sVersion: %ld (0x%lx)\n", "", l + 1, l) <= 0) { - goto err; - } - } - if (!(cflag & X509_FLAG_NO_SUBJECT)) { - if (BIO_printf(bio, " Subject:%c", mlch) <= 0 || - X509_NAME_print_ex(bio, ri->subject, nmindent, nmflags) < 0 || - BIO_write(bio, "\n", 1) <= 0) { - goto err; - } - } - if (!(cflag & X509_FLAG_NO_PUBKEY)) { - if (BIO_write(bio, " Subject Public Key Info:\n", 33) <= 0 || - BIO_printf(bio, "%12sPublic Key Algorithm: ", "") <= 0 || - i2a_ASN1_OBJECT(bio, ri->pubkey->algor->algorithm) <= 0 || - BIO_puts(bio, "\n") <= 0) { - goto err; - } - - pkey = X509_REQ_get_pubkey(x); - if (pkey == NULL) { - BIO_printf(bio, "%12sUnable to load Public Key\n", ""); - ERR_print_errors(bio); - } else { - EVP_PKEY_print_public(bio, pkey, 16, NULL); - EVP_PKEY_free(pkey); - } - } - - if (!(cflag & X509_FLAG_NO_ATTRIBUTES)) { - if (BIO_printf(bio, "%8sAttributes:\n", "") <= 0) { - goto err; - } - - sk = x->req_info->attributes; - if (sk_X509_ATTRIBUTE_num(sk) == 0) { - if (BIO_printf(bio, "%12sa0:00\n", "") <= 0) { - goto err; - } - } else { - size_t i; - for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) { - X509_ATTRIBUTE *a = sk_X509_ATTRIBUTE_value(sk, i); - ASN1_OBJECT *aobj = X509_ATTRIBUTE_get0_object(a); - - if (X509_REQ_extension_nid(OBJ_obj2nid(aobj))) { - continue; - } - - if (BIO_printf(bio, "%12s", "") <= 0) { - goto err; - } - - const int num_attrs = X509_ATTRIBUTE_count(a); - const int obj_str_len = i2a_ASN1_OBJECT(bio, aobj); - if (obj_str_len <= 0) { - if (BIO_puts(bio, "(Unable to print attribute ID.)\n") < 0) { - goto err; - } else { - continue; - } - } - - int j; - for (j = 0; j < num_attrs; j++) { - const ASN1_TYPE *at = X509_ATTRIBUTE_get0_type(a, j); - const int type = at->type; - ASN1_BIT_STRING *bs = at->value.asn1_string; - - int k; - for (k = 25 - obj_str_len; k > 0; k--) { - if (BIO_write(bio, " ", 1) != 1) { - goto err; - } - } - - if (BIO_puts(bio, ":") <= 0) { - goto err; - } - - if (type == V_ASN1_PRINTABLESTRING || - type == V_ASN1_UTF8STRING || - type == V_ASN1_IA5STRING || - type == V_ASN1_T61STRING) { - if (BIO_write(bio, (char *)bs->data, bs->length) != bs->length) { - goto err; - } - BIO_puts(bio, "\n"); - } else { - BIO_puts(bio, "unable to print attribute\n"); - } - } - } - } - } - - if (!(cflag & X509_FLAG_NO_EXTENSIONS)) { - STACK_OF(X509_EXTENSION) *exts = X509_REQ_get_extensions(x); - if (exts) { - BIO_printf(bio, "%8sRequested Extensions:\n", ""); - - size_t i; - for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) { - X509_EXTENSION *ex = sk_X509_EXTENSION_value(exts, i); - if (BIO_printf(bio, "%12s", "") <= 0) { - goto err; - } - ASN1_OBJECT *obj = X509_EXTENSION_get_object(ex); - i2a_ASN1_OBJECT(bio, obj); - const int is_critical = X509_EXTENSION_get_critical(ex); - if (BIO_printf(bio, ": %s\n", is_critical ? "critical" : "") <= 0) { - goto err; - } - if (!X509V3_EXT_print(bio, ex, cflag, 16)) { - BIO_printf(bio, "%16s", ""); - ASN1_STRING_print(bio, X509_EXTENSION_get_data(ex)); - } - if (BIO_write(bio, "\n", 1) <= 0) { - goto err; - } - } - sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); - } - } - - if (!(cflag & X509_FLAG_NO_SIGDUMP) && - !X509_signature_print(bio, x->sig_alg, x->signature)) { - goto err; - } - - return 1; - -err: - OPENSSL_PUT_ERROR(X509, ERR_R_BUF_LIB); - return 0; -} - -int X509_REQ_print(BIO *bio, X509_REQ *req) { - return X509_REQ_print_ex(bio, req, XN_FLAG_COMPAT, X509_FLAG_COMPAT); -} diff --git a/src/crypto/x509/t_x509.c b/src/crypto/x509/t_x509.c index 7785ebf..2b9a421 100644 --- a/src/crypto/x509/t_x509.c +++ b/src/crypto/x509/t_x509.c @@ -74,7 +74,7 @@ int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag, unsigned long cfla if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(X509, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(X509, X509_print_ex_fp, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); @@ -493,7 +493,7 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) if (0) { err: - OPENSSL_PUT_ERROR(X509, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(X509, X509_NAME_print, ERR_R_BUF_LIB); } OPENSSL_free(b); return(ret); diff --git a/src/crypto/x509/x509_att.c b/src/crypto/x509/x509_att.c index 1491484..90e7810 100644 --- a/src/crypto/x509/x509_att.c +++ b/src/crypto/x509/x509_att.c @@ -124,7 +124,7 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, if (x == NULL) { - OPENSSL_PUT_ERROR(X509, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(X509, X509at_add1_attr, ERR_R_PASSED_NULL_PARAMETER); goto err2; } @@ -144,7 +144,7 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, *x=sk; return(sk); err: - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509at_add1_attr, ERR_R_MALLOC_FAILURE); err2: if (new_attr != NULL) X509_ATTRIBUTE_free(new_attr); if (sk != NULL) sk_X509_ATTRIBUTE_free(sk); @@ -214,7 +214,7 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, obj=OBJ_nid2obj(nid); if (obj == NULL) { - OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_NID); + OPENSSL_PUT_ERROR(X509, X509_ATTRIBUTE_create_by_NID, X509_R_UNKNOWN_NID); return(NULL); } return X509_ATTRIBUTE_create_by_OBJ(attr,obj,atrtype,data,len); @@ -229,7 +229,7 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, { if ((ret=X509_ATTRIBUTE_new()) == NULL) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_ATTRIBUTE_create_by_OBJ, ERR_R_MALLOC_FAILURE); return(NULL); } } @@ -258,7 +258,7 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, obj=OBJ_txt2obj(atrname, 0); if (obj == NULL) { - OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_NAME); + OPENSSL_PUT_ERROR(X509, X509_ATTRIBUTE_create_by_txt, X509_R_INVALID_FIELD_NAME); ERR_add_error_data(2, "name=", atrname); return(NULL); } @@ -286,7 +286,7 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *dat stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype, OBJ_obj2nid(attr->object)); if(!stmp) { - OPENSSL_PUT_ERROR(X509, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(X509, X509_ATTRIBUTE_set1_data, ERR_R_ASN1_LIB); return 0; } atype = stmp->type; @@ -314,7 +314,7 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *dat if(!sk_ASN1_TYPE_push(attr->value.set, ttmp)) goto err; return 1; err: - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_ATTRIBUTE_set1_data, ERR_R_MALLOC_FAILURE); return 0; } @@ -338,7 +338,7 @@ void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, ttmp = X509_ATTRIBUTE_get0_type(attr, idx); if(!ttmp) return NULL; if(atrtype != ASN1_TYPE_get(ttmp)){ - OPENSSL_PUT_ERROR(X509, X509_R_WRONG_TYPE); + OPENSSL_PUT_ERROR(X509, X509_ATTRIBUTE_get0_data, X509_R_WRONG_TYPE); return NULL; } return ttmp->value.ptr; diff --git a/src/crypto/x509/x509_cmp.c b/src/crypto/x509/x509_cmp.c index 0e35f3e..712e36b 100644 --- a/src/crypto/x509/x509_cmp.c +++ b/src/crypto/x509/x509_cmp.c @@ -333,13 +333,13 @@ int X509_check_private_key(X509 *x, EVP_PKEY *k) case 1: break; case 0: - OPENSSL_PUT_ERROR(X509, X509_R_KEY_VALUES_MISMATCH); + OPENSSL_PUT_ERROR(X509, X509_check_private_key, X509_R_KEY_VALUES_MISMATCH); break; case -1: - OPENSSL_PUT_ERROR(X509, X509_R_KEY_TYPE_MISMATCH); + OPENSSL_PUT_ERROR(X509, X509_check_private_key, X509_R_KEY_TYPE_MISMATCH); break; case -2: - OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_KEY_TYPE); + OPENSSL_PUT_ERROR(X509, X509_check_private_key, X509_R_UNKNOWN_KEY_TYPE); } if (xk) EVP_PKEY_free(xk); diff --git a/src/crypto/x509/x509_lu.c b/src/crypto/x509/x509_lu.c index 6d7bc26..a662305 100644 --- a/src/crypto/x509/x509_lu.c +++ b/src/crypto/x509/x509_lu.c @@ -345,7 +345,7 @@ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x) obj=(X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT)); if (obj == NULL) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_STORE_add_cert, ERR_R_MALLOC_FAILURE); return 0; } obj->type=X509_LU_X509; @@ -359,7 +359,7 @@ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x) { X509_OBJECT_free_contents(obj); OPENSSL_free(obj); - OPENSSL_PUT_ERROR(X509, X509_R_CERT_ALREADY_IN_HASH_TABLE); + OPENSSL_PUT_ERROR(X509, X509_STORE_add_cert, X509_R_CERT_ALREADY_IN_HASH_TABLE); ret=0; } else sk_X509_OBJECT_push(ctx->objs, obj); @@ -378,7 +378,7 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x) obj=(X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT)); if (obj == NULL) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_STORE_add_crl, ERR_R_MALLOC_FAILURE); return 0; } obj->type=X509_LU_CRL; @@ -392,7 +392,7 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x) { X509_OBJECT_free_contents(obj); OPENSSL_free(obj); - OPENSSL_PUT_ERROR(X509, X509_R_CERT_ALREADY_IN_HASH_TABLE); + OPENSSL_PUT_ERROR(X509, X509_STORE_add_crl, X509_R_CERT_ALREADY_IN_HASH_TABLE); ret=0; } else sk_X509_OBJECT_push(ctx->objs, obj); @@ -410,7 +410,7 @@ void X509_OBJECT_up_ref_count(X509_OBJECT *a) X509_up_ref(a->data.x509); break; case X509_LU_CRL: - X509_CRL_up_ref(a->data.crl); + CRYPTO_refcount_inc(&a->data.crl->references); break; } } @@ -572,7 +572,7 @@ STACK_OF(X509_CRL)* X509_STORE_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm) { obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx); x = obj->data.crl; - X509_CRL_up_ref(x); + CRYPTO_refcount_inc(&x->references); if (!sk_X509_CRL_push(sk, x)) { CRYPTO_MUTEX_unlock(&ctx->ctx->objs_lock); @@ -641,7 +641,7 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) if (ok == X509_LU_RETRY) { X509_OBJECT_free_contents(&obj); - OPENSSL_PUT_ERROR(X509, X509_R_SHOULD_RETRY); + OPENSSL_PUT_ERROR(X509, X509_STORE_CTX_get1_issuer, X509_R_SHOULD_RETRY); return -1; } else if (ok != X509_LU_FAIL) diff --git a/src/crypto/x509/x509_obj.c b/src/crypto/x509/x509_obj.c index b6f0816..914e0de 100644 --- a/src/crypto/x509/x509_obj.c +++ b/src/crypto/x509/x509_obj.c @@ -184,7 +184,7 @@ char *X509_NAME_oneline(X509_NAME *a, char *buf, int len) *p = '\0'; return(p); err: - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_NAME_oneline, ERR_R_MALLOC_FAILURE); if (b != NULL) BUF_MEM_free(b); return(NULL); } diff --git a/src/crypto/x509/x509_r2x.c b/src/crypto/x509/x509_r2x.c index 85979ac..3c8e9c0 100644 --- a/src/crypto/x509/x509_r2x.c +++ b/src/crypto/x509/x509_r2x.c @@ -72,7 +72,7 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey) if ((ret=X509_new()) == NULL) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_REQ_to_X509, ERR_R_MALLOC_FAILURE); goto err; } diff --git a/src/crypto/x509/x509_req.c b/src/crypto/x509/x509_req.c index 01c5113..2732d6e 100644 --- a/src/crypto/x509/x509_req.c +++ b/src/crypto/x509/x509_req.c @@ -77,7 +77,7 @@ X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) ret=X509_REQ_new(); if (ret == NULL) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_to_X509_REQ, ERR_R_MALLOC_FAILURE); goto err; } @@ -128,24 +128,24 @@ int X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k) ok=1; break; case 0: - OPENSSL_PUT_ERROR(X509, X509_R_KEY_VALUES_MISMATCH); + OPENSSL_PUT_ERROR(X509, X509_REQ_check_private_key, X509_R_KEY_VALUES_MISMATCH); break; case -1: - OPENSSL_PUT_ERROR(X509, X509_R_KEY_TYPE_MISMATCH); + OPENSSL_PUT_ERROR(X509, X509_REQ_check_private_key, X509_R_KEY_TYPE_MISMATCH); break; case -2: if (k->type == EVP_PKEY_EC) { - OPENSSL_PUT_ERROR(X509, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(X509, X509_REQ_check_private_key, ERR_R_EC_LIB); break; } if (k->type == EVP_PKEY_DH) { /* No idea */ - OPENSSL_PUT_ERROR(X509, X509_R_CANT_CHECK_DH_KEY); + OPENSSL_PUT_ERROR(X509, X509_REQ_check_private_key, X509_R_CANT_CHECK_DH_KEY); break; } - OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_KEY_TYPE); + OPENSSL_PUT_ERROR(X509, X509_REQ_check_private_key, X509_R_UNKNOWN_KEY_TYPE); } EVP_PKEY_free(xk); diff --git a/src/crypto/x509/x509_trs.c b/src/crypto/x509/x509_trs.c index 820e605..9b7cc9c 100644 --- a/src/crypto/x509/x509_trs.c +++ b/src/crypto/x509/x509_trs.c @@ -156,7 +156,7 @@ int X509_TRUST_get_by_id(int id) int X509_TRUST_set(int *t, int trust) { if(X509_TRUST_get_by_id(trust) == -1) { - OPENSSL_PUT_ERROR(X509, X509_R_INVALID_TRUST); + OPENSSL_PUT_ERROR(X509, X509_TRUST_set, X509_R_INVALID_TRUST); return 0; } *t = trust; @@ -179,7 +179,7 @@ int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), /* Need a new entry */ if(idx == -1) { if(!(trtmp = OPENSSL_malloc(sizeof(X509_TRUST)))) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_TRUST_add, ERR_R_MALLOC_FAILURE); return 0; } trtmp->flags = X509_TRUST_DYNAMIC; @@ -188,7 +188,7 @@ int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), /* Duplicate the supplied name. */ name_dup = BUF_strdup(name); if (name_dup == NULL) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_TRUST_add, ERR_R_MALLOC_FAILURE); if (idx == -1) OPENSSL_free(trtmp); return 0; @@ -210,12 +210,12 @@ int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), /* If its a new entry manage the dynamic table */ if(idx == -1) { if(!trtable && !(trtable = sk_X509_TRUST_new(tr_cmp))) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_TRUST_add, ERR_R_MALLOC_FAILURE); trtable_free(trtmp); return 0; } if (!sk_X509_TRUST_push(trtable, trtmp)) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_TRUST_add, ERR_R_MALLOC_FAILURE); trtable_free(trtmp); return 0; } diff --git a/src/crypto/x509/x509_v3.c b/src/crypto/x509/x509_v3.c index b042985..0fc9a9a 100644 --- a/src/crypto/x509/x509_v3.c +++ b/src/crypto/x509/x509_v3.c @@ -147,7 +147,7 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, if (x == NULL) { - OPENSSL_PUT_ERROR(X509, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(X509, X509v3_add_ext, ERR_R_PASSED_NULL_PARAMETER); goto err2; } @@ -171,7 +171,7 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, *x=sk; return(sk); err: - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509v3_add_ext, ERR_R_MALLOC_FAILURE); err2: if (new_ex != NULL) X509_EXTENSION_free(new_ex); if (sk != NULL) sk_X509_EXTENSION_free(sk); @@ -187,7 +187,7 @@ X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, int nid, obj=OBJ_nid2obj(nid); if (obj == NULL) { - OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_NID); + OPENSSL_PUT_ERROR(X509, X509_EXTENSION_create_by_NID, X509_R_UNKNOWN_NID); return(NULL); } ret=X509_EXTENSION_create_by_OBJ(ex,obj,crit,data); @@ -203,7 +203,7 @@ X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, { if ((ret=X509_EXTENSION_new()) == NULL) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_EXTENSION_create_by_OBJ, ERR_R_MALLOC_FAILURE); return(NULL); } } diff --git a/src/crypto/x509/x509_vfy.c b/src/crypto/x509/x509_vfy.c index 5d856f0..f53f279 100644 --- a/src/crypto/x509/x509_vfy.c +++ b/src/crypto/x509/x509_vfy.c @@ -72,8 +72,7 @@ #include "../internal.h" -static CRYPTO_EX_DATA_CLASS g_ex_data_class = - CRYPTO_EX_DATA_CLASS_INIT_WITH_APP_DATA; +static CRYPTO_EX_DATA_CLASS g_ex_data_class = CRYPTO_EX_DATA_CLASS_INIT; /* CRL score values */ @@ -202,7 +201,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) STACK_OF(X509) *sktmp=NULL; if (ctx->cert == NULL) { - OPENSSL_PUT_ERROR(X509, X509_R_NO_CERT_SET_FOR_US_TO_VERIFY); + OPENSSL_PUT_ERROR(X509, X509_verify_cert, X509_R_NO_CERT_SET_FOR_US_TO_VERIFY); return -1; } @@ -215,7 +214,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) if ( ((ctx->chain=sk_X509_new_null()) == NULL) || (!sk_X509_push(ctx->chain,ctx->cert))) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_verify_cert, ERR_R_MALLOC_FAILURE); goto end; } X509_up_ref(ctx->cert); @@ -226,7 +225,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) if (ctx->untrusted != NULL && (sktmp=sk_X509_dup(ctx->untrusted)) == NULL) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_verify_cert, ERR_R_MALLOC_FAILURE); goto end; } @@ -252,7 +251,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) { ok = ctx->get_issuer(&xtmp, ctx, x); if (ok < 0) - goto end; + return ok; /* If successful for now free up cert so it * will be picked up again later. */ @@ -271,10 +270,10 @@ int X509_verify_cert(X509_STORE_CTX *ctx) { if (!sk_X509_push(ctx->chain,xtmp)) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_verify_cert, ERR_R_MALLOC_FAILURE); goto end; } - X509_up_ref(xtmp); + CRYPTO_refcount_inc(&xtmp->references); (void)sk_X509_delete_ptr(sktmp,xtmp); ctx->last_untrusted++; x=xtmp; @@ -350,16 +349,15 @@ int X509_verify_cert(X509_STORE_CTX *ctx) ok = ctx->get_issuer(&xtmp, ctx, x); - if (ok < 0) goto end; + if (ok < 0) return ok; if (ok == 0) break; x = xtmp; if (!sk_X509_push(ctx->chain,x)) { X509_free(xtmp); - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); - ok = 0; - goto end; + OPENSSL_PUT_ERROR(X509, X509_verify_cert, ERR_R_MALLOC_FAILURE); + return 0; } num++; } @@ -992,7 +990,7 @@ static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl, *pissuer = best_crl_issuer; *pscore = best_score; *preasons = best_reasons; - X509_CRL_up_ref(best_crl); + CRYPTO_refcount_inc(&best_crl->references); if (*pdcrl) { X509_CRL_free(*pdcrl); @@ -1099,7 +1097,7 @@ static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pscore, { if (check_crl_time(ctx, delta, 0)) *pscore |= CRL_SCORE_TIME_DELTA; - X509_CRL_up_ref(delta); + CRYPTO_refcount_inc(&delta->references); *dcrl = delta; return; } @@ -1636,7 +1634,7 @@ static int check_policy(X509_STORE_CTX *ctx) ctx->param->policies, ctx->param->flags); if (ret == 0) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, check_policy, ERR_R_MALLOC_FAILURE); return 0; } /* Invalid or inconsistent extensions */ @@ -1985,44 +1983,44 @@ X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer, /* CRLs can't be delta already */ if (base->base_crl_number || newer->base_crl_number) { - OPENSSL_PUT_ERROR(X509, X509_R_CRL_ALREADY_DELTA); + OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_CRL_ALREADY_DELTA); return NULL; } /* Base and new CRL must have a CRL number */ if (!base->crl_number || !newer->crl_number) { - OPENSSL_PUT_ERROR(X509, X509_R_NO_CRL_NUMBER); + OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_NO_CRL_NUMBER); return NULL; } /* Issuer names must match */ if (X509_NAME_cmp(X509_CRL_get_issuer(base), X509_CRL_get_issuer(newer))) { - OPENSSL_PUT_ERROR(X509, X509_R_ISSUER_MISMATCH); + OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_ISSUER_MISMATCH); return NULL; } /* AKID and IDP must match */ if (!crl_extension_match(base, newer, NID_authority_key_identifier)) { - OPENSSL_PUT_ERROR(X509, X509_R_AKID_MISMATCH); + OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_AKID_MISMATCH); return NULL; } if (!crl_extension_match(base, newer, NID_issuing_distribution_point)) { - OPENSSL_PUT_ERROR(X509, X509_R_IDP_MISMATCH); + OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_IDP_MISMATCH); return NULL; } /* Newer CRL number must exceed full CRL number */ if (ASN1_INTEGER_cmp(newer->crl_number, base->crl_number) <= 0) { - OPENSSL_PUT_ERROR(X509, X509_R_NEWER_CRL_NOT_NEWER); + OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_NEWER_CRL_NOT_NEWER); return NULL; } /* CRLs must verify */ if (skey && (X509_CRL_verify(base, skey) <= 0 || X509_CRL_verify(newer, skey) <= 0)) { - OPENSSL_PUT_ERROR(X509, X509_R_CRL_VERIFY_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_CRL_VERIFY_FAILURE); return NULL; } /* Create new CRL */ @@ -2087,7 +2085,7 @@ X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer, return crl; memerr: - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_CRL_diff, ERR_R_MALLOC_FAILURE); if (crl) X509_CRL_free(crl); return NULL; @@ -2212,7 +2210,7 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, idx = X509_PURPOSE_get_by_id(purpose); if (idx == -1) { - OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_PURPOSE_ID); + OPENSSL_PUT_ERROR(X509, X509_STORE_CTX_purpose_inherit, X509_R_UNKNOWN_PURPOSE_ID); return 0; } ptmp = X509_PURPOSE_get0(idx); @@ -2221,7 +2219,7 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, idx = X509_PURPOSE_get_by_id(def_purpose); if (idx == -1) { - OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_PURPOSE_ID); + OPENSSL_PUT_ERROR(X509, X509_STORE_CTX_purpose_inherit, X509_R_UNKNOWN_PURPOSE_ID); return 0; } ptmp = X509_PURPOSE_get0(idx); @@ -2234,7 +2232,7 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, idx = X509_TRUST_get_by_id(trust); if (idx == -1) { - OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_TRUST_ID); + OPENSSL_PUT_ERROR(X509, X509_STORE_CTX_purpose_inherit, X509_R_UNKNOWN_TRUST_ID); return 0; } } @@ -2250,7 +2248,7 @@ X509_STORE_CTX *X509_STORE_CTX_new(void) ctx = (X509_STORE_CTX *)OPENSSL_malloc(sizeof(X509_STORE_CTX)); if (!ctx) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_STORE_CTX_new, ERR_R_MALLOC_FAILURE); return NULL; } memset(ctx, 0, sizeof(X509_STORE_CTX)); @@ -2373,7 +2371,7 @@ err: } memset(ctx, 0, sizeof(X509_STORE_CTX)); - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_STORE_CTX_init, ERR_R_MALLOC_FAILURE); return 0; } diff --git a/src/crypto/x509/x509cset.c b/src/crypto/x509/x509cset.c index 82d61d0..b526c69 100644 --- a/src/crypto/x509/x509cset.c +++ b/src/crypto/x509/x509cset.c @@ -57,8 +57,6 @@ #include #include -#include "../internal.h" - int X509_CRL_set_version(X509_CRL *x, long version) { @@ -130,11 +128,6 @@ int X509_CRL_sort(X509_CRL *c) return 1; } -void X509_CRL_up_ref(X509_CRL *crl) - { - CRYPTO_refcount_inc(&crl->references); - } - int X509_REVOKED_set_revocationDate(X509_REVOKED *x, ASN1_TIME *tm) { ASN1_TIME *in; diff --git a/src/crypto/x509/x509name.c b/src/crypto/x509/x509name.c index 7bb3aa1..042d18b 100644 --- a/src/crypto/x509/x509name.c +++ b/src/crypto/x509/x509name.c @@ -254,7 +254,7 @@ int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne, int loc, new_name->set=set; if (!sk_X509_NAME_ENTRY_insert(sk,new_name,loc)) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_NAME_add_entry, ERR_R_MALLOC_FAILURE); goto err; } if (inc) @@ -279,7 +279,7 @@ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, obj=OBJ_txt2obj(field, 0); if (obj == NULL) { - OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_NAME); + OPENSSL_PUT_ERROR(X509, X509_NAME_ENTRY_create_by_txt, X509_R_INVALID_FIELD_NAME); ERR_add_error_data(2, "name=", field); return(NULL); } @@ -297,7 +297,7 @@ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, obj=OBJ_nid2obj(nid); if (obj == NULL) { - OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_NID); + OPENSSL_PUT_ERROR(X509, X509_NAME_ENTRY_create_by_NID, X509_R_UNKNOWN_NID); return(NULL); } nentry = X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len); @@ -336,7 +336,7 @@ int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, const ASN1_OBJECT *obj) { if ((ne == NULL) || (obj == NULL)) { - OPENSSL_PUT_ERROR(X509, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(X509, X509_NAME_ENTRY_set_object, ERR_R_PASSED_NULL_PARAMETER); return(0); } ASN1_OBJECT_free(ne->object); diff --git a/src/crypto/x509/x509spki.c b/src/crypto/x509/x509spki.c index ccf93e0..9bab957 100644 --- a/src/crypto/x509/x509spki.c +++ b/src/crypto/x509/x509spki.c @@ -84,15 +84,15 @@ NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len) if (len <= 0) len = strlen(str); if (!EVP_DecodedLength(&spki_len, len)) { - OPENSSL_PUT_ERROR(X509, X509_R_BASE64_DECODE_ERROR); + OPENSSL_PUT_ERROR(X509, NETSCAPE_SPKI_b64_decode, X509_R_BASE64_DECODE_ERROR); return NULL; } if (!(spki_der = OPENSSL_malloc(spki_len))) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, NETSCAPE_SPKI_b64_decode, ERR_R_MALLOC_FAILURE); return NULL; } if (!EVP_DecodeBase64(spki_der, &spki_len, spki_len, (const uint8_t *)str, len)) { - OPENSSL_PUT_ERROR(X509, X509_R_BASE64_DECODE_ERROR); + OPENSSL_PUT_ERROR(X509, NETSCAPE_SPKI_b64_decode, X509_R_BASE64_DECODE_ERROR); OPENSSL_free(spki_der); return NULL; } @@ -113,18 +113,18 @@ char * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki) der_len = i2d_NETSCAPE_SPKI(spki, NULL); if (!EVP_EncodedLength(&b64_len, der_len)) { - OPENSSL_PUT_ERROR(X509, ERR_R_OVERFLOW); + OPENSSL_PUT_ERROR(X509, NETSCAPE_SPKI_b64_encode, ERR_R_OVERFLOW); return NULL; } der_spki = OPENSSL_malloc(der_len); if (der_spki == NULL) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, NETSCAPE_SPKI_b64_encode, ERR_R_MALLOC_FAILURE); return NULL; } b64_str = OPENSSL_malloc(b64_len); if (b64_str == NULL) { OPENSSL_free(der_spki); - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, NETSCAPE_SPKI_b64_encode, ERR_R_MALLOC_FAILURE); return NULL; } p = der_spki; diff --git a/src/crypto/x509/x_all.c b/src/crypto/x509/x_all.c index d7f2d29..785fd1e 100644 --- a/src/crypto/x509/x_all.c +++ b/src/crypto/x509/x_all.c @@ -64,6 +64,9 @@ #include +extern const ASN1_ITEM RSAPrivateKey_it; +extern const ASN1_ITEM RSAPublicKey_it; + int X509_verify(X509 *a, EVP_PKEY *r) { if (X509_ALGOR_cmp(a->sig_alg, a->cert_info->signature)) @@ -141,12 +144,6 @@ int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md) x->signature, x->spkac,pkey,md)); } -int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *x, EVP_PKEY *pkey) - { - return (ASN1_item_verify(ASN1_ITEM_rptr(NETSCAPE_SPKAC), x->sig_algor, - x->signature, x->spkac, pkey)); - } - #ifndef OPENSSL_NO_FP_API X509 *d2i_X509_fp(FILE *fp, X509 **x509) { @@ -242,17 +239,17 @@ int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req) #ifndef OPENSSL_NO_FP_API RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa) { - return ASN1_d2i_fp_of(RSA, RSA_new, d2i_RSAPrivateKey, fp, rsa); + return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa); } int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa) { - return ASN1_i2d_fp_of_const(RSA, i2d_RSAPrivateKey, fp, rsa); + return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa); } RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa) { - return ASN1_d2i_fp_of(RSA, RSA_new, d2i_RSAPublicKey, fp, rsa); + return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa); } RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa) @@ -264,7 +261,7 @@ RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa) int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa) { - return ASN1_i2d_fp_of_const(RSA, i2d_RSAPublicKey, fp, rsa); + return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa); } int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa) @@ -275,17 +272,17 @@ int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa) RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa) { - return ASN1_d2i_bio_of(RSA, RSA_new, d2i_RSAPrivateKey, bp, rsa); + return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa); } int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa) { - return ASN1_i2d_bio_of_const(RSA, i2d_RSAPrivateKey, bp, rsa); + return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa); } RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa) { - return ASN1_d2i_bio_of(RSA, RSA_new, d2i_RSAPublicKey, bp, rsa); + return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa); } @@ -296,7 +293,7 @@ RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa) int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa) { - return ASN1_i2d_bio_of_const(RSA, i2d_RSAPublicKey, bp, rsa); + return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa); } int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa) diff --git a/src/crypto/x509/x_crl.c b/src/crypto/x509/x_crl.c index d516872..2f41bb1 100644 --- a/src/crypto/x509/x_crl.c +++ b/src/crypto/x509/x_crl.c @@ -400,7 +400,7 @@ int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev) if(!inf->revoked) inf->revoked = sk_X509_REVOKED_new(X509_REVOKED_cmp); if(!inf->revoked || !sk_X509_REVOKED_push(inf->revoked, rev)) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_CRL_add0_revoked, ERR_R_MALLOC_FAILURE); return 0; } inf->enc.modified = 1; diff --git a/src/crypto/x509/x_info.c b/src/crypto/x509/x_info.c index be579d7..f9e9ab8 100644 --- a/src/crypto/x509/x_info.c +++ b/src/crypto/x509/x_info.c @@ -69,7 +69,7 @@ X509_INFO *X509_INFO_new(void) ret=(X509_INFO *)OPENSSL_malloc(sizeof(X509_INFO)); if (ret == NULL) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_INFO_new, ERR_R_MALLOC_FAILURE); return(NULL); } diff --git a/src/crypto/x509/x_name.c b/src/crypto/x509/x_name.c index 762756b..5cfb3ae 100644 --- a/src/crypto/x509/x_name.c +++ b/src/crypto/x509/x_name.c @@ -150,7 +150,7 @@ static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it) return 1; memerr: - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, x509_name_ex_new, ERR_R_MALLOC_FAILURE); if (ret) { if (ret->entries) @@ -239,7 +239,7 @@ static int x509_name_ex_d2i(ASN1_VALUE **val, err: if (nm.x != NULL) X509_NAME_free(nm.x); - OPENSSL_PUT_ERROR(X509, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(X509, x509_name_ex_d2i, ERR_R_ASN1_LIB); return 0; } @@ -300,7 +300,7 @@ static int x509_name_encode(X509_NAME *a) memerr: sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s, local_sk_X509_NAME_ENTRY_free); - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, x509_name_encode, ERR_R_MALLOC_FAILURE); return -1; } diff --git a/src/crypto/x509/x_pkey.c b/src/crypto/x509/x_pkey.c index f5e98b8..5bc6415 100644 --- a/src/crypto/x509/x_pkey.c +++ b/src/crypto/x509/x_pkey.c @@ -69,7 +69,7 @@ X509_PKEY *X509_PKEY_new(void) X509_PKEY *ret = OPENSSL_malloc(sizeof(X509_PKEY)); if (ret == NULL) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_PKEY_new, ERR_R_MALLOC_FAILURE); goto err; } memset(ret, 0, sizeof(X509_PKEY)); diff --git a/src/crypto/x509/x_pubkey.c b/src/crypto/x509/x_pubkey.c index a16edca..c2e0863 100644 --- a/src/crypto/x509/x_pubkey.c +++ b/src/crypto/x509/x_pubkey.c @@ -100,19 +100,19 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) { if (!pkey->ameth->pub_encode(pk, pkey)) { - OPENSSL_PUT_ERROR(X509, X509_R_PUBLIC_KEY_ENCODE_ERROR); + OPENSSL_PUT_ERROR(X509, X509_PUBKEY_set, X509_R_PUBLIC_KEY_ENCODE_ERROR); goto error; } } else { - OPENSSL_PUT_ERROR(X509, X509_R_METHOD_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(X509, X509_PUBKEY_set, X509_R_METHOD_NOT_SUPPORTED); goto error; } } else { - OPENSSL_PUT_ERROR(X509, X509_R_UNSUPPORTED_ALGORITHM); + OPENSSL_PUT_ERROR(X509, X509_PUBKEY_set, X509_R_UNSUPPORTED_ALGORITHM); goto error; } @@ -151,13 +151,13 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) if ((ret = EVP_PKEY_new()) == NULL) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_PUBKEY_get, ERR_R_MALLOC_FAILURE); goto error; } if (!EVP_PKEY_set_type(ret, OBJ_obj2nid(key->algor->algorithm))) { - OPENSSL_PUT_ERROR(X509, X509_R_UNSUPPORTED_ALGORITHM); + OPENSSL_PUT_ERROR(X509, X509_PUBKEY_get, X509_R_UNSUPPORTED_ALGORITHM); goto error; } @@ -165,13 +165,13 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) { if (!ret->ameth->pub_decode(ret, key)) { - OPENSSL_PUT_ERROR(X509, X509_R_PUBLIC_KEY_DECODE_ERROR); + OPENSSL_PUT_ERROR(X509, X509_PUBKEY_get, X509_R_PUBLIC_KEY_DECODE_ERROR); goto error; } } else { - OPENSSL_PUT_ERROR(X509, X509_R_METHOD_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(X509, X509_PUBKEY_get, X509_R_METHOD_NOT_SUPPORTED); goto error; } @@ -262,7 +262,7 @@ int i2d_RSA_PUBKEY(const RSA *a, unsigned char **pp) pktmp = EVP_PKEY_new(); if (!pktmp) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, i2d_RSA_PUBKEY, ERR_R_MALLOC_FAILURE); return 0; } EVP_PKEY_set1_RSA(pktmp, (RSA*) a); @@ -301,7 +301,7 @@ int i2d_DSA_PUBKEY(const DSA *a, unsigned char **pp) pktmp = EVP_PKEY_new(); if(!pktmp) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, i2d_DSA_PUBKEY, ERR_R_MALLOC_FAILURE); return 0; } EVP_PKEY_set1_DSA(pktmp, (DSA*) a); @@ -338,7 +338,7 @@ int i2d_EC_PUBKEY(const EC_KEY *a, unsigned char **pp) if (!a) return(0); if ((pktmp = EVP_PKEY_new()) == NULL) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, i2d_EC_PUBKEY, ERR_R_MALLOC_FAILURE); return(0); } EVP_PKEY_set1_EC_KEY(pktmp, (EC_KEY*) a); diff --git a/src/crypto/x509/x_x509a.c b/src/crypto/x509/x_x509a.c index fb7172b..e13204b 100644 --- a/src/crypto/x509/x_x509a.c +++ b/src/crypto/x509/x_x509a.c @@ -133,44 +133,24 @@ unsigned char *X509_keyid_get0(X509 *x, int *len) int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj) { - ASN1_OBJECT *objtmp = OBJ_dup(obj); - if (objtmp == NULL) - goto err; - X509_CERT_AUX *aux = aux_get(x); - if (aux->trust == NULL) - { - aux->trust = sk_ASN1_OBJECT_new_null(); - if (aux->trust == NULL) - goto err; - } - if (!sk_ASN1_OBJECT_push(aux->trust, objtmp)) - goto err; - return 1; - -err: - ASN1_OBJECT_free(objtmp); - return 0; + X509_CERT_AUX *aux; + ASN1_OBJECT *objtmp; + if(!(objtmp = OBJ_dup(obj))) return 0; + if(!(aux = aux_get(x))) return 0; + if(!aux->trust + && !(aux->trust = sk_ASN1_OBJECT_new_null())) return 0; + return sk_ASN1_OBJECT_push(aux->trust, objtmp); } int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj) { - ASN1_OBJECT *objtmp = OBJ_dup(obj); - if (objtmp == NULL) - goto err; - X509_CERT_AUX *aux = aux_get(x); - if (aux->reject == NULL) - { - aux->reject = sk_ASN1_OBJECT_new_null(); - if (aux->reject == NULL) - goto err; - } - if (!sk_ASN1_OBJECT_push(aux->reject, objtmp)) - goto err; - return 1; - -err: - ASN1_OBJECT_free(objtmp); - return 0; + X509_CERT_AUX *aux; + ASN1_OBJECT *objtmp; + if(!(objtmp = OBJ_dup(obj))) return 0; + if(!(aux = aux_get(x))) return 0; + if(!aux->reject + && !(aux->reject = sk_ASN1_OBJECT_new_null())) return 0; + return sk_ASN1_OBJECT_push(aux->reject, objtmp); } void X509_trust_clear(X509 *x) diff --git a/src/crypto/x509v3/CMakeLists.txt b/src/crypto/x509v3/CMakeLists.txt index 5cc1b49..c7e6054 100644 --- a/src/crypto/x509v3/CMakeLists.txt +++ b/src/crypto/x509v3/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( x509v3 @@ -46,7 +46,7 @@ add_library( add_executable( v3name_test - v3name_test.c + v3nametest.c $ ) @@ -56,7 +56,7 @@ target_link_libraries(v3name_test crypto) add_executable( tab_test - tab_test.c + tabtest.c $ ) diff --git a/src/crypto/x509v3/tab_test.c b/src/crypto/x509v3/tab_test.c deleted file mode 100644 index 6b97e91..0000000 --- a/src/crypto/x509v3/tab_test.c +++ /dev/null @@ -1,103 +0,0 @@ -/* tabtest.c */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* Simple program to check the ext_dat.h is correct and print out - * problems if it is not. - */ - -#include - -#include -#include -#include - -#if !defined(BORINGSSL_SHARED_LIBRARY) -#include "ext_dat.h" -#endif - -int main(void) -{ -#if !defined(BORINGSSL_SHARED_LIBRARY) - int i, prev = -1, bad = 0; - const X509V3_EXT_METHOD *const *tmp; - CRYPTO_library_init(); - i = sizeof(standard_exts) / sizeof(X509V3_EXT_METHOD *); - if(i != STANDARD_EXTENSION_COUNT) - fprintf(stderr, "Extension number invalid expecting %d\n", i); - tmp = standard_exts; - for(i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++) { - if((*tmp)->ext_nid < prev) bad = 1; - prev = (*tmp)->ext_nid; - - } - if(bad) { - tmp = standard_exts; - fprintf(stderr, "Extensions out of order!\n"); - for(i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++) - printf("%d : %s\n", (*tmp)->ext_nid, OBJ_nid2sn((*tmp)->ext_nid)); - return 1; - } else { - printf("PASS\n"); - return 0; - } -#else - /* TODO(davidben): Fix this test in the shared library build. */ - printf("PASS\n"); - return 0; -#endif -} diff --git a/src/crypto/x509v3/tabtest.c b/src/crypto/x509v3/tabtest.c new file mode 100644 index 0000000..6b97e91 --- /dev/null +++ b/src/crypto/x509v3/tabtest.c @@ -0,0 +1,103 @@ +/* tabtest.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL + * project 1999. + */ +/* ==================================================================== + * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +/* Simple program to check the ext_dat.h is correct and print out + * problems if it is not. + */ + +#include + +#include +#include +#include + +#if !defined(BORINGSSL_SHARED_LIBRARY) +#include "ext_dat.h" +#endif + +int main(void) +{ +#if !defined(BORINGSSL_SHARED_LIBRARY) + int i, prev = -1, bad = 0; + const X509V3_EXT_METHOD *const *tmp; + CRYPTO_library_init(); + i = sizeof(standard_exts) / sizeof(X509V3_EXT_METHOD *); + if(i != STANDARD_EXTENSION_COUNT) + fprintf(stderr, "Extension number invalid expecting %d\n", i); + tmp = standard_exts; + for(i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++) { + if((*tmp)->ext_nid < prev) bad = 1; + prev = (*tmp)->ext_nid; + + } + if(bad) { + tmp = standard_exts; + fprintf(stderr, "Extensions out of order!\n"); + for(i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++) + printf("%d : %s\n", (*tmp)->ext_nid, OBJ_nid2sn((*tmp)->ext_nid)); + return 1; + } else { + printf("PASS\n"); + return 0; + } +#else + /* TODO(davidben): Fix this test in the shared library build. */ + printf("PASS\n"); + return 0; +#endif +} diff --git a/src/crypto/x509v3/v3_akey.c b/src/crypto/x509v3/v3_akey.c index 9578a57..f6e6b69 100644 --- a/src/crypto/x509v3/v3_akey.c +++ b/src/crypto/x509v3/v3_akey.c @@ -144,7 +144,7 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, } else { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_OPTION); + OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_KEYID, X509V3_R_UNKNOWN_OPTION); ERR_add_error_data(2, "name=", cnf->name); return NULL; } @@ -154,7 +154,7 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, { if(ctx && (ctx->flags==CTX_TEST)) return AUTHORITY_KEYID_new(); - OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_ISSUER_CERTIFICATE); + OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_KEYID, X509V3_R_NO_ISSUER_CERTIFICATE); return NULL; } @@ -167,7 +167,7 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, ikeyid = X509V3_EXT_d2i(ext); if(keyid==2 && !ikeyid) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNABLE_TO_GET_ISSUER_KEYID); + OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_KEYID, X509V3_R_UNABLE_TO_GET_ISSUER_KEYID); return NULL; } } @@ -178,7 +178,7 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, serial = M_ASN1_INTEGER_dup(X509_get_serialNumber(cert)); if(!isname || !serial) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS); + OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_KEYID, X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS); goto err; } } @@ -191,7 +191,7 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, || !(gen = GENERAL_NAME_new()) || !sk_GENERAL_NAME_push(gens, gen)) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_KEYID, ERR_R_MALLOC_FAILURE); goto err; } gen->type = GEN_DIRNAME; diff --git a/src/crypto/x509v3/v3_alt.c b/src/crypto/x509v3/v3_alt.c index e639f45..f547316 100644 --- a/src/crypto/x509v3/v3_alt.c +++ b/src/crypto/x509v3/v3_alt.c @@ -250,7 +250,7 @@ static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method, CONF_VALUE *cnf; size_t i; if(!(gens = sk_GENERAL_NAME_new_null())) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, v2i_issuer_alt, ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { @@ -282,21 +282,21 @@ static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens) size_t j; if(ctx && (ctx->flags == CTX_TEST)) return 1; if(!ctx || !ctx->issuer_cert) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_ISSUER_DETAILS); + OPENSSL_PUT_ERROR(X509V3, copy_issuer, X509V3_R_NO_ISSUER_DETAILS); goto err; } i = X509_get_ext_by_NID(ctx->issuer_cert, NID_subject_alt_name, -1); if(i < 0) return 1; if(!(ext = X509_get_ext(ctx->issuer_cert, i)) || !(ialt = X509V3_EXT_d2i(ext)) ) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_ISSUER_DECODE_ERROR); + OPENSSL_PUT_ERROR(X509V3, copy_issuer, X509V3_R_ISSUER_DECODE_ERROR); goto err; } for(j = 0; j < sk_GENERAL_NAME_num(ialt); j++) { gen = sk_GENERAL_NAME_value(ialt, j); if(!sk_GENERAL_NAME_push(gens, gen)) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, copy_issuer, ERR_R_MALLOC_FAILURE); goto err; } } @@ -316,7 +316,7 @@ static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method, CONF_VALUE *cnf; size_t i; if(!(gens = sk_GENERAL_NAME_new_null())) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, v2i_subject_alt, ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { @@ -354,7 +354,7 @@ static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p) if(ctx != NULL && ctx->flags == CTX_TEST) return 1; if(!ctx || (!ctx->subject_cert && !ctx->subject_req)) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_SUBJECT_DETAILS); + OPENSSL_PUT_ERROR(X509V3, copy_email, X509V3_R_NO_SUBJECT_DETAILS); goto err; } /* Find the subject name */ @@ -374,14 +374,14 @@ static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p) i--; } if(!email || !(gen = GENERAL_NAME_new())) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, copy_email, ERR_R_MALLOC_FAILURE); goto err; } gen->d.ia5 = email; email = NULL; gen->type = GEN_EMAIL; if(!sk_GENERAL_NAME_push(gens, gen)) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, copy_email, ERR_R_MALLOC_FAILURE); goto err; } gen = NULL; @@ -405,7 +405,7 @@ GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method, CONF_VALUE *cnf; size_t i; if(!(gens = sk_GENERAL_NAME_new_null())) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, v2i_GENERAL_NAMES, ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { @@ -434,7 +434,7 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, if(!value) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_MISSING_VALUE); + OPENSSL_PUT_ERROR(X509V3, a2i_GENERAL_NAME, X509V3_R_MISSING_VALUE); return NULL; } @@ -445,7 +445,7 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, gen = GENERAL_NAME_new(); if(gen == NULL) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, a2i_GENERAL_NAME, ERR_R_MALLOC_FAILURE); return NULL; } } @@ -463,7 +463,7 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, ASN1_OBJECT *obj; if(!(obj = OBJ_txt2obj(value,0))) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_BAD_OBJECT); + OPENSSL_PUT_ERROR(X509V3, a2i_GENERAL_NAME, X509V3_R_BAD_OBJECT); ERR_add_error_data(2, "value=", value); goto err; } @@ -478,7 +478,7 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, gen->d.ip = a2i_IPADDRESS(value); if(gen->d.ip == NULL) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_BAD_IP_ADDRESS); + OPENSSL_PUT_ERROR(X509V3, a2i_GENERAL_NAME, X509V3_R_BAD_IP_ADDRESS); ERR_add_error_data(2, "value=", value); goto err; } @@ -487,7 +487,7 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, case GEN_DIRNAME: if (!do_dirname(gen, value, ctx)) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_DIRNAME_ERROR); + OPENSSL_PUT_ERROR(X509V3, a2i_GENERAL_NAME, X509V3_R_DIRNAME_ERROR); goto err; } break; @@ -495,12 +495,12 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, case GEN_OTHERNAME: if (!do_othername(gen, value, ctx)) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_OTHERNAME_ERROR); + OPENSSL_PUT_ERROR(X509V3, a2i_GENERAL_NAME, X509V3_R_OTHERNAME_ERROR); goto err; } break; default: - OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNSUPPORTED_TYPE); + OPENSSL_PUT_ERROR(X509V3, a2i_GENERAL_NAME, X509V3_R_UNSUPPORTED_TYPE); goto err; } @@ -510,7 +510,7 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value, strlen(value))) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, a2i_GENERAL_NAME, ERR_R_MALLOC_FAILURE); goto err; } } @@ -538,7 +538,7 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, if(!value) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_MISSING_VALUE); + OPENSSL_PUT_ERROR(X509V3, v2i_GENERAL_NAME_ex, X509V3_R_MISSING_VALUE); return NULL; } @@ -558,7 +558,7 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, type = GEN_OTHERNAME; else { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNSUPPORTED_OPTION); + OPENSSL_PUT_ERROR(X509V3, v2i_GENERAL_NAME_ex, X509V3_R_UNSUPPORTED_OPTION); ERR_add_error_data(2, "name=", name); return NULL; } @@ -604,7 +604,7 @@ static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx) sk = X509V3_get_section(ctx, value); if (!sk) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_SECTION_NOT_FOUND); + OPENSSL_PUT_ERROR(X509V3, do_dirname, X509V3_R_SECTION_NOT_FOUND); ERR_add_error_data(2, "section=", value); X509_NAME_free(nm); return 0; diff --git a/src/crypto/x509v3/v3_bcons.c b/src/crypto/x509v3/v3_bcons.c index 73ef21e..a1381b4 100644 --- a/src/crypto/x509v3/v3_bcons.c +++ b/src/crypto/x509v3/v3_bcons.c @@ -103,7 +103,7 @@ static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, CONF_VALUE *val; size_t i; if(!(bcons = BASIC_CONSTRAINTS_new())) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, v2i_BASIC_CONSTRAINTS, ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(values); i++) { @@ -113,7 +113,7 @@ static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, } else if(!strcmp(val->name, "pathlen")) { if(!X509V3_get_value_int(val, &bcons->pathlen)) goto err; } else { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NAME); + OPENSSL_PUT_ERROR(X509V3, v2i_BASIC_CONSTRAINTS, X509V3_R_INVALID_NAME); X509V3_conf_err(val); goto err; } diff --git a/src/crypto/x509v3/v3_bitst.c b/src/crypto/x509v3/v3_bitst.c index e1e2087..15e9859 100644 --- a/src/crypto/x509v3/v3_bitst.c +++ b/src/crypto/x509v3/v3_bitst.c @@ -112,7 +112,7 @@ ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, size_t i; const BIT_STRING_BITNAME *bnam; if(!(bs = M_ASN1_BIT_STRING_new())) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, v2i_ASN1_BIT_STRING, ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { @@ -121,7 +121,7 @@ ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, if(!strcmp(bnam->sname, val->name) || !strcmp(bnam->lname, val->name) ) { if(!ASN1_BIT_STRING_set_bit(bs, bnam->bitnum, 1)) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, v2i_ASN1_BIT_STRING, ERR_R_MALLOC_FAILURE); M_ASN1_BIT_STRING_free(bs); return NULL; } @@ -129,7 +129,7 @@ ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, } } if(!bnam->lname) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT); + OPENSSL_PUT_ERROR(X509V3, v2i_ASN1_BIT_STRING, X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT); X509V3_conf_err(val); M_ASN1_BIT_STRING_free(bs); return NULL; diff --git a/src/crypto/x509v3/v3_conf.c b/src/crypto/x509v3/v3_conf.c index fe71566..cb6569f 100644 --- a/src/crypto/x509v3/v3_conf.c +++ b/src/crypto/x509v3/v3_conf.c @@ -92,7 +92,7 @@ X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name, ret = do_ext_nconf(conf, ctx, OBJ_sn2nid(name), crit, value); if (!ret) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_ERROR_IN_EXTENSION); + OPENSSL_PUT_ERROR(X509V3, X509V3_EXT_nconf, X509V3_R_ERROR_IN_EXTENSION); ERR_add_error_data(4,"name=", name, ", value=", value); } return ret; @@ -123,12 +123,12 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, void *ext_struc; if (ext_nid == NID_undef) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_EXTENSION_NAME); + OPENSSL_PUT_ERROR(X509V3, do_ext_nconf, X509V3_R_UNKNOWN_EXTENSION_NAME); return NULL; } if (!(method = X509V3_EXT_get_nid(ext_nid))) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_EXTENSION); + OPENSSL_PUT_ERROR(X509V3, do_ext_nconf, X509V3_R_UNKNOWN_EXTENSION); return NULL; } /* Now get internal extension representation based on type */ @@ -138,7 +138,7 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, else nval = X509V3_parse_list(value); if(sk_CONF_VALUE_num(nval) <= 0) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_EXTENSION_STRING); + OPENSSL_PUT_ERROR(X509V3, do_ext_nconf, X509V3_R_INVALID_EXTENSION_STRING); ERR_add_error_data(4, "name=", OBJ_nid2sn(ext_nid), ",section=", value); return NULL; } @@ -155,14 +155,14 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, { if(!ctx->db || !ctx->db_meth) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_CONFIG_DATABASE); + OPENSSL_PUT_ERROR(X509V3, do_ext_nconf, X509V3_R_NO_CONFIG_DATABASE); return NULL; } if(!(ext_struc = method->r2i(method, ctx, value))) return NULL; } else { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(X509V3, do_ext_nconf, X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED); ERR_add_error_data(2, "name=", OBJ_nid2sn(ext_nid)); return NULL; } @@ -207,7 +207,7 @@ static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method, int ext_nid, return ext; merr: - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, do_ext_i2d, ERR_R_MALLOC_FAILURE); return NULL; } @@ -218,7 +218,7 @@ X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc) { const X509V3_EXT_METHOD *method; if (!(method = X509V3_EXT_get_nid(ext_nid))) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_EXTENSION); + OPENSSL_PUT_ERROR(X509V3, X509V3_EXT_i2d, X509V3_R_UNKNOWN_EXTENSION); return NULL; } return do_ext_i2d(method, ext_nid, crit, ext_struc); @@ -271,7 +271,7 @@ static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, X509_EXTENSION *extension=NULL; if (!(obj = OBJ_txt2obj(ext, 0))) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_EXTENSION_NAME_ERROR); + OPENSSL_PUT_ERROR(X509V3, v3_generic_extension, X509V3_R_EXTENSION_NAME_ERROR); ERR_add_error_data(2, "name=", ext); goto err; } @@ -283,14 +283,14 @@ static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, if (ext_der == NULL) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_EXTENSION_VALUE_ERROR); + OPENSSL_PUT_ERROR(X509V3, v3_generic_extension, X509V3_R_EXTENSION_VALUE_ERROR); ERR_add_error_data(2, "value=", value); goto err; } if (!(oct = M_ASN1_OCTET_STRING_new())) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, v3_generic_extension, ERR_R_MALLOC_FAILURE); goto err; } @@ -389,7 +389,7 @@ char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section) { if(!ctx->db || !ctx->db_meth || !ctx->db_meth->get_string) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_OPERATION_NOT_DEFINED); + OPENSSL_PUT_ERROR(X509V3, X509V3_get_string, X509V3_R_OPERATION_NOT_DEFINED); return NULL; } if (ctx->db_meth->get_string) @@ -401,7 +401,7 @@ STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section) { if(!ctx->db || !ctx->db_meth || !ctx->db_meth->get_section) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_OPERATION_NOT_DEFINED); + OPENSSL_PUT_ERROR(X509V3, X509V3_get_section, X509V3_R_OPERATION_NOT_DEFINED); return NULL; } if (ctx->db_meth->get_section) diff --git a/src/crypto/x509v3/v3_cpols.c b/src/crypto/x509v3/v3_cpols.c index 0b58676..cbe596b 100644 --- a/src/crypto/x509v3/v3_cpols.c +++ b/src/crypto/x509v3/v3_cpols.c @@ -146,19 +146,19 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, int ia5org; pols = sk_POLICYINFO_new_null(); if (pols == NULL) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, r2i_certpol, ERR_R_MALLOC_FAILURE); return NULL; } vals = X509V3_parse_list(value); if (vals == NULL) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_X509V3_LIB); + OPENSSL_PUT_ERROR(X509V3, r2i_certpol, ERR_R_X509V3_LIB); goto err; } ia5org = 0; for(i = 0; i < sk_CONF_VALUE_num(vals); i++) { cnf = sk_CONF_VALUE_value(vals, i); if(cnf->value || !cnf->name ) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_POLICY_IDENTIFIER); + OPENSSL_PUT_ERROR(X509V3, r2i_certpol, X509V3_R_INVALID_POLICY_IDENTIFIER); X509V3_conf_err(cnf); goto err; } @@ -170,7 +170,7 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, STACK_OF(CONF_VALUE) *polsect; polsect = X509V3_get_section(ctx, pstr + 1); if(!polsect) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_SECTION); + OPENSSL_PUT_ERROR(X509V3, r2i_certpol, X509V3_R_INVALID_SECTION); X509V3_conf_err(cnf); goto err; @@ -180,7 +180,7 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, if(!pol) goto err; } else { if(!(pobj = OBJ_txt2obj(cnf->name, 0))) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OBJECT_IDENTIFIER); + OPENSSL_PUT_ERROR(X509V3, r2i_certpol, X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(cnf); goto err; } @@ -189,7 +189,7 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, } if (!sk_POLICYINFO_push(pols, pol)){ POLICYINFO_free(pol); - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, r2i_certpol, ERR_R_MALLOC_FAILURE); goto err; } } @@ -214,7 +214,7 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx, if(!strcmp(cnf->name, "policyIdentifier")) { ASN1_OBJECT *pobj; if(!(pobj = OBJ_txt2obj(cnf->value, 0))) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OBJECT_IDENTIFIER); + OPENSSL_PUT_ERROR(X509V3, policy_section, X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(cnf); goto err; } @@ -229,7 +229,7 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx, /* TODO(fork): const correctness */ qual->pqualid = (ASN1_OBJECT*) OBJ_nid2obj(NID_id_qt_cps); if (qual->pqualid == NULL) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(X509V3, policy_section, ERR_R_INTERNAL_ERROR); goto err; } qual->d.cpsuri = M_ASN1_IA5STRING_new(); @@ -241,13 +241,13 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx, } else if(!name_cmp(cnf->name, "userNotice")) { STACK_OF(CONF_VALUE) *unot; if(*cnf->value != '@') { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_EXPECTED_A_SECTION_NAME); + OPENSSL_PUT_ERROR(X509V3, policy_section, X509V3_R_EXPECTED_A_SECTION_NAME); X509V3_conf_err(cnf); goto err; } unot = X509V3_get_section(ctx, cnf->value + 1); if(!unot) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_SECTION); + OPENSSL_PUT_ERROR(X509V3, policy_section, X509V3_R_INVALID_SECTION); X509V3_conf_err(cnf); goto err; @@ -260,21 +260,21 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx, if(!sk_POLICYQUALINFO_push(pol->qualifiers, qual)) goto merr; } else { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OPTION); + OPENSSL_PUT_ERROR(X509V3, policy_section, X509V3_R_INVALID_OPTION); X509V3_conf_err(cnf); goto err; } } if(!pol->policyid) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_POLICY_IDENTIFIER); + OPENSSL_PUT_ERROR(X509V3, policy_section, X509V3_R_NO_POLICY_IDENTIFIER); goto err; } return pol; merr: - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, policy_section, ERR_R_MALLOC_FAILURE); err: POLICYINFO_free(pol); @@ -296,7 +296,7 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, qual->pqualid = (ASN1_OBJECT *) OBJ_nid2obj(NID_id_qt_unotice); if (qual->pqualid == NULL) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(X509V3, notice_section, ERR_R_INTERNAL_ERROR); goto err; } if(!(not = USERNOTICE_new())) goto merr; @@ -328,7 +328,7 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, } else nref = not->noticeref; nos = X509V3_parse_list(cnf->value); if(!nos || !sk_CONF_VALUE_num(nos)) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NUMBERS); + OPENSSL_PUT_ERROR(X509V3, notice_section, X509V3_R_INVALID_NUMBERS); X509V3_conf_err(cnf); goto err; } @@ -337,7 +337,7 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, if (!ret) goto err; } else { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OPTION); + OPENSSL_PUT_ERROR(X509V3, notice_section, X509V3_R_INVALID_OPTION); X509V3_conf_err(cnf); goto err; } @@ -345,14 +345,14 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, if(not->noticeref && (!not->noticeref->noticenos || !not->noticeref->organization)) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_NEED_ORGANIZATION_AND_NUMBERS); + OPENSSL_PUT_ERROR(X509V3, notice_section, X509V3_R_NEED_ORGANIZATION_AND_NUMBERS); goto err; } return qual; merr: - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, notice_section, ERR_R_MALLOC_FAILURE); err: POLICYQUALINFO_free(qual); @@ -369,7 +369,7 @@ static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos) for(i = 0; i < sk_CONF_VALUE_num(nos); i++) { cnf = sk_CONF_VALUE_value(nos, i); if(!(aint = s2i_ASN1_INTEGER(NULL, cnf->name))) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NUMBER); + OPENSSL_PUT_ERROR(X509V3, nref_nos, X509V3_R_INVALID_NUMBER); goto err; } if(!sk_ASN1_INTEGER_push(nnums, aint)) goto merr; @@ -377,7 +377,7 @@ static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos) return 1; merr: - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, nref_nos, ERR_R_MALLOC_FAILURE); err: sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free); diff --git a/src/crypto/x509v3/v3_crld.c b/src/crypto/x509v3/v3_crld.c index 3984c31..e41dd65 100644 --- a/src/crypto/x509v3/v3_crld.c +++ b/src/crypto/x509v3/v3_crld.c @@ -103,7 +103,7 @@ static STACK_OF(GENERAL_NAME) *gnames_from_sectname(X509V3_CTX *ctx, char *sect) gnsect = X509V3_parse_list(sect); if (!gnsect) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_SECTION_NOT_FOUND); + OPENSSL_PUT_ERROR(X509V3, gnames_from_sectname, X509V3_R_SECTION_NOT_FOUND); return NULL; } gens = v2i_GENERAL_NAMES(NULL, ctx, gnsect); @@ -136,7 +136,7 @@ static int set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, dnsect = X509V3_get_section(ctx, cnf->value); if (!dnsect) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_SECTION_NOT_FOUND); + OPENSSL_PUT_ERROR(X509V3, set_dist_point_name, X509V3_R_SECTION_NOT_FOUND); return -1; } ret = X509V3_NAME_from_section(nm, dnsect, MBSTRING_ASC); @@ -152,7 +152,7 @@ static int set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, if (sk_X509_NAME_ENTRY_value(rnm, sk_X509_NAME_ENTRY_num(rnm) - 1)->set) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_MULTIPLE_RDNS); + OPENSSL_PUT_ERROR(X509V3, set_dist_point_name, X509V3_R_INVALID_MULTIPLE_RDNS); goto err; } } @@ -161,7 +161,7 @@ static int set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, if (*pdp) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_DISTPOINT_ALREADY_SET); + OPENSSL_PUT_ERROR(X509V3, set_dist_point_name, X509V3_R_DISTPOINT_ALREADY_SET); goto err; } @@ -362,7 +362,7 @@ static void *v2i_crld(const X509V3_EXT_METHOD *method, return crld; merr: - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, v2i_crld, ERR_R_MALLOC_FAILURE); err: GENERAL_NAME_free(gen); GENERAL_NAMES_free(gens); @@ -490,7 +490,7 @@ static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, } else { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NAME); + OPENSSL_PUT_ERROR(X509V3, v2i_idp, X509V3_R_INVALID_NAME); X509V3_conf_err(cnf); goto err; } @@ -498,7 +498,7 @@ static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, return idp; merr: - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, v2i_idp, ERR_R_MALLOC_FAILURE); err: ISSUING_DIST_POINT_free(idp); return NULL; diff --git a/src/crypto/x509v3/v3_extku.c b/src/crypto/x509v3/v3_extku.c index d64eb9c..f4b8af8 100644 --- a/src/crypto/x509v3/v3_extku.c +++ b/src/crypto/x509v3/v3_extku.c @@ -125,7 +125,7 @@ static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, size_t i; if(!(extku = sk_ASN1_OBJECT_new_null())) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, v2i_EXTENDED_KEY_USAGE, ERR_R_MALLOC_FAILURE); return NULL; } @@ -135,7 +135,7 @@ static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, else extval = val->name; if(!(objtmp = OBJ_txt2obj(extval, 0))) { sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free); - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OBJECT_IDENTIFIER); + OPENSSL_PUT_ERROR(X509V3, v2i_EXTENDED_KEY_USAGE, X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(val); return NULL; } diff --git a/src/crypto/x509v3/v3_ia5.c b/src/crypto/x509v3/v3_ia5.c index 5a27233..ec57e9b 100644 --- a/src/crypto/x509v3/v3_ia5.c +++ b/src/crypto/x509v3/v3_ia5.c @@ -87,7 +87,7 @@ static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, char *tmp; if(!ia5 || !ia5->length) return NULL; if(!(tmp = OPENSSL_malloc(ia5->length + 1))) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, i2s_ASN1_IA5STRING, ERR_R_MALLOC_FAILURE); return NULL; } memcpy(tmp, ia5->data, ia5->length); @@ -100,7 +100,7 @@ static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, { ASN1_IA5STRING *ia5; if(!str) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_ARGUMENT); + OPENSSL_PUT_ERROR(X509V3, s2i_ASN1_IA5STRING, X509V3_R_INVALID_NULL_ARGUMENT); return NULL; } if(!(ia5 = M_ASN1_IA5STRING_new())) goto err; @@ -111,7 +111,7 @@ static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, } return ia5; err: - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, s2i_ASN1_IA5STRING, ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/src/crypto/x509v3/v3_info.c b/src/crypto/x509v3/v3_info.c index 475c56f..7558b2d 100644 --- a/src/crypto/x509v3/v3_info.c +++ b/src/crypto/x509v3/v3_info.c @@ -124,7 +124,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method nlen = strlen(objtmp) + strlen(vtmp->name) + 5; ntmp = OPENSSL_malloc(nlen); if(!ntmp) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, i2v_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE); return NULL; } BUF_strlcpy(ntmp, objtmp, nlen); @@ -148,19 +148,19 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *metho int objlen; char *objtmp, *ptmp; if(!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { cnf = sk_CONF_VALUE_value(nval, i); if(!(acc = ACCESS_DESCRIPTION_new()) || !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE); goto err; } ptmp = strchr(cnf->name, ';'); if(!ptmp) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_SYNTAX); + OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_INFO_ACCESS, X509V3_R_INVALID_SYNTAX); goto err; } objlen = ptmp - cnf->name; @@ -169,14 +169,14 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *metho if(!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0)) goto err; if(!(objtmp = OPENSSL_malloc(objlen + 1))) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE); goto err; } strncpy(objtmp, cnf->name, objlen); objtmp[objlen] = 0; acc->method = OBJ_txt2obj(objtmp, 0); if(!acc->method) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_BAD_OBJECT); + OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_INFO_ACCESS, X509V3_R_BAD_OBJECT); ERR_add_error_data(2, "value=", objtmp); OPENSSL_free(objtmp); goto err; diff --git a/src/crypto/x509v3/v3_lib.c b/src/crypto/x509v3/v3_lib.c index f8e5531..d4e4e78 100644 --- a/src/crypto/x509v3/v3_lib.c +++ b/src/crypto/x509v3/v3_lib.c @@ -78,12 +78,12 @@ static int ext_stack_cmp(const X509V3_EXT_METHOD **a, const X509V3_EXT_METHOD ** int X509V3_EXT_add(X509V3_EXT_METHOD *ext) { if(!ext_list && !(ext_list = sk_X509V3_EXT_METHOD_new(ext_stack_cmp))) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, X509V3_EXT_add, ERR_R_MALLOC_FAILURE); ext_list_free(ext); return 0; } if(!sk_X509V3_EXT_METHOD_push(ext_list, ext)) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, X509V3_EXT_add, ERR_R_MALLOC_FAILURE); ext_list_free(ext); return 0; } @@ -127,7 +127,7 @@ int X509V3_EXT_free(int nid, void *ext_data) const X509V3_EXT_METHOD *ext_method = X509V3_EXT_get_nid(nid); if (ext_method == NULL) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_CANNOT_FIND_FREE_FUNCTION); + OPENSSL_PUT_ERROR(X509V3, X509V3_EXT_free, X509V3_R_CANNOT_FIND_FREE_FUNCTION); return 0; } @@ -137,7 +137,7 @@ int X509V3_EXT_free(int nid, void *ext_data) ext_method->ext_free(ext_data); else { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_CANNOT_FIND_FREE_FUNCTION); + OPENSSL_PUT_ERROR(X509V3, X509V3_EXT_free, X509V3_R_CANNOT_FIND_FREE_FUNCTION); return 0; } @@ -157,11 +157,11 @@ int X509V3_EXT_add_alias(int nid_to, int nid_from) X509V3_EXT_METHOD *tmpext; if(!(ext = X509V3_EXT_get_nid(nid_from))) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_EXTENSION_NOT_FOUND); + OPENSSL_PUT_ERROR(X509V3, X509V3_EXT_add_alias, X509V3_R_EXTENSION_NOT_FOUND); return 0; } if(!(tmpext = (X509V3_EXT_METHOD *)OPENSSL_malloc(sizeof(X509V3_EXT_METHOD)))) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, X509V3_EXT_add_alias, ERR_R_MALLOC_FAILURE); return 0; } *tmpext = *ext; @@ -311,7 +311,7 @@ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, ext = X509V3_EXT_i2d(nid, crit, value); if(!ext) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_ERROR_CREATING_EXTENSION); + OPENSSL_PUT_ERROR(X509V3, X509V3_add1_i2d, X509V3_R_ERROR_CREATING_EXTENSION); return 0; } @@ -330,6 +330,6 @@ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, err: if(!(flags & X509V3_ADD_SILENT)) - OPENSSL_PUT_ERROR(X509V3, errcode); + OPENSSL_PUT_ERROR(X509V3, X509V3_add1_i2d, errcode); return 0; } diff --git a/src/crypto/x509v3/v3_ncons.c b/src/crypto/x509v3/v3_ncons.c index 19f5e94..c42a665 100644 --- a/src/crypto/x509v3/v3_ncons.c +++ b/src/crypto/x509v3/v3_ncons.c @@ -135,7 +135,7 @@ static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, } else { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_SYNTAX); + OPENSSL_PUT_ERROR(X509V3, v2i_NAME_CONSTRAINTS, X509V3_R_INVALID_SYNTAX); goto err; } tval.value = val->value; @@ -152,7 +152,7 @@ static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, return ncons; memerr: - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, v2i_NAME_CONSTRAINTS, ERR_R_MALLOC_FAILURE); err: if (ncons) NAME_CONSTRAINTS_free(ncons); diff --git a/src/crypto/x509v3/v3_pci.c b/src/crypto/x509v3/v3_pci.c index f19a37a..aa93891 100644 --- a/src/crypto/x509v3/v3_pci.c +++ b/src/crypto/x509v3/v3_pci.c @@ -87,13 +87,13 @@ static int process_pci_value(CONF_VALUE *val, { if (*language) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED); + OPENSSL_PUT_ERROR(X509V3, process_pci_value, X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED); X509V3_conf_err(val); return 0; } if (!(*language = OBJ_txt2obj(val->value, 0))) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OBJECT_IDENTIFIER); + OPENSSL_PUT_ERROR(X509V3, process_pci_value, X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(val); return 0; } @@ -102,13 +102,13 @@ static int process_pci_value(CONF_VALUE *val, { if (*pathlen) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED); + OPENSSL_PUT_ERROR(X509V3, process_pci_value, X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED); X509V3_conf_err(val); return 0; } if (!X509V3_get_value_int(val, pathlen)) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_POLICY_PATH_LENGTH); + OPENSSL_PUT_ERROR(X509V3, process_pci_value, X509V3_R_POLICY_PATH_LENGTH); X509V3_conf_err(val); return 0; } @@ -122,7 +122,7 @@ static int process_pci_value(CONF_VALUE *val, *policy = ASN1_OCTET_STRING_new(); if (!*policy) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, process_pci_value, ERR_R_MALLOC_FAILURE); X509V3_conf_err(val); return 0; } @@ -135,7 +135,7 @@ static int process_pci_value(CONF_VALUE *val, if (!tmp_data2) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_ILLEGAL_HEX_DIGIT); + OPENSSL_PUT_ERROR(X509V3, process_pci_value, X509V3_R_ILLEGAL_HEX_DIGIT); X509V3_conf_err(val); goto err; } @@ -156,7 +156,7 @@ static int process_pci_value(CONF_VALUE *val, /* realloc failure implies the original data space is b0rked too! */ (*policy)->data = NULL; (*policy)->length = 0; - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, process_pci_value, ERR_R_MALLOC_FAILURE); X509V3_conf_err(val); goto err; } @@ -169,7 +169,7 @@ static int process_pci_value(CONF_VALUE *val, BIO *b = BIO_new_file(val->value + 5, "r"); if (!b) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_BIO_LIB); + OPENSSL_PUT_ERROR(X509V3, process_pci_value, ERR_R_BIO_LIB); X509V3_conf_err(val); goto err; } @@ -194,7 +194,7 @@ static int process_pci_value(CONF_VALUE *val, if (n < 0) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_BIO_LIB); + OPENSSL_PUT_ERROR(X509V3, process_pci_value, ERR_R_BIO_LIB); X509V3_conf_err(val); goto err; } @@ -217,20 +217,20 @@ static int process_pci_value(CONF_VALUE *val, /* realloc failure implies the original data space is b0rked too! */ (*policy)->data = NULL; (*policy)->length = 0; - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, process_pci_value, ERR_R_MALLOC_FAILURE); X509V3_conf_err(val); goto err; } } else { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INCORRECT_POLICY_SYNTAX_TAG); + OPENSSL_PUT_ERROR(X509V3, process_pci_value, X509V3_R_INCORRECT_POLICY_SYNTAX_TAG); X509V3_conf_err(val); goto err; } if (!tmp_data) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, process_pci_value, ERR_R_MALLOC_FAILURE); X509V3_conf_err(val); goto err; } @@ -262,7 +262,7 @@ static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method, CONF_VALUE *cnf = sk_CONF_VALUE_value(vals, i); if (!cnf->name || (*cnf->name != '@' && !cnf->value)) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_PROXY_POLICY_SETTING); + OPENSSL_PUT_ERROR(X509V3, r2i_pci, X509V3_R_INVALID_PROXY_POLICY_SETTING); X509V3_conf_err(cnf); goto err; } @@ -274,7 +274,7 @@ static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method, sect = X509V3_get_section(ctx, cnf->name + 1); if (!sect) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_SECTION); + OPENSSL_PUT_ERROR(X509V3, r2i_pci, X509V3_R_INVALID_SECTION); X509V3_conf_err(cnf); goto err; } @@ -302,21 +302,20 @@ static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method, /* Language is mandatory */ if (!language) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED); + OPENSSL_PUT_ERROR(X509V3, r2i_pci, X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED); goto err; } nid = OBJ_obj2nid(language); if ((nid == NID_Independent || nid == NID_id_ppl_inheritAll) && policy) { - OPENSSL_PUT_ERROR(X509V3, - X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY); + OPENSSL_PUT_ERROR(X509V3, r2i_pci, X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY); goto err; } pci = PROXY_CERT_INFO_EXTENSION_new(); if (!pci) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, r2i_pci, ERR_R_MALLOC_FAILURE); goto err; } diff --git a/src/crypto/x509v3/v3_pcons.c b/src/crypto/x509v3/v3_pcons.c index b752290..f87c6a0 100644 --- a/src/crypto/x509v3/v3_pcons.c +++ b/src/crypto/x509v3/v3_pcons.c @@ -112,7 +112,7 @@ static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method, CONF_VALUE *val; size_t i; if(!(pcons = POLICY_CONSTRAINTS_new())) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, v2i_POLICY_CONSTRAINTS, ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(values); i++) { @@ -124,13 +124,13 @@ static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method, if(!X509V3_get_value_int(val, &pcons->inhibitPolicyMapping)) goto err; } else { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NAME); + OPENSSL_PUT_ERROR(X509V3, v2i_POLICY_CONSTRAINTS, X509V3_R_INVALID_NAME); X509V3_conf_err(val); goto err; } } if (!pcons->inhibitPolicyMapping && !pcons->requireExplicitPolicy) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_ILLEGAL_EMPTY_EXTENSION); + OPENSSL_PUT_ERROR(X509V3, v2i_POLICY_CONSTRAINTS, X509V3_R_ILLEGAL_EMPTY_EXTENSION); goto err; } diff --git a/src/crypto/x509v3/v3_pmaps.c b/src/crypto/x509v3/v3_pmaps.c index 5b90977..fbc169d 100644 --- a/src/crypto/x509v3/v3_pmaps.c +++ b/src/crypto/x509v3/v3_pmaps.c @@ -122,7 +122,7 @@ static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, size_t i; if(!(pmaps = sk_POLICY_MAPPING_new_null())) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, v2i_POLICY_MAPPINGS, ERR_R_MALLOC_FAILURE); return NULL; } @@ -130,7 +130,7 @@ static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, val = sk_CONF_VALUE_value(nval, i); if(!val->value || !val->name) { sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OBJECT_IDENTIFIER); + OPENSSL_PUT_ERROR(X509V3, v2i_POLICY_MAPPINGS, X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(val); return NULL; } @@ -138,14 +138,14 @@ static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, obj2 = OBJ_txt2obj(val->value, 0); if(!obj1 || !obj2) { sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OBJECT_IDENTIFIER); + OPENSSL_PUT_ERROR(X509V3, v2i_POLICY_MAPPINGS, X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(val); return NULL; } pmap = POLICY_MAPPING_new(); if (!pmap) { sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, v2i_POLICY_MAPPINGS, ERR_R_MALLOC_FAILURE); return NULL; } pmap->issuerDomainPolicy = obj1; diff --git a/src/crypto/x509v3/v3_purp.c b/src/crypto/x509v3/v3_purp.c index f53c0f1..8ae8a06 100644 --- a/src/crypto/x509v3/v3_purp.c +++ b/src/crypto/x509v3/v3_purp.c @@ -128,7 +128,7 @@ int X509_check_purpose(X509 *x, int id, int ca) int X509_PURPOSE_set(int *p, int purpose) { if(X509_PURPOSE_get_by_id(purpose) == -1) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_PURPOSE); + OPENSSL_PUT_ERROR(X509V3, X509_PURPOSE_set, X509V3_R_INVALID_PURPOSE); return 0; } *p = purpose; @@ -191,7 +191,7 @@ int X509_PURPOSE_add(int id, int trust, int flags, /* Need a new entry */ if(idx == -1) { if(!(ptmp = OPENSSL_malloc(sizeof(X509_PURPOSE)))) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, X509_PURPOSE_add, ERR_R_MALLOC_FAILURE); return 0; } ptmp->flags = X509_PURPOSE_DYNAMIC; @@ -201,7 +201,7 @@ int X509_PURPOSE_add(int id, int trust, int flags, name_dup = BUF_strdup(name); sname_dup = BUF_strdup(sname); if (name_dup == NULL || sname_dup == NULL) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, X509_PURPOSE_add, ERR_R_MALLOC_FAILURE); if (name_dup != NULL) OPENSSL_free(name_dup); if (sname_dup != NULL) @@ -232,12 +232,12 @@ int X509_PURPOSE_add(int id, int trust, int flags, /* If its a new entry manage the dynamic table */ if(idx == -1) { if(!xptable && !(xptable = sk_X509_PURPOSE_new(xp_cmp))) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, X509_PURPOSE_add, ERR_R_MALLOC_FAILURE); xptable_free(ptmp); return 0; } if (!sk_X509_PURPOSE_push(xptable, ptmp)) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, X509_PURPOSE_add, ERR_R_MALLOC_FAILURE); xptable_free(ptmp); return 0; } diff --git a/src/crypto/x509v3/v3_skey.c b/src/crypto/x509v3/v3_skey.c index e396f05..471a1ab 100644 --- a/src/crypto/x509v3/v3_skey.c +++ b/src/crypto/x509v3/v3_skey.c @@ -86,7 +86,7 @@ ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, long length; if(!(oct = M_ASN1_OCTET_STRING_new())) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, s2i_ASN1_OCTET_STRING, ERR_R_MALLOC_FAILURE); return NULL; } @@ -112,14 +112,14 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, if(strcmp(str, "hash")) return s2i_ASN1_OCTET_STRING(method, ctx, str); if(!(oct = M_ASN1_OCTET_STRING_new())) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, s2i_skey_id, ERR_R_MALLOC_FAILURE); return NULL; } if(ctx && (ctx->flags == CTX_TEST)) return oct; if(!ctx || (!ctx->subject_req && !ctx->subject_cert)) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_PUBLIC_KEY); + OPENSSL_PUT_ERROR(X509V3, s2i_skey_id, X509V3_R_NO_PUBLIC_KEY); goto err; } @@ -128,7 +128,7 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, else pk = ctx->subject_cert->cert_info->key->public_key; if(!pk) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_PUBLIC_KEY); + OPENSSL_PUT_ERROR(X509V3, s2i_skey_id, X509V3_R_NO_PUBLIC_KEY); goto err; } @@ -136,7 +136,7 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, goto err; if(!M_ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, s2i_skey_id, ERR_R_MALLOC_FAILURE); goto err; } diff --git a/src/crypto/x509v3/v3_sxnet.c b/src/crypto/x509v3/v3_sxnet.c index 4dd5bfc..bb5e214 100644 --- a/src/crypto/x509v3/v3_sxnet.c +++ b/src/crypto/x509v3/v3_sxnet.c @@ -159,7 +159,7 @@ int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, { ASN1_INTEGER *izone = NULL; if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_ERROR_CONVERTING_ZONE); + OPENSSL_PUT_ERROR(X509V3, SXNET_add_id_asc, X509V3_R_ERROR_CONVERTING_ZONE); return 0; } return SXNET_add_id_INTEGER(psx, izone, user, userlen); @@ -172,7 +172,7 @@ int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user, { ASN1_INTEGER *izone = NULL; if(!(izone = M_ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, SXNET_add_id_ulong, ERR_R_MALLOC_FAILURE); M_ASN1_INTEGER_free(izone); return 0; } @@ -191,12 +191,12 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user, SXNET *sx = NULL; SXNETID *id = NULL; if(!psx || !zone || !user) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_ARGUMENT); + OPENSSL_PUT_ERROR(X509V3, SXNET_add_id_INTEGER, X509V3_R_INVALID_NULL_ARGUMENT); return 0; } if(userlen == -1) userlen = strlen(user); if(userlen > 64) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_USER_TOO_LONG); + OPENSSL_PUT_ERROR(X509V3, SXNET_add_id_INTEGER, X509V3_R_USER_TOO_LONG); return 0; } if(!*psx) { @@ -205,7 +205,7 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user, *psx = sx; } else sx = *psx; if(SXNET_get_id_INTEGER(sx, zone)) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_DUPLICATE_ZONE_ID); + OPENSSL_PUT_ERROR(X509V3, SXNET_add_id_INTEGER, X509V3_R_DUPLICATE_ZONE_ID); return 0; } @@ -218,7 +218,7 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user, return 1; err: - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, SXNET_add_id_INTEGER, ERR_R_MALLOC_FAILURE); SXNETID_free(id); SXNET_free(sx); *psx = NULL; @@ -230,7 +230,7 @@ ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone) ASN1_INTEGER *izone = NULL; ASN1_OCTET_STRING *oct; if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_ERROR_CONVERTING_ZONE); + OPENSSL_PUT_ERROR(X509V3, SXNET_get_id_asc, X509V3_R_ERROR_CONVERTING_ZONE); return NULL; } oct = SXNET_get_id_INTEGER(sx, izone); @@ -243,7 +243,7 @@ ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone) ASN1_INTEGER *izone = NULL; ASN1_OCTET_STRING *oct; if(!(izone = M_ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, SXNET_get_id_ulong, ERR_R_MALLOC_FAILURE); M_ASN1_INTEGER_free(izone); return NULL; } diff --git a/src/crypto/x509v3/v3_utl.c b/src/crypto/x509v3/v3_utl.c index aa65c79..77fc65c 100644 --- a/src/crypto/x509v3/v3_utl.c +++ b/src/crypto/x509v3/v3_utl.c @@ -70,8 +70,6 @@ #include #include -#include "../conf/internal.h" - static char *strip_spaces(char *name); static int sk_strcmp(const OPENSSL_STRING *a, const OPENSSL_STRING *b); @@ -93,7 +91,7 @@ int X509V3_add_value(const char *name, const char *value, char *tname = NULL, *tvalue = NULL; if(name && !(tname = BUF_strdup(name))) goto err; if(value && !(tvalue = BUF_strdup(value))) goto err; - if(!(vtmp = CONF_VALUE_new())) goto err; + if(!(vtmp = (CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) goto err; if(!*extlist && !(*extlist = sk_CONF_VALUE_new_null())) goto err; vtmp->section = NULL; vtmp->name = tname; @@ -101,7 +99,7 @@ int X509V3_add_value(const char *name, const char *value, if(!sk_CONF_VALUE_push(*extlist, vtmp)) goto err; return 1; err: - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, X509V3_add_value, ERR_R_MALLOC_FAILURE); if(vtmp) OPENSSL_free(vtmp); if(tname) OPENSSL_free(tname); if(tvalue) OPENSSL_free(tvalue); @@ -147,7 +145,7 @@ char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *a) if(!a) return NULL; if(!(bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) || !(strtmp = BN_bn2dec(bntmp)) ) - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, i2s_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE); BN_free(bntmp); return strtmp; } @@ -159,7 +157,7 @@ char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, ASN1_INTEGER *a) if(!a) return NULL; if(!(bntmp = ASN1_INTEGER_to_BN(a, NULL)) || !(strtmp = BN_bn2dec(bntmp)) ) - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, i2s_ASN1_INTEGER, ERR_R_MALLOC_FAILURE); BN_free(bntmp); return strtmp; } @@ -171,7 +169,7 @@ ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value) int isneg, ishex; int ret; if (!value) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_VALUE); + OPENSSL_PUT_ERROR(X509V3, s2i_ASN1_INTEGER, X509V3_R_INVALID_NULL_VALUE); return 0; } bn = BN_new(); @@ -190,7 +188,7 @@ ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value) if (!ret || value[ret]) { BN_free(bn); - OPENSSL_PUT_ERROR(X509V3, X509V3_R_BN_DEC2BN_ERROR); + OPENSSL_PUT_ERROR(X509V3, s2i_ASN1_INTEGER, X509V3_R_BN_DEC2BN_ERROR); return 0; } @@ -199,7 +197,7 @@ ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value) aint = BN_to_ASN1_INTEGER(bn, NULL); BN_free(bn); if (!aint) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_BN_TO_ASN1_INTEGER_ERROR); + OPENSSL_PUT_ERROR(X509V3, s2i_ASN1_INTEGER, X509V3_R_BN_TO_ASN1_INTEGER_ERROR); return 0; } if (isneg) aint->type |= V_ASN1_NEG; @@ -234,7 +232,7 @@ int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool) return 1; } err: - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_BOOLEAN_STRING); + OPENSSL_PUT_ERROR(X509V3, X509V3_get_value_bool, X509V3_R_INVALID_BOOLEAN_STRING); X509V3_conf_err(value); return 0; } @@ -266,7 +264,7 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) linebuf = BUF_strdup(line); if (linebuf == NULL) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, X509V3_parse_list, ERR_R_MALLOC_FAILURE); goto err; } state = HDR_NAME; @@ -281,7 +279,7 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) *p = 0; ntmp = strip_spaces(q); if(!ntmp) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_NAME); + OPENSSL_PUT_ERROR(X509V3, X509V3_parse_list, X509V3_R_INVALID_NULL_NAME); goto err; } q = p + 1; @@ -293,7 +291,7 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) printf("%s\n", ntmp); #endif if(!ntmp) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_NAME); + OPENSSL_PUT_ERROR(X509V3, X509V3_parse_list, X509V3_R_INVALID_NULL_NAME); goto err; } X509V3_add_value(ntmp, NULL, &values); @@ -309,7 +307,7 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) printf("%s\n", ntmp); #endif if(!vtmp) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_VALUE); + OPENSSL_PUT_ERROR(X509V3, X509V3_parse_list, X509V3_R_INVALID_NULL_VALUE); goto err; } X509V3_add_value(ntmp, vtmp, &values); @@ -326,7 +324,7 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) printf("%s=%s\n", ntmp, vtmp); #endif if(!vtmp) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_VALUE); + OPENSSL_PUT_ERROR(X509V3, X509V3_parse_list, X509V3_R_INVALID_NULL_VALUE); goto err; } X509V3_add_value(ntmp, vtmp, &values); @@ -336,7 +334,7 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) printf("%s\n", ntmp); #endif if(!ntmp) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_NAME); + OPENSSL_PUT_ERROR(X509V3, X509V3_parse_list, X509V3_R_INVALID_NULL_NAME); goto err; } X509V3_add_value(ntmp, NULL, &values); @@ -381,7 +379,7 @@ char *hex_to_string(const unsigned char *buffer, long len) static const char hexdig[] = "0123456789ABCDEF"; if(!buffer || !len) return NULL; if(!(tmp = OPENSSL_malloc(len * 3 + 1))) { - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, hex_to_string, ERR_R_MALLOC_FAILURE); return NULL; } q = tmp; @@ -404,7 +402,7 @@ unsigned char *string_to_hex(const char *str, long *len) unsigned char *hexbuf, *q; unsigned char ch, cl, *p; if(!str) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_ARGUMENT); + OPENSSL_PUT_ERROR(X509V3, string_to_hex, X509V3_R_INVALID_NULL_ARGUMENT); return NULL; } if(!(hexbuf = OPENSSL_malloc(strlen(str) >> 1))) goto err; @@ -413,7 +411,7 @@ unsigned char *string_to_hex(const char *str, long *len) if(ch == ':') continue; cl = *p++; if(!cl) { - OPENSSL_PUT_ERROR(X509V3, X509V3_R_ODD_NUMBER_OF_DIGITS); + OPENSSL_PUT_ERROR(X509V3, string_to_hex, X509V3_R_ODD_NUMBER_OF_DIGITS); OPENSSL_free(hexbuf); return NULL; } @@ -437,12 +435,12 @@ unsigned char *string_to_hex(const char *str, long *len) err: if(hexbuf) OPENSSL_free(hexbuf); - OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, string_to_hex, ERR_R_MALLOC_FAILURE); return NULL; badhex: OPENSSL_free(hexbuf); - OPENSSL_PUT_ERROR(X509V3, X509V3_R_ILLEGAL_HEX_DIGIT); + OPENSSL_PUT_ERROR(X509V3, string_to_hex, X509V3_R_ILLEGAL_HEX_DIGIT); return NULL; } diff --git a/src/crypto/x509v3/v3name_test.c b/src/crypto/x509v3/v3name_test.c deleted file mode 100644 index a3197e6..0000000 --- a/src/crypto/x509v3/v3name_test.c +++ /dev/null @@ -1,422 +0,0 @@ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. */ -/* ==================================================================== - * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). */ - -#include -#include - -#include -#include -#include -#include - - -static const char *const names[] = - { - "a", "b", ".", "*", "@", - ".a", "a.", ".b", "b.", ".*", "*.", "*@", "@*", "a@", "@a", "b@", "..", - "@@", "**", "*.com", "*com", "*.*.com", "*com", "com*", "*example.com", - "*@example.com", "test@*.example.com", "example.com", "www.example.com", - "test.www.example.com", "*.example.com", "*.www.example.com", - "test.*.example.com", "www.*.com", - ".www.example.com", "*www.example.com", - "example.net", "xn--rger-koa.example.com", - "a.example.com", "b.example.com", - "postmaster@example.com", "Postmaster@example.com", - "postmaster@EXAMPLE.COM", - NULL - }; - -static const char *const exceptions[] = - { - "set CN: host: [*.example.com] matches [a.example.com]", - "set CN: host: [*.example.com] matches [b.example.com]", - "set CN: host: [*.example.com] matches [www.example.com]", - "set CN: host: [*.example.com] matches [xn--rger-koa.example.com]", - "set CN: host: [*.www.example.com] matches [test.www.example.com]", - "set CN: host: [*.www.example.com] matches [.www.example.com]", - "set CN: host: [*www.example.com] matches [www.example.com]", - "set CN: host: [test.www.example.com] matches [.www.example.com]", - "set CN: host-no-wildcards: [*.www.example.com] matches [.www.example.com]", - "set CN: host-no-wildcards: [test.www.example.com] matches [.www.example.com]", - "set emailAddress: email: [postmaster@example.com] does not match [Postmaster@example.com]", - "set emailAddress: email: [postmaster@EXAMPLE.COM] does not match [Postmaster@example.com]", - "set emailAddress: email: [Postmaster@example.com] does not match [postmaster@example.com]", - "set emailAddress: email: [Postmaster@example.com] does not match [postmaster@EXAMPLE.COM]", - "set dnsName: host: [*.example.com] matches [www.example.com]", - "set dnsName: host: [*.example.com] matches [a.example.com]", - "set dnsName: host: [*.example.com] matches [b.example.com]", - "set dnsName: host: [*.example.com] matches [xn--rger-koa.example.com]", - "set dnsName: host: [*.www.example.com] matches [test.www.example.com]", - "set dnsName: host-no-wildcards: [*.www.example.com] matches [.www.example.com]", - "set dnsName: host-no-wildcards: [test.www.example.com] matches [.www.example.com]", - "set dnsName: host: [*.www.example.com] matches [.www.example.com]", - "set dnsName: host: [*www.example.com] matches [www.example.com]", - "set dnsName: host: [test.www.example.com] matches [.www.example.com]", - "set rfc822Name: email: [postmaster@example.com] does not match [Postmaster@example.com]", - "set rfc822Name: email: [Postmaster@example.com] does not match [postmaster@example.com]", - "set rfc822Name: email: [Postmaster@example.com] does not match [postmaster@EXAMPLE.COM]", - "set rfc822Name: email: [postmaster@EXAMPLE.COM] does not match [Postmaster@example.com]", - NULL - }; - -static int is_exception(const char *msg) - { - const char *const *p; - for (p = exceptions; *p; ++p) - if (strcmp(msg, *p) == 0) - return 1; - return 0; - } - -static int set_cn(X509 *crt, ...) - { - int ret = 0; - X509_NAME *n = NULL; - va_list ap; - va_start(ap, crt); - n = X509_NAME_new(); - if (n == NULL) - goto out; - while (1) { - int nid; - const char *name; - nid = va_arg(ap, int); - if (nid == 0) - break; - name = va_arg(ap, const char *); - if (!X509_NAME_add_entry_by_NID(n, nid, MBSTRING_ASC, - (unsigned char *)name, - -1, -1, 1)) - goto out; - } - if (!X509_set_subject_name(crt, n)) - goto out; - ret = 1; - out: - X509_NAME_free(n); - va_end(ap); - return ret; - } - -/* -int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); -X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, - int nid, int crit, ASN1_OCTET_STRING *data); -int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); -*/ - -static int set_altname(X509 *crt, ...) - { - int ret = 0; - GENERAL_NAMES *gens = NULL; - GENERAL_NAME *gen = NULL; - ASN1_IA5STRING *ia5 = NULL; - va_list ap; - va_start(ap, crt); - gens = sk_GENERAL_NAME_new_null(); - if (gens == NULL) - goto out; - while (1) { - int type; - const char *name; - type = va_arg(ap, int); - if (type == 0) - break; - name = va_arg(ap, const char *); - - gen = GENERAL_NAME_new(); - if (gen == NULL) - goto out; - ia5 = ASN1_IA5STRING_new(); - if (ia5 == NULL) - goto out; - if (!ASN1_STRING_set(ia5, name, -1)) - goto out; - switch (type) - { - case GEN_EMAIL: - case GEN_DNS: - GENERAL_NAME_set0_value(gen, type, ia5); - ia5 = NULL; - break; - default: - abort(); - } - sk_GENERAL_NAME_push(gens, gen); - gen = NULL; - } - if (!X509_add1_ext_i2d(crt, NID_subject_alt_name, gens, 0, 0)) - goto out; - ret = 1; - out: - ASN1_IA5STRING_free(ia5); - GENERAL_NAME_free(gen); - GENERAL_NAMES_free(gens); - va_end(ap); - return ret; - } - -static int set_cn1(X509 *crt, const char *name) - { - return set_cn(crt, NID_commonName, name, 0); - } - - -static int set_cn_and_email(X509 *crt, const char *name) - { - return set_cn(crt, NID_commonName, name, - NID_pkcs9_emailAddress, "dummy@example.com", 0); - } - -static int set_cn2(X509 *crt, const char *name) - { - return set_cn(crt, NID_commonName, "dummy value", - NID_commonName, name, 0); - } - -static int set_cn3(X509 *crt, const char *name) - { - return set_cn(crt, NID_commonName, name, - NID_commonName, "dummy value", 0); - } - -static int set_email1(X509 *crt, const char *name) - { - return set_cn(crt, NID_pkcs9_emailAddress, name, 0); - } - -static int set_email2(X509 *crt, const char *name) - { - return set_cn(crt, NID_pkcs9_emailAddress, "dummy@example.com", - NID_pkcs9_emailAddress, name, 0); - } - -static int set_email3(X509 *crt, const char *name) - { - return set_cn(crt, NID_pkcs9_emailAddress, name, - NID_pkcs9_emailAddress, "dummy@example.com", 0); - } - -static int set_email_and_cn(X509 *crt, const char *name) - { - return set_cn(crt, NID_pkcs9_emailAddress, name, - NID_commonName, "www.example.org", 0); - } - -static int set_altname_dns(X509 *crt, const char *name) - { - return set_altname(crt, GEN_DNS, name, 0); - } - -static int set_altname_email(X509 *crt, const char *name) - { - return set_altname(crt, GEN_EMAIL, name, 0); - } - -struct set_name_fn - { - int (*fn)(X509 *, const char *); - const char *name; - int host; - int email; - }; - -static const struct set_name_fn name_fns[] = - { - {set_cn1, "set CN", 1, 0}, - {set_cn2, "set CN", 1, 0}, - {set_cn3, "set CN", 1, 0}, - {set_cn_and_email, "set CN", 1, 0}, - {set_email1, "set emailAddress", 0, 1}, - {set_email2, "set emailAddress", 0, 1}, - {set_email3, "set emailAddress", 0, 1}, - {set_email_and_cn, "set emailAddress", 0, 1}, - {set_altname_dns, "set dnsName", 1, 0}, - {set_altname_email, "set rfc822Name", 0, 1}, - {NULL, NULL, 0} - }; - -static X509 *make_cert(void) - { - X509 *ret = NULL; - X509 *crt = NULL; - X509_NAME *issuer = NULL; - crt = X509_new(); - if (crt == NULL) - goto out; - if (!X509_set_version(crt, 3)) - goto out; - ret = crt; - crt = NULL; - out: - X509_NAME_free(issuer); - return ret; - } - -static int errors; - -static void check_message(const struct set_name_fn *fn, const char *op, - const char *nameincert, int match, const char *name) - { - char msg[1024]; - if (match < 0) - return; - BIO_snprintf(msg, sizeof(msg), "%s: %s: [%s] %s [%s]", - fn->name, op, nameincert, - match ? "matches" : "does not match", name); - if (is_exception(msg)) - return; - puts(msg); - ++errors; - } - -static void run_cert(X509 *crt, const char *nameincert, - const struct set_name_fn *fn) - { - const char *const *pname = names; - while (*pname) - { - int samename = OPENSSL_strcasecmp(nameincert, *pname) == 0; - size_t namelen = strlen(*pname); - char *name = malloc(namelen); - int match, ret; - memcpy(name, *pname, namelen); - - ret = X509_check_host(crt, name, namelen, 0, NULL); - match = -1; - if (ret < 0) - { - fprintf(stderr, "internal error in X509_check_host"); - ++errors; - } - else if (fn->host) - { - if (ret == 1 && !samename) - match = 1; - if (ret == 0 && samename) - match = 0; - } - else if (ret == 1) - match = 1; - check_message(fn, "host", nameincert, match, *pname); - - ret = X509_check_host(crt, name, namelen, - X509_CHECK_FLAG_NO_WILDCARDS, NULL); - match = -1; - if (ret < 0) - { - fprintf(stderr, "internal error in X509_check_host"); - ++errors; - } - else if (fn->host) - { - if (ret == 1 && !samename) - match = 1; - if (ret == 0 && samename) - match = 0; - } - else if (ret == 1) - match = 1; - check_message(fn, "host-no-wildcards", - nameincert, match, *pname); - - ret = X509_check_email(crt, name, namelen, 0); - match = -1; - if (fn->email) - { - if (ret && !samename) - match = 1; - if (!ret && samename && strchr(nameincert, '@') != NULL) - match = 0; - } - else if (ret) - match = 1; - check_message(fn, "email", nameincert, match, *pname); - ++pname; - free(name); - } - } - -int -main(void) - { - CRYPTO_library_init(); - - const struct set_name_fn *pfn = name_fns; - while (pfn->name) { - const char *const *pname = names; - while (*pname) - { - X509 *crt = make_cert(); - if (crt == NULL) - { - fprintf(stderr, "make_cert failed\n"); - return 1; - } - if (!pfn->fn(crt, *pname)) - { - fprintf(stderr, "X509 name setting failed\n"); - return 1; - } - run_cert(crt, *pname, pfn); - X509_free(crt); - ++pname; - } - ++pfn; - } - if (errors == 0) { - printf("PASS\n"); - } - return errors > 0 ? 1 : 0; - } diff --git a/src/crypto/x509v3/v3nametest.c b/src/crypto/x509v3/v3nametest.c new file mode 100644 index 0000000..a3197e6 --- /dev/null +++ b/src/crypto/x509v3/v3nametest.c @@ -0,0 +1,422 @@ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL + * project 1999. */ +/* ==================================================================== + * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). */ + +#include +#include + +#include +#include +#include +#include + + +static const char *const names[] = + { + "a", "b", ".", "*", "@", + ".a", "a.", ".b", "b.", ".*", "*.", "*@", "@*", "a@", "@a", "b@", "..", + "@@", "**", "*.com", "*com", "*.*.com", "*com", "com*", "*example.com", + "*@example.com", "test@*.example.com", "example.com", "www.example.com", + "test.www.example.com", "*.example.com", "*.www.example.com", + "test.*.example.com", "www.*.com", + ".www.example.com", "*www.example.com", + "example.net", "xn--rger-koa.example.com", + "a.example.com", "b.example.com", + "postmaster@example.com", "Postmaster@example.com", + "postmaster@EXAMPLE.COM", + NULL + }; + +static const char *const exceptions[] = + { + "set CN: host: [*.example.com] matches [a.example.com]", + "set CN: host: [*.example.com] matches [b.example.com]", + "set CN: host: [*.example.com] matches [www.example.com]", + "set CN: host: [*.example.com] matches [xn--rger-koa.example.com]", + "set CN: host: [*.www.example.com] matches [test.www.example.com]", + "set CN: host: [*.www.example.com] matches [.www.example.com]", + "set CN: host: [*www.example.com] matches [www.example.com]", + "set CN: host: [test.www.example.com] matches [.www.example.com]", + "set CN: host-no-wildcards: [*.www.example.com] matches [.www.example.com]", + "set CN: host-no-wildcards: [test.www.example.com] matches [.www.example.com]", + "set emailAddress: email: [postmaster@example.com] does not match [Postmaster@example.com]", + "set emailAddress: email: [postmaster@EXAMPLE.COM] does not match [Postmaster@example.com]", + "set emailAddress: email: [Postmaster@example.com] does not match [postmaster@example.com]", + "set emailAddress: email: [Postmaster@example.com] does not match [postmaster@EXAMPLE.COM]", + "set dnsName: host: [*.example.com] matches [www.example.com]", + "set dnsName: host: [*.example.com] matches [a.example.com]", + "set dnsName: host: [*.example.com] matches [b.example.com]", + "set dnsName: host: [*.example.com] matches [xn--rger-koa.example.com]", + "set dnsName: host: [*.www.example.com] matches [test.www.example.com]", + "set dnsName: host-no-wildcards: [*.www.example.com] matches [.www.example.com]", + "set dnsName: host-no-wildcards: [test.www.example.com] matches [.www.example.com]", + "set dnsName: host: [*.www.example.com] matches [.www.example.com]", + "set dnsName: host: [*www.example.com] matches [www.example.com]", + "set dnsName: host: [test.www.example.com] matches [.www.example.com]", + "set rfc822Name: email: [postmaster@example.com] does not match [Postmaster@example.com]", + "set rfc822Name: email: [Postmaster@example.com] does not match [postmaster@example.com]", + "set rfc822Name: email: [Postmaster@example.com] does not match [postmaster@EXAMPLE.COM]", + "set rfc822Name: email: [postmaster@EXAMPLE.COM] does not match [Postmaster@example.com]", + NULL + }; + +static int is_exception(const char *msg) + { + const char *const *p; + for (p = exceptions; *p; ++p) + if (strcmp(msg, *p) == 0) + return 1; + return 0; + } + +static int set_cn(X509 *crt, ...) + { + int ret = 0; + X509_NAME *n = NULL; + va_list ap; + va_start(ap, crt); + n = X509_NAME_new(); + if (n == NULL) + goto out; + while (1) { + int nid; + const char *name; + nid = va_arg(ap, int); + if (nid == 0) + break; + name = va_arg(ap, const char *); + if (!X509_NAME_add_entry_by_NID(n, nid, MBSTRING_ASC, + (unsigned char *)name, + -1, -1, 1)) + goto out; + } + if (!X509_set_subject_name(crt, n)) + goto out; + ret = 1; + out: + X509_NAME_free(n); + va_end(ap); + return ret; + } + +/* +int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); +X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, + int nid, int crit, ASN1_OCTET_STRING *data); +int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); +*/ + +static int set_altname(X509 *crt, ...) + { + int ret = 0; + GENERAL_NAMES *gens = NULL; + GENERAL_NAME *gen = NULL; + ASN1_IA5STRING *ia5 = NULL; + va_list ap; + va_start(ap, crt); + gens = sk_GENERAL_NAME_new_null(); + if (gens == NULL) + goto out; + while (1) { + int type; + const char *name; + type = va_arg(ap, int); + if (type == 0) + break; + name = va_arg(ap, const char *); + + gen = GENERAL_NAME_new(); + if (gen == NULL) + goto out; + ia5 = ASN1_IA5STRING_new(); + if (ia5 == NULL) + goto out; + if (!ASN1_STRING_set(ia5, name, -1)) + goto out; + switch (type) + { + case GEN_EMAIL: + case GEN_DNS: + GENERAL_NAME_set0_value(gen, type, ia5); + ia5 = NULL; + break; + default: + abort(); + } + sk_GENERAL_NAME_push(gens, gen); + gen = NULL; + } + if (!X509_add1_ext_i2d(crt, NID_subject_alt_name, gens, 0, 0)) + goto out; + ret = 1; + out: + ASN1_IA5STRING_free(ia5); + GENERAL_NAME_free(gen); + GENERAL_NAMES_free(gens); + va_end(ap); + return ret; + } + +static int set_cn1(X509 *crt, const char *name) + { + return set_cn(crt, NID_commonName, name, 0); + } + + +static int set_cn_and_email(X509 *crt, const char *name) + { + return set_cn(crt, NID_commonName, name, + NID_pkcs9_emailAddress, "dummy@example.com", 0); + } + +static int set_cn2(X509 *crt, const char *name) + { + return set_cn(crt, NID_commonName, "dummy value", + NID_commonName, name, 0); + } + +static int set_cn3(X509 *crt, const char *name) + { + return set_cn(crt, NID_commonName, name, + NID_commonName, "dummy value", 0); + } + +static int set_email1(X509 *crt, const char *name) + { + return set_cn(crt, NID_pkcs9_emailAddress, name, 0); + } + +static int set_email2(X509 *crt, const char *name) + { + return set_cn(crt, NID_pkcs9_emailAddress, "dummy@example.com", + NID_pkcs9_emailAddress, name, 0); + } + +static int set_email3(X509 *crt, const char *name) + { + return set_cn(crt, NID_pkcs9_emailAddress, name, + NID_pkcs9_emailAddress, "dummy@example.com", 0); + } + +static int set_email_and_cn(X509 *crt, const char *name) + { + return set_cn(crt, NID_pkcs9_emailAddress, name, + NID_commonName, "www.example.org", 0); + } + +static int set_altname_dns(X509 *crt, const char *name) + { + return set_altname(crt, GEN_DNS, name, 0); + } + +static int set_altname_email(X509 *crt, const char *name) + { + return set_altname(crt, GEN_EMAIL, name, 0); + } + +struct set_name_fn + { + int (*fn)(X509 *, const char *); + const char *name; + int host; + int email; + }; + +static const struct set_name_fn name_fns[] = + { + {set_cn1, "set CN", 1, 0}, + {set_cn2, "set CN", 1, 0}, + {set_cn3, "set CN", 1, 0}, + {set_cn_and_email, "set CN", 1, 0}, + {set_email1, "set emailAddress", 0, 1}, + {set_email2, "set emailAddress", 0, 1}, + {set_email3, "set emailAddress", 0, 1}, + {set_email_and_cn, "set emailAddress", 0, 1}, + {set_altname_dns, "set dnsName", 1, 0}, + {set_altname_email, "set rfc822Name", 0, 1}, + {NULL, NULL, 0} + }; + +static X509 *make_cert(void) + { + X509 *ret = NULL; + X509 *crt = NULL; + X509_NAME *issuer = NULL; + crt = X509_new(); + if (crt == NULL) + goto out; + if (!X509_set_version(crt, 3)) + goto out; + ret = crt; + crt = NULL; + out: + X509_NAME_free(issuer); + return ret; + } + +static int errors; + +static void check_message(const struct set_name_fn *fn, const char *op, + const char *nameincert, int match, const char *name) + { + char msg[1024]; + if (match < 0) + return; + BIO_snprintf(msg, sizeof(msg), "%s: %s: [%s] %s [%s]", + fn->name, op, nameincert, + match ? "matches" : "does not match", name); + if (is_exception(msg)) + return; + puts(msg); + ++errors; + } + +static void run_cert(X509 *crt, const char *nameincert, + const struct set_name_fn *fn) + { + const char *const *pname = names; + while (*pname) + { + int samename = OPENSSL_strcasecmp(nameincert, *pname) == 0; + size_t namelen = strlen(*pname); + char *name = malloc(namelen); + int match, ret; + memcpy(name, *pname, namelen); + + ret = X509_check_host(crt, name, namelen, 0, NULL); + match = -1; + if (ret < 0) + { + fprintf(stderr, "internal error in X509_check_host"); + ++errors; + } + else if (fn->host) + { + if (ret == 1 && !samename) + match = 1; + if (ret == 0 && samename) + match = 0; + } + else if (ret == 1) + match = 1; + check_message(fn, "host", nameincert, match, *pname); + + ret = X509_check_host(crt, name, namelen, + X509_CHECK_FLAG_NO_WILDCARDS, NULL); + match = -1; + if (ret < 0) + { + fprintf(stderr, "internal error in X509_check_host"); + ++errors; + } + else if (fn->host) + { + if (ret == 1 && !samename) + match = 1; + if (ret == 0 && samename) + match = 0; + } + else if (ret == 1) + match = 1; + check_message(fn, "host-no-wildcards", + nameincert, match, *pname); + + ret = X509_check_email(crt, name, namelen, 0); + match = -1; + if (fn->email) + { + if (ret && !samename) + match = 1; + if (!ret && samename && strchr(nameincert, '@') != NULL) + match = 0; + } + else if (ret) + match = 1; + check_message(fn, "email", nameincert, match, *pname); + ++pname; + free(name); + } + } + +int +main(void) + { + CRYPTO_library_init(); + + const struct set_name_fn *pfn = name_fns; + while (pfn->name) { + const char *const *pname = names; + while (*pname) + { + X509 *crt = make_cert(); + if (crt == NULL) + { + fprintf(stderr, "make_cert failed\n"); + return 1; + } + if (!pfn->fn(crt, *pname)) + { + fprintf(stderr, "X509 name setting failed\n"); + return 1; + } + run_cert(crt, *pname, pfn); + X509_free(crt); + ++pname; + } + ++pfn; + } + if (errors == 0) { + printf("PASS\n"); + } + return errors > 0 ? 1 : 0; + } -- cgit v1.1 From b8494591d1b1a143f3b192d845c238bbf3bc629d Mon Sep 17 00:00:00 2001 From: Kenny Root Date: Fri, 25 Sep 2015 02:29:14 +0000 Subject: Revert "Revert "external/boringssl: sync with upstream."" This reverts commit a04d78d392463df4e69a64360c952ffa5abd22f7. Underlying issue was fixed. Change-Id: I49685b653d16e728eb38e79e02b2c33ddeefed88 --- src/crypto/CMakeLists.txt | 7 +- src/crypto/aes/CMakeLists.txt | 11 +- src/crypto/aes/aes_test.cc | 102 ++++ src/crypto/aes/asm/aes-586.pl | 6 +- src/crypto/aes/asm/aes-armv4.pl | 2 +- src/crypto/aes/asm/aesv8-armx.pl | 2 +- src/crypto/aes/asm/bsaes-armv7.pl | 2 +- src/crypto/arm_arch.h | 136 ----- src/crypto/asn1/CMakeLists.txt | 2 +- src/crypto/asn1/a_bitstr.c | 11 +- src/crypto/asn1/a_bool.c | 2 +- src/crypto/asn1/a_bytes.c | 6 +- src/crypto/asn1/a_d2i_fp.c | 24 +- src/crypto/asn1/a_dup.c | 4 +- src/crypto/asn1/a_enum.c | 8 +- src/crypto/asn1/a_gentm.c | 2 +- src/crypto/asn1/a_i2d_fp.c | 10 +- src/crypto/asn1/a_int.c | 12 +- src/crypto/asn1/a_mbstr.c | 20 +- src/crypto/asn1/a_object.c | 22 +- src/crypto/asn1/a_strnid.c | 4 +- src/crypto/asn1/a_time.c | 4 +- src/crypto/asn1/a_utctm.c | 6 +- src/crypto/asn1/asn1_lib.c | 15 +- src/crypto/asn1/asn_pack.c | 8 +- src/crypto/asn1/bio_ndef.c | 2 +- src/crypto/asn1/f_enum.c | 8 +- src/crypto/asn1/f_int.c | 8 +- src/crypto/asn1/f_string.c | 8 +- src/crypto/asn1/tasn_dec.c | 111 ++-- src/crypto/asn1/tasn_new.c | 6 +- src/crypto/asn1/tasn_prn.c | 2 +- src/crypto/asn1/tasn_utl.c | 3 +- src/crypto/asn1/x_long.c | 4 +- src/crypto/base64/CMakeLists.txt | 2 +- src/crypto/bio/CMakeLists.txt | 2 +- src/crypto/bio/bio.c | 14 +- src/crypto/bio/bio_mem.c | 4 +- src/crypto/bio/buffer.c | 2 +- src/crypto/bio/connect.c | 16 +- src/crypto/bio/file.c | 21 +- src/crypto/bio/pair.c | 62 +- src/crypto/bio/printf.c | 2 +- src/crypto/bio/socket_helper.c | 5 +- src/crypto/bn/CMakeLists.txt | 3 +- src/crypto/bn/add.c | 2 +- src/crypto/bn/asm/armv4-mont.pl | 2 +- src/crypto/bn/bn.c | 20 +- src/crypto/bn/bn_asn1.c | 93 +++ src/crypto/bn/bn_test.cc | 376 ++++++++++-- src/crypto/bn/convert.c | 178 ++++-- src/crypto/bn/ctx.c | 6 +- src/crypto/bn/div.c | 6 +- src/crypto/bn/exponentiation.c | 30 +- src/crypto/bn/gcd.c | 32 +- src/crypto/bn/internal.h | 4 +- src/crypto/bn/montgomery.c | 6 + src/crypto/bn/mul.c | 8 +- src/crypto/bn/prime.c | 9 +- src/crypto/bn/random.c | 14 +- src/crypto/bn/rsaz_exp.h | 68 ++- src/crypto/bn/shift.c | 4 +- src/crypto/bn/sqrt.c | 24 +- src/crypto/buf/CMakeLists.txt | 2 +- src/crypto/buf/buf.c | 14 +- src/crypto/bytestring/CMakeLists.txt | 2 +- src/crypto/bytestring/bytestring_test.cc | 13 +- src/crypto/bytestring/cbb.c | 9 + src/crypto/bytestring/cbs.c | 20 +- src/crypto/bytestring/internal.h | 8 - src/crypto/chacha/CMakeLists.txt | 2 +- src/crypto/chacha/chacha_vec_arm.S | 2 + src/crypto/chacha/chacha_vec_arm_generate.go | 4 +- src/crypto/cipher/CMakeLists.txt | 2 +- src/crypto/cipher/aead.c | 15 +- src/crypto/cipher/aead_test.cc | 62 +- src/crypto/cipher/cipher.c | 41 +- src/crypto/cipher/cipher_test.cc | 57 +- src/crypto/cipher/e_aes.c | 108 ++-- src/crypto/cipher/e_chacha20poly1305.c | 22 +- src/crypto/cipher/e_des.c | 78 ++- src/crypto/cipher/e_rc2.c | 27 +- src/crypto/cipher/e_rc4.c | 22 +- src/crypto/cipher/e_ssl3.c | 56 +- src/crypto/cipher/e_tls.c | 56 +- src/crypto/cipher/test/aes_128_gcm_tests.txt | 6 + src/crypto/cipher/test/cipher_test.txt | 60 ++ src/crypto/cmac/CMakeLists.txt | 4 +- src/crypto/cmac/cmac_test.cc | 13 +- src/crypto/conf/CMakeLists.txt | 2 +- src/crypto/conf/conf.c | 64 +- src/crypto/conf/internal.h | 31 + src/crypto/cpu-arm.c | 6 +- src/crypto/cpu-intel.c | 157 ++++- src/crypto/cpu-x86-asm.pl | 334 ---------- src/crypto/cpu-x86_64-asm.pl | 163 ----- src/crypto/crypto.c | 2 +- src/crypto/des/CMakeLists.txt | 2 +- src/crypto/des/des.c | 157 ++--- src/crypto/des/internal.h | 10 +- src/crypto/dh/CMakeLists.txt | 2 +- src/crypto/dh/dh.c | 2 +- src/crypto/dh/dh_impl.c | 14 +- src/crypto/digest/CMakeLists.txt | 2 +- src/crypto/digest/digest.c | 32 +- src/crypto/digest/digests.c | 3 +- src/crypto/digest/internal.h | 17 +- src/crypto/dsa/CMakeLists.txt | 2 +- src/crypto/dsa/dsa.c | 2 +- src/crypto/dsa/dsa_asn1.c | 2 +- src/crypto/dsa/dsa_impl.c | 42 +- src/crypto/ec/CMakeLists.txt | 2 +- src/crypto/ec/ec.c | 127 ++-- src/crypto/ec/ec_asn1.c | 77 ++- src/crypto/ec/ec_key.c | 32 +- src/crypto/ec/ec_montgomery.c | 12 +- src/crypto/ec/oct.c | 59 +- src/crypto/ec/p256-64.c | 26 +- src/crypto/ec/simple.c | 20 +- src/crypto/ec/wnaf.c | 58 +- src/crypto/ecdh/CMakeLists.txt | 2 +- src/crypto/ecdh/ecdh.c | 14 +- src/crypto/ecdsa/CMakeLists.txt | 2 +- src/crypto/ecdsa/ecdsa.c | 119 ++-- src/crypto/ecdsa/ecdsa_asn1.c | 183 ++++-- src/crypto/ecdsa/ecdsa_test.cc | 55 +- src/crypto/engine/CMakeLists.txt | 2 +- src/crypto/err/CMakeLists.txt | 4 +- src/crypto/err/asn1.errordata | 240 +++----- src/crypto/err/bio.errordata | 53 +- src/crypto/err/bn.errordata | 63 +- src/crypto/err/buf.errordata | 4 - src/crypto/err/cipher.errordata | 85 +-- src/crypto/err/conf.errordata | 16 +- src/crypto/err/crypto.errordata | 4 - src/crypto/err/dh.errordata | 12 +- src/crypto/err/digest.errordata | 4 +- src/crypto/err/dsa.errordata | 13 +- src/crypto/err/ec.errordata | 123 +--- src/crypto/err/ecdh.errordata | 7 +- src/crypto/err/ecdsa.errordata | 16 +- src/crypto/err/engine.errordata | 2 +- src/crypto/err/err.c | 132 ++-- src/crypto/err/err_data_generate.go | 32 +- src/crypto/err/err_test.cc | 50 +- src/crypto/err/evp.errordata | 160 ++--- src/crypto/err/hkdf.errordata | 3 +- src/crypto/err/obj.errordata | 6 +- src/crypto/err/pem.errordata | 54 +- src/crypto/err/pkcs8.errordata | 68 +-- src/crypto/err/rsa.errordata | 115 ++-- src/crypto/err/ssl.errordata | 604 +++++++------------ src/crypto/err/x509.errordata | 133 ++-- src/crypto/err/x509v3.errordata | 183 ++---- src/crypto/evp/CMakeLists.txt | 6 +- src/crypto/evp/algorithm.c | 18 +- src/crypto/evp/asn1.c | 167 ----- src/crypto/evp/digestsign.c | 72 +-- src/crypto/evp/evp.c | 53 +- src/crypto/evp/evp_asn1.c | 166 +++++ src/crypto/evp/evp_ctx.c | 77 +-- src/crypto/evp/evp_extra_test.cc | 4 +- src/crypto/evp/evp_test.cc | 64 +- src/crypto/evp/evp_tests.txt | 5 +- src/crypto/evp/internal.h | 69 +-- src/crypto/evp/p_dsa_asn1.c | 44 +- src/crypto/evp/p_ec.c | 52 +- src/crypto/evp/p_ec_asn1.c | 42 +- src/crypto/evp/p_hmac.c | 223 ------- src/crypto/evp/p_hmac_asn1.c | 89 --- src/crypto/evp/p_rsa.c | 49 +- src/crypto/evp/p_rsa_asn1.c | 116 ++-- src/crypto/ex_data.c | 31 +- src/crypto/hkdf/CMakeLists.txt | 2 +- src/crypto/hkdf/hkdf.c | 4 +- src/crypto/hmac/CMakeLists.txt | 2 +- src/crypto/hmac/hmac.c | 2 +- src/crypto/hmac/hmac_tests.txt | 3 - src/crypto/internal.h | 8 +- src/crypto/lhash/CMakeLists.txt | 2 +- src/crypto/lhash/lhash.c | 3 +- src/crypto/md4/CMakeLists.txt | 2 +- src/crypto/md5/CMakeLists.txt | 2 +- src/crypto/md5/md5.c | 3 +- src/crypto/mem.c | 3 +- src/crypto/modes/CMakeLists.txt | 2 +- src/crypto/modes/asm/ghash-armv4.pl | 10 +- src/crypto/modes/asm/ghash-x86.pl | 2 +- src/crypto/modes/asm/ghash-x86_64.pl | 8 +- src/crypto/modes/asm/ghashv8-armx.pl | 24 +- src/crypto/modes/gcm.c | 8 +- src/crypto/modes/gcm_test.c | 16 +- src/crypto/modes/internal.h | 5 - src/crypto/obj/CMakeLists.txt | 2 +- src/crypto/obj/obj.c | 10 +- src/crypto/pem/CMakeLists.txt | 2 +- src/crypto/pem/pem_info.c | 14 +- src/crypto/pem/pem_lib.c | 67 ++- src/crypto/pem/pem_oth.c | 2 +- src/crypto/pem/pem_pk8.c | 10 +- src/crypto/pem/pem_pkey.c | 14 +- src/crypto/perlasm/arm-xlate.pl | 5 + src/crypto/pkcs8/CMakeLists.txt | 9 +- src/crypto/pkcs8/internal.h | 9 + src/crypto/pkcs8/p5_pbe.c | 10 +- src/crypto/pkcs8/p5_pbev2.c | 144 ++++- src/crypto/pkcs8/pkcs8.c | 255 ++++---- src/crypto/pkcs8/pkcs8_test.cc | 91 +++ src/crypto/poly1305/CMakeLists.txt | 11 +- src/crypto/poly1305/poly1305_test.cc | 81 +++ src/crypto/poly1305/poly1305_test.txt | 52 ++ src/crypto/rand/CMakeLists.txt | 2 +- src/crypto/rand/hwrand.c | 21 +- src/crypto/rand/internal.h | 10 +- src/crypto/rand/rand.c | 27 +- src/crypto/rand/urandom.c | 292 ++++----- src/crypto/rc4/CMakeLists.txt | 2 +- src/crypto/rc4/asm/rc4-x86_64.pl | 2 +- src/crypto/rsa/CMakeLists.txt | 4 +- src/crypto/rsa/blinding.c | 24 +- src/crypto/rsa/internal.h | 34 +- src/crypto/rsa/padding.c | 110 ++-- src/crypto/rsa/rsa.c | 143 +++-- src/crypto/rsa/rsa_asn1.c | 421 +++++++++++-- src/crypto/rsa/rsa_impl.c | 311 ++++++++-- src/crypto/rsa/rsa_test.c | 511 ---------------- src/crypto/rsa/rsa_test.cc | 869 +++++++++++++++++++++++++++ src/crypto/sha/CMakeLists.txt | 2 +- src/crypto/sha/asm/sha1-586.pl | 4 +- src/crypto/sha/asm/sha1-armv4-large.pl | 2 +- src/crypto/sha/asm/sha1-armv8.pl | 2 +- src/crypto/sha/asm/sha256-586.pl | 2 +- src/crypto/sha/asm/sha256-armv4.pl | 2 +- src/crypto/sha/asm/sha512-586.pl | 2 +- src/crypto/sha/asm/sha512-armv4.pl | 2 +- src/crypto/sha/asm/sha512-armv8.pl | 2 +- src/crypto/stack/CMakeLists.txt | 2 +- src/crypto/test/CMakeLists.txt | 1 + src/crypto/test/file_test.cc | 1 + src/crypto/test/file_test.h | 8 + src/crypto/test/malloc.cc | 17 +- src/crypto/test/scoped_types.h | 5 + src/crypto/test/test_util.cc | 30 + src/crypto/test/test_util.h | 35 ++ src/crypto/x509/CMakeLists.txt | 3 +- src/crypto/x509/a_digest.c | 2 +- src/crypto/x509/a_sign.c | 4 +- src/crypto/x509/a_verify.c | 10 +- src/crypto/x509/asn1_gen.c | 62 +- src/crypto/x509/by_dir.c | 12 +- src/crypto/x509/by_file.c | 22 +- src/crypto/x509/i2d_pr.c | 2 +- src/crypto/x509/pkcs7.c | 12 +- src/crypto/x509/t_crl.c | 2 +- src/crypto/x509/t_req.c | 246 ++++++++ src/crypto/x509/t_x509.c | 4 +- src/crypto/x509/x509_att.c | 16 +- src/crypto/x509/x509_cmp.c | 6 +- src/crypto/x509/x509_lu.c | 14 +- src/crypto/x509/x509_obj.c | 2 +- src/crypto/x509/x509_r2x.c | 2 +- src/crypto/x509/x509_req.c | 12 +- src/crypto/x509/x509_trs.c | 10 +- src/crypto/x509/x509_v3.c | 8 +- src/crypto/x509/x509_vfy.c | 54 +- src/crypto/x509/x509cset.c | 7 + src/crypto/x509/x509name.c | 8 +- src/crypto/x509/x509spki.c | 12 +- src/crypto/x509/x_all.c | 25 +- src/crypto/x509/x_crl.c | 2 +- src/crypto/x509/x_info.c | 2 +- src/crypto/x509/x_name.c | 6 +- src/crypto/x509/x_pkey.c | 2 +- src/crypto/x509/x_pubkey.c | 20 +- src/crypto/x509/x_x509a.c | 48 +- src/crypto/x509v3/CMakeLists.txt | 6 +- src/crypto/x509v3/tab_test.c | 103 ++++ src/crypto/x509v3/tabtest.c | 103 ---- src/crypto/x509v3/v3_akey.c | 10 +- src/crypto/x509v3/v3_alt.c | 40 +- src/crypto/x509v3/v3_bcons.c | 4 +- src/crypto/x509v3/v3_bitst.c | 6 +- src/crypto/x509v3/v3_conf.c | 26 +- src/crypto/x509v3/v3_cpols.c | 40 +- src/crypto/x509v3/v3_crld.c | 14 +- src/crypto/x509v3/v3_extku.c | 4 +- src/crypto/x509v3/v3_ia5.c | 6 +- src/crypto/x509v3/v3_info.c | 12 +- src/crypto/x509v3/v3_lib.c | 16 +- src/crypto/x509v3/v3_ncons.c | 4 +- src/crypto/x509v3/v3_pci.c | 35 +- src/crypto/x509v3/v3_pcons.c | 6 +- src/crypto/x509v3/v3_pmaps.c | 8 +- src/crypto/x509v3/v3_purp.c | 10 +- src/crypto/x509v3/v3_skey.c | 10 +- src/crypto/x509v3/v3_sxnet.c | 16 +- src/crypto/x509v3/v3_utl.c | 40 +- src/crypto/x509v3/v3name_test.c | 422 +++++++++++++ src/crypto/x509v3/v3nametest.c | 422 ------------- 299 files changed, 7231 insertions(+), 6241 deletions(-) create mode 100644 src/crypto/aes/aes_test.cc delete mode 100644 src/crypto/arm_arch.h create mode 100644 src/crypto/bn/bn_asn1.c create mode 100644 src/crypto/conf/internal.h delete mode 100644 src/crypto/cpu-x86-asm.pl delete mode 100644 src/crypto/cpu-x86_64-asm.pl delete mode 100644 src/crypto/err/buf.errordata delete mode 100644 src/crypto/err/crypto.errordata delete mode 100644 src/crypto/evp/asn1.c create mode 100644 src/crypto/evp/evp_asn1.c delete mode 100644 src/crypto/evp/p_hmac.c delete mode 100644 src/crypto/evp/p_hmac_asn1.c create mode 100644 src/crypto/pkcs8/pkcs8_test.cc create mode 100644 src/crypto/poly1305/poly1305_test.cc create mode 100644 src/crypto/poly1305/poly1305_test.txt delete mode 100644 src/crypto/rsa/rsa_test.c create mode 100644 src/crypto/rsa/rsa_test.cc create mode 100644 src/crypto/test/test_util.cc create mode 100644 src/crypto/test/test_util.h create mode 100644 src/crypto/x509/t_req.c create mode 100644 src/crypto/x509v3/tab_test.c delete mode 100644 src/crypto/x509v3/tabtest.c create mode 100644 src/crypto/x509v3/v3name_test.c delete mode 100644 src/crypto/x509v3/v3nametest.c (limited to 'src/crypto') diff --git a/src/crypto/CMakeLists.txt b/src/crypto/CMakeLists.txt index 6858cbb..3115279 100644 --- a/src/crypto/CMakeLists.txt +++ b/src/crypto/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. ../include) +include_directories(../include) if(APPLE) if (${ARCH} STREQUAL "x86") @@ -57,7 +57,6 @@ if (${ARCH} STREQUAL "x86_64") set( CRYPTO_ARCH_SOURCES - cpu-x86_64-asm.${ASM_EXT} cpu-intel.c ) endif() @@ -66,7 +65,6 @@ if (${ARCH} STREQUAL "x86") set( CRYPTO_ARCH_SOURCES - cpu-x86-asm.${ASM_EXT} cpu-intel.c ) endif() @@ -230,6 +228,3 @@ add_executable( ) target_link_libraries(refcount_test crypto) - -perlasm(cpu-x86_64-asm.${ASM_EXT} cpu-x86_64-asm.pl) -perlasm(cpu-x86-asm.${ASM_EXT} cpu-x86-asm.pl) diff --git a/src/crypto/aes/CMakeLists.txt b/src/crypto/aes/CMakeLists.txt index 490f40a..c82d99a 100644 --- a/src/crypto/aes/CMakeLists.txt +++ b/src/crypto/aes/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) if (${ARCH} STREQUAL "x86_64") set( @@ -60,3 +60,12 @@ perlasm(aesni-x86.${ASM_EXT} asm/aesni-x86.pl) perlasm(aes-armv4.${ASM_EXT} asm/aes-armv4.pl) perlasm(bsaes-armv7.${ASM_EXT} asm/bsaes-armv7.pl) perlasm(aesv8-armx.${ASM_EXT} asm/aesv8-armx.pl) + +add_executable( + aes_test + + aes_test.cc + $ +) + +target_link_libraries(aes_test crypto) diff --git a/src/crypto/aes/aes_test.cc b/src/crypto/aes/aes_test.cc new file mode 100644 index 0000000..e488d81 --- /dev/null +++ b/src/crypto/aes/aes_test.cc @@ -0,0 +1,102 @@ +/* Copyright (c) 2015, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#include +#include + +#include +#include + + +static bool TestAES(const uint8_t *key, size_t key_len, + const uint8_t plaintext[AES_BLOCK_SIZE], + const uint8_t ciphertext[AES_BLOCK_SIZE]) { + AES_KEY aes_key; + if (AES_set_encrypt_key(key, key_len * 8, &aes_key) != 0) { + fprintf(stderr, "AES_set_encrypt_key failed\n"); + return false; + } + + // Test encryption. + uint8_t block[AES_BLOCK_SIZE]; + AES_encrypt(plaintext, block, &aes_key); + if (memcmp(block, ciphertext, AES_BLOCK_SIZE) != 0) { + fprintf(stderr, "AES_encrypt gave the wrong output\n"); + return false; + } + + // Test in-place encryption. + memcpy(block, plaintext, AES_BLOCK_SIZE); + AES_encrypt(block, block, &aes_key); + if (memcmp(block, ciphertext, AES_BLOCK_SIZE) != 0) { + fprintf(stderr, "AES_encrypt gave the wrong output\n"); + return false; + } + + if (AES_set_decrypt_key(key, key_len * 8, &aes_key) != 0) { + fprintf(stderr, "AES_set_decrypt_key failed\n"); + return false; + } + + // Test decryption. + AES_decrypt(ciphertext, block, &aes_key); + if (memcmp(block, plaintext, AES_BLOCK_SIZE) != 0) { + fprintf(stderr, "AES_decrypt gave the wrong output\n"); + return false; + } + + // Test in-place decryption. + memcpy(block, ciphertext, AES_BLOCK_SIZE); + AES_decrypt(block, block, &aes_key); + if (memcmp(block, plaintext, AES_BLOCK_SIZE) != 0) { + fprintf(stderr, "AES_decrypt gave the wrong output\n"); + return false; + } + return true; +} + +int main() { + CRYPTO_library_init(); + + // Test vectors from FIPS-197, Appendix C. + if (!TestAES((const uint8_t *)"\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + 128 / 8, + (const uint8_t *)"\x00\x11\x22\x33\x44\x55\x66\x77" + "\x88\x99\xaa\xbb\xcc\xdd\xee\xff", + (const uint8_t *)"\x69\xc4\xe0\xd8\x6a\x7b\x04\x30" + "\xd8\xcd\xb7\x80\x70\xb4\xc5\x5a") || + !TestAES((const uint8_t *)"\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17", + 192 / 8, + (const uint8_t *)"\x00\x11\x22\x33\x44\x55\x66\x77" + "\x88\x99\xaa\xbb\xcc\xdd\xee\xff", + (const uint8_t *)"\xdd\xa9\x7c\xa4\x86\x4c\xdf\xe0" + "\x6e\xaf\x70\xa0\xec\x0d\x71\x91") || + !TestAES((const uint8_t *)"\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", + 256 / 8, + (const uint8_t *)"\x00\x11\x22\x33\x44\x55\x66\x77" + "\x88\x99\xaa\xbb\xcc\xdd\xee\xff", + (const uint8_t *)"\x8e\xa2\xb7\xca\x51\x67\x45\xbf" + "\xea\xfc\x49\x90\x4b\x49\x60\x89")) { + return false; + } + + printf("PASS\n"); + return 0; +} diff --git a/src/crypto/aes/asm/aes-586.pl b/src/crypto/aes/asm/aes-586.pl index 07fb94c..6e8a6a8 100755 --- a/src/crypto/aes/asm/aes-586.pl +++ b/src/crypto/aes/asm/aes-586.pl @@ -45,7 +45,7 @@ # the undertaken effort was that it appeared that in tight IA-32 # register window little-endian flavor could achieve slightly higher # Instruction Level Parallelism, and it indeed resulted in up to 15% -# better performance on most recent µ-archs... +# better performance on most recent µ-archs... # # Third version adds AES_cbc_encrypt implementation, which resulted in # up to 40% performance imrovement of CBC benchmark results. 40% was @@ -224,7 +224,7 @@ sub _data_word() { my $i; while(defined($i=shift)) { &data_word($i,$i); } } $speed_limit=512; # chunks smaller than $speed_limit are # processed with compact routine in CBC mode $small_footprint=1; # $small_footprint=1 code is ~5% slower [on - # recent µ-archs], but ~5 times smaller! + # recent µ-archs], but ~5 times smaller! # I favor compact code to minimize cache # contention and in hope to "collect" 5% back # in real-life applications... @@ -565,7 +565,7 @@ sub enctransform() # Performance is not actually extraordinary in comparison to pure # x86 code. In particular encrypt performance is virtually the same. # Decrypt performance on the other hand is 15-20% better on newer -# µ-archs [but we're thankful for *any* improvement here], and ~50% +# µ-archs [but we're thankful for *any* improvement here], and ~50% # better on PIII:-) And additionally on the pros side this code # eliminates redundant references to stack and thus relieves/ # minimizes the pressure on the memory bus. diff --git a/src/crypto/aes/asm/aes-armv4.pl b/src/crypto/aes/asm/aes-armv4.pl index 36cd3b6..882017a 100644 --- a/src/crypto/aes/asm/aes-armv4.pl +++ b/src/crypto/aes/asm/aes-armv4.pl @@ -65,7 +65,7 @@ $rounds="r12"; $code=<<___; #if defined(__arm__) #ifndef __KERNEL__ -# include "arm_arch.h" +# include #else # define __ARM_ARCH__ __LINUX_ARM_ARCH__ #endif diff --git a/src/crypto/aes/asm/aesv8-armx.pl b/src/crypto/aes/asm/aesv8-armx.pl index b0916f6..121154a 100644 --- a/src/crypto/aes/asm/aesv8-armx.pl +++ b/src/crypto/aes/asm/aesv8-armx.pl @@ -45,7 +45,7 @@ open OUT,"| \"$^X\" $xlate $flavour $output"; $prefix="aes_v8"; $code=<<___; -#include "arm_arch.h" +#include #if __ARM_MAX_ARCH__>=7 .text diff --git a/src/crypto/aes/asm/bsaes-armv7.pl b/src/crypto/aes/asm/bsaes-armv7.pl index 273f0b9..7fe349a 100644 --- a/src/crypto/aes/asm/bsaes-armv7.pl +++ b/src/crypto/aes/asm/bsaes-armv7.pl @@ -703,7 +703,7 @@ ___ $code.=<<___; #if defined(__arm__) #ifndef __KERNEL__ -# include "arm_arch.h" +# include # define VFP_ABI_PUSH vstmdb sp!,{d8-d15} # define VFP_ABI_POP vldmia sp!,{d8-d15} diff --git a/src/crypto/arm_arch.h b/src/crypto/arm_arch.h deleted file mode 100644 index 0600fbb..0000000 --- a/src/crypto/arm_arch.h +++ /dev/null @@ -1,136 +0,0 @@ -/* ==================================================================== - * Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). */ - -#ifndef OPENSSL_HEADER_ARM_ARCH_H -#define OPENSSL_HEADER_ARM_ARCH_H - -#if !defined(__ARM_ARCH__) -# if defined(__CC_ARM) -# define __ARM_ARCH__ __TARGET_ARCH_ARM -# if defined(__BIG_ENDIAN) -# define __ARMEB__ -# else -# define __ARMEL__ -# endif -# elif defined(__GNUC__) -# if defined(__aarch64__) -# define __ARM_ARCH__ 8 -# if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ -# define __ARMEB__ -# else -# define __ARMEL__ -# endif - /* Why doesn't gcc define __ARM_ARCH__? Instead it defines - * bunch of below macros. See all_architectires[] table in - * gcc/config/arm/arm.c. On a side note it defines - * __ARMEL__/__ARMEB__ for little-/big-endian. */ -# elif defined(__ARM_ARCH) -# define __ARM_ARCH__ __ARM_ARCH -# elif defined(__ARM_ARCH_8A__) -# define __ARM_ARCH__ 8 -# elif defined(__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__) || \ - defined(__ARM_ARCH_7R__)|| defined(__ARM_ARCH_7M__) || \ - defined(__ARM_ARCH_7EM__) -# define __ARM_ARCH__ 7 -# elif defined(__ARM_ARCH_6__) || defined(__ARM_ARCH_6J__) || \ - defined(__ARM_ARCH_6K__)|| defined(__ARM_ARCH_6M__) || \ - defined(__ARM_ARCH_6Z__)|| defined(__ARM_ARCH_6ZK__) || \ - defined(__ARM_ARCH_6T2__) -# define __ARM_ARCH__ 6 -# elif defined(__ARM_ARCH_5__) || defined(__ARM_ARCH_5T__) || \ - defined(__ARM_ARCH_5E__)|| defined(__ARM_ARCH_5TE__) || \ - defined(__ARM_ARCH_5TEJ__) -# define __ARM_ARCH__ 5 -# elif defined(__ARM_ARCH_4__) || defined(__ARM_ARCH_4T__) -# define __ARM_ARCH__ 4 -# else -# error "unsupported ARM architecture" -# endif -# endif -#endif - -/* Even when building for 32-bit ARM, support for aarch64 crypto instructions - * will be included. */ -#define __ARM_MAX_ARCH__ 8 - -#if !__ASSEMBLER__ - -/* OPENSSL_armcap_P contains flags describing the capabilities of the CPU and - * is easy for assembly code to acesss. For C code, see the functions in - * |cpu.h|. */ -extern uint32_t OPENSSL_armcap_P; - -#endif /* !__ASSEMBLER__ */ - -/* ARMV7_NEON is true when a NEON unit is present in the current CPU. */ -#define ARMV7_NEON (1 << 0) - -/* ARMV7_NEON_FUNCTIONAL is true when the NEON unit doesn't contain subtle bugs. - * The Poly1305 NEON code is known to trigger bugs in the NEON units of some - * phones. If this bit isn't set then the Poly1305 NEON code won't be used. - * See https://code.google.com/p/chromium/issues/detail?id=341598. */ -#define ARMV7_NEON_FUNCTIONAL (1 << 10) - -/* ARMV8_AES indicates support for hardware AES instructions. */ -#define ARMV8_AES (1 << 2) - -/* ARMV8_SHA1 indicates support for hardware SHA-1 instructions. */ -#define ARMV8_SHA1 (1 << 3) - -/* ARMV8_SHA256 indicates support for hardware SHA-256 instructions. */ -#define ARMV8_SHA256 (1 << 4) - -/* ARMV8_PMULL indicates support for carryless multiplication. */ -#define ARMV8_PMULL (1 << 5) - - -#endif /* OPENSSL_HEADER_THREAD_H */ diff --git a/src/crypto/asn1/CMakeLists.txt b/src/crypto/asn1/CMakeLists.txt index 283636e..41e3122 100644 --- a/src/crypto/asn1/CMakeLists.txt +++ b/src/crypto/asn1/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( asn1 diff --git a/src/crypto/asn1/a_bitstr.c b/src/crypto/asn1/a_bitstr.c index 8055f0c..8bad339 100644 --- a/src/crypto/asn1/a_bitstr.c +++ b/src/crypto/asn1/a_bitstr.c @@ -125,8 +125,7 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, if (len < 1) { - OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_BIT_STRING, - ASN1_R_STRING_TOO_SHORT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_STRING_TOO_SHORT); goto err; } @@ -141,8 +140,7 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, padding = *(p++); if (padding > 7) { - OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_BIT_STRING, - ASN1_R_INVALID_BIT_STRING_BITS_LEFT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_BIT_STRING_BITS_LEFT); goto err; } @@ -157,8 +155,7 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, s=(unsigned char *)OPENSSL_malloc((int)len); if (s == NULL) { - OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_BIT_STRING, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto err; } memcpy(s,p,(int)len); @@ -209,7 +206,7 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) w+1); if (c == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_BIT_STRING_set_bit, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return 0; } if (w+1-a->length > 0) memset(c+a->length, 0, w+1-a->length); diff --git a/src/crypto/asn1/a_bool.c b/src/crypto/asn1/a_bool.c index c30ee48..826bcf4 100644 --- a/src/crypto/asn1/a_bool.c +++ b/src/crypto/asn1/a_bool.c @@ -107,6 +107,6 @@ int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length) *pp=p; return(ret); err: - OPENSSL_PUT_ERROR(ASN1, d2i_ASN1_BOOLEAN, i); + OPENSSL_PUT_ERROR(ASN1, i); return(ret); } diff --git a/src/crypto/asn1/a_bytes.c b/src/crypto/asn1/a_bytes.c index 8874f48..1904375 100644 --- a/src/crypto/asn1/a_bytes.c +++ b/src/crypto/asn1/a_bytes.c @@ -125,7 +125,7 @@ ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp, *pp=p; return(ret); err: - OPENSSL_PUT_ERROR(ASN1, d2i_ASN1_type_bytes, i); + OPENSSL_PUT_ERROR(ASN1, i); if ((ret != NULL) && ((a == NULL) || (*a != ret))) ASN1_STRING_free(ret); return(NULL); @@ -243,7 +243,7 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp, err: if ((ret != NULL) && ((a == NULL) || (*a != ret))) ASN1_STRING_free(ret); - OPENSSL_PUT_ERROR(ASN1, d2i_ASN1_bytes, i); + OPENSSL_PUT_ERROR(ASN1, i); return(NULL); } @@ -309,7 +309,7 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c) if (os != NULL) ASN1_STRING_free(os); return(1); err: - OPENSSL_PUT_ERROR(ASN1, asn1_collate_primitive, c->error); + OPENSSL_PUT_ERROR(ASN1, c->error); if (os != NULL) ASN1_STRING_free(os); if (b.data != NULL) OPENSSL_free(b.data); return(0); diff --git a/src/crypto/asn1/a_d2i_fp.c b/src/crypto/asn1/a_d2i_fp.c index 6022c74..97ec75b 100644 --- a/src/crypto/asn1/a_d2i_fp.c +++ b/src/crypto/asn1/a_d2i_fp.c @@ -75,7 +75,7 @@ void *ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x) if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_d2i_fp, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(ASN1, ERR_R_BUF_LIB); return(NULL); } BIO_set_fp(b,in,BIO_NOCLOSE); @@ -129,7 +129,7 @@ void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x) if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_d2i_fp, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(ASN1, ERR_R_BUF_LIB); return(NULL); } BIO_set_fp(b,in,BIO_NOCLOSE); @@ -154,7 +154,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) b=BUF_MEM_new(); if (b == NULL) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return -1; } @@ -167,20 +167,20 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) if (len + want < len || !BUF_MEM_grow_clean(b,len+want)) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto err; } i=BIO_read(in,&(b->data[len]),want); if ((i < 0) && ((len-off) == 0)) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ASN1_R_NOT_ENOUGH_DATA); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NOT_ENOUGH_DATA); goto err; } if (i > 0) { if (len+i < len) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ASN1_R_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG); goto err; } len+=i; @@ -211,7 +211,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) eos++; if (eos < 0) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ASN1_R_HEADER_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_HEADER_TOO_LONG); goto err; } want=HEADER_SIZE; @@ -235,12 +235,12 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) if (want > INT_MAX /* BIO_read takes an int length */ || len+want < len) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ASN1_R_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG); goto err; } if (!BUF_MEM_grow_clean(b,len+want)) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto err; } while (want > 0) @@ -248,7 +248,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) i=BIO_read(in,&(b->data[len]),want); if (i <= 0) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ASN1_R_NOT_ENOUGH_DATA); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NOT_ENOUGH_DATA); goto err; } /* This can't overflow because @@ -259,7 +259,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) } if (off + c.slen < off) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ASN1_R_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG); goto err; } off+=c.slen; @@ -274,7 +274,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) if (off > INT_MAX) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_read_bio, ASN1_R_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG); goto err; } diff --git a/src/crypto/asn1/a_dup.c b/src/crypto/asn1/a_dup.c index 8ec1c5f..5e87457 100644 --- a/src/crypto/asn1/a_dup.c +++ b/src/crypto/asn1/a_dup.c @@ -72,7 +72,7 @@ void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x) i=i2d(x,NULL); b=OPENSSL_malloc(i+10); if (b == NULL) - { OPENSSL_PUT_ERROR(ASN1, ASN1_dup, ERR_R_MALLOC_FAILURE); return(NULL); } + { OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return(NULL); } p= b; i=i2d(x,&p); p2= b; @@ -95,7 +95,7 @@ void *ASN1_item_dup(const ASN1_ITEM *it, void *x) i=ASN1_item_i2d(x,&b,it); if (b == NULL) - { OPENSSL_PUT_ERROR(ASN1, ASN1_item_dup, ERR_R_MALLOC_FAILURE); return(NULL); } + { OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return(NULL); } p= b; ret=ASN1_item_d2i(NULL,&p,i, it); OPENSSL_free(b); diff --git a/src/crypto/asn1/a_enum.c b/src/crypto/asn1/a_enum.c index a581a34..579dafd 100644 --- a/src/crypto/asn1/a_enum.c +++ b/src/crypto/asn1/a_enum.c @@ -84,7 +84,7 @@ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v) } if (a->data == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_ENUMERATED_set, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return(0); } d=v; @@ -147,7 +147,7 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai) ret=ai; if (ret == NULL) { - OPENSSL_PUT_ERROR(ASN1, BN_to_ASN1_ENUMERATED, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } if(BN_is_negative(bn)) ret->type = V_ASN1_NEG_ENUMERATED; @@ -159,7 +159,7 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai) unsigned char *new_data=OPENSSL_realloc(ret->data, len+4); if (!new_data) { - OPENSSL_PUT_ERROR(ASN1, BN_to_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto err; } ret->data=new_data; @@ -177,7 +177,7 @@ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn) BIGNUM *ret; if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL) - OPENSSL_PUT_ERROR(ASN1, ASN1_ENUMERATED_to_BN, ASN1_R_BN_LIB); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_BN_LIB); else if(ai->type == V_ASN1_NEG_ENUMERATED) BN_set_negative(ret,1); return(ret); } diff --git a/src/crypto/asn1/a_gentm.c b/src/crypto/asn1/a_gentm.c index be093a4..7cb18a9 100644 --- a/src/crypto/asn1/a_gentm.c +++ b/src/crypto/asn1/a_gentm.c @@ -239,7 +239,7 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s, p=OPENSSL_malloc(len); if (p == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_GENERALIZEDTIME_adj, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return(NULL); } if (s->data != NULL) diff --git a/src/crypto/asn1/a_i2d_fp.c b/src/crypto/asn1/a_i2d_fp.c index 11e40d3..74ded78 100644 --- a/src/crypto/asn1/a_i2d_fp.c +++ b/src/crypto/asn1/a_i2d_fp.c @@ -67,7 +67,7 @@ int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x) if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_i2d_fp, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(ASN1, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,out,BIO_NOCLOSE); @@ -76,7 +76,7 @@ int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x) return(ret); } -int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x) +int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, void *x) { char *b; unsigned char *p; @@ -86,7 +86,7 @@ int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x) b=(char *)OPENSSL_malloc(n); if (b == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_i2d_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return(0); } @@ -116,7 +116,7 @@ int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x) if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_i2d_fp, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(ASN1, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,out,BIO_NOCLOSE); @@ -133,7 +133,7 @@ int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x) n = ASN1_item_i2d(x, &b, it); if (b == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_i2d_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return(0); } diff --git a/src/crypto/asn1/a_int.c b/src/crypto/asn1/a_int.c index 2ecccc5..9a56534 100644 --- a/src/crypto/asn1/a_int.c +++ b/src/crypto/asn1/a_int.c @@ -257,7 +257,7 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, *pp=pend; return(ret); err: - OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_INTEGER, i); + OPENSSL_PUT_ERROR(ASN1, i); if ((ret != NULL) && ((a == NULL) || (*a != ret))) M_ASN1_INTEGER_free(ret); return(NULL); @@ -327,7 +327,7 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, *pp=p; return(ret); err: - OPENSSL_PUT_ERROR(ASN1, d2i_ASN1_UINTEGER, i); + OPENSSL_PUT_ERROR(ASN1, i); if ((ret != NULL) && ((a == NULL) || (*a != ret))) M_ASN1_INTEGER_free(ret); return(NULL); @@ -350,7 +350,7 @@ int ASN1_INTEGER_set(ASN1_INTEGER *a, long v) } if (a->data == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_INTEGER_set, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return(0); } d=v; @@ -413,7 +413,7 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai) ret=ai; if (ret == NULL) { - OPENSSL_PUT_ERROR(ASN1, BN_to_ASN1_INTEGER, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } if (BN_is_negative(bn) && !BN_is_zero(bn)) @@ -426,7 +426,7 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai) unsigned char *new_data=OPENSSL_realloc(ret->data, len+4); if (!new_data) { - OPENSSL_PUT_ERROR(ASN1, BN_to_ASN1_INTEGER, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto err; } ret->data=new_data; @@ -449,7 +449,7 @@ BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn) BIGNUM *ret; if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL) - OPENSSL_PUT_ERROR(ASN1, ASN1_INTEGER_to_BN, ASN1_R_BN_LIB); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_BN_LIB); else if(ai->type == V_ASN1_NEG_INTEGER) BN_set_negative(ret, 1); return(ret); diff --git a/src/crypto/asn1/a_mbstr.c b/src/crypto/asn1/a_mbstr.c index 9abe659..42806d1 100644 --- a/src/crypto/asn1/a_mbstr.c +++ b/src/crypto/asn1/a_mbstr.c @@ -108,7 +108,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, case MBSTRING_BMP: if(len & 1) { - OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ASN1_R_INVALID_BMPSTRING_LENGTH); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_BMPSTRING_LENGTH); return -1; } nchar = len >> 1; @@ -116,7 +116,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, case MBSTRING_UNIV: if(len & 3) { - OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH); return -1; } nchar = len >> 2; @@ -127,7 +127,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, /* This counts the characters and does utf8 syntax checking */ ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar); if(ret < 0) { - OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ASN1_R_INVALID_UTF8STRING); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_UTF8STRING); return -1; } break; @@ -137,19 +137,19 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, break; default: - OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ASN1_R_UNKNOWN_FORMAT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNKNOWN_FORMAT); return -1; } if((minsize > 0) && (nchar < minsize)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ASN1_R_STRING_TOO_SHORT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_STRING_TOO_SHORT); BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize); ERR_add_error_data(2, "minsize=", strbuf); return -1; } if((maxsize > 0) && (nchar > maxsize)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ASN1_R_STRING_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_STRING_TOO_LONG); BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize); ERR_add_error_data(2, "maxsize=", strbuf); return -1; @@ -157,7 +157,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, /* Now work out minimal type (if any) */ if(traverse_string(in, len, inform, type_str, &mask) < 0) { - OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ASN1_R_ILLEGAL_CHARACTERS); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_CHARACTERS); return -1; } @@ -191,7 +191,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, free_out = 1; dest = ASN1_STRING_type_new(str_type); if(!dest) { - OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return -1; } *out = dest; @@ -199,7 +199,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, /* If both the same type just copy across */ if(inform == outform) { if(!ASN1_STRING_set(dest, in, len)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return -1; } return str_type; @@ -230,7 +230,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, } if(!(p = OPENSSL_malloc(outlen + 1))) { if(free_out) ASN1_STRING_free(dest); - OPENSSL_PUT_ERROR(ASN1, ASN1_mbstring_ncopy, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return -1; } dest->length = outlen; diff --git a/src/crypto/asn1/a_object.c b/src/crypto/asn1/a_object.c index 189886c..6ddfca9 100644 --- a/src/crypto/asn1/a_object.c +++ b/src/crypto/asn1/a_object.c @@ -106,13 +106,13 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) } else { - OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_FIRST_NUM_TOO_LARGE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_FIRST_NUM_TOO_LARGE); goto err; } if (num <= 0) { - OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_MISSING_SECOND_NUMBER); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_SECOND_NUMBER); goto err; } c= *(p++); @@ -122,7 +122,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) if (num <= 0) break; if ((c != '.') && (c != ' ')) { - OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_INVALID_SEPARATOR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_SEPARATOR); goto err; } l=0; @@ -136,7 +136,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) break; if ((c < '0') || (c > '9')) { - OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_INVALID_DIGIT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_DIGIT); goto err; } if (!use_bn && l >= ((ULONG_MAX - 80) / 10L)) @@ -160,7 +160,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) { if ((first < 2) && (l >= 40)) { - OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_SECOND_NUMBER_TOO_LARGE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_SECOND_NUMBER_TOO_LARGE); goto err; } if (use_bn) @@ -204,7 +204,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) { if (len+i > olen) { - OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_BUFFER_TOO_SMALL); goto err; } while (--i > 0) @@ -280,7 +280,7 @@ ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, if(ret) *pp = p; return ret; err: - OPENSSL_PUT_ERROR(ASN1, d2i_ASN1_OBJECT, i); + OPENSSL_PUT_ERROR(ASN1, i); return(NULL); } @@ -300,7 +300,7 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, if (len <= 0 || len > INT_MAX || pp == NULL || (p = *pp) == NULL || p[len - 1] & 0x80) { - OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_OBJECT_ENCODING); return NULL; } /* Now 0 < len <= INT_MAX, so the cast is safe. */ @@ -309,7 +309,7 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, { if (*p == 0x80 && (!i || !(p[-1] & 0x80))) { - OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_OBJECT_ENCODING); return NULL; } } @@ -350,7 +350,7 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, *pp=p; return(ret); err: - OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_OBJECT, i); + OPENSSL_PUT_ERROR(ASN1, i); if ((ret != NULL) && ((a == NULL) || (*a != ret))) ASN1_OBJECT_free(ret); return(NULL); @@ -363,7 +363,7 @@ ASN1_OBJECT *ASN1_OBJECT_new(void) ret=(ASN1_OBJECT *)OPENSSL_malloc(sizeof(ASN1_OBJECT)); if (ret == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_OBJECT_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return(NULL); } ret->length=0; diff --git a/src/crypto/asn1/a_strnid.c b/src/crypto/asn1/a_strnid.c index df849e1..d4316f7 100644 --- a/src/crypto/asn1/a_strnid.c +++ b/src/crypto/asn1/a_strnid.c @@ -215,13 +215,13 @@ int ASN1_STRING_TABLE_add(int nid, flags &= ~STABLE_FLAGS_MALLOC; if(!stable) stable = sk_ASN1_STRING_TABLE_new(sk_table_cmp); if(!stable) { - OPENSSL_PUT_ERROR(ASN1, ASN1_STRING_TABLE_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return 0; } if(!(tmp = ASN1_STRING_TABLE_get(nid))) { tmp = OPENSSL_malloc(sizeof(ASN1_STRING_TABLE)); if(!tmp) { - OPENSSL_PUT_ERROR(ASN1, ASN1_STRING_TABLE_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return 0; } tmp->flags = flags | STABLE_FLAGS_MALLOC; diff --git a/src/crypto/asn1/a_time.c b/src/crypto/asn1/a_time.c index e02e858..ac2cb48 100644 --- a/src/crypto/asn1/a_time.c +++ b/src/crypto/asn1/a_time.c @@ -85,7 +85,7 @@ int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp) if(a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME) return(i2d_ASN1_bytes((ASN1_STRING *)a,pp, a->type ,V_ASN1_UNIVERSAL)); - OPENSSL_PUT_ERROR(ASN1, XXX, ASN1_R_EXPECTING_A_TIME); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_EXPECTING_A_TIME); return -1; } #endif @@ -105,7 +105,7 @@ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, ts=OPENSSL_gmtime(&t,&data); if (ts == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_TIME_adj, ASN1_R_ERROR_GETTING_TIME); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ERROR_GETTING_TIME); return NULL; } if (offset_day || offset_sec) diff --git a/src/crypto/asn1/a_utctm.c b/src/crypto/asn1/a_utctm.c index 52b010f..dbbbecb 100644 --- a/src/crypto/asn1/a_utctm.c +++ b/src/crypto/asn1/a_utctm.c @@ -81,12 +81,12 @@ ASN1_UTCTIME *d2i_ASN1_UTCTIME(ASN1_UTCTIME **a, unsigned char **pp, V_ASN1_UTCTIME,V_ASN1_UNIVERSAL); if (ret == NULL) { - OPENSSL_PUT_ERROR(ASN1, XXX, ERR_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ERR_R_NESTED_ASN1_ERROR); return(NULL); } if (!ASN1_UTCTIME_check(ret)) { - OPENSSL_PUT_ERROR(ASN1, XXX, ASN1_R_INVALID_TIME_FORMAT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_TIME_FORMAT); goto err; } @@ -257,7 +257,7 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, p=OPENSSL_malloc(len); if (p == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_UTCTIME_adj, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto err; } if (s->data != NULL) diff --git a/src/crypto/asn1/asn1_lib.c b/src/crypto/asn1/asn1_lib.c index 9aa2678..a109749 100644 --- a/src/crypto/asn1/asn1_lib.c +++ b/src/crypto/asn1/asn1_lib.c @@ -69,17 +69,10 @@ OPENSSL_DECLARE_ERROR_REASON(ASN1, MALLOC_FAILURE); /* Cross-module errors from crypto/x509/i2d_pr.c */ -OPENSSL_DECLARE_ERROR_FUNCTION(ASN1, i2d_PrivateKey); OPENSSL_DECLARE_ERROR_REASON(ASN1, UNSUPPORTED_PUBLIC_KEY_TYPE); /* Cross-module errors from crypto/x509/asn1_gen.c. * TODO(davidben): Remove these once asn1_gen.c is gone. */ -OPENSSL_DECLARE_ERROR_FUNCTION(ASN1, ASN1_generate_v3); -OPENSSL_DECLARE_ERROR_FUNCTION(ASN1, asn1_cb); -OPENSSL_DECLARE_ERROR_FUNCTION(ASN1, parse_tagging); -OPENSSL_DECLARE_ERROR_FUNCTION(ASN1, append_exp); -OPENSSL_DECLARE_ERROR_FUNCTION(ASN1, asn1_str2type); -OPENSSL_DECLARE_ERROR_FUNCTION(ASN1, bitstr_cb); OPENSSL_DECLARE_ERROR_REASON(ASN1, DEPTH_EXCEEDED); OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_BITSTRING_FORMAT); OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_BOOLEAN); @@ -183,7 +176,7 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, #endif if (*plength > (omax - (p - *pp))) { - OPENSSL_PUT_ERROR(ASN1, ASN1_get_object, ASN1_R_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG); /* Set this so that even if things are not long enough * the values are set correctly */ ret|=0x80; @@ -191,7 +184,7 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, *pp=p; return(ret|inf); err: - OPENSSL_PUT_ERROR(ASN1, ASN1_get_object, ASN1_R_HEADER_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_HEADER_TOO_LONG); return(0x80); } @@ -433,7 +426,7 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len) if (str->data == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_STRING_set, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); str->data=c; return(0); } @@ -469,7 +462,7 @@ ASN1_STRING *ASN1_STRING_type_new(int type) ret=(ASN1_STRING *)OPENSSL_malloc(sizeof(ASN1_STRING)); if (ret == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_STRING_type_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return(NULL); } ret->length=0; diff --git a/src/crypto/asn1/asn_pack.c b/src/crypto/asn1/asn_pack.c index ee58fa5..e842a10 100644 --- a/src/crypto/asn1/asn_pack.c +++ b/src/crypto/asn1/asn_pack.c @@ -68,7 +68,7 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct) if (!oct || !*oct) { if (!(octmp = ASN1_STRING_new ())) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_pack, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return NULL; } if (oct) *oct = octmp; @@ -80,11 +80,11 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct) } if (!(octmp->length = ASN1_item_i2d(obj, &octmp->data, it))) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_pack, ASN1_R_ENCODE_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ENCODE_ERROR); return NULL; } if (!octmp->data) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_pack, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return NULL; } return octmp; @@ -99,6 +99,6 @@ void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it) p = oct->data; if(!(ret = ASN1_item_d2i(NULL, &p, oct->length, it))) - OPENSSL_PUT_ERROR(ASN1, ASN1_item_unpack, ASN1_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_DECODE_ERROR); return ret; } diff --git a/src/crypto/asn1/bio_ndef.c b/src/crypto/asn1/bio_ndef.c index 2f7105d..f07d3de 100644 --- a/src/crypto/asn1/bio_ndef.c +++ b/src/crypto/asn1/bio_ndef.c @@ -112,7 +112,7 @@ BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it) if (!aux || !aux->asn1_cb) { - OPENSSL_PUT_ERROR(ASN1, BIO_new_NDEF, ASN1_R_STREAMING_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_STREAMING_NOT_SUPPORTED); return NULL; } ndef_aux = OPENSSL_malloc(sizeof(NDEF_SUPPORT)); diff --git a/src/crypto/asn1/f_enum.c b/src/crypto/asn1/f_enum.c index 530afe5..bcdb773 100644 --- a/src/crypto/asn1/f_enum.c +++ b/src/crypto/asn1/f_enum.c @@ -144,7 +144,7 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size) i-=again; if (i%2 != 0) { - OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_ENUMERATED, ASN1_R_ODD_NUMBER_OF_CHARS); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ODD_NUMBER_OF_CHARS); goto err; } i/=2; @@ -158,7 +158,7 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size) (unsigned int)num+i*2); if (sp == NULL) { - OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto err; } s=sp; @@ -177,7 +177,7 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size) m=m-'A'+10; else { - OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_ENUMERATED, ASN1_R_NON_HEX_CHARACTERS); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NON_HEX_CHARACTERS); goto err; } s[num+j]<<=4; @@ -197,7 +197,7 @@ err: if (0) { err_sl: - OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_ENUMERATED, ASN1_R_SHORT_LINE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_SHORT_LINE); } if (s != NULL) OPENSSL_free(s); diff --git a/src/crypto/asn1/f_int.c b/src/crypto/asn1/f_int.c index 2c4fe6f..5186304 100644 --- a/src/crypto/asn1/f_int.c +++ b/src/crypto/asn1/f_int.c @@ -149,7 +149,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size) i-=again; if (i%2 != 0) { - OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_INTEGER, ASN1_R_ODD_NUMBER_OF_CHARS); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ODD_NUMBER_OF_CHARS); goto err; } i/=2; @@ -162,7 +162,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size) sp=OPENSSL_realloc_clean(s,slen,num+i*2); if (sp == NULL) { - OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_INTEGER, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto err; } s=sp; @@ -181,7 +181,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size) m=m-'A'+10; else { - OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_INTEGER, ASN1_R_NON_HEX_CHARACTERS); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NON_HEX_CHARACTERS); goto err; } s[num+j]<<=4; @@ -201,7 +201,7 @@ err: if (0) { err_sl: - OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_INTEGER, ASN1_R_SHORT_LINE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_SHORT_LINE); } if (s != NULL) OPENSSL_free(s); diff --git a/src/crypto/asn1/f_string.c b/src/crypto/asn1/f_string.c index 2f53670..5a7fe36 100644 --- a/src/crypto/asn1/f_string.c +++ b/src/crypto/asn1/f_string.c @@ -142,7 +142,7 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size) i-=again; if (i%2 != 0) { - OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_STRING, ASN1_R_ODD_NUMBER_OF_CHARS); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ODD_NUMBER_OF_CHARS); goto err; } i/=2; @@ -156,7 +156,7 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size) (unsigned int)num+i*2); if (sp == NULL) { - OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_STRING, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto err; } s=sp; @@ -175,7 +175,7 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size) m=m-'A'+10; else { - OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_STRING, ASN1_R_NON_HEX_CHARACTERS); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NON_HEX_CHARACTERS); goto err; } s[num+j]<<=4; @@ -195,7 +195,7 @@ err: if (0) { err_sl: - OPENSSL_PUT_ERROR(ASN1, a2i_ASN1_STRING, ASN1_R_SHORT_LINE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_SHORT_LINE); } if (s != NULL) OPENSSL_free(s); diff --git a/src/crypto/asn1/tasn_dec.c b/src/crypto/asn1/tasn_dec.c index 73d3bb3..507a842 100644 --- a/src/crypto/asn1/tasn_dec.c +++ b/src/crypto/asn1/tasn_dec.c @@ -189,7 +189,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, */ if ((tag != -1) || opt) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE); goto err; } return asn1_template_ex_d2i(pval, in, len, @@ -206,7 +206,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, &p, len, -1, 0, 1, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } @@ -215,7 +215,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, { /* If OPTIONAL, assume this is OK */ if (opt) return -1; - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_MSTRING_NOT_UNIVERSAL); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_MSTRING_NOT_UNIVERSAL); goto err; } /* Check tag matches bit map */ @@ -224,7 +224,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, /* If OPTIONAL, assume this is OK */ if (opt) return -1; - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_MSTRING_WRONG_TAG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_MSTRING_WRONG_TAG); goto err; } return asn1_d2i_ex_primitive(pval, in, len, @@ -255,7 +255,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, &p, len, exptag, aclass, 1, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } if (ret == -1) @@ -283,7 +283,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, imphack = *wp; if (p == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } *wp = (unsigned char)((*p & V_ASN1_CONSTRUCTED) @@ -298,7 +298,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, if (ptmpval) return 1; - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; @@ -320,7 +320,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, } else if (!ASN1_item_ex_new(pval, it)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } /* CHOICE type, try each possibility in turn */ @@ -340,7 +340,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, break; /* Otherwise must be an ASN1 parsing error */ errtt = tt; - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } @@ -354,7 +354,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, ASN1_item_ex_free(pval, it); return -1; } - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NO_MATCHING_CHOICE_TYPE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NO_MATCHING_CHOICE_TYPE); goto err; } @@ -380,7 +380,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, &p, len, tag, aclass, opt, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } else if (ret == -1) @@ -394,13 +394,13 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, else seq_nolen = seq_eoc; if (!cst) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_SEQUENCE_NOT_CONSTRUCTED); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_SEQUENCE_NOT_CONSTRUCTED); goto err; } if (!*pval && !ASN1_item_ex_new(pval, it)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } @@ -437,7 +437,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, { if (!seq_eoc) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_UNEXPECTED_EOC); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNEXPECTED_EOC); goto err; } len -= p - q; @@ -479,13 +479,13 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, /* Check for EOC if expecting one */ if (seq_eoc && !asn1_check_eoc(&p, len)) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_MISSING_EOC); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_EOC); goto err; } /* Check all data read */ if (!seq_nolen && len) { - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_SEQUENCE_LENGTH_MISMATCH); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_SEQUENCE_LENGTH_MISMATCH); goto err; } @@ -508,7 +508,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, else { errtt = seqtt; - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_FIELD_MISSING); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_FIELD_MISSING); goto err; } } @@ -524,7 +524,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, return 0; } auxerr: - OPENSSL_PUT_ERROR(ASN1, ASN1_item_ex_d2i, ASN1_R_AUX_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_AUX_ERROR); err: ASN1_item_ex_free(pval, it); if (errtt) @@ -569,21 +569,21 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val, q = p; if (!ret) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); return 0; } else if (ret == -1) return -1; if (!cst) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_ex_d2i, ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED); return 0; } /* We've found the field so it can't be OPTIONAL now */ ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_ex_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); return 0; } /* We read the field in OK so update length */ @@ -593,7 +593,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val, /* If NDEF we must have an EOC here */ if (!asn1_check_eoc(&p, len)) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_ex_d2i, ASN1_R_MISSING_EOC); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_EOC); goto err; } } @@ -603,7 +603,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val, * an error */ if (len) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_ex_d2i, ASN1_R_EXPLICIT_LENGTH_MISMATCH); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_EXPLICIT_LENGTH_MISMATCH); goto err; } } @@ -659,7 +659,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, &p, len, sktag, skaclass, opt, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_noexp_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); return 0; } else if (ret == -1) @@ -682,7 +682,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, if (!*val) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_noexp_d2i, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto err; } @@ -696,7 +696,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, { if (!sk_eoc) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_noexp_d2i, ASN1_R_UNEXPECTED_EOC); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNEXPECTED_EOC); goto err; } len -= p - q; @@ -708,20 +708,20 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx)) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_noexp_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } len -= p - q; if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val, skfield)) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_noexp_d2i, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto err; } } if (sk_eoc) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_noexp_d2i, ASN1_R_MISSING_EOC); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_EOC); goto err; } } @@ -732,7 +732,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_noexp_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } else if (ret == -1) @@ -745,7 +745,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, -1, 0, opt, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, asn1_template_noexp_d2i, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } else if (ret == -1) @@ -775,7 +775,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, long len; if (!pval) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_ex_primitive, ASN1_R_ILLEGAL_NULL); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_NULL); return 0; /* Should never happen */ } @@ -793,12 +793,12 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char oclass; if (tag >= 0) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_ex_primitive, ASN1_R_ILLEGAL_TAGGED_ANY); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_TAGGED_ANY); return 0; } if (opt) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_ex_primitive, ASN1_R_ILLEGAL_OPTIONAL_ANY); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_OPTIONAL_ANY); return 0; } p = *in; @@ -806,7 +806,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, &p, inlen, -1, 0, 0, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_ex_primitive, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); return 0; } if (oclass != V_ASN1_UNIVERSAL) @@ -823,7 +823,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, &p, inlen, tag, aclass, opt, ctx); if (!ret) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_ex_primitive, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); return 0; } else if (ret == -1) @@ -843,7 +843,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, /* SEQUENCE and SET must be constructed */ else if (!cst) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_ex_primitive, ASN1_R_TYPE_NOT_CONSTRUCTED); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_TYPE_NOT_CONSTRUCTED); return 0; } @@ -869,8 +869,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, || utype == V_ASN1_ENUMERATED) { /* These types only have primitive encodings. */ - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_ex_primitive, - ASN1_R_TYPE_NOT_PRIMITIVE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_TYPE_NOT_PRIMITIVE); return 0; } @@ -892,7 +891,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, /* Append a final null to string */ if (!BUF_MEM_grow_clean(&buf, len + 1)) { - OPENSSL_PUT_ERROR(ASN1, asn1_d2i_ex_primitive, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return 0; } buf.data[len] = 0; @@ -960,7 +959,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, case V_ASN1_NULL: if (len) { - OPENSSL_PUT_ERROR(ASN1, asn1_ex_c2i, ASN1_R_NULL_IS_WRONG_LENGTH); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NULL_IS_WRONG_LENGTH); goto err; } *pval = (ASN1_VALUE *)1; @@ -969,7 +968,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, case V_ASN1_BOOLEAN: if (len != 1) { - OPENSSL_PUT_ERROR(ASN1, asn1_ex_c2i, ASN1_R_BOOLEAN_IS_WRONG_LENGTH); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_BOOLEAN_IS_WRONG_LENGTH); goto err; } else @@ -1016,12 +1015,12 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, default: if (utype == V_ASN1_BMPSTRING && (len & 1)) { - OPENSSL_PUT_ERROR(ASN1, asn1_ex_c2i, ASN1_R_BMPSTRING_IS_WRONG_LENGTH); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_BMPSTRING_IS_WRONG_LENGTH); goto err; } if (utype == V_ASN1_UNIVERSALSTRING && (len & 3)) { - OPENSSL_PUT_ERROR(ASN1, asn1_ex_c2i, ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH); goto err; } /* All based on ASN1_STRING and handled the same */ @@ -1030,7 +1029,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, stmp = ASN1_STRING_type_new(utype); if (!stmp) { - OPENSSL_PUT_ERROR(ASN1, asn1_ex_c2i, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto err; } *pval = (ASN1_VALUE *)stmp; @@ -1053,7 +1052,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, { if (!ASN1_STRING_set(stmp, cont, len)) { - OPENSSL_PUT_ERROR(ASN1, asn1_ex_c2i, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); ASN1_STRING_free(stmp); *pval = NULL; goto err; @@ -1115,7 +1114,7 @@ static int asn1_find_end(const unsigned char **in, long len, char inf) if(!asn1_check_tlen(&plen, NULL, NULL, &inf, NULL, &p, len, -1, 0, 0, NULL)) { - OPENSSL_PUT_ERROR(ASN1, asn1_find_end, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); return 0; } if (inf) @@ -1126,7 +1125,7 @@ static int asn1_find_end(const unsigned char **in, long len, char inf) } if (expected_eoc) { - OPENSSL_PUT_ERROR(ASN1, asn1_find_end, ASN1_R_MISSING_EOC); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_EOC); return 0; } *in = p; @@ -1173,7 +1172,7 @@ static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, * constructed form */ if (!inf) { - OPENSSL_PUT_ERROR(ASN1, asn1_collect, ASN1_R_UNEXPECTED_EOC); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNEXPECTED_EOC); return 0; } inf = 0; @@ -1183,7 +1182,7 @@ static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, if (!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p, len, tag, aclass, 0, NULL)) { - OPENSSL_PUT_ERROR(ASN1, asn1_collect, ASN1_R_NESTED_ASN1_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); return 0; } @@ -1192,7 +1191,7 @@ static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, { if (depth >= ASN1_MAX_STRING_NEST) { - OPENSSL_PUT_ERROR(ASN1, asn1_collect, ASN1_R_NESTED_ASN1_STRING); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_STRING); return 0; } if (!asn1_collect(buf, &p, plen, ininf, tag, aclass, @@ -1205,7 +1204,7 @@ static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, } if (inf) { - OPENSSL_PUT_ERROR(ASN1, asn1_collect, ASN1_R_MISSING_EOC); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_EOC); return 0; } *in = p; @@ -1220,7 +1219,7 @@ static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen) len = buf->length; if (!BUF_MEM_grow_clean(buf, len + plen)) { - OPENSSL_PUT_ERROR(ASN1, collect_data, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return 0; } memcpy(buf->data + len, *p, plen); @@ -1288,7 +1287,7 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, */ if (!(i & 0x81) && ((plen + ctx->hdrlen) > len)) { - OPENSSL_PUT_ERROR(ASN1, asn1_check_tlen, ASN1_R_TOO_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG); asn1_tlc_clear(ctx); return 0; } @@ -1297,7 +1296,7 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, if (i & 0x80) { - OPENSSL_PUT_ERROR(ASN1, asn1_check_tlen, ASN1_R_BAD_OBJECT_HEADER); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_BAD_OBJECT_HEADER); asn1_tlc_clear(ctx); return 0; } @@ -1310,7 +1309,7 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, */ if (opt) return -1; asn1_tlc_clear(ctx); - OPENSSL_PUT_ERROR(ASN1, asn1_check_tlen, ASN1_R_WRONG_TAG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_WRONG_TAG); return 0; } /* We have a tag and class match: diff --git a/src/crypto/asn1/tasn_new.c b/src/crypto/asn1/tasn_new.c index 6d69dcb..c68fe06 100644 --- a/src/crypto/asn1/tasn_new.c +++ b/src/crypto/asn1/tasn_new.c @@ -209,7 +209,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, return 1; memerr: - OPENSSL_PUT_ERROR(ASN1, asn1_item_ex_combine_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); ASN1_item_ex_free(pval, it); #ifdef CRYPTO_MDEBUG if (it->sname) CRYPTO_pop_info(); @@ -217,7 +217,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, return 0; auxerr: - OPENSSL_PUT_ERROR(ASN1, asn1_item_ex_combine_new, ASN1_R_AUX_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_AUX_ERROR); ASN1_item_ex_free(pval, it); #ifdef CRYPTO_MDEBUG if (it->sname) CRYPTO_pop_info(); @@ -289,7 +289,7 @@ int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) skval = sk_ASN1_VALUE_new_null(); if (!skval) { - OPENSSL_PUT_ERROR(ASN1, ASN1_template_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); ret = 0; goto done; } diff --git a/src/crypto/asn1/tasn_prn.c b/src/crypto/asn1/tasn_prn.c index df19ff0..6a097a1 100644 --- a/src/crypto/asn1/tasn_prn.c +++ b/src/crypto/asn1/tasn_prn.c @@ -88,7 +88,7 @@ ASN1_PCTX *ASN1_PCTX_new(void) ret = OPENSSL_malloc(sizeof(ASN1_PCTX)); if (ret == NULL) { - OPENSSL_PUT_ERROR(ASN1, ASN1_PCTX_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return NULL; } ret->flags = 0; diff --git a/src/crypto/asn1/tasn_utl.c b/src/crypto/asn1/tasn_utl.c index ff3764e..960cdbb 100644 --- a/src/crypto/asn1/tasn_utl.c +++ b/src/crypto/asn1/tasn_utl.c @@ -260,8 +260,7 @@ const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, err: /* FIXME: should log the value or OID of unsupported type */ if (nullerr) { - OPENSSL_PUT_ERROR(ASN1, asn1_do_adb, - ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE); } return NULL; } diff --git a/src/crypto/asn1/x_long.c b/src/crypto/asn1/x_long.c index 5c2f96e..7b1a6fe 100644 --- a/src/crypto/asn1/x_long.c +++ b/src/crypto/asn1/x_long.c @@ -150,7 +150,7 @@ static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, unsigned long utmp = 0; char *cp = (char *)pval; if(len > (int)sizeof(long)) { - OPENSSL_PUT_ERROR(ASN1, long_c2i, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG); return 0; } /* Is it negative? */ @@ -168,7 +168,7 @@ static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, ltmp = -ltmp; } if(ltmp == it->size) { - OPENSSL_PUT_ERROR(ASN1, long_c2i, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG); return 0; } memcpy(cp, <mp, sizeof(long)); diff --git a/src/crypto/base64/CMakeLists.txt b/src/crypto/base64/CMakeLists.txt index 42037a5..f1dba6c 100644 --- a/src/crypto/base64/CMakeLists.txt +++ b/src/crypto/base64/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( base64 diff --git a/src/crypto/bio/CMakeLists.txt b/src/crypto/bio/CMakeLists.txt index dbf5951..8de090a 100644 --- a/src/crypto/bio/CMakeLists.txt +++ b/src/crypto/bio/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( bio diff --git a/src/crypto/bio/bio.c b/src/crypto/bio/bio.c index 5ac5911..4bc98ba 100644 --- a/src/crypto/bio/bio.c +++ b/src/crypto/bio/bio.c @@ -90,7 +90,7 @@ static int bio_set(BIO *bio, const BIO_METHOD *method) { BIO *BIO_new(const BIO_METHOD *method) { BIO *ret = OPENSSL_malloc(sizeof(BIO)); if (ret == NULL) { - OPENSSL_PUT_ERROR(BIO, BIO_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BIO, ERR_R_MALLOC_FAILURE); return NULL; } @@ -153,7 +153,7 @@ static int bio_io(BIO *bio, void *buf, int len, size_t method_offset, } if (io_func == NULL) { - OPENSSL_PUT_ERROR(BIO, bio_io, BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return -2; } @@ -165,7 +165,7 @@ static int bio_io(BIO *bio, void *buf, int len, size_t method_offset, } if (!bio->init) { - OPENSSL_PUT_ERROR(BIO, bio_io, BIO_R_UNINITIALIZED); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNINITIALIZED); return -2; } @@ -217,7 +217,7 @@ long BIO_ctrl(BIO *bio, int cmd, long larg, void *parg) { } if (bio->method == NULL || bio->method->ctrl == NULL) { - OPENSSL_PUT_ERROR(BIO, BIO_ctrl, BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return -2; } @@ -323,7 +323,7 @@ long BIO_callback_ctrl(BIO *bio, int cmd, bio_info_cb fp) { } if (bio->method == NULL || bio->method->callback_ctrl == NULL) { - OPENSSL_PUT_ERROR(BIO, BIO_callback_ctrl, BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return 0; } @@ -462,6 +462,10 @@ void BIO_print_errors(BIO *bio) { ERR_print_errors_cb(print_bio, bio); } +void ERR_print_errors(BIO *bio) { + BIO_print_errors(bio); +} + /* bio_read_all reads everything from |bio| and prepends |prefix| to it. On * success, |*out| is set to an allocated buffer (which should be freed with * |OPENSSL_free|), |*out_len| is set to its length and one is returned. The diff --git a/src/crypto/bio/bio_mem.c b/src/crypto/bio/bio_mem.c index f3aad6f..ef56111 100644 --- a/src/crypto/bio/bio_mem.c +++ b/src/crypto/bio/bio_mem.c @@ -70,7 +70,7 @@ BIO *BIO_new_mem_buf(void *buf, int len) { const size_t size = len < 0 ? strlen((char *)buf) : (size_t)len; if (!buf && len != 0) { - OPENSSL_PUT_ERROR(BIO, BIO_new_mem_buf, BIO_R_NULL_PARAMETER); + OPENSSL_PUT_ERROR(BIO, BIO_R_NULL_PARAMETER); return NULL; } @@ -167,7 +167,7 @@ static int mem_write(BIO *bio, const char *in, int inl) { b = (BUF_MEM *)bio->ptr; if (bio->flags & BIO_FLAGS_MEM_RDONLY) { - OPENSSL_PUT_ERROR(BIO, mem_write, BIO_R_WRITE_TO_READ_ONLY_BIO); + OPENSSL_PUT_ERROR(BIO, BIO_R_WRITE_TO_READ_ONLY_BIO); goto err; } diff --git a/src/crypto/bio/buffer.c b/src/crypto/bio/buffer.c index 3fc0685..9d0cb3c 100644 --- a/src/crypto/bio/buffer.c +++ b/src/crypto/bio/buffer.c @@ -406,7 +406,7 @@ static long buffer_ctrl(BIO *b, int cmd, long num, void *ptr) { return ret; malloc_error: - OPENSSL_PUT_ERROR(BIO, buffer_ctrl, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BIO, ERR_R_MALLOC_FAILURE); return 0; } diff --git a/src/crypto/bio/connect.c b/src/crypto/bio/connect.c index 32361bf..2ed2def 100644 --- a/src/crypto/bio/connect.c +++ b/src/crypto/bio/connect.c @@ -142,7 +142,7 @@ static int conn_state(BIO *bio, BIO_CONNECT *c) { case BIO_CONN_S_BEFORE: p = c->param_hostname; if (p == NULL) { - OPENSSL_PUT_ERROR(BIO, conn_state, BIO_R_NO_HOSTNAME_SPECIFIED); + OPENSSL_PUT_ERROR(BIO, BIO_R_NO_HOSTNAME_SPECIFIED); goto exit_loop; } for (; *p != 0; p++) { @@ -167,7 +167,7 @@ static int conn_state(BIO *bio, BIO_CONNECT *c) { } if (c->param_port == NULL) { - OPENSSL_PUT_ERROR(BIO, conn_state, BIO_R_NO_PORT_SPECIFIED); + OPENSSL_PUT_ERROR(BIO, BIO_R_NO_PORT_SPECIFIED); ERR_add_error_data(2, "host=", c->param_hostname); goto exit_loop; } @@ -175,7 +175,7 @@ static int conn_state(BIO *bio, BIO_CONNECT *c) { if (!bio_ip_and_port_to_socket_and_addr( &bio->num, &c->them, &c->them_length, c->param_hostname, c->param_port)) { - OPENSSL_PUT_ERROR(BIO, conn_state, BIO_R_UNABLE_TO_CREATE_SOCKET); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNABLE_TO_CREATE_SOCKET); ERR_add_error_data(4, "host=", c->param_hostname, ":", c->param_port); goto exit_loop; } @@ -185,7 +185,7 @@ static int conn_state(BIO *bio, BIO_CONNECT *c) { if (c->nbio) { if (!bio_socket_nbio(bio->num, 1)) { - OPENSSL_PUT_ERROR(BIO, conn_state, BIO_R_ERROR_SETTING_NBIO); + OPENSSL_PUT_ERROR(BIO, BIO_R_ERROR_SETTING_NBIO); ERR_add_error_data(4, "host=", c->param_hostname, ":", c->param_port); goto exit_loop; @@ -197,7 +197,7 @@ static int conn_state(BIO *bio, BIO_CONNECT *c) { sizeof(i)); if (ret < 0) { OPENSSL_PUT_SYSTEM_ERROR(setsockopt); - OPENSSL_PUT_ERROR(BIO, conn_state, BIO_R_KEEPALIVE); + OPENSSL_PUT_ERROR(BIO, BIO_R_KEEPALIVE); ERR_add_error_data(4, "host=", c->param_hostname, ":", c->param_port); goto exit_loop; } @@ -211,7 +211,7 @@ static int conn_state(BIO *bio, BIO_CONNECT *c) { bio->retry_reason = BIO_RR_CONNECT; } else { OPENSSL_PUT_SYSTEM_ERROR(connect); - OPENSSL_PUT_ERROR(BIO, conn_state, BIO_R_CONNECT_ERROR); + OPENSSL_PUT_ERROR(BIO, BIO_R_CONNECT_ERROR); ERR_add_error_data(4, "host=", c->param_hostname, ":", c->param_port); } @@ -232,7 +232,7 @@ static int conn_state(BIO *bio, BIO_CONNECT *c) { } else { BIO_clear_retry_flags(bio); OPENSSL_PUT_SYSTEM_ERROR(connect); - OPENSSL_PUT_ERROR(BIO, conn_state, BIO_R_NBIO_CONNECT_ERROR); + OPENSSL_PUT_ERROR(BIO, BIO_R_NBIO_CONNECT_ERROR); ERR_add_error_data(4, "host=", c->param_hostname, ":", c->param_port); ret = 0; } @@ -464,7 +464,7 @@ static long conn_ctrl(BIO *bio, int cmd, long num, void *ptr) { break; case BIO_CTRL_SET_CALLBACK: { #if 0 /* FIXME: Should this be used? -- Richard Levitte */ - OPENSSL_PUT_ERROR(BIO, XXX, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(BIO, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); ret = -1; #else ret = 0; diff --git a/src/crypto/bio/file.c b/src/crypto/bio/file.c index 7f57aad..2d3ccfe 100644 --- a/src/crypto/bio/file.c +++ b/src/crypto/bio/file.c @@ -88,7 +88,7 @@ #define BIO_FP_APPEND 0x08 static FILE *open_file(const char *filename, const char *mode) { -#if defined(_WIN32) && defined(CP_UTF8) +#if defined(OPENSSL_WINDOWS) && defined(CP_UTF8) int sz, len_0 = (int)strlen(filename) + 1; DWORD flags; @@ -133,9 +133,9 @@ BIO *BIO_new_file(const char *filename, const char *mode) { ERR_add_error_data(5, "fopen('", filename, "','", mode, "')"); if (errno == ENOENT) { - OPENSSL_PUT_ERROR(BIO, BIO_new_file, BIO_R_NO_SUCH_FILE); + OPENSSL_PUT_ERROR(BIO, BIO_R_NO_SUCH_FILE); } else { - OPENSSL_PUT_ERROR(BIO, BIO_new_file, BIO_R_SYS_LIB); + OPENSSL_PUT_ERROR(BIO, BIO_R_SYS_LIB); } return NULL; } @@ -182,20 +182,19 @@ static int file_free(BIO *bio) { } static int file_read(BIO *b, char *out, int outl) { - int ret = 0; - if (!b->init) { return 0; } - ret = fread(out, 1, outl, (FILE *)b->ptr); + size_t ret = fread(out, 1, outl, (FILE *)b->ptr); if (ret == 0 && ferror((FILE *)b->ptr)) { OPENSSL_PUT_SYSTEM_ERROR(fread); - OPENSSL_PUT_ERROR(BIO, file_read, ERR_R_SYS_LIB); - ret = -1; + OPENSSL_PUT_ERROR(BIO, ERR_R_SYS_LIB); + return -1; } - return ret; + /* fread reads at most |outl| bytes, so |ret| fits in an int. */ + return (int)ret; } static int file_write(BIO *b, const char *in, int inl) { @@ -253,7 +252,7 @@ static long file_ctrl(BIO *b, int cmd, long num, void *ptr) { } else if (num & BIO_FP_READ) { BUF_strlcpy(p, "r", sizeof(p)); } else { - OPENSSL_PUT_ERROR(BIO, file_ctrl, BIO_R_BAD_FOPEN_MODE); + OPENSSL_PUT_ERROR(BIO, BIO_R_BAD_FOPEN_MODE); ret = 0; break; } @@ -261,7 +260,7 @@ static long file_ctrl(BIO *b, int cmd, long num, void *ptr) { if (fp == NULL) { OPENSSL_PUT_SYSTEM_ERROR(fopen); ERR_add_error_data(5, "fopen('", ptr, "','", p, "')"); - OPENSSL_PUT_ERROR(BIO, file_ctrl, ERR_R_SYS_LIB); + OPENSSL_PUT_ERROR(BIO, ERR_R_SYS_LIB); ret = 0; break; } diff --git a/src/crypto/bio/pair.c b/src/crypto/bio/pair.c index cc55950..6f78890 100644 --- a/src/crypto/bio/pair.c +++ b/src/crypto/bio/pair.c @@ -181,27 +181,25 @@ int BIO_zero_copy_get_read_buf(BIO* bio, uint8_t** out_read_buf, BIO_clear_retry_flags(bio); if (!bio->init) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf, BIO_R_UNINITIALIZED); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNINITIALIZED); return 0; } b = bio->ptr; if (!b || !b->peer) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf, - BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return 0; } peer_b = b->peer->ptr; if (!peer_b || !peer_b->peer || peer_b->peer->ptr != b) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf, - BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return 0; } if (peer_b->zero_copy_read_lock) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf, BIO_R_INVALID_ARGUMENT); + OPENSSL_PUT_ERROR(BIO, BIO_R_INVALID_ARGUMENT); return 0; } @@ -229,37 +227,32 @@ int BIO_zero_copy_get_read_buf_done(BIO* bio, size_t bytes_read) { assert(BIO_get_retry_flags(bio) == 0); if (!bio->init) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf_done, - BIO_R_UNINITIALIZED); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNINITIALIZED); return 0; } b = bio->ptr; if (!b || !b->peer) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf_done, - BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return 0; } peer_b = b->peer->ptr; if (!peer_b || !peer_b->peer || peer_b->peer->ptr != b) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf_done, - BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return 0; } if (!peer_b->zero_copy_read_lock) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf_done, - BIO_R_INVALID_ARGUMENT); + OPENSSL_PUT_ERROR(BIO, BIO_R_INVALID_ARGUMENT); return 0; } max_available = bio_zero_copy_get_read_buf(peer_b, &dummy_read_buf, &dummy_read_offset); if (bytes_read > max_available) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_read_buf_done, - BIO_R_INVALID_ARGUMENT); + OPENSSL_PUT_ERROR(BIO, BIO_R_INVALID_ARGUMENT); return 0; } @@ -318,35 +311,33 @@ int BIO_zero_copy_get_write_buf(BIO* bio, uint8_t** out_write_buf, BIO_clear_retry_flags(bio); if (!bio->init) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf, BIO_R_UNINITIALIZED); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNINITIALIZED); return 0; } b = bio->ptr; if (!b || !b->buf || !b->peer) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf, - BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return 0; } peer_b = b->peer->ptr; if (!peer_b || !peer_b->peer || peer_b->peer->ptr != b) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf, - BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return 0; } assert(b->buf != NULL); if (b->zero_copy_write_lock) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf, BIO_R_INVALID_ARGUMENT); + OPENSSL_PUT_ERROR(BIO, BIO_R_INVALID_ARGUMENT); return 0; } b->request = 0; if (b->closed) { /* Bio is already closed. */ - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf, BIO_R_BROKEN_PIPE); + OPENSSL_PUT_ERROR(BIO, BIO_R_BROKEN_PIPE); return 0; } @@ -369,43 +360,38 @@ int BIO_zero_copy_get_write_buf_done(BIO* bio, size_t bytes_written) { uint8_t* dummy_write_buf; if (!bio->init) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf_done, - BIO_R_UNINITIALIZED); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNINITIALIZED); return 0; } b = bio->ptr; if (!b || !b->buf || !b->peer) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf_done, - BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return 0; } peer_b = b->peer->ptr; if (!peer_b || !peer_b->peer || peer_b->peer->ptr != b) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf_done, - BIO_R_UNSUPPORTED_METHOD); + OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return 0; } b->request = 0; if (b->closed) { /* BIO is already closed. */ - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf_done, BIO_R_BROKEN_PIPE); + OPENSSL_PUT_ERROR(BIO, BIO_R_BROKEN_PIPE); return 0; } if (!b->zero_copy_write_lock) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf_done, - BIO_R_INVALID_ARGUMENT); + OPENSSL_PUT_ERROR(BIO, BIO_R_INVALID_ARGUMENT); return 0; } rest = bio_zero_copy_get_write_buf(b, &dummy_write_buf, &dummy_write_offset); if (bytes_written > rest) { - OPENSSL_PUT_ERROR(BIO, BIO_zero_copy_get_write_buf_done, - BIO_R_INVALID_ARGUMENT); + OPENSSL_PUT_ERROR(BIO, BIO_R_INVALID_ARGUMENT); return 0; } @@ -525,7 +511,7 @@ static int bio_write(BIO *bio, const char *buf, int num_) { b->request = 0; if (b->closed) { /* we already closed */ - OPENSSL_PUT_ERROR(BIO, bio_write, BIO_R_BROKEN_PIPE); + OPENSSL_PUT_ERROR(BIO, BIO_R_BROKEN_PIPE); return -1; } @@ -590,7 +576,7 @@ static int bio_make_pair(BIO* bio1, BIO* bio2, b2 = bio2->ptr; if (b1->peer != NULL || b2->peer != NULL) { - OPENSSL_PUT_ERROR(BIO, bio_make_pair, BIO_R_IN_USE); + OPENSSL_PUT_ERROR(BIO, BIO_R_IN_USE); return 0; } @@ -605,7 +591,7 @@ static int bio_make_pair(BIO* bio1, BIO* bio2, b1->buf_externally_allocated = 0; b1->buf = OPENSSL_malloc(b1->size); if (b1->buf == NULL) { - OPENSSL_PUT_ERROR(BIO, bio_make_pair, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BIO, ERR_R_MALLOC_FAILURE); return 0; } } else { @@ -624,7 +610,7 @@ static int bio_make_pair(BIO* bio1, BIO* bio2, b2->buf_externally_allocated = 0; b2->buf = OPENSSL_malloc(b2->size); if (b2->buf == NULL) { - OPENSSL_PUT_ERROR(BIO, bio_make_pair, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BIO, ERR_R_MALLOC_FAILURE); return 0; } } else { diff --git a/src/crypto/bio/printf.c b/src/crypto/bio/printf.c index f51b396..2f5ae4a 100644 --- a/src/crypto/bio/printf.c +++ b/src/crypto/bio/printf.c @@ -95,7 +95,7 @@ int BIO_printf(BIO *bio, const char *format, ...) { out = OPENSSL_malloc(requested_len + 1); out_malloced = 1; if (out == NULL) { - OPENSSL_PUT_ERROR(BIO, BIO_printf, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BIO, ERR_R_MALLOC_FAILURE); return -1; } va_start(args, format); diff --git a/src/crypto/bio/socket_helper.c b/src/crypto/bio/socket_helper.c index b1cdd1a..01f635e 100644 --- a/src/crypto/bio/socket_helper.c +++ b/src/crypto/bio/socket_helper.c @@ -12,7 +12,8 @@ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -#define _POSIX_SOURCE +#undef _POSIX_C_SOURCE +#define _POSIX_C_SOURCE 200112L #include #include @@ -50,7 +51,7 @@ int bio_ip_and_port_to_socket_and_addr(int *out_sock, ret = getaddrinfo(hostname, port_str, &hint, &result); if (ret != 0) { - OPENSSL_PUT_ERROR(SYS, getaddrinfo, 0); + OPENSSL_PUT_ERROR(SYS, 0); ERR_add_error_data(1, gai_strerror(ret)); return 0; } diff --git a/src/crypto/bn/CMakeLists.txt b/src/crypto/bn/CMakeLists.txt index 2e0cb45..232e40a 100644 --- a/src/crypto/bn/CMakeLists.txt +++ b/src/crypto/bn/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) if (${ARCH} STREQUAL "x86_64") set( @@ -39,6 +39,7 @@ add_library( add.c asm/x86_64-gcc.c bn.c + bn_asn1.c cmp.c convert.c ctx.c diff --git a/src/crypto/bn/add.c b/src/crypto/bn/add.c index 1c6b2d7..a043d83 100644 --- a/src/crypto/bn/add.c +++ b/src/crypto/bn/add.c @@ -267,7 +267,7 @@ int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) { if (dif < 0) /* hmm... should not be happening */ { - OPENSSL_PUT_ERROR(BN, BN_usub, BN_R_ARG2_LT_ARG3); + OPENSSL_PUT_ERROR(BN, BN_R_ARG2_LT_ARG3); return 0; } diff --git a/src/crypto/bn/asm/armv4-mont.pl b/src/crypto/bn/asm/armv4-mont.pl index 0f1b6a9..4206fd8 100644 --- a/src/crypto/bn/asm/armv4-mont.pl +++ b/src/crypto/bn/asm/armv4-mont.pl @@ -79,7 +79,7 @@ $_n0="$num,#14*4"; $_num="$num,#15*4"; $_bpend=$_num; $code=<<___; -#include "arm_arch.h" +#include .text .code 32 diff --git a/src/crypto/bn/bn.c b/src/crypto/bn/bn.c index f32d6b0..b342749 100644 --- a/src/crypto/bn/bn.c +++ b/src/crypto/bn/bn.c @@ -69,7 +69,7 @@ BIGNUM *BN_new(void) { BIGNUM *bn = OPENSSL_malloc(sizeof(BIGNUM)); if (bn == NULL) { - OPENSSL_PUT_ERROR(BN, BN_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); return NULL; } @@ -279,26 +279,26 @@ void BN_set_negative(BIGNUM *bn, int sign) { } } -BIGNUM *bn_wexpand(BIGNUM *bn, unsigned words) { +BIGNUM *bn_wexpand(BIGNUM *bn, size_t words) { BN_ULONG *a; - if (words <= (unsigned) bn->dmax) { + if (words <= (size_t)bn->dmax) { return bn; } if (words > (INT_MAX / (4 * BN_BITS2))) { - OPENSSL_PUT_ERROR(BN, bn_wexpand, BN_R_BIGNUM_TOO_LONG); + OPENSSL_PUT_ERROR(BN, BN_R_BIGNUM_TOO_LONG); return NULL; } if (bn->flags & BN_FLG_STATIC_DATA) { - OPENSSL_PUT_ERROR(BN, bn_wexpand, BN_R_EXPAND_ON_STATIC_BIGNUM_DATA); + OPENSSL_PUT_ERROR(BN, BN_R_EXPAND_ON_STATIC_BIGNUM_DATA); return NULL; } a = (BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG) * words); if (a == NULL) { - OPENSSL_PUT_ERROR(BN, bn_wexpand, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); return NULL; } @@ -306,12 +306,16 @@ BIGNUM *bn_wexpand(BIGNUM *bn, unsigned words) { OPENSSL_free(bn->d); bn->d = a; - bn->dmax = words; + bn->dmax = (int)words; return bn; } -BIGNUM *bn_expand(BIGNUM *bn, unsigned bits) { +BIGNUM *bn_expand(BIGNUM *bn, size_t bits) { + if (bits + BN_BITS2 - 1 < bits) { + OPENSSL_PUT_ERROR(BN, BN_R_BIGNUM_TOO_LONG); + return NULL; + } return bn_wexpand(bn, (bits+BN_BITS2-1)/BN_BITS2); } diff --git a/src/crypto/bn/bn_asn1.c b/src/crypto/bn/bn_asn1.c new file mode 100644 index 0000000..9d70ba8 --- /dev/null +++ b/src/crypto/bn/bn_asn1.c @@ -0,0 +1,93 @@ +/* Copyright (c) 2015, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#include + +#include +#include + + +int BN_cbs2unsigned(CBS *cbs, BIGNUM *ret) { + CBS child; + if (!CBS_get_asn1(cbs, &child, CBS_ASN1_INTEGER) || + CBS_len(&child) == 0) { + OPENSSL_PUT_ERROR(BN, BN_R_BAD_ENCODING); + return 0; + } + + if (CBS_data(&child)[0] & 0x80) { + OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER); + return 0; + } + + /* INTEGERs must be minimal. */ + if (CBS_data(&child)[0] == 0x00 && + CBS_len(&child) > 1 && + !(CBS_data(&child)[1] & 0x80)) { + OPENSSL_PUT_ERROR(BN, BN_R_BAD_ENCODING); + return 0; + } + + return BN_bin2bn(CBS_data(&child), CBS_len(&child), ret) != NULL; +} + +int BN_cbs2unsigned_buggy(CBS *cbs, BIGNUM *ret) { + CBS child; + if (!CBS_get_asn1(cbs, &child, CBS_ASN1_INTEGER) || + CBS_len(&child) == 0) { + OPENSSL_PUT_ERROR(BN, BN_R_BAD_ENCODING); + return 0; + } + + /* This function intentionally does not reject negative numbers or non-minimal + * encodings. Estonian IDs issued between September 2014 to September 2015 are + * broken. See https://crbug.com/532048 and https://crbug.com/534766. + * + * TODO(davidben): Remove this code and callers in March 2016. */ + return BN_bin2bn(CBS_data(&child), CBS_len(&child), ret) != NULL; +} + +int BN_bn2cbb(CBB *cbb, const BIGNUM *bn) { + /* Negative numbers are unsupported. */ + if (BN_is_negative(bn)) { + OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER); + return 0; + } + + CBB child; + if (!CBB_add_asn1(cbb, &child, CBS_ASN1_INTEGER)) { + OPENSSL_PUT_ERROR(BN, BN_R_ENCODE_ERROR); + return 0; + } + + /* The number must be padded with a leading zero if the high bit would + * otherwise be set (or |bn| is zero). */ + if (BN_num_bits(bn) % 8 == 0 && + !CBB_add_u8(&child, 0x00)) { + OPENSSL_PUT_ERROR(BN, BN_R_ENCODE_ERROR); + return 0; + } + + uint8_t *out; + if (!CBB_add_space(&child, &out, BN_num_bytes(bn))) { + OPENSSL_PUT_ERROR(BN, BN_R_ENCODE_ERROR); + return 0; + } + BN_bn2bin(bn, out); + if (!CBB_flush(cbb)) { + OPENSSL_PUT_ERROR(BN, BN_R_ENCODE_ERROR); + return 0; + } + return 1; +} diff --git a/src/crypto/bn/bn_test.cc b/src/crypto/bn/bn_test.cc index 6a7d48c..47093a7 100644 --- a/src/crypto/bn/bn_test.cc +++ b/src/crypto/bn/bn_test.cc @@ -82,6 +82,7 @@ #include #include "../crypto/test/scoped_types.h" +#include "../crypto/test/test_util.h" // This program tests the BIGNUM implementation. It takes an optional -bc @@ -117,11 +118,13 @@ static bool test_exp_mod_zero(void); static bool test_small_prime(FILE *fp, BN_CTX *ctx); static bool test_mod_exp_mont5(FILE *fp, BN_CTX *ctx); static bool test_sqrt(FILE *fp, BN_CTX *ctx); -static bool test_bn2bin_padded(FILE *fp, BN_CTX *ctx); -static bool test_dec2bn(FILE *fp, BN_CTX *ctx); -static bool test_hex2bn(FILE *fp, BN_CTX *ctx); -static bool test_asc2bn(FILE *fp, BN_CTX *ctx); +static bool test_bn2bin_padded(BN_CTX *ctx); +static bool test_dec2bn(BN_CTX *ctx); +static bool test_hex2bn(BN_CTX *ctx); +static bool test_asc2bn(BN_CTX *ctx); +static bool test_mpi(); static bool test_rand(); +static bool test_asn1(); static const uint8_t kSample[] = "\xC6\x4F\x43\x04\x2A\xEA\xCA\x6E\x58\x36\x80\x5B\xE8\xC9" @@ -311,35 +314,15 @@ int main(int argc, char *argv[]) { } flush_fp(bc_file.get()); - message(bc_file.get(), "BN_bn2bin_padded"); - if (!test_bn2bin_padded(bc_file.get(), ctx.get())) { + if (!test_bn2bin_padded(ctx.get()) || + !test_dec2bn(ctx.get()) || + !test_hex2bn(ctx.get()) || + !test_asc2bn(ctx.get()) || + !test_mpi() || + !test_rand() || + !test_asn1()) { return 1; } - flush_fp(bc_file.get()); - - message(bc_file.get(), "BN_dec2bn"); - if (!test_dec2bn(bc_file.get(), ctx.get())) { - return 1; - } - flush_fp(bc_file.get()); - - message(bc_file.get(), "BN_hex2bn"); - if (!test_hex2bn(bc_file.get(), ctx.get())) { - return 1; - } - flush_fp(bc_file.get()); - - message(bc_file.get(), "BN_asc2bn"); - if (!test_asc2bn(bc_file.get(), ctx.get())) { - return 1; - } - flush_fp(bc_file.get()); - - message(bc_file.get(), "BN_rand"); - if (!test_rand()) { - return 1; - } - flush_fp(bc_file.get()); printf("PASS\n"); return 0; @@ -440,6 +423,16 @@ static bool test_div(FILE *fp, BN_CTX *ctx) { return false; } + if (!BN_one(a.get())) { + return false; + } + BN_zero(b.get()); + if (BN_div(d.get(), c.get(), a.get(), b.get(), ctx)) { + fprintf(stderr, "Division by zero succeeded!\n"); + return false; + } + ERR_clear_error(); + for (int i = 0; i < num0 + num1; i++) { if (i < num1) { if (!BN_rand(a.get(), 400, 0, 0) || @@ -837,18 +830,17 @@ static bool test_div_word(FILE *fp) { } for (int i = 0; i < num0; i++) { - BN_ULONG s; do { if (!BN_rand(a.get(), 512, -1, 0) || !BN_rand(b.get(), BN_BITS2, -1, 0)) { return false; } - s = b->d[0]; - } while (!s); + } while (BN_is_zero(b.get())); if (!BN_copy(b.get(), a.get())) { return false; } + BN_ULONG s = b->d[0]; BN_ULONG r = BN_div_word(b.get(), s); if (r == (BN_ULONG)-1) { return false; @@ -891,8 +883,27 @@ static bool test_mont(FILE *fp, BN_CTX *ctx) { ScopedBIGNUM B(BN_new()); ScopedBIGNUM n(BN_new()); ScopedBN_MONT_CTX mont(BN_MONT_CTX_new()); - if (!a || !b || !c || !d || !A || !B || !n || !mont || - !BN_rand(a.get(), 100, 0, 0) || + if (!a || !b || !c || !d || !A || !B || !n || !mont) { + return false; + } + + BN_zero(n.get()); + if (BN_MONT_CTX_set(mont.get(), n.get(), ctx)) { + fprintf(stderr, "BN_MONT_CTX_set succeeded for zero modulus!\n"); + return false; + } + ERR_clear_error(); + + if (!BN_set_word(n.get(), 16)) { + return false; + } + if (BN_MONT_CTX_set(mont.get(), n.get(), ctx)) { + fprintf(stderr, "BN_MONT_CTX_set succeeded for even modulus!\n"); + return false; + } + ERR_clear_error(); + + if (!BN_rand(a.get(), 100, 0, 0) || !BN_rand(b.get(), 100, 0, 0)) { return false; } @@ -932,6 +943,7 @@ static bool test_mont(FILE *fp, BN_CTX *ctx) { return false; } } + return true; } @@ -985,6 +997,16 @@ static bool test_mod_mul(FILE *fp, BN_CTX *ctx) { return false; } + if (!BN_one(a.get()) || !BN_one(b.get())) { + return false; + } + BN_zero(c.get()); + if (BN_mod_mul(e.get(), a.get(), b.get(), c.get(), ctx)) { + fprintf(stderr, "BN_mod_mul with zero modulus succeeded!\n"); + return false; + } + ERR_clear_error(); + for (int j = 0; j < 3; j++) { if (!BN_rand(c.get(), 1024, 0, 0)) { return false; @@ -1039,8 +1061,21 @@ static bool test_mod_exp(FILE *fp, BN_CTX *ctx) { ScopedBIGNUM c(BN_new()); ScopedBIGNUM d(BN_new()); ScopedBIGNUM e(BN_new()); - if (!a || !b || !c || !d || !e || - !BN_rand(c.get(), 30, 0, 1)) { // must be odd for montgomery + if (!a || !b || !c || !d || !e) { + return false; + } + + if (!BN_one(a.get()) || !BN_one(b.get())) { + return false; + } + BN_zero(c.get()); + if (BN_mod_exp(d.get(), a.get(), b.get(), c.get(), ctx)) { + fprintf(stderr, "BN_mod_exp with zero modulus succeeded!\n"); + return 0; + } + ERR_clear_error(); + + if (!BN_rand(c.get(), 30, 0, 1)) { // must be odd for montgomery return false; } for (int i = 0; i < num2; i++) { @@ -1079,8 +1114,32 @@ static bool test_mod_exp_mont_consttime(FILE *fp, BN_CTX *ctx) { ScopedBIGNUM c(BN_new()); ScopedBIGNUM d(BN_new()); ScopedBIGNUM e(BN_new()); - if (!a || !b || !c || !d || !e || - !BN_rand(c.get(), 30, 0, 1)) { // must be odd for montgomery + if (!a || !b || !c || !d || !e) { + return false; + } + + if (!BN_one(a.get()) || !BN_one(b.get())) { + return false; + } + BN_zero(c.get()); + if (BN_mod_exp_mont_consttime(d.get(), a.get(), b.get(), c.get(), ctx, + nullptr)) { + fprintf(stderr, "BN_mod_exp_mont_consttime with zero modulus succeeded!\n"); + return 0; + } + ERR_clear_error(); + + if (!BN_set_word(c.get(), 16)) { + return false; + } + if (BN_mod_exp_mont_consttime(d.get(), a.get(), b.get(), c.get(), ctx, + nullptr)) { + fprintf(stderr, "BN_mod_exp_mont_consttime with even modulus succeeded!\n"); + return 0; + } + ERR_clear_error(); + + if (!BN_rand(c.get(), 30, 0, 1)) { // must be odd for montgomery return false; } for (int i = 0; i < num2; i++) { @@ -1208,8 +1267,9 @@ static bool test_exp(FILE *fp, BN_CTX *ctx) { if (!BN_one(e.get())) { return false; } - for (; !BN_is_zero(b.get()); BN_sub(b.get(), b.get(), BN_value_one())) { - if (!BN_mul(e.get(), e.get(), a.get(), ctx)) { + while (!BN_is_zero(b.get())) { + if (!BN_mul(e.get(), e.get(), a.get(), ctx) || + !BN_sub(b.get(), b.get(), BN_value_one())) { return false; } } @@ -1371,7 +1431,7 @@ static bool test_sqrt(FILE *fp, BN_CTX *ctx) { return true; } -static bool test_bn2bin_padded(FILE *fp, BN_CTX *ctx) { +static bool test_bn2bin_padded(BN_CTX *ctx) { uint8_t zeros[256], out[256], reference[128]; memset(zeros, 0, sizeof(zeros)); @@ -1448,7 +1508,7 @@ static int DecimalToBIGNUM(ScopedBIGNUM *out, const char *in) { return ret; } -static bool test_dec2bn(FILE *fp, BN_CTX *ctx) { +static bool test_dec2bn(BN_CTX *ctx) { ScopedBIGNUM bn; int ret = DecimalToBIGNUM(&bn, "0"); if (ret != 1 || !BN_is_zero(bn.get()) || BN_is_negative(bn.get())) { @@ -1490,7 +1550,7 @@ static int HexToBIGNUM(ScopedBIGNUM *out, const char *in) { return ret; } -static bool test_hex2bn(FILE *fp, BN_CTX *ctx) { +static bool test_hex2bn(BN_CTX *ctx) { ScopedBIGNUM bn; int ret = HexToBIGNUM(&bn, "0"); if (ret != 1 || !BN_is_zero(bn.get()) || BN_is_negative(bn.get())) { @@ -1533,7 +1593,7 @@ static ScopedBIGNUM ASCIIToBIGNUM(const char *in) { return ScopedBIGNUM(raw); } -static bool test_asc2bn(FILE *fp, BN_CTX *ctx) { +static bool test_asc2bn(BN_CTX *ctx) { ScopedBIGNUM bn = ASCIIToBIGNUM("0"); if (!bn || !BN_is_zero(bn.get()) || BN_is_negative(bn.get())) { fprintf(stderr, "BN_asc2bn gave a bad result.\n"); @@ -1585,6 +1645,63 @@ static bool test_asc2bn(FILE *fp, BN_CTX *ctx) { return true; } +struct MPITest { + const char *base10; + const char *mpi; + size_t mpi_len; +}; + +static const MPITest kMPITests[] = { + { "0", "\x00\x00\x00\x00", 4 }, + { "1", "\x00\x00\x00\x01\x01", 5 }, + { "-1", "\x00\x00\x00\x01\x81", 5 }, + { "128", "\x00\x00\x00\x02\x00\x80", 6 }, + { "256", "\x00\x00\x00\x02\x01\x00", 6 }, + { "-256", "\x00\x00\x00\x02\x81\x00", 6 }, +}; + +static bool test_mpi() { + uint8_t scratch[8]; + + for (size_t i = 0; i < sizeof(kMPITests) / sizeof(kMPITests[0]); i++) { + const MPITest &test = kMPITests[i]; + ScopedBIGNUM bn(ASCIIToBIGNUM(test.base10)); + const size_t mpi_len = BN_bn2mpi(bn.get(), NULL); + if (mpi_len > sizeof(scratch)) { + fprintf(stderr, "MPI test #%u: MPI size is too large to test.\n", + (unsigned)i); + return false; + } + + const size_t mpi_len2 = BN_bn2mpi(bn.get(), scratch); + if (mpi_len != mpi_len2) { + fprintf(stderr, "MPI test #%u: length changes.\n", (unsigned)i); + return false; + } + + if (mpi_len != test.mpi_len || + memcmp(test.mpi, scratch, mpi_len) != 0) { + fprintf(stderr, "MPI test #%u failed:\n", (unsigned)i); + hexdump(stderr, "Expected: ", test.mpi, test.mpi_len); + hexdump(stderr, "Got: ", scratch, mpi_len); + return false; + } + + ScopedBIGNUM bn2(BN_mpi2bn(scratch, mpi_len, NULL)); + if (bn2.get() == nullptr) { + fprintf(stderr, "MPI test #%u: failed to parse\n", (unsigned)i); + return false; + } + + if (BN_cmp(bn.get(), bn2.get()) != 0) { + fprintf(stderr, "MPI test #%u: wrong result\n", (unsigned)i); + return false; + } + } + + return true; +} + static bool test_rand() { ScopedBIGNUM bn(BN_new()); if (!bn) { @@ -1628,3 +1745,170 @@ static bool test_rand() { return true; } + +struct ASN1Test { + const char *value_ascii; + const char *der; + size_t der_len; +}; + +static const ASN1Test kASN1Tests[] = { + {"0", "\x02\x01\x00", 3}, + {"1", "\x02\x01\x01", 3}, + {"127", "\x02\x01\x7f", 3}, + {"128", "\x02\x02\x00\x80", 4}, + {"0xdeadbeef", "\x02\x05\x00\xde\xad\xbe\xef", 7}, + {"0x0102030405060708", + "\x02\x08\x01\x02\x03\x04\x05\x06\x07\x08", 10}, + {"0xffffffffffffffff", + "\x02\x09\x00\xff\xff\xff\xff\xff\xff\xff\xff", 11}, +}; + +struct ASN1InvalidTest { + const char *der; + size_t der_len; +}; + +static const ASN1InvalidTest kASN1InvalidTests[] = { + // Bad tag. + {"\x03\x01\x00", 3}, + // Empty contents. + {"\x02\x00", 2}, +}; + +// kASN1BuggyTests are incorrect encodings and how |BN_cbs2unsigned_buggy| +// should interpret them. +static const ASN1Test kASN1BuggyTests[] = { + // Negative numbers. + {"128", "\x02\x01\x80", 3}, + {"255", "\x02\x01\xff", 3}, + // Unnecessary leading zeros. + {"1", "\x02\x02\x00\x01", 4}, +}; + +static bool test_asn1() { + for (const ASN1Test &test : kASN1Tests) { + ScopedBIGNUM bn = ASCIIToBIGNUM(test.value_ascii); + if (!bn) { + return false; + } + + // Test that the input is correctly parsed. + ScopedBIGNUM bn2(BN_new()); + if (!bn2) { + return false; + } + CBS cbs; + CBS_init(&cbs, reinterpret_cast(test.der), test.der_len); + if (!BN_cbs2unsigned(&cbs, bn2.get()) || CBS_len(&cbs) != 0) { + fprintf(stderr, "Parsing ASN.1 INTEGER failed.\n"); + return false; + } + if (BN_cmp(bn.get(), bn2.get()) != 0) { + fprintf(stderr, "Bad parse.\n"); + return false; + } + + // Test the value serializes correctly. + CBB cbb; + uint8_t *der; + size_t der_len; + CBB_zero(&cbb); + if (!CBB_init(&cbb, 0) || + !BN_bn2cbb(&cbb, bn.get()) || + !CBB_finish(&cbb, &der, &der_len)) { + CBB_cleanup(&cbb); + return false; + } + ScopedOpenSSLBytes delete_der(der); + if (der_len != test.der_len || + memcmp(der, reinterpret_cast(test.der), der_len) != 0) { + fprintf(stderr, "Bad serialization.\n"); + return false; + } + + // |BN_cbs2unsigned_buggy| parses all valid input. + CBS_init(&cbs, reinterpret_cast(test.der), test.der_len); + if (!BN_cbs2unsigned_buggy(&cbs, bn2.get()) || CBS_len(&cbs) != 0) { + fprintf(stderr, "Parsing ASN.1 INTEGER failed.\n"); + return false; + } + if (BN_cmp(bn.get(), bn2.get()) != 0) { + fprintf(stderr, "Bad parse.\n"); + return false; + } + } + + for (const ASN1InvalidTest &test : kASN1InvalidTests) { + ScopedBIGNUM bn(BN_new()); + if (!bn) { + return false; + } + CBS cbs; + CBS_init(&cbs, reinterpret_cast(test.der), test.der_len); + if (BN_cbs2unsigned(&cbs, bn.get())) { + fprintf(stderr, "Parsed invalid input.\n"); + return false; + } + ERR_clear_error(); + + // All tests in kASN1InvalidTests are also rejected by + // |BN_cbs2unsigned_buggy|. + CBS_init(&cbs, reinterpret_cast(test.der), test.der_len); + if (BN_cbs2unsigned_buggy(&cbs, bn.get())) { + fprintf(stderr, "Parsed invalid input.\n"); + return false; + } + ERR_clear_error(); + } + + for (const ASN1Test &test : kASN1BuggyTests) { + // These broken encodings are rejected by |BN_cbs2unsigned|. + ScopedBIGNUM bn(BN_new()); + if (!bn) { + return false; + } + + CBS cbs; + CBS_init(&cbs, reinterpret_cast(test.der), test.der_len); + if (BN_cbs2unsigned(&cbs, bn.get())) { + fprintf(stderr, "Parsed invalid input.\n"); + return false; + } + ERR_clear_error(); + + // However |BN_cbs2unsigned_buggy| accepts them. + ScopedBIGNUM bn2 = ASCIIToBIGNUM(test.value_ascii); + if (!bn2) { + return false; + } + + CBS_init(&cbs, reinterpret_cast(test.der), test.der_len); + if (!BN_cbs2unsigned_buggy(&cbs, bn.get()) || CBS_len(&cbs) != 0) { + fprintf(stderr, "Parsing (invalid) ASN.1 INTEGER failed.\n"); + return false; + } + + if (BN_cmp(bn.get(), bn2.get()) != 0) { + fprintf(stderr, "\"Bad\" parse.\n"); + return false; + } + } + + // Serializing negative numbers is not supported. + ScopedBIGNUM bn = ASCIIToBIGNUM("-1"); + if (!bn) { + return false; + } + CBB cbb; + CBB_zero(&cbb); + if (!CBB_init(&cbb, 0) || + BN_bn2cbb(&cbb, bn.get())) { + fprintf(stderr, "Serialized negative number.\n"); + CBB_cleanup(&cbb); + return false; + } + CBB_cleanup(&cbb); + + return true; +} diff --git a/src/crypto/bn/convert.c b/src/crypto/bn/convert.c index 531b661..0122709 100644 --- a/src/crypto/bn/convert.c +++ b/src/crypto/bn/convert.c @@ -56,7 +56,9 @@ #include +#include #include +#include #include #include @@ -67,7 +69,8 @@ #include "internal.h" BIGNUM *BN_bin2bn(const uint8_t *in, size_t len, BIGNUM *ret) { - unsigned num_words, m; + size_t num_words; + unsigned m; BN_ULONG word = 0; BIGNUM *bn = NULL; @@ -93,7 +96,10 @@ BIGNUM *BN_bin2bn(const uint8_t *in, size_t len, BIGNUM *ret) { return NULL; } - ret->top = num_words; + /* |bn_wexpand| must check bounds on |num_words| to write it into + * |ret->dmax|. */ + assert(num_words <= INT_MAX); + ret->top = (int)num_words; ret->neg = 0; while (len--) { @@ -198,7 +204,7 @@ char *BN_bn2hex(const BIGNUM *bn) { buf = (char *)OPENSSL_malloc(bn->top * BN_BYTES * 2 + 2); if (buf == NULL) { - OPENSSL_PUT_ERROR(BN, BN_bn2hex, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); return NULL; } @@ -227,47 +233,59 @@ char *BN_bn2hex(const BIGNUM *bn) { return buf; } -/* decode_hex decodes |i| bytes of hex data from |in| and updates |bn|. */ -static void decode_hex(BIGNUM *bn, const char *in, int i) { - int h, m, j, k, c; - BN_ULONG l=0; - - j = i; /* least significant 'hex' */ - h = 0; - while (j > 0) { - m = ((BN_BYTES * 2) <= j) ? (BN_BYTES * 2) : j; - l = 0; - for (;;) { - c = in[j - m]; - if ((c >= '0') && (c <= '9')) { - k = c - '0'; - } else if ((c >= 'a') && (c <= 'f')) { - k = c - 'a' + 10; - } else if ((c >= 'A') && (c <= 'F')) { - k = c - 'A' + 10; - } else { - k = 0; /* paranoia */ - } +/* decode_hex decodes |in_len| bytes of hex data from |in| and updates |bn|. */ +static int decode_hex(BIGNUM *bn, const char *in, int in_len) { + if (in_len > INT_MAX/4) { + OPENSSL_PUT_ERROR(BN, BN_R_BIGNUM_TOO_LONG); + return 0; + } + /* |in_len| is the number of hex digits. */ + if (bn_expand(bn, in_len * 4) == NULL) { + return 0; + } - l = (l << 4) | k; + int i = 0; + while (in_len > 0) { + /* Decode one |BN_ULONG| at a time. */ + int todo = BN_BYTES * 2; + if (todo > in_len) { + todo = in_len; + } - if (--m <= 0) { - bn->d[h++] = l; - break; + BN_ULONG word = 0; + int j; + for (j = todo; j > 0; j--) { + char c = in[in_len - j]; + + BN_ULONG hex; + if (c >= '0' && c <= '9') { + hex = c - '0'; + } else if (c >= 'a' && c <= 'f') { + hex = c - 'a' + 10; + } else if (c >= 'A' && c <= 'F') { + hex = c - 'A' + 10; + } else { + hex = 0; + /* This shouldn't happen. The caller checks |isxdigit|. */ + assert(0); } + word = (word << 4) | hex; } - j -= (BN_BYTES * 2); + bn->d[i++] = word; + in_len -= todo; } - - bn->top = h; + assert(i <= bn->dmax); + bn->top = i; + return 1; } /* decode_dec decodes |in_len| bytes of decimal data from |in| and updates |bn|. */ -static void decode_dec(BIGNUM *bn, const char *in, int in_len) { +static int decode_dec(BIGNUM *bn, const char *in, int in_len) { int i, j; BN_ULONG l = 0; + /* Decode |BN_DEC_NUM| digits at a time. */ j = BN_DEC_NUM - (in_len % BN_DEC_NUM); if (j == BN_DEC_NUM) { j = 0; @@ -277,15 +295,18 @@ static void decode_dec(BIGNUM *bn, const char *in, int in_len) { l *= 10; l += in[i] - '0'; if (++j == BN_DEC_NUM) { - BN_mul_word(bn, BN_DEC_CONV); - BN_add_word(bn, l); + if (!BN_mul_word(bn, BN_DEC_CONV) || + !BN_add_word(bn, l)) { + return 0; + } l = 0; j = 0; } } + return 1; } -typedef void (*decode_func) (BIGNUM *bn, const char *in, int i); +typedef int (*decode_func) (BIGNUM *bn, const char *in, int in_len); typedef int (*char_test_func) (int c); static int bn_x2bn(BIGNUM **outp, const char *in, decode_func decode, char_test_func want_char) { @@ -302,7 +323,7 @@ static int bn_x2bn(BIGNUM **outp, const char *in, decode_func decode, char_test_ in++; } - for (i = 0; want_char((unsigned char)in[i]); i++) {} + for (i = 0; want_char((unsigned char)in[i]) && i + neg < INT_MAX; i++) {} num = i + neg; if (outp == NULL) { @@ -320,13 +341,10 @@ static int bn_x2bn(BIGNUM **outp, const char *in, decode_func decode, char_test_ BN_zero(ret); } - /* i is the number of hex digests; */ - if (bn_expand(ret, i * 4) == NULL) { + if (!decode(ret, in, i)) { goto err; } - decode(ret, in, i); - bn_correct_top(ret); if (!BN_is_zero(ret)) { ret->neg = neg; @@ -365,7 +383,7 @@ char *BN_bn2dec(const BIGNUM *a) { (BN_ULONG *)OPENSSL_malloc((num / BN_DEC_NUM + 1) * sizeof(BN_ULONG)); buf = (char *)OPENSSL_malloc(num + 3); if ((buf == NULL) || (bn_data == NULL)) { - OPENSSL_PUT_ERROR(BN, BN_bn2dec, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); goto err; } t = BN_dup(a); @@ -499,3 +517,81 @@ BN_ULONG BN_get_word(const BIGNUM *bn) { return BN_MASK2; } } + +size_t BN_bn2mpi(const BIGNUM *in, uint8_t *out) { + const size_t bits = BN_num_bits(in); + const size_t bytes = (bits + 7) / 8; + /* If the number of bits is a multiple of 8, i.e. if the MSB is set, + * prefix with a zero byte. */ + int extend = 0; + if (bytes != 0 && (bits & 0x07) == 0) { + extend = 1; + } + + const size_t len = bytes + extend; + if (len < bytes || + 4 + len < len || + (len & 0xffffffff) != len) { + /* If we cannot represent the number then we emit zero as the interface + * doesn't allow an error to be signalled. */ + if (out) { + memset(out, 0, 4); + } + return 4; + } + + if (out == NULL) { + return 4 + len; + } + + out[0] = len >> 24; + out[1] = len >> 16; + out[2] = len >> 8; + out[3] = len; + if (extend) { + out[4] = 0; + } + BN_bn2bin(in, out + 4 + extend); + if (in->neg && len > 0) { + out[4] |= 0x80; + } + return len + 4; +} + +BIGNUM *BN_mpi2bn(const uint8_t *in, size_t len, BIGNUM *out) { + if (len < 4) { + OPENSSL_PUT_ERROR(BN, BN_R_BAD_ENCODING); + return NULL; + } + const size_t in_len = ((size_t)in[0] << 24) | + ((size_t)in[1] << 16) | + ((size_t)in[2] << 8) | + ((size_t)in[3]); + if (in_len != len - 4) { + OPENSSL_PUT_ERROR(BN, BN_R_BAD_ENCODING); + return NULL; + } + + if (out == NULL) { + out = BN_new(); + } + if (out == NULL) { + OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); + return NULL; + } + + if (in_len == 0) { + BN_zero(out); + return out; + } + + in += 4; + if (BN_bin2bn(in, in_len, out) == NULL) { + return NULL; + } + out->neg = ((*in) & 0x80) != 0; + if (out->neg) { + BN_clear_bit(out, BN_num_bits(out) - 1); + } + return out; +} diff --git a/src/crypto/bn/ctx.c b/src/crypto/bn/ctx.c index 0578376..48d9adf 100644 --- a/src/crypto/bn/ctx.c +++ b/src/crypto/bn/ctx.c @@ -124,7 +124,7 @@ struct bignum_ctx { BN_CTX *BN_CTX_new(void) { BN_CTX *ret = OPENSSL_malloc(sizeof(BN_CTX)); if (!ret) { - OPENSSL_PUT_ERROR(BN, BN_CTX_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); return NULL; } @@ -153,7 +153,7 @@ void BN_CTX_start(BN_CTX *ctx) { ctx->err_stack++; } else if (!BN_STACK_push(&ctx->stack, ctx->used)) { /* (Try to) get a new frame pointer */ - OPENSSL_PUT_ERROR(BN, BN_CTX_start, BN_R_TOO_MANY_TEMPORARY_VARIABLES); + OPENSSL_PUT_ERROR(BN, BN_R_TOO_MANY_TEMPORARY_VARIABLES); ctx->err_stack++; } } @@ -169,7 +169,7 @@ BIGNUM *BN_CTX_get(BN_CTX *ctx) { /* Setting too_many prevents repeated "get" attempts from * cluttering the error stack. */ ctx->too_many = 1; - OPENSSL_PUT_ERROR(BN, BN_CTX_get, BN_R_TOO_MANY_TEMPORARY_VARIABLES); + OPENSSL_PUT_ERROR(BN, BN_R_TOO_MANY_TEMPORARY_VARIABLES); return NULL; } diff --git a/src/crypto/bn/div.c b/src/crypto/bn/div.c index 3588ea1..779dda2 100644 --- a/src/crypto/bn/div.c +++ b/src/crypto/bn/div.c @@ -125,7 +125,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, * so don't just rely on bn_check_top() here */ if ((num->top > 0 && num->d[num->top - 1] == 0) || (divisor->top > 0 && divisor->d[divisor->top - 1] == 0)) { - OPENSSL_PUT_ERROR(BN, BN_div, BN_R_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(BN, BN_R_NOT_INITIALIZED); return 0; } @@ -135,7 +135,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, } if (BN_is_zero(divisor)) { - OPENSSL_PUT_ERROR(BN, BN_div, BN_R_DIV_BY_ZERO); + OPENSSL_PUT_ERROR(BN, BN_R_DIV_BY_ZERO); return 0; } @@ -511,7 +511,7 @@ int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m) { /* max_shift >= 0 */ if (max_shift < 0) { - OPENSSL_PUT_ERROR(BN, BN_mod_lshift_quick, BN_R_INPUT_NOT_REDUCED); + OPENSSL_PUT_ERROR(BN, BN_R_INPUT_NOT_REDUCED); return 0; } diff --git a/src/crypto/bn/exponentiation.c b/src/crypto/bn/exponentiation.c index d3063c9..6c5e11b 100644 --- a/src/crypto/bn/exponentiation.c +++ b/src/crypto/bn/exponentiation.c @@ -131,7 +131,7 @@ int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { if ((p->flags & BN_FLG_CONSTTIME) != 0) { /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */ - OPENSSL_PUT_ERROR(BN, BN_exp, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(BN, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } @@ -173,8 +173,8 @@ int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { } } - if (r != rr) { - BN_copy(r, rr); + if (r != rr && !BN_copy(r, rr)) { + goto err; } ret = 1; @@ -333,7 +333,7 @@ static int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, j = 0; while (BN_ucmp(r, &(recp->N)) >= 0) { if (j++ > 2) { - OPENSSL_PUT_ERROR(BN, BN_div_recp, BN_R_BAD_RECIPROCAL); + OPENSSL_PUT_ERROR(BN, BN_R_BAD_RECIPROCAL); goto err; } if (!BN_usub(r, r, &(recp->N))) { @@ -427,7 +427,7 @@ static int mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) { /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */ - OPENSSL_PUT_ERROR(BN, mod_exp_recp, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(BN, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } @@ -616,7 +616,7 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, } if (!BN_is_odd(m)) { - OPENSSL_PUT_ERROR(BN, BN_mod_exp_mont, BN_R_CALLED_WITH_EVEN_MODULUS); + OPENSSL_PUT_ERROR(BN, BN_R_CALLED_WITH_EVEN_MODULUS); return 0; } bits = BN_num_bits(p); @@ -862,13 +862,13 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, unsigned char *powerbuf = NULL; BIGNUM tmp, am; - top = m->top; - - if (!(m->d[0] & 1)) { - OPENSSL_PUT_ERROR(BN, BN_mod_exp_mont_consttime, - BN_R_CALLED_WITH_EVEN_MODULUS); + if (!BN_is_odd(m)) { + OPENSSL_PUT_ERROR(BN, BN_R_CALLED_WITH_EVEN_MODULUS); return 0; } + + top = m->top; + bits = BN_num_bits(p); if (bits == 0) { ret = BN_one(rr); @@ -926,7 +926,6 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, } } #endif - (void)0; /* Allocate a buffer large enough to hold all of the pre-computed * powers of am, am itself and tmp. @@ -1223,13 +1222,12 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) { /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */ - OPENSSL_PUT_ERROR(BN, BN_mod_exp_mont_word, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(BN, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (!BN_is_odd(m)) { - OPENSSL_PUT_ERROR(BN, BN_mod_exp_mont_word, BN_R_CALLED_WITH_EVEN_MODULUS); + OPENSSL_PUT_ERROR(BN, BN_R_CALLED_WITH_EVEN_MODULUS); return 0; } @@ -1372,7 +1370,7 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1, BN_MONT_CTX *mont = NULL; if (!(m->d[0] & 1)) { - OPENSSL_PUT_ERROR(BN, BN_mod_exp2_mont, BN_R_CALLED_WITH_EVEN_MODULUS); + OPENSSL_PUT_ERROR(BN, BN_R_CALLED_WITH_EVEN_MODULUS); return 0; } bits1 = BN_num_bits(p1); diff --git a/src/crypto/bn/gcd.c b/src/crypto/bn/gcd.c index 3132c29..e106149 100644 --- a/src/crypto/bn/gcd.c +++ b/src/crypto/bn/gcd.c @@ -223,20 +223,23 @@ err: } /* solves ax == 1 (mod n) */ -static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *out, const BIGNUM *a, - const BIGNUM *n, BN_CTX *ctx); +static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *out, int *out_no_inverse, + const BIGNUM *a, const BIGNUM *n, + BN_CTX *ctx); -BIGNUM *BN_mod_inverse(BIGNUM *out, const BIGNUM *a, const BIGNUM *n, - BN_CTX *ctx) { +BIGNUM *BN_mod_inverse_ex(BIGNUM *out, int *out_no_inverse, const BIGNUM *a, + const BIGNUM *n, BN_CTX *ctx) { BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL; BIGNUM *ret = NULL; int sign; if ((a->flags & BN_FLG_CONSTTIME) != 0 || (n->flags & BN_FLG_CONSTTIME) != 0) { - return BN_mod_inverse_no_branch(out, a, n, ctx); + return BN_mod_inverse_no_branch(out, out_no_inverse, a, n, ctx); } + *out_no_inverse = 0; + BN_CTX_start(ctx); A = BN_CTX_get(ctx); B = BN_CTX_get(ctx); @@ -522,7 +525,8 @@ BIGNUM *BN_mod_inverse(BIGNUM *out, const BIGNUM *a, const BIGNUM *n, } } } else { - OPENSSL_PUT_ERROR(BN, BN_mod_inverse, BN_R_NO_INVERSE); + *out_no_inverse = 1; + OPENSSL_PUT_ERROR(BN, BN_R_NO_INVERSE); goto err; } ret = R; @@ -535,16 +539,25 @@ err: return ret; } +BIGNUM *BN_mod_inverse(BIGNUM *out, const BIGNUM *a, const BIGNUM *n, + BN_CTX *ctx) { + int no_inverse; + return BN_mod_inverse_ex(out, &no_inverse, a, n, ctx); +} + /* BN_mod_inverse_no_branch is a special version of BN_mod_inverse. * It does not contain branches that may leak sensitive information. */ -static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *out, const BIGNUM *a, - const BIGNUM *n, BN_CTX *ctx) { +static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *out, int *out_no_inverse, + const BIGNUM *a, const BIGNUM *n, + BN_CTX *ctx) { BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL; BIGNUM local_A, local_B; BIGNUM *pA, *pB; BIGNUM *ret = NULL; int sign; + *out_no_inverse = 0; + BN_CTX_start(ctx); A = BN_CTX_get(ctx); B = BN_CTX_get(ctx); @@ -682,7 +695,8 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *out, const BIGNUM *a, } } } else { - OPENSSL_PUT_ERROR(BN, BN_mod_inverse_no_branch, BN_R_NO_INVERSE); + *out_no_inverse = 1; + OPENSSL_PUT_ERROR(BN, BN_R_NO_INVERSE); goto err; } ret = R; diff --git a/src/crypto/bn/internal.h b/src/crypto/bn/internal.h index 2674b3c..0d0eb44 100644 --- a/src/crypto/bn/internal.h +++ b/src/crypto/bn/internal.h @@ -136,9 +136,9 @@ extern "C" { #endif -/* bn_expand acts the same as |BN_wexpand|, but takes a number of bits rather +/* bn_expand acts the same as |bn_wexpand|, but takes a number of bits rather * than a number of words. */ -BIGNUM *bn_expand(BIGNUM *bn, unsigned bits); +BIGNUM *bn_expand(BIGNUM *bn, size_t bits); #if defined(OPENSSL_64_BIT) diff --git a/src/crypto/bn/montgomery.c b/src/crypto/bn/montgomery.c index 152cf2d..c6c9c88 100644 --- a/src/crypto/bn/montgomery.c +++ b/src/crypto/bn/montgomery.c @@ -110,6 +110,7 @@ #include +#include #include #include @@ -176,6 +177,11 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx) { BIGNUM tmod; BN_ULONG buf[2]; + if (BN_is_zero(mod)) { + OPENSSL_PUT_ERROR(BN, BN_R_DIV_BY_ZERO); + return 0; + } + BN_CTX_start(ctx); Ri = BN_CTX_get(ctx); if (Ri == NULL) { diff --git a/src/crypto/bn/mul.c b/src/crypto/bn/mul.c index a17d766..029a59e 100644 --- a/src/crypto/bn/mul.c +++ b/src/crypto/bn/mul.c @@ -666,8 +666,8 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) { end: bn_correct_top(rr); - if (r != rr) { - BN_copy(r, rr); + if (r != rr && !BN_copy(r, rr)) { + goto err; } ret = 1; @@ -877,8 +877,8 @@ int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) { rr->top = max; } - if (rr != r) { - BN_copy(r, rr); + if (rr != r && !BN_copy(r, rr)) { + goto err; } ret = 1; diff --git a/src/crypto/bn/prime.c b/src/crypto/bn/prime.c index cf3afcf..bbb8fe0 100644 --- a/src/crypto/bn/prime.c +++ b/src/crypto/bn/prime.c @@ -362,11 +362,11 @@ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add, if (bits < 2) { /* There are no prime numbers this small. */ - OPENSSL_PUT_ERROR(BN, BN_generate_prime_ex, BN_R_BITS_TOO_SMALL); + OPENSSL_PUT_ERROR(BN, BN_R_BITS_TOO_SMALL); return 0; } else if (bits == 2 && safe) { /* The smallest safe prime (7) is three bits. */ - OPENSSL_PUT_ERROR(BN, BN_generate_prime_ex, BN_R_BITS_TOO_SMALL); + OPENSSL_PUT_ERROR(BN, BN_R_BITS_TOO_SMALL); return 0; } @@ -515,11 +515,10 @@ int BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, /* A := abs(a) */ if (a->neg) { - BIGNUM *t; - if ((t = BN_CTX_get(ctx)) == NULL) { + BIGNUM *t = BN_CTX_get(ctx); + if (t == NULL || !BN_copy(t, a)) { goto err; } - BN_copy(t, a); t->neg = 0; A = t; } else { diff --git a/src/crypto/bn/random.c b/src/crypto/bn/random.c index 549ac48..3116e54 100644 --- a/src/crypto/bn/random.c +++ b/src/crypto/bn/random.c @@ -134,7 +134,7 @@ int BN_rand(BIGNUM *rnd, int bits, int top, int bottom) { buf = OPENSSL_malloc(bytes); if (buf == NULL) { - OPENSSL_PUT_ERROR(BN, BN_rand, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); goto err; } @@ -186,7 +186,7 @@ int BN_rand_range(BIGNUM *r, const BIGNUM *range) { unsigned count = 100; if (range->neg || BN_is_zero(range)) { - OPENSSL_PUT_ERROR(BN, BN_rand_range, BN_R_INVALID_RANGE); + OPENSSL_PUT_ERROR(BN, BN_R_INVALID_RANGE); return 0; } @@ -219,7 +219,7 @@ int BN_rand_range(BIGNUM *r, const BIGNUM *range) { } if (!--count) { - OPENSSL_PUT_ERROR(BN, BN_rand_range, BN_R_TOO_MANY_ITERATIONS); + OPENSSL_PUT_ERROR(BN, BN_R_TOO_MANY_ITERATIONS); return 0; } } while (BN_cmp(r, range) >= 0); @@ -231,7 +231,7 @@ int BN_rand_range(BIGNUM *r, const BIGNUM *range) { } if (!--count) { - OPENSSL_PUT_ERROR(BN, BN_rand_range, BN_R_TOO_MANY_ITERATIONS); + OPENSSL_PUT_ERROR(BN, BN_R_TOO_MANY_ITERATIONS); return 0; } } while (BN_cmp(r, range) >= 0); @@ -264,13 +264,13 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range, const BIGNUM *priv, } if (BN_is_zero(range)) { - OPENSSL_PUT_ERROR(BN, BN_generate_dsa_nonce, BN_R_DIV_BY_ZERO); + OPENSSL_PUT_ERROR(BN, BN_R_DIV_BY_ZERO); goto err; } k_bytes = OPENSSL_malloc(num_k_bytes); if (!k_bytes) { - OPENSSL_PUT_ERROR(BN, BN_generate_dsa_nonce, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); goto err; } @@ -281,7 +281,7 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range, const BIGNUM *priv, /* No reasonable DSA or ECDSA key should have a private key * this large and we don't handle this case in order to avoid * leaking the length of the private key. */ - OPENSSL_PUT_ERROR(BN, BN_generate_dsa_nonce, BN_R_PRIVATE_KEY_TOO_LARGE); + OPENSSL_PUT_ERROR(BN, BN_R_PRIVATE_KEY_TOO_LARGE); goto err; } memcpy(private_bytes, priv->d, todo); diff --git a/src/crypto/bn/rsaz_exp.h b/src/crypto/bn/rsaz_exp.h index 0bb6b0c..c752b45 100644 --- a/src/crypto/bn/rsaz_exp.h +++ b/src/crypto/bn/rsaz_exp.h @@ -1,32 +1,44 @@ -/****************************************************************************** -* Copyright(c) 2012, Intel Corp. -* Developers and authors: -* Shay Gueron (1, 2), and Vlad Krasnov (1) -* (1) Intel Corporation, Israel Development Center, Haifa, Israel -* (2) University of Haifa, Israel +/***************************************************************************** +* * +* Copyright (c) 2012, Intel Corporation * +* * +* All rights reserved. * +* * +* Redistribution and use in source and binary forms, with or without * +* modification, are permitted provided that the following conditions are * +* met: * +* * +* * Redistributions of source code must retain the above copyright * +* notice, this list of conditions and the following disclaimer. * +* * +* * Redistributions in binary form must reproduce the above copyright * +* notice, this list of conditions and the following disclaimer in the * +* documentation and/or other materials provided with the * +* distribution. * +* * +* * Neither the name of the Intel Corporation nor the names of its * +* contributors may be used to endorse or promote products derived from * +* this software without specific prior written permission. * +* * +* * +* THIS SOFTWARE IS PROVIDED BY INTEL CORPORATION ""AS IS"" AND ANY * +* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * +* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * +* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL INTEL CORPORATION OR * +* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, * +* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * +* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +* * ****************************************************************************** -* LICENSE: -* This submission to OpenSSL is to be made available under the OpenSSL -* license, and only to the OpenSSL project, in order to allow integration -* into the publicly distributed code. -* The use of this code, or portions of this code, or concepts embedded in -* this code, or modification of this code and/or algorithm(s) in it, or the -* use of this code for any other purpose than stated above, requires special -* licensing. -****************************************************************************** -* DISCLAIMER: -* THIS SOFTWARE IS PROVIDED BY THE CONTRIBUTORS AND THE COPYRIGHT OWNERS -* ``AS IS''. ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED -* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS OR THE COPYRIGHT -* OWNERS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, -* OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -* POSSIBILITY OF SUCH DAMAGE. -******************************************************************************/ +* Developers and authors: * +* Shay Gueron (1, 2), and Vlad Krasnov (1) * +* (1) Intel Corporation, Israel Development Center, Haifa, Israel * +* (2) University of Haifa, Israel * +*****************************************************************************/ #ifndef RSAZ_EXP_H #define RSAZ_EXP_H diff --git a/src/crypto/bn/shift.c b/src/crypto/bn/shift.c index f143996..defec92 100644 --- a/src/crypto/bn/shift.c +++ b/src/crypto/bn/shift.c @@ -69,7 +69,7 @@ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n) { BN_ULONG l; if (n < 0) { - OPENSSL_PUT_ERROR(BN, BN_lshift, BN_R_NEGATIVE_NUMBER); + OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER); return 0; } @@ -138,7 +138,7 @@ int BN_rshift(BIGNUM *r, const BIGNUM *a, int n) { BN_ULONG l, tmp; if (n < 0) { - OPENSSL_PUT_ERROR(BN, BN_rshift, BN_R_NEGATIVE_NUMBER); + OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER); return 0; } diff --git a/src/crypto/bn/sqrt.c b/src/crypto/bn/sqrt.c index e71a818..2ed66c2 100644 --- a/src/crypto/bn/sqrt.c +++ b/src/crypto/bn/sqrt.c @@ -86,7 +86,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { return ret; } - OPENSSL_PUT_ERROR(BN, BN_mod_sqrt, BN_R_P_IS_NOT_PRIME); + OPENSSL_PUT_ERROR(BN, BN_R_P_IS_NOT_PRIME); return (NULL); } @@ -260,7 +260,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { } if (r == 0) { /* m divides p */ - OPENSSL_PUT_ERROR(BN, BN_mod_sqrt, BN_R_P_IS_NOT_PRIME); + OPENSSL_PUT_ERROR(BN, BN_R_P_IS_NOT_PRIME); goto end; } } while (r == 1 && ++i < 82); @@ -271,7 +271,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { * Even if p is not prime, we should have found some y * such that r == -1. */ - OPENSSL_PUT_ERROR(BN, BN_mod_sqrt, BN_R_TOO_MANY_ITERATIONS); + OPENSSL_PUT_ERROR(BN, BN_R_TOO_MANY_ITERATIONS); goto end; } @@ -286,7 +286,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { goto end; } if (BN_is_one(y)) { - OPENSSL_PUT_ERROR(BN, BN_mod_sqrt, BN_R_P_IS_NOT_PRIME); + OPENSSL_PUT_ERROR(BN, BN_R_P_IS_NOT_PRIME); goto end; } @@ -377,7 +377,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { while (!BN_is_one(t)) { i++; if (i == e) { - OPENSSL_PUT_ERROR(BN, BN_mod_sqrt, BN_R_NOT_A_SQUARE); + OPENSSL_PUT_ERROR(BN, BN_R_NOT_A_SQUARE); goto end; } if (!BN_mod_mul(t, t, t, p, ctx)) { @@ -413,7 +413,7 @@ vrfy: } if (!err && 0 != BN_cmp(x, A)) { - OPENSSL_PUT_ERROR(BN, BN_mod_sqrt, BN_R_NOT_A_SQUARE); + OPENSSL_PUT_ERROR(BN, BN_R_NOT_A_SQUARE); err = 1; } } @@ -434,7 +434,7 @@ int BN_sqrt(BIGNUM *out_sqrt, const BIGNUM *in, BN_CTX *ctx) { int ok = 0, last_delta_valid = 0; if (in->neg) { - OPENSSL_PUT_ERROR(BN, BN_sqrt, BN_R_NEGATIVE_NUMBER); + OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER); return 0; } if (BN_is_zero(in)) { @@ -452,7 +452,7 @@ int BN_sqrt(BIGNUM *out_sqrt, const BIGNUM *in, BN_CTX *ctx) { last_delta = BN_CTX_get(ctx); delta = BN_CTX_get(ctx); if (estimate == NULL || tmp == NULL || last_delta == NULL || delta == NULL) { - OPENSSL_PUT_ERROR(BN, BN_sqrt, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BN, ERR_R_MALLOC_FAILURE); goto err; } @@ -470,7 +470,7 @@ int BN_sqrt(BIGNUM *out_sqrt, const BIGNUM *in, BN_CTX *ctx) { !BN_sqr(tmp, estimate, ctx) || /* |delta| = |in| - |tmp| */ !BN_sub(delta, in, tmp)) { - OPENSSL_PUT_ERROR(BN, BN_sqrt, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(BN, ERR_R_BN_LIB); goto err; } @@ -490,15 +490,15 @@ int BN_sqrt(BIGNUM *out_sqrt, const BIGNUM *in, BN_CTX *ctx) { } if (BN_cmp(tmp, in) != 0) { - OPENSSL_PUT_ERROR(BN, BN_sqrt, BN_R_NOT_A_SQUARE); + OPENSSL_PUT_ERROR(BN, BN_R_NOT_A_SQUARE); goto err; } ok = 1; err: - if (ok && out_sqrt == in) { - BN_copy(out_sqrt, estimate); + if (ok && out_sqrt == in && !BN_copy(out_sqrt, estimate)) { + ok = 0; } BN_CTX_end(ctx); return ok; diff --git a/src/crypto/buf/CMakeLists.txt b/src/crypto/buf/CMakeLists.txt index 19edf7d..63f1025 100644 --- a/src/crypto/buf/CMakeLists.txt +++ b/src/crypto/buf/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( buf diff --git a/src/crypto/buf/buf.c b/src/crypto/buf/buf.c index 5769e77..13b5ceb 100644 --- a/src/crypto/buf/buf.c +++ b/src/crypto/buf/buf.c @@ -67,7 +67,7 @@ BUF_MEM *BUF_MEM_new(void) { ret = OPENSSL_malloc(sizeof(BUF_MEM)); if (ret == NULL) { - OPENSSL_PUT_ERROR(BUF, BUF_MEM_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BUF, ERR_R_MALLOC_FAILURE); return NULL; } @@ -105,14 +105,14 @@ static size_t buf_mem_grow(BUF_MEM *buf, size_t len, char clean) { n = len + 3; if (n < len) { /* overflow */ - OPENSSL_PUT_ERROR(BUF, buf_mem_grow, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BUF, ERR_R_MALLOC_FAILURE); return 0; } n = n / 3; alloc_size = n * 4; if (alloc_size / 4 != n) { /* overflow */ - OPENSSL_PUT_ERROR(BUF, buf_mem_grow, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BUF, ERR_R_MALLOC_FAILURE); return 0; } @@ -127,7 +127,7 @@ static size_t buf_mem_grow(BUF_MEM *buf, size_t len, char clean) { } if (new_buf == NULL) { - OPENSSL_PUT_ERROR(BUF, buf_mem_grow, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BUF, ERR_R_MALLOC_FAILURE); len = 0; } else { buf->data = new_buf; @@ -180,12 +180,12 @@ char *BUF_strndup(const char *buf, size_t size) { alloc_size = size + 1; if (alloc_size < size) { /* overflow */ - OPENSSL_PUT_ERROR(BUF, BUF_strndup, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BUF, ERR_R_MALLOC_FAILURE); return NULL; } ret = OPENSSL_malloc(alloc_size); if (ret == NULL) { - OPENSSL_PUT_ERROR(BUF, BUF_strndup, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BUF, ERR_R_MALLOC_FAILURE); return NULL; } @@ -226,7 +226,7 @@ void *BUF_memdup(const void *data, size_t dst_size) { ret = OPENSSL_malloc(dst_size); if (ret == NULL) { - OPENSSL_PUT_ERROR(BUF, BUF_memdup, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(BUF, ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/src/crypto/bytestring/CMakeLists.txt b/src/crypto/bytestring/CMakeLists.txt index cbbacf2..3462aee 100644 --- a/src/crypto/bytestring/CMakeLists.txt +++ b/src/crypto/bytestring/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( bytestring diff --git a/src/crypto/bytestring/bytestring_test.cc b/src/crypto/bytestring/bytestring_test.cc index 66e9c1e..e987e1b 100644 --- a/src/crypto/bytestring/bytestring_test.cc +++ b/src/crypto/bytestring/bytestring_test.cc @@ -109,7 +109,7 @@ static bool TestGetASN1() { static const uint8_t kData2[] = {0x30, 3, 1, 2}; static const uint8_t kData3[] = {0x30, 0x80}; static const uint8_t kData4[] = {0x30, 0x81, 1, 1}; - static const uint8_t kData5[] = {0x30, 0x82, 0, 1, 1}; + static const uint8_t kData5[4 + 0x80] = {0x30, 0x82, 0, 0x80}; static const uint8_t kData6[] = {0xa1, 3, 0x4, 1, 1}; static const uint8_t kData7[] = {0xa1, 3, 0x4, 2, 1}; static const uint8_t kData8[] = {0xa1, 3, 0x2, 1, 1}; @@ -649,6 +649,14 @@ static bool TestASN1Uint64() { return true; } +static int TestZero() { + CBB cbb; + CBB_zero(&cbb); + // Calling |CBB_cleanup| on a zero-state |CBB| must not crash. + CBB_cleanup(&cbb); + return 1; +} + int main(void) { CRYPTO_library_init(); @@ -665,7 +673,8 @@ int main(void) { !TestCBBASN1() || !TestBerConvert() || !TestASN1Uint64() || - !TestGetOptionalASN1Bool()) { + !TestGetOptionalASN1Bool() || + !TestZero()) { return 1; } diff --git a/src/crypto/bytestring/cbb.c b/src/crypto/bytestring/cbb.c index f1e09a2..1da6a21 100644 --- a/src/crypto/bytestring/cbb.c +++ b/src/crypto/bytestring/cbb.c @@ -20,6 +20,10 @@ #include +void CBB_zero(CBB *cbb) { + memset(cbb, 0, sizeof(CBB)); +} + static int cbb_init(CBB *cbb, uint8_t *buf, size_t cap) { struct cbb_buffer_st *base; @@ -243,6 +247,11 @@ int CBB_flush(CBB *cbb) { return 1; } +size_t CBB_len(const CBB *cbb) { + assert(cbb->child == NULL); + + return cbb->base->len; +} static int cbb_add_length_prefixed(CBB *cbb, CBB *out_contents, size_t len_len) { diff --git a/src/crypto/bytestring/cbs.c b/src/crypto/bytestring/cbs.c index b8caedd..5e0c538 100644 --- a/src/crypto/bytestring/cbs.c +++ b/src/crypto/bytestring/cbs.c @@ -137,6 +137,15 @@ int CBS_get_bytes(CBS *cbs, CBS *out, size_t len) { return 1; } +int CBS_copy_bytes(CBS *cbs, uint8_t *out, size_t len) { + const uint8_t *v; + if (!cbs_get(cbs, &v, len)) { + return 0; + } + memcpy(out, v, len); + return 1; +} + static int cbs_get_length_prefixed(CBS *cbs, CBS *out, size_t len_len) { uint32_t len; if (!cbs_get_u(cbs, &len, len_len)) { @@ -320,14 +329,19 @@ int CBS_get_asn1_uint64(CBS *cbs, uint64_t *out) { } int CBS_get_optional_asn1(CBS *cbs, CBS *out, int *out_present, unsigned tag) { + int present = 0; + if (CBS_peek_asn1_tag(cbs, tag)) { if (!CBS_get_asn1(cbs, out, tag)) { return 0; } - *out_present = 1; - } else { - *out_present = 0; + present = 1; + } + + if (out_present != NULL) { + *out_present = present; } + return 1; } diff --git a/src/crypto/bytestring/internal.h b/src/crypto/bytestring/internal.h index 391ad19..b4ea7e5 100644 --- a/src/crypto/bytestring/internal.h +++ b/src/crypto/bytestring/internal.h @@ -38,14 +38,6 @@ extern "C" { * It returns one on success and zero otherwise. */ OPENSSL_EXPORT int CBS_asn1_ber_to_der(CBS *in, uint8_t **out, size_t *out_len); -/* CBS_get_any_ber_asn1_element acts the same as |CBS_get_any_asn1_element| but - * also allows indefinite-length elements to be returned. In that case, - * |*out_header_len| and |CBS_len(out)| will both be two as only the header is - * returned. */ -OPENSSL_EXPORT int CBS_get_any_ber_asn1_element(CBS *cbs, CBS *out, - unsigned *out_tag, - size_t *out_header_len); - #if defined(__cplusplus) } /* extern C */ diff --git a/src/crypto/chacha/CMakeLists.txt b/src/crypto/chacha/CMakeLists.txt index 6c3f87e..266e869 100644 --- a/src/crypto/chacha/CMakeLists.txt +++ b/src/crypto/chacha/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) if (${ARCH} STREQUAL "arm") set( diff --git a/src/crypto/chacha/chacha_vec_arm.S b/src/crypto/chacha/chacha_vec_arm.S index ddc374e..0f82627 100644 --- a/src/crypto/chacha/chacha_vec_arm.S +++ b/src/crypto/chacha/chacha_vec_arm.S @@ -23,6 +23,7 @@ # /opt/gcc-linaro-4.9-2014.11-x86_64_arm-linux-gnueabihf/bin/arm-linux-gnueabihf-gcc -O3 -mcpu=cortex-a8 -mfpu=neon -fpic -DASM_GEN -I ../../include -S chacha_vec.c -o - #if !defined(OPENSSL_NO_ASM) +#if defined(__arm__) || defined(__aarch64__) .syntax unified .cpu cortex-a8 @@ -1423,4 +1424,5 @@ CRYPTO_chacha_20_neon: .ident "GCC: (Linaro GCC 2014.11) 4.9.3 20141031 (prerelease)" .section .note.GNU-stack,"",%progbits +#endif /* __arm__ || __aarch64__ */ #endif /* !OPENSSL_NO_ASM */ diff --git a/src/crypto/chacha/chacha_vec_arm_generate.go b/src/crypto/chacha/chacha_vec_arm_generate.go index d681e8a..6d167b9 100644 --- a/src/crypto/chacha/chacha_vec_arm_generate.go +++ b/src/crypto/chacha/chacha_vec_arm_generate.go @@ -52,7 +52,8 @@ func main() { output.WriteString(compiler) output.WriteString(" ") output.WriteString(strings.Join(args, " ")) - output.WriteString("\n\n#if !defined(OPENSSL_NO_ASM)\n\n") + output.WriteString("\n\n#if !defined(OPENSSL_NO_ASM)\n") + output.WriteString("#if defined(__arm__) || defined(__aarch64__)\n\n") cmd := exec.Command(compiler, args...) cmd.Stderr = os.Stderr @@ -144,5 +145,6 @@ const attr28Block = ` ` const trailer = ` +#endif /* __arm__ || __aarch64__ */ #endif /* !OPENSSL_NO_ASM */ ` diff --git a/src/crypto/cipher/CMakeLists.txt b/src/crypto/cipher/CMakeLists.txt index 2775698..6b4c729 100644 --- a/src/crypto/cipher/CMakeLists.txt +++ b/src/crypto/cipher/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( cipher diff --git a/src/crypto/cipher/aead.c b/src/crypto/cipher/aead.c index 20d699d..7e747f8 100644 --- a/src/crypto/cipher/aead.c +++ b/src/crypto/cipher/aead.c @@ -30,11 +30,15 @@ size_t EVP_AEAD_max_overhead(const EVP_AEAD *aead) { return aead->overhead; } size_t EVP_AEAD_max_tag_len(const EVP_AEAD *aead) { return aead->max_tag_len; } +void EVP_AEAD_CTX_zero(EVP_AEAD_CTX *ctx) { + memset(ctx, 0, sizeof(EVP_AEAD_CTX)); +} + int EVP_AEAD_CTX_init(EVP_AEAD_CTX *ctx, const EVP_AEAD *aead, const uint8_t *key, size_t key_len, size_t tag_len, ENGINE *impl) { if (!aead->init) { - OPENSSL_PUT_ERROR(CIPHER, EVP_AEAD_CTX_init, CIPHER_R_NO_DIRECTION_SET); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_NO_DIRECTION_SET); ctx->aead = NULL; return 0; } @@ -47,8 +51,7 @@ int EVP_AEAD_CTX_init_with_direction(EVP_AEAD_CTX *ctx, const EVP_AEAD *aead, size_t tag_len, enum evp_aead_direction_t dir) { if (key_len != aead->key_len) { - OPENSSL_PUT_ERROR(CIPHER, EVP_AEAD_CTX_init_with_direction, - CIPHER_R_UNSUPPORTED_KEY_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_KEY_SIZE); ctx->aead = NULL; return 0; } @@ -101,12 +104,12 @@ int EVP_AEAD_CTX_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, size_t *out_len, size_t possible_out_len = in_len + ctx->aead->overhead; if (possible_out_len < in_len /* overflow */) { - OPENSSL_PUT_ERROR(CIPHER, EVP_AEAD_CTX_seal, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); goto error; } if (!check_alias(in, in_len, out)) { - OPENSSL_PUT_ERROR(CIPHER, EVP_AEAD_CTX_seal, CIPHER_R_OUTPUT_ALIASES_INPUT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_OUTPUT_ALIASES_INPUT); goto error; } @@ -128,7 +131,7 @@ int EVP_AEAD_CTX_open(const EVP_AEAD_CTX *ctx, uint8_t *out, size_t *out_len, size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *ad, size_t ad_len) { if (!check_alias(in, in_len, out)) { - OPENSSL_PUT_ERROR(CIPHER, EVP_AEAD_CTX_open, CIPHER_R_OUTPUT_ALIASES_INPUT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_OUTPUT_ALIASES_INPUT); goto error; } diff --git a/src/crypto/cipher/aead_test.cc b/src/crypto/cipher/aead_test.cc index e4b75d6..baaee9e 100644 --- a/src/crypto/cipher/aead_test.cc +++ b/src/crypto/cipher/aead_test.cc @@ -22,6 +22,7 @@ #include #include "../test/file_test.h" +#include "../test/scoped_types.h" #include "../test/stl_compat.h" @@ -35,18 +36,6 @@ // CT: 5294265a60 // TAG: 1d45758621762e061368e68868e2f929 -// EVP_AEAD_CTX lacks a zero state, so it doesn't fit easily into -// ScopedOpenSSLContext. -class EVP_AEAD_CTXScoper { - public: - EVP_AEAD_CTXScoper(EVP_AEAD_CTX *ctx) : ctx_(ctx) {} - ~EVP_AEAD_CTXScoper() { - EVP_AEAD_CTX_cleanup(ctx_); - } - private: - EVP_AEAD_CTX *ctx_; -}; - static bool TestAEAD(FileTest *t, void *arg) { const EVP_AEAD *aead = reinterpret_cast(arg); @@ -60,20 +49,19 @@ static bool TestAEAD(FileTest *t, void *arg) { return false; } - EVP_AEAD_CTX ctx; - if (!EVP_AEAD_CTX_init_with_direction(&ctx, aead, bssl::vector_data(&key), - key.size(), tag.size(), - evp_aead_seal)) { + ScopedEVP_AEAD_CTX ctx; + if (!EVP_AEAD_CTX_init_with_direction(ctx.get(), aead, + bssl::vector_data(&key), key.size(), + tag.size(), evp_aead_seal)) { t->PrintLine("Failed to init AEAD."); return false; } - EVP_AEAD_CTXScoper cleanup(&ctx); std::vector out(in.size() + EVP_AEAD_max_overhead(aead)); if (!t->HasAttribute("NO_SEAL")) { size_t out_len; - if (!EVP_AEAD_CTX_seal(&ctx, bssl::vector_data(&out), &out_len, out.size(), - bssl::vector_data(&nonce), nonce.size(), + if (!EVP_AEAD_CTX_seal(ctx.get(), bssl::vector_data(&out), &out_len, + out.size(), bssl::vector_data(&nonce), nonce.size(), bssl::vector_data(&in), in.size(), bssl::vector_data(&ad), ad.size())) { t->PrintLine("Failed to run AEAD."); @@ -101,17 +89,17 @@ static bool TestAEAD(FileTest *t, void *arg) { // The "stateful" AEADs for implementing pre-AEAD cipher suites need to be // reset after each operation. - EVP_AEAD_CTX_cleanup(&ctx); - if (!EVP_AEAD_CTX_init_with_direction(&ctx, aead, bssl::vector_data(&key), - key.size(), tag.size(), - evp_aead_open)) { + ctx.Reset(); + if (!EVP_AEAD_CTX_init_with_direction(ctx.get(), aead, + bssl::vector_data(&key), key.size(), + tag.size(), evp_aead_open)) { t->PrintLine("Failed to init AEAD."); return false; } std::vector out2(out.size()); size_t out2_len; - int ret = EVP_AEAD_CTX_open(&ctx, + int ret = EVP_AEAD_CTX_open(ctx.get(), bssl::vector_data(&out2), &out2_len, out2.size(), bssl::vector_data(&nonce), nonce.size(), bssl::vector_data(&out), out.size(), @@ -137,10 +125,10 @@ static bool TestAEAD(FileTest *t, void *arg) { // The "stateful" AEADs for implementing pre-AEAD cipher suites need to be // reset after each operation. - EVP_AEAD_CTX_cleanup(&ctx); - if (!EVP_AEAD_CTX_init_with_direction(&ctx, aead, bssl::vector_data(&key), - key.size(), tag.size(), - evp_aead_open)) { + ctx.Reset(); + if (!EVP_AEAD_CTX_init_with_direction(ctx.get(), aead, + bssl::vector_data(&key), key.size(), + tag.size(), evp_aead_open)) { t->PrintLine("Failed to init AEAD."); return false; } @@ -148,8 +136,8 @@ static bool TestAEAD(FileTest *t, void *arg) { // Garbage at the end isn't ignored. out.push_back(0); out2.resize(out.size()); - if (EVP_AEAD_CTX_open(&ctx, bssl::vector_data(&out2), &out2_len, out2.size(), - bssl::vector_data(&nonce), nonce.size(), + if (EVP_AEAD_CTX_open(ctx.get(), bssl::vector_data(&out2), &out2_len, + out2.size(), bssl::vector_data(&nonce), nonce.size(), bssl::vector_data(&out), out.size(), bssl::vector_data(&ad), ad.size())) { t->PrintLine("Decrypted bad data with trailing garbage."); @@ -159,10 +147,10 @@ static bool TestAEAD(FileTest *t, void *arg) { // The "stateful" AEADs for implementing pre-AEAD cipher suites need to be // reset after each operation. - EVP_AEAD_CTX_cleanup(&ctx); - if (!EVP_AEAD_CTX_init_with_direction(&ctx, aead, bssl::vector_data(&key), - key.size(), tag.size(), - evp_aead_open)) { + ctx.Reset(); + if (!EVP_AEAD_CTX_init_with_direction(ctx.get(), aead, + bssl::vector_data(&key), key.size(), + tag.size(), evp_aead_open)) { t->PrintLine("Failed to init AEAD."); return false; } @@ -171,8 +159,8 @@ static bool TestAEAD(FileTest *t, void *arg) { out[0] ^= 0x80; out.resize(out.size() - 1); out2.resize(out.size()); - if (EVP_AEAD_CTX_open(&ctx, bssl::vector_data(&out2), &out2_len, out2.size(), - bssl::vector_data(&nonce), nonce.size(), + if (EVP_AEAD_CTX_open(ctx.get(), bssl::vector_data(&out2), &out2_len, + out2.size(), bssl::vector_data(&nonce), nonce.size(), bssl::vector_data(&out), out.size(), bssl::vector_data(&ad), ad.size())) { t->PrintLine("Decrypted bad data with corrupted byte."); @@ -200,6 +188,7 @@ static int TestCleanupAfterInitFailure(const EVP_AEAD *aead) { fprintf(stderr, "A silly tag length didn't trigger an error!\n"); return 0; } + ERR_clear_error(); /* Running a second, failed _init should not cause a memory leak. */ if (EVP_AEAD_CTX_init(&ctx, aead, key, key_len, @@ -208,6 +197,7 @@ static int TestCleanupAfterInitFailure(const EVP_AEAD *aead) { fprintf(stderr, "A silly tag length didn't trigger an error!\n"); return 0; } + ERR_clear_error(); /* Calling _cleanup on an |EVP_AEAD_CTX| after a failed _init should be a * no-op. */ diff --git a/src/crypto/cipher/cipher.c b/src/crypto/cipher/cipher.c index 400c3f5..4401867 100644 --- a/src/crypto/cipher/cipher.c +++ b/src/crypto/cipher/cipher.c @@ -68,12 +68,18 @@ const EVP_CIPHER *EVP_get_cipherbynid(int nid) { switch (nid) { + case NID_rc2_cbc: + return EVP_rc2_cbc(); + case NID_rc2_40_cbc: + return EVP_rc2_40_cbc(); case NID_des_ede3_cbc: return EVP_des_ede3_cbc(); case NID_des_ede_cbc: return EVP_des_cbc(); case NID_aes_128_cbc: return EVP_aes_128_cbc(); + case NID_aes_192_cbc: + return EVP_aes_192_cbc(); case NID_aes_256_cbc: return EVP_aes_256_cbc(); default: @@ -115,7 +121,7 @@ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) { int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) { if (in == NULL || in->cipher == NULL) { - OPENSSL_PUT_ERROR(CIPHER, EVP_CIPHER_CTX_copy, CIPHER_R_INPUT_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INPUT_NOT_INITIALIZED); return 0; } @@ -125,7 +131,7 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) { if (in->cipher_data && in->cipher->ctx_size) { out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size); if (!out->cipher_data) { - OPENSSL_PUT_ERROR(CIPHER, EVP_CIPHER_CTX_copy, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE); return 0; } memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size); @@ -165,7 +171,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ctx->cipher_data = OPENSSL_malloc(ctx->cipher->ctx_size); if (!ctx->cipher_data) { ctx->cipher = NULL; - OPENSSL_PUT_ERROR(CIPHER, EVP_CipherInit_ex, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE); return 0; } } else { @@ -178,12 +184,12 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) { ctx->cipher = NULL; - OPENSSL_PUT_ERROR(CIPHER, EVP_CipherInit_ex, CIPHER_R_INITIALIZATION_ERROR); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INITIALIZATION_ERROR); return 0; } } } else if (!ctx->cipher) { - OPENSSL_PUT_ERROR(CIPHER, EVP_CipherInit_ex, CIPHER_R_NO_CIPHER_SET); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_NO_CIPHER_SET); return 0; } @@ -338,8 +344,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, uint8_t *out, int *out_len) { bl = ctx->buf_len; if (ctx->flags & EVP_CIPH_NO_PADDING) { if (bl) { - OPENSSL_PUT_ERROR(CIPHER, EVP_EncryptFinal_ex, - CIPHER_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); return 0; } *out_len = 0; @@ -434,8 +439,7 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *out_len) { b = ctx->cipher->block_size; if (ctx->flags & EVP_CIPH_NO_PADDING) { if (ctx->buf_len) { - OPENSSL_PUT_ERROR(CIPHER, EVP_DecryptFinal_ex, - CIPHER_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); return 0; } *out_len = 0; @@ -444,8 +448,7 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *out_len) { if (b > 1) { if (ctx->buf_len || !ctx->final_used) { - OPENSSL_PUT_ERROR(CIPHER, EVP_DecryptFinal_ex, - CIPHER_R_WRONG_FINAL_BLOCK_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_WRONG_FINAL_BLOCK_LENGTH); return 0; } assert(b <= sizeof(ctx->final)); @@ -454,13 +457,13 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *out_len) { * Otherwise it provides a padding oracle. */ n = ctx->final[b - 1]; if (n == 0 || n > (int)b) { - OPENSSL_PUT_ERROR(CIPHER, EVP_DecryptFinal_ex, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } for (i = 0; i < n; i++) { if (ctx->final[--b] != n) { - OPENSSL_PUT_ERROR(CIPHER, EVP_DecryptFinal_ex, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } } @@ -538,19 +541,18 @@ uint32_t EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx) { int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int command, int arg, void *ptr) { int ret; if (!ctx->cipher) { - OPENSSL_PUT_ERROR(CIPHER, EVP_CIPHER_CTX_ctrl, CIPHER_R_NO_CIPHER_SET); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_NO_CIPHER_SET); return 0; } if (!ctx->cipher->ctrl) { - OPENSSL_PUT_ERROR(CIPHER, EVP_CIPHER_CTX_ctrl, CIPHER_R_CTRL_NOT_IMPLEMENTED); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_CTRL_NOT_IMPLEMENTED); return 0; } ret = ctx->cipher->ctrl(ctx, command, arg, ptr); if (ret == -1) { - OPENSSL_PUT_ERROR(CIPHER, EVP_CIPHER_CTX_ctrl, - CIPHER_R_CTRL_OPERATION_NOT_IMPLEMENTED); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_CTRL_OPERATION_NOT_IMPLEMENTED); return 0; } @@ -572,8 +574,7 @@ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, unsigned key_len) { } if (key_len == 0 || !(c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH)) { - OPENSSL_PUT_ERROR(CIPHER, EVP_CIPHER_CTX_set_key_length, - CIPHER_R_INVALID_KEY_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_KEY_LENGTH); return 0; } @@ -630,7 +631,7 @@ const EVP_CIPHER *EVP_get_cipherbyname(const char *name) { return EVP_rc4(); } else if (OPENSSL_strcasecmp(name, "des-cbc") == 0) { return EVP_des_cbc(); - } else if (OPENSSL_strcasecmp(name, "3des-cbc") == 0 || + } else if (OPENSSL_strcasecmp(name, "des-ede3-cbc") == 0 || OPENSSL_strcasecmp(name, "3des") == 0) { return EVP_des_ede3_cbc(); } else if (OPENSSL_strcasecmp(name, "aes-128-cbc") == 0) { diff --git a/src/crypto/cipher/cipher_test.cc b/src/crypto/cipher/cipher_test.cc index 97a84e0..5f04178 100644 --- a/src/crypto/cipher/cipher_test.cc +++ b/src/crypto/cipher/cipher_test.cc @@ -69,6 +69,12 @@ static const EVP_CIPHER *GetCipher(const std::string &name) { if (name == "DES-CBC") { return EVP_des_cbc(); + } else if (name == "DES-ECB") { + return EVP_des_ecb(); + } else if (name == "DES-EDE") { + return EVP_des_ede(); + } else if (name == "DES-EDE-CBC") { + return EVP_des_ede_cbc(); } else if (name == "DES-EDE3-CBC") { return EVP_des_ede3_cbc(); } else if (name == "RC4") { @@ -104,6 +110,7 @@ static const EVP_CIPHER *GetCipher(const std::string &name) { static bool TestOperation(FileTest *t, const EVP_CIPHER *cipher, bool encrypt, + bool streaming, const std::vector &key, const std::vector &iv, const std::vector &plaintext, @@ -160,11 +167,29 @@ static bool TestOperation(FileTest *t, (!aad.empty() && !EVP_CipherUpdate(ctx.get(), nullptr, &unused, bssl::vector_data(&aad), aad.size())) || - !EVP_CIPHER_CTX_set_padding(ctx.get(), 0) || - (!in->empty() && - !EVP_CipherUpdate(ctx.get(), bssl::vector_data(&result), &result_len1, - bssl::vector_data(in), in->size())) || - !EVP_CipherFinal_ex(ctx.get(), bssl::vector_data(&result) + result_len1, + !EVP_CIPHER_CTX_set_padding(ctx.get(), 0)) { + t->PrintLine("Operation failed."); + return false; + } + if (streaming) { + for (size_t i = 0; i < in->size(); i++) { + uint8_t c = (*in)[i]; + int len; + if (!EVP_CipherUpdate(ctx.get(), bssl::vector_data(&result) + result_len1, + &len, &c, 1)) { + t->PrintLine("Operation failed."); + return false; + } + result_len1 += len; + } + } else if (!in->empty() && + !EVP_CipherUpdate(ctx.get(), bssl::vector_data(&result), + &result_len1, bssl::vector_data(in), + in->size())) { + t->PrintLine("Operation failed."); + return false; + } + if (!EVP_CipherFinal_ex(ctx.get(), bssl::vector_data(&result) + result_len1, &result_len2)) { t->PrintLine("Operation failed."); return false; @@ -236,15 +261,21 @@ static bool TestCipher(FileTest *t, void *arg) { } // By default, both directions are run, unless overridden by the operation. - if (operation != kDecrypt && - !TestOperation(t, cipher, true /* encrypt */, key, iv, plaintext, - ciphertext, aad, tag)) { - return false; + if (operation != kDecrypt) { + if (!TestOperation(t, cipher, true /* encrypt */, false /* single-shot */, + key, iv, plaintext, ciphertext, aad, tag) || + !TestOperation(t, cipher, true /* encrypt */, true /* streaming */, key, + iv, plaintext, ciphertext, aad, tag)) { + return false; + } } - if (operation != kEncrypt && - !TestOperation(t, cipher, false /* decrypt */, key, iv, plaintext, - ciphertext, aad, tag)) { - return false; + if (operation != kEncrypt) { + if (!TestOperation(t, cipher, false /* decrypt */, false /* single-shot */, + key, iv, plaintext, ciphertext, aad, tag) || + !TestOperation(t, cipher, false /* decrypt */, true /* streaming */, + key, iv, plaintext, ciphertext, aad, tag)) { + return false; + } } return true; diff --git a/src/crypto/cipher/e_aes.c b/src/crypto/cipher/e_aes.c index 41d0aec..e8905f6 100644 --- a/src/crypto/cipher/e_aes.c +++ b/src/crypto/cipher/e_aes.c @@ -64,7 +64,7 @@ #include "../modes/internal.h" #if defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64) -#include "../arm_arch.h" +#include #endif @@ -98,8 +98,6 @@ typedef struct { #if !defined(OPENSSL_NO_ASM) && \ (defined(OPENSSL_X86_64) || defined(OPENSSL_X86)) #define VPAES -extern unsigned int OPENSSL_ia32cap_P[]; - static char vpaes_capable(void) { return (OPENSSL_ia32cap_P[1] & (1 << (41 - 32))) != 0; } @@ -113,7 +111,6 @@ static char bsaes_capable(void) { #elif !defined(OPENSSL_NO_ASM) && \ (defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64)) -#include "../arm_arch.h" #if defined(OPENSSL_ARM) && __ARM_MAX_ARCH__ >= 7 #define BSAES @@ -338,7 +335,7 @@ static int aes_init_key(EVP_CIPHER_CTX *ctx, const uint8_t *key, } if (ret < 0) { - OPENSSL_PUT_ERROR(CIPHER, aes_init_key, CIPHER_R_AES_KEY_SETUP_FAILED); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_AES_KEY_SETUP_FAILED); return 0; } @@ -711,7 +708,7 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, const uint8_t *in, } else { if (!ctx->encrypt) { if (gctx->taglen < 0 || - !CRYPTO_gcm128_finish(&gctx->gcm, ctx->buf, gctx->taglen) != 0) { + !CRYPTO_gcm128_finish(&gctx->gcm, ctx->buf, gctx->taglen)) { return -1; } gctx->iv_set = 0; @@ -853,7 +850,7 @@ static int aesni_init_key(EVP_CIPHER_CTX *ctx, const uint8_t *key, } if (ret < 0) { - OPENSSL_PUT_ERROR(CIPHER, aesni_init_key, CIPHER_R_AES_KEY_SETUP_FAILED); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_AES_KEY_SETUP_FAILED); return 0; } @@ -1066,7 +1063,7 @@ static int aead_aes_gcm_init(EVP_AEAD_CTX *ctx, const uint8_t *key, const size_t key_bits = key_len * 8; if (key_bits != 128 && key_bits != 256) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_init, CIPHER_R_BAD_KEY_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH); return 0; /* EVP_AEAD_CTX_init should catch this. */ } @@ -1075,7 +1072,7 @@ static int aead_aes_gcm_init(EVP_AEAD_CTX *ctx, const uint8_t *key, } if (tag_len > EVP_AEAD_AES_GCM_TAG_LEN) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_init, CIPHER_R_TAG_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TAG_TOO_LARGE); return 0; } @@ -1108,12 +1105,12 @@ static int aead_aes_gcm_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, GCM128_CONTEXT gcm; if (in_len + gcm_ctx->tag_len < in_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_seal, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } if (max_out_len < in_len + gcm_ctx->tag_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_seal, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } @@ -1152,14 +1149,14 @@ static int aead_aes_gcm_open(const EVP_AEAD_CTX *ctx, uint8_t *out, GCM128_CONTEXT gcm; if (in_len < gcm_ctx->tag_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } plaintext_len = in_len - gcm_ctx->tag_len; if (max_out_len < plaintext_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_open, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } @@ -1185,7 +1182,7 @@ static int aead_aes_gcm_open(const EVP_AEAD_CTX *ctx, uint8_t *out, CRYPTO_gcm128_tag(&gcm, tag, gcm_ctx->tag_len); if (CRYPTO_memcmp(tag, in + plaintext_len, gcm_ctx->tag_len) != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_gcm_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } @@ -1239,7 +1236,7 @@ static int aead_aes_key_wrap_init(EVP_AEAD_CTX *ctx, const uint8_t *key, const size_t key_bits = key_len * 8; if (key_bits != 128 && key_bits != 256) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_init, CIPHER_R_BAD_KEY_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH); return 0; /* EVP_AEAD_CTX_init should catch this. */ } @@ -1248,14 +1245,13 @@ static int aead_aes_key_wrap_init(EVP_AEAD_CTX *ctx, const uint8_t *key, } if (tag_len != 8) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_init, - CIPHER_R_UNSUPPORTED_TAG_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_TAG_SIZE); return 0; } kw_ctx = OPENSSL_malloc(sizeof(struct aead_aes_key_wrap_ctx)); if (kw_ctx == NULL) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_init, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE); return 0; } @@ -1293,8 +1289,7 @@ static int aead_aes_key_wrap_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, uint8_t A[AES_BLOCK_SIZE]; if (ad_len != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, - CIPHER_R_UNSUPPORTED_AD_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_AD_SIZE); return 0; } @@ -1304,14 +1299,12 @@ static int aead_aes_key_wrap_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, } if (nonce_len != 8) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, - CIPHER_R_UNSUPPORTED_NONCE_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE); return 0; } if (in_len % 8 != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, - CIPHER_R_UNSUPPORTED_INPUT_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_INPUT_SIZE); return 0; } @@ -1320,32 +1313,29 @@ static int aead_aes_key_wrap_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, * conservatively cap it to 2^32-16 to stop 32-bit platforms complaining that * a comparison is always true. */ if (in_len > 0xfffffff0) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } n = in_len / 8; if (n < 2) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, - CIPHER_R_UNSUPPORTED_INPUT_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_INPUT_SIZE); return 0; } if (in_len + 8 < in_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } if (max_out_len < in_len + 8) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, - CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (AES_set_encrypt_key(kw_ctx->key, kw_ctx->key_bits, &ks.ks) < 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_seal, - CIPHER_R_AES_KEY_SETUP_FAILED); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_AES_KEY_SETUP_FAILED); return 0; } @@ -1388,8 +1378,7 @@ static int aead_aes_key_wrap_open(const EVP_AEAD_CTX *ctx, uint8_t *out, uint8_t A[AES_BLOCK_SIZE]; if (ad_len != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, - CIPHER_R_UNSUPPORTED_AD_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_AD_SIZE); return 0; } @@ -1399,14 +1388,12 @@ static int aead_aes_key_wrap_open(const EVP_AEAD_CTX *ctx, uint8_t *out, } if (nonce_len != 8) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, - CIPHER_R_UNSUPPORTED_NONCE_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE); return 0; } if (in_len % 8 != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, - CIPHER_R_UNSUPPORTED_INPUT_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_INPUT_SIZE); return 0; } @@ -1415,26 +1402,24 @@ static int aead_aes_key_wrap_open(const EVP_AEAD_CTX *ctx, uint8_t *out, * conservatively cap it to 2^32-8 to stop 32-bit platforms complaining that * a comparison is always true. */ if (in_len > 0xfffffff8) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } if (in_len < 24) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } n = (in_len / 8) - 1; if (max_out_len < in_len - 8) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, - CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (AES_set_decrypt_key(kw_ctx->key, kw_ctx->key_bits, &ks.ks) < 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, - CIPHER_R_AES_KEY_SETUP_FAILED); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_AES_KEY_SETUP_FAILED); return 0; } @@ -1457,7 +1442,7 @@ static int aead_aes_key_wrap_open(const EVP_AEAD_CTX *ctx, uint8_t *out, } if (CRYPTO_memcmp(A, nonce, 8) != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_key_wrap_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } @@ -1541,15 +1526,13 @@ static int aead_aes_ctr_hmac_sha256_init(EVP_AEAD_CTX *ctx, const uint8_t *key, static const size_t hmac_key_len = 32; if (key_len < hmac_key_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_init, - CIPHER_R_BAD_KEY_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH); return 0; /* EVP_AEAD_CTX_init should catch this. */ } const size_t aes_key_len = key_len - hmac_key_len; if (aes_key_len != 16 && aes_key_len != 32) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_init, - CIPHER_R_BAD_KEY_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH); return 0; /* EVP_AEAD_CTX_init should catch this. */ } @@ -1558,15 +1541,13 @@ static int aead_aes_ctr_hmac_sha256_init(EVP_AEAD_CTX *ctx, const uint8_t *key, } if (tag_len > EVP_AEAD_AES_CTR_HMAC_SHA256_TAG_LEN) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_init, - CIPHER_R_TAG_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TAG_TOO_LARGE); return 0; } aes_ctx = OPENSSL_malloc(sizeof(struct aead_aes_ctr_hmac_sha256_ctx)); if (aes_ctx == NULL) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_init, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE); return 0; } @@ -1666,20 +1647,17 @@ static int aead_aes_ctr_hmac_sha256_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, if (in_len + aes_ctx->tag_len < in_len || /* This input is so large it would overflow the 32-bit block counter. */ in_len_64 >= (OPENSSL_U64(1) << 32) * AES_BLOCK_SIZE) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_seal, - CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } if (max_out_len < in_len + aes_ctx->tag_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_seal, - CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (nonce_len != EVP_AEAD_AES_CTR_HMAC_SHA256_NONCE_LEN) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_seal, - CIPHER_R_UNSUPPORTED_NONCE_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE); return 0; } @@ -1703,22 +1681,19 @@ static int aead_aes_ctr_hmac_sha256_open(const EVP_AEAD_CTX *ctx, uint8_t *out, size_t plaintext_len; if (in_len < aes_ctx->tag_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_open, - CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } plaintext_len = in_len - aes_ctx->tag_len; if (max_out_len < plaintext_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_open, - CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (nonce_len != EVP_AEAD_AES_CTR_HMAC_SHA256_NONCE_LEN) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_open, - CIPHER_R_UNSUPPORTED_NONCE_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE); return 0; } @@ -1727,8 +1702,7 @@ static int aead_aes_ctr_hmac_sha256_open(const EVP_AEAD_CTX *ctx, uint8_t *out, &aes_ctx->outer_init_state, ad, ad_len, nonce, in, plaintext_len); if (CRYPTO_memcmp(hmac_result, in + plaintext_len, aes_ctx->tag_len) != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_aes_ctr_hmac_sha256_open, - CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } diff --git a/src/crypto/cipher/e_chacha20poly1305.c b/src/crypto/cipher/e_chacha20poly1305.c index ebf0088..9dda1b0 100644 --- a/src/crypto/cipher/e_chacha20poly1305.c +++ b/src/crypto/cipher/e_chacha20poly1305.c @@ -42,7 +42,7 @@ static int aead_chacha20_poly1305_init(EVP_AEAD_CTX *ctx, const uint8_t *key, } if (tag_len > POLY1305_TAG_LEN) { - OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_init, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } @@ -107,23 +107,22 @@ static int aead_chacha20_poly1305_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, * Casting to uint64_t inside the conditional is not sufficient to stop * the warning. */ if (in_len_64 >= (1ull << 32) * 64 - 64) { - OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_seal, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } if (in_len + c20_ctx->tag_len < in_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_seal, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } if (max_out_len < in_len + c20_ctx->tag_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_seal, - CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (nonce_len != CHACHA20_NONCE_LEN) { - OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_seal, CIPHER_R_IV_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_IV_TOO_LARGE); return 0; } @@ -156,7 +155,7 @@ static int aead_chacha20_poly1305_open(const EVP_AEAD_CTX *ctx, uint8_t *out, const uint64_t in_len_64 = in_len; if (in_len < c20_ctx->tag_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } @@ -168,20 +167,19 @@ static int aead_chacha20_poly1305_open(const EVP_AEAD_CTX *ctx, uint8_t *out, * Casting to uint64_t inside the conditional is not sufficient to stop * the warning. */ if (in_len_64 >= (1ull << 32) * 64 - 64) { - OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_open, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } if (nonce_len != CHACHA20_NONCE_LEN) { - OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_open, CIPHER_R_IV_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_IV_TOO_LARGE); return 0; } plaintext_len = in_len - c20_ctx->tag_len; if (max_out_len < plaintext_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_open, - CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } @@ -195,7 +193,7 @@ static int aead_chacha20_poly1305_open(const EVP_AEAD_CTX *ctx, uint8_t *out, CRYPTO_poly1305_finish(&poly1305, mac); if (CRYPTO_memcmp(mac, in + plaintext_len, c20_ctx->tag_len) != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_chacha20_poly1305_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } diff --git a/src/crypto/cipher/e_des.c b/src/crypto/cipher/e_des.c index 74e1fce..b1d312c 100644 --- a/src/crypto/cipher/e_des.c +++ b/src/crypto/cipher/e_des.c @@ -96,6 +96,31 @@ static const EVP_CIPHER des_cbc = { const EVP_CIPHER *EVP_des_cbc(void) { return &des_cbc; } +static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, const uint8_t *in, + size_t in_len) { + if (in_len < ctx->cipher->block_size) { + return 1; + } + in_len -= ctx->cipher->block_size; + + EVP_DES_KEY *dat = (EVP_DES_KEY *) ctx->cipher_data; + size_t i; + for (i = 0; i <= in_len; i += ctx->cipher->block_size) { + DES_ecb_encrypt((DES_cblock *) (in + i), (DES_cblock *) (out + i), + &dat->ks.ks, ctx->encrypt); + } + return 1; +} + +static const EVP_CIPHER des_ecb = { + NID_des_ecb, 8 /* block_size */, 8 /* key_size */, + 0 /* iv_len */, sizeof(EVP_DES_KEY), EVP_CIPH_ECB_MODE, + NULL /* app_data */, des_init_key, des_ecb_cipher, + NULL /* cleanup */, NULL /* ctrl */, }; + +const EVP_CIPHER *EVP_des_ecb(void) { return &des_ecb; } + + typedef struct { union { double align; @@ -126,10 +151,57 @@ static int des_ede3_cbc_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, return 1; } -static const EVP_CIPHER des3_cbc = { - NID_des_cbc, 8 /* block_size */, 24 /* key_size */, +static const EVP_CIPHER des_ede3_cbc = { + NID_des_ede3_cbc, 8 /* block_size */, 24 /* key_size */, 8 /* iv_len */, sizeof(DES_EDE_KEY), EVP_CIPH_CBC_MODE, NULL /* app_data */, des_ede3_init_key, des_ede3_cbc_cipher, NULL /* cleanup */, NULL /* ctrl */, }; -const EVP_CIPHER *EVP_des_ede3_cbc(void) { return &des3_cbc; } +const EVP_CIPHER *EVP_des_ede3_cbc(void) { return &des_ede3_cbc; } + + +static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const uint8_t *key, + const uint8_t *iv, int enc) { + DES_cblock *deskey = (DES_cblock *) key; + DES_EDE_KEY *dat = (DES_EDE_KEY *) ctx->cipher_data; + + DES_set_key(&deskey[0], &dat->ks.ks[0]); + DES_set_key(&deskey[1], &dat->ks.ks[1]); + DES_set_key(&deskey[0], &dat->ks.ks[2]); + + return 1; +} + +static const EVP_CIPHER des_ede_cbc = { + NID_des_ede_cbc, 8 /* block_size */, 16 /* key_size */, + 8 /* iv_len */, sizeof(DES_EDE_KEY), EVP_CIPH_CBC_MODE, + NULL /* app_data */, des_ede_init_key , des_ede3_cbc_cipher, + NULL /* cleanup */, NULL /* ctrl */, }; + +const EVP_CIPHER *EVP_des_ede_cbc(void) { return &des_ede_cbc; } + + +static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, + const uint8_t *in, size_t in_len) { + if (in_len < ctx->cipher->block_size) { + return 1; + } + in_len -= ctx->cipher->block_size; + + DES_EDE_KEY *dat = (DES_EDE_KEY *) ctx->cipher_data; + size_t i; + for (i = 0; i <= in_len; i += ctx->cipher->block_size) { + DES_ecb3_encrypt((DES_cblock *) (in + i), (DES_cblock *) (out + i), + &dat->ks.ks[0], &dat->ks.ks[1], &dat->ks.ks[2], + ctx->encrypt); + } + return 1; +} + +static const EVP_CIPHER des_ede_ecb = { + NID_des_ede_cbc, 8 /* block_size */, 16 /* key_size */, + 0 /* iv_len */, sizeof(DES_EDE_KEY), EVP_CIPH_ECB_MODE, + NULL /* app_data */, des_ede_init_key , des_ede_ecb_cipher, + NULL /* cleanup */, NULL /* ctrl */, }; + +const EVP_CIPHER *EVP_des_ede(void) { return &des_ede_ecb; } diff --git a/src/crypto/cipher/e_rc2.c b/src/crypto/cipher/e_rc2.c index c90ab93..8ca7bba 100644 --- a/src/crypto/cipher/e_rc2.c +++ b/src/crypto/cipher/e_rc2.c @@ -395,13 +395,18 @@ static int rc2_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) { case EVP_CTRL_INIT: key->key_bits = EVP_CIPHER_CTX_key_length(ctx) * 8; return 1; + case EVP_CTRL_SET_RC2_KEY_BITS: + /* Should be overridden by later call to |EVP_CTRL_INIT|, but + * people call it, so it may as well work. */ + key->key_bits = arg; + return 1; default: return -1; } } -static const EVP_CIPHER rc2_40_cbc_cipher = { +static const EVP_CIPHER rc2_40_cbc = { NID_rc2_40_cbc, 8 /* block size */, 5 /* 40 bit */, @@ -416,5 +421,23 @@ static const EVP_CIPHER rc2_40_cbc_cipher = { }; const EVP_CIPHER *EVP_rc2_40_cbc(void) { - return &rc2_40_cbc_cipher; + return &rc2_40_cbc; +} + +static const EVP_CIPHER rc2_cbc = { + NID_rc2_cbc, + 8 /* block size */, + 16 /* 128 bit */, + 8 /* iv len */, + sizeof(EVP_RC2_KEY), + EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, + NULL /* app_data */, + rc2_init_key, + rc2_cbc_cipher, + NULL, + rc2_ctrl, +}; + +const EVP_CIPHER *EVP_rc2_cbc(void) { + return &rc2_cbc; } diff --git a/src/crypto/cipher/e_rc4.c b/src/crypto/cipher/e_rc4.c index 80dea36..e05b9fd 100644 --- a/src/crypto/cipher/e_rc4.c +++ b/src/crypto/cipher/e_rc4.c @@ -115,20 +115,20 @@ aead_rc4_md5_tls_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len, } if (tag_len > MD5_DIGEST_LENGTH) { - OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_init, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } /* The keys consists of |MD5_DIGEST_LENGTH| bytes of HMAC(MD5) key followed * by some number of bytes of RC4 key. */ if (key_len <= MD5_DIGEST_LENGTH) { - OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_init, CIPHER_R_BAD_KEY_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH); return 0; } rc4_ctx = OPENSSL_malloc(sizeof(struct aead_rc4_md5_tls_ctx)); if (rc4_ctx == NULL) { - OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_init, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE); return 0; } memset(rc4_ctx, 0, sizeof(struct aead_rc4_md5_tls_ctx)); @@ -185,22 +185,22 @@ static int aead_rc4_md5_tls_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, uint8_t digest[MD5_DIGEST_LENGTH]; if (in_len + rc4_ctx->tag_len < in_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_seal, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } if (nonce_len != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_seal, CIPHER_R_IV_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_IV_TOO_LARGE); return 0; } if (max_out_len < in_len + rc4_ctx->tag_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_seal, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (nonce_len != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_seal, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } @@ -288,21 +288,21 @@ static int aead_rc4_md5_tls_open(const EVP_AEAD_CTX *ctx, uint8_t *out, uint8_t digest[MD5_DIGEST_LENGTH]; if (in_len < rc4_ctx->tag_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } plaintext_len = in_len - rc4_ctx->tag_len; if (nonce_len != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_open, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } if (max_out_len < in_len) { /* This requires that the caller provide space for the MAC, even though it * will always be removed on return. */ - OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_open, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } @@ -366,7 +366,7 @@ static int aead_rc4_md5_tls_open(const EVP_AEAD_CTX *ctx, uint8_t *out, MD5_Final(digest, &md); if (CRYPTO_memcmp(out + plaintext_len, digest, rc4_ctx->tag_len)) { - OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } diff --git a/src/crypto/cipher/e_ssl3.c b/src/crypto/cipher/e_ssl3.c index 1031d9b..389c52f 100644 --- a/src/crypto/cipher/e_ssl3.c +++ b/src/crypto/cipher/e_ssl3.c @@ -85,12 +85,12 @@ static int aead_ssl3_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len, const EVP_CIPHER *cipher, const EVP_MD *md) { if (tag_len != EVP_AEAD_DEFAULT_TAG_LENGTH && tag_len != EVP_MD_size(md)) { - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_init, CIPHER_R_UNSUPPORTED_TAG_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_TAG_SIZE); return 0; } if (key_len != EVP_AEAD_key_length(ctx->aead)) { - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_init, CIPHER_R_BAD_KEY_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH); return 0; } @@ -102,7 +102,7 @@ static int aead_ssl3_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len, AEAD_SSL3_CTX *ssl3_ctx = OPENSSL_malloc(sizeof(AEAD_SSL3_CTX)); if (ssl3_ctx == NULL) { - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_init, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE); return 0; } EVP_CIPHER_CTX_init(&ssl3_ctx->cipher_ctx); @@ -133,29 +133,29 @@ static int aead_ssl3_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, if (!ssl3_ctx->cipher_ctx.encrypt) { /* Unlike a normal AEAD, an SSL3 AEAD may only be used in one direction. */ - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_seal, CIPHER_R_INVALID_OPERATION); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_OPERATION); return 0; } if (in_len + EVP_AEAD_max_overhead(ctx->aead) < in_len || in_len > INT_MAX) { /* EVP_CIPHER takes int as input. */ - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_seal, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } if (max_out_len < in_len + EVP_AEAD_max_overhead(ctx->aead)) { - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_seal, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (nonce_len != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_seal, CIPHER_R_IV_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_IV_TOO_LARGE); return 0; } if (ad_len != 11 - 2 /* length bytes */) { - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_seal, CIPHER_R_INVALID_AD_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_AD_SIZE); return 0; } @@ -217,36 +217,36 @@ static int aead_ssl3_open(const EVP_AEAD_CTX *ctx, uint8_t *out, if (ssl3_ctx->cipher_ctx.encrypt) { /* Unlike a normal AEAD, an SSL3 AEAD may only be used in one direction. */ - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_INVALID_OPERATION); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_OPERATION); return 0; } size_t mac_len = EVP_MD_CTX_size(&ssl3_ctx->md_ctx); if (in_len < mac_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } if (max_out_len < in_len) { /* This requires that the caller provide space for the MAC, even though it * will always be removed on return. */ - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (nonce_len != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } if (ad_len != 11 - 2 /* length bytes */) { - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_INVALID_AD_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_AD_SIZE); return 0; } if (in_len > INT_MAX) { /* EVP_CIPHER takes int as input. */ - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } @@ -270,12 +270,12 @@ static int aead_ssl3_open(const EVP_AEAD_CTX *ctx, uint8_t *out, if (EVP_CIPHER_CTX_mode(&ssl3_ctx->cipher_ctx) == EVP_CIPH_CBC_MODE) { unsigned padding_length = out[total - 1]; if (total < padding_length + 1 + mac_len) { - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } /* The padding must be minimal. */ if (padding_length + 1 > EVP_CIPHER_CTX_block_size(&ssl3_ctx->cipher_ctx)) { - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } data_len = total - padding_length - 1 - mac_len; @@ -289,7 +289,7 @@ static int aead_ssl3_open(const EVP_AEAD_CTX *ctx, uint8_t *out, return 0; } if (CRYPTO_memcmp(&out[data_len], mac, mac_len) != 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_ssl3_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } @@ -340,6 +340,13 @@ static int aead_des_ede3_cbc_sha1_ssl3_init(EVP_AEAD_CTX *ctx, EVP_sha1()); } +static int aead_null_sha1_ssl3_init(EVP_AEAD_CTX *ctx, const uint8_t *key, + size_t key_len, size_t tag_len, + enum evp_aead_direction_t dir) { + return aead_ssl3_init(ctx, key, key_len, tag_len, dir, EVP_enc_null(), + EVP_sha1()); +} + static const EVP_AEAD aead_rc4_md5_ssl3 = { MD5_DIGEST_LENGTH + 16, /* key len (MD5 + RC4) */ 0, /* nonce len */ @@ -405,6 +412,19 @@ static const EVP_AEAD aead_des_ede3_cbc_sha1_ssl3 = { NULL, /* get_rc4_state */ }; +static const EVP_AEAD aead_null_sha1_ssl3 = { + SHA_DIGEST_LENGTH, /* key len */ + 0, /* nonce len */ + SHA_DIGEST_LENGTH, /* overhead (SHA1) */ + SHA_DIGEST_LENGTH, /* max tag length */ + NULL, /* init */ + aead_null_sha1_ssl3_init, + aead_ssl3_cleanup, + aead_ssl3_seal, + aead_ssl3_open, + NULL, /* get_rc4_state */ +}; + const EVP_AEAD *EVP_aead_rc4_md5_ssl3(void) { return &aead_rc4_md5_ssl3; } const EVP_AEAD *EVP_aead_rc4_sha1_ssl3(void) { return &aead_rc4_sha1_ssl3; } @@ -420,3 +440,5 @@ const EVP_AEAD *EVP_aead_aes_256_cbc_sha1_ssl3(void) { const EVP_AEAD *EVP_aead_des_ede3_cbc_sha1_ssl3(void) { return &aead_des_ede3_cbc_sha1_ssl3; } + +const EVP_AEAD *EVP_aead_null_sha1_ssl3(void) { return &aead_null_sha1_ssl3; } diff --git a/src/crypto/cipher/e_tls.c b/src/crypto/cipher/e_tls.c index bed02cb..2778881 100644 --- a/src/crypto/cipher/e_tls.c +++ b/src/crypto/cipher/e_tls.c @@ -57,12 +57,12 @@ static int aead_tls_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len, char implicit_iv) { if (tag_len != EVP_AEAD_DEFAULT_TAG_LENGTH && tag_len != EVP_MD_size(md)) { - OPENSSL_PUT_ERROR(CIPHER, aead_tls_init, CIPHER_R_UNSUPPORTED_TAG_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_TAG_SIZE); return 0; } if (key_len != EVP_AEAD_key_length(ctx->aead)) { - OPENSSL_PUT_ERROR(CIPHER, aead_tls_init, CIPHER_R_BAD_KEY_LENGTH); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH); return 0; } @@ -75,7 +75,7 @@ static int aead_tls_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len, AEAD_TLS_CTX *tls_ctx = OPENSSL_malloc(sizeof(AEAD_TLS_CTX)); if (tls_ctx == NULL) { - OPENSSL_PUT_ERROR(CIPHER, aead_tls_init, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE); return 0; } EVP_CIPHER_CTX_init(&tls_ctx->cipher_ctx); @@ -109,7 +109,7 @@ static int aead_tls_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, if (!tls_ctx->cipher_ctx.encrypt) { /* Unlike a normal AEAD, a TLS AEAD may only be used in one direction. */ - OPENSSL_PUT_ERROR(CIPHER, aead_tls_seal, CIPHER_R_INVALID_OPERATION); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_OPERATION); return 0; } @@ -117,22 +117,22 @@ static int aead_tls_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, if (in_len + EVP_AEAD_max_overhead(ctx->aead) < in_len || in_len > INT_MAX) { /* EVP_CIPHER takes int as input. */ - OPENSSL_PUT_ERROR(CIPHER, aead_tls_seal, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } if (max_out_len < in_len + EVP_AEAD_max_overhead(ctx->aead)) { - OPENSSL_PUT_ERROR(CIPHER, aead_tls_seal, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (nonce_len != EVP_AEAD_nonce_length(ctx->aead)) { - OPENSSL_PUT_ERROR(CIPHER, aead_tls_seal, CIPHER_R_INVALID_NONCE_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_NONCE_SIZE); return 0; } if (ad_len != 13 - 2 /* length bytes */) { - OPENSSL_PUT_ERROR(CIPHER, aead_tls_seal, CIPHER_R_INVALID_AD_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_AD_SIZE); return 0; } @@ -214,36 +214,36 @@ static int aead_tls_open(const EVP_AEAD_CTX *ctx, uint8_t *out, if (tls_ctx->cipher_ctx.encrypt) { /* Unlike a normal AEAD, a TLS AEAD may only be used in one direction. */ - OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_INVALID_OPERATION); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_OPERATION); return 0; } if (in_len < HMAC_size(&tls_ctx->hmac_ctx)) { - OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } if (max_out_len < in_len) { /* This requires that the caller provide space for the MAC, even though it * will always be removed on return. */ - OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL); return 0; } if (nonce_len != EVP_AEAD_nonce_length(ctx->aead)) { - OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_INVALID_NONCE_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_NONCE_SIZE); return 0; } if (ad_len != 13 - 2 /* length bytes */) { - OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_INVALID_AD_SIZE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_AD_SIZE); return 0; } if (in_len > INT_MAX) { /* EVP_CIPHER takes int as input. */ - OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_TOO_LARGE); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE); return 0; } @@ -278,7 +278,7 @@ static int aead_tls_open(const EVP_AEAD_CTX *ctx, uint8_t *out, (unsigned)HMAC_size(&tls_ctx->hmac_ctx)); /* Publicly invalid. This can be rejected in non-constant time. */ if (padding_ok == 0) { - OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } } else { @@ -312,7 +312,7 @@ static int aead_tls_open(const EVP_AEAD_CTX *ctx, uint8_t *out, if (!EVP_tls_cbc_digest_record(tls_ctx->hmac_ctx.md, mac, &mac_len, ad_fixed, out, data_plus_mac_len, total, tls_ctx->mac_key, tls_ctx->mac_key_len)) { - OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } assert(mac_len == HMAC_size(&tls_ctx->hmac_ctx)); @@ -349,7 +349,7 @@ static int aead_tls_open(const EVP_AEAD_CTX *ctx, uint8_t *out, 0); good &= constant_time_eq_int(padding_ok, 1); if (!good) { - OPENSSL_PUT_ERROR(CIPHER, aead_tls_open, CIPHER_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); return 0; } @@ -444,6 +444,13 @@ static int aead_rc4_sha1_tls_get_rc4_state(const EVP_AEAD_CTX *ctx, return 1; } +static int aead_null_sha1_tls_init(EVP_AEAD_CTX *ctx, const uint8_t *key, + size_t key_len, size_t tag_len, + enum evp_aead_direction_t dir) { + return aead_tls_init(ctx, key, key_len, tag_len, dir, EVP_enc_null(), + EVP_sha1(), 1 /* implicit iv */); +} + static const EVP_AEAD aead_rc4_sha1_tls = { SHA_DIGEST_LENGTH + 16, /* key len (SHA1 + RC4) */ 0, /* nonce len */ @@ -574,6 +581,19 @@ static const EVP_AEAD aead_des_ede3_cbc_sha1_tls_implicit_iv = { NULL, /* get_rc4_state */ }; +static const EVP_AEAD aead_null_sha1_tls = { + SHA_DIGEST_LENGTH, /* key len */ + 0, /* nonce len */ + SHA_DIGEST_LENGTH, /* overhead (SHA1) */ + SHA_DIGEST_LENGTH, /* max tag length */ + NULL, /* init */ + aead_null_sha1_tls_init, + aead_tls_cleanup, + aead_tls_seal, + aead_tls_open, + NULL, /* get_rc4_state */ +}; + const EVP_AEAD *EVP_aead_rc4_sha1_tls(void) { return &aead_rc4_sha1_tls; } const EVP_AEAD *EVP_aead_aes_128_cbc_sha1_tls(void) { @@ -611,3 +631,5 @@ const EVP_AEAD *EVP_aead_des_ede3_cbc_sha1_tls(void) { const EVP_AEAD *EVP_aead_des_ede3_cbc_sha1_tls_implicit_iv(void) { return &aead_des_ede3_cbc_sha1_tls_implicit_iv; } + +const EVP_AEAD *EVP_aead_null_sha1_tls(void) { return &aead_null_sha1_tls; } diff --git a/src/crypto/cipher/test/aes_128_gcm_tests.txt b/src/crypto/cipher/test/aes_128_gcm_tests.txt index 5f7ad35..75466fe 100644 --- a/src/crypto/cipher/test/aes_128_gcm_tests.txt +++ b/src/crypto/cipher/test/aes_128_gcm_tests.txt @@ -418,3 +418,9 @@ AD: 18e2ed6d500b176e49f7e1b5074c0b7dbfdefdf00a63d9fa2fea8c5e78a1c4ae00f17b234429 CT: 5f3627bd53f8da0bbe6f3c9246d6f96fe9abb91cdecf66ddd42f833d98f4d4634c2e1e1ad4088c84c22191bdb9d99ef227320e455dd112c4a9e9cca95724fcc9ae024ed12bf60a802d0b87b99d9bf22590786567c2962171d2b05bec9754c627608e9eba7bccc70540aa4da72e1e04b26d8f968b10230f707501c0091a8ac118f86e87aae1ac00257aee29c3345bd3839154977acd378fc1b2197f5c1fd8e12262f9c2974fb92dc481eeb51aadd44a8851f61b93a84ba57f2870df0423d289bfdcfe634f9ecb7d7c6110a95b49418a2dd6663377690275c205b3efa79a0a77c92567fb429d8ee437312a39df7516dc238f7b9414938223d7ec24d256d3fb3a5954a7c75dbd79486d49ba6bb38a7ccce0f58700260b71319adf98ab8684e34913abe2d9d97193e2 TAG: e690e89af39ff367f5d40a1b7c7ccd4f +KEY: 31323334353637383930313233343536 +NONCE: 31323334353637383930313233343536 +IN: 48656c6c6f2c20576f726c64 +AD: +CT: cec189d0e8419b90fb16d555 +TAG: 32893832a8d609224d77c2e56a922282 diff --git a/src/crypto/cipher/test/cipher_test.txt b/src/crypto/cipher/test/cipher_test.txt index 93cb8f3..21fffdb 100644 --- a/src/crypto/cipher/test/cipher_test.txt +++ b/src/crypto/cipher/test/cipher_test.txt @@ -38,6 +38,22 @@ Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000 Ciphertext = 3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675 +# DES EDE CBC tests +Cipher = DES-EDE-CBC +Key = 0123456789abcdeff1e0d3c2b5a49786 +IV = fedcba9876543210 +Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000 +Ciphertext = 7948C0DA4FE91CD815DCA96DBC9B60A857EB954F4DEB08EB98722642AE69257B + + +# DES EDE tests +Cipher = DES-EDE +Key = 0123456789abcdeff1e0d3c2b5a49786 +IV = fedcba9876543210 +Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000 +Ciphertext = 22E889402E28422F8167AD279D90A566DA75B734E12C671FC2669AECB3E4FE8F + + # AES 128 ECB tests (from FIPS-197 test vectors, encrypt) Cipher = AES-128-ECB Key = 000102030405060708090A0B0C0D0E0F @@ -360,6 +376,13 @@ Ciphertext = 6268c6fa2a80b2d137467f092f657ac04d89be2beaa623d61b5a868c8f03ff95d3d AAD = 00000000000000000000000000000000101112131415161718191a1b1c1d1e1f Tag = 3b629ccfbc1119b7319e1dce2cd6fd6d +Cipher = AES-128-GCM +Key = 31323334353637383930313233343536 +IV = 31323334353637383930313233343536 +Plaintext = 48656c6c6f2c20576f726c64 +Ciphertext = cec189d0e8419b90fb16d555 +Tag = 32893832a8d609224d77c2e56a922282 +AAD = # OFB tests from OpenSSL upstream. @@ -535,3 +558,40 @@ Cipher = AES-192-ECB Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 Ciphertext = 9A4B41BA738D6C72FB16691603C18E0E + +# DES ECB tests + +Cipher = DES-ECB +Key = 0000000000000000 +Plaintext = 0000000000000000 +Ciphertext = 8CA64DE9C1B123A7 + +Cipher = DES-ECB +Key = FFFFFFFFFFFFFFFF +Plaintext = FFFFFFFFFFFFFFFF +Ciphertext = 7359B2163E4EDC58 + +Cipher = DES-ECB +Key = 3000000000000000 +Plaintext = 1000000000000001 +Ciphertext = 958E6E627A05557B + +Cipher = DES-ECB +Key = 1111111111111111 +Plaintext = 1111111111111111 +Ciphertext = F40379AB9E0EC533 + +Cipher = DES-ECB +Key = 0123456789ABCDEF +Plaintext = 1111111111111111 +Ciphertext = 17668DFC7292532D + +Cipher = DES-ECB +Key = 1111111111111111 +Plaintext = 0123456789ABCDEF +Ciphertext = 8A5AE1F81AB8F2DD + +Cipher = DES-ECB +Key = FEDCBA9876543210 +Plaintext = 0123456789ABCDEF +Ciphertext = ED39D950FA74BCC4 diff --git a/src/crypto/cmac/CMakeLists.txt b/src/crypto/cmac/CMakeLists.txt index 8ebd80c..bb3abc3 100644 --- a/src/crypto/cmac/CMakeLists.txt +++ b/src/crypto/cmac/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( cmac @@ -12,6 +12,8 @@ add_executable( cmac_test cmac_test.cc + + $ ) target_link_libraries(cmac_test crypto) diff --git a/src/crypto/cmac/cmac_test.cc b/src/crypto/cmac/cmac_test.cc index 0f06860..53f45d1 100644 --- a/src/crypto/cmac/cmac_test.cc +++ b/src/crypto/cmac/cmac_test.cc @@ -19,16 +19,13 @@ #include #include "../test/scoped_types.h" +#include "../test/test_util.h" -static void dump(const uint8_t *got, const uint8_t *expected, size_t len) { - ScopedBIO bio(BIO_new_fp(stderr, 0 /* don't close */)); - - BIO_puts(bio.get(), "\nGot:\n"); - BIO_hexdump(bio.get(), got, len, 2 /* indent */); - BIO_puts(bio.get(), "Expected:\n"); - BIO_hexdump(bio.get(), expected, len, 2 /* indent */); - BIO_flush(bio.get()); +static void dump(const uint8_t *got, const uint8_t *want, size_t len) { + hexdump(stderr, "got :", got, len); + hexdump(stderr, "want:", want, len); + fflush(stderr); } static int test(const char *name, const uint8_t *key, size_t key_len, diff --git a/src/crypto/conf/CMakeLists.txt b/src/crypto/conf/CMakeLists.txt index 8046bb8..0a3c795 100644 --- a/src/crypto/conf/CMakeLists.txt +++ b/src/crypto/conf/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( conf diff --git a/src/crypto/conf/conf.c b/src/crypto/conf/conf.c index 213efc5..e098a2c 100644 --- a/src/crypto/conf/conf.c +++ b/src/crypto/conf/conf.c @@ -111,6 +111,16 @@ CONF *NCONF_new(void *method) { return conf; } +CONF_VALUE *CONF_VALUE_new(void) { + CONF_VALUE *v = OPENSSL_malloc(sizeof(CONF_VALUE)); + if (!v) { + OPENSSL_PUT_ERROR(CONF, ERR_R_MALLOC_FAILURE); + return NULL; + } + memset(v, 0, sizeof(CONF_VALUE)); + return v; +} + static void value_free_contents(CONF_VALUE *value) { if (value->section) { OPENSSL_free(value->section); @@ -137,29 +147,26 @@ void NCONF_free(CONF *conf) { return; } - lh_CONF_VALUE_doall(conf->data, value_free_contents); + lh_CONF_VALUE_doall(conf->data, value_free); lh_CONF_VALUE_free(conf->data); OPENSSL_free(conf); } CONF_VALUE *NCONF_new_section(const CONF *conf, const char *section) { STACK_OF(CONF_VALUE) *sk = NULL; - int ok = 0, i; + int ok = 0; CONF_VALUE *v = NULL, *old_value; sk = sk_CONF_VALUE_new_null(); - v = OPENSSL_malloc(sizeof(CONF_VALUE)); + v = CONF_VALUE_new(); if (sk == NULL || v == NULL) { goto err; } - i = strlen(section) + 1; - v->section = OPENSSL_malloc(i); + v->section = OPENSSL_strdup(section); if (v->section == NULL) { goto err; } - memcpy(v->section, section, i); - v->section[i-1] = 0; v->name = NULL; v->value = (char *)sk; @@ -285,7 +292,7 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from) { rp = e; if (q) { if (r != q) { - OPENSSL_PUT_ERROR(CONF, str_copy, CONF_R_NO_CLOSE_BRACE); + OPENSSL_PUT_ERROR(CONF, CONF_R_NO_CLOSE_BRACE); goto err; } e++; @@ -304,7 +311,7 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from) { } *rp = r; if (p == NULL) { - OPENSSL_PUT_ERROR(CONF, str_copy, CONF_R_VARIABLE_HAS_NO_VALUE); + OPENSSL_PUT_ERROR(CONF, CONF_R_VARIABLE_HAS_NO_VALUE); goto err; } BUF_MEM_grow_clean(buf, (strlen(p) + buf->length - (e - from))); @@ -372,11 +379,12 @@ const char *NCONF_get_string(const CONF *conf, const char *section, return value->value; } -int add_string(const CONF *conf, CONF_VALUE *section, CONF_VALUE *value) { +static int add_string(const CONF *conf, CONF_VALUE *section, + CONF_VALUE *value) { STACK_OF(CONF_VALUE) *section_stack = (STACK_OF(CONF_VALUE)*) section->value; CONF_VALUE *old_value; - value->section = section->section; + value->section = OPENSSL_strdup(section->section); if (!sk_CONF_VALUE_push(section_stack, value)) { return 0; } @@ -505,20 +513,19 @@ static int def_load_bio(CONF *conf, BIO *in, long *out_error_line) { char *start, *psection, *pname; if ((buff = BUF_MEM_new()) == NULL) { - OPENSSL_PUT_ERROR(CONF, def_load_bio, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(CONF, ERR_R_BUF_LIB); goto err; } - section = (char *)OPENSSL_malloc(10); + section = OPENSSL_strdup("default"); if (section == NULL) { - OPENSSL_PUT_ERROR(CONF, def_load_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CONF, ERR_R_MALLOC_FAILURE); goto err; } - BUF_strlcpy(section, "default", 10); sv = NCONF_new_section(conf, section); if (sv == NULL) { - OPENSSL_PUT_ERROR(CONF, def_load_bio, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); + OPENSSL_PUT_ERROR(CONF, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); goto err; } @@ -526,7 +533,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *out_error_line) { again = 0; for (;;) { if (!BUF_MEM_grow(buff, bufnum + CONFBUFSIZE)) { - OPENSSL_PUT_ERROR(CONF, def_load_bio, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(CONF, ERR_R_BUF_LIB); goto err; } p = &(buff->data[bufnum]); @@ -595,7 +602,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *out_error_line) { ss = p; goto again; } - OPENSSL_PUT_ERROR(CONF, def_load_bio, CONF_R_MISSING_CLOSE_SQUARE_BRACKET); + OPENSSL_PUT_ERROR(CONF, CONF_R_MISSING_CLOSE_SQUARE_BRACKET); goto err; } *end = '\0'; @@ -606,7 +613,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *out_error_line) { sv = NCONF_new_section(conf, section); } if (sv == NULL) { - OPENSSL_PUT_ERROR(CONF, def_load_bio, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); + OPENSSL_PUT_ERROR(CONF, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); goto err; } continue; @@ -623,7 +630,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *out_error_line) { } p = eat_ws(conf, end); if (*p != '=') { - OPENSSL_PUT_ERROR(CONF, def_load_bio, CONF_R_MISSING_EQUAL_SIGN); + OPENSSL_PUT_ERROR(CONF, CONF_R_MISSING_EQUAL_SIGN); goto err; } *end = '\0'; @@ -639,20 +646,17 @@ static int def_load_bio(CONF *conf, BIO *in, long *out_error_line) { p++; *p = '\0'; - if (!(v = (CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) { - OPENSSL_PUT_ERROR(CONF, def_load_bio, ERR_R_MALLOC_FAILURE); + if (!(v = CONF_VALUE_new())) { goto err; } if (psection == NULL) { psection = section; } - v->name = (char *)OPENSSL_malloc(strlen(pname) + 1); - v->value = NULL; + v->name = OPENSSL_strdup(pname); if (v->name == NULL) { - OPENSSL_PUT_ERROR(CONF, def_load_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CONF, ERR_R_MALLOC_FAILURE); goto err; } - BUF_strlcpy(v->name, pname, strlen(pname) + 1); if (!str_copy(conf, psection, &(v->value), start)) { goto err; } @@ -662,14 +666,14 @@ static int def_load_bio(CONF *conf, BIO *in, long *out_error_line) { tv = NCONF_new_section(conf, psection); } if (tv == NULL) { - OPENSSL_PUT_ERROR(CONF, def_load_bio, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); + OPENSSL_PUT_ERROR(CONF, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); goto err; } } else { tv = sv; } if (add_string(conf, tv, v) == 0) { - OPENSSL_PUT_ERROR(CONF, def_load_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CONF, ERR_R_MALLOC_FAILURE); goto err; } v = NULL; @@ -715,7 +719,7 @@ int NCONF_load(CONF *conf, const char *filename, long *out_error_line) { int ret; if (in == NULL) { - OPENSSL_PUT_ERROR(CONF, NCONF_load, ERR_R_SYS_LIB); + OPENSSL_PUT_ERROR(CONF, ERR_R_SYS_LIB); return 0; } @@ -736,7 +740,7 @@ int CONF_parse_list(const char *list, char sep, int remove_whitespace, const char *lstart, *tmpend, *p; if (list == NULL) { - OPENSSL_PUT_ERROR(CONF, CONF_parse_list, CONF_R_LIST_CANNOT_BE_NULL); + OPENSSL_PUT_ERROR(CONF, CONF_R_LIST_CANNOT_BE_NULL); return 0; } diff --git a/src/crypto/conf/internal.h b/src/crypto/conf/internal.h new file mode 100644 index 0000000..03d1a8f --- /dev/null +++ b/src/crypto/conf/internal.h @@ -0,0 +1,31 @@ +/* Copyright (c) 2015, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#ifndef OPENSSL_HEADER_CRYPTO_CONF_INTERNAL_H +#define OPENSSL_HEADER_CRYPTO_CONF_INTERNAL_H + +#if defined(__cplusplus) +extern "C" { +#endif + + +/* CONF_VALUE_new returns a freshly allocated and zeroed |CONF_VALUE|. */ +CONF_VALUE *CONF_VALUE_new(void); + + +#if defined(__cplusplus) +} /* extern C */ +#endif + +#endif /* OPENSSL_HEADER_CRYPTO_CONF_INTERNAL_H */ diff --git a/src/crypto/cpu-arm.c b/src/crypto/cpu-arm.c index 74e937b..6e037ab 100644 --- a/src/crypto/cpu-arm.c +++ b/src/crypto/cpu-arm.c @@ -24,7 +24,7 @@ #include #endif -#include "arm_arch.h" +#include /* We can't include because the Android SDK version against which @@ -70,12 +70,12 @@ static void sigill_handler(int signal) { siglongjmp(sigill_jmp, signal); } -void CRYPTO_arm_neon_probe(); +void CRYPTO_arm_neon_probe(void); // probe_for_NEON returns 1 if a NEON instruction runs successfully. Because // getauxval doesn't exist on Android until Jelly Bean, supporting NEON on // older devices requires this. -static int probe_for_NEON() { +static int probe_for_NEON(void) { int supported = 0; sigset_t sigmask; diff --git a/src/crypto/cpu-intel.c b/src/crypto/cpu-intel.c index df0e127..924bab0 100644 --- a/src/crypto/cpu-intel.c +++ b/src/crypto/cpu-intel.c @@ -68,8 +68,58 @@ #include #include -/* OPENSSL_ia32_cpuid is defined in cpu-x86_64-asm.pl. */ -extern uint64_t OPENSSL_ia32_cpuid(uint32_t*); +#if defined(OPENSSL_WINDOWS) +#pragma warning(push, 3) +#include +#include +#pragma warning(pop) +#endif + + +/* OPENSSL_cpuid runs the cpuid instruction. |leaf| is passed in as EAX and ECX + * is set to zero. It writes EAX, EBX, ECX, and EDX to |*out_eax| through + * |*out_edx|. */ +static void OPENSSL_cpuid(uint32_t *out_eax, uint32_t *out_ebx, + uint32_t *out_ecx, uint32_t *out_edx, uint32_t leaf) { +#if defined(OPENSSL_WINDOWS) + int tmp[4]; + __cpuid(tmp, (int)leaf); + *out_eax = (uint32_t)tmp[0]; + *out_ebx = (uint32_t)tmp[1]; + *out_ecx = (uint32_t)tmp[2]; + *out_edx = (uint32_t)tmp[3]; +#elif defined(__pic__) && defined(OPENSSL_32_BIT) + /* Inline assembly may not clobber the PIC register. For 32-bit, this is EBX. + * See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=47602. */ + __asm__ volatile ( + "xor %%ecx, %%ecx\n" + "mov %%ebx, %%edi\n" + "cpuid\n" + "xchg %%edi, %%ebx\n" + : "=a"(*out_eax), "=D"(*out_ebx), "=c"(*out_ecx), "=d"(*out_edx) + : "a"(leaf) + ); +#else + __asm__ volatile ( + "xor %%ecx, %%ecx\n" + "cpuid\n" + : "=a"(*out_eax), "=b"(*out_ebx), "=c"(*out_ecx), "=d"(*out_edx) + : "a"(leaf) + ); +#endif +} + +/* OPENSSL_xgetbv returns the value of an Intel Extended Control Register (XCR). + * Currently only XCR0 is defined by Intel so |xcr| should always be zero. */ +static uint64_t OPENSSL_xgetbv(uint32_t xcr) { +#if defined(OPENSSL_WINDOWS) + return (uint64_t)_xgetbv(xcr); +#else + uint32_t eax, edx; + __asm__ volatile ("xgetbv" : "=a"(eax), "=d"(edx) : "c"(xcr)); + return (((uint64_t)edx) << 32) | eax; +#endif +} /* handle_cpu_env applies the value from |in| to the CPUID values in |out[0]| * and |out[1]|. See the comment in |OPENSSL_cpuid_setup| about this. */ @@ -91,18 +141,101 @@ static void handle_cpu_env(uint32_t *out, const char *in) { } void OPENSSL_cpuid_setup(void) { - const char *env1, *env2; + /* Determine the vendor and maximum input value. */ + uint32_t eax, ebx, ecx, edx; + OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 0); -#if defined(OPENSSL_X86_64) - OPENSSL_ia32_cpuid(OPENSSL_ia32cap_P); -#else - uint64_t vec = OPENSSL_ia32_cpuid(OPENSSL_ia32cap_P); - /* 1<<10 sets a reserved bit to indicate that the variable - * was already initialised. */ - OPENSSL_ia32cap_P[0] = ((uint32_t)vec) | (1 << 10); - OPENSSL_ia32cap_P[1] = vec >> 32; -#endif + uint32_t num_ids = eax; + + int is_intel = ebx == 0x756e6547 /* Genu */ && + edx == 0x49656e69 /* ineI */ && + ecx == 0x6c65746e /* ntel */; + int is_amd = ebx == 0x68747541 /* Auth */ && + edx == 0x69746e65 /* enti */ && + ecx == 0x444d4163 /* cAMD */; + + int has_amd_xop = 0; + if (is_amd) { + /* AMD-specific logic. + * See http://developer.amd.com/wordpress/media/2012/10/254811.pdf */ + OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 0x80000000); + uint32_t num_extended_ids = eax; + if (num_extended_ids >= 0x80000001) { + OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 0x80000001); + if (ecx & (1 << 11)) { + has_amd_xop = 1; + } + } + } + + uint32_t extended_features = 0; + if (num_ids >= 7) { + OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 7); + extended_features = ebx; + } + /* Determine the number of cores sharing an L1 data cache to adjust the + * hyper-threading bit. */ + uint32_t cores_per_cache = 0; + if (is_amd) { + /* AMD CPUs never share an L1 data cache between threads but do set the HTT + * bit on multi-core CPUs. */ + cores_per_cache = 1; + } else if (num_ids >= 4) { + /* TODO(davidben): The Intel manual says this CPUID leaf enumerates all + * caches using ECX and doesn't say which is first. Does this matter? */ + OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 4); + cores_per_cache = 1 + ((eax >> 14) & 0xfff); + } + + OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 1); + + /* Adjust the hyper-threading bit. */ + if (edx & (1 << 28)) { + uint32_t num_logical_cores = (ebx >> 16) & 0xff; + if (cores_per_cache == 1 || num_logical_cores <= 1) { + edx &= ~(1 << 28); + } + } + + /* Reserved bit #20 was historically repurposed to control the in-memory + * representation of RC4 state. Always set it to zero. */ + edx &= ~(1 << 20); + + /* Reserved bit #30 is repurposed to signal an Intel CPU. */ + if (is_intel) { + edx |= (1 << 30); + } else { + edx &= ~(1 << 30); + } + + /* The SDBG bit is repurposed to denote AMD XOP support. */ + if (has_amd_xop) { + ecx |= (1 << 11); + } else { + ecx &= ~(1 << 11); + } + + uint64_t xcr0 = 0; + if (ecx & (1 << 27)) { + /* XCR0 may only be queried if the OSXSAVE bit is set. */ + xcr0 = OPENSSL_xgetbv(0); + } + /* See Intel manual, section 14.3. */ + if ((xcr0 & 6) != 6) { + /* YMM registers cannot be used. */ + ecx &= ~(1 << 28); /* AVX */ + ecx &= ~(1 << 12); /* FMA */ + ecx &= ~(1 << 11); /* AMD XOP */ + extended_features &= ~(1 << 5); /* AVX2 */ + } + + OPENSSL_ia32cap_P[0] = edx; + OPENSSL_ia32cap_P[1] = ecx; + OPENSSL_ia32cap_P[2] = extended_features; + OPENSSL_ia32cap_P[3] = 0; + + const char *env1, *env2; env1 = getenv("OPENSSL_ia32cap"); if (env1 == NULL) { return; diff --git a/src/crypto/cpu-x86-asm.pl b/src/crypto/cpu-x86-asm.pl deleted file mode 100644 index 319c436..0000000 --- a/src/crypto/cpu-x86-asm.pl +++ /dev/null @@ -1,334 +0,0 @@ -#!/usr/bin/env perl - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -push(@INC, "${dir}perlasm", "perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],"crypto/cpu-x86-asm"); - -for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } - -&function_begin("OPENSSL_ia32_cpuid"); - &xor ("edx","edx"); - &pushf (); - &pop ("eax"); - &mov ("ecx","eax"); - &xor ("eax",1<<21); - &push ("eax"); - &popf (); - &pushf (); - &pop ("eax"); - &xor ("ecx","eax"); - &xor ("eax","eax"); - &bt ("ecx",21); - &jnc (&label("nocpuid")); - &mov ("esi",&wparam(0)); - &mov (&DWP(8,"esi"),"eax"); # clear 3rd word - &cpuid (); - &mov ("edi","eax"); # max value for standard query level - - &xor ("eax","eax"); - &cmp ("ebx",0x756e6547); # "Genu" - &setne (&LB("eax")); - &mov ("ebp","eax"); - &cmp ("edx",0x49656e69); # "ineI" - &setne (&LB("eax")); - &or ("ebp","eax"); - &cmp ("ecx",0x6c65746e); # "ntel" - &setne (&LB("eax")); - &or ("ebp","eax"); # 0 indicates Intel CPU - &jz (&label("intel")); - - &cmp ("ebx",0x68747541); # "Auth" - &setne (&LB("eax")); - &mov ("esi","eax"); - &cmp ("edx",0x69746E65); # "enti" - &setne (&LB("eax")); - &or ("esi","eax"); - &cmp ("ecx",0x444D4163); # "cAMD" - &setne (&LB("eax")); - &or ("esi","eax"); # 0 indicates AMD CPU - &jnz (&label("intel")); - - # AMD specific - &mov ("eax",0x80000000); - &cpuid (); - &cmp ("eax",0x80000001); - &jb (&label("intel")); - &mov ("esi","eax"); - &mov ("eax",0x80000001); - &cpuid (); - &or ("ebp","ecx"); - &and ("ebp",1<<11|1); # isolate XOP bit - &cmp ("esi",0x80000008); - &jb (&label("intel")); - - &mov ("eax",0x80000008); - &cpuid (); - &movz ("esi",&LB("ecx")); # number of cores - 1 - &inc ("esi"); # number of cores - - &mov ("eax",1); - &xor ("ecx","ecx"); - &cpuid (); - &bt ("edx",28); - &jnc (&label("generic")); - &shr ("ebx",16); - &and ("ebx",0xff); - &cmp ("ebx","esi"); - &ja (&label("generic")); - &and ("edx",0xefffffff); # clear hyper-threading bit - &jmp (&label("generic")); - -&set_label("intel"); - &cmp ("edi",7); - &jb (&label("cacheinfo")); - - &mov ("esi",&wparam(0)); - &mov ("eax",7); - &xor ("ecx","ecx"); - &cpuid (); - &mov (&DWP(8,"esi"),"ebx"); - -&set_label("cacheinfo"); - &cmp ("edi",4); - &mov ("edi",-1); - &jb (&label("nocacheinfo")); - - &mov ("eax",4); - &mov ("ecx",0); # query L1D - &cpuid (); - &mov ("edi","eax"); - &shr ("edi",14); - &and ("edi",0xfff); # number of cores -1 per L1D - -&set_label("nocacheinfo"); - &mov ("eax",1); - &xor ("ecx","ecx"); - &cpuid (); - &and ("edx",0xbfefffff); # force reserved bits #20, #30 to 0 - &cmp ("ebp",0); - &jne (&label("notintel")); - &or ("edx",1<<30); # set reserved bit#30 on Intel CPUs -&set_label("notintel"); - &bt ("edx",28); # test hyper-threading bit - &jnc (&label("generic")); - &and ("edx",0xefffffff); - &cmp ("edi",0); - &je (&label("generic")); - - &or ("edx",0x10000000); - &shr ("ebx",16); - &cmp (&LB("ebx"),1); - &ja (&label("generic")); - &and ("edx",0xefffffff); # clear hyper-threading bit if not - -&set_label("generic"); - &and ("ebp",1<<11); # isolate AMD XOP flag - &and ("ecx",0xfffff7ff); # force 11th bit to 0 - &mov ("esi","edx"); - &or ("ebp","ecx"); # merge AMD XOP flag - - &bt ("ecx",27); # check OSXSAVE bit - &jnc (&label("clear_avx")); - &xor ("ecx","ecx"); - &data_byte(0x0f,0x01,0xd0); # xgetbv - &and ("eax",6); - &cmp ("eax",6); - &je (&label("done")); - &cmp ("eax",2); - &je (&label("clear_avx")); -&set_label("clear_xmm"); - &and ("ebp",0xfdfffffd); # clear AESNI and PCLMULQDQ bits - &and ("esi",0xfeffffff); # clear FXSR -&set_label("clear_avx"); - &and ("ebp",0xefffe7ff); # clear AVX, FMA and AMD XOP bits - &mov ("edi",&wparam(0)); - &and (&DWP(8,"edi"),0xffffffdf); # clear AVX2 -&set_label("done"); - &mov ("eax","esi"); - &mov ("edx","ebp"); -&set_label("nocpuid"); -&function_end("OPENSSL_ia32_cpuid"); - -&external_label("OPENSSL_ia32cap_P"); - -&function_begin_B("OPENSSL_rdtsc","EXTRN\t_OPENSSL_ia32cap_P:DWORD"); - &xor ("eax","eax"); - &xor ("edx","edx"); - &picmeup("ecx","OPENSSL_ia32cap_P"); - &bt (&DWP(0,"ecx"),4); - &jnc (&label("notsc")); - &rdtsc (); -&set_label("notsc"); - &ret (); -&function_end_B("OPENSSL_rdtsc"); - -# This works in Ring 0 only [read DJGPP+MS-DOS+privileged DPMI host], -# but it's safe to call it on any [supported] 32-bit platform... -# Just check for [non-]zero return value... -&function_begin_B("OPENSSL_instrument_halt","EXTRN\t_OPENSSL_ia32cap_P:DWORD"); - &picmeup("ecx","OPENSSL_ia32cap_P"); - &bt (&DWP(0,"ecx"),4); - &jnc (&label("nohalt")); # no TSC - - &data_word(0x9058900e); # push %cs; pop %eax - &and ("eax",3); - &jnz (&label("nohalt")); # not enough privileges - - &pushf (); - &pop ("eax"); - &bt ("eax",9); - &jnc (&label("nohalt")); # interrupts are disabled - - &rdtsc (); - &push ("edx"); - &push ("eax"); - &halt (); - &rdtsc (); - - &sub ("eax",&DWP(0,"esp")); - &sbb ("edx",&DWP(4,"esp")); - &add ("esp",8); - &ret (); - -&set_label("nohalt"); - &xor ("eax","eax"); - &xor ("edx","edx"); - &ret (); -&function_end_B("OPENSSL_instrument_halt"); - -# Essentially there is only one use for this function. Under DJGPP: -# -# #include -# ... -# i=OPENSSL_far_spin(_dos_ds,0x46c); -# ... -# to obtain the number of spins till closest timer interrupt. - -&function_begin_B("OPENSSL_far_spin"); - &pushf (); - &pop ("eax"); - &bt ("eax",9); - &jnc (&label("nospin")); # interrupts are disabled - - &mov ("eax",&DWP(4,"esp")); - &mov ("ecx",&DWP(8,"esp")); - &data_word (0x90d88e1e); # push %ds, mov %eax,%ds - &xor ("eax","eax"); - &mov ("edx",&DWP(0,"ecx")); - &jmp (&label("spin")); - - &align (16); -&set_label("spin"); - &inc ("eax"); - &cmp ("edx",&DWP(0,"ecx")); - &je (&label("spin")); - - &data_word (0x1f909090); # pop %ds - &ret (); - -&set_label("nospin"); - &xor ("eax","eax"); - &xor ("edx","edx"); - &ret (); -&function_end_B("OPENSSL_far_spin"); - -&function_begin_B("OPENSSL_wipe_cpu","EXTRN\t_OPENSSL_ia32cap_P:DWORD"); - &xor ("eax","eax"); - &xor ("edx","edx"); - &picmeup("ecx","OPENSSL_ia32cap_P"); - &mov ("ecx",&DWP(0,"ecx")); - &bt (&DWP(0,"ecx"),1); - &jnc (&label("no_x87")); - if ($sse2) { - &and ("ecx",1<<26|1<<24); # check SSE2 and FXSR bits - &cmp ("ecx",1<<26|1<<24); - &jne (&label("no_sse2")); - &pxor ("xmm0","xmm0"); - &pxor ("xmm1","xmm1"); - &pxor ("xmm2","xmm2"); - &pxor ("xmm3","xmm3"); - &pxor ("xmm4","xmm4"); - &pxor ("xmm5","xmm5"); - &pxor ("xmm6","xmm6"); - &pxor ("xmm7","xmm7"); - &set_label("no_sse2"); - } - # just a bunch of fldz to zap the fp/mm bank followed by finit... - &data_word(0xeed9eed9,0xeed9eed9,0xeed9eed9,0xeed9eed9,0x90e3db9b); -&set_label("no_x87"); - &lea ("eax",&DWP(4,"esp")); - &ret (); -&function_end_B("OPENSSL_wipe_cpu"); - -&function_begin_B("OPENSSL_atomic_add"); - &mov ("edx",&DWP(4,"esp")); # fetch the pointer, 1st arg - &mov ("ecx",&DWP(8,"esp")); # fetch the increment, 2nd arg - &push ("ebx"); - &nop (); - &mov ("eax",&DWP(0,"edx")); -&set_label("spin"); - &lea ("ebx",&DWP(0,"eax","ecx")); - &nop (); - &data_word(0x1ab10ff0); # lock; cmpxchg %ebx,(%edx) # %eax is envolved and is always reloaded - &jne (&label("spin")); - &mov ("eax","ebx"); # OpenSSL expects the new value - &pop ("ebx"); - &ret (); -&function_end_B("OPENSSL_atomic_add"); - -# This function can become handy under Win32 in situations when -# we don't know which calling convention, __stdcall or __cdecl(*), -# indirect callee is using. In C it can be deployed as -# -#ifdef OPENSSL_CPUID_OBJ -# type OPENSSL_indirect_call(void *f,...); -# ... -# OPENSSL_indirect_call(func,[up to $max arguments]); -#endif -# -# (*) it's designed to work even for __fastcall if number of -# arguments is 1 or 2! -&function_begin_B("OPENSSL_indirect_call"); - { - my ($max,$i)=(7,); # $max has to be chosen as 4*n-1 - # in order to preserve eventual - # stack alignment - &push ("ebp"); - &mov ("ebp","esp"); - &sub ("esp",$max*4); - &mov ("ecx",&DWP(12,"ebp")); - &mov (&DWP(0,"esp"),"ecx"); - &mov ("edx",&DWP(16,"ebp")); - &mov (&DWP(4,"esp"),"edx"); - for($i=2;$i<$max;$i++) - { - # Some copies will be redundant/bogus... - &mov ("eax",&DWP(12+$i*4,"ebp")); - &mov (&DWP(0+$i*4,"esp"),"eax"); - } - &call_ptr (&DWP(8,"ebp"));# make the call... - &mov ("esp","ebp"); # ... and just restore the stack pointer - # without paying attention to what we called, - # (__cdecl *func) or (__stdcall *one). - &pop ("ebp"); - &ret (); - } -&function_end_B("OPENSSL_indirect_call"); - -&function_begin_B("OPENSSL_ia32_rdrand"); - &mov ("ecx",8); -&set_label("loop"); - &rdrand ("eax"); - &jc (&label("break")); - &loop (&label("loop")); -&set_label("break"); - &cmp ("eax",0); - &cmove ("eax","ecx"); - &ret (); -&function_end_B("OPENSSL_ia32_rdrand"); - -&hidden("OPENSSL_ia32cap_P"); - -&asm_finish(); diff --git a/src/crypto/cpu-x86_64-asm.pl b/src/crypto/cpu-x86_64-asm.pl deleted file mode 100644 index 89d7a6c..0000000 --- a/src/crypto/cpu-x86_64-asm.pl +++ /dev/null @@ -1,163 +0,0 @@ -#!/usr/bin/env perl - -$flavour = shift; -$output = shift; -if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } - -$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/); - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or -( $xlate="${dir}perlasm/x86_64-xlate.pl" and -f $xlate) or -die "can't locate x86_64-xlate.pl"; - -open OUT,"| \"$^X\" $xlate $flavour $output"; -*STDOUT=*OUT; - -($arg1,$arg2,$arg3,$arg4)=$win64?("%rcx","%rdx","%r8", "%r9") : # Win64 order - ("%rdi","%rsi","%rdx","%rcx"); # Unix order - -print<<___; -.text - -.globl OPENSSL_ia32_cpuid -.type OPENSSL_ia32_cpuid,\@function,1 -.align 16 -OPENSSL_ia32_cpuid: - # On Windows, $arg1 is rcx, but that will be clobbered. So make Windows - # use the same register as Unix. - mov $arg1,%rdi - mov %rbx,%r8 # save %rbx - - xor %eax,%eax - mov %eax,8(%rdi) # clear 3rd word - cpuid - mov %eax,%r11d # max value for standard query level - - xor %eax,%eax - cmp \$0x756e6547,%ebx # "Genu" - setne %al - mov %eax,%r9d - cmp \$0x49656e69,%edx # "ineI" - setne %al - or %eax,%r9d - cmp \$0x6c65746e,%ecx # "ntel" - setne %al - or %eax,%r9d # 0 indicates Intel CPU - jz .Lintel - - cmp \$0x68747541,%ebx # "Auth" - setne %al - mov %eax,%r10d - cmp \$0x69746E65,%edx # "enti" - setne %al - or %eax,%r10d - cmp \$0x444D4163,%ecx # "cAMD" - setne %al - or %eax,%r10d # 0 indicates AMD CPU - jnz .Lintel - - # AMD specific - # See http://developer.amd.com/wordpress/media/2012/10/254811.pdf (1) - - mov \$0x80000000,%eax - cpuid - # Returns "The largest CPUID extended function input value supported by - # the processor implementation." in EAX. - cmp \$0x80000001,%eax - jb .Lintel - mov %eax,%r10d - mov \$0x80000001,%eax - cpuid - # Returns feature bits in ECX. See page 20 of [1]. - # TODO(fork): I think this should be a MOV. - or %ecx,%r9d - and \$0x00000801,%r9d # isolate AMD XOP bit, 1<<11 - - cmp \$0x80000008,%r10d - jb .Lintel - - mov \$0x80000008,%eax - cpuid - # Returns APIC ID and number of cores in ECX. See page 27 of [1]. - movzb %cl,%r10 # number of cores - 1 - inc %r10 # number of cores - - mov \$1,%eax - cpuid - # See page 13 of [1]. - bt \$28,%edx # test hyper-threading bit - jnc .Lgeneric - shr \$16,%ebx # number of logical processors - cmp %r10b,%bl - ja .Lgeneric - and \$0xefffffff,%edx # Clear hyper-threading bit. - jmp .Lgeneric - -.Lintel: - cmp \$4,%r11d - mov \$-1,%r10d - jb .Lnocacheinfo - - mov \$4,%eax - mov \$0,%ecx # query L1D - cpuid - mov %eax,%r10d - shr \$14,%r10d - and \$0xfff,%r10d # number of cores -1 per L1D - - cmp \$7,%r11d - jb .Lnocacheinfo - - mov \$7,%eax - xor %ecx,%ecx - cpuid - mov %ebx,8(%rdi) - -.Lnocacheinfo: - mov \$1,%eax - cpuid - # Gets feature information. See table 3-21 in the Intel manual. - and \$0xbfefffff,%edx # force reserved bits to 0 - cmp \$0,%r9d - jne .Lnotintel - or \$0x40000000,%edx # set reserved bit#30 on Intel CPUs -.Lnotintel: - bt \$28,%edx # test hyper-threading bit - jnc .Lgeneric - and \$0xefffffff,%edx # ~(1<<28) - clear hyper-threading. - cmp \$0,%r10d - je .Lgeneric - - or \$0x10000000,%edx # 1<<28 - shr \$16,%ebx - cmp \$1,%bl # see if cache is shared - ja .Lgeneric - and \$0xefffffff,%edx # ~(1<<28) -.Lgeneric: - and \$0x00000800,%r9d # isolate AMD XOP flag - and \$0xfffff7ff,%ecx - or %ecx,%r9d # merge AMD XOP flag - - mov %edx,%r10d # %r9d:%r10d is copy of %ecx:%edx - bt \$27,%r9d # check OSXSAVE bit - jnc .Lclear_avx - xor %ecx,%ecx # XCR0 - .byte 0x0f,0x01,0xd0 # xgetbv - and \$6,%eax # isolate XMM and YMM state support - cmp \$6,%eax - je .Ldone -.Lclear_avx: - mov \$0xefffe7ff,%eax # ~(1<<28|1<<12|1<<11) - and %eax,%r9d # clear AVX, FMA and AMD XOP bits - andl \$0xffffffdf,8(%rdi) # cleax AVX2, ~(1<<5) -.Ldone: - movl %r9d,4(%rdi) - movl %r10d,0(%rdi) - mov %r8,%rbx # restore %rbx - ret -.size OPENSSL_ia32_cpuid,.-OPENSSL_ia32_cpuid - -___ - -close STDOUT; # flush diff --git a/src/crypto/crypto.c b/src/crypto/crypto.c index d9bb07e..34d04b4 100644 --- a/src/crypto/crypto.c +++ b/src/crypto/crypto.c @@ -55,7 +55,7 @@ uint32_t OPENSSL_ia32cap_P[4] = {0}; #elif defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64) -#include "arm_arch.h" +#include #if defined(__ARM_NEON__) uint32_t OPENSSL_armcap_P = ARMV7_NEON | ARMV7_NEON_FUNCTIONAL; diff --git a/src/crypto/des/CMakeLists.txt b/src/crypto/des/CMakeLists.txt index 7d49ff3..f61fa14 100644 --- a/src/crypto/des/CMakeLists.txt +++ b/src/crypto/des/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( des diff --git a/src/crypto/des/des.c b/src/crypto/des/des.c index 9cd75f5..a5669a6 100644 --- a/src/crypto/des/des.c +++ b/src/crypto/des/des.c @@ -298,10 +298,8 @@ void DES_set_key(const DES_cblock *key, DES_key_schedule *schedule) { 0, 1, 1, 1, 1, 1, 1, 0}; uint32_t c, d, t, s, t2; const uint8_t *in; - uint32_t *k; int i; - k = &schedule->ks->deslong[0]; in = key->bytes; c2l(in, c); @@ -344,10 +342,10 @@ void DES_set_key(const DES_cblock *key, DES_key_schedule *schedule) { /* table contained 0213 4657 */ t2 = ((t << 16L) | (s & 0x0000ffffL)) & 0xffffffffL; - *(k++) = ROTATE(t2, 30) & 0xffffffffL; + schedule->subkeys[i][0] = ROTATE(t2, 30) & 0xffffffffL; t2 = ((s >> 16L) | (t & 0xffff0000L)); - *(k++) = ROTATE(t2, 26) & 0xffffffffL; + schedule->subkeys[i][1] = ROTATE(t2, 26) & 0xffffffffL; } } @@ -382,7 +380,6 @@ void DES_set_odd_parity(DES_cblock *key) { static void DES_encrypt1(uint32_t *data, const DES_key_schedule *ks, int enc) { uint32_t l, r, t, u; - const uint32_t *s; r = data[0]; l = data[1]; @@ -398,43 +395,42 @@ static void DES_encrypt1(uint32_t *data, const DES_key_schedule *ks, int enc) { r = ROTATE(r, 29) & 0xffffffffL; l = ROTATE(l, 29) & 0xffffffffL; - s = ks->ks->deslong; /* I don't know if it is worth the effort of loop unrolling the * inner loop */ if (enc) { - D_ENCRYPT(l, r, 0); /* 1 */ - D_ENCRYPT(r, l, 2); /* 2 */ - D_ENCRYPT(l, r, 4); /* 3 */ - D_ENCRYPT(r, l, 6); /* 4 */ - D_ENCRYPT(l, r, 8); /* 5 */ - D_ENCRYPT(r, l, 10); /* 6 */ - D_ENCRYPT(l, r, 12); /* 7 */ - D_ENCRYPT(r, l, 14); /* 8 */ - D_ENCRYPT(l, r, 16); /* 9 */ - D_ENCRYPT(r, l, 18); /* 10 */ - D_ENCRYPT(l, r, 20); /* 11 */ - D_ENCRYPT(r, l, 22); /* 12 */ - D_ENCRYPT(l, r, 24); /* 13 */ - D_ENCRYPT(r, l, 26); /* 14 */ - D_ENCRYPT(l, r, 28); /* 15 */ - D_ENCRYPT(r, l, 30); /* 16 */ + D_ENCRYPT(ks, l, r, 0); + D_ENCRYPT(ks, r, l, 1); + D_ENCRYPT(ks, l, r, 2); + D_ENCRYPT(ks, r, l, 3); + D_ENCRYPT(ks, l, r, 4); + D_ENCRYPT(ks, r, l, 5); + D_ENCRYPT(ks, l, r, 6); + D_ENCRYPT(ks, r, l, 7); + D_ENCRYPT(ks, l, r, 8); + D_ENCRYPT(ks, r, l, 9); + D_ENCRYPT(ks, l, r, 10); + D_ENCRYPT(ks, r, l, 11); + D_ENCRYPT(ks, l, r, 12); + D_ENCRYPT(ks, r, l, 13); + D_ENCRYPT(ks, l, r, 14); + D_ENCRYPT(ks, r, l, 15); } else { - D_ENCRYPT(l, r, 30); /* 16 */ - D_ENCRYPT(r, l, 28); /* 15 */ - D_ENCRYPT(l, r, 26); /* 14 */ - D_ENCRYPT(r, l, 24); /* 13 */ - D_ENCRYPT(l, r, 22); /* 12 */ - D_ENCRYPT(r, l, 20); /* 11 */ - D_ENCRYPT(l, r, 18); /* 10 */ - D_ENCRYPT(r, l, 16); /* 9 */ - D_ENCRYPT(l, r, 14); /* 8 */ - D_ENCRYPT(r, l, 12); /* 7 */ - D_ENCRYPT(l, r, 10); /* 6 */ - D_ENCRYPT(r, l, 8); /* 5 */ - D_ENCRYPT(l, r, 6); /* 4 */ - D_ENCRYPT(r, l, 4); /* 3 */ - D_ENCRYPT(l, r, 2); /* 2 */ - D_ENCRYPT(r, l, 0); /* 1 */ + D_ENCRYPT(ks, l, r, 15); + D_ENCRYPT(ks, r, l, 14); + D_ENCRYPT(ks, l, r, 13); + D_ENCRYPT(ks, r, l, 12); + D_ENCRYPT(ks, l, r, 11); + D_ENCRYPT(ks, r, l, 10); + D_ENCRYPT(ks, l, r, 9); + D_ENCRYPT(ks, r, l, 8); + D_ENCRYPT(ks, l, r, 7); + D_ENCRYPT(ks, r, l, 6); + D_ENCRYPT(ks, l, r, 5); + D_ENCRYPT(ks, r, l, 4); + D_ENCRYPT(ks, l, r, 3); + D_ENCRYPT(ks, r, l, 2); + D_ENCRYPT(ks, l, r, 1); + D_ENCRYPT(ks, r, l, 0); } /* rotate and clear the top bits on machines with 8byte longs */ @@ -448,7 +444,6 @@ static void DES_encrypt1(uint32_t *data, const DES_key_schedule *ks, int enc) { static void DES_encrypt2(uint32_t *data, const DES_key_schedule *ks, int enc) { uint32_t l, r, t, u; - const uint32_t *s; r = data[0]; l = data[1]; @@ -462,52 +457,51 @@ static void DES_encrypt2(uint32_t *data, const DES_key_schedule *ks, int enc) { r = ROTATE(r, 29) & 0xffffffffL; l = ROTATE(l, 29) & 0xffffffffL; - s = ks->ks->deslong; /* I don't know if it is worth the effort of loop unrolling the * inner loop */ if (enc) { - D_ENCRYPT(l, r, 0); /* 1 */ - D_ENCRYPT(r, l, 2); /* 2 */ - D_ENCRYPT(l, r, 4); /* 3 */ - D_ENCRYPT(r, l, 6); /* 4 */ - D_ENCRYPT(l, r, 8); /* 5 */ - D_ENCRYPT(r, l, 10); /* 6 */ - D_ENCRYPT(l, r, 12); /* 7 */ - D_ENCRYPT(r, l, 14); /* 8 */ - D_ENCRYPT(l, r, 16); /* 9 */ - D_ENCRYPT(r, l, 18); /* 10 */ - D_ENCRYPT(l, r, 20); /* 11 */ - D_ENCRYPT(r, l, 22); /* 12 */ - D_ENCRYPT(l, r, 24); /* 13 */ - D_ENCRYPT(r, l, 26); /* 14 */ - D_ENCRYPT(l, r, 28); /* 15 */ - D_ENCRYPT(r, l, 30); /* 16 */ + D_ENCRYPT(ks, l, r, 0); + D_ENCRYPT(ks, r, l, 1); + D_ENCRYPT(ks, l, r, 2); + D_ENCRYPT(ks, r, l, 3); + D_ENCRYPT(ks, l, r, 4); + D_ENCRYPT(ks, r, l, 5); + D_ENCRYPT(ks, l, r, 6); + D_ENCRYPT(ks, r, l, 7); + D_ENCRYPT(ks, l, r, 8); + D_ENCRYPT(ks, r, l, 9); + D_ENCRYPT(ks, l, r, 10); + D_ENCRYPT(ks, r, l, 11); + D_ENCRYPT(ks, l, r, 12); + D_ENCRYPT(ks, r, l, 13); + D_ENCRYPT(ks, l, r, 14); + D_ENCRYPT(ks, r, l, 15); } else { - D_ENCRYPT(l, r, 30); /* 16 */ - D_ENCRYPT(r, l, 28); /* 15 */ - D_ENCRYPT(l, r, 26); /* 14 */ - D_ENCRYPT(r, l, 24); /* 13 */ - D_ENCRYPT(l, r, 22); /* 12 */ - D_ENCRYPT(r, l, 20); /* 11 */ - D_ENCRYPT(l, r, 18); /* 10 */ - D_ENCRYPT(r, l, 16); /* 9 */ - D_ENCRYPT(l, r, 14); /* 8 */ - D_ENCRYPT(r, l, 12); /* 7 */ - D_ENCRYPT(l, r, 10); /* 6 */ - D_ENCRYPT(r, l, 8); /* 5 */ - D_ENCRYPT(l, r, 6); /* 4 */ - D_ENCRYPT(r, l, 4); /* 3 */ - D_ENCRYPT(l, r, 2); /* 2 */ - D_ENCRYPT(r, l, 0); /* 1 */ + D_ENCRYPT(ks, l, r, 15); + D_ENCRYPT(ks, r, l, 14); + D_ENCRYPT(ks, l, r, 13); + D_ENCRYPT(ks, r, l, 12); + D_ENCRYPT(ks, l, r, 11); + D_ENCRYPT(ks, r, l, 10); + D_ENCRYPT(ks, l, r, 9); + D_ENCRYPT(ks, r, l, 8); + D_ENCRYPT(ks, l, r, 7); + D_ENCRYPT(ks, r, l, 6); + D_ENCRYPT(ks, l, r, 5); + D_ENCRYPT(ks, r, l, 4); + D_ENCRYPT(ks, l, r, 3); + D_ENCRYPT(ks, r, l, 2); + D_ENCRYPT(ks, l, r, 1); + D_ENCRYPT(ks, r, l, 0); } /* rotate and clear the top bits on machines with 8byte longs */ data[0] = ROTATE(l, 3) & 0xffffffffL; data[1] = ROTATE(r, 3) & 0xffffffffL; } -static void DES_encrypt3(uint32_t *data, const DES_key_schedule *ks1, - const DES_key_schedule *ks2, - const DES_key_schedule *ks3) { +/* DES_encrypt3 is not static because it's used in decrepit. */ +void DES_encrypt3(uint32_t *data, const DES_key_schedule *ks1, + const DES_key_schedule *ks2, const DES_key_schedule *ks3) { uint32_t l, r; l = data[0]; @@ -525,9 +519,9 @@ static void DES_encrypt3(uint32_t *data, const DES_key_schedule *ks1, data[1] = r; } -static void DES_decrypt3(uint32_t *data, const DES_key_schedule *ks1, - const DES_key_schedule *ks2, - const DES_key_schedule *ks3) { +/* DES_decrypt3 is not static because it's used in decrepit. */ +void DES_decrypt3(uint32_t *data, const DES_key_schedule *ks1, + const DES_key_schedule *ks2, const DES_key_schedule *ks3) { uint32_t l, r; l = data[0]; @@ -770,3 +764,10 @@ void DES_ede2_cbc_encrypt(const uint8_t *in, uint8_t *out, size_t len, int enc) { DES_ede3_cbc_encrypt(in, out, len, ks1, ks2, ks1, ivec, enc); } + + +/* Deprecated functions. */ + +void DES_set_key_unchecked(const DES_cblock *key, DES_key_schedule *schedule) { + DES_set_key(key, schedule); +} diff --git a/src/crypto/des/internal.h b/src/crypto/des/internal.h index d3a5cec..91559ff 100644 --- a/src/crypto/des/internal.h +++ b/src/crypto/des/internal.h @@ -183,13 +183,13 @@ how to use xors :-) I got it to its final state. PERM_OP(l, r, tt, 4, 0x0f0f0f0fL); \ } -#define LOAD_DATA(R, S, u, t, E0, E1) \ - u = R ^ s[S]; \ - t = R ^ s[S + 1] +#define LOAD_DATA(ks, R, S, u, t, E0, E1) \ + u = R ^ ks->subkeys[S][0]; \ + t = R ^ ks->subkeys[S][1] -#define D_ENCRYPT(LL, R, S) \ +#define D_ENCRYPT(ks, LL, R, S) \ { \ - LOAD_DATA(R, S, u, t, E0, E1); \ + LOAD_DATA(ks, R, S, u, t, E0, E1); \ t = ROTATE(t, 4); \ LL ^= \ DES_SPtrans[0][(u >> 2L) & 0x3f] ^ DES_SPtrans[2][(u >> 10L) & 0x3f] ^ \ diff --git a/src/crypto/dh/CMakeLists.txt b/src/crypto/dh/CMakeLists.txt index d0c1da7..1a46512 100644 --- a/src/crypto/dh/CMakeLists.txt +++ b/src/crypto/dh/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( dh diff --git a/src/crypto/dh/dh.c b/src/crypto/dh/dh.c index 96b85f3..d25f358 100644 --- a/src/crypto/dh/dh.c +++ b/src/crypto/dh/dh.c @@ -78,7 +78,7 @@ DH *DH_new(void) { return DH_new_method(NULL); } DH *DH_new_method(const ENGINE *engine) { DH *dh = (DH *)OPENSSL_malloc(sizeof(DH)); if (dh == NULL) { - OPENSSL_PUT_ERROR(DH, DH_new_method, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(DH, ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/src/crypto/dh/dh_impl.c b/src/crypto/dh/dh_impl.c index f269412..6cf0abb 100644 --- a/src/crypto/dh/dh_impl.c +++ b/src/crypto/dh/dh_impl.c @@ -117,7 +117,7 @@ static int generate_parameters(DH *ret, int prime_bits, int generator, BN_GENCB } if (generator <= 1) { - OPENSSL_PUT_ERROR(DH, generate_parameters, DH_R_BAD_GENERATOR); + OPENSSL_PUT_ERROR(DH, DH_R_BAD_GENERATOR); goto err; } if (generator == DH_GENERATOR_2) { @@ -165,7 +165,7 @@ static int generate_parameters(DH *ret, int prime_bits, int generator, BN_GENCB err: if (!ok) { - OPENSSL_PUT_ERROR(DH, generate_parameters, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(DH, ERR_R_BN_LIB); } if (ctx != NULL) { @@ -242,7 +242,7 @@ static int generate_key(DH *dh) { err: if (ok != 1) { - OPENSSL_PUT_ERROR(DH, generate_key, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(DH, ERR_R_BN_LIB); } if (dh->pub_key == NULL) { @@ -264,7 +264,7 @@ static int compute_key(DH *dh, unsigned char *out, const BIGNUM *pub_key) { BIGNUM local_priv; if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) { - OPENSSL_PUT_ERROR(DH, compute_key, DH_R_MODULUS_TOO_LARGE); + OPENSSL_PUT_ERROR(DH, DH_R_MODULUS_TOO_LARGE); goto err; } @@ -279,7 +279,7 @@ static int compute_key(DH *dh, unsigned char *out, const BIGNUM *pub_key) { } if (dh->priv_key == NULL) { - OPENSSL_PUT_ERROR(DH, compute_key, DH_R_NO_PRIVATE_VALUE); + OPENSSL_PUT_ERROR(DH, DH_R_NO_PRIVATE_VALUE); goto err; } @@ -290,14 +290,14 @@ static int compute_key(DH *dh, unsigned char *out, const BIGNUM *pub_key) { } if (!DH_check_pub_key(dh, pub_key, &check_result) || check_result) { - OPENSSL_PUT_ERROR(DH, compute_key, DH_R_INVALID_PUBKEY); + OPENSSL_PUT_ERROR(DH, DH_R_INVALID_PUBKEY); goto err; } BN_with_flags(&local_priv, dh->priv_key, BN_FLG_CONSTTIME); if (!BN_mod_exp_mont(shared_key, pub_key, &local_priv, dh->p, ctx, mont)) { - OPENSSL_PUT_ERROR(DH, compute_key, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(DH, ERR_R_BN_LIB); goto err; } diff --git a/src/crypto/digest/CMakeLists.txt b/src/crypto/digest/CMakeLists.txt index 816d116..856e45a 100644 --- a/src/crypto/digest/CMakeLists.txt +++ b/src/crypto/digest/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( digest diff --git a/src/crypto/digest/digest.c b/src/crypto/digest/digest.c index f09948b..eb71b07 100644 --- a/src/crypto/digest/digest.c +++ b/src/crypto/digest/digest.c @@ -116,8 +116,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) { uint8_t *tmp_buf = NULL; if (in == NULL || in->digest == NULL) { - OPENSSL_PUT_ERROR(DIGEST, EVP_MD_CTX_copy_ex, - DIGEST_R_INPUT_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(DIGEST, DIGEST_R_INPUT_NOT_INITIALIZED); return 0; } @@ -130,15 +129,15 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) { } EVP_MD_CTX_cleanup(out); - memcpy(out, in, sizeof(EVP_MD_CTX)); + out->digest = in->digest; if (in->md_data && in->digest->ctx_size) { if (tmp_buf) { out->md_data = tmp_buf; } else { out->md_data = OPENSSL_malloc(in->digest->ctx_size); if (!out->md_data) { - OPENSSL_PUT_ERROR(DIGEST, EVP_MD_CTX_copy_ex, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(DIGEST, ERR_R_MALLOC_FAILURE); return 0; } } @@ -146,6 +145,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) { } assert(in->pctx == NULL || in->pctx_ops != NULL); + out->pctx_ops = in->pctx_ops; if (in->pctx && in->pctx_ops) { out->pctx = in->pctx_ops->dup(in->pctx); if (!out->pctx) { @@ -164,30 +164,20 @@ int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in) { int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *engine) { if (ctx->digest != type) { - if (ctx->digest && ctx->digest->ctx_size) { + if (ctx->digest && ctx->digest->ctx_size > 0) { OPENSSL_free(ctx->md_data); } ctx->digest = type; - if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) { - ctx->update = type->update; + if (type->ctx_size > 0) { ctx->md_data = OPENSSL_malloc(type->ctx_size); if (ctx->md_data == NULL) { - OPENSSL_PUT_ERROR(DIGEST, EVP_DigestInit_ex, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(DIGEST, ERR_R_MALLOC_FAILURE); return 0; } } } assert(ctx->pctx == NULL || ctx->pctx_ops != NULL); - if (ctx->pctx_ops) { - if (!ctx->pctx_ops->begin_digest(ctx)) { - return 0; - } - } - - if (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) { - return 1; - } ctx->digest->init(ctx); return 1; @@ -199,7 +189,7 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) { } int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t len) { - ctx->update(ctx, data, len); + ctx->digest->update(ctx, data, len); return 1; } @@ -214,7 +204,7 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, uint8_t *md_out, unsigned int *size) { } int EVP_DigestFinal(EVP_MD_CTX *ctx, uint8_t *md, unsigned int *size) { - EVP_DigestFinal_ex(ctx, md, size); + (void)EVP_DigestFinal_ex(ctx, md, size); EVP_MD_CTX_cleanup(ctx); return 1; } @@ -253,10 +243,6 @@ int EVP_MD_CTX_type(const EVP_MD_CTX *ctx) { return EVP_MD_type(EVP_MD_CTX_md(ctx)); } -void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, uint32_t flags) { - ctx->flags |= flags; -} - int EVP_add_digest(const EVP_MD *digest) { return 1; } diff --git a/src/crypto/digest/digests.c b/src/crypto/digest/digests.c index f5eda36..3307f26 100644 --- a/src/crypto/digest/digests.c +++ b/src/crypto/digest/digests.c @@ -67,7 +67,7 @@ #include "internal.h" #if defined(NDEBUG) -#define CHECK(x) x +#define CHECK(x) (void) (x) #else #define CHECK(x) assert(x) #endif @@ -262,6 +262,7 @@ struct nid_to_digest { }; static const struct nid_to_digest nid_to_digest_mapping[] = { + { NID_md4, EVP_md4, SN_md4, LN_md4 }, { NID_md5, EVP_md5, SN_md5, LN_md5 }, { NID_sha1, EVP_sha1, SN_sha1, LN_sha1 }, { NID_sha224, EVP_sha224, SN_sha224, LN_sha224 }, diff --git a/src/crypto/digest/internal.h b/src/crypto/digest/internal.h index 1572fa8..e3d812a 100644 --- a/src/crypto/digest/internal.h +++ b/src/crypto/digest/internal.h @@ -92,7 +92,7 @@ struct env_md_st { }; /* evp_md_pctx_ops contains function pointers to allow the |pctx| member of - * |EVP_MD_CTX| to be manipulated without breaking laying by calling EVP + * |EVP_MD_CTX| to be manipulated without breaking layering by calling EVP * functions. */ struct evp_md_pctx_ops { /* free is called when an |EVP_MD_CTX| is being freed and the |pctx| also @@ -102,23 +102,8 @@ struct evp_md_pctx_ops { /* dup is called when an |EVP_MD_CTX| is copied and so the |pctx| also needs * to be copied. */ EVP_PKEY_CTX* (*dup) (EVP_PKEY_CTX *pctx); - - /* begin_digest is called when a new digest operation is started. It returns - * one on success and zero otherwise. */ - int (*begin_digest) (EVP_MD_CTX *ctx); }; -/* EVP_MD_CTX_set_flags ORs |flags| into the flags member of |ctx|. */ -OPENSSL_EXPORT void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, uint32_t flags); - -/* EVP_MD_CTX_FLAG_NO_INIT causes the |EVP_MD|'s |init| function not to be - * called, the |update| member not to be copied from the |EVP_MD| in - * |EVP_DigestInit_ex| and for |md_data| not to be initialised. - * - * TODO(davidben): This is an implementation detail of |EVP_PKEY_HMAC| and can - * be removed when it is gone. */ -#define EVP_MD_CTX_FLAG_NO_INIT 1 - #if defined(__cplusplus) } /* extern C */ diff --git a/src/crypto/dsa/CMakeLists.txt b/src/crypto/dsa/CMakeLists.txt index 1bb8b63..e8b7793 100644 --- a/src/crypto/dsa/CMakeLists.txt +++ b/src/crypto/dsa/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( dsa diff --git a/src/crypto/dsa/dsa.c b/src/crypto/dsa/dsa.c index 65444b1..3ff29c4 100644 --- a/src/crypto/dsa/dsa.c +++ b/src/crypto/dsa/dsa.c @@ -82,7 +82,7 @@ DSA *DSA_new(void) { return DSA_new_method(NULL); } DSA *DSA_new_method(const ENGINE *engine) { DSA *dsa = (DSA *)OPENSSL_malloc(sizeof(DSA)); if (dsa == NULL) { - OPENSSL_PUT_ERROR(DSA, DSA_new_method, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(DSA, ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/src/crypto/dsa/dsa_asn1.c b/src/crypto/dsa/dsa_asn1.c index 933fba7..b6b3fa4 100644 --- a/src/crypto/dsa/dsa_asn1.c +++ b/src/crypto/dsa/dsa_asn1.c @@ -73,7 +73,7 @@ static int dsa_sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, DSA_SIG *sig; sig = OPENSSL_malloc(sizeof(DSA_SIG)); if (!sig) { - OPENSSL_PUT_ERROR(DSA, dsa_sig_cb, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(DSA, ERR_R_MALLOC_FAILURE); return 0; } diff --git a/src/crypto/dsa/dsa_impl.c b/src/crypto/dsa/dsa_impl.c index 2ab8ba8..b10610d 100644 --- a/src/crypto/dsa/dsa_impl.c +++ b/src/crypto/dsa/dsa_impl.c @@ -83,7 +83,7 @@ static int sign_setup(const DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, int ret = 0; if (!dsa->p || !dsa->q || !dsa->g) { - OPENSSL_PUT_ERROR(DSA, sign_setup, DSA_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(DSA, DSA_R_MISSING_PARAMETERS); return 0; } @@ -171,7 +171,7 @@ static int sign_setup(const DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, err: if (!ret) { - OPENSSL_PUT_ERROR(DSA, sign_setup, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(DSA, ERR_R_BN_LIB); if (r != NULL) { BN_clear_free(r); } @@ -269,7 +269,7 @@ redo: err: if (!ret) { - OPENSSL_PUT_ERROR(DSA, sign, reason); + OPENSSL_PUT_ERROR(DSA, reason); BN_free(r); BN_free(s); } @@ -292,19 +292,19 @@ static int verify(int *out_valid, const uint8_t *dgst, size_t digest_len, *out_valid = 0; if (!dsa->p || !dsa->q || !dsa->g) { - OPENSSL_PUT_ERROR(DSA, verify, DSA_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(DSA, DSA_R_MISSING_PARAMETERS); return 0; } i = BN_num_bits(dsa->q); /* fips 186-3 allows only different sizes for q */ if (i != 160 && i != 224 && i != 256) { - OPENSSL_PUT_ERROR(DSA, verify, DSA_R_BAD_Q_VALUE); + OPENSSL_PUT_ERROR(DSA, DSA_R_BAD_Q_VALUE); return 0; } if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) { - OPENSSL_PUT_ERROR(DSA, verify, DSA_R_MODULUS_TOO_LARGE); + OPENSSL_PUT_ERROR(DSA, DSA_R_MODULUS_TOO_LARGE); return 0; } @@ -381,7 +381,7 @@ static int verify(int *out_valid, const uint8_t *dgst, size_t digest_len, err: if (ret != 1) { - OPENSSL_PUT_ERROR(DSA, verify, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(DSA, ERR_R_BN_LIB); } BN_CTX_free(ctx); BN_free(&u1); @@ -487,16 +487,14 @@ static int paramgen(DSA *ret, unsigned bits, const uint8_t *seed_in, bits = (bits + 63) / 64 * 64; - /* NB: seed_len == 0 is special case: copy generated seed to - * seed_in if it is not NULL. */ - if (seed_len && (seed_len < (size_t)qsize)) { - seed_in = NULL; /* seed buffer too small -- ignore */ - } - if (seed_len > (size_t)qsize) { - seed_len = qsize; /* App. 2.2 of FIPS PUB 186 allows larger SEED, - * but our internal buffers are restricted to 160 bits*/ - } if (seed_in != NULL) { + if (seed_len < (size_t)qsize) { + return 0; + } + if (seed_len > (size_t)qsize) { + /* Only consume as much seed as is expected. */ + seed_len = qsize; + } memcpy(seed, seed_in, seed_len); } @@ -527,21 +525,19 @@ static int paramgen(DSA *ret, unsigned bits, const uint8_t *seed_in, for (;;) { /* Find q. */ for (;;) { - int seed_is_random; - /* step 1 */ if (!BN_GENCB_call(cb, 0, m++)) { goto err; } - if (!seed_len) { + int use_random_seed = (seed_in == NULL); + if (use_random_seed) { if (!RAND_bytes(seed, qsize)) { goto err; } - seed_is_random = 1; } else { - seed_is_random = 0; - seed_len = 0; /* use random seed if 'seed_in' turns out to be bad*/ + /* If we come back through, use random seed next time. */ + seed_in = NULL; } memcpy(buf, seed, qsize); memcpy(buf2, seed, qsize); @@ -570,7 +566,7 @@ static int paramgen(DSA *ret, unsigned bits, const uint8_t *seed_in, } /* step 4 */ - r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx, seed_is_random, cb); + r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx, use_random_seed, cb); if (r > 0) { break; } diff --git a/src/crypto/ec/CMakeLists.txt b/src/crypto/ec/CMakeLists.txt index b5ebefa..38a91f8 100644 --- a/src/crypto/ec/CMakeLists.txt +++ b/src/crypto/ec/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( ec diff --git a/src/crypto/ec/ec.c b/src/crypto/ec/ec.c index f38eba6..3117f16 100644 --- a/src/crypto/ec/ec.c +++ b/src/crypto/ec/ec.c @@ -222,7 +222,11 @@ const struct built_in_curve OPENSSL_built_in_curves[] = { {NID_secp224r1, &P224, 0}, { NID_X9_62_prime256v1, &P256, -#if defined(OPENSSL_64_BIT) && !defined(OPENSSL_WINDOWS) + /* MSAN appears to have a bug that causes this P-256 code to be miscompiled + * in opt mode. While that is being looked at, don't run the uint128_t + * P-256 code under MSAN for now. */ +#if defined(OPENSSL_64_BIT) && !defined(OPENSSL_WINDOWS) && \ + !defined(MEMORY_SANITIZER) EC_GFp_nistp256_method, #else 0, @@ -237,18 +241,18 @@ EC_GROUP *ec_group_new(const EC_METHOD *meth) { EC_GROUP *ret; if (meth == NULL) { - OPENSSL_PUT_ERROR(EC, ec_group_new, EC_R_SLOT_FULL); + OPENSSL_PUT_ERROR(EC, EC_R_SLOT_FULL); return NULL; } if (meth->group_init == 0) { - OPENSSL_PUT_ERROR(EC, ec_group_new, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return NULL; } ret = OPENSSL_malloc(sizeof(EC_GROUP)); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, ec_group_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); return NULL; } memset(ret, 0, sizeof(EC_GROUP)); @@ -276,8 +280,7 @@ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, } if (ret->meth->group_set_curve == 0) { - OPENSSL_PUT_ERROR(EC, EC_GROUP_new_curve_GFp, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (!ret->meth->group_set_curve(ret, p, a, b, ctx)) { @@ -329,7 +332,7 @@ static EC_GROUP *ec_group_new_from_data(const struct built_in_curve *curve) { EC_GROUP *group = NULL; EC_POINT *P = NULL; BN_CTX *ctx = NULL; - BIGNUM *p = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL, *order = NULL; + BIGNUM *p = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL; int ok = 0; unsigned param_len; const EC_METHOD *meth; @@ -337,7 +340,7 @@ static EC_GROUP *ec_group_new_from_data(const struct built_in_curve *curve) { const uint8_t *params; if ((ctx = BN_CTX_new()) == NULL) { - OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } @@ -348,7 +351,7 @@ static EC_GROUP *ec_group_new_from_data(const struct built_in_curve *curve) { if (!(p = BN_bin2bn(params + 0 * param_len, param_len, NULL)) || !(a = BN_bin2bn(params + 1 * param_len, param_len, NULL)) || !(b = BN_bin2bn(params + 2 * param_len, param_len, NULL))) { - OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); goto err; } @@ -356,45 +359,39 @@ static EC_GROUP *ec_group_new_from_data(const struct built_in_curve *curve) { meth = curve->method(); if (((group = ec_group_new(meth)) == NULL) || (!(group->meth->group_set_curve(group, p, a, b, ctx)))) { - OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } } else { if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL) { - OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } } if ((P = EC_POINT_new(group)) == NULL) { - OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } if (!(x = BN_bin2bn(params + 3 * param_len, param_len, NULL)) || !(y = BN_bin2bn(params + 4 * param_len, param_len, NULL))) { - OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); goto err; } if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx)) { - OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } - if (!(order = BN_bin2bn(params + 5 * param_len, param_len, NULL)) || - !BN_set_word(x, (BN_ULONG)data->cofactor)) { - OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_BN_LIB); + if (!BN_bin2bn(params + 5 * param_len, param_len, &group->order) || + !BN_set_word(&group->cofactor, (BN_ULONG)data->cofactor)) { + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); goto err; } group->generator = P; P = NULL; - if (!BN_copy(&group->order, order) || - !BN_set_word(&group->cofactor, (BN_ULONG)data->cofactor)) { - OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_BN_LIB); - goto err; - } - ok = 1; err: @@ -407,7 +404,6 @@ err: BN_free(p); BN_free(a); BN_free(b); - BN_free(order); BN_free(x); BN_free(y); return group; @@ -427,7 +423,7 @@ EC_GROUP *EC_GROUP_new_by_curve_name(int nid) { } if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, EC_GROUP_new_by_curve_name, EC_R_UNKNOWN_GROUP); + OPENSSL_PUT_ERROR(EC, EC_R_UNKNOWN_GROUP); return NULL; } @@ -455,11 +451,11 @@ void EC_GROUP_free(EC_GROUP *group) { int ec_group_copy(EC_GROUP *dest, const EC_GROUP *src) { if (dest->meth->group_copy == 0) { - OPENSSL_PUT_ERROR(EC, EC_GROUP_copy, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (dest->meth != src->meth) { - OPENSSL_PUT_ERROR(EC, EC_GROUP_copy, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } if (dest == src) { @@ -554,8 +550,7 @@ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *out_p, BIGNUM *out_a, BIGNUM *out_b, BN_CTX *ctx) { if (group->meth->group_get_curve == 0) { - OPENSSL_PUT_ERROR(EC, EC_GROUP_get_curve_GFp, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } return group->meth->group_get_curve(group, out_p, out_a, out_b, ctx); @@ -565,8 +560,7 @@ int EC_GROUP_get_curve_name(const EC_GROUP *group) { return group->curve_name; } int EC_GROUP_get_degree(const EC_GROUP *group) { if (group->meth->group_get_degree == 0) { - OPENSSL_PUT_ERROR(EC, EC_GROUP_get_degree, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } return group->meth->group_get_degree(group); @@ -602,17 +596,17 @@ EC_POINT *EC_POINT_new(const EC_GROUP *group) { EC_POINT *ret; if (group == NULL) { - OPENSSL_PUT_ERROR(EC, EC_POINT_new, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return NULL; } if (group->meth->point_init == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINT_new, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return NULL; } ret = OPENSSL_malloc(sizeof *ret); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, EC_POINT_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); return NULL; } @@ -653,11 +647,11 @@ void EC_POINT_clear_free(EC_POINT *point) { int EC_POINT_copy(EC_POINT *dest, const EC_POINT *src) { if (dest->meth->point_copy == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINT_copy, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (dest->meth != src->meth) { - OPENSSL_PUT_ERROR(EC, EC_POINT_copy, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } if (dest == src) { @@ -676,7 +670,7 @@ EC_POINT *EC_POINT_dup(const EC_POINT *a, const EC_GROUP *group) { t = EC_POINT_new(group); if (t == NULL) { - OPENSSL_PUT_ERROR(EC, EC_POINT_dup, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); return NULL; } r = EC_POINT_copy(t, a); @@ -690,12 +684,11 @@ EC_POINT *EC_POINT_dup(const EC_POINT *a, const EC_GROUP *group) { int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point) { if (group->meth->point_set_to_infinity == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINT_set_to_infinity, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_POINT_set_to_infinity, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->point_set_to_infinity(group, point); @@ -703,12 +696,11 @@ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point) { int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *point) { if (group->meth->is_at_infinity == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINT_is_at_infinity, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_POINT_is_at_infinity, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->is_at_infinity(group, point); @@ -717,12 +709,11 @@ int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *point) { int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx) { if (group->meth->is_on_curve == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINT_is_on_curve, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_POINT_is_on_curve, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->is_on_curve(group, point, ctx); @@ -731,11 +722,11 @@ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx) { if (group->meth->point_cmp == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINT_cmp, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return -1; } if ((group->meth != a->meth) || (a->meth != b->meth)) { - OPENSSL_PUT_ERROR(EC, EC_POINT_cmp, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return -1; } return group->meth->point_cmp(group, a, b, ctx); @@ -743,12 +734,11 @@ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx) { if (group->meth->make_affine == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINT_make_affine, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_POINT_make_affine, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->make_affine(group, point, ctx); @@ -759,13 +749,12 @@ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], size_t i; if (group->meth->points_make_affine == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINTs_make_affine, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } for (i = 0; i < num; i++) { if (group->meth != points[i]->meth) { - OPENSSL_PUT_ERROR(EC, EC_POINTs_make_affine, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } } @@ -776,13 +765,11 @@ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, const EC_POINT *point, BIGNUM *x, BIGNUM *y, BN_CTX *ctx) { if (group->meth->point_get_affine_coordinates == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINT_get_affine_coordinates_GFp, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_POINT_get_affine_coordinates_GFp, - EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->point_get_affine_coordinates(group, point, x, y, ctx); @@ -792,13 +779,11 @@ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx) { if (group->meth->point_set_affine_coordinates == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINT_set_affine_coordinates_GFp, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_POINT_set_affine_coordinates_GFp, - EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->point_set_affine_coordinates(group, point, x, y, ctx); @@ -807,12 +792,12 @@ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx) { if (group->meth->add == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINT_add, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if ((group->meth != r->meth) || (r->meth != a->meth) || (a->meth != b->meth)) { - OPENSSL_PUT_ERROR(EC, EC_POINT_add, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->add(group, r, a, b, ctx); @@ -822,11 +807,11 @@ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx) { if (group->meth->dbl == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINT_dbl, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if ((group->meth != r->meth) || (r->meth != a->meth)) { - OPENSSL_PUT_ERROR(EC, EC_POINT_dbl, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->dbl(group, r, a, ctx); @@ -835,11 +820,11 @@ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx) { if (group->meth->invert == 0) { - OPENSSL_PUT_ERROR(EC, EC_POINT_invert, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != a->meth) { - OPENSSL_PUT_ERROR(EC, EC_POINT_invert, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->invert(group, a, ctx); @@ -874,13 +859,11 @@ int ec_point_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *po const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx) { if (group->meth->point_set_Jprojective_coordinates_GFp == 0) { - OPENSSL_PUT_ERROR(EC, ec_point_set_Jprojective_coordinates_GFp, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, ec_point_set_Jprojective_coordinates_GFp, - EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->point_set_Jprojective_coordinates_GFp(group, point, x, y, diff --git a/src/crypto/ec/ec_asn1.c b/src/crypto/ec/ec_asn1.c index ff3dca6..31d8944 100644 --- a/src/crypto/ec/ec_asn1.c +++ b/src/crypto/ec/ec_asn1.c @@ -168,7 +168,7 @@ ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *group, if (ret == NULL) { ret = ECPKPARAMETERS_new(); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, ec_asn1_group2pkparameters, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); return NULL; } } else { @@ -196,7 +196,7 @@ EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *params) { int nid = NID_undef; if (params == NULL) { - OPENSSL_PUT_ERROR(EC, ec_asn1_pkparameters2group, EC_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(EC, EC_R_MISSING_PARAMETERS); return NULL; } @@ -222,14 +222,13 @@ EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *params) { } if (nid == NID_undef) { - OPENSSL_PUT_ERROR(EC, ec_asn1_pkparameters2group, EC_R_NON_NAMED_CURVE); + OPENSSL_PUT_ERROR(EC, EC_R_NON_NAMED_CURVE); return NULL; } ret = EC_GROUP_new_by_curve_name(nid); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, ec_asn1_pkparameters2group, - EC_R_EC_GROUP_NEW_BY_NAME_FAILURE); + OPENSSL_PUT_ERROR(EC, EC_R_EC_GROUP_NEW_BY_NAME_FAILURE); return NULL; } @@ -243,14 +242,14 @@ static EC_GROUP *d2i_ECPKParameters(EC_GROUP **groupp, const uint8_t **inp, params = d2i_ECPKPARAMETERS(NULL, inp, len); if (params == NULL) { - OPENSSL_PUT_ERROR(EC, d2i_ECPKParameters, EC_R_D2I_ECPKPARAMETERS_FAILURE); + OPENSSL_PUT_ERROR(EC, EC_R_D2I_ECPKPARAMETERS_FAILURE); ECPKPARAMETERS_free(params); return NULL; } group = ec_asn1_pkparameters2group(params); if (group == NULL) { - OPENSSL_PUT_ERROR(EC, d2i_ECPKParameters, EC_R_PKPARAMETERS2GROUP_FAILURE); + OPENSSL_PUT_ERROR(EC, EC_R_PKPARAMETERS2GROUP_FAILURE); ECPKPARAMETERS_free(params); return NULL; } @@ -268,12 +267,12 @@ static int i2d_ECPKParameters(const EC_GROUP *group, uint8_t **outp) { int ret = 0; ECPKPARAMETERS *tmp = ec_asn1_group2pkparameters(group, NULL); if (tmp == NULL) { - OPENSSL_PUT_ERROR(EC, i2d_ECPKParameters, EC_R_GROUP2PKPARAMETERS_FAILURE); + OPENSSL_PUT_ERROR(EC, EC_R_GROUP2PKPARAMETERS_FAILURE); return 0; } ret = i2d_ECPKPARAMETERS(tmp, outp); if (ret == 0) { - OPENSSL_PUT_ERROR(EC, i2d_ECPKParameters, EC_R_I2D_ECPKPARAMETERS_FAILURE); + OPENSSL_PUT_ERROR(EC, EC_R_I2D_ECPKPARAMETERS_FAILURE); ECPKPARAMETERS_free(tmp); return 0; } @@ -288,14 +287,14 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const uint8_t **in, long len) { priv_key = d2i_EC_PRIVATEKEY(NULL, in, len); if (priv_key == NULL) { - OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); return NULL; } if (a == NULL || *a == NULL) { ret = EC_KEY_new(); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } } else { @@ -308,7 +307,7 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const uint8_t **in, long len) { } if (ret->group == NULL) { - OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } @@ -319,18 +318,18 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const uint8_t **in, long len) { BN_bin2bn(M_ASN1_STRING_data(priv_key->privateKey), M_ASN1_STRING_length(priv_key->privateKey), ret->priv_key); if (ret->priv_key == NULL) { - OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); goto err; } } else { - OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, EC_R_MISSING_PRIVATE_KEY); + OPENSSL_PUT_ERROR(EC, EC_R_MISSING_PRIVATE_KEY); goto err; } EC_POINT_free(ret->pub_key); ret->pub_key = EC_POINT_new(ret->group); if (ret->pub_key == NULL) { - OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } @@ -342,20 +341,20 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const uint8_t **in, long len) { pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey); /* The first byte (the point conversion form) must be present. */ if (pub_oct_len <= 0) { - OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, EC_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EC, EC_R_BUFFER_TOO_SMALL); goto err; } /* Save the point conversion form. */ ret->conv_form = (point_conversion_form_t)(pub_oct[0] & ~0x01); if (!EC_POINT_oct2point(ret->group, ret->pub_key, pub_oct, pub_oct_len, NULL)) { - OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } } else { if (!EC_POINT_mul(ret->group, ret->pub_key, ret->priv_key, NULL, NULL, NULL)) { - OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } /* Remember the original private-key-only encoding. */ @@ -387,13 +386,13 @@ int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { EC_PRIVATEKEY *priv_key = NULL; if (key == NULL || key->group == NULL || key->priv_key == NULL) { - OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); goto err; } priv_key = EC_PRIVATEKEY_new(); if (priv_key == NULL) { - OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } @@ -402,17 +401,17 @@ int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { buf_len = BN_num_bytes(&key->group->order); buffer = OPENSSL_malloc(buf_len); if (buffer == NULL) { - OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } if (!BN_bn2bin_padded(buffer, buf_len, key->priv_key)) { - OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); goto err; } if (!M_ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len)) { - OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_ASN1_LIB); goto err; } @@ -420,7 +419,7 @@ int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { if (!(key->enc_flag & EC_PKEY_NO_PARAMETERS)) { if ((priv_key->parameters = ec_asn1_group2pkparameters( key->group, priv_key->parameters)) == NULL) { - OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } } @@ -429,7 +428,7 @@ int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { if (!(key->enc_flag & EC_PKEY_NO_PUBKEY) && key->pub_key != NULL) { priv_key->publicKey = M_ASN1_BIT_STRING_new(); if (priv_key->publicKey == NULL) { - OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } @@ -439,7 +438,7 @@ int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { if (tmp_len > buf_len) { uint8_t *tmp_buffer = OPENSSL_realloc(buffer, tmp_len); if (!tmp_buffer) { - OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } buffer = tmp_buffer; @@ -448,21 +447,21 @@ int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { if (!EC_POINT_point2oct(key->group, key->pub_key, key->conv_form, buffer, buf_len, NULL)) { - OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } priv_key->publicKey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); priv_key->publicKey->flags |= ASN1_STRING_FLAG_BITS_LEFT; if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer, buf_len)) { - OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_ASN1_LIB); goto err; } } ret = i2d_EC_PRIVATEKEY(priv_key, outp); if (ret == 0) { - OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } ok = 1; @@ -475,7 +474,7 @@ err: int i2d_ECParameters(const EC_KEY *key, uint8_t **outp) { if (key == NULL) { - OPENSSL_PUT_ERROR(EC, i2d_ECParameters, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return 0; } return i2d_ECPKParameters(key->group, outp); @@ -485,14 +484,14 @@ EC_KEY *d2i_ECParameters(EC_KEY **key, const uint8_t **inp, long len) { EC_KEY *ret; if (inp == NULL || *inp == NULL) { - OPENSSL_PUT_ERROR(EC, d2i_ECParameters, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return NULL; } if (key == NULL || *key == NULL) { ret = EC_KEY_new(); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, d2i_ECParameters, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); return NULL; } } else { @@ -500,7 +499,7 @@ EC_KEY *d2i_ECParameters(EC_KEY **key, const uint8_t **inp, long len) { } if (!d2i_ECPKParameters(&ret->group, inp, len)) { - OPENSSL_PUT_ERROR(EC, d2i_ECParameters, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); if (key == NULL || *key == NULL) { EC_KEY_free(ret); } @@ -517,17 +516,17 @@ EC_KEY *o2i_ECPublicKey(EC_KEY **keyp, const uint8_t **inp, long len) { EC_KEY *ret = NULL; if (keyp == NULL || *keyp == NULL || (*keyp)->group == NULL) { - OPENSSL_PUT_ERROR(EC, o2i_ECPublicKey, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return 0; } ret = *keyp; if (ret->pub_key == NULL && (ret->pub_key = EC_POINT_new(ret->group)) == NULL) { - OPENSSL_PUT_ERROR(EC, o2i_ECPublicKey, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); return 0; } if (!EC_POINT_oct2point(ret->group, ret->pub_key, *inp, len, NULL)) { - OPENSSL_PUT_ERROR(EC, o2i_ECPublicKey, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); return 0; } /* save the point conversion form */ @@ -541,7 +540,7 @@ int i2o_ECPublicKey(const EC_KEY *key, uint8_t **outp) { int new_buffer = 0; if (key == NULL) { - OPENSSL_PUT_ERROR(EC, i2o_ECPublicKey, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return 0; } @@ -556,14 +555,14 @@ int i2o_ECPublicKey(const EC_KEY *key, uint8_t **outp) { if (*outp == NULL) { *outp = OPENSSL_malloc(buf_len); if (*outp == NULL) { - OPENSSL_PUT_ERROR(EC, i2o_ECPublicKey, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); return 0; } new_buffer = 1; } if (!EC_POINT_point2oct(key->group, key->pub_key, key->conv_form, *outp, buf_len, NULL)) { - OPENSSL_PUT_ERROR(EC, i2o_ECPublicKey, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); if (new_buffer) { OPENSSL_free(*outp); *outp = NULL; diff --git a/src/crypto/ec/ec_key.c b/src/crypto/ec/ec_key.c index e5cbfed..0defa98 100644 --- a/src/crypto/ec/ec_key.c +++ b/src/crypto/ec/ec_key.c @@ -87,7 +87,7 @@ EC_KEY *EC_KEY_new(void) { return EC_KEY_new_method(NULL); } EC_KEY *EC_KEY_new_method(const ENGINE *engine) { EC_KEY *ret = (EC_KEY *)OPENSSL_malloc(sizeof(EC_KEY)); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, EC_KEY_new_method, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); return NULL; } @@ -127,7 +127,7 @@ err1: EC_KEY *EC_KEY_new_by_curve_name(int nid) { EC_KEY *ret = EC_KEY_new(); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, EC_KEY_new_by_curve_name, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); return NULL; } ret->group = EC_GROUP_new_by_curve_name(nid); @@ -166,7 +166,7 @@ void EC_KEY_free(EC_KEY *r) { EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src) { if (dest == NULL || src == NULL) { - OPENSSL_PUT_ERROR(EC, EC_KEY_copy, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return NULL; } /* Copy the parameters. */ @@ -300,12 +300,12 @@ int EC_KEY_check_key(const EC_KEY *eckey) { EC_POINT *point = NULL; if (!eckey || !eckey->group || !eckey->pub_key) { - OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return 0; } if (EC_POINT_is_at_infinity(eckey->group, eckey->pub_key)) { - OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, EC_R_POINT_AT_INFINITY); + OPENSSL_PUT_ERROR(EC, EC_R_POINT_AT_INFINITY); goto err; } @@ -319,7 +319,7 @@ int EC_KEY_check_key(const EC_KEY *eckey) { /* testing whether the pub_key is on the elliptic curve */ if (!EC_POINT_is_on_curve(eckey->group, eckey->pub_key, ctx)) { - OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, EC_R_POINT_IS_NOT_ON_CURVE); + OPENSSL_PUT_ERROR(EC, EC_R_POINT_IS_NOT_ON_CURVE); goto err; } /* testing whether pub_key * order is the point at infinity */ @@ -327,15 +327,15 @@ int EC_KEY_check_key(const EC_KEY *eckey) { * to check the private key, below? */ order = &eckey->group->order; if (BN_is_zero(order)) { - OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, EC_R_INVALID_GROUP_ORDER); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_GROUP_ORDER); goto err; } if (!EC_POINT_mul(eckey->group, point, NULL, eckey->pub_key, order, ctx)) { - OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } if (!EC_POINT_is_at_infinity(eckey->group, point)) { - OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, EC_R_WRONG_ORDER); + OPENSSL_PUT_ERROR(EC, EC_R_WRONG_ORDER); goto err; } /* in case the priv_key is present : @@ -343,15 +343,15 @@ int EC_KEY_check_key(const EC_KEY *eckey) { */ if (eckey->priv_key) { if (BN_cmp(eckey->priv_key, order) >= 0) { - OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, EC_R_WRONG_ORDER); + OPENSSL_PUT_ERROR(EC, EC_R_WRONG_ORDER); goto err; } if (!EC_POINT_mul(eckey->group, point, eckey->priv_key, NULL, NULL, ctx)) { - OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } if (EC_POINT_cmp(eckey->group, point, eckey->pub_key, ctx) != 0) { - OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, EC_R_INVALID_PRIVATE_KEY); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_PRIVATE_KEY); goto err; } } @@ -371,8 +371,7 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, int ok = 0; if (!key || !key->group || !x || !y) { - OPENSSL_PUT_ERROR(EC, EC_KEY_set_public_key_affine_coordinates, - ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return 0; } ctx = BN_CTX_new(); @@ -394,8 +393,7 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, /* Check if retrieved coordinates match originals: if not values * are out of range. */ if (BN_cmp(x, tx) || BN_cmp(y, ty)) { - OPENSSL_PUT_ERROR(EC, EC_KEY_set_public_key_affine_coordinates, - EC_R_COORDINATES_OUT_OF_RANGE); + OPENSSL_PUT_ERROR(EC, EC_R_COORDINATES_OUT_OF_RANGE); goto err; } @@ -422,7 +420,7 @@ int EC_KEY_generate_key(EC_KEY *eckey) { EC_POINT *pub_key = NULL; if (!eckey || !eckey->group) { - OPENSSL_PUT_ERROR(EC, EC_KEY_generate_key, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return 0; } diff --git a/src/crypto/ec/ec_montgomery.c b/src/crypto/ec/ec_montgomery.c index 74dbc6c..b897000 100644 --- a/src/crypto/ec/ec_montgomery.c +++ b/src/crypto/ec/ec_montgomery.c @@ -200,7 +200,7 @@ int ec_GFp_mont_group_set_curve(EC_GROUP *group, const BIGNUM *p, goto err; } if (!BN_MONT_CTX_set(mont, p, ctx)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_mont_group_set_curve, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); goto err; } one = BN_new(); @@ -232,7 +232,7 @@ err: int ec_GFp_mont_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) { if (group->mont == NULL) { - OPENSSL_PUT_ERROR(EC, ec_GFp_mont_field_mul, EC_R_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EC, EC_R_NOT_INITIALIZED); return 0; } @@ -242,7 +242,7 @@ int ec_GFp_mont_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, int ec_GFp_mont_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) { if (group->mont == NULL) { - OPENSSL_PUT_ERROR(EC, ec_GFp_mont_field_sqr, EC_R_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EC, EC_R_NOT_INITIALIZED); return 0; } @@ -252,7 +252,7 @@ int ec_GFp_mont_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, int ec_GFp_mont_field_encode(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) { if (group->mont == NULL) { - OPENSSL_PUT_ERROR(EC, ec_GFp_mont_field_encode, EC_R_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EC, EC_R_NOT_INITIALIZED); return 0; } @@ -262,7 +262,7 @@ int ec_GFp_mont_field_encode(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, int ec_GFp_mont_field_decode(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) { if (group->mont == NULL) { - OPENSSL_PUT_ERROR(EC, ec_GFp_mont_field_decode, EC_R_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EC, EC_R_NOT_INITIALIZED); return 0; } @@ -272,7 +272,7 @@ int ec_GFp_mont_field_decode(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, int ec_GFp_mont_field_set_to_one(const EC_GROUP *group, BIGNUM *r, BN_CTX *ctx) { if (group->one == NULL) { - OPENSSL_PUT_ERROR(EC, ec_GFp_mont_field_set_to_one, EC_R_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EC, EC_R_NOT_INITIALIZED); return 0; } diff --git a/src/crypto/ec/oct.c b/src/crypto/ec/oct.c index 816a42f..cb50e17 100644 --- a/src/crypto/ec/oct.c +++ b/src/crypto/ec/oct.c @@ -85,7 +85,7 @@ static size_t ec_GFp_simple_point2oct(const EC_GROUP *group, if ((form != POINT_CONVERSION_COMPRESSED) && (form != POINT_CONVERSION_UNCOMPRESSED)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, EC_R_INVALID_FORM); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_FORM); goto err; } @@ -93,7 +93,7 @@ static size_t ec_GFp_simple_point2oct(const EC_GROUP *group, /* encodes to a single 0 octet */ if (buf != NULL) { if (len < 1) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, EC_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EC, EC_R_BUFFER_TOO_SMALL); return 0; } buf[0] = 0; @@ -110,7 +110,7 @@ static size_t ec_GFp_simple_point2oct(const EC_GROUP *group, /* if 'buf' is NULL, just return required length */ if (buf != NULL) { if (len < ret) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, EC_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EC, EC_R_BUFFER_TOO_SMALL); goto err; } @@ -142,21 +142,21 @@ static size_t ec_GFp_simple_point2oct(const EC_GROUP *group, i = 1; if (!BN_bn2bin_padded(buf + i, field_len, x)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } i += field_len; if (form == POINT_CONVERSION_UNCOMPRESSED) { if (!BN_bn2bin_padded(buf + i, field_len, y)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } i += field_len; } if (i != ret) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } } @@ -187,7 +187,7 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, int ret = 0; if (len == 0) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EC, EC_R_BUFFER_TOO_SMALL); return 0; } form = buf[0]; @@ -195,17 +195,17 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, form = form & ~1U; if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED) && (form != POINT_CONVERSION_UNCOMPRESSED)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING); return 0; } if ((form == 0 || form == POINT_CONVERSION_UNCOMPRESSED) && y_bit) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING); return 0; } if (form == 0) { if (len != 1) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING); return 0; } @@ -217,7 +217,7 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, (form == POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len; if (len != enc_len) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING); return 0; } @@ -231,7 +231,7 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, BN_CTX_start(ctx); x = BN_CTX_get(ctx); y = BN_CTX_get(ctx); - if (y == NULL) { + if (x == NULL || y == NULL) { goto err; } @@ -239,7 +239,7 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, goto err; } if (BN_ucmp(x, &group->field) >= 0) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING); goto err; } @@ -252,7 +252,7 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, goto err; } if (BN_ucmp(y, &group->field) >= 0) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING); goto err; } @@ -263,7 +263,7 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, /* test required by X9.62 */ if (!EC_POINT_is_on_curve(group, point, ctx)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_POINT_IS_NOT_ON_CURVE); + OPENSSL_PUT_ERROR(EC, EC_R_POINT_IS_NOT_ON_CURVE); goto err; } @@ -279,12 +279,11 @@ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *point, const uint8_t *buf, size_t len, BN_CTX *ctx) { if (group->meth->oct2point == 0 && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) { - OPENSSL_PUT_ERROR(EC, EC_POINT_oct2point, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_POINT_oct2point, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) { @@ -299,12 +298,11 @@ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *point, size_t len, BN_CTX *ctx) { if (group->meth->point2oct == 0 && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) { - OPENSSL_PUT_ERROR(EC, EC_POINT_point2oct, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_POINT_point2oct, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) { @@ -406,9 +404,9 @@ int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, if (ERR_GET_LIB(err) == ERR_LIB_BN && ERR_GET_REASON(err) == BN_R_NOT_A_SQUARE) { ERR_clear_error(); - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, EC_R_INVALID_COMPRESSED_POINT); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_COMPRESSED_POINT); } else { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); } goto err; } @@ -423,12 +421,10 @@ int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, } if (kron == 1) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, - EC_R_INVALID_COMPRESSION_BIT); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_COMPRESSION_BIT); } else { /* BN_mod_sqrt() should have cought this error (not a square) */ - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, - EC_R_INVALID_COMPRESSED_POINT); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_COMPRESSED_POINT); } goto err; } @@ -437,8 +433,7 @@ int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, } } if (y_bit != BN_is_odd(y)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, - ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } @@ -459,13 +454,11 @@ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, int y_bit, BN_CTX *ctx) { if (group->meth->point_set_compressed_coordinates == 0 && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) { - OPENSSL_PUT_ERROR(EC, EC_POINT_set_compressed_coordinates_GFp, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_POINT_set_compressed_coordinates_GFp, - EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) { diff --git a/src/crypto/ec/p256-64.c b/src/crypto/ec/p256-64.c index fdb942c..3946b29 100644 --- a/src/crypto/ec/p256-64.c +++ b/src/crypto/ec/p256-64.c @@ -125,7 +125,7 @@ static void flip_endian(u8 *out, const u8 *in, unsigned len) { /* BN_to_felem converts an OpenSSL BIGNUM into an felem. */ static int BN_to_felem(felem out, const BIGNUM *bn) { if (BN_is_negative(bn)) { - OPENSSL_PUT_ERROR(EC, BN_to_felem, EC_R_BIGNUM_OUT_OF_RANGE); + OPENSSL_PUT_ERROR(EC, EC_R_BIGNUM_OUT_OF_RANGE); return 0; } @@ -134,7 +134,7 @@ static int BN_to_felem(felem out, const BIGNUM *bn) { memset(b_out, 0, sizeof(b_out)); unsigned num_bytes = BN_num_bytes(bn); if (num_bytes > sizeof(b_out)) { - OPENSSL_PUT_ERROR(EC, BN_to_felem, EC_R_BIGNUM_OUT_OF_RANGE); + OPENSSL_PUT_ERROR(EC, EC_R_BIGNUM_OUT_OF_RANGE); return 0; } @@ -1638,8 +1638,7 @@ int ec_GFp_nistp256_group_set_curve(EC_GROUP *group, const BIGNUM *p, if (BN_cmp(curve_p, p) || BN_cmp(curve_a, a) || BN_cmp(curve_b, b)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_group_set_curve, - EC_R_WRONG_CURVE_PARAMETERS); + OPENSSL_PUT_ERROR(EC, EC_R_WRONG_CURVE_PARAMETERS); goto err; } ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx); @@ -1661,8 +1660,7 @@ int ec_GFp_nistp256_point_get_affine_coordinates(const EC_GROUP *group, longfelem tmp; if (EC_POINT_is_at_infinity(group, point)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_point_get_affine_coordinates, - EC_R_POINT_AT_INFINITY); + OPENSSL_PUT_ERROR(EC, EC_R_POINT_AT_INFINITY); return 0; } if (!BN_to_felem(x_in, &point->X) || @@ -1677,8 +1675,7 @@ int ec_GFp_nistp256_point_get_affine_coordinates(const EC_GROUP *group, felem_reduce(x_in, tmp); felem_contract(x_out, x_in); if (x != NULL && !smallfelem_to_BN(x, x_out)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_point_get_affine_coordinates, - ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); return 0; } felem_mul(tmp, z1, z2); @@ -1687,8 +1684,7 @@ int ec_GFp_nistp256_point_get_affine_coordinates(const EC_GROUP *group, felem_reduce(y_in, tmp); felem_contract(y_out, y_in); if (y != NULL && !smallfelem_to_BN(y, y_out)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_point_get_affine_coordinates, - ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); return 0; } return 1; @@ -1763,7 +1759,7 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, if (!smallfelem_to_BN(x, g_pre_comp[0][1][0]) || !smallfelem_to_BN(y, g_pre_comp[0][1][1]) || !smallfelem_to_BN(z, g_pre_comp[0][1][2])) { - OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_points_mul, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); goto err; } if (!ec_point_set_Jprojective_coordinates_GFp(group, generator, x, y, z, @@ -1794,7 +1790,7 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, } if (secrets == NULL || pre_comp == NULL || (mixed && tmp_smallfelems == NULL)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_points_mul, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } @@ -1818,7 +1814,7 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, /* this is an unusual input, and we don't guarantee * constant-timeness. */ if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_points_mul, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); goto err; } num_bytes = BN_bn2bin(tmp_scalar, tmp); @@ -1863,7 +1859,7 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, /* this is an unusual input, and we don't guarantee * constant-timeness. */ if (!BN_nnmod(tmp_scalar, scalar, &group->order, ctx)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_points_mul, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); goto err; } num_bytes = BN_bn2bin(tmp_scalar, tmp); @@ -1889,7 +1885,7 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, if (!smallfelem_to_BN(x, x_in) || !smallfelem_to_BN(y, y_in) || !smallfelem_to_BN(z, z_in)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_points_mul, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); goto err; } ret = ec_point_set_Jprojective_coordinates_GFp(group, r, x, y, z, ctx); diff --git a/src/crypto/ec/simple.c b/src/crypto/ec/simple.c index 69fd2e4..c62199c 100644 --- a/src/crypto/ec/simple.c +++ b/src/crypto/ec/simple.c @@ -172,7 +172,7 @@ int ec_GFp_simple_group_set_curve(EC_GROUP *group, const BIGNUM *p, /* p must be a prime > 3 */ if (BN_num_bits(p) <= 2 || !BN_is_odd(p)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_group_set_curve, EC_R_INVALID_FIELD); + OPENSSL_PUT_ERROR(EC, EC_R_INVALID_FIELD); return 0; } @@ -283,8 +283,7 @@ int ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx) { if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); if (ctx == NULL) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_group_check_discriminant, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } } @@ -492,8 +491,7 @@ int ec_GFp_simple_point_set_affine_coordinates(const EC_GROUP *group, const BIGNUM *y, BN_CTX *ctx) { if (x == NULL || y == NULL) { /* unlike for projective coordinates, we do not tolerate this */ - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point_set_affine_coordinates, - ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return 0; } @@ -510,8 +508,7 @@ int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, int ret = 0; if (EC_POINT_is_at_infinity(group, point)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point_get_affine_coordinates, - EC_R_POINT_AT_INFINITY); + OPENSSL_PUT_ERROR(EC, EC_R_POINT_AT_INFINITY); return 0; } @@ -527,7 +524,7 @@ int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, Z_1 = BN_CTX_get(ctx); Z_2 = BN_CTX_get(ctx); Z_3 = BN_CTX_get(ctx); - if (Z_3 == NULL) { + if (Z == NULL || Z_1 == NULL || Z_2 == NULL || Z_3 == NULL) { goto err; } @@ -560,8 +557,7 @@ int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, } } else { if (!BN_mod_inverse(Z_1, Z_, &group->field, ctx)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point_get_affine_coordinates, - ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); goto err; } @@ -1183,7 +1179,7 @@ int ec_GFp_simple_make_affine(const EC_GROUP *group, EC_POINT *point, goto err; } if (!point->Z_is_one) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_make_affine, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } @@ -1269,7 +1265,7 @@ int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, * non-zero points[i]->Z by its inverse. */ if (!BN_mod_inverse(tmp, prod_Z[num - 1], &group->field, ctx)) { - OPENSSL_PUT_ERROR(EC, ec_GFp_simple_points_make_affine, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); goto err; } diff --git a/src/crypto/ec/wnaf.c b/src/crypto/ec/wnaf.c index ae0d73f..7fa0e1b 100644 --- a/src/crypto/ec/wnaf.c +++ b/src/crypto/ec/wnaf.c @@ -100,7 +100,7 @@ static EC_PRE_COMP *ec_pre_comp_new(void) { ret = (EC_PRE_COMP *)OPENSSL_malloc(sizeof(EC_PRE_COMP)); if (!ret) { - OPENSSL_PUT_ERROR(EC, ec_pre_comp_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); return ret; } ret->blocksize = 8; /* default */ @@ -158,7 +158,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { if (BN_is_zero(scalar)) { r = OPENSSL_malloc(1); if (!r) { - OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } r[0] = 0; @@ -169,7 +169,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { if (w <= 0 || w > 7) /* 'signed char' can represent integers with absolute values less than 2^7 */ { - OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } bit = 1 << w; /* at most 128 */ @@ -181,7 +181,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { } if (scalar->d == NULL || scalar->top == 0) { - OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } @@ -192,7 +192,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { * (*ret_len will be set to the actual length, i.e. at most * BN_num_bits(scalar) + 1) */ if (r == NULL) { - OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } window_val = scalar->d[0] & mask; @@ -225,7 +225,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { } if (digit <= -bit || digit >= bit || !(digit & 1)) { - OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } @@ -235,7 +235,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { * for modified window NAFs, it may also be 2^w */ if (window_val != 0 && window_val != next_bit && window_val != bit) { - OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } } @@ -246,13 +246,13 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { window_val += bit * BN_is_bit_set(scalar, j + w); if (window_val > next_bit) { - OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } } if (j > len + 1) { - OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } len = j; @@ -316,7 +316,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, int ret = 0; if (group->meth != r->meth) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } @@ -326,7 +326,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, for (i = 0; i < num; i++) { if (group->meth != points[i]->meth) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } } @@ -341,7 +341,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, if (scalar != NULL) { generator = EC_GROUP_get0_generator(group); if (generator == NULL) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, EC_R_UNDEFINED_GENERATOR); + OPENSSL_PUT_ERROR(EC, EC_R_UNDEFINED_GENERATOR); goto err; } @@ -366,7 +366,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, /* check that pre_comp looks sane */ if (pre_comp->num != (pre_comp->numblocks * pre_points_per_block)) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } } else { @@ -391,7 +391,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, } if (!wsize || !wNAF_len || !wNAF || !val_sub) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } @@ -420,7 +420,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, if (pre_comp == NULL) { if (num_scalar != 1) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } /* we have already generated a wNAF for 'scalar' */ @@ -429,7 +429,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t tmp_len = 0; if (num_scalar != 0) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } @@ -463,7 +463,8 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, /* possibly we can do with fewer blocks than estimated */ numblocks = (tmp_len + blocksize - 1) / blocksize; if (numblocks > pre_comp->numblocks) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_free(tmp_wNAF); goto err; } totalnum = num + numblocks; @@ -477,7 +478,8 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, if (i < totalnum - 1) { wNAF_len[i] = blocksize; if (tmp_len < blocksize) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_free(tmp_wNAF); goto err; } tmp_len -= blocksize; @@ -490,7 +492,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, wNAF[i + 1] = NULL; wNAF[i] = OPENSSL_malloc(wNAF_len[i]); if (wNAF[i] == NULL) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); OPENSSL_free(tmp_wNAF); goto err; } @@ -500,7 +502,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, } if (*tmp_points == NULL) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); OPENSSL_free(tmp_wNAF); goto err; } @@ -519,7 +521,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, */ val = OPENSSL_malloc((num_val + 1) * sizeof val[0]); if (val == NULL) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } val[num_val] = NULL; /* pivot element */ @@ -537,7 +539,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, } } if (!(v == val + num_val)) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } @@ -695,7 +697,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) { generator = EC_GROUP_get0_generator(group); if (generator == NULL) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_precompute_mult, EC_R_UNDEFINED_GENERATOR); + OPENSSL_PUT_ERROR(EC, EC_R_UNDEFINED_GENERATOR); return 0; } @@ -721,7 +723,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) { goto err; } if (BN_is_zero(order)) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_precompute_mult, EC_R_UNKNOWN_ORDER); + OPENSSL_PUT_ERROR(EC, EC_R_UNKNOWN_ORDER); goto err; } @@ -749,7 +751,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) { points = OPENSSL_malloc(sizeof(EC_POINT *) * (num + 1)); if (!points) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_precompute_mult, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } @@ -757,13 +759,13 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) { var[num] = NULL; /* pivot */ for (i = 0; i < num; i++) { if ((var[i] = EC_POINT_new(group)) == NULL) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_precompute_mult, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } } if (!(tmp_point = EC_POINT_new(group)) || !(base = EC_POINT_new(group))) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_precompute_mult, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); goto err; } @@ -795,7 +797,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) { size_t k; if (blocksize <= 2) { - OPENSSL_PUT_ERROR(EC, ec_wNAF_precompute_mult, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); goto err; } diff --git a/src/crypto/ecdh/CMakeLists.txt b/src/crypto/ecdh/CMakeLists.txt index 346e72d..8eaeae5 100644 --- a/src/crypto/ecdh/CMakeLists.txt +++ b/src/crypto/ecdh/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( ecdh diff --git a/src/crypto/ecdh/ecdh.c b/src/crypto/ecdh/ecdh.c index a011bab..14856db 100644 --- a/src/crypto/ecdh/ecdh.c +++ b/src/crypto/ecdh/ecdh.c @@ -95,7 +95,7 @@ int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, priv = EC_KEY_get0_private_key(priv_key); if (priv == NULL) { - OPENSSL_PUT_ERROR(ECDH, ECDH_compute_key, ECDH_R_NO_PRIVATE_VALUE); + OPENSSL_PUT_ERROR(ECDH, ECDH_R_NO_PRIVATE_VALUE); goto err; } @@ -103,35 +103,35 @@ int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, tmp = EC_POINT_new(group); if (tmp == NULL) { - OPENSSL_PUT_ERROR(ECDH, ECDH_compute_key, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDH, ERR_R_MALLOC_FAILURE); goto err; } if (!EC_POINT_mul(group, tmp, NULL, pub_key, priv, ctx)) { - OPENSSL_PUT_ERROR(ECDH, ECDH_compute_key, ECDH_R_POINT_ARITHMETIC_FAILURE); + OPENSSL_PUT_ERROR(ECDH, ECDH_R_POINT_ARITHMETIC_FAILURE); goto err; } if (!EC_POINT_get_affine_coordinates_GFp(group, tmp, x, y, ctx)) { - OPENSSL_PUT_ERROR(ECDH, ECDH_compute_key, ECDH_R_POINT_ARITHMETIC_FAILURE); + OPENSSL_PUT_ERROR(ECDH, ECDH_R_POINT_ARITHMETIC_FAILURE); goto err; } buflen = (EC_GROUP_get_degree(group) + 7) / 8; buf = OPENSSL_malloc(buflen); if (buf == NULL) { - OPENSSL_PUT_ERROR(ECDH, ECDH_compute_key, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDH, ERR_R_MALLOC_FAILURE); goto err; } if (!BN_bn2bin_padded(buf, buflen, x)) { - OPENSSL_PUT_ERROR(ECDH, ECDH_compute_key, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(ECDH, ERR_R_INTERNAL_ERROR); goto err; } if (KDF != 0) { if (KDF(buf, buflen, out, &outlen) == NULL) { - OPENSSL_PUT_ERROR(ECDH, ECDH_compute_key, ECDH_R_KDF_FAILED); + OPENSSL_PUT_ERROR(ECDH, ECDH_R_KDF_FAILED); goto err; } ret = outlen; diff --git a/src/crypto/ecdsa/CMakeLists.txt b/src/crypto/ecdsa/CMakeLists.txt index f431e59..e7581be 100644 --- a/src/crypto/ecdsa/CMakeLists.txt +++ b/src/crypto/ecdsa/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( ecdsa diff --git a/src/crypto/ecdsa/ecdsa.c b/src/crypto/ecdsa/ecdsa.c index b71799e..8403d60 100644 --- a/src/crypto/ecdsa/ecdsa.c +++ b/src/crypto/ecdsa/ecdsa.c @@ -52,9 +52,11 @@ #include +#include #include #include +#include #include #include @@ -81,16 +83,18 @@ int ECDSA_verify(int type, const uint8_t *digest, size_t digest_len, return eckey->ecdsa_meth->verify(digest, digest_len, sig, sig_len, eckey); } - s = ECDSA_SIG_new(); - const uint8_t *sigp = sig; - if (s == NULL || d2i_ECDSA_SIG(&s, &sigp, sig_len) == NULL || - sigp != sig + sig_len) { + /* Decode the ECDSA signature. */ + s = ECDSA_SIG_from_bytes(sig, sig_len); + if (s == NULL) { goto err; } - /* Ensure that the signature uses DER and doesn't have trailing garbage. */ - const int der_len = i2d_ECDSA_SIG(s, &der); - if (der_len < 0 || (size_t) der_len != sig_len || memcmp(sig, der, sig_len)) { + /* Defend against potential laxness in the DER parser. */ + size_t der_len; + if (!ECDSA_SIG_to_bytes(&der, &der_len, s) || + der_len != sig_len || memcmp(sig, der, sig_len) != 0) { + /* This should never happen. crypto/bytestring is strictly DER. */ + OPENSSL_PUT_ERROR(ECDSA, ERR_R_INTERNAL_ERROR); goto err; } @@ -116,14 +120,14 @@ static int digest_to_bn(BIGNUM *out, const uint8_t *digest, size_t digest_len, digest_len = (num_bits + 7) / 8; } if (!BN_bin2bn(digest, digest_len, out)) { - OPENSSL_PUT_ERROR(ECDSA, digest_to_bn, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); return 0; } /* If still too long truncate remaining bits with a shift */ if ((8 * digest_len > num_bits) && !BN_rshift(out, out, 8 - (num_bits & 0x7))) { - OPENSSL_PUT_ERROR(ECDSA, digest_to_bn, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); return 0; } @@ -145,7 +149,7 @@ int ECDSA_do_verify(const uint8_t *digest, size_t digest_len, const EC_POINT *pub_key; if (eckey->ecdsa_meth && eckey->ecdsa_meth->verify) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ECDSA_R_NOT_IMPLEMENTED); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_NOT_IMPLEMENTED); return 0; } @@ -153,13 +157,13 @@ int ECDSA_do_verify(const uint8_t *digest, size_t digest_len, if ((group = EC_KEY_get0_group(eckey)) == NULL || (pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ECDSA_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_MISSING_PARAMETERS); return 0; } ctx = BN_CTX_new(); if (!ctx) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_MALLOC_FAILURE); return 0; } BN_CTX_start(ctx); @@ -168,26 +172,26 @@ int ECDSA_do_verify(const uint8_t *digest, size_t digest_len, u2 = BN_CTX_get(ctx); m = BN_CTX_get(ctx); X = BN_CTX_get(ctx); - if (!X) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_BN_LIB); + if (order == NULL || u1 == NULL || u2 == NULL || m == NULL || X == NULL) { + OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); goto err; } if (!EC_GROUP_get_order(group, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_EC_LIB); goto err; } if (BN_is_zero(sig->r) || BN_is_negative(sig->r) || BN_ucmp(sig->r, order) >= 0 || BN_is_zero(sig->s) || BN_is_negative(sig->s) || BN_ucmp(sig->s, order) >= 0) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ECDSA_R_BAD_SIGNATURE); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_BAD_SIGNATURE); ret = 0; /* signature is invalid */ goto err; } /* calculate tmp1 = inv(S) mod order */ if (!BN_mod_inverse(u2, sig->s, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); goto err; } if (!digest_to_bn(m, digest, digest_len, order)) { @@ -195,30 +199,30 @@ int ECDSA_do_verify(const uint8_t *digest, size_t digest_len, } /* u1 = m * tmp mod order */ if (!BN_mod_mul(u1, m, u2, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); goto err; } /* u2 = r * w mod q */ if (!BN_mod_mul(u2, sig->r, u2, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); goto err; } point = EC_POINT_new(group); if (point == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_MALLOC_FAILURE); goto err; } if (!EC_POINT_mul(group, point, u1, pub_key, u2, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_EC_LIB); goto err; } if (!EC_POINT_get_affine_coordinates_GFp(group, point, X, NULL, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_EC_LIB); goto err; } if (!BN_nnmod(u1, X, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); goto err; } /* if the signature is correct u1 is equal to sig->r */ @@ -241,13 +245,13 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, int ret = 0; if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_PASSED_NULL_PARAMETER); return 0; } if (ctx_in == NULL) { if ((ctx = BN_CTX_new()) == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_MALLOC_FAILURE); return 0; } } else { @@ -259,16 +263,16 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, order = BN_new(); X = BN_new(); if (!k || !r || !order || !X) { - OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_MALLOC_FAILURE); goto err; } tmp_point = EC_POINT_new(group); if (tmp_point == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_EC_LIB); goto err; } if (!EC_GROUP_get_order(group, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_EC_LIB); goto err; } @@ -286,8 +290,7 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, ok = BN_rand_range(k, order); } if (!ok) { - OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, - ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED); goto err; } } while (BN_is_zero(k)); @@ -307,23 +310,23 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, /* compute r the x-coordinate of generator * k */ if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_EC_LIB); goto err; } if (!EC_POINT_get_affine_coordinates_GFp(group, tmp_point, X, NULL, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_EC_LIB); goto err; } if (!BN_nnmod(r, X, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); goto err; } } while (BN_is_zero(r)); /* compute the inverse of k */ if (!BN_mod_inverse(k, k, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ecdsa_sign_setup, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); goto err; } /* clear old values if necessary */ @@ -365,7 +368,7 @@ ECDSA_SIG *ECDSA_do_sign_ex(const uint8_t *digest, size_t digest_len, const BIGNUM *priv_key; if (eckey->ecdsa_meth && eckey->ecdsa_meth->sign) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ECDSA_R_NOT_IMPLEMENTED); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_NOT_IMPLEMENTED); return NULL; } @@ -373,25 +376,25 @@ ECDSA_SIG *ECDSA_do_sign_ex(const uint8_t *digest, size_t digest_len, priv_key = EC_KEY_get0_private_key(eckey); if (group == NULL || priv_key == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_PASSED_NULL_PARAMETER); return NULL; } ret = ECDSA_SIG_new(); if (!ret) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_MALLOC_FAILURE); return NULL; } s = ret->s; if ((ctx = BN_CTX_new()) == NULL || (order = BN_new()) == NULL || (tmp = BN_new()) == NULL || (m = BN_new()) == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_MALLOC_FAILURE); goto err; } if (!EC_GROUP_get_order(group, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_EC_LIB); goto err; } if (!digest_to_bn(m, digest, digest_len, order)) { @@ -400,35 +403,35 @@ ECDSA_SIG *ECDSA_do_sign_ex(const uint8_t *digest, size_t digest_len, for (;;) { if (in_kinv == NULL || in_r == NULL) { if (!ecdsa_sign_setup(eckey, ctx, &kinv, &ret->r, digest, digest_len)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_ECDSA_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_ECDSA_LIB); goto err; } ckinv = kinv; } else { ckinv = in_kinv; if (BN_copy(ret->r, in_r) == NULL) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_MALLOC_FAILURE); goto err; } } if (!BN_mod_mul(tmp, priv_key, ret->r, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); goto err; } if (!BN_mod_add_quick(s, tmp, m, order)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); goto err; } if (!BN_mod_mul(s, s, ckinv, order, ctx)) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB); goto err; } if (BN_is_zero(s)) { /* if kinv and r have been supplied by the caller * don't to generate new kinv and r values */ if (in_kinv != NULL && in_r != NULL) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_sign_ex, ECDSA_R_NEED_NEW_SETUP_VALUES); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_NEED_NEW_SETUP_VALUES); goto err; } } else { @@ -455,20 +458,36 @@ err: int ECDSA_sign_ex(int type, const uint8_t *digest, size_t digest_len, uint8_t *sig, unsigned int *sig_len, const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey) { + int ret = 0; ECDSA_SIG *s = NULL; if (eckey->ecdsa_meth && eckey->ecdsa_meth->sign) { - OPENSSL_PUT_ERROR(ECDSA, ECDSA_sign_ex, ECDSA_R_NOT_IMPLEMENTED); + OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_NOT_IMPLEMENTED); *sig_len = 0; - return 0; + goto err; } s = ECDSA_do_sign_ex(digest, digest_len, kinv, r, eckey); if (s == NULL) { *sig_len = 0; - return 0; + goto err; } - *sig_len = i2d_ECDSA_SIG(s, &sig); + + CBB cbb; + CBB_zero(&cbb); + size_t len; + if (!CBB_init_fixed(&cbb, sig, ECDSA_size(eckey)) || + !ECDSA_SIG_marshal(&cbb, s) || + !CBB_finish(&cbb, NULL, &len)) { + OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_ENCODE_ERROR); + CBB_cleanup(&cbb); + *sig_len = 0; + goto err; + } + *sig_len = (unsigned)len; + ret = 1; + +err: ECDSA_SIG_free(s); - return 1; + return ret; } diff --git a/src/crypto/ecdsa/ecdsa_asn1.c b/src/crypto/ecdsa/ecdsa_asn1.c index f557ca7..f2d7c36 100644 --- a/src/crypto/ecdsa/ecdsa_asn1.c +++ b/src/crypto/ecdsa/ecdsa_asn1.c @@ -52,45 +52,33 @@ #include -#include -#include +#include +#include + +#include +#include +#include #include #include #include "../ec/internal.h" -DECLARE_ASN1_FUNCTIONS_const(ECDSA_SIG); -DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECDSA_SIG, ECDSA_SIG); - -ASN1_SEQUENCE(ECDSA_SIG) = { - ASN1_SIMPLE(ECDSA_SIG, r, CBIGNUM), - ASN1_SIMPLE(ECDSA_SIG, s, CBIGNUM), -} ASN1_SEQUENCE_END(ECDSA_SIG); - -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ECDSA_SIG, ECDSA_SIG, ECDSA_SIG); - size_t ECDSA_size(const EC_KEY *key) { - size_t ret, i, group_order_size; - ASN1_INTEGER bs; - BIGNUM *order = NULL; - unsigned char buf[4]; - const EC_GROUP *group; + if (key == NULL) { + return 0; + } + size_t group_order_size; if (key->ecdsa_meth && key->ecdsa_meth->group_order_size) { group_order_size = key->ecdsa_meth->group_order_size(key); } else { - size_t num_bits; - - if (key == NULL) { - return 0; - } - group = EC_KEY_get0_group(key); + const EC_GROUP *group = EC_KEY_get0_group(key); if (group == NULL) { return 0; } - order = BN_new(); + BIGNUM *order = BN_new(); if (order == NULL) { return 0; } @@ -99,21 +87,11 @@ size_t ECDSA_size(const EC_KEY *key) { return 0; } - num_bits = BN_num_bits(order); - group_order_size = (num_bits + 7) / 8; + group_order_size = BN_num_bytes(order); + BN_clear_free(order); } - bs.length = group_order_size; - bs.data = buf; - bs.type = V_ASN1_INTEGER; - /* If the top bit is set the ASN.1 encoding is 1 larger. */ - buf[0] = 0xff; - - i = i2d_ASN1_INTEGER(&bs, NULL); - i += i; /* r and s */ - ret = ASN1_object_size(1, i, V_ASN1_SEQUENCE); - BN_clear_free(order); - return ret; + return ECDSA_SIG_max_len(group_order_size); } ECDSA_SIG *ECDSA_SIG_new(void) { @@ -139,3 +117,134 @@ void ECDSA_SIG_free(ECDSA_SIG *sig) { BN_free(sig->s); OPENSSL_free(sig); } + +ECDSA_SIG *ECDSA_SIG_parse(CBS *cbs) { + ECDSA_SIG *ret = ECDSA_SIG_new(); + if (ret == NULL) { + return NULL; + } + CBS child; + if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) || + !BN_cbs2unsigned(&child, ret->r) || + !BN_cbs2unsigned(&child, ret->s) || + CBS_len(&child) != 0) { + OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_BAD_SIGNATURE); + ECDSA_SIG_free(ret); + return NULL; + } + return ret; +} + +ECDSA_SIG *ECDSA_SIG_from_bytes(const uint8_t *in, size_t in_len) { + CBS cbs; + CBS_init(&cbs, in, in_len); + ECDSA_SIG *ret = ECDSA_SIG_parse(&cbs); + if (ret == NULL || CBS_len(&cbs) != 0) { + OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_BAD_SIGNATURE); + ECDSA_SIG_free(ret); + return NULL; + } + return ret; +} + +int ECDSA_SIG_marshal(CBB *cbb, const ECDSA_SIG *sig) { + CBB child; + if (!CBB_add_asn1(cbb, &child, CBS_ASN1_SEQUENCE) || + !BN_bn2cbb(&child, sig->r) || + !BN_bn2cbb(&child, sig->s) || + !CBB_flush(cbb)) { + OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_ENCODE_ERROR); + return 0; + } + return 1; +} + +int ECDSA_SIG_to_bytes(uint8_t **out_bytes, size_t *out_len, + const ECDSA_SIG *sig) { + CBB cbb; + CBB_zero(&cbb); + if (!CBB_init(&cbb, 0) || + !ECDSA_SIG_marshal(&cbb, sig) || + !CBB_finish(&cbb, out_bytes, out_len)) { + OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_ENCODE_ERROR); + CBB_cleanup(&cbb); + return 0; + } + return 1; +} + +/* der_len_len returns the number of bytes needed to represent a length of |len| + * in DER. */ +static size_t der_len_len(size_t len) { + if (len < 0x80) { + return 1; + } + size_t ret = 1; + while (len > 0) { + ret++; + len >>= 8; + } + return ret; +} + +size_t ECDSA_SIG_max_len(size_t order_len) { + /* Compute the maximum length of an |order_len| byte integer. Defensively + * assume that the leading 0x00 is included. */ + size_t integer_len = 1 /* tag */ + der_len_len(order_len + 1) + 1 + order_len; + if (integer_len < order_len) { + return 0; + } + /* An ECDSA signature is two INTEGERs. */ + size_t value_len = 2 * integer_len; + if (value_len < integer_len) { + return 0; + } + /* Add the header. */ + size_t ret = 1 /* tag */ + der_len_len(value_len) + value_len; + if (ret < value_len) { + return 0; + } + return ret; +} + +ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **out, const uint8_t **inp, long len) { + if (len < 0) { + return NULL; + } + CBS cbs; + CBS_init(&cbs, *inp, (size_t)len); + ECDSA_SIG *ret = ECDSA_SIG_parse(&cbs); + if (ret == NULL) { + return NULL; + } + if (out != NULL) { + ECDSA_SIG_free(*out); + *out = ret; + } + *inp += (size_t)len - CBS_len(&cbs); + return ret; +} + +int i2d_ECDSA_SIG(const ECDSA_SIG *sig, uint8_t **outp) { + uint8_t *der; + size_t der_len; + if (!ECDSA_SIG_to_bytes(&der, &der_len, sig)) { + return -1; + } + if (der_len > INT_MAX) { + OPENSSL_PUT_ERROR(ECDSA, ERR_R_OVERFLOW); + OPENSSL_free(der); + return -1; + } + if (outp != NULL) { + if (*outp == NULL) { + *outp = der; + der = NULL; + } else { + memcpy(*outp, der, der_len); + *outp += der_len; + } + } + OPENSSL_free(der); + return (int)der_len; +} diff --git a/src/crypto/ecdsa/ecdsa_test.cc b/src/crypto/ecdsa/ecdsa_test.cc index a6bd7a1..b916509 100644 --- a/src/crypto/ecdsa/ecdsa_test.cc +++ b/src/crypto/ecdsa/ecdsa_test.cc @@ -78,18 +78,13 @@ static bool VerifyECDSASig(Api api, const uint8_t *digest, switch (api) { case kEncodedApi: { - int sig_len = i2d_ECDSA_SIG(ecdsa_sig, NULL); - if (sig_len <= 0) { + uint8_t *der; + size_t der_len; + if (!ECDSA_SIG_to_bytes(&der, &der_len, ecdsa_sig)) { return false; } - std::vector signature(static_cast(sig_len)); - uint8_t *sig_ptr = bssl::vector_data(&signature); - sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr); - if (sig_len <= 0) { - return false; - } - actual_result = ECDSA_verify(0, digest, digest_len, bssl::vector_data(&signature), - signature.size(), eckey); + ScopedOpenSSLBytes delete_der(der); + actual_result = ECDSA_verify(0, digest, digest_len, der, der_len, eckey); break; } @@ -267,8 +262,8 @@ static bool TestBuiltin(FILE *out) { fprintf(out, "."); fflush(out); // Verify a tampered signature. - const uint8_t *sig_ptr = bssl::vector_data(&signature); - ScopedECDSA_SIG ecdsa_sig(d2i_ECDSA_SIG(NULL, &sig_ptr, signature.size())); + ScopedECDSA_SIG ecdsa_sig(ECDSA_SIG_from_bytes( + bssl::vector_data(&signature), signature.size())); if (!ecdsa_sig || !TestTamperedSig(out, kEncodedApi, digest, 20, ecdsa_sig.get(), eckey.get(), order.get())) { @@ -325,11 +320,45 @@ static bool TestBuiltin(FILE *out) { return true; } +static bool TestECDSA_SIG_max_len(size_t order_len) { + /* Create the largest possible |ECDSA_SIG| of the given constraints. */ + ScopedECDSA_SIG sig(ECDSA_SIG_new()); + if (!sig) { + return false; + } + std::vector bytes(order_len, 0xff); + if (!BN_bin2bn(bssl::vector_data(&bytes), bytes.size(), sig->r) || + !BN_bin2bn(bssl::vector_data(&bytes), bytes.size(), sig->s)) { + return false; + } + /* Serialize it. */ + uint8_t *der; + size_t der_len; + if (!ECDSA_SIG_to_bytes(&der, &der_len, sig.get())) { + return false; + } + ScopedOpenSSLBytes delete_der(der); + + size_t max_len = ECDSA_SIG_max_len(order_len); + if (max_len != der_len) { + fprintf(stderr, "ECDSA_SIG_max_len(%u) returned %u, wanted %u\n", + static_cast(order_len), static_cast(max_len), + static_cast(der_len)); + return false; + } + return true; +} + int main(void) { CRYPTO_library_init(); ERR_load_crypto_strings(); - if (!TestBuiltin(stdout)) { + if (!TestBuiltin(stdout) || + !TestECDSA_SIG_max_len(224/8) || + !TestECDSA_SIG_max_len(256/8) || + !TestECDSA_SIG_max_len(384/8) || + !TestECDSA_SIG_max_len(512/8) || + !TestECDSA_SIG_max_len(10000)) { printf("\nECDSA test failed\n"); ERR_print_errors_fp(stdout); return 1; diff --git a/src/crypto/engine/CMakeLists.txt b/src/crypto/engine/CMakeLists.txt index e03650e..5667f02 100644 --- a/src/crypto/engine/CMakeLists.txt +++ b/src/crypto/engine/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( engine diff --git a/src/crypto/err/CMakeLists.txt b/src/crypto/err/CMakeLists.txt index 5215eec..8519e51 100644 --- a/src/crypto/err/CMakeLists.txt +++ b/src/crypto/err/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_custom_command( OUTPUT err_data.c @@ -8,10 +8,8 @@ add_custom_command( asn1.errordata bio.errordata bn.errordata - buf.errordata cipher.errordata conf.errordata - crypto.errordata dh.errordata digest.errordata dsa.errordata diff --git a/src/crypto/err/asn1.errordata b/src/crypto/err/asn1.errordata index 44b9c73..55342a0 100644 --- a/src/crypto/err/asn1.errordata +++ b/src/crypto/err/asn1.errordata @@ -1,152 +1,88 @@ -ASN1,function,100,ASN1_BIT_STRING_set_bit -ASN1,function,101,ASN1_ENUMERATED_set -ASN1,function,102,ASN1_ENUMERATED_to_BN -ASN1,function,103,ASN1_GENERALIZEDTIME_adj -ASN1,function,104,ASN1_INTEGER_set -ASN1,function,105,ASN1_INTEGER_to_BN -ASN1,function,106,ASN1_OBJECT_new -ASN1,function,107,ASN1_PCTX_new -ASN1,function,108,ASN1_STRING_TABLE_add -ASN1,function,109,ASN1_STRING_set -ASN1,function,110,ASN1_STRING_type_new -ASN1,function,111,ASN1_TIME_adj -ASN1,function,112,ASN1_UTCTIME_adj -ASN1,function,113,ASN1_d2i_fp -ASN1,function,114,ASN1_dup -ASN1,function,115,ASN1_generate_v3 -ASN1,function,116,ASN1_get_object -ASN1,function,117,ASN1_i2d_bio -ASN1,function,118,ASN1_i2d_fp -ASN1,function,119,ASN1_item_d2i_fp -ASN1,function,120,ASN1_item_dup -ASN1,function,121,ASN1_item_ex_d2i -ASN1,function,122,ASN1_item_i2d_bio -ASN1,function,123,ASN1_item_i2d_fp -ASN1,function,124,ASN1_item_pack -ASN1,function,125,ASN1_item_unpack -ASN1,function,126,ASN1_mbstring_ncopy -ASN1,function,127,ASN1_template_new -ASN1,function,128,BIO_new_NDEF -ASN1,function,129,BN_to_ASN1_ENUMERATED -ASN1,function,130,BN_to_ASN1_INTEGER -ASN1,function,131,a2d_ASN1_OBJECT -ASN1,function,132,a2i_ASN1_ENUMERATED -ASN1,function,133,a2i_ASN1_INTEGER -ASN1,function,134,a2i_ASN1_STRING -ASN1,function,135,append_exp -ASN1,function,136,asn1_cb -ASN1,function,137,asn1_check_tlen -ASN1,function,138,asn1_collate_primitive -ASN1,function,139,asn1_collect -ASN1,function,140,asn1_d2i_ex_primitive -ASN1,function,141,asn1_d2i_read_bio -ASN1,function,142,asn1_do_adb -ASN1,function,143,asn1_ex_c2i -ASN1,function,144,asn1_find_end -ASN1,function,145,asn1_item_ex_combine_new -ASN1,function,146,asn1_str2type -ASN1,function,147,asn1_template_ex_d2i -ASN1,function,148,asn1_template_noexp_d2i -ASN1,function,149,bitstr_cb -ASN1,function,150,c2i_ASN1_BIT_STRING -ASN1,function,151,c2i_ASN1_INTEGER -ASN1,function,152,c2i_ASN1_OBJECT -ASN1,function,153,collect_data -ASN1,function,154,d2i_ASN1_BOOLEAN -ASN1,function,155,d2i_ASN1_OBJECT -ASN1,function,156,d2i_ASN1_UINTEGER -ASN1,function,157,d2i_ASN1_UTCTIME -ASN1,function,158,d2i_ASN1_bytes -ASN1,function,159,d2i_ASN1_type_bytes -ASN1,function,160,i2d_ASN1_TIME -ASN1,function,161,i2d_PrivateKey -ASN1,function,162,long_c2i -ASN1,function,163,parse_tagging -ASN1,reason,100,ASN1_LENGTH_MISMATCH -ASN1,reason,101,AUX_ERROR -ASN1,reason,102,BAD_GET_ASN1_OBJECT_CALL -ASN1,reason,103,BAD_OBJECT_HEADER -ASN1,reason,104,BMPSTRING_IS_WRONG_LENGTH -ASN1,reason,105,BN_LIB -ASN1,reason,106,BOOLEAN_IS_WRONG_LENGTH -ASN1,reason,107,BUFFER_TOO_SMALL -ASN1,reason,108,DECODE_ERROR -ASN1,reason,109,DEPTH_EXCEEDED -ASN1,reason,110,ENCODE_ERROR -ASN1,reason,111,ERROR_GETTING_TIME -ASN1,reason,112,EXPECTING_AN_ASN1_SEQUENCE -ASN1,reason,113,EXPECTING_AN_INTEGER -ASN1,reason,114,EXPECTING_AN_OBJECT -ASN1,reason,115,EXPECTING_A_BOOLEAN -ASN1,reason,116,EXPECTING_A_TIME -ASN1,reason,117,EXPLICIT_LENGTH_MISMATCH -ASN1,reason,118,EXPLICIT_TAG_NOT_CONSTRUCTED -ASN1,reason,119,FIELD_MISSING -ASN1,reason,120,FIRST_NUM_TOO_LARGE -ASN1,reason,121,HEADER_TOO_LONG -ASN1,reason,122,ILLEGAL_BITSTRING_FORMAT -ASN1,reason,123,ILLEGAL_BOOLEAN -ASN1,reason,124,ILLEGAL_CHARACTERS -ASN1,reason,125,ILLEGAL_FORMAT -ASN1,reason,126,ILLEGAL_HEX -ASN1,reason,127,ILLEGAL_IMPLICIT_TAG -ASN1,reason,128,ILLEGAL_INTEGER -ASN1,reason,129,ILLEGAL_NESTED_TAGGING -ASN1,reason,130,ILLEGAL_NULL -ASN1,reason,131,ILLEGAL_NULL_VALUE -ASN1,reason,132,ILLEGAL_OBJECT -ASN1,reason,133,ILLEGAL_OPTIONAL_ANY -ASN1,reason,134,ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE -ASN1,reason,135,ILLEGAL_TAGGED_ANY -ASN1,reason,136,ILLEGAL_TIME_VALUE -ASN1,reason,137,INTEGER_NOT_ASCII_FORMAT -ASN1,reason,138,INTEGER_TOO_LARGE_FOR_LONG -ASN1,reason,139,INVALID_BIT_STRING_BITS_LEFT -ASN1,reason,140,INVALID_BMPSTRING_LENGTH -ASN1,reason,141,INVALID_DIGIT -ASN1,reason,142,INVALID_MODIFIER -ASN1,reason,143,INVALID_NUMBER -ASN1,reason,144,INVALID_OBJECT_ENCODING -ASN1,reason,145,INVALID_SEPARATOR -ASN1,reason,146,INVALID_TIME_FORMAT -ASN1,reason,147,INVALID_UNIVERSALSTRING_LENGTH -ASN1,reason,148,INVALID_UTF8STRING -ASN1,reason,149,LIST_ERROR -ASN1,reason,150,MALLOC_FAILURE -ASN1,reason,151,MISSING_ASN1_EOS -ASN1,reason,152,MISSING_EOC -ASN1,reason,153,MISSING_SECOND_NUMBER -ASN1,reason,154,MISSING_VALUE -ASN1,reason,155,MSTRING_NOT_UNIVERSAL -ASN1,reason,156,MSTRING_WRONG_TAG -ASN1,reason,157,NESTED_ASN1_ERROR -ASN1,reason,158,NESTED_ASN1_STRING -ASN1,reason,159,NON_HEX_CHARACTERS -ASN1,reason,160,NOT_ASCII_FORMAT -ASN1,reason,161,NOT_ENOUGH_DATA -ASN1,reason,162,NO_MATCHING_CHOICE_TYPE -ASN1,reason,163,NULL_IS_WRONG_LENGTH -ASN1,reason,164,OBJECT_NOT_ASCII_FORMAT -ASN1,reason,165,ODD_NUMBER_OF_CHARS -ASN1,reason,166,SECOND_NUMBER_TOO_LARGE -ASN1,reason,167,SEQUENCE_LENGTH_MISMATCH -ASN1,reason,168,SEQUENCE_NOT_CONSTRUCTED -ASN1,reason,169,SEQUENCE_OR_SET_NEEDS_CONFIG -ASN1,reason,170,SHORT_LINE -ASN1,reason,171,STREAMING_NOT_SUPPORTED -ASN1,reason,172,STRING_TOO_LONG -ASN1,reason,173,STRING_TOO_SHORT -ASN1,reason,174,TAG_VALUE_TOO_HIGH -ASN1,reason,175,TIME_NOT_ASCII_FORMAT -ASN1,reason,176,TOO_LONG -ASN1,reason,177,TYPE_NOT_CONSTRUCTED -ASN1,reason,178,TYPE_NOT_PRIMITIVE -ASN1,reason,179,UNEXPECTED_EOC -ASN1,reason,180,UNIVERSALSTRING_IS_WRONG_LENGTH -ASN1,reason,181,UNKNOWN_FORMAT -ASN1,reason,182,UNKNOWN_TAG -ASN1,reason,183,UNSUPPORTED_ANY_DEFINED_BY_TYPE -ASN1,reason,184,UNSUPPORTED_PUBLIC_KEY_TYPE -ASN1,reason,185,UNSUPPORTED_TYPE -ASN1,reason,186,WRONG_TAG -ASN1,reason,187,WRONG_TYPE +ASN1,100,ASN1_LENGTH_MISMATCH +ASN1,101,AUX_ERROR +ASN1,102,BAD_GET_ASN1_OBJECT_CALL +ASN1,103,BAD_OBJECT_HEADER +ASN1,104,BMPSTRING_IS_WRONG_LENGTH +ASN1,105,BN_LIB +ASN1,106,BOOLEAN_IS_WRONG_LENGTH +ASN1,107,BUFFER_TOO_SMALL +ASN1,108,DECODE_ERROR +ASN1,109,DEPTH_EXCEEDED +ASN1,110,ENCODE_ERROR +ASN1,111,ERROR_GETTING_TIME +ASN1,112,EXPECTING_AN_ASN1_SEQUENCE +ASN1,113,EXPECTING_AN_INTEGER +ASN1,114,EXPECTING_AN_OBJECT +ASN1,115,EXPECTING_A_BOOLEAN +ASN1,116,EXPECTING_A_TIME +ASN1,117,EXPLICIT_LENGTH_MISMATCH +ASN1,118,EXPLICIT_TAG_NOT_CONSTRUCTED +ASN1,119,FIELD_MISSING +ASN1,120,FIRST_NUM_TOO_LARGE +ASN1,121,HEADER_TOO_LONG +ASN1,122,ILLEGAL_BITSTRING_FORMAT +ASN1,123,ILLEGAL_BOOLEAN +ASN1,124,ILLEGAL_CHARACTERS +ASN1,125,ILLEGAL_FORMAT +ASN1,126,ILLEGAL_HEX +ASN1,127,ILLEGAL_IMPLICIT_TAG +ASN1,128,ILLEGAL_INTEGER +ASN1,129,ILLEGAL_NESTED_TAGGING +ASN1,130,ILLEGAL_NULL +ASN1,131,ILLEGAL_NULL_VALUE +ASN1,132,ILLEGAL_OBJECT +ASN1,133,ILLEGAL_OPTIONAL_ANY +ASN1,134,ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE +ASN1,135,ILLEGAL_TAGGED_ANY +ASN1,136,ILLEGAL_TIME_VALUE +ASN1,137,INTEGER_NOT_ASCII_FORMAT +ASN1,138,INTEGER_TOO_LARGE_FOR_LONG +ASN1,139,INVALID_BIT_STRING_BITS_LEFT +ASN1,140,INVALID_BMPSTRING_LENGTH +ASN1,141,INVALID_DIGIT +ASN1,142,INVALID_MODIFIER +ASN1,143,INVALID_NUMBER +ASN1,144,INVALID_OBJECT_ENCODING +ASN1,145,INVALID_SEPARATOR +ASN1,146,INVALID_TIME_FORMAT +ASN1,147,INVALID_UNIVERSALSTRING_LENGTH +ASN1,148,INVALID_UTF8STRING +ASN1,149,LIST_ERROR +ASN1,150,MALLOC_FAILURE +ASN1,151,MISSING_ASN1_EOS +ASN1,152,MISSING_EOC +ASN1,153,MISSING_SECOND_NUMBER +ASN1,154,MISSING_VALUE +ASN1,155,MSTRING_NOT_UNIVERSAL +ASN1,156,MSTRING_WRONG_TAG +ASN1,157,NESTED_ASN1_ERROR +ASN1,158,NESTED_ASN1_STRING +ASN1,159,NON_HEX_CHARACTERS +ASN1,160,NOT_ASCII_FORMAT +ASN1,161,NOT_ENOUGH_DATA +ASN1,162,NO_MATCHING_CHOICE_TYPE +ASN1,163,NULL_IS_WRONG_LENGTH +ASN1,164,OBJECT_NOT_ASCII_FORMAT +ASN1,165,ODD_NUMBER_OF_CHARS +ASN1,166,SECOND_NUMBER_TOO_LARGE +ASN1,167,SEQUENCE_LENGTH_MISMATCH +ASN1,168,SEQUENCE_NOT_CONSTRUCTED +ASN1,169,SEQUENCE_OR_SET_NEEDS_CONFIG +ASN1,170,SHORT_LINE +ASN1,171,STREAMING_NOT_SUPPORTED +ASN1,172,STRING_TOO_LONG +ASN1,173,STRING_TOO_SHORT +ASN1,174,TAG_VALUE_TOO_HIGH +ASN1,175,TIME_NOT_ASCII_FORMAT +ASN1,176,TOO_LONG +ASN1,177,TYPE_NOT_CONSTRUCTED +ASN1,178,TYPE_NOT_PRIMITIVE +ASN1,179,UNEXPECTED_EOC +ASN1,180,UNIVERSALSTRING_IS_WRONG_LENGTH +ASN1,181,UNKNOWN_FORMAT +ASN1,182,UNKNOWN_TAG +ASN1,183,UNSUPPORTED_ANY_DEFINED_BY_TYPE +ASN1,184,UNSUPPORTED_PUBLIC_KEY_TYPE +ASN1,185,UNSUPPORTED_TYPE +ASN1,186,WRONG_TAG +ASN1,187,WRONG_TYPE diff --git a/src/crypto/err/bio.errordata b/src/crypto/err/bio.errordata index 9f2af02..94b3c97 100644 --- a/src/crypto/err/bio.errordata +++ b/src/crypto/err/bio.errordata @@ -1,36 +1,17 @@ -BIO,function,100,BIO_callback_ctrl -BIO,function,101,BIO_ctrl -BIO,function,102,BIO_new -BIO,function,103,BIO_new_file -BIO,function,104,BIO_new_mem_buf -BIO,function,118,BIO_printf -BIO,function,105,BIO_zero_copy_get_read_buf -BIO,function,106,BIO_zero_copy_get_read_buf_done -BIO,function,107,BIO_zero_copy_get_write_buf -BIO,function,108,BIO_zero_copy_get_write_buf_done -BIO,function,109,bio_io -BIO,function,110,bio_make_pair -BIO,function,111,bio_write -BIO,function,112,buffer_ctrl -BIO,function,113,conn_ctrl -BIO,function,114,conn_state -BIO,function,115,file_ctrl -BIO,function,116,file_read -BIO,function,117,mem_write -BIO,reason,100,BAD_FOPEN_MODE -BIO,reason,101,BROKEN_PIPE -BIO,reason,102,CONNECT_ERROR -BIO,reason,103,ERROR_SETTING_NBIO -BIO,reason,104,INVALID_ARGUMENT -BIO,reason,105,IN_USE -BIO,reason,106,KEEPALIVE -BIO,reason,107,NBIO_CONNECT_ERROR -BIO,reason,108,NO_HOSTNAME_SPECIFIED -BIO,reason,109,NO_PORT_SPECIFIED -BIO,reason,110,NO_SUCH_FILE -BIO,reason,111,NULL_PARAMETER -BIO,reason,112,SYS_LIB -BIO,reason,113,UNABLE_TO_CREATE_SOCKET -BIO,reason,114,UNINITIALIZED -BIO,reason,115,UNSUPPORTED_METHOD -BIO,reason,116,WRITE_TO_READ_ONLY_BIO +BIO,100,BAD_FOPEN_MODE +BIO,101,BROKEN_PIPE +BIO,102,CONNECT_ERROR +BIO,103,ERROR_SETTING_NBIO +BIO,104,INVALID_ARGUMENT +BIO,105,IN_USE +BIO,106,KEEPALIVE +BIO,107,NBIO_CONNECT_ERROR +BIO,108,NO_HOSTNAME_SPECIFIED +BIO,109,NO_PORT_SPECIFIED +BIO,110,NO_SUCH_FILE +BIO,111,NULL_PARAMETER +BIO,112,SYS_LIB +BIO,113,UNABLE_TO_CREATE_SOCKET +BIO,114,UNINITIALIZED +BIO,115,UNSUPPORTED_METHOD +BIO,116,WRITE_TO_READ_ONLY_BIO diff --git a/src/crypto/err/bn.errordata b/src/crypto/err/bn.errordata index 6fd4968..76b6392 100644 --- a/src/crypto/err/bn.errordata +++ b/src/crypto/err/bn.errordata @@ -1,44 +1,19 @@ -BN,function,100,BN_CTX_get -BN,function,101,BN_CTX_new -BN,function,102,BN_CTX_start -BN,function,103,BN_bn2dec -BN,function,104,BN_bn2hex -BN,function,105,BN_div -BN,function,106,BN_div_recp -BN,function,107,BN_exp -BN,function,108,BN_generate_dsa_nonce -BN,function,109,BN_generate_prime_ex -BN,function,125,BN_lshift -BN,function,110,BN_mod_exp2_mont -BN,function,111,BN_mod_exp_mont -BN,function,112,BN_mod_exp_mont_consttime -BN,function,113,BN_mod_exp_mont_word -BN,function,114,BN_mod_inverse -BN,function,115,BN_mod_inverse_no_branch -BN,function,116,BN_mod_lshift_quick -BN,function,117,BN_mod_sqrt -BN,function,118,BN_new -BN,function,119,BN_rand -BN,function,120,BN_rand_range -BN,function,126,BN_rshift -BN,function,121,BN_sqrt -BN,function,122,BN_usub -BN,function,123,bn_wexpand -BN,function,124,mod_exp_recp -BN,reason,100,ARG2_LT_ARG3 -BN,reason,101,BAD_RECIPROCAL -BN,reason,102,BIGNUM_TOO_LONG -BN,reason,103,BITS_TOO_SMALL -BN,reason,104,CALLED_WITH_EVEN_MODULUS -BN,reason,105,DIV_BY_ZERO -BN,reason,106,EXPAND_ON_STATIC_BIGNUM_DATA -BN,reason,107,INPUT_NOT_REDUCED -BN,reason,108,INVALID_RANGE -BN,reason,109,NEGATIVE_NUMBER -BN,reason,110,NOT_A_SQUARE -BN,reason,111,NOT_INITIALIZED -BN,reason,112,NO_INVERSE -BN,reason,113,PRIVATE_KEY_TOO_LARGE -BN,reason,114,P_IS_NOT_PRIME -BN,reason,115,TOO_MANY_ITERATIONS -BN,reason,116,TOO_MANY_TEMPORARY_VARIABLES +BN,100,ARG2_LT_ARG3 +BN,117,BAD_ENCODING +BN,101,BAD_RECIPROCAL +BN,102,BIGNUM_TOO_LONG +BN,103,BITS_TOO_SMALL +BN,104,CALLED_WITH_EVEN_MODULUS +BN,105,DIV_BY_ZERO +BN,118,ENCODE_ERROR +BN,106,EXPAND_ON_STATIC_BIGNUM_DATA +BN,107,INPUT_NOT_REDUCED +BN,108,INVALID_RANGE +BN,109,NEGATIVE_NUMBER +BN,110,NOT_A_SQUARE +BN,111,NOT_INITIALIZED +BN,112,NO_INVERSE +BN,113,PRIVATE_KEY_TOO_LARGE +BN,114,P_IS_NOT_PRIME +BN,115,TOO_MANY_ITERATIONS +BN,116,TOO_MANY_TEMPORARY_VARIABLES diff --git a/src/crypto/err/buf.errordata b/src/crypto/err/buf.errordata deleted file mode 100644 index 01b6c9a..0000000 --- a/src/crypto/err/buf.errordata +++ /dev/null @@ -1,4 +0,0 @@ -BUF,function,100,BUF_MEM_new -BUF,function,101,BUF_memdup -BUF,function,102,BUF_strndup -BUF,function,103,buf_mem_grow diff --git a/src/crypto/err/cipher.errordata b/src/crypto/err/cipher.errordata index ce8459b..1037505 100644 --- a/src/crypto/err/cipher.errordata +++ b/src/crypto/err/cipher.errordata @@ -1,60 +1,25 @@ -CIPHER,function,100,EVP_AEAD_CTX_init -CIPHER,function,131,EVP_AEAD_CTX_init_with_direction -CIPHER,function,101,EVP_AEAD_CTX_open -CIPHER,function,102,EVP_AEAD_CTX_seal -CIPHER,function,103,EVP_CIPHER_CTX_copy -CIPHER,function,104,EVP_CIPHER_CTX_ctrl -CIPHER,function,105,EVP_CIPHER_CTX_set_key_length -CIPHER,function,106,EVP_CipherInit_ex -CIPHER,function,107,EVP_DecryptFinal_ex -CIPHER,function,108,EVP_EncryptFinal_ex -CIPHER,function,132,aead_aes_ctr_hmac_sha256_init -CIPHER,function,133,aead_aes_ctr_hmac_sha256_open -CIPHER,function,134,aead_aes_ctr_hmac_sha256_seal -CIPHER,function,109,aead_aes_gcm_init -CIPHER,function,110,aead_aes_gcm_open -CIPHER,function,111,aead_aes_gcm_seal -CIPHER,function,112,aead_aes_key_wrap_init -CIPHER,function,113,aead_aes_key_wrap_open -CIPHER,function,114,aead_aes_key_wrap_seal -CIPHER,function,115,aead_chacha20_poly1305_init -CIPHER,function,116,aead_chacha20_poly1305_open -CIPHER,function,117,aead_chacha20_poly1305_seal -CIPHER,function,118,aead_rc4_md5_tls_init -CIPHER,function,119,aead_rc4_md5_tls_open -CIPHER,function,120,aead_rc4_md5_tls_seal -CIPHER,function,121,aead_ssl3_ensure_cipher_init -CIPHER,function,122,aead_ssl3_init -CIPHER,function,123,aead_ssl3_open -CIPHER,function,124,aead_ssl3_seal -CIPHER,function,125,aead_tls_ensure_cipher_init -CIPHER,function,126,aead_tls_init -CIPHER,function,127,aead_tls_open -CIPHER,function,128,aead_tls_seal -CIPHER,function,129,aes_init_key -CIPHER,function,130,aesni_init_key -CIPHER,reason,100,AES_KEY_SETUP_FAILED -CIPHER,reason,101,BAD_DECRYPT -CIPHER,reason,102,BAD_KEY_LENGTH -CIPHER,reason,103,BUFFER_TOO_SMALL -CIPHER,reason,104,CTRL_NOT_IMPLEMENTED -CIPHER,reason,105,CTRL_OPERATION_NOT_IMPLEMENTED -CIPHER,reason,106,DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH -CIPHER,reason,107,INITIALIZATION_ERROR -CIPHER,reason,108,INPUT_NOT_INITIALIZED -CIPHER,reason,109,INVALID_AD_SIZE -CIPHER,reason,110,INVALID_KEY_LENGTH -CIPHER,reason,111,INVALID_NONCE_SIZE -CIPHER,reason,112,INVALID_OPERATION -CIPHER,reason,113,IV_TOO_LARGE -CIPHER,reason,114,NO_CIPHER_SET -CIPHER,reason,124,NO_DIRECTION_SET -CIPHER,reason,115,OUTPUT_ALIASES_INPUT -CIPHER,reason,116,TAG_TOO_LARGE -CIPHER,reason,117,TOO_LARGE -CIPHER,reason,118,UNSUPPORTED_AD_SIZE -CIPHER,reason,119,UNSUPPORTED_INPUT_SIZE -CIPHER,reason,120,UNSUPPORTED_KEY_SIZE -CIPHER,reason,121,UNSUPPORTED_NONCE_SIZE -CIPHER,reason,122,UNSUPPORTED_TAG_SIZE -CIPHER,reason,123,WRONG_FINAL_BLOCK_LENGTH +CIPHER,100,AES_KEY_SETUP_FAILED +CIPHER,101,BAD_DECRYPT +CIPHER,102,BAD_KEY_LENGTH +CIPHER,103,BUFFER_TOO_SMALL +CIPHER,104,CTRL_NOT_IMPLEMENTED +CIPHER,105,CTRL_OPERATION_NOT_IMPLEMENTED +CIPHER,106,DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH +CIPHER,107,INITIALIZATION_ERROR +CIPHER,108,INPUT_NOT_INITIALIZED +CIPHER,109,INVALID_AD_SIZE +CIPHER,110,INVALID_KEY_LENGTH +CIPHER,111,INVALID_NONCE_SIZE +CIPHER,112,INVALID_OPERATION +CIPHER,113,IV_TOO_LARGE +CIPHER,114,NO_CIPHER_SET +CIPHER,124,NO_DIRECTION_SET +CIPHER,115,OUTPUT_ALIASES_INPUT +CIPHER,116,TAG_TOO_LARGE +CIPHER,117,TOO_LARGE +CIPHER,118,UNSUPPORTED_AD_SIZE +CIPHER,119,UNSUPPORTED_INPUT_SIZE +CIPHER,120,UNSUPPORTED_KEY_SIZE +CIPHER,121,UNSUPPORTED_NONCE_SIZE +CIPHER,122,UNSUPPORTED_TAG_SIZE +CIPHER,123,WRONG_FINAL_BLOCK_LENGTH diff --git a/src/crypto/err/conf.errordata b/src/crypto/err/conf.errordata index 0b96a32..651fabe 100644 --- a/src/crypto/err/conf.errordata +++ b/src/crypto/err/conf.errordata @@ -1,10 +1,6 @@ -CONF,function,100,CONF_parse_list -CONF,function,101,NCONF_load -CONF,function,102,def_load_bio -CONF,function,103,str_copy -CONF,reason,100,LIST_CANNOT_BE_NULL -CONF,reason,101,MISSING_CLOSE_SQUARE_BRACKET -CONF,reason,102,MISSING_EQUAL_SIGN -CONF,reason,103,NO_CLOSE_BRACE -CONF,reason,104,UNABLE_TO_CREATE_NEW_SECTION -CONF,reason,105,VARIABLE_HAS_NO_VALUE +CONF,100,LIST_CANNOT_BE_NULL +CONF,101,MISSING_CLOSE_SQUARE_BRACKET +CONF,102,MISSING_EQUAL_SIGN +CONF,103,NO_CLOSE_BRACE +CONF,104,UNABLE_TO_CREATE_NEW_SECTION +CONF,105,VARIABLE_HAS_NO_VALUE diff --git a/src/crypto/err/crypto.errordata b/src/crypto/err/crypto.errordata deleted file mode 100644 index 1e0e9d5..0000000 --- a/src/crypto/err/crypto.errordata +++ /dev/null @@ -1,4 +0,0 @@ -CRYPTO,function,100,CRYPTO_get_ex_new_index -CRYPTO,function,101,CRYPTO_set_ex_data -CRYPTO,function,102,get_class -CRYPTO,function,103,get_func_pointers diff --git a/src/crypto/err/dh.errordata b/src/crypto/err/dh.errordata index 1fd675b..571e218 100644 --- a/src/crypto/err/dh.errordata +++ b/src/crypto/err/dh.errordata @@ -1,8 +1,4 @@ -DH,function,100,DH_new_method -DH,function,101,compute_key -DH,function,102,generate_key -DH,function,103,generate_parameters -DH,reason,100,BAD_GENERATOR -DH,reason,101,INVALID_PUBKEY -DH,reason,102,MODULUS_TOO_LARGE -DH,reason,103,NO_PRIVATE_VALUE +DH,100,BAD_GENERATOR +DH,101,INVALID_PUBKEY +DH,102,MODULUS_TOO_LARGE +DH,103,NO_PRIVATE_VALUE diff --git a/src/crypto/err/digest.errordata b/src/crypto/err/digest.errordata index 95a3622..411e778 100644 --- a/src/crypto/err/digest.errordata +++ b/src/crypto/err/digest.errordata @@ -1,3 +1 @@ -DIGEST,function,100,EVP_DigestInit_ex -DIGEST,function,101,EVP_MD_CTX_copy_ex -DIGEST,reason,100,INPUT_NOT_INITIALIZED +DIGEST,100,INPUT_NOT_INITIALIZED diff --git a/src/crypto/err/dsa.errordata b/src/crypto/err/dsa.errordata index c2dff23..3c5764a 100644 --- a/src/crypto/err/dsa.errordata +++ b/src/crypto/err/dsa.errordata @@ -1,9 +1,4 @@ -DSA,function,100,DSA_new_method -DSA,function,101,dsa_sig_cb -DSA,function,102,sign -DSA,function,103,sign_setup -DSA,function,104,verify -DSA,reason,100,BAD_Q_VALUE -DSA,reason,101,MISSING_PARAMETERS -DSA,reason,102,MODULUS_TOO_LARGE -DSA,reason,103,NEED_NEW_SETUP_VALUES +DSA,100,BAD_Q_VALUE +DSA,101,MISSING_PARAMETERS +DSA,102,MODULUS_TOO_LARGE +DSA,103,NEED_NEW_SETUP_VALUES diff --git a/src/crypto/err/ec.errordata b/src/crypto/err/ec.errordata index 252f7ab..e7b4175 100644 --- a/src/crypto/err/ec.errordata +++ b/src/crypto/err/ec.errordata @@ -1,95 +1,28 @@ -EC,function,159,BN_to_felem -EC,function,100,EC_GROUP_copy -EC,function,101,EC_GROUP_get_curve_GFp -EC,function,102,EC_GROUP_get_degree -EC,function,103,EC_GROUP_new_by_curve_name -EC,function,166,EC_GROUP_new_curve_GFp -EC,function,104,EC_KEY_check_key -EC,function,105,EC_KEY_copy -EC,function,106,EC_KEY_generate_key -EC,function,165,EC_KEY_new_by_curve_name -EC,function,107,EC_KEY_new_method -EC,function,108,EC_KEY_set_public_key_affine_coordinates -EC,function,109,EC_POINT_add -EC,function,110,EC_POINT_cmp -EC,function,111,EC_POINT_copy -EC,function,112,EC_POINT_dbl -EC,function,113,EC_POINT_dup -EC,function,114,EC_POINT_get_affine_coordinates_GFp -EC,function,115,EC_POINT_invert -EC,function,116,EC_POINT_is_at_infinity -EC,function,117,EC_POINT_is_on_curve -EC,function,118,EC_POINT_make_affine -EC,function,119,EC_POINT_new -EC,function,120,EC_POINT_oct2point -EC,function,121,EC_POINT_point2oct -EC,function,122,EC_POINT_set_affine_coordinates_GFp -EC,function,123,EC_POINT_set_compressed_coordinates_GFp -EC,function,124,EC_POINT_set_to_infinity -EC,function,125,EC_POINTs_make_affine -EC,function,126,compute_wNAF -EC,function,127,d2i_ECPKParameters -EC,function,128,d2i_ECParameters -EC,function,129,d2i_ECPrivateKey -EC,function,130,ec_GFp_mont_field_decode -EC,function,131,ec_GFp_mont_field_encode -EC,function,132,ec_GFp_mont_field_mul -EC,function,133,ec_GFp_mont_field_set_to_one -EC,function,134,ec_GFp_mont_field_sqr -EC,function,135,ec_GFp_mont_group_set_curve -EC,function,160,ec_GFp_nistp256_group_set_curve -EC,function,161,ec_GFp_nistp256_point_get_affine_coordinates -EC,function,162,ec_GFp_nistp256_points_mul -EC,function,136,ec_GFp_simple_group_check_discriminant -EC,function,137,ec_GFp_simple_group_set_curve -EC,function,138,ec_GFp_simple_make_affine -EC,function,139,ec_GFp_simple_oct2point -EC,function,140,ec_GFp_simple_point2oct -EC,function,141,ec_GFp_simple_point_get_affine_coordinates -EC,function,142,ec_GFp_simple_point_set_affine_coordinates -EC,function,143,ec_GFp_simple_points_make_affine -EC,function,144,ec_GFp_simple_set_compressed_coordinates -EC,function,145,ec_asn1_group2pkparameters -EC,function,146,ec_asn1_pkparameters2group -EC,function,163,ec_group_copy -EC,function,147,ec_group_new -EC,function,148,ec_group_new_curve_GFp -EC,function,149,ec_group_new_from_data -EC,function,150,ec_point_set_Jprojective_coordinates_GFp -EC,function,151,ec_pre_comp_new -EC,function,152,ec_wNAF_mul -EC,function,153,ec_wNAF_precompute_mult -EC,function,154,i2d_ECPKParameters -EC,function,155,i2d_ECParameters -EC,function,156,i2d_ECPrivateKey -EC,function,157,i2o_ECPublicKey -EC,function,164,nistp256_pre_comp_new -EC,function,158,o2i_ECPublicKey -EC,reason,126,BIGNUM_OUT_OF_RANGE -EC,reason,100,BUFFER_TOO_SMALL -EC,reason,101,COORDINATES_OUT_OF_RANGE -EC,reason,102,D2I_ECPKPARAMETERS_FAILURE -EC,reason,103,EC_GROUP_NEW_BY_NAME_FAILURE -EC,reason,104,GROUP2PKPARAMETERS_FAILURE -EC,reason,105,I2D_ECPKPARAMETERS_FAILURE -EC,reason,106,INCOMPATIBLE_OBJECTS -EC,reason,107,INVALID_COMPRESSED_POINT -EC,reason,108,INVALID_COMPRESSION_BIT -EC,reason,109,INVALID_ENCODING -EC,reason,110,INVALID_FIELD -EC,reason,111,INVALID_FORM -EC,reason,112,INVALID_GROUP_ORDER -EC,reason,113,INVALID_PRIVATE_KEY -EC,reason,114,MISSING_PARAMETERS -EC,reason,115,MISSING_PRIVATE_KEY -EC,reason,116,NON_NAMED_CURVE -EC,reason,117,NOT_INITIALIZED -EC,reason,118,PKPARAMETERS2GROUP_FAILURE -EC,reason,119,POINT_AT_INFINITY -EC,reason,120,POINT_IS_NOT_ON_CURVE -EC,reason,121,SLOT_FULL -EC,reason,122,UNDEFINED_GENERATOR -EC,reason,123,UNKNOWN_GROUP -EC,reason,124,UNKNOWN_ORDER -EC,reason,127,WRONG_CURVE_PARAMETERS -EC,reason,125,WRONG_ORDER +EC,126,BIGNUM_OUT_OF_RANGE +EC,100,BUFFER_TOO_SMALL +EC,101,COORDINATES_OUT_OF_RANGE +EC,102,D2I_ECPKPARAMETERS_FAILURE +EC,103,EC_GROUP_NEW_BY_NAME_FAILURE +EC,104,GROUP2PKPARAMETERS_FAILURE +EC,105,I2D_ECPKPARAMETERS_FAILURE +EC,106,INCOMPATIBLE_OBJECTS +EC,107,INVALID_COMPRESSED_POINT +EC,108,INVALID_COMPRESSION_BIT +EC,109,INVALID_ENCODING +EC,110,INVALID_FIELD +EC,111,INVALID_FORM +EC,112,INVALID_GROUP_ORDER +EC,113,INVALID_PRIVATE_KEY +EC,114,MISSING_PARAMETERS +EC,115,MISSING_PRIVATE_KEY +EC,116,NON_NAMED_CURVE +EC,117,NOT_INITIALIZED +EC,118,PKPARAMETERS2GROUP_FAILURE +EC,119,POINT_AT_INFINITY +EC,120,POINT_IS_NOT_ON_CURVE +EC,121,SLOT_FULL +EC,122,UNDEFINED_GENERATOR +EC,123,UNKNOWN_GROUP +EC,124,UNKNOWN_ORDER +EC,127,WRONG_CURVE_PARAMETERS +EC,125,WRONG_ORDER diff --git a/src/crypto/err/ecdh.errordata b/src/crypto/err/ecdh.errordata index 0f1215e..f714c30 100644 --- a/src/crypto/err/ecdh.errordata +++ b/src/crypto/err/ecdh.errordata @@ -1,4 +1,3 @@ -ECDH,function,100,ECDH_compute_key -ECDH,reason,100,KDF_FAILED -ECDH,reason,101,NO_PRIVATE_VALUE -ECDH,reason,102,POINT_ARITHMETIC_FAILURE +ECDH,100,KDF_FAILED +ECDH,101,NO_PRIVATE_VALUE +ECDH,102,POINT_ARITHMETIC_FAILURE diff --git a/src/crypto/err/ecdsa.errordata b/src/crypto/err/ecdsa.errordata index 97c213e..58ba591 100644 --- a/src/crypto/err/ecdsa.errordata +++ b/src/crypto/err/ecdsa.errordata @@ -1,10 +1,6 @@ -ECDSA,function,100,ECDSA_do_sign_ex -ECDSA,function,101,ECDSA_do_verify -ECDSA,function,102,ECDSA_sign_ex -ECDSA,function,103,digest_to_bn -ECDSA,function,104,ecdsa_sign_setup -ECDSA,reason,100,BAD_SIGNATURE -ECDSA,reason,101,MISSING_PARAMETERS -ECDSA,reason,102,NEED_NEW_SETUP_VALUES -ECDSA,reason,103,NOT_IMPLEMENTED -ECDSA,reason,104,RANDOM_NUMBER_GENERATION_FAILED +ECDSA,100,BAD_SIGNATURE +ECDSA,105,ENCODE_ERROR +ECDSA,101,MISSING_PARAMETERS +ECDSA,102,NEED_NEW_SETUP_VALUES +ECDSA,103,NOT_IMPLEMENTED +ECDSA,104,RANDOM_NUMBER_GENERATION_FAILED diff --git a/src/crypto/err/engine.errordata b/src/crypto/err/engine.errordata index 1185e88..edbd7b9 100644 --- a/src/crypto/err/engine.errordata +++ b/src/crypto/err/engine.errordata @@ -1 +1 @@ -ENGINE,reason,100,OPERATION_NOT_SUPPORTED +ENGINE,100,OPERATION_NOT_SUPPORTED diff --git a/src/crypto/err/err.c b/src/crypto/err/err.c index de1b4a7..24824e8 100644 --- a/src/crypto/err/err.c +++ b/src/crypto/err/err.c @@ -125,10 +125,6 @@ #include "../internal.h" -extern const uint32_t kOpenSSLFunctionValues[]; -extern const size_t kOpenSSLFunctionValuesLen; -extern const char kOpenSSLFunctionStringData[]; - extern const uint32_t kOpenSSLReasonValues[]; extern const size_t kOpenSSLReasonValuesLen; extern const char kOpenSSLReasonStringData[]; @@ -259,42 +255,51 @@ static uint32_t get_error_values(int inc, int top, const char **file, int *line, } uint32_t ERR_get_error(void) { - return get_error_values(1, 0, NULL, NULL, NULL, NULL); + return get_error_values(1 /* inc */, 0 /* bottom */, NULL, NULL, NULL, NULL); } uint32_t ERR_get_error_line(const char **file, int *line) { - return get_error_values(1, 0, file, line, NULL, NULL); + return get_error_values(1 /* inc */, 0 /* bottom */, file, line, NULL, NULL); } uint32_t ERR_get_error_line_data(const char **file, int *line, const char **data, int *flags) { - return get_error_values(1, 0, file, line, data, flags); + return get_error_values(1 /* inc */, 0 /* bottom */, file, line, data, flags); } uint32_t ERR_peek_error(void) { - return get_error_values(0, 0, NULL, NULL, NULL, NULL); + return get_error_values(0 /* peek */, 0 /* bottom */, NULL, NULL, NULL, NULL); } uint32_t ERR_peek_error_line(const char **file, int *line) { - return get_error_values(0, 0, file, line, NULL, NULL); + return get_error_values(0 /* peek */, 0 /* bottom */, file, line, NULL, NULL); } uint32_t ERR_peek_error_line_data(const char **file, int *line, const char **data, int *flags) { - return get_error_values(0, 0, file, line, data, flags); + return get_error_values(0 /* peek */, 0 /* bottom */, file, line, data, + flags); +} + +const char *ERR_peek_function(void) { + ERR_STATE *state = err_get_state(); + if (state == NULL || state->bottom == state->top) { + return NULL; + } + return state->errors[(state->bottom + 1) % ERR_NUM_ERRORS].function; } uint32_t ERR_peek_last_error(void) { - return get_error_values(0, 1, NULL, NULL, NULL, NULL); + return get_error_values(0 /* peek */, 1 /* top */, NULL, NULL, NULL, NULL); } uint32_t ERR_peek_last_error_line(const char **file, int *line) { - return get_error_values(0, 1, file, line, NULL, NULL); + return get_error_values(0 /* peek */, 1 /* top */, file, line, NULL, NULL); } uint32_t ERR_peek_last_error_line_data(const char **file, int *line, const char **data, int *flags) { - return get_error_values(0, 1, file, line, data, flags); + return get_error_values(0 /* peek */, 1 /* top */, file, line, data, flags); } void ERR_clear_error(void) { @@ -341,40 +346,20 @@ void ERR_clear_system_error(void) { errno = 0; } -char *ERR_error_string(uint32_t packed_error, char *ret) { - static char buf[ERR_ERROR_STRING_BUF_LEN]; - - if (ret == NULL) { - /* TODO(fork): remove this. */ - ret = buf; - } - -#if !defined(NDEBUG) - /* This is aimed to help catch callers who don't provide - * |ERR_ERROR_STRING_BUF_LEN| bytes of space. */ - memset(ret, 0, ERR_ERROR_STRING_BUF_LEN); -#endif - - ERR_error_string_n(packed_error, ret, ERR_ERROR_STRING_BUF_LEN); - - return ret; -} - -void ERR_error_string_n(uint32_t packed_error, char *buf, size_t len) { - char lib_buf[64], func_buf[64], reason_buf[64]; - const char *lib_str, *func_str, *reason_str; - unsigned lib, func, reason; +static void err_error_string(uint32_t packed_error, const char *func_str, + char *buf, size_t len) { + char lib_buf[64], reason_buf[64]; + const char *lib_str, *reason_str; + unsigned lib, reason; if (len == 0) { return; } lib = ERR_GET_LIB(packed_error); - func = ERR_GET_FUNC(packed_error); reason = ERR_GET_REASON(packed_error); lib_str = ERR_lib_error_string(packed_error); - func_str = ERR_func_error_string(packed_error); reason_str = ERR_reason_error_string(packed_error); if (lib_str == NULL) { @@ -383,8 +368,7 @@ void ERR_error_string_n(uint32_t packed_error, char *buf, size_t len) { } if (func_str == NULL) { - BIO_snprintf(func_buf, sizeof(func_buf), "func(%u)", func); - func_str = func_buf; + func_str = "OPENSSL_internal"; } if (reason_str == NULL) { @@ -426,6 +410,29 @@ void ERR_error_string_n(uint32_t packed_error, char *buf, size_t len) { } } +char *ERR_error_string(uint32_t packed_error, char *ret) { + static char buf[ERR_ERROR_STRING_BUF_LEN]; + + if (ret == NULL) { + /* TODO(fork): remove this. */ + ret = buf; + } + +#if !defined(NDEBUG) + /* This is aimed to help catch callers who don't provide + * |ERR_ERROR_STRING_BUF_LEN| bytes of space. */ + memset(ret, 0, ERR_ERROR_STRING_BUF_LEN); +#endif + + ERR_error_string_n(packed_error, ret, ERR_ERROR_STRING_BUF_LEN); + + return ret; +} + +void ERR_error_string_n(uint32_t packed_error, char *buf, size_t len) { + err_error_string(packed_error, NULL, buf, len); +} + // err_string_cmp is a compare function for searching error values with // |bsearch| in |err_string_lookup|. static int err_string_cmp(const void *a, const void *b) { @@ -505,8 +512,8 @@ static const char *const kLibraryNames[ERR_NUM_LIBS] = { "HMAC routines", /* ERR_LIB_HMAC */ "Digest functions", /* ERR_LIB_DIGEST */ "Cipher functions", /* ERR_LIB_CIPHER */ - "User defined functions", /* ERR_LIB_USER */ "HKDF functions", /* ERR_LIB_HKDF */ + "User defined functions", /* ERR_LIB_USER */ }; const char *ERR_lib_error_string(uint32_t packed_error) { @@ -519,36 +526,7 @@ const char *ERR_lib_error_string(uint32_t packed_error) { } const char *ERR_func_error_string(uint32_t packed_error) { - const uint32_t lib = ERR_GET_LIB(packed_error); - const uint32_t func = ERR_GET_FUNC(packed_error); - - if (lib == ERR_LIB_SYS) { - switch (func) { - case SYS_F_fopen: - return "fopen"; - case SYS_F_fclose: - return "fclose"; - case SYS_F_fread: - return "fread"; - case SYS_F_fwrite: - return "fwrite"; - case SYS_F_socket: - return "socket"; - case SYS_F_setsockopt: - return "setsockopt"; - case SYS_F_connect: - return "connect"; - case SYS_F_getaddrinfo: - return "getaddrinfo"; - default: - return NULL; - } - } - - return err_string_lookup(ERR_GET_LIB(packed_error), - ERR_GET_FUNC(packed_error), kOpenSSLFunctionValues, - kOpenSSLFunctionValuesLen, - kOpenSSLFunctionStringData); + return "OPENSSL_internal"; } const char *ERR_reason_error_string(uint32_t packed_error) { @@ -599,12 +577,13 @@ void ERR_print_errors_cb(ERR_print_errors_callback_t callback, void *ctx) { const unsigned long thread_hash = (uintptr_t) err_get_state(); for (;;) { + const char *function = ERR_peek_function(); packed_error = ERR_get_error_line_data(&file, &line, &data, &flags); if (packed_error == 0) { break; } - ERR_error_string_n(packed_error, buf, sizeof(buf)); + err_error_string(packed_error, function, buf, sizeof(buf)); BIO_snprintf(buf2, sizeof(buf2), "%lu:%s:%s:%d:%s\n", thread_hash, buf, file, line, (flags & ERR_FLAG_STRING) ? data : ""); if (callback(buf2, strlen(buf2), ctx) <= 0) { @@ -644,8 +623,8 @@ static void err_set_error_data(char *data, int flags) { error->flags = flags; } -void ERR_put_error(int library, int func, int reason, const char *file, - unsigned line) { +void ERR_put_error(int library, int reason, const char *function, + const char *file, unsigned line) { ERR_STATE *const state = err_get_state(); struct err_error_st *error; @@ -654,7 +633,7 @@ void ERR_put_error(int library, int func, int reason, const char *file, } if (library == ERR_LIB_SYS && reason == 0) { -#if defined(WIN32) +#if defined(OPENSSL_WINDOWS) reason = GetLastError(); #else reason = errno; @@ -668,9 +647,10 @@ void ERR_put_error(int library, int func, int reason, const char *file, error = &state->errors[state->top]; err_clear(error); + error->function = function; error->file = file; error->line = line; - error->packed = ERR_PACK(library, func, reason); + error->packed = ERR_PACK(library, reason); } /* ERR_add_error_data_vdata takes a variable number of const char* pointers, diff --git a/src/crypto/err/err_data_generate.go b/src/crypto/err/err_data_generate.go index a5b4cb5..24e0d66 100644 --- a/src/crypto/err/err_data_generate.go +++ b/src/crypto/err/err_data_generate.go @@ -59,8 +59,8 @@ var libraryNames = []string{ "HMAC", "DIGEST", "CIPHER", - "USER", "HKDF", + "USER", } // stringList is a map from uint32 -> string which can output data for a sorted @@ -69,7 +69,7 @@ type stringList struct { // entries is an array of keys and offsets into |stringData|. The // offsets are in the bottom 15 bits of each uint32 and the key is the // top 17 bits. - entries []uint32 + entries []uint32 // internedStrings contains the same strings as are in |stringData|, // but allows for easy deduplication. It maps a string to its offset in // |stringData|. @@ -146,7 +146,7 @@ func (st *stringList) WriteTo(out stringWriter, name string) { fmt.Fprintf(out, " 0x%x,\n", v) } out.WriteString("};\n\n") - out.WriteString("const size_t " + values + "Len = sizeof(" + values + ") / sizeof(" + values + "[0]);\n\n"); + out.WriteString("const size_t " + values + "Len = sizeof(" + values + ") / sizeof(" + values + "[0]);\n\n") stringData := "kOpenSSL" + name + "StringData" out.WriteString("const char " + stringData + "[] =\n \"") @@ -161,8 +161,8 @@ func (st *stringList) WriteTo(out stringWriter, name string) { } type errorData struct { - functions, reasons *stringList - libraryMap map[string]uint32 + reasons *stringList + libraryMap map[string]uint32 } func (e *errorData) readErrorDataFile(filename string) error { @@ -184,8 +184,8 @@ func (e *errorData) readErrorDataFile(filename string) error { continue } parts := bytes.Split(line, comma) - if len(parts) != 4 { - return fmt.Errorf("bad line %d in %s: found %d values but want 4", lineNo, filename, len(parts)) + if len(parts) != 3 { + return fmt.Errorf("bad line %d in %s: found %d values but want 3", lineNo, filename, len(parts)) } libNum, ok := e.libraryMap[string(parts[0])] if !ok { @@ -194,26 +194,18 @@ func (e *errorData) readErrorDataFile(filename string) error { if libNum >= 64 { return fmt.Errorf("bad line %d in %s: library value too large", lineNo, filename) } - key, err := strconv.ParseUint(string(parts[2]), 10 /* base */, 32 /* bit size */) + key, err := strconv.ParseUint(string(parts[1]), 10 /* base */, 32 /* bit size */) if err != nil { return fmt.Errorf("bad line %d in %s: %s", lineNo, filename, err) } if key >= 2048 { return fmt.Errorf("bad line %d in %s: key too large", lineNo, filename) } - value := string(parts[3]) + value := string(parts[2]) listKey := libNum<<26 | uint32(key)<<15 - switch string(parts[1]) { - case "function": - err = e.functions.Add(listKey, value) - case "reason": - err = e.reasons.Add(listKey, value) - default: - return fmt.Errorf("bad line %d in %s: bad value type", lineNo, filename) - } - + err = e.reasons.Add(listKey, value) if err != nil { return err } @@ -224,7 +216,6 @@ func (e *errorData) readErrorDataFile(filename string) error { func main() { e := &errorData{ - functions: newStringList(), reasons: newStringList(), libraryMap: make(map[string]uint32), } @@ -279,9 +270,8 @@ func main() { for i, name := range libraryNames { fmt.Fprintf(out, "OPENSSL_COMPILE_ASSERT(ERR_LIB_%s == %d, library_values_changed_%d);\n", name, i+1, i+1) } - fmt.Fprintf(out, "OPENSSL_COMPILE_ASSERT(ERR_NUM_LIBS == %d, library_values_changed_num);\n", len(libraryNames) + 1) + fmt.Fprintf(out, "OPENSSL_COMPILE_ASSERT(ERR_NUM_LIBS == %d, library_values_changed_num);\n", len(libraryNames)+1) out.WriteString("\n") - e.functions.WriteTo(out, "Function") e.reasons.WriteTo(out, "Reason") } diff --git a/src/crypto/err/err_test.cc b/src/crypto/err/err_test.cc index 98dfb85..6643c68 100644 --- a/src/crypto/err/err_test.cc +++ b/src/crypto/err/err_test.cc @@ -22,7 +22,7 @@ static bool TestOverflow() { for (unsigned i = 0; i < ERR_NUM_ERRORS*2; i++) { - ERR_put_error(1, 2, i+1, "test", 1); + ERR_put_error(1, i+1, "function", "test", 1); } for (unsigned i = 0; i < ERR_NUM_ERRORS - 1; i++) { @@ -50,7 +50,7 @@ static bool TestPutError() { return false; } - ERR_put_error(1, 2, 3, "test", 4); + ERR_put_error(1, 2, "function", "test", 4); ERR_add_error_data(1, "testing"); int peeked_line, line, peeked_flags, flags; @@ -58,6 +58,7 @@ static bool TestPutError() { uint32_t peeked_packed_error = ERR_peek_error_line_data(&peeked_file, &peeked_line, &peeked_data, &peeked_flags); + const char *function = ERR_peek_function(); uint32_t packed_error = ERR_get_error_line_data(&file, &line, &data, &flags); if (peeked_packed_error != packed_error || @@ -68,12 +69,12 @@ static bool TestPutError() { return false; } - if (strcmp(file, "test") != 0 || + if (strcmp(function, "function") != 0 || + strcmp(file, "test") != 0 || line != 4 || (flags & ERR_FLAG_STRING) == 0 || ERR_GET_LIB(packed_error) != 1 || - ERR_GET_FUNC(packed_error) != 2 || - ERR_GET_REASON(packed_error) != 3 || + ERR_GET_REASON(packed_error) != 2 || strcmp(data, "testing") != 0) { fprintf(stderr, "Bad error data returned.\n"); return false; @@ -88,7 +89,7 @@ static bool TestClearError() { return false; } - ERR_put_error(1, 2, 3, "test", 4); + ERR_put_error(1, 2, "function", "test", 4); ERR_clear_error(); if (ERR_get_error() != 0) { @@ -100,7 +101,7 @@ static bool TestClearError() { } static bool TestPrint() { - ERR_put_error(1, 2, 3, "test", 4); + ERR_put_error(1, 2, "function", "test", 4); ERR_add_error_data(1, "testing"); uint32_t packed_error = ERR_get_error(); @@ -113,11 +114,41 @@ static bool TestPrint() { } static bool TestRelease() { - ERR_put_error(1, 2, 3, "test", 4); + ERR_put_error(1, 2, "function", "test", 4); ERR_remove_thread_state(NULL); return true; } +static bool HasSuffix(const char *str, const char *suffix) { + size_t suffix_len = strlen(suffix); + size_t str_len = strlen(str); + if (str_len < suffix_len) { + return false; + } + return strcmp(str + str_len - suffix_len, suffix) == 0; +} + +static bool TestPutMacro() { + int expected_line = __LINE__ + 1; + OPENSSL_PUT_ERROR(USER, ERR_R_INTERNAL_ERROR); + + int line; + const char *file; + const char *function = ERR_peek_function(); + uint32_t error = ERR_get_error_line(&file, &line); + + if (strcmp(function, "TestPutMacro") != 0 || + !HasSuffix(file, "err_test.cc") || + line != expected_line || + ERR_GET_LIB(error) != ERR_LIB_USER || + ERR_GET_REASON(error) != ERR_R_INTERNAL_ERROR) { + fprintf(stderr, "Bad error data returned.\n"); + return false; + } + + return true; +} + int main() { CRYPTO_library_init(); @@ -125,7 +156,8 @@ int main() { !TestPutError() || !TestClearError() || !TestPrint() || - !TestRelease()) { + !TestRelease() || + !TestPutMacro()) { return 1; } diff --git a/src/crypto/err/evp.errordata b/src/crypto/err/evp.errordata index 14dd27b..8f8dd48 100644 --- a/src/crypto/err/evp.errordata +++ b/src/crypto/err/evp.errordata @@ -1,114 +1,46 @@ -EVP,function,160,EVP_DigestSignAlgorithm -EVP,function,161,EVP_DigestVerifyInitFromAlgorithm -EVP,function,162,EVP_PKEY_CTX_ctrl -EVP,function,163,EVP_PKEY_CTX_dup -EVP,function,159,EVP_PKEY_CTX_get0_rsa_oaep_label -EVP,function,164,EVP_PKEY_copy_parameters -EVP,function,165,EVP_PKEY_decrypt -EVP,function,166,EVP_PKEY_decrypt_init -EVP,function,167,EVP_PKEY_derive -EVP,function,108,EVP_PKEY_derive_init -EVP,function,168,EVP_PKEY_derive_set_peer -EVP,function,110,EVP_PKEY_encrypt -EVP,function,111,EVP_PKEY_encrypt_init -EVP,function,112,EVP_PKEY_get1_DH -EVP,function,169,EVP_PKEY_get1_DSA -EVP,function,114,EVP_PKEY_get1_EC_KEY -EVP,function,115,EVP_PKEY_get1_RSA -EVP,function,116,EVP_PKEY_keygen -EVP,function,170,EVP_PKEY_keygen_init -EVP,function,171,EVP_PKEY_new -EVP,function,172,EVP_PKEY_set_type -EVP,function,120,EVP_PKEY_sign -EVP,function,121,EVP_PKEY_sign_init -EVP,function,122,EVP_PKEY_verify -EVP,function,123,EVP_PKEY_verify_init -EVP,function,173,check_padding_md -EVP,function,125,d2i_AutoPrivateKey -EVP,function,126,d2i_PrivateKey -EVP,function,127,do_EC_KEY_print -EVP,function,174,do_dsa_print -EVP,function,175,do_rsa_print -EVP,function,129,do_sigver_init -EVP,function,176,dsa_param_decode -EVP,function,177,dsa_priv_decode -EVP,function,178,dsa_priv_encode -EVP,function,179,dsa_pub_decode -EVP,function,180,dsa_pub_encode -EVP,function,181,dsa_sig_print -EVP,function,130,eckey_param2type -EVP,function,131,eckey_param_decode -EVP,function,132,eckey_priv_decode -EVP,function,133,eckey_priv_encode -EVP,function,134,eckey_pub_decode -EVP,function,135,eckey_pub_encode -EVP,function,136,eckey_type2param -EVP,function,137,evp_pkey_ctx_new -EVP,function,138,hmac_signctx -EVP,function,139,i2d_PublicKey -EVP,function,182,old_dsa_priv_decode -EVP,function,140,old_ec_priv_decode -EVP,function,141,old_rsa_priv_decode -EVP,function,142,pkey_ec_ctrl -EVP,function,143,pkey_ec_derive -EVP,function,144,pkey_ec_keygen -EVP,function,145,pkey_ec_paramgen -EVP,function,146,pkey_ec_sign -EVP,function,158,pkey_hmac_ctrl -EVP,function,147,pkey_rsa_ctrl -EVP,function,148,pkey_rsa_decrypt -EVP,function,149,pkey_rsa_encrypt -EVP,function,150,pkey_rsa_sign -EVP,function,151,rsa_algor_to_md -EVP,function,152,rsa_digest_verify_init_from_algorithm -EVP,function,153,rsa_mgf1_to_md -EVP,function,154,rsa_priv_decode -EVP,function,155,rsa_priv_encode -EVP,function,156,rsa_pss_to_ctx -EVP,function,157,rsa_pub_decode -EVP,reason,151,BN_DECODE_ERROR -EVP,reason,100,BUFFER_TOO_SMALL -EVP,reason,101,COMMAND_NOT_SUPPORTED -EVP,reason,146,CONTEXT_NOT_INITIALISED -EVP,reason,143,DECODE_ERROR -EVP,reason,104,DIFFERENT_KEY_TYPES -EVP,reason,105,DIFFERENT_PARAMETERS -EVP,reason,147,DIGEST_AND_KEY_TYPE_NOT_SUPPORTED -EVP,reason,107,EXPECTING_AN_EC_KEY_KEY -EVP,reason,141,EXPECTING_AN_RSA_KEY -EVP,reason,109,EXPECTING_A_DH_KEY -EVP,reason,110,EXPECTING_A_DSA_KEY -EVP,reason,111,ILLEGAL_OR_UNSUPPORTED_PADDING_MODE -EVP,reason,112,INVALID_CURVE -EVP,reason,113,INVALID_DIGEST_LENGTH -EVP,reason,114,INVALID_DIGEST_TYPE -EVP,reason,115,INVALID_KEYBITS -EVP,reason,116,INVALID_MGF1_MD -EVP,reason,142,INVALID_OPERATION -EVP,reason,118,INVALID_PADDING_MODE -EVP,reason,119,INVALID_PSS_PARAMETERS -EVP,reason,144,INVALID_PSS_SALTLEN -EVP,reason,121,INVALID_SALT_LENGTH -EVP,reason,122,INVALID_TRAILER -EVP,reason,123,KEYS_NOT_SET -EVP,reason,124,MISSING_PARAMETERS -EVP,reason,125,NO_DEFAULT_DIGEST -EVP,reason,126,NO_KEY_SET -EVP,reason,127,NO_MDC2_SUPPORT -EVP,reason,128,NO_NID_FOR_CURVE -EVP,reason,129,NO_OPERATION_SET -EVP,reason,130,NO_PARAMETERS_SET -EVP,reason,131,OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE -EVP,reason,132,OPERATON_NOT_INITIALIZED -EVP,reason,152,PARAMETER_ENCODING_ERROR -EVP,reason,133,UNKNOWN_DIGEST -EVP,reason,134,UNKNOWN_MASK_DIGEST -EVP,reason,150,UNKNOWN_MESSAGE_DIGEST_ALGORITHM -EVP,reason,145,UNKNOWN_PUBLIC_KEY_TYPE -EVP,reason,149,UNKNOWN_SIGNATURE_ALGORITHM -EVP,reason,138,UNSUPPORTED_ALGORITHM -EVP,reason,139,UNSUPPORTED_MASK_ALGORITHM -EVP,reason,140,UNSUPPORTED_MASK_PARAMETER -EVP,reason,153,UNSUPPORTED_PUBLIC_KEY_TYPE -EVP,reason,154,UNSUPPORTED_SIGNATURE_TYPE -EVP,reason,148,WRONG_PUBLIC_KEY_TYPE +EVP,151,BN_DECODE_ERROR +EVP,100,BUFFER_TOO_SMALL +EVP,101,COMMAND_NOT_SUPPORTED +EVP,146,CONTEXT_NOT_INITIALISED +EVP,143,DECODE_ERROR +EVP,104,DIFFERENT_KEY_TYPES +EVP,105,DIFFERENT_PARAMETERS +EVP,147,DIGEST_AND_KEY_TYPE_NOT_SUPPORTED +EVP,107,EXPECTING_AN_EC_KEY_KEY +EVP,141,EXPECTING_AN_RSA_KEY +EVP,109,EXPECTING_A_DH_KEY +EVP,110,EXPECTING_A_DSA_KEY +EVP,111,ILLEGAL_OR_UNSUPPORTED_PADDING_MODE +EVP,112,INVALID_CURVE +EVP,113,INVALID_DIGEST_LENGTH +EVP,114,INVALID_DIGEST_TYPE +EVP,115,INVALID_KEYBITS +EVP,116,INVALID_MGF1_MD +EVP,142,INVALID_OPERATION +EVP,118,INVALID_PADDING_MODE +EVP,119,INVALID_PSS_PARAMETERS +EVP,144,INVALID_PSS_SALTLEN +EVP,121,INVALID_SALT_LENGTH +EVP,122,INVALID_TRAILER +EVP,123,KEYS_NOT_SET +EVP,124,MISSING_PARAMETERS +EVP,125,NO_DEFAULT_DIGEST +EVP,126,NO_KEY_SET +EVP,127,NO_MDC2_SUPPORT +EVP,128,NO_NID_FOR_CURVE +EVP,129,NO_OPERATION_SET +EVP,130,NO_PARAMETERS_SET +EVP,131,OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE +EVP,132,OPERATON_NOT_INITIALIZED +EVP,152,PARAMETER_ENCODING_ERROR +EVP,133,UNKNOWN_DIGEST +EVP,134,UNKNOWN_MASK_DIGEST +EVP,150,UNKNOWN_MESSAGE_DIGEST_ALGORITHM +EVP,145,UNKNOWN_PUBLIC_KEY_TYPE +EVP,149,UNKNOWN_SIGNATURE_ALGORITHM +EVP,138,UNSUPPORTED_ALGORITHM +EVP,139,UNSUPPORTED_MASK_ALGORITHM +EVP,140,UNSUPPORTED_MASK_PARAMETER +EVP,153,UNSUPPORTED_PUBLIC_KEY_TYPE +EVP,154,UNSUPPORTED_SIGNATURE_TYPE +EVP,148,WRONG_PUBLIC_KEY_TYPE diff --git a/src/crypto/err/hkdf.errordata b/src/crypto/err/hkdf.errordata index 878a802..84866de 100644 --- a/src/crypto/err/hkdf.errordata +++ b/src/crypto/err/hkdf.errordata @@ -1,2 +1 @@ -HKDF,function,100,HKDF -HKDF,reason,100,OUTPUT_TOO_LARGE +HKDF,100,OUTPUT_TOO_LARGE diff --git a/src/crypto/err/obj.errordata b/src/crypto/err/obj.errordata index 74e4629..c54435e 100644 --- a/src/crypto/err/obj.errordata +++ b/src/crypto/err/obj.errordata @@ -1,5 +1 @@ -OBJ,function,100,OBJ_create -OBJ,function,101,OBJ_dup -OBJ,function,102,OBJ_nid2obj -OBJ,function,103,OBJ_txt2obj -OBJ,reason,100,UNKNOWN_NID +OBJ,100,UNKNOWN_NID diff --git a/src/crypto/err/pem.errordata b/src/crypto/err/pem.errordata index 42216a7..2a4b73a 100644 --- a/src/crypto/err/pem.errordata +++ b/src/crypto/err/pem.errordata @@ -1,39 +1,15 @@ -PEM,function,100,PEM_ASN1_read -PEM,function,101,PEM_ASN1_read_bio -PEM,function,102,PEM_ASN1_write -PEM,function,103,PEM_ASN1_write_bio -PEM,function,104,PEM_X509_INFO_read -PEM,function,105,PEM_X509_INFO_read_bio -PEM,function,106,PEM_X509_INFO_write_bio -PEM,function,107,PEM_do_header -PEM,function,108,PEM_get_EVP_CIPHER_INFO -PEM,function,109,PEM_read -PEM,function,110,PEM_read_DHparams -PEM,function,111,PEM_read_PrivateKey -PEM,function,112,PEM_read_bio -PEM,function,113,PEM_read_bio_DHparams -PEM,function,114,PEM_read_bio_Parameters -PEM,function,115,PEM_read_bio_PrivateKey -PEM,function,116,PEM_write -PEM,function,117,PEM_write_PrivateKey -PEM,function,118,PEM_write_bio -PEM,function,119,d2i_PKCS8PrivateKey_bio -PEM,function,120,d2i_PKCS8PrivateKey_fp -PEM,function,121,do_pk8pkey -PEM,function,122,do_pk8pkey_fp -PEM,function,123,load_iv -PEM,reason,100,BAD_BASE64_DECODE -PEM,reason,101,BAD_DECRYPT -PEM,reason,102,BAD_END_LINE -PEM,reason,103,BAD_IV_CHARS -PEM,reason,104,BAD_PASSWORD_READ -PEM,reason,105,CIPHER_IS_NULL -PEM,reason,106,ERROR_CONVERTING_PRIVATE_KEY -PEM,reason,107,NOT_DEK_INFO -PEM,reason,108,NOT_ENCRYPTED -PEM,reason,109,NOT_PROC_TYPE -PEM,reason,110,NO_START_LINE -PEM,reason,111,READ_KEY -PEM,reason,112,SHORT_HEADER -PEM,reason,113,UNSUPPORTED_CIPHER -PEM,reason,114,UNSUPPORTED_ENCRYPTION +PEM,100,BAD_BASE64_DECODE +PEM,101,BAD_DECRYPT +PEM,102,BAD_END_LINE +PEM,103,BAD_IV_CHARS +PEM,104,BAD_PASSWORD_READ +PEM,105,CIPHER_IS_NULL +PEM,106,ERROR_CONVERTING_PRIVATE_KEY +PEM,107,NOT_DEK_INFO +PEM,108,NOT_ENCRYPTED +PEM,109,NOT_PROC_TYPE +PEM,110,NO_START_LINE +PEM,111,READ_KEY +PEM,112,SHORT_HEADER +PEM,113,UNSUPPORTED_CIPHER +PEM,114,UNSUPPORTED_ENCRYPTION diff --git a/src/crypto/err/pkcs8.errordata b/src/crypto/err/pkcs8.errordata index 936f3c5..0eb5083 100644 --- a/src/crypto/err/pkcs8.errordata +++ b/src/crypto/err/pkcs8.errordata @@ -1,43 +1,25 @@ -PKCS8,function,100,EVP_PKCS82PKEY -PKCS8,function,101,EVP_PKEY2PKCS8 -PKCS8,function,102,PKCS12_get_key_and_certs -PKCS8,function,103,PKCS12_handle_content_info -PKCS8,function,104,PKCS12_handle_content_infos -PKCS8,function,105,PKCS5_pbe2_set_iv -PKCS8,function,106,PKCS5_pbe_set -PKCS8,function,107,PKCS5_pbe_set0_algor -PKCS8,function,108,PKCS5_pbkdf2_set -PKCS8,function,109,PKCS8_decrypt -PKCS8,function,110,PKCS8_encrypt -PKCS8,function,111,PKCS8_encrypt_pbe -PKCS8,function,112,pbe_cipher_init -PKCS8,function,113,pbe_crypt -PKCS8,function,114,pkcs12_item_decrypt_d2i -PKCS8,function,115,pkcs12_item_i2d_encrypt -PKCS8,function,116,pkcs12_key_gen_raw -PKCS8,function,117,pkcs12_pbe_keyivgen -PKCS8,reason,100,BAD_PKCS12_DATA -PKCS8,reason,101,BAD_PKCS12_VERSION -PKCS8,reason,102,CIPHER_HAS_NO_OBJECT_IDENTIFIER -PKCS8,reason,103,CRYPT_ERROR -PKCS8,reason,104,DECODE_ERROR -PKCS8,reason,105,ENCODE_ERROR -PKCS8,reason,106,ENCRYPT_ERROR -PKCS8,reason,107,ERROR_SETTING_CIPHER_PARAMS -PKCS8,reason,108,INCORRECT_PASSWORD -PKCS8,reason,109,KEYGEN_FAILURE -PKCS8,reason,110,KEY_GEN_ERROR -PKCS8,reason,111,METHOD_NOT_SUPPORTED -PKCS8,reason,112,MISSING_MAC -PKCS8,reason,113,MULTIPLE_PRIVATE_KEYS_IN_PKCS12 -PKCS8,reason,114,PKCS12_PUBLIC_KEY_INTEGRITY_NOT_SUPPORTED -PKCS8,reason,115,PKCS12_TOO_DEEPLY_NESTED -PKCS8,reason,116,PRIVATE_KEY_DECODE_ERROR -PKCS8,reason,117,PRIVATE_KEY_ENCODE_ERROR -PKCS8,reason,118,TOO_LONG -PKCS8,reason,119,UNKNOWN_ALGORITHM -PKCS8,reason,120,UNKNOWN_CIPHER -PKCS8,reason,121,UNKNOWN_CIPHER_ALGORITHM -PKCS8,reason,122,UNKNOWN_DIGEST -PKCS8,reason,123,UNKNOWN_HASH -PKCS8,reason,124,UNSUPPORTED_PRIVATE_KEY_ALGORITHM +PKCS8,100,BAD_PKCS12_DATA +PKCS8,101,BAD_PKCS12_VERSION +PKCS8,102,CIPHER_HAS_NO_OBJECT_IDENTIFIER +PKCS8,103,CRYPT_ERROR +PKCS8,104,DECODE_ERROR +PKCS8,105,ENCODE_ERROR +PKCS8,106,ENCRYPT_ERROR +PKCS8,107,ERROR_SETTING_CIPHER_PARAMS +PKCS8,108,INCORRECT_PASSWORD +PKCS8,109,KEYGEN_FAILURE +PKCS8,110,KEY_GEN_ERROR +PKCS8,111,METHOD_NOT_SUPPORTED +PKCS8,112,MISSING_MAC +PKCS8,113,MULTIPLE_PRIVATE_KEYS_IN_PKCS12 +PKCS8,114,PKCS12_PUBLIC_KEY_INTEGRITY_NOT_SUPPORTED +PKCS8,115,PKCS12_TOO_DEEPLY_NESTED +PKCS8,116,PRIVATE_KEY_DECODE_ERROR +PKCS8,117,PRIVATE_KEY_ENCODE_ERROR +PKCS8,118,TOO_LONG +PKCS8,119,UNKNOWN_ALGORITHM +PKCS8,120,UNKNOWN_CIPHER +PKCS8,121,UNKNOWN_CIPHER_ALGORITHM +PKCS8,122,UNKNOWN_DIGEST +PKCS8,123,UNKNOWN_HASH +PKCS8,124,UNSUPPORTED_PRIVATE_KEY_ALGORITHM diff --git a/src/crypto/err/rsa.errordata b/src/crypto/err/rsa.errordata index 64b390d..c19f73c 100644 --- a/src/crypto/err/rsa.errordata +++ b/src/crypto/err/rsa.errordata @@ -1,69 +1,46 @@ -RSA,function,100,BN_BLINDING_convert_ex -RSA,function,101,BN_BLINDING_create_param -RSA,function,102,BN_BLINDING_invert_ex -RSA,function,103,BN_BLINDING_new -RSA,function,104,BN_BLINDING_update -RSA,function,105,RSA_check_key -RSA,function,106,RSA_new_method -RSA,function,107,RSA_padding_add_PKCS1_OAEP_mgf1 -RSA,function,108,RSA_padding_add_PKCS1_PSS_mgf1 -RSA,function,109,RSA_padding_add_PKCS1_type_1 -RSA,function,110,RSA_padding_add_PKCS1_type_2 -RSA,function,111,RSA_padding_add_none -RSA,function,112,RSA_padding_check_PKCS1_OAEP_mgf1 -RSA,function,113,RSA_padding_check_PKCS1_type_1 -RSA,function,114,RSA_padding_check_PKCS1_type_2 -RSA,function,115,RSA_padding_check_none -RSA,function,116,RSA_recover_crt_params -RSA,function,117,RSA_sign -RSA,function,118,RSA_verify -RSA,function,119,RSA_verify_PKCS1_PSS_mgf1 -RSA,function,120,decrypt -RSA,function,121,encrypt -RSA,function,122,keygen -RSA,function,123,pkcs1_prefixed_msg -RSA,function,124,private_transform -RSA,function,125,rsa_setup_blinding -RSA,function,126,sign_raw -RSA,function,127,verify_raw -RSA,reason,100,BAD_E_VALUE -RSA,reason,101,BAD_FIXED_HEADER_DECRYPT -RSA,reason,102,BAD_PAD_BYTE_COUNT -RSA,reason,103,BAD_RSA_PARAMETERS -RSA,reason,104,BAD_SIGNATURE -RSA,reason,105,BLOCK_TYPE_IS_NOT_01 -RSA,reason,106,BN_NOT_INITIALIZED -RSA,reason,107,CRT_PARAMS_ALREADY_GIVEN -RSA,reason,108,CRT_VALUES_INCORRECT -RSA,reason,109,DATA_LEN_NOT_EQUAL_TO_MOD_LEN -RSA,reason,110,DATA_TOO_LARGE -RSA,reason,111,DATA_TOO_LARGE_FOR_KEY_SIZE -RSA,reason,112,DATA_TOO_LARGE_FOR_MODULUS -RSA,reason,113,DATA_TOO_SMALL -RSA,reason,114,DATA_TOO_SMALL_FOR_KEY_SIZE -RSA,reason,115,DIGEST_TOO_BIG_FOR_RSA_KEY -RSA,reason,116,D_E_NOT_CONGRUENT_TO_1 -RSA,reason,117,EMPTY_PUBLIC_KEY -RSA,reason,118,FIRST_OCTET_INVALID -RSA,reason,119,INCONSISTENT_SET_OF_CRT_VALUES -RSA,reason,120,INTERNAL_ERROR -RSA,reason,121,INVALID_MESSAGE_LENGTH -RSA,reason,122,KEY_SIZE_TOO_SMALL -RSA,reason,123,LAST_OCTET_INVALID -RSA,reason,124,MODULUS_TOO_LARGE -RSA,reason,125,NO_PUBLIC_EXPONENT -RSA,reason,126,NULL_BEFORE_BLOCK_MISSING -RSA,reason,127,N_NOT_EQUAL_P_Q -RSA,reason,128,OAEP_DECODING_ERROR -RSA,reason,129,ONLY_ONE_OF_P_Q_GIVEN -RSA,reason,130,OUTPUT_BUFFER_TOO_SMALL -RSA,reason,131,PADDING_CHECK_FAILED -RSA,reason,132,PKCS_DECODING_ERROR -RSA,reason,133,SLEN_CHECK_FAILED -RSA,reason,134,SLEN_RECOVERY_FAILED -RSA,reason,135,TOO_LONG -RSA,reason,136,TOO_MANY_ITERATIONS -RSA,reason,137,UNKNOWN_ALGORITHM_TYPE -RSA,reason,138,UNKNOWN_PADDING_TYPE -RSA,reason,139,VALUE_MISSING -RSA,reason,140,WRONG_SIGNATURE_LENGTH +RSA,143,BAD_ENCODING +RSA,100,BAD_E_VALUE +RSA,101,BAD_FIXED_HEADER_DECRYPT +RSA,102,BAD_PAD_BYTE_COUNT +RSA,103,BAD_RSA_PARAMETERS +RSA,104,BAD_SIGNATURE +RSA,145,BAD_VERSION +RSA,105,BLOCK_TYPE_IS_NOT_01 +RSA,106,BN_NOT_INITIALIZED +RSA,142,CANNOT_RECOVER_MULTI_PRIME_KEY +RSA,107,CRT_PARAMS_ALREADY_GIVEN +RSA,108,CRT_VALUES_INCORRECT +RSA,109,DATA_LEN_NOT_EQUAL_TO_MOD_LEN +RSA,110,DATA_TOO_LARGE +RSA,111,DATA_TOO_LARGE_FOR_KEY_SIZE +RSA,112,DATA_TOO_LARGE_FOR_MODULUS +RSA,113,DATA_TOO_SMALL +RSA,114,DATA_TOO_SMALL_FOR_KEY_SIZE +RSA,115,DIGEST_TOO_BIG_FOR_RSA_KEY +RSA,116,D_E_NOT_CONGRUENT_TO_1 +RSA,117,EMPTY_PUBLIC_KEY +RSA,144,ENCODE_ERROR +RSA,118,FIRST_OCTET_INVALID +RSA,119,INCONSISTENT_SET_OF_CRT_VALUES +RSA,120,INTERNAL_ERROR +RSA,121,INVALID_MESSAGE_LENGTH +RSA,122,KEY_SIZE_TOO_SMALL +RSA,123,LAST_OCTET_INVALID +RSA,124,MODULUS_TOO_LARGE +RSA,141,MUST_HAVE_AT_LEAST_TWO_PRIMES +RSA,125,NO_PUBLIC_EXPONENT +RSA,126,NULL_BEFORE_BLOCK_MISSING +RSA,127,N_NOT_EQUAL_P_Q +RSA,128,OAEP_DECODING_ERROR +RSA,129,ONLY_ONE_OF_P_Q_GIVEN +RSA,130,OUTPUT_BUFFER_TOO_SMALL +RSA,131,PADDING_CHECK_FAILED +RSA,132,PKCS_DECODING_ERROR +RSA,133,SLEN_CHECK_FAILED +RSA,134,SLEN_RECOVERY_FAILED +RSA,135,TOO_LONG +RSA,136,TOO_MANY_ITERATIONS +RSA,137,UNKNOWN_ALGORITHM_TYPE +RSA,138,UNKNOWN_PADDING_TYPE +RSA,139,VALUE_MISSING +RSA,140,WRONG_SIGNATURE_LENGTH diff --git a/src/crypto/err/ssl.errordata b/src/crypto/err/ssl.errordata index 9464c3d..0b30b13 100644 --- a/src/crypto/err/ssl.errordata +++ b/src/crypto/err/ssl.errordata @@ -1,387 +1,217 @@ -SSL,function,276,SSL_AEAD_CTX_new -SSL,function,277,SSL_AEAD_CTX_open -SSL,function,278,SSL_AEAD_CTX_seal -SSL,function,100,SSL_CTX_check_private_key -SSL,function,101,SSL_CTX_new -SSL,function,272,SSL_CTX_set1_tls_channel_id -SSL,function,102,SSL_CTX_set_cipher_list -SSL,function,103,SSL_CTX_set_cipher_list_tls11 -SSL,function,104,SSL_CTX_set_session_id_context -SSL,function,268,SSL_CTX_set_tmp_dh -SSL,function,269,SSL_CTX_set_tmp_ecdh -SSL,function,105,SSL_CTX_use_PrivateKey -SSL,function,106,SSL_CTX_use_PrivateKey_ASN1 -SSL,function,107,SSL_CTX_use_PrivateKey_file -SSL,function,108,SSL_CTX_use_RSAPrivateKey -SSL,function,109,SSL_CTX_use_RSAPrivateKey_ASN1 -SSL,function,110,SSL_CTX_use_RSAPrivateKey_file -SSL,function,111,SSL_CTX_use_certificate -SSL,function,112,SSL_CTX_use_certificate_ASN1 -SSL,function,113,SSL_CTX_use_certificate_chain_file -SSL,function,114,SSL_CTX_use_certificate_file -SSL,function,115,SSL_CTX_use_psk_identity_hint -SSL,function,280,SSL_SESSION_from_bytes -SSL,function,116,SSL_SESSION_new -SSL,function,281,SSL_SESSION_parse -SSL,function,150,SSL_SESSION_parse_octet_string -SSL,function,151,SSL_SESSION_parse_string -SSL,function,117,SSL_SESSION_print_fp -SSL,function,118,SSL_SESSION_set1_id_context -SSL,function,119,SSL_SESSION_to_bytes_full -SSL,function,120,SSL_accept -SSL,function,121,SSL_add_dir_cert_subjects_to_stack -SSL,function,122,SSL_add_file_cert_subjects_to_stack -SSL,function,123,SSL_check_private_key -SSL,function,124,SSL_clear -SSL,function,125,SSL_connect -SSL,function,126,SSL_do_handshake -SSL,function,127,SSL_load_client_CA_file -SSL,function,128,SSL_new -SSL,function,129,SSL_peek -SSL,function,130,SSL_read -SSL,function,131,SSL_renegotiate -SSL,function,273,SSL_set1_tls_channel_id -SSL,function,132,SSL_set_cipher_list -SSL,function,133,SSL_set_fd -SSL,function,134,SSL_set_rfd -SSL,function,135,SSL_set_session_id_context -SSL,function,274,SSL_set_tlsext_host_name -SSL,function,270,SSL_set_tmp_dh -SSL,function,271,SSL_set_tmp_ecdh -SSL,function,136,SSL_set_wfd -SSL,function,137,SSL_shutdown -SSL,function,138,SSL_use_PrivateKey -SSL,function,139,SSL_use_PrivateKey_ASN1 -SSL,function,140,SSL_use_PrivateKey_file -SSL,function,141,SSL_use_RSAPrivateKey -SSL,function,142,SSL_use_RSAPrivateKey_ASN1 -SSL,function,143,SSL_use_RSAPrivateKey_file -SSL,function,144,SSL_use_certificate -SSL,function,145,SSL_use_certificate_ASN1 -SSL,function,146,SSL_use_certificate_file -SSL,function,147,SSL_use_psk_identity_hint -SSL,function,148,SSL_write -SSL,function,149,d2i_SSL_SESSION -SSL,function,152,do_ssl3_write -SSL,function,153,dtls1_accept -SSL,function,154,dtls1_buffer_record -SSL,function,155,dtls1_check_timeout_num -SSL,function,156,dtls1_connect -SSL,function,157,dtls1_do_write -SSL,function,263,dtls1_get_buffered_message -SSL,function,158,dtls1_get_hello_verify -SSL,function,159,dtls1_get_message -SSL,function,160,dtls1_get_message_fragment -SSL,function,265,dtls1_hm_fragment_new -SSL,function,161,dtls1_preprocess_fragment -SSL,function,264,dtls1_process_fragment -SSL,function,162,dtls1_process_record -SSL,function,163,dtls1_read_bytes -SSL,function,279,dtls1_seal_record -SSL,function,164,dtls1_send_hello_verify_request -SSL,function,165,dtls1_write_app_data -SSL,function,166,i2d_SSL_SESSION -SSL,function,167,ssl3_accept -SSL,function,169,ssl3_cert_verify_hash -SSL,function,170,ssl3_check_cert_and_algorithm -SSL,function,282,ssl3_check_certificate_for_cipher -SSL,function,171,ssl3_connect -SSL,function,172,ssl3_ctrl -SSL,function,173,ssl3_ctx_ctrl -SSL,function,174,ssl3_digest_cached_records -SSL,function,175,ssl3_do_change_cipher_spec -SSL,function,176,ssl3_expect_change_cipher_spec -SSL,function,177,ssl3_get_cert_status -SSL,function,178,ssl3_get_cert_verify -SSL,function,179,ssl3_get_certificate_request -SSL,function,180,ssl3_get_channel_id -SSL,function,181,ssl3_get_client_certificate -SSL,function,182,ssl3_get_client_hello -SSL,function,183,ssl3_get_client_key_exchange -SSL,function,184,ssl3_get_finished -SSL,function,185,ssl3_get_initial_bytes -SSL,function,186,ssl3_get_message -SSL,function,187,ssl3_get_new_session_ticket -SSL,function,188,ssl3_get_next_proto -SSL,function,189,ssl3_get_record -SSL,function,190,ssl3_get_server_certificate -SSL,function,191,ssl3_get_server_done -SSL,function,192,ssl3_get_server_hello -SSL,function,193,ssl3_get_server_key_exchange -SSL,function,194,ssl3_get_v2_client_hello -SSL,function,195,ssl3_handshake_mac -SSL,function,275,ssl3_output_cert_chain -SSL,function,196,ssl3_prf -SSL,function,197,ssl3_read_bytes -SSL,function,198,ssl3_read_n -SSL,function,267,ssl3_record_sequence_update -SSL,function,266,ssl3_seal_record -SSL,function,199,ssl3_send_cert_verify -SSL,function,200,ssl3_send_certificate_request -SSL,function,201,ssl3_send_channel_id -SSL,function,202,ssl3_send_client_certificate -SSL,function,203,ssl3_send_client_hello -SSL,function,204,ssl3_send_client_key_exchange -SSL,function,205,ssl3_send_server_certificate -SSL,function,206,ssl3_send_server_hello -SSL,function,207,ssl3_send_server_key_exchange -SSL,function,208,ssl3_setup_read_buffer -SSL,function,209,ssl3_setup_write_buffer -SSL,function,210,ssl3_write_bytes -SSL,function,211,ssl3_write_pending -SSL,function,212,ssl_add_cert_chain -SSL,function,213,ssl_add_cert_to_buf -SSL,function,214,ssl_add_clienthello_renegotiate_ext -SSL,function,215,ssl_add_clienthello_tlsext -SSL,function,216,ssl_add_clienthello_use_srtp_ext -SSL,function,217,ssl_add_serverhello_renegotiate_ext -SSL,function,218,ssl_add_serverhello_tlsext -SSL,function,219,ssl_add_serverhello_use_srtp_ext -SSL,function,220,ssl_build_cert_chain -SSL,function,221,ssl_bytes_to_cipher_list -SSL,function,222,ssl_cert_dup -SSL,function,223,ssl_cert_inst -SSL,function,224,ssl_cert_new -SSL,function,225,ssl_check_serverhello_tlsext -SSL,function,226,ssl_check_srvr_ecc_cert_and_alg -SSL,function,227,ssl_cipher_process_rulestr -SSL,function,228,ssl_cipher_strength_sort -SSL,function,229,ssl_create_cipher_list -SSL,function,230,ssl_ctx_log_master_secret -SSL,function,231,ssl_ctx_log_rsa_client_key_exchange -SSL,function,232,ssl_ctx_make_profiles -SSL,function,233,ssl_get_new_session -SSL,function,234,ssl_get_prev_session -SSL,function,235,ssl_get_server_cert_index -SSL,function,236,ssl_get_sign_pkey -SSL,function,237,ssl_init_wbio_buffer -SSL,function,238,ssl_parse_clienthello_renegotiate_ext -SSL,function,239,ssl_parse_clienthello_tlsext -SSL,function,240,ssl_parse_clienthello_use_srtp_ext -SSL,function,241,ssl_parse_serverhello_renegotiate_ext -SSL,function,242,ssl_parse_serverhello_tlsext -SSL,function,243,ssl_parse_serverhello_use_srtp_ext -SSL,function,244,ssl_scan_clienthello_tlsext -SSL,function,245,ssl_scan_serverhello_tlsext -SSL,function,246,ssl_sess_cert_new -SSL,function,247,ssl_set_cert -SSL,function,248,ssl_set_pkey -SSL,function,252,ssl_verify_cert_chain -SSL,function,253,tls12_check_peer_sigalg -SSL,function,254,tls1_aead_ctx_init -SSL,function,255,tls1_cert_verify_mac -SSL,function,256,tls1_change_cipher_state -SSL,function,257,tls1_change_cipher_state_aead -SSL,function,258,tls1_check_duplicate_extensions -SSL,function,259,tls1_enc -SSL,function,260,tls1_export_keying_material -SSL,function,261,tls1_prf -SSL,function,262,tls1_setup_key_block -SSL,reason,100,APP_DATA_IN_HANDSHAKE -SSL,reason,101,ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT -SSL,reason,102,BAD_ALERT -SSL,reason,103,BAD_CHANGE_CIPHER_SPEC -SSL,reason,104,BAD_DATA_RETURNED_BY_CALLBACK -SSL,reason,105,BAD_DH_P_LENGTH -SSL,reason,106,BAD_DIGEST_LENGTH -SSL,reason,107,BAD_ECC_CERT -SSL,reason,108,BAD_ECPOINT -SSL,reason,109,BAD_HANDSHAKE_LENGTH -SSL,reason,110,BAD_HANDSHAKE_RECORD -SSL,reason,111,BAD_HELLO_REQUEST -SSL,reason,112,BAD_LENGTH -SSL,reason,113,BAD_PACKET_LENGTH -SSL,reason,114,BAD_RSA_ENCRYPT -SSL,reason,115,BAD_SIGNATURE -SSL,reason,116,BAD_SRTP_MKI_VALUE -SSL,reason,117,BAD_SRTP_PROTECTION_PROFILE_LIST -SSL,reason,118,BAD_SSL_FILETYPE -SSL,reason,119,BAD_WRITE_RETRY -SSL,reason,120,BIO_NOT_SET -SSL,reason,121,BN_LIB -SSL,reason,272,BUFFER_TOO_SMALL -SSL,reason,122,CANNOT_SERIALIZE_PUBLIC_KEY -SSL,reason,123,CA_DN_LENGTH_MISMATCH -SSL,reason,124,CA_DN_TOO_LONG -SSL,reason,125,CCS_RECEIVED_EARLY -SSL,reason,126,CERTIFICATE_VERIFY_FAILED -SSL,reason,127,CERT_CB_ERROR -SSL,reason,128,CERT_LENGTH_MISMATCH -SSL,reason,129,CHANNEL_ID_NOT_P256 -SSL,reason,130,CHANNEL_ID_SIGNATURE_INVALID -SSL,reason,131,CIPHER_CODE_WRONG_LENGTH -SSL,reason,132,CIPHER_OR_HASH_UNAVAILABLE -SSL,reason,133,CLIENTHELLO_PARSE_FAILED -SSL,reason,134,CLIENTHELLO_TLSEXT -SSL,reason,135,CONNECTION_REJECTED -SSL,reason,136,CONNECTION_TYPE_NOT_SET -SSL,reason,137,COOKIE_MISMATCH -SSL,reason,138,D2I_ECDSA_SIG -SSL,reason,139,DATA_BETWEEN_CCS_AND_FINISHED -SSL,reason,140,DATA_LENGTH_TOO_LONG -SSL,reason,141,DECODE_ERROR -SSL,reason,142,DECRYPTION_FAILED -SSL,reason,143,DECRYPTION_FAILED_OR_BAD_RECORD_MAC -SSL,reason,144,DH_PUBLIC_VALUE_LENGTH_IS_WRONG -SSL,reason,145,DIGEST_CHECK_FAILED -SSL,reason,146,DTLS_MESSAGE_TOO_BIG -SSL,reason,147,ECC_CERT_NOT_FOR_SIGNING -SSL,reason,148,EMPTY_SRTP_PROTECTION_PROFILE_LIST -SSL,reason,276,EMS_STATE_INCONSISTENT -SSL,reason,149,ENCRYPTED_LENGTH_TOO_LONG -SSL,reason,150,ERROR_IN_RECEIVED_CIPHER_LIST -SSL,reason,151,EVP_DIGESTSIGNFINAL_FAILED -SSL,reason,152,EVP_DIGESTSIGNINIT_FAILED -SSL,reason,153,EXCESSIVE_MESSAGE_SIZE -SSL,reason,154,EXTRA_DATA_IN_MESSAGE -SSL,reason,271,FRAGMENT_MISMATCH -SSL,reason,155,GOT_A_FIN_BEFORE_A_CCS -SSL,reason,156,GOT_CHANNEL_ID_BEFORE_A_CCS -SSL,reason,157,GOT_NEXT_PROTO_BEFORE_A_CCS -SSL,reason,158,GOT_NEXT_PROTO_WITHOUT_EXTENSION -SSL,reason,159,HANDSHAKE_FAILURE_ON_CLIENT_HELLO -SSL,reason,160,HANDSHAKE_RECORD_BEFORE_CCS -SSL,reason,161,HTTPS_PROXY_REQUEST -SSL,reason,162,HTTP_REQUEST -SSL,reason,163,INAPPROPRIATE_FALLBACK -SSL,reason,164,INVALID_COMMAND -SSL,reason,165,INVALID_MESSAGE -SSL,reason,166,INVALID_SSL_SESSION -SSL,reason,167,INVALID_TICKET_KEYS_LENGTH -SSL,reason,168,LENGTH_MISMATCH -SSL,reason,169,LIBRARY_HAS_NO_CIPHERS -SSL,reason,170,MISSING_DH_KEY -SSL,reason,171,MISSING_ECDSA_SIGNING_CERT -SSL,reason,172,MISSING_RSA_CERTIFICATE -SSL,reason,173,MISSING_RSA_ENCRYPTING_CERT -SSL,reason,174,MISSING_RSA_SIGNING_CERT -SSL,reason,175,MISSING_TMP_DH_KEY -SSL,reason,176,MISSING_TMP_ECDH_KEY -SSL,reason,177,MIXED_SPECIAL_OPERATOR_WITH_GROUPS -SSL,reason,178,MTU_TOO_SMALL -SSL,reason,179,NESTED_GROUP -SSL,reason,180,NO_CERTIFICATES_RETURNED -SSL,reason,181,NO_CERTIFICATE_ASSIGNED -SSL,reason,182,NO_CERTIFICATE_SET -SSL,reason,183,NO_CIPHERS_AVAILABLE -SSL,reason,184,NO_CIPHERS_PASSED -SSL,reason,185,NO_CIPHERS_SPECIFIED -SSL,reason,186,NO_CIPHER_MATCH -SSL,reason,187,NO_COMPRESSION_SPECIFIED -SSL,reason,188,NO_METHOD_SPECIFIED -SSL,reason,189,NO_P256_SUPPORT -SSL,reason,190,NO_PRIVATE_KEY_ASSIGNED -SSL,reason,191,NO_RENEGOTIATION -SSL,reason,192,NO_REQUIRED_DIGEST -SSL,reason,193,NO_SHARED_CIPHER -SSL,reason,194,NO_SHARED_SIGATURE_ALGORITHMS -SSL,reason,195,NO_SRTP_PROFILES -SSL,reason,196,NULL_SSL_CTX -SSL,reason,197,NULL_SSL_METHOD_PASSED -SSL,reason,198,OLD_SESSION_CIPHER_NOT_RETURNED -SSL,reason,273,OLD_SESSION_VERSION_NOT_RETURNED -SSL,reason,274,OUTPUT_ALIASES_INPUT -SSL,reason,199,PACKET_LENGTH_TOO_LONG -SSL,reason,200,PARSE_TLSEXT -SSL,reason,201,PATH_TOO_LONG -SSL,reason,202,PEER_DID_NOT_RETURN_A_CERTIFICATE -SSL,reason,203,PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE -SSL,reason,204,PROTOCOL_IS_SHUTDOWN -SSL,reason,205,PSK_IDENTITY_NOT_FOUND -SSL,reason,206,PSK_NO_CLIENT_CB -SSL,reason,207,PSK_NO_SERVER_CB -SSL,reason,208,READ_BIO_NOT_SET -SSL,reason,209,READ_TIMEOUT_EXPIRED -SSL,reason,210,RECORD_LENGTH_MISMATCH -SSL,reason,211,RECORD_TOO_LARGE -SSL,reason,212,RENEGOTIATE_EXT_TOO_LONG -SSL,reason,213,RENEGOTIATION_ENCODING_ERR -SSL,reason,214,RENEGOTIATION_MISMATCH -SSL,reason,215,REQUIRED_CIPHER_MISSING -SSL,reason,275,RESUMED_EMS_SESSION_WITHOUT_EMS_EXTENSION -SSL,reason,277,RESUMED_NON_EMS_SESSION_WITH_EMS_EXTENSION -SSL,reason,216,SCSV_RECEIVED_WHEN_RENEGOTIATING -SSL,reason,217,SERVERHELLO_TLSEXT -SSL,reason,218,SESSION_ID_CONTEXT_UNINITIALIZED -SSL,reason,219,SESSION_MAY_NOT_BE_CREATED -SSL,reason,220,SIGNATURE_ALGORITHMS_ERROR -SSL,reason,221,SRTP_COULD_NOT_ALLOCATE_PROFILES -SSL,reason,222,SRTP_PROTECTION_PROFILE_LIST_TOO_LONG -SSL,reason,223,SRTP_UNKNOWN_PROTECTION_PROFILE -SSL,reason,224,SSL3_EXT_INVALID_SERVERNAME -SSL,reason,225,SSL3_EXT_INVALID_SERVERNAME_TYPE -SSL,reason,1042,SSLV3_ALERT_BAD_CERTIFICATE -SSL,reason,1020,SSLV3_ALERT_BAD_RECORD_MAC -SSL,reason,1045,SSLV3_ALERT_CERTIFICATE_EXPIRED -SSL,reason,1044,SSLV3_ALERT_CERTIFICATE_REVOKED -SSL,reason,1046,SSLV3_ALERT_CERTIFICATE_UNKNOWN -SSL,reason,1000,SSLV3_ALERT_CLOSE_NOTIFY -SSL,reason,1030,SSLV3_ALERT_DECOMPRESSION_FAILURE -SSL,reason,1040,SSLV3_ALERT_HANDSHAKE_FAILURE -SSL,reason,1047,SSLV3_ALERT_ILLEGAL_PARAMETER -SSL,reason,1041,SSLV3_ALERT_NO_CERTIFICATE -SSL,reason,1010,SSLV3_ALERT_UNEXPECTED_MESSAGE -SSL,reason,1043,SSLV3_ALERT_UNSUPPORTED_CERTIFICATE -SSL,reason,226,SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION -SSL,reason,227,SSL_HANDSHAKE_FAILURE -SSL,reason,228,SSL_SESSION_ID_CALLBACK_FAILED -SSL,reason,229,SSL_SESSION_ID_CONFLICT -SSL,reason,230,SSL_SESSION_ID_CONTEXT_TOO_LONG -SSL,reason,231,SSL_SESSION_ID_HAS_BAD_LENGTH -SSL,reason,1049,TLSV1_ALERT_ACCESS_DENIED -SSL,reason,1050,TLSV1_ALERT_DECODE_ERROR -SSL,reason,1021,TLSV1_ALERT_DECRYPTION_FAILED -SSL,reason,1051,TLSV1_ALERT_DECRYPT_ERROR -SSL,reason,1060,TLSV1_ALERT_EXPORT_RESTRICTION -SSL,reason,1086,TLSV1_ALERT_INAPPROPRIATE_FALLBACK -SSL,reason,1071,TLSV1_ALERT_INSUFFICIENT_SECURITY -SSL,reason,1080,TLSV1_ALERT_INTERNAL_ERROR -SSL,reason,1100,TLSV1_ALERT_NO_RENEGOTIATION -SSL,reason,1070,TLSV1_ALERT_PROTOCOL_VERSION -SSL,reason,1022,TLSV1_ALERT_RECORD_OVERFLOW -SSL,reason,1048,TLSV1_ALERT_UNKNOWN_CA -SSL,reason,1090,TLSV1_ALERT_USER_CANCELLED -SSL,reason,1114,TLSV1_BAD_CERTIFICATE_HASH_VALUE -SSL,reason,1113,TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE -SSL,reason,1111,TLSV1_CERTIFICATE_UNOBTAINABLE -SSL,reason,1112,TLSV1_UNRECOGNIZED_NAME -SSL,reason,1110,TLSV1_UNSUPPORTED_EXTENSION -SSL,reason,232,TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER -SSL,reason,233,TLS_ILLEGAL_EXPORTER_LABEL -SSL,reason,234,TLS_INVALID_ECPOINTFORMAT_LIST -SSL,reason,235,TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST -SSL,reason,236,TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG -SSL,reason,237,TOO_MANY_EMPTY_FRAGMENTS -SSL,reason,238,UNABLE_TO_FIND_ECDH_PARAMETERS -SSL,reason,239,UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS -SSL,reason,240,UNEXPECTED_GROUP_CLOSE -SSL,reason,241,UNEXPECTED_MESSAGE -SSL,reason,242,UNEXPECTED_OPERATOR_IN_GROUP -SSL,reason,243,UNEXPECTED_RECORD -SSL,reason,244,UNINITIALIZED -SSL,reason,245,UNKNOWN_ALERT_TYPE -SSL,reason,246,UNKNOWN_CERTIFICATE_TYPE -SSL,reason,247,UNKNOWN_CIPHER_RETURNED -SSL,reason,248,UNKNOWN_CIPHER_TYPE -SSL,reason,249,UNKNOWN_DIGEST -SSL,reason,250,UNKNOWN_KEY_EXCHANGE_TYPE -SSL,reason,251,UNKNOWN_PROTOCOL -SSL,reason,252,UNKNOWN_SSL_VERSION -SSL,reason,253,UNKNOWN_STATE -SSL,reason,254,UNPROCESSED_HANDSHAKE_DATA -SSL,reason,255,UNSAFE_LEGACY_RENEGOTIATION_DISABLED -SSL,reason,256,UNSUPPORTED_CIPHER -SSL,reason,257,UNSUPPORTED_COMPRESSION_ALGORITHM -SSL,reason,258,UNSUPPORTED_ELLIPTIC_CURVE -SSL,reason,259,UNSUPPORTED_PROTOCOL -SSL,reason,260,UNSUPPORTED_SSL_VERSION -SSL,reason,261,USE_SRTP_NOT_NEGOTIATED -SSL,reason,262,WRONG_CERTIFICATE_TYPE -SSL,reason,263,WRONG_CIPHER_RETURNED -SSL,reason,264,WRONG_CURVE -SSL,reason,265,WRONG_MESSAGE_TYPE -SSL,reason,266,WRONG_SIGNATURE_TYPE -SSL,reason,267,WRONG_SSL_VERSION -SSL,reason,268,WRONG_VERSION_NUMBER -SSL,reason,269,X509_LIB -SSL,reason,270,X509_VERIFICATION_SETUP_PROBLEMS +SSL,100,APP_DATA_IN_HANDSHAKE +SSL,101,ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT +SSL,102,BAD_ALERT +SSL,103,BAD_CHANGE_CIPHER_SPEC +SSL,104,BAD_DATA_RETURNED_BY_CALLBACK +SSL,105,BAD_DH_P_LENGTH +SSL,106,BAD_DIGEST_LENGTH +SSL,107,BAD_ECC_CERT +SSL,108,BAD_ECPOINT +SSL,109,BAD_HANDSHAKE_LENGTH +SSL,110,BAD_HANDSHAKE_RECORD +SSL,111,BAD_HELLO_REQUEST +SSL,112,BAD_LENGTH +SSL,113,BAD_PACKET_LENGTH +SSL,114,BAD_RSA_ENCRYPT +SSL,115,BAD_SIGNATURE +SSL,116,BAD_SRTP_MKI_VALUE +SSL,117,BAD_SRTP_PROTECTION_PROFILE_LIST +SSL,118,BAD_SSL_FILETYPE +SSL,119,BAD_WRITE_RETRY +SSL,120,BIO_NOT_SET +SSL,121,BN_LIB +SSL,272,BUFFER_TOO_SMALL +SSL,122,CANNOT_SERIALIZE_PUBLIC_KEY +SSL,123,CA_DN_LENGTH_MISMATCH +SSL,124,CA_DN_TOO_LONG +SSL,125,CCS_RECEIVED_EARLY +SSL,126,CERTIFICATE_VERIFY_FAILED +SSL,127,CERT_CB_ERROR +SSL,128,CERT_LENGTH_MISMATCH +SSL,129,CHANNEL_ID_NOT_P256 +SSL,130,CHANNEL_ID_SIGNATURE_INVALID +SSL,131,CIPHER_CODE_WRONG_LENGTH +SSL,132,CIPHER_OR_HASH_UNAVAILABLE +SSL,133,CLIENTHELLO_PARSE_FAILED +SSL,134,CLIENTHELLO_TLSEXT +SSL,135,CONNECTION_REJECTED +SSL,136,CONNECTION_TYPE_NOT_SET +SSL,137,COOKIE_MISMATCH +SSL,284,CUSTOM_EXTENSION_CONTENTS_TOO_LARGE +SSL,285,CUSTOM_EXTENSION_ERROR +SSL,138,D2I_ECDSA_SIG +SSL,139,DATA_BETWEEN_CCS_AND_FINISHED +SSL,140,DATA_LENGTH_TOO_LONG +SSL,141,DECODE_ERROR +SSL,142,DECRYPTION_FAILED +SSL,143,DECRYPTION_FAILED_OR_BAD_RECORD_MAC +SSL,144,DH_PUBLIC_VALUE_LENGTH_IS_WRONG +SSL,145,DIGEST_CHECK_FAILED +SSL,146,DTLS_MESSAGE_TOO_BIG +SSL,147,ECC_CERT_NOT_FOR_SIGNING +SSL,148,EMPTY_SRTP_PROTECTION_PROFILE_LIST +SSL,276,EMS_STATE_INCONSISTENT +SSL,149,ENCRYPTED_LENGTH_TOO_LONG +SSL,281,ERROR_ADDING_EXTENSION +SSL,150,ERROR_IN_RECEIVED_CIPHER_LIST +SSL,282,ERROR_PARSING_EXTENSION +SSL,151,EVP_DIGESTSIGNFINAL_FAILED +SSL,152,EVP_DIGESTSIGNINIT_FAILED +SSL,153,EXCESSIVE_MESSAGE_SIZE +SSL,154,EXTRA_DATA_IN_MESSAGE +SSL,271,FRAGMENT_MISMATCH +SSL,155,GOT_A_FIN_BEFORE_A_CCS +SSL,156,GOT_CHANNEL_ID_BEFORE_A_CCS +SSL,157,GOT_NEXT_PROTO_BEFORE_A_CCS +SSL,158,GOT_NEXT_PROTO_WITHOUT_EXTENSION +SSL,159,HANDSHAKE_FAILURE_ON_CLIENT_HELLO +SSL,160,HANDSHAKE_RECORD_BEFORE_CCS +SSL,161,HTTPS_PROXY_REQUEST +SSL,162,HTTP_REQUEST +SSL,163,INAPPROPRIATE_FALLBACK +SSL,164,INVALID_COMMAND +SSL,165,INVALID_MESSAGE +SSL,166,INVALID_SSL_SESSION +SSL,167,INVALID_TICKET_KEYS_LENGTH +SSL,168,LENGTH_MISMATCH +SSL,169,LIBRARY_HAS_NO_CIPHERS +SSL,170,MISSING_DH_KEY +SSL,171,MISSING_ECDSA_SIGNING_CERT +SSL,283,MISSING_EXTENSION +SSL,172,MISSING_RSA_CERTIFICATE +SSL,173,MISSING_RSA_ENCRYPTING_CERT +SSL,174,MISSING_RSA_SIGNING_CERT +SSL,175,MISSING_TMP_DH_KEY +SSL,176,MISSING_TMP_ECDH_KEY +SSL,177,MIXED_SPECIAL_OPERATOR_WITH_GROUPS +SSL,178,MTU_TOO_SMALL +SSL,286,NEGOTIATED_BOTH_NPN_AND_ALPN +SSL,179,NESTED_GROUP +SSL,180,NO_CERTIFICATES_RETURNED +SSL,181,NO_CERTIFICATE_ASSIGNED +SSL,182,NO_CERTIFICATE_SET +SSL,183,NO_CIPHERS_AVAILABLE +SSL,184,NO_CIPHERS_PASSED +SSL,185,NO_CIPHERS_SPECIFIED +SSL,186,NO_CIPHER_MATCH +SSL,187,NO_COMPRESSION_SPECIFIED +SSL,188,NO_METHOD_SPECIFIED +SSL,189,NO_P256_SUPPORT +SSL,190,NO_PRIVATE_KEY_ASSIGNED +SSL,191,NO_RENEGOTIATION +SSL,192,NO_REQUIRED_DIGEST +SSL,193,NO_SHARED_CIPHER +SSL,194,NO_SHARED_SIGATURE_ALGORITHMS +SSL,195,NO_SRTP_PROFILES +SSL,196,NULL_SSL_CTX +SSL,197,NULL_SSL_METHOD_PASSED +SSL,198,OLD_SESSION_CIPHER_NOT_RETURNED +SSL,273,OLD_SESSION_VERSION_NOT_RETURNED +SSL,274,OUTPUT_ALIASES_INPUT +SSL,199,PACKET_LENGTH_TOO_LONG +SSL,200,PARSE_TLSEXT +SSL,201,PATH_TOO_LONG +SSL,202,PEER_DID_NOT_RETURN_A_CERTIFICATE +SSL,203,PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE +SSL,204,PROTOCOL_IS_SHUTDOWN +SSL,205,PSK_IDENTITY_NOT_FOUND +SSL,206,PSK_NO_CLIENT_CB +SSL,207,PSK_NO_SERVER_CB +SSL,208,READ_BIO_NOT_SET +SSL,209,READ_TIMEOUT_EXPIRED +SSL,210,RECORD_LENGTH_MISMATCH +SSL,211,RECORD_TOO_LARGE +SSL,212,RENEGOTIATE_EXT_TOO_LONG +SSL,213,RENEGOTIATION_ENCODING_ERR +SSL,214,RENEGOTIATION_MISMATCH +SSL,215,REQUIRED_CIPHER_MISSING +SSL,275,RESUMED_EMS_SESSION_WITHOUT_EMS_EXTENSION +SSL,277,RESUMED_NON_EMS_SESSION_WITH_EMS_EXTENSION +SSL,216,SCSV_RECEIVED_WHEN_RENEGOTIATING +SSL,217,SERVERHELLO_TLSEXT +SSL,218,SESSION_ID_CONTEXT_UNINITIALIZED +SSL,219,SESSION_MAY_NOT_BE_CREATED +SSL,220,SIGNATURE_ALGORITHMS_ERROR +SSL,280,SIGNATURE_ALGORITHMS_EXTENSION_SENT_BY_SERVER +SSL,221,SRTP_COULD_NOT_ALLOCATE_PROFILES +SSL,222,SRTP_PROTECTION_PROFILE_LIST_TOO_LONG +SSL,223,SRTP_UNKNOWN_PROTECTION_PROFILE +SSL,224,SSL3_EXT_INVALID_SERVERNAME +SSL,225,SSL3_EXT_INVALID_SERVERNAME_TYPE +SSL,1042,SSLV3_ALERT_BAD_CERTIFICATE +SSL,1020,SSLV3_ALERT_BAD_RECORD_MAC +SSL,1045,SSLV3_ALERT_CERTIFICATE_EXPIRED +SSL,1044,SSLV3_ALERT_CERTIFICATE_REVOKED +SSL,1046,SSLV3_ALERT_CERTIFICATE_UNKNOWN +SSL,1000,SSLV3_ALERT_CLOSE_NOTIFY +SSL,1030,SSLV3_ALERT_DECOMPRESSION_FAILURE +SSL,1040,SSLV3_ALERT_HANDSHAKE_FAILURE +SSL,1047,SSLV3_ALERT_ILLEGAL_PARAMETER +SSL,1041,SSLV3_ALERT_NO_CERTIFICATE +SSL,1010,SSLV3_ALERT_UNEXPECTED_MESSAGE +SSL,1043,SSLV3_ALERT_UNSUPPORTED_CERTIFICATE +SSL,226,SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION +SSL,227,SSL_HANDSHAKE_FAILURE +SSL,228,SSL_SESSION_ID_CALLBACK_FAILED +SSL,229,SSL_SESSION_ID_CONFLICT +SSL,230,SSL_SESSION_ID_CONTEXT_TOO_LONG +SSL,231,SSL_SESSION_ID_HAS_BAD_LENGTH +SSL,1049,TLSV1_ALERT_ACCESS_DENIED +SSL,1050,TLSV1_ALERT_DECODE_ERROR +SSL,1021,TLSV1_ALERT_DECRYPTION_FAILED +SSL,1051,TLSV1_ALERT_DECRYPT_ERROR +SSL,1060,TLSV1_ALERT_EXPORT_RESTRICTION +SSL,1086,TLSV1_ALERT_INAPPROPRIATE_FALLBACK +SSL,1071,TLSV1_ALERT_INSUFFICIENT_SECURITY +SSL,1080,TLSV1_ALERT_INTERNAL_ERROR +SSL,1100,TLSV1_ALERT_NO_RENEGOTIATION +SSL,1070,TLSV1_ALERT_PROTOCOL_VERSION +SSL,1022,TLSV1_ALERT_RECORD_OVERFLOW +SSL,1048,TLSV1_ALERT_UNKNOWN_CA +SSL,1090,TLSV1_ALERT_USER_CANCELLED +SSL,1114,TLSV1_BAD_CERTIFICATE_HASH_VALUE +SSL,1113,TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE +SSL,1111,TLSV1_CERTIFICATE_UNOBTAINABLE +SSL,1112,TLSV1_UNRECOGNIZED_NAME +SSL,1110,TLSV1_UNSUPPORTED_EXTENSION +SSL,232,TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER +SSL,233,TLS_ILLEGAL_EXPORTER_LABEL +SSL,234,TLS_INVALID_ECPOINTFORMAT_LIST +SSL,235,TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST +SSL,236,TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG +SSL,237,TOO_MANY_EMPTY_FRAGMENTS +SSL,278,TOO_MANY_WARNING_ALERTS +SSL,238,UNABLE_TO_FIND_ECDH_PARAMETERS +SSL,239,UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS +SSL,279,UNEXPECTED_EXTENSION +SSL,240,UNEXPECTED_GROUP_CLOSE +SSL,241,UNEXPECTED_MESSAGE +SSL,242,UNEXPECTED_OPERATOR_IN_GROUP +SSL,243,UNEXPECTED_RECORD +SSL,244,UNINITIALIZED +SSL,245,UNKNOWN_ALERT_TYPE +SSL,246,UNKNOWN_CERTIFICATE_TYPE +SSL,247,UNKNOWN_CIPHER_RETURNED +SSL,248,UNKNOWN_CIPHER_TYPE +SSL,249,UNKNOWN_DIGEST +SSL,250,UNKNOWN_KEY_EXCHANGE_TYPE +SSL,251,UNKNOWN_PROTOCOL +SSL,252,UNKNOWN_SSL_VERSION +SSL,253,UNKNOWN_STATE +SSL,254,UNPROCESSED_HANDSHAKE_DATA +SSL,255,UNSAFE_LEGACY_RENEGOTIATION_DISABLED +SSL,256,UNSUPPORTED_CIPHER +SSL,257,UNSUPPORTED_COMPRESSION_ALGORITHM +SSL,258,UNSUPPORTED_ELLIPTIC_CURVE +SSL,259,UNSUPPORTED_PROTOCOL +SSL,260,UNSUPPORTED_SSL_VERSION +SSL,261,USE_SRTP_NOT_NEGOTIATED +SSL,262,WRONG_CERTIFICATE_TYPE +SSL,263,WRONG_CIPHER_RETURNED +SSL,264,WRONG_CURVE +SSL,265,WRONG_MESSAGE_TYPE +SSL,266,WRONG_SIGNATURE_TYPE +SSL,267,WRONG_SSL_VERSION +SSL,268,WRONG_VERSION_NUMBER +SSL,269,X509_LIB +SSL,270,X509_VERIFICATION_SETUP_PROBLEMS diff --git a/src/crypto/err/x509.errordata b/src/crypto/err/x509.errordata index 1b50e36..f4828ce 100644 --- a/src/crypto/err/x509.errordata +++ b/src/crypto/err/x509.errordata @@ -1,96 +1,37 @@ -X509,function,100,ASN1_digest -X509,function,101,ASN1_item_sign_ctx -X509,function,102,ASN1_item_verify -X509,function,103,NETSCAPE_SPKI_b64_decode -X509,function,104,NETSCAPE_SPKI_b64_encode -X509,function,158,PKCS7_get_CRLs -X509,function,105,PKCS7_get_certificates -X509,function,106,X509_ATTRIBUTE_create_by_NID -X509,function,107,X509_ATTRIBUTE_create_by_OBJ -X509,function,108,X509_ATTRIBUTE_create_by_txt -X509,function,109,X509_ATTRIBUTE_get0_data -X509,function,110,X509_ATTRIBUTE_set1_data -X509,function,111,X509_CRL_add0_revoked -X509,function,112,X509_CRL_diff -X509,function,113,X509_CRL_print_fp -X509,function,114,X509_EXTENSION_create_by_NID -X509,function,115,X509_EXTENSION_create_by_OBJ -X509,function,116,X509_INFO_new -X509,function,117,X509_NAME_ENTRY_create_by_NID -X509,function,118,X509_NAME_ENTRY_create_by_txt -X509,function,119,X509_NAME_ENTRY_set_object -X509,function,120,X509_NAME_add_entry -X509,function,121,X509_NAME_oneline -X509,function,122,X509_NAME_print -X509,function,123,X509_PKEY_new -X509,function,124,X509_PUBKEY_get -X509,function,125,X509_PUBKEY_set -X509,function,126,X509_REQ_check_private_key -X509,function,127,X509_REQ_to_X509 -X509,function,128,X509_STORE_CTX_get1_issuer -X509,function,129,X509_STORE_CTX_init -X509,function,130,X509_STORE_CTX_new -X509,function,131,X509_STORE_CTX_purpose_inherit -X509,function,132,X509_STORE_add_cert -X509,function,133,X509_STORE_add_crl -X509,function,134,X509_TRUST_add -X509,function,135,X509_TRUST_set -X509,function,136,X509_check_private_key -X509,function,137,X509_get_pubkey_parameters -X509,function,138,X509_load_cert_crl_file -X509,function,139,X509_load_cert_file -X509,function,140,X509_load_crl_file -X509,function,141,X509_print_ex_fp -X509,function,142,X509_to_X509_REQ -X509,function,143,X509_verify_cert -X509,function,144,X509at_add1_attr -X509,function,145,X509v3_add_ext -X509,function,146,add_cert_dir -X509,function,147,by_file_ctrl -X509,function,148,check_policy -X509,function,149,dir_ctrl -X509,function,150,get_cert_by_subject -X509,function,151,i2d_DSA_PUBKEY -X509,function,152,i2d_EC_PUBKEY -X509,function,153,i2d_RSA_PUBKEY -X509,function,157,pkcs7_parse_header -X509,function,154,x509_name_encode -X509,function,155,x509_name_ex_d2i -X509,function,156,x509_name_ex_new -X509,reason,100,AKID_MISMATCH -X509,reason,101,BAD_PKCS7_VERSION -X509,reason,102,BAD_X509_FILETYPE -X509,reason,103,BASE64_DECODE_ERROR -X509,reason,104,CANT_CHECK_DH_KEY -X509,reason,105,CERT_ALREADY_IN_HASH_TABLE -X509,reason,106,CRL_ALREADY_DELTA -X509,reason,107,CRL_VERIFY_FAILURE -X509,reason,108,IDP_MISMATCH -X509,reason,109,INVALID_BIT_STRING_BITS_LEFT -X509,reason,110,INVALID_DIRECTORY -X509,reason,111,INVALID_FIELD_NAME -X509,reason,112,INVALID_TRUST -X509,reason,113,ISSUER_MISMATCH -X509,reason,114,KEY_TYPE_MISMATCH -X509,reason,115,KEY_VALUES_MISMATCH -X509,reason,116,LOADING_CERT_DIR -X509,reason,117,LOADING_DEFAULTS -X509,reason,118,METHOD_NOT_SUPPORTED -X509,reason,119,NEWER_CRL_NOT_NEWER -X509,reason,120,NOT_PKCS7_SIGNED_DATA -X509,reason,121,NO_CERTIFICATES_INCLUDED -X509,reason,122,NO_CERT_SET_FOR_US_TO_VERIFY -X509,reason,136,NO_CRLS_INCLUDED -X509,reason,123,NO_CRL_NUMBER -X509,reason,124,PUBLIC_KEY_DECODE_ERROR -X509,reason,125,PUBLIC_KEY_ENCODE_ERROR -X509,reason,126,SHOULD_RETRY -X509,reason,127,UNABLE_TO_FIND_PARAMETERS_IN_CHAIN -X509,reason,128,UNABLE_TO_GET_CERTS_PUBLIC_KEY -X509,reason,129,UNKNOWN_KEY_TYPE -X509,reason,130,UNKNOWN_NID -X509,reason,131,UNKNOWN_PURPOSE_ID -X509,reason,132,UNKNOWN_TRUST_ID -X509,reason,133,UNSUPPORTED_ALGORITHM -X509,reason,134,WRONG_LOOKUP_TYPE -X509,reason,135,WRONG_TYPE +X509,100,AKID_MISMATCH +X509,101,BAD_PKCS7_VERSION +X509,102,BAD_X509_FILETYPE +X509,103,BASE64_DECODE_ERROR +X509,104,CANT_CHECK_DH_KEY +X509,105,CERT_ALREADY_IN_HASH_TABLE +X509,106,CRL_ALREADY_DELTA +X509,107,CRL_VERIFY_FAILURE +X509,108,IDP_MISMATCH +X509,109,INVALID_BIT_STRING_BITS_LEFT +X509,110,INVALID_DIRECTORY +X509,111,INVALID_FIELD_NAME +X509,112,INVALID_TRUST +X509,113,ISSUER_MISMATCH +X509,114,KEY_TYPE_MISMATCH +X509,115,KEY_VALUES_MISMATCH +X509,116,LOADING_CERT_DIR +X509,117,LOADING_DEFAULTS +X509,118,METHOD_NOT_SUPPORTED +X509,119,NEWER_CRL_NOT_NEWER +X509,120,NOT_PKCS7_SIGNED_DATA +X509,121,NO_CERTIFICATES_INCLUDED +X509,122,NO_CERT_SET_FOR_US_TO_VERIFY +X509,136,NO_CRLS_INCLUDED +X509,123,NO_CRL_NUMBER +X509,124,PUBLIC_KEY_DECODE_ERROR +X509,125,PUBLIC_KEY_ENCODE_ERROR +X509,126,SHOULD_RETRY +X509,127,UNABLE_TO_FIND_PARAMETERS_IN_CHAIN +X509,128,UNABLE_TO_GET_CERTS_PUBLIC_KEY +X509,129,UNKNOWN_KEY_TYPE +X509,130,UNKNOWN_NID +X509,131,UNKNOWN_PURPOSE_ID +X509,132,UNKNOWN_TRUST_ID +X509,133,UNSUPPORTED_ALGORITHM +X509,134,WRONG_LOOKUP_TYPE +X509,135,WRONG_TYPE diff --git a/src/crypto/err/x509v3.errordata b/src/crypto/err/x509v3.errordata index 059e677..e53b780 100644 --- a/src/crypto/err/x509v3.errordata +++ b/src/crypto/err/x509v3.errordata @@ -1,120 +1,63 @@ -X509V3,function,100,SXNET_add_id_INTEGER -X509V3,function,101,SXNET_add_id_asc -X509V3,function,102,SXNET_add_id_ulong -X509V3,function,103,SXNET_get_id_asc -X509V3,function,104,SXNET_get_id_ulong -X509V3,function,105,X509V3_EXT_add -X509V3,function,106,X509V3_EXT_add_alias -X509V3,function,107,X509V3_EXT_free -X509V3,function,108,X509V3_EXT_i2d -X509V3,function,109,X509V3_EXT_nconf -X509V3,function,110,X509V3_add1_i2d -X509V3,function,111,X509V3_add_value -X509V3,function,112,X509V3_get_section -X509V3,function,113,X509V3_get_string -X509V3,function,114,X509V3_get_value_bool -X509V3,function,115,X509V3_parse_list -X509V3,function,116,X509_PURPOSE_add -X509V3,function,117,X509_PURPOSE_set -X509V3,function,118,a2i_GENERAL_NAME -X509V3,function,119,copy_email -X509V3,function,120,copy_issuer -X509V3,function,121,do_dirname -X509V3,function,122,do_ext_i2d -X509V3,function,123,do_ext_nconf -X509V3,function,124,gnames_from_sectname -X509V3,function,125,hex_to_string -X509V3,function,126,i2s_ASN1_ENUMERATED -X509V3,function,127,i2s_ASN1_IA5STRING -X509V3,function,128,i2s_ASN1_INTEGER -X509V3,function,129,i2v_AUTHORITY_INFO_ACCESS -X509V3,function,130,notice_section -X509V3,function,131,nref_nos -X509V3,function,132,policy_section -X509V3,function,133,process_pci_value -X509V3,function,134,r2i_certpol -X509V3,function,135,r2i_pci -X509V3,function,136,s2i_ASN1_IA5STRING -X509V3,function,137,s2i_ASN1_INTEGER -X509V3,function,138,s2i_ASN1_OCTET_STRING -X509V3,function,139,s2i_skey_id -X509V3,function,140,set_dist_point_name -X509V3,function,141,string_to_hex -X509V3,function,142,v2i_ASN1_BIT_STRING -X509V3,function,143,v2i_AUTHORITY_INFO_ACCESS -X509V3,function,144,v2i_AUTHORITY_KEYID -X509V3,function,145,v2i_BASIC_CONSTRAINTS -X509V3,function,146,v2i_EXTENDED_KEY_USAGE -X509V3,function,147,v2i_GENERAL_NAMES -X509V3,function,148,v2i_GENERAL_NAME_ex -X509V3,function,149,v2i_NAME_CONSTRAINTS -X509V3,function,150,v2i_POLICY_CONSTRAINTS -X509V3,function,151,v2i_POLICY_MAPPINGS -X509V3,function,152,v2i_crld -X509V3,function,153,v2i_idp -X509V3,function,154,v2i_issuer_alt -X509V3,function,155,v2i_subject_alt -X509V3,function,156,v3_generic_extension -X509V3,reason,100,BAD_IP_ADDRESS -X509V3,reason,101,BAD_OBJECT -X509V3,reason,102,BN_DEC2BN_ERROR -X509V3,reason,103,BN_TO_ASN1_INTEGER_ERROR -X509V3,reason,104,CANNOT_FIND_FREE_FUNCTION -X509V3,reason,105,DIRNAME_ERROR -X509V3,reason,106,DISTPOINT_ALREADY_SET -X509V3,reason,107,DUPLICATE_ZONE_ID -X509V3,reason,108,ERROR_CONVERTING_ZONE -X509V3,reason,109,ERROR_CREATING_EXTENSION -X509V3,reason,110,ERROR_IN_EXTENSION -X509V3,reason,111,EXPECTED_A_SECTION_NAME -X509V3,reason,112,EXTENSION_EXISTS -X509V3,reason,113,EXTENSION_NAME_ERROR -X509V3,reason,114,EXTENSION_NOT_FOUND -X509V3,reason,115,EXTENSION_SETTING_NOT_SUPPORTED -X509V3,reason,116,EXTENSION_VALUE_ERROR -X509V3,reason,117,ILLEGAL_EMPTY_EXTENSION -X509V3,reason,118,ILLEGAL_HEX_DIGIT -X509V3,reason,119,INCORRECT_POLICY_SYNTAX_TAG -X509V3,reason,120,INVALID_BOOLEAN_STRING -X509V3,reason,121,INVALID_EXTENSION_STRING -X509V3,reason,122,INVALID_MULTIPLE_RDNS -X509V3,reason,123,INVALID_NAME -X509V3,reason,124,INVALID_NULL_ARGUMENT -X509V3,reason,125,INVALID_NULL_NAME -X509V3,reason,126,INVALID_NULL_VALUE -X509V3,reason,127,INVALID_NUMBER -X509V3,reason,128,INVALID_NUMBERS -X509V3,reason,129,INVALID_OBJECT_IDENTIFIER -X509V3,reason,130,INVALID_OPTION -X509V3,reason,131,INVALID_POLICY_IDENTIFIER -X509V3,reason,132,INVALID_PROXY_POLICY_SETTING -X509V3,reason,133,INVALID_PURPOSE -X509V3,reason,134,INVALID_SECTION -X509V3,reason,135,INVALID_SYNTAX -X509V3,reason,136,ISSUER_DECODE_ERROR -X509V3,reason,137,MISSING_VALUE -X509V3,reason,138,NEED_ORGANIZATION_AND_NUMBERS -X509V3,reason,139,NO_CONFIG_DATABASE -X509V3,reason,140,NO_ISSUER_CERTIFICATE -X509V3,reason,141,NO_ISSUER_DETAILS -X509V3,reason,142,NO_POLICY_IDENTIFIER -X509V3,reason,143,NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED -X509V3,reason,144,NO_PUBLIC_KEY -X509V3,reason,145,NO_SUBJECT_DETAILS -X509V3,reason,146,ODD_NUMBER_OF_DIGITS -X509V3,reason,147,OPERATION_NOT_DEFINED -X509V3,reason,148,OTHERNAME_ERROR -X509V3,reason,149,POLICY_LANGUAGE_ALREADY_DEFINED -X509V3,reason,150,POLICY_PATH_LENGTH -X509V3,reason,151,POLICY_PATH_LENGTH_ALREADY_DEFINED -X509V3,reason,152,POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY -X509V3,reason,153,SECTION_NOT_FOUND -X509V3,reason,154,UNABLE_TO_GET_ISSUER_DETAILS -X509V3,reason,155,UNABLE_TO_GET_ISSUER_KEYID -X509V3,reason,156,UNKNOWN_BIT_STRING_ARGUMENT -X509V3,reason,157,UNKNOWN_EXTENSION -X509V3,reason,158,UNKNOWN_EXTENSION_NAME -X509V3,reason,159,UNKNOWN_OPTION -X509V3,reason,160,UNSUPPORTED_OPTION -X509V3,reason,161,UNSUPPORTED_TYPE -X509V3,reason,162,USER_TOO_LONG +X509V3,100,BAD_IP_ADDRESS +X509V3,101,BAD_OBJECT +X509V3,102,BN_DEC2BN_ERROR +X509V3,103,BN_TO_ASN1_INTEGER_ERROR +X509V3,104,CANNOT_FIND_FREE_FUNCTION +X509V3,105,DIRNAME_ERROR +X509V3,106,DISTPOINT_ALREADY_SET +X509V3,107,DUPLICATE_ZONE_ID +X509V3,108,ERROR_CONVERTING_ZONE +X509V3,109,ERROR_CREATING_EXTENSION +X509V3,110,ERROR_IN_EXTENSION +X509V3,111,EXPECTED_A_SECTION_NAME +X509V3,112,EXTENSION_EXISTS +X509V3,113,EXTENSION_NAME_ERROR +X509V3,114,EXTENSION_NOT_FOUND +X509V3,115,EXTENSION_SETTING_NOT_SUPPORTED +X509V3,116,EXTENSION_VALUE_ERROR +X509V3,117,ILLEGAL_EMPTY_EXTENSION +X509V3,118,ILLEGAL_HEX_DIGIT +X509V3,119,INCORRECT_POLICY_SYNTAX_TAG +X509V3,120,INVALID_BOOLEAN_STRING +X509V3,121,INVALID_EXTENSION_STRING +X509V3,122,INVALID_MULTIPLE_RDNS +X509V3,123,INVALID_NAME +X509V3,124,INVALID_NULL_ARGUMENT +X509V3,125,INVALID_NULL_NAME +X509V3,126,INVALID_NULL_VALUE +X509V3,127,INVALID_NUMBER +X509V3,128,INVALID_NUMBERS +X509V3,129,INVALID_OBJECT_IDENTIFIER +X509V3,130,INVALID_OPTION +X509V3,131,INVALID_POLICY_IDENTIFIER +X509V3,132,INVALID_PROXY_POLICY_SETTING +X509V3,133,INVALID_PURPOSE +X509V3,134,INVALID_SECTION +X509V3,135,INVALID_SYNTAX +X509V3,136,ISSUER_DECODE_ERROR +X509V3,137,MISSING_VALUE +X509V3,138,NEED_ORGANIZATION_AND_NUMBERS +X509V3,139,NO_CONFIG_DATABASE +X509V3,140,NO_ISSUER_CERTIFICATE +X509V3,141,NO_ISSUER_DETAILS +X509V3,142,NO_POLICY_IDENTIFIER +X509V3,143,NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED +X509V3,144,NO_PUBLIC_KEY +X509V3,145,NO_SUBJECT_DETAILS +X509V3,146,ODD_NUMBER_OF_DIGITS +X509V3,147,OPERATION_NOT_DEFINED +X509V3,148,OTHERNAME_ERROR +X509V3,149,POLICY_LANGUAGE_ALREADY_DEFINED +X509V3,150,POLICY_PATH_LENGTH +X509V3,151,POLICY_PATH_LENGTH_ALREADY_DEFINED +X509V3,152,POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY +X509V3,153,SECTION_NOT_FOUND +X509V3,154,UNABLE_TO_GET_ISSUER_DETAILS +X509V3,155,UNABLE_TO_GET_ISSUER_KEYID +X509V3,156,UNKNOWN_BIT_STRING_ARGUMENT +X509V3,157,UNKNOWN_EXTENSION +X509V3,158,UNKNOWN_EXTENSION_NAME +X509V3,159,UNKNOWN_OPTION +X509V3,160,UNSUPPORTED_OPTION +X509V3,161,UNSUPPORTED_TYPE +X509V3,162,USER_TOO_LONG diff --git a/src/crypto/evp/CMakeLists.txt b/src/crypto/evp/CMakeLists.txt index 5769fa4..5d2e918 100644 --- a/src/crypto/evp/CMakeLists.txt +++ b/src/crypto/evp/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( evp @@ -6,15 +6,13 @@ add_library( OBJECT algorithm.c - asn1.c digestsign.c evp.c + evp_asn1.c evp_ctx.c p_dsa_asn1.c p_ec.c p_ec_asn1.c - p_hmac.c - p_hmac_asn1.c p_rsa.c p_rsa_asn1.c pbkdf.c diff --git a/src/crypto/evp/algorithm.c b/src/crypto/evp/algorithm.c index ea28dfa..63bc77a 100644 --- a/src/crypto/evp/algorithm.c +++ b/src/crypto/evp/algorithm.c @@ -74,8 +74,7 @@ int EVP_DigestSignAlgorithm(EVP_MD_CTX *ctx, X509_ALGOR *algor) { digest = EVP_MD_CTX_md(ctx); pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx); if (!digest || !pkey) { - OPENSSL_PUT_ERROR(EVP, EVP_DigestSignAlgorithm, - EVP_R_CONTEXT_NOT_INITIALISED); + OPENSSL_PUT_ERROR(EVP, EVP_R_CONTEXT_NOT_INITIALISED); return 0; } @@ -97,8 +96,7 @@ int EVP_DigestSignAlgorithm(EVP_MD_CTX *ctx, X509_ALGOR *algor) { * that. */ if (!OBJ_find_sigid_by_algs(&sign_nid, EVP_MD_type(digest), pkey->ameth->pkey_id)) { - OPENSSL_PUT_ERROR(EVP, EVP_DigestSignAlgorithm, - EVP_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(EVP, EVP_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); return 0; } @@ -122,24 +120,21 @@ int EVP_DigestVerifyInitFromAlgorithm(EVP_MD_CTX *ctx, /* Convert signature OID into digest and public key OIDs */ if (!OBJ_find_sigid_algs(OBJ_obj2nid(algor->algorithm), &digest_nid, &pkey_nid)) { - OPENSSL_PUT_ERROR(EVP, EVP_DigestVerifyInitFromAlgorithm, - EVP_R_UNKNOWN_SIGNATURE_ALGORITHM); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_SIGNATURE_ALGORITHM); return 0; } /* Check public key OID matches public key type */ ameth = EVP_PKEY_asn1_find(NULL, pkey_nid); if (ameth == NULL || ameth->pkey_id != pkey->ameth->pkey_id) { - OPENSSL_PUT_ERROR(EVP, EVP_DigestVerifyInitFromAlgorithm, - EVP_R_WRONG_PUBLIC_KEY_TYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_WRONG_PUBLIC_KEY_TYPE); return 0; } /* NID_undef signals that there are custom parameters to set. */ if (digest_nid == NID_undef) { if (!pkey->ameth || !pkey->ameth->digest_verify_init_from_algorithm) { - OPENSSL_PUT_ERROR(EVP, EVP_DigestVerifyInitFromAlgorithm, - EVP_R_UNKNOWN_SIGNATURE_ALGORITHM); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_SIGNATURE_ALGORITHM); return 0; } @@ -149,8 +144,7 @@ int EVP_DigestVerifyInitFromAlgorithm(EVP_MD_CTX *ctx, /* Otherwise, initialize with the digest from the OID. */ digest = EVP_get_digestbynid(digest_nid); if (digest == NULL) { - OPENSSL_PUT_ERROR(EVP, EVP_DigestVerifyInitFromAlgorithm, - EVP_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); return 0; } diff --git a/src/crypto/evp/asn1.c b/src/crypto/evp/asn1.c deleted file mode 100644 index 3df9f52..0000000 --- a/src/crypto/evp/asn1.c +++ /dev/null @@ -1,167 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#include - -#include -#include -#include -#include - -#include "internal.h" - - -EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **out, const uint8_t **inp, - long len) { - EVP_PKEY *ret; - - if (out == NULL || *out == NULL) { - ret = EVP_PKEY_new(); - if (ret == NULL) { - OPENSSL_PUT_ERROR(EVP, d2i_PrivateKey, ERR_R_EVP_LIB); - return NULL; - } - } else { - ret = *out; - } - - if (!EVP_PKEY_set_type(ret, type)) { - OPENSSL_PUT_ERROR(EVP, d2i_PrivateKey, EVP_R_UNKNOWN_PUBLIC_KEY_TYPE); - goto err; - } - - if (!ret->ameth->old_priv_decode || - !ret->ameth->old_priv_decode(ret, inp, len)) { - if (ret->ameth->priv_decode) { - PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, inp, len); - if (!p8) { - goto err; - } - EVP_PKEY_free(ret); - ret = EVP_PKCS82PKEY(p8); - PKCS8_PRIV_KEY_INFO_free(p8); - } else { - OPENSSL_PUT_ERROR(EVP, d2i_PrivateKey, ERR_R_ASN1_LIB); - goto err; - } - } - - if (out != NULL) { - *out = ret; - } - return ret; - -err: - if (out == NULL || *out != ret) { - EVP_PKEY_free(ret); - } - return NULL; -} - -EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **out, const uint8_t **inp, long len) { - STACK_OF(ASN1_TYPE) *inkey; - const uint8_t *p; - int keytype; - p = *inp; - - /* Dirty trick: read in the ASN1 data into out STACK_OF(ASN1_TYPE): - * by analyzing it we can determine the passed structure: this - * assumes the input is surrounded by an ASN1 SEQUENCE. */ - inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, len); - /* Since we only need to discern "traditional format" RSA and DSA - * keys we can just count the elements. */ - if (sk_ASN1_TYPE_num(inkey) == 6) { - keytype = EVP_PKEY_DSA; - } else if (sk_ASN1_TYPE_num(inkey) == 4) { - keytype = EVP_PKEY_EC; - } else if (sk_ASN1_TYPE_num(inkey) == 3) { - /* This seems to be PKCS8, not traditional format */ - PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, inp, len); - EVP_PKEY *ret; - - sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); - if (!p8) { - OPENSSL_PUT_ERROR(EVP, d2i_AutoPrivateKey, - EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE); - return NULL; - } - ret = EVP_PKCS82PKEY(p8); - PKCS8_PRIV_KEY_INFO_free(p8); - if (out) { - *out = ret; - } - return ret; - } else { - keytype = EVP_PKEY_RSA; - } - - sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); - return d2i_PrivateKey(keytype, out, inp, len); -} - -int i2d_PublicKey(EVP_PKEY *key, uint8_t **outp) { - switch (key->type) { - case EVP_PKEY_RSA: - return i2d_RSAPublicKey(key->pkey.rsa, outp); - case EVP_PKEY_DSA: - return i2d_DSAPublicKey(key->pkey.dsa, outp); - case EVP_PKEY_EC: - return i2o_ECPublicKey(key->pkey.ec, outp); - default: - OPENSSL_PUT_ERROR(EVP, i2d_PublicKey, EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE); - return -1; - } -} diff --git a/src/crypto/evp/digestsign.c b/src/crypto/evp/digestsign.c index c163d40..ccb4de4 100644 --- a/src/crypto/evp/digestsign.c +++ b/src/crypto/evp/digestsign.c @@ -62,17 +62,9 @@ #include "../digest/internal.h" -/* md_begin_digset is a callback from the |EVP_MD_CTX| code that is called when - * a new digest is begun. */ -static int md_begin_digest(EVP_MD_CTX *ctx) { - return EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG, - EVP_PKEY_CTRL_DIGESTINIT, 0, ctx); -} - static const struct evp_md_pctx_ops md_pctx_ops = { EVP_PKEY_CTX_free, EVP_PKEY_CTX_dup, - md_begin_digest, }; static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, @@ -91,26 +83,16 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, } if (type == NULL) { - OPENSSL_PUT_ERROR(EVP, do_sigver_init, EVP_R_NO_DEFAULT_DIGEST); + OPENSSL_PUT_ERROR(EVP, EVP_R_NO_DEFAULT_DIGEST); return 0; } if (is_verify) { - if (ctx->pctx->pmeth->verifyctx_init) { - if (!ctx->pctx->pmeth->verifyctx_init(ctx->pctx, ctx)) { - return 0; - } - ctx->pctx->operation = EVP_PKEY_OP_VERIFYCTX; - } else if (!EVP_PKEY_verify_init(ctx->pctx)) { + if (!EVP_PKEY_verify_init(ctx->pctx)) { return 0; } } else { - if (ctx->pctx->pmeth->signctx_init) { - if (!ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx)) { - return 0; - } - ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX; - } else if (!EVP_PKEY_sign_init(ctx->pctx)) { + if (!EVP_PKEY_sign_init(ctx->pctx)) { return 0; } } @@ -146,59 +128,37 @@ int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *data, size_t len) { int EVP_DigestSignFinal(EVP_MD_CTX *ctx, uint8_t *out_sig, size_t *out_sig_len) { - int r = 0; - const int has_signctx = ctx->pctx->pmeth->signctx != NULL; - if (out_sig) { EVP_MD_CTX tmp_ctx; + int ret; uint8_t md[EVP_MAX_MD_SIZE]; unsigned int mdlen; EVP_MD_CTX_init(&tmp_ctx); - if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx)) { - return 0; - } - if (has_signctx) { - r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx, out_sig, out_sig_len, &tmp_ctx); - } else { - r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen); - if (r) { - r = EVP_PKEY_sign(ctx->pctx, out_sig, out_sig_len, md, mdlen); - } - } + ret = EVP_MD_CTX_copy_ex(&tmp_ctx, ctx) && + EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen) && + EVP_PKEY_sign(ctx->pctx, out_sig, out_sig_len, md, mdlen); EVP_MD_CTX_cleanup(&tmp_ctx); - return r; + + return ret; } else { - if (has_signctx) { - return ctx->pctx->pmeth->signctx(ctx->pctx, out_sig, out_sig_len, ctx); - } else { - size_t s = EVP_MD_size(ctx->digest); - return EVP_PKEY_sign(ctx->pctx, out_sig, out_sig_len, NULL, s); - } + size_t s = EVP_MD_size(ctx->digest); + return EVP_PKEY_sign(ctx->pctx, out_sig, out_sig_len, NULL, s); } } int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const uint8_t *sig, size_t sig_len) { EVP_MD_CTX tmp_ctx; + int ret; uint8_t md[EVP_MAX_MD_SIZE]; - int r; unsigned int mdlen; EVP_MD_CTX_init(&tmp_ctx); - if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx)) { - return 0; - } - if (ctx->pctx->pmeth->verifyctx) { - r = tmp_ctx.pctx->pmeth->verifyctx(tmp_ctx.pctx, sig, sig_len, &tmp_ctx); - } else { - r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen); - if (r) { - r = EVP_PKEY_verify(ctx->pctx, sig, sig_len, md, mdlen); - } - } - + ret = EVP_MD_CTX_copy_ex(&tmp_ctx, ctx) && + EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen) && + EVP_PKEY_verify(ctx->pctx, sig, sig_len, md, mdlen); EVP_MD_CTX_cleanup(&tmp_ctx); - return r; + return ret; } diff --git a/src/crypto/evp/evp.c b/src/crypto/evp/evp.c index 0ad5c27..5822379 100644 --- a/src/crypto/evp/evp.c +++ b/src/crypto/evp/evp.c @@ -75,7 +75,6 @@ extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meth; extern const EVP_PKEY_ASN1_METHOD ec_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth; extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meth; EVP_PKEY *EVP_PKEY_new(void) { @@ -83,7 +82,7 @@ EVP_PKEY *EVP_PKEY_new(void) { ret = OPENSSL_malloc(sizeof(EVP_PKEY)); if (ret == NULL) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); return NULL; } @@ -159,12 +158,12 @@ int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) { int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) { if (to->type != from->type) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_copy_parameters, EVP_R_DIFFERENT_KEY_TYPES); + OPENSSL_PUT_ERROR(EVP, EVP_R_DIFFERENT_KEY_TYPES); goto err; } if (EVP_PKEY_missing_parameters(from)) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_copy_parameters, EVP_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(EVP, EVP_R_MISSING_PARAMETERS); goto err; } @@ -207,8 +206,6 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pengine, int nid) { case EVP_PKEY_RSA: case EVP_PKEY_RSA2: return &rsa_asn1_meth; - case EVP_PKEY_HMAC: - return &hmac_asn1_meth; case EVP_PKEY_EC: return &ec_asn1_meth; case EVP_PKEY_DSA: @@ -226,32 +223,6 @@ int EVP_PKEY_type(int nid) { return meth->pkey_id; } -EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const uint8_t *mac_key, - size_t mac_key_len) { - EVP_PKEY_CTX *mac_ctx = NULL; - EVP_PKEY *ret = NULL; - - mac_ctx = EVP_PKEY_CTX_new_id(type, e); - if (!mac_ctx) { - return NULL; - } - - if (!EVP_PKEY_keygen_init(mac_ctx) || - !EVP_PKEY_CTX_ctrl(mac_ctx, -1, EVP_PKEY_OP_KEYGEN, - EVP_PKEY_CTRL_SET_MAC_KEY, mac_key_len, - (uint8_t *)mac_key) || - !EVP_PKEY_keygen(mac_ctx, &ret)) { - ret = NULL; - goto merr; - } - -merr: - if (mac_ctx) { - EVP_PKEY_CTX_free(mac_ctx); - } - return ret; -} - int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) { if (EVP_PKEY_assign_RSA(pkey, key)) { RSA_up_ref(key); @@ -266,7 +237,7 @@ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key) { RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_RSA) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_get1_RSA, EVP_R_EXPECTING_AN_RSA_KEY); + OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_AN_RSA_KEY); return NULL; } RSA_up_ref(pkey->pkey.rsa); @@ -287,7 +258,7 @@ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key) { DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_DSA) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_get1_DSA, EVP_R_EXPECTING_A_DSA_KEY); + OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_A_DSA_KEY); return NULL; } DSA_up_ref(pkey->pkey.dsa); @@ -308,7 +279,7 @@ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) { EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_EC) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_get1_EC_KEY, EVP_R_EXPECTING_AN_EC_KEY_KEY); + OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_AN_EC_KEY_KEY); return NULL; } EC_KEY_up_ref(pkey->pkey.ec); @@ -329,7 +300,7 @@ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key) { DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_DH) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_get1_DH, EVP_R_EXPECTING_A_DH_KEY); + OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_A_DH_KEY); return NULL; } DH_up_ref(pkey->pkey.dh); @@ -349,10 +320,10 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pengine, size_t len) { if (len == 3 && memcmp(name, "RSA", 3) == 0) { return &rsa_asn1_meth; - } else if (len == 4 && memcmp(name, "HMAC", 4) == 0) { - return &hmac_asn1_meth; } if (len == 2 && memcmp(name, "EC", 2) == 0) { return &ec_asn1_meth; + } else if (len == 3 && memcmp(name, "DSA", 3) == 0) { + return &dsa_asn1_meth; } return NULL; } @@ -366,7 +337,7 @@ int EVP_PKEY_set_type(EVP_PKEY *pkey, int type) { ameth = EVP_PKEY_asn1_find(NULL, type); if (ameth == NULL) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_set_type, EVP_R_UNSUPPORTED_ALGORITHM); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM); ERR_add_error_dataf("algorithm %d (%s)", type, OBJ_nid2sn(type)); return 0; } @@ -436,10 +407,6 @@ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **out_md) { 0, (void *)out_md); } -EVP_PKEY *EVP_PKEY_dup(EVP_PKEY *pkey) { - return EVP_PKEY_up_ref(pkey); -} - void OpenSSL_add_all_algorithms(void) {} void OpenSSL_add_all_ciphers(void) {} diff --git a/src/crypto/evp/evp_asn1.c b/src/crypto/evp/evp_asn1.c new file mode 100644 index 0000000..356c62b --- /dev/null +++ b/src/crypto/evp/evp_asn1.c @@ -0,0 +1,166 @@ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ + +#include + +#include +#include +#include +#include + +#include "internal.h" + + +EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **out, const uint8_t **inp, + long len) { + EVP_PKEY *ret; + + if (out == NULL || *out == NULL) { + ret = EVP_PKEY_new(); + if (ret == NULL) { + OPENSSL_PUT_ERROR(EVP, ERR_R_EVP_LIB); + return NULL; + } + } else { + ret = *out; + } + + if (!EVP_PKEY_set_type(ret, type)) { + OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_PUBLIC_KEY_TYPE); + goto err; + } + + if (!ret->ameth->old_priv_decode || + !ret->ameth->old_priv_decode(ret, inp, len)) { + if (ret->ameth->priv_decode) { + PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, inp, len); + if (!p8) { + goto err; + } + EVP_PKEY_free(ret); + ret = EVP_PKCS82PKEY(p8); + PKCS8_PRIV_KEY_INFO_free(p8); + } else { + OPENSSL_PUT_ERROR(EVP, ERR_R_ASN1_LIB); + goto err; + } + } + + if (out != NULL) { + *out = ret; + } + return ret; + +err: + if (out == NULL || *out != ret) { + EVP_PKEY_free(ret); + } + return NULL; +} + +EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **out, const uint8_t **inp, long len) { + STACK_OF(ASN1_TYPE) *inkey; + const uint8_t *p; + int keytype; + p = *inp; + + /* Dirty trick: read in the ASN1 data into out STACK_OF(ASN1_TYPE): + * by analyzing it we can determine the passed structure: this + * assumes the input is surrounded by an ASN1 SEQUENCE. */ + inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, len); + /* Since we only need to discern "traditional format" RSA and DSA + * keys we can just count the elements. */ + if (sk_ASN1_TYPE_num(inkey) == 6) { + keytype = EVP_PKEY_DSA; + } else if (sk_ASN1_TYPE_num(inkey) == 4) { + keytype = EVP_PKEY_EC; + } else if (sk_ASN1_TYPE_num(inkey) == 3) { + /* This seems to be PKCS8, not traditional format */ + PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, inp, len); + EVP_PKEY *ret; + + sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); + if (!p8) { + OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE); + return NULL; + } + ret = EVP_PKCS82PKEY(p8); + PKCS8_PRIV_KEY_INFO_free(p8); + if (out) { + *out = ret; + } + return ret; + } else { + keytype = EVP_PKEY_RSA; + } + + sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); + return d2i_PrivateKey(keytype, out, inp, len); +} + +int i2d_PublicKey(EVP_PKEY *key, uint8_t **outp) { + switch (key->type) { + case EVP_PKEY_RSA: + return i2d_RSAPublicKey(key->pkey.rsa, outp); + case EVP_PKEY_DSA: + return i2d_DSAPublicKey(key->pkey.dsa, outp); + case EVP_PKEY_EC: + return i2o_ECPublicKey(key->pkey.ec, outp); + default: + OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE); + return -1; + } +} diff --git a/src/crypto/evp/evp_ctx.c b/src/crypto/evp/evp_ctx.c index 9f42274..a8e71fe 100644 --- a/src/crypto/evp/evp_ctx.c +++ b/src/crypto/evp/evp_ctx.c @@ -67,12 +67,10 @@ extern const EVP_PKEY_METHOD rsa_pkey_meth; -extern const EVP_PKEY_METHOD hmac_pkey_meth; extern const EVP_PKEY_METHOD ec_pkey_meth; static const EVP_PKEY_METHOD *const evp_methods[] = { &rsa_pkey_meth, - &hmac_pkey_meth, &ec_pkey_meth, }; @@ -102,7 +100,7 @@ static EVP_PKEY_CTX *evp_pkey_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) { pmeth = evp_pkey_meth_find(id); if (pmeth == NULL) { - OPENSSL_PUT_ERROR(EVP, evp_pkey_ctx_new, EVP_R_UNSUPPORTED_ALGORITHM); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM); const char *name = OBJ_nid2sn(id); ERR_add_error_dataf("algorithm %d (%s)", id, name); return NULL; @@ -110,7 +108,7 @@ static EVP_PKEY_CTX *evp_pkey_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) { ret = OPENSSL_malloc(sizeof(EVP_PKEY_CTX)); if (!ret) { - OPENSSL_PUT_ERROR(EVP, evp_pkey_ctx_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); return NULL; } memset(ret, 0, sizeof(EVP_PKEY_CTX)); @@ -192,7 +190,7 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx) { err: EVP_PKEY_CTX_free(rctx); - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_CTX_dup, ERR_LIB_EVP); + OPENSSL_PUT_ERROR(EVP, ERR_LIB_EVP); return NULL; } @@ -207,7 +205,7 @@ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx) { return ctx->app_data; } int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd, int p1, void *p2) { if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_CTX_ctrl, EVP_R_COMMAND_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(EVP, EVP_R_COMMAND_NOT_SUPPORTED); return 0; } if (keytype != -1 && ctx->pmeth->pkey_id != keytype) { @@ -215,12 +213,12 @@ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd, } if (ctx->operation == EVP_PKEY_OP_UNDEFINED) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_CTX_ctrl, EVP_R_NO_OPERATION_SET); + OPENSSL_PUT_ERROR(EVP, EVP_R_NO_OPERATION_SET); return 0; } if (optype != -1 && !(ctx->operation & optype)) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_CTX_ctrl, EVP_R_INVALID_OPERATION); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_OPERATION); return 0; } @@ -229,8 +227,7 @@ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd, int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_sign_init, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } @@ -250,12 +247,11 @@ int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx) { int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *sig_len, const uint8_t *data, size_t data_len) { if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_sign, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_SIGN) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_sign, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } return ctx->pmeth->sign(ctx, sig, sig_len, data, data_len); @@ -263,8 +259,7 @@ int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *sig_len, int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_verify_init, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } ctx->operation = EVP_PKEY_OP_VERIFY; @@ -282,12 +277,11 @@ int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx) { int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const uint8_t *sig, size_t sig_len, const uint8_t *data, size_t data_len) { if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_verify, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_VERIFY) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_verify, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } return ctx->pmeth->verify(ctx, sig, sig_len, data, data_len); @@ -295,8 +289,7 @@ int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const uint8_t *sig, size_t sig_len, int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_encrypt_init, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } ctx->operation = EVP_PKEY_OP_ENCRYPT; @@ -313,12 +306,11 @@ int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx) { int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen) { if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_encrypt, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_ENCRYPT) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_encrypt, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen); @@ -326,8 +318,7 @@ int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_decrypt_init, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } ctx->operation = EVP_PKEY_OP_DECRYPT; @@ -344,12 +335,11 @@ int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx) { int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen) { if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_decrypt, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_DECRYPT) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_decrypt, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen); @@ -357,8 +347,7 @@ int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_init, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } ctx->operation = EVP_PKEY_OP_DERIVE; @@ -377,15 +366,13 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) { if (!ctx || !ctx->pmeth || !(ctx->pmeth->derive || ctx->pmeth->encrypt || ctx->pmeth->decrypt) || !ctx->pmeth->ctrl) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_DERIVE && ctx->operation != EVP_PKEY_OP_ENCRYPT && ctx->operation != EVP_PKEY_OP_DECRYPT) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer, - EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } @@ -400,12 +387,12 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) { } if (!ctx->pkey) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer, EVP_R_NO_KEY_SET); + OPENSSL_PUT_ERROR(EVP, EVP_R_NO_KEY_SET); return 0; } if (ctx->pkey->type != peer->type) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer, EVP_R_DIFFERENT_KEY_TYPES); + OPENSSL_PUT_ERROR(EVP, EVP_R_DIFFERENT_KEY_TYPES); return 0; } @@ -416,8 +403,7 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) { * -2 is OK for us here, as well as 1, so we can check for 0 only. */ if (!EVP_PKEY_missing_parameters(peer) && !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer, - EVP_R_DIFFERENT_PARAMETERS); + OPENSSL_PUT_ERROR(EVP, EVP_R_DIFFERENT_PARAMETERS); return 0; } @@ -437,12 +423,11 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) { int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, uint8_t *key, size_t *out_key_len) { if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_DERIVE) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } return ctx->pmeth->derive(ctx, key, out_key_len); @@ -450,8 +435,7 @@ int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, uint8_t *key, size_t *out_key_len) { int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_keygen_init, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } ctx->operation = EVP_PKEY_OP_KEYGEN; @@ -467,12 +451,11 @@ int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx) { int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey) { if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_keygen, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_KEYGEN) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_keygen, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } @@ -483,7 +466,7 @@ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey) { if (!*ppkey) { *ppkey = EVP_PKEY_new(); if (!*ppkey) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_keygen, ERR_LIB_EVP); + OPENSSL_PUT_ERROR(EVP, ERR_LIB_EVP); return 0; } } diff --git a/src/crypto/evp/evp_extra_test.cc b/src/crypto/evp/evp_extra_test.cc index 674547d..9c955fa 100644 --- a/src/crypto/evp/evp_extra_test.cc +++ b/src/crypto/evp/evp_extra_test.cc @@ -322,8 +322,8 @@ static const uint8_t kExampleBadECKeyDER[] = { }; static ScopedEVP_PKEY LoadExampleRSAKey() { - const uint8_t *derp = kExampleRSAKeyDER; - ScopedRSA rsa(d2i_RSAPrivateKey(nullptr, &derp, sizeof(kExampleRSAKeyDER))); + ScopedRSA rsa(RSA_private_key_from_bytes(kExampleRSAKeyDER, + sizeof(kExampleRSAKeyDER))); if (!rsa) { return nullptr; } diff --git a/src/crypto/evp/evp_test.cc b/src/crypto/evp/evp_test.cc index 239f868..c7ac908 100644 --- a/src/crypto/evp/evp_test.cc +++ b/src/crypto/evp/evp_test.cc @@ -56,10 +56,19 @@ #include #include +#if defined(_MSC_VER) +#pragma warning(push) +#pragma warning(disable: 4702) +#endif + #include #include #include +#if defined(_MSC_VER) +#pragma warning(pop) +#endif + #include #include #include @@ -72,11 +81,10 @@ #include "../test/stl_compat.h" -// evp_test dispatches between multiple test types. HMAC tests test the legacy -// EVP_PKEY_HMAC API. PrivateKey tests take a key name parameter and single -// block, decode it as a PEM private key, and save it under that key name. -// Decrypt, Sign, and Verify tests take a previously imported key name as -// parameter and test their respective operations. +// evp_test dispatches between multiple test types. PrivateKey tests take a key +// name parameter and single block, decode it as a PEM private key, and save it +// under that key name. Decrypt, Sign, and Verify tests take a previously +// imported key name as parameter and test their respective operations. static const EVP_MD *GetDigest(FileTest *t, const std::string &name) { if (name == "MD5") { @@ -120,54 +128,10 @@ static bool ImportPrivateKey(FileTest *t, KeyMap *key_map) { return true; } -static bool TestHMAC(FileTest *t) { - std::string digest_str; - if (!t->GetAttribute(&digest_str, "HMAC")) { - return false; - } - const EVP_MD *digest = GetDigest(t, digest_str); - if (digest == nullptr) { - return false; - } - - std::vector key, input, output; - if (!t->GetBytes(&key, "Key") || - !t->GetBytes(&input, "Input") || - !t->GetBytes(&output, "Output")) { - return false; - } - - ScopedEVP_PKEY pkey(EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, nullptr, - bssl::vector_data(&key), - key.size())); - ScopedEVP_MD_CTX mctx; - if (!pkey || - !EVP_DigestSignInit(mctx.get(), nullptr, digest, nullptr, pkey.get()) || - !EVP_DigestSignUpdate(mctx.get(), bssl::vector_data(&input), - input.size())) { - return false; - } - - size_t len; - std::vector actual; - if (!EVP_DigestSignFinal(mctx.get(), nullptr, &len)) { - return false; - } - actual.resize(len); - if (!EVP_DigestSignFinal(mctx.get(), bssl::vector_data(&actual), &len)) { - return false; - } - actual.resize(len); - return t->ExpectBytesEqual(bssl::vector_data(&output), output.size(), - bssl::vector_data(&actual), actual.size()); -} - static bool TestEVP(FileTest *t, void *arg) { KeyMap *key_map = reinterpret_cast(arg); if (t->GetType() == "PrivateKey") { return ImportPrivateKey(t, key_map); - } else if (t->GetType() == "HMAC") { - return TestHMAC(t); } int (*key_op_init)(EVP_PKEY_CTX *ctx); @@ -219,7 +183,7 @@ static bool TestEVP(FileTest *t, void *arg) { bssl::vector_data(&input), input.size())) { // ECDSA sometimes doesn't push an error code. Push one on the error queue // so it's distinguishable from other errors. - ERR_put_error(ERR_LIB_USER, 0, ERR_R_EVP_LIB, __FILE__, __LINE__); + OPENSSL_PUT_ERROR(USER, ERR_R_EVP_LIB); return false; } return true; diff --git a/src/crypto/evp/evp_tests.txt b/src/crypto/evp/evp_tests.txt index cccfa4f..97ddaa0 100644 --- a/src/crypto/evp/evp_tests.txt +++ b/src/crypto/evp/evp_tests.txt @@ -163,12 +163,11 @@ Digest = SHA1 Input = "0123456789ABCDEF1234" Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec800 # This operation fails without an error code, so ERR_R_EVP_LIB is surfaced. -Error = public key routines +Error = BAD_SIGNATURE # BER signature Verify = P-256 Digest = SHA1 Input = "0123456789ABCDEF1234" Output = 3080022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec80000 -# This operation fails without an error code, so ERR_R_EVP_LIB is surfaced. -Error = public key routines +Error = BAD_SIGNATURE diff --git a/src/crypto/evp/internal.h b/src/crypto/evp/internal.h index 08a7bfb..60881e3 100644 --- a/src/crypto/evp/internal.h +++ b/src/crypto/evp/internal.h @@ -89,8 +89,7 @@ struct evp_pkey_asn1_method_st { int pkey_base_id; unsigned long pkey_flags; - char *pem_str; - char *info; + const char *pem_str; int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub); int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk); @@ -115,8 +114,8 @@ struct evp_pkey_asn1_method_st { int (*pkey_size)(const EVP_PKEY *pk); int (*pkey_bits)(const EVP_PKEY *pk); - int (*param_decode)(EVP_PKEY *pkey, const unsigned char **pder, int derlen); - int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder); + int (*param_decode)(EVP_PKEY *pkey, const uint8_t **pder, int derlen); + int (*param_encode)(const EVP_PKEY *pkey, uint8_t **pder); int (*param_missing)(const EVP_PKEY *pk); int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from); int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b); @@ -130,9 +129,9 @@ struct evp_pkey_asn1_method_st { /* Legacy functions for old PEM */ - int (*old_priv_decode)(EVP_PKEY *pkey, const unsigned char **pder, + int (*old_priv_decode)(EVP_PKEY *pkey, const uint8_t **pder, int derlen); - int (*old_priv_encode)(const EVP_PKEY *pkey, unsigned char **pder); + int (*old_priv_encode)(const EVP_PKEY *pkey, uint8_t **pder); /* Converting parameters to/from AlgorithmIdentifier (X509_ALGOR). */ int (*digest_verify_init_from_algorithm)(EVP_MD_CTX *ctx, @@ -153,15 +152,12 @@ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx); #define EVP_PKEY_OP_SIGN (1 << 3) #define EVP_PKEY_OP_VERIFY (1 << 4) #define EVP_PKEY_OP_VERIFYRECOVER (1 << 5) -#define EVP_PKEY_OP_SIGNCTX (1 << 6) -#define EVP_PKEY_OP_VERIFYCTX (1 << 7) -#define EVP_PKEY_OP_ENCRYPT (1 << 8) -#define EVP_PKEY_OP_DECRYPT (1 << 9) -#define EVP_PKEY_OP_DERIVE (1 << 10) +#define EVP_PKEY_OP_ENCRYPT (1 << 6) +#define EVP_PKEY_OP_DECRYPT (1 << 7) +#define EVP_PKEY_OP_DERIVE (1 << 8) #define EVP_PKEY_OP_TYPE_SIG \ - (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER | \ - EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX) + (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER) #define EVP_PKEY_OP_TYPE_CRYPT (EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT) @@ -181,13 +177,8 @@ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx); OPENSSL_EXPORT int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd, int p1, void *p2); -/* EVP_PKEY_CTRL_DIGESTINIT is an internal value. It's called by - * EVP_DigestInit_ex to signal the |EVP_PKEY| that a digest operation is - * starting. - * - * TODO(davidben): This is only needed to support the deprecated HMAC |EVP_PKEY| - * types. */ -#define EVP_PKEY_CTRL_DIGESTINIT 3 +#define EVP_PKEY_CTRL_MD 1 +#define EVP_PKEY_CTRL_GET_MD 2 /* EVP_PKEY_CTRL_PEER_KEY is called with different values of |p1|: * 0: Is called from |EVP_PKEY_derive_set_peer| and |p2| contains a peer key. @@ -198,21 +189,12 @@ OPENSSL_EXPORT int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, * (EC)DH always return one in this case. * 3: Is called with |p2| == NULL to set whether the peer's key was used. * (EC)DH always return one in this case. This was only used for GOST. */ -#define EVP_PKEY_CTRL_PEER_KEY 4 - -/* EVP_PKEY_CTRL_SET_MAC_KEY sets a MAC key. For example, this can be done an - * |EVP_PKEY_CTX| prior to calling |EVP_PKEY_keygen| in order to generate an - * HMAC |EVP_PKEY| with the given key. It returns one on success and zero on - * error. */ -#define EVP_PKEY_CTRL_SET_MAC_KEY 5 +#define EVP_PKEY_CTRL_PEER_KEY 3 /* EVP_PKEY_ALG_CTRL is the base value from which key-type specific ctrl * commands are numbered. */ #define EVP_PKEY_ALG_CTRL 0x1000 -#define EVP_PKEY_CTRL_MD 1 -#define EVP_PKEY_CTRL_GET_MD 2 - #define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1) #define EVP_PKEY_CTRL_GET_RSA_PADDING (EVP_PKEY_ALG_CTRL + 2) #define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 3) @@ -260,34 +242,25 @@ struct evp_pkey_method_st { int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); int (*sign_init)(EVP_PKEY_CTX *ctx); - int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen); + int (*sign)(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *siglen, + const uint8_t *tbs, size_t tbslen); int (*verify_init)(EVP_PKEY_CTX *ctx); - int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, - const unsigned char *tbs, size_t tbslen); - - int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); - int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - EVP_MD_CTX *mctx); - - int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); - int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen, - EVP_MD_CTX *mctx); + int (*verify)(EVP_PKEY_CTX *ctx, const uint8_t *sig, size_t siglen, + const uint8_t *tbs, size_t tbslen); int (*encrypt_init)(EVP_PKEY_CTX *ctx); - int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen); + int (*encrypt)(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, + const uint8_t *in, size_t inlen); int (*decrypt_init)(EVP_PKEY_CTX *ctx); - int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen); + int (*decrypt)(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, + const uint8_t *in, size_t inlen); int (*derive_init)(EVP_PKEY_CTX *ctx); - int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); + int (*derive)(EVP_PKEY_CTX *ctx, uint8_t *key, size_t *keylen); int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2); - int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value); } /* EVP_PKEY_METHOD */; diff --git a/src/crypto/evp/p_dsa_asn1.c b/src/crypto/evp/p_dsa_asn1.c index 826d4e4..4790cf6 100644 --- a/src/crypto/evp/p_dsa_asn1.c +++ b/src/crypto/evp/p_dsa_asn1.c @@ -91,29 +91,29 @@ static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) { dsa = d2i_DSAparams(NULL, &pm, pmlen); if (dsa == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); goto err; } } else if (ptype == V_ASN1_NULL || ptype == V_ASN1_UNDEF) { dsa = DSA_new(); if (dsa == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } } else { - OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, EVP_R_PARAMETER_ENCODING_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_PARAMETER_ENCODING_ERROR); goto err; } public_key = d2i_ASN1_INTEGER(NULL, &p, pklen); if (public_key == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); goto err; } dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL); if (dsa->pub_key == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, EVP_R_BN_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_BN_DECODE_ERROR); goto err; } @@ -140,12 +140,12 @@ static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { if (dsa->p && dsa->q && dsa->g) { pval = ASN1_STRING_new(); if (!pval) { - OPENSSL_PUT_ERROR(EVP, dsa_pub_encode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } pval->length = i2d_DSAparams(dsa, &pval->data); if (pval->length <= 0) { - OPENSSL_PUT_ERROR(EVP, dsa_pub_encode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } ptype = V_ASN1_SEQUENCE; @@ -155,7 +155,7 @@ static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { penclen = i2d_DSAPublicKey(dsa, &penc); if (penclen <= 0) { - OPENSSL_PUT_ERROR(EVP, dsa_pub_encode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } @@ -252,23 +252,23 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { /* We have parameters. Now set private key */ dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL); if (dsa->priv_key == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, ERR_LIB_BN); + OPENSSL_PUT_ERROR(EVP, ERR_LIB_BN); goto dsaerr; } /* Calculate public key. */ dsa->pub_key = BN_new(); if (dsa->pub_key == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto dsaerr; } ctx = BN_CTX_new(); if (ctx == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto dsaerr; } if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) { - OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, ERR_LIB_BN); + OPENSSL_PUT_ERROR(EVP, ERR_LIB_BN); goto dsaerr; } @@ -280,7 +280,7 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { return 1; decerr: - OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); dsaerr: BN_CTX_free(ctx); @@ -297,19 +297,19 @@ static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { int dplen; if (!pkey->pkey.dsa || !pkey->pkey.dsa->priv_key) { - OPENSSL_PUT_ERROR(EVP, dsa_priv_encode, EVP_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(EVP, EVP_R_MISSING_PARAMETERS); goto err; } params = ASN1_STRING_new(); if (!params) { - OPENSSL_PUT_ERROR(EVP, dsa_priv_encode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } params->length = i2d_DSAparams(pkey->pkey.dsa, ¶ms->data); if (params->length <= 0) { - OPENSSL_PUT_ERROR(EVP, dsa_priv_encode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } params->type = V_ASN1_SEQUENCE; @@ -318,13 +318,14 @@ static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL); if (!prkey) { - OPENSSL_PUT_ERROR(EVP, dsa_priv_encode, ERR_LIB_BN); + OPENSSL_PUT_ERROR(EVP, ERR_LIB_BN); goto err; } dplen = i2d_ASN1_INTEGER(prkey, &dp); ASN1_INTEGER_free(prkey); + prkey = NULL; if (!PKCS8_pkey_set0(p8, (ASN1_OBJECT *)OBJ_nid2obj(NID_dsa), 0, V_ASN1_SEQUENCE, params, dp, dplen)) { @@ -437,7 +438,7 @@ static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype) { m = (uint8_t *)OPENSSL_malloc(buf_len + 10); if (m == NULL) { - OPENSSL_PUT_ERROR(EVP, do_dsa_print, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } @@ -466,7 +467,7 @@ static int dsa_param_decode(EVP_PKEY *pkey, const uint8_t **pder, int derlen) { DSA *dsa; dsa = d2i_DSAparams(NULL, pder, derlen); if (dsa == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_param_decode, ERR_R_DSA_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_DSA_LIB); return 0; } EVP_PKEY_assign_DSA(pkey, dsa); @@ -497,7 +498,7 @@ static int old_dsa_priv_decode(EVP_PKEY *pkey, const uint8_t **pder, DSA *dsa; dsa = d2i_DSAPrivateKey(NULL, pder, derlen); if (dsa == NULL) { - OPENSSL_PUT_ERROR(EVP, old_dsa_priv_decode, ERR_R_DSA_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_DSA_LIB); return 0; } EVP_PKEY_assign_DSA(pkey, dsa); @@ -531,7 +532,7 @@ static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, update_buflen(dsa_sig->s, &buf_len); m = OPENSSL_malloc(buf_len + 10); if (m == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_sig_print, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } @@ -554,7 +555,6 @@ const EVP_PKEY_ASN1_METHOD dsa_asn1_meth = { 0, "DSA", - "OpenSSL DSA method", dsa_pub_decode, dsa_pub_encode, diff --git a/src/crypto/evp/p_ec.c b/src/crypto/evp/p_ec.c index 73c00d8..77f213d 100644 --- a/src/crypto/evp/p_ec.c +++ b/src/crypto/evp/p_ec.c @@ -125,25 +125,18 @@ static void pkey_ec_cleanup(EVP_PKEY_CTX *ctx) { static int pkey_ec_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *siglen, const uint8_t *tbs, size_t tbslen) { - int type; unsigned int sltmp; - EC_PKEY_CTX *dctx = ctx->data; EC_KEY *ec = ctx->pkey->pkey.ec; if (!sig) { *siglen = ECDSA_size(ec); return 1; } else if (*siglen < (size_t)ECDSA_size(ec)) { - OPENSSL_PUT_ERROR(EVP, pkey_ec_sign, EVP_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EVP, EVP_R_BUFFER_TOO_SMALL); return 0; } - type = NID_sha1; - if (dctx->md) { - type = EVP_MD_type(dctx->md); - } - - if (!ECDSA_sign(type, tbs, tbslen, sig, &sltmp, ec)) { + if (!ECDSA_sign(0, tbs, tbslen, sig, &sltmp, ec)) { return 0; } *siglen = (size_t)sltmp; @@ -152,16 +145,7 @@ static int pkey_ec_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *siglen, static int pkey_ec_verify(EVP_PKEY_CTX *ctx, const uint8_t *sig, size_t siglen, const uint8_t *tbs, size_t tbslen) { - int type; - EC_PKEY_CTX *dctx = ctx->data; - EC_KEY *ec = ctx->pkey->pkey.ec; - - type = NID_sha1; - if (dctx->md) { - type = EVP_MD_type(dctx->md); - } - - return ECDSA_verify(type, tbs, tbslen, sig, siglen, ec); + return ECDSA_verify(0, tbs, tbslen, sig, siglen, ctx->pkey->pkey.ec); } static int pkey_ec_derive(EVP_PKEY_CTX *ctx, uint8_t *key, @@ -172,7 +156,7 @@ static int pkey_ec_derive(EVP_PKEY_CTX *ctx, uint8_t *key, EC_KEY *eckey; if (!ctx->pkey || !ctx->peerkey) { - OPENSSL_PUT_ERROR(EVP, pkey_ec_derive, EVP_R_KEYS_NOT_SET); + OPENSSL_PUT_ERROR(EVP, EVP_R_KEYS_NOT_SET); return 0; } @@ -207,7 +191,7 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID: group = EC_GROUP_new_by_curve_name(p1); if (group == NULL) { - OPENSSL_PUT_ERROR(EVP, pkey_ec_ctrl, EVP_R_INVALID_CURVE); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_CURVE); return 0; } EC_GROUP_free(dctx->gen_group); @@ -221,7 +205,7 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { EVP_MD_type((const EVP_MD *)p2) != NID_sha256 && EVP_MD_type((const EVP_MD *)p2) != NID_sha384 && EVP_MD_type((const EVP_MD *)p2) != NID_sha512) { - OPENSSL_PUT_ERROR(EVP, pkey_ec_ctrl, EVP_R_INVALID_DIGEST_TYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_DIGEST_TYPE); return 0; } dctx->md = p2; @@ -232,12 +216,11 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { return 1; case EVP_PKEY_CTRL_PEER_KEY: - /* Default behaviour is OK */ - case EVP_PKEY_CTRL_DIGESTINIT: + /* Default behaviour is OK */ return 1; default: - OPENSSL_PUT_ERROR(EVP, pkey_ec_ctrl, EVP_R_COMMAND_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(EVP, EVP_R_COMMAND_NOT_SUPPORTED); return 0; } } @@ -248,7 +231,7 @@ static int pkey_ec_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { int ret = 0; if (dctx->gen_group == NULL) { - OPENSSL_PUT_ERROR(EVP, pkey_ec_paramgen, EVP_R_NO_PARAMETERS_SET); + OPENSSL_PUT_ERROR(EVP, EVP_R_NO_PARAMETERS_SET); return 0; } ec = EC_KEY_new(); @@ -268,7 +251,7 @@ static int pkey_ec_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { EC_KEY *ec = NULL; EC_PKEY_CTX *dctx = ctx->data; if (ctx->pkey == NULL && dctx->gen_group == NULL) { - OPENSSL_PUT_ERROR(EVP, pkey_ec_keygen, EVP_R_NO_PARAMETERS_SET); + OPENSSL_PUT_ERROR(EVP, EVP_R_NO_PARAMETERS_SET); return 0; } ec = EC_KEY_new(); @@ -290,12 +273,11 @@ static int pkey_ec_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { } const EVP_PKEY_METHOD ec_pkey_meth = { - EVP_PKEY_EC, 0 /* flags */, pkey_ec_init, - pkey_ec_copy, pkey_ec_cleanup, 0 /* paramgen_init */, - pkey_ec_paramgen, 0 /* keygen_init */, pkey_ec_keygen, - 0 /* sign_init */, pkey_ec_sign, 0 /* verify_init */, - pkey_ec_verify, 0 /* signctx_init */, 0 /* signctx */, - 0 /* verifyctx_init */, 0 /* verifyctx */, 0 /* encrypt_init */, - 0 /* encrypt */, 0 /* decrypt_init */, 0 /* decrypt */, - 0 /* derive_init */, pkey_ec_derive, pkey_ec_ctrl, + EVP_PKEY_EC, 0 /* flags */, pkey_ec_init, + pkey_ec_copy, pkey_ec_cleanup, 0 /* paramgen_init */, + pkey_ec_paramgen, 0 /* keygen_init */, pkey_ec_keygen, + 0 /* sign_init */, pkey_ec_sign, 0 /* verify_init */, + pkey_ec_verify, 0 /* encrypt_init */, 0 /* encrypt */, + 0 /* decrypt_init */, 0 /* decrypt */, 0 /* derive_init */, + pkey_ec_derive, pkey_ec_ctrl, }; diff --git a/src/crypto/evp/p_ec_asn1.c b/src/crypto/evp/p_ec_asn1.c index fbbf4e7..9867947 100644 --- a/src/crypto/evp/p_ec_asn1.c +++ b/src/crypto/evp/p_ec_asn1.c @@ -71,13 +71,13 @@ static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key) { int nid; if (ec_key == NULL || (group = EC_KEY_get0_group(ec_key)) == NULL) { - OPENSSL_PUT_ERROR(EVP, eckey_param2type, EVP_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(EVP, EVP_R_MISSING_PARAMETERS); return 0; } nid = EC_GROUP_get_curve_name(group); if (nid == NID_undef) { - OPENSSL_PUT_ERROR(EVP, eckey_param2type, EVP_R_NO_NID_FOR_CURVE); + OPENSSL_PUT_ERROR(EVP, EVP_R_NO_NID_FOR_CURVE); return 0; } @@ -94,7 +94,7 @@ static int eckey_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { int penclen; if (!eckey_param2type(&ptype, &pval, ec_key)) { - OPENSSL_PUT_ERROR(EVP, eckey_pub_encode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); return 0; } penclen = i2o_ECPublicKey(ec_key, NULL); @@ -137,7 +137,7 @@ static EC_KEY *eckey_type2param(int ptype, void *pval) { eckey = d2i_ECParameters(NULL, &pm, pmlen); if (eckey == NULL) { - OPENSSL_PUT_ERROR(EVP, eckey_type2param, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); goto err; } } else if (ptype == V_ASN1_OBJECT) { @@ -150,7 +150,7 @@ static EC_KEY *eckey_type2param(int ptype, void *pval) { goto err; } } else { - OPENSSL_PUT_ERROR(EVP, eckey_type2param, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); goto err; } @@ -177,13 +177,13 @@ static int eckey_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) { eckey = eckey_type2param(ptype, pval); if (!eckey) { - OPENSSL_PUT_ERROR(EVP, eckey_pub_decode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); return 0; } /* We have parameters now set public key */ if (!o2i_ECPublicKey(&eckey, &p, pklen)) { - OPENSSL_PUT_ERROR(EVP, eckey_pub_decode, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); goto err; } @@ -232,7 +232,7 @@ static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { /* We have parameters now set private key */ if (!d2i_ECPrivateKey(&eckey, &p, pklen)) { - OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); goto ecerr; } @@ -246,23 +246,23 @@ static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { group = EC_KEY_get0_group(eckey); pub_key = EC_POINT_new(group); if (pub_key == NULL) { - OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); goto ecliberr; } if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group))) { EC_POINT_free(pub_key); - OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); goto ecliberr; } priv_key = EC_KEY_get0_private_key(eckey); if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, NULL)) { EC_POINT_free(pub_key); - OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); goto ecliberr; } if (EC_KEY_set_public_key(eckey, pub_key) == 0) { EC_POINT_free(pub_key); - OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); goto ecliberr; } EC_POINT_free(pub_key); @@ -272,7 +272,7 @@ static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { return 1; ecliberr: - OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); ecerr: if (eckey) { EC_KEY_free(eckey); @@ -290,7 +290,7 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { ec_key = pkey->pkey.ec; if (!eckey_param2type(&ptype, &pval, ec_key)) { - OPENSSL_PUT_ERROR(EVP, eckey_priv_encode, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); return 0; } @@ -304,20 +304,20 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { eplen = i2d_ECPrivateKey(ec_key, NULL); if (!eplen) { EC_KEY_set_enc_flags(ec_key, old_flags); - OPENSSL_PUT_ERROR(EVP, eckey_priv_encode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); return 0; } ep = (uint8_t *)OPENSSL_malloc(eplen); if (!ep) { EC_KEY_set_enc_flags(ec_key, old_flags); - OPENSSL_PUT_ERROR(EVP, eckey_priv_encode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); return 0; } p = ep; if (!i2d_ECPrivateKey(ec_key, &p)) { EC_KEY_set_enc_flags(ec_key, old_flags); OPENSSL_free(ep); - OPENSSL_PUT_ERROR(EVP, eckey_priv_encode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); return 0; } /* restore old encoding flags */ @@ -325,6 +325,7 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { if (!PKCS8_pkey_set0(p8, (ASN1_OBJECT *)OBJ_nid2obj(NID_X9_62_id_ecPublicKey), 0, ptype, pval, ep, eplen)) { + OPENSSL_free(ep); return 0; } @@ -478,7 +479,7 @@ static int do_EC_KEY_print(BIO *bp, const EC_KEY *x, int off, int ktype) { err: if (!ret) { - OPENSSL_PUT_ERROR(EVP, do_EC_KEY_print, reason); + OPENSSL_PUT_ERROR(EVP, reason); } OPENSSL_free(pub_key_bytes); BN_free(order); @@ -491,7 +492,7 @@ static int eckey_param_decode(EVP_PKEY *pkey, const uint8_t **pder, int derlen) { EC_KEY *eckey; if (!(eckey = d2i_ECParameters(NULL, pder, derlen))) { - OPENSSL_PUT_ERROR(EVP, eckey_param_decode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); return 0; } EVP_PKEY_assign_EC_KEY(pkey, eckey); @@ -526,7 +527,7 @@ static int old_ec_priv_decode(EVP_PKEY *pkey, const uint8_t **pder, int derlen) { EC_KEY *ec; if (!(ec = d2i_ECPrivateKey(NULL, pder, derlen))) { - OPENSSL_PUT_ERROR(EVP, old_ec_priv_decode, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); return 0; } EVP_PKEY_assign_EC_KEY(pkey, ec); @@ -542,7 +543,6 @@ const EVP_PKEY_ASN1_METHOD ec_asn1_meth = { EVP_PKEY_EC, 0, "EC", - "OpenSSL EC algorithm", eckey_pub_decode, eckey_pub_encode, diff --git a/src/crypto/evp/p_hmac.c b/src/crypto/evp/p_hmac.c deleted file mode 100644 index 7d3254a..0000000 --- a/src/crypto/evp/p_hmac.c +++ /dev/null @@ -1,223 +0,0 @@ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2007. - */ -/* ==================================================================== - * Copyright (c) 2007 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). */ - -#include - -#include - -#include -#include -#include -#include -#include - -#include "internal.h" -#include "../digest/internal.h" - - -typedef struct { - const EVP_MD *md; /* MD for HMAC use */ - ASN1_OCTET_STRING ktmp; /* Temp storage for key */ - HMAC_CTX ctx; -} HMAC_PKEY_CTX; - -static int pkey_hmac_init(EVP_PKEY_CTX *ctx) { - HMAC_PKEY_CTX *hctx; - hctx = OPENSSL_malloc(sizeof(HMAC_PKEY_CTX)); - if (!hctx) { - return 0; - } - memset(hctx, 0, sizeof(HMAC_PKEY_CTX)); - hctx->ktmp.type = V_ASN1_OCTET_STRING; - HMAC_CTX_init(&hctx->ctx); - - ctx->data = hctx; - - return 1; -} - -static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) { - HMAC_PKEY_CTX *sctx, *dctx; - if (!pkey_hmac_init(dst)) { - return 0; - } - sctx = src->data; - dctx = dst->data; - dctx->md = sctx->md; - HMAC_CTX_init(&dctx->ctx); - if (!HMAC_CTX_copy_ex(&dctx->ctx, &sctx->ctx)) { - return 0; - } - if (sctx->ktmp.data) { - if (!ASN1_OCTET_STRING_set(&dctx->ktmp, sctx->ktmp.data, - sctx->ktmp.length)) { - return 0; - } - } - return 1; -} - -static void pkey_hmac_cleanup(EVP_PKEY_CTX *ctx) { - HMAC_PKEY_CTX *hctx = ctx->data; - - if (hctx == NULL) { - return; - } - - HMAC_CTX_cleanup(&hctx->ctx); - if (hctx->ktmp.data) { - if (hctx->ktmp.length) { - OPENSSL_cleanse(hctx->ktmp.data, hctx->ktmp.length); - } - OPENSSL_free(hctx->ktmp.data); - hctx->ktmp.data = NULL; - } - OPENSSL_free(hctx); -} - -static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { - ASN1_OCTET_STRING *hkey = NULL; - HMAC_PKEY_CTX *hctx = ctx->data; - - if (!hctx->ktmp.data) { - return 0; - } - hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp); - if (!hkey) { - return 0; - } - EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey); - - return 1; -} - -static void int_update(EVP_MD_CTX *ctx, const void *data, size_t count) { - HMAC_PKEY_CTX *hctx = ctx->pctx->data; - HMAC_Update(&hctx->ctx, data, count); -} - -static int hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) { - /* |mctx| gets repurposed as a hook to call |HMAC_Update|. Suppress the - * automatic setting of |mctx->update| and the rest of its initialization. */ - EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT); - mctx->update = int_update; - return 1; -} - -static int hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - EVP_MD_CTX *mctx) { - unsigned int hlen; - HMAC_PKEY_CTX *hctx = ctx->data; - size_t md_size = EVP_MD_CTX_size(mctx); - - if (!sig) { - *siglen = md_size; - return 1; - } else if (*siglen < md_size) { - OPENSSL_PUT_ERROR(EVP, hmac_signctx, EVP_R_BUFFER_TOO_SMALL); - return 0; - } - - if (!HMAC_Final(&hctx->ctx, sig, &hlen)) { - return 0; - } - *siglen = (size_t)hlen; - return 1; -} - -static int pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { - HMAC_PKEY_CTX *hctx = ctx->data; - ASN1_OCTET_STRING *key; - - switch (type) { - case EVP_PKEY_CTRL_SET_MAC_KEY: - if ((!p2 && p1 > 0) || (p1 < -1)) { - return 0; - } - if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1)) { - return 0; - } - break; - - case EVP_PKEY_CTRL_MD: - hctx->md = p2; - break; - - case EVP_PKEY_CTRL_DIGESTINIT: - key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr; - if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md, - ctx->engine)) { - return 0; - } - break; - - default: - OPENSSL_PUT_ERROR(EVP, pkey_hmac_ctrl, EVP_R_COMMAND_NOT_SUPPORTED); - return 0; - } - return 1; -} - -const EVP_PKEY_METHOD hmac_pkey_meth = { - EVP_PKEY_HMAC, 0 /* flags */, pkey_hmac_init, - pkey_hmac_copy, pkey_hmac_cleanup, 0 /* paramgen_init */, - 0 /* paramgen */, 0 /* keygen_init */, pkey_hmac_keygen, - 0 /* sign_init */, 0 /* sign */, 0 /* verify_init */, - 0 /* verify */, hmac_signctx_init, hmac_signctx, - 0 /* verifyctx_init */, 0 /* verifyctx */, 0 /* encrypt_init */, - 0 /* encrypt */, 0 /* decrypt_init */, 0 /* decrypt */, - 0 /* derive_init */, 0 /* derive */, pkey_hmac_ctrl, - 0, -}; diff --git a/src/crypto/evp/p_hmac_asn1.c b/src/crypto/evp/p_hmac_asn1.c deleted file mode 100644 index 8aa6676..0000000 --- a/src/crypto/evp/p_hmac_asn1.c +++ /dev/null @@ -1,89 +0,0 @@ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2007. - */ -/* ==================================================================== - * Copyright (c) 2007 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). */ - -#include - -#include -#include -#include -#include - -#include "internal.h" - - -static int hmac_size(const EVP_PKEY *pkey) { return EVP_MAX_MD_SIZE; } - -static void hmac_key_free(EVP_PKEY *pkey) { - ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr; - if (os) { - if (os->data) { - OPENSSL_cleanse(os->data, os->length); - } - ASN1_OCTET_STRING_free(os); - } -} - -const EVP_PKEY_ASN1_METHOD hmac_asn1_meth = { - EVP_PKEY_HMAC, EVP_PKEY_HMAC, 0 /* flags */, - "HMAC", "OpenSSL HMAC method", 0 /* pub_decode */, - 0 /* pub_encode */, 0 /* pub_cmp */, 0 /* pub_print */, - 0 /*priv_decode */, 0 /* priv_encode */, 0 /* priv_print */, - 0 /* pkey_opaque */, 0 /* pkey_supports_digest */, - hmac_size, 0 /* pkey_bits */, 0 /* param_decode */, - 0 /* param_encode*/, 0 /* param_missing*/, 0 /* param_copy*/, - 0 /* param_cmp*/, 0 /* param_print*/, 0 /* sig_print*/, - hmac_key_free, 0 /* old_priv_decode */, - 0 /* old_priv_encode */ -}; diff --git a/src/crypto/evp/p_rsa.c b/src/crypto/evp/p_rsa.c index 5abc075..cfecbfd 100644 --- a/src/crypto/evp/p_rsa.c +++ b/src/crypto/evp/p_rsa.c @@ -174,7 +174,7 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *siglen, } if (*siglen < key_len) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_sign, EVP_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EVP, EVP_R_BUFFER_TOO_SMALL); return 0; } @@ -182,12 +182,12 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *siglen, unsigned int out_len; if (tbslen != EVP_MD_size(rctx->md)) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_sign, EVP_R_INVALID_DIGEST_LENGTH); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_DIGEST_LENGTH); return 0; } if (EVP_MD_type(rctx->md) == NID_mdc2) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_sign, EVP_R_NO_MDC2_SUPPORT); + OPENSSL_PUT_ERROR(EVP, EVP_R_NO_MDC2_SUPPORT); return 0; } @@ -268,7 +268,7 @@ static int pkey_rsa_encrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, } if (*outlen < key_len) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_encrypt, EVP_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EVP, EVP_R_BUFFER_TOO_SMALL); return 0; } @@ -300,7 +300,7 @@ static int pkey_rsa_decrypt(EVP_PKEY_CTX *ctx, uint8_t *out, } if (*outlen < key_len) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_decrypt, EVP_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EVP, EVP_R_BUFFER_TOO_SMALL); return 0; } @@ -333,7 +333,7 @@ static int check_padding_md(const EVP_MD *md, int padding) { } if (padding == RSA_NO_PADDING) { - OPENSSL_PUT_ERROR(EVP, check_padding_md, EVP_R_INVALID_PADDING_MODE); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PADDING_MODE); return 0; } @@ -361,8 +361,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { 0 == (ctx->operation & (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY))) || (p1 == RSA_PKCS1_OAEP_PADDING && 0 == (ctx->operation & EVP_PKEY_OP_TYPE_CRYPT))) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, - EVP_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE); + OPENSSL_PUT_ERROR(EVP, EVP_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE); return 0; } if ((p1 == RSA_PKCS1_PSS_PADDING || p1 == RSA_PKCS1_OAEP_PADDING) && @@ -379,7 +378,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_RSA_PSS_SALTLEN: case EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN: if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_INVALID_PSS_SALTLEN); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PSS_SALTLEN); return 0; } if (type == EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN) { @@ -394,7 +393,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_RSA_KEYGEN_BITS: if (p1 < 256) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_INVALID_KEYBITS); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_KEYBITS); return 0; } rctx->nbits = p1; @@ -411,7 +410,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_RSA_OAEP_MD: case EVP_PKEY_CTRL_GET_RSA_OAEP_MD: if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_INVALID_PADDING_MODE); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PADDING_MODE); return 0; } if (type == EVP_PKEY_CTRL_GET_RSA_OAEP_MD) { @@ -436,7 +435,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_GET_RSA_MGF1_MD: if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING && rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_INVALID_MGF1_MD); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_MGF1_MD); return 0; } if (type == EVP_PKEY_CTRL_GET_RSA_MGF1_MD) { @@ -452,7 +451,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_RSA_OAEP_LABEL: if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_INVALID_PADDING_MODE); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PADDING_MODE); return 0; } OPENSSL_free(rctx->oaep_label); @@ -469,17 +468,14 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL: if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_INVALID_PADDING_MODE); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PADDING_MODE); return 0; } CBS_init((CBS *)p2, rctx->oaep_label, rctx->oaep_labellen); return 1; - case EVP_PKEY_CTRL_DIGESTINIT: - return 1; - default: - OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_COMMAND_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(EVP, EVP_R_COMMAND_NOT_SUPPORTED); return 0; } } @@ -509,14 +505,13 @@ static int pkey_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { } const EVP_PKEY_METHOD rsa_pkey_meth = { - EVP_PKEY_RSA, 0 /* flags */, pkey_rsa_init, - pkey_rsa_copy, pkey_rsa_cleanup, 0 /* paramgen_init */, - 0 /* paramgen */, 0 /* keygen_init */, pkey_rsa_keygen, - 0 /* sign_init */, pkey_rsa_sign, 0 /* verify_init */, - pkey_rsa_verify, 0 /* signctx_init */, 0 /* signctx */, - 0 /* verifyctx_init */, 0 /* verifyctx */, 0 /* encrypt_init */, - pkey_rsa_encrypt, 0 /* decrypt_init */, pkey_rsa_decrypt, - 0 /* derive_init */, 0 /* derive */, pkey_rsa_ctrl, + EVP_PKEY_RSA, 0 /* flags */, pkey_rsa_init, + pkey_rsa_copy, pkey_rsa_cleanup, 0 /* paramgen_init */, + 0 /* paramgen */, 0 /* keygen_init */, pkey_rsa_keygen, + 0 /* sign_init */, pkey_rsa_sign, 0 /* verify_init */, + pkey_rsa_verify, 0 /* encrypt_init */, pkey_rsa_encrypt, + 0 /* decrypt_init */, pkey_rsa_decrypt, 0 /* derive_init */, + 0 /* derive */, pkey_rsa_ctrl, }; int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int padding) { @@ -593,7 +588,7 @@ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, return -1; } if (CBS_len(&label) > INT_MAX) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_CTX_get0_rsa_oaep_label, ERR_R_OVERFLOW); + OPENSSL_PUT_ERROR(EVP, ERR_R_OVERFLOW); return -1; } *out_label = CBS_data(&label); diff --git a/src/crypto/evp/p_rsa_asn1.c b/src/crypto/evp/p_rsa_asn1.c index 1e2d3f6..f60625b 100644 --- a/src/crypto/evp/p_rsa_asn1.c +++ b/src/crypto/evp/p_rsa_asn1.c @@ -57,6 +57,7 @@ #include #include +#include #include #include #include @@ -69,16 +70,14 @@ static int rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { - uint8_t *encoded = NULL; - int len; - len = i2d_RSAPublicKey(pkey->pkey.rsa, &encoded); - - if (len <= 0) { + uint8_t *encoded; + size_t encoded_len; + if (!RSA_public_key_to_bytes(&encoded, &encoded_len, pkey->pkey.rsa)) { return 0; } if (!X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_RSA), V_ASN1_NULL, NULL, - encoded, len)) { + encoded, encoded_len)) { OPENSSL_free(encoded); return 0; } @@ -89,16 +88,25 @@ static int rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { static int rsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) { const uint8_t *p; int pklen; - RSA *rsa; - if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, NULL, pubkey)) { return 0; } - rsa = d2i_RSAPublicKey(NULL, &p, pklen); - if (rsa == NULL) { - OPENSSL_PUT_ERROR(EVP, rsa_pub_decode, ERR_R_RSA_LIB); + + /* Estonian IDs issued between September 2014 to September 2015 are + * broken. See https://crbug.com/532048 and https://crbug.com/534766. + * + * TODO(davidben): Switch this to the strict version in March 2016 or when + * Chromium can force client certificates down a different codepath, whichever + * comes first. */ + CBS cbs; + CBS_init(&cbs, p, pklen); + RSA *rsa = RSA_parse_public_key_buggy(&cbs); + if (rsa == NULL || CBS_len(&cbs) != 0) { + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); + RSA_free(rsa); return 0; } + EVP_PKEY_assign_RSA(pkey, rsa); return 1; } @@ -109,20 +117,17 @@ static int rsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) { } static int rsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { - uint8_t *rk = NULL; - int rklen; - - rklen = i2d_RSAPrivateKey(pkey->pkey.rsa, &rk); - - if (rklen <= 0) { - OPENSSL_PUT_ERROR(EVP, rsa_priv_encode, ERR_R_MALLOC_FAILURE); + uint8_t *encoded; + size_t encoded_len; + if (!RSA_private_key_to_bytes(&encoded, &encoded_len, pkey->pkey.rsa)) { return 0; } /* TODO(fork): const correctness in next line. */ if (!PKCS8_pkey_set0(p8, (ASN1_OBJECT *)OBJ_nid2obj(NID_rsaEncryption), 0, - V_ASN1_NULL, NULL, rk, rklen)) { - OPENSSL_PUT_ERROR(EVP, rsa_priv_encode, ERR_R_MALLOC_FAILURE); + V_ASN1_NULL, NULL, encoded, encoded_len)) { + OPENSSL_free(encoded); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); return 0; } @@ -132,16 +137,14 @@ static int rsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { static int rsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { const uint8_t *p; int pklen; - RSA *rsa; - if (!PKCS8_pkey_get0(NULL, &p, &pklen, NULL, p8)) { - OPENSSL_PUT_ERROR(EVP, rsa_priv_decode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); return 0; } - rsa = d2i_RSAPrivateKey(NULL, &p, pklen); + RSA *rsa = RSA_private_key_from_bytes(p, pklen); if (rsa == NULL) { - OPENSSL_PUT_ERROR(EVP, rsa_priv_decode, ERR_R_RSA_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_RSA_LIB); return 0; } @@ -198,11 +201,24 @@ static int do_rsa_print(BIO *out, const RSA *rsa, int off, update_buflen(rsa->dmp1, &buf_len); update_buflen(rsa->dmq1, &buf_len); update_buflen(rsa->iqmp, &buf_len); + + if (rsa->additional_primes != NULL) { + size_t i; + + for (i = 0; i < sk_RSA_additional_prime_num(rsa->additional_primes); + i++) { + const RSA_additional_prime *ap = + sk_RSA_additional_prime_value(rsa->additional_primes, i); + update_buflen(ap->prime, &buf_len); + update_buflen(ap->exp, &buf_len); + update_buflen(ap->coeff, &buf_len); + } + } } m = (uint8_t *)OPENSSL_malloc(buf_len + 10); if (m == NULL) { - OPENSSL_PUT_ERROR(EVP, do_rsa_print, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } @@ -241,6 +257,28 @@ static int do_rsa_print(BIO *out, const RSA *rsa, int off, !ASN1_bn_print(out, "coefficient:", rsa->iqmp, m, off)) { goto err; } + + if (rsa->additional_primes != NULL && + sk_RSA_additional_prime_num(rsa->additional_primes) > 0) { + size_t i; + + if (BIO_printf(out, "otherPrimeInfos:\n") <= 0) { + goto err; + } + for (i = 0; i < sk_RSA_additional_prime_num(rsa->additional_primes); + i++) { + const RSA_additional_prime *ap = + sk_RSA_additional_prime_value(rsa->additional_primes, i); + + if (BIO_printf(out, "otherPrimeInfo (prime %u):\n", + (unsigned)(i + 3)) <= 0 || + !ASN1_bn_print(out, "prime:", ap->prime, m, off) || + !ASN1_bn_print(out, "exponent:", ap->exp, m, off) || + !ASN1_bn_print(out, "coeff:", ap->coeff, m, off)) { + goto err; + } + } + } } ret = 1; @@ -407,18 +445,18 @@ static int rsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, return 1; } -static int old_rsa_priv_decode(EVP_PKEY *pkey, const unsigned char **pder, +static int old_rsa_priv_decode(EVP_PKEY *pkey, const uint8_t **pder, int derlen) { RSA *rsa = d2i_RSAPrivateKey(NULL, pder, derlen); if (rsa == NULL) { - OPENSSL_PUT_ERROR(EVP, old_rsa_priv_decode, ERR_R_RSA_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_RSA_LIB); return 0; } EVP_PKEY_assign_RSA(pkey, rsa); return 1; } -static int old_rsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder) { +static int old_rsa_priv_encode(const EVP_PKEY *pkey, uint8_t **pder) { return i2d_RSAPrivateKey(pkey->pkey.rsa, pder); } @@ -474,7 +512,7 @@ static const EVP_MD *rsa_algor_to_md(X509_ALGOR *alg) { } md = EVP_get_digestbyobj(alg->algorithm); if (md == NULL) { - OPENSSL_PUT_ERROR(EVP, rsa_algor_to_md, EVP_R_UNKNOWN_DIGEST); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_DIGEST); } return md; } @@ -487,16 +525,16 @@ static const EVP_MD *rsa_mgf1_to_md(X509_ALGOR *alg, X509_ALGOR *maskHash) { } /* Check mask and lookup mask hash algorithm */ if (OBJ_obj2nid(alg->algorithm) != NID_mgf1) { - OPENSSL_PUT_ERROR(EVP, rsa_mgf1_to_md, EVP_R_UNSUPPORTED_MASK_ALGORITHM); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_MASK_ALGORITHM); return NULL; } if (!maskHash) { - OPENSSL_PUT_ERROR(EVP, rsa_mgf1_to_md, EVP_R_UNSUPPORTED_MASK_PARAMETER); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_MASK_PARAMETER); return NULL; } md = EVP_get_digestbyobj(maskHash->algorithm); if (md == NULL) { - OPENSSL_PUT_ERROR(EVP, rsa_mgf1_to_md, EVP_R_UNKNOWN_MASK_DIGEST); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_MASK_DIGEST); return NULL; } return md; @@ -576,13 +614,13 @@ static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, X509_ALGOR *sigalg, EVP_PKEY *pkey) { /* Sanity check: make sure it is PSS */ if (OBJ_obj2nid(sigalg->algorithm) != NID_rsassaPss) { - OPENSSL_PUT_ERROR(EVP, rsa_pss_to_ctx, EVP_R_UNSUPPORTED_SIGNATURE_TYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_SIGNATURE_TYPE); return 0; } /* Decode PSS parameters */ pss = rsa_pss_decode(sigalg, &maskHash); if (pss == NULL) { - OPENSSL_PUT_ERROR(EVP, rsa_pss_to_ctx, EVP_R_INVALID_PSS_PARAMETERS); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PSS_PARAMETERS); goto err; } @@ -602,7 +640,7 @@ static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, X509_ALGOR *sigalg, EVP_PKEY *pkey) { /* Could perform more salt length sanity checks but the main * RSA routines will trap other invalid values anyway. */ if (saltlen < 0) { - OPENSSL_PUT_ERROR(EVP, rsa_pss_to_ctx, EVP_R_INVALID_SALT_LENGTH); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_SALT_LENGTH); goto err; } } @@ -610,7 +648,7 @@ static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, X509_ALGOR *sigalg, EVP_PKEY *pkey) { /* low-level routines support only trailer field 0xbc (value 1) * and PKCS#1 says we should reject any other value anyway. */ if (pss->trailerField && ASN1_INTEGER_get(pss->trailerField) != 1) { - OPENSSL_PUT_ERROR(EVP, rsa_pss_to_ctx, EVP_R_INVALID_TRAILER); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_TRAILER); goto err; } @@ -638,8 +676,7 @@ static int rsa_digest_verify_init_from_algorithm(EVP_MD_CTX *ctx, EVP_PKEY *pkey) { /* Sanity check: make sure it is PSS */ if (OBJ_obj2nid(sigalg->algorithm) != NID_rsassaPss) { - OPENSSL_PUT_ERROR(EVP, rsa_digest_verify_init_from_algorithm, - EVP_R_UNSUPPORTED_SIGNATURE_TYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_SIGNATURE_TYPE); return 0; } return rsa_pss_to_ctx(ctx, sigalg, pkey); @@ -671,7 +708,6 @@ const EVP_PKEY_ASN1_METHOD rsa_asn1_meth = { ASN1_PKEY_SIGPARAM_NULL, "RSA", - "OpenSSL RSA method", rsa_pub_decode, rsa_pub_encode, diff --git a/src/crypto/ex_data.c b/src/crypto/ex_data.c index 10fefc8..f562f17 100644 --- a/src/crypto/ex_data.c +++ b/src/crypto/ex_data.c @@ -138,7 +138,7 @@ int CRYPTO_get_ex_new_index(CRYPTO_EX_DATA_CLASS *ex_data_class, int *out_index, funcs = OPENSSL_malloc(sizeof(CRYPTO_EX_DATA_FUNCS)); if (funcs == NULL) { - OPENSSL_PUT_ERROR(CRYPTO, CRYPTO_get_ex_new_index, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE); return 0; } @@ -156,12 +156,13 @@ int CRYPTO_get_ex_new_index(CRYPTO_EX_DATA_CLASS *ex_data_class, int *out_index, if (ex_data_class->meth == NULL || !sk_CRYPTO_EX_DATA_FUNCS_push(ex_data_class->meth, funcs)) { - OPENSSL_PUT_ERROR(CRYPTO, CRYPTO_get_ex_new_index, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE); OPENSSL_free(funcs); goto err; } - *out_index = sk_CRYPTO_EX_DATA_FUNCS_num(ex_data_class->meth) - 1; + *out_index = sk_CRYPTO_EX_DATA_FUNCS_num(ex_data_class->meth) - 1 + + ex_data_class->num_reserved; ret = 1; err: @@ -175,7 +176,7 @@ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int index, void *val) { if (ad->sk == NULL) { ad->sk = sk_void_new_null(); if (ad->sk == NULL) { - OPENSSL_PUT_ERROR(CRYPTO, CRYPTO_set_ex_data, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE); return 0; } } @@ -185,7 +186,7 @@ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int index, void *val) { /* Add NULL values until the stack is long enough. */ for (i = n; i <= index; i++) { if (!sk_void_push(ad->sk, NULL)) { - OPENSSL_PUT_ERROR(CRYPTO, CRYPTO_set_ex_data, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE); return 0; } } @@ -222,7 +223,7 @@ static int get_func_pointers(STACK_OF(CRYPTO_EX_DATA_FUNCS) **out, CRYPTO_STATIC_MUTEX_unlock(&ex_data_class->lock); if (n > 0 && *out == NULL) { - OPENSSL_PUT_ERROR(CRYPTO, get_func_pointers, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE); return 0; } @@ -244,8 +245,8 @@ int CRYPTO_new_ex_data(CRYPTO_EX_DATA_CLASS *ex_data_class, void *obj, CRYPTO_EX_DATA_FUNCS *func_pointer = sk_CRYPTO_EX_DATA_FUNCS_value(func_pointers, i); if (func_pointer->new_func) { - func_pointer->new_func(obj, NULL, ad, i, func_pointer->argl, - func_pointer->argp); + func_pointer->new_func(obj, NULL, ad, i + ex_data_class->num_reserved, + func_pointer->argl, func_pointer->argp); } } @@ -272,12 +273,12 @@ int CRYPTO_dup_ex_data(CRYPTO_EX_DATA_CLASS *ex_data_class, CRYPTO_EX_DATA *to, for (i = 0; i < sk_CRYPTO_EX_DATA_FUNCS_num(func_pointers); i++) { CRYPTO_EX_DATA_FUNCS *func_pointer = sk_CRYPTO_EX_DATA_FUNCS_value(func_pointers, i); - void *ptr = CRYPTO_get_ex_data(from, i); + void *ptr = CRYPTO_get_ex_data(from, i + ex_data_class->num_reserved); if (func_pointer->dup_func) { - func_pointer->dup_func(to, from, &ptr, i, func_pointer->argl, - func_pointer->argp); + func_pointer->dup_func(to, from, &ptr, i + ex_data_class->num_reserved, + func_pointer->argl, func_pointer->argp); } - CRYPTO_set_ex_data(to, i, ptr); + CRYPTO_set_ex_data(to, i + ex_data_class->num_reserved, ptr); } sk_CRYPTO_EX_DATA_FUNCS_free(func_pointers); @@ -298,9 +299,9 @@ void CRYPTO_free_ex_data(CRYPTO_EX_DATA_CLASS *ex_data_class, void *obj, CRYPTO_EX_DATA_FUNCS *func_pointer = sk_CRYPTO_EX_DATA_FUNCS_value(func_pointers, i); if (func_pointer->free_func) { - void *ptr = CRYPTO_get_ex_data(ad, i); - func_pointer->free_func(obj, ptr, ad, i, func_pointer->argl, - func_pointer->argp); + void *ptr = CRYPTO_get_ex_data(ad, i + ex_data_class->num_reserved); + func_pointer->free_func(obj, ptr, ad, i + ex_data_class->num_reserved, + func_pointer->argl, func_pointer->argp); } } diff --git a/src/crypto/hkdf/CMakeLists.txt b/src/crypto/hkdf/CMakeLists.txt index 66d680a..53bf558 100644 --- a/src/crypto/hkdf/CMakeLists.txt +++ b/src/crypto/hkdf/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( hkdf diff --git a/src/crypto/hkdf/hkdf.c b/src/crypto/hkdf/hkdf.c index bb7f5a4..f9cdcb0 100644 --- a/src/crypto/hkdf/hkdf.c +++ b/src/crypto/hkdf/hkdf.c @@ -40,7 +40,7 @@ int HKDF(uint8_t *out_key, size_t out_len, /* Expand key material to desired length. */ n = (out_len + digest_len - 1) / digest_len; if (out_len + digest_len < out_len || n > 255) { - OPENSSL_PUT_ERROR(HKDF, HKDF, HKDF_R_OUTPUT_TOO_LARGE); + OPENSSL_PUT_ERROR(HKDF, HKDF_R_OUTPUT_TOO_LARGE); return 0; } @@ -83,7 +83,7 @@ int HKDF(uint8_t *out_key, size_t out_len, out: HMAC_CTX_cleanup(&hmac); if (ret != 1) { - OPENSSL_PUT_ERROR(HKDF, HKDF, ERR_R_HMAC_LIB); + OPENSSL_PUT_ERROR(HKDF, ERR_R_HMAC_LIB); } return ret; } diff --git a/src/crypto/hmac/CMakeLists.txt b/src/crypto/hmac/CMakeLists.txt index 11d267f..392ce01 100644 --- a/src/crypto/hmac/CMakeLists.txt +++ b/src/crypto/hmac/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( hmac diff --git a/src/crypto/hmac/hmac.c b/src/crypto/hmac/hmac.c index 556e7f9..d37a249 100644 --- a/src/crypto/hmac/hmac.c +++ b/src/crypto/hmac/hmac.c @@ -97,7 +97,7 @@ void HMAC_CTX_cleanup(HMAC_CTX *ctx) { EVP_MD_CTX_cleanup(&ctx->i_ctx); EVP_MD_CTX_cleanup(&ctx->o_ctx); EVP_MD_CTX_cleanup(&ctx->md_ctx); - OPENSSL_cleanse(ctx, sizeof(ctx)); + OPENSSL_cleanse(ctx, sizeof(HMAC_CTX)); } int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, size_t key_len, diff --git a/src/crypto/hmac/hmac_tests.txt b/src/crypto/hmac/hmac_tests.txt index 012f593..53f3f8f 100644 --- a/src/crypto/hmac/hmac_tests.txt +++ b/src/crypto/hmac/hmac_tests.txt @@ -1,6 +1,3 @@ -# This test file is shared between evp_test and hmac_test, to test the legacy -# EVP_PKEY_HMAC API. - HMAC = MD5 # Note: The empty key results in passing NULL to HMAC_Init_ex, so this tests # that HMAC_CTX and HMAC treat NULL as the empty key initially. diff --git a/src/crypto/internal.h b/src/crypto/internal.h index 59eddd0..713659d 100644 --- a/src/crypto/internal.h +++ b/src/crypto/internal.h @@ -452,6 +452,7 @@ OPENSSL_EXPORT void CRYPTO_STATIC_MUTEX_unlock( typedef enum { OPENSSL_THREAD_LOCAL_ERR = 0, OPENSSL_THREAD_LOCAL_RAND, + OPENSSL_THREAD_LOCAL_URANDOM_BUF, OPENSSL_THREAD_LOCAL_TEST, NUM_OPENSSL_THREAD_LOCALS, } thread_local_data_t; @@ -493,9 +494,14 @@ typedef struct crypto_ex_data_func_st CRYPTO_EX_DATA_FUNCS; typedef struct { struct CRYPTO_STATIC_MUTEX lock; STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth; + /* num_reserved is one if the ex_data index zero is reserved for legacy + * |TYPE_get_app_data| functions. */ + uint8_t num_reserved; } CRYPTO_EX_DATA_CLASS; -#define CRYPTO_EX_DATA_CLASS_INIT {CRYPTO_STATIC_MUTEX_INIT, NULL} +#define CRYPTO_EX_DATA_CLASS_INIT {CRYPTO_STATIC_MUTEX_INIT, NULL, 0} +#define CRYPTO_EX_DATA_CLASS_INIT_WITH_APP_DATA \ + {CRYPTO_STATIC_MUTEX_INIT, NULL, 1} /* CRYPTO_get_ex_new_index allocates a new index for |ex_data_class| and writes * it to |*out_index|. Each class of object should provide a wrapper function diff --git a/src/crypto/lhash/CMakeLists.txt b/src/crypto/lhash/CMakeLists.txt index c71b8a1..ce785eb 100644 --- a/src/crypto/lhash/CMakeLists.txt +++ b/src/crypto/lhash/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( lhash diff --git a/src/crypto/lhash/lhash.c b/src/crypto/lhash/lhash.c index c282fa8..257900e 100644 --- a/src/crypto/lhash/lhash.c +++ b/src/crypto/lhash/lhash.c @@ -1,4 +1,5 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). diff --git a/src/crypto/md4/CMakeLists.txt b/src/crypto/md4/CMakeLists.txt index db7a187..59140a7 100644 --- a/src/crypto/md4/CMakeLists.txt +++ b/src/crypto/md4/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( md4 diff --git a/src/crypto/md5/CMakeLists.txt b/src/crypto/md5/CMakeLists.txt index 6c5e80f..a37c47e 100644 --- a/src/crypto/md5/CMakeLists.txt +++ b/src/crypto/md5/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) if (${ARCH} STREQUAL "x86_64") set( diff --git a/src/crypto/md5/md5.c b/src/crypto/md5/md5.c index 5575efb..6ad8d12 100644 --- a/src/crypto/md5/md5.c +++ b/src/crypto/md5/md5.c @@ -1,4 +1,5 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). diff --git a/src/crypto/mem.c b/src/crypto/mem.c index ce41440..edd14a8 100644 --- a/src/crypto/mem.c +++ b/src/crypto/mem.c @@ -1,4 +1,5 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). diff --git a/src/crypto/modes/CMakeLists.txt b/src/crypto/modes/CMakeLists.txt index ffb29b6..6da5207 100644 --- a/src/crypto/modes/CMakeLists.txt +++ b/src/crypto/modes/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) if (${ARCH} STREQUAL "x86_64") set( diff --git a/src/crypto/modes/asm/ghash-armv4.pl b/src/crypto/modes/asm/ghash-armv4.pl index 25a4e27..dc5b99e 100644 --- a/src/crypto/modes/asm/ghash-armv4.pl +++ b/src/crypto/modes/asm/ghash-armv4.pl @@ -45,7 +45,7 @@ # processes one byte in 8.45 cycles, A9 - in 10.2, A15 - in 7.63, # Snapdragon S4 - in 9.33. # -# Câmara, D.; Gouvêa, C. P. L.; López, J. & Dahab, R.: Fast Software +# Câmara, D.; Gouvêa, C. P. L.; López, J. & Dahab, R.: Fast Software # Polynomial Multiplication on ARM Processors using the NEON Engine. # # http://conradoplg.cryptoland.net/files/2010/12/mocrysen13.pdf @@ -134,7 +134,7 @@ ___ $code=<<___; #if defined(__arm__) -#include "arm_arch.h" +#include .syntax unified @@ -457,12 +457,12 @@ gcm_ghash_neon: veor $IN,$Xl @ inp^=Xi .Lgmult_neon: ___ - &clmul64x64 ($Xl,$Hlo,"$IN#lo"); # H.lo·Xi.lo + &clmul64x64 ($Xl,$Hlo,"$IN#lo"); # H.lo·Xi.lo $code.=<<___; veor $IN#lo,$IN#lo,$IN#hi @ Karatsuba pre-processing ___ - &clmul64x64 ($Xm,$Hhl,"$IN#lo"); # (H.lo+H.hi)·(Xi.lo+Xi.hi) - &clmul64x64 ($Xh,$Hhi,"$IN#hi"); # H.hi·Xi.hi + &clmul64x64 ($Xm,$Hhl,"$IN#lo"); # (H.lo+H.hi)·(Xi.lo+Xi.hi) + &clmul64x64 ($Xh,$Hhi,"$IN#hi"); # H.hi·Xi.hi $code.=<<___; veor $Xm,$Xm,$Xl @ Karatsuba post-processing veor $Xm,$Xm,$Xh diff --git a/src/crypto/modes/asm/ghash-x86.pl b/src/crypto/modes/asm/ghash-x86.pl index 23a5527..0269169 100644 --- a/src/crypto/modes/asm/ghash-x86.pl +++ b/src/crypto/modes/asm/ghash-x86.pl @@ -358,7 +358,7 @@ $S=12; # shift factor for rem_4bit # effective address calculation and finally merge of value to Z.hi. # Reference to rem_4bit is scheduled so late that I had to >>4 # rem_4bit elements. This resulted in 20-45% procent improvement -# on contemporary µ-archs. +# on contemporary µ-archs. { my $cnt; my $rem_4bit = "eax"; diff --git a/src/crypto/modes/asm/ghash-x86_64.pl b/src/crypto/modes/asm/ghash-x86_64.pl index 6e656ca..5a7ce39 100644 --- a/src/crypto/modes/asm/ghash-x86_64.pl +++ b/src/crypto/modes/asm/ghash-x86_64.pl @@ -576,15 +576,15 @@ $code.=<<___ if (0 || (&reduction_alg9($Xhi,$Xi)&&0)); # experimental alternative. special thing about is that there # no dependency between the two multiplications... mov \$`0xE1<<1`,%eax - mov \$0xA040608020C0E000,%r10 # ((7..0)·0xE0)&0xff + mov \$0xA040608020C0E000,%r10 # ((7..0)·0xE0)&0xff mov \$0x07,%r11d movq %rax,$T1 movq %r10,$T2 movq %r11,$T3 # borrow $T3 pand $Xi,$T3 - pshufb $T3,$T2 # ($Xi&7)·0xE0 + pshufb $T3,$T2 # ($Xi&7)·0xE0 movq %rax,$T3 - pclmulqdq \$0x00,$Xi,$T1 # ·(0xE1<<1) + pclmulqdq \$0x00,$Xi,$T1 # ·(0xE1<<1) pxor $Xi,$T2 pslldq \$15,$T2 paddd $T2,$T2 # <<(64+56+1) @@ -657,7 +657,7 @@ $code.=<<___; je .Lskip4x sub \$0x30,$len - mov \$0xA040608020C0E000,%rax # ((7..0)·0xE0)&0xff + mov \$0xA040608020C0E000,%rax # ((7..0)·0xE0)&0xff movdqu 0x30($Htbl),$Hkey3 movdqu 0x40($Htbl),$Hkey4 diff --git a/src/crypto/modes/asm/ghashv8-armx.pl b/src/crypto/modes/asm/ghashv8-armx.pl index 686951f..3a7b8d8 100644 --- a/src/crypto/modes/asm/ghashv8-armx.pl +++ b/src/crypto/modes/asm/ghashv8-armx.pl @@ -54,7 +54,7 @@ my ($Xl,$Xm,$Xh,$IN)=map("q$_",(0..3)); my ($t0,$t1,$t2,$xC2,$H,$Hhl,$H2)=map("q$_",(8..14)); $code=<<___; -#include "arm_arch.h" +#include .text ___ @@ -148,10 +148,10 @@ gcm_gmult_v8: #endif vext.8 $IN,$t1,$t1,#8 - vpmull.p64 $Xl,$H,$IN @ H.lo·Xi.lo + vpmull.p64 $Xl,$H,$IN @ H.lo·Xi.lo veor $t1,$t1,$IN @ Karatsuba pre-processing - vpmull2.p64 $Xh,$H,$IN @ H.hi·Xi.hi - vpmull.p64 $Xm,$Hhl,$t1 @ (H.lo+H.hi)·(Xi.lo+Xi.hi) + vpmull2.p64 $Xh,$H,$IN @ H.hi·Xi.hi + vpmull.p64 $Xm,$Hhl,$t1 @ (H.lo+H.hi)·(Xi.lo+Xi.hi) vext.8 $t1,$Xl,$Xh,#8 @ Karatsuba post-processing veor $t2,$Xl,$Xh @@ -239,7 +239,7 @@ $code.=<<___; #endif vext.8 $In,$t1,$t1,#8 veor $IN,$IN,$Xl @ I[i]^=Xi - vpmull.p64 $Xln,$H,$In @ H·Ii+1 + vpmull.p64 $Xln,$H,$In @ H·Ii+1 veor $t1,$t1,$In @ Karatsuba pre-processing vpmull2.p64 $Xhn,$H,$In b .Loop_mod2x_v8 @@ -248,14 +248,14 @@ $code.=<<___; .Loop_mod2x_v8: vext.8 $t2,$IN,$IN,#8 subs $len,$len,#32 @ is there more data? - vpmull.p64 $Xl,$H2,$IN @ H^2.lo·Xi.lo + vpmull.p64 $Xl,$H2,$IN @ H^2.lo·Xi.lo cclr $inc,lo @ is it time to zero $inc? vpmull.p64 $Xmn,$Hhl,$t1 veor $t2,$t2,$IN @ Karatsuba pre-processing - vpmull2.p64 $Xh,$H2,$IN @ H^2.hi·Xi.hi + vpmull2.p64 $Xh,$H2,$IN @ H^2.hi·Xi.hi veor $Xl,$Xl,$Xln @ accumulate - vpmull2.p64 $Xm,$Hhl,$t2 @ (H^2.lo+H^2.hi)·(Xi.lo+Xi.hi) + vpmull2.p64 $Xm,$Hhl,$t2 @ (H^2.lo+H^2.hi)·(Xi.lo+Xi.hi) vld1.64 {$t0},[$inp],$inc @ load [rotated] I[i+2] veor $Xh,$Xh,$Xhn @@ -280,7 +280,7 @@ $code.=<<___; vext.8 $In,$t1,$t1,#8 vext.8 $IN,$t0,$t0,#8 veor $Xl,$Xm,$t2 - vpmull.p64 $Xln,$H,$In @ H·Ii+1 + vpmull.p64 $Xln,$H,$In @ H·Ii+1 veor $IN,$IN,$Xh @ accumulate $IN early vext.8 $t2,$Xl,$Xl,#8 @ 2nd phase of reduction @@ -304,10 +304,10 @@ $code.=<<___; veor $IN,$IN,$Xl @ inp^=Xi veor $t1,$t0,$t2 @ $t1 is rotated inp^Xi - vpmull.p64 $Xl,$H,$IN @ H.lo·Xi.lo + vpmull.p64 $Xl,$H,$IN @ H.lo·Xi.lo veor $t1,$t1,$IN @ Karatsuba pre-processing - vpmull2.p64 $Xh,$H,$IN @ H.hi·Xi.hi - vpmull.p64 $Xm,$Hhl,$t1 @ (H.lo+H.hi)·(Xi.lo+Xi.hi) + vpmull2.p64 $Xh,$H,$IN @ H.hi·Xi.hi + vpmull.p64 $Xm,$Hhl,$t1 @ (H.lo+H.hi)·(Xi.lo+Xi.hi) vext.8 $t1,$Xl,$Xh,#8 @ Karatsuba post-processing veor $t2,$Xl,$Xh diff --git a/src/crypto/modes/gcm.c b/src/crypto/modes/gcm.c index b1c10b3..593dce8 100644 --- a/src/crypto/modes/gcm.c +++ b/src/crypto/modes/gcm.c @@ -349,12 +349,12 @@ void gcm_ghash_4bit_x86(uint64_t Xi[2], const u128 Htable[16], const uint8_t *in size_t len); #endif #elif defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64) -#include "../arm_arch.h" +#include #if __ARM_ARCH__ >= 7 #define GHASH_ASM_ARM #define GCM_FUNCREF_4BIT -static int pmull_capable() { +static int pmull_capable(void) { return (OPENSSL_armcap_P & ARMV8_PMULL) != 0; } @@ -365,7 +365,7 @@ void gcm_ghash_v8(uint64_t Xi[2], const u128 Htable[16], const uint8_t *inp, #if defined(OPENSSL_ARM) /* 32-bit ARM also has support for doing GCM with NEON instructions. */ -static int neon_capable() { +static int neon_capable(void) { return CRYPTO_is_NEON_capable(); } @@ -375,7 +375,7 @@ void gcm_ghash_neon(uint64_t Xi[2], const u128 Htable[16], const uint8_t *inp, size_t len); #else /* AArch64 only has the ARMv8 versions of functions. */ -static int neon_capable() { +static int neon_capable(void) { return 0; } void gcm_init_neon(u128 Htable[16], const uint64_t Xi[2]) { diff --git a/src/crypto/modes/gcm_test.c b/src/crypto/modes/gcm_test.c index a8819ea..89ed792 100644 --- a/src/crypto/modes/gcm_test.c +++ b/src/crypto/modes/gcm_test.c @@ -55,6 +55,7 @@ #include #include "internal.h" +#include "../test/test_util.h" struct test_case { @@ -298,17 +299,6 @@ err: return 0; } -void hexdump(const char *msg, const void *in, size_t len) { - const uint8_t *data = in; - size_t i; - - fprintf(stderr, "%s: ", msg); - for (i = 0; i < len; i++) { - fprintf(stderr, "%02x", data[i]); - } - fprintf(stderr, "\n"); -} - static int run_test_case(unsigned test_num, const struct test_case *test) { size_t key_len, plaintext_len, additional_data_len, nonce_len, ciphertext_len, tag_len; @@ -367,8 +357,8 @@ static int run_test_case(unsigned test_num, const struct test_case *test) { if (!CRYPTO_gcm128_finish(&ctx, tag, tag_len) || (ciphertext && memcmp(out, ciphertext, plaintext_len) != 0)) { fprintf(stderr, "%u: encrypt failed.\n", test_num); - hexdump("got ", out, plaintext_len); - hexdump("want", ciphertext, plaintext_len); + hexdump(stderr, "got :", out, plaintext_len); + hexdump(stderr, "want:", ciphertext, plaintext_len); goto out; } diff --git a/src/crypto/modes/internal.h b/src/crypto/modes/internal.h index d12405e..caeac40 100644 --- a/src/crypto/modes/internal.h +++ b/src/crypto/modes/internal.h @@ -173,11 +173,6 @@ struct gcm128_context { void *key; }; -struct xts128_context { - void *key1, *key2; - block128_f block1, block2; -}; - struct ccm128_context { union { uint64_t u[2]; diff --git a/src/crypto/obj/CMakeLists.txt b/src/crypto/obj/CMakeLists.txt index a27e504..b8a4ef3 100644 --- a/src/crypto/obj/CMakeLists.txt +++ b/src/crypto/obj/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( obj diff --git a/src/crypto/obj/obj.c b/src/crypto/obj/obj.c index bf16d17..94f739c 100644 --- a/src/crypto/obj/obj.c +++ b/src/crypto/obj/obj.c @@ -108,7 +108,7 @@ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o) { r = ASN1_OBJECT_new(); if (r == NULL) { - OPENSSL_PUT_ERROR(OBJ, OBJ_dup, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(OBJ, ERR_R_ASN1_LIB); return NULL; } r->ln = r->sn = NULL; @@ -149,7 +149,7 @@ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o) { return r; err: - OPENSSL_PUT_ERROR(OBJ, OBJ_dup, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(OBJ, ERR_R_MALLOC_FAILURE); OPENSSL_free(ln); OPENSSL_free(sn); OPENSSL_free(data); @@ -337,7 +337,7 @@ const ASN1_OBJECT *OBJ_nid2obj(int nid) { CRYPTO_STATIC_MUTEX_unlock(&global_added_lock); err: - OPENSSL_PUT_ERROR(OBJ, OBJ_nid2obj, OBJ_R_UNKNOWN_NID); + OPENSSL_PUT_ERROR(OBJ, OBJ_R_UNKNOWN_NID); return NULL; } @@ -388,7 +388,7 @@ ASN1_OBJECT *OBJ_txt2obj(const char *s, int dont_search_names) { buf = OPENSSL_malloc(total_len); if (buf == NULL) { - OPENSSL_PUT_ERROR(OBJ, OBJ_txt2obj, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(OBJ, ERR_R_MALLOC_FAILURE); return NULL; } @@ -636,7 +636,7 @@ int OBJ_create(const char *oid, const char *short_name, const char *long_name) { buf = OPENSSL_malloc(len); if (buf == NULL) { - OPENSSL_PUT_ERROR(OBJ, OBJ_create, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(OBJ, ERR_R_MALLOC_FAILURE); goto err; } diff --git a/src/crypto/pem/CMakeLists.txt b/src/crypto/pem/CMakeLists.txt index 720ba2f..30dd7c9 100644 --- a/src/crypto/pem/CMakeLists.txt +++ b/src/crypto/pem/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( pem diff --git a/src/crypto/pem/pem_info.c b/src/crypto/pem/pem_info.c index 3f02619..b4ae805 100644 --- a/src/crypto/pem/pem_info.c +++ b/src/crypto/pem/pem_info.c @@ -80,7 +80,7 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_p if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_X509_INFO_read, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); @@ -107,7 +107,7 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pe { if ((ret=sk_X509_INFO_new_null()) == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_X509_INFO_read_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE); goto err; } } @@ -248,13 +248,13 @@ start: { if (!d2i_PrivateKey(ptype, pp, &p, len)) { - OPENSSL_PUT_ERROR(PEM, PEM_X509_INFO_read_bio, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); goto err; } } else if (d2i(pp,&p,len) == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_X509_INFO_read_bio, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); goto err; } } @@ -326,7 +326,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc)); if (objstr == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_X509_INFO_write_bio, PEM_R_UNSUPPORTED_CIPHER); + OPENSSL_PUT_ERROR(PEM, PEM_R_UNSUPPORTED_CIPHER); goto err; } } @@ -342,7 +342,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, { if (enc == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_X509_INFO_write_bio, PEM_R_CIPHER_IS_NULL); + OPENSSL_PUT_ERROR(PEM, PEM_R_CIPHER_IS_NULL); goto err; } @@ -360,7 +360,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, EVP_CIPHER_nid(xi->enc_cipher.cipher)); if (objstr == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_X509_INFO_write_bio, PEM_R_UNSUPPORTED_CIPHER); + OPENSSL_PUT_ERROR(PEM, PEM_R_UNSUPPORTED_CIPHER); goto err; } diff --git a/src/crypto/pem/pem_lib.c b/src/crypto/pem/pem_lib.c index 5201467..5915696 100644 --- a/src/crypto/pem/pem_lib.c +++ b/src/crypto/pem/pem_lib.c @@ -128,7 +128,7 @@ void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x, if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_ASN1_read, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); @@ -275,7 +275,7 @@ int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp, if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_ASN1_write, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); @@ -302,14 +302,14 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc)); if (objstr == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_ASN1_write_bio, PEM_R_UNSUPPORTED_CIPHER); + OPENSSL_PUT_ERROR(PEM, PEM_R_UNSUPPORTED_CIPHER); goto err; } } if ((dsize=i2d(x,NULL)) < 0) { - OPENSSL_PUT_ERROR(PEM, PEM_ASN1_write_bio, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); dsize=0; goto err; } @@ -318,7 +318,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, data=(unsigned char *)OPENSSL_malloc((unsigned int)dsize+20); if (data == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_ASN1_write_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE); goto err; } p=data; @@ -336,7 +336,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, klen=(*callback)(buf,PEM_BUFSIZE,1,u); if (klen <= 0) { - OPENSSL_PUT_ERROR(PEM, PEM_ASN1_write_bio, PEM_R_READ_KEY); + OPENSSL_PUT_ERROR(PEM, PEM_R_READ_KEY); goto err; } kstr=(unsigned char *)buf; @@ -408,7 +408,7 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen, klen=callback(buf,PEM_BUFSIZE,0,u); if (klen <= 0) { - OPENSSL_PUT_ERROR(PEM, PEM_do_header, PEM_R_BAD_PASSWORD_READ); + OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_PASSWORD_READ); return(0); } @@ -428,7 +428,7 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen, OPENSSL_cleanse((char *)key,sizeof(key)); if (!o) { - OPENSSL_PUT_ERROR(PEM, PEM_do_header, PEM_R_BAD_DECRYPT); + OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_DECRYPT); return(0); } j+=i; @@ -437,11 +437,18 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen, } static const EVP_CIPHER* cipher_by_name(const char *name) { - if (strcmp(name, "DES-CBC") == 0) { + /* This is similar to the (deprecated) function |EVP_get_cipherbyname|. */ + if (0 == strcmp(name, SN_rc4)) { + return EVP_rc4(); + } else if (0 == strcmp(name, SN_des_cbc)) { return EVP_des_cbc(); - } else if (strcmp(name, "AES-128-CBC") == 0) { + } else if (0 == strcmp(name, SN_des_ede3_cbc)) { + return EVP_des_ede3_cbc(); + } else if (0 == strcmp(name, SN_aes_128_cbc)) { return EVP_aes_128_cbc(); - } else if (strcmp(name, "AES-256-CBC") == 0) { + } else if (0 == strcmp(name, SN_aes_192_cbc)) { + return EVP_aes_192_cbc(); + } else if (0 == strcmp(name, SN_aes_256_cbc)) { return EVP_aes_256_cbc(); } else { return NULL; @@ -458,19 +465,19 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher) if ((header == NULL) || (*header == '\0') || (*header == '\n')) return(1); if (strncmp(header,"Proc-Type: ",11) != 0) - { OPENSSL_PUT_ERROR(PEM, PEM_get_EVP_CIPHER_INFO, PEM_R_NOT_PROC_TYPE); return(0); } + { OPENSSL_PUT_ERROR(PEM, PEM_R_NOT_PROC_TYPE); return(0); } header+=11; if (*header != '4') return(0); header++; if (*header != ',') return(0); header++; if (strncmp(header,"ENCRYPTED",9) != 0) - { OPENSSL_PUT_ERROR(PEM, PEM_get_EVP_CIPHER_INFO, PEM_R_NOT_ENCRYPTED); return(0); } + { OPENSSL_PUT_ERROR(PEM, PEM_R_NOT_ENCRYPTED); return(0); } for (; (*header != '\n') && (*header != '\0'); header++) ; if (*header == '\0') - { OPENSSL_PUT_ERROR(PEM, PEM_get_EVP_CIPHER_INFO, PEM_R_SHORT_HEADER); return(0); } + { OPENSSL_PUT_ERROR(PEM, PEM_R_SHORT_HEADER); return(0); } header++; if (strncmp(header,"DEK-Info: ",10) != 0) - { OPENSSL_PUT_ERROR(PEM, PEM_get_EVP_CIPHER_INFO, PEM_R_NOT_DEK_INFO); return(0); } + { OPENSSL_PUT_ERROR(PEM, PEM_R_NOT_DEK_INFO); return(0); } header+=10; p=header; @@ -489,7 +496,7 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher) if (enc == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_get_EVP_CIPHER_INFO, PEM_R_UNSUPPORTED_ENCRYPTION); + OPENSSL_PUT_ERROR(PEM, PEM_R_UNSUPPORTED_ENCRYPTION); return(0); } if (!load_iv(header_pp,&(cipher->iv[0]),EVP_CIPHER_iv_length(enc))) @@ -516,7 +523,7 @@ static int load_iv(char **fromp, unsigned char *to, int num) v= *from-'a'+10; else { - OPENSSL_PUT_ERROR(PEM, load_iv, PEM_R_BAD_IV_CHARS); + OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_IV_CHARS); return(0); } from++; @@ -536,7 +543,7 @@ int PEM_write(FILE *fp, const char *name, const char *header, if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_write, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); @@ -603,7 +610,7 @@ err: OPENSSL_cleanse(buf, PEM_BUFSIZE*8); OPENSSL_free(buf); } - OPENSSL_PUT_ERROR(PEM, PEM_write_bio, reason); + OPENSSL_PUT_ERROR(PEM, reason); return(0); } @@ -616,7 +623,7 @@ int PEM_read(FILE *fp, char **name, char **header, unsigned char **data, if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_read, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); @@ -644,7 +651,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, BUF_MEM_free(nameB); BUF_MEM_free(headerB); BUF_MEM_free(dataB); - OPENSSL_PUT_ERROR(PEM, PEM_read_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE); return(0); } @@ -655,7 +662,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, if (i <= 0) { - OPENSSL_PUT_ERROR(PEM, PEM_read_bio, PEM_R_NO_START_LINE); + OPENSSL_PUT_ERROR(PEM, PEM_R_NO_START_LINE); goto err; } @@ -670,7 +677,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, continue; if (!BUF_MEM_grow(nameB,i+9)) { - OPENSSL_PUT_ERROR(PEM, PEM_read_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE); goto err; } memcpy(nameB->data,&(buf[11]),i-6); @@ -680,7 +687,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, } hl=0; if (!BUF_MEM_grow(headerB,256)) - { OPENSSL_PUT_ERROR(PEM, PEM_read_bio, ERR_R_MALLOC_FAILURE); goto err; } + { OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE); goto err; } headerB->data[0]='\0'; for (;;) { @@ -692,7 +699,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, if (buf[0] == '\n') break; if (!BUF_MEM_grow(headerB,hl+i+9)) - { OPENSSL_PUT_ERROR(PEM, PEM_read_bio, ERR_R_MALLOC_FAILURE); goto err; } + { OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE); goto err; } if (strncmp(buf,"-----END ",9) == 0) { nohead=1; @@ -705,7 +712,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, bl=0; if (!BUF_MEM_grow(dataB,1024)) - { OPENSSL_PUT_ERROR(PEM, PEM_read_bio, ERR_R_MALLOC_FAILURE); goto err; } + { OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE); goto err; } dataB->data[0]='\0'; if (!nohead) { @@ -723,7 +730,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, if (i > 65) break; if (!BUF_MEM_grow_clean(dataB,i+bl+9)) { - OPENSSL_PUT_ERROR(PEM, PEM_read_bio, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE); goto err; } memcpy(&(dataB->data[bl]),buf,i); @@ -754,7 +761,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, (strncmp(nameB->data,&(buf[9]),i) != 0) || (strncmp(&(buf[9+i]),"-----\n",6) != 0)) { - OPENSSL_PUT_ERROR(PEM, PEM_read_bio, PEM_R_BAD_END_LINE); + OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_END_LINE); goto err; } @@ -764,13 +771,13 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, (unsigned char *)dataB->data,bl); if (i < 0) { - OPENSSL_PUT_ERROR(PEM, PEM_read_bio, PEM_R_BAD_BASE64_DECODE); + OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_BASE64_DECODE); goto err; } i=EVP_DecodeFinal(&ctx,(unsigned char *)&(dataB->data[bl]),&k); if (i < 0) { - OPENSSL_PUT_ERROR(PEM, PEM_read_bio, PEM_R_BAD_BASE64_DECODE); + OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_BASE64_DECODE); goto err; } bl+=k; diff --git a/src/crypto/pem/pem_oth.c b/src/crypto/pem/pem_oth.c index 20d12b6..3e8f6bd 100644 --- a/src/crypto/pem/pem_oth.c +++ b/src/crypto/pem/pem_oth.c @@ -83,7 +83,7 @@ void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x, p = data; ret=d2i(x,&p,len); if (ret == NULL) - OPENSSL_PUT_ERROR(PEM, PEM_ASN1_read_bio, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); OPENSSL_free(data); return ret; } diff --git a/src/crypto/pem/pem_pk8.c b/src/crypto/pem/pem_pk8.c index 035038e..0824477 100644 --- a/src/crypto/pem/pem_pk8.c +++ b/src/crypto/pem/pem_pk8.c @@ -118,7 +118,7 @@ static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER char buf[PEM_BUFSIZE]; int ret; if(!(p8inf = EVP_PKEY2PKCS8(x))) { - OPENSSL_PUT_ERROR(PEM, do_pk8pkey, PEM_R_ERROR_CONVERTING_PRIVATE_KEY); + OPENSSL_PUT_ERROR(PEM, PEM_R_ERROR_CONVERTING_PRIVATE_KEY); return 0; } if(enc || (nid != -1)) { @@ -127,7 +127,7 @@ static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER if (!cb) cb = PEM_def_callback; klen = cb(buf, PEM_BUFSIZE, 1, u); if(klen <= 0) { - OPENSSL_PUT_ERROR(PEM, do_pk8pkey, PEM_R_READ_KEY); + OPENSSL_PUT_ERROR(PEM, PEM_R_READ_KEY); PKCS8_PRIV_KEY_INFO_free(p8inf); return 0; } @@ -163,7 +163,7 @@ EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo if (!cb) cb = PEM_def_callback; klen=cb(psbuf,PEM_BUFSIZE,0,u); if (klen <= 0) { - OPENSSL_PUT_ERROR(PEM, d2i_PKCS8PrivateKey_bio, PEM_R_BAD_PASSWORD_READ); + OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_PASSWORD_READ); X509_SIG_free(p8); return NULL; } @@ -216,7 +216,7 @@ static int do_pk8pkey_fp(FILE *fp, EVP_PKEY *x, int isder, int nid, const EVP_CI BIO *bp; int ret; if(!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) { - OPENSSL_PUT_ERROR(PEM, do_pk8pkey_fp, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); return(0); } ret = do_pk8pkey(bp, x, isder, nid, enc, kstr, klen, cb, u); @@ -229,7 +229,7 @@ EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, vo BIO *bp; EVP_PKEY *ret; if(!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) { - OPENSSL_PUT_ERROR(PEM, d2i_PKCS8PrivateKey_fp, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); return NULL; } ret = d2i_PKCS8PrivateKey_bio(bp, x, cb, u); diff --git a/src/crypto/pem/pem_pkey.c b/src/crypto/pem/pem_pkey.c index fe58558..c462727 100644 --- a/src/crypto/pem/pem_pkey.c +++ b/src/crypto/pem/pem_pkey.c @@ -109,7 +109,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo if (!cb) cb = PEM_def_callback; klen=cb(psbuf,PEM_BUFSIZE,0,u); if (klen <= 0) { - OPENSSL_PUT_ERROR(PEM, PEM_read_bio_PrivateKey, PEM_R_BAD_PASSWORD_READ); + OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_PASSWORD_READ); X509_SIG_free(p8); goto err; } @@ -132,7 +132,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo } p8err: if (ret == NULL) - OPENSSL_PUT_ERROR(PEM, PEM_read_bio_PrivateKey, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); err: OPENSSL_free(nm); @@ -210,7 +210,7 @@ EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x) } err: if (ret == NULL) - OPENSSL_PUT_ERROR(PEM, PEM_read_bio_Parameters, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); OPENSSL_free(nm); OPENSSL_free(data); return(ret); @@ -236,7 +236,7 @@ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_read_PrivateKey, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); @@ -254,7 +254,7 @@ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, if ((b=BIO_new_fp(fp, BIO_NOCLOSE)) == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_write_PrivateKey, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); return 0; } ret=PEM_write_bio_PrivateKey(b, x, enc, kstr, klen, cb, u); @@ -287,7 +287,7 @@ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u) ret = d2i_DHparams(x, &p, len); if (ret == NULL) - OPENSSL_PUT_ERROR(PEM, PEM_read_bio_DHparams, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); OPENSSL_free(nm); OPENSSL_free(data); return ret; @@ -301,7 +301,7 @@ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u) if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(PEM, PEM_read_DHparams, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); diff --git a/src/crypto/perlasm/arm-xlate.pl b/src/crypto/perlasm/arm-xlate.pl index 81ceb31..706fa70 100755 --- a/src/crypto/perlasm/arm-xlate.pl +++ b/src/crypto/perlasm/arm-xlate.pl @@ -116,6 +116,9 @@ sub expand_line { return $line; } +print "#if defined(__arm__)\n" if ($flavour eq "linux32"); +print "#if defined(__aarch64__)\n" if ($flavour eq "linux64"); + while($line=<>) { if ($line =~ m/^\s*(#|@|\/\/)/) { print $line; next; } @@ -162,4 +165,6 @@ while($line=<>) { print "\n"; } +print "#endif" if ($flavour eq "linux32" || $flavour eq "linux64"); + close STDOUT; diff --git a/src/crypto/pkcs8/CMakeLists.txt b/src/crypto/pkcs8/CMakeLists.txt index 4426f1e..ce5bce1 100644 --- a/src/crypto/pkcs8/CMakeLists.txt +++ b/src/crypto/pkcs8/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( pkcs8 @@ -19,4 +19,11 @@ add_executable( $ ) +add_executable( + pkcs8_test + + pkcs8_test.cc +) + +target_link_libraries(pkcs8_test crypto) target_link_libraries(pkcs12_test crypto) diff --git a/src/crypto/pkcs8/internal.h b/src/crypto/pkcs8/internal.h index 44ca4f7..7995e78 100644 --- a/src/crypto/pkcs8/internal.h +++ b/src/crypto/pkcs8/internal.h @@ -66,6 +66,15 @@ extern "C" { #define PKCS5_DEFAULT_ITERATIONS 2048 #define PKCS5_SALT_LEN 8 +/* PKCS5_v2_PBE_keyivgen intializes the supplied |ctx| for PBKDF v2, which must + * be specified by |param|. The password is specified by |pass_raw| and + * |pass_raw_len|. |cipher| and |md| are ignored. + * + * It returns one on success and zero on error. */ +int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const uint8_t *pass_raw, + size_t pass_raw_len, ASN1_TYPE *param, + const EVP_CIPHER *cipher, const EVP_MD *md, int enc); + #if defined(__cplusplus) } /* extern C */ diff --git a/src/crypto/pkcs8/p5_pbe.c b/src/crypto/pkcs8/p5_pbe.c index f30ae79..653cabf 100644 --- a/src/crypto/pkcs8/p5_pbe.c +++ b/src/crypto/pkcs8/p5_pbe.c @@ -86,21 +86,21 @@ int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, pbe = PBEPARAM_new(); if (!pbe) { - OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbe_set0_algor, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); goto err; } if(iter <= 0) iter = PKCS5_DEFAULT_ITERATIONS; if (!ASN1_INTEGER_set(pbe->iter, iter)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbe_set0_algor, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); goto err; } if (!saltlen) saltlen = PKCS5_SALT_LEN; if (!ASN1_STRING_set(pbe->salt, NULL, saltlen)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbe_set0_algor, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); goto err; } sstr = ASN1_STRING_data(pbe->salt); @@ -111,7 +111,7 @@ int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, if(!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbe_set0_algor, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); goto err; } @@ -138,7 +138,7 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, ret = X509_ALGOR_new(); if (!ret) { - OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbe_set, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/src/crypto/pkcs8/p5_pbev2.c b/src/crypto/pkcs8/p5_pbev2.c index 9eb9848..f58aae7 100644 --- a/src/crypto/pkcs8/p5_pbev2.c +++ b/src/crypto/pkcs8/p5_pbev2.c @@ -53,6 +53,8 @@ * (eay@cryptsoft.com). This product includes software written by Tim * Hudson (tjh@cryptsoft.com). */ +#include +#include #include #include @@ -124,7 +126,7 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, alg_nid = EVP_CIPHER_nid(cipher); if(alg_nid == NID_undef) { - OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbe2_set_iv, PKCS8_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER); goto err; } obj = OBJ_nid2obj(alg_nid); @@ -152,7 +154,7 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, if (!EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0)) goto err; if(param_to_asn1(&ctx, scheme->parameter) < 0) { - OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbe2_set_iv, PKCS8_R_ERROR_SETTING_CIPHER_PARAMS); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ERROR_SETTING_CIPHER_PARAMS); EVP_CIPHER_CTX_cleanup(&ctx); goto err; } @@ -202,7 +204,7 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, return ret; merr: - OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbe2_set_iv, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); err: PBE2PARAM_free(pbe2); @@ -295,9 +297,143 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, return keyfunc; merr: - OPENSSL_PUT_ERROR(PKCS8, PKCS5_pbkdf2_set, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); PBKDF2PARAM_free(kdf); X509_ALGOR_free(keyfunc); return NULL; } +static int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, + const uint8_t *pass_raw, + size_t pass_raw_len, const ASN1_TYPE *param, + const ASN1_TYPE *iv, int enc) { + int rv = 0; + PBKDF2PARAM *pbkdf2param = NULL; + + if (EVP_CIPHER_CTX_cipher(ctx) == NULL) { + OPENSSL_PUT_ERROR(PKCS8, CIPHER_R_NO_CIPHER_SET); + goto err; + } + + /* Decode parameters. */ + if (param == NULL || param->type != V_ASN1_SEQUENCE) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); + goto err; + } + + const uint8_t *pbuf = param->value.sequence->data; + int plen = param->value.sequence->length; + pbkdf2param = d2i_PBKDF2PARAM(NULL, &pbuf, plen); + if (pbkdf2param == NULL || pbuf != param->value.sequence->data + plen) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); + goto err; + } + + /* Now check the parameters. */ + uint8_t key[EVP_MAX_KEY_LENGTH]; + const size_t key_len = EVP_CIPHER_CTX_key_length(ctx); + assert(key_len <= sizeof(key)); + + if (pbkdf2param->keylength != NULL && + ASN1_INTEGER_get(pbkdf2param->keylength) != (int) key_len) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_KEYLENGTH); + goto err; + } + + if (pbkdf2param->prf != NULL && + OBJ_obj2nid(pbkdf2param->prf->algorithm) != NID_hmacWithSHA1) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_PRF); + goto err; + } + + if (pbkdf2param->salt->type != V_ASN1_OCTET_STRING) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_SALT_TYPE); + goto err; + } + + if (pbkdf2param->iter->type != V_ASN1_INTEGER) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_ITERATION_COUNT); + goto err; + } + long iterations = ASN1_INTEGER_get(pbkdf2param->iter); + if (iterations < 0 || iterations > UINT_MAX) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_ITERATION_COUNT); + goto err; + } + + if (iv->type != V_ASN1_OCTET_STRING || iv->value.octet_string == NULL) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ERROR_SETTING_CIPHER_PARAMS); + goto err; + } + + const size_t iv_len = EVP_CIPHER_CTX_iv_length(ctx); + if (iv->value.octet_string->length != iv_len) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ERROR_SETTING_CIPHER_PARAMS); + goto err; + } + + if (!PKCS5_PBKDF2_HMAC_SHA1((const char *) pass_raw, pass_raw_len, + pbkdf2param->salt->value.octet_string->data, + pbkdf2param->salt->value.octet_string->length, + iterations, key_len, key)) { + goto err; + } + + rv = EVP_CipherInit_ex(ctx, NULL /* cipher */, NULL /* engine */, key, + iv->value.octet_string->data, enc); + + err: + PBKDF2PARAM_free(pbkdf2param); + return rv; +} + +int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const uint8_t *pass_raw, + size_t pass_raw_len, ASN1_TYPE *param, + const EVP_CIPHER *unused, const EVP_MD *unused2, + int enc) { + PBE2PARAM *pbe2param = NULL; + int rv = 0; + + if (param == NULL || + param->type != V_ASN1_SEQUENCE || + param->value.sequence == NULL) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); + goto err; + } + + const uint8_t *pbuf = param->value.sequence->data; + int plen = param->value.sequence->length; + pbe2param = d2i_PBE2PARAM(NULL, &pbuf, plen); + if (pbe2param == NULL || pbuf != param->value.sequence->data + plen) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); + goto err; + } + + /* Check that the key derivation function is PBKDF2. */ + if (OBJ_obj2nid(pbe2param->keyfunc->algorithm) != NID_id_pbkdf2) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION); + goto err; + } + + /* See if we recognise the encryption algorithm. */ + const EVP_CIPHER *cipher = + EVP_get_cipherbynid(OBJ_obj2nid(pbe2param->encryption->algorithm)); + if (cipher == NULL) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_CIPHER); + goto err; + } + + /* Fixup cipher based on AlgorithmIdentifier. */ + if (!EVP_CipherInit_ex(ctx, cipher, NULL /* engine */, NULL /* key */, + NULL /* iv */, enc)) { + goto err; + } + + rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass_raw, pass_raw_len, + pbe2param->keyfunc->parameter, + pbe2param->encryption->parameter, enc); + + err: + PBE2PARAM_free(pbe2param); + return rv; +} diff --git a/src/crypto/pkcs8/pkcs8.c b/src/crypto/pkcs8/pkcs8.c index 843c74d..8067c91 100644 --- a/src/crypto/pkcs8/pkcs8.c +++ b/src/crypto/pkcs8/pkcs8.c @@ -69,6 +69,7 @@ #include #include +#include "internal.h" #include "../bytestring/internal.h" #include "../evp/internal.h" @@ -200,7 +201,7 @@ static int pkcs12_key_gen_raw(const uint8_t *pass_raw, size_t pass_raw_len, } err: - OPENSSL_PUT_ERROR(PKCS8, pkcs12_key_gen_raw, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); end: OPENSSL_free(Ai); @@ -227,14 +228,14 @@ static int pkcs12_pbe_keyivgen(EVP_CIPHER_CTX *ctx, const uint8_t *pass_raw, /* Extract useful info from parameter */ if (param == NULL || param->type != V_ASN1_SEQUENCE || param->value.sequence == NULL) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_pbe_keyivgen, PKCS8_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); return 0; } pbuf = param->value.sequence->data; pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length); if (pbe == NULL) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_pbe_keyivgen, PKCS8_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); return 0; } @@ -247,13 +248,13 @@ static int pkcs12_pbe_keyivgen(EVP_CIPHER_CTX *ctx, const uint8_t *pass_raw, salt_len = pbe->salt->length; if (!pkcs12_key_gen_raw(pass_raw, pass_raw_len, salt, salt_len, PKCS12_KEY_ID, iterations, EVP_CIPHER_key_length(cipher), key, md)) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_pbe_keyivgen, PKCS8_R_KEY_GEN_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_KEY_GEN_ERROR); PBEPARAM_free(pbe); return 0; } if (!pkcs12_key_gen_raw(pass_raw, pass_raw_len, salt, salt_len, PKCS12_IV_ID, iterations, EVP_CIPHER_iv_length(cipher), iv, md)) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_pbe_keyivgen, PKCS8_R_KEY_GEN_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_KEY_GEN_ERROR); PBEPARAM_free(pbe); return 0; } @@ -274,42 +275,93 @@ struct pbe_suite { const EVP_CIPHER* (*cipher_func)(void); const EVP_MD* (*md_func)(void); keygen_func keygen; + int flags; }; +#define PBE_UCS2_CONVERT_PASSWORD 0x1 + static const struct pbe_suite kBuiltinPBE[] = { { - NID_pbe_WithSHA1And40BitRC2_CBC, EVP_rc2_40_cbc, EVP_sha1, pkcs12_pbe_keyivgen, + NID_pbe_WithSHA1And40BitRC2_CBC, EVP_rc2_40_cbc, EVP_sha1, + pkcs12_pbe_keyivgen, PBE_UCS2_CONVERT_PASSWORD }, { NID_pbe_WithSHA1And128BitRC4, EVP_rc4, EVP_sha1, pkcs12_pbe_keyivgen, + PBE_UCS2_CONVERT_PASSWORD }, { NID_pbe_WithSHA1And3_Key_TripleDES_CBC, EVP_des_ede3_cbc, EVP_sha1, - pkcs12_pbe_keyivgen, + pkcs12_pbe_keyivgen, PBE_UCS2_CONVERT_PASSWORD + }, + { + NID_pbes2, NULL, NULL, PKCS5_v2_PBE_keyivgen, 0 }, }; +static const struct pbe_suite *get_pbe_suite(int pbe_nid) { + unsigned i; + for (i = 0; i < sizeof(kBuiltinPBE) / sizeof(kBuiltinPBE[0]); i++) { + if (kBuiltinPBE[i].pbe_nid == pbe_nid) { + return &kBuiltinPBE[i]; + } + } + + return NULL; +} + +/* pass_to_pass_raw performs a password conversion (possibly a no-op) + * appropriate to the supplied |pbe_nid|. The input |pass| is treated as a + * NUL-terminated string if |pass_len| is -1, otherwise it is treated as a + * buffer of the specified length. If the supplied PBE NID sets the + * |PBE_UCS2_CONVERT_PASSWORD| flag, the supplied |pass| will be converted to + * UCS-2. + * + * It sets |*out_pass_raw| to a new buffer that must be freed by the caller. It + * returns one on success and zero on error. */ +static int pass_to_pass_raw(int pbe_nid, const char *pass, int pass_len, + uint8_t **out_pass_raw, size_t *out_pass_raw_len) { + if (pass == NULL) { + *out_pass_raw = NULL; + *out_pass_raw_len = 0; + return 1; + } + + if (pass_len == -1) { + pass_len = strlen(pass); + } else if (pass_len < 0 || pass_len > 2000000000) { + OPENSSL_PUT_ERROR(PKCS8, ERR_R_OVERFLOW); + return 0; + } + + const struct pbe_suite *suite = get_pbe_suite(pbe_nid); + if (suite != NULL && (suite->flags & PBE_UCS2_CONVERT_PASSWORD)) { + if (!ascii_to_ucs2(pass, pass_len, out_pass_raw, out_pass_raw_len)) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); + return 0; + } + } else { + *out_pass_raw = BUF_memdup(pass, pass_len); + if (*out_pass_raw == NULL) { + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); + return 0; + } + *out_pass_raw_len = (size_t)pass_len; + } + + return 1; +} + static int pbe_cipher_init(ASN1_OBJECT *pbe_obj, const uint8_t *pass_raw, size_t pass_raw_len, ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int is_encrypt) { const EVP_CIPHER *cipher; const EVP_MD *md; - unsigned i; - - const struct pbe_suite *suite = NULL; - const int pbe_nid = OBJ_obj2nid(pbe_obj); - - for (i = 0; i < sizeof(kBuiltinPBE) / sizeof(struct pbe_suite); i++) { - if (kBuiltinPBE[i].pbe_nid == pbe_nid) { - suite = &kBuiltinPBE[i]; - break; - } - } + const struct pbe_suite *suite = get_pbe_suite(OBJ_obj2nid(pbe_obj)); if (suite == NULL) { char obj_str[80]; - OPENSSL_PUT_ERROR(PKCS8, pbe_cipher_init, PKCS8_R_UNKNOWN_ALGORITHM); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNKNOWN_ALGORITHM); if (!pbe_obj) { strncpy(obj_str, "NULL", sizeof(obj_str)); } else { @@ -324,7 +376,7 @@ static int pbe_cipher_init(ASN1_OBJECT *pbe_obj, } else { cipher = suite->cipher_func(); if (!cipher) { - OPENSSL_PUT_ERROR(PKCS8, pbe_cipher_init, PKCS8_R_UNKNOWN_CIPHER); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNKNOWN_CIPHER); return 0; } } @@ -334,14 +386,14 @@ static int pbe_cipher_init(ASN1_OBJECT *pbe_obj, } else { md = suite->md_func(); if (!md) { - OPENSSL_PUT_ERROR(PKCS8, pbe_cipher_init, PKCS8_R_UNKNOWN_DIGEST); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNKNOWN_DIGEST); return 0; } } if (!suite->keygen(ctx, pass_raw, pass_raw_len, param, cipher, md, is_encrypt)) { - OPENSSL_PUT_ERROR(PKCS8, pbe_cipher_init, PKCS8_R_KEYGEN_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_KEYGEN_FAILURE); return 0; } @@ -362,32 +414,32 @@ static int pbe_crypt(const X509_ALGOR *algor, if (!pbe_cipher_init(algor->algorithm, pass_raw, pass_raw_len, algor->parameter, &ctx, is_encrypt)) { - OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, PKCS8_R_UNKNOWN_CIPHER_ALGORITHM); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNKNOWN_CIPHER_ALGORITHM); return 0; } block_size = EVP_CIPHER_CTX_block_size(&ctx); if (in_len + block_size < in_len) { - OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, PKCS8_R_TOO_LONG); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_TOO_LONG); goto err; } buf = OPENSSL_malloc(in_len + block_size); if (buf == NULL) { - OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); goto err; } if (!EVP_CipherUpdate(&ctx, buf, &n, in, in_len)) { OPENSSL_free(buf); - OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, ERR_R_EVP_LIB); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_EVP_LIB); goto err; } *out_len = n; if (!EVP_CipherFinal_ex(&ctx, buf + n, &n)) { OPENSSL_free(buf); - OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, ERR_R_EVP_LIB); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_EVP_LIB); goto err; } *out_len += n; @@ -410,14 +462,14 @@ static void *pkcs12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it, if (!pbe_crypt(algor, pass_raw, pass_raw_len, oct->data, oct->length, &out, &out_len, 0 /* decrypt */)) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_item_decrypt_d2i, PKCS8_R_CRYPT_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_CRYPT_ERROR); return NULL; } p = out; ret = ASN1_item_d2i(NULL, &p, out_len, it); OPENSSL_cleanse(out, out_len); if (!ret) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_item_decrypt_d2i, PKCS8_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); } OPENSSL_free(out); return ret; @@ -427,19 +479,12 @@ PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *pkcs8, const char *pass, int pass_len) { uint8_t *pass_raw = NULL; size_t pass_raw_len = 0; - PKCS8_PRIV_KEY_INFO *ret; - - if (pass) { - if (pass_len == -1) { - pass_len = strlen(pass); - } - if (!ascii_to_ucs2(pass, pass_len, &pass_raw, &pass_raw_len)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_decrypt, PKCS8_R_DECODE_ERROR); - return NULL; - } + if (!pass_to_pass_raw(OBJ_obj2nid(pkcs8->algor->algorithm), pass, pass_len, + &pass_raw, &pass_raw_len)) { + return NULL; } - ret = PKCS8_decrypt_pbe(pkcs8, pass_raw, pass_raw_len); + PKCS8_PRIV_KEY_INFO *ret = PKCS8_decrypt_pbe(pkcs8, pass_raw, pass_raw_len); if (pass_raw) { OPENSSL_cleanse(pass_raw, pass_raw_len); @@ -466,17 +511,17 @@ static ASN1_OCTET_STRING *pkcs12_item_i2d_encrypt(X509_ALGOR *algor, oct = M_ASN1_OCTET_STRING_new(); if (oct == NULL) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_item_i2d_encrypt, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); return NULL; } in_len = ASN1_item_i2d(obj, &in, it); if (!in) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_item_i2d_encrypt, PKCS8_R_ENCODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ENCODE_ERROR); return NULL; } if (!pbe_crypt(algor, pass_raw, pass_raw_len, in, in_len, &oct->data, &crypt_len, 1 /* encrypt */)) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_item_i2d_encrypt, PKCS8_R_ENCRYPT_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ENCRYPT_ERROR); OPENSSL_free(in); return NULL; } @@ -491,20 +536,12 @@ X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, const char *pass, int iterations, PKCS8_PRIV_KEY_INFO *p8inf) { uint8_t *pass_raw = NULL; size_t pass_raw_len = 0; - X509_SIG *ret; - - if (pass) { - if (pass_len == -1) { - pass_len = strlen(pass); - } - if (!ascii_to_ucs2(pass, pass_len, &pass_raw, &pass_raw_len)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_encrypt, PKCS8_R_DECODE_ERROR); - return NULL; - } + if (!pass_to_pass_raw(pbe_nid, pass, pass_len, &pass_raw, &pass_raw_len)) { + return NULL; } - ret = PKCS8_encrypt_pbe(pbe_nid, pass_raw, pass_raw_len, - salt, salt_len, iterations, p8inf); + X509_SIG *ret = PKCS8_encrypt_pbe(pbe_nid, cipher, pass_raw, pass_raw_len, + salt, salt_len, iterations, p8inf); if (pass_raw) { OPENSSL_cleanse(pass_raw, pass_raw_len); @@ -513,7 +550,7 @@ X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, const char *pass, return ret; } -X509_SIG *PKCS8_encrypt_pbe(int pbe_nid, +X509_SIG *PKCS8_encrypt_pbe(int pbe_nid, const EVP_CIPHER *cipher, const uint8_t *pass_raw, size_t pass_raw_len, uint8_t *salt, size_t salt_len, int iterations, PKCS8_PRIV_KEY_INFO *p8inf) { @@ -522,13 +559,17 @@ X509_SIG *PKCS8_encrypt_pbe(int pbe_nid, pkcs8 = X509_SIG_new(); if (pkcs8 == NULL) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_encrypt_pbe, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); goto err; } - pbe = PKCS5_pbe_set(pbe_nid, iterations, salt, salt_len); + if (pbe_nid == -1) { + pbe = PKCS5_pbe2_set(cipher, iterations, salt, salt_len); + } else { + pbe = PKCS5_pbe_set(pbe_nid, iterations, salt, salt_len); + } if (!pbe) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_encrypt_pbe, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_ASN1_LIB); goto err; } @@ -538,7 +579,7 @@ X509_SIG *PKCS8_encrypt_pbe(int pbe_nid, pkcs8->digest = pkcs12_item_i2d_encrypt( pbe, ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO), pass_raw, pass_raw_len, p8inf); if (!pkcs8->digest) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_encrypt_pbe, PKCS8_R_ENCRYPT_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ENCRYPT_ERROR); goto err; } @@ -560,13 +601,12 @@ EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) { pkey = EVP_PKEY_new(); if (pkey == NULL) { - OPENSSL_PUT_ERROR(PKCS8, EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); return NULL; } if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(algoid))) { - OPENSSL_PUT_ERROR(PKCS8, EVP_PKCS82PKEY, - PKCS8_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); i2t_ASN1_OBJECT(obj_tmp, 80, algoid); ERR_add_error_data(2, "TYPE=", obj_tmp); goto error; @@ -574,11 +614,11 @@ EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) { if (pkey->ameth->priv_decode) { if (!pkey->ameth->priv_decode(pkey, p8)) { - OPENSSL_PUT_ERROR(PKCS8, EVP_PKCS82PKEY, PKCS8_R_PRIVATE_KEY_DECODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_PRIVATE_KEY_DECODE_ERROR); goto error; } } else { - OPENSSL_PUT_ERROR(PKCS8, EVP_PKCS82PKEY, PKCS8_R_METHOD_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_METHOD_NOT_SUPPORTED); goto error; } @@ -594,7 +634,7 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey) { p8 = PKCS8_PRIV_KEY_INFO_new(); if (p8 == NULL) { - OPENSSL_PUT_ERROR(PKCS8, EVP_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); return NULL; } p8->broken = PKCS8_OK; @@ -602,17 +642,15 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey) { if (pkey->ameth) { if (pkey->ameth->priv_encode) { if (!pkey->ameth->priv_encode(p8, pkey)) { - OPENSSL_PUT_ERROR(PKCS8, EVP_PKEY2PKCS8, - PKCS8_R_PRIVATE_KEY_ENCODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_PRIVATE_KEY_ENCODE_ERROR); goto error; } } else { - OPENSSL_PUT_ERROR(PKCS8, EVP_PKEY2PKCS8, PKCS8_R_METHOD_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_METHOD_NOT_SUPPORTED); goto error; } } else { - OPENSSL_PUT_ERROR(PKCS8, EVP_PKEY2PKCS8, - PKCS8_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); goto error; } return p8; @@ -646,8 +684,7 @@ static int PKCS12_handle_content_infos(CBS *content_infos, * pkcs7-encryptedData and a pkcs7-data) and depth 1 (the various PKCS#12 * bags). */ if (depth > 3) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_infos, - PKCS8_R_PKCS12_TOO_DEEPLY_NESTED); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_PKCS12_TOO_DEEPLY_NESTED); return 0; } @@ -656,6 +693,7 @@ static int PKCS12_handle_content_infos(CBS *content_infos, * conversion cannot see through those wrappings. So each time we step * through one we need to convert to DER again. */ if (!CBS_asn1_ber_to_der(content_infos, &der_bytes, &der_len)) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); return 0; } @@ -666,16 +704,14 @@ static int PKCS12_handle_content_infos(CBS *content_infos, } if (!CBS_get_asn1(&in, &in, CBS_ASN1_SEQUENCE)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_infos, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } while (CBS_len(&in) > 0) { CBS content_info; if (!CBS_get_asn1(&in, &content_info, CBS_ASN1_SEQUENCE)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_infos, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -705,8 +741,7 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, if (!CBS_get_asn1(content_info, &content_type, CBS_ASN1_OBJECT) || !CBS_get_asn1(content_info, &wrapped_contents, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -734,14 +769,12 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, !CBS_get_asn1_element(&eci, &ai, CBS_ASN1_SEQUENCE) || !CBS_get_asn1(&eci, &encrypted_contents, CBS_ASN1_CONTEXT_SPECIFIC | 0)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } if (OBJ_cbs2nid(&contents_type) != NID_pkcs7_data) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -752,8 +785,7 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, } if (inp != CBS_data(&ai) + CBS_len(&ai)) { X509_ALGOR_free(algor); - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -773,8 +805,7 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, if (!CBS_get_asn1(&wrapped_contents, &octet_string_contents, CBS_ASN1_OCTETSTRING)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -787,8 +818,7 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, X509_SIG *encrypted = NULL; if (*ctx->out_key) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_MULTIPLE_PRIVATE_KEYS_IN_PKCS12); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_MULTIPLE_PRIVATE_KEYS_IN_PKCS12); goto err; } @@ -796,13 +826,11 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, * structure as one and so |X509_SIG| is reused to store it. */ encrypted = d2i_X509_SIG(NULL, &inp, CBS_len(&wrapped_contents)); if (encrypted == NULL) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } if (inp != CBS_data(&wrapped_contents) + CBS_len(&wrapped_contents)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); X509_SIG_free(encrypted); goto err; } @@ -828,8 +856,7 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, !CBS_get_asn1(&cert_bag, &wrapped_cert, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0) || !CBS_get_asn1(&wrapped_cert, &cert, CBS_ASN1_OCTETSTRING)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -837,13 +864,11 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, const uint8_t *inp = CBS_data(&cert); X509 *x509 = d2i_X509(NULL, &inp, CBS_len(&cert)); if (!x509) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } if (inp != CBS_data(&cert) + CBS_len(&cert)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); X509_free(x509); goto err; } @@ -875,6 +900,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, /* The input may be in BER format. */ if (!CBS_asn1_ber_to_der(ber_in, &der_bytes, &der_len)) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); return 0; } if (der_bytes != NULL) { @@ -891,28 +917,27 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, if (!CBS_get_asn1(&in, &pfx, CBS_ASN1_SEQUENCE) || CBS_len(&in) != 0 || !CBS_get_asn1_uint64(&pfx, &version)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } if (version < 3) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, - PKCS8_R_BAD_PKCS12_VERSION); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_VERSION); goto err; } if (!CBS_get_asn1(&pfx, &authsafe, CBS_ASN1_SEQUENCE)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } if (CBS_len(&pfx) == 0) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_MISSING_MAC); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_MISSING_MAC); goto err; } if (!CBS_get_asn1(&pfx, &mac_data, CBS_ASN1_SEQUENCE)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -921,7 +946,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, if (!CBS_get_asn1(&authsafe, &content_type, CBS_ASN1_OBJECT) || !CBS_get_asn1(&authsafe, &wrapped_authsafes, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -929,13 +954,12 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, * latter indicates that it's signed by a public key, which isn't * supported. */ if (OBJ_cbs2nid(&content_type) != NID_pkcs7_data) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, - PKCS8_R_PKCS12_PUBLIC_KEY_INTEGRITY_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_PKCS12_PUBLIC_KEY_INTEGRITY_NOT_SUPPORTED); goto err; } if (!CBS_get_asn1(&wrapped_authsafes, &authsafes, CBS_ASN1_OCTETSTRING)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -943,7 +967,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, ctx.out_certs = out_certs; if (!ascii_to_ucs2(password, strlen(password), &ctx.password, &ctx.password_len)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); goto err; } @@ -962,7 +986,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, !CBS_get_asn1(&hash_type_seq, &hash_oid, CBS_ASN1_OBJECT) || !CBS_get_asn1(&mac, &expected_mac, CBS_ASN1_OCTETSTRING) || !CBS_get_asn1(&mac_data, &salt, CBS_ASN1_OCTETSTRING)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -971,8 +995,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, if (CBS_len(&mac_data) > 0) { if (!CBS_get_asn1_uint64(&mac_data, &iterations) || iterations > INT_MAX) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } } @@ -980,7 +1003,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, hash_nid = OBJ_cbs2nid(&hash_oid); if (hash_nid == NID_undef || (md = EVP_get_digestbynid(hash_nid)) == NULL) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_UNKNOWN_HASH); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNKNOWN_HASH); goto err; } @@ -996,8 +1019,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, } if (!CBS_mem_equal(&expected_mac, hmac, hmac_len)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, - PKCS8_R_INCORRECT_PASSWORD); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_INCORRECT_PASSWORD); goto err; } } @@ -1126,6 +1148,7 @@ int PKCS12_parse(const PKCS12 *p12, const char *password, EVP_PKEY **out_pkey, if (!ca_certs) { ca_certs = sk_X509_new_null(); if (ca_certs == NULL) { + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); return 0; } ca_certs_alloced = 1; diff --git a/src/crypto/pkcs8/pkcs8_test.cc b/src/crypto/pkcs8/pkcs8_test.cc new file mode 100644 index 0000000..7a88ddf --- /dev/null +++ b/src/crypto/pkcs8/pkcs8_test.cc @@ -0,0 +1,91 @@ +/* Copyright (c) 2015, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#include +#include +#include + +#include +#include +#include +#include + +#include "../test/scoped_types.h" + + +/* kDER is a PKCS#8 encrypted private key. It was generated with: + * + * openssl genrsa 512 > test.key + * openssl pkcs8 -topk8 -in test.key -out test.key.encrypted -v2 des3 -outform der + * hexdump -Cv test.key.encrypted + * + * The password is "testing". + */ +static const uint8_t kDER[] = { + 0x30, 0x82, 0x01, 0x9e, 0x30, 0x40, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, + 0x0d, 0x30, 0x33, 0x30, 0x1b, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, 0x0c, + 0x30, 0x0e, 0x04, 0x08, 0x06, 0xa5, 0x4b, 0x0c, 0x0c, 0x50, 0x8c, 0x19, 0x02, 0x02, 0x08, 0x00, + 0x30, 0x14, 0x06, 0x08, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x03, 0x07, 0x04, 0x08, 0x3a, 0xd0, + 0x70, 0x4b, 0x26, 0x50, 0x13, 0x7b, 0x04, 0x82, 0x01, 0x58, 0xa6, 0xee, 0x02, 0xf2, 0xf2, 0x7c, + 0x19, 0x91, 0xe3, 0xce, 0x32, 0x85, 0xc5, 0x01, 0xd9, 0xe3, 0x5e, 0x14, 0xb6, 0xb8, 0x78, 0xad, + 0xda, 0x01, 0xec, 0x9e, 0x42, 0xe8, 0xbf, 0x0b, 0x46, 0x03, 0xbc, 0x92, 0x6f, 0xe4, 0x0f, 0x0f, + 0x48, 0x30, 0x10, 0x10, 0x9b, 0xfb, 0x4b, 0xb9, 0x45, 0xf8, 0xcf, 0xab, 0xa1, 0x18, 0xdd, 0x19, + 0xa4, 0xa4, 0xe1, 0xf0, 0xa1, 0x8d, 0xc2, 0x23, 0xe7, 0x0d, 0x7a, 0x64, 0x21, 0x6b, 0xfa, 0x48, + 0xb9, 0x41, 0xc1, 0x0c, 0x4b, 0xce, 0x6f, 0x1a, 0x91, 0x9b, 0x9f, 0xdd, 0xcf, 0xa9, 0x8d, 0x33, + 0x2c, 0x45, 0x81, 0x5c, 0x5e, 0x67, 0xc6, 0x68, 0x43, 0x62, 0xff, 0x5e, 0x9b, 0x1a, 0x15, 0x3a, + 0x9d, 0x71, 0x3f, 0xbe, 0x32, 0x2f, 0xe5, 0x90, 0x65, 0x65, 0x9c, 0x22, 0xf6, 0x29, 0x2e, 0xcf, + 0x26, 0x16, 0x7b, 0x66, 0x48, 0x55, 0xad, 0x9a, 0x8d, 0x89, 0xf4, 0x48, 0x4f, 0x1f, 0x9d, 0xb8, + 0xfa, 0xe1, 0xf1, 0x3b, 0x39, 0x5c, 0x72, 0xc6, 0xb8, 0x3e, 0x98, 0xe8, 0x77, 0xe8, 0xb6, 0x71, + 0x84, 0xa8, 0x6e, 0xca, 0xaf, 0x62, 0x96, 0x49, 0x8a, 0x21, 0x6f, 0x9e, 0x78, 0x07, 0x97, 0x38, + 0x40, 0x66, 0x42, 0x5a, 0x1b, 0xe0, 0x9b, 0xe9, 0x91, 0x82, 0xe4, 0xea, 0x8f, 0x2a, 0xb2, 0x80, + 0xce, 0xe8, 0x57, 0xd3, 0xac, 0x11, 0x9d, 0xb2, 0x39, 0x0f, 0xe1, 0xce, 0x18, 0x96, 0x38, 0xa1, + 0x19, 0x80, 0x88, 0x81, 0x3d, 0xda, 0xaa, 0x8e, 0x15, 0x27, 0x19, 0x73, 0x0c, 0xf3, 0xaf, 0x45, + 0xe9, 0x1b, 0xad, 0x6c, 0x3d, 0xbf, 0x95, 0xf7, 0xa0, 0x87, 0x0e, 0xde, 0xf1, 0xd8, 0xee, 0xaa, + 0x92, 0x76, 0x8d, 0x32, 0x45, 0xa1, 0xe7, 0xf5, 0x05, 0xd6, 0x2c, 0x67, 0x63, 0x10, 0xfa, 0xde, + 0x80, 0xc7, 0x5b, 0x96, 0x0f, 0x24, 0x50, 0x78, 0x30, 0xe5, 0x89, 0xf3, 0x73, 0xfa, 0x40, 0x11, + 0xd5, 0x26, 0xb8, 0x36, 0x96, 0x98, 0xe6, 0xbd, 0x73, 0x62, 0x56, 0xb9, 0xea, 0x28, 0x16, 0x93, + 0x5b, 0x33, 0xae, 0x83, 0xf9, 0x1f, 0xee, 0xef, 0xc8, 0xbf, 0xc7, 0xb1, 0x47, 0x43, 0xa1, 0xc6, + 0x1a, 0x64, 0x47, 0x02, 0x40, 0x3e, 0xbc, 0x0f, 0x80, 0x71, 0x5c, 0x44, 0x60, 0xbc, 0x78, 0x2e, + 0xd2, 0x77, 0xf8, 0x6e, 0x12, 0x51, 0x89, 0xdb, 0x90, 0x64, 0xcd, 0x76, 0x10, 0x29, 0x73, 0xc2, + 0x2f, 0x94, 0x7b, 0x98, 0xcd, 0xbb, 0x61, 0x16, 0x1d, 0x52, 0x11, 0x73, 0x48, 0xe6, 0x39, 0xfc, + 0xd6, 0x2d, +}; + +static bool test(const uint8_t *der, size_t der_len) { + const uint8_t *data = der; + ScopedX509_SIG sig(d2i_X509_SIG(NULL, &data, der_len)); + if (sig.get() == NULL || data != der + der_len) { + fprintf(stderr, "d2i_X509_SIG failed or did not consume all bytes.\n"); + return false; + } + + static const char kPassword[] = "testing"; + ScopedPKCS8_PRIV_KEY_INFO keypair(PKCS8_decrypt(sig.get(), kPassword, -1)); + if (!keypair) { + fprintf(stderr, "PKCS8_decrypt failed.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + return true; +} + +int main(int argc, char **argv) { + if (!test(kDER, sizeof(kDER))) { + return 1; + } + + printf("PASS\n"); + return 0; +} diff --git a/src/crypto/poly1305/CMakeLists.txt b/src/crypto/poly1305/CMakeLists.txt index bb0c1e4..674d9f6 100644 --- a/src/crypto/poly1305/CMakeLists.txt +++ b/src/crypto/poly1305/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) if (${ARCH} STREQUAL "arm") set( @@ -19,3 +19,12 @@ add_library( ${POLY1305_ARCH_SOURCES} ) + +add_executable( + poly1305_test + + poly1305_test.cc + $ +) + +target_link_libraries(poly1305_test crypto) diff --git a/src/crypto/poly1305/poly1305_test.cc b/src/crypto/poly1305/poly1305_test.cc new file mode 100644 index 0000000..0526075 --- /dev/null +++ b/src/crypto/poly1305/poly1305_test.cc @@ -0,0 +1,81 @@ +/* Copyright (c) 2015, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#include +#include + +#include + +#include +#include + +#include "../test/file_test.h" +#include "../test/stl_compat.h" + + +// |CRYPTO_poly1305_finish| requires a 16-byte-aligned output. +#if defined(OPENSSL_WINDOWS) +// MSVC doesn't support C++11 |alignas|. +#define ALIGNED __declspec(align(16)) +#else +#define ALIGNED alignas(16) +#endif + +static bool TestPoly1305(FileTest *t, void *arg) { + std::vector key, in, mac; + if (!t->GetBytes(&key, "Key") || + !t->GetBytes(&in, "Input") || + !t->GetBytes(&mac, "MAC")) { + return false; + } + if (key.size() != 32 || mac.size() != 16) { + t->PrintLine("Invalid test"); + return false; + } + + // Test single-shot operation. + poly1305_state state; + CRYPTO_poly1305_init(&state, bssl::vector_data(&key)); + CRYPTO_poly1305_update(&state, bssl::vector_data(&in), in.size()); + ALIGNED uint8_t out[16]; + CRYPTO_poly1305_finish(&state, out); + if (!t->ExpectBytesEqual(out, 16, bssl::vector_data(&mac), mac.size())) { + t->PrintLine("Single-shot Poly1305 failed."); + return false; + } + + // Test streaming byte-by-byte. + CRYPTO_poly1305_init(&state, bssl::vector_data(&key)); + for (size_t i = 0; i < in.size(); i++) { + CRYPTO_poly1305_update(&state, &in[i], 1); + } + CRYPTO_poly1305_finish(&state, out); + if (!t->ExpectBytesEqual(out, 16, bssl::vector_data(&mac), mac.size())) { + t->PrintLine("Streaming Poly1305 failed."); + return false; + } + + return true; +} + +int main(int argc, char **argv) { + CRYPTO_library_init(); + + if (argc != 2) { + fprintf(stderr, "%s \n", argv[0]); + return 1; + } + + return FileTestMain(TestPoly1305, nullptr, argv[1]); +} diff --git a/src/crypto/poly1305/poly1305_test.txt b/src/crypto/poly1305/poly1305_test.txt new file mode 100644 index 0000000..6c5d403 --- /dev/null +++ b/src/crypto/poly1305/poly1305_test.txt @@ -0,0 +1,52 @@ +# RFC 7359, section 2.5.2. + +Key = 85d6be7857556d337f4452fe42d506a80103808afb0db2fd4abff6af4149f51b +Input = "Cryptographic Forum Research Group" +MAC = a8061dc1305136c6c22b8baf0c0127a9 + + +# RFC 7359, section A.3. + +Key = 0000000000000000000000000000000000000000000000000000000000000000 +Input = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +MAC = 00000000000000000000000000000000 + +Key = 0000000000000000000000000000000036e5f6b5c5e06070f0efca96227a863e +Input = 416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f +MAC = 36e5f6b5c5e06070f0efca96227a863e + +Key = 36e5f6b5c5e06070f0efca96227a863e00000000000000000000000000000000 +Input = 416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f +MAC = f3477e7cd95417af89a6b8794c310cf0 + +Key = 1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0 +Input = 2754776173206272696c6c69672c20616e642074686520736c6974687920746f7665730a446964206779726520616e642067696d626c6520696e2074686520776162653a0a416c6c206d696d737920776572652074686520626f726f676f7665732c0a416e6420746865206d6f6d65207261746873206f757467726162652e +MAC = 4541669a7eaaee61e708dc7cbcc5eb62 + +Key = 0200000000000000000000000000000000000000000000000000000000000000 +Input = ffffffffffffffffffffffffffffffff +MAC = 03000000000000000000000000000000 + +Key = 02000000000000000000000000000000ffffffffffffffffffffffffffffffff +Input = 02000000000000000000000000000000 +MAC = 03000000000000000000000000000000 + +Key = 0100000000000000000000000000000000000000000000000000000000000000 +Input = fffffffffffffffffffffffffffffffff0ffffffffffffffffffffffffffffff11000000000000000000000000000000 +MAC = 05000000000000000000000000000000 + +Key = 0100000000000000000000000000000000000000000000000000000000000000 +Input = fffffffffffffffffffffffffffffffffbfefefefefefefefefefefefefefefe01010101010101010101010101010101 +MAC = 00000000000000000000000000000000 + +Key = 0200000000000000000000000000000000000000000000000000000000000000 +Input = fdffffffffffffffffffffffffffffff +MAC = faffffffffffffffffffffffffffffff + +Key = 0100000000000000040000000000000000000000000000000000000000000000 +Input = e33594d7505e43b900000000000000003394d7505e4379cd01000000000000000000000000000000000000000000000001000000000000000000000000000000 +MAC = 14000000000000005500000000000000 + +Key = 0100000000000000040000000000000000000000000000000000000000000000 +Input = e33594d7505e43b900000000000000003394d7505e4379cd010000000000000000000000000000000000000000000000 +MAC = 13000000000000000000000000000000 diff --git a/src/crypto/rand/CMakeLists.txt b/src/crypto/rand/CMakeLists.txt index 374d8f1..35d5290 100644 --- a/src/crypto/rand/CMakeLists.txt +++ b/src/crypto/rand/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) if (${ARCH} STREQUAL "x86_64") set( diff --git a/src/crypto/rand/hwrand.c b/src/crypto/rand/hwrand.c index 5f81f09..f0bbccd 100644 --- a/src/crypto/rand/hwrand.c +++ b/src/crypto/rand/hwrand.c @@ -15,23 +15,28 @@ #include #include -#include #include #include +#include "internal.h" -#if defined(OPENSSL_X86_64) && !defined(OPENSSL_NO_ASM) -int CRYPTO_have_hwrand(void) { - return (OPENSSL_ia32cap_P[1] & (1u << 30)) != 0; -} +#if defined(OPENSSL_X86_64) && !defined(OPENSSL_NO_ASM) /* These functions are defined in asm/rdrand-x86_64.pl */ extern int CRYPTO_rdrand(uint8_t out[8]); extern int CRYPTO_rdrand_multiple8_buf(uint8_t *buf, size_t len); +static int have_rdrand(void) { + return (OPENSSL_ia32cap_P[1] & (1u << 30)) != 0; +} + int CRYPTO_hwrand(uint8_t *buf, size_t len) { + if (!have_rdrand()) { + return 0; + } + const size_t len_multiple8 = len & ~7; if (!CRYPTO_rdrand_multiple8_buf(buf, len_multiple8)) { return 0; @@ -53,12 +58,8 @@ int CRYPTO_hwrand(uint8_t *buf, size_t len) { #else -int CRYPTO_have_hwrand(void) { +int CRYPTO_hwrand(uint8_t *buf, size_t len) { return 0; } -void CRYPTO_hwrand(uint8_t *buf, size_t len) { - abort(); -} - #endif diff --git a/src/crypto/rand/internal.h b/src/crypto/rand/internal.h index 5e6ea11..f35abbb 100644 --- a/src/crypto/rand/internal.h +++ b/src/crypto/rand/internal.h @@ -24,13 +24,9 @@ extern "C" { * system. */ void CRYPTO_sysrand(uint8_t *buf, size_t len); -/* CRYPTO_have_hwrand returns one iff |CRYPTO_hwrand| can be called to generate - * hardware entropy. */ -int CRYPTO_have_hwrand(void); - -/* CRYPTO_hwrand fills |len| bytes at |buf| with entropy from the hardware. - * This function can only be called if |CRYPTO_have_hwrand| returns one. - * It returns one on success or zero on hardware failure. */ +/* CRYPTO_hwrand fills |len| bytes at |buf| with entropy from the hardware. It + * returns one on success or zero on hardware failure or if hardware support is + * unavailable. */ int CRYPTO_hwrand(uint8_t *buf, size_t len); diff --git a/src/crypto/rand/rand.c b/src/crypto/rand/rand.c index a96ac48..e76a120 100644 --- a/src/crypto/rand/rand.c +++ b/src/crypto/rand/rand.c @@ -17,6 +17,7 @@ #include #include +#include #include #include "internal.h" @@ -69,17 +70,12 @@ static void rand_thread_state_free(void *state) { OPENSSL_free(state); } -extern void CRYPTO_chacha_20(uint8_t *out, const uint8_t *in, size_t in_len, - const uint8_t key[32], const uint8_t nonce[8], - size_t counter); - int RAND_bytes(uint8_t *buf, size_t len) { if (len == 0) { return 1; } - if (!CRYPTO_have_hwrand() || - !CRYPTO_hwrand(buf, len)) { + if (!CRYPTO_hwrand(buf, len)) { /* Without a hardware RNG to save us from address-space duplication, the OS * entropy is used directly. */ CRYPTO_sysrand(buf, len); @@ -162,6 +158,10 @@ int RAND_load_file(const char *path, long num) { void RAND_add(const void *buf, int num, double entropy) {} +int RAND_egd(const char *path) { + return 255; +} + int RAND_poll(void) { return 1; } @@ -169,3 +169,18 @@ int RAND_poll(void) { int RAND_status(void) { return 1; } + +static const struct rand_meth_st kSSLeayMethod = { + RAND_seed, + RAND_bytes, + RAND_cleanup, + RAND_add, + RAND_pseudo_bytes, + RAND_status, +}; + +RAND_METHOD *RAND_SSLeay(void) { + return (RAND_METHOD*) &kSSLeayMethod; +} + +void RAND_set_rand_method(const RAND_METHOD *method) {} diff --git a/src/crypto/rand/urandom.c b/src/crypto/rand/urandom.c index 788a979..1cc5260 100644 --- a/src/crypto/rand/urandom.c +++ b/src/crypto/rand/urandom.c @@ -30,92 +30,126 @@ /* This file implements a PRNG by reading from /dev/urandom, optionally with a - * fork-safe buffer. - * - * If buffering is enabled then it maintains a global, linked list of buffers. - * Threads which need random bytes grab a buffer from the list under a lock and - * copy out the bytes that they need. In the rare case that the buffer is - * empty, it's refilled from /dev/urandom outside of the lock. - * - * Large requests are always serviced from /dev/urandom directly. - * - * Each buffer contains the PID of the process that created it and it's tested - * against the current PID each time. Thus processes that fork will discard all - * the buffers filled by the parent process. There are two problems with this: - * - * 1) glibc maintains a cache of the current PID+PPID and, if this cache isn't - * correctly invalidated, the getpid() will continue to believe that - * it's the old process. Glibc depends on the glibc wrappers for fork, - * vfork and clone being used in order to invalidate the getpid() cache. - * - * 2) If a process forks, dies and then its child forks, it's possible that - * the third process will end up with the same PID as the original process. - * If the second process never used any random values then this will mean - * that the third process has stale, cached values and won't notice. - */ - -/* BUF_SIZE is intended to be a 4K allocation with malloc overhead. struct - * rand_buffer also fits in this space and the remainder is entropy. */ -#define BUF_SIZE (4096 - 16) - -/* rand_buffer contains unused, random bytes. These structures form a linked - * list via the |next| pointer, which is NULL in the final element. */ + * buffer, which is unsafe across |fork|. */ + +#define BUF_SIZE 4096 + +/* rand_buffer contains unused, random bytes, some of which may have been + * consumed already. */ struct rand_buffer { - size_t used; /* used contains the number of bytes of |rand| that have - been consumed. */ - struct rand_buffer *next; - pid_t pid; /* pid contains the pid at the time that the buffer was - created so that data is not duplicated after a fork. */ - pid_t ppid; /* ppid contains the parent pid in order to try and reduce - the possibility of duplicated PID confusing the - detection of a fork. */ - uint8_t rand[]; + size_t used; + uint8_t rand[BUF_SIZE]; }; -/* rand_bytes_per_buf is the number of actual entropy bytes in a buffer. */ -static const size_t rand_bytes_per_buf = BUF_SIZE - sizeof(struct rand_buffer); - -static struct CRYPTO_STATIC_MUTEX global_lock = CRYPTO_STATIC_MUTEX_INIT; +/* requested_lock is used to protect the |*_requested| variables. */ +static struct CRYPTO_STATIC_MUTEX requested_lock = CRYPTO_STATIC_MUTEX_INIT; -/* list_head is the start of a global, linked-list of rand_buffer objects. It's - * protected by |global_lock|. */ -static struct rand_buffer *list_head; +/* urandom_fd_requested is set by |RAND_set_urandom_fd|. It's protected by + * |requested_lock|. */ +static int urandom_fd_requested = -2; -/* urandom_fd is a file descriptor to /dev/urandom. It's protected by - * |global_lock|. */ +/* urandom_fd is a file descriptor to /dev/urandom. It's protected by |once|. */ static int urandom_fd = -2; +/* urandom_buffering_requested is set by |RAND_enable_fork_unsafe_buffering|. + * It's protected by |requested_lock|. */ +static int urandom_buffering_requested = 0; + /* urandom_buffering controls whether buffering is enabled (1) or not (0). This - * is protected by |global_lock|. */ + * is protected by |once|. */ static int urandom_buffering = 0; -/* urandom_get_fd_locked returns a file descriptor to /dev/urandom. The caller - * of this function must hold |global_lock|. */ -static int urandom_get_fd_locked(void) { - if (urandom_fd != -2) { - return urandom_fd; +static CRYPTO_once_t once = CRYPTO_ONCE_INIT; + +/* init_once initializes the state of this module to values previously + * requested. This is the only function that modifies |urandom_fd| and + * |urandom_buffering|, whose values may be read safely after calling the + * once. */ +static void init_once(void) { + CRYPTO_STATIC_MUTEX_lock_read(&requested_lock); + urandom_buffering = urandom_buffering_requested; + int fd = urandom_fd_requested; + CRYPTO_STATIC_MUTEX_unlock(&requested_lock); + + if (fd == -2) { + do { + fd = open("/dev/urandom", O_RDONLY); + } while (fd == -1 && errno == EINTR); } - urandom_fd = open("/dev/urandom", O_RDONLY); - return urandom_fd; + if (fd < 0) { + abort(); + } + + int flags = fcntl(fd, F_GETFD); + if (flags == -1) { + abort(); + } + flags |= FD_CLOEXEC; + if (fcntl(fd, F_SETFD, flags) == -1) { + abort(); + } + urandom_fd = fd; } -/* RAND_cleanup frees all buffers, closes any cached file descriptor - * and resets the global state. */ -void RAND_cleanup(void) { - struct rand_buffer *cur; +void RAND_cleanup(void) {} - CRYPTO_STATIC_MUTEX_lock_write(&global_lock); - while ((cur = list_head)) { - list_head = cur->next; - OPENSSL_free(cur); +void RAND_set_urandom_fd(int fd) { + fd = dup(fd); + if (fd < 0) { + abort(); } - if (urandom_fd >= 0) { - close(urandom_fd); + + CRYPTO_STATIC_MUTEX_lock_write(&requested_lock); + urandom_fd_requested = fd; + CRYPTO_STATIC_MUTEX_unlock(&requested_lock); + + CRYPTO_once(&once, init_once); + if (urandom_fd != fd) { + abort(); // Already initialized. } - urandom_fd = -2; - list_head = NULL; - CRYPTO_STATIC_MUTEX_unlock(&global_lock); +} + +void RAND_enable_fork_unsafe_buffering(int fd) { + if (fd >= 0) { + fd = dup(fd); + if (fd < 0) { + abort(); + } + } else { + fd = -2; + } + + CRYPTO_STATIC_MUTEX_lock_write(&requested_lock); + urandom_buffering_requested = 1; + urandom_fd_requested = fd; + CRYPTO_STATIC_MUTEX_unlock(&requested_lock); + + CRYPTO_once(&once, init_once); + if (urandom_buffering != 1 || (fd >= 0 && urandom_fd != fd)) { + abort(); // Already initialized. + } +} + +static struct rand_buffer *get_thread_local_buffer(void) { + struct rand_buffer *buf = + CRYPTO_get_thread_local(OPENSSL_THREAD_LOCAL_URANDOM_BUF); + if (buf != NULL) { + return buf; + } + + buf = OPENSSL_malloc(sizeof(struct rand_buffer)); + if (buf == NULL) { + return NULL; + } + buf->used = BUF_SIZE; /* To trigger a |read_full| on first use. */ + if (!CRYPTO_set_thread_local(OPENSSL_THREAD_LOCAL_URANDOM_BUF, buf, + OPENSSL_free)) { + OPENSSL_free(buf); + return NULL; + } + + return buf; } /* read_full reads exactly |len| bytes from |fd| into |out| and returns 1. In @@ -138,110 +172,48 @@ static char read_full(int fd, uint8_t *out, size_t len) { return 1; } -/* CRYPTO_sysrand puts |num| random bytes into |out|. */ -void CRYPTO_sysrand(uint8_t *out, size_t requested) { - int fd; - struct rand_buffer *buf; - size_t todo; - pid_t pid, ppid; - - if (requested == 0) { - return; - } +/* read_from_buffer reads |requested| random bytes from the buffer into |out|, + * refilling it if necessary to satisfy the request. */ +static void read_from_buffer(struct rand_buffer *buf, + uint8_t *out, size_t requested) { + size_t remaining = BUF_SIZE - buf->used; - CRYPTO_STATIC_MUTEX_lock_write(&global_lock); - fd = urandom_get_fd_locked(); + while (requested > remaining) { + memcpy(out, &buf->rand[buf->used], remaining); + buf->used += remaining; + out += remaining; + requested -= remaining; - if (fd < 0) { - CRYPTO_STATIC_MUTEX_unlock(&global_lock); - abort(); - return; - } - - /* If buffering is not enabled, or if the request is large, then the - * result comes directly from urandom. */ - if (!urandom_buffering || requested > BUF_SIZE / 2) { - CRYPTO_STATIC_MUTEX_unlock(&global_lock); - if (!read_full(fd, out, requested)) { + if (!read_full(urandom_fd, buf->rand, BUF_SIZE)) { abort(); - } - return; - } - - pid = getpid(); - ppid = getppid(); - - for (;;) { - buf = list_head; - if (buf && buf->pid == pid && buf->ppid == ppid && - rand_bytes_per_buf - buf->used >= requested) { - memcpy(out, &buf->rand[buf->used], requested); - buf->used += requested; - CRYPTO_STATIC_MUTEX_unlock(&global_lock); return; } - - /* If we don't immediately have enough entropy with the correct - * PID, remove the buffer from the list in order to gain - * exclusive access and unlock. */ - if (buf) { - list_head = buf->next; - } - CRYPTO_STATIC_MUTEX_unlock(&global_lock); - - if (!buf) { - buf = (struct rand_buffer *)OPENSSL_malloc(BUF_SIZE); - if (!buf) { - abort(); - return; - } - /* The buffer doesn't contain any random bytes yet - * so we mark it as fully used so that it will be - * filled below. */ - buf->used = rand_bytes_per_buf; - buf->next = NULL; - buf->pid = pid; - buf->ppid = ppid; - } - - if (buf->pid == pid && buf->ppid == ppid) { - break; - } - - /* We have forked and so cannot use these bytes as they - * may have been used in another process. */ - OPENSSL_free(buf); - CRYPTO_STATIC_MUTEX_lock_write(&global_lock); + buf->used = 0; + remaining = BUF_SIZE; } - while (requested > 0) { - todo = rand_bytes_per_buf - buf->used; - if (todo > requested) { - todo = requested; - } - memcpy(out, &buf->rand[buf->used], todo); - requested -= todo; - out += todo; - buf->used += todo; + memcpy(out, &buf->rand[buf->used], requested); + buf->used += requested; +} - if (buf->used < rand_bytes_per_buf) { - break; - } +/* CRYPTO_sysrand puts |requested| random bytes into |out|. */ +void CRYPTO_sysrand(uint8_t *out, size_t requested) { + if (requested == 0) { + return; + } - if (!read_full(fd, buf->rand, rand_bytes_per_buf)) { - OPENSSL_free(buf); - abort(); + CRYPTO_once(&once, init_once); + if (urandom_buffering && requested < BUF_SIZE) { + struct rand_buffer *buf = get_thread_local_buffer(); + if (buf != NULL) { + read_from_buffer(buf, out, requested); return; } - - buf->used = 0; } - CRYPTO_STATIC_MUTEX_lock_write(&global_lock); - assert(list_head != buf); - buf->next = list_head; - list_head = buf; - CRYPTO_STATIC_MUTEX_unlock(&global_lock); + if (!read_full(urandom_fd, out, requested)) { + abort(); + } } #endif /* !OPENSSL_WINDOWS */ diff --git a/src/crypto/rc4/CMakeLists.txt b/src/crypto/rc4/CMakeLists.txt index fe2d0c6..a208e96 100644 --- a/src/crypto/rc4/CMakeLists.txt +++ b/src/crypto/rc4/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) if (${ARCH} STREQUAL "x86_64") set( diff --git a/src/crypto/rc4/asm/rc4-x86_64.pl b/src/crypto/rc4/asm/rc4-x86_64.pl index db46242..cef6268 100644 --- a/src/crypto/rc4/asm/rc4-x86_64.pl +++ b/src/crypto/rc4/asm/rc4-x86_64.pl @@ -56,7 +56,7 @@ # achieves respectful 432MBps on 2.8GHz processor now. For reference. # If executed on Xeon, current RC4_CHAR code-path is 2.7x faster than # RC4_INT code-path. While if executed on Opteron, it's only 25% -# slower than the RC4_INT one [meaning that if CPU µ-arch detection +# slower than the RC4_INT one [meaning that if CPU µ-arch detection # is not implemented, then this final RC4_CHAR code-path should be # preferred, as it provides better *all-round* performance]. diff --git a/src/crypto/rsa/CMakeLists.txt b/src/crypto/rsa/CMakeLists.txt index 0ea12c8..bd8ad3b 100644 --- a/src/crypto/rsa/CMakeLists.txt +++ b/src/crypto/rsa/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( rsa @@ -15,7 +15,7 @@ add_library( add_executable( rsa_test - rsa_test.c + rsa_test.cc $ ) diff --git a/src/crypto/rsa/blinding.c b/src/crypto/rsa/blinding.c index 245142b..c93cee1 100644 --- a/src/crypto/rsa/blinding.c +++ b/src/crypto/rsa/blinding.c @@ -137,7 +137,7 @@ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod) { ret = (BN_BLINDING*) OPENSSL_malloc(sizeof(BN_BLINDING)); if (ret == NULL) { - OPENSSL_PUT_ERROR(RSA, BN_BLINDING_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); return NULL; } memset(ret, 0, sizeof(BN_BLINDING)); @@ -190,7 +190,7 @@ int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx) { int ret = 0; if (b->A == NULL || b->Ai == NULL) { - OPENSSL_PUT_ERROR(RSA, BN_BLINDING_update, RSA_R_BN_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(RSA, RSA_R_BN_NOT_INITIALIZED); goto err; } @@ -230,7 +230,7 @@ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) { int ret = 1; if (b->A == NULL || b->Ai == NULL) { - OPENSSL_PUT_ERROR(RSA, BN_BLINDING_convert_ex, RSA_R_BN_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(RSA, RSA_R_BN_NOT_INITIALIZED); return 0; } @@ -266,7 +266,7 @@ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, ret = BN_mod_mul(n, n, r, b->mod, ctx); } else { if (b->Ai == NULL) { - OPENSSL_PUT_ERROR(RSA, BN_BLINDING_invert_ex, RSA_R_BN_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(RSA, RSA_R_BN_NOT_INITIALIZED); return 0; } ret = BN_mod_mul(n, n, b->Ai, b->mod, ctx); @@ -325,13 +325,13 @@ BN_BLINDING *BN_BLINDING_create_param( if (!BN_rand_range(ret->A, ret->mod)) { goto err; } - if (BN_mod_inverse(ret->Ai, ret->A, ret->mod, ctx) == NULL) { + + int no_inverse; + if (BN_mod_inverse_ex(ret->Ai, &no_inverse, ret->A, ret->mod, ctx) == NULL) { /* this should almost never happen for good RSA keys */ - uint32_t error = ERR_peek_last_error(); - if (ERR_GET_REASON(error) == BN_R_NO_INVERSE) { + if (no_inverse) { if (retry_counter-- == 0) { - OPENSSL_PUT_ERROR(RSA, BN_BLINDING_create_param, - RSA_R_TOO_MANY_ITERATIONS); + OPENSSL_PUT_ERROR(RSA, RSA_R_TOO_MANY_ITERATIONS); goto err; } ERR_clear_error(); @@ -416,14 +416,14 @@ BN_BLINDING *rsa_setup_blinding(RSA *rsa, BN_CTX *in_ctx) { BN_CTX_start(ctx); e = BN_CTX_get(ctx); if (e == NULL) { - OPENSSL_PUT_ERROR(RSA, rsa_setup_blinding, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); goto err; } if (rsa->e == NULL) { e = rsa_get_public_exp(rsa->d, rsa->p, rsa->q, ctx); if (e == NULL) { - OPENSSL_PUT_ERROR(RSA, rsa_setup_blinding, RSA_R_NO_PUBLIC_EXPONENT); + OPENSSL_PUT_ERROR(RSA, RSA_R_NO_PUBLIC_EXPONENT); goto err; } } else { @@ -444,7 +444,7 @@ BN_BLINDING *rsa_setup_blinding(RSA *rsa, BN_CTX *in_ctx) { ret = BN_BLINDING_create_param(NULL, e, n, ctx, rsa->meth->bn_mod_exp, mont_ctx); if (ret == NULL) { - OPENSSL_PUT_ERROR(RSA, rsa_setup_blinding, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(RSA, ERR_R_BN_LIB); goto err; } diff --git a/src/crypto/rsa/internal.h b/src/crypto/rsa/internal.h index d15f2a5..c0044c3 100644 --- a/src/crypto/rsa/internal.h +++ b/src/crypto/rsa/internal.h @@ -59,8 +59,6 @@ #include -#include - #if defined(__cplusplus) extern "C" { @@ -109,8 +107,6 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(uint8_t *to, unsigned to_len, const EVP_MD *md, const EVP_MD *mgf1md); int RSA_padding_add_none(uint8_t *to, unsigned to_len, const uint8_t *from, unsigned from_len); -int RSA_padding_check_none(uint8_t *to, unsigned to_len, const uint8_t *from, - unsigned from_len); /* RSA_private_transform calls either the method-specific |private_transform| * function (if given) or the generic one. See the comment for @@ -118,20 +114,26 @@ int RSA_padding_check_none(uint8_t *to, unsigned to_len, const uint8_t *from, int RSA_private_transform(RSA *rsa, uint8_t *out, const uint8_t *in, size_t len); -typedef struct rsa_pss_params_st { - X509_ALGOR *hashAlgorithm; - X509_ALGOR *maskGenAlgorithm; - ASN1_INTEGER *saltLength; - ASN1_INTEGER *trailerField; -} RSA_PSS_PARAMS; -DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS) +/* RSA_additional_prime contains information about the third, forth etc prime + * in a multi-prime RSA key. */ +typedef struct RSA_additional_prime_st { + BIGNUM *prime; + /* exp is d^{prime-1} mod prime */ + BIGNUM *exp; + /* coeff is such that r×coeff ≡ 1 mod prime. */ + BIGNUM *coeff; + + /* Values below here are not in the ASN.1 serialisation. */ + + /* r is the product of all primes (including p and q) prior to this one. */ + BIGNUM *r; + /* method_mod is managed by the |RSA_METHOD|. */ + BN_MONT_CTX *method_mod; +} RSA_additional_prime; + +void RSA_additional_prime_free(RSA_additional_prime *ap); -typedef struct rsa_oaep_params_st { - X509_ALGOR *hashFunc; - X509_ALGOR *maskGenFunc; - X509_ALGOR *pSourceFunc; -} RSA_OAEP_PARAMS; #if defined(__cplusplus) } /* extern C */ diff --git a/src/crypto/rsa/padding.c b/src/crypto/rsa/padding.c index 0a725f1..5a42e24 100644 --- a/src/crypto/rsa/padding.c +++ b/src/crypto/rsa/padding.c @@ -74,14 +74,12 @@ int RSA_padding_add_PKCS1_type_1(uint8_t *to, unsigned tlen, uint8_t *p; if (tlen < RSA_PKCS1_PADDING_SIZE) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_type_1, - RSA_R_KEY_SIZE_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_R_KEY_SIZE_TOO_SMALL); return 0; } if (flen > tlen - RSA_PKCS1_PADDING_SIZE) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_type_1, - RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); return 0; } @@ -105,15 +103,13 @@ int RSA_padding_check_PKCS1_type_1(uint8_t *to, unsigned tlen, const uint8_t *p; if (flen < 2) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_1, - RSA_R_DATA_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_SMALL); return -1; } p = from; if ((*(p++) != 0) || (*(p++) != 1)) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_1, - RSA_R_BLOCK_TYPE_IS_NOT_01); + OPENSSL_PUT_ERROR(RSA, RSA_R_BLOCK_TYPE_IS_NOT_01); return -1; } @@ -126,8 +122,7 @@ int RSA_padding_check_PKCS1_type_1(uint8_t *to, unsigned tlen, p++; break; } else { - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_1, - RSA_R_BAD_FIXED_HEADER_DECRYPT); + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_FIXED_HEADER_DECRYPT); return -1; } } @@ -135,21 +130,18 @@ int RSA_padding_check_PKCS1_type_1(uint8_t *to, unsigned tlen, } if (i == j) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_1, - RSA_R_NULL_BEFORE_BLOCK_MISSING); + OPENSSL_PUT_ERROR(RSA, RSA_R_NULL_BEFORE_BLOCK_MISSING); return -1; } if (i < 8) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_1, - RSA_R_BAD_PAD_BYTE_COUNT); + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_PAD_BYTE_COUNT); return -1; } i++; /* Skip over the '\0' */ j -= i; if (j > tlen) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_1, - RSA_R_DATA_TOO_LARGE); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE); return -1; } memcpy(to, p, j); @@ -163,14 +155,12 @@ int RSA_padding_add_PKCS1_type_2(uint8_t *to, unsigned tlen, uint8_t *p; if (tlen < RSA_PKCS1_PADDING_SIZE) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_type_2, - RSA_R_KEY_SIZE_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_R_KEY_SIZE_TOO_SMALL); return 0; } if (flen > tlen - RSA_PKCS1_PADDING_SIZE) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_type_2, - RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); return 0; } @@ -271,8 +261,7 @@ int RSA_padding_check_PKCS1_type_2(uint8_t *to, unsigned tlen, size_t msg_index, msg_len; if (flen == 0) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_2, - RSA_R_EMPTY_PUBLIC_KEY); + OPENSSL_PUT_ERROR(RSA, RSA_R_EMPTY_PUBLIC_KEY); return -1; } @@ -281,8 +270,7 @@ int RSA_padding_check_PKCS1_type_2(uint8_t *to, unsigned tlen, * |RSA_PKCS1_PADDING| make it impossible to completely avoid Bleichenbacher's * attack. */ if (!RSA_message_index_PKCS1_type_2(from, flen, &msg_index)) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_2, - RSA_R_PKCS_DECODING_ERROR); + OPENSSL_PUT_ERROR(RSA, RSA_R_PKCS_DECODING_ERROR); return -1; } @@ -290,8 +278,7 @@ int RSA_padding_check_PKCS1_type_2(uint8_t *to, unsigned tlen, if (msg_len > tlen) { /* This shouldn't happen because this function is always called with |tlen| * the key size and |flen| is bounded by the key size. */ - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_type_2, - RSA_R_PKCS_DECODING_ERROR); + OPENSSL_PUT_ERROR(RSA, RSA_R_PKCS_DECODING_ERROR); return -1; } memcpy(to, &from[msg_index], msg_len); @@ -300,14 +287,12 @@ int RSA_padding_check_PKCS1_type_2(uint8_t *to, unsigned tlen, int RSA_padding_add_none(uint8_t *to, unsigned tlen, const uint8_t *from, unsigned flen) { if (flen > tlen) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_none, - RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); return 0; } if (flen < tlen) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_none, - RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE); return 0; } @@ -315,17 +300,6 @@ int RSA_padding_add_none(uint8_t *to, unsigned tlen, const uint8_t *from, unsign return 1; } -int RSA_padding_check_none(uint8_t *to, unsigned tlen, const uint8_t *from, - unsigned flen) { - if (flen > tlen) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_none, RSA_R_DATA_TOO_LARGE); - return -1; - } - - memcpy(to, from, flen); - return flen; -} - int PKCS1_MGF1(uint8_t *mask, unsigned len, const uint8_t *seed, unsigned seedlen, const EVP_MD *dgst) { unsigned outlen = 0; @@ -388,21 +362,18 @@ int RSA_padding_add_PKCS1_OAEP_mgf1(uint8_t *to, unsigned tlen, mdlen = EVP_MD_size(md); if (tlen < 2 * mdlen + 2) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_OAEP_mgf1, - RSA_R_KEY_SIZE_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_R_KEY_SIZE_TOO_SMALL); return 0; } emlen = tlen - 1; if (flen > emlen - 2 * mdlen - 1) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_OAEP_mgf1, - RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); return 0; } if (emlen < 2 * mdlen + 1) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_OAEP_mgf1, - RSA_R_KEY_SIZE_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_R_KEY_SIZE_TOO_SMALL); return 0; } @@ -422,8 +393,7 @@ int RSA_padding_add_PKCS1_OAEP_mgf1(uint8_t *to, unsigned tlen, dbmask = OPENSSL_malloc(emlen - mdlen); if (dbmask == NULL) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_OAEP_mgf1, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); return 0; } @@ -477,8 +447,7 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(uint8_t *to, unsigned tlen, dblen = flen - mdlen - 1; db = OPENSSL_malloc(dblen); if (db == NULL) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_OAEP_mgf1, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); goto err; } @@ -526,8 +495,7 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(uint8_t *to, unsigned tlen, one_index++; mlen = dblen - one_index; if (tlen < mlen) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_OAEP_mgf1, - RSA_R_DATA_TOO_LARGE); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE); mlen = -1; } else { memcpy(to, db + one_index, mlen); @@ -539,8 +507,7 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(uint8_t *to, unsigned tlen, decoding_err: /* to avoid chosen ciphertext attacks, the error message should not reveal * which kind of decoding error happened */ - OPENSSL_PUT_ERROR(RSA, RSA_padding_check_PKCS1_OAEP_mgf1, - RSA_R_OAEP_DECODING_ERROR); + OPENSSL_PUT_ERROR(RSA, RSA_R_OAEP_DECODING_ERROR); err: OPENSSL_free(db); return -1; @@ -576,15 +543,14 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const uint8_t *mHash, } else if (sLen == -2) { sLen = -2; } else if (sLen < -2) { - OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, RSA_R_SLEN_CHECK_FAILED); + OPENSSL_PUT_ERROR(RSA, RSA_R_SLEN_CHECK_FAILED); goto err; } MSBits = (BN_num_bits(rsa->n) - 1) & 0x7; emLen = RSA_size(rsa); if (EM[0] & (0xFF << MSBits)) { - OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, - RSA_R_FIRST_OCTET_INVALID); + OPENSSL_PUT_ERROR(RSA, RSA_R_FIRST_OCTET_INVALID); goto err; } if (MSBits == 0) { @@ -593,18 +559,18 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const uint8_t *mHash, } if (emLen < ((int)hLen + sLen + 2)) { /* sLen can be small negative */ - OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, RSA_R_DATA_TOO_LARGE); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE); goto err; } if (EM[emLen - 1] != 0xbc) { - OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, RSA_R_LAST_OCTET_INVALID); + OPENSSL_PUT_ERROR(RSA, RSA_R_LAST_OCTET_INVALID); goto err; } maskedDBLen = emLen - hLen - 1; H = EM + maskedDBLen; DB = OPENSSL_malloc(maskedDBLen); if (!DB) { - OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); goto err; } if (PKCS1_MGF1(DB, maskedDBLen, H, hLen, mgf1Hash) < 0) { @@ -620,12 +586,11 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const uint8_t *mHash, ; } if (DB[i++] != 0x1) { - OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, - RSA_R_SLEN_RECOVERY_FAILED); + OPENSSL_PUT_ERROR(RSA, RSA_R_SLEN_RECOVERY_FAILED); goto err; } if (sLen >= 0 && (maskedDBLen - i) != sLen) { - OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, RSA_R_SLEN_CHECK_FAILED); + OPENSSL_PUT_ERROR(RSA, RSA_R_SLEN_CHECK_FAILED); goto err; } if (!EVP_DigestInit_ex(&ctx, Hash, NULL) || @@ -642,7 +607,7 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const uint8_t *mHash, goto err; } if (memcmp(H_, H, hLen)) { - OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, RSA_R_BAD_SIGNATURE); + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_SIGNATURE); ret = 0; } else { ret = 1; @@ -681,14 +646,12 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, } else if (sLen == -2) { sLen = -2; } else if (sLen < -2) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_PSS_mgf1, - RSA_R_SLEN_CHECK_FAILED); + OPENSSL_PUT_ERROR(RSA, RSA_R_SLEN_CHECK_FAILED); goto err; } if (BN_is_zero(rsa->n)) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_PSS_mgf1, - RSA_R_EMPTY_PUBLIC_KEY); + OPENSSL_PUT_ERROR(RSA, RSA_R_EMPTY_PUBLIC_KEY); goto err; } @@ -701,21 +664,18 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, } if (sLen == -2) { if (emLen < hLen + 2) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_PSS_mgf1, - RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); goto err; } sLen = emLen - hLen - 2; } else if (emLen < hLen + sLen + 2) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_PSS_mgf1, - RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); goto err; } if (sLen > 0) { salt = OPENSSL_malloc(sLen); if (!salt) { - OPENSSL_PUT_ERROR(RSA, RSA_padding_add_PKCS1_PSS_mgf1, - ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); goto err; } if (!RAND_bytes(salt, sLen)) { diff --git a/src/crypto/rsa/rsa.c b/src/crypto/rsa/rsa.c index 17059b0..2f23165 100644 --- a/src/crypto/rsa/rsa.c +++ b/src/crypto/rsa/rsa.c @@ -79,7 +79,7 @@ RSA *RSA_new(void) { return RSA_new_method(NULL); } RSA *RSA_new_method(const ENGINE *engine) { RSA *rsa = (RSA *)OPENSSL_malloc(sizeof(RSA)); if (rsa == NULL) { - OPENSSL_PUT_ERROR(RSA, RSA_new_method, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); return NULL; } @@ -114,6 +114,18 @@ RSA *RSA_new_method(const ENGINE *engine) { return rsa; } +void RSA_additional_prime_free(RSA_additional_prime *ap) { + if (ap == NULL) { + return; + } + + BN_clear_free(ap->prime); + BN_clear_free(ap->exp); + BN_clear_free(ap->coeff); + BN_clear_free(ap->r); + OPENSSL_free(ap); +} + void RSA_free(RSA *rsa) { unsigned u; @@ -145,6 +157,10 @@ void RSA_free(RSA *rsa) { } OPENSSL_free(rsa->blindings); OPENSSL_free(rsa->blindings_inuse); + if (rsa->additional_primes != NULL) { + sk_RSA_additional_prime_pop_free(rsa->additional_primes, + RSA_additional_prime_free); + } CRYPTO_MUTEX_cleanup(&rsa->lock); OPENSSL_free(rsa); } @@ -162,6 +178,16 @@ int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { return RSA_default_method.keygen(rsa, bits, e_value, cb); } +int RSA_generate_multi_prime_key(RSA *rsa, int bits, int num_primes, + BIGNUM *e_value, BN_GENCB *cb) { + if (rsa->meth->multi_prime_keygen) { + return rsa->meth->multi_prime_keygen(rsa, bits, num_primes, e_value, cb); + } + + return RSA_default_method.multi_prime_keygen(rsa, bits, num_primes, e_value, + cb); +} + int RSA_encrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, const uint8_t *in, size_t in_len, int padding) { if (rsa->meth->encrypt) { @@ -342,20 +368,15 @@ static const struct pkcs1_sig_prefix kPKCS1SigPrefixes[] = { }, }; -/* TODO(fork): mostly new code, needs careful review. */ - -/* pkcs1_prefixed_msg builds a PKCS#1, prefixed version of |msg| for the given - * hash function and sets |out_msg| to point to it. On successful return, - * |*out_msg| may be allocated memory and, if so, |*is_alloced| will be 1. */ -static int pkcs1_prefixed_msg(uint8_t **out_msg, size_t *out_msg_len, - int *is_alloced, int hash_nid, const uint8_t *msg, - size_t msg_len) { +int RSA_add_pkcs1_prefix(uint8_t **out_msg, size_t *out_msg_len, + int *is_alloced, int hash_nid, const uint8_t *msg, + size_t msg_len) { unsigned i; if (hash_nid == NID_md5_sha1) { /* Special case: SSL signature, just check the length. */ if (msg_len != SSL_SIG_LENGTH) { - OPENSSL_PUT_ERROR(RSA, pkcs1_prefixed_msg, RSA_R_INVALID_MESSAGE_LENGTH); + OPENSSL_PUT_ERROR(RSA, RSA_R_INVALID_MESSAGE_LENGTH); return 0; } @@ -378,13 +399,13 @@ static int pkcs1_prefixed_msg(uint8_t **out_msg, size_t *out_msg_len, signed_msg_len = prefix_len + msg_len; if (signed_msg_len < prefix_len) { - OPENSSL_PUT_ERROR(RSA, pkcs1_prefixed_msg, RSA_R_TOO_LONG); + OPENSSL_PUT_ERROR(RSA, RSA_R_TOO_LONG); return 0; } signed_msg = OPENSSL_malloc(signed_msg_len); if (!signed_msg) { - OPENSSL_PUT_ERROR(RSA, pkcs1_prefixed_msg, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); return 0; } @@ -398,7 +419,7 @@ static int pkcs1_prefixed_msg(uint8_t **out_msg, size_t *out_msg_len, return 1; } - OPENSSL_PUT_ERROR(RSA, pkcs1_prefixed_msg, RSA_R_UNKNOWN_ALGORITHM_TYPE); + OPENSSL_PUT_ERROR(RSA, RSA_R_UNKNOWN_ALGORITHM_TYPE); return 0; } @@ -415,14 +436,14 @@ int RSA_sign(int hash_nid, const uint8_t *in, unsigned in_len, uint8_t *out, return rsa->meth->sign(hash_nid, in, in_len, out, out_len, rsa); } - if (!pkcs1_prefixed_msg(&signed_msg, &signed_msg_len, &signed_msg_is_alloced, - hash_nid, in, in_len)) { + if (!RSA_add_pkcs1_prefix(&signed_msg, &signed_msg_len, + &signed_msg_is_alloced, hash_nid, in, in_len)) { return 0; } if (rsa_size < RSA_PKCS1_PADDING_SIZE || signed_msg_len > rsa_size - RSA_PKCS1_PADDING_SIZE) { - OPENSSL_PUT_ERROR(RSA, RSA_sign, RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); + OPENSSL_PUT_ERROR(RSA, RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); goto finish; } @@ -453,18 +474,18 @@ int RSA_verify(int hash_nid, const uint8_t *msg, size_t msg_len, } if (sig_len != rsa_size) { - OPENSSL_PUT_ERROR(RSA, RSA_verify, RSA_R_WRONG_SIGNATURE_LENGTH); + OPENSSL_PUT_ERROR(RSA, RSA_R_WRONG_SIGNATURE_LENGTH); return 0; } if (hash_nid == NID_md5_sha1 && msg_len != SSL_SIG_LENGTH) { - OPENSSL_PUT_ERROR(RSA, RSA_verify, RSA_R_INVALID_MESSAGE_LENGTH); + OPENSSL_PUT_ERROR(RSA, RSA_R_INVALID_MESSAGE_LENGTH); return 0; } buf = OPENSSL_malloc(rsa_size); if (!buf) { - OPENSSL_PUT_ERROR(RSA, RSA_verify, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); return 0; } @@ -473,13 +494,13 @@ int RSA_verify(int hash_nid, const uint8_t *msg, size_t msg_len, goto out; } - if (!pkcs1_prefixed_msg(&signed_msg, &signed_msg_len, &signed_msg_is_alloced, - hash_nid, msg, msg_len)) { + if (!RSA_add_pkcs1_prefix(&signed_msg, &signed_msg_len, + &signed_msg_is_alloced, hash_nid, msg, msg_len)) { goto out; } if (len != signed_msg_len || CRYPTO_memcmp(buf, signed_msg, len) != 0) { - OPENSSL_PUT_ERROR(RSA, RSA_verify, RSA_R_BAD_SIGNATURE); + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_SIGNATURE); goto out; } @@ -509,12 +530,12 @@ int RSA_check_key(const RSA *key) { } if ((key->p != NULL) != (key->q != NULL)) { - OPENSSL_PUT_ERROR(RSA, RSA_check_key, RSA_R_ONLY_ONE_OF_P_Q_GIVEN); + OPENSSL_PUT_ERROR(RSA, RSA_R_ONLY_ONE_OF_P_Q_GIVEN); return 0; } if (!key->n || !key->e) { - OPENSSL_PUT_ERROR(RSA, RSA_check_key, RSA_R_VALUE_MISSING); + OPENSSL_PUT_ERROR(RSA, RSA_R_VALUE_MISSING); return 0; } @@ -526,7 +547,7 @@ int RSA_check_key(const RSA *key) { ctx = BN_CTX_new(); if (ctx == NULL) { - OPENSSL_PUT_ERROR(RSA, RSA_check_key, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); return 0; } @@ -540,52 +561,74 @@ int RSA_check_key(const RSA *key) { BN_init(&dmq1); BN_init(&iqmp); - if (/* n = pq */ - !BN_mul(&n, key->p, key->q, ctx) || - /* lcm = lcm(p-1, q-1) */ + if (!BN_mul(&n, key->p, key->q, ctx) || + /* lcm = lcm(prime-1, for all primes) */ !BN_sub(&pm1, key->p, BN_value_one()) || !BN_sub(&qm1, key->q, BN_value_one()) || !BN_mul(&lcm, &pm1, &qm1, ctx) || + !BN_gcd(&gcd, &pm1, &qm1, ctx)) { + OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN); + goto out; + } + + size_t num_additional_primes = 0; + if (key->additional_primes != NULL) { + num_additional_primes = sk_RSA_additional_prime_num(key->additional_primes); + } + + size_t i; + for (i = 0; i < num_additional_primes; i++) { + const RSA_additional_prime *ap = + sk_RSA_additional_prime_value(key->additional_primes, i); + if (!BN_mul(&n, &n, ap->prime, ctx) || + !BN_sub(&pm1, ap->prime, BN_value_one()) || + !BN_mul(&lcm, &lcm, &pm1, ctx) || + !BN_gcd(&gcd, &gcd, &pm1, ctx)) { + OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN); + goto out; + } + } + + if (!BN_div(&lcm, NULL, &lcm, &gcd, ctx) || !BN_gcd(&gcd, &pm1, &qm1, ctx) || - !BN_div(&lcm, NULL, &lcm, &gcd, ctx) || - /* de = d*e mod lcm(p-1, q-1) */ + /* de = d*e mod lcm(prime-1, for all primes). */ !BN_mod_mul(&de, key->d, key->e, &lcm, ctx)) { - OPENSSL_PUT_ERROR(RSA, RSA_check_key, ERR_LIB_BN); + OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN); goto out; } if (BN_cmp(&n, key->n) != 0) { - OPENSSL_PUT_ERROR(RSA, RSA_check_key, RSA_R_N_NOT_EQUAL_P_Q); + OPENSSL_PUT_ERROR(RSA, RSA_R_N_NOT_EQUAL_P_Q); goto out; } if (!BN_is_one(&de)) { - OPENSSL_PUT_ERROR(RSA, RSA_check_key, RSA_R_D_E_NOT_CONGRUENT_TO_1); + OPENSSL_PUT_ERROR(RSA, RSA_R_D_E_NOT_CONGRUENT_TO_1); goto out; } has_crt_values = key->dmp1 != NULL; if (has_crt_values != (key->dmq1 != NULL) || has_crt_values != (key->iqmp != NULL)) { - OPENSSL_PUT_ERROR(RSA, RSA_check_key, RSA_R_INCONSISTENT_SET_OF_CRT_VALUES); + OPENSSL_PUT_ERROR(RSA, RSA_R_INCONSISTENT_SET_OF_CRT_VALUES); goto out; } - if (has_crt_values) { + if (has_crt_values && num_additional_primes == 0) { if (/* dmp1 = d mod (p-1) */ !BN_mod(&dmp1, key->d, &pm1, ctx) || /* dmq1 = d mod (q-1) */ !BN_mod(&dmq1, key->d, &qm1, ctx) || /* iqmp = q^-1 mod p */ !BN_mod_inverse(&iqmp, key->q, key->p, ctx)) { - OPENSSL_PUT_ERROR(RSA, RSA_check_key, ERR_LIB_BN); + OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN); goto out; } if (BN_cmp(&dmp1, key->dmp1) != 0 || BN_cmp(&dmq1, key->dmq1) != 0 || BN_cmp(&iqmp, key->iqmp) != 0) { - OPENSSL_PUT_ERROR(RSA, RSA_check_key, RSA_R_CRT_VALUES_INCORRECT); + OPENSSL_PUT_ERROR(RSA, RSA_R_CRT_VALUES_INCORRECT); goto out; } } @@ -613,13 +656,17 @@ int RSA_recover_crt_params(RSA *rsa) { int ok = 0; if (rsa->n == NULL || rsa->e == NULL || rsa->d == NULL) { - OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, RSA_R_EMPTY_PUBLIC_KEY); + OPENSSL_PUT_ERROR(RSA, RSA_R_EMPTY_PUBLIC_KEY); return 0; } if (rsa->p || rsa->q || rsa->dmp1 || rsa->dmq1 || rsa->iqmp) { - OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, - RSA_R_CRT_PARAMS_ALREADY_GIVEN); + OPENSSL_PUT_ERROR(RSA, RSA_R_CRT_PARAMS_ALREADY_GIVEN); + return 0; + } + + if (rsa->additional_primes != NULL) { + OPENSSL_PUT_ERROR(RSA, RSA_R_CANNOT_RECOVER_MULTI_PRIME_KEY); return 0; } @@ -628,7 +675,7 @@ int RSA_recover_crt_params(RSA *rsa) { ctx = BN_CTX_new(); if (ctx == NULL) { - OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); return 0; } @@ -641,7 +688,7 @@ int RSA_recover_crt_params(RSA *rsa) { if (totient == NULL || rem == NULL || multiple == NULL || p_plus_q == NULL || p_minus_q == NULL) { - OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); goto err; } @@ -669,12 +716,12 @@ int RSA_recover_crt_params(RSA *rsa) { !BN_div(multiple, NULL, totient, rsa->n, ctx) || !BN_add_word(multiple, 1) || !BN_div(totient, rem, totient, multiple, ctx)) { - OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(RSA, ERR_R_BN_LIB); goto err; } if (!BN_is_zero(rem)) { - OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, RSA_R_BAD_RSA_PARAMETERS); + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_RSA_PARAMETERS); goto err; } @@ -685,7 +732,7 @@ int RSA_recover_crt_params(RSA *rsa) { rsa->iqmp = BN_new(); if (rsa->p == NULL || rsa->q == NULL || rsa->dmp1 == NULL || rsa->dmq1 == NULL || rsa->iqmp == NULL) { - OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); goto err; } @@ -703,12 +750,12 @@ int RSA_recover_crt_params(RSA *rsa) { !BN_rshift1(rsa->q, rsa->q) || !BN_div(rsa->p, NULL, rsa->n, rsa->q, ctx) || !BN_mul(multiple, rsa->p, rsa->q, ctx)) { - OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(RSA, ERR_R_BN_LIB); goto err; } if (BN_cmp(multiple, rsa->n) != 0) { - OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, RSA_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(RSA, RSA_R_INTERNAL_ERROR); goto err; } @@ -717,7 +764,7 @@ int RSA_recover_crt_params(RSA *rsa) { !BN_sub(rem, rsa->q, BN_value_one()) || !BN_mod(rsa->dmq1, rsa->d, rem, ctx) || !BN_mod_inverse(rsa->iqmp, rsa->q, rsa->p, ctx)) { - OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(RSA, ERR_R_BN_LIB); goto err; } diff --git a/src/crypto/rsa/rsa_asn1.c b/src/crypto/rsa/rsa_asn1.c index 924cb8a..e3756ba 100644 --- a/src/crypto/rsa/rsa_asn1.c +++ b/src/crypto/rsa/rsa_asn1.c @@ -55,45 +55,384 @@ #include +#include +#include +#include + #include #include +#include +#include +#include +#include #include "internal.h" -/* Override the default free and new methods */ -static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, - void *exarg) { - if (operation == ASN1_OP_NEW_PRE) { - *pval = (ASN1_VALUE *)RSA_new(); - if (*pval) { - return 2; +static int parse_integer_buggy(CBS *cbs, BIGNUM **out, int buggy) { + assert(*out == NULL); + *out = BN_new(); + if (*out == NULL) { + return 0; + } + if (buggy) { + return BN_cbs2unsigned_buggy(cbs, *out); + } + return BN_cbs2unsigned(cbs, *out); +} + +static int parse_integer(CBS *cbs, BIGNUM **out) { + return parse_integer_buggy(cbs, out, 0 /* not buggy */); +} + +static int marshal_integer(CBB *cbb, BIGNUM *bn) { + if (bn == NULL) { + /* An RSA object may be missing some components. */ + OPENSSL_PUT_ERROR(RSA, RSA_R_VALUE_MISSING); + return 0; + } + return BN_bn2cbb(cbb, bn); +} + +static RSA *parse_public_key(CBS *cbs, int buggy) { + RSA *ret = RSA_new(); + if (ret == NULL) { + return NULL; + } + CBS child; + if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) || + !parse_integer_buggy(&child, &ret->n, buggy) || + !parse_integer(&child, &ret->e) || + CBS_len(&child) != 0) { + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_ENCODING); + RSA_free(ret); + return NULL; + } + return ret; +} + +RSA *RSA_parse_public_key(CBS *cbs) { + return parse_public_key(cbs, 0 /* not buggy */); +} + +RSA *RSA_parse_public_key_buggy(CBS *cbs) { + /* Estonian IDs issued between September 2014 to September 2015 are + * broken. See https://crbug.com/532048 and https://crbug.com/534766. + * + * TODO(davidben): Remove this code and callers in March 2016. */ + return parse_public_key(cbs, 1 /* buggy */); +} + +RSA *RSA_public_key_from_bytes(const uint8_t *in, size_t in_len) { + CBS cbs; + CBS_init(&cbs, in, in_len); + RSA *ret = RSA_parse_public_key(&cbs); + if (ret == NULL || CBS_len(&cbs) != 0) { + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_ENCODING); + RSA_free(ret); + return NULL; + } + return ret; +} + +int RSA_marshal_public_key(CBB *cbb, const RSA *rsa) { + CBB child; + if (!CBB_add_asn1(cbb, &child, CBS_ASN1_SEQUENCE) || + !marshal_integer(&child, rsa->n) || + !marshal_integer(&child, rsa->e) || + !CBB_flush(cbb)) { + OPENSSL_PUT_ERROR(RSA, RSA_R_ENCODE_ERROR); + return 0; + } + return 1; +} + +int RSA_public_key_to_bytes(uint8_t **out_bytes, size_t *out_len, + const RSA *rsa) { + CBB cbb; + CBB_zero(&cbb); + if (!CBB_init(&cbb, 0) || + !RSA_marshal_public_key(&cbb, rsa) || + !CBB_finish(&cbb, out_bytes, out_len)) { + OPENSSL_PUT_ERROR(RSA, RSA_R_ENCODE_ERROR); + CBB_cleanup(&cbb); + return 0; + } + return 1; +} + +/* kVersionTwoPrime and kVersionMulti are the supported values of the version + * field of an RSAPrivateKey structure (RFC 3447). */ +static const uint64_t kVersionTwoPrime = 0; +static const uint64_t kVersionMulti = 1; + +/* rsa_parse_additional_prime parses a DER-encoded OtherPrimeInfo from |cbs| and + * advances |cbs|. It returns a newly-allocated |RSA_additional_prime| on + * success or NULL on error. The |r| and |method_mod| fields of the result are + * set to NULL. */ +static RSA_additional_prime *rsa_parse_additional_prime(CBS *cbs) { + RSA_additional_prime *ret = OPENSSL_malloc(sizeof(RSA_additional_prime)); + if (ret == NULL) { + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + return 0; + } + memset(ret, 0, sizeof(RSA_additional_prime)); + + CBS child; + if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) || + !parse_integer(&child, &ret->prime) || + !parse_integer(&child, &ret->exp) || + !parse_integer(&child, &ret->coeff) || + CBS_len(&child) != 0) { + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_ENCODING); + RSA_additional_prime_free(ret); + return NULL; + } + + return ret; +} + +RSA *RSA_parse_private_key(CBS *cbs) { + BN_CTX *ctx = NULL; + BIGNUM *product_of_primes_so_far = NULL; + RSA *ret = RSA_new(); + if (ret == NULL) { + return NULL; + } + + CBS child; + uint64_t version; + if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) || + !CBS_get_asn1_uint64(&child, &version) || + (version != kVersionTwoPrime && version != kVersionMulti) || + !parse_integer(&child, &ret->n) || + !parse_integer(&child, &ret->e) || + !parse_integer(&child, &ret->d) || + !parse_integer(&child, &ret->p) || + !parse_integer(&child, &ret->q) || + !parse_integer(&child, &ret->dmp1) || + !parse_integer(&child, &ret->dmq1) || + !parse_integer(&child, &ret->iqmp)) { + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_VERSION); + goto err; + } + + /* Multi-prime RSA requires a newer version. */ + if (version == kVersionMulti && + CBS_peek_asn1_tag(&child, CBS_ASN1_SEQUENCE)) { + CBS other_prime_infos; + if (!CBS_get_asn1(&child, &other_prime_infos, CBS_ASN1_SEQUENCE) || + CBS_len(&other_prime_infos) == 0) { + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_ENCODING); + goto err; + } + ret->additional_primes = sk_RSA_additional_prime_new_null(); + if (ret->additional_primes == NULL) { + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + goto err; + } + + ctx = BN_CTX_new(); + product_of_primes_so_far = BN_new(); + if (ctx == NULL || + product_of_primes_so_far == NULL || + !BN_mul(product_of_primes_so_far, ret->p, ret->q, ctx)) { + goto err; + } + + while (CBS_len(&other_prime_infos) > 0) { + RSA_additional_prime *ap = rsa_parse_additional_prime(&other_prime_infos); + if (ap == NULL) { + goto err; + } + if (!sk_RSA_additional_prime_push(ret->additional_primes, ap)) { + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + RSA_additional_prime_free(ap); + goto err; + } + ap->r = BN_dup(product_of_primes_so_far); + if (ap->r == NULL || + !BN_mul(product_of_primes_so_far, product_of_primes_so_far, + ap->prime, ctx)) { + goto err; + } } + } + + if (CBS_len(&child) != 0) { + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_ENCODING); + goto err; + } + + BN_CTX_free(ctx); + BN_free(product_of_primes_so_far); + return ret; + +err: + BN_CTX_free(ctx); + BN_free(product_of_primes_so_far); + RSA_free(ret); + return NULL; +} + +RSA *RSA_private_key_from_bytes(const uint8_t *in, size_t in_len) { + CBS cbs; + CBS_init(&cbs, in, in_len); + RSA *ret = RSA_parse_private_key(&cbs); + if (ret == NULL || CBS_len(&cbs) != 0) { + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_ENCODING); + RSA_free(ret); + return NULL; + } + return ret; +} + +int RSA_marshal_private_key(CBB *cbb, const RSA *rsa) { + const int is_multiprime = + sk_RSA_additional_prime_num(rsa->additional_primes) > 0; + + CBB child; + if (!CBB_add_asn1(cbb, &child, CBS_ASN1_SEQUENCE) || + !CBB_add_asn1_uint64(&child, + is_multiprime ? kVersionMulti : kVersionTwoPrime) || + !marshal_integer(&child, rsa->n) || + !marshal_integer(&child, rsa->e) || + !marshal_integer(&child, rsa->d) || + !marshal_integer(&child, rsa->p) || + !marshal_integer(&child, rsa->q) || + !marshal_integer(&child, rsa->dmp1) || + !marshal_integer(&child, rsa->dmq1) || + !marshal_integer(&child, rsa->iqmp)) { + OPENSSL_PUT_ERROR(RSA, RSA_R_ENCODE_ERROR); + return 0; + } + + if (is_multiprime) { + CBB other_prime_infos; + if (!CBB_add_asn1(&child, &other_prime_infos, CBS_ASN1_SEQUENCE)) { + OPENSSL_PUT_ERROR(RSA, RSA_R_ENCODE_ERROR); + return 0; + } + size_t i; + for (i = 0; i < sk_RSA_additional_prime_num(rsa->additional_primes); i++) { + RSA_additional_prime *ap = + sk_RSA_additional_prime_value(rsa->additional_primes, i); + CBB other_prime_info; + if (!CBB_add_asn1(&other_prime_infos, &other_prime_info, + CBS_ASN1_SEQUENCE) || + !marshal_integer(&other_prime_info, ap->prime) || + !marshal_integer(&other_prime_info, ap->exp) || + !marshal_integer(&other_prime_info, ap->coeff)) { + OPENSSL_PUT_ERROR(RSA, RSA_R_ENCODE_ERROR); + return 0; + } + } + } + + if (!CBB_flush(cbb)) { + OPENSSL_PUT_ERROR(RSA, RSA_R_ENCODE_ERROR); return 0; - } else if (operation == ASN1_OP_FREE_PRE) { - RSA_free((RSA *)*pval); - *pval = NULL; - return 2; } return 1; } -ASN1_SEQUENCE_cb(RSAPrivateKey, rsa_cb) = { - ASN1_SIMPLE(RSA, version, LONG), - ASN1_SIMPLE(RSA, n, BIGNUM), - ASN1_SIMPLE(RSA, e, BIGNUM), - ASN1_SIMPLE(RSA, d, BIGNUM), - ASN1_SIMPLE(RSA, p, BIGNUM), - ASN1_SIMPLE(RSA, q, BIGNUM), - ASN1_SIMPLE(RSA, dmp1, BIGNUM), - ASN1_SIMPLE(RSA, dmq1, BIGNUM), - ASN1_SIMPLE(RSA, iqmp, BIGNUM), -} ASN1_SEQUENCE_END_cb(RSA, RSAPrivateKey); +int RSA_private_key_to_bytes(uint8_t **out_bytes, size_t *out_len, + const RSA *rsa) { + CBB cbb; + CBB_zero(&cbb); + if (!CBB_init(&cbb, 0) || + !RSA_marshal_private_key(&cbb, rsa) || + !CBB_finish(&cbb, out_bytes, out_len)) { + OPENSSL_PUT_ERROR(RSA, RSA_R_ENCODE_ERROR); + CBB_cleanup(&cbb); + return 0; + } + return 1; +} -ASN1_SEQUENCE_cb(RSAPublicKey, rsa_cb) = { - ASN1_SIMPLE(RSA, n, BIGNUM), - ASN1_SIMPLE(RSA, e, BIGNUM), -} ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey); +RSA *d2i_RSAPublicKey(RSA **out, const uint8_t **inp, long len) { + if (len < 0) { + return NULL; + } + CBS cbs; + CBS_init(&cbs, *inp, (size_t)len); + RSA *ret = RSA_parse_public_key(&cbs); + if (ret == NULL) { + return NULL; + } + if (out != NULL) { + RSA_free(*out); + *out = ret; + } + *inp += (size_t)len - CBS_len(&cbs); + return ret; +} + +int i2d_RSAPublicKey(const RSA *in, uint8_t **outp) { + uint8_t *der; + size_t der_len; + if (!RSA_public_key_to_bytes(&der, &der_len, in)) { + return -1; + } + if (der_len > INT_MAX) { + OPENSSL_PUT_ERROR(RSA, ERR_R_OVERFLOW); + OPENSSL_free(der); + return -1; + } + if (outp != NULL) { + if (*outp == NULL) { + *outp = der; + der = NULL; + } else { + memcpy(*outp, der, der_len); + *outp += der_len; + } + } + OPENSSL_free(der); + return (int)der_len; +} + +RSA *d2i_RSAPrivateKey(RSA **out, const uint8_t **inp, long len) { + if (len < 0) { + return NULL; + } + CBS cbs; + CBS_init(&cbs, *inp, (size_t)len); + RSA *ret = RSA_parse_private_key(&cbs); + if (ret == NULL) { + return NULL; + } + if (out != NULL) { + RSA_free(*out); + *out = ret; + } + *inp += (size_t)len - CBS_len(&cbs); + return ret; +} + +int i2d_RSAPrivateKey(const RSA *in, uint8_t **outp) { + uint8_t *der; + size_t der_len; + if (!RSA_private_key_to_bytes(&der, &der_len, in)) { + return -1; + } + if (der_len > INT_MAX) { + OPENSSL_PUT_ERROR(RSA, ERR_R_OVERFLOW); + OPENSSL_free(der); + return -1; + } + if (outp != NULL) { + if (*outp == NULL) { + *outp = der; + der = NULL; + } else { + memcpy(*outp, der, der_len); + *outp += der_len; + } + } + OPENSSL_free(der); + return (int)der_len; +} ASN1_SEQUENCE(RSA_PSS_PARAMS) = { ASN1_EXP_OPT(RSA_PSS_PARAMS, hashAlgorithm, X509_ALGOR,0), @@ -104,22 +443,24 @@ ASN1_SEQUENCE(RSA_PSS_PARAMS) = { IMPLEMENT_ASN1_FUNCTIONS(RSA_PSS_PARAMS); -ASN1_SEQUENCE(RSA_OAEP_PARAMS) = { - ASN1_EXP_OPT(RSA_OAEP_PARAMS, hashFunc, X509_ALGOR, 0), - ASN1_EXP_OPT(RSA_OAEP_PARAMS, maskGenFunc, X509_ALGOR, 1), - ASN1_EXP_OPT(RSA_OAEP_PARAMS, pSourceFunc, X509_ALGOR, 2), -} ASN1_SEQUENCE_END(RSA_OAEP_PARAMS); - -IMPLEMENT_ASN1_FUNCTIONS(RSA_OAEP_PARAMS); - -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPrivateKey, RSAPrivateKey); - -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPublicKey, RSAPublicKey); - RSA *RSAPublicKey_dup(const RSA *rsa) { - return ASN1_item_dup(ASN1_ITEM_rptr(RSAPublicKey), (RSA *) rsa); + uint8_t *der; + size_t der_len; + if (!RSA_public_key_to_bytes(&der, &der_len, rsa)) { + return NULL; + } + RSA *ret = RSA_public_key_from_bytes(der, der_len); + OPENSSL_free(der); + return ret; } RSA *RSAPrivateKey_dup(const RSA *rsa) { - return ASN1_item_dup(ASN1_ITEM_rptr(RSAPrivateKey), (RSA *) rsa); + uint8_t *der; + size_t der_len; + if (!RSA_private_key_to_bytes(&der, &der_len, rsa)) { + return NULL; + } + RSA *ret = RSA_private_key_from_bytes(der, der_len); + OPENSSL_free(der); + return ret; } diff --git a/src/crypto/rsa/rsa_impl.c b/src/crypto/rsa/rsa_impl.c index e14f0f5..eb4a36f 100644 --- a/src/crypto/rsa/rsa_impl.c +++ b/src/crypto/rsa/rsa_impl.c @@ -78,6 +78,15 @@ static int finish(RSA *rsa) { BN_MONT_CTX_free(rsa->_method_mod_p); BN_MONT_CTX_free(rsa->_method_mod_q); + if (rsa->additional_primes != NULL) { + size_t i; + for (i = 0; i < sk_RSA_additional_prime_num(rsa->additional_primes); i++) { + RSA_additional_prime *ap = + sk_RSA_additional_prime_value(rsa->additional_primes, i); + BN_MONT_CTX_free(ap->method_mod); + } + } + return 1; } @@ -94,24 +103,24 @@ static int encrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, int i, ret = 0; if (rsa_size > OPENSSL_RSA_MAX_MODULUS_BITS) { - OPENSSL_PUT_ERROR(RSA, encrypt, RSA_R_MODULUS_TOO_LARGE); + OPENSSL_PUT_ERROR(RSA, RSA_R_MODULUS_TOO_LARGE); return 0; } if (max_out < rsa_size) { - OPENSSL_PUT_ERROR(RSA, encrypt, RSA_R_OUTPUT_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_R_OUTPUT_BUFFER_TOO_SMALL); return 0; } if (BN_ucmp(rsa->n, rsa->e) <= 0) { - OPENSSL_PUT_ERROR(RSA, encrypt, RSA_R_BAD_E_VALUE); + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_E_VALUE); return 0; } /* for large moduli, enforce exponent limit */ if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS && BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) { - OPENSSL_PUT_ERROR(RSA, encrypt, RSA_R_BAD_E_VALUE); + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_E_VALUE); return 0; } @@ -125,7 +134,7 @@ static int encrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, result = BN_CTX_get(ctx); buf = OPENSSL_malloc(rsa_size); if (!f || !result || !buf) { - OPENSSL_PUT_ERROR(RSA, encrypt, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); goto err; } @@ -142,7 +151,7 @@ static int encrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, i = RSA_padding_add_none(buf, rsa_size, in, in_len); break; default: - OPENSSL_PUT_ERROR(RSA, encrypt, RSA_R_UNKNOWN_PADDING_TYPE); + OPENSSL_PUT_ERROR(RSA, RSA_R_UNKNOWN_PADDING_TYPE); goto err; } @@ -156,7 +165,7 @@ static int encrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, if (BN_ucmp(f, rsa->n) >= 0) { /* usually the padding functions would catch this */ - OPENSSL_PUT_ERROR(RSA, encrypt, RSA_R_DATA_TOO_LARGE_FOR_MODULUS); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_MODULUS); goto err; } @@ -175,7 +184,7 @@ static int encrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, /* put in leading 0 bytes if the number is less than the length of the * modulus */ if (!BN_bn2bin_padded(out, rsa_size, result)) { - OPENSSL_PUT_ERROR(RSA, encrypt, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR); goto err; } @@ -309,13 +318,13 @@ static int sign_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, int i, ret = 0; if (max_out < rsa_size) { - OPENSSL_PUT_ERROR(RSA, sign_raw, RSA_R_OUTPUT_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_R_OUTPUT_BUFFER_TOO_SMALL); return 0; } buf = OPENSSL_malloc(rsa_size); if (buf == NULL) { - OPENSSL_PUT_ERROR(RSA, sign_raw, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); goto err; } @@ -327,7 +336,7 @@ static int sign_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, i = RSA_padding_add_none(buf, rsa_size, in, in_len); break; default: - OPENSSL_PUT_ERROR(RSA, sign_raw, RSA_R_UNKNOWN_PADDING_TYPE); + OPENSSL_PUT_ERROR(RSA, RSA_R_UNKNOWN_PADDING_TYPE); goto err; } @@ -359,18 +368,23 @@ static int decrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, int ret = 0; if (max_out < rsa_size) { - OPENSSL_PUT_ERROR(RSA, decrypt, RSA_R_OUTPUT_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_R_OUTPUT_BUFFER_TOO_SMALL); return 0; } - buf = OPENSSL_malloc(rsa_size); - if (buf == NULL) { - OPENSSL_PUT_ERROR(RSA, decrypt, ERR_R_MALLOC_FAILURE); - goto err; + if (padding == RSA_NO_PADDING) { + buf = out; + } else { + /* Allocate a temporary buffer to hold the padded plaintext. */ + buf = OPENSSL_malloc(rsa_size); + if (buf == NULL) { + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + goto err; + } } if (in_len != rsa_size) { - OPENSSL_PUT_ERROR(RSA, decrypt, RSA_R_DATA_LEN_NOT_EQUAL_TO_MOD_LEN); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_LEN_NOT_EQUAL_TO_MOD_LEN); goto err; } @@ -388,22 +402,22 @@ static int decrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, NULL, 0, NULL, NULL); break; case RSA_NO_PADDING: - r = RSA_padding_check_none(out, rsa_size, buf, rsa_size); + r = rsa_size; break; default: - OPENSSL_PUT_ERROR(RSA, decrypt, RSA_R_UNKNOWN_PADDING_TYPE); + OPENSSL_PUT_ERROR(RSA, RSA_R_UNKNOWN_PADDING_TYPE); goto err; } if (r < 0) { - OPENSSL_PUT_ERROR(RSA, decrypt, RSA_R_PADDING_CHECK_FAILED); + OPENSSL_PUT_ERROR(RSA, RSA_R_PADDING_CHECK_FAILED); } else { *out_len = r; ret = 1; } err: - if (buf != NULL) { + if (padding != RSA_NO_PADDING && buf != NULL) { OPENSSL_cleanse(buf, rsa_size); OPENSSL_free(buf); } @@ -421,24 +435,24 @@ static int verify_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, BN_CTX *ctx = NULL; if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) { - OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_MODULUS_TOO_LARGE); + OPENSSL_PUT_ERROR(RSA, RSA_R_MODULUS_TOO_LARGE); return 0; } if (BN_ucmp(rsa->n, rsa->e) <= 0) { - OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_BAD_E_VALUE); + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_E_VALUE); return 0; } if (max_out < rsa_size) { - OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_OUTPUT_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_R_OUTPUT_BUFFER_TOO_SMALL); return 0; } /* for large moduli, enforce exponent limit */ if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS && BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) { - OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_BAD_E_VALUE); + OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_E_VALUE); return 0; } @@ -450,14 +464,23 @@ static int verify_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, BN_CTX_start(ctx); f = BN_CTX_get(ctx); result = BN_CTX_get(ctx); - buf = OPENSSL_malloc(rsa_size); - if (!f || !result || !buf) { - OPENSSL_PUT_ERROR(RSA, verify_raw, ERR_R_MALLOC_FAILURE); + if (padding == RSA_NO_PADDING) { + buf = out; + } else { + /* Allocate a temporary buffer to hold the padded plaintext. */ + buf = OPENSSL_malloc(rsa_size); + if (buf == NULL) { + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); + goto err; + } + } + if (!f || !result) { + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); goto err; } if (in_len != rsa_size) { - OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_DATA_LEN_NOT_EQUAL_TO_MOD_LEN); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_LEN_NOT_EQUAL_TO_MOD_LEN); goto err; } @@ -466,7 +489,7 @@ static int verify_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, } if (BN_ucmp(f, rsa->n) >= 0) { - OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_DATA_TOO_LARGE_FOR_MODULUS); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_MODULUS); goto err; } @@ -483,7 +506,7 @@ static int verify_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, } if (!BN_bn2bin_padded(buf, rsa_size, result)) { - OPENSSL_PUT_ERROR(RSA, verify_raw, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR); goto err; } @@ -492,15 +515,15 @@ static int verify_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, r = RSA_padding_check_PKCS1_type_1(out, rsa_size, buf, rsa_size); break; case RSA_NO_PADDING: - r = RSA_padding_check_none(out, rsa_size, buf, rsa_size); + r = rsa_size; break; default: - OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_UNKNOWN_PADDING_TYPE); + OPENSSL_PUT_ERROR(RSA, RSA_R_UNKNOWN_PADDING_TYPE); goto err; } if (r < 0) { - OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_PADDING_CHECK_FAILED); + OPENSSL_PUT_ERROR(RSA, RSA_R_PADDING_CHECK_FAILED); } else { *out_len = r; ret = 1; @@ -511,7 +534,7 @@ err: BN_CTX_end(ctx); BN_CTX_free(ctx); } - if (buf != NULL) { + if (padding != RSA_NO_PADDING && buf != NULL) { OPENSSL_cleanse(buf, rsa_size); OPENSSL_free(buf); } @@ -535,7 +558,7 @@ static int private_transform(RSA *rsa, uint8_t *out, const uint8_t *in, result = BN_CTX_get(ctx); if (f == NULL || result == NULL) { - OPENSSL_PUT_ERROR(RSA, private_transform, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE); goto err; } @@ -545,14 +568,14 @@ static int private_transform(RSA *rsa, uint8_t *out, const uint8_t *in, if (BN_ucmp(f, rsa->n) >= 0) { /* Usually the padding functions would catch this. */ - OPENSSL_PUT_ERROR(RSA, private_transform, RSA_R_DATA_TOO_LARGE_FOR_MODULUS); + OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE_FOR_MODULUS); goto err; } if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) { blinding = rsa_blinding_get(rsa, &blinding_index, ctx); if (blinding == NULL) { - OPENSSL_PUT_ERROR(RSA, private_transform, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR); goto err; } if (!BN_BLINDING_convert_ex(f, NULL, blinding, ctx)) { @@ -593,7 +616,7 @@ static int private_transform(RSA *rsa, uint8_t *out, const uint8_t *in, } if (!BN_bn2bin_padded(out, len, result)) { - OPENSSL_PUT_ERROR(RSA, private_transform, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR); goto err; } @@ -616,6 +639,11 @@ static int mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) { BIGNUM local_dmp1, local_dmq1, local_c, local_r1; BIGNUM *dmp1, *dmq1, *c, *pr1; int ret = 0; + size_t i, num_additional_primes = 0; + + if (rsa->additional_primes != NULL) { + num_additional_primes = sk_RSA_additional_prime_num(rsa->additional_primes); + } BN_CTX_start(ctx); r1 = BN_CTX_get(ctx); @@ -724,6 +752,42 @@ static int mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) { goto err; } + for (i = 0; i < num_additional_primes; i++) { + /* multi-prime RSA. */ + BIGNUM local_exp, local_prime; + BIGNUM *exp = &local_exp, *prime = &local_prime; + RSA_additional_prime *ap = + sk_RSA_additional_prime_value(rsa->additional_primes, i); + + BN_with_flags(exp, ap->exp, BN_FLG_CONSTTIME); + BN_with_flags(prime, ap->prime, BN_FLG_CONSTTIME); + + /* c will already point to a BIGNUM with the correct flags. */ + if (!BN_mod(r1, c, prime, ctx)) { + goto err; + } + + if ((rsa->flags & RSA_FLAG_CACHE_PRIVATE) && + !BN_MONT_CTX_set_locked(&ap->method_mod, &rsa->lock, prime, ctx)) { + goto err; + } + + if (!rsa->meth->bn_mod_exp(m1, r1, exp, prime, ctx, ap->method_mod)) { + goto err; + } + + BN_set_flags(m1, BN_FLG_CONSTTIME); + + if (!BN_sub(m1, m1, r0) || + !BN_mul(m1, m1, ap->coeff, ctx) || + !BN_mod(m1, m1, prime, ctx) || + (BN_is_negative(m1) && !BN_add(m1, m1, prime)) || + !BN_mul(m1, m1, ap->r, ctx) || + !BN_add(r0, r0, m1)) { + goto err; + } + } + if (rsa->e && rsa->n) { if (!rsa->meth->bn_mod_exp(vrfy, r0, rsa->e, rsa->n, ctx, rsa->_method_mod_n)) { @@ -766,12 +830,20 @@ err: return ret; } -static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { +static int keygen_multiprime(RSA *rsa, int bits, int num_primes, + BIGNUM *e_value, BN_GENCB *cb) { BIGNUM *r0 = NULL, *r1 = NULL, *r2 = NULL, *r3 = NULL, *tmp; BIGNUM local_r0, local_d, local_p; BIGNUM *pr0, *d, *p; - int bitsp, bitsq, ok = -1, n = 0; + int prime_bits, ok = -1, n = 0, i, j; BN_CTX *ctx = NULL; + STACK_OF(RSA_additional_prime) *additional_primes = NULL; + + if (num_primes < 2) { + ok = 0; /* we set our own err */ + OPENSSL_PUT_ERROR(RSA, RSA_R_MUST_HAVE_AT_LEAST_TWO_PRIMES); + goto err; + } ctx = BN_CTX_new(); if (ctx == NULL) { @@ -782,12 +854,36 @@ static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { r1 = BN_CTX_get(ctx); r2 = BN_CTX_get(ctx); r3 = BN_CTX_get(ctx); - if (r3 == NULL) { + if (r0 == NULL || r1 == NULL || r2 == NULL || r3 == NULL) { goto err; } - bitsp = (bits + 1) / 2; - bitsq = bits - bitsp; + if (num_primes > 2) { + additional_primes = sk_RSA_additional_prime_new_null(); + if (additional_primes == NULL) { + goto err; + } + } + + for (i = 2; i < num_primes; i++) { + RSA_additional_prime *ap = OPENSSL_malloc(sizeof(RSA_additional_prime)); + if (ap == NULL) { + goto err; + } + memset(ap, 0, sizeof(RSA_additional_prime)); + ap->prime = BN_new(); + ap->exp = BN_new(); + ap->coeff = BN_new(); + ap->r = BN_new(); + if (ap->prime == NULL || + ap->exp == NULL || + ap->coeff == NULL || + ap->r == NULL || + !sk_RSA_additional_prime_push(additional_primes, ap)) { + RSA_additional_prime_free(ap); + goto err; + } + } /* We need the RSA components non-NULL */ if (!rsa->n && ((rsa->n = BN_new()) == NULL)) { @@ -815,11 +911,14 @@ static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { goto err; } - BN_copy(rsa->e, e_value); + if (!BN_copy(rsa->e, e_value)) { + goto err; + } /* generate p and q */ + prime_bits = (bits + (num_primes - 1)) / num_primes; for (;;) { - if (!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb) || + if (!BN_generate_prime_ex(rsa->p, prime_bits, 0, NULL, NULL, cb) || !BN_sub(r2, rsa->p, BN_value_one()) || !BN_gcd(r1, r2, rsa->e, ctx)) { goto err; @@ -834,19 +933,20 @@ static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { if (!BN_GENCB_call(cb, 3, 0)) { goto err; } + prime_bits = ((bits - prime_bits) + (num_primes - 2)) / (num_primes - 1); for (;;) { /* When generating ridiculously small keys, we can get stuck * continually regenerating the same prime values. Check for * this and bail if it happens 3 times. */ unsigned int degenerate = 0; do { - if (!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb)) { + if (!BN_generate_prime_ex(rsa->q, prime_bits, 0, NULL, NULL, cb)) { goto err; } } while ((BN_cmp(rsa->p, rsa->q) == 0) && (++degenerate < 3)); if (degenerate == 3) { ok = 0; /* we set our own err */ - OPENSSL_PUT_ERROR(RSA, keygen, RSA_R_KEY_SIZE_TOO_SMALL); + OPENSSL_PUT_ERROR(RSA, RSA_R_KEY_SIZE_TOO_SMALL); goto err; } if (!BN_sub(r2, rsa->q, BN_value_one()) || @@ -860,20 +960,91 @@ static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { goto err; } } - if (!BN_GENCB_call(cb, 3, 1)) { + + if (!BN_GENCB_call(cb, 3, 1) || + !BN_mul(rsa->n, rsa->p, rsa->q, ctx)) { goto err; } + + for (i = 2; i < num_primes; i++) { + RSA_additional_prime *ap = + sk_RSA_additional_prime_value(additional_primes, i - 2); + prime_bits = ((bits - BN_num_bits(rsa->n)) + (num_primes - (i + 1))) / + (num_primes - i); + + for (;;) { + if (!BN_generate_prime_ex(ap->prime, prime_bits, 0, NULL, NULL, cb)) { + goto err; + } + if (BN_cmp(rsa->p, ap->prime) == 0 || + BN_cmp(rsa->q, ap->prime) == 0) { + continue; + } + + for (j = 0; j < i - 2; j++) { + if (BN_cmp(sk_RSA_additional_prime_value(additional_primes, j)->prime, + ap->prime) == 0) { + break; + } + } + if (j != i - 2) { + continue; + } + + if (!BN_sub(r2, ap->prime, BN_value_one()) || + !BN_gcd(r1, r2, rsa->e, ctx)) { + goto err; + } + + if (!BN_is_one(r1)) { + continue; + } + if (i != num_primes - 1) { + break; + } + + /* For the last prime we'll check that it makes n large enough. In the + * two prime case this isn't a problem because we generate primes with + * the top two bits set and so the product is always of the expected + * size. In the multi prime case, this doesn't follow. */ + if (!BN_mul(r1, rsa->n, ap->prime, ctx)) { + goto err; + } + if (BN_num_bits(r1) == bits) { + break; + } + + if (!BN_GENCB_call(cb, 2, n++)) { + goto err; + } + } + + /* ap->r is is the product of all the primes prior to the current one + * (including p and q). */ + if (!BN_copy(ap->r, rsa->n)) { + goto err; + } + if (i == num_primes - 1) { + /* In the case of the last prime, we calculated n as |r1| in the loop + * above. */ + if (!BN_copy(rsa->n, r1)) { + goto err; + } + } else if (!BN_mul(rsa->n, rsa->n, ap->prime, ctx)) { + goto err; + } + + if (!BN_GENCB_call(cb, 3, 1)) { + goto err; + } + } + if (BN_cmp(rsa->p, rsa->q) < 0) { tmp = rsa->p; rsa->p = rsa->q; rsa->q = tmp; } - /* calculate n */ - if (!BN_mul(rsa->n, rsa->p, rsa->q, ctx)) { - goto err; - } - /* calculate d */ if (!BN_sub(r1, rsa->p, BN_value_one())) { goto err; /* p-1 */ @@ -884,6 +1055,14 @@ static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { if (!BN_mul(r0, r1, r2, ctx)) { goto err; /* (p-1)(q-1) */ } + for (i = 2; i < num_primes; i++) { + RSA_additional_prime *ap = + sk_RSA_additional_prime_value(additional_primes, i - 2); + if (!BN_sub(r3, ap->prime, BN_value_one()) || + !BN_mul(r0, r0, r3, ctx)) { + goto err; + } + } pr0 = &local_r0; BN_with_flags(pr0, r0, BN_FLG_CONSTTIME); if (!BN_mod_inverse(rsa->d, rsa->e, pr0, ctx)) { @@ -912,21 +1091,38 @@ static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { goto err; } + for (i = 2; i < num_primes; i++) { + RSA_additional_prime *ap = + sk_RSA_additional_prime_value(additional_primes, i - 2); + if (!BN_sub(ap->exp, ap->prime, BN_value_one()) || + !BN_mod(ap->exp, rsa->d, ap->exp, ctx) || + !BN_mod_inverse(ap->coeff, ap->r, ap->prime, ctx)) { + goto err; + } + } + ok = 1; + rsa->additional_primes = additional_primes; + additional_primes = NULL; err: if (ok == -1) { - OPENSSL_PUT_ERROR(RSA, keygen, ERR_LIB_BN); + OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN); ok = 0; } if (ctx != NULL) { BN_CTX_end(ctx); BN_CTX_free(ctx); } - + sk_RSA_additional_prime_pop_free(additional_primes, + RSA_additional_prime_free); return ok; } +static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { + return keygen_multiprime(rsa, bits, 2 /* num primes */, e_value, cb); +} + const struct rsa_meth_st RSA_default_method = { { 0 /* references */, @@ -955,4 +1151,7 @@ const struct rsa_meth_st RSA_default_method = { RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE, keygen, + keygen_multiprime, + + NULL /* supports_digest */, }; diff --git a/src/crypto/rsa/rsa_test.c b/src/crypto/rsa/rsa_test.c deleted file mode 100644 index 318cf3f..0000000 --- a/src/crypto/rsa/rsa_test.c +++ /dev/null @@ -1,511 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#include - -#include -#include - -#include -#include -#include -#include - - -#define SetKey \ - key->n = BN_bin2bn(n, sizeof(n) - 1, key->n); \ - key->e = BN_bin2bn(e, sizeof(e) - 1, key->e); \ - key->d = BN_bin2bn(d, sizeof(d) - 1, key->d); \ - key->p = BN_bin2bn(p, sizeof(p) - 1, key->p); \ - key->q = BN_bin2bn(q, sizeof(q) - 1, key->q); \ - key->dmp1 = BN_bin2bn(dmp1, sizeof(dmp1) - 1, key->dmp1); \ - key->dmq1 = BN_bin2bn(dmq1, sizeof(dmq1) - 1, key->dmq1); \ - key->iqmp = BN_bin2bn(iqmp, sizeof(iqmp) - 1, key->iqmp); \ - memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \ - return (sizeof(ctext_ex) - 1); - -static int key1(RSA *key, unsigned char *c) { - static unsigned char n[] = - "\x00\xAA\x36\xAB\xCE\x88\xAC\xFD\xFF\x55\x52\x3C\x7F\xC4\x52\x3F" - "\x90\xEF\xA0\x0D\xF3\x77\x4A\x25\x9F\x2E\x62\xB4\xC5\xD9\x9C\xB5" - "\xAD\xB3\x00\xA0\x28\x5E\x53\x01\x93\x0E\x0C\x70\xFB\x68\x76\x93" - "\x9C\xE6\x16\xCE\x62\x4A\x11\xE0\x08\x6D\x34\x1E\xBC\xAC\xA0\xA1" - "\xF5"; - - static unsigned char e[] = "\x11"; - - static unsigned char d[] = - "\x0A\x03\x37\x48\x62\x64\x87\x69\x5F\x5F\x30\xBC\x38\xB9\x8B\x44" - "\xC2\xCD\x2D\xFF\x43\x40\x98\xCD\x20\xD8\xA1\x38\xD0\x90\xBF\x64" - "\x79\x7C\x3F\xA7\xA2\xCD\xCB\x3C\xD1\xE0\xBD\xBA\x26\x54\xB4\xF9" - "\xDF\x8E\x8A\xE5\x9D\x73\x3D\x9F\x33\xB3\x01\x62\x4A\xFD\x1D\x51"; - - static unsigned char p[] = - "\x00\xD8\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5" - "\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x12" - "\x0D"; - - static unsigned char q[] = - "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9" - "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D" - "\x89"; - - static unsigned char dmp1[] = - "\x59\x0B\x95\x72\xA2\xC2\xA9\xC4\x06\x05\x9D\xC2\xAB\x2F\x1D\xAF" - "\xEB\x7E\x8B\x4F\x10\xA7\x54\x9E\x8E\xED\xF5\xB4\xFC\xE0\x9E\x05"; - - static unsigned char dmq1[] = - "\x00\x8E\x3C\x05\x21\xFE\x15\xE0\xEA\x06\xA3\x6F\xF0\xF1\x0C\x99" - "\x52\xC3\x5B\x7A\x75\x14\xFD\x32\x38\xB8\x0A\xAD\x52\x98\x62\x8D" - "\x51"; - - static unsigned char iqmp[] = - "\x36\x3F\xF7\x18\x9D\xA8\xE9\x0B\x1D\x34\x1F\x71\xD0\x9B\x76\xA8" - "\xA9\x43\xE1\x1D\x10\xB2\x4D\x24\x9F\x2D\xEA\xFE\xF8\x0C\x18\x26"; - - static unsigned char ctext_ex[] = - "\x1b\x8f\x05\xf9\xca\x1a\x79\x52\x6e\x53\xf3\xcc\x51\x4f\xdb\x89" - "\x2b\xfb\x91\x93\x23\x1e\x78\xb9\x92\xe6\x8d\x50\xa4\x80\xcb\x52" - "\x33\x89\x5c\x74\x95\x8d\x5d\x02\xab\x8c\x0f\xd0\x40\xeb\x58\x44" - "\xb0\x05\xc3\x9e\xd8\x27\x4a\x9d\xbf\xa8\x06\x71\x40\x94\x39\xd2"; - - SetKey; -} - -static int key2(RSA *key, unsigned char *c) { - static unsigned char n[] = - "\x00\xA3\x07\x9A\x90\xDF\x0D\xFD\x72\xAC\x09\x0C\xCC\x2A\x78\xB8" - "\x74\x13\x13\x3E\x40\x75\x9C\x98\xFA\xF8\x20\x4F\x35\x8A\x0B\x26" - "\x3C\x67\x70\xE7\x83\xA9\x3B\x69\x71\xB7\x37\x79\xD2\x71\x7B\xE8" - "\x34\x77\xCF"; - - static unsigned char e[] = "\x3"; - - static unsigned char d[] = - "\x6C\xAF\xBC\x60\x94\xB3\xFE\x4C\x72\xB0\xB3\x32\xC6\xFB\x25\xA2" - "\xB7\x62\x29\x80\x4E\x68\x65\xFC\xA4\x5A\x74\xDF\x0F\x8F\xB8\x41" - "\x3B\x52\xC0\xD0\xE5\x3D\x9B\x59\x0F\xF1\x9B\xE7\x9F\x49\xDD\x21" - "\xE5\xEB"; - - static unsigned char p[] = - "\x00\xCF\x20\x35\x02\x8B\x9D\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92" - "\xEA\x0D\xA3\xB4\x32\x04\xB5\xCF\xCE\x91"; - - static unsigned char q[] = - "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9" - "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5F"; - - static unsigned char dmp1[] = - "\x00\x8A\x15\x78\xAC\x5D\x13\xAF\x10\x2B\x22\xB9\x99\xCD\x74\x61" - "\xF1\x5E\x6D\x22\xCC\x03\x23\xDF\xDF\x0B"; - - static unsigned char dmq1[] = - "\x00\x86\x55\x21\x4A\xC5\x4D\x8D\x4E\xCD\x61\x77\xF1\xC7\x36\x90" - "\xCE\x2A\x48\x2C\x8B\x05\x99\xCB\xE0\x3F"; - - static unsigned char iqmp[] = - "\x00\x83\xEF\xEF\xB8\xA9\xA4\x0D\x1D\xB6\xED\x98\xAD\x84\xED\x13" - "\x35\xDC\xC1\x08\xF3\x22\xD0\x57\xCF\x8D"; - - static unsigned char ctext_ex[] = - "\x14\xbd\xdd\x28\xc9\x83\x35\x19\x23\x80\xe8\xe5\x49\xb1\x58\x2a" - "\x8b\x40\xb4\x48\x6d\x03\xa6\xa5\x31\x1f\x1f\xd5\xf0\xa1\x80\xe4" - "\x17\x53\x03\x29\xa9\x34\x90\x74\xb1\x52\x13\x54\x29\x08\x24\x52" - "\x62\x51"; - - SetKey; -} - -static int key3(RSA *key, unsigned char *c) { - static unsigned char n[] = - "\x00\xBB\xF8\x2F\x09\x06\x82\xCE\x9C\x23\x38\xAC\x2B\x9D\xA8\x71" - "\xF7\x36\x8D\x07\xEE\xD4\x10\x43\xA4\x40\xD6\xB6\xF0\x74\x54\xF5" - "\x1F\xB8\xDF\xBA\xAF\x03\x5C\x02\xAB\x61\xEA\x48\xCE\xEB\x6F\xCD" - "\x48\x76\xED\x52\x0D\x60\xE1\xEC\x46\x19\x71\x9D\x8A\x5B\x8B\x80" - "\x7F\xAF\xB8\xE0\xA3\xDF\xC7\x37\x72\x3E\xE6\xB4\xB7\xD9\x3A\x25" - "\x84\xEE\x6A\x64\x9D\x06\x09\x53\x74\x88\x34\xB2\x45\x45\x98\x39" - "\x4E\xE0\xAA\xB1\x2D\x7B\x61\xA5\x1F\x52\x7A\x9A\x41\xF6\xC1\x68" - "\x7F\xE2\x53\x72\x98\xCA\x2A\x8F\x59\x46\xF8\xE5\xFD\x09\x1D\xBD" - "\xCB"; - - static unsigned char e[] = "\x11"; - - static unsigned char d[] = - "\x00\xA5\xDA\xFC\x53\x41\xFA\xF2\x89\xC4\xB9\x88\xDB\x30\xC1\xCD" - "\xF8\x3F\x31\x25\x1E\x06\x68\xB4\x27\x84\x81\x38\x01\x57\x96\x41" - "\xB2\x94\x10\xB3\xC7\x99\x8D\x6B\xC4\x65\x74\x5E\x5C\x39\x26\x69" - "\xD6\x87\x0D\xA2\xC0\x82\xA9\x39\xE3\x7F\xDC\xB8\x2E\xC9\x3E\xDA" - "\xC9\x7F\xF3\xAD\x59\x50\xAC\xCF\xBC\x11\x1C\x76\xF1\xA9\x52\x94" - "\x44\xE5\x6A\xAF\x68\xC5\x6C\x09\x2C\xD3\x8D\xC3\xBE\xF5\xD2\x0A" - "\x93\x99\x26\xED\x4F\x74\xA1\x3E\xDD\xFB\xE1\xA1\xCE\xCC\x48\x94" - "\xAF\x94\x28\xC2\xB7\xB8\x88\x3F\xE4\x46\x3A\x4B\xC8\x5B\x1C\xB3" - "\xC1"; - - static unsigned char p[] = - "\x00\xEE\xCF\xAE\x81\xB1\xB9\xB3\xC9\x08\x81\x0B\x10\xA1\xB5\x60" - "\x01\x99\xEB\x9F\x44\xAE\xF4\xFD\xA4\x93\xB8\x1A\x9E\x3D\x84\xF6" - "\x32\x12\x4E\xF0\x23\x6E\x5D\x1E\x3B\x7E\x28\xFA\xE7\xAA\x04\x0A" - "\x2D\x5B\x25\x21\x76\x45\x9D\x1F\x39\x75\x41\xBA\x2A\x58\xFB\x65" - "\x99"; - - static unsigned char q[] = - "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9" - "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D" - "\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5" - "\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x15" - "\x03"; - - static unsigned char dmp1[] = - "\x54\x49\x4C\xA6\x3E\xBA\x03\x37\xE4\xE2\x40\x23\xFC\xD6\x9A\x5A" - "\xEB\x07\xDD\xDC\x01\x83\xA4\xD0\xAC\x9B\x54\xB0\x51\xF2\xB1\x3E" - "\xD9\x49\x09\x75\xEA\xB7\x74\x14\xFF\x59\xC1\xF7\x69\x2E\x9A\x2E" - "\x20\x2B\x38\xFC\x91\x0A\x47\x41\x74\xAD\xC9\x3C\x1F\x67\xC9\x81"; - - static unsigned char dmq1[] = - "\x47\x1E\x02\x90\xFF\x0A\xF0\x75\x03\x51\xB7\xF8\x78\x86\x4C\xA9" - "\x61\xAD\xBD\x3A\x8A\x7E\x99\x1C\x5C\x05\x56\xA9\x4C\x31\x46\xA7" - "\xF9\x80\x3F\x8F\x6F\x8A\xE3\x42\xE9\x31\xFD\x8A\xE4\x7A\x22\x0D" - "\x1B\x99\xA4\x95\x84\x98\x07\xFE\x39\xF9\x24\x5A\x98\x36\xDA\x3D"; - - static unsigned char iqmp[] = - "\x00\xB0\x6C\x4F\xDA\xBB\x63\x01\x19\x8D\x26\x5B\xDB\xAE\x94\x23" - "\xB3\x80\xF2\x71\xF7\x34\x53\x88\x50\x93\x07\x7F\xCD\x39\xE2\x11" - "\x9F\xC9\x86\x32\x15\x4F\x58\x83\xB1\x67\xA9\x67\xBF\x40\x2B\x4E" - "\x9E\x2E\x0F\x96\x56\xE6\x98\xEA\x36\x66\xED\xFB\x25\x79\x80\x39" - "\xF7"; - - static unsigned char ctext_ex[] = - "\xb8\x24\x6b\x56\xa6\xed\x58\x81\xae\xb5\x85\xd9\xa2\x5b\x2a\xd7" - "\x90\xc4\x17\xe0\x80\x68\x1b\xf1\xac\x2b\xc3\xde\xb6\x9d\x8b\xce" - "\xf0\xc4\x36\x6f\xec\x40\x0a\xf0\x52\xa7\x2e\x9b\x0e\xff\xb5\xb3" - "\xf2\xf1\x92\xdb\xea\xca\x03\xc1\x27\x40\x05\x71\x13\xbf\x1f\x06" - "\x69\xac\x22\xe9\xf3\xa7\x85\x2e\x3c\x15\xd9\x13\xca\xb0\xb8\x86" - "\x3a\x95\xc9\x92\x94\xce\x86\x74\x21\x49\x54\x61\x03\x46\xf4\xd4" - "\x74\xb2\x6f\x7c\x48\xb4\x2e\xe6\x8e\x1f\x57\x2a\x1f\xc4\x02\x6a" - "\xc4\x56\xb4\xf5\x9f\x7b\x62\x1e\xa1\xb9\xd8\x8f\x64\x20\x2f\xb1"; - - SetKey; -} - -static int test_bad_key(void) { - RSA *key = RSA_new(); - BIGNUM e; - - BN_init(&e); - BN_set_word(&e, RSA_F4); - - if (!RSA_generate_key_ex(key, 512, &e, NULL)) { - fprintf(stderr, "RSA_generate_key_ex failed.\n"); - ERR_print_errors_fp(stderr); - return 0; - } - - if (!BN_add(key->p, key->p, BN_value_one())) { - fprintf(stderr, "BN error.\n"); - ERR_print_errors_fp(stderr); - return 0; - } - - if (RSA_check_key(key)) { - fprintf(stderr, "RSA_check_key passed with invalid key!\n"); - return 0; - } - - ERR_clear_error(); - BN_free(&e); - RSA_free(key); - return 1; -} - -static int test_only_d_given(void) { - RSA *key = RSA_new(); - uint8_t buf[64]; - unsigned buf_len = sizeof(buf); - const uint8_t kDummyHash[16] = {0}; - int ret = 0; - - if (!BN_hex2bn(&key->n, - "00e77bbf3889d4ef36a9a25d4d69f3f632eb4362214c74517da6d6aeaa9bd" - "09ac42b26621cd88f3a6eb013772fc3bf9f83914b6467231c630202c35b3e" - "5808c659") || - !BN_hex2bn(&key->e, "010001") || - !BN_hex2bn(&key->d, - "0365db9eb6d73b53b015c40cd8db4de7dd7035c68b5ac1bf786d7a4ee2cea" - "316eaeca21a73ac365e58713195f2ae9849348525ca855386b6d028e437a9" - "495a01") || - RSA_size(key) > sizeof(buf)) { - goto err; - } - - if (!RSA_check_key(key)) { - fprintf(stderr, "RSA_check_key failed with only d given.\n"); - ERR_print_errors_fp(stderr); - goto err; - } - - if (!RSA_sign(NID_sha256, kDummyHash, sizeof(kDummyHash), buf, &buf_len, - key)) { - fprintf(stderr, "RSA_sign failed with only d given.\n"); - ERR_print_errors_fp(stderr); - goto err; - } - - if (!RSA_verify(NID_sha256, kDummyHash, sizeof(kDummyHash), buf, buf_len, - key)) { - fprintf(stderr, "RSA_verify failed with only d given.\n"); - ERR_print_errors_fp(stderr); - goto err; - } - - ret = 1; - -err: - RSA_free(key); - return ret; -} - -static int test_recover_crt_params(void) { - RSA *key1, *key2; - BIGNUM *e = BN_new(); - uint8_t buf[128]; - unsigned buf_len = sizeof(buf); - const uint8_t kDummyHash[16] = {0}; - unsigned i; - - BN_set_word(e, RSA_F4); - - ERR_clear_error(); - - for (i = 0; i < 1; i++) { - key1 = RSA_new(); - if (!RSA_generate_key_ex(key1, 512, e, NULL)) { - fprintf(stderr, "RSA_generate_key_ex failed.\n"); - ERR_print_errors_fp(stderr); - return 0; - } - - if (!RSA_check_key(key1)) { - fprintf(stderr, "RSA_check_key failed with original key.\n"); - ERR_print_errors_fp(stderr); - return 0; - } - - key2 = RSA_new(); - key2->n = BN_dup(key1->n); - key2->e = BN_dup(key1->e); - key2->d = BN_dup(key1->d); - RSA_free(key1); - - if (!RSA_recover_crt_params(key2)) { - fprintf(stderr, "RSA_recover_crt_params failed.\n"); - ERR_print_errors_fp(stderr); - return 0; - } - - if (RSA_size(key2) > buf_len) { - return 0; - } - - if (!RSA_check_key(key2)) { - fprintf(stderr, "RSA_check_key failed with recovered key.\n"); - ERR_print_errors_fp(stderr); - return 0; - } - - if (!RSA_sign(NID_sha256, kDummyHash, sizeof(kDummyHash), buf, &buf_len, - key2)) { - fprintf(stderr, "RSA_sign failed with recovered key.\n"); - ERR_print_errors_fp(stderr); - return 0; - } - - if (!RSA_verify(NID_sha256, kDummyHash, sizeof(kDummyHash), buf, buf_len, - key2)) { - fprintf(stderr, "RSA_verify failed with recovered key.\n"); - ERR_print_errors_fp(stderr); - return 0; - } - - RSA_free(key2); - } - - BN_free(e); - return 1; -} - -int main(int argc, char *argv[]) { - int err = 0; - int v; - RSA *key; - unsigned char ptext[256]; - unsigned char ctext[256]; - static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a"; - unsigned char ctext_ex[256]; - int plen; - int clen = 0; - int num; - int n; - - CRYPTO_library_init(); - - plen = sizeof(ptext_ex) - 1; - - for (v = 0; v < 3; v++) { - key = RSA_new(); - switch (v) { - case 0: - clen = key1(key, ctext_ex); - break; - case 1: - clen = key2(key, ctext_ex); - break; - case 2: - clen = key3(key, ctext_ex); - break; - default: - abort(); - } - - if (!RSA_check_key(key)) { - printf("%d: RSA_check_key failed\n", v); - err = 1; - goto oaep; - } - - num = RSA_public_encrypt(plen, ptext_ex, ctext, key, RSA_PKCS1_PADDING); - if (num != clen) { - printf("PKCS#1 v1.5 encryption failed!\n"); - err = 1; - goto oaep; - } - - num = RSA_private_decrypt(num, ctext, ptext, key, RSA_PKCS1_PADDING); - if (num != plen || memcmp(ptext, ptext_ex, num) != 0) { - printf("PKCS#1 v1.5 decryption failed!\n"); - err = 1; - } else { - printf("PKCS #1 v1.5 encryption/decryption ok\n"); - } - - oaep: - ERR_clear_error(); - num = - RSA_public_encrypt(plen, ptext_ex, ctext, key, RSA_PKCS1_OAEP_PADDING); - if (num == -1) { - printf("No OAEP support\n"); - goto next; - } - if (num != clen) { - printf("OAEP encryption failed!\n"); - err = 1; - goto next; - } - - num = RSA_private_decrypt(num, ctext, ptext, key, RSA_PKCS1_OAEP_PADDING); - if (num != plen || memcmp(ptext, ptext_ex, num) != 0) { - printf("OAEP decryption (encrypted data) failed!\n"); - err = 1; - } else if (memcmp(ctext, ctext_ex, num) == 0) { - printf("OAEP test vector %d passed!\n", v); - } - - /* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT). - Try decrypting ctext_ex */ - - num = - RSA_private_decrypt(clen, ctext_ex, ptext, key, RSA_PKCS1_OAEP_PADDING); - - if (num != plen || memcmp(ptext, ptext_ex, num) != 0) { - printf("OAEP decryption (test vector data) failed!\n"); - err = 1; - } else { - printf("OAEP encryption/decryption ok\n"); - } - - /* Try decrypting corrupted ciphertexts */ - for (n = 0; n < clen; ++n) { - int b; - unsigned char saved = ctext[n]; - for (b = 0; b < 256; ++b) { - if (b == saved) { - continue; - } - ctext[n] = b; - num = - RSA_private_decrypt(num, ctext, ptext, key, RSA_PKCS1_OAEP_PADDING); - if (num > 0) { - printf("Corrupt data decrypted!\n"); - err = 1; - } - } - } - - next: - RSA_free(key); - } - - if (err != 0 || - !test_only_d_given() || - !test_recover_crt_params() || - !test_bad_key()) { - err = 1; - } - - if (err == 0) { - printf("PASS\n"); - } - return err; -} diff --git a/src/crypto/rsa/rsa_test.cc b/src/crypto/rsa/rsa_test.cc new file mode 100644 index 0000000..d52b78b --- /dev/null +++ b/src/crypto/rsa/rsa_test.cc @@ -0,0 +1,869 @@ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ + +#include + +#include +#include + +#include +#include +#include +#include +#include + +#include "../test/scoped_types.h" + + +// kPlaintext is a sample plaintext. +static const uint8_t kPlaintext[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a"; +static const size_t kPlaintextLen = sizeof(kPlaintext) - 1; + +// kKey1 is a DER-encoded RSAPrivateKey. +static const uint8_t kKey1[] = + "\x30\x82\x01\x38\x02\x01\x00\x02\x41\x00\xaa\x36\xab\xce\x88\xac\xfd\xff" + "\x55\x52\x3c\x7f\xc4\x52\x3f\x90\xef\xa0\x0d\xf3\x77\x4a\x25\x9f\x2e\x62" + "\xb4\xc5\xd9\x9c\xb5\xad\xb3\x00\xa0\x28\x5e\x53\x01\x93\x0e\x0c\x70\xfb" + "\x68\x76\x93\x9c\xe6\x16\xce\x62\x4a\x11\xe0\x08\x6d\x34\x1e\xbc\xac\xa0" + "\xa1\xf5\x02\x01\x11\x02\x40\x0a\x03\x37\x48\x62\x64\x87\x69\x5f\x5f\x30" + "\xbc\x38\xb9\x8b\x44\xc2\xcd\x2d\xff\x43\x40\x98\xcd\x20\xd8\xa1\x38\xd0" + "\x90\xbf\x64\x79\x7c\x3f\xa7\xa2\xcd\xcb\x3c\xd1\xe0\xbd\xba\x26\x54\xb4" + "\xf9\xdf\x8e\x8a\xe5\x9d\x73\x3d\x9f\x33\xb3\x01\x62\x4a\xfd\x1d\x51\x02" + "\x21\x00\xd8\x40\xb4\x16\x66\xb4\x2e\x92\xea\x0d\xa3\xb4\x32\x04\xb5\xcf" + "\xce\x33\x52\x52\x4d\x04\x16\xa5\xa4\x41\xe7\x00\xaf\x46\x12\x0d\x02\x21" + "\x00\xc9\x7f\xb1\xf0\x27\xf4\x53\xf6\x34\x12\x33\xea\xaa\xd1\xd9\x35\x3f" + "\x6c\x42\xd0\x88\x66\xb1\xd0\x5a\x0f\x20\x35\x02\x8b\x9d\x89\x02\x20\x59" + "\x0b\x95\x72\xa2\xc2\xa9\xc4\x06\x05\x9d\xc2\xab\x2f\x1d\xaf\xeb\x7e\x8b" + "\x4f\x10\xa7\x54\x9e\x8e\xed\xf5\xb4\xfc\xe0\x9e\x05\x02\x21\x00\x8e\x3c" + "\x05\x21\xfe\x15\xe0\xea\x06\xa3\x6f\xf0\xf1\x0c\x99\x52\xc3\x5b\x7a\x75" + "\x14\xfd\x32\x38\xb8\x0a\xad\x52\x98\x62\x8d\x51\x02\x20\x36\x3f\xf7\x18" + "\x9d\xa8\xe9\x0b\x1d\x34\x1f\x71\xd0\x9b\x76\xa8\xa9\x43\xe1\x1d\x10\xb2" + "\x4d\x24\x9f\x2d\xea\xfe\xf8\x0c\x18\x26"; + +// kOAEPCiphertext1 is a sample encryption of |kPlaintext| with |kKey1| using +// RSA OAEP. +static const uint8_t kOAEPCiphertext1[] = + "\x1b\x8f\x05\xf9\xca\x1a\x79\x52\x6e\x53\xf3\xcc\x51\x4f\xdb\x89\x2b\xfb" + "\x91\x93\x23\x1e\x78\xb9\x92\xe6\x8d\x50\xa4\x80\xcb\x52\x33\x89\x5c\x74" + "\x95\x8d\x5d\x02\xab\x8c\x0f\xd0\x40\xeb\x58\x44\xb0\x05\xc3\x9e\xd8\x27" + "\x4a\x9d\xbf\xa8\x06\x71\x40\x94\x39\xd2"; + +// kKey2 is a DER-encoded RSAPrivateKey. +static const uint8_t kKey2[] = + "\x30\x81\xfb\x02\x01\x00\x02\x33\x00\xa3\x07\x9a\x90\xdf\x0d\xfd\x72\xac" + "\x09\x0c\xcc\x2a\x78\xb8\x74\x13\x13\x3e\x40\x75\x9c\x98\xfa\xf8\x20\x4f" + "\x35\x8a\x0b\x26\x3c\x67\x70\xe7\x83\xa9\x3b\x69\x71\xb7\x37\x79\xd2\x71" + "\x7b\xe8\x34\x77\xcf\x02\x01\x03\x02\x32\x6c\xaf\xbc\x60\x94\xb3\xfe\x4c" + "\x72\xb0\xb3\x32\xc6\xfb\x25\xa2\xb7\x62\x29\x80\x4e\x68\x65\xfc\xa4\x5a" + "\x74\xdf\x0f\x8f\xb8\x41\x3b\x52\xc0\xd0\xe5\x3d\x9b\x59\x0f\xf1\x9b\xe7" + "\x9f\x49\xdd\x21\xe5\xeb\x02\x1a\x00\xcf\x20\x35\x02\x8b\x9d\x86\x98\x40" + "\xb4\x16\x66\xb4\x2e\x92\xea\x0d\xa3\xb4\x32\x04\xb5\xcf\xce\x91\x02\x1a" + "\x00\xc9\x7f\xb1\xf0\x27\xf4\x53\xf6\x34\x12\x33\xea\xaa\xd1\xd9\x35\x3f" + "\x6c\x42\xd0\x88\x66\xb1\xd0\x5f\x02\x1a\x00\x8a\x15\x78\xac\x5d\x13\xaf" + "\x10\x2b\x22\xb9\x99\xcd\x74\x61\xf1\x5e\x6d\x22\xcc\x03\x23\xdf\xdf\x0b" + "\x02\x1a\x00\x86\x55\x21\x4a\xc5\x4d\x8d\x4e\xcd\x61\x77\xf1\xc7\x36\x90" + "\xce\x2a\x48\x2c\x8b\x05\x99\xcb\xe0\x3f\x02\x1a\x00\x83\xef\xef\xb8\xa9" + "\xa4\x0d\x1d\xb6\xed\x98\xad\x84\xed\x13\x35\xdc\xc1\x08\xf3\x22\xd0\x57" + "\xcf\x8d"; + +// kOAEPCiphertext2 is a sample encryption of |kPlaintext| with |kKey2| using +// RSA OAEP. +static const uint8_t kOAEPCiphertext2[] = + "\x14\xbd\xdd\x28\xc9\x83\x35\x19\x23\x80\xe8\xe5\x49\xb1\x58\x2a\x8b\x40" + "\xb4\x48\x6d\x03\xa6\xa5\x31\x1f\x1f\xd5\xf0\xa1\x80\xe4\x17\x53\x03\x29" + "\xa9\x34\x90\x74\xb1\x52\x13\x54\x29\x08\x24\x52\x62\x51"; + +// kKey3 is a DER-encoded RSAPrivateKey. +static const uint8_t kKey3[] = + "\x30\x82\x02\x5b\x02\x01\x00\x02\x81\x81\x00\xbb\xf8\x2f\x09\x06\x82\xce" + "\x9c\x23\x38\xac\x2b\x9d\xa8\x71\xf7\x36\x8d\x07\xee\xd4\x10\x43\xa4\x40" + "\xd6\xb6\xf0\x74\x54\xf5\x1f\xb8\xdf\xba\xaf\x03\x5c\x02\xab\x61\xea\x48" + "\xce\xeb\x6f\xcd\x48\x76\xed\x52\x0d\x60\xe1\xec\x46\x19\x71\x9d\x8a\x5b" + "\x8b\x80\x7f\xaf\xb8\xe0\xa3\xdf\xc7\x37\x72\x3e\xe6\xb4\xb7\xd9\x3a\x25" + "\x84\xee\x6a\x64\x9d\x06\x09\x53\x74\x88\x34\xb2\x45\x45\x98\x39\x4e\xe0" + "\xaa\xb1\x2d\x7b\x61\xa5\x1f\x52\x7a\x9a\x41\xf6\xc1\x68\x7f\xe2\x53\x72" + "\x98\xca\x2a\x8f\x59\x46\xf8\xe5\xfd\x09\x1d\xbd\xcb\x02\x01\x11\x02\x81" + "\x81\x00\xa5\xda\xfc\x53\x41\xfa\xf2\x89\xc4\xb9\x88\xdb\x30\xc1\xcd\xf8" + "\x3f\x31\x25\x1e\x06\x68\xb4\x27\x84\x81\x38\x01\x57\x96\x41\xb2\x94\x10" + "\xb3\xc7\x99\x8d\x6b\xc4\x65\x74\x5e\x5c\x39\x26\x69\xd6\x87\x0d\xa2\xc0" + "\x82\xa9\x39\xe3\x7f\xdc\xb8\x2e\xc9\x3e\xda\xc9\x7f\xf3\xad\x59\x50\xac" + "\xcf\xbc\x11\x1c\x76\xf1\xa9\x52\x94\x44\xe5\x6a\xaf\x68\xc5\x6c\x09\x2c" + "\xd3\x8d\xc3\xbe\xf5\xd2\x0a\x93\x99\x26\xed\x4f\x74\xa1\x3e\xdd\xfb\xe1" + "\xa1\xce\xcc\x48\x94\xaf\x94\x28\xc2\xb7\xb8\x88\x3f\xe4\x46\x3a\x4b\xc8" + "\x5b\x1c\xb3\xc1\x02\x41\x00\xee\xcf\xae\x81\xb1\xb9\xb3\xc9\x08\x81\x0b" + "\x10\xa1\xb5\x60\x01\x99\xeb\x9f\x44\xae\xf4\xfd\xa4\x93\xb8\x1a\x9e\x3d" + "\x84\xf6\x32\x12\x4e\xf0\x23\x6e\x5d\x1e\x3b\x7e\x28\xfa\xe7\xaa\x04\x0a" + "\x2d\x5b\x25\x21\x76\x45\x9d\x1f\x39\x75\x41\xba\x2a\x58\xfb\x65\x99\x02" + "\x41\x00\xc9\x7f\xb1\xf0\x27\xf4\x53\xf6\x34\x12\x33\xea\xaa\xd1\xd9\x35" + "\x3f\x6c\x42\xd0\x88\x66\xb1\xd0\x5a\x0f\x20\x35\x02\x8b\x9d\x86\x98\x40" + "\xb4\x16\x66\xb4\x2e\x92\xea\x0d\xa3\xb4\x32\x04\xb5\xcf\xce\x33\x52\x52" + "\x4d\x04\x16\xa5\xa4\x41\xe7\x00\xaf\x46\x15\x03\x02\x40\x54\x49\x4c\xa6" + "\x3e\xba\x03\x37\xe4\xe2\x40\x23\xfc\xd6\x9a\x5a\xeb\x07\xdd\xdc\x01\x83" + "\xa4\xd0\xac\x9b\x54\xb0\x51\xf2\xb1\x3e\xd9\x49\x09\x75\xea\xb7\x74\x14" + "\xff\x59\xc1\xf7\x69\x2e\x9a\x2e\x20\x2b\x38\xfc\x91\x0a\x47\x41\x74\xad" + "\xc9\x3c\x1f\x67\xc9\x81\x02\x40\x47\x1e\x02\x90\xff\x0a\xf0\x75\x03\x51" + "\xb7\xf8\x78\x86\x4c\xa9\x61\xad\xbd\x3a\x8a\x7e\x99\x1c\x5c\x05\x56\xa9" + "\x4c\x31\x46\xa7\xf9\x80\x3f\x8f\x6f\x8a\xe3\x42\xe9\x31\xfd\x8a\xe4\x7a" + "\x22\x0d\x1b\x99\xa4\x95\x84\x98\x07\xfe\x39\xf9\x24\x5a\x98\x36\xda\x3d" + "\x02\x41\x00\xb0\x6c\x4f\xda\xbb\x63\x01\x19\x8d\x26\x5b\xdb\xae\x94\x23" + "\xb3\x80\xf2\x71\xf7\x34\x53\x88\x50\x93\x07\x7f\xcd\x39\xe2\x11\x9f\xc9" + "\x86\x32\x15\x4f\x58\x83\xb1\x67\xa9\x67\xbf\x40\x2b\x4e\x9e\x2e\x0f\x96" + "\x56\xe6\x98\xea\x36\x66\xed\xfb\x25\x79\x80\x39\xf7"; + +// kOAEPCiphertext3 is a sample encryption of |kPlaintext| with |kKey3| using +// RSA OAEP. +static const uint8_t kOAEPCiphertext3[] = + "\xb8\x24\x6b\x56\xa6\xed\x58\x81\xae\xb5\x85\xd9\xa2\x5b\x2a\xd7\x90\xc4" + "\x17\xe0\x80\x68\x1b\xf1\xac\x2b\xc3\xde\xb6\x9d\x8b\xce\xf0\xc4\x36\x6f" + "\xec\x40\x0a\xf0\x52\xa7\x2e\x9b\x0e\xff\xb5\xb3\xf2\xf1\x92\xdb\xea\xca" + "\x03\xc1\x27\x40\x05\x71\x13\xbf\x1f\x06\x69\xac\x22\xe9\xf3\xa7\x85\x2e" + "\x3c\x15\xd9\x13\xca\xb0\xb8\x86\x3a\x95\xc9\x92\x94\xce\x86\x74\x21\x49" + "\x54\x61\x03\x46\xf4\xd4\x74\xb2\x6f\x7c\x48\xb4\x2e\xe6\x8e\x1f\x57\x2a" + "\x1f\xc4\x02\x6a\xc4\x56\xb4\xf5\x9f\x7b\x62\x1e\xa1\xb9\xd8\x8f\x64\x20" + "\x2f\xb1"; + +static const uint8_t kTwoPrimeKey[] = + "\x30\x82\x04\xa1\x02\x01\x00\x02\x82\x01\x01\x00\x93\x3a\x4f\xc9\x6a\x0a" + "\x6b\x28\x04\xfa\xb7\x05\x56\xdf\xa0\xaa\x4f\xaa\xab\x94\xa0\xa9\x25\xef" + "\xc5\x96\xd2\xd4\x66\x16\x62\x2c\x13\x7b\x91\xd0\x36\x0a\x10\x11\x6d\x7a" + "\x91\xb6\xe4\x74\x57\xc1\x3d\x7a\xbe\x24\x05\x3a\x04\x0b\x73\x91\x53\xb1" + "\x74\x10\xe1\x87\xdc\x91\x28\x9c\x1e\xe5\xf2\xb9\xfc\xa2\x48\x34\xb6\x78" + "\xed\x6d\x95\xfb\xf2\xc0\x4e\x1c\xa4\x15\x00\x3c\x8a\x68\x2b\xd6\xce\xd5" + "\xb3\x9f\x66\x02\xa7\x0d\x08\xa3\x23\x9b\xe5\x36\x96\x13\x22\xf9\x69\xa6" + "\x87\x88\x9b\x85\x3f\x83\x9c\xab\x1a\x1b\x6d\x8d\x16\xf4\x5e\xbd\xee\x4b" + "\x59\x56\xf8\x9d\x58\xcd\xd2\x83\x85\x59\x43\x84\x63\x4f\xe6\x1a\x86\x66" + "\x0d\xb5\xa0\x87\x89\xb6\x13\x82\x43\xda\x34\x92\x3b\x68\xc4\x95\x71\x2f" + "\x15\xc2\xe0\x43\x67\x3c\x08\x00\x36\x10\xc3\xb4\x46\x4c\x4e\x6e\xf5\x44" + "\xa9\x04\x44\x9d\xce\xc7\x05\x79\xee\x11\xcf\xaf\x2c\xd7\x9a\x32\xd3\xa5" + "\x30\xd4\x3a\x78\x43\x37\x74\x22\x90\x24\x04\x11\xd7\x95\x08\x52\xa4\x71" + "\x41\x68\x94\xb0\xa0\xc3\xec\x4e\xd2\xc4\x30\x71\x98\x64\x9c\xe3\x7c\x76" + "\xef\x33\xa3\x2b\xb1\x87\x63\xd2\x5c\x09\xfc\x90\x2d\x92\xf4\x57\x02\x01" + "\x03\x02\x82\x01\x00\x62\x26\xdf\xdb\x9c\x06\xf2\x1a\xad\xfc\x7a\x03\x8f" + "\x3f\xc0\x71\x8a\x71\xc7\xb8\x6b\x1b\x6e\x9f\xd9\x0f\x37\x38\x44\x0e\xec" + "\x1d\x62\x52\x61\x35\x79\x5c\x0a\xb6\x48\xfc\x61\x24\x98\x4d\x8f\xd6\x28" + "\xfc\x7e\xc2\xae\x26\xad\x5c\xf7\xb6\x37\xcb\xa2\xb5\xeb\xaf\xe8\x60\xc5" + "\xbd\x69\xee\xa1\xd1\x53\x16\xda\xcd\xce\xfb\x48\xf3\xb9\x52\xa1\xd5\x89" + "\x68\x6d\x63\x55\x7d\xb1\x9a\xc7\xe4\x89\xe3\xcd\x14\xee\xac\x6f\x5e\x05" + "\xc2\x17\xbd\x43\x79\xb9\x62\x17\x50\xf1\x19\xaf\xb0\x67\xae\x2a\x57\xbd" + "\xc7\x66\xbc\xf3\xb3\x64\xa1\xe3\x16\x74\x9e\xea\x02\x5c\xab\x94\xd8\x97" + "\x02\x42\x0c\x2c\xba\x54\xb9\xaf\xe0\x45\x93\xad\x7f\xb3\x10\x6a\x96\x50" + "\x4b\xaf\xcf\xc8\x27\x62\x2d\x83\xe9\x26\xc6\x94\xc1\xef\x5c\x8e\x06\x42" + "\x53\xe5\x56\xaf\xc2\x99\x01\xaa\x9a\x71\xbc\xe8\x21\x33\x2a\x2d\xa3\x36" + "\xac\x1b\x86\x19\xf8\xcd\x1f\x80\xa4\x26\x98\xb8\x9f\x62\x62\xd5\x1a\x7f" + "\xee\xdb\xdf\x81\xd3\x21\xdb\x33\x92\xee\xff\xe2\x2f\x32\x77\x73\x6a\x58" + "\xab\x21\xf3\xe3\xe1\xbc\x4f\x12\x72\xa6\xb5\xc2\xfb\x27\x9e\xc8\xca\xab" + "\x64\xa0\x87\x07\x9d\xef\xca\x0f\xdb\x02\x81\x81\x00\xe6\xd3\x4d\xc0\xa1" + "\x91\x0e\x62\xfd\xb0\xdd\xc6\x30\xb8\x8c\xcb\x14\xc1\x4b\x69\x30\xdd\xcd" + "\x86\x67\xcb\x37\x14\xc5\x03\xd2\xb4\x69\xab\x3d\xe5\x16\x81\x0f\xe5\x50" + "\xf4\x18\xb1\xec\xbc\x71\xe9\x80\x99\x06\xe4\xa3\xfe\x44\x84\x4a\x2d\x1e" + "\x07\x7f\x22\x70\x6d\x4f\xd4\x93\x0b\x8b\x99\xce\x1e\xab\xcd\x4c\xd2\xd3" + "\x10\x47\x5c\x09\x9f\x6d\x82\xc0\x08\x75\xe3\x3d\x83\xc2\x19\x50\x29\xec" + "\x1f\x84\x29\xcc\xf1\x56\xee\xbd\x54\x5d\xe6\x19\xdf\x0d\x1c\xa4\xbb\x0a" + "\xfe\x84\x44\x29\x1d\xf9\x5c\x80\x96\x5b\x24\xb4\xf7\x02\x1b\x02\x81\x81" + "\x00\xa3\x48\xf1\x9c\x58\xc2\x5f\x38\xfb\xd8\x12\x39\xf1\x8e\x73\xa1\xcf" + "\x78\x12\xe0\xed\x2a\xbb\xef\xac\x23\xb2\xbf\xd6\x0c\xe9\x6e\x1e\xab\xea" + "\x3f\x68\x36\xa7\x1f\xe5\xab\xe0\x86\xa5\x76\x32\x98\xdd\x75\xb5\x2b\xbc" + "\xcb\x8a\x03\x00\x7c\x2e\xca\xf8\xbc\x19\xe4\xe3\xa3\x31\xbd\x1d\x20\x2b" + "\x09\xad\x6f\x4c\xed\x48\xd4\xdf\x87\xf9\xf0\x46\xb9\x86\x4c\x4b\x71\xe7" + "\x48\x78\xdc\xed\xc7\x82\x02\x44\xd3\xa6\xb3\x10\x5f\x62\x81\xfc\xb8\xe4" + "\x0e\xf4\x1a\xdd\xab\x3f\xbc\x63\x79\x5b\x39\x69\x5e\xea\xa9\x15\xfe\x90" + "\xec\xda\x75\x02\x81\x81\x00\x99\xe2\x33\xd5\xc1\x0b\x5e\xec\xa9\x20\x93" + "\xd9\x75\xd0\x5d\xdc\xb8\x80\xdc\xf0\xcb\x3e\x89\x04\x45\x32\x24\xb8\x83" + "\x57\xe1\xcd\x9b\xc7\x7e\x98\xb9\xab\x5f\xee\x35\xf8\x10\x76\x9d\xd2\xf6" + "\x9b\xab\x10\xaf\x43\x17\xfe\xd8\x58\x31\x73\x69\x5a\x54\xc1\xa0\x48\xdf" + "\xe3\x0c\xb2\x5d\x11\x34\x14\x72\x88\xdd\xe1\xe2\x0a\xda\x3d\x5b\xbf\x9e" + "\x57\x2a\xb0\x4e\x97\x7e\x57\xd6\xbb\x8a\xc6\x9d\x6a\x58\x1b\xdd\xf6\x39" + "\xf4\x7e\x38\x3e\x99\x66\x94\xb3\x68\x6d\xd2\x07\x54\x58\x2d\x70\xbe\xa6" + "\x3d\xab\x0e\xe7\x6d\xcd\xfa\x01\x67\x02\x81\x80\x6c\xdb\x4b\xbd\x90\x81" + "\x94\xd0\xa7\xe5\x61\x7b\xf6\x5e\xf7\xc1\x34\xfa\xb7\x40\x9e\x1c\x7d\x4a" + "\x72\xc2\x77\x2a\x8e\xb3\x46\x49\x69\xc7\xf1\x7f\x9a\xcf\x1a\x15\x43\xc7" + "\xeb\x04\x6e\x4e\xcc\x65\xe8\xf9\x23\x72\x7d\xdd\x06\xac\xaa\xfd\x74\x87" + "\x50\x7d\x66\x98\x97\xc2\x21\x28\xbe\x15\x72\x06\x73\x9f\x88\x9e\x30\x8d" + "\xea\x5a\xa6\xa0\x2f\x26\x59\x88\x32\x4b\xef\x85\xa5\xe8\x9e\x85\x01\x56" + "\xd8\x8d\x19\xcc\xb5\x94\xec\x56\xa8\x7b\x42\xb4\xa2\xbc\x93\xc7\x7f\xd2" + "\xec\xfb\x92\x26\x46\x3f\x47\x1b\x63\xff\x0b\x48\x91\xa3\x02\x81\x80\x2c" + "\x4a\xb9\xa4\x46\x7b\xff\x50\x7e\xbf\x60\x47\x3b\x2b\x66\x82\xdc\x0e\x53" + "\x65\x71\xe9\xda\x2a\xb8\x32\x93\x42\xb7\xff\xea\x67\x66\xf1\xbc\x87\x28" + "\x65\x29\x79\xca\xab\x93\x56\xda\x95\xc1\x26\x44\x3d\x27\xc1\x91\xc6\x9b" + "\xd9\xec\x9d\xb7\x49\xe7\x16\xee\x99\x87\x50\x95\x81\xd4\x5c\x5b\x5a\x5d" + "\x0a\x43\xa5\xa7\x8f\x5a\x80\x49\xa0\xb7\x10\x85\xc7\xf4\x42\x34\x86\xb6" + "\x5f\x3f\x88\x9e\xc7\xf5\x59\x29\x39\x68\x48\xf2\xd7\x08\x5b\x92\x8e\x6b" + "\xea\xa5\x63\x5f\xc0\xfb\xe4\xe1\xb2\x7d\xb7\x40\xe9\x55\x06\xbf\x58\x25" + "\x6f"; + +static const uint8_t kTwoPrimeEncryptedMessage[] = { + 0x63, 0x0a, 0x30, 0x45, 0x43, 0x11, 0x45, 0xb7, 0x99, 0x67, 0x90, 0x35, + 0x37, 0x27, 0xff, 0xbc, 0xe0, 0xbf, 0xa6, 0xd1, 0x47, 0x50, 0xbb, 0x6c, + 0x1c, 0xaa, 0x66, 0xf2, 0xff, 0x9d, 0x9a, 0xa6, 0xb4, 0x16, 0x63, 0xb0, + 0xa1, 0x7c, 0x7c, 0x0c, 0xef, 0xb3, 0x66, 0x52, 0x42, 0xd7, 0x5e, 0xf3, + 0xa4, 0x15, 0x33, 0x40, 0x43, 0xe8, 0xb1, 0xfc, 0xe0, 0x42, 0x83, 0x46, + 0x28, 0xce, 0xde, 0x7b, 0x01, 0xeb, 0x28, 0x92, 0x70, 0xdf, 0x8d, 0x54, + 0x9e, 0xed, 0x23, 0xb4, 0x78, 0xc3, 0xca, 0x85, 0x53, 0x48, 0xd6, 0x8a, + 0x87, 0xf7, 0x69, 0xcd, 0x82, 0x8c, 0x4f, 0x5c, 0x05, 0x55, 0xa6, 0x78, + 0x89, 0xab, 0x4c, 0xd8, 0xa9, 0xd6, 0xa5, 0xf4, 0x29, 0x4c, 0x23, 0xc8, + 0xcf, 0xf0, 0x4c, 0x64, 0x6b, 0x4e, 0x02, 0x17, 0x69, 0xd6, 0x47, 0x83, + 0x30, 0x43, 0x02, 0x29, 0xda, 0xda, 0x75, 0x3b, 0xd7, 0xa7, 0x2b, 0x31, + 0xb3, 0xe9, 0x71, 0xa4, 0x41, 0xf7, 0x26, 0x9b, 0xcd, 0x23, 0xfa, 0x45, + 0x3c, 0x9b, 0x7d, 0x28, 0xf7, 0xf9, 0x67, 0x04, 0xba, 0xfc, 0x46, 0x75, + 0x11, 0x3c, 0xd5, 0x27, 0x43, 0x53, 0xb1, 0xb6, 0x9e, 0x18, 0xeb, 0x11, + 0xb4, 0x25, 0x20, 0x30, 0x0b, 0xe0, 0x1c, 0x17, 0x36, 0x22, 0x10, 0x0f, + 0x99, 0xb5, 0x50, 0x14, 0x73, 0x07, 0xf0, 0x2f, 0x5d, 0x4c, 0xe3, 0xf2, + 0x86, 0xc2, 0x05, 0xc8, 0x38, 0xed, 0xeb, 0x2a, 0x4a, 0xab, 0x76, 0xe3, + 0x1a, 0x75, 0x44, 0xf7, 0x6e, 0x94, 0xdc, 0x25, 0x62, 0x7e, 0x31, 0xca, + 0xc2, 0x73, 0x51, 0xb5, 0x03, 0xfb, 0xf9, 0xf6, 0xb5, 0x8d, 0x4e, 0x6c, + 0x21, 0x0e, 0xf9, 0x97, 0x26, 0x57, 0xf3, 0x52, 0x72, 0x07, 0xf8, 0xb4, + 0xcd, 0xb4, 0x39, 0xcf, 0xbf, 0x78, 0xcc, 0xb6, 0x87, 0xf9, 0xb7, 0x8b, + 0x6a, 0xce, 0x9f, 0xc8, +}; + +static const uint8_t kThreePrimeKey[] = + "\x30\x82\x04\xd7\x02\x01\x01\x02\x82\x01\x00\x62\x91\xe9\xea\xb3\x5d\x6c" + "\x29\xae\x21\x83\xbb\xb5\x82\xb1\x9e\xea\xe0\x64\x5b\x1e\x2f\x5e\x2c\x0a" + "\x80\x3d\x29\xd4\xfa\x9a\xe7\x44\xe6\x21\xbd\x98\xc0\x3d\xe0\x53\x59\xae" + "\xd3\x3e\xfe\xc4\xc2\xc4\x5a\x5a\x89\x07\xf4\x4f\xdc\xb0\x6a\xd4\x3e\x99" + "\x7d\x7a\x97\x26\x4e\xe1\x93\xca\x6e\xed\x07\xfc\xb4\xfa\x95\x1e\x73\x7b" + "\x86\x08\x6a\xb9\xd4\x29\xb0\x7e\x59\xb7\x9d\x7b\xeb\x67\x6e\xf0\xbb\x5e" + "\xcf\xb9\xcd\x58\x93\xf0\xe7\x88\x17\x6c\x0d\x76\x1e\xb9\x27\x9a\x4d\x02" + "\x16\xb6\x49\x6d\xa7\x83\x23\x4d\x02\x48\x0c\x0c\x1f\x0e\x85\x21\xe3\x06" + "\x76\x0a\x73\xe6\xc1\x21\xfa\x30\x18\x78\x29\x5c\x31\xd0\x29\xae\x6f\x7d" + "\x87\xd8\x2f\x16\xfa\xbc\x67\x8a\x94\x71\x59\x9b\xec\x22\x40\x55\x9f\xc2" + "\x94\xb5\xbd\x78\x01\xc9\xef\x18\xc8\x6d\x0d\xdc\x53\x42\xb2\x5c\xab\x65" + "\x05\xbd\x35\x08\x85\x1b\xf8\xe9\x47\xbc\xfe\xc5\xae\x47\x29\x63\x44\x8e" + "\x4d\xb7\x47\xab\x0d\xd8\x76\x68\x4f\xc7\x07\x02\xe4\x86\xb0\xcf\xd8\x19" + "\xad\xf4\x85\x76\x8b\x3b\x4e\x40\x8d\x29\x7a\x8a\x07\x36\xf3\x78\xae\x17" + "\xa6\x8f\x53\x58\x65\x4c\x86\x9e\xd7\x8b\xec\x38\x4f\x99\xc7\x02\x01\x03" + "\x02\x82\x01\x00\x41\xb6\x9b\xf1\xcc\xe8\xf2\xc6\x74\x16\x57\xd2\x79\x01" + "\xcb\xbf\x47\x40\x42\xe7\x69\x74\xe9\x72\xb1\xaa\xd3\x71\x38\xa7\x11\xef" + "\x83\x44\x16\x7e\x65\xd5\x7e\x95\x8c\xe6\x74\x8c\xd4\xa9\xd8\x81\xd8\x3c" + "\x3c\x5b\x5a\xa2\xdf\xe8\x75\x9c\x8d\x7f\x10\xfe\x51\xba\x19\x89\xeb\xb7" + "\xdc\x49\xf3\x5a\xa8\x78\xa7\x0e\x14\x4c\xfd\x04\x05\x9c\x7b\xe2\xc5\xa3" + "\x04\xee\xd9\x4c\xfd\x7d\x47\xb0\x0d\x9b\x3d\x70\x91\x81\x2c\xab\x2b\x87" + "\xad\x11\x68\x24\xfc\x2b\xd4\xee\x5e\x28\xeb\x6d\xab\xde\x0f\x77\x15\x58" + "\x76\x39\xc9\x59\x3a\x7f\x19\x9d\xc6\x7e\x86\xe4\xd5\x38\x70\x9e\xae\xb9" + "\xfb\x33\x33\xd1\x0c\x2d\xab\x01\x20\xe1\x8b\x29\x99\xd3\xeb\x87\x05\x72" + "\xaa\x43\x58\x64\x8e\x9e\x31\xdb\x45\x9b\x2b\xac\x58\x80\x5d\x33\xa2\x43" + "\x05\x96\xcc\xca\x2d\x04\x5f\xd6\xb7\x3d\x8b\x8f\x2d\xa3\xa5\xf8\x73\xf5" + "\xd7\xc0\x19\xff\x10\xe6\xee\x3a\x26\x2f\xe1\x64\x3d\x11\xcd\x2d\xe4\x0a" + "\x84\x27\xe3\xcb\x16\x62\x19\xe7\xe3\x0d\x13\xe8\x09\x5a\x53\xd0\x20\x56" + "\x15\xf5\xb3\x67\xac\xa1\xb5\x94\x6b\xab\xdc\x71\xc7\xbf\x0a\xde\x76\xf5" + "\x03\xa0\x30\xd8\x27\x9d\x00\x2b\x02\x57\x00\xf1\x4f\xc2\x86\x13\x06\x17" + "\xf7\x69\x7e\x37\xdf\x67\xc5\x32\xa0\x74\x1c\x32\x69\x0f\x9f\x08\x88\x24" + "\xb1\x51\xbc\xbc\x92\xba\x73\x1f\x9c\x75\xc2\x14\x6d\x4f\xc4\x5a\xcf\xda" + "\x44\x35\x00\x6b\x42\x3b\x9f\x14\xf1\x05\xb3\x51\x22\xb6\xbe\x9c\xe0\xc1" + "\x5c\x48\x61\xdf\x4e\x4c\x72\xb8\x05\x35\x7c\xac\xf1\xbb\xa0\x3b\x2a\xea" + "\xf7\x86\xe9\xd2\xff\x1e\x1d\x02\x56\x00\xca\xb1\x39\xf6\xa2\xc6\x3b\x65" + "\x45\x2f\x39\x00\xcd\x6e\xd6\x55\xf7\x71\x37\x89\xc2\xe7\x7a\xc0\x1a\xa6" + "\x2f\xea\x17\x7c\xaa\x2a\x91\x8f\xd4\xc7\x50\x8b\xab\x8e\x99\x3b\x33\x91" + "\xbc\x02\x10\x58\x4b\x58\x40\x9b\xc4\x8f\x48\x2b\xa7\x44\xfd\x07\x04\xf0" + "\x98\x67\x56\xea\x25\x92\x8b\x2e\x4b\x4a\xa1\xd3\xc2\xa4\xb4\x9b\x59\x70" + "\x32\xa6\xd8\x8b\xd9\x02\x57\x00\xa0\xdf\xd7\x04\x0c\xae\xba\xa4\xf0\xfe" + "\xcf\xea\x45\x2e\x21\xc0\x4d\x68\x21\x9b\x5f\xbf\x5b\x05\x6d\xcb\x8b\xd3" + "\x28\x61\xd1\xa2\x15\x12\xf9\x2c\x0d\x9e\x35\x2d\x91\xdf\xe6\xd8\x23\x55" + "\x9c\xd6\xd2\x6a\x0d\xf6\x03\xcc\xe0\xc1\xcf\x29\xbd\xeb\x2b\x92\xda\xeb" + "\xea\x34\x32\xf7\x25\x58\xce\x53\x1d\xf6\x7d\x15\x7c\xc7\x47\x4f\xaf\x46" + "\x8c\xaa\x14\x13\x02\x56\x00\x87\x20\xd1\x4f\x17\x2e\xd2\x43\x83\x74\xd0" + "\xab\x33\x9f\x39\x8e\xa4\xf6\x25\x06\x81\xef\xa7\x2a\xbc\x6e\xca\x9c\x0f" + "\xa8\x71\x71\xb6\x5f\xe3\x2f\x8b\x07\xc7\xb4\x66\x27\x77\xb6\x7d\x56\xb5" + "\x90\x32\x3a\xd5\xbd\x2d\xb4\xda\xc7\xc4\xd8\xa8\xaf\x58\xa0\x65\x9a\x39" + "\xf1\x6e\x61\xb2\x1e\xdc\xdc\x6b\xe2\x81\xc3\x23\x12\x3b\xa0\x21\xc4\x90" + "\x5d\x3b\x02\x57\x00\xe6\x8a\xaa\xb8\x6d\x2c\x81\x43\xb5\xd6\xa0\x2b\x42" + "\x49\xa9\x0a\x51\xfa\x18\xc8\x32\xea\x54\x18\xf3\x60\xc2\xb5\x4a\x43\x05" + "\x93\x9c\x01\xd9\x28\xed\x73\xfa\x82\xbc\x12\x64\xcb\xc4\x24\xa9\x3e\xae" + "\x7c\x4b\x8f\x94\x57\x7b\x14\x10\x41\xdc\x62\x12\x8c\xb2\x4a\x7c\xf6\x53" + "\xd4\xc6\xe4\xda\xd1\xa2\x00\x0e\x3d\x30\xf7\x05\x4f\x1d\x82\xbc\x52\xd9" + "\xb1\x30\x82\x01\x0a\x30\x82\x01\x06\x02\x56\x00\x84\x12\x4f\xf7\x3b\x65" + "\x53\x34\x6c\x6c\x4d\x77\xdf\xfd\x1f\xb6\x16\xe2\x25\x15\xca\xc9\xc1\x41" + "\x9a\x50\xda\xeb\x88\x4f\x3d\xb3\x01\x00\x44\xc4\xac\xe7\x14\x62\xa6\x56" + "\xde\xc5\xb7\xc3\x1d\x07\xbd\x7d\x64\xc5\x7e\x45\x25\x56\xed\x7a\xd2\x14" + "\xdb\x4e\x27\xd4\x1f\xf8\x94\xa7\xef\x07\xce\xdb\x24\xb7\xdd\x71\x5c\x63" + "\xc9\x33\xfe\xde\x40\x52\xeb\x02\x55\x58\x0c\x35\x4f\x7c\xee\x37\x78\x48" + "\x48\x33\xa5\x3f\xfe\x15\x24\x0f\x41\x6e\x0e\x87\x31\x2b\x81\x11\x8b\x3c" + "\x9d\x05\x8a\x29\x22\x00\xaa\xd8\x83\x1d\xef\x62\xec\x6e\xe4\x94\x83\xcf" + "\xd7\x68\xaf\xd3\xa8\xed\xd8\xfe\xd8\xc3\x8f\x48\xfc\x8c\x0d\xe7\x89\x6f" + "\xe2\xbf\xfb\x0d\xc5\x4a\x05\x34\x92\x18\x7a\x93\xa0\xe8\x42\x86\x22\xa9" + "\xe9\x80\x37\x47\x02\x55\x60\x76\xab\xde\x2b\xf5\xa2\x2c\xaa\x0c\x99\x81" + "\xee\x72\x2c\x7d\x22\x59\x2a\x35\xea\x50\x4e\x47\x6b\x92\x2d\x30\xa1\x01" + "\xa5\x9e\x26\x6e\x27\xca\xf5\xf2\x87\x5d\x31\xaf\xe9\x32\xcd\x10\xfd\x4d" + "\xdb\xf9\x86\x05\x12\x1b\x01\x84\x55\x97\x5f\xe2\x78\x27\xd9\xe4\x26\x7d" + "\xab\x0e\xe0\x1b\x6f\xcb\x4b\x14\xdd\xdc\xdc\x8b\xe8\x9f\xd0\x62\x96\xca" + "\xcf"; + +static const uint8_t kThreePrimeEncryptedMessage[] = { + 0x58, 0xd9, 0xea, 0x8a, 0xf6, 0x3d, 0xb4, 0xd9, 0xf7, 0xbb, 0x02, 0xc5, + 0x58, 0xd2, 0xa9, 0x46, 0x80, 0x70, 0x70, 0x16, 0x07, 0x64, 0x32, 0x4c, + 0x4e, 0x92, 0x61, 0xb7, 0xff, 0x92, 0xdc, 0xfc, 0xf8, 0xf0, 0x2c, 0x84, + 0x56, 0xbc, 0xe5, 0x93, 0x76, 0xe5, 0xa3, 0x72, 0x98, 0xf2, 0xdf, 0xef, + 0x99, 0x53, 0xf6, 0xd8, 0x4b, 0x09, 0xac, 0xa9, 0xa3, 0xdb, 0x63, 0xa1, + 0xb5, 0x09, 0x8e, 0x40, 0x84, 0x8f, 0x4d, 0xd5, 0x1d, 0xac, 0x6c, 0xaa, + 0x6b, 0x15, 0xe7, 0xb1, 0x0c, 0x67, 0xd2, 0xb2, 0x81, 0x58, 0x30, 0x0e, + 0x18, 0x27, 0xa1, 0x9b, 0x96, 0xad, 0xae, 0x76, 0x1a, 0x32, 0xf7, 0x10, + 0x0b, 0x53, 0x85, 0x31, 0xd6, 0x2a, 0xf6, 0x1c, 0x9f, 0xc2, 0xc7, 0xb1, + 0x05, 0x63, 0x0b, 0xa5, 0x07, 0x1f, 0x1c, 0x01, 0xf0, 0xe0, 0x06, 0xea, + 0x20, 0x69, 0x41, 0x19, 0x57, 0x92, 0x17, 0xf7, 0x0c, 0x5c, 0x66, 0x75, + 0x0e, 0xe5, 0xb3, 0xf1, 0x67, 0x3b, 0x27, 0x47, 0xb2, 0x8e, 0x1c, 0xb6, + 0x3f, 0xdd, 0x76, 0x42, 0x31, 0x13, 0x68, 0x96, 0xdf, 0x3b, 0xd4, 0x87, + 0xd9, 0x16, 0x44, 0x71, 0x52, 0x2e, 0x54, 0x3e, 0x09, 0xcd, 0x71, 0xc1, + 0x1e, 0x5e, 0x96, 0x13, 0xc9, 0x1e, 0xa4, 0xe6, 0xe6, 0x97, 0x2c, 0x6b, + 0xf2, 0xa9, 0x5c, 0xc6, 0x60, 0x2a, 0xbc, 0x82, 0xf8, 0xcb, 0xd4, 0xd7, + 0xea, 0x8a, 0xa1, 0x8a, 0xd9, 0xa5, 0x14, 0x8b, 0x9e, 0xf9, 0x25, 0x02, + 0xd2, 0xab, 0x0c, 0x42, 0xca, 0x2d, 0x45, 0xa3, 0x56, 0x5e, 0xa2, 0x2a, + 0xc8, 0x60, 0xa5, 0x87, 0x5d, 0x85, 0x5c, 0xde, 0xc7, 0xa2, 0x47, 0xc3, + 0x99, 0x29, 0x23, 0x79, 0x36, 0x88, 0xad, 0x40, 0x3e, 0x27, 0x7d, 0xf0, + 0xb6, 0xfa, 0x95, 0x20, 0x3c, 0xec, 0xfc, 0x56, 0x3b, 0x20, 0x91, 0xee, + 0x98, 0x10, 0x2c, 0x82, +}; + +static const uint8_t kSixPrimeKey[] = + "\x30\x82\x05\x20\x02\x01\x01\x02\x82\x01\x00\x1c\x04\x39\x44\xb9\xb8\x71" + "\x1c\x1c\xf7\xdc\x11\x1b\x85\x3b\x2b\xe8\xa6\xeb\xeb\xe9\xb6\x86\x97\x73" + "\x5d\x75\x46\xd1\x35\x25\xf8\x30\x9a\xc3\x57\x44\x89\xa6\x44\x59\xe3\x3a" + "\x60\xb5\x33\x84\x72\xa4\x03\xc5\x1a\x20\x98\x70\xbd\xe8\x3b\xc1\x9b\x8a" + "\x3a\x24\x45\xb6\x6a\x73\xb4\xd0\x6c\x18\xc6\xa7\x94\xd3\x24\x70\xf0\x2d" + "\x0c\xa5\xb2\x3b\xc5\x33\x90\x9d\x56\x8d\x33\xf6\x93\x7d\xa7\x95\x88\x05" + "\xdf\xf5\x65\x58\xb9\x5b\xd3\x07\x9c\x16\x8e\x74\xfc\xb8\x76\xaf\x62\x99" + "\x6c\xd4\xc5\xb3\x69\xe5\x64\xdf\x38\x00\x25\x24\xe9\xb1\x4a\x85\xa6\xf4" + "\xb6\x23\x68\x67\x4a\x2c\xbd\x9d\x01\x3b\x04\x8c\x70\x94\x82\x76\x45\x0c" + "\x8b\x95\x8a\x07\x1c\x32\xe7\x09\x97\x3a\xfd\xca\x57\xe9\x57\x0c\xae\x2b" + "\xa3\x25\xd1\xf2\x0d\x34\xa1\xe6\x2f\x7b\x1b\x36\x53\x83\x95\xb9\x26\x6e" + "\x4f\x36\x26\xf8\x47\xae\xdf\xe8\x4d\xf6\xb2\xff\x03\x23\x74\xfa\xa5\x6d" + "\xcb\xcb\x80\x12\xc3\x77\xf0\x19\xb7\xf2\x6b\x19\x5c\xde\x0a\xd7\xee\x8c" + "\x48\x2f\x50\x24\xa5\x2e\xcc\x2a\xed\xc2\x35\xe0\x3d\x29\x31\x17\xd6\x8f" + "\x44\xaa\x5b\x33\xbd\xb4\x88\x87\xd9\x29\x3f\x94\xe7\x75\xe3\x02\x01\x03" + "\x02\x82\x01\x00\x12\xad\x7b\x83\x26\x7a\xf6\x12\xbd\xfa\x92\xb6\x12\x58" + "\xd2\x1d\x45\xc4\x9d\x47\xf1\x24\x59\xba\x4c\xe8\xf8\xd9\xe0\xce\x19\x50" + "\x20\x67\x2c\xe4\xd8\x5b\xc4\x2d\x91\x41\xeb\x05\x4f\xf4\xb4\x20\xc7\xbc" + "\xd6\xe2\x5c\xa0\x27\xcf\xb8\xb3\x3b\x5c\xeb\x5e\x96\xb7\x99\x4b\x8a\xc3" + "\x70\xaf\x7f\xd8\x5f\xeb\xcb\x1a\x79\x44\x68\x97\x84\xd8\x29\x87\x64\xba" + "\x18\x2e\x95\x66\x1a\x7d\xd9\x35\x3a\x5c\x92\x7a\x81\x1b\x6c\xa9\xf8\xfa" + "\x05\x23\x18\x5b\xb2\xf8\x77\x1c\xc5\x1b\x7d\x26\x5f\x48\x69\x1b\xc4\x34" + "\xef\x6e\xa1\x15\xd2\xb2\xac\xb8\xa8\xed\x1e\xee\xdc\xb5\xb9\x5c\x79\x25" + "\x48\xbb\xe5\x9d\xd8\xe5\xe2\x94\xdf\xd5\x32\x22\x84\xbf\xc2\xaa\xa4\x54" + "\xbb\x29\xdb\x13\x4a\x28\x3d\x83\x3a\xff\xa3\xae\x38\x08\xfc\x36\x84\x91" + "\x30\xd1\xfd\x82\x64\xf1\x0f\xae\xba\xd7\x9a\x43\x58\x03\x5e\x5f\x01\xcb" + "\x8b\x90\x8d\x77\x34\x6f\x37\x40\xb6\x6d\x22\x23\x90\xb2\xfd\x32\xb5\x96" + "\x45\xbf\xae\x8c\xc4\x62\x03\x6c\x68\x90\x59\x31\x1a\xcb\xfb\xa4\x0b\x94" + "\x15\x13\xda\x1a\x8d\xa7\x0b\x34\x62\x93\xea\xbe\x6e\x71\xc2\x1d\xc8\x9d" + "\xac\x66\xcc\x31\x87\xff\x99\xab\x02\x2c\x00\xa5\x57\x41\x66\x87\x68\x02" + "\x6a\xdf\x97\xb0\xfe\x6b\x34\xc4\x33\x88\x2b\xce\x82\xaf\x2d\x33\x5a\xad" + "\x75\x2d\xac\xa5\xd6\x3a\x2d\x65\x43\x68\xfb\x44\x9e\xb8\x25\x05\xed\x97" + "\x02\x2c\x00\xd2\x77\x34\x24\xac\x60\x9a\xc4\x68\x34\xe5\x6a\xa3\xdc\xe2" + "\xb0\x58\x5c\x35\x83\x5a\xc7\xa7\xc1\x0b\x7e\x9e\xa5\x85\x32\x47\x93\x22" + "\xee\xb6\x59\xe9\xe3\x61\x94\xd0\x0e\xcb\x02\x2b\x6e\x3a\x2b\x99\xaf\x9a" + "\xac\x47\x3f\xba\x75\xfe\xf2\x23\x2d\x77\xb0\x1d\x34\x57\x1f\x73\x77\x91" + "\xc8\xf8\xc9\x1d\xc3\xe4\x26\xc8\xee\x2c\xf0\xa7\x83\x14\x7a\xc3\x59\x49" + "\x0f\x02\x2c\x00\x8c\x4f\x78\x18\x72\xeb\x11\xd8\x45\x78\x98\xf1\xc2\x93" + "\x41\xca\xe5\x92\xce\x57\x91\xda\x6f\xd6\x07\xa9\xbf\x19\x03\x76\xda\x62" + "\x17\x49\xce\xe6\x9b\xec\xeb\xb8\x8a\xb4\x87\x02\x2c\x00\xa3\xc2\x29\xa6" + "\xa7\xe1\x3c\xe9\xcf\x0f\x50\x51\x1c\xcc\xc8\x5b\x08\x9c\x97\x24\x3a\x86" + "\x23\xa8\x0b\xbb\x54\xa6\xb9\x70\x3d\x1d\xd0\x1b\xa3\xac\xd9\xb2\x03\x80" + "\xd7\x67\xec\x30\x82\x02\x29\x30\x81\x88\x02\x2c\x00\x97\x5d\x3b\xf2\xcc" + "\xba\xd9\x77\x67\xaa\xd2\x22\xa7\xa3\x49\x08\xc7\xb8\x27\xa1\x59\x4b\xa7" + "\xa5\xd2\x74\x05\xe7\x5a\x35\xd7\x25\x79\x18\x20\x8a\x25\xec\x3b\x52\xaf" + "\xcb\xdb\x02\x2b\x64\xe8\xd2\xa1\xdd\xd1\xe6\x4f\x9a\x71\xe1\x6c\x6f\xc2" + "\x30\xb0\x85\x25\x6f\xc0\xe6\x32\x6f\xc3\xe1\xa2\xae\x9a\x3c\x23\xe4\xc3" + "\xa6\x10\x15\xb1\x6e\x9d\x7c\xe1\xca\x87\xe7\x02\x2b\x5e\xef\x25\x29\xed" + "\xf6\x52\x15\xd3\x60\xb6\x88\xcf\x0f\xe2\x24\xa4\x04\x97\x9c\x9d\x58\x13" + "\xbb\x00\x6d\x39\xf6\xad\x21\x7e\x56\x2c\x2e\x06\x06\xc4\x6d\x44\xac\x79" + "\x1f\xe5\x30\x81\x89\x02\x2c\x00\xdb\xf1\x78\xf9\xa4\x94\xea\x39\x8a\x3f" + "\x23\x48\x2a\x23\x8f\xd2\x18\x97\xd2\xdf\x0f\xb8\x2b\x33\xa0\xe8\x8f\xbc" + "\x4e\x42\xfd\x54\xc7\x0f\xde\xba\x6d\xba\x96\xa7\xce\x67\x3d\x02\x2c\x00" + "\x92\xa0\xfb\x51\x18\x63\x46\xd1\x06\xd4\xc2\x30\x1c\x17\xb5\x36\xbb\x0f" + "\xe1\xea\x0a\x7a\xc7\x77\xc0\x9b\x0a\x7d\x89\x81\xfe\x38\x84\xb5\x3f\x26" + "\xf3\xd1\xb9\xc5\x34\x44\xd3\x02\x2b\x4c\xbd\x1d\x44\xc8\x19\x23\xd8\xb3" + "\x96\x66\x4b\x62\xcb\x3e\xe6\x6c\x11\xdf\xb2\x92\xd3\xc8\x34\xb9\xa6\x5a" + "\x2f\x19\xf4\x0b\xb2\xe6\x8e\xa6\xaf\xa3\xae\xa4\xb3\x92\xc4\x79\x30\x81" + "\x85\x02\x2b\x00\x89\xab\x30\xfc\x7b\x37\x94\x11\x9f\x4d\x31\x3b\xac\x09" + "\x57\xe6\x64\xec\xa0\xc8\xf8\x04\x1a\xf9\x2a\xa4\x4b\x36\x18\xbb\x5f\xdc" + "\xcd\xf0\xc8\xcb\x97\xd1\xdf\x13\x12\x3f\x02\x2a\x5b\xc7\x75\xfd\xa7\x7a" + "\x62\xb6\x6a\x33\x76\x27\xc8\x06\x3a\x99\x98\x9d\xc0\x85\xfa\xad\x67\x50" + "\xc7\x18\x32\x24\x10\x7c\xea\x93\x33\xf5\xdb\x32\x65\x36\x94\xb7\x61\x7f" + "\x02\x2a\x16\x6c\x96\xa1\x50\x6f\x3a\x92\xc0\x75\x43\xb5\x6b\x9c\x17\x09" + "\xd3\xf0\x67\x69\x45\x92\xfb\x7b\x50\xa8\x42\x9b\x33\x92\xab\xd5\xe6\x49" + "\xb3\x26\x99\x55\x16\x3a\x39\x63\x30\x81\x87\x02\x2b\x00\xc1\x25\x19\x1d" + "\x6e\x18\xcb\x2d\x64\xe2\xe6\xb6\x1c\xe4\xaa\x9c\xb9\xee\x18\xd4\xf7\x5f" + "\x66\x40\xf0\xe1\x31\x38\xf2\x53\x00\x8b\xcc\xe4\x0d\xb7\x81\xb4\xe6\x1c" + "\x19\xaf\x02\x2b\x00\x80\xc3\x66\x13\x9e\xbb\x32\x1e\x43\x41\xef\x24\x13" + "\x43\x1c\x68\x7b\xf4\x10\x8d\xfa\x3f\x99\x80\xa0\x96\x20\xd0\xa1\x8c\xab" + "\x07\xdd\xed\x5e\x7a\x56\x78\x99\x68\x11\x1f\x02\x2b\x00\xb0\x59\xea\x67" + "\x93\x42\xbf\x07\x54\x38\x41\xcb\x73\xa4\x0e\xc2\xae\x56\x19\x41\xc9\x8a" + "\xb2\x2f\xa8\x0a\xb1\x4e\x12\x39\x2e\xc0\x94\x9a\xc6\xa3\xe4\xaf\x8a\x16" + "\x06\xb8"; + +static const uint8_t kSixPrimeEncryptedMessage[] = { + 0x0a, 0xcb, 0x6c, 0x02, 0x9d, 0x1a, 0x7c, 0xf3, 0x4e, 0xff, 0x16, 0x88, + 0xee, 0x22, 0x1d, 0x8d, 0xd2, 0xfd, 0xde, 0x83, 0xb3, 0xd9, 0x35, 0x2c, + 0x82, 0xe0, 0xff, 0xe6, 0x79, 0x6d, 0x06, 0x21, 0x74, 0xa8, 0x04, 0x0c, + 0xe2, 0xd3, 0x98, 0x3f, 0xbf, 0xd0, 0xe9, 0x88, 0x24, 0xe2, 0x05, 0xa4, + 0x45, 0x51, 0x87, 0x6b, 0x1c, 0xef, 0x5f, 0x2d, 0x61, 0xb6, 0xf1, 0x4c, + 0x1f, 0x3d, 0xbf, 0x4b, 0xf2, 0xda, 0x09, 0x97, 0x81, 0xde, 0x91, 0xb7, + 0x0d, 0xb4, 0xc2, 0xab, 0x41, 0x64, 0x9d, 0xd9, 0x39, 0x46, 0x79, 0x66, + 0x43, 0xf1, 0x34, 0x21, 0x56, 0x2f, 0xc6, 0x68, 0x40, 0x4a, 0x2d, 0x73, + 0x96, 0x50, 0xe1, 0xb0, 0xaf, 0x49, 0x39, 0xb4, 0xf0, 0x3a, 0x78, 0x38, + 0x70, 0xa9, 0x91, 0x5d, 0x5e, 0x07, 0xf4, 0xec, 0xbb, 0xc4, 0xe5, 0x8a, + 0xb8, 0x06, 0xba, 0xdf, 0xc6, 0x48, 0x78, 0x4b, 0xca, 0x2a, 0x8a, 0x92, + 0x64, 0xe3, 0xa6, 0xae, 0x87, 0x97, 0x12, 0x16, 0x46, 0x67, 0x59, 0xdf, + 0xf2, 0xf3, 0x89, 0x6f, 0xe8, 0xa9, 0x13, 0x57, 0x63, 0x4e, 0x07, 0x98, + 0xcc, 0x73, 0xa0, 0x84, 0x9d, 0xe8, 0xb3, 0x50, 0x59, 0xb5, 0x51, 0xb3, + 0x41, 0x7d, 0x55, 0xfe, 0xd9, 0xf0, 0xc6, 0xff, 0x6e, 0x96, 0x4f, 0x22, + 0xb2, 0x0d, 0x6b, 0xc9, 0x83, 0x2d, 0x98, 0x98, 0xb2, 0xd1, 0xb7, 0xe4, + 0x50, 0x83, 0x1a, 0xa9, 0x02, 0x9f, 0xaf, 0x54, 0x74, 0x2a, 0x2c, 0x63, + 0x10, 0x79, 0x45, 0x5c, 0x95, 0x0d, 0xa1, 0x9b, 0x55, 0xf3, 0x1e, 0xb7, + 0x56, 0x59, 0xf1, 0x59, 0x8d, 0xd6, 0x15, 0x89, 0xf6, 0xfe, 0xc0, 0x00, + 0xdd, 0x1f, 0x2b, 0xf0, 0xf7, 0x5d, 0x64, 0x84, 0x76, 0xd3, 0xc2, 0x92, + 0x35, 0xac, 0xb5, 0xf9, 0xf6, 0xa8, 0x05, 0x89, 0x4c, 0x95, 0x41, 0x4e, + 0x34, 0x25, 0x11, 0x14, +}; + +// kEstonianRSAKey is an RSAPublicKey encoded with a negative modulus. See +// https://crbug.com/532048. +static const uint8_t kEstonianRSAKey[] = { + 0x30, 0x82, 0x01, 0x09, 0x02, 0x82, 0x01, 0x00, 0x96, 0xa6, 0x2e, 0x9c, + 0x4e, 0x6a, 0xc3, 0xcc, 0xcd, 0x8f, 0x70, 0xc3, 0x55, 0xbf, 0x5e, 0x9c, + 0xd4, 0xf3, 0x17, 0xc3, 0x97, 0x70, 0xae, 0xdf, 0x12, 0x5c, 0x15, 0x80, + 0x03, 0xef, 0x2b, 0x18, 0x9d, 0x6a, 0xcb, 0x52, 0x22, 0xc1, 0x81, 0xb8, + 0x7e, 0x61, 0xe8, 0x0f, 0x79, 0x24, 0x0f, 0x82, 0x70, 0x24, 0x4e, 0x29, + 0x20, 0x05, 0x54, 0xeb, 0xd4, 0xa9, 0x65, 0x59, 0xb6, 0x3c, 0x75, 0x95, + 0x2f, 0x4c, 0xf6, 0x9d, 0xd1, 0xaf, 0x5f, 0x14, 0x14, 0xe7, 0x25, 0xea, + 0xa5, 0x47, 0x5d, 0xc6, 0x3e, 0x28, 0x8d, 0xdc, 0x54, 0x87, 0x2a, 0x7c, + 0x10, 0xe9, 0xc6, 0x76, 0x2d, 0xe7, 0x79, 0xd8, 0x0e, 0xbb, 0xa9, 0xac, + 0xb5, 0x18, 0x98, 0xd6, 0x47, 0x6e, 0x06, 0x70, 0xbf, 0x9e, 0x82, 0x25, + 0x95, 0x4e, 0xfd, 0x70, 0xd7, 0x73, 0x45, 0x2e, 0xc1, 0x1f, 0x7a, 0x9a, + 0x9d, 0x60, 0xc0, 0x1f, 0x67, 0x06, 0x2a, 0x4e, 0x87, 0x3f, 0x19, 0x88, + 0x69, 0x64, 0x4d, 0x9f, 0x75, 0xf5, 0xd3, 0x1a, 0x41, 0x3d, 0x35, 0x17, + 0xb6, 0xd1, 0x44, 0x0d, 0x25, 0x8b, 0xe7, 0x94, 0x39, 0xb0, 0x7c, 0xaf, + 0x3e, 0x6a, 0xfa, 0x8d, 0x90, 0x21, 0x0f, 0x8a, 0x43, 0x94, 0x37, 0x7c, + 0x2a, 0x15, 0x4c, 0xa0, 0xfa, 0xa9, 0x2f, 0x21, 0xa6, 0x6f, 0x8e, 0x2f, + 0x89, 0xbc, 0xbb, 0x33, 0xf8, 0x31, 0xfc, 0xdf, 0xcd, 0x68, 0x9a, 0xbc, + 0x75, 0x06, 0x95, 0xf1, 0x3d, 0xef, 0xca, 0x76, 0x27, 0xd2, 0xba, 0x8e, + 0x0e, 0x1c, 0x43, 0xd7, 0x70, 0xb9, 0xc6, 0x15, 0xca, 0xd5, 0x4d, 0x87, + 0xb9, 0xd1, 0xae, 0xde, 0x69, 0x73, 0x00, 0x2a, 0x97, 0x51, 0x4b, 0x30, + 0x01, 0xc2, 0x85, 0xd0, 0x05, 0xcc, 0x2e, 0xe8, 0xc7, 0x42, 0xe7, 0x94, + 0x51, 0xe3, 0xf5, 0x19, 0x35, 0xdc, 0x57, 0x96, 0xe7, 0xd9, 0xb4, 0x49, + 0x02, 0x03, 0x01, 0x00, 0x01, +}; + +static bool TestRSA(const uint8_t *der, size_t der_len, + const uint8_t *oaep_ciphertext, + size_t oaep_ciphertext_len) { + ScopedRSA key(d2i_RSAPrivateKey(nullptr, &der, der_len)); + if (!key) { + return false; + } + + if (!RSA_check_key(key.get())) { + fprintf(stderr, "RSA_check_key failed\n"); + return false; + } + + uint8_t ciphertext[256]; + + int num = RSA_public_encrypt(kPlaintextLen, kPlaintext, ciphertext, key.get(), + RSA_PKCS1_PADDING); + if (num < 0 || (size_t)num != RSA_size(key.get())) { + fprintf(stderr, "PKCS#1 v1.5 encryption failed!\n"); + return false; + } + + uint8_t plaintext[256]; + num = RSA_private_decrypt(num, ciphertext, plaintext, key.get(), + RSA_PKCS1_PADDING); + if (num < 0 || + (size_t)num != kPlaintextLen || memcmp(plaintext, kPlaintext, num) != 0) { + fprintf(stderr, "PKCS#1 v1.5 decryption failed!\n"); + return false; + } + + num = RSA_public_encrypt(kPlaintextLen, kPlaintext, ciphertext, key.get(), + RSA_PKCS1_OAEP_PADDING); + if (num < 0 || (size_t)num != RSA_size(key.get())) { + fprintf(stderr, "OAEP encryption failed!\n"); + return false; + } + + num = RSA_private_decrypt(num, ciphertext, plaintext, key.get(), + RSA_PKCS1_OAEP_PADDING); + if (num < 0 || + (size_t)num != kPlaintextLen || memcmp(plaintext, kPlaintext, num) != 0) { + fprintf(stderr, "OAEP decryption (encrypted data) failed!\n"); + return false; + } + + // |oaep_ciphertext| should decrypt to |kPlaintext|. + num = RSA_private_decrypt(oaep_ciphertext_len, oaep_ciphertext, plaintext, + key.get(), RSA_PKCS1_OAEP_PADDING); + + if (num < 0 || + (size_t)num != kPlaintextLen || memcmp(plaintext, kPlaintext, num) != 0) { + fprintf(stderr, "OAEP decryption (test vector data) failed!\n"); + return false; + } + + // Try decrypting corrupted ciphertexts. + memcpy(ciphertext, oaep_ciphertext, oaep_ciphertext_len); + for (size_t i = 0; i < oaep_ciphertext_len; i++) { + uint8_t saved = ciphertext[i]; + for (unsigned b = 0; b < 256; b++) { + if (b == saved) { + continue; + } + ciphertext[i] = b; + num = RSA_private_decrypt(num, ciphertext, plaintext, key.get(), + RSA_PKCS1_OAEP_PADDING); + if (num > 0) { + fprintf(stderr, "Corrupt data decrypted!\n"); + return false; + } + } + ciphertext[i] = saved; + } + + return true; +} + +static bool TestMultiPrimeKey(int nprimes, const uint8_t *der, size_t der_size, + const uint8_t *enc, size_t enc_size) { + ScopedRSA rsa(d2i_RSAPrivateKey(nullptr, &der, der_size)); + if (!rsa) { + fprintf(stderr, "%d-prime key failed to parse.\n", nprimes); + ERR_print_errors_fp(stderr); + return false; + } + + if (!RSA_check_key(rsa.get())) { + fprintf(stderr, "RSA_check_key failed for %d-prime key.\n", nprimes); + ERR_print_errors_fp(stderr); + return false; + } + + uint8_t out[256]; + size_t out_len; + if (!RSA_decrypt(rsa.get(), &out_len, out, sizeof(out), enc, enc_size, + RSA_PKCS1_PADDING) || + out_len != 11 || + memcmp(out, "hello world", 11) != 0) { + fprintf(stderr, "%d-prime key failed to decrypt.\n", nprimes); + ERR_print_errors_fp(stderr); + return false; + } + + return true; +} + +static bool TestMultiPrimeKeygen() { + static const char kMessage[] = "Hello world."; + static const size_t kBits = 1024; + uint8_t encrypted[kBits / 8], decrypted[kBits / 8]; + size_t encrypted_len, decrypted_len; + + ScopedRSA rsa(RSA_new()); + ScopedBIGNUM e(BN_new()); + if (!rsa || !e || + !BN_set_word(e.get(), RSA_F4) || + !RSA_generate_multi_prime_key(rsa.get(), kBits, 3, e.get(), nullptr) || + !RSA_check_key(rsa.get()) || + !RSA_encrypt(rsa.get(), &encrypted_len, encrypted, sizeof(encrypted), + (const uint8_t *)kMessage, sizeof(kMessage), + RSA_PKCS1_PADDING) || + !RSA_decrypt(rsa.get(), &decrypted_len, decrypted, sizeof(decrypted), + encrypted, encrypted_len, RSA_PKCS1_PADDING) || + decrypted_len != sizeof(kMessage) || + memcmp(decrypted, kMessage, sizeof(kMessage)) != 0) { + ERR_print_errors_fp(stderr); + return false; + } + + return true; +} + +static bool TestBadKey() { + ScopedRSA key(RSA_new()); + ScopedBIGNUM e(BN_new()); + + if (!key || !e || !BN_set_word(e.get(), RSA_F4)) { + return false; + } + + if (!RSA_generate_key_ex(key.get(), 512, e.get(), nullptr)) { + fprintf(stderr, "RSA_generate_key_ex failed.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + if (!BN_add(key->p, key->p, BN_value_one())) { + fprintf(stderr, "BN error.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + if (RSA_check_key(key.get())) { + fprintf(stderr, "RSA_check_key passed with invalid key!\n"); + return false; + } + + ERR_clear_error(); + return true; +} + +static bool TestOnlyDGiven() { + uint8_t buf[64]; + unsigned buf_len = sizeof(buf); + ScopedRSA key(RSA_new()); + if (!key || + !BN_hex2bn(&key->n, + "00e77bbf3889d4ef36a9a25d4d69f3f632eb4362214c74517da6d6aeaa9bd" + "09ac42b26621cd88f3a6eb013772fc3bf9f83914b6467231c630202c35b3e" + "5808c659") || + !BN_hex2bn(&key->e, "010001") || + !BN_hex2bn(&key->d, + "0365db9eb6d73b53b015c40cd8db4de7dd7035c68b5ac1bf786d7a4ee2cea" + "316eaeca21a73ac365e58713195f2ae9849348525ca855386b6d028e437a9" + "495a01") || + RSA_size(key.get()) > sizeof(buf)) { + return false; + } + + if (!RSA_check_key(key.get())) { + fprintf(stderr, "RSA_check_key failed with only d given.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + const uint8_t kDummyHash[16] = {0}; + + if (!RSA_sign(NID_sha256, kDummyHash, sizeof(kDummyHash), buf, &buf_len, + key.get())) { + fprintf(stderr, "RSA_sign failed with only d given.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + if (!RSA_verify(NID_sha256, kDummyHash, sizeof(kDummyHash), buf, buf_len, + key.get())) { + fprintf(stderr, "RSA_verify failed with only d given.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + return true; +} + +static bool TestRecoverCRTParams() { + ScopedBIGNUM e(BN_new()); + if (!e || !BN_set_word(e.get(), RSA_F4)) { + return false; + } + + ERR_clear_error(); + + for (unsigned i = 0; i < 1; i++) { + ScopedRSA key1(RSA_new()); + if (!key1 || + !RSA_generate_key_ex(key1.get(), 512, e.get(), nullptr)) { + fprintf(stderr, "RSA_generate_key_ex failed.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + if (!RSA_check_key(key1.get())) { + fprintf(stderr, "RSA_check_key failed with original key.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + ScopedRSA key2(RSA_new()); + if (!key2) { + return false; + } + key2->n = BN_dup(key1->n); + key2->e = BN_dup(key1->e); + key2->d = BN_dup(key1->d); + if (key2->n == nullptr || key2->e == nullptr || key2->d == nullptr) { + return false; + } + + if (!RSA_recover_crt_params(key2.get())) { + fprintf(stderr, "RSA_recover_crt_params failed.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + uint8_t buf[128]; + unsigned buf_len = sizeof(buf); + if (RSA_size(key2.get()) > buf_len) { + return false; + } + + if (!RSA_check_key(key2.get())) { + fprintf(stderr, "RSA_check_key failed with recovered key.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + const uint8_t kDummyHash[16] = {0}; + if (!RSA_sign(NID_sha256, kDummyHash, sizeof(kDummyHash), buf, &buf_len, + key2.get())) { + fprintf(stderr, "RSA_sign failed with recovered key.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + if (!RSA_verify(NID_sha256, kDummyHash, sizeof(kDummyHash), buf, buf_len, + key2.get())) { + fprintf(stderr, "RSA_verify failed with recovered key.\n"); + ERR_print_errors_fp(stderr); + return false; + } + } + + return true; +} + +static bool TestASN1() { + // Test that private keys may be decoded. + ScopedRSA rsa(RSA_private_key_from_bytes(kKey1, sizeof(kKey1) - 1)); + if (!rsa) { + return false; + } + + // Test that the serialization round-trips. + uint8_t *der; + size_t der_len; + if (!RSA_private_key_to_bytes(&der, &der_len, rsa.get())) { + return false; + } + ScopedOpenSSLBytes delete_der(der); + if (der_len != sizeof(kKey1) - 1 || memcmp(der, kKey1, der_len) != 0) { + return false; + } + + // Test that serializing public keys works. + if (!RSA_public_key_to_bytes(&der, &der_len, rsa.get())) { + return false; + } + delete_der.reset(der); + + // Public keys may be parsed back out. + rsa.reset(RSA_public_key_from_bytes(der, der_len)); + if (!rsa || rsa->p != NULL || rsa->q != NULL) { + return false; + } + + // Serializing the result round-trips. + uint8_t *der2; + size_t der2_len; + if (!RSA_public_key_to_bytes(&der2, &der2_len, rsa.get())) { + return false; + } + ScopedOpenSSLBytes delete_der2(der2); + if (der_len != der2_len || memcmp(der, der2, der_len) != 0) { + return false; + } + + // Public keys cannot be serialized as private keys. + if (RSA_private_key_to_bytes(&der, &der_len, rsa.get())) { + OPENSSL_free(der); + return false; + } + ERR_clear_error(); + + // Public keys with negative moduli are invalid. + rsa.reset(RSA_public_key_from_bytes(kEstonianRSAKey, + sizeof(kEstonianRSAKey))); + if (rsa) { + return false; + } + ERR_clear_error(); + + // But |RSA_parse_public_key_buggy| will accept it. + CBS cbs; + CBS_init(&cbs, kEstonianRSAKey, sizeof(kEstonianRSAKey)); + rsa.reset(RSA_parse_public_key_buggy(&cbs)); + if (!rsa || CBS_len(&cbs) != 0) { + return false; + } + + return true; +} + +int main(int argc, char *argv[]) { + CRYPTO_library_init(); + + if (!TestRSA(kKey1, sizeof(kKey1) - 1, kOAEPCiphertext1, + sizeof(kOAEPCiphertext1) - 1) || + !TestRSA(kKey2, sizeof(kKey2) - 1, kOAEPCiphertext2, + sizeof(kOAEPCiphertext2) - 1) || + !TestRSA(kKey3, sizeof(kKey3) - 1, kOAEPCiphertext3, + sizeof(kOAEPCiphertext3) - 1) || + !TestOnlyDGiven() || + !TestRecoverCRTParams() || + !TestBadKey() || + !TestMultiPrimeKey(2, kTwoPrimeKey, sizeof(kTwoPrimeKey) - 1, + kTwoPrimeEncryptedMessage, + sizeof(kTwoPrimeEncryptedMessage)) || + !TestMultiPrimeKey(3, kThreePrimeKey, sizeof(kThreePrimeKey) - 1, + kThreePrimeEncryptedMessage, + sizeof(kThreePrimeEncryptedMessage)) || + !TestMultiPrimeKey(6, kSixPrimeKey, sizeof(kSixPrimeKey) - 1, + kSixPrimeEncryptedMessage, + sizeof(kSixPrimeEncryptedMessage)) || + !TestMultiPrimeKeygen() || + !TestASN1()) { + return 1; + } + + printf("PASS\n"); + return 0; +} diff --git a/src/crypto/sha/CMakeLists.txt b/src/crypto/sha/CMakeLists.txt index 5a10c85..ecff09b 100644 --- a/src/crypto/sha/CMakeLists.txt +++ b/src/crypto/sha/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) if (${ARCH} STREQUAL "x86_64") set( diff --git a/src/crypto/sha/asm/sha1-586.pl b/src/crypto/sha/asm/sha1-586.pl index 4895eb3..e0b5d83 100644 --- a/src/crypto/sha/asm/sha1-586.pl +++ b/src/crypto/sha/asm/sha1-586.pl @@ -66,9 +66,9 @@ # switch to AVX alone improves performance by as little as 4% in # comparison to SSSE3 code path. But below result doesn't look like # 4% improvement... Trouble is that Sandy Bridge decodes 'ro[rl]' as -# pair of µ-ops, and it's the additional µ-ops, two per round, that +# pair of µ-ops, and it's the additional µ-ops, two per round, that # make it run slower than Core2 and Westmere. But 'sh[rl]d' is decoded -# as single µ-op by Sandy Bridge and it's replacing 'ro[rl]' with +# as single µ-op by Sandy Bridge and it's replacing 'ro[rl]' with # equivalent 'sh[rl]d' that is responsible for the impressive 5.1 # cycles per processed byte. But 'sh[rl]d' is not something that used # to be fast, nor does it appear to be fast in upcoming Bulldozer diff --git a/src/crypto/sha/asm/sha1-armv4-large.pl b/src/crypto/sha/asm/sha1-armv4-large.pl index a20d336..64e2ed6 100644 --- a/src/crypto/sha/asm/sha1-armv4-large.pl +++ b/src/crypto/sha/asm/sha1-armv4-large.pl @@ -178,7 +178,7 @@ ___ } $code=<<___; -#include "arm_arch.h" +#include .text .code 32 diff --git a/src/crypto/sha/asm/sha1-armv8.pl b/src/crypto/sha/asm/sha1-armv8.pl index a8c08c2..1c4fe4a 100644 --- a/src/crypto/sha/asm/sha1-armv8.pl +++ b/src/crypto/sha/asm/sha1-armv8.pl @@ -162,7 +162,7 @@ ___ } $code.=<<___; -#include "arm_arch.h" +#include .text diff --git a/src/crypto/sha/asm/sha256-586.pl b/src/crypto/sha/asm/sha256-586.pl index 6462e45..e907714 100644 --- a/src/crypto/sha/asm/sha256-586.pl +++ b/src/crypto/sha/asm/sha256-586.pl @@ -10,7 +10,7 @@ # SHA256 block transform for x86. September 2007. # # Performance improvement over compiler generated code varies from -# 10% to 40% [see below]. Not very impressive on some µ-archs, but +# 10% to 40% [see below]. Not very impressive on some µ-archs, but # it's 5 times smaller and optimizies amount of writes. # # May 2012. diff --git a/src/crypto/sha/asm/sha256-armv4.pl b/src/crypto/sha/asm/sha256-armv4.pl index df71676..7e07147 100644 --- a/src/crypto/sha/asm/sha256-armv4.pl +++ b/src/crypto/sha/asm/sha256-armv4.pl @@ -168,7 +168,7 @@ ___ $code=<<___; #ifndef __KERNEL__ -# include "arm_arch.h" +# include #else # define __ARM_ARCH__ __LINUX_ARM_ARCH__ # define __ARM_MAX_ARCH__ 7 diff --git a/src/crypto/sha/asm/sha512-586.pl b/src/crypto/sha/asm/sha512-586.pl index e96ec00..2f6a202 100644 --- a/src/crypto/sha/asm/sha512-586.pl +++ b/src/crypto/sha/asm/sha512-586.pl @@ -37,7 +37,7 @@ # # IALU code-path is optimized for elder Pentiums. On vanilla Pentium # performance improvement over compiler generated code reaches ~60%, -# while on PIII - ~35%. On newer µ-archs improvement varies from 15% +# while on PIII - ~35%. On newer µ-archs improvement varies from 15% # to 50%, but it's less important as they are expected to execute SSE2 # code-path, which is commonly ~2-3x faster [than compiler generated # code]. SSE2 code-path is as fast as original sha512-sse2.pl, even diff --git a/src/crypto/sha/asm/sha512-armv4.pl b/src/crypto/sha/asm/sha512-armv4.pl index 2964a39..cd3662a 100644 --- a/src/crypto/sha/asm/sha512-armv4.pl +++ b/src/crypto/sha/asm/sha512-armv4.pl @@ -191,7 +191,7 @@ ___ } $code=<<___; #ifndef __KERNEL__ -# include "arm_arch.h" +# include # define VFP_ABI_PUSH vstmdb sp!,{d8-d15} # define VFP_ABI_POP vldmia sp!,{d8-d15} #else diff --git a/src/crypto/sha/asm/sha512-armv8.pl b/src/crypto/sha/asm/sha512-armv8.pl index 43e7293..40eb17a 100644 --- a/src/crypto/sha/asm/sha512-armv8.pl +++ b/src/crypto/sha/asm/sha512-armv8.pl @@ -164,7 +164,7 @@ ___ } $code.=<<___; -#include "arm_arch.h" +#include .text diff --git a/src/crypto/stack/CMakeLists.txt b/src/crypto/stack/CMakeLists.txt index bdb0599..dcd8ef4 100644 --- a/src/crypto/stack/CMakeLists.txt +++ b/src/crypto/stack/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( stack diff --git a/src/crypto/test/CMakeLists.txt b/src/crypto/test/CMakeLists.txt index 84a6174..8c75314 100644 --- a/src/crypto/test/CMakeLists.txt +++ b/src/crypto/test/CMakeLists.txt @@ -5,4 +5,5 @@ add_library( file_test.cc malloc.cc + test_util.cc ) diff --git a/src/crypto/test/file_test.cc b/src/crypto/test/file_test.cc index 8df6f9a..6723350 100644 --- a/src/crypto/test/file_test.cc +++ b/src/crypto/test/file_test.cc @@ -128,6 +128,7 @@ FileTest::ReadResult FileTest::ReadNext() { const char *delimiter = FindDelimiter(buf); if (delimiter == nullptr) { fprintf(stderr, "Line %u: Could not parse attribute.\n", line_); + return kReadError; } std::string key = StripSpace(buf, delimiter - buf); std::string value = StripSpace(delimiter + 1, diff --git a/src/crypto/test/file_test.h b/src/crypto/test/file_test.h index 7303d8a..24651ab 100644 --- a/src/crypto/test/file_test.h +++ b/src/crypto/test/file_test.h @@ -18,11 +18,19 @@ #include #include +#if defined(_MSC_VER) +#pragma warning(push) +#pragma warning(disable: 4702) +#endif + #include #include #include #include +#if defined(_MSC_VER) +#pragma warning(pop) +#endif // File-based test framework. // diff --git a/src/crypto/test/malloc.cc b/src/crypto/test/malloc.cc index 9ffdf01..898f2a7 100644 --- a/src/crypto/test/malloc.cc +++ b/src/crypto/test/malloc.cc @@ -34,6 +34,8 @@ #if defined(__linux__) && defined(OPENSSL_GLIBC) && !defined(OPENSSL_ARM) && \ !defined(OPENSSL_AARCH64) && !defined(OPENSSL_ASAN) +#include +#include #include #include #include @@ -45,14 +47,14 @@ /* This file defines overrides for the standard allocation functions that allow * a given allocation to be made to fail for testing. If the program is run * with MALLOC_NUMBER_TO_FAIL set to a base-10 number then that allocation will - * return NULL. If MALLOC_ABORT_ON_FAIL is also defined then the allocation - * will abort() rather than return NULL. + * return NULL. If MALLOC_BREAK_ON_FAIL is also defined then the allocation + * will signal SIGTRAP rather than return NULL. * * This code is not thread safe. */ static uint64_t current_malloc_count = 0; static uint64_t malloc_number_to_fail = 0; -static char failure_enabled = 0, abort_on_fail = 0; +static char failure_enabled = 0, break_on_fail = 0; static int in_call = 0; extern "C" { @@ -95,7 +97,7 @@ static int should_fail_allocation() { std::set_new_handler(cpp_new_handler); } } - abort_on_fail = (NULL != getenv("MALLOC_ABORT_ON_FAIL")); + break_on_fail = (NULL != getenv("MALLOC_BREAK_ON_FAIL")); init = 1; } @@ -108,8 +110,8 @@ static int should_fail_allocation() { should_fail = (current_malloc_count == malloc_number_to_fail); current_malloc_count++; - if (should_fail && abort_on_fail) { - abort(); + if (should_fail && break_on_fail) { + raise(SIGTRAP); } return should_fail; } @@ -118,6 +120,7 @@ extern "C" { void *malloc(size_t size) { if (should_fail_allocation()) { + errno = ENOMEM; return NULL; } @@ -126,6 +129,7 @@ void *malloc(size_t size) { void *calloc(size_t num_elems, size_t size) { if (should_fail_allocation()) { + errno = ENOMEM; return NULL; } @@ -134,6 +138,7 @@ void *calloc(size_t num_elems, size_t size) { void *realloc(void *ptr, size_t size) { if (should_fail_allocation()) { + errno = ENOMEM; return NULL; } diff --git a/src/crypto/test/scoped_types.h b/src/crypto/test/scoped_types.h index c5c8cfe..e44c6ed 100644 --- a/src/crypto/test/scoped_types.h +++ b/src/crypto/test/scoped_types.h @@ -18,6 +18,7 @@ #include #include +#include #include #include #include @@ -112,9 +113,13 @@ using ScopedPKCS12 = ScopedOpenSSLType; using ScopedRSA = ScopedOpenSSLType; using ScopedX509 = ScopedOpenSSLType; using ScopedX509_ALGOR = ScopedOpenSSLType; +using ScopedX509_SIG = ScopedOpenSSLType; using ScopedX509Stack = ScopedOpenSSLStack; +using ScopedEVP_AEAD_CTX = ScopedOpenSSLContext; using ScopedEVP_CIPHER_CTX = ScopedOpenSSLContext; diff --git a/src/crypto/test/test_util.cc b/src/crypto/test/test_util.cc new file mode 100644 index 0000000..8021aaa --- /dev/null +++ b/src/crypto/test/test_util.cc @@ -0,0 +1,30 @@ +/* Copyright (c) 2015, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#include +#include + +#include "test_util.h" + + +void hexdump(FILE *fp, const char *msg, const void *in, size_t len) { + const uint8_t *data = reinterpret_cast(in); + size_t i; + + fputs(msg, fp); + for (i = 0; i < len; i++) { + fprintf(fp, "%02x", data[i]); + } + fputs("\n", fp); +} diff --git a/src/crypto/test/test_util.h b/src/crypto/test/test_util.h new file mode 100644 index 0000000..972e206 --- /dev/null +++ b/src/crypto/test/test_util.h @@ -0,0 +1,35 @@ +/* Copyright (c) 2015, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#ifndef OPENSSL_HEADER_CRYPTO_TEST_TEST_UTIL_H +#define OPENSSL_HEADER_CRYPTO_TEST_TEST_UTIL_H + +#include +#include + +#if defined(__cplusplus) +extern "C" { +#endif + + +/* hexdump writes |msg| to |fp| followed by the hex encoding of |len| bytes + * from |in|. */ +void hexdump(FILE *fp, const char *msg, const void *in, size_t len); + + +#if defined(__cplusplus) +} +#endif + +#endif /* OPENSSL_HEADER_CRYPTO_TEST_TEST_UTIL_H */ diff --git a/src/crypto/x509/CMakeLists.txt b/src/crypto/x509/CMakeLists.txt index 3bb5704..258c263 100644 --- a/src/crypto/x509/CMakeLists.txt +++ b/src/crypto/x509/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( x509 @@ -15,6 +15,7 @@ add_library( i2d_pr.c pkcs7.c t_crl.c + t_req.c t_x509.c t_x509a.c x509.c diff --git a/src/crypto/x509/a_digest.c b/src/crypto/x509/a_digest.c index 6060bbd..430e2e6 100644 --- a/src/crypto/x509/a_digest.c +++ b/src/crypto/x509/a_digest.c @@ -71,7 +71,7 @@ int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data, i=i2d(data,NULL); if ((str=(unsigned char *)OPENSSL_malloc(i)) == NULL) { - OPENSSL_PUT_ERROR(X509, ASN1_digest, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return(0); } p=str; diff --git a/src/crypto/x509/a_sign.c b/src/crypto/x509/a_sign.c index f219c23..4e9be8a 100644 --- a/src/crypto/x509/a_sign.c +++ b/src/crypto/x509/a_sign.c @@ -106,7 +106,7 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, if ((buf_in == NULL) || (buf_out == NULL)) { outl=0; - OPENSSL_PUT_ERROR(X509, ASN1_item_sign_ctx, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); goto err; } @@ -114,7 +114,7 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, || !EVP_DigestSignFinal(ctx, buf_out, &outl)) { outl=0; - OPENSSL_PUT_ERROR(X509, ASN1_item_sign_ctx, ERR_R_EVP_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_EVP_LIB); goto err; } if (signature->data != NULL) OPENSSL_free(signature->data); diff --git a/src/crypto/x509/a_verify.c b/src/crypto/x509/a_verify.c index 72e0a62..572a139 100644 --- a/src/crypto/x509/a_verify.c +++ b/src/crypto/x509/a_verify.c @@ -80,13 +80,13 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, if (!pkey) { - OPENSSL_PUT_ERROR(X509, ASN1_item_verify, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(X509, ERR_R_PASSED_NULL_PARAMETER); return 0; } if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7) { - OPENSSL_PUT_ERROR(X509, ASN1_item_verify, X509_R_INVALID_BIT_STRING_BITS_LEFT); + OPENSSL_PUT_ERROR(X509, X509_R_INVALID_BIT_STRING_BITS_LEFT); return 0; } @@ -101,7 +101,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, if (buf_in == NULL) { - OPENSSL_PUT_ERROR(X509, ASN1_item_verify, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); goto err; } @@ -109,7 +109,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, { OPENSSL_cleanse(buf_in,(unsigned int)inl); OPENSSL_free(buf_in); - OPENSSL_PUT_ERROR(X509, ASN1_item_verify, ERR_R_EVP_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_EVP_LIB); goto err; } @@ -119,7 +119,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, if (EVP_DigestVerifyFinal(&ctx,signature->data, (size_t)signature->length) <= 0) { - OPENSSL_PUT_ERROR(X509, ASN1_item_verify, ERR_R_EVP_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_EVP_LIB); goto err; } /* we don't need to zero the 'ctx' because we just checked diff --git a/src/crypto/x509/asn1_gen.c b/src/crypto/x509/asn1_gen.c index d4d1ee6..850a816 100644 --- a/src/crypto/x509/asn1_gen.c +++ b/src/crypto/x509/asn1_gen.c @@ -171,7 +171,7 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf) { if (!cnf) { - OPENSSL_PUT_ERROR(ASN1, ASN1_generate_v3, ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG); return NULL; } ret = asn1_multi(asn1_tags.utype, asn1_tags.str, cnf); @@ -314,7 +314,7 @@ static int asn1_cb(const char *elem, int len, void *bitstr) if (utype == -1) { - OPENSSL_PUT_ERROR(ASN1, asn1_cb, ASN1_R_UNKNOWN_TAG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNKNOWN_TAG); ERR_add_error_data(2, "tag=", elem); return -1; } @@ -327,7 +327,7 @@ static int asn1_cb(const char *elem, int len, void *bitstr) /* If no value and not end of string, error */ if (!vstart && elem[len]) { - OPENSSL_PUT_ERROR(ASN1, asn1_cb, ASN1_R_MISSING_VALUE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_VALUE); return -1; } return 0; @@ -340,7 +340,7 @@ static int asn1_cb(const char *elem, int len, void *bitstr) /* Check for illegal multiple IMPLICIT tagging */ if (arg->imp_tag != -1) { - OPENSSL_PUT_ERROR(ASN1, asn1_cb, ASN1_R_ILLEGAL_NESTED_TAGGING); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_NESTED_TAGGING); return -1; } if (!parse_tagging(vstart, vlen, &arg->imp_tag, &arg->imp_class)) @@ -378,7 +378,7 @@ static int asn1_cb(const char *elem, int len, void *bitstr) case ASN1_GEN_FLAG_FORMAT: if (!vstart) { - OPENSSL_PUT_ERROR(ASN1, asn1_cb, ASN1_R_UNKNOWN_FORMAT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNKNOWN_FORMAT); return -1; } if (!strncmp(vstart, "ASCII", 5)) @@ -391,7 +391,7 @@ static int asn1_cb(const char *elem, int len, void *bitstr) arg->format = ASN1_GEN_FORMAT_BITLIST; else { - OPENSSL_PUT_ERROR(ASN1, asn1_cb, ASN1_R_UNKNOWN_FORMAT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNKNOWN_FORMAT); return -1; } break; @@ -415,7 +415,7 @@ static int parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass) return 0; if (tag_num < 0) { - OPENSSL_PUT_ERROR(ASN1, parse_tagging, ASN1_R_INVALID_NUMBER); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_NUMBER); return 0; } *ptag = tag_num; @@ -448,7 +448,7 @@ static int parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass) default: erch[0] = *eptr; erch[1] = 0; - OPENSSL_PUT_ERROR(ASN1, parse_tagging, ASN1_R_INVALID_MODIFIER); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_MODIFIER); ERR_add_error_data(2, "Char=", erch); return 0; break; @@ -534,13 +534,13 @@ static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class, int exp_cons /* Can only have IMPLICIT if permitted */ if ((arg->imp_tag != -1) && !imp_ok) { - OPENSSL_PUT_ERROR(ASN1, append_exp, ASN1_R_ILLEGAL_IMPLICIT_TAG); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_IMPLICIT_TAG); return 0; } if (arg->exp_count == ASN1_FLAG_EXP_MAX) { - OPENSSL_PUT_ERROR(ASN1, append_exp, ASN1_R_DEPTH_EXCEEDED); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_DEPTH_EXCEEDED); return 0; } @@ -658,7 +658,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) if (!(atmp = ASN1_TYPE_new())) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return NULL; } @@ -671,7 +671,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) case V_ASN1_NULL: if (str && *str) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_ILLEGAL_NULL_VALUE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_NULL_VALUE); goto bad_form; } break; @@ -679,7 +679,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) case V_ASN1_BOOLEAN: if (format != ASN1_GEN_FORMAT_ASCII) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_NOT_ASCII_FORMAT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NOT_ASCII_FORMAT); goto bad_form; } vtmp.name = NULL; @@ -687,7 +687,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) vtmp.value = (char *)str; if (!X509V3_get_value_bool(&vtmp, &atmp->value.boolean)) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_ILLEGAL_BOOLEAN); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_BOOLEAN); goto bad_str; } break; @@ -696,12 +696,12 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) case V_ASN1_ENUMERATED: if (format != ASN1_GEN_FORMAT_ASCII) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_INTEGER_NOT_ASCII_FORMAT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INTEGER_NOT_ASCII_FORMAT); goto bad_form; } if (!(atmp->value.integer = s2i_ASN1_INTEGER(NULL, (char *)str))) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_ILLEGAL_INTEGER); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_INTEGER); goto bad_str; } break; @@ -709,12 +709,12 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) case V_ASN1_OBJECT: if (format != ASN1_GEN_FORMAT_ASCII) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_OBJECT_NOT_ASCII_FORMAT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_OBJECT_NOT_ASCII_FORMAT); goto bad_form; } if (!(atmp->value.object = OBJ_txt2obj(str, 0))) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_ILLEGAL_OBJECT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_OBJECT); goto bad_str; } break; @@ -723,23 +723,23 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) case V_ASN1_GENERALIZEDTIME: if (format != ASN1_GEN_FORMAT_ASCII) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_TIME_NOT_ASCII_FORMAT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_TIME_NOT_ASCII_FORMAT); goto bad_form; } if (!(atmp->value.asn1_string = ASN1_STRING_new())) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto bad_str; } if (!ASN1_STRING_set(atmp->value.asn1_string, str, -1)) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto bad_str; } atmp->value.asn1_string->type = utype; if (!ASN1_TIME_check(atmp->value.asn1_string)) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_ILLEGAL_TIME_VALUE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_TIME_VALUE); goto bad_str; } @@ -761,7 +761,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) format = MBSTRING_UTF8; else { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_ILLEGAL_FORMAT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_FORMAT); goto bad_form; } @@ -769,7 +769,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) if (ASN1_mbstring_copy(&atmp->value.asn1_string, (unsigned char *)str, -1, format, ASN1_tag2bit(utype)) <= 0) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto bad_str; } @@ -782,7 +782,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) if (!(atmp->value.asn1_string = ASN1_STRING_new())) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); goto bad_form; } @@ -791,7 +791,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) if (!(rdata = string_to_hex((char *)str, &rdlen))) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_ILLEGAL_HEX); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_HEX); goto bad_str; } @@ -806,7 +806,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) { if (!CONF_parse_list(str, ',', 1, bitstr_cb, atmp->value.bit_string)) { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_LIST_ERROR); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_LIST_ERROR); goto bad_str; } no_unused = 0; @@ -814,7 +814,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) } else { - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_ILLEGAL_BITSTRING_FORMAT); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_BITSTRING_FORMAT); goto bad_form; } @@ -830,7 +830,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) break; default: - OPENSSL_PUT_ERROR(ASN1, asn1_str2type, ASN1_R_UNSUPPORTED_TYPE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNSUPPORTED_TYPE); goto bad_str; break; } @@ -860,12 +860,12 @@ static int bitstr_cb(const char *elem, int len, void *bitstr) return 0; if (bitnum < 0) { - OPENSSL_PUT_ERROR(ASN1, bitstr_cb, ASN1_R_INVALID_NUMBER); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_NUMBER); return 0; } if (!ASN1_BIT_STRING_set_bit(bitstr, bitnum, 1)) { - OPENSSL_PUT_ERROR(ASN1, bitstr_cb, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return 0; } return 1; diff --git a/src/crypto/x509/by_dir.c b/src/crypto/x509/by_dir.c index 34bb1e4..3393dfa 100644 --- a/src/crypto/x509/by_dir.c +++ b/src/crypto/x509/by_dir.c @@ -139,7 +139,7 @@ static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, X509_FILETYPE_PEM); if (!ret) { - OPENSSL_PUT_ERROR(X509, dir_ctrl, X509_R_LOADING_CERT_DIR); + OPENSSL_PUT_ERROR(X509, X509_R_LOADING_CERT_DIR); } } else @@ -208,7 +208,7 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) if (dir == NULL || !*dir) { - OPENSSL_PUT_ERROR(X509, add_cert_dir, X509_R_INVALID_DIRECTORY); + OPENSSL_PUT_ERROR(X509, X509_R_INVALID_DIRECTORY); return 0; } @@ -237,7 +237,7 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) ctx->dirs = sk_BY_DIR_ENTRY_new_null(); if (!ctx->dirs) { - OPENSSL_PUT_ERROR(X509, add_cert_dir, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return 0; } } @@ -311,13 +311,13 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, } else { - OPENSSL_PUT_ERROR(X509, get_cert_by_subject, X509_R_WRONG_LOOKUP_TYPE); + OPENSSL_PUT_ERROR(X509, X509_R_WRONG_LOOKUP_TYPE); goto finish; } if ((b=BUF_MEM_new()) == NULL) { - OPENSSL_PUT_ERROR(X509, get_cert_by_subject, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_BUF_LIB); goto finish; } @@ -337,7 +337,7 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, j=strlen(ent->dir)+1+8+6+1+1; if (!BUF_MEM_grow(b,j)) { - OPENSSL_PUT_ERROR(X509, get_cert_by_subject, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); goto finish; } if (type == X509_LU_CRL && ent->hashes) diff --git a/src/crypto/x509/by_file.c b/src/crypto/x509/by_file.c index 2fdbce4..f1d6194 100644 --- a/src/crypto/x509/by_file.c +++ b/src/crypto/x509/by_file.c @@ -109,7 +109,7 @@ static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, if (!ok) { - OPENSSL_PUT_ERROR(X509, by_file_ctrl, X509_R_LOADING_DEFAULTS); + OPENSSL_PUT_ERROR(X509, X509_R_LOADING_DEFAULTS); } } else @@ -137,7 +137,7 @@ int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type) if ((in == NULL) || (BIO_read_filename(in,file) <= 0)) { - OPENSSL_PUT_ERROR(X509, X509_load_cert_file, ERR_R_SYS_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_SYS_LIB); goto err; } @@ -156,7 +156,7 @@ int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type) } else { - OPENSSL_PUT_ERROR(X509, X509_load_cert_file, ERR_R_PEM_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_PEM_LIB); goto err; } } @@ -173,7 +173,7 @@ int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type) x=d2i_X509_bio(in,NULL); if (x == NULL) { - OPENSSL_PUT_ERROR(X509, X509_load_cert_file, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_ASN1_LIB); goto err; } i=X509_STORE_add_cert(ctx->store_ctx,x); @@ -182,7 +182,7 @@ int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type) } else { - OPENSSL_PUT_ERROR(X509, X509_load_cert_file, X509_R_BAD_X509_FILETYPE); + OPENSSL_PUT_ERROR(X509, X509_R_BAD_X509_FILETYPE); goto err; } err: @@ -203,7 +203,7 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type) if ((in == NULL) || (BIO_read_filename(in,file) <= 0)) { - OPENSSL_PUT_ERROR(X509, X509_load_crl_file, ERR_R_SYS_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_SYS_LIB); goto err; } @@ -222,7 +222,7 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type) } else { - OPENSSL_PUT_ERROR(X509, X509_load_crl_file, ERR_R_PEM_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_PEM_LIB); goto err; } } @@ -239,7 +239,7 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type) x=d2i_X509_CRL_bio(in,NULL); if (x == NULL) { - OPENSSL_PUT_ERROR(X509, X509_load_crl_file, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_ASN1_LIB); goto err; } i=X509_STORE_add_crl(ctx->store_ctx,x); @@ -248,7 +248,7 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type) } else { - OPENSSL_PUT_ERROR(X509, X509_load_crl_file, X509_R_BAD_X509_FILETYPE); + OPENSSL_PUT_ERROR(X509, X509_R_BAD_X509_FILETYPE); goto err; } err: @@ -268,13 +268,13 @@ int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type) return X509_load_cert_file(ctx, file, type); in = BIO_new_file(file, "r"); if(!in) { - OPENSSL_PUT_ERROR(X509, X509_load_cert_crl_file, ERR_R_SYS_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_SYS_LIB); return 0; } inf = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL); BIO_free(in); if(!inf) { - OPENSSL_PUT_ERROR(X509, X509_load_cert_crl_file, ERR_R_PEM_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_PEM_LIB); return 0; } for(i = 0; i < sk_X509_INFO_num(inf); i++) { diff --git a/src/crypto/x509/i2d_pr.c b/src/crypto/x509/i2d_pr.c index 443ca53..e7f4269 100644 --- a/src/crypto/x509/i2d_pr.c +++ b/src/crypto/x509/i2d_pr.c @@ -78,7 +78,7 @@ int i2d_PrivateKey(const EVP_PKEY *a, unsigned char **pp) } /* Although this file is in crypto/x509 for layering reasons, it emits * an error code from ASN1 for OpenSSL compatibility. */ - OPENSSL_PUT_ERROR(ASN1, i2d_PrivateKey, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); + OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); return -1; } diff --git a/src/crypto/x509/pkcs7.c b/src/crypto/x509/pkcs7.c index 99ee3da..2087f94 100644 --- a/src/crypto/x509/pkcs7.c +++ b/src/crypto/x509/pkcs7.c @@ -57,8 +57,7 @@ static int pkcs7_parse_header(uint8_t **der_bytes, CBS *out, CBS *cbs) { } if (OBJ_cbs2nid(&content_type) != NID_pkcs7_signed) { - OPENSSL_PUT_ERROR(X509, pkcs7_parse_header, - X509_R_NOT_PKCS7_SIGNED_DATA); + OPENSSL_PUT_ERROR(X509, X509_R_NOT_PKCS7_SIGNED_DATA); goto err; } @@ -73,8 +72,7 @@ static int pkcs7_parse_header(uint8_t **der_bytes, CBS *out, CBS *cbs) { } if (version < 1) { - OPENSSL_PUT_ERROR(X509, pkcs7_parse_header, - X509_R_BAD_PKCS7_VERSION); + OPENSSL_PUT_ERROR(X509, X509_R_BAD_PKCS7_VERSION); goto err; } @@ -103,8 +101,7 @@ int PKCS7_get_certificates(STACK_OF(X509) *out_certs, CBS *cbs) { /* See https://tools.ietf.org/html/rfc2315#section-9.1 */ if (!CBS_get_asn1(&signed_data, &certificates, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0)) { - OPENSSL_PUT_ERROR(X509, PKCS7_get_certificates, - X509_R_NO_CERTIFICATES_INCLUDED); + OPENSSL_PUT_ERROR(X509, X509_R_NO_CERTIFICATES_INCLUDED); goto err; } @@ -171,8 +168,7 @@ int PKCS7_get_CRLs(STACK_OF(X509_CRL) *out_crls, CBS *cbs) { if (!CBS_get_asn1(&signed_data, &crls, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 1)) { - OPENSSL_PUT_ERROR(X509, PKCS7_get_CRLs, - X509_R_NO_CRLS_INCLUDED); + OPENSSL_PUT_ERROR(X509, X509_R_NO_CRLS_INCLUDED); goto err; } diff --git a/src/crypto/x509/t_crl.c b/src/crypto/x509/t_crl.c index 93a7afb..a2d8bc7 100644 --- a/src/crypto/x509/t_crl.c +++ b/src/crypto/x509/t_crl.c @@ -70,7 +70,7 @@ int X509_CRL_print_fp(FILE *fp, X509_CRL *x) if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(X509, X509_CRL_print_fp, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); diff --git a/src/crypto/x509/t_req.c b/src/crypto/x509/t_req.c new file mode 100644 index 0000000..39c836c --- /dev/null +++ b/src/crypto/x509/t_req.c @@ -0,0 +1,246 @@ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ + +#include + +#include +#include +#include +#include +#include +#include + + +int X509_REQ_print_fp(FILE *fp, X509_REQ *x) { + BIO *bio = BIO_new(BIO_s_file()); + if (bio == NULL) { + OPENSSL_PUT_ERROR(X509, ERR_R_BUF_LIB); + return 0; + } + + BIO_set_fp(bio, fp, BIO_NOCLOSE); + int ret = X509_REQ_print(bio, x); + BIO_free(bio); + return ret; +} + +int X509_REQ_print_ex(BIO *bio, X509_REQ *x, unsigned long nmflags, + unsigned long cflag) { + long l; + EVP_PKEY *pkey; + STACK_OF(X509_ATTRIBUTE) * sk; + char mlch = ' '; + + int nmindent = 0; + + if ((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) { + mlch = '\n'; + nmindent = 12; + } + + if (nmflags == X509_FLAG_COMPAT) { + nmindent = 16; + } + + X509_REQ_INFO *ri = x->req_info; + if (!(cflag & X509_FLAG_NO_HEADER)) { + if (BIO_write(bio, "Certificate Request:\n", 21) <= 0 || + BIO_write(bio, " Data:\n", 10) <= 0) { + goto err; + } + } + if (!(cflag & X509_FLAG_NO_VERSION)) { + l = X509_REQ_get_version(x); + if (BIO_printf(bio, "%8sVersion: %ld (0x%lx)\n", "", l + 1, l) <= 0) { + goto err; + } + } + if (!(cflag & X509_FLAG_NO_SUBJECT)) { + if (BIO_printf(bio, " Subject:%c", mlch) <= 0 || + X509_NAME_print_ex(bio, ri->subject, nmindent, nmflags) < 0 || + BIO_write(bio, "\n", 1) <= 0) { + goto err; + } + } + if (!(cflag & X509_FLAG_NO_PUBKEY)) { + if (BIO_write(bio, " Subject Public Key Info:\n", 33) <= 0 || + BIO_printf(bio, "%12sPublic Key Algorithm: ", "") <= 0 || + i2a_ASN1_OBJECT(bio, ri->pubkey->algor->algorithm) <= 0 || + BIO_puts(bio, "\n") <= 0) { + goto err; + } + + pkey = X509_REQ_get_pubkey(x); + if (pkey == NULL) { + BIO_printf(bio, "%12sUnable to load Public Key\n", ""); + ERR_print_errors(bio); + } else { + EVP_PKEY_print_public(bio, pkey, 16, NULL); + EVP_PKEY_free(pkey); + } + } + + if (!(cflag & X509_FLAG_NO_ATTRIBUTES)) { + if (BIO_printf(bio, "%8sAttributes:\n", "") <= 0) { + goto err; + } + + sk = x->req_info->attributes; + if (sk_X509_ATTRIBUTE_num(sk) == 0) { + if (BIO_printf(bio, "%12sa0:00\n", "") <= 0) { + goto err; + } + } else { + size_t i; + for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) { + X509_ATTRIBUTE *a = sk_X509_ATTRIBUTE_value(sk, i); + ASN1_OBJECT *aobj = X509_ATTRIBUTE_get0_object(a); + + if (X509_REQ_extension_nid(OBJ_obj2nid(aobj))) { + continue; + } + + if (BIO_printf(bio, "%12s", "") <= 0) { + goto err; + } + + const int num_attrs = X509_ATTRIBUTE_count(a); + const int obj_str_len = i2a_ASN1_OBJECT(bio, aobj); + if (obj_str_len <= 0) { + if (BIO_puts(bio, "(Unable to print attribute ID.)\n") < 0) { + goto err; + } else { + continue; + } + } + + int j; + for (j = 0; j < num_attrs; j++) { + const ASN1_TYPE *at = X509_ATTRIBUTE_get0_type(a, j); + const int type = at->type; + ASN1_BIT_STRING *bs = at->value.asn1_string; + + int k; + for (k = 25 - obj_str_len; k > 0; k--) { + if (BIO_write(bio, " ", 1) != 1) { + goto err; + } + } + + if (BIO_puts(bio, ":") <= 0) { + goto err; + } + + if (type == V_ASN1_PRINTABLESTRING || + type == V_ASN1_UTF8STRING || + type == V_ASN1_IA5STRING || + type == V_ASN1_T61STRING) { + if (BIO_write(bio, (char *)bs->data, bs->length) != bs->length) { + goto err; + } + BIO_puts(bio, "\n"); + } else { + BIO_puts(bio, "unable to print attribute\n"); + } + } + } + } + } + + if (!(cflag & X509_FLAG_NO_EXTENSIONS)) { + STACK_OF(X509_EXTENSION) *exts = X509_REQ_get_extensions(x); + if (exts) { + BIO_printf(bio, "%8sRequested Extensions:\n", ""); + + size_t i; + for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) { + X509_EXTENSION *ex = sk_X509_EXTENSION_value(exts, i); + if (BIO_printf(bio, "%12s", "") <= 0) { + goto err; + } + ASN1_OBJECT *obj = X509_EXTENSION_get_object(ex); + i2a_ASN1_OBJECT(bio, obj); + const int is_critical = X509_EXTENSION_get_critical(ex); + if (BIO_printf(bio, ": %s\n", is_critical ? "critical" : "") <= 0) { + goto err; + } + if (!X509V3_EXT_print(bio, ex, cflag, 16)) { + BIO_printf(bio, "%16s", ""); + ASN1_STRING_print(bio, X509_EXTENSION_get_data(ex)); + } + if (BIO_write(bio, "\n", 1) <= 0) { + goto err; + } + } + sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); + } + } + + if (!(cflag & X509_FLAG_NO_SIGDUMP) && + !X509_signature_print(bio, x->sig_alg, x->signature)) { + goto err; + } + + return 1; + +err: + OPENSSL_PUT_ERROR(X509, ERR_R_BUF_LIB); + return 0; +} + +int X509_REQ_print(BIO *bio, X509_REQ *req) { + return X509_REQ_print_ex(bio, req, XN_FLAG_COMPAT, X509_FLAG_COMPAT); +} diff --git a/src/crypto/x509/t_x509.c b/src/crypto/x509/t_x509.c index 2b9a421..7785ebf 100644 --- a/src/crypto/x509/t_x509.c +++ b/src/crypto/x509/t_x509.c @@ -74,7 +74,7 @@ int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag, unsigned long cfla if ((b=BIO_new(BIO_s_file())) == NULL) { - OPENSSL_PUT_ERROR(X509, X509_print_ex_fp, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_BUF_LIB); return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); @@ -493,7 +493,7 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) if (0) { err: - OPENSSL_PUT_ERROR(X509, X509_NAME_print, ERR_R_BUF_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_BUF_LIB); } OPENSSL_free(b); return(ret); diff --git a/src/crypto/x509/x509_att.c b/src/crypto/x509/x509_att.c index 90e7810..1491484 100644 --- a/src/crypto/x509/x509_att.c +++ b/src/crypto/x509/x509_att.c @@ -124,7 +124,7 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, if (x == NULL) { - OPENSSL_PUT_ERROR(X509, X509at_add1_attr, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(X509, ERR_R_PASSED_NULL_PARAMETER); goto err2; } @@ -144,7 +144,7 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, *x=sk; return(sk); err: - OPENSSL_PUT_ERROR(X509, X509at_add1_attr, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); err2: if (new_attr != NULL) X509_ATTRIBUTE_free(new_attr); if (sk != NULL) sk_X509_ATTRIBUTE_free(sk); @@ -214,7 +214,7 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, obj=OBJ_nid2obj(nid); if (obj == NULL) { - OPENSSL_PUT_ERROR(X509, X509_ATTRIBUTE_create_by_NID, X509_R_UNKNOWN_NID); + OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_NID); return(NULL); } return X509_ATTRIBUTE_create_by_OBJ(attr,obj,atrtype,data,len); @@ -229,7 +229,7 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, { if ((ret=X509_ATTRIBUTE_new()) == NULL) { - OPENSSL_PUT_ERROR(X509, X509_ATTRIBUTE_create_by_OBJ, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return(NULL); } } @@ -258,7 +258,7 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, obj=OBJ_txt2obj(atrname, 0); if (obj == NULL) { - OPENSSL_PUT_ERROR(X509, X509_ATTRIBUTE_create_by_txt, X509_R_INVALID_FIELD_NAME); + OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_NAME); ERR_add_error_data(2, "name=", atrname); return(NULL); } @@ -286,7 +286,7 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *dat stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype, OBJ_obj2nid(attr->object)); if(!stmp) { - OPENSSL_PUT_ERROR(X509, X509_ATTRIBUTE_set1_data, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_ASN1_LIB); return 0; } atype = stmp->type; @@ -314,7 +314,7 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *dat if(!sk_ASN1_TYPE_push(attr->value.set, ttmp)) goto err; return 1; err: - OPENSSL_PUT_ERROR(X509, X509_ATTRIBUTE_set1_data, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return 0; } @@ -338,7 +338,7 @@ void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, ttmp = X509_ATTRIBUTE_get0_type(attr, idx); if(!ttmp) return NULL; if(atrtype != ASN1_TYPE_get(ttmp)){ - OPENSSL_PUT_ERROR(X509, X509_ATTRIBUTE_get0_data, X509_R_WRONG_TYPE); + OPENSSL_PUT_ERROR(X509, X509_R_WRONG_TYPE); return NULL; } return ttmp->value.ptr; diff --git a/src/crypto/x509/x509_cmp.c b/src/crypto/x509/x509_cmp.c index 712e36b..0e35f3e 100644 --- a/src/crypto/x509/x509_cmp.c +++ b/src/crypto/x509/x509_cmp.c @@ -333,13 +333,13 @@ int X509_check_private_key(X509 *x, EVP_PKEY *k) case 1: break; case 0: - OPENSSL_PUT_ERROR(X509, X509_check_private_key, X509_R_KEY_VALUES_MISMATCH); + OPENSSL_PUT_ERROR(X509, X509_R_KEY_VALUES_MISMATCH); break; case -1: - OPENSSL_PUT_ERROR(X509, X509_check_private_key, X509_R_KEY_TYPE_MISMATCH); + OPENSSL_PUT_ERROR(X509, X509_R_KEY_TYPE_MISMATCH); break; case -2: - OPENSSL_PUT_ERROR(X509, X509_check_private_key, X509_R_UNKNOWN_KEY_TYPE); + OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_KEY_TYPE); } if (xk) EVP_PKEY_free(xk); diff --git a/src/crypto/x509/x509_lu.c b/src/crypto/x509/x509_lu.c index a662305..6d7bc26 100644 --- a/src/crypto/x509/x509_lu.c +++ b/src/crypto/x509/x509_lu.c @@ -345,7 +345,7 @@ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x) obj=(X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT)); if (obj == NULL) { - OPENSSL_PUT_ERROR(X509, X509_STORE_add_cert, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return 0; } obj->type=X509_LU_X509; @@ -359,7 +359,7 @@ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x) { X509_OBJECT_free_contents(obj); OPENSSL_free(obj); - OPENSSL_PUT_ERROR(X509, X509_STORE_add_cert, X509_R_CERT_ALREADY_IN_HASH_TABLE); + OPENSSL_PUT_ERROR(X509, X509_R_CERT_ALREADY_IN_HASH_TABLE); ret=0; } else sk_X509_OBJECT_push(ctx->objs, obj); @@ -378,7 +378,7 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x) obj=(X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT)); if (obj == NULL) { - OPENSSL_PUT_ERROR(X509, X509_STORE_add_crl, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return 0; } obj->type=X509_LU_CRL; @@ -392,7 +392,7 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x) { X509_OBJECT_free_contents(obj); OPENSSL_free(obj); - OPENSSL_PUT_ERROR(X509, X509_STORE_add_crl, X509_R_CERT_ALREADY_IN_HASH_TABLE); + OPENSSL_PUT_ERROR(X509, X509_R_CERT_ALREADY_IN_HASH_TABLE); ret=0; } else sk_X509_OBJECT_push(ctx->objs, obj); @@ -410,7 +410,7 @@ void X509_OBJECT_up_ref_count(X509_OBJECT *a) X509_up_ref(a->data.x509); break; case X509_LU_CRL: - CRYPTO_refcount_inc(&a->data.crl->references); + X509_CRL_up_ref(a->data.crl); break; } } @@ -572,7 +572,7 @@ STACK_OF(X509_CRL)* X509_STORE_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm) { obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx); x = obj->data.crl; - CRYPTO_refcount_inc(&x->references); + X509_CRL_up_ref(x); if (!sk_X509_CRL_push(sk, x)) { CRYPTO_MUTEX_unlock(&ctx->ctx->objs_lock); @@ -641,7 +641,7 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) if (ok == X509_LU_RETRY) { X509_OBJECT_free_contents(&obj); - OPENSSL_PUT_ERROR(X509, X509_STORE_CTX_get1_issuer, X509_R_SHOULD_RETRY); + OPENSSL_PUT_ERROR(X509, X509_R_SHOULD_RETRY); return -1; } else if (ok != X509_LU_FAIL) diff --git a/src/crypto/x509/x509_obj.c b/src/crypto/x509/x509_obj.c index 914e0de..b6f0816 100644 --- a/src/crypto/x509/x509_obj.c +++ b/src/crypto/x509/x509_obj.c @@ -184,7 +184,7 @@ char *X509_NAME_oneline(X509_NAME *a, char *buf, int len) *p = '\0'; return(p); err: - OPENSSL_PUT_ERROR(X509, X509_NAME_oneline, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); if (b != NULL) BUF_MEM_free(b); return(NULL); } diff --git a/src/crypto/x509/x509_r2x.c b/src/crypto/x509/x509_r2x.c index 3c8e9c0..85979ac 100644 --- a/src/crypto/x509/x509_r2x.c +++ b/src/crypto/x509/x509_r2x.c @@ -72,7 +72,7 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey) if ((ret=X509_new()) == NULL) { - OPENSSL_PUT_ERROR(X509, X509_REQ_to_X509, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); goto err; } diff --git a/src/crypto/x509/x509_req.c b/src/crypto/x509/x509_req.c index 2732d6e..01c5113 100644 --- a/src/crypto/x509/x509_req.c +++ b/src/crypto/x509/x509_req.c @@ -77,7 +77,7 @@ X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) ret=X509_REQ_new(); if (ret == NULL) { - OPENSSL_PUT_ERROR(X509, X509_to_X509_REQ, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); goto err; } @@ -128,24 +128,24 @@ int X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k) ok=1; break; case 0: - OPENSSL_PUT_ERROR(X509, X509_REQ_check_private_key, X509_R_KEY_VALUES_MISMATCH); + OPENSSL_PUT_ERROR(X509, X509_R_KEY_VALUES_MISMATCH); break; case -1: - OPENSSL_PUT_ERROR(X509, X509_REQ_check_private_key, X509_R_KEY_TYPE_MISMATCH); + OPENSSL_PUT_ERROR(X509, X509_R_KEY_TYPE_MISMATCH); break; case -2: if (k->type == EVP_PKEY_EC) { - OPENSSL_PUT_ERROR(X509, X509_REQ_check_private_key, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_EC_LIB); break; } if (k->type == EVP_PKEY_DH) { /* No idea */ - OPENSSL_PUT_ERROR(X509, X509_REQ_check_private_key, X509_R_CANT_CHECK_DH_KEY); + OPENSSL_PUT_ERROR(X509, X509_R_CANT_CHECK_DH_KEY); break; } - OPENSSL_PUT_ERROR(X509, X509_REQ_check_private_key, X509_R_UNKNOWN_KEY_TYPE); + OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_KEY_TYPE); } EVP_PKEY_free(xk); diff --git a/src/crypto/x509/x509_trs.c b/src/crypto/x509/x509_trs.c index 9b7cc9c..820e605 100644 --- a/src/crypto/x509/x509_trs.c +++ b/src/crypto/x509/x509_trs.c @@ -156,7 +156,7 @@ int X509_TRUST_get_by_id(int id) int X509_TRUST_set(int *t, int trust) { if(X509_TRUST_get_by_id(trust) == -1) { - OPENSSL_PUT_ERROR(X509, X509_TRUST_set, X509_R_INVALID_TRUST); + OPENSSL_PUT_ERROR(X509, X509_R_INVALID_TRUST); return 0; } *t = trust; @@ -179,7 +179,7 @@ int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), /* Need a new entry */ if(idx == -1) { if(!(trtmp = OPENSSL_malloc(sizeof(X509_TRUST)))) { - OPENSSL_PUT_ERROR(X509, X509_TRUST_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return 0; } trtmp->flags = X509_TRUST_DYNAMIC; @@ -188,7 +188,7 @@ int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), /* Duplicate the supplied name. */ name_dup = BUF_strdup(name); if (name_dup == NULL) { - OPENSSL_PUT_ERROR(X509, X509_TRUST_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); if (idx == -1) OPENSSL_free(trtmp); return 0; @@ -210,12 +210,12 @@ int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), /* If its a new entry manage the dynamic table */ if(idx == -1) { if(!trtable && !(trtable = sk_X509_TRUST_new(tr_cmp))) { - OPENSSL_PUT_ERROR(X509, X509_TRUST_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); trtable_free(trtmp); return 0; } if (!sk_X509_TRUST_push(trtable, trtmp)) { - OPENSSL_PUT_ERROR(X509, X509_TRUST_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); trtable_free(trtmp); return 0; } diff --git a/src/crypto/x509/x509_v3.c b/src/crypto/x509/x509_v3.c index 0fc9a9a..b042985 100644 --- a/src/crypto/x509/x509_v3.c +++ b/src/crypto/x509/x509_v3.c @@ -147,7 +147,7 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, if (x == NULL) { - OPENSSL_PUT_ERROR(X509, X509v3_add_ext, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(X509, ERR_R_PASSED_NULL_PARAMETER); goto err2; } @@ -171,7 +171,7 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, *x=sk; return(sk); err: - OPENSSL_PUT_ERROR(X509, X509v3_add_ext, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); err2: if (new_ex != NULL) X509_EXTENSION_free(new_ex); if (sk != NULL) sk_X509_EXTENSION_free(sk); @@ -187,7 +187,7 @@ X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, int nid, obj=OBJ_nid2obj(nid); if (obj == NULL) { - OPENSSL_PUT_ERROR(X509, X509_EXTENSION_create_by_NID, X509_R_UNKNOWN_NID); + OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_NID); return(NULL); } ret=X509_EXTENSION_create_by_OBJ(ex,obj,crit,data); @@ -203,7 +203,7 @@ X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, { if ((ret=X509_EXTENSION_new()) == NULL) { - OPENSSL_PUT_ERROR(X509, X509_EXTENSION_create_by_OBJ, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return(NULL); } } diff --git a/src/crypto/x509/x509_vfy.c b/src/crypto/x509/x509_vfy.c index f53f279..5d856f0 100644 --- a/src/crypto/x509/x509_vfy.c +++ b/src/crypto/x509/x509_vfy.c @@ -72,7 +72,8 @@ #include "../internal.h" -static CRYPTO_EX_DATA_CLASS g_ex_data_class = CRYPTO_EX_DATA_CLASS_INIT; +static CRYPTO_EX_DATA_CLASS g_ex_data_class = + CRYPTO_EX_DATA_CLASS_INIT_WITH_APP_DATA; /* CRL score values */ @@ -201,7 +202,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) STACK_OF(X509) *sktmp=NULL; if (ctx->cert == NULL) { - OPENSSL_PUT_ERROR(X509, X509_verify_cert, X509_R_NO_CERT_SET_FOR_US_TO_VERIFY); + OPENSSL_PUT_ERROR(X509, X509_R_NO_CERT_SET_FOR_US_TO_VERIFY); return -1; } @@ -214,7 +215,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) if ( ((ctx->chain=sk_X509_new_null()) == NULL) || (!sk_X509_push(ctx->chain,ctx->cert))) { - OPENSSL_PUT_ERROR(X509, X509_verify_cert, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); goto end; } X509_up_ref(ctx->cert); @@ -225,7 +226,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) if (ctx->untrusted != NULL && (sktmp=sk_X509_dup(ctx->untrusted)) == NULL) { - OPENSSL_PUT_ERROR(X509, X509_verify_cert, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); goto end; } @@ -251,7 +252,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) { ok = ctx->get_issuer(&xtmp, ctx, x); if (ok < 0) - return ok; + goto end; /* If successful for now free up cert so it * will be picked up again later. */ @@ -270,10 +271,10 @@ int X509_verify_cert(X509_STORE_CTX *ctx) { if (!sk_X509_push(ctx->chain,xtmp)) { - OPENSSL_PUT_ERROR(X509, X509_verify_cert, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); goto end; } - CRYPTO_refcount_inc(&xtmp->references); + X509_up_ref(xtmp); (void)sk_X509_delete_ptr(sktmp,xtmp); ctx->last_untrusted++; x=xtmp; @@ -349,15 +350,16 @@ int X509_verify_cert(X509_STORE_CTX *ctx) ok = ctx->get_issuer(&xtmp, ctx, x); - if (ok < 0) return ok; + if (ok < 0) goto end; if (ok == 0) break; x = xtmp; if (!sk_X509_push(ctx->chain,x)) { X509_free(xtmp); - OPENSSL_PUT_ERROR(X509, X509_verify_cert, ERR_R_MALLOC_FAILURE); - return 0; + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + ok = 0; + goto end; } num++; } @@ -990,7 +992,7 @@ static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl, *pissuer = best_crl_issuer; *pscore = best_score; *preasons = best_reasons; - CRYPTO_refcount_inc(&best_crl->references); + X509_CRL_up_ref(best_crl); if (*pdcrl) { X509_CRL_free(*pdcrl); @@ -1097,7 +1099,7 @@ static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pscore, { if (check_crl_time(ctx, delta, 0)) *pscore |= CRL_SCORE_TIME_DELTA; - CRYPTO_refcount_inc(&delta->references); + X509_CRL_up_ref(delta); *dcrl = delta; return; } @@ -1634,7 +1636,7 @@ static int check_policy(X509_STORE_CTX *ctx) ctx->param->policies, ctx->param->flags); if (ret == 0) { - OPENSSL_PUT_ERROR(X509, check_policy, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return 0; } /* Invalid or inconsistent extensions */ @@ -1983,44 +1985,44 @@ X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer, /* CRLs can't be delta already */ if (base->base_crl_number || newer->base_crl_number) { - OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_CRL_ALREADY_DELTA); + OPENSSL_PUT_ERROR(X509, X509_R_CRL_ALREADY_DELTA); return NULL; } /* Base and new CRL must have a CRL number */ if (!base->crl_number || !newer->crl_number) { - OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_NO_CRL_NUMBER); + OPENSSL_PUT_ERROR(X509, X509_R_NO_CRL_NUMBER); return NULL; } /* Issuer names must match */ if (X509_NAME_cmp(X509_CRL_get_issuer(base), X509_CRL_get_issuer(newer))) { - OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_ISSUER_MISMATCH); + OPENSSL_PUT_ERROR(X509, X509_R_ISSUER_MISMATCH); return NULL; } /* AKID and IDP must match */ if (!crl_extension_match(base, newer, NID_authority_key_identifier)) { - OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_AKID_MISMATCH); + OPENSSL_PUT_ERROR(X509, X509_R_AKID_MISMATCH); return NULL; } if (!crl_extension_match(base, newer, NID_issuing_distribution_point)) { - OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_IDP_MISMATCH); + OPENSSL_PUT_ERROR(X509, X509_R_IDP_MISMATCH); return NULL; } /* Newer CRL number must exceed full CRL number */ if (ASN1_INTEGER_cmp(newer->crl_number, base->crl_number) <= 0) { - OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_NEWER_CRL_NOT_NEWER); + OPENSSL_PUT_ERROR(X509, X509_R_NEWER_CRL_NOT_NEWER); return NULL; } /* CRLs must verify */ if (skey && (X509_CRL_verify(base, skey) <= 0 || X509_CRL_verify(newer, skey) <= 0)) { - OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_CRL_VERIFY_FAILURE); + OPENSSL_PUT_ERROR(X509, X509_R_CRL_VERIFY_FAILURE); return NULL; } /* Create new CRL */ @@ -2085,7 +2087,7 @@ X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer, return crl; memerr: - OPENSSL_PUT_ERROR(X509, X509_CRL_diff, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); if (crl) X509_CRL_free(crl); return NULL; @@ -2210,7 +2212,7 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, idx = X509_PURPOSE_get_by_id(purpose); if (idx == -1) { - OPENSSL_PUT_ERROR(X509, X509_STORE_CTX_purpose_inherit, X509_R_UNKNOWN_PURPOSE_ID); + OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_PURPOSE_ID); return 0; } ptmp = X509_PURPOSE_get0(idx); @@ -2219,7 +2221,7 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, idx = X509_PURPOSE_get_by_id(def_purpose); if (idx == -1) { - OPENSSL_PUT_ERROR(X509, X509_STORE_CTX_purpose_inherit, X509_R_UNKNOWN_PURPOSE_ID); + OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_PURPOSE_ID); return 0; } ptmp = X509_PURPOSE_get0(idx); @@ -2232,7 +2234,7 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, idx = X509_TRUST_get_by_id(trust); if (idx == -1) { - OPENSSL_PUT_ERROR(X509, X509_STORE_CTX_purpose_inherit, X509_R_UNKNOWN_TRUST_ID); + OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_TRUST_ID); return 0; } } @@ -2248,7 +2250,7 @@ X509_STORE_CTX *X509_STORE_CTX_new(void) ctx = (X509_STORE_CTX *)OPENSSL_malloc(sizeof(X509_STORE_CTX)); if (!ctx) { - OPENSSL_PUT_ERROR(X509, X509_STORE_CTX_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return NULL; } memset(ctx, 0, sizeof(X509_STORE_CTX)); @@ -2371,7 +2373,7 @@ err: } memset(ctx, 0, sizeof(X509_STORE_CTX)); - OPENSSL_PUT_ERROR(X509, X509_STORE_CTX_init, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return 0; } diff --git a/src/crypto/x509/x509cset.c b/src/crypto/x509/x509cset.c index b526c69..82d61d0 100644 --- a/src/crypto/x509/x509cset.c +++ b/src/crypto/x509/x509cset.c @@ -57,6 +57,8 @@ #include #include +#include "../internal.h" + int X509_CRL_set_version(X509_CRL *x, long version) { @@ -128,6 +130,11 @@ int X509_CRL_sort(X509_CRL *c) return 1; } +void X509_CRL_up_ref(X509_CRL *crl) + { + CRYPTO_refcount_inc(&crl->references); + } + int X509_REVOKED_set_revocationDate(X509_REVOKED *x, ASN1_TIME *tm) { ASN1_TIME *in; diff --git a/src/crypto/x509/x509name.c b/src/crypto/x509/x509name.c index 042d18b..7bb3aa1 100644 --- a/src/crypto/x509/x509name.c +++ b/src/crypto/x509/x509name.c @@ -254,7 +254,7 @@ int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne, int loc, new_name->set=set; if (!sk_X509_NAME_ENTRY_insert(sk,new_name,loc)) { - OPENSSL_PUT_ERROR(X509, X509_NAME_add_entry, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); goto err; } if (inc) @@ -279,7 +279,7 @@ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, obj=OBJ_txt2obj(field, 0); if (obj == NULL) { - OPENSSL_PUT_ERROR(X509, X509_NAME_ENTRY_create_by_txt, X509_R_INVALID_FIELD_NAME); + OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_NAME); ERR_add_error_data(2, "name=", field); return(NULL); } @@ -297,7 +297,7 @@ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, obj=OBJ_nid2obj(nid); if (obj == NULL) { - OPENSSL_PUT_ERROR(X509, X509_NAME_ENTRY_create_by_NID, X509_R_UNKNOWN_NID); + OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_NID); return(NULL); } nentry = X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len); @@ -336,7 +336,7 @@ int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, const ASN1_OBJECT *obj) { if ((ne == NULL) || (obj == NULL)) { - OPENSSL_PUT_ERROR(X509, X509_NAME_ENTRY_set_object, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(X509, ERR_R_PASSED_NULL_PARAMETER); return(0); } ASN1_OBJECT_free(ne->object); diff --git a/src/crypto/x509/x509spki.c b/src/crypto/x509/x509spki.c index 9bab957..ccf93e0 100644 --- a/src/crypto/x509/x509spki.c +++ b/src/crypto/x509/x509spki.c @@ -84,15 +84,15 @@ NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len) if (len <= 0) len = strlen(str); if (!EVP_DecodedLength(&spki_len, len)) { - OPENSSL_PUT_ERROR(X509, NETSCAPE_SPKI_b64_decode, X509_R_BASE64_DECODE_ERROR); + OPENSSL_PUT_ERROR(X509, X509_R_BASE64_DECODE_ERROR); return NULL; } if (!(spki_der = OPENSSL_malloc(spki_len))) { - OPENSSL_PUT_ERROR(X509, NETSCAPE_SPKI_b64_decode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return NULL; } if (!EVP_DecodeBase64(spki_der, &spki_len, spki_len, (const uint8_t *)str, len)) { - OPENSSL_PUT_ERROR(X509, NETSCAPE_SPKI_b64_decode, X509_R_BASE64_DECODE_ERROR); + OPENSSL_PUT_ERROR(X509, X509_R_BASE64_DECODE_ERROR); OPENSSL_free(spki_der); return NULL; } @@ -113,18 +113,18 @@ char * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki) der_len = i2d_NETSCAPE_SPKI(spki, NULL); if (!EVP_EncodedLength(&b64_len, der_len)) { - OPENSSL_PUT_ERROR(X509, NETSCAPE_SPKI_b64_encode, ERR_R_OVERFLOW); + OPENSSL_PUT_ERROR(X509, ERR_R_OVERFLOW); return NULL; } der_spki = OPENSSL_malloc(der_len); if (der_spki == NULL) { - OPENSSL_PUT_ERROR(X509, NETSCAPE_SPKI_b64_encode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return NULL; } b64_str = OPENSSL_malloc(b64_len); if (b64_str == NULL) { OPENSSL_free(der_spki); - OPENSSL_PUT_ERROR(X509, NETSCAPE_SPKI_b64_encode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return NULL; } p = der_spki; diff --git a/src/crypto/x509/x_all.c b/src/crypto/x509/x_all.c index 785fd1e..d7f2d29 100644 --- a/src/crypto/x509/x_all.c +++ b/src/crypto/x509/x_all.c @@ -64,9 +64,6 @@ #include -extern const ASN1_ITEM RSAPrivateKey_it; -extern const ASN1_ITEM RSAPublicKey_it; - int X509_verify(X509 *a, EVP_PKEY *r) { if (X509_ALGOR_cmp(a->sig_alg, a->cert_info->signature)) @@ -144,6 +141,12 @@ int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md) x->signature, x->spkac,pkey,md)); } +int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *x, EVP_PKEY *pkey) + { + return (ASN1_item_verify(ASN1_ITEM_rptr(NETSCAPE_SPKAC), x->sig_algor, + x->signature, x->spkac, pkey)); + } + #ifndef OPENSSL_NO_FP_API X509 *d2i_X509_fp(FILE *fp, X509 **x509) { @@ -239,17 +242,17 @@ int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req) #ifndef OPENSSL_NO_FP_API RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa) { - return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa); + return ASN1_d2i_fp_of(RSA, RSA_new, d2i_RSAPrivateKey, fp, rsa); } int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa) { - return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa); + return ASN1_i2d_fp_of_const(RSA, i2d_RSAPrivateKey, fp, rsa); } RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa) { - return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa); + return ASN1_d2i_fp_of(RSA, RSA_new, d2i_RSAPublicKey, fp, rsa); } RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa) @@ -261,7 +264,7 @@ RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa) int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa) { - return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa); + return ASN1_i2d_fp_of_const(RSA, i2d_RSAPublicKey, fp, rsa); } int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa) @@ -272,17 +275,17 @@ int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa) RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa) { - return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa); + return ASN1_d2i_bio_of(RSA, RSA_new, d2i_RSAPrivateKey, bp, rsa); } int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa) { - return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa); + return ASN1_i2d_bio_of_const(RSA, i2d_RSAPrivateKey, bp, rsa); } RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa) { - return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa); + return ASN1_d2i_bio_of(RSA, RSA_new, d2i_RSAPublicKey, bp, rsa); } @@ -293,7 +296,7 @@ RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa) int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa) { - return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa); + return ASN1_i2d_bio_of_const(RSA, i2d_RSAPublicKey, bp, rsa); } int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa) diff --git a/src/crypto/x509/x_crl.c b/src/crypto/x509/x_crl.c index 2f41bb1..d516872 100644 --- a/src/crypto/x509/x_crl.c +++ b/src/crypto/x509/x_crl.c @@ -400,7 +400,7 @@ int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev) if(!inf->revoked) inf->revoked = sk_X509_REVOKED_new(X509_REVOKED_cmp); if(!inf->revoked || !sk_X509_REVOKED_push(inf->revoked, rev)) { - OPENSSL_PUT_ERROR(X509, X509_CRL_add0_revoked, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return 0; } inf->enc.modified = 1; diff --git a/src/crypto/x509/x_info.c b/src/crypto/x509/x_info.c index f9e9ab8..be579d7 100644 --- a/src/crypto/x509/x_info.c +++ b/src/crypto/x509/x_info.c @@ -69,7 +69,7 @@ X509_INFO *X509_INFO_new(void) ret=(X509_INFO *)OPENSSL_malloc(sizeof(X509_INFO)); if (ret == NULL) { - OPENSSL_PUT_ERROR(X509, X509_INFO_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return(NULL); } diff --git a/src/crypto/x509/x_name.c b/src/crypto/x509/x_name.c index 5cfb3ae..762756b 100644 --- a/src/crypto/x509/x_name.c +++ b/src/crypto/x509/x_name.c @@ -150,7 +150,7 @@ static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it) return 1; memerr: - OPENSSL_PUT_ERROR(X509, x509_name_ex_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); if (ret) { if (ret->entries) @@ -239,7 +239,7 @@ static int x509_name_ex_d2i(ASN1_VALUE **val, err: if (nm.x != NULL) X509_NAME_free(nm.x); - OPENSSL_PUT_ERROR(X509, x509_name_ex_d2i, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(X509, ERR_R_ASN1_LIB); return 0; } @@ -300,7 +300,7 @@ static int x509_name_encode(X509_NAME *a) memerr: sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s, local_sk_X509_NAME_ENTRY_free); - OPENSSL_PUT_ERROR(X509, x509_name_encode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return -1; } diff --git a/src/crypto/x509/x_pkey.c b/src/crypto/x509/x_pkey.c index 5bc6415..f5e98b8 100644 --- a/src/crypto/x509/x_pkey.c +++ b/src/crypto/x509/x_pkey.c @@ -69,7 +69,7 @@ X509_PKEY *X509_PKEY_new(void) X509_PKEY *ret = OPENSSL_malloc(sizeof(X509_PKEY)); if (ret == NULL) { - OPENSSL_PUT_ERROR(X509, X509_PKEY_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); goto err; } memset(ret, 0, sizeof(X509_PKEY)); diff --git a/src/crypto/x509/x_pubkey.c b/src/crypto/x509/x_pubkey.c index c2e0863..a16edca 100644 --- a/src/crypto/x509/x_pubkey.c +++ b/src/crypto/x509/x_pubkey.c @@ -100,19 +100,19 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) { if (!pkey->ameth->pub_encode(pk, pkey)) { - OPENSSL_PUT_ERROR(X509, X509_PUBKEY_set, X509_R_PUBLIC_KEY_ENCODE_ERROR); + OPENSSL_PUT_ERROR(X509, X509_R_PUBLIC_KEY_ENCODE_ERROR); goto error; } } else { - OPENSSL_PUT_ERROR(X509, X509_PUBKEY_set, X509_R_METHOD_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(X509, X509_R_METHOD_NOT_SUPPORTED); goto error; } } else { - OPENSSL_PUT_ERROR(X509, X509_PUBKEY_set, X509_R_UNSUPPORTED_ALGORITHM); + OPENSSL_PUT_ERROR(X509, X509_R_UNSUPPORTED_ALGORITHM); goto error; } @@ -151,13 +151,13 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) if ((ret = EVP_PKEY_new()) == NULL) { - OPENSSL_PUT_ERROR(X509, X509_PUBKEY_get, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); goto error; } if (!EVP_PKEY_set_type(ret, OBJ_obj2nid(key->algor->algorithm))) { - OPENSSL_PUT_ERROR(X509, X509_PUBKEY_get, X509_R_UNSUPPORTED_ALGORITHM); + OPENSSL_PUT_ERROR(X509, X509_R_UNSUPPORTED_ALGORITHM); goto error; } @@ -165,13 +165,13 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) { if (!ret->ameth->pub_decode(ret, key)) { - OPENSSL_PUT_ERROR(X509, X509_PUBKEY_get, X509_R_PUBLIC_KEY_DECODE_ERROR); + OPENSSL_PUT_ERROR(X509, X509_R_PUBLIC_KEY_DECODE_ERROR); goto error; } } else { - OPENSSL_PUT_ERROR(X509, X509_PUBKEY_get, X509_R_METHOD_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(X509, X509_R_METHOD_NOT_SUPPORTED); goto error; } @@ -262,7 +262,7 @@ int i2d_RSA_PUBKEY(const RSA *a, unsigned char **pp) pktmp = EVP_PKEY_new(); if (!pktmp) { - OPENSSL_PUT_ERROR(X509, i2d_RSA_PUBKEY, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return 0; } EVP_PKEY_set1_RSA(pktmp, (RSA*) a); @@ -301,7 +301,7 @@ int i2d_DSA_PUBKEY(const DSA *a, unsigned char **pp) pktmp = EVP_PKEY_new(); if(!pktmp) { - OPENSSL_PUT_ERROR(X509, i2d_DSA_PUBKEY, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return 0; } EVP_PKEY_set1_DSA(pktmp, (DSA*) a); @@ -338,7 +338,7 @@ int i2d_EC_PUBKEY(const EC_KEY *a, unsigned char **pp) if (!a) return(0); if ((pktmp = EVP_PKEY_new()) == NULL) { - OPENSSL_PUT_ERROR(X509, i2d_EC_PUBKEY, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); return(0); } EVP_PKEY_set1_EC_KEY(pktmp, (EC_KEY*) a); diff --git a/src/crypto/x509/x_x509a.c b/src/crypto/x509/x_x509a.c index e13204b..fb7172b 100644 --- a/src/crypto/x509/x_x509a.c +++ b/src/crypto/x509/x_x509a.c @@ -133,24 +133,44 @@ unsigned char *X509_keyid_get0(X509 *x, int *len) int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj) { - X509_CERT_AUX *aux; - ASN1_OBJECT *objtmp; - if(!(objtmp = OBJ_dup(obj))) return 0; - if(!(aux = aux_get(x))) return 0; - if(!aux->trust - && !(aux->trust = sk_ASN1_OBJECT_new_null())) return 0; - return sk_ASN1_OBJECT_push(aux->trust, objtmp); + ASN1_OBJECT *objtmp = OBJ_dup(obj); + if (objtmp == NULL) + goto err; + X509_CERT_AUX *aux = aux_get(x); + if (aux->trust == NULL) + { + aux->trust = sk_ASN1_OBJECT_new_null(); + if (aux->trust == NULL) + goto err; + } + if (!sk_ASN1_OBJECT_push(aux->trust, objtmp)) + goto err; + return 1; + +err: + ASN1_OBJECT_free(objtmp); + return 0; } int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj) { - X509_CERT_AUX *aux; - ASN1_OBJECT *objtmp; - if(!(objtmp = OBJ_dup(obj))) return 0; - if(!(aux = aux_get(x))) return 0; - if(!aux->reject - && !(aux->reject = sk_ASN1_OBJECT_new_null())) return 0; - return sk_ASN1_OBJECT_push(aux->reject, objtmp); + ASN1_OBJECT *objtmp = OBJ_dup(obj); + if (objtmp == NULL) + goto err; + X509_CERT_AUX *aux = aux_get(x); + if (aux->reject == NULL) + { + aux->reject = sk_ASN1_OBJECT_new_null(); + if (aux->reject == NULL) + goto err; + } + if (!sk_ASN1_OBJECT_push(aux->reject, objtmp)) + goto err; + return 1; + +err: + ASN1_OBJECT_free(objtmp); + return 0; } void X509_trust_clear(X509 *x) diff --git a/src/crypto/x509v3/CMakeLists.txt b/src/crypto/x509v3/CMakeLists.txt index c7e6054..5cc1b49 100644 --- a/src/crypto/x509v3/CMakeLists.txt +++ b/src/crypto/x509v3/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( x509v3 @@ -46,7 +46,7 @@ add_library( add_executable( v3name_test - v3nametest.c + v3name_test.c $ ) @@ -56,7 +56,7 @@ target_link_libraries(v3name_test crypto) add_executable( tab_test - tabtest.c + tab_test.c $ ) diff --git a/src/crypto/x509v3/tab_test.c b/src/crypto/x509v3/tab_test.c new file mode 100644 index 0000000..6b97e91 --- /dev/null +++ b/src/crypto/x509v3/tab_test.c @@ -0,0 +1,103 @@ +/* tabtest.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL + * project 1999. + */ +/* ==================================================================== + * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +/* Simple program to check the ext_dat.h is correct and print out + * problems if it is not. + */ + +#include + +#include +#include +#include + +#if !defined(BORINGSSL_SHARED_LIBRARY) +#include "ext_dat.h" +#endif + +int main(void) +{ +#if !defined(BORINGSSL_SHARED_LIBRARY) + int i, prev = -1, bad = 0; + const X509V3_EXT_METHOD *const *tmp; + CRYPTO_library_init(); + i = sizeof(standard_exts) / sizeof(X509V3_EXT_METHOD *); + if(i != STANDARD_EXTENSION_COUNT) + fprintf(stderr, "Extension number invalid expecting %d\n", i); + tmp = standard_exts; + for(i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++) { + if((*tmp)->ext_nid < prev) bad = 1; + prev = (*tmp)->ext_nid; + + } + if(bad) { + tmp = standard_exts; + fprintf(stderr, "Extensions out of order!\n"); + for(i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++) + printf("%d : %s\n", (*tmp)->ext_nid, OBJ_nid2sn((*tmp)->ext_nid)); + return 1; + } else { + printf("PASS\n"); + return 0; + } +#else + /* TODO(davidben): Fix this test in the shared library build. */ + printf("PASS\n"); + return 0; +#endif +} diff --git a/src/crypto/x509v3/tabtest.c b/src/crypto/x509v3/tabtest.c deleted file mode 100644 index 6b97e91..0000000 --- a/src/crypto/x509v3/tabtest.c +++ /dev/null @@ -1,103 +0,0 @@ -/* tabtest.c */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* Simple program to check the ext_dat.h is correct and print out - * problems if it is not. - */ - -#include - -#include -#include -#include - -#if !defined(BORINGSSL_SHARED_LIBRARY) -#include "ext_dat.h" -#endif - -int main(void) -{ -#if !defined(BORINGSSL_SHARED_LIBRARY) - int i, prev = -1, bad = 0; - const X509V3_EXT_METHOD *const *tmp; - CRYPTO_library_init(); - i = sizeof(standard_exts) / sizeof(X509V3_EXT_METHOD *); - if(i != STANDARD_EXTENSION_COUNT) - fprintf(stderr, "Extension number invalid expecting %d\n", i); - tmp = standard_exts; - for(i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++) { - if((*tmp)->ext_nid < prev) bad = 1; - prev = (*tmp)->ext_nid; - - } - if(bad) { - tmp = standard_exts; - fprintf(stderr, "Extensions out of order!\n"); - for(i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++) - printf("%d : %s\n", (*tmp)->ext_nid, OBJ_nid2sn((*tmp)->ext_nid)); - return 1; - } else { - printf("PASS\n"); - return 0; - } -#else - /* TODO(davidben): Fix this test in the shared library build. */ - printf("PASS\n"); - return 0; -#endif -} diff --git a/src/crypto/x509v3/v3_akey.c b/src/crypto/x509v3/v3_akey.c index f6e6b69..9578a57 100644 --- a/src/crypto/x509v3/v3_akey.c +++ b/src/crypto/x509v3/v3_akey.c @@ -144,7 +144,7 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, } else { - OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_KEYID, X509V3_R_UNKNOWN_OPTION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_OPTION); ERR_add_error_data(2, "name=", cnf->name); return NULL; } @@ -154,7 +154,7 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, { if(ctx && (ctx->flags==CTX_TEST)) return AUTHORITY_KEYID_new(); - OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_KEYID, X509V3_R_NO_ISSUER_CERTIFICATE); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_ISSUER_CERTIFICATE); return NULL; } @@ -167,7 +167,7 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, ikeyid = X509V3_EXT_d2i(ext); if(keyid==2 && !ikeyid) { - OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_KEYID, X509V3_R_UNABLE_TO_GET_ISSUER_KEYID); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNABLE_TO_GET_ISSUER_KEYID); return NULL; } } @@ -178,7 +178,7 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, serial = M_ASN1_INTEGER_dup(X509_get_serialNumber(cert)); if(!isname || !serial) { - OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_KEYID, X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS); goto err; } } @@ -191,7 +191,7 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, || !(gen = GENERAL_NAME_new()) || !sk_GENERAL_NAME_push(gens, gen)) { - OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_KEYID, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); goto err; } gen->type = GEN_DIRNAME; diff --git a/src/crypto/x509v3/v3_alt.c b/src/crypto/x509v3/v3_alt.c index f547316..e639f45 100644 --- a/src/crypto/x509v3/v3_alt.c +++ b/src/crypto/x509v3/v3_alt.c @@ -250,7 +250,7 @@ static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method, CONF_VALUE *cnf; size_t i; if(!(gens = sk_GENERAL_NAME_new_null())) { - OPENSSL_PUT_ERROR(X509V3, v2i_issuer_alt, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { @@ -282,21 +282,21 @@ static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens) size_t j; if(ctx && (ctx->flags == CTX_TEST)) return 1; if(!ctx || !ctx->issuer_cert) { - OPENSSL_PUT_ERROR(X509V3, copy_issuer, X509V3_R_NO_ISSUER_DETAILS); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_ISSUER_DETAILS); goto err; } i = X509_get_ext_by_NID(ctx->issuer_cert, NID_subject_alt_name, -1); if(i < 0) return 1; if(!(ext = X509_get_ext(ctx->issuer_cert, i)) || !(ialt = X509V3_EXT_d2i(ext)) ) { - OPENSSL_PUT_ERROR(X509V3, copy_issuer, X509V3_R_ISSUER_DECODE_ERROR); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_ISSUER_DECODE_ERROR); goto err; } for(j = 0; j < sk_GENERAL_NAME_num(ialt); j++) { gen = sk_GENERAL_NAME_value(ialt, j); if(!sk_GENERAL_NAME_push(gens, gen)) { - OPENSSL_PUT_ERROR(X509V3, copy_issuer, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); goto err; } } @@ -316,7 +316,7 @@ static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method, CONF_VALUE *cnf; size_t i; if(!(gens = sk_GENERAL_NAME_new_null())) { - OPENSSL_PUT_ERROR(X509V3, v2i_subject_alt, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { @@ -354,7 +354,7 @@ static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p) if(ctx != NULL && ctx->flags == CTX_TEST) return 1; if(!ctx || (!ctx->subject_cert && !ctx->subject_req)) { - OPENSSL_PUT_ERROR(X509V3, copy_email, X509V3_R_NO_SUBJECT_DETAILS); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_SUBJECT_DETAILS); goto err; } /* Find the subject name */ @@ -374,14 +374,14 @@ static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p) i--; } if(!email || !(gen = GENERAL_NAME_new())) { - OPENSSL_PUT_ERROR(X509V3, copy_email, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); goto err; } gen->d.ia5 = email; email = NULL; gen->type = GEN_EMAIL; if(!sk_GENERAL_NAME_push(gens, gen)) { - OPENSSL_PUT_ERROR(X509V3, copy_email, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); goto err; } gen = NULL; @@ -405,7 +405,7 @@ GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method, CONF_VALUE *cnf; size_t i; if(!(gens = sk_GENERAL_NAME_new_null())) { - OPENSSL_PUT_ERROR(X509V3, v2i_GENERAL_NAMES, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { @@ -434,7 +434,7 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, if(!value) { - OPENSSL_PUT_ERROR(X509V3, a2i_GENERAL_NAME, X509V3_R_MISSING_VALUE); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_MISSING_VALUE); return NULL; } @@ -445,7 +445,7 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, gen = GENERAL_NAME_new(); if(gen == NULL) { - OPENSSL_PUT_ERROR(X509V3, a2i_GENERAL_NAME, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } } @@ -463,7 +463,7 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, ASN1_OBJECT *obj; if(!(obj = OBJ_txt2obj(value,0))) { - OPENSSL_PUT_ERROR(X509V3, a2i_GENERAL_NAME, X509V3_R_BAD_OBJECT); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_BAD_OBJECT); ERR_add_error_data(2, "value=", value); goto err; } @@ -478,7 +478,7 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, gen->d.ip = a2i_IPADDRESS(value); if(gen->d.ip == NULL) { - OPENSSL_PUT_ERROR(X509V3, a2i_GENERAL_NAME, X509V3_R_BAD_IP_ADDRESS); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_BAD_IP_ADDRESS); ERR_add_error_data(2, "value=", value); goto err; } @@ -487,7 +487,7 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, case GEN_DIRNAME: if (!do_dirname(gen, value, ctx)) { - OPENSSL_PUT_ERROR(X509V3, a2i_GENERAL_NAME, X509V3_R_DIRNAME_ERROR); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_DIRNAME_ERROR); goto err; } break; @@ -495,12 +495,12 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, case GEN_OTHERNAME: if (!do_othername(gen, value, ctx)) { - OPENSSL_PUT_ERROR(X509V3, a2i_GENERAL_NAME, X509V3_R_OTHERNAME_ERROR); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_OTHERNAME_ERROR); goto err; } break; default: - OPENSSL_PUT_ERROR(X509V3, a2i_GENERAL_NAME, X509V3_R_UNSUPPORTED_TYPE); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNSUPPORTED_TYPE); goto err; } @@ -510,7 +510,7 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value, strlen(value))) { - OPENSSL_PUT_ERROR(X509V3, a2i_GENERAL_NAME, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); goto err; } } @@ -538,7 +538,7 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, if(!value) { - OPENSSL_PUT_ERROR(X509V3, v2i_GENERAL_NAME_ex, X509V3_R_MISSING_VALUE); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_MISSING_VALUE); return NULL; } @@ -558,7 +558,7 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, type = GEN_OTHERNAME; else { - OPENSSL_PUT_ERROR(X509V3, v2i_GENERAL_NAME_ex, X509V3_R_UNSUPPORTED_OPTION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNSUPPORTED_OPTION); ERR_add_error_data(2, "name=", name); return NULL; } @@ -604,7 +604,7 @@ static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx) sk = X509V3_get_section(ctx, value); if (!sk) { - OPENSSL_PUT_ERROR(X509V3, do_dirname, X509V3_R_SECTION_NOT_FOUND); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_SECTION_NOT_FOUND); ERR_add_error_data(2, "section=", value); X509_NAME_free(nm); return 0; diff --git a/src/crypto/x509v3/v3_bcons.c b/src/crypto/x509v3/v3_bcons.c index a1381b4..73ef21e 100644 --- a/src/crypto/x509v3/v3_bcons.c +++ b/src/crypto/x509v3/v3_bcons.c @@ -103,7 +103,7 @@ static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, CONF_VALUE *val; size_t i; if(!(bcons = BASIC_CONSTRAINTS_new())) { - OPENSSL_PUT_ERROR(X509V3, v2i_BASIC_CONSTRAINTS, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(values); i++) { @@ -113,7 +113,7 @@ static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, } else if(!strcmp(val->name, "pathlen")) { if(!X509V3_get_value_int(val, &bcons->pathlen)) goto err; } else { - OPENSSL_PUT_ERROR(X509V3, v2i_BASIC_CONSTRAINTS, X509V3_R_INVALID_NAME); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NAME); X509V3_conf_err(val); goto err; } diff --git a/src/crypto/x509v3/v3_bitst.c b/src/crypto/x509v3/v3_bitst.c index 15e9859..e1e2087 100644 --- a/src/crypto/x509v3/v3_bitst.c +++ b/src/crypto/x509v3/v3_bitst.c @@ -112,7 +112,7 @@ ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, size_t i; const BIT_STRING_BITNAME *bnam; if(!(bs = M_ASN1_BIT_STRING_new())) { - OPENSSL_PUT_ERROR(X509V3, v2i_ASN1_BIT_STRING, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { @@ -121,7 +121,7 @@ ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, if(!strcmp(bnam->sname, val->name) || !strcmp(bnam->lname, val->name) ) { if(!ASN1_BIT_STRING_set_bit(bs, bnam->bitnum, 1)) { - OPENSSL_PUT_ERROR(X509V3, v2i_ASN1_BIT_STRING, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); M_ASN1_BIT_STRING_free(bs); return NULL; } @@ -129,7 +129,7 @@ ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, } } if(!bnam->lname) { - OPENSSL_PUT_ERROR(X509V3, v2i_ASN1_BIT_STRING, X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT); X509V3_conf_err(val); M_ASN1_BIT_STRING_free(bs); return NULL; diff --git a/src/crypto/x509v3/v3_conf.c b/src/crypto/x509v3/v3_conf.c index cb6569f..fe71566 100644 --- a/src/crypto/x509v3/v3_conf.c +++ b/src/crypto/x509v3/v3_conf.c @@ -92,7 +92,7 @@ X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name, ret = do_ext_nconf(conf, ctx, OBJ_sn2nid(name), crit, value); if (!ret) { - OPENSSL_PUT_ERROR(X509V3, X509V3_EXT_nconf, X509V3_R_ERROR_IN_EXTENSION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_ERROR_IN_EXTENSION); ERR_add_error_data(4,"name=", name, ", value=", value); } return ret; @@ -123,12 +123,12 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, void *ext_struc; if (ext_nid == NID_undef) { - OPENSSL_PUT_ERROR(X509V3, do_ext_nconf, X509V3_R_UNKNOWN_EXTENSION_NAME); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_EXTENSION_NAME); return NULL; } if (!(method = X509V3_EXT_get_nid(ext_nid))) { - OPENSSL_PUT_ERROR(X509V3, do_ext_nconf, X509V3_R_UNKNOWN_EXTENSION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_EXTENSION); return NULL; } /* Now get internal extension representation based on type */ @@ -138,7 +138,7 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, else nval = X509V3_parse_list(value); if(sk_CONF_VALUE_num(nval) <= 0) { - OPENSSL_PUT_ERROR(X509V3, do_ext_nconf, X509V3_R_INVALID_EXTENSION_STRING); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_EXTENSION_STRING); ERR_add_error_data(4, "name=", OBJ_nid2sn(ext_nid), ",section=", value); return NULL; } @@ -155,14 +155,14 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, { if(!ctx->db || !ctx->db_meth) { - OPENSSL_PUT_ERROR(X509V3, do_ext_nconf, X509V3_R_NO_CONFIG_DATABASE); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_CONFIG_DATABASE); return NULL; } if(!(ext_struc = method->r2i(method, ctx, value))) return NULL; } else { - OPENSSL_PUT_ERROR(X509V3, do_ext_nconf, X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED); ERR_add_error_data(2, "name=", OBJ_nid2sn(ext_nid)); return NULL; } @@ -207,7 +207,7 @@ static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method, int ext_nid, return ext; merr: - OPENSSL_PUT_ERROR(X509V3, do_ext_i2d, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } @@ -218,7 +218,7 @@ X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc) { const X509V3_EXT_METHOD *method; if (!(method = X509V3_EXT_get_nid(ext_nid))) { - OPENSSL_PUT_ERROR(X509V3, X509V3_EXT_i2d, X509V3_R_UNKNOWN_EXTENSION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_EXTENSION); return NULL; } return do_ext_i2d(method, ext_nid, crit, ext_struc); @@ -271,7 +271,7 @@ static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, X509_EXTENSION *extension=NULL; if (!(obj = OBJ_txt2obj(ext, 0))) { - OPENSSL_PUT_ERROR(X509V3, v3_generic_extension, X509V3_R_EXTENSION_NAME_ERROR); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_EXTENSION_NAME_ERROR); ERR_add_error_data(2, "name=", ext); goto err; } @@ -283,14 +283,14 @@ static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, if (ext_der == NULL) { - OPENSSL_PUT_ERROR(X509V3, v3_generic_extension, X509V3_R_EXTENSION_VALUE_ERROR); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_EXTENSION_VALUE_ERROR); ERR_add_error_data(2, "value=", value); goto err; } if (!(oct = M_ASN1_OCTET_STRING_new())) { - OPENSSL_PUT_ERROR(X509V3, v3_generic_extension, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); goto err; } @@ -389,7 +389,7 @@ char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section) { if(!ctx->db || !ctx->db_meth || !ctx->db_meth->get_string) { - OPENSSL_PUT_ERROR(X509V3, X509V3_get_string, X509V3_R_OPERATION_NOT_DEFINED); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_OPERATION_NOT_DEFINED); return NULL; } if (ctx->db_meth->get_string) @@ -401,7 +401,7 @@ STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section) { if(!ctx->db || !ctx->db_meth || !ctx->db_meth->get_section) { - OPENSSL_PUT_ERROR(X509V3, X509V3_get_section, X509V3_R_OPERATION_NOT_DEFINED); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_OPERATION_NOT_DEFINED); return NULL; } if (ctx->db_meth->get_section) diff --git a/src/crypto/x509v3/v3_cpols.c b/src/crypto/x509v3/v3_cpols.c index cbe596b..0b58676 100644 --- a/src/crypto/x509v3/v3_cpols.c +++ b/src/crypto/x509v3/v3_cpols.c @@ -146,19 +146,19 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, int ia5org; pols = sk_POLICYINFO_new_null(); if (pols == NULL) { - OPENSSL_PUT_ERROR(X509V3, r2i_certpol, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } vals = X509V3_parse_list(value); if (vals == NULL) { - OPENSSL_PUT_ERROR(X509V3, r2i_certpol, ERR_R_X509V3_LIB); + OPENSSL_PUT_ERROR(X509V3, ERR_R_X509V3_LIB); goto err; } ia5org = 0; for(i = 0; i < sk_CONF_VALUE_num(vals); i++) { cnf = sk_CONF_VALUE_value(vals, i); if(cnf->value || !cnf->name ) { - OPENSSL_PUT_ERROR(X509V3, r2i_certpol, X509V3_R_INVALID_POLICY_IDENTIFIER); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_POLICY_IDENTIFIER); X509V3_conf_err(cnf); goto err; } @@ -170,7 +170,7 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, STACK_OF(CONF_VALUE) *polsect; polsect = X509V3_get_section(ctx, pstr + 1); if(!polsect) { - OPENSSL_PUT_ERROR(X509V3, r2i_certpol, X509V3_R_INVALID_SECTION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_SECTION); X509V3_conf_err(cnf); goto err; @@ -180,7 +180,7 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, if(!pol) goto err; } else { if(!(pobj = OBJ_txt2obj(cnf->name, 0))) { - OPENSSL_PUT_ERROR(X509V3, r2i_certpol, X509V3_R_INVALID_OBJECT_IDENTIFIER); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(cnf); goto err; } @@ -189,7 +189,7 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, } if (!sk_POLICYINFO_push(pols, pol)){ POLICYINFO_free(pol); - OPENSSL_PUT_ERROR(X509V3, r2i_certpol, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); goto err; } } @@ -214,7 +214,7 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx, if(!strcmp(cnf->name, "policyIdentifier")) { ASN1_OBJECT *pobj; if(!(pobj = OBJ_txt2obj(cnf->value, 0))) { - OPENSSL_PUT_ERROR(X509V3, policy_section, X509V3_R_INVALID_OBJECT_IDENTIFIER); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(cnf); goto err; } @@ -229,7 +229,7 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx, /* TODO(fork): const correctness */ qual->pqualid = (ASN1_OBJECT*) OBJ_nid2obj(NID_id_qt_cps); if (qual->pqualid == NULL) { - OPENSSL_PUT_ERROR(X509V3, policy_section, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(X509V3, ERR_R_INTERNAL_ERROR); goto err; } qual->d.cpsuri = M_ASN1_IA5STRING_new(); @@ -241,13 +241,13 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx, } else if(!name_cmp(cnf->name, "userNotice")) { STACK_OF(CONF_VALUE) *unot; if(*cnf->value != '@') { - OPENSSL_PUT_ERROR(X509V3, policy_section, X509V3_R_EXPECTED_A_SECTION_NAME); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_EXPECTED_A_SECTION_NAME); X509V3_conf_err(cnf); goto err; } unot = X509V3_get_section(ctx, cnf->value + 1); if(!unot) { - OPENSSL_PUT_ERROR(X509V3, policy_section, X509V3_R_INVALID_SECTION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_SECTION); X509V3_conf_err(cnf); goto err; @@ -260,21 +260,21 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx, if(!sk_POLICYQUALINFO_push(pol->qualifiers, qual)) goto merr; } else { - OPENSSL_PUT_ERROR(X509V3, policy_section, X509V3_R_INVALID_OPTION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OPTION); X509V3_conf_err(cnf); goto err; } } if(!pol->policyid) { - OPENSSL_PUT_ERROR(X509V3, policy_section, X509V3_R_NO_POLICY_IDENTIFIER); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_POLICY_IDENTIFIER); goto err; } return pol; merr: - OPENSSL_PUT_ERROR(X509V3, policy_section, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); err: POLICYINFO_free(pol); @@ -296,7 +296,7 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, qual->pqualid = (ASN1_OBJECT *) OBJ_nid2obj(NID_id_qt_unotice); if (qual->pqualid == NULL) { - OPENSSL_PUT_ERROR(X509V3, notice_section, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(X509V3, ERR_R_INTERNAL_ERROR); goto err; } if(!(not = USERNOTICE_new())) goto merr; @@ -328,7 +328,7 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, } else nref = not->noticeref; nos = X509V3_parse_list(cnf->value); if(!nos || !sk_CONF_VALUE_num(nos)) { - OPENSSL_PUT_ERROR(X509V3, notice_section, X509V3_R_INVALID_NUMBERS); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NUMBERS); X509V3_conf_err(cnf); goto err; } @@ -337,7 +337,7 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, if (!ret) goto err; } else { - OPENSSL_PUT_ERROR(X509V3, notice_section, X509V3_R_INVALID_OPTION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OPTION); X509V3_conf_err(cnf); goto err; } @@ -345,14 +345,14 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, if(not->noticeref && (!not->noticeref->noticenos || !not->noticeref->organization)) { - OPENSSL_PUT_ERROR(X509V3, notice_section, X509V3_R_NEED_ORGANIZATION_AND_NUMBERS); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_NEED_ORGANIZATION_AND_NUMBERS); goto err; } return qual; merr: - OPENSSL_PUT_ERROR(X509V3, notice_section, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); err: POLICYQUALINFO_free(qual); @@ -369,7 +369,7 @@ static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos) for(i = 0; i < sk_CONF_VALUE_num(nos); i++) { cnf = sk_CONF_VALUE_value(nos, i); if(!(aint = s2i_ASN1_INTEGER(NULL, cnf->name))) { - OPENSSL_PUT_ERROR(X509V3, nref_nos, X509V3_R_INVALID_NUMBER); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NUMBER); goto err; } if(!sk_ASN1_INTEGER_push(nnums, aint)) goto merr; @@ -377,7 +377,7 @@ static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos) return 1; merr: - OPENSSL_PUT_ERROR(X509V3, nref_nos, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); err: sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free); diff --git a/src/crypto/x509v3/v3_crld.c b/src/crypto/x509v3/v3_crld.c index e41dd65..3984c31 100644 --- a/src/crypto/x509v3/v3_crld.c +++ b/src/crypto/x509v3/v3_crld.c @@ -103,7 +103,7 @@ static STACK_OF(GENERAL_NAME) *gnames_from_sectname(X509V3_CTX *ctx, char *sect) gnsect = X509V3_parse_list(sect); if (!gnsect) { - OPENSSL_PUT_ERROR(X509V3, gnames_from_sectname, X509V3_R_SECTION_NOT_FOUND); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_SECTION_NOT_FOUND); return NULL; } gens = v2i_GENERAL_NAMES(NULL, ctx, gnsect); @@ -136,7 +136,7 @@ static int set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, dnsect = X509V3_get_section(ctx, cnf->value); if (!dnsect) { - OPENSSL_PUT_ERROR(X509V3, set_dist_point_name, X509V3_R_SECTION_NOT_FOUND); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_SECTION_NOT_FOUND); return -1; } ret = X509V3_NAME_from_section(nm, dnsect, MBSTRING_ASC); @@ -152,7 +152,7 @@ static int set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, if (sk_X509_NAME_ENTRY_value(rnm, sk_X509_NAME_ENTRY_num(rnm) - 1)->set) { - OPENSSL_PUT_ERROR(X509V3, set_dist_point_name, X509V3_R_INVALID_MULTIPLE_RDNS); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_MULTIPLE_RDNS); goto err; } } @@ -161,7 +161,7 @@ static int set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, if (*pdp) { - OPENSSL_PUT_ERROR(X509V3, set_dist_point_name, X509V3_R_DISTPOINT_ALREADY_SET); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_DISTPOINT_ALREADY_SET); goto err; } @@ -362,7 +362,7 @@ static void *v2i_crld(const X509V3_EXT_METHOD *method, return crld; merr: - OPENSSL_PUT_ERROR(X509V3, v2i_crld, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); err: GENERAL_NAME_free(gen); GENERAL_NAMES_free(gens); @@ -490,7 +490,7 @@ static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, } else { - OPENSSL_PUT_ERROR(X509V3, v2i_idp, X509V3_R_INVALID_NAME); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NAME); X509V3_conf_err(cnf); goto err; } @@ -498,7 +498,7 @@ static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, return idp; merr: - OPENSSL_PUT_ERROR(X509V3, v2i_idp, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); err: ISSUING_DIST_POINT_free(idp); return NULL; diff --git a/src/crypto/x509v3/v3_extku.c b/src/crypto/x509v3/v3_extku.c index f4b8af8..d64eb9c 100644 --- a/src/crypto/x509v3/v3_extku.c +++ b/src/crypto/x509v3/v3_extku.c @@ -125,7 +125,7 @@ static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, size_t i; if(!(extku = sk_ASN1_OBJECT_new_null())) { - OPENSSL_PUT_ERROR(X509V3, v2i_EXTENDED_KEY_USAGE, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } @@ -135,7 +135,7 @@ static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, else extval = val->name; if(!(objtmp = OBJ_txt2obj(extval, 0))) { sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free); - OPENSSL_PUT_ERROR(X509V3, v2i_EXTENDED_KEY_USAGE, X509V3_R_INVALID_OBJECT_IDENTIFIER); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(val); return NULL; } diff --git a/src/crypto/x509v3/v3_ia5.c b/src/crypto/x509v3/v3_ia5.c index ec57e9b..5a27233 100644 --- a/src/crypto/x509v3/v3_ia5.c +++ b/src/crypto/x509v3/v3_ia5.c @@ -87,7 +87,7 @@ static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, char *tmp; if(!ia5 || !ia5->length) return NULL; if(!(tmp = OPENSSL_malloc(ia5->length + 1))) { - OPENSSL_PUT_ERROR(X509V3, i2s_ASN1_IA5STRING, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } memcpy(tmp, ia5->data, ia5->length); @@ -100,7 +100,7 @@ static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, { ASN1_IA5STRING *ia5; if(!str) { - OPENSSL_PUT_ERROR(X509V3, s2i_ASN1_IA5STRING, X509V3_R_INVALID_NULL_ARGUMENT); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_ARGUMENT); return NULL; } if(!(ia5 = M_ASN1_IA5STRING_new())) goto err; @@ -111,7 +111,7 @@ static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, } return ia5; err: - OPENSSL_PUT_ERROR(X509V3, s2i_ASN1_IA5STRING, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/src/crypto/x509v3/v3_info.c b/src/crypto/x509v3/v3_info.c index 7558b2d..475c56f 100644 --- a/src/crypto/x509v3/v3_info.c +++ b/src/crypto/x509v3/v3_info.c @@ -124,7 +124,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method nlen = strlen(objtmp) + strlen(vtmp->name) + 5; ntmp = OPENSSL_malloc(nlen); if(!ntmp) { - OPENSSL_PUT_ERROR(X509V3, i2v_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } BUF_strlcpy(ntmp, objtmp, nlen); @@ -148,19 +148,19 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *metho int objlen; char *objtmp, *ptmp; if(!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) { - OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { cnf = sk_CONF_VALUE_value(nval, i); if(!(acc = ACCESS_DESCRIPTION_new()) || !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) { - OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); goto err; } ptmp = strchr(cnf->name, ';'); if(!ptmp) { - OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_INFO_ACCESS, X509V3_R_INVALID_SYNTAX); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_SYNTAX); goto err; } objlen = ptmp - cnf->name; @@ -169,14 +169,14 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *metho if(!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0)) goto err; if(!(objtmp = OPENSSL_malloc(objlen + 1))) { - OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); goto err; } strncpy(objtmp, cnf->name, objlen); objtmp[objlen] = 0; acc->method = OBJ_txt2obj(objtmp, 0); if(!acc->method) { - OPENSSL_PUT_ERROR(X509V3, v2i_AUTHORITY_INFO_ACCESS, X509V3_R_BAD_OBJECT); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_BAD_OBJECT); ERR_add_error_data(2, "value=", objtmp); OPENSSL_free(objtmp); goto err; diff --git a/src/crypto/x509v3/v3_lib.c b/src/crypto/x509v3/v3_lib.c index d4e4e78..f8e5531 100644 --- a/src/crypto/x509v3/v3_lib.c +++ b/src/crypto/x509v3/v3_lib.c @@ -78,12 +78,12 @@ static int ext_stack_cmp(const X509V3_EXT_METHOD **a, const X509V3_EXT_METHOD ** int X509V3_EXT_add(X509V3_EXT_METHOD *ext) { if(!ext_list && !(ext_list = sk_X509V3_EXT_METHOD_new(ext_stack_cmp))) { - OPENSSL_PUT_ERROR(X509V3, X509V3_EXT_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); ext_list_free(ext); return 0; } if(!sk_X509V3_EXT_METHOD_push(ext_list, ext)) { - OPENSSL_PUT_ERROR(X509V3, X509V3_EXT_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); ext_list_free(ext); return 0; } @@ -127,7 +127,7 @@ int X509V3_EXT_free(int nid, void *ext_data) const X509V3_EXT_METHOD *ext_method = X509V3_EXT_get_nid(nid); if (ext_method == NULL) { - OPENSSL_PUT_ERROR(X509V3, X509V3_EXT_free, X509V3_R_CANNOT_FIND_FREE_FUNCTION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_CANNOT_FIND_FREE_FUNCTION); return 0; } @@ -137,7 +137,7 @@ int X509V3_EXT_free(int nid, void *ext_data) ext_method->ext_free(ext_data); else { - OPENSSL_PUT_ERROR(X509V3, X509V3_EXT_free, X509V3_R_CANNOT_FIND_FREE_FUNCTION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_CANNOT_FIND_FREE_FUNCTION); return 0; } @@ -157,11 +157,11 @@ int X509V3_EXT_add_alias(int nid_to, int nid_from) X509V3_EXT_METHOD *tmpext; if(!(ext = X509V3_EXT_get_nid(nid_from))) { - OPENSSL_PUT_ERROR(X509V3, X509V3_EXT_add_alias, X509V3_R_EXTENSION_NOT_FOUND); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_EXTENSION_NOT_FOUND); return 0; } if(!(tmpext = (X509V3_EXT_METHOD *)OPENSSL_malloc(sizeof(X509V3_EXT_METHOD)))) { - OPENSSL_PUT_ERROR(X509V3, X509V3_EXT_add_alias, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return 0; } *tmpext = *ext; @@ -311,7 +311,7 @@ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, ext = X509V3_EXT_i2d(nid, crit, value); if(!ext) { - OPENSSL_PUT_ERROR(X509V3, X509V3_add1_i2d, X509V3_R_ERROR_CREATING_EXTENSION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_ERROR_CREATING_EXTENSION); return 0; } @@ -330,6 +330,6 @@ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, err: if(!(flags & X509V3_ADD_SILENT)) - OPENSSL_PUT_ERROR(X509V3, X509V3_add1_i2d, errcode); + OPENSSL_PUT_ERROR(X509V3, errcode); return 0; } diff --git a/src/crypto/x509v3/v3_ncons.c b/src/crypto/x509v3/v3_ncons.c index c42a665..19f5e94 100644 --- a/src/crypto/x509v3/v3_ncons.c +++ b/src/crypto/x509v3/v3_ncons.c @@ -135,7 +135,7 @@ static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, } else { - OPENSSL_PUT_ERROR(X509V3, v2i_NAME_CONSTRAINTS, X509V3_R_INVALID_SYNTAX); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_SYNTAX); goto err; } tval.value = val->value; @@ -152,7 +152,7 @@ static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, return ncons; memerr: - OPENSSL_PUT_ERROR(X509V3, v2i_NAME_CONSTRAINTS, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); err: if (ncons) NAME_CONSTRAINTS_free(ncons); diff --git a/src/crypto/x509v3/v3_pci.c b/src/crypto/x509v3/v3_pci.c index aa93891..f19a37a 100644 --- a/src/crypto/x509v3/v3_pci.c +++ b/src/crypto/x509v3/v3_pci.c @@ -87,13 +87,13 @@ static int process_pci_value(CONF_VALUE *val, { if (*language) { - OPENSSL_PUT_ERROR(X509V3, process_pci_value, X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED); X509V3_conf_err(val); return 0; } if (!(*language = OBJ_txt2obj(val->value, 0))) { - OPENSSL_PUT_ERROR(X509V3, process_pci_value, X509V3_R_INVALID_OBJECT_IDENTIFIER); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(val); return 0; } @@ -102,13 +102,13 @@ static int process_pci_value(CONF_VALUE *val, { if (*pathlen) { - OPENSSL_PUT_ERROR(X509V3, process_pci_value, X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED); X509V3_conf_err(val); return 0; } if (!X509V3_get_value_int(val, pathlen)) { - OPENSSL_PUT_ERROR(X509V3, process_pci_value, X509V3_R_POLICY_PATH_LENGTH); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_POLICY_PATH_LENGTH); X509V3_conf_err(val); return 0; } @@ -122,7 +122,7 @@ static int process_pci_value(CONF_VALUE *val, *policy = ASN1_OCTET_STRING_new(); if (!*policy) { - OPENSSL_PUT_ERROR(X509V3, process_pci_value, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); X509V3_conf_err(val); return 0; } @@ -135,7 +135,7 @@ static int process_pci_value(CONF_VALUE *val, if (!tmp_data2) { - OPENSSL_PUT_ERROR(X509V3, process_pci_value, X509V3_R_ILLEGAL_HEX_DIGIT); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_ILLEGAL_HEX_DIGIT); X509V3_conf_err(val); goto err; } @@ -156,7 +156,7 @@ static int process_pci_value(CONF_VALUE *val, /* realloc failure implies the original data space is b0rked too! */ (*policy)->data = NULL; (*policy)->length = 0; - OPENSSL_PUT_ERROR(X509V3, process_pci_value, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); X509V3_conf_err(val); goto err; } @@ -169,7 +169,7 @@ static int process_pci_value(CONF_VALUE *val, BIO *b = BIO_new_file(val->value + 5, "r"); if (!b) { - OPENSSL_PUT_ERROR(X509V3, process_pci_value, ERR_R_BIO_LIB); + OPENSSL_PUT_ERROR(X509V3, ERR_R_BIO_LIB); X509V3_conf_err(val); goto err; } @@ -194,7 +194,7 @@ static int process_pci_value(CONF_VALUE *val, if (n < 0) { - OPENSSL_PUT_ERROR(X509V3, process_pci_value, ERR_R_BIO_LIB); + OPENSSL_PUT_ERROR(X509V3, ERR_R_BIO_LIB); X509V3_conf_err(val); goto err; } @@ -217,20 +217,20 @@ static int process_pci_value(CONF_VALUE *val, /* realloc failure implies the original data space is b0rked too! */ (*policy)->data = NULL; (*policy)->length = 0; - OPENSSL_PUT_ERROR(X509V3, process_pci_value, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); X509V3_conf_err(val); goto err; } } else { - OPENSSL_PUT_ERROR(X509V3, process_pci_value, X509V3_R_INCORRECT_POLICY_SYNTAX_TAG); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INCORRECT_POLICY_SYNTAX_TAG); X509V3_conf_err(val); goto err; } if (!tmp_data) { - OPENSSL_PUT_ERROR(X509V3, process_pci_value, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); X509V3_conf_err(val); goto err; } @@ -262,7 +262,7 @@ static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method, CONF_VALUE *cnf = sk_CONF_VALUE_value(vals, i); if (!cnf->name || (*cnf->name != '@' && !cnf->value)) { - OPENSSL_PUT_ERROR(X509V3, r2i_pci, X509V3_R_INVALID_PROXY_POLICY_SETTING); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_PROXY_POLICY_SETTING); X509V3_conf_err(cnf); goto err; } @@ -274,7 +274,7 @@ static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method, sect = X509V3_get_section(ctx, cnf->name + 1); if (!sect) { - OPENSSL_PUT_ERROR(X509V3, r2i_pci, X509V3_R_INVALID_SECTION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_SECTION); X509V3_conf_err(cnf); goto err; } @@ -302,20 +302,21 @@ static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method, /* Language is mandatory */ if (!language) { - OPENSSL_PUT_ERROR(X509V3, r2i_pci, X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED); goto err; } nid = OBJ_obj2nid(language); if ((nid == NID_Independent || nid == NID_id_ppl_inheritAll) && policy) { - OPENSSL_PUT_ERROR(X509V3, r2i_pci, X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY); + OPENSSL_PUT_ERROR(X509V3, + X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY); goto err; } pci = PROXY_CERT_INFO_EXTENSION_new(); if (!pci) { - OPENSSL_PUT_ERROR(X509V3, r2i_pci, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); goto err; } diff --git a/src/crypto/x509v3/v3_pcons.c b/src/crypto/x509v3/v3_pcons.c index f87c6a0..b752290 100644 --- a/src/crypto/x509v3/v3_pcons.c +++ b/src/crypto/x509v3/v3_pcons.c @@ -112,7 +112,7 @@ static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method, CONF_VALUE *val; size_t i; if(!(pcons = POLICY_CONSTRAINTS_new())) { - OPENSSL_PUT_ERROR(X509V3, v2i_POLICY_CONSTRAINTS, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(values); i++) { @@ -124,13 +124,13 @@ static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method, if(!X509V3_get_value_int(val, &pcons->inhibitPolicyMapping)) goto err; } else { - OPENSSL_PUT_ERROR(X509V3, v2i_POLICY_CONSTRAINTS, X509V3_R_INVALID_NAME); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NAME); X509V3_conf_err(val); goto err; } } if (!pcons->inhibitPolicyMapping && !pcons->requireExplicitPolicy) { - OPENSSL_PUT_ERROR(X509V3, v2i_POLICY_CONSTRAINTS, X509V3_R_ILLEGAL_EMPTY_EXTENSION); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_ILLEGAL_EMPTY_EXTENSION); goto err; } diff --git a/src/crypto/x509v3/v3_pmaps.c b/src/crypto/x509v3/v3_pmaps.c index fbc169d..5b90977 100644 --- a/src/crypto/x509v3/v3_pmaps.c +++ b/src/crypto/x509v3/v3_pmaps.c @@ -122,7 +122,7 @@ static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, size_t i; if(!(pmaps = sk_POLICY_MAPPING_new_null())) { - OPENSSL_PUT_ERROR(X509V3, v2i_POLICY_MAPPINGS, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } @@ -130,7 +130,7 @@ static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, val = sk_CONF_VALUE_value(nval, i); if(!val->value || !val->name) { sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); - OPENSSL_PUT_ERROR(X509V3, v2i_POLICY_MAPPINGS, X509V3_R_INVALID_OBJECT_IDENTIFIER); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(val); return NULL; } @@ -138,14 +138,14 @@ static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, obj2 = OBJ_txt2obj(val->value, 0); if(!obj1 || !obj2) { sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); - OPENSSL_PUT_ERROR(X509V3, v2i_POLICY_MAPPINGS, X509V3_R_INVALID_OBJECT_IDENTIFIER); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(val); return NULL; } pmap = POLICY_MAPPING_new(); if (!pmap) { sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); - OPENSSL_PUT_ERROR(X509V3, v2i_POLICY_MAPPINGS, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } pmap->issuerDomainPolicy = obj1; diff --git a/src/crypto/x509v3/v3_purp.c b/src/crypto/x509v3/v3_purp.c index 8ae8a06..f53c0f1 100644 --- a/src/crypto/x509v3/v3_purp.c +++ b/src/crypto/x509v3/v3_purp.c @@ -128,7 +128,7 @@ int X509_check_purpose(X509 *x, int id, int ca) int X509_PURPOSE_set(int *p, int purpose) { if(X509_PURPOSE_get_by_id(purpose) == -1) { - OPENSSL_PUT_ERROR(X509V3, X509_PURPOSE_set, X509V3_R_INVALID_PURPOSE); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_PURPOSE); return 0; } *p = purpose; @@ -191,7 +191,7 @@ int X509_PURPOSE_add(int id, int trust, int flags, /* Need a new entry */ if(idx == -1) { if(!(ptmp = OPENSSL_malloc(sizeof(X509_PURPOSE)))) { - OPENSSL_PUT_ERROR(X509V3, X509_PURPOSE_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return 0; } ptmp->flags = X509_PURPOSE_DYNAMIC; @@ -201,7 +201,7 @@ int X509_PURPOSE_add(int id, int trust, int flags, name_dup = BUF_strdup(name); sname_dup = BUF_strdup(sname); if (name_dup == NULL || sname_dup == NULL) { - OPENSSL_PUT_ERROR(X509V3, X509_PURPOSE_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); if (name_dup != NULL) OPENSSL_free(name_dup); if (sname_dup != NULL) @@ -232,12 +232,12 @@ int X509_PURPOSE_add(int id, int trust, int flags, /* If its a new entry manage the dynamic table */ if(idx == -1) { if(!xptable && !(xptable = sk_X509_PURPOSE_new(xp_cmp))) { - OPENSSL_PUT_ERROR(X509V3, X509_PURPOSE_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); xptable_free(ptmp); return 0; } if (!sk_X509_PURPOSE_push(xptable, ptmp)) { - OPENSSL_PUT_ERROR(X509V3, X509_PURPOSE_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); xptable_free(ptmp); return 0; } diff --git a/src/crypto/x509v3/v3_skey.c b/src/crypto/x509v3/v3_skey.c index 471a1ab..e396f05 100644 --- a/src/crypto/x509v3/v3_skey.c +++ b/src/crypto/x509v3/v3_skey.c @@ -86,7 +86,7 @@ ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, long length; if(!(oct = M_ASN1_OCTET_STRING_new())) { - OPENSSL_PUT_ERROR(X509V3, s2i_ASN1_OCTET_STRING, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } @@ -112,14 +112,14 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, if(strcmp(str, "hash")) return s2i_ASN1_OCTET_STRING(method, ctx, str); if(!(oct = M_ASN1_OCTET_STRING_new())) { - OPENSSL_PUT_ERROR(X509V3, s2i_skey_id, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } if(ctx && (ctx->flags == CTX_TEST)) return oct; if(!ctx || (!ctx->subject_req && !ctx->subject_cert)) { - OPENSSL_PUT_ERROR(X509V3, s2i_skey_id, X509V3_R_NO_PUBLIC_KEY); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_PUBLIC_KEY); goto err; } @@ -128,7 +128,7 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, else pk = ctx->subject_cert->cert_info->key->public_key; if(!pk) { - OPENSSL_PUT_ERROR(X509V3, s2i_skey_id, X509V3_R_NO_PUBLIC_KEY); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_PUBLIC_KEY); goto err; } @@ -136,7 +136,7 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, goto err; if(!M_ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) { - OPENSSL_PUT_ERROR(X509V3, s2i_skey_id, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); goto err; } diff --git a/src/crypto/x509v3/v3_sxnet.c b/src/crypto/x509v3/v3_sxnet.c index bb5e214..4dd5bfc 100644 --- a/src/crypto/x509v3/v3_sxnet.c +++ b/src/crypto/x509v3/v3_sxnet.c @@ -159,7 +159,7 @@ int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, { ASN1_INTEGER *izone = NULL; if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) { - OPENSSL_PUT_ERROR(X509V3, SXNET_add_id_asc, X509V3_R_ERROR_CONVERTING_ZONE); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_ERROR_CONVERTING_ZONE); return 0; } return SXNET_add_id_INTEGER(psx, izone, user, userlen); @@ -172,7 +172,7 @@ int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user, { ASN1_INTEGER *izone = NULL; if(!(izone = M_ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) { - OPENSSL_PUT_ERROR(X509V3, SXNET_add_id_ulong, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); M_ASN1_INTEGER_free(izone); return 0; } @@ -191,12 +191,12 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user, SXNET *sx = NULL; SXNETID *id = NULL; if(!psx || !zone || !user) { - OPENSSL_PUT_ERROR(X509V3, SXNET_add_id_INTEGER, X509V3_R_INVALID_NULL_ARGUMENT); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_ARGUMENT); return 0; } if(userlen == -1) userlen = strlen(user); if(userlen > 64) { - OPENSSL_PUT_ERROR(X509V3, SXNET_add_id_INTEGER, X509V3_R_USER_TOO_LONG); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_USER_TOO_LONG); return 0; } if(!*psx) { @@ -205,7 +205,7 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user, *psx = sx; } else sx = *psx; if(SXNET_get_id_INTEGER(sx, zone)) { - OPENSSL_PUT_ERROR(X509V3, SXNET_add_id_INTEGER, X509V3_R_DUPLICATE_ZONE_ID); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_DUPLICATE_ZONE_ID); return 0; } @@ -218,7 +218,7 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user, return 1; err: - OPENSSL_PUT_ERROR(X509V3, SXNET_add_id_INTEGER, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); SXNETID_free(id); SXNET_free(sx); *psx = NULL; @@ -230,7 +230,7 @@ ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone) ASN1_INTEGER *izone = NULL; ASN1_OCTET_STRING *oct; if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) { - OPENSSL_PUT_ERROR(X509V3, SXNET_get_id_asc, X509V3_R_ERROR_CONVERTING_ZONE); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_ERROR_CONVERTING_ZONE); return NULL; } oct = SXNET_get_id_INTEGER(sx, izone); @@ -243,7 +243,7 @@ ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone) ASN1_INTEGER *izone = NULL; ASN1_OCTET_STRING *oct; if(!(izone = M_ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) { - OPENSSL_PUT_ERROR(X509V3, SXNET_get_id_ulong, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); M_ASN1_INTEGER_free(izone); return NULL; } diff --git a/src/crypto/x509v3/v3_utl.c b/src/crypto/x509v3/v3_utl.c index 77fc65c..aa65c79 100644 --- a/src/crypto/x509v3/v3_utl.c +++ b/src/crypto/x509v3/v3_utl.c @@ -70,6 +70,8 @@ #include #include +#include "../conf/internal.h" + static char *strip_spaces(char *name); static int sk_strcmp(const OPENSSL_STRING *a, const OPENSSL_STRING *b); @@ -91,7 +93,7 @@ int X509V3_add_value(const char *name, const char *value, char *tname = NULL, *tvalue = NULL; if(name && !(tname = BUF_strdup(name))) goto err; if(value && !(tvalue = BUF_strdup(value))) goto err; - if(!(vtmp = (CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) goto err; + if(!(vtmp = CONF_VALUE_new())) goto err; if(!*extlist && !(*extlist = sk_CONF_VALUE_new_null())) goto err; vtmp->section = NULL; vtmp->name = tname; @@ -99,7 +101,7 @@ int X509V3_add_value(const char *name, const char *value, if(!sk_CONF_VALUE_push(*extlist, vtmp)) goto err; return 1; err: - OPENSSL_PUT_ERROR(X509V3, X509V3_add_value, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); if(vtmp) OPENSSL_free(vtmp); if(tname) OPENSSL_free(tname); if(tvalue) OPENSSL_free(tvalue); @@ -145,7 +147,7 @@ char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *a) if(!a) return NULL; if(!(bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) || !(strtmp = BN_bn2dec(bntmp)) ) - OPENSSL_PUT_ERROR(X509V3, i2s_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); BN_free(bntmp); return strtmp; } @@ -157,7 +159,7 @@ char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, ASN1_INTEGER *a) if(!a) return NULL; if(!(bntmp = ASN1_INTEGER_to_BN(a, NULL)) || !(strtmp = BN_bn2dec(bntmp)) ) - OPENSSL_PUT_ERROR(X509V3, i2s_ASN1_INTEGER, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); BN_free(bntmp); return strtmp; } @@ -169,7 +171,7 @@ ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value) int isneg, ishex; int ret; if (!value) { - OPENSSL_PUT_ERROR(X509V3, s2i_ASN1_INTEGER, X509V3_R_INVALID_NULL_VALUE); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_VALUE); return 0; } bn = BN_new(); @@ -188,7 +190,7 @@ ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value) if (!ret || value[ret]) { BN_free(bn); - OPENSSL_PUT_ERROR(X509V3, s2i_ASN1_INTEGER, X509V3_R_BN_DEC2BN_ERROR); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_BN_DEC2BN_ERROR); return 0; } @@ -197,7 +199,7 @@ ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value) aint = BN_to_ASN1_INTEGER(bn, NULL); BN_free(bn); if (!aint) { - OPENSSL_PUT_ERROR(X509V3, s2i_ASN1_INTEGER, X509V3_R_BN_TO_ASN1_INTEGER_ERROR); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_BN_TO_ASN1_INTEGER_ERROR); return 0; } if (isneg) aint->type |= V_ASN1_NEG; @@ -232,7 +234,7 @@ int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool) return 1; } err: - OPENSSL_PUT_ERROR(X509V3, X509V3_get_value_bool, X509V3_R_INVALID_BOOLEAN_STRING); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_BOOLEAN_STRING); X509V3_conf_err(value); return 0; } @@ -264,7 +266,7 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) linebuf = BUF_strdup(line); if (linebuf == NULL) { - OPENSSL_PUT_ERROR(X509V3, X509V3_parse_list, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); goto err; } state = HDR_NAME; @@ -279,7 +281,7 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) *p = 0; ntmp = strip_spaces(q); if(!ntmp) { - OPENSSL_PUT_ERROR(X509V3, X509V3_parse_list, X509V3_R_INVALID_NULL_NAME); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_NAME); goto err; } q = p + 1; @@ -291,7 +293,7 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) printf("%s\n", ntmp); #endif if(!ntmp) { - OPENSSL_PUT_ERROR(X509V3, X509V3_parse_list, X509V3_R_INVALID_NULL_NAME); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_NAME); goto err; } X509V3_add_value(ntmp, NULL, &values); @@ -307,7 +309,7 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) printf("%s\n", ntmp); #endif if(!vtmp) { - OPENSSL_PUT_ERROR(X509V3, X509V3_parse_list, X509V3_R_INVALID_NULL_VALUE); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_VALUE); goto err; } X509V3_add_value(ntmp, vtmp, &values); @@ -324,7 +326,7 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) printf("%s=%s\n", ntmp, vtmp); #endif if(!vtmp) { - OPENSSL_PUT_ERROR(X509V3, X509V3_parse_list, X509V3_R_INVALID_NULL_VALUE); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_VALUE); goto err; } X509V3_add_value(ntmp, vtmp, &values); @@ -334,7 +336,7 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) printf("%s\n", ntmp); #endif if(!ntmp) { - OPENSSL_PUT_ERROR(X509V3, X509V3_parse_list, X509V3_R_INVALID_NULL_NAME); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_NAME); goto err; } X509V3_add_value(ntmp, NULL, &values); @@ -379,7 +381,7 @@ char *hex_to_string(const unsigned char *buffer, long len) static const char hexdig[] = "0123456789ABCDEF"; if(!buffer || !len) return NULL; if(!(tmp = OPENSSL_malloc(len * 3 + 1))) { - OPENSSL_PUT_ERROR(X509V3, hex_to_string, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; } q = tmp; @@ -402,7 +404,7 @@ unsigned char *string_to_hex(const char *str, long *len) unsigned char *hexbuf, *q; unsigned char ch, cl, *p; if(!str) { - OPENSSL_PUT_ERROR(X509V3, string_to_hex, X509V3_R_INVALID_NULL_ARGUMENT); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_ARGUMENT); return NULL; } if(!(hexbuf = OPENSSL_malloc(strlen(str) >> 1))) goto err; @@ -411,7 +413,7 @@ unsigned char *string_to_hex(const char *str, long *len) if(ch == ':') continue; cl = *p++; if(!cl) { - OPENSSL_PUT_ERROR(X509V3, string_to_hex, X509V3_R_ODD_NUMBER_OF_DIGITS); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_ODD_NUMBER_OF_DIGITS); OPENSSL_free(hexbuf); return NULL; } @@ -435,12 +437,12 @@ unsigned char *string_to_hex(const char *str, long *len) err: if(hexbuf) OPENSSL_free(hexbuf); - OPENSSL_PUT_ERROR(X509V3, string_to_hex, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); return NULL; badhex: OPENSSL_free(hexbuf); - OPENSSL_PUT_ERROR(X509V3, string_to_hex, X509V3_R_ILLEGAL_HEX_DIGIT); + OPENSSL_PUT_ERROR(X509V3, X509V3_R_ILLEGAL_HEX_DIGIT); return NULL; } diff --git a/src/crypto/x509v3/v3name_test.c b/src/crypto/x509v3/v3name_test.c new file mode 100644 index 0000000..a3197e6 --- /dev/null +++ b/src/crypto/x509v3/v3name_test.c @@ -0,0 +1,422 @@ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL + * project 1999. */ +/* ==================================================================== + * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). */ + +#include +#include + +#include +#include +#include +#include + + +static const char *const names[] = + { + "a", "b", ".", "*", "@", + ".a", "a.", ".b", "b.", ".*", "*.", "*@", "@*", "a@", "@a", "b@", "..", + "@@", "**", "*.com", "*com", "*.*.com", "*com", "com*", "*example.com", + "*@example.com", "test@*.example.com", "example.com", "www.example.com", + "test.www.example.com", "*.example.com", "*.www.example.com", + "test.*.example.com", "www.*.com", + ".www.example.com", "*www.example.com", + "example.net", "xn--rger-koa.example.com", + "a.example.com", "b.example.com", + "postmaster@example.com", "Postmaster@example.com", + "postmaster@EXAMPLE.COM", + NULL + }; + +static const char *const exceptions[] = + { + "set CN: host: [*.example.com] matches [a.example.com]", + "set CN: host: [*.example.com] matches [b.example.com]", + "set CN: host: [*.example.com] matches [www.example.com]", + "set CN: host: [*.example.com] matches [xn--rger-koa.example.com]", + "set CN: host: [*.www.example.com] matches [test.www.example.com]", + "set CN: host: [*.www.example.com] matches [.www.example.com]", + "set CN: host: [*www.example.com] matches [www.example.com]", + "set CN: host: [test.www.example.com] matches [.www.example.com]", + "set CN: host-no-wildcards: [*.www.example.com] matches [.www.example.com]", + "set CN: host-no-wildcards: [test.www.example.com] matches [.www.example.com]", + "set emailAddress: email: [postmaster@example.com] does not match [Postmaster@example.com]", + "set emailAddress: email: [postmaster@EXAMPLE.COM] does not match [Postmaster@example.com]", + "set emailAddress: email: [Postmaster@example.com] does not match [postmaster@example.com]", + "set emailAddress: email: [Postmaster@example.com] does not match [postmaster@EXAMPLE.COM]", + "set dnsName: host: [*.example.com] matches [www.example.com]", + "set dnsName: host: [*.example.com] matches [a.example.com]", + "set dnsName: host: [*.example.com] matches [b.example.com]", + "set dnsName: host: [*.example.com] matches [xn--rger-koa.example.com]", + "set dnsName: host: [*.www.example.com] matches [test.www.example.com]", + "set dnsName: host-no-wildcards: [*.www.example.com] matches [.www.example.com]", + "set dnsName: host-no-wildcards: [test.www.example.com] matches [.www.example.com]", + "set dnsName: host: [*.www.example.com] matches [.www.example.com]", + "set dnsName: host: [*www.example.com] matches [www.example.com]", + "set dnsName: host: [test.www.example.com] matches [.www.example.com]", + "set rfc822Name: email: [postmaster@example.com] does not match [Postmaster@example.com]", + "set rfc822Name: email: [Postmaster@example.com] does not match [postmaster@example.com]", + "set rfc822Name: email: [Postmaster@example.com] does not match [postmaster@EXAMPLE.COM]", + "set rfc822Name: email: [postmaster@EXAMPLE.COM] does not match [Postmaster@example.com]", + NULL + }; + +static int is_exception(const char *msg) + { + const char *const *p; + for (p = exceptions; *p; ++p) + if (strcmp(msg, *p) == 0) + return 1; + return 0; + } + +static int set_cn(X509 *crt, ...) + { + int ret = 0; + X509_NAME *n = NULL; + va_list ap; + va_start(ap, crt); + n = X509_NAME_new(); + if (n == NULL) + goto out; + while (1) { + int nid; + const char *name; + nid = va_arg(ap, int); + if (nid == 0) + break; + name = va_arg(ap, const char *); + if (!X509_NAME_add_entry_by_NID(n, nid, MBSTRING_ASC, + (unsigned char *)name, + -1, -1, 1)) + goto out; + } + if (!X509_set_subject_name(crt, n)) + goto out; + ret = 1; + out: + X509_NAME_free(n); + va_end(ap); + return ret; + } + +/* +int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); +X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, + int nid, int crit, ASN1_OCTET_STRING *data); +int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); +*/ + +static int set_altname(X509 *crt, ...) + { + int ret = 0; + GENERAL_NAMES *gens = NULL; + GENERAL_NAME *gen = NULL; + ASN1_IA5STRING *ia5 = NULL; + va_list ap; + va_start(ap, crt); + gens = sk_GENERAL_NAME_new_null(); + if (gens == NULL) + goto out; + while (1) { + int type; + const char *name; + type = va_arg(ap, int); + if (type == 0) + break; + name = va_arg(ap, const char *); + + gen = GENERAL_NAME_new(); + if (gen == NULL) + goto out; + ia5 = ASN1_IA5STRING_new(); + if (ia5 == NULL) + goto out; + if (!ASN1_STRING_set(ia5, name, -1)) + goto out; + switch (type) + { + case GEN_EMAIL: + case GEN_DNS: + GENERAL_NAME_set0_value(gen, type, ia5); + ia5 = NULL; + break; + default: + abort(); + } + sk_GENERAL_NAME_push(gens, gen); + gen = NULL; + } + if (!X509_add1_ext_i2d(crt, NID_subject_alt_name, gens, 0, 0)) + goto out; + ret = 1; + out: + ASN1_IA5STRING_free(ia5); + GENERAL_NAME_free(gen); + GENERAL_NAMES_free(gens); + va_end(ap); + return ret; + } + +static int set_cn1(X509 *crt, const char *name) + { + return set_cn(crt, NID_commonName, name, 0); + } + + +static int set_cn_and_email(X509 *crt, const char *name) + { + return set_cn(crt, NID_commonName, name, + NID_pkcs9_emailAddress, "dummy@example.com", 0); + } + +static int set_cn2(X509 *crt, const char *name) + { + return set_cn(crt, NID_commonName, "dummy value", + NID_commonName, name, 0); + } + +static int set_cn3(X509 *crt, const char *name) + { + return set_cn(crt, NID_commonName, name, + NID_commonName, "dummy value", 0); + } + +static int set_email1(X509 *crt, const char *name) + { + return set_cn(crt, NID_pkcs9_emailAddress, name, 0); + } + +static int set_email2(X509 *crt, const char *name) + { + return set_cn(crt, NID_pkcs9_emailAddress, "dummy@example.com", + NID_pkcs9_emailAddress, name, 0); + } + +static int set_email3(X509 *crt, const char *name) + { + return set_cn(crt, NID_pkcs9_emailAddress, name, + NID_pkcs9_emailAddress, "dummy@example.com", 0); + } + +static int set_email_and_cn(X509 *crt, const char *name) + { + return set_cn(crt, NID_pkcs9_emailAddress, name, + NID_commonName, "www.example.org", 0); + } + +static int set_altname_dns(X509 *crt, const char *name) + { + return set_altname(crt, GEN_DNS, name, 0); + } + +static int set_altname_email(X509 *crt, const char *name) + { + return set_altname(crt, GEN_EMAIL, name, 0); + } + +struct set_name_fn + { + int (*fn)(X509 *, const char *); + const char *name; + int host; + int email; + }; + +static const struct set_name_fn name_fns[] = + { + {set_cn1, "set CN", 1, 0}, + {set_cn2, "set CN", 1, 0}, + {set_cn3, "set CN", 1, 0}, + {set_cn_and_email, "set CN", 1, 0}, + {set_email1, "set emailAddress", 0, 1}, + {set_email2, "set emailAddress", 0, 1}, + {set_email3, "set emailAddress", 0, 1}, + {set_email_and_cn, "set emailAddress", 0, 1}, + {set_altname_dns, "set dnsName", 1, 0}, + {set_altname_email, "set rfc822Name", 0, 1}, + {NULL, NULL, 0} + }; + +static X509 *make_cert(void) + { + X509 *ret = NULL; + X509 *crt = NULL; + X509_NAME *issuer = NULL; + crt = X509_new(); + if (crt == NULL) + goto out; + if (!X509_set_version(crt, 3)) + goto out; + ret = crt; + crt = NULL; + out: + X509_NAME_free(issuer); + return ret; + } + +static int errors; + +static void check_message(const struct set_name_fn *fn, const char *op, + const char *nameincert, int match, const char *name) + { + char msg[1024]; + if (match < 0) + return; + BIO_snprintf(msg, sizeof(msg), "%s: %s: [%s] %s [%s]", + fn->name, op, nameincert, + match ? "matches" : "does not match", name); + if (is_exception(msg)) + return; + puts(msg); + ++errors; + } + +static void run_cert(X509 *crt, const char *nameincert, + const struct set_name_fn *fn) + { + const char *const *pname = names; + while (*pname) + { + int samename = OPENSSL_strcasecmp(nameincert, *pname) == 0; + size_t namelen = strlen(*pname); + char *name = malloc(namelen); + int match, ret; + memcpy(name, *pname, namelen); + + ret = X509_check_host(crt, name, namelen, 0, NULL); + match = -1; + if (ret < 0) + { + fprintf(stderr, "internal error in X509_check_host"); + ++errors; + } + else if (fn->host) + { + if (ret == 1 && !samename) + match = 1; + if (ret == 0 && samename) + match = 0; + } + else if (ret == 1) + match = 1; + check_message(fn, "host", nameincert, match, *pname); + + ret = X509_check_host(crt, name, namelen, + X509_CHECK_FLAG_NO_WILDCARDS, NULL); + match = -1; + if (ret < 0) + { + fprintf(stderr, "internal error in X509_check_host"); + ++errors; + } + else if (fn->host) + { + if (ret == 1 && !samename) + match = 1; + if (ret == 0 && samename) + match = 0; + } + else if (ret == 1) + match = 1; + check_message(fn, "host-no-wildcards", + nameincert, match, *pname); + + ret = X509_check_email(crt, name, namelen, 0); + match = -1; + if (fn->email) + { + if (ret && !samename) + match = 1; + if (!ret && samename && strchr(nameincert, '@') != NULL) + match = 0; + } + else if (ret) + match = 1; + check_message(fn, "email", nameincert, match, *pname); + ++pname; + free(name); + } + } + +int +main(void) + { + CRYPTO_library_init(); + + const struct set_name_fn *pfn = name_fns; + while (pfn->name) { + const char *const *pname = names; + while (*pname) + { + X509 *crt = make_cert(); + if (crt == NULL) + { + fprintf(stderr, "make_cert failed\n"); + return 1; + } + if (!pfn->fn(crt, *pname)) + { + fprintf(stderr, "X509 name setting failed\n"); + return 1; + } + run_cert(crt, *pname, pfn); + X509_free(crt); + ++pname; + } + ++pfn; + } + if (errors == 0) { + printf("PASS\n"); + } + return errors > 0 ? 1 : 0; + } diff --git a/src/crypto/x509v3/v3nametest.c b/src/crypto/x509v3/v3nametest.c deleted file mode 100644 index a3197e6..0000000 --- a/src/crypto/x509v3/v3nametest.c +++ /dev/null @@ -1,422 +0,0 @@ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. */ -/* ==================================================================== - * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). */ - -#include -#include - -#include -#include -#include -#include - - -static const char *const names[] = - { - "a", "b", ".", "*", "@", - ".a", "a.", ".b", "b.", ".*", "*.", "*@", "@*", "a@", "@a", "b@", "..", - "@@", "**", "*.com", "*com", "*.*.com", "*com", "com*", "*example.com", - "*@example.com", "test@*.example.com", "example.com", "www.example.com", - "test.www.example.com", "*.example.com", "*.www.example.com", - "test.*.example.com", "www.*.com", - ".www.example.com", "*www.example.com", - "example.net", "xn--rger-koa.example.com", - "a.example.com", "b.example.com", - "postmaster@example.com", "Postmaster@example.com", - "postmaster@EXAMPLE.COM", - NULL - }; - -static const char *const exceptions[] = - { - "set CN: host: [*.example.com] matches [a.example.com]", - "set CN: host: [*.example.com] matches [b.example.com]", - "set CN: host: [*.example.com] matches [www.example.com]", - "set CN: host: [*.example.com] matches [xn--rger-koa.example.com]", - "set CN: host: [*.www.example.com] matches [test.www.example.com]", - "set CN: host: [*.www.example.com] matches [.www.example.com]", - "set CN: host: [*www.example.com] matches [www.example.com]", - "set CN: host: [test.www.example.com] matches [.www.example.com]", - "set CN: host-no-wildcards: [*.www.example.com] matches [.www.example.com]", - "set CN: host-no-wildcards: [test.www.example.com] matches [.www.example.com]", - "set emailAddress: email: [postmaster@example.com] does not match [Postmaster@example.com]", - "set emailAddress: email: [postmaster@EXAMPLE.COM] does not match [Postmaster@example.com]", - "set emailAddress: email: [Postmaster@example.com] does not match [postmaster@example.com]", - "set emailAddress: email: [Postmaster@example.com] does not match [postmaster@EXAMPLE.COM]", - "set dnsName: host: [*.example.com] matches [www.example.com]", - "set dnsName: host: [*.example.com] matches [a.example.com]", - "set dnsName: host: [*.example.com] matches [b.example.com]", - "set dnsName: host: [*.example.com] matches [xn--rger-koa.example.com]", - "set dnsName: host: [*.www.example.com] matches [test.www.example.com]", - "set dnsName: host-no-wildcards: [*.www.example.com] matches [.www.example.com]", - "set dnsName: host-no-wildcards: [test.www.example.com] matches [.www.example.com]", - "set dnsName: host: [*.www.example.com] matches [.www.example.com]", - "set dnsName: host: [*www.example.com] matches [www.example.com]", - "set dnsName: host: [test.www.example.com] matches [.www.example.com]", - "set rfc822Name: email: [postmaster@example.com] does not match [Postmaster@example.com]", - "set rfc822Name: email: [Postmaster@example.com] does not match [postmaster@example.com]", - "set rfc822Name: email: [Postmaster@example.com] does not match [postmaster@EXAMPLE.COM]", - "set rfc822Name: email: [postmaster@EXAMPLE.COM] does not match [Postmaster@example.com]", - NULL - }; - -static int is_exception(const char *msg) - { - const char *const *p; - for (p = exceptions; *p; ++p) - if (strcmp(msg, *p) == 0) - return 1; - return 0; - } - -static int set_cn(X509 *crt, ...) - { - int ret = 0; - X509_NAME *n = NULL; - va_list ap; - va_start(ap, crt); - n = X509_NAME_new(); - if (n == NULL) - goto out; - while (1) { - int nid; - const char *name; - nid = va_arg(ap, int); - if (nid == 0) - break; - name = va_arg(ap, const char *); - if (!X509_NAME_add_entry_by_NID(n, nid, MBSTRING_ASC, - (unsigned char *)name, - -1, -1, 1)) - goto out; - } - if (!X509_set_subject_name(crt, n)) - goto out; - ret = 1; - out: - X509_NAME_free(n); - va_end(ap); - return ret; - } - -/* -int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); -X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, - int nid, int crit, ASN1_OCTET_STRING *data); -int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); -*/ - -static int set_altname(X509 *crt, ...) - { - int ret = 0; - GENERAL_NAMES *gens = NULL; - GENERAL_NAME *gen = NULL; - ASN1_IA5STRING *ia5 = NULL; - va_list ap; - va_start(ap, crt); - gens = sk_GENERAL_NAME_new_null(); - if (gens == NULL) - goto out; - while (1) { - int type; - const char *name; - type = va_arg(ap, int); - if (type == 0) - break; - name = va_arg(ap, const char *); - - gen = GENERAL_NAME_new(); - if (gen == NULL) - goto out; - ia5 = ASN1_IA5STRING_new(); - if (ia5 == NULL) - goto out; - if (!ASN1_STRING_set(ia5, name, -1)) - goto out; - switch (type) - { - case GEN_EMAIL: - case GEN_DNS: - GENERAL_NAME_set0_value(gen, type, ia5); - ia5 = NULL; - break; - default: - abort(); - } - sk_GENERAL_NAME_push(gens, gen); - gen = NULL; - } - if (!X509_add1_ext_i2d(crt, NID_subject_alt_name, gens, 0, 0)) - goto out; - ret = 1; - out: - ASN1_IA5STRING_free(ia5); - GENERAL_NAME_free(gen); - GENERAL_NAMES_free(gens); - va_end(ap); - return ret; - } - -static int set_cn1(X509 *crt, const char *name) - { - return set_cn(crt, NID_commonName, name, 0); - } - - -static int set_cn_and_email(X509 *crt, const char *name) - { - return set_cn(crt, NID_commonName, name, - NID_pkcs9_emailAddress, "dummy@example.com", 0); - } - -static int set_cn2(X509 *crt, const char *name) - { - return set_cn(crt, NID_commonName, "dummy value", - NID_commonName, name, 0); - } - -static int set_cn3(X509 *crt, const char *name) - { - return set_cn(crt, NID_commonName, name, - NID_commonName, "dummy value", 0); - } - -static int set_email1(X509 *crt, const char *name) - { - return set_cn(crt, NID_pkcs9_emailAddress, name, 0); - } - -static int set_email2(X509 *crt, const char *name) - { - return set_cn(crt, NID_pkcs9_emailAddress, "dummy@example.com", - NID_pkcs9_emailAddress, name, 0); - } - -static int set_email3(X509 *crt, const char *name) - { - return set_cn(crt, NID_pkcs9_emailAddress, name, - NID_pkcs9_emailAddress, "dummy@example.com", 0); - } - -static int set_email_and_cn(X509 *crt, const char *name) - { - return set_cn(crt, NID_pkcs9_emailAddress, name, - NID_commonName, "www.example.org", 0); - } - -static int set_altname_dns(X509 *crt, const char *name) - { - return set_altname(crt, GEN_DNS, name, 0); - } - -static int set_altname_email(X509 *crt, const char *name) - { - return set_altname(crt, GEN_EMAIL, name, 0); - } - -struct set_name_fn - { - int (*fn)(X509 *, const char *); - const char *name; - int host; - int email; - }; - -static const struct set_name_fn name_fns[] = - { - {set_cn1, "set CN", 1, 0}, - {set_cn2, "set CN", 1, 0}, - {set_cn3, "set CN", 1, 0}, - {set_cn_and_email, "set CN", 1, 0}, - {set_email1, "set emailAddress", 0, 1}, - {set_email2, "set emailAddress", 0, 1}, - {set_email3, "set emailAddress", 0, 1}, - {set_email_and_cn, "set emailAddress", 0, 1}, - {set_altname_dns, "set dnsName", 1, 0}, - {set_altname_email, "set rfc822Name", 0, 1}, - {NULL, NULL, 0} - }; - -static X509 *make_cert(void) - { - X509 *ret = NULL; - X509 *crt = NULL; - X509_NAME *issuer = NULL; - crt = X509_new(); - if (crt == NULL) - goto out; - if (!X509_set_version(crt, 3)) - goto out; - ret = crt; - crt = NULL; - out: - X509_NAME_free(issuer); - return ret; - } - -static int errors; - -static void check_message(const struct set_name_fn *fn, const char *op, - const char *nameincert, int match, const char *name) - { - char msg[1024]; - if (match < 0) - return; - BIO_snprintf(msg, sizeof(msg), "%s: %s: [%s] %s [%s]", - fn->name, op, nameincert, - match ? "matches" : "does not match", name); - if (is_exception(msg)) - return; - puts(msg); - ++errors; - } - -static void run_cert(X509 *crt, const char *nameincert, - const struct set_name_fn *fn) - { - const char *const *pname = names; - while (*pname) - { - int samename = OPENSSL_strcasecmp(nameincert, *pname) == 0; - size_t namelen = strlen(*pname); - char *name = malloc(namelen); - int match, ret; - memcpy(name, *pname, namelen); - - ret = X509_check_host(crt, name, namelen, 0, NULL); - match = -1; - if (ret < 0) - { - fprintf(stderr, "internal error in X509_check_host"); - ++errors; - } - else if (fn->host) - { - if (ret == 1 && !samename) - match = 1; - if (ret == 0 && samename) - match = 0; - } - else if (ret == 1) - match = 1; - check_message(fn, "host", nameincert, match, *pname); - - ret = X509_check_host(crt, name, namelen, - X509_CHECK_FLAG_NO_WILDCARDS, NULL); - match = -1; - if (ret < 0) - { - fprintf(stderr, "internal error in X509_check_host"); - ++errors; - } - else if (fn->host) - { - if (ret == 1 && !samename) - match = 1; - if (ret == 0 && samename) - match = 0; - } - else if (ret == 1) - match = 1; - check_message(fn, "host-no-wildcards", - nameincert, match, *pname); - - ret = X509_check_email(crt, name, namelen, 0); - match = -1; - if (fn->email) - { - if (ret && !samename) - match = 1; - if (!ret && samename && strchr(nameincert, '@') != NULL) - match = 0; - } - else if (ret) - match = 1; - check_message(fn, "email", nameincert, match, *pname); - ++pname; - free(name); - } - } - -int -main(void) - { - CRYPTO_library_init(); - - const struct set_name_fn *pfn = name_fns; - while (pfn->name) { - const char *const *pname = names; - while (*pname) - { - X509 *crt = make_cert(); - if (crt == NULL) - { - fprintf(stderr, "make_cert failed\n"); - return 1; - } - if (!pfn->fn(crt, *pname)) - { - fprintf(stderr, "X509 name setting failed\n"); - return 1; - } - run_cert(crt, *pname, pfn); - X509_free(crt); - ++pname; - } - ++pfn; - } - if (errors == 0) { - printf("PASS\n"); - } - return errors > 0 ? 1 : 0; - } -- cgit v1.1